1 /* $NetBSD: rt2661.c,v 1.27 2010/01/19 22:06:25 pooka Exp $ */ 2 /* $OpenBSD: rt2661.c,v 1.17 2006/05/01 08:41:11 damien Exp $ */ 3 /* $FreeBSD: rt2560.c,v 1.5 2006/06/02 19:59:31 csjp Exp $ */ 4 5 /*- 6 * Copyright (c) 2006 7 * Damien Bergamini <damien.bergamini@free.fr> 8 * 9 * Permission to use, copy, modify, and distribute this software for any 10 * purpose with or without fee is hereby granted, provided that the above 11 * copyright notice and this permission notice appear in all copies. 12 * 13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20 */ 21 22 /*- 23 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 24 * http://www.ralinktech.com/ 25 */ 26 27 #include <sys/cdefs.h> 28 __KERNEL_RCSID(0, "$NetBSD: rt2661.c,v 1.27 2010/01/19 22:06:25 pooka Exp $"); 29 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/sysctl.h> 34 #include <sys/mbuf.h> 35 #include <sys/kernel.h> 36 #include <sys/socket.h> 37 #include <sys/systm.h> 38 #include <sys/malloc.h> 39 #include <sys/callout.h> 40 #include <sys/conf.h> 41 #include <sys/device.h> 42 43 #include <sys/bus.h> 44 #include <machine/endian.h> 45 #include <sys/intr.h> 46 47 #include <net/bpf.h> 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_media.h> 52 #include <net/if_types.h> 53 #include <net/if_ether.h> 54 55 #include <netinet/in.h> 56 #include <netinet/in_systm.h> 57 #include <netinet/in_var.h> 58 #include <netinet/ip.h> 59 60 #include <net80211/ieee80211_var.h> 61 #include <net80211/ieee80211_amrr.h> 62 #include <net80211/ieee80211_radiotap.h> 63 64 #include <dev/ic/rt2661reg.h> 65 #include <dev/ic/rt2661var.h> 66 67 #include <dev/pci/pcireg.h> 68 #include <dev/pci/pcivar.h> 69 #include <dev/pci/pcidevs.h> 70 71 #include <dev/firmload.h> 72 73 #ifdef RAL_DEBUG 74 #define DPRINTF(x) do { if (rt2661_debug > 0) printf x; } while (0) 75 #define DPRINTFN(n, x) do { if (rt2661_debug >= (n)) printf x; } while (0) 76 int rt2661_debug = 0; 77 #else 78 #define DPRINTF(x) 79 #define DPRINTFN(n, x) 80 #endif 81 82 static int rt2661_alloc_tx_ring(struct rt2661_softc *, 83 struct rt2661_tx_ring *, int); 84 static void rt2661_reset_tx_ring(struct rt2661_softc *, 85 struct rt2661_tx_ring *); 86 static void rt2661_free_tx_ring(struct rt2661_softc *, 87 struct rt2661_tx_ring *); 88 static int rt2661_alloc_rx_ring(struct rt2661_softc *, 89 struct rt2661_rx_ring *, int); 90 static void rt2661_reset_rx_ring(struct rt2661_softc *, 91 struct rt2661_rx_ring *); 92 static void rt2661_free_rx_ring(struct rt2661_softc *, 93 struct rt2661_rx_ring *); 94 static struct ieee80211_node * 95 rt2661_node_alloc(struct ieee80211_node_table *); 96 static int rt2661_media_change(struct ifnet *); 97 static void rt2661_next_scan(void *); 98 static void rt2661_iter_func(void *, struct ieee80211_node *); 99 static void rt2661_updatestats(void *); 100 static void rt2661_newassoc(struct ieee80211_node *, int); 101 static int rt2661_newstate(struct ieee80211com *, enum ieee80211_state, 102 int); 103 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 104 static void rt2661_tx_intr(struct rt2661_softc *); 105 static void rt2661_tx_dma_intr(struct rt2661_softc *, 106 struct rt2661_tx_ring *); 107 static void rt2661_rx_intr(struct rt2661_softc *); 108 static void rt2661_mcu_beacon_expire(struct rt2661_softc *); 109 static void rt2661_mcu_wakeup(struct rt2661_softc *); 110 static void rt2661_mcu_cmd_intr(struct rt2661_softc *); 111 int rt2661_intr(void *); 112 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *); 113 static int rt2661_ack_rate(struct ieee80211com *, int); 114 static uint16_t rt2661_txtime(int, int, uint32_t); 115 static uint8_t rt2661_plcp_signal(int); 116 static void rt2661_setup_tx_desc(struct rt2661_softc *, 117 struct rt2661_tx_desc *, uint32_t, uint16_t, int, int, 118 const bus_dma_segment_t *, int, int); 119 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 120 struct ieee80211_node *); 121 static struct mbuf * 122 rt2661_get_rts(struct rt2661_softc *, 123 struct ieee80211_frame *, uint16_t); 124 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 125 struct ieee80211_node *, int); 126 static void rt2661_start(struct ifnet *); 127 static void rt2661_watchdog(struct ifnet *); 128 static int rt2661_reset(struct ifnet *); 129 static int rt2661_ioctl(struct ifnet *, u_long, void *); 130 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, uint8_t); 131 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 132 static void rt2661_rf_write(struct rt2661_softc *, uint8_t, uint32_t); 133 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, uint16_t); 134 static void rt2661_select_antenna(struct rt2661_softc *); 135 static void rt2661_enable_mrr(struct rt2661_softc *); 136 static void rt2661_set_txpreamble(struct rt2661_softc *); 137 static void rt2661_set_basicrates(struct rt2661_softc *, 138 const struct ieee80211_rateset *); 139 static void rt2661_select_band(struct rt2661_softc *, 140 struct ieee80211_channel *); 141 static void rt2661_set_chan(struct rt2661_softc *, 142 struct ieee80211_channel *); 143 static void rt2661_set_bssid(struct rt2661_softc *, const uint8_t *); 144 static void rt2661_set_macaddr(struct rt2661_softc *, const uint8_t *); 145 static void rt2661_update_promisc(struct rt2661_softc *); 146 #if 0 147 static int rt2661_wme_update(struct ieee80211com *); 148 #endif 149 150 static void rt2661_updateslot(struct ifnet *); 151 static void rt2661_set_slottime(struct rt2661_softc *); 152 static const char * 153 rt2661_get_rf(int); 154 static void rt2661_read_eeprom(struct rt2661_softc *); 155 static int rt2661_bbp_init(struct rt2661_softc *); 156 static int rt2661_init(struct ifnet *); 157 static void rt2661_stop(struct ifnet *, int); 158 static int rt2661_load_microcode(struct rt2661_softc *, const uint8_t *, 159 int); 160 static void rt2661_rx_tune(struct rt2661_softc *); 161 #ifdef notyet 162 static void rt2661_radar_start(struct rt2661_softc *); 163 static int rt2661_radar_stop(struct rt2661_softc *); 164 #endif 165 static int rt2661_prepare_beacon(struct rt2661_softc *); 166 static void rt2661_enable_tsf_sync(struct rt2661_softc *); 167 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 168 169 /* 170 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 171 */ 172 static const struct ieee80211_rateset rt2661_rateset_11a = 173 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 174 175 static const struct ieee80211_rateset rt2661_rateset_11b = 176 { 4, { 2, 4, 11, 22 } }; 177 178 static const struct ieee80211_rateset rt2661_rateset_11g = 179 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 180 181 static const struct { 182 uint32_t reg; 183 uint32_t val; 184 } rt2661_def_mac[] = { 185 RT2661_DEF_MAC 186 }; 187 188 static const struct { 189 uint8_t reg; 190 uint8_t val; 191 } rt2661_def_bbp[] = { 192 RT2661_DEF_BBP 193 }; 194 195 static const struct rfprog { 196 uint8_t chan; 197 uint32_t r1, r2, r3, r4; 198 } rt2661_rf5225_1[] = { 199 RT2661_RF5225_1 200 }, rt2661_rf5225_2[] = { 201 RT2661_RF5225_2 202 }; 203 204 int 205 rt2661_attach(void *xsc, int id) 206 { 207 struct rt2661_softc *sc = xsc; 208 struct ieee80211com *ic = &sc->sc_ic; 209 struct ifnet *ifp = &sc->sc_if; 210 uint32_t val; 211 int error, i, ntries; 212 213 sc->sc_id = id; 214 215 sc->amrr.amrr_min_success_threshold = 1; 216 sc->amrr.amrr_max_success_threshold = 15; 217 callout_init(&sc->scan_ch, 0); 218 callout_init(&sc->amrr_ch, 0); 219 220 /* wait for NIC to initialize */ 221 for (ntries = 0; ntries < 1000; ntries++) { 222 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 223 break; 224 DELAY(1000); 225 } 226 if (ntries == 1000) { 227 aprint_error_dev(&sc->sc_dev, "timeout waiting for NIC to initialize\n"); 228 return EIO; 229 } 230 231 /* retrieve RF rev. no and various other things from EEPROM */ 232 rt2661_read_eeprom(sc); 233 aprint_normal_dev(&sc->sc_dev, "802.11 address %s\n", 234 ether_sprintf(ic->ic_myaddr)); 235 236 aprint_normal_dev(&sc->sc_dev, "MAC/BBP RT%X, RF %s\n", val, 237 rt2661_get_rf(sc->rf_rev)); 238 239 /* 240 * Allocate Tx and Rx rings. 241 */ 242 error = rt2661_alloc_tx_ring(sc, &sc->txq[0], RT2661_TX_RING_COUNT); 243 if (error != 0) { 244 aprint_error_dev(&sc->sc_dev, "could not allocate Tx ring 0\n"); 245 goto fail1; 246 } 247 248 error = rt2661_alloc_tx_ring(sc, &sc->txq[1], RT2661_TX_RING_COUNT); 249 if (error != 0) { 250 aprint_error_dev(&sc->sc_dev, "could not allocate Tx ring 1\n"); 251 goto fail2; 252 } 253 254 error = rt2661_alloc_tx_ring(sc, &sc->txq[2], RT2661_TX_RING_COUNT); 255 if (error != 0) { 256 aprint_error_dev(&sc->sc_dev, "could not allocate Tx ring 2\n"); 257 goto fail3; 258 } 259 260 error = rt2661_alloc_tx_ring(sc, &sc->txq[3], RT2661_TX_RING_COUNT); 261 if (error != 0) { 262 aprint_error_dev(&sc->sc_dev, "could not allocate Tx ring 3\n"); 263 goto fail4; 264 } 265 266 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 267 if (error != 0) { 268 aprint_error_dev(&sc->sc_dev, "could not allocate Mgt ring\n"); 269 goto fail5; 270 } 271 272 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 273 if (error != 0) { 274 aprint_error_dev(&sc->sc_dev, "could not allocate Rx ring\n"); 275 goto fail6; 276 } 277 278 ifp->if_softc = sc; 279 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 280 ifp->if_init = rt2661_init; 281 ifp->if_stop = rt2661_stop; 282 ifp->if_ioctl = rt2661_ioctl; 283 ifp->if_start = rt2661_start; 284 ifp->if_watchdog = rt2661_watchdog; 285 IFQ_SET_READY(&ifp->if_snd); 286 memcpy(ifp->if_xname, device_xname(&sc->sc_dev), IFNAMSIZ); 287 288 ic->ic_ifp = ifp; 289 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 290 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 291 ic->ic_state = IEEE80211_S_INIT; 292 293 /* set device capabilities */ 294 ic->ic_caps = 295 IEEE80211_C_IBSS | /* IBSS mode supported */ 296 IEEE80211_C_MONITOR | /* monitor mode supported */ 297 IEEE80211_C_HOSTAP | /* HostAP mode supported */ 298 IEEE80211_C_TXPMGT | /* tx power management */ 299 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 300 IEEE80211_C_SHSLOT | /* short slot time supported */ 301 IEEE80211_C_WPA; /* 802.11i */ 302 303 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) { 304 /* set supported .11a rates */ 305 ic->ic_sup_rates[IEEE80211_MODE_11A] = rt2661_rateset_11a; 306 307 /* set supported .11a channels */ 308 for (i = 36; i <= 64; i += 4) { 309 ic->ic_channels[i].ic_freq = 310 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 311 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 312 } 313 for (i = 100; i <= 140; i += 4) { 314 ic->ic_channels[i].ic_freq = 315 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 316 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 317 } 318 for (i = 149; i <= 165; i += 4) { 319 ic->ic_channels[i].ic_freq = 320 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 321 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 322 } 323 } 324 325 /* set supported .11b and .11g rates */ 326 ic->ic_sup_rates[IEEE80211_MODE_11B] = rt2661_rateset_11b; 327 ic->ic_sup_rates[IEEE80211_MODE_11G] = rt2661_rateset_11g; 328 329 /* set supported .11b and .11g channels (1 through 14) */ 330 for (i = 1; i <= 14; i++) { 331 ic->ic_channels[i].ic_freq = 332 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 333 ic->ic_channels[i].ic_flags = 334 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 335 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 336 } 337 338 if_attach(ifp); 339 ieee80211_ifattach(ic); 340 ic->ic_node_alloc = rt2661_node_alloc; 341 ic->ic_newassoc = rt2661_newassoc; 342 ic->ic_updateslot = rt2661_updateslot; 343 ic->ic_reset = rt2661_reset; 344 345 /* override state transition machine */ 346 sc->sc_newstate = ic->ic_newstate; 347 ic->ic_newstate = rt2661_newstate; 348 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status); 349 350 bpf_ops->bpf_attach(ifp, DLT_IEEE802_11_RADIO, 351 sizeof(struct ieee80211_frame) + sizeof(sc->sc_txtap), 352 &sc->sc_drvbpf); 353 354 sc->sc_rxtap_len = roundup(sizeof(sc->sc_rxtap), sizeof(u_int32_t)); 355 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 356 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 357 358 sc->sc_txtap_len = roundup(sizeof(sc->sc_txtap), sizeof(u_int32_t)); 359 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 360 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 361 362 ieee80211_announce(ic); 363 364 if (pmf_device_register(&sc->sc_dev, NULL, NULL)) 365 pmf_class_network_register(&sc->sc_dev, ifp); 366 else 367 aprint_error_dev(&sc->sc_dev, 368 "couldn't establish power handler\n"); 369 370 return 0; 371 372 fail6: rt2661_free_tx_ring(sc, &sc->mgtq); 373 fail5: rt2661_free_tx_ring(sc, &sc->txq[3]); 374 fail4: rt2661_free_tx_ring(sc, &sc->txq[2]); 375 fail3: rt2661_free_tx_ring(sc, &sc->txq[1]); 376 fail2: rt2661_free_tx_ring(sc, &sc->txq[0]); 377 fail1: return ENXIO; 378 } 379 380 int 381 rt2661_detach(void *xsc) 382 { 383 struct rt2661_softc *sc = xsc; 384 struct ifnet *ifp = &sc->sc_if; 385 386 callout_stop(&sc->scan_ch); 387 callout_stop(&sc->amrr_ch); 388 389 pmf_device_deregister(&sc->sc_dev); 390 391 ieee80211_ifdetach(&sc->sc_ic); 392 if_detach(ifp); 393 394 rt2661_free_tx_ring(sc, &sc->txq[0]); 395 rt2661_free_tx_ring(sc, &sc->txq[1]); 396 rt2661_free_tx_ring(sc, &sc->txq[2]); 397 rt2661_free_tx_ring(sc, &sc->txq[3]); 398 rt2661_free_tx_ring(sc, &sc->mgtq); 399 rt2661_free_rx_ring(sc, &sc->rxq); 400 401 return 0; 402 } 403 404 static int 405 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 406 int count) 407 { 408 int i, nsegs, error; 409 410 ring->count = count; 411 ring->queued = 0; 412 ring->cur = ring->next = ring->stat = 0; 413 414 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 1, 415 count * RT2661_TX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map); 416 if (error != 0) { 417 aprint_error_dev(&sc->sc_dev, "could not create desc DMA map\n"); 418 goto fail; 419 } 420 421 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 422 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT); 423 if (error != 0) { 424 aprint_error_dev(&sc->sc_dev, "could not allocate DMA memory\n"); 425 goto fail; 426 } 427 428 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 429 count * RT2661_TX_DESC_SIZE, (void **)&ring->desc, 430 BUS_DMA_NOWAIT); 431 if (error != 0) { 432 aprint_error_dev(&sc->sc_dev, "could not map desc DMA memory\n"); 433 goto fail; 434 } 435 436 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 437 count * RT2661_TX_DESC_SIZE, NULL, BUS_DMA_NOWAIT); 438 if (error != 0) { 439 aprint_error_dev(&sc->sc_dev, "could not load desc DMA map\n"); 440 goto fail; 441 } 442 443 memset(ring->desc, 0, count * RT2661_TX_DESC_SIZE); 444 ring->physaddr = ring->map->dm_segs->ds_addr; 445 446 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, 447 M_NOWAIT); 448 if (ring->data == NULL) { 449 aprint_error_dev(&sc->sc_dev, "could not allocate soft data\n"); 450 error = ENOMEM; 451 goto fail; 452 } 453 454 memset(ring->data, 0, count * sizeof (struct rt2661_tx_data)); 455 for (i = 0; i < count; i++) { 456 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 457 RT2661_MAX_SCATTER, MCLBYTES, 0, BUS_DMA_NOWAIT, 458 &ring->data[i].map); 459 if (error != 0) { 460 aprint_error_dev(&sc->sc_dev, "could not create DMA map\n"); 461 goto fail; 462 } 463 } 464 465 return 0; 466 467 fail: rt2661_free_tx_ring(sc, ring); 468 return error; 469 } 470 471 static void 472 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 473 { 474 struct rt2661_tx_desc *desc; 475 struct rt2661_tx_data *data; 476 int i; 477 478 for (i = 0; i < ring->count; i++) { 479 desc = &ring->desc[i]; 480 data = &ring->data[i]; 481 482 if (data->m != NULL) { 483 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 484 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 485 bus_dmamap_unload(sc->sc_dmat, data->map); 486 m_freem(data->m); 487 data->m = NULL; 488 } 489 490 if (data->ni != NULL) { 491 ieee80211_free_node(data->ni); 492 data->ni = NULL; 493 } 494 495 desc->flags = 0; 496 } 497 498 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 499 BUS_DMASYNC_PREWRITE); 500 501 ring->queued = 0; 502 ring->cur = ring->next = ring->stat = 0; 503 } 504 505 506 static void 507 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 508 { 509 struct rt2661_tx_data *data; 510 int i; 511 512 if (ring->desc != NULL) { 513 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 514 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 515 bus_dmamap_unload(sc->sc_dmat, ring->map); 516 bus_dmamem_unmap(sc->sc_dmat, (void *)ring->desc, 517 ring->count * RT2661_TX_DESC_SIZE); 518 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 519 } 520 521 if (ring->data != NULL) { 522 for (i = 0; i < ring->count; i++) { 523 data = &ring->data[i]; 524 525 if (data->m != NULL) { 526 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 527 data->map->dm_mapsize, 528 BUS_DMASYNC_POSTWRITE); 529 bus_dmamap_unload(sc->sc_dmat, data->map); 530 m_freem(data->m); 531 } 532 533 if (data->ni != NULL) 534 ieee80211_free_node(data->ni); 535 536 if (data->map != NULL) 537 bus_dmamap_destroy(sc->sc_dmat, data->map); 538 } 539 free(ring->data, M_DEVBUF); 540 } 541 } 542 543 static int 544 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 545 int count) 546 { 547 struct rt2661_rx_desc *desc; 548 struct rt2661_rx_data *data; 549 int i, nsegs, error; 550 551 ring->count = count; 552 ring->cur = ring->next = 0; 553 554 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 1, 555 count * RT2661_RX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map); 556 if (error != 0) { 557 aprint_error_dev(&sc->sc_dev, "could not create desc DMA map\n"); 558 goto fail; 559 } 560 561 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 562 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT); 563 if (error != 0) { 564 aprint_error_dev(&sc->sc_dev, "could not allocate DMA memory\n"); 565 goto fail; 566 } 567 568 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 569 count * RT2661_RX_DESC_SIZE, (void **)&ring->desc, 570 BUS_DMA_NOWAIT); 571 if (error != 0) { 572 aprint_error_dev(&sc->sc_dev, "could not map desc DMA memory\n"); 573 goto fail; 574 } 575 576 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 577 count * RT2661_RX_DESC_SIZE, NULL, BUS_DMA_NOWAIT); 578 if (error != 0) { 579 aprint_error_dev(&sc->sc_dev, "could not load desc DMA map\n"); 580 goto fail; 581 } 582 583 memset(ring->desc, 0, count * RT2661_RX_DESC_SIZE); 584 ring->physaddr = ring->map->dm_segs->ds_addr; 585 586 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, 587 M_NOWAIT); 588 if (ring->data == NULL) { 589 aprint_error_dev(&sc->sc_dev, "could not allocate soft data\n"); 590 error = ENOMEM; 591 goto fail; 592 } 593 594 /* 595 * Pre-allocate Rx buffers and populate Rx ring. 596 */ 597 memset(ring->data, 0, count * sizeof (struct rt2661_rx_data)); 598 for (i = 0; i < count; i++) { 599 desc = &sc->rxq.desc[i]; 600 data = &sc->rxq.data[i]; 601 602 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 603 0, BUS_DMA_NOWAIT, &data->map); 604 if (error != 0) { 605 aprint_error_dev(&sc->sc_dev, "could not create DMA map\n"); 606 goto fail; 607 } 608 609 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 610 if (data->m == NULL) { 611 aprint_error_dev(&sc->sc_dev, "could not allocate rx mbuf\n"); 612 error = ENOMEM; 613 goto fail; 614 } 615 616 MCLGET(data->m, M_DONTWAIT); 617 if (!(data->m->m_flags & M_EXT)) { 618 aprint_error_dev(&sc->sc_dev, "could not allocate rx mbuf cluster\n"); 619 error = ENOMEM; 620 goto fail; 621 } 622 623 error = bus_dmamap_load(sc->sc_dmat, data->map, 624 mtod(data->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 625 if (error != 0) { 626 aprint_error_dev(&sc->sc_dev, "could not load rx buf DMA map"); 627 goto fail; 628 } 629 630 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 631 desc->flags = htole32(RT2661_RX_BUSY); 632 } 633 634 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 635 BUS_DMASYNC_PREWRITE); 636 637 return 0; 638 639 fail: rt2661_free_rx_ring(sc, ring); 640 return error; 641 } 642 643 static void 644 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 645 { 646 int i; 647 648 for (i = 0; i < ring->count; i++) 649 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 650 651 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 652 BUS_DMASYNC_PREWRITE); 653 654 ring->cur = ring->next = 0; 655 } 656 657 static void 658 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 659 { 660 struct rt2661_rx_data *data; 661 int i; 662 663 if (ring->desc != NULL) { 664 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 665 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 666 bus_dmamap_unload(sc->sc_dmat, ring->map); 667 bus_dmamem_unmap(sc->sc_dmat, (void *)ring->desc, 668 ring->count * RT2661_RX_DESC_SIZE); 669 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 670 } 671 672 if (ring->data != NULL) { 673 for (i = 0; i < ring->count; i++) { 674 data = &ring->data[i]; 675 676 if (data->m != NULL) { 677 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 678 data->map->dm_mapsize, 679 BUS_DMASYNC_POSTREAD); 680 bus_dmamap_unload(sc->sc_dmat, data->map); 681 m_freem(data->m); 682 } 683 684 if (data->map != NULL) 685 bus_dmamap_destroy(sc->sc_dmat, data->map); 686 } 687 free(ring->data, M_DEVBUF); 688 } 689 } 690 691 static struct ieee80211_node * 692 rt2661_node_alloc(struct ieee80211_node_table *nt) 693 { 694 struct rt2661_node *rn; 695 696 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE, 697 M_NOWAIT | M_ZERO); 698 699 return (rn != NULL) ? &rn->ni : NULL; 700 } 701 702 static int 703 rt2661_media_change(struct ifnet *ifp) 704 { 705 int error; 706 707 error = ieee80211_media_change(ifp); 708 if (error != ENETRESET) 709 return error; 710 711 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 712 rt2661_init(ifp); 713 714 return 0; 715 } 716 717 /* 718 * This function is called periodically (every 200ms) during scanning to 719 * switch from one channel to another. 720 */ 721 static void 722 rt2661_next_scan(void *arg) 723 { 724 struct rt2661_softc *sc = arg; 725 struct ieee80211com *ic = &sc->sc_ic; 726 int s; 727 728 s = splnet(); 729 if (ic->ic_state == IEEE80211_S_SCAN) 730 ieee80211_next_scan(ic); 731 splx(s); 732 } 733 734 /* 735 * This function is called for each neighbor node. 736 */ 737 static void 738 rt2661_iter_func(void *arg, struct ieee80211_node *ni) 739 { 740 struct rt2661_softc *sc = arg; 741 struct rt2661_node *rn = (struct rt2661_node *)ni; 742 743 ieee80211_amrr_choose(&sc->amrr, ni, &rn->amn); 744 } 745 746 /* 747 * This function is called periodically (every 500ms) in RUN state to update 748 * various settings like rate control statistics or Rx sensitivity. 749 */ 750 static void 751 rt2661_updatestats(void *arg) 752 { 753 struct rt2661_softc *sc = arg; 754 struct ieee80211com *ic = &sc->sc_ic; 755 int s; 756 757 s = splnet(); 758 if (ic->ic_opmode == IEEE80211_M_STA) 759 rt2661_iter_func(sc, ic->ic_bss); 760 else 761 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg); 762 763 /* update rx sensitivity every 1 sec */ 764 if (++sc->ncalls & 1) 765 rt2661_rx_tune(sc); 766 splx(s); 767 768 callout_reset(&sc->amrr_ch, hz / 2, rt2661_updatestats, sc); 769 } 770 771 static void 772 rt2661_newassoc(struct ieee80211_node *ni, int isnew) 773 { 774 struct rt2661_softc *sc = ni->ni_ic->ic_ifp->if_softc; 775 int i; 776 777 ieee80211_amrr_node_init(&sc->amrr, &((struct rt2661_node *)ni)->amn); 778 779 /* set rate to some reasonable initial value */ 780 for (i = ni->ni_rates.rs_nrates - 1; 781 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 782 i--); 783 ni->ni_txrate = i; 784 } 785 786 static int 787 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 788 { 789 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 790 enum ieee80211_state ostate; 791 struct ieee80211_node *ni; 792 uint32_t tmp; 793 794 ostate = ic->ic_state; 795 callout_stop(&sc->scan_ch); 796 797 switch (nstate) { 798 case IEEE80211_S_INIT: 799 callout_stop(&sc->amrr_ch); 800 801 if (ostate == IEEE80211_S_RUN) { 802 /* abort TSF synchronization */ 803 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 804 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 805 } 806 break; 807 808 case IEEE80211_S_SCAN: 809 rt2661_set_chan(sc, ic->ic_curchan); 810 callout_reset(&sc->scan_ch, hz / 5, rt2661_next_scan, sc); 811 break; 812 813 case IEEE80211_S_AUTH: 814 case IEEE80211_S_ASSOC: 815 rt2661_set_chan(sc, ic->ic_curchan); 816 break; 817 818 case IEEE80211_S_RUN: 819 rt2661_set_chan(sc, ic->ic_curchan); 820 821 ni = ic->ic_bss; 822 823 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 824 rt2661_set_slottime(sc); 825 rt2661_enable_mrr(sc); 826 rt2661_set_txpreamble(sc); 827 rt2661_set_basicrates(sc, &ni->ni_rates); 828 rt2661_set_bssid(sc, ni->ni_bssid); 829 } 830 831 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 832 ic->ic_opmode == IEEE80211_M_IBSS) 833 rt2661_prepare_beacon(sc); 834 835 if (ic->ic_opmode == IEEE80211_M_STA) { 836 /* fake a join to init the tx rate */ 837 rt2661_newassoc(ni, 1); 838 } 839 840 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 841 sc->ncalls = 0; 842 sc->avg_rssi = -95; /* reset EMA */ 843 callout_reset(&sc->amrr_ch, hz / 2, 844 rt2661_updatestats, sc); 845 rt2661_enable_tsf_sync(sc); 846 } 847 break; 848 } 849 850 return sc->sc_newstate(ic, nstate, arg); 851 } 852 853 /* 854 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 855 * 93C66). 856 */ 857 static uint16_t 858 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 859 { 860 uint32_t tmp; 861 uint16_t val; 862 int n; 863 864 /* clock C once before the first command */ 865 RT2661_EEPROM_CTL(sc, 0); 866 867 RT2661_EEPROM_CTL(sc, RT2661_S); 868 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 869 RT2661_EEPROM_CTL(sc, RT2661_S); 870 871 /* write start bit (1) */ 872 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 873 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 874 875 /* write READ opcode (10) */ 876 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 877 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 878 RT2661_EEPROM_CTL(sc, RT2661_S); 879 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 880 881 /* write address (A5-A0 or A7-A0) */ 882 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 883 for (; n >= 0; n--) { 884 RT2661_EEPROM_CTL(sc, RT2661_S | 885 (((addr >> n) & 1) << RT2661_SHIFT_D)); 886 RT2661_EEPROM_CTL(sc, RT2661_S | 887 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 888 } 889 890 RT2661_EEPROM_CTL(sc, RT2661_S); 891 892 /* read data Q15-Q0 */ 893 val = 0; 894 for (n = 15; n >= 0; n--) { 895 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 896 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 897 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 898 RT2661_EEPROM_CTL(sc, RT2661_S); 899 } 900 901 RT2661_EEPROM_CTL(sc, 0); 902 903 /* clear Chip Select and clock C */ 904 RT2661_EEPROM_CTL(sc, RT2661_S); 905 RT2661_EEPROM_CTL(sc, 0); 906 RT2661_EEPROM_CTL(sc, RT2661_C); 907 908 return val; 909 } 910 911 static void 912 rt2661_tx_intr(struct rt2661_softc *sc) 913 { 914 struct ifnet *ifp = &sc->sc_if; 915 struct rt2661_tx_ring *txq; 916 struct rt2661_tx_data *data; 917 struct rt2661_node *rn; 918 uint32_t val; 919 int qid, retrycnt; 920 921 for (;;) { 922 val = RAL_READ(sc, RT2661_STA_CSR4); 923 if (!(val & RT2661_TX_STAT_VALID)) 924 break; 925 926 /* retrieve the queue in which this frame was sent */ 927 qid = RT2661_TX_QID(val); 928 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq; 929 930 /* retrieve rate control algorithm context */ 931 data = &txq->data[txq->stat]; 932 rn = (struct rt2661_node *)data->ni; 933 934 /* if no frame has been sent, ignore */ 935 if (rn == NULL) 936 continue; 937 938 switch (RT2661_TX_RESULT(val)) { 939 case RT2661_TX_SUCCESS: 940 retrycnt = RT2661_TX_RETRYCNT(val); 941 942 DPRINTFN(10, ("data frame sent successfully after " 943 "%d retries\n", retrycnt)); 944 rn->amn.amn_txcnt++; 945 if (retrycnt > 0) 946 rn->amn.amn_retrycnt++; 947 ifp->if_opackets++; 948 break; 949 950 case RT2661_TX_RETRY_FAIL: 951 DPRINTFN(9, ("sending data frame failed (too much " 952 "retries)\n")); 953 rn->amn.amn_txcnt++; 954 rn->amn.amn_retrycnt++; 955 ifp->if_oerrors++; 956 break; 957 958 default: 959 /* other failure */ 960 aprint_error_dev(&sc->sc_dev, "sending data frame failed 0x%08x\n", val); 961 ifp->if_oerrors++; 962 } 963 964 ieee80211_free_node(data->ni); 965 data->ni = NULL; 966 967 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat)); 968 969 txq->queued--; 970 if (++txq->stat >= txq->count) /* faster than % count */ 971 txq->stat = 0; 972 } 973 974 sc->sc_tx_timer = 0; 975 ifp->if_flags &= ~IFF_OACTIVE; 976 rt2661_start(ifp); 977 } 978 979 static void 980 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 981 { 982 struct rt2661_tx_desc *desc; 983 struct rt2661_tx_data *data; 984 985 for (;;) { 986 desc = &txq->desc[txq->next]; 987 data = &txq->data[txq->next]; 988 989 bus_dmamap_sync(sc->sc_dmat, txq->map, 990 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 991 BUS_DMASYNC_POSTREAD); 992 993 if ((le32toh(desc->flags) & RT2661_TX_BUSY) || 994 !(le32toh(desc->flags) & RT2661_TX_VALID)) 995 break; 996 997 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 998 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 999 bus_dmamap_unload(sc->sc_dmat, data->map); 1000 m_freem(data->m); 1001 data->m = NULL; 1002 /* node reference is released in rt2661_tx_intr() */ 1003 1004 /* descriptor is no longer valid */ 1005 desc->flags &= ~htole32(RT2661_TX_VALID); 1006 1007 bus_dmamap_sync(sc->sc_dmat, txq->map, 1008 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1009 BUS_DMASYNC_PREWRITE); 1010 1011 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 1012 1013 if (++txq->next >= txq->count) /* faster than % count */ 1014 txq->next = 0; 1015 } 1016 } 1017 1018 static void 1019 rt2661_rx_intr(struct rt2661_softc *sc) 1020 { 1021 struct ieee80211com *ic = &sc->sc_ic; 1022 struct ifnet *ifp = &sc->sc_if; 1023 struct rt2661_rx_desc *desc; 1024 struct rt2661_rx_data *data; 1025 struct ieee80211_frame *wh; 1026 struct ieee80211_node *ni; 1027 struct mbuf *mnew, *m; 1028 int error, rssi; 1029 1030 for (;;) { 1031 desc = &sc->rxq.desc[sc->rxq.cur]; 1032 data = &sc->rxq.data[sc->rxq.cur]; 1033 1034 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map, 1035 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE, 1036 BUS_DMASYNC_POSTREAD); 1037 1038 if (le32toh(desc->flags) & RT2661_RX_BUSY) 1039 break; 1040 1041 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) || 1042 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) { 1043 /* 1044 * This should not happen since we did not request 1045 * to receive those frames when we filled TXRX_CSR0. 1046 */ 1047 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1048 le32toh(desc->flags))); 1049 ifp->if_ierrors++; 1050 goto skip; 1051 } 1052 1053 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1054 ifp->if_ierrors++; 1055 goto skip; 1056 } 1057 1058 /* 1059 * Try to allocate a new mbuf for this ring element and load it 1060 * before processing the current mbuf. If the ring element 1061 * cannot be loaded, drop the received packet and reuse the old 1062 * mbuf. In the unlikely case that the old mbuf can't be 1063 * reloaded either, explicitly panic. 1064 */ 1065 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1066 if (mnew == NULL) { 1067 ifp->if_ierrors++; 1068 goto skip; 1069 } 1070 1071 MCLGET(mnew, M_DONTWAIT); 1072 if (!(mnew->m_flags & M_EXT)) { 1073 m_freem(mnew); 1074 ifp->if_ierrors++; 1075 goto skip; 1076 } 1077 1078 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1079 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1080 bus_dmamap_unload(sc->sc_dmat, data->map); 1081 1082 error = bus_dmamap_load(sc->sc_dmat, data->map, 1083 mtod(mnew, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 1084 if (error != 0) { 1085 m_freem(mnew); 1086 1087 /* try to reload the old mbuf */ 1088 error = bus_dmamap_load(sc->sc_dmat, data->map, 1089 mtod(data->m, void *), MCLBYTES, NULL, 1090 BUS_DMA_NOWAIT); 1091 if (error != 0) { 1092 /* very unlikely that it will fail... */ 1093 panic("%s: could not load old rx mbuf", 1094 device_xname(&sc->sc_dev)); 1095 } 1096 /* physical address may have changed */ 1097 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 1098 ifp->if_ierrors++; 1099 goto skip; 1100 } 1101 1102 /* 1103 * New mbuf successfully loaded, update Rx ring and continue 1104 * processing. 1105 */ 1106 m = data->m; 1107 data->m = mnew; 1108 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 1109 1110 /* finalize mbuf */ 1111 m->m_pkthdr.rcvif = ifp; 1112 m->m_pkthdr.len = m->m_len = 1113 (le32toh(desc->flags) >> 16) & 0xfff; 1114 1115 if (sc->sc_drvbpf != NULL) { 1116 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1117 uint32_t tsf_lo, tsf_hi; 1118 1119 /* get timestamp (low and high 32 bits) */ 1120 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1121 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1122 1123 tap->wr_tsf = 1124 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1125 tap->wr_flags = 0; 1126 tap->wr_rate = rt2661_rxrate(desc); 1127 tap->wr_chan_freq = htole16(sc->sc_curchan->ic_freq); 1128 tap->wr_chan_flags = htole16(sc->sc_curchan->ic_flags); 1129 tap->wr_antsignal = desc->rssi; 1130 1131 bpf_ops->bpf_mtap2(sc->sc_drvbpf, 1132 tap, sc->sc_rxtap_len, m); 1133 } 1134 1135 wh = mtod(m, struct ieee80211_frame *); 1136 ni = ieee80211_find_rxnode(ic, 1137 (struct ieee80211_frame_min *)wh); 1138 1139 /* send the frame to the 802.11 layer */ 1140 ieee80211_input(ic, m, ni, desc->rssi, 0); 1141 1142 /*- 1143 * Keep track of the average RSSI using an Exponential Moving 1144 * Average (EMA) of 8 Wilder's days: 1145 * avg = (1 / N) x rssi + ((N - 1) / N) x avg 1146 */ 1147 rssi = rt2661_get_rssi(sc, desc->rssi); 1148 sc->avg_rssi = (rssi + 7 * sc->avg_rssi) / 8; 1149 1150 /* node is no longer needed */ 1151 ieee80211_free_node(ni); 1152 1153 skip: desc->flags |= htole32(RT2661_RX_BUSY); 1154 1155 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map, 1156 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE, 1157 BUS_DMASYNC_PREWRITE); 1158 1159 DPRINTFN(16, ("rx intr idx=%u\n", sc->rxq.cur)); 1160 1161 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1162 } 1163 1164 /* 1165 * In HostAP mode, ieee80211_input() will enqueue packets in if_snd 1166 * without calling if_start(). 1167 */ 1168 if (!IFQ_IS_EMPTY(&ifp->if_snd) && !(ifp->if_flags & IFF_OACTIVE)) 1169 rt2661_start(ifp); 1170 } 1171 1172 /* 1173 * This function is called in HostAP or IBSS modes when it's time to send a 1174 * new beacon (every ni_intval milliseconds). 1175 */ 1176 static void 1177 rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1178 { 1179 struct ieee80211com *ic = &sc->sc_ic; 1180 1181 if (sc->sc_flags & RT2661_UPDATE_SLOT) { 1182 sc->sc_flags &= ~RT2661_UPDATE_SLOT; 1183 sc->sc_flags |= RT2661_SET_SLOTTIME; 1184 } else if (sc->sc_flags & RT2661_SET_SLOTTIME) { 1185 sc->sc_flags &= ~RT2661_SET_SLOTTIME; 1186 rt2661_set_slottime(sc); 1187 } 1188 1189 if (ic->ic_curmode == IEEE80211_MODE_11G) { 1190 /* update ERP Information Element */ 1191 RAL_WRITE_1(sc, sc->erp_csr, ic->ic_bss->ni_erp); 1192 RAL_RW_BARRIER_1(sc, sc->erp_csr); 1193 } 1194 1195 DPRINTFN(15, ("beacon expired\n")); 1196 } 1197 1198 static void 1199 rt2661_mcu_wakeup(struct rt2661_softc *sc) 1200 { 1201 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1202 1203 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1204 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1205 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1206 1207 /* send wakeup command to MCU */ 1208 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1209 } 1210 1211 static void 1212 rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1213 { 1214 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1215 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1216 } 1217 1218 int 1219 rt2661_intr(void *arg) 1220 { 1221 struct rt2661_softc *sc = arg; 1222 struct ifnet *ifp = &sc->sc_if; 1223 uint32_t r1, r2; 1224 int rv = 0; 1225 1226 /* don't re-enable interrupts if we're shutting down */ 1227 if (!(ifp->if_flags & IFF_RUNNING)) { 1228 /* disable MAC and MCU interrupts */ 1229 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1230 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1231 return 0; 1232 } 1233 1234 for (;;) { 1235 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1236 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1237 1238 if ((r1 & RT2661_INT_CSR_ALL) == 0 && 1239 (r2 & RT2661_MCU_INT_ALL) == 0) 1240 break; 1241 1242 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1243 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1244 1245 rv = 1; 1246 1247 if (r1 & RT2661_MGT_DONE) 1248 rt2661_tx_dma_intr(sc, &sc->mgtq); 1249 1250 if (r1 & RT2661_RX_DONE) 1251 rt2661_rx_intr(sc); 1252 1253 if (r1 & RT2661_TX0_DMA_DONE) 1254 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1255 1256 if (r1 & RT2661_TX1_DMA_DONE) 1257 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1258 1259 if (r1 & RT2661_TX2_DMA_DONE) 1260 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1261 1262 if (r1 & RT2661_TX3_DMA_DONE) 1263 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1264 1265 if (r1 & RT2661_TX_DONE) 1266 rt2661_tx_intr(sc); 1267 1268 if (r2 & RT2661_MCU_CMD_DONE) 1269 rt2661_mcu_cmd_intr(sc); 1270 1271 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1272 rt2661_mcu_beacon_expire(sc); 1273 1274 if (r2 & RT2661_MCU_WAKEUP) 1275 rt2661_mcu_wakeup(sc); 1276 } 1277 1278 return rv; 1279 } 1280 1281 /* quickly determine if a given rate is CCK or OFDM */ 1282 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1283 1284 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1285 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1286 1287 /* 1288 * This function is only used by the Rx radiotap code. It returns the rate at 1289 * which a given frame was received. 1290 */ 1291 static uint8_t 1292 rt2661_rxrate(struct rt2661_rx_desc *desc) 1293 { 1294 if (le32toh(desc->flags) & RT2661_RX_OFDM) { 1295 /* reverse function of rt2661_plcp_signal */ 1296 switch (desc->rate & 0xf) { 1297 case 0xb: return 12; 1298 case 0xf: return 18; 1299 case 0xa: return 24; 1300 case 0xe: return 36; 1301 case 0x9: return 48; 1302 case 0xd: return 72; 1303 case 0x8: return 96; 1304 case 0xc: return 108; 1305 } 1306 } else { 1307 if (desc->rate == 10) 1308 return 2; 1309 if (desc->rate == 20) 1310 return 4; 1311 if (desc->rate == 55) 1312 return 11; 1313 if (desc->rate == 110) 1314 return 22; 1315 } 1316 return 2; /* should not get there */ 1317 } 1318 1319 /* 1320 * Return the expected ack rate for a frame transmitted at rate `rate'. 1321 * XXX: this should depend on the destination node basic rate set. 1322 */ 1323 static int 1324 rt2661_ack_rate(struct ieee80211com *ic, int rate) 1325 { 1326 switch (rate) { 1327 /* CCK rates */ 1328 case 2: 1329 return 2; 1330 case 4: 1331 case 11: 1332 case 22: 1333 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1334 1335 /* OFDM rates */ 1336 case 12: 1337 case 18: 1338 return 12; 1339 case 24: 1340 case 36: 1341 return 24; 1342 case 48: 1343 case 72: 1344 case 96: 1345 case 108: 1346 return 48; 1347 } 1348 1349 /* default to 1Mbps */ 1350 return 2; 1351 } 1352 1353 /* 1354 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1355 * The function automatically determines the operating mode depending on the 1356 * given rate. `flags' indicates whether short preamble is in use or not. 1357 */ 1358 static uint16_t 1359 rt2661_txtime(int len, int rate, uint32_t flags) 1360 { 1361 uint16_t txtime; 1362 1363 if (RAL_RATE_IS_OFDM(rate)) { 1364 /* IEEE Std 802.11g-2003, pp. 44 */ 1365 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1366 txtime = 16 + 4 + 4 * txtime + 6; 1367 } else { 1368 /* IEEE Std 802.11b-1999, pp. 28 */ 1369 txtime = (16 * len + rate - 1) / rate; 1370 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1371 txtime += 72 + 24; 1372 else 1373 txtime += 144 + 48; 1374 } 1375 return txtime; 1376 } 1377 1378 static uint8_t 1379 rt2661_plcp_signal(int rate) 1380 { 1381 switch (rate) { 1382 /* CCK rates (returned values are device-dependent) */ 1383 case 2: return 0x0; 1384 case 4: return 0x1; 1385 case 11: return 0x2; 1386 case 22: return 0x3; 1387 1388 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1389 case 12: return 0xb; 1390 case 18: return 0xf; 1391 case 24: return 0xa; 1392 case 36: return 0xe; 1393 case 48: return 0x9; 1394 case 72: return 0xd; 1395 case 96: return 0x8; 1396 case 108: return 0xc; 1397 1398 /* unsupported rates (should not get there) */ 1399 default: return 0xff; 1400 } 1401 } 1402 1403 static void 1404 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1405 uint32_t flags, uint16_t xflags, int len, int rate, 1406 const bus_dma_segment_t *segs, int nsegs, int ac) 1407 { 1408 struct ieee80211com *ic = &sc->sc_ic; 1409 uint16_t plcp_length; 1410 int i, remainder; 1411 1412 desc->flags = htole32(flags); 1413 desc->flags |= htole32(len << 16); 1414 1415 desc->xflags = htole16(xflags); 1416 desc->xflags |= htole16(nsegs << 13); 1417 1418 desc->wme = htole16( 1419 RT2661_QID(ac) | 1420 RT2661_AIFSN(2) | 1421 RT2661_LOGCWMIN(4) | 1422 RT2661_LOGCWMAX(10)); 1423 1424 /* 1425 * Remember in which queue this frame was sent. This field is driver 1426 * private data only. It will be made available by the NIC in STA_CSR4 1427 * on Tx interrupts. 1428 */ 1429 desc->qid = ac; 1430 1431 /* setup PLCP fields */ 1432 desc->plcp_signal = rt2661_plcp_signal(rate); 1433 desc->plcp_service = 4; 1434 1435 len += IEEE80211_CRC_LEN; 1436 if (RAL_RATE_IS_OFDM(rate)) { 1437 desc->flags |= htole32(RT2661_TX_OFDM); 1438 1439 plcp_length = len & 0xfff; 1440 desc->plcp_length_hi = plcp_length >> 6; 1441 desc->plcp_length_lo = plcp_length & 0x3f; 1442 } else { 1443 plcp_length = (16 * len + rate - 1) / rate; 1444 if (rate == 22) { 1445 remainder = (16 * len) % 22; 1446 if (remainder != 0 && remainder < 7) 1447 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1448 } 1449 desc->plcp_length_hi = plcp_length >> 8; 1450 desc->plcp_length_lo = plcp_length & 0xff; 1451 1452 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1453 desc->plcp_signal |= 0x08; 1454 } 1455 1456 /* RT2x61 supports scatter with up to 5 segments */ 1457 for (i = 0; i < nsegs; i++) { 1458 desc->addr[i] = htole32(segs[i].ds_addr); 1459 desc->len [i] = htole16(segs[i].ds_len); 1460 } 1461 1462 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1463 } 1464 1465 static int 1466 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1467 struct ieee80211_node *ni) 1468 { 1469 struct ieee80211com *ic = &sc->sc_ic; 1470 struct rt2661_tx_desc *desc; 1471 struct rt2661_tx_data *data; 1472 struct ieee80211_frame *wh; 1473 uint16_t dur; 1474 uint32_t flags = 0; 1475 int rate, error; 1476 1477 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1478 data = &sc->mgtq.data[sc->mgtq.cur]; 1479 1480 /* send mgt frames at the lowest available rate */ 1481 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1482 1483 wh = mtod(m0, struct ieee80211_frame *); 1484 1485 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1486 if (ieee80211_crypto_encap(ic, ni, m0) == NULL) { 1487 m_freem(m0); 1488 return ENOBUFS; 1489 } 1490 1491 /* packet header may have moved, reset our local pointer */ 1492 wh = mtod(m0, struct ieee80211_frame *); 1493 } 1494 1495 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1496 BUS_DMA_NOWAIT); 1497 if (error != 0) { 1498 aprint_error_dev(&sc->sc_dev, "could not map mbuf (error %d)\n", 1499 error); 1500 m_freem(m0); 1501 return error; 1502 } 1503 1504 if (sc->sc_drvbpf != NULL) { 1505 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1506 1507 tap->wt_flags = 0; 1508 tap->wt_rate = rate; 1509 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq); 1510 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags); 1511 1512 bpf_ops->bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1513 } 1514 1515 data->m = m0; 1516 data->ni = ni; 1517 1518 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1519 flags |= RT2661_TX_NEED_ACK; 1520 1521 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1522 sc->sifs; 1523 *(uint16_t *)wh->i_dur = htole16(dur); 1524 1525 /* tell hardware to set timestamp in probe responses */ 1526 if ((wh->i_fc[0] & 1527 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1528 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1529 flags |= RT2661_TX_TIMESTAMP; 1530 } 1531 1532 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1533 m0->m_pkthdr.len, rate, data->map->dm_segs, data->map->dm_nsegs, 1534 RT2661_QID_MGT); 1535 1536 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1537 BUS_DMASYNC_PREWRITE); 1538 bus_dmamap_sync(sc->sc_dmat, sc->mgtq.map, 1539 sc->mgtq.cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1540 BUS_DMASYNC_PREWRITE); 1541 1542 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1543 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1544 1545 /* kick mgt */ 1546 sc->mgtq.queued++; 1547 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1548 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1549 1550 return 0; 1551 } 1552 1553 /* 1554 * Build a RTS control frame. 1555 */ 1556 static struct mbuf * 1557 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh, 1558 uint16_t dur) 1559 { 1560 struct ieee80211_frame_rts *rts; 1561 struct mbuf *m; 1562 1563 MGETHDR(m, M_DONTWAIT, MT_DATA); 1564 if (m == NULL) { 1565 sc->sc_ic.ic_stats.is_tx_nobuf++; 1566 aprint_error_dev(&sc->sc_dev, "could not allocate RTS frame\n"); 1567 return NULL; 1568 } 1569 1570 rts = mtod(m, struct ieee80211_frame_rts *); 1571 1572 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL | 1573 IEEE80211_FC0_SUBTYPE_RTS; 1574 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1575 *(uint16_t *)rts->i_dur = htole16(dur); 1576 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1); 1577 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2); 1578 1579 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts); 1580 1581 return m; 1582 } 1583 1584 static int 1585 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1586 struct ieee80211_node *ni, int ac) 1587 { 1588 struct ieee80211com *ic = &sc->sc_ic; 1589 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1590 struct rt2661_tx_desc *desc; 1591 struct rt2661_tx_data *data; 1592 struct ieee80211_frame *wh; 1593 struct ieee80211_key *k; 1594 struct mbuf *mnew; 1595 uint16_t dur; 1596 uint32_t flags = 0; 1597 int rate, useprot, error, tid; 1598 1599 wh = mtod(m0, struct ieee80211_frame *); 1600 1601 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1602 rate = ic->ic_sup_rates[ic->ic_curmode]. 1603 rs_rates[ic->ic_fixed_rate]; 1604 } else 1605 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1606 rate &= IEEE80211_RATE_VAL; 1607 if (rate == 0) 1608 rate = 2; /* XXX should not happen */ 1609 1610 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1611 k = ieee80211_crypto_encap(ic, ni, m0); 1612 if (k == NULL) { 1613 m_freem(m0); 1614 return ENOBUFS; 1615 } 1616 1617 /* packet header may have moved, reset our local pointer */ 1618 wh = mtod(m0, struct ieee80211_frame *); 1619 } 1620 1621 /* 1622 * Packet Bursting: backoff after ppb=8 frames to give other STAs a 1623 * chance to contend for the wireless medium. 1624 */ 1625 tid = WME_AC_TO_TID(M_WME_GETAC(m0)); 1626 if (ic->ic_opmode == IEEE80211_M_STA && (ni->ni_txseqs[tid] & 7)) 1627 flags |= RT2661_TX_IFS_SIFS; 1628 1629 /* 1630 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange 1631 * for directed frames only when the length of the MPDU is greater 1632 * than the length threshold indicated by" ic_rtsthreshold. 1633 * 1634 * IEEE Std 802.11-2003g, pp 13: "ERP STAs shall use protection 1635 * mechanism (such as RTS/CTS or CTS-to-self) for ERP-OFDM MPDUs of 1636 * type Data or an MMPDU". 1637 */ 1638 useprot = !IEEE80211_IS_MULTICAST(wh->i_addr1) && 1639 (m0->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold || 1640 ((ic->ic_flags & IEEE80211_F_USEPROT) && RAL_RATE_IS_OFDM(rate))); 1641 if (useprot) { 1642 struct mbuf *m; 1643 int rtsrate, ackrate; 1644 1645 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2; 1646 ackrate = rt2661_ack_rate(ic, rate); 1647 1648 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) + 1649 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) + 1650 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1651 3 * sc->sifs; 1652 1653 m = rt2661_get_rts(sc, wh, dur); 1654 if (m == NULL) { 1655 aprint_error_dev(&sc->sc_dev, "could not allocate RTS " 1656 "frame\n"); 1657 m_freem(m0); 1658 return ENOBUFS; 1659 } 1660 1661 desc = &txq->desc[txq->cur]; 1662 data = &txq->data[txq->cur]; 1663 1664 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m, 1665 BUS_DMA_NOWAIT); 1666 if (error != 0) { 1667 aprint_error_dev(&sc->sc_dev, "could not map mbuf (error %d)\n", error); 1668 m_freem(m); 1669 m_freem(m0); 1670 return error; 1671 } 1672 1673 /* avoid multiple free() of the same node for each fragment */ 1674 ieee80211_ref_node(ni); 1675 1676 data->m = m; 1677 data->ni = ni; 1678 1679 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK | 1680 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, 1681 data->map->dm_segs, data->map->dm_nsegs, ac); 1682 1683 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1684 data->map->dm_mapsize, BUS_DMASYNC_PREWRITE); 1685 bus_dmamap_sync(sc->sc_dmat, txq->map, 1686 txq->cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1687 BUS_DMASYNC_PREWRITE); 1688 1689 txq->queued++; 1690 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1691 1692 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS_SIFS; 1693 } 1694 1695 data = &txq->data[txq->cur]; 1696 desc = &txq->desc[txq->cur]; 1697 1698 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1699 BUS_DMA_NOWAIT); 1700 if (error != 0 && error != EFBIG) { 1701 aprint_error_dev(&sc->sc_dev, "could not map mbuf (error %d)\n", 1702 error); 1703 m_freem(m0); 1704 return error; 1705 } 1706 if (error != 0) { 1707 /* too many fragments, linearize */ 1708 1709 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1710 if (mnew == NULL) { 1711 m_freem(m0); 1712 return ENOMEM; 1713 } 1714 1715 M_COPY_PKTHDR(mnew, m0); 1716 if (m0->m_pkthdr.len > MHLEN) { 1717 MCLGET(mnew, M_DONTWAIT); 1718 if (!(mnew->m_flags & M_EXT)) { 1719 m_freem(m0); 1720 m_freem(mnew); 1721 return ENOMEM; 1722 } 1723 } 1724 1725 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, void *)); 1726 m_freem(m0); 1727 mnew->m_len = mnew->m_pkthdr.len; 1728 m0 = mnew; 1729 1730 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1731 BUS_DMA_NOWAIT); 1732 if (error != 0) { 1733 aprint_error_dev(&sc->sc_dev, "could not map mbuf (error %d)\n", error); 1734 m_freem(m0); 1735 return error; 1736 } 1737 1738 /* packet header have moved, reset our local pointer */ 1739 wh = mtod(m0, struct ieee80211_frame *); 1740 } 1741 1742 if (sc->sc_drvbpf != NULL) { 1743 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1744 1745 tap->wt_flags = 0; 1746 tap->wt_rate = rate; 1747 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq); 1748 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags); 1749 1750 bpf_ops->bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1751 } 1752 1753 data->m = m0; 1754 data->ni = ni; 1755 1756 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1757 flags |= RT2661_TX_NEED_ACK; 1758 1759 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1760 ic->ic_flags) + sc->sifs; 1761 *(uint16_t *)wh->i_dur = htole16(dur); 1762 } 1763 1764 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, 1765 data->map->dm_segs, data->map->dm_nsegs, ac); 1766 1767 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1768 BUS_DMASYNC_PREWRITE); 1769 bus_dmamap_sync(sc->sc_dmat, txq->map, txq->cur * RT2661_TX_DESC_SIZE, 1770 RT2661_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1771 1772 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1773 m0->m_pkthdr.len, txq->cur, rate)); 1774 1775 /* kick Tx */ 1776 txq->queued++; 1777 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1778 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1); 1779 1780 return 0; 1781 } 1782 1783 static void 1784 rt2661_start(struct ifnet *ifp) 1785 { 1786 struct rt2661_softc *sc = ifp->if_softc; 1787 struct ieee80211com *ic = &sc->sc_ic; 1788 struct mbuf *m0; 1789 struct ether_header *eh; 1790 struct ieee80211_node *ni = NULL; 1791 1792 /* 1793 * net80211 may still try to send management frames even if the 1794 * IFF_RUNNING flag is not set... 1795 */ 1796 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1797 return; 1798 1799 for (;;) { 1800 IF_POLL(&ic->ic_mgtq, m0); 1801 if (m0 != NULL) { 1802 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1803 ifp->if_flags |= IFF_OACTIVE; 1804 break; 1805 } 1806 IF_DEQUEUE(&ic->ic_mgtq, m0); 1807 if (m0 == NULL) 1808 break; 1809 1810 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1811 m0->m_pkthdr.rcvif = NULL; 1812 if (ic->ic_rawbpf != NULL) 1813 bpf_ops->bpf_mtap(ic->ic_rawbpf, m0); 1814 if (rt2661_tx_mgt(sc, m0, ni) != 0) 1815 break; 1816 1817 } else { 1818 IF_POLL(&ifp->if_snd, m0); 1819 if (m0 == NULL || ic->ic_state != IEEE80211_S_RUN) 1820 break; 1821 1822 if (sc->txq[0].queued >= RT2661_TX_RING_COUNT - 1) { 1823 /* there is no place left in this ring */ 1824 ifp->if_flags |= IFF_OACTIVE; 1825 break; 1826 } 1827 1828 IFQ_DEQUEUE(&ifp->if_snd, m0); 1829 1830 if (m0->m_len < sizeof (struct ether_header) && 1831 !(m0 = m_pullup(m0, sizeof (struct ether_header)))) 1832 continue; 1833 1834 eh = mtod(m0, struct ether_header *); 1835 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1836 if (ni == NULL) { 1837 m_freem(m0); 1838 ifp->if_oerrors++; 1839 continue; 1840 } 1841 1842 if (ifp->if_bpf != NULL) 1843 bpf_ops->bpf_mtap(ifp->if_bpf, m0); 1844 m0 = ieee80211_encap(ic, m0, ni); 1845 if (m0 == NULL) { 1846 ieee80211_free_node(ni); 1847 ifp->if_oerrors++; 1848 continue; 1849 } 1850 if (ic->ic_rawbpf != NULL) 1851 bpf_ops->bpf_mtap(ic->ic_rawbpf, m0); 1852 if (rt2661_tx_data(sc, m0, ni, 0) != 0) { 1853 if (ni != NULL) 1854 ieee80211_free_node(ni); 1855 ifp->if_oerrors++; 1856 break; 1857 } 1858 } 1859 1860 sc->sc_tx_timer = 5; 1861 ifp->if_timer = 1; 1862 } 1863 } 1864 1865 static void 1866 rt2661_watchdog(struct ifnet *ifp) 1867 { 1868 struct rt2661_softc *sc = ifp->if_softc; 1869 1870 ifp->if_timer = 0; 1871 1872 if (sc->sc_tx_timer > 0) { 1873 if (--sc->sc_tx_timer == 0) { 1874 aprint_error_dev(&sc->sc_dev, "device timeout\n"); 1875 rt2661_init(ifp); 1876 ifp->if_oerrors++; 1877 return; 1878 } 1879 ifp->if_timer = 1; 1880 } 1881 1882 ieee80211_watchdog(&sc->sc_ic); 1883 } 1884 1885 /* 1886 * This function allows for fast channel switching in monitor mode (used by 1887 * kismet). In IBSS mode, we must explicitly reset the interface to 1888 * generate a new beacon frame. 1889 */ 1890 static int 1891 rt2661_reset(struct ifnet *ifp) 1892 { 1893 struct rt2661_softc *sc = ifp->if_softc; 1894 struct ieee80211com *ic = &sc->sc_ic; 1895 1896 if (ic->ic_opmode != IEEE80211_M_MONITOR) 1897 return ENETRESET; 1898 1899 rt2661_set_chan(sc, ic->ic_curchan); 1900 1901 return 0; 1902 } 1903 1904 static int 1905 rt2661_ioctl(struct ifnet *ifp, u_long cmd, void *data) 1906 { 1907 struct rt2661_softc *sc = ifp->if_softc; 1908 struct ieee80211com *ic = &sc->sc_ic; 1909 int s, error = 0; 1910 1911 s = splnet(); 1912 1913 switch (cmd) { 1914 case SIOCSIFFLAGS: 1915 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 1916 break; 1917 if (ifp->if_flags & IFF_UP) { 1918 if (ifp->if_flags & IFF_RUNNING) 1919 rt2661_update_promisc(sc); 1920 else 1921 rt2661_init(ifp); 1922 } else { 1923 if (ifp->if_flags & IFF_RUNNING) 1924 rt2661_stop(ifp, 1); 1925 } 1926 break; 1927 1928 case SIOCADDMULTI: 1929 case SIOCDELMULTI: 1930 /* XXX no h/w multicast filter? --dyoung */ 1931 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) 1932 error = 0; 1933 break; 1934 1935 case SIOCS80211CHANNEL: 1936 /* 1937 * This allows for fast channel switching in monitor mode 1938 * (used by kismet). In IBSS mode, we must explicitly reset 1939 * the interface to generate a new beacon frame. 1940 */ 1941 error = ieee80211_ioctl(ic, cmd, data); 1942 if (error == ENETRESET && 1943 ic->ic_opmode == IEEE80211_M_MONITOR) { 1944 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1945 (IFF_UP | IFF_RUNNING)) 1946 rt2661_set_chan(sc, ic->ic_ibss_chan); 1947 error = 0; 1948 } 1949 break; 1950 1951 default: 1952 error = ieee80211_ioctl(ic, cmd, data); 1953 1954 } 1955 1956 if (error == ENETRESET) { 1957 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1958 (IFF_UP | IFF_RUNNING)) 1959 rt2661_init(ifp); 1960 error = 0; 1961 } 1962 1963 splx(s); 1964 1965 return error; 1966 } 1967 1968 static void 1969 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 1970 { 1971 uint32_t tmp; 1972 int ntries; 1973 1974 for (ntries = 0; ntries < 100; ntries++) { 1975 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1976 break; 1977 DELAY(1); 1978 } 1979 if (ntries == 100) { 1980 aprint_error_dev(&sc->sc_dev, "could not write to BBP\n"); 1981 return; 1982 } 1983 1984 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 1985 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 1986 1987 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 1988 } 1989 1990 static uint8_t 1991 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 1992 { 1993 uint32_t val; 1994 int ntries; 1995 1996 for (ntries = 0; ntries < 100; ntries++) { 1997 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 1998 break; 1999 DELAY(1); 2000 } 2001 if (ntries == 100) { 2002 aprint_error_dev(&sc->sc_dev, "could not read from BBP\n"); 2003 return 0; 2004 } 2005 2006 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 2007 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 2008 2009 for (ntries = 0; ntries < 100; ntries++) { 2010 val = RAL_READ(sc, RT2661_PHY_CSR3); 2011 if (!(val & RT2661_BBP_BUSY)) 2012 return val & 0xff; 2013 DELAY(1); 2014 } 2015 2016 aprint_error_dev(&sc->sc_dev, "could not read from BBP\n"); 2017 return 0; 2018 } 2019 2020 static void 2021 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 2022 { 2023 uint32_t tmp; 2024 int ntries; 2025 2026 for (ntries = 0; ntries < 100; ntries++) { 2027 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 2028 break; 2029 DELAY(1); 2030 } 2031 if (ntries == 100) { 2032 aprint_error_dev(&sc->sc_dev, "could not write to RF\n"); 2033 return; 2034 } 2035 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 2036 (reg & 3); 2037 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 2038 2039 /* remember last written value in sc */ 2040 sc->rf_regs[reg] = val; 2041 2042 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 2043 } 2044 2045 static int 2046 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 2047 { 2048 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 2049 return EIO; /* there is already a command pending */ 2050 2051 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 2052 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 2053 2054 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 2055 2056 return 0; 2057 } 2058 2059 static void 2060 rt2661_select_antenna(struct rt2661_softc *sc) 2061 { 2062 uint8_t bbp4, bbp77; 2063 uint32_t tmp; 2064 2065 bbp4 = rt2661_bbp_read(sc, 4); 2066 bbp77 = rt2661_bbp_read(sc, 77); 2067 2068 /* TBD */ 2069 2070 /* make sure Rx is disabled before switching antenna */ 2071 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2072 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2073 2074 rt2661_bbp_write(sc, 4, bbp4); 2075 rt2661_bbp_write(sc, 77, bbp77); 2076 2077 /* restore Rx filter */ 2078 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2079 } 2080 2081 /* 2082 * Enable multi-rate retries for frames sent at OFDM rates. 2083 * In 802.11b/g mode, allow fallback to CCK rates. 2084 */ 2085 static void 2086 rt2661_enable_mrr(struct rt2661_softc *sc) 2087 { 2088 struct ieee80211com *ic = &sc->sc_ic; 2089 uint32_t tmp; 2090 2091 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2092 2093 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2094 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2095 tmp |= RT2661_MRR_CCK_FALLBACK; 2096 tmp |= RT2661_MRR_ENABLED; 2097 2098 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2099 } 2100 2101 static void 2102 rt2661_set_txpreamble(struct rt2661_softc *sc) 2103 { 2104 uint32_t tmp; 2105 2106 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2107 2108 tmp &= ~RT2661_SHORT_PREAMBLE; 2109 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2110 tmp |= RT2661_SHORT_PREAMBLE; 2111 2112 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2113 } 2114 2115 static void 2116 rt2661_set_basicrates(struct rt2661_softc *sc, 2117 const struct ieee80211_rateset *rs) 2118 { 2119 #define RV(r) ((r) & IEEE80211_RATE_VAL) 2120 uint32_t mask = 0; 2121 uint8_t rate; 2122 int i, j; 2123 2124 for (i = 0; i < rs->rs_nrates; i++) { 2125 rate = rs->rs_rates[i]; 2126 2127 if (!(rate & IEEE80211_RATE_BASIC)) 2128 continue; 2129 2130 /* 2131 * Find h/w rate index. We know it exists because the rate 2132 * set has already been negotiated. 2133 */ 2134 for (j = 0; rt2661_rateset_11g.rs_rates[j] != RV(rate); j++); 2135 2136 mask |= 1 << j; 2137 } 2138 2139 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask); 2140 2141 DPRINTF(("Setting basic rate mask to 0x%x\n", mask)); 2142 #undef RV 2143 } 2144 2145 /* 2146 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2147 * driver. 2148 */ 2149 static void 2150 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2151 { 2152 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2153 uint32_t tmp; 2154 2155 /* update all BBP registers that depend on the band */ 2156 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2157 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2158 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2159 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2160 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2161 } 2162 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2163 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2164 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2165 } 2166 2167 sc->bbp17 = bbp17; 2168 rt2661_bbp_write(sc, 17, bbp17); 2169 rt2661_bbp_write(sc, 96, bbp96); 2170 rt2661_bbp_write(sc, 104, bbp104); 2171 2172 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2173 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2174 rt2661_bbp_write(sc, 75, 0x80); 2175 rt2661_bbp_write(sc, 86, 0x80); 2176 rt2661_bbp_write(sc, 88, 0x80); 2177 } 2178 2179 rt2661_bbp_write(sc, 35, bbp35); 2180 rt2661_bbp_write(sc, 97, bbp97); 2181 rt2661_bbp_write(sc, 98, bbp98); 2182 2183 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2184 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2185 if (IEEE80211_IS_CHAN_2GHZ(c)) 2186 tmp |= RT2661_PA_PE_2GHZ; 2187 else 2188 tmp |= RT2661_PA_PE_5GHZ; 2189 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2190 2191 /* 802.11a uses a 16 microseconds short interframe space */ 2192 sc->sifs = IEEE80211_IS_CHAN_5GHZ(c) ? 16 : 10; 2193 } 2194 2195 static void 2196 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2197 { 2198 struct ieee80211com *ic = &sc->sc_ic; 2199 const struct rfprog *rfprog; 2200 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2201 int8_t power; 2202 u_int i, chan; 2203 2204 chan = ieee80211_chan2ieee(ic, c); 2205 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2206 return; 2207 2208 /* select the appropriate RF settings based on what EEPROM says */ 2209 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2210 2211 /* find the settings for this channel (we know it exists) */ 2212 for (i = 0; rfprog[i].chan != chan; i++); 2213 2214 power = sc->txpow[i]; 2215 if (power < 0) { 2216 bbp94 += power; 2217 power = 0; 2218 } else if (power > 31) { 2219 bbp94 += power - 31; 2220 power = 31; 2221 } 2222 2223 /* 2224 * If we've yet to select a channel, or we are switching from the 2225 * 2GHz band to the 5GHz band or vice-versa, BBP registers need to 2226 * be reprogrammed. 2227 */ 2228 if (sc->sc_curchan == NULL || c->ic_flags != sc->sc_curchan->ic_flags) { 2229 rt2661_select_band(sc, c); 2230 rt2661_select_antenna(sc); 2231 } 2232 sc->sc_curchan = c; 2233 2234 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2235 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2236 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2237 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2238 2239 DELAY(200); 2240 2241 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2242 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2243 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2244 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2245 2246 DELAY(200); 2247 2248 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2249 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2250 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2251 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2252 2253 /* enable smart mode for MIMO-capable RFs */ 2254 bbp3 = rt2661_bbp_read(sc, 3); 2255 2256 bbp3 &= ~RT2661_SMART_MODE; 2257 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2258 bbp3 |= RT2661_SMART_MODE; 2259 2260 rt2661_bbp_write(sc, 3, bbp3); 2261 2262 if (bbp94 != RT2661_BBPR94_DEFAULT) 2263 rt2661_bbp_write(sc, 94, bbp94); 2264 2265 /* 5GHz radio needs a 1ms delay here */ 2266 if (IEEE80211_IS_CHAN_5GHZ(c)) 2267 DELAY(1000); 2268 } 2269 2270 static void 2271 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2272 { 2273 uint32_t tmp; 2274 2275 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2276 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2277 2278 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2279 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2280 } 2281 2282 static void 2283 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2284 { 2285 uint32_t tmp; 2286 2287 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2288 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2289 2290 tmp = addr[4] | addr[5] << 8 | 0xff << 16; 2291 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2292 } 2293 2294 static void 2295 rt2661_update_promisc(struct rt2661_softc *sc) 2296 { 2297 struct ifnet *ifp = sc->sc_ic.ic_ifp; 2298 uint32_t tmp; 2299 2300 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2301 2302 tmp &= ~RT2661_DROP_NOT_TO_ME; 2303 if (!(ifp->if_flags & IFF_PROMISC)) 2304 tmp |= RT2661_DROP_NOT_TO_ME; 2305 2306 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2307 2308 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2309 "entering" : "leaving")); 2310 } 2311 2312 #if 0 2313 /* 2314 * Update QoS (802.11e) settings for each h/w Tx ring. 2315 */ 2316 static int 2317 rt2661_wme_update(struct ieee80211com *ic) 2318 { 2319 struct rt2661_softc *sc = ic->ic_ifp->if_softc; 2320 const struct wmeParams *wmep; 2321 2322 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams; 2323 2324 /* XXX: not sure about shifts. */ 2325 /* XXX: the reference driver plays with AC_VI settings too. */ 2326 2327 /* update TxOp */ 2328 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0, 2329 wmep[WME_AC_BE].wmep_txopLimit << 16 | 2330 wmep[WME_AC_BK].wmep_txopLimit); 2331 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1, 2332 wmep[WME_AC_VI].wmep_txopLimit << 16 | 2333 wmep[WME_AC_VO].wmep_txopLimit); 2334 2335 /* update CWmin */ 2336 RAL_WRITE(sc, RT2661_CWMIN_CSR, 2337 wmep[WME_AC_BE].wmep_logcwmin << 12 | 2338 wmep[WME_AC_BK].wmep_logcwmin << 8 | 2339 wmep[WME_AC_VI].wmep_logcwmin << 4 | 2340 wmep[WME_AC_VO].wmep_logcwmin); 2341 2342 /* update CWmax */ 2343 RAL_WRITE(sc, RT2661_CWMAX_CSR, 2344 wmep[WME_AC_BE].wmep_logcwmax << 12 | 2345 wmep[WME_AC_BK].wmep_logcwmax << 8 | 2346 wmep[WME_AC_VI].wmep_logcwmax << 4 | 2347 wmep[WME_AC_VO].wmep_logcwmax); 2348 2349 /* update Aifsn */ 2350 RAL_WRITE(sc, RT2661_AIFSN_CSR, 2351 wmep[WME_AC_BE].wmep_aifsn << 12 | 2352 wmep[WME_AC_BK].wmep_aifsn << 8 | 2353 wmep[WME_AC_VI].wmep_aifsn << 4 | 2354 wmep[WME_AC_VO].wmep_aifsn); 2355 2356 return 0; 2357 } 2358 #endif 2359 2360 static void 2361 rt2661_updateslot(struct ifnet *ifp) 2362 { 2363 struct rt2661_softc *sc = ifp->if_softc; 2364 struct ieee80211com *ic = &sc->sc_ic; 2365 2366 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2367 /* 2368 * In HostAP mode, we defer setting of new slot time until 2369 * updated ERP Information Element has propagated to all 2370 * associated STAs. 2371 */ 2372 sc->sc_flags |= RT2661_UPDATE_SLOT; 2373 } else 2374 rt2661_set_slottime(sc); 2375 } 2376 2377 static void 2378 rt2661_set_slottime(struct rt2661_softc *sc) 2379 { 2380 struct ieee80211com *ic = &sc->sc_ic; 2381 uint8_t slottime; 2382 uint32_t tmp; 2383 2384 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2385 2386 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2387 tmp = (tmp & ~0xff) | slottime; 2388 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2389 2390 DPRINTF(("setting slot time to %uus\n", slottime)); 2391 } 2392 2393 static const char * 2394 rt2661_get_rf(int rev) 2395 { 2396 switch (rev) { 2397 case RT2661_RF_5225: return "RT5225"; 2398 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2399 case RT2661_RF_2527: return "RT2527"; 2400 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2401 default: return "unknown"; 2402 } 2403 } 2404 2405 static void 2406 rt2661_read_eeprom(struct rt2661_softc *sc) 2407 { 2408 struct ieee80211com *ic = &sc->sc_ic; 2409 uint16_t val; 2410 int i; 2411 2412 /* read MAC address */ 2413 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2414 ic->ic_myaddr[0] = val & 0xff; 2415 ic->ic_myaddr[1] = val >> 8; 2416 2417 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2418 ic->ic_myaddr[2] = val & 0xff; 2419 ic->ic_myaddr[3] = val >> 8; 2420 2421 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2422 ic->ic_myaddr[4] = val & 0xff; 2423 ic->ic_myaddr[5] = val >> 8; 2424 2425 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2426 /* XXX: test if different from 0xffff? */ 2427 sc->rf_rev = (val >> 11) & 0x1f; 2428 sc->hw_radio = (val >> 10) & 0x1; 2429 sc->rx_ant = (val >> 4) & 0x3; 2430 sc->tx_ant = (val >> 2) & 0x3; 2431 sc->nb_ant = val & 0x3; 2432 2433 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2434 2435 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2436 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2437 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2438 2439 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2440 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2441 2442 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2443 if ((val & 0xff) != 0xff) 2444 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2445 2446 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2447 if ((val & 0xff) != 0xff) 2448 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2449 2450 /* adjust RSSI correction for external low-noise amplifier */ 2451 if (sc->ext_2ghz_lna) 2452 sc->rssi_2ghz_corr -= 14; 2453 if (sc->ext_5ghz_lna) 2454 sc->rssi_5ghz_corr -= 14; 2455 2456 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2457 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2458 2459 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2460 if ((val >> 8) != 0xff) 2461 sc->rfprog = (val >> 8) & 0x3; 2462 if ((val & 0xff) != 0xff) 2463 sc->rffreq = val & 0xff; 2464 2465 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2466 2467 /* read Tx power for all a/b/g channels */ 2468 for (i = 0; i < 19; i++) { 2469 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2470 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2471 DPRINTF(("Channel=%d Tx power=%d\n", 2472 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2473 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2474 DPRINTF(("Channel=%d Tx power=%d\n", 2475 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2476 } 2477 2478 /* read vendor-specific BBP values */ 2479 for (i = 0; i < 16; i++) { 2480 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2481 if (val == 0 || val == 0xffff) 2482 continue; /* skip invalid entries */ 2483 sc->bbp_prom[i].reg = val >> 8; 2484 sc->bbp_prom[i].val = val & 0xff; 2485 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2486 sc->bbp_prom[i].val)); 2487 } 2488 } 2489 2490 static int 2491 rt2661_bbp_init(struct rt2661_softc *sc) 2492 { 2493 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2494 int i, ntries; 2495 uint8_t val; 2496 2497 /* wait for BBP to be ready */ 2498 for (ntries = 0; ntries < 100; ntries++) { 2499 val = rt2661_bbp_read(sc, 0); 2500 if (val != 0 && val != 0xff) 2501 break; 2502 DELAY(100); 2503 } 2504 if (ntries == 100) { 2505 aprint_error_dev(&sc->sc_dev, "timeout waiting for BBP\n"); 2506 return EIO; 2507 } 2508 2509 /* initialize BBP registers to default values */ 2510 for (i = 0; i < N(rt2661_def_bbp); i++) { 2511 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2512 rt2661_def_bbp[i].val); 2513 } 2514 2515 /* write vendor-specific BBP values (from EEPROM) */ 2516 for (i = 0; i < 16; i++) { 2517 if (sc->bbp_prom[i].reg == 0) 2518 continue; 2519 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2520 } 2521 2522 return 0; 2523 #undef N 2524 } 2525 2526 static int 2527 rt2661_init(struct ifnet *ifp) 2528 { 2529 #define N(a) (sizeof (a) / sizeof ((a)[0])) 2530 struct rt2661_softc *sc = ifp->if_softc; 2531 struct ieee80211com *ic = &sc->sc_ic; 2532 const char *name = NULL; /* make lint happy */ 2533 uint8_t *ucode; 2534 size_t size; 2535 uint32_t tmp, star[3]; 2536 int i, ntries; 2537 firmware_handle_t fh; 2538 2539 /* for CardBus, power on the socket */ 2540 if (!(sc->sc_flags & RT2661_ENABLED)) { 2541 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 2542 aprint_error_dev(&sc->sc_dev, "could not enable device\n"); 2543 return EIO; 2544 } 2545 sc->sc_flags |= RT2661_ENABLED; 2546 } 2547 2548 rt2661_stop(ifp, 0); 2549 2550 if (!(sc->sc_flags & RT2661_FWLOADED)) { 2551 switch (sc->sc_id) { 2552 case PCI_PRODUCT_RALINK_RT2561: 2553 name = "ral-rt2561"; 2554 break; 2555 case PCI_PRODUCT_RALINK_RT2561S: 2556 name = "ral-rt2561s"; 2557 break; 2558 case PCI_PRODUCT_RALINK_RT2661: 2559 name = "ral-rt2661"; 2560 break; 2561 } 2562 2563 if (firmware_open("ral", name, &fh) != 0) { 2564 aprint_error_dev(&sc->sc_dev, "could not open microcode %s\n", name); 2565 rt2661_stop(ifp, 1); 2566 return EIO; 2567 } 2568 2569 size = firmware_get_size(fh); 2570 if (!(ucode = firmware_malloc(size))) { 2571 aprint_error_dev(&sc->sc_dev, "could not alloc microcode memory\n"); 2572 firmware_close(fh); 2573 rt2661_stop(ifp, 1); 2574 return ENOMEM; 2575 } 2576 2577 if (firmware_read(fh, 0, ucode, size) != 0) { 2578 aprint_error_dev(&sc->sc_dev, "could not read microcode %s\n", name); 2579 firmware_free(ucode, 0); 2580 firmware_close(fh); 2581 rt2661_stop(ifp, 1); 2582 return EIO; 2583 } 2584 2585 if (rt2661_load_microcode(sc, ucode, size) != 0) { 2586 aprint_error_dev(&sc->sc_dev, "could not load 8051 microcode\n"); 2587 firmware_free(ucode, 0); 2588 firmware_close(fh); 2589 rt2661_stop(ifp, 1); 2590 return EIO; 2591 } 2592 2593 firmware_free(ucode, 0); 2594 firmware_close(fh); 2595 sc->sc_flags |= RT2661_FWLOADED; 2596 } 2597 2598 /* initialize Tx rings */ 2599 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2600 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2601 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2602 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2603 2604 /* initialize Mgt ring */ 2605 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2606 2607 /* initialize Rx ring */ 2608 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2609 2610 /* initialize Tx rings sizes */ 2611 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2612 RT2661_TX_RING_COUNT << 24 | 2613 RT2661_TX_RING_COUNT << 16 | 2614 RT2661_TX_RING_COUNT << 8 | 2615 RT2661_TX_RING_COUNT); 2616 2617 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2618 RT2661_TX_DESC_WSIZE << 16 | 2619 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2620 RT2661_MGT_RING_COUNT); 2621 2622 /* initialize Rx rings */ 2623 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2624 RT2661_RX_DESC_BACK << 16 | 2625 RT2661_RX_DESC_WSIZE << 8 | 2626 RT2661_RX_RING_COUNT); 2627 2628 /* XXX: some magic here */ 2629 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2630 2631 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2632 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2633 2634 /* load base address of Rx ring */ 2635 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2636 2637 /* initialize MAC registers to default values */ 2638 for (i = 0; i < N(rt2661_def_mac); i++) 2639 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2640 2641 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 2642 rt2661_set_macaddr(sc, ic->ic_myaddr); 2643 2644 /* set host ready */ 2645 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2646 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2647 2648 /* wait for BBP/RF to wakeup */ 2649 for (ntries = 0; ntries < 1000; ntries++) { 2650 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2651 break; 2652 DELAY(1000); 2653 } 2654 if (ntries == 1000) { 2655 printf("timeout waiting for BBP/RF to wakeup\n"); 2656 rt2661_stop(ifp, 1); 2657 return EIO; 2658 } 2659 2660 if (rt2661_bbp_init(sc) != 0) { 2661 rt2661_stop(ifp, 1); 2662 return EIO; 2663 } 2664 2665 /* select default channel */ 2666 sc->sc_curchan = ic->ic_curchan; 2667 rt2661_select_band(sc, sc->sc_curchan); 2668 rt2661_select_antenna(sc); 2669 rt2661_set_chan(sc, sc->sc_curchan); 2670 2671 /* update Rx filter */ 2672 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2673 2674 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2675 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2676 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2677 RT2661_DROP_ACKCTS; 2678 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2679 tmp |= RT2661_DROP_TODS; 2680 if (!(ifp->if_flags & IFF_PROMISC)) 2681 tmp |= RT2661_DROP_NOT_TO_ME; 2682 } 2683 2684 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2685 2686 /* clear STA registers */ 2687 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, star, N(star)); 2688 2689 /* initialize ASIC */ 2690 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2691 2692 /* clear any pending interrupt */ 2693 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2694 2695 /* enable interrupts */ 2696 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2697 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2698 2699 /* kick Rx */ 2700 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2701 2702 ifp->if_flags &= ~IFF_OACTIVE; 2703 ifp->if_flags |= IFF_RUNNING; 2704 2705 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2706 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 2707 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2708 } else 2709 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2710 2711 return 0; 2712 #undef N 2713 } 2714 2715 static void 2716 rt2661_stop(struct ifnet *ifp, int disable) 2717 { 2718 struct rt2661_softc *sc = ifp->if_softc; 2719 struct ieee80211com *ic = &sc->sc_ic; 2720 uint32_t tmp; 2721 2722 sc->sc_tx_timer = 0; 2723 ifp->if_timer = 0; 2724 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2725 2726 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 2727 2728 /* abort Tx (for all 5 Tx rings) */ 2729 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2730 2731 /* disable Rx (value remains after reset!) */ 2732 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2733 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2734 2735 /* reset ASIC */ 2736 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2737 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2738 2739 /* disable interrupts */ 2740 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 2741 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2742 2743 /* clear any pending interrupt */ 2744 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2745 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2746 2747 /* reset Tx and Rx rings */ 2748 rt2661_reset_tx_ring(sc, &sc->txq[0]); 2749 rt2661_reset_tx_ring(sc, &sc->txq[1]); 2750 rt2661_reset_tx_ring(sc, &sc->txq[2]); 2751 rt2661_reset_tx_ring(sc, &sc->txq[3]); 2752 rt2661_reset_tx_ring(sc, &sc->mgtq); 2753 rt2661_reset_rx_ring(sc, &sc->rxq); 2754 2755 /* for CardBus, power down the socket */ 2756 if (disable && sc->sc_disable != NULL) { 2757 if (sc->sc_flags & RT2661_ENABLED) { 2758 (*sc->sc_disable)(sc); 2759 sc->sc_flags &= ~(RT2661_ENABLED | RT2661_FWLOADED); 2760 } 2761 } 2762 } 2763 2764 static int 2765 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size) 2766 { 2767 int ntries; 2768 2769 /* reset 8051 */ 2770 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2771 2772 /* cancel any pending Host to MCU command */ 2773 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2774 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2775 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2776 2777 /* write 8051's microcode */ 2778 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2779 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size); 2780 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2781 2782 /* kick 8051's ass */ 2783 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2784 2785 /* wait for 8051 to initialize */ 2786 for (ntries = 0; ntries < 500; ntries++) { 2787 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2788 break; 2789 DELAY(100); 2790 } 2791 if (ntries == 500) { 2792 printf("timeout waiting for MCU to initialize\n"); 2793 return EIO; 2794 } 2795 return 0; 2796 } 2797 2798 /* 2799 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2800 * false CCA count. This function is called periodically (every seconds) when 2801 * in the RUN state. Values taken from the reference driver. 2802 */ 2803 static void 2804 rt2661_rx_tune(struct rt2661_softc *sc) 2805 { 2806 uint8_t bbp17; 2807 uint16_t cca; 2808 int lo, hi, dbm; 2809 2810 /* 2811 * Tuning range depends on operating band and on the presence of an 2812 * external low-noise amplifier. 2813 */ 2814 lo = 0x20; 2815 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2816 lo += 0x08; 2817 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2818 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2819 lo += 0x10; 2820 hi = lo + 0x20; 2821 2822 dbm = sc->avg_rssi; 2823 /* retrieve false CCA count since last call (clear on read) */ 2824 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2825 2826 DPRINTFN(2, ("RSSI=%ddBm false CCA=%d\n", dbm, cca)); 2827 2828 if (dbm < -74) { 2829 /* very bad RSSI, tune using false CCA count */ 2830 bbp17 = sc->bbp17; /* current value */ 2831 2832 hi -= 2 * (-74 - dbm); 2833 if (hi < lo) 2834 hi = lo; 2835 2836 if (bbp17 > hi) 2837 bbp17 = hi; 2838 else if (cca > 512) 2839 bbp17 = min(bbp17 + 1, hi); 2840 else if (cca < 100) 2841 bbp17 = max(bbp17 - 1, lo); 2842 2843 } else if (dbm < -66) { 2844 bbp17 = lo + 0x08; 2845 } else if (dbm < -58) { 2846 bbp17 = lo + 0x10; 2847 } else if (dbm < -35) { 2848 bbp17 = hi; 2849 } else { /* very good RSSI >= -35dBm */ 2850 bbp17 = 0x60; /* very low sensitivity */ 2851 } 2852 2853 if (bbp17 != sc->bbp17) { 2854 DPRINTF(("BBP17 %x->%x\n", sc->bbp17, bbp17)); 2855 rt2661_bbp_write(sc, 17, bbp17); 2856 sc->bbp17 = bbp17; 2857 } 2858 } 2859 2860 #ifdef notyet 2861 /* 2862 * Enter/Leave radar detection mode. 2863 * This is for 802.11h additional regulatory domains. 2864 */ 2865 static void 2866 rt2661_radar_start(struct rt2661_softc *sc) 2867 { 2868 uint32_t tmp; 2869 2870 /* disable Rx */ 2871 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2872 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2873 2874 rt2661_bbp_write(sc, 82, 0x20); 2875 rt2661_bbp_write(sc, 83, 0x00); 2876 rt2661_bbp_write(sc, 84, 0x40); 2877 2878 /* save current BBP registers values */ 2879 sc->bbp18 = rt2661_bbp_read(sc, 18); 2880 sc->bbp21 = rt2661_bbp_read(sc, 21); 2881 sc->bbp22 = rt2661_bbp_read(sc, 22); 2882 sc->bbp16 = rt2661_bbp_read(sc, 16); 2883 sc->bbp17 = rt2661_bbp_read(sc, 17); 2884 sc->bbp64 = rt2661_bbp_read(sc, 64); 2885 2886 rt2661_bbp_write(sc, 18, 0xff); 2887 rt2661_bbp_write(sc, 21, 0x3f); 2888 rt2661_bbp_write(sc, 22, 0x3f); 2889 rt2661_bbp_write(sc, 16, 0xbd); 2890 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2891 rt2661_bbp_write(sc, 64, 0x21); 2892 2893 /* restore Rx filter */ 2894 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2895 } 2896 2897 static int 2898 rt2661_radar_stop(struct rt2661_softc *sc) 2899 { 2900 uint8_t bbp66; 2901 2902 /* read radar detection result */ 2903 bbp66 = rt2661_bbp_read(sc, 66); 2904 2905 /* restore BBP registers values */ 2906 rt2661_bbp_write(sc, 16, sc->bbp16); 2907 rt2661_bbp_write(sc, 17, sc->bbp17); 2908 rt2661_bbp_write(sc, 18, sc->bbp18); 2909 rt2661_bbp_write(sc, 21, sc->bbp21); 2910 rt2661_bbp_write(sc, 22, sc->bbp22); 2911 rt2661_bbp_write(sc, 64, sc->bbp64); 2912 2913 return bbp66 == 1; 2914 } 2915 #endif 2916 2917 static int 2918 rt2661_prepare_beacon(struct rt2661_softc *sc) 2919 { 2920 struct ieee80211com *ic = &sc->sc_ic; 2921 struct ieee80211_node *ni = ic->ic_bss; 2922 struct rt2661_tx_desc desc; 2923 struct mbuf *m0; 2924 struct ieee80211_beacon_offsets bo; 2925 int rate; 2926 2927 m0 = ieee80211_beacon_alloc(ic, ni, &bo); 2928 if (m0 == NULL) { 2929 aprint_error_dev(&sc->sc_dev, "could not allocate beacon frame\n"); 2930 return ENOBUFS; 2931 } 2932 2933 /* send beacons at the lowest available rate */ 2934 rate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2; 2935 2936 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2937 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT); 2938 2939 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2940 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2941 2942 /* copy beacon header and payload into NIC memory */ 2943 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2944 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2945 2946 m_freem(m0); 2947 2948 /* 2949 * Store offset of ERP Information Element so that we can update it 2950 * dynamically when the slot time changes. 2951 * XXX: this is ugly since it depends on how net80211 builds beacon 2952 * frames but ieee80211_beacon_alloc() doesn't store offsets for us. 2953 */ 2954 if (ic->ic_curmode == IEEE80211_MODE_11G) { 2955 sc->erp_csr = 2956 RT2661_HW_BEACON_BASE0 + 24 + 2957 sizeof (struct ieee80211_frame) + 2958 8 + 2 + 2 + 2 + ni->ni_esslen + 2959 2 + min(ni->ni_rates.rs_nrates, IEEE80211_RATE_SIZE) + 2960 2 + 1 + 2961 ((ic->ic_opmode == IEEE80211_M_IBSS) ? 4 : 6) + 2962 2; 2963 } 2964 2965 return 0; 2966 } 2967 2968 /* 2969 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2970 * and HostAP operating modes. 2971 */ 2972 static void 2973 rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2974 { 2975 struct ieee80211com *ic = &sc->sc_ic; 2976 uint32_t tmp; 2977 2978 if (ic->ic_opmode != IEEE80211_M_STA) { 2979 /* 2980 * Change default 16ms TBTT adjustment to 8ms. 2981 * Must be done before enabling beacon generation. 2982 */ 2983 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 2984 } 2985 2986 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 2987 2988 /* set beacon interval (in 1/16ms unit) */ 2989 tmp |= ic->ic_bss->ni_intval * 16; 2990 2991 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 2992 if (ic->ic_opmode == IEEE80211_M_STA) 2993 tmp |= RT2661_TSF_MODE(1); 2994 else 2995 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 2996 2997 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 2998 } 2999 3000 /* 3001 * Retrieve the "Received Signal Strength Indicator" from the raw values 3002 * contained in Rx descriptors. The computation depends on which band the 3003 * frame was received. Correction values taken from the reference driver. 3004 */ 3005 static int 3006 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 3007 { 3008 int lna, agc, rssi; 3009 3010 lna = (raw >> 5) & 0x3; 3011 agc = raw & 0x1f; 3012 3013 rssi = 2 * agc; 3014 3015 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 3016 rssi += sc->rssi_2ghz_corr; 3017 3018 if (lna == 1) 3019 rssi -= 64; 3020 else if (lna == 2) 3021 rssi -= 74; 3022 else if (lna == 3) 3023 rssi -= 90; 3024 } else { 3025 rssi += sc->rssi_5ghz_corr; 3026 3027 if (lna == 1) 3028 rssi -= 64; 3029 else if (lna == 2) 3030 rssi -= 86; 3031 else if (lna == 3) 3032 rssi -= 100; 3033 } 3034 return rssi; 3035 } 3036