1 /* $OpenBSD: rt2661.c,v 1.74 2014/07/13 23:10:23 deraadt Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver 22 * http://www.ralinktech.com/ 23 */ 24 25 #include "bpfilter.h" 26 27 #include <sys/param.h> 28 #include <sys/sockio.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/malloc.h> 34 #include <sys/timeout.h> 35 #include <sys/conf.h> 36 #include <sys/device.h> 37 #include <sys/queue.h> 38 39 #include <machine/bus.h> 40 #include <machine/endian.h> 41 #include <machine/intr.h> 42 43 #if NBPFILTER > 0 44 #include <net/bpf.h> 45 #endif 46 #include <net/if.h> 47 #include <net/if_arp.h> 48 #include <net/if_dl.h> 49 #include <net/if_media.h> 50 #include <net/if_types.h> 51 52 #include <netinet/in.h> 53 #include <netinet/in_systm.h> 54 #include <netinet/if_ether.h> 55 #include <netinet/ip.h> 56 57 #include <net80211/ieee80211_var.h> 58 #include <net80211/ieee80211_amrr.h> 59 #include <net80211/ieee80211_radiotap.h> 60 #include <net80211/ieee80211_node.h> 61 62 #include <dev/ic/rt2661var.h> 63 #include <dev/ic/rt2661reg.h> 64 65 #include <dev/pci/pcireg.h> 66 #include <dev/pci/pcivar.h> 67 #include <dev/pci/pcidevs.h> 68 69 #ifdef RAL_DEBUG 70 #define DPRINTF(x) do { if (rt2661_debug > 0) printf x; } while (0) 71 #define DPRINTFN(n, x) do { if (rt2661_debug >= (n)) printf x; } while (0) 72 int rt2661_debug = 1; 73 #else 74 #define DPRINTF(x) 75 #define DPRINTFN(n, x) 76 #endif 77 78 void rt2661_attachhook(void *); 79 int rt2661_alloc_tx_ring(struct rt2661_softc *, 80 struct rt2661_tx_ring *, int); 81 void rt2661_reset_tx_ring(struct rt2661_softc *, 82 struct rt2661_tx_ring *); 83 void rt2661_free_tx_ring(struct rt2661_softc *, 84 struct rt2661_tx_ring *); 85 int rt2661_alloc_rx_ring(struct rt2661_softc *, 86 struct rt2661_rx_ring *, int); 87 void rt2661_reset_rx_ring(struct rt2661_softc *, 88 struct rt2661_rx_ring *); 89 void rt2661_free_rx_ring(struct rt2661_softc *, 90 struct rt2661_rx_ring *); 91 struct ieee80211_node *rt2661_node_alloc(struct ieee80211com *); 92 void rt2661_node_free(struct ieee80211com *, 93 struct ieee80211_node *); 94 int rt2661_media_change(struct ifnet *); 95 void rt2661_next_scan(void *); 96 void rt2661_iter_func(void *, struct ieee80211_node *); 97 void rt2661_updatestats(void *); 98 void rt2661_newassoc(struct ieee80211com *, struct ieee80211_node *, 99 int); 100 int rt2661_newstate(struct ieee80211com *, enum ieee80211_state, 101 int); 102 uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t); 103 void rt2661_tx_intr(struct rt2661_softc *); 104 void rt2661_tx_dma_intr(struct rt2661_softc *, 105 struct rt2661_tx_ring *); 106 void rt2661_rx_intr(struct rt2661_softc *); 107 #ifndef IEEE80211_STA_ONLY 108 void rt2661_mcu_beacon_expire(struct rt2661_softc *); 109 #endif 110 void rt2661_mcu_wakeup(struct rt2661_softc *); 111 void rt2661_mcu_cmd_intr(struct rt2661_softc *); 112 int rt2661_intr(void *); 113 #if NBPFILTER > 0 114 uint8_t rt2661_rxrate(const struct rt2661_rx_desc *); 115 #endif 116 int rt2661_ack_rate(struct ieee80211com *, int); 117 uint16_t rt2661_txtime(int, int, uint32_t); 118 uint8_t rt2661_plcp_signal(int); 119 void rt2661_setup_tx_desc(struct rt2661_softc *, 120 struct rt2661_tx_desc *, uint32_t, uint16_t, int, int, 121 const bus_dma_segment_t *, int, int, u_int8_t); 122 int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *, 123 struct ieee80211_node *); 124 int rt2661_tx_data(struct rt2661_softc *, struct mbuf *, 125 struct ieee80211_node *, int); 126 void rt2661_start(struct ifnet *); 127 void rt2661_watchdog(struct ifnet *); 128 int rt2661_ioctl(struct ifnet *, u_long, caddr_t); 129 void rt2661_bbp_write(struct rt2661_softc *, uint8_t, uint8_t); 130 uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t); 131 void rt2661_rf_write(struct rt2661_softc *, uint8_t, uint32_t); 132 int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, uint16_t); 133 void rt2661_select_antenna(struct rt2661_softc *); 134 void rt2661_enable_mrr(struct rt2661_softc *); 135 void rt2661_set_txpreamble(struct rt2661_softc *); 136 void rt2661_set_basicrates(struct rt2661_softc *); 137 void rt2661_select_band(struct rt2661_softc *, 138 struct ieee80211_channel *); 139 void rt2661_set_chan(struct rt2661_softc *, 140 struct ieee80211_channel *); 141 void rt2661_set_bssid(struct rt2661_softc *, const uint8_t *); 142 void rt2661_set_macaddr(struct rt2661_softc *, const uint8_t *); 143 void rt2661_update_promisc(struct rt2661_softc *); 144 void rt2661_updateslot(struct ieee80211com *); 145 void rt2661_set_slottime(struct rt2661_softc *); 146 const char *rt2661_get_rf(int); 147 void rt2661_read_eeprom(struct rt2661_softc *); 148 int rt2661_bbp_init(struct rt2661_softc *); 149 int rt2661_init(struct ifnet *); 150 void rt2661_stop(struct ifnet *, int); 151 int rt2661_load_microcode(struct rt2661_softc *); 152 void rt2661_rx_tune(struct rt2661_softc *); 153 #ifdef notyet 154 void rt2661_radar_start(struct rt2661_softc *); 155 int rt2661_radar_stop(struct rt2661_softc *); 156 #endif 157 #ifndef IEEE80211_STA_ONLY 158 int rt2661_prepare_beacon(struct rt2661_softc *); 159 #endif 160 void rt2661_enable_tsf_sync(struct rt2661_softc *); 161 int rt2661_get_rssi(struct rt2661_softc *, uint8_t); 162 struct rt2661_amrr_node *rt2661_amrr_node_alloc(struct ieee80211com *, 163 struct rt2661_node *); 164 void rt2661_amrr_node_free(struct rt2661_softc *, 165 struct rt2661_amrr_node *); 166 void rt2661_amrr_node_free_all(struct rt2661_softc *); 167 void rt2661_amrr_node_free_unused(struct rt2661_softc *); 168 struct rt2661_amrr_node *rt2661_amrr_node_find(struct rt2661_softc *, 169 u_int8_t); 170 171 static const struct { 172 uint32_t reg; 173 uint32_t val; 174 } rt2661_def_mac[] = { 175 RT2661_DEF_MAC 176 }; 177 178 static const struct { 179 uint8_t reg; 180 uint8_t val; 181 } rt2661_def_bbp[] = { 182 RT2661_DEF_BBP 183 }; 184 185 static const struct rfprog { 186 uint8_t chan; 187 uint32_t r1, r2, r3, r4; 188 } rt2661_rf5225_1[] = { 189 RT2661_RF5225_1 190 }, rt2661_rf5225_2[] = { 191 RT2661_RF5225_2 192 }; 193 194 int 195 rt2661_attach(void *xsc, int id) 196 { 197 struct rt2661_softc *sc = xsc; 198 struct ieee80211com *ic = &sc->sc_ic; 199 uint32_t val; 200 int error, ac, ntries; 201 202 sc->sc_id = id; 203 204 sc->amrr.amrr_min_success_threshold = 1; 205 sc->amrr.amrr_max_success_threshold = 15; 206 timeout_set(&sc->amrr_to, rt2661_updatestats, sc); 207 timeout_set(&sc->scan_to, rt2661_next_scan, sc); 208 209 TAILQ_INIT(&sc->amn); 210 211 /* wait for NIC to initialize */ 212 for (ntries = 0; ntries < 1000; ntries++) { 213 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0) 214 break; 215 DELAY(1000); 216 } 217 if (ntries == 1000) { 218 printf("%s: timeout waiting for NIC to initialize\n", 219 sc->sc_dev.dv_xname); 220 return EIO; 221 } 222 223 /* retrieve RF rev. no and various other things from EEPROM */ 224 rt2661_read_eeprom(sc); 225 printf(", address %s\n", ether_sprintf(ic->ic_myaddr)); 226 227 printf("%s: MAC/BBP RT%X, RF %s\n", sc->sc_dev.dv_xname, val, 228 rt2661_get_rf(sc->rf_rev)); 229 230 /* 231 * Allocate Tx and Rx rings. 232 */ 233 for (ac = 0; ac < 4; ac++) { 234 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac], 235 RT2661_TX_RING_COUNT); 236 if (error != 0) { 237 printf("%s: could not allocate Tx ring %d\n", 238 sc->sc_dev.dv_xname, ac); 239 goto fail1; 240 } 241 } 242 243 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT); 244 if (error != 0) { 245 printf("%s: could not allocate Mgt ring\n", 246 sc->sc_dev.dv_xname); 247 goto fail1; 248 } 249 250 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT); 251 if (error != 0) { 252 printf("%s: could not allocate Rx ring\n", 253 sc->sc_dev.dv_xname); 254 goto fail2; 255 } 256 257 if (rootvp == NULL) 258 mountroothook_establish(rt2661_attachhook, sc); 259 else 260 rt2661_attachhook(sc); 261 262 return 0; 263 264 fail2: rt2661_free_tx_ring(sc, &sc->mgtq); 265 fail1: while (--ac >= 0) 266 rt2661_free_tx_ring(sc, &sc->txq[ac]); 267 return ENXIO; 268 } 269 270 void 271 rt2661_attachhook(void *xsc) 272 { 273 struct rt2661_softc *sc = xsc; 274 struct ieee80211com *ic = &sc->sc_ic; 275 struct ifnet *ifp = &ic->ic_if; 276 const char *name = NULL; 277 int i, error; 278 279 switch (sc->sc_id) { 280 case PCI_PRODUCT_RALINK_RT2561: 281 name = "ral-rt2561"; 282 break; 283 case PCI_PRODUCT_RALINK_RT2561S: 284 name = "ral-rt2561s"; 285 break; 286 case PCI_PRODUCT_RALINK_RT2661: 287 name = "ral-rt2661"; 288 break; 289 } 290 if ((error = loadfirmware(name, &sc->ucode, &sc->ucsize)) != 0) { 291 printf("%s: error %d, could not read firmware %s\n", 292 sc->sc_dev.dv_xname, error, name); 293 return; 294 } 295 296 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 297 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 298 ic->ic_state = IEEE80211_S_INIT; 299 300 /* set device capabilities */ 301 ic->ic_caps = 302 IEEE80211_C_MONITOR | /* monitor mode supported */ 303 #ifndef IEEE80211_STA_ONLY 304 IEEE80211_C_IBSS | /* IBSS mode supported */ 305 IEEE80211_C_HOSTAP | /* HostAP mode supported */ 306 #endif 307 IEEE80211_C_TXPMGT | /* tx power management */ 308 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 309 IEEE80211_C_SHSLOT | /* short slot time supported */ 310 IEEE80211_C_WEP | /* s/w WEP */ 311 IEEE80211_C_RSN; /* WPA/RSN */ 312 313 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) { 314 /* set supported .11a rates */ 315 ic->ic_sup_rates[IEEE80211_MODE_11A] = 316 ieee80211_std_rateset_11a; 317 318 /* set supported .11a channels */ 319 for (i = 36; i <= 64; i += 4) { 320 ic->ic_channels[i].ic_freq = 321 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 322 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 323 } 324 for (i = 100; i <= 140; i += 4) { 325 ic->ic_channels[i].ic_freq = 326 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 327 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 328 } 329 for (i = 149; i <= 165; i += 4) { 330 ic->ic_channels[i].ic_freq = 331 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ); 332 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A; 333 } 334 } 335 336 /* set supported .11b and .11g rates */ 337 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 338 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 339 340 /* set supported .11b and .11g channels (1 through 14) */ 341 for (i = 1; i <= 14; i++) { 342 ic->ic_channels[i].ic_freq = 343 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 344 ic->ic_channels[i].ic_flags = 345 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 346 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 347 } 348 349 ifp->if_softc = sc; 350 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 351 ifp->if_ioctl = rt2661_ioctl; 352 ifp->if_start = rt2661_start; 353 ifp->if_watchdog = rt2661_watchdog; 354 IFQ_SET_READY(&ifp->if_snd); 355 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 356 357 if_attach(ifp); 358 ieee80211_ifattach(ifp); 359 ic->ic_node_alloc = rt2661_node_alloc; 360 sc->sc_node_free = ic->ic_node_free; 361 ic->ic_node_free = rt2661_node_free; 362 ic->ic_newassoc = rt2661_newassoc; 363 ic->ic_updateslot = rt2661_updateslot; 364 365 /* override state transition machine */ 366 sc->sc_newstate = ic->ic_newstate; 367 ic->ic_newstate = rt2661_newstate; 368 ieee80211_media_init(ifp, rt2661_media_change, ieee80211_media_status); 369 370 #if NBPFILTER > 0 371 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 372 sizeof (struct ieee80211_frame) + 64); 373 374 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 375 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 376 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT); 377 378 sc->sc_txtap_len = sizeof sc->sc_txtapu; 379 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 380 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT); 381 #endif 382 } 383 384 int 385 rt2661_detach(void *xsc) 386 { 387 struct rt2661_softc *sc = xsc; 388 struct ifnet *ifp = &sc->sc_ic.ic_if; 389 int ac; 390 391 timeout_del(&sc->scan_to); 392 timeout_del(&sc->amrr_to); 393 394 ieee80211_ifdetach(ifp); /* free all nodes */ 395 rt2661_amrr_node_free_all(sc); 396 if_detach(ifp); 397 398 for (ac = 0; ac < 4; ac++) 399 rt2661_free_tx_ring(sc, &sc->txq[ac]); 400 rt2661_free_tx_ring(sc, &sc->mgtq); 401 rt2661_free_rx_ring(sc, &sc->rxq); 402 403 if (sc->ucode != NULL) 404 free(sc->ucode, M_DEVBUF, 0); 405 406 return 0; 407 } 408 409 void 410 rt2661_suspend(void *xsc) 411 { 412 struct rt2661_softc *sc = xsc; 413 struct ifnet *ifp = &sc->sc_ic.ic_if; 414 415 if (ifp->if_flags & IFF_RUNNING) { 416 rt2661_stop(ifp, 1); 417 sc->sc_flags &= ~RT2661_FWLOADED; 418 } 419 } 420 421 void 422 rt2661_wakeup(void *xsc) 423 { 424 struct rt2661_softc *sc = xsc; 425 struct ifnet *ifp = &sc->sc_ic.ic_if; 426 427 if (ifp->if_flags & IFF_UP) 428 rt2661_init(ifp); 429 } 430 431 int 432 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring, 433 int count) 434 { 435 int i, nsegs, error; 436 437 ring->count = count; 438 ring->queued = 0; 439 ring->cur = ring->next = ring->stat = 0; 440 441 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 1, 442 count * RT2661_TX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map); 443 if (error != 0) { 444 printf("%s: could not create desc DMA map\n", 445 sc->sc_dev.dv_xname); 446 goto fail; 447 } 448 449 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 450 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT | BUS_DMA_ZERO); 451 if (error != 0) { 452 printf("%s: could not allocate DMA memory\n", 453 sc->sc_dev.dv_xname); 454 goto fail; 455 } 456 457 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 458 count * RT2661_TX_DESC_SIZE, (caddr_t *)&ring->desc, 459 BUS_DMA_NOWAIT); 460 if (error != 0) { 461 printf("%s: can't map desc DMA memory\n", 462 sc->sc_dev.dv_xname); 463 goto fail; 464 } 465 466 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 467 count * RT2661_TX_DESC_SIZE, NULL, BUS_DMA_NOWAIT); 468 if (error != 0) { 469 printf("%s: could not load desc DMA map\n", 470 sc->sc_dev.dv_xname); 471 goto fail; 472 } 473 474 ring->physaddr = ring->map->dm_segs->ds_addr; 475 476 ring->data = mallocarray(count, sizeof (struct rt2661_tx_data), 477 M_DEVBUF, M_NOWAIT | M_ZERO); 478 if (ring->data == NULL) { 479 printf("%s: could not allocate soft data\n", 480 sc->sc_dev.dv_xname); 481 error = ENOMEM; 482 goto fail; 483 } 484 485 for (i = 0; i < count; i++) { 486 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 487 RT2661_MAX_SCATTER, MCLBYTES, 0, BUS_DMA_NOWAIT, 488 &ring->data[i].map); 489 if (error != 0) { 490 printf("%s: could not create DMA map\n", 491 sc->sc_dev.dv_xname); 492 goto fail; 493 } 494 } 495 496 return 0; 497 498 fail: rt2661_free_tx_ring(sc, ring); 499 return error; 500 } 501 502 void 503 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 504 { 505 int i; 506 507 for (i = 0; i < ring->count; i++) { 508 struct rt2661_tx_desc *desc = &ring->desc[i]; 509 struct rt2661_tx_data *data = &ring->data[i]; 510 511 if (data->m != NULL) { 512 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 513 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 514 bus_dmamap_unload(sc->sc_dmat, data->map); 515 m_freem(data->m); 516 data->m = NULL; 517 } 518 519 /* 520 * The node has already been freed at that point so don't call 521 * ieee80211_release_node() here. 522 */ 523 data->ni = NULL; 524 525 desc->flags = 0; 526 } 527 528 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 529 BUS_DMASYNC_PREWRITE); 530 531 ring->queued = 0; 532 ring->cur = ring->next = ring->stat = 0; 533 } 534 535 void 536 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring) 537 { 538 int i; 539 540 if (ring->desc != NULL) { 541 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 542 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 543 bus_dmamap_unload(sc->sc_dmat, ring->map); 544 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 545 ring->count * RT2661_TX_DESC_SIZE); 546 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 547 } 548 549 if (ring->data != NULL) { 550 for (i = 0; i < ring->count; i++) { 551 struct rt2661_tx_data *data = &ring->data[i]; 552 553 if (data->m != NULL) { 554 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 555 data->map->dm_mapsize, 556 BUS_DMASYNC_POSTWRITE); 557 bus_dmamap_unload(sc->sc_dmat, data->map); 558 m_freem(data->m); 559 } 560 /* 561 * The node has already been freed at that point so 562 * don't call ieee80211_release_node() here. 563 */ 564 data->ni = NULL; 565 566 if (data->map != NULL) 567 bus_dmamap_destroy(sc->sc_dmat, data->map); 568 } 569 free(ring->data, M_DEVBUF, 0); 570 } 571 } 572 573 int 574 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring, 575 int count) 576 { 577 int i, nsegs, error; 578 579 ring->count = count; 580 ring->cur = ring->next = 0; 581 582 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 1, 583 count * RT2661_RX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map); 584 if (error != 0) { 585 printf("%s: could not create desc DMA map\n", 586 sc->sc_dev.dv_xname); 587 goto fail; 588 } 589 590 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 591 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT | BUS_DMA_ZERO); 592 if (error != 0) { 593 printf("%s: could not allocate DMA memory\n", 594 sc->sc_dev.dv_xname); 595 goto fail; 596 } 597 598 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 599 count * RT2661_RX_DESC_SIZE, (caddr_t *)&ring->desc, 600 BUS_DMA_NOWAIT); 601 if (error != 0) { 602 printf("%s: can't map desc DMA memory\n", 603 sc->sc_dev.dv_xname); 604 goto fail; 605 } 606 607 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 608 count * RT2661_RX_DESC_SIZE, NULL, BUS_DMA_NOWAIT); 609 if (error != 0) { 610 printf("%s: could not load desc DMA map\n", 611 sc->sc_dev.dv_xname); 612 goto fail; 613 } 614 615 ring->physaddr = ring->map->dm_segs->ds_addr; 616 617 ring->data = mallocarray(count, sizeof (struct rt2661_rx_data), 618 M_DEVBUF, M_NOWAIT | M_ZERO); 619 if (ring->data == NULL) { 620 printf("%s: could not allocate soft data\n", 621 sc->sc_dev.dv_xname); 622 error = ENOMEM; 623 goto fail; 624 } 625 626 /* 627 * Pre-allocate Rx buffers and populate Rx ring. 628 */ 629 for (i = 0; i < count; i++) { 630 struct rt2661_rx_desc *desc = &sc->rxq.desc[i]; 631 struct rt2661_rx_data *data = &sc->rxq.data[i]; 632 633 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 634 0, BUS_DMA_NOWAIT, &data->map); 635 if (error != 0) { 636 printf("%s: could not create DMA map\n", 637 sc->sc_dev.dv_xname); 638 goto fail; 639 } 640 641 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 642 if (data->m == NULL) { 643 printf("%s: could not allocate rx mbuf\n", 644 sc->sc_dev.dv_xname); 645 error = ENOMEM; 646 goto fail; 647 } 648 MCLGET(data->m, M_DONTWAIT); 649 if (!(data->m->m_flags & M_EXT)) { 650 printf("%s: could not allocate rx mbuf cluster\n", 651 sc->sc_dev.dv_xname); 652 error = ENOMEM; 653 goto fail; 654 } 655 656 error = bus_dmamap_load(sc->sc_dmat, data->map, 657 mtod(data->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 658 if (error != 0) { 659 printf("%s: could not load rx buf DMA map", 660 sc->sc_dev.dv_xname); 661 goto fail; 662 } 663 664 desc->flags = htole32(RT2661_RX_BUSY); 665 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 666 } 667 668 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 669 BUS_DMASYNC_PREWRITE); 670 671 return 0; 672 673 fail: rt2661_free_rx_ring(sc, ring); 674 return error; 675 } 676 677 void 678 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 679 { 680 int i; 681 682 for (i = 0; i < ring->count; i++) 683 ring->desc[i].flags = htole32(RT2661_RX_BUSY); 684 685 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 686 BUS_DMASYNC_PREWRITE); 687 688 ring->cur = ring->next = 0; 689 } 690 691 void 692 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring) 693 { 694 int i; 695 696 if (ring->desc != NULL) { 697 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 698 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 699 bus_dmamap_unload(sc->sc_dmat, ring->map); 700 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc, 701 ring->count * RT2661_RX_DESC_SIZE); 702 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 703 } 704 705 if (ring->data != NULL) { 706 for (i = 0; i < ring->count; i++) { 707 struct rt2661_rx_data *data = &ring->data[i]; 708 709 if (data->m != NULL) { 710 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 711 data->map->dm_mapsize, 712 BUS_DMASYNC_POSTREAD); 713 bus_dmamap_unload(sc->sc_dmat, data->map); 714 m_freem(data->m); 715 } 716 717 if (data->map != NULL) 718 bus_dmamap_destroy(sc->sc_dmat, data->map); 719 } 720 free(ring->data, M_DEVBUF, 0); 721 } 722 } 723 724 struct rt2661_amrr_node * 725 rt2661_amrr_node_alloc(struct ieee80211com *ic, struct rt2661_node *rn) 726 { 727 struct rt2661_softc *sc = ic->ic_softc; 728 struct rt2661_amrr_node *amn; 729 int s; 730 731 if (sc->amn_count >= RT2661_AMRR_NODES_MAX) 732 rt2661_amrr_node_free_unused(sc); 733 if (sc->amn_count >= RT2661_AMRR_NODES_MAX) 734 return NULL; 735 736 amn = malloc(sizeof (struct rt2661_amrr_node), M_DEVBUF, 737 M_NOWAIT | M_ZERO); 738 739 if (amn) { 740 s = splnet(); 741 amn->id = sc->amn_count++; 742 amn->rn = rn; 743 TAILQ_INSERT_TAIL(&sc->amn, amn, entry); 744 splx(s); 745 } 746 747 return amn; 748 } 749 750 void 751 rt2661_amrr_node_free(struct rt2661_softc *sc, struct rt2661_amrr_node *amn) 752 { 753 int s; 754 755 s = splnet(); 756 if (amn->rn) 757 amn->rn->amn = NULL; 758 TAILQ_REMOVE(&sc->amn, amn, entry); 759 sc->amn_count--; 760 splx(s); 761 free(amn, M_DEVBUF, 0); 762 } 763 764 void 765 rt2661_amrr_node_free_all(struct rt2661_softc *sc) 766 { 767 struct rt2661_amrr_node *amn, *a; 768 int s; 769 770 s = splnet(); 771 TAILQ_FOREACH_SAFE(amn, &sc->amn, entry, a) 772 rt2661_amrr_node_free(sc, amn); 773 splx(s); 774 } 775 776 void 777 rt2661_amrr_node_free_unused(struct rt2661_softc *sc) 778 { 779 struct rt2661_amrr_node *amn, *a; 780 int s; 781 782 s = splnet(); 783 TAILQ_FOREACH_SAFE(amn, &sc->amn, entry, a) { 784 if (amn->rn == NULL) 785 rt2661_amrr_node_free(sc, amn); 786 } 787 splx(s); 788 } 789 790 struct rt2661_amrr_node * 791 rt2661_amrr_node_find(struct rt2661_softc *sc, u_int8_t id) 792 { 793 struct rt2661_amrr_node *amn, *a, *ret = NULL; 794 int s; 795 796 if (id == RT2661_AMRR_INVALID_ID) 797 return NULL; 798 799 s = splnet(); 800 TAILQ_FOREACH_SAFE(amn, &sc->amn, entry, a) { 801 /* If the corresponding node was freed, free the amrr node. */ 802 if (amn->rn == NULL) 803 rt2661_amrr_node_free(sc, amn); 804 else if (amn->id == id) 805 ret = amn; 806 } 807 splx(s); 808 809 return ret; 810 } 811 812 struct ieee80211_node * 813 rt2661_node_alloc(struct ieee80211com *ic) 814 { 815 struct rt2661_node *rn; 816 817 rn = malloc(sizeof (struct rt2661_node), M_DEVBUF, 818 M_NOWAIT | M_ZERO); 819 if (rn == NULL) 820 return NULL; 821 822 rn->amn = rt2661_amrr_node_alloc(ic, rn); 823 return (struct ieee80211_node *)rn; 824 } 825 826 void 827 rt2661_node_free(struct ieee80211com *ic, struct ieee80211_node *ni) 828 { 829 struct rt2661_softc *sc = ic->ic_softc; 830 struct rt2661_node *rn = (struct rt2661_node *)ni; 831 832 if (rn->amn) 833 rn->amn->rn = NULL; 834 sc->sc_node_free(ic, ni); 835 } 836 837 int 838 rt2661_media_change(struct ifnet *ifp) 839 { 840 int error; 841 842 error = ieee80211_media_change(ifp); 843 if (error != ENETRESET) 844 return error; 845 846 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 847 rt2661_init(ifp); 848 849 return 0; 850 } 851 852 /* 853 * This function is called periodically (every 200ms) during scanning to 854 * switch from one channel to another. 855 */ 856 void 857 rt2661_next_scan(void *arg) 858 { 859 struct rt2661_softc *sc = arg; 860 struct ieee80211com *ic = &sc->sc_ic; 861 struct ifnet *ifp = &ic->ic_if; 862 int s; 863 864 s = splnet(); 865 if (ic->ic_state == IEEE80211_S_SCAN) 866 ieee80211_next_scan(ifp); 867 splx(s); 868 } 869 870 /* 871 * This function is called for each neighbor node. 872 */ 873 void 874 rt2661_iter_func(void *arg, struct ieee80211_node *ni) 875 { 876 struct rt2661_softc *sc = arg; 877 struct rt2661_node *rn = (struct rt2661_node *)ni; 878 879 if (rn->amn) 880 ieee80211_amrr_choose(&sc->amrr, ni, &rn->amn->amn); 881 } 882 883 /* 884 * This function is called periodically (every 500ms) in RUN state to update 885 * various settings like rate control statistics or Rx sensitivity. 886 */ 887 void 888 rt2661_updatestats(void *arg) 889 { 890 struct rt2661_softc *sc = arg; 891 struct ieee80211com *ic = &sc->sc_ic; 892 int s; 893 894 s = splnet(); 895 if (ic->ic_opmode == IEEE80211_M_STA) 896 rt2661_iter_func(sc, ic->ic_bss); 897 else 898 ieee80211_iterate_nodes(ic, rt2661_iter_func, arg); 899 900 /* update rx sensitivity and free unused amrr nodes every 1 sec */ 901 if (++sc->ncalls & 1) { 902 rt2661_rx_tune(sc); 903 rt2661_amrr_node_free_unused(sc); 904 } 905 splx(s); 906 907 timeout_add_msec(&sc->amrr_to, 500); 908 } 909 910 void 911 rt2661_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 912 { 913 struct rt2661_softc *sc = ic->ic_softc; 914 struct rt2661_node *rn = (struct rt2661_node *)ni; 915 int i; 916 917 if (rn->amn) 918 ieee80211_amrr_node_init(&sc->amrr, &rn->amn->amn); 919 920 /* set rate to some reasonable initial value */ 921 for (i = ni->ni_rates.rs_nrates - 1; 922 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 923 i--); 924 ni->ni_txrate = i; 925 } 926 927 int 928 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 929 { 930 struct rt2661_softc *sc = ic->ic_if.if_softc; 931 enum ieee80211_state ostate; 932 struct ieee80211_node *ni; 933 uint32_t tmp; 934 935 ostate = ic->ic_state; 936 timeout_del(&sc->scan_to); 937 timeout_del(&sc->amrr_to); 938 939 switch (nstate) { 940 case IEEE80211_S_INIT: 941 if (ostate == IEEE80211_S_RUN) { 942 /* abort TSF synchronization */ 943 tmp = RAL_READ(sc, RT2661_TXRX_CSR9); 944 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff); 945 } 946 break; 947 948 case IEEE80211_S_SCAN: 949 rt2661_set_chan(sc, ic->ic_bss->ni_chan); 950 timeout_add_msec(&sc->scan_to, 200); 951 break; 952 953 case IEEE80211_S_AUTH: 954 case IEEE80211_S_ASSOC: 955 rt2661_set_chan(sc, ic->ic_bss->ni_chan); 956 break; 957 958 case IEEE80211_S_RUN: 959 rt2661_set_chan(sc, ic->ic_bss->ni_chan); 960 961 ni = ic->ic_bss; 962 963 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 964 rt2661_set_slottime(sc); 965 rt2661_enable_mrr(sc); 966 rt2661_set_txpreamble(sc); 967 rt2661_set_basicrates(sc); 968 rt2661_set_bssid(sc, ni->ni_bssid); 969 } 970 971 #ifndef IEEE80211_STA_ONLY 972 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 973 ic->ic_opmode == IEEE80211_M_IBSS) 974 rt2661_prepare_beacon(sc); 975 #endif 976 977 if (ic->ic_opmode == IEEE80211_M_STA) { 978 /* fake a join to init the tx rate */ 979 rt2661_newassoc(ic, ni, 1); 980 } 981 982 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 983 sc->ncalls = 0; 984 sc->avg_rssi = -95; /* reset EMA */ 985 timeout_add_msec(&sc->amrr_to, 500); 986 rt2661_enable_tsf_sync(sc); 987 } 988 break; 989 } 990 991 return sc->sc_newstate(ic, nstate, arg); 992 } 993 994 /* 995 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or 996 * 93C66). 997 */ 998 uint16_t 999 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr) 1000 { 1001 uint32_t tmp; 1002 uint16_t val; 1003 int n; 1004 1005 /* clock C once before the first command */ 1006 RT2661_EEPROM_CTL(sc, 0); 1007 1008 RT2661_EEPROM_CTL(sc, RT2661_S); 1009 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 1010 RT2661_EEPROM_CTL(sc, RT2661_S); 1011 1012 /* write start bit (1) */ 1013 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 1014 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 1015 1016 /* write READ opcode (10) */ 1017 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D); 1018 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C); 1019 RT2661_EEPROM_CTL(sc, RT2661_S); 1020 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 1021 1022 /* write address (A5-A0 or A7-A0) */ 1023 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7; 1024 for (; n >= 0; n--) { 1025 RT2661_EEPROM_CTL(sc, RT2661_S | 1026 (((addr >> n) & 1) << RT2661_SHIFT_D)); 1027 RT2661_EEPROM_CTL(sc, RT2661_S | 1028 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C); 1029 } 1030 1031 RT2661_EEPROM_CTL(sc, RT2661_S); 1032 1033 /* read data Q15-Q0 */ 1034 val = 0; 1035 for (n = 15; n >= 0; n--) { 1036 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C); 1037 tmp = RAL_READ(sc, RT2661_E2PROM_CSR); 1038 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n; 1039 RT2661_EEPROM_CTL(sc, RT2661_S); 1040 } 1041 1042 RT2661_EEPROM_CTL(sc, 0); 1043 1044 /* clear Chip Select and clock C */ 1045 RT2661_EEPROM_CTL(sc, RT2661_S); 1046 RT2661_EEPROM_CTL(sc, 0); 1047 RT2661_EEPROM_CTL(sc, RT2661_C); 1048 1049 return val; 1050 } 1051 1052 /* The TX interrupt handler accumulates statistics based on whether frames 1053 * were sent successfully by the ASIC. */ 1054 void 1055 rt2661_tx_intr(struct rt2661_softc *sc) 1056 { 1057 struct ieee80211com *ic = &sc->sc_ic; 1058 struct ifnet *ifp = &ic->ic_if; 1059 struct rt2661_amrr_node *amn; 1060 int retrycnt; 1061 u_int8_t amrr_id; 1062 1063 for (;;) { 1064 const uint32_t val = RAL_READ(sc, RT2661_STA_CSR4); 1065 if (!(val & RT2661_TX_STAT_VALID)) 1066 break; 1067 1068 /* retrieve rate control algorithm context */ 1069 amrr_id = RT2661_TX_PRIV_DATA(val); 1070 amn = rt2661_amrr_node_find(sc, amrr_id); 1071 1072 switch (RT2661_TX_RESULT(val)) { 1073 case RT2661_TX_SUCCESS: 1074 retrycnt = RT2661_TX_RETRYCNT(val); 1075 1076 DPRINTFN(10, ("data frame sent successfully after " 1077 "%d retries\n", retrycnt)); 1078 if (amn) { 1079 amn->amn.amn_txcnt++; 1080 if (retrycnt > 0) 1081 amn->amn.amn_retrycnt++; 1082 } 1083 ifp->if_opackets++; 1084 break; 1085 1086 case RT2661_TX_RETRY_FAIL: 1087 DPRINTFN(9, ("sending data frame failed (too much " 1088 "retries)\n")); 1089 if (amn) { 1090 amn->amn.amn_txcnt++; 1091 amn->amn.amn_retrycnt++; 1092 } 1093 ifp->if_oerrors++; 1094 break; 1095 1096 default: 1097 /* other failure */ 1098 printf("%s: sending data frame failed 0x%08x\n", 1099 sc->sc_dev.dv_xname, val); 1100 ifp->if_oerrors++; 1101 } 1102 1103 DPRINTFN(15, ("tx done amrr_id=%hhu amn=0x%x\n", amrr_id, amn)); 1104 } 1105 } 1106 1107 /* The TX DMA interrupt handler processes frames which have been offloaded 1108 * to the ASIC for transmission. We can free all resources corresponding 1109 * to the frame here. */ 1110 void 1111 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq) 1112 { 1113 struct ieee80211com *ic = &sc->sc_ic; 1114 struct ifnet *ifp = &ic->ic_if; 1115 1116 for (;;) { 1117 struct rt2661_tx_desc *desc = &txq->desc[txq->next]; 1118 struct rt2661_tx_data *data = &txq->data[txq->next]; 1119 1120 bus_dmamap_sync(sc->sc_dmat, txq->map, 1121 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1122 BUS_DMASYNC_POSTREAD); 1123 1124 if ((letoh32(desc->flags) & RT2661_TX_BUSY) || 1125 !(letoh32(desc->flags) & RT2661_TX_VALID)) 1126 break; 1127 1128 /* descriptor is no longer valid */ 1129 desc->flags &= ~htole32(RT2661_TX_VALID); 1130 1131 bus_dmamap_sync(sc->sc_dmat, txq->map, 1132 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1133 BUS_DMASYNC_PREWRITE); 1134 1135 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1136 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1137 bus_dmamap_unload(sc->sc_dmat, data->map); 1138 m_freem(data->m); 1139 data->m = NULL; 1140 ieee80211_release_node(ic, data->ni); 1141 data->ni = NULL; 1142 1143 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next)); 1144 1145 txq->queued--; 1146 if (++txq->next >= txq->count) /* faster than % count */ 1147 txq->next = 0; 1148 } 1149 1150 if (sc->mgtq.queued == 0 && sc->txq[0].queued == 0) 1151 sc->sc_tx_timer = 0; 1152 if (sc->mgtq.queued < RT2661_MGT_RING_COUNT && 1153 sc->txq[0].queued < RT2661_TX_RING_COUNT - 1) { 1154 if (sc->mgtq.queued < RT2661_MGT_RING_COUNT) 1155 sc->sc_flags &= ~RT2661_MGT_OACTIVE; 1156 if (sc->txq[0].queued < RT2661_TX_RING_COUNT - 1) 1157 sc->sc_flags &= ~RT2661_DATA_OACTIVE; 1158 if (!(sc->sc_flags & (RT2661_MGT_OACTIVE|RT2661_DATA_OACTIVE))) 1159 ifp->if_flags &= ~IFF_OACTIVE; 1160 rt2661_start(ifp); 1161 } 1162 } 1163 1164 void 1165 rt2661_rx_intr(struct rt2661_softc *sc) 1166 { 1167 struct ieee80211com *ic = &sc->sc_ic; 1168 struct ifnet *ifp = &ic->ic_if; 1169 struct ieee80211_frame *wh; 1170 struct ieee80211_rxinfo rxi; 1171 struct ieee80211_node *ni; 1172 struct mbuf *mnew, *m; 1173 int error, rssi; 1174 1175 for (;;) { 1176 struct rt2661_rx_desc *desc = &sc->rxq.desc[sc->rxq.cur]; 1177 struct rt2661_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 1178 1179 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map, 1180 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE, 1181 BUS_DMASYNC_POSTREAD); 1182 1183 if (letoh32(desc->flags) & RT2661_RX_BUSY) 1184 break; 1185 1186 if ((letoh32(desc->flags) & RT2661_RX_PHY_ERROR) || 1187 (letoh32(desc->flags) & RT2661_RX_CRC_ERROR)) { 1188 /* 1189 * This should not happen since we did not request 1190 * to receive those frames when we filled TXRX_CSR0. 1191 */ 1192 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n", 1193 letoh32(desc->flags))); 1194 ifp->if_ierrors++; 1195 goto skip; 1196 } 1197 1198 if ((letoh32(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) { 1199 ifp->if_ierrors++; 1200 goto skip; 1201 } 1202 1203 /* 1204 * Try to allocate a new mbuf for this ring element and load it 1205 * before processing the current mbuf. If the ring element 1206 * cannot be loaded, drop the received packet and reuse the old 1207 * mbuf. In the unlikely case that the old mbuf can't be 1208 * reloaded either, explicitly panic. 1209 */ 1210 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1211 if (mnew == NULL) { 1212 ifp->if_ierrors++; 1213 goto skip; 1214 } 1215 MCLGET(mnew, M_DONTWAIT); 1216 if (!(mnew->m_flags & M_EXT)) { 1217 m_freem(mnew); 1218 ifp->if_ierrors++; 1219 goto skip; 1220 } 1221 1222 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1223 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1224 bus_dmamap_unload(sc->sc_dmat, data->map); 1225 1226 error = bus_dmamap_load(sc->sc_dmat, data->map, 1227 mtod(mnew, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 1228 if (error != 0) { 1229 m_freem(mnew); 1230 1231 /* try to reload the old mbuf */ 1232 error = bus_dmamap_load(sc->sc_dmat, data->map, 1233 mtod(data->m, void *), MCLBYTES, NULL, 1234 BUS_DMA_NOWAIT); 1235 if (error != 0) { 1236 /* very unlikely that it will fail... */ 1237 panic("%s: could not load old rx mbuf", 1238 sc->sc_dev.dv_xname); 1239 } 1240 /* physical address may have changed */ 1241 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 1242 ifp->if_ierrors++; 1243 goto skip; 1244 } 1245 1246 /* 1247 * New mbuf successfully loaded, update Rx ring and continue 1248 * processing. 1249 */ 1250 m = data->m; 1251 data->m = mnew; 1252 desc->physaddr = htole32(data->map->dm_segs->ds_addr); 1253 1254 /* finalize mbuf */ 1255 m->m_pkthdr.rcvif = ifp; 1256 m->m_pkthdr.len = m->m_len = 1257 (letoh32(desc->flags) >> 16) & 0xfff; 1258 1259 #if NBPFILTER > 0 1260 if (sc->sc_drvbpf != NULL) { 1261 struct mbuf mb; 1262 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap; 1263 uint32_t tsf_lo, tsf_hi; 1264 1265 /* get timestamp (low and high 32 bits) */ 1266 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13); 1267 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12); 1268 1269 tap->wr_tsf = 1270 htole64(((uint64_t)tsf_hi << 32) | tsf_lo); 1271 tap->wr_flags = 0; 1272 tap->wr_rate = rt2661_rxrate(desc); 1273 tap->wr_chan_freq = htole16(sc->sc_curchan->ic_freq); 1274 tap->wr_chan_flags = htole16(sc->sc_curchan->ic_flags); 1275 tap->wr_antsignal = desc->rssi; 1276 1277 mb.m_data = (caddr_t)tap; 1278 mb.m_len = sc->sc_rxtap_len; 1279 mb.m_next = m; 1280 mb.m_nextpkt = NULL; 1281 mb.m_type = 0; 1282 mb.m_flags = 0; 1283 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1284 } 1285 #endif 1286 1287 wh = mtod(m, struct ieee80211_frame *); 1288 ni = ieee80211_find_rxnode(ic, wh); 1289 1290 /* send the frame to the 802.11 layer */ 1291 rxi.rxi_flags = 0; 1292 rxi.rxi_rssi = desc->rssi; 1293 rxi.rxi_tstamp = 0; /* unused */ 1294 ieee80211_input(ifp, m, ni, &rxi); 1295 1296 /*- 1297 * Keep track of the average RSSI using an Exponential Moving 1298 * Average (EMA) of 8 Wilder's days: 1299 * avg = (1 / N) x rssi + ((N - 1) / N) x avg 1300 */ 1301 rssi = rt2661_get_rssi(sc, desc->rssi); 1302 sc->avg_rssi = (rssi + 7 * sc->avg_rssi) / 8; 1303 1304 /* node is no longer needed */ 1305 ieee80211_release_node(ic, ni); 1306 1307 skip: desc->flags |= htole32(RT2661_RX_BUSY); 1308 1309 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map, 1310 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE, 1311 BUS_DMASYNC_PREWRITE); 1312 1313 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur)); 1314 1315 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT; 1316 } 1317 } 1318 1319 #ifndef IEEE80211_STA_ONLY 1320 /* 1321 * This function is called in HostAP or IBSS modes when it's time to send a 1322 * new beacon (every ni_intval milliseconds). 1323 */ 1324 void 1325 rt2661_mcu_beacon_expire(struct rt2661_softc *sc) 1326 { 1327 struct ieee80211com *ic = &sc->sc_ic; 1328 1329 if (sc->sc_flags & RT2661_UPDATE_SLOT) { 1330 sc->sc_flags &= ~RT2661_UPDATE_SLOT; 1331 sc->sc_flags |= RT2661_SET_SLOTTIME; 1332 } else if (sc->sc_flags & RT2661_SET_SLOTTIME) { 1333 sc->sc_flags &= ~RT2661_SET_SLOTTIME; 1334 rt2661_set_slottime(sc); 1335 } 1336 1337 if (ic->ic_curmode == IEEE80211_MODE_11G) { 1338 /* update ERP Information Element */ 1339 RAL_WRITE_1(sc, sc->erp_csr, ic->ic_bss->ni_erp); 1340 RAL_RW_BARRIER_1(sc, sc->erp_csr); 1341 } 1342 1343 DPRINTFN(15, ("beacon expired\n")); 1344 } 1345 #endif 1346 1347 void 1348 rt2661_mcu_wakeup(struct rt2661_softc *sc) 1349 { 1350 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16); 1351 1352 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7); 1353 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18); 1354 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20); 1355 1356 /* send wakeup command to MCU */ 1357 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0); 1358 } 1359 1360 void 1361 rt2661_mcu_cmd_intr(struct rt2661_softc *sc) 1362 { 1363 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR); 1364 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 1365 } 1366 1367 int 1368 rt2661_intr(void *arg) 1369 { 1370 struct rt2661_softc *sc = arg; 1371 struct ifnet *ifp = &sc->sc_ic.ic_if; 1372 uint32_t r1, r2; 1373 1374 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR); 1375 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR); 1376 if (__predict_false(r1 == 0xffffffff && r2 == 0xffffffff)) 1377 return 0; /* device likely went away */ 1378 if (r1 == 0 && r2 == 0) 1379 return 0; /* not for us */ 1380 1381 /* disable MAC and MCU interrupts */ 1382 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 1383 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 1384 1385 /* acknowledge interrupts */ 1386 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1); 1387 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2); 1388 1389 /* don't re-enable interrupts if we're shutting down */ 1390 if (!(ifp->if_flags & IFF_RUNNING)) 1391 return 0; 1392 1393 if (r1 & RT2661_MGT_DONE) 1394 rt2661_tx_dma_intr(sc, &sc->mgtq); 1395 1396 if (r1 & RT2661_RX_DONE) 1397 rt2661_rx_intr(sc); 1398 1399 if (r1 & RT2661_TX0_DMA_DONE) 1400 rt2661_tx_dma_intr(sc, &sc->txq[0]); 1401 1402 if (r1 & RT2661_TX1_DMA_DONE) 1403 rt2661_tx_dma_intr(sc, &sc->txq[1]); 1404 1405 if (r1 & RT2661_TX2_DMA_DONE) 1406 rt2661_tx_dma_intr(sc, &sc->txq[2]); 1407 1408 if (r1 & RT2661_TX3_DMA_DONE) 1409 rt2661_tx_dma_intr(sc, &sc->txq[3]); 1410 1411 if (r1 & RT2661_TX_DONE) 1412 rt2661_tx_intr(sc); 1413 1414 if (r2 & RT2661_MCU_CMD_DONE) 1415 rt2661_mcu_cmd_intr(sc); 1416 1417 #ifndef IEEE80211_STA_ONLY 1418 if (r2 & RT2661_MCU_BEACON_EXPIRE) 1419 rt2661_mcu_beacon_expire(sc); 1420 #endif 1421 1422 if (r2 & RT2661_MCU_WAKEUP) 1423 rt2661_mcu_wakeup(sc); 1424 1425 /* re-enable MAC and MCU interrupts */ 1426 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 1427 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 1428 1429 return 1; 1430 } 1431 1432 /* quickly determine if a given rate is CCK or OFDM */ 1433 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1434 1435 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */ 1436 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */ 1437 1438 /* 1439 * This function is only used by the Rx radiotap code. It returns the rate at 1440 * which a given frame was received. 1441 */ 1442 #if NBPFILTER > 0 1443 uint8_t 1444 rt2661_rxrate(const struct rt2661_rx_desc *desc) 1445 { 1446 if (letoh32(desc->flags) & RT2661_RX_OFDM) { 1447 /* reverse function of rt2661_plcp_signal */ 1448 switch (desc->rate & 0xf) { 1449 case 0xb: return 12; 1450 case 0xf: return 18; 1451 case 0xa: return 24; 1452 case 0xe: return 36; 1453 case 0x9: return 48; 1454 case 0xd: return 72; 1455 case 0x8: return 96; 1456 case 0xc: return 108; 1457 } 1458 } else { 1459 if (desc->rate == 10) 1460 return 2; 1461 if (desc->rate == 20) 1462 return 4; 1463 if (desc->rate == 55) 1464 return 11; 1465 if (desc->rate == 110) 1466 return 22; 1467 } 1468 return 2; /* should not get there */ 1469 } 1470 #endif 1471 1472 /* 1473 * Return the expected ack rate for a frame transmitted at rate `rate'. 1474 */ 1475 int 1476 rt2661_ack_rate(struct ieee80211com *ic, int rate) 1477 { 1478 switch (rate) { 1479 /* CCK rates */ 1480 case 2: 1481 return 2; 1482 case 4: 1483 case 11: 1484 case 22: 1485 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate; 1486 1487 /* OFDM rates */ 1488 case 12: 1489 case 18: 1490 return 12; 1491 case 24: 1492 case 36: 1493 return 24; 1494 case 48: 1495 case 72: 1496 case 96: 1497 case 108: 1498 return 48; 1499 } 1500 1501 /* default to 1Mbps */ 1502 return 2; 1503 } 1504 1505 /* 1506 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'. 1507 * The function automatically determines the operating mode depending on the 1508 * given rate. `flags' indicates whether short preamble is in use or not. 1509 */ 1510 uint16_t 1511 rt2661_txtime(int len, int rate, uint32_t flags) 1512 { 1513 uint16_t txtime; 1514 1515 if (RAL_RATE_IS_OFDM(rate)) { 1516 /* IEEE Std 802.11g-2003, pp. 44 */ 1517 txtime = (8 + 4 * len + 3 + rate - 1) / rate; 1518 txtime = 16 + 4 + 4 * txtime + 6; 1519 } else { 1520 /* IEEE Std 802.11b-1999, pp. 28 */ 1521 txtime = (16 * len + rate - 1) / rate; 1522 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE)) 1523 txtime += 72 + 24; 1524 else 1525 txtime += 144 + 48; 1526 } 1527 return txtime; 1528 } 1529 1530 uint8_t 1531 rt2661_plcp_signal(int rate) 1532 { 1533 switch (rate) { 1534 /* CCK rates (returned values are device-dependent) */ 1535 case 2: return 0x0; 1536 case 4: return 0x1; 1537 case 11: return 0x2; 1538 case 22: return 0x3; 1539 1540 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1541 case 12: return 0xb; 1542 case 18: return 0xf; 1543 case 24: return 0xa; 1544 case 36: return 0xe; 1545 case 48: return 0x9; 1546 case 72: return 0xd; 1547 case 96: return 0x8; 1548 case 108: return 0xc; 1549 1550 /* unsupported rates (should not get there) */ 1551 default: return 0xff; 1552 } 1553 } 1554 1555 void 1556 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc, 1557 uint32_t flags, uint16_t xflags, int len, int rate, 1558 const bus_dma_segment_t *segs, int nsegs, int ac, u_int8_t amrr_id) 1559 { 1560 struct ieee80211com *ic = &sc->sc_ic; 1561 uint16_t plcp_length; 1562 int i, remainder; 1563 1564 desc->flags = htole32(flags); 1565 desc->flags |= htole32(len << 16); 1566 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID); 1567 1568 desc->xflags = htole16(xflags); 1569 desc->xflags |= htole16(nsegs << 13); 1570 1571 desc->wme = htole16( 1572 RT2661_QID(ac) | 1573 RT2661_AIFSN(2) | 1574 RT2661_LOGCWMIN(4) | 1575 RT2661_LOGCWMAX(10)); 1576 1577 /* 1578 * Remember the ID of the AMRR node to update when Tx completes. 1579 * This field is driver private data only. It will be made available 1580 * by the NIC in STA_CSR4 on Tx interrupts. 1581 */ 1582 desc->priv_data = amrr_id; 1583 1584 /* setup PLCP fields */ 1585 desc->plcp_signal = rt2661_plcp_signal(rate); 1586 desc->plcp_service = 4; 1587 1588 len += IEEE80211_CRC_LEN; 1589 if (RAL_RATE_IS_OFDM(rate)) { 1590 desc->flags |= htole32(RT2661_TX_OFDM); 1591 1592 plcp_length = len & 0xfff; 1593 desc->plcp_length_hi = plcp_length >> 6; 1594 desc->plcp_length_lo = plcp_length & 0x3f; 1595 } else { 1596 plcp_length = (16 * len + rate - 1) / rate; 1597 if (rate == 22) { 1598 remainder = (16 * len) % 22; 1599 if (remainder != 0 && remainder < 7) 1600 desc->plcp_service |= RT2661_PLCP_LENGEXT; 1601 } 1602 desc->plcp_length_hi = plcp_length >> 8; 1603 desc->plcp_length_lo = plcp_length & 0xff; 1604 1605 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 1606 desc->plcp_signal |= 0x08; 1607 } 1608 1609 /* RT2x61 supports scatter with up to 5 segments */ 1610 for (i = 0; i < nsegs; i++) { 1611 desc->addr[i] = htole32(segs[i].ds_addr); 1612 desc->len [i] = htole16(segs[i].ds_len); 1613 } 1614 } 1615 1616 int 1617 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0, 1618 struct ieee80211_node *ni) 1619 { 1620 struct ieee80211com *ic = &sc->sc_ic; 1621 struct rt2661_tx_desc *desc; 1622 struct rt2661_tx_data *data; 1623 struct ieee80211_frame *wh; 1624 uint16_t dur; 1625 uint32_t flags = 0; 1626 int rate, error; 1627 1628 desc = &sc->mgtq.desc[sc->mgtq.cur]; 1629 data = &sc->mgtq.data[sc->mgtq.cur]; 1630 1631 /* send mgt frames at the lowest available rate */ 1632 rate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2; 1633 1634 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1635 BUS_DMA_NOWAIT); 1636 if (error != 0) { 1637 printf("%s: can't map mbuf (error %d)\n", 1638 sc->sc_dev.dv_xname, error); 1639 m_freem(m0); 1640 return error; 1641 } 1642 1643 #if NBPFILTER > 0 1644 if (sc->sc_drvbpf != NULL) { 1645 struct mbuf mb; 1646 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1647 1648 tap->wt_flags = 0; 1649 tap->wt_rate = rate; 1650 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq); 1651 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags); 1652 1653 mb.m_data = (caddr_t)tap; 1654 mb.m_len = sc->sc_txtap_len; 1655 mb.m_next = m0; 1656 mb.m_nextpkt = NULL; 1657 mb.m_type = 0; 1658 mb.m_flags = 0; 1659 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1660 } 1661 #endif 1662 1663 data->m = m0; 1664 data->ni = ni; 1665 1666 wh = mtod(m0, struct ieee80211_frame *); 1667 1668 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1669 flags |= RT2661_TX_NEED_ACK; 1670 1671 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + 1672 sc->sifs; 1673 *(uint16_t *)wh->i_dur = htole16(dur); 1674 1675 #ifndef IEEE80211_STA_ONLY 1676 /* tell hardware to set timestamp in probe responses */ 1677 if ((wh->i_fc[0] & 1678 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1679 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1680 flags |= RT2661_TX_TIMESTAMP; 1681 #endif 1682 } 1683 1684 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */, 1685 m0->m_pkthdr.len, rate, data->map->dm_segs, data->map->dm_nsegs, 1686 RT2661_QID_MGT, RT2661_AMRR_INVALID_ID); 1687 1688 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1689 BUS_DMASYNC_PREWRITE); 1690 bus_dmamap_sync(sc->sc_dmat, sc->mgtq.map, 1691 sc->mgtq.cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1692 BUS_DMASYNC_PREWRITE); 1693 1694 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n", 1695 m0->m_pkthdr.len, sc->mgtq.cur, rate)); 1696 1697 /* kick mgt */ 1698 sc->mgtq.queued++; 1699 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT; 1700 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT); 1701 1702 return 0; 1703 } 1704 1705 int 1706 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0, 1707 struct ieee80211_node *ni, int ac) 1708 { 1709 struct ieee80211com *ic = &sc->sc_ic; 1710 struct rt2661_tx_ring *txq = &sc->txq[ac]; 1711 struct rt2661_node *rn; 1712 struct rt2661_tx_desc *desc; 1713 struct rt2661_tx_data *data; 1714 struct ieee80211_frame *wh; 1715 struct ieee80211_key *k; 1716 struct mbuf *m1; 1717 uint16_t dur; 1718 uint32_t flags = 0; 1719 int pktlen, rate, needcts = 0, needrts = 0, error; 1720 1721 rn = ((ni == ic->ic_bss) ? NULL : (struct rt2661_node *)ni); 1722 wh = mtod(m0, struct ieee80211_frame *); 1723 1724 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1725 k = ieee80211_get_txkey(ic, wh, ni); 1726 1727 if ((m0 = ieee80211_encrypt(ic, m0, k)) == NULL) 1728 return ENOBUFS; 1729 1730 /* packet header may have moved, reset our local pointer */ 1731 wh = mtod(m0, struct ieee80211_frame *); 1732 } 1733 1734 /* compute actual packet length (including CRC and crypto overhead) */ 1735 pktlen = m0->m_pkthdr.len + IEEE80211_CRC_LEN; 1736 1737 /* pickup a rate */ 1738 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1739 /* multicast frames are sent at the lowest avail. rate */ 1740 rate = ni->ni_rates.rs_rates[0]; 1741 } else if (ic->ic_fixed_rate != -1) { 1742 rate = ic->ic_sup_rates[ic->ic_curmode]. 1743 rs_rates[ic->ic_fixed_rate]; 1744 } else 1745 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1746 if (rate == 0) 1747 rate = 2; /* XXX should not happen */ 1748 rate &= IEEE80211_RATE_VAL; 1749 1750 /* 1751 * Packet Bursting: backoff after ppb=8 frames to give other STAs a 1752 * chance to contend for the wireless medium. 1753 */ 1754 if (ic->ic_opmode == IEEE80211_M_STA && (ni->ni_txseq & 7)) 1755 flags |= RT2661_TX_IFS_SIFS; 1756 1757 /* check if RTS/CTS or CTS-to-self protection must be used */ 1758 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1759 /* multicast frames are not sent at OFDM rates in 802.11b/g */ 1760 if (pktlen > ic->ic_rtsthreshold) { 1761 needrts = 1; /* RTS/CTS based on frame length */ 1762 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1763 RAL_RATE_IS_OFDM(rate)) { 1764 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 1765 needcts = 1; /* CTS-to-self */ 1766 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 1767 needrts = 1; /* RTS/CTS */ 1768 } 1769 } 1770 if (needrts || needcts) { 1771 struct mbuf *mprot; 1772 int protrate, ackrate; 1773 1774 protrate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2; 1775 ackrate = rt2661_ack_rate(ic, rate); 1776 1777 dur = rt2661_txtime(pktlen, rate, ic->ic_flags) + 1778 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) + 1779 2 * sc->sifs; 1780 if (needrts) { 1781 dur += rt2661_txtime(RAL_CTS_SIZE, rt2661_ack_rate(ic, 1782 protrate), ic->ic_flags) + sc->sifs; 1783 mprot = ieee80211_get_rts(ic, wh, dur); 1784 } else { 1785 mprot = ieee80211_get_cts_to_self(ic, dur); 1786 } 1787 if (mprot == NULL) { 1788 printf("%s: could not allocate protection frame\n", 1789 sc->sc_dev.dv_xname); 1790 m_freem(m0); 1791 return ENOBUFS; 1792 } 1793 1794 desc = &txq->desc[txq->cur]; 1795 data = &txq->data[txq->cur]; 1796 1797 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, mprot, 1798 BUS_DMA_NOWAIT); 1799 if (error != 0) { 1800 printf("%s: can't map mbuf (error %d)\n", 1801 sc->sc_dev.dv_xname, error); 1802 m_freem(mprot); 1803 m_freem(m0); 1804 return error; 1805 } 1806 1807 data->m = mprot; 1808 /* avoid multiple free() of the same node for each fragment */ 1809 data->ni = ieee80211_ref_node(ni); 1810 1811 /* XXX may want to pass the protection frame to BPF */ 1812 1813 rt2661_setup_tx_desc(sc, desc, 1814 (needrts ? RT2661_TX_NEED_ACK : 0) | RT2661_TX_MORE_FRAG, 1815 0, mprot->m_pkthdr.len, protrate, data->map->dm_segs, 1816 data->map->dm_nsegs, ac, 1817 (rn && rn->amn) ? rn->amn->id : RT2661_AMRR_INVALID_ID); 1818 1819 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1820 data->map->dm_mapsize, BUS_DMASYNC_PREWRITE); 1821 bus_dmamap_sync(sc->sc_dmat, txq->map, 1822 txq->cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE, 1823 BUS_DMASYNC_PREWRITE); 1824 1825 txq->queued++; 1826 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1827 1828 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS_SIFS; 1829 } 1830 1831 data = &txq->data[txq->cur]; 1832 desc = &txq->desc[txq->cur]; 1833 1834 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1835 BUS_DMA_NOWAIT); 1836 if (error != 0 && error != EFBIG) { 1837 printf("%s: can't map mbuf (error %d)\n", 1838 sc->sc_dev.dv_xname, error); 1839 m_freem(m0); 1840 return error; 1841 } 1842 if (error != 0) { 1843 /* too many fragments, linearize */ 1844 MGETHDR(m1, M_DONTWAIT, MT_DATA); 1845 if (m1 == NULL) { 1846 m_freem(m0); 1847 return ENOBUFS; 1848 } 1849 if (m0->m_pkthdr.len > MHLEN) { 1850 MCLGET(m1, M_DONTWAIT); 1851 if (!(m1->m_flags & M_EXT)) { 1852 m_freem(m0); 1853 m_freem(m1); 1854 return ENOBUFS; 1855 } 1856 } 1857 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m1, caddr_t)); 1858 m1->m_pkthdr.len = m1->m_len = m0->m_pkthdr.len; 1859 m_freem(m0); 1860 m0 = m1; 1861 1862 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1863 BUS_DMA_NOWAIT); 1864 if (error != 0) { 1865 printf("%s: can't map mbuf (error %d)\n", 1866 sc->sc_dev.dv_xname, error); 1867 m_freem(m0); 1868 return error; 1869 } 1870 1871 /* packet header have moved, reset our local pointer */ 1872 wh = mtod(m0, struct ieee80211_frame *); 1873 } 1874 1875 #if NBPFILTER > 0 1876 if (sc->sc_drvbpf != NULL) { 1877 struct mbuf mb; 1878 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap; 1879 1880 tap->wt_flags = 0; 1881 tap->wt_rate = rate; 1882 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq); 1883 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags); 1884 1885 mb.m_data = (caddr_t)tap; 1886 mb.m_len = sc->sc_txtap_len; 1887 mb.m_next = m0; 1888 mb.m_nextpkt = NULL; 1889 mb.m_type = 0; 1890 mb.m_flags = 0; 1891 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1892 } 1893 #endif 1894 1895 data->m = m0; 1896 data->ni = ni; 1897 1898 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1899 flags |= RT2661_TX_NEED_ACK; 1900 1901 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate), 1902 ic->ic_flags) + sc->sifs; 1903 *(uint16_t *)wh->i_dur = htole16(dur); 1904 } 1905 1906 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, 1907 data->map->dm_segs, data->map->dm_nsegs, ac, 1908 (rn && rn->amn) ? rn->amn->id : RT2661_AMRR_INVALID_ID); 1909 1910 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1911 BUS_DMASYNC_PREWRITE); 1912 bus_dmamap_sync(sc->sc_dmat, txq->map, txq->cur * RT2661_TX_DESC_SIZE, 1913 RT2661_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE); 1914 1915 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n", 1916 m0->m_pkthdr.len, txq->cur, rate)); 1917 1918 /* kick Tx */ 1919 txq->queued++; 1920 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT; 1921 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1); 1922 1923 return 0; 1924 } 1925 1926 void 1927 rt2661_start(struct ifnet *ifp) 1928 { 1929 struct rt2661_softc *sc = ifp->if_softc; 1930 struct ieee80211com *ic = &sc->sc_ic; 1931 struct mbuf *m0; 1932 struct ieee80211_node *ni; 1933 1934 /* 1935 * net80211 may still try to send management frames even if the 1936 * IFF_RUNNING flag is not set... 1937 */ 1938 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1939 return; 1940 1941 for (;;) { 1942 IF_POLL(&ic->ic_mgtq, m0); 1943 if (m0 != NULL) { 1944 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) { 1945 ifp->if_flags |= IFF_OACTIVE; 1946 break; 1947 } 1948 IF_DEQUEUE(&ic->ic_mgtq, m0); 1949 1950 ni = m0->m_pkthdr.ph_cookie; 1951 #if NBPFILTER > 0 1952 if (ic->ic_rawbpf != NULL) 1953 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1954 #endif 1955 if (rt2661_tx_mgt(sc, m0, ni) != 0) 1956 break; 1957 1958 } else { 1959 if (ic->ic_state != IEEE80211_S_RUN) 1960 break; 1961 IFQ_POLL(&ifp->if_snd, m0); 1962 if (m0 == NULL) 1963 break; 1964 if (sc->txq[0].queued >= RT2661_TX_RING_COUNT - 1) { 1965 /* there is no place left in this ring */ 1966 ifp->if_flags |= IFF_OACTIVE; 1967 break; 1968 } 1969 IFQ_DEQUEUE(&ifp->if_snd, m0); 1970 #if NBPFILTER > 0 1971 if (ifp->if_bpf != NULL) 1972 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1973 #endif 1974 m0 = ieee80211_encap(ifp, m0, &ni); 1975 if (m0 == NULL) 1976 continue; 1977 #if NBPFILTER > 0 1978 if (ic->ic_rawbpf != NULL) 1979 bpf_mtap(ic->ic_rawbpf, m0, 1980 BPF_DIRECTION_OUT); 1981 #endif 1982 if (rt2661_tx_data(sc, m0, ni, 0) != 0) { 1983 if (ni != NULL) 1984 ieee80211_release_node(ic, ni); 1985 ifp->if_oerrors++; 1986 break; 1987 } 1988 } 1989 1990 sc->sc_tx_timer = 5; 1991 ifp->if_timer = 1; 1992 } 1993 } 1994 1995 void 1996 rt2661_watchdog(struct ifnet *ifp) 1997 { 1998 struct rt2661_softc *sc = ifp->if_softc; 1999 2000 ifp->if_timer = 0; 2001 2002 if (sc->sc_tx_timer > 0) { 2003 if (--sc->sc_tx_timer == 0) { 2004 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 2005 rt2661_init(ifp); 2006 ifp->if_oerrors++; 2007 return; 2008 } 2009 ifp->if_timer = 1; 2010 } 2011 2012 ieee80211_watchdog(ifp); 2013 } 2014 2015 int 2016 rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2017 { 2018 struct rt2661_softc *sc = ifp->if_softc; 2019 struct ieee80211com *ic = &sc->sc_ic; 2020 struct ifaddr *ifa; 2021 struct ifreq *ifr; 2022 int s, error = 0; 2023 2024 s = splnet(); 2025 2026 switch (cmd) { 2027 case SIOCSIFADDR: 2028 ifa = (struct ifaddr *)data; 2029 ifp->if_flags |= IFF_UP; 2030 #ifdef INET 2031 if (ifa->ifa_addr->sa_family == AF_INET) 2032 arp_ifinit(&ic->ic_ac, ifa); 2033 #endif 2034 /* FALLTHROUGH */ 2035 case SIOCSIFFLAGS: 2036 if (ifp->if_flags & IFF_UP) { 2037 if (ifp->if_flags & IFF_RUNNING) 2038 rt2661_update_promisc(sc); 2039 else 2040 rt2661_init(ifp); 2041 } else { 2042 if (ifp->if_flags & IFF_RUNNING) 2043 rt2661_stop(ifp, 1); 2044 } 2045 break; 2046 2047 case SIOCADDMULTI: 2048 case SIOCDELMULTI: 2049 ifr = (struct ifreq *)data; 2050 error = (cmd == SIOCADDMULTI) ? 2051 ether_addmulti(ifr, &ic->ic_ac) : 2052 ether_delmulti(ifr, &ic->ic_ac); 2053 2054 if (error == ENETRESET) 2055 error = 0; 2056 break; 2057 2058 case SIOCS80211CHANNEL: 2059 /* 2060 * This allows for fast channel switching in monitor mode 2061 * (used by kismet). In IBSS mode, we must explicitly reset 2062 * the interface to generate a new beacon frame. 2063 */ 2064 error = ieee80211_ioctl(ifp, cmd, data); 2065 if (error == ENETRESET && 2066 ic->ic_opmode == IEEE80211_M_MONITOR) { 2067 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2068 (IFF_UP | IFF_RUNNING)) 2069 rt2661_set_chan(sc, ic->ic_ibss_chan); 2070 error = 0; 2071 } 2072 break; 2073 2074 default: 2075 error = ieee80211_ioctl(ifp, cmd, data); 2076 } 2077 2078 if (error == ENETRESET) { 2079 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2080 (IFF_UP | IFF_RUNNING)) 2081 rt2661_init(ifp); 2082 error = 0; 2083 } 2084 2085 splx(s); 2086 2087 return error; 2088 } 2089 2090 void 2091 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val) 2092 { 2093 uint32_t tmp; 2094 int ntries; 2095 2096 for (ntries = 0; ntries < 100; ntries++) { 2097 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 2098 break; 2099 DELAY(1); 2100 } 2101 if (ntries == 100) { 2102 printf("%s: could not write to BBP\n", sc->sc_dev.dv_xname); 2103 return; 2104 } 2105 2106 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val; 2107 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp); 2108 2109 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val)); 2110 } 2111 2112 uint8_t 2113 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg) 2114 { 2115 uint32_t val; 2116 int ntries; 2117 2118 for (ntries = 0; ntries < 100; ntries++) { 2119 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY)) 2120 break; 2121 DELAY(1); 2122 } 2123 if (ntries == 100) { 2124 printf("%s: could not read from BBP\n", sc->sc_dev.dv_xname); 2125 return 0; 2126 } 2127 2128 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8; 2129 RAL_WRITE(sc, RT2661_PHY_CSR3, val); 2130 2131 for (ntries = 0; ntries < 100; ntries++) { 2132 val = RAL_READ(sc, RT2661_PHY_CSR3); 2133 if (!(val & RT2661_BBP_BUSY)) 2134 return val & 0xff; 2135 DELAY(1); 2136 } 2137 2138 printf("%s: could not read from BBP\n", sc->sc_dev.dv_xname); 2139 return 0; 2140 } 2141 2142 void 2143 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val) 2144 { 2145 uint32_t tmp; 2146 int ntries; 2147 2148 for (ntries = 0; ntries < 100; ntries++) { 2149 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY)) 2150 break; 2151 DELAY(1); 2152 } 2153 if (ntries == 100) { 2154 printf("%s: could not write to RF\n", sc->sc_dev.dv_xname); 2155 return; 2156 } 2157 2158 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 | 2159 (reg & 3); 2160 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp); 2161 2162 /* remember last written value in sc */ 2163 sc->rf_regs[reg] = val; 2164 2165 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff)); 2166 } 2167 2168 int 2169 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg) 2170 { 2171 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) 2172 return EIO; /* there is already a command pending */ 2173 2174 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 2175 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg); 2176 2177 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd); 2178 2179 return 0; 2180 } 2181 2182 void 2183 rt2661_select_antenna(struct rt2661_softc *sc) 2184 { 2185 uint8_t bbp4, bbp77; 2186 uint32_t tmp; 2187 2188 bbp4 = rt2661_bbp_read(sc, 4); 2189 bbp77 = rt2661_bbp_read(sc, 77); 2190 2191 /* TBD */ 2192 2193 /* make sure Rx is disabled before switching antenna */ 2194 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2195 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2196 2197 rt2661_bbp_write(sc, 4, bbp4); 2198 rt2661_bbp_write(sc, 77, bbp77); 2199 2200 /* restore Rx filter */ 2201 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2202 } 2203 2204 /* 2205 * Enable multi-rate retries for frames sent at OFDM rates. 2206 * In 802.11b/g mode, allow fallback to CCK rates. 2207 */ 2208 void 2209 rt2661_enable_mrr(struct rt2661_softc *sc) 2210 { 2211 struct ieee80211com *ic = &sc->sc_ic; 2212 uint32_t tmp; 2213 2214 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2215 2216 tmp &= ~RT2661_MRR_CCK_FALLBACK; 2217 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) 2218 tmp |= RT2661_MRR_CCK_FALLBACK; 2219 tmp |= RT2661_MRR_ENABLED; 2220 2221 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2222 } 2223 2224 void 2225 rt2661_set_txpreamble(struct rt2661_softc *sc) 2226 { 2227 uint32_t tmp; 2228 2229 tmp = RAL_READ(sc, RT2661_TXRX_CSR4); 2230 2231 tmp &= ~RT2661_SHORT_PREAMBLE; 2232 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2233 tmp |= RT2661_SHORT_PREAMBLE; 2234 2235 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp); 2236 } 2237 2238 void 2239 rt2661_set_basicrates(struct rt2661_softc *sc) 2240 { 2241 struct ieee80211com *ic = &sc->sc_ic; 2242 2243 /* update basic rate set */ 2244 if (ic->ic_curmode == IEEE80211_MODE_11B) { 2245 /* 11b basic rates: 1, 2Mbps */ 2246 RAL_WRITE(sc, RT2661_TXRX_CSR5, 0x3); 2247 } else if (ic->ic_curmode == IEEE80211_MODE_11A) { 2248 /* 11a basic rates: 6, 12, 24Mbps */ 2249 RAL_WRITE(sc, RT2661_TXRX_CSR5, 0x150); 2250 } else { 2251 /* 11b/g basic rates: 1, 2, 5.5, 11Mbps */ 2252 RAL_WRITE(sc, RT2661_TXRX_CSR5, 0xf); 2253 } 2254 } 2255 2256 /* 2257 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference 2258 * driver. 2259 */ 2260 void 2261 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c) 2262 { 2263 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104; 2264 uint32_t tmp; 2265 2266 /* update all BBP registers that depend on the band */ 2267 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c; 2268 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48; 2269 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2270 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c; 2271 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10; 2272 } 2273 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2274 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2275 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10; 2276 } 2277 2278 sc->bbp17 = bbp17; 2279 rt2661_bbp_write(sc, 17, bbp17); 2280 rt2661_bbp_write(sc, 96, bbp96); 2281 rt2661_bbp_write(sc, 104, bbp104); 2282 2283 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) || 2284 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) { 2285 rt2661_bbp_write(sc, 75, 0x80); 2286 rt2661_bbp_write(sc, 86, 0x80); 2287 rt2661_bbp_write(sc, 88, 0x80); 2288 } 2289 2290 rt2661_bbp_write(sc, 35, bbp35); 2291 rt2661_bbp_write(sc, 97, bbp97); 2292 rt2661_bbp_write(sc, 98, bbp98); 2293 2294 tmp = RAL_READ(sc, RT2661_PHY_CSR0); 2295 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ); 2296 if (IEEE80211_IS_CHAN_2GHZ(c)) 2297 tmp |= RT2661_PA_PE_2GHZ; 2298 else 2299 tmp |= RT2661_PA_PE_5GHZ; 2300 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp); 2301 2302 /* 802.11a uses a 16 microseconds short interframe space */ 2303 sc->sifs = IEEE80211_IS_CHAN_5GHZ(c) ? 16 : 10; 2304 } 2305 2306 void 2307 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c) 2308 { 2309 struct ieee80211com *ic = &sc->sc_ic; 2310 const struct rfprog *rfprog; 2311 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT; 2312 int8_t power; 2313 u_int i, chan; 2314 2315 chan = ieee80211_chan2ieee(ic, c); 2316 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2317 return; 2318 2319 /* select the appropriate RF settings based on what EEPROM says */ 2320 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2; 2321 2322 /* find the settings for this channel (we know it exists) */ 2323 for (i = 0; rfprog[i].chan != chan; i++); 2324 2325 power = sc->txpow[i]; 2326 if (power < 0) { 2327 bbp94 += power; 2328 power = 0; 2329 } else if (power > 31) { 2330 bbp94 += power - 31; 2331 power = 31; 2332 } 2333 2334 /* 2335 * If we are switching from the 2GHz band to the 5GHz band or 2336 * vice-versa, BBP registers need to be reprogrammed. 2337 */ 2338 if (c->ic_flags != sc->sc_curchan->ic_flags) { 2339 rt2661_select_band(sc, c); 2340 rt2661_select_antenna(sc); 2341 } 2342 sc->sc_curchan = c; 2343 2344 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2345 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2346 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2347 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2348 2349 DELAY(200); 2350 2351 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2352 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2353 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1); 2354 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2355 2356 DELAY(200); 2357 2358 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1); 2359 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2); 2360 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7); 2361 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10); 2362 2363 /* enable smart mode for MIMO-capable RFs */ 2364 bbp3 = rt2661_bbp_read(sc, 3); 2365 2366 bbp3 &= ~RT2661_SMART_MODE; 2367 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529) 2368 bbp3 |= RT2661_SMART_MODE; 2369 2370 rt2661_bbp_write(sc, 3, bbp3); 2371 2372 if (bbp94 != RT2661_BBPR94_DEFAULT) 2373 rt2661_bbp_write(sc, 94, bbp94); 2374 2375 /* 5GHz radio needs a 1ms delay here */ 2376 if (IEEE80211_IS_CHAN_5GHZ(c)) 2377 DELAY(1000); 2378 } 2379 2380 void 2381 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid) 2382 { 2383 uint32_t tmp; 2384 2385 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24; 2386 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp); 2387 2388 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16; 2389 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp); 2390 } 2391 2392 void 2393 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr) 2394 { 2395 uint32_t tmp; 2396 2397 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24; 2398 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp); 2399 2400 tmp = addr[4] | addr[5] << 8 | 0xff << 16; 2401 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp); 2402 } 2403 2404 void 2405 rt2661_update_promisc(struct rt2661_softc *sc) 2406 { 2407 struct ifnet *ifp = &sc->sc_ic.ic_if; 2408 uint32_t tmp; 2409 2410 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2411 2412 tmp &= ~RT2661_DROP_NOT_TO_ME; 2413 if (!(ifp->if_flags & IFF_PROMISC)) 2414 tmp |= RT2661_DROP_NOT_TO_ME; 2415 2416 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2417 2418 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 2419 "entering" : "leaving")); 2420 } 2421 2422 void 2423 rt2661_updateslot(struct ieee80211com *ic) 2424 { 2425 struct rt2661_softc *sc = ic->ic_if.if_softc; 2426 2427 #ifndef IEEE80211_STA_ONLY 2428 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2429 /* 2430 * In HostAP mode, we defer setting of new slot time until 2431 * updated ERP Information Element has propagated to all 2432 * associated STAs. 2433 */ 2434 sc->sc_flags |= RT2661_UPDATE_SLOT; 2435 } else 2436 #endif 2437 rt2661_set_slottime(sc); 2438 } 2439 2440 void 2441 rt2661_set_slottime(struct rt2661_softc *sc) 2442 { 2443 struct ieee80211com *ic = &sc->sc_ic; 2444 uint8_t slottime; 2445 uint32_t tmp; 2446 2447 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2448 2449 tmp = RAL_READ(sc, RT2661_MAC_CSR9); 2450 tmp = (tmp & ~0xff) | slottime; 2451 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp); 2452 2453 DPRINTF(("setting slot time to %uus\n", slottime)); 2454 } 2455 2456 const char * 2457 rt2661_get_rf(int rev) 2458 { 2459 switch (rev) { 2460 case RT2661_RF_5225: return "RT5225"; 2461 case RT2661_RF_5325: return "RT5325 (MIMO XR)"; 2462 case RT2661_RF_2527: return "RT2527"; 2463 case RT2661_RF_2529: return "RT2529 (MIMO XR)"; 2464 default: return "unknown"; 2465 } 2466 } 2467 2468 void 2469 rt2661_read_eeprom(struct rt2661_softc *sc) 2470 { 2471 struct ieee80211com *ic = &sc->sc_ic; 2472 uint16_t val; 2473 int i; 2474 2475 /* read MAC address */ 2476 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01); 2477 ic->ic_myaddr[0] = val & 0xff; 2478 ic->ic_myaddr[1] = val >> 8; 2479 2480 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23); 2481 ic->ic_myaddr[2] = val & 0xff; 2482 ic->ic_myaddr[3] = val >> 8; 2483 2484 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45); 2485 ic->ic_myaddr[4] = val & 0xff; 2486 ic->ic_myaddr[5] = val >> 8; 2487 2488 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA); 2489 /* XXX: test if different from 0xffff? */ 2490 sc->rf_rev = (val >> 11) & 0x1f; 2491 sc->hw_radio = (val >> 10) & 0x1; 2492 sc->rx_ant = (val >> 4) & 0x3; 2493 sc->tx_ant = (val >> 2) & 0x3; 2494 sc->nb_ant = val & 0x3; 2495 2496 DPRINTF(("RF revision=%d\n", sc->rf_rev)); 2497 2498 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2); 2499 sc->ext_5ghz_lna = (val >> 6) & 0x1; 2500 sc->ext_2ghz_lna = (val >> 4) & 0x1; 2501 2502 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n", 2503 sc->ext_2ghz_lna, sc->ext_5ghz_lna)); 2504 2505 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET); 2506 if ((val & 0xff) != 0xff) 2507 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */ 2508 2509 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET); 2510 if ((val & 0xff) != 0xff) 2511 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */ 2512 2513 /* adjust RSSI correction for external low-noise amplifier */ 2514 if (sc->ext_2ghz_lna) 2515 sc->rssi_2ghz_corr -= 14; 2516 if (sc->ext_5ghz_lna) 2517 sc->rssi_5ghz_corr -= 14; 2518 2519 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n", 2520 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr)); 2521 2522 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET); 2523 if ((val >> 8) != 0xff) 2524 sc->rfprog = (val >> 8) & 0x3; 2525 if ((val & 0xff) != 0xff) 2526 sc->rffreq = val & 0xff; 2527 2528 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq)); 2529 2530 /* read Tx power for all a/b/g channels */ 2531 for (i = 0; i < 19; i++) { 2532 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i); 2533 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */ 2534 DPRINTF(("Channel=%d Tx power=%d\n", 2535 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2])); 2536 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */ 2537 DPRINTF(("Channel=%d Tx power=%d\n", 2538 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1])); 2539 } 2540 2541 /* read vendor-specific BBP values */ 2542 for (i = 0; i < 16; i++) { 2543 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i); 2544 if (val == 0 || val == 0xffff) 2545 continue; /* skip invalid entries */ 2546 sc->bbp_prom[i].reg = val >> 8; 2547 sc->bbp_prom[i].val = val & 0xff; 2548 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg, 2549 sc->bbp_prom[i].val)); 2550 } 2551 } 2552 2553 int 2554 rt2661_bbp_init(struct rt2661_softc *sc) 2555 { 2556 int i, ntries; 2557 2558 /* wait for BBP to be ready */ 2559 for (ntries = 0; ntries < 100; ntries++) { 2560 const uint8_t val = rt2661_bbp_read(sc, 0); 2561 if (val != 0 && val != 0xff) 2562 break; 2563 DELAY(100); 2564 } 2565 if (ntries == 100) { 2566 printf("%s: timeout waiting for BBP\n", sc->sc_dev.dv_xname); 2567 return EIO; 2568 } 2569 2570 /* initialize BBP registers to default values */ 2571 for (i = 0; i < nitems(rt2661_def_bbp); i++) { 2572 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg, 2573 rt2661_def_bbp[i].val); 2574 } 2575 2576 /* write vendor-specific BBP values (from EEPROM) */ 2577 for (i = 0; i < 16; i++) { 2578 if (sc->bbp_prom[i].reg == 0) 2579 continue; 2580 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val); 2581 } 2582 2583 return 0; 2584 } 2585 2586 int 2587 rt2661_init(struct ifnet *ifp) 2588 { 2589 struct rt2661_softc *sc = ifp->if_softc; 2590 struct ieee80211com *ic = &sc->sc_ic; 2591 uint32_t tmp, sta[3]; 2592 int i, ntries; 2593 2594 /* for CardBus, power on the socket */ 2595 if (!(sc->sc_flags & RT2661_ENABLED)) { 2596 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 2597 printf("%s: could not enable device\n", 2598 sc->sc_dev.dv_xname); 2599 return EIO; 2600 } 2601 sc->sc_flags |= RT2661_ENABLED; 2602 } 2603 2604 rt2661_stop(ifp, 0); 2605 2606 if (!(sc->sc_flags & RT2661_FWLOADED)) { 2607 if (rt2661_load_microcode(sc) != 0) { 2608 printf("%s: could not load 8051 microcode\n", 2609 sc->sc_dev.dv_xname); 2610 rt2661_stop(ifp, 1); 2611 return EIO; 2612 } 2613 sc->sc_flags |= RT2661_FWLOADED; 2614 } 2615 2616 /* initialize Tx rings */ 2617 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr); 2618 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr); 2619 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr); 2620 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr); 2621 2622 /* initialize Mgt ring */ 2623 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr); 2624 2625 /* initialize Rx ring */ 2626 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr); 2627 2628 /* initialize Tx rings sizes */ 2629 RAL_WRITE(sc, RT2661_TX_RING_CSR0, 2630 RT2661_TX_RING_COUNT << 24 | 2631 RT2661_TX_RING_COUNT << 16 | 2632 RT2661_TX_RING_COUNT << 8 | 2633 RT2661_TX_RING_COUNT); 2634 2635 RAL_WRITE(sc, RT2661_TX_RING_CSR1, 2636 RT2661_TX_DESC_WSIZE << 16 | 2637 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */ 2638 RT2661_MGT_RING_COUNT); 2639 2640 /* initialize Rx rings */ 2641 RAL_WRITE(sc, RT2661_RX_RING_CSR, 2642 RT2661_RX_DESC_BACK << 16 | 2643 RT2661_RX_DESC_WSIZE << 8 | 2644 RT2661_RX_RING_COUNT); 2645 2646 /* XXX: some magic here */ 2647 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa); 2648 2649 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */ 2650 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f); 2651 2652 /* load base address of Rx ring */ 2653 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2); 2654 2655 /* initialize MAC registers to default values */ 2656 for (i = 0; i < nitems(rt2661_def_mac); i++) 2657 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val); 2658 2659 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2660 rt2661_set_macaddr(sc, ic->ic_myaddr); 2661 2662 /* set host ready */ 2663 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2664 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2665 2666 /* wait for BBP/RF to wakeup */ 2667 for (ntries = 0; ntries < 1000; ntries++) { 2668 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8) 2669 break; 2670 DELAY(1000); 2671 } 2672 if (ntries == 1000) { 2673 printf("timeout waiting for BBP/RF to wakeup\n"); 2674 rt2661_stop(ifp, 1); 2675 return EIO; 2676 } 2677 2678 if (rt2661_bbp_init(sc) != 0) { 2679 rt2661_stop(ifp, 1); 2680 return EIO; 2681 } 2682 2683 /* select default channel */ 2684 sc->sc_curchan = ic->ic_bss->ni_chan = ic->ic_ibss_chan; 2685 rt2661_select_band(sc, sc->sc_curchan); 2686 rt2661_select_antenna(sc); 2687 rt2661_set_chan(sc, sc->sc_curchan); 2688 2689 /* update Rx filter */ 2690 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff; 2691 2692 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR; 2693 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 2694 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR | 2695 RT2661_DROP_ACKCTS; 2696 #ifndef IEEE80211_STA_ONLY 2697 if (ic->ic_opmode != IEEE80211_M_HOSTAP) 2698 #endif 2699 tmp |= RT2661_DROP_TODS; 2700 if (!(ifp->if_flags & IFF_PROMISC)) 2701 tmp |= RT2661_DROP_NOT_TO_ME; 2702 } 2703 2704 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2705 2706 /* clear STA registers */ 2707 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, nitems(sta)); 2708 2709 /* initialize ASIC */ 2710 RAL_WRITE(sc, RT2661_MAC_CSR1, 4); 2711 2712 /* clear any pending interrupt */ 2713 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2714 2715 /* enable interrupts */ 2716 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10); 2717 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0); 2718 2719 /* kick Rx */ 2720 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1); 2721 2722 ifp->if_flags &= ~IFF_OACTIVE; 2723 ifp->if_flags |= IFF_RUNNING; 2724 2725 if (ic->ic_opmode != IEEE80211_M_MONITOR) 2726 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 2727 else 2728 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 2729 2730 return 0; 2731 } 2732 2733 void 2734 rt2661_stop(struct ifnet *ifp, int disable) 2735 { 2736 struct rt2661_softc *sc = ifp->if_softc; 2737 struct ieee80211com *ic = &sc->sc_ic; 2738 uint32_t tmp; 2739 int ac; 2740 2741 sc->sc_tx_timer = 0; 2742 ifp->if_timer = 0; 2743 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2744 2745 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 2746 rt2661_amrr_node_free_all(sc); 2747 2748 /* abort Tx (for all 5 Tx rings) */ 2749 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16); 2750 2751 /* disable Rx (value remains after reset!) */ 2752 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2753 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2754 2755 /* reset ASIC */ 2756 RAL_WRITE(sc, RT2661_MAC_CSR1, 3); 2757 RAL_WRITE(sc, RT2661_MAC_CSR1, 0); 2758 2759 /* disable interrupts */ 2760 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f); 2761 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff); 2762 2763 /* clear any pending interrupt */ 2764 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff); 2765 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff); 2766 2767 /* reset Tx and Rx rings */ 2768 for (ac = 0; ac < 4; ac++) 2769 rt2661_reset_tx_ring(sc, &sc->txq[ac]); 2770 rt2661_reset_tx_ring(sc, &sc->mgtq); 2771 rt2661_reset_rx_ring(sc, &sc->rxq); 2772 2773 /* for CardBus, power down the socket */ 2774 if (disable && sc->sc_disable != NULL) { 2775 if (sc->sc_flags & RT2661_ENABLED) { 2776 (*sc->sc_disable)(sc); 2777 sc->sc_flags &= ~(RT2661_ENABLED | RT2661_FWLOADED); 2778 } 2779 } 2780 } 2781 2782 int 2783 rt2661_load_microcode(struct rt2661_softc *sc) 2784 { 2785 int ntries; 2786 2787 /* reset 8051 */ 2788 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2789 2790 /* cancel any pending Host to MCU command */ 2791 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0); 2792 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff); 2793 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0); 2794 2795 /* write 8051's microcode */ 2796 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL); 2797 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, sc->ucode, sc->ucsize); 2798 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET); 2799 2800 /* kick 8051's ass */ 2801 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0); 2802 2803 /* wait for 8051 to initialize */ 2804 for (ntries = 0; ntries < 500; ntries++) { 2805 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY) 2806 break; 2807 DELAY(100); 2808 } 2809 if (ntries == 500) { 2810 printf("%s: timeout waiting for MCU to initialize\n", 2811 sc->sc_dev.dv_xname); 2812 return EIO; 2813 } 2814 return 0; 2815 } 2816 2817 /* 2818 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and 2819 * false CCA count. This function is called periodically (every seconds) when 2820 * in the RUN state. Values taken from the reference driver. 2821 */ 2822 void 2823 rt2661_rx_tune(struct rt2661_softc *sc) 2824 { 2825 uint8_t bbp17; 2826 uint16_t cca; 2827 int lo, hi, dbm; 2828 2829 /* 2830 * Tuning range depends on operating band and on the presence of an 2831 * external low-noise amplifier. 2832 */ 2833 lo = 0x20; 2834 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan)) 2835 lo += 0x08; 2836 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) || 2837 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna)) 2838 lo += 0x10; 2839 hi = lo + 0x20; 2840 2841 dbm = sc->avg_rssi; 2842 /* retrieve false CCA count since last call (clear on read) */ 2843 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff; 2844 2845 DPRINTFN(2, ("RSSI=%ddBm false CCA=%d\n", dbm, cca)); 2846 2847 if (dbm < -74) { 2848 /* very bad RSSI, tune using false CCA count */ 2849 bbp17 = sc->bbp17; /* current value */ 2850 2851 hi -= 2 * (-74 - dbm); 2852 if (hi < lo) 2853 hi = lo; 2854 2855 if (bbp17 > hi) 2856 bbp17 = hi; 2857 else if (cca > 512) 2858 bbp17 = min(bbp17 + 1, hi); 2859 else if (cca < 100) 2860 bbp17 = max(bbp17 - 1, lo); 2861 2862 } else if (dbm < -66) { 2863 bbp17 = lo + 0x08; 2864 } else if (dbm < -58) { 2865 bbp17 = lo + 0x10; 2866 } else if (dbm < -35) { 2867 bbp17 = hi; 2868 } else { /* very good RSSI >= -35dBm */ 2869 bbp17 = 0x60; /* very low sensitivity */ 2870 } 2871 2872 if (bbp17 != sc->bbp17) { 2873 DPRINTF(("BBP17 %x->%x\n", sc->bbp17, bbp17)); 2874 rt2661_bbp_write(sc, 17, bbp17); 2875 sc->bbp17 = bbp17; 2876 } 2877 } 2878 2879 #ifdef notyet 2880 /* 2881 * Enter/Leave radar detection mode. 2882 * This is for 802.11h additional regulatory domains. 2883 */ 2884 void 2885 rt2661_radar_start(struct rt2661_softc *sc) 2886 { 2887 uint32_t tmp; 2888 2889 /* disable Rx */ 2890 tmp = RAL_READ(sc, RT2661_TXRX_CSR0); 2891 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX); 2892 2893 rt2661_bbp_write(sc, 82, 0x20); 2894 rt2661_bbp_write(sc, 83, 0x00); 2895 rt2661_bbp_write(sc, 84, 0x40); 2896 2897 /* save current BBP registers values */ 2898 sc->bbp18 = rt2661_bbp_read(sc, 18); 2899 sc->bbp21 = rt2661_bbp_read(sc, 21); 2900 sc->bbp22 = rt2661_bbp_read(sc, 22); 2901 sc->bbp16 = rt2661_bbp_read(sc, 16); 2902 sc->bbp17 = rt2661_bbp_read(sc, 17); 2903 sc->bbp64 = rt2661_bbp_read(sc, 64); 2904 2905 rt2661_bbp_write(sc, 18, 0xff); 2906 rt2661_bbp_write(sc, 21, 0x3f); 2907 rt2661_bbp_write(sc, 22, 0x3f); 2908 rt2661_bbp_write(sc, 16, 0xbd); 2909 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34); 2910 rt2661_bbp_write(sc, 64, 0x21); 2911 2912 /* restore Rx filter */ 2913 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp); 2914 } 2915 2916 int 2917 rt2661_radar_stop(struct rt2661_softc *sc) 2918 { 2919 uint8_t bbp66; 2920 2921 /* read radar detection result */ 2922 bbp66 = rt2661_bbp_read(sc, 66); 2923 2924 /* restore BBP registers values */ 2925 rt2661_bbp_write(sc, 16, sc->bbp16); 2926 rt2661_bbp_write(sc, 17, sc->bbp17); 2927 rt2661_bbp_write(sc, 18, sc->bbp18); 2928 rt2661_bbp_write(sc, 21, sc->bbp21); 2929 rt2661_bbp_write(sc, 22, sc->bbp22); 2930 rt2661_bbp_write(sc, 64, sc->bbp64); 2931 2932 return bbp66 == 1; 2933 } 2934 #endif 2935 2936 #ifndef IEEE80211_STA_ONLY 2937 int 2938 rt2661_prepare_beacon(struct rt2661_softc *sc) 2939 { 2940 struct ieee80211com *ic = &sc->sc_ic; 2941 struct ieee80211_node *ni = ic->ic_bss; 2942 struct rt2661_tx_desc desc; 2943 struct mbuf *m0; 2944 int rate; 2945 2946 m0 = ieee80211_beacon_alloc(ic, ni); 2947 if (m0 == NULL) { 2948 printf("%s: could not allocate beacon frame\n", 2949 sc->sc_dev.dv_xname); 2950 return ENOBUFS; 2951 } 2952 2953 /* send beacons at the lowest available rate */ 2954 rate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2; 2955 2956 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ, 2957 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT, 2958 RT2661_AMRR_INVALID_ID); 2959 2960 /* copy the first 24 bytes of Tx descriptor into NIC memory */ 2961 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24); 2962 2963 /* copy beacon header and payload into NIC memory */ 2964 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24, 2965 mtod(m0, uint8_t *), m0->m_pkthdr.len); 2966 2967 m_freem(m0); 2968 2969 /* 2970 * Store offset of ERP Information Element so that we can update it 2971 * dynamically when the slot time changes. 2972 * XXX: this is ugly since it depends on how net80211 builds beacon 2973 * frames but ieee80211_beacon_alloc() doesn't store offsets for us. 2974 */ 2975 if (ic->ic_curmode == IEEE80211_MODE_11G) { 2976 sc->erp_csr = 2977 RT2661_HW_BEACON_BASE0 + 24 + 2978 sizeof (struct ieee80211_frame) + 2979 8 + 2 + 2 + 2980 ((ic->ic_flags & IEEE80211_F_HIDENWID) ? 2981 1 : 2 + ni->ni_esslen) + 2982 2 + min(ni->ni_rates.rs_nrates, IEEE80211_RATE_SIZE) + 2983 2 + 1 + 2984 ((ic->ic_opmode == IEEE80211_M_IBSS) ? 4 : 6) + 2985 2; 2986 } 2987 2988 return 0; 2989 } 2990 #endif 2991 2992 /* 2993 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS 2994 * and HostAP operating modes. 2995 */ 2996 void 2997 rt2661_enable_tsf_sync(struct rt2661_softc *sc) 2998 { 2999 struct ieee80211com *ic = &sc->sc_ic; 3000 uint32_t tmp; 3001 3002 #ifndef IEEE80211_STA_ONLY 3003 if (ic->ic_opmode != IEEE80211_M_STA) { 3004 /* 3005 * Change default 16ms TBTT adjustment to 8ms. 3006 * Must be done before enabling beacon generation. 3007 */ 3008 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8); 3009 } 3010 #endif 3011 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000; 3012 3013 /* set beacon interval (in 1/16ms unit) */ 3014 tmp |= ic->ic_bss->ni_intval * 16; 3015 3016 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT; 3017 if (ic->ic_opmode == IEEE80211_M_STA) 3018 tmp |= RT2661_TSF_MODE(1); 3019 #ifndef IEEE80211_STA_ONLY 3020 else 3021 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON; 3022 #endif 3023 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp); 3024 } 3025 3026 /* 3027 * Retrieve the "Received Signal Strength Indicator" from the raw values 3028 * contained in Rx descriptors. The computation depends on which band the 3029 * frame was received. Correction values taken from the reference driver. 3030 */ 3031 int 3032 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw) 3033 { 3034 int lna, agc, rssi; 3035 3036 lna = (raw >> 5) & 0x3; 3037 agc = raw & 0x1f; 3038 3039 rssi = 2 * agc; 3040 3041 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) { 3042 rssi += sc->rssi_2ghz_corr; 3043 3044 if (lna == 1) 3045 rssi -= 64; 3046 else if (lna == 2) 3047 rssi -= 74; 3048 else if (lna == 3) 3049 rssi -= 90; 3050 } else { 3051 rssi += sc->rssi_5ghz_corr; 3052 3053 if (lna == 1) 3054 rssi -= 64; 3055 else if (lna == 2) 3056 rssi -= 86; 3057 else if (lna == 3) 3058 rssi -= 100; 3059 } 3060 return rssi; 3061 } 3062