search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
No empty .Rs/.Re
[netbsd-mini2440.git] / sys / dev / ic / rt2661.c
blobfaec6843e596939037941c97d0507994d84d8327
1 /* $NetBSD: rt2661.c,v 1.25 2008/11/07 00:20:03 dyoung Exp $ */
2 /* $OpenBSD: rt2661.c,v 1.17 2006/05/01 08:41:11 damien Exp $ */
3 /* $FreeBSD: rt2560.c,v 1.5 2006/06/02 19:59:31 csjp Exp $ */
4
5 /*-
6 * Copyright (c) 2006
7 * Damien Bergamini <damien.bergamini@free.fr>
8 *
9 * Permission to use, copy, modify, and distribute this software for any
10 * purpose with or without fee is hereby granted, provided that the above
11 * copyright notice and this permission notice appear in all copies.
12 *
13 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 */
21
22 /*-
23 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver
24 * http://www.ralinktech.com/
25 */
26
27 #include <sys/cdefs.h>
28 __KERNEL_RCSID(0, "$NetBSD: rt2661.c,v 1.25 2008/11/07 00:20:03 dyoung Exp $");
29
30 #include "bpfilter.h"
31
32 #include <sys/param.h>
33 #include <sys/sockio.h>
34 #include <sys/sysctl.h>
35 #include <sys/mbuf.h>
36 #include <sys/kernel.h>
37 #include <sys/socket.h>
38 #include <sys/systm.h>
39 #include <sys/malloc.h>
40 #include <sys/callout.h>
41 #include <sys/conf.h>
42 #include <sys/device.h>
43
44 #include <sys/bus.h>
45 #include <machine/endian.h>
46 #include <sys/intr.h>
47
48 #if NBPFILTER > 0
49 #include <net/bpf.h>
50 #endif
51 #include <net/if.h>
52 #include <net/if_arp.h>
53 #include <net/if_dl.h>
54 #include <net/if_media.h>
55 #include <net/if_types.h>
56 #include <net/if_ether.h>
57
58 #include <netinet/in.h>
59 #include <netinet/in_systm.h>
60 #include <netinet/in_var.h>
61 #include <netinet/ip.h>
62
63 #include <net80211/ieee80211_var.h>
64 #include <net80211/ieee80211_amrr.h>
65 #include <net80211/ieee80211_radiotap.h>
66
67 #include <dev/ic/rt2661reg.h>
68 #include <dev/ic/rt2661var.h>
69
70 #include <dev/pci/pcireg.h>
71 #include <dev/pci/pcivar.h>
72 #include <dev/pci/pcidevs.h>
73
74 #include <dev/firmload.h>
75
76 #ifdef RAL_DEBUG
77 #define DPRINTF(x) do { if (rt2661_debug > 0) printf x; } while (0)
78 #define DPRINTFN(n, x) do { if (rt2661_debug >= (n)) printf x; } while (0)
79 int rt2661_debug = 0;
80 #else
81 #define DPRINTF(x)
82 #define DPRINTFN(n, x)
83 #endif
84
85 static int rt2661_alloc_tx_ring(struct rt2661_softc *,
86 struct rt2661_tx_ring *, int);
87 static void rt2661_reset_tx_ring(struct rt2661_softc *,
88 struct rt2661_tx_ring *);
89 static void rt2661_free_tx_ring(struct rt2661_softc *,
90 struct rt2661_tx_ring *);
91 static int rt2661_alloc_rx_ring(struct rt2661_softc *,
92 struct rt2661_rx_ring *, int);
93 static void rt2661_reset_rx_ring(struct rt2661_softc *,
94 struct rt2661_rx_ring *);
95 static void rt2661_free_rx_ring(struct rt2661_softc *,
96 struct rt2661_rx_ring *);
97 static struct ieee80211_node *
98 rt2661_node_alloc(struct ieee80211_node_table *);
99 static int rt2661_media_change(struct ifnet *);
100 static void rt2661_next_scan(void *);
101 static void rt2661_iter_func(void *, struct ieee80211_node *);
102 static void rt2661_updatestats(void *);
103 static void rt2661_newassoc(struct ieee80211_node *, int);
104 static int rt2661_newstate(struct ieee80211com *, enum ieee80211_state,
105 int);
106 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t);
107 static void rt2661_tx_intr(struct rt2661_softc *);
108 static void rt2661_tx_dma_intr(struct rt2661_softc *,
109 struct rt2661_tx_ring *);
110 static void rt2661_rx_intr(struct rt2661_softc *);
111 static void rt2661_mcu_beacon_expire(struct rt2661_softc *);
112 static void rt2661_mcu_wakeup(struct rt2661_softc *);
113 static void rt2661_mcu_cmd_intr(struct rt2661_softc *);
114 int rt2661_intr(void *);
115 #if NBPFILTER > 0
116 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *);
117 #endif
118 static int rt2661_ack_rate(struct ieee80211com *, int);
119 static uint16_t rt2661_txtime(int, int, uint32_t);
120 static uint8_t rt2661_plcp_signal(int);
121 static void rt2661_setup_tx_desc(struct rt2661_softc *,
122 struct rt2661_tx_desc *, uint32_t, uint16_t, int, int,
123 const bus_dma_segment_t *, int, int);
124 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *,
125 struct ieee80211_node *);
126 static struct mbuf *
127 rt2661_get_rts(struct rt2661_softc *,
128 struct ieee80211_frame *, uint16_t);
129 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *,
130 struct ieee80211_node *, int);
131 static void rt2661_start(struct ifnet *);
132 static void rt2661_watchdog(struct ifnet *);
133 static int rt2661_reset(struct ifnet *);
134 static int rt2661_ioctl(struct ifnet *, u_long, void *);
135 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t, uint8_t);
136 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t);
137 static void rt2661_rf_write(struct rt2661_softc *, uint8_t, uint32_t);
138 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t, uint16_t);
139 static void rt2661_select_antenna(struct rt2661_softc *);
140 static void rt2661_enable_mrr(struct rt2661_softc *);
141 static void rt2661_set_txpreamble(struct rt2661_softc *);
142 static void rt2661_set_basicrates(struct rt2661_softc *,
143 const struct ieee80211_rateset *);
144 static void rt2661_select_band(struct rt2661_softc *,
145 struct ieee80211_channel *);
146 static void rt2661_set_chan(struct rt2661_softc *,
147 struct ieee80211_channel *);
148 static void rt2661_set_bssid(struct rt2661_softc *, const uint8_t *);
149 static void rt2661_set_macaddr(struct rt2661_softc *, const uint8_t *);
150 static void rt2661_update_promisc(struct rt2661_softc *);
151 #if 0
152 static int rt2661_wme_update(struct ieee80211com *);
153 #endif
154
155 static void rt2661_updateslot(struct ifnet *);
156 static void rt2661_set_slottime(struct rt2661_softc *);
157 static const char *
158 rt2661_get_rf(int);
159 static void rt2661_read_eeprom(struct rt2661_softc *);
160 static int rt2661_bbp_init(struct rt2661_softc *);
161 static int rt2661_init(struct ifnet *);
162 static void rt2661_stop(struct ifnet *, int);
163 static int rt2661_load_microcode(struct rt2661_softc *, const uint8_t *,
164 int);
165 static void rt2661_rx_tune(struct rt2661_softc *);
166 #ifdef notyet
167 static void rt2661_radar_start(struct rt2661_softc *);
168 static int rt2661_radar_stop(struct rt2661_softc *);
169 #endif
170 static int rt2661_prepare_beacon(struct rt2661_softc *);
171 static void rt2661_enable_tsf_sync(struct rt2661_softc *);
172 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t);
173
174 /*
175 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
176 */
177 static const struct ieee80211_rateset rt2661_rateset_11a =
178 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
179
180 static const struct ieee80211_rateset rt2661_rateset_11b =
181 { 4, { 2, 4, 11, 22 } };
182
183 static const struct ieee80211_rateset rt2661_rateset_11g =
184 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
185
186 static const struct {
187 uint32_t reg;
188 uint32_t val;
189 } rt2661_def_mac[] = {
190 RT2661_DEF_MAC
191 };
192
193 static const struct {
194 uint8_t reg;
195 uint8_t val;
196 } rt2661_def_bbp[] = {
197 RT2661_DEF_BBP
198 };
199
200 static const struct rfprog {
201 uint8_t chan;
202 uint32_t r1, r2, r3, r4;
203 } rt2661_rf5225_1[] = {
204 RT2661_RF5225_1
205 }, rt2661_rf5225_2[] = {
206 RT2661_RF5225_2
207 };
208
209 int
210 rt2661_attach(void *xsc, int id)
211 {
212 struct rt2661_softc *sc = xsc;
213 struct ieee80211com *ic = &sc->sc_ic;
214 struct ifnet *ifp = &sc->sc_if;
215 uint32_t val;
216 int error, i, ntries;
217
218 sc->sc_id = id;
219
220 sc->amrr.amrr_min_success_threshold = 1;
221 sc->amrr.amrr_max_success_threshold = 15;
222 callout_init(&sc->scan_ch, 0);
223 callout_init(&sc->amrr_ch, 0);
224
225 /* wait for NIC to initialize */
226 for (ntries = 0; ntries < 1000; ntries++) {
227 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0)
228 break;
229 DELAY(1000);
230 }
231 if (ntries == 1000) {
232 aprint_error_dev(&sc->sc_dev, "timeout waiting for NIC to initialize\n");
233 return EIO;
234 }
235
236 /* retrieve RF rev. no and various other things from EEPROM */
237 rt2661_read_eeprom(sc);
238 aprint_normal_dev(&sc->sc_dev, "802.11 address %s\n",
239 ether_sprintf(ic->ic_myaddr));
240
241 aprint_normal_dev(&sc->sc_dev, "MAC/BBP RT%X, RF %s\n", val,
242 rt2661_get_rf(sc->rf_rev));
243
244 /*
245 * Allocate Tx and Rx rings.
246 */
247 error = rt2661_alloc_tx_ring(sc, &sc->txq[0], RT2661_TX_RING_COUNT);
248 if (error != 0) {
249 aprint_error_dev(&sc->sc_dev, "could not allocate Tx ring 0\n");
250 goto fail1;
251 }
252
253 error = rt2661_alloc_tx_ring(sc, &sc->txq[1], RT2661_TX_RING_COUNT);
254 if (error != 0) {
255 aprint_error_dev(&sc->sc_dev, "could not allocate Tx ring 1\n");
256 goto fail2;
257 }
258
259 error = rt2661_alloc_tx_ring(sc, &sc->txq[2], RT2661_TX_RING_COUNT);
260 if (error != 0) {
261 aprint_error_dev(&sc->sc_dev, "could not allocate Tx ring 2\n");
262 goto fail3;
263 }
264
265 error = rt2661_alloc_tx_ring(sc, &sc->txq[3], RT2661_TX_RING_COUNT);
266 if (error != 0) {
267 aprint_error_dev(&sc->sc_dev, "could not allocate Tx ring 3\n");
268 goto fail4;
269 }
270
271 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT);
272 if (error != 0) {
273 aprint_error_dev(&sc->sc_dev, "could not allocate Mgt ring\n");
274 goto fail5;
275 }
276
277 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT);
278 if (error != 0) {
279 aprint_error_dev(&sc->sc_dev, "could not allocate Rx ring\n");
280 goto fail6;
281 }
282
283 ifp->if_softc = sc;
284 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
285 ifp->if_init = rt2661_init;
286 ifp->if_stop = rt2661_stop;
287 ifp->if_ioctl = rt2661_ioctl;
288 ifp->if_start = rt2661_start;
289 ifp->if_watchdog = rt2661_watchdog;
290 IFQ_SET_READY(&ifp->if_snd);
291 memcpy(ifp->if_xname, device_xname(&sc->sc_dev), IFNAMSIZ);
292
293 ic->ic_ifp = ifp;
294 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
295 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
296 ic->ic_state = IEEE80211_S_INIT;
297
298 /* set device capabilities */
299 ic->ic_caps =
300 IEEE80211_C_IBSS | /* IBSS mode supported */
301 IEEE80211_C_MONITOR | /* monitor mode supported */
302 IEEE80211_C_HOSTAP | /* HostAP mode supported */
303 IEEE80211_C_TXPMGT | /* tx power management */
304 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
305 IEEE80211_C_SHSLOT | /* short slot time supported */
306 IEEE80211_C_WPA; /* 802.11i */
307
308 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) {
309 /* set supported .11a rates */
310 ic->ic_sup_rates[IEEE80211_MODE_11A] = rt2661_rateset_11a;
311
312 /* set supported .11a channels */
313 for (i = 36; i <= 64; i += 4) {
314 ic->ic_channels[i].ic_freq =
315 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
316 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
317 }
318 for (i = 100; i <= 140; i += 4) {
319 ic->ic_channels[i].ic_freq =
320 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
321 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
322 }
323 for (i = 149; i <= 165; i += 4) {
324 ic->ic_channels[i].ic_freq =
325 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
326 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
327 }
328 }
329
330 /* set supported .11b and .11g rates */
331 ic->ic_sup_rates[IEEE80211_MODE_11B] = rt2661_rateset_11b;
332 ic->ic_sup_rates[IEEE80211_MODE_11G] = rt2661_rateset_11g;
333
334 /* set supported .11b and .11g channels (1 through 14) */
335 for (i = 1; i <= 14; i++) {
336 ic->ic_channels[i].ic_freq =
337 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
338 ic->ic_channels[i].ic_flags =
339 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
340 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
341 }
342
343 if_attach(ifp);
344 ieee80211_ifattach(ic);
345 ic->ic_node_alloc = rt2661_node_alloc;
346 ic->ic_newassoc = rt2661_newassoc;
347 ic->ic_updateslot = rt2661_updateslot;
348 ic->ic_reset = rt2661_reset;
349
350 /* override state transition machine */
351 sc->sc_newstate = ic->ic_newstate;
352 ic->ic_newstate = rt2661_newstate;
353 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status);
354
355 #if NBPFILTER > 0
356 bpfattach2(ifp, DLT_IEEE802_11_RADIO,
357 sizeof (struct ieee80211_frame) + sizeof(sc->sc_txtap),
358 &sc->sc_drvbpf);
359
360 sc->sc_rxtap_len = roundup(sizeof(sc->sc_rxtap), sizeof(u_int32_t));
361 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
362 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT);
363
364 sc->sc_txtap_len = roundup(sizeof(sc->sc_txtap), sizeof(u_int32_t));
365 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
366 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT);
367 #endif
368
369 ieee80211_announce(ic);
370
371 if (pmf_device_register(&sc->sc_dev, NULL, NULL))
372 pmf_class_network_register(&sc->sc_dev, ifp);
373 else
374 aprint_error_dev(&sc->sc_dev,
375 "couldn't establish power handler\n");
376
377 return 0;
378
379 fail6: rt2661_free_tx_ring(sc, &sc->mgtq);
380 fail5: rt2661_free_tx_ring(sc, &sc->txq[3]);
381 fail4: rt2661_free_tx_ring(sc, &sc->txq[2]);
382 fail3: rt2661_free_tx_ring(sc, &sc->txq[1]);
383 fail2: rt2661_free_tx_ring(sc, &sc->txq[0]);
384 fail1: return ENXIO;
385 }
386
387 int
388 rt2661_detach(void *xsc)
389 {
390 struct rt2661_softc *sc = xsc;
391 struct ifnet *ifp = &sc->sc_if;
392
393 callout_stop(&sc->scan_ch);
394 callout_stop(&sc->amrr_ch);
395
396 pmf_device_deregister(&sc->sc_dev);
397
398 ieee80211_ifdetach(&sc->sc_ic);
399 if_detach(ifp);
400
401 rt2661_free_tx_ring(sc, &sc->txq[0]);
402 rt2661_free_tx_ring(sc, &sc->txq[1]);
403 rt2661_free_tx_ring(sc, &sc->txq[2]);
404 rt2661_free_tx_ring(sc, &sc->txq[3]);
405 rt2661_free_tx_ring(sc, &sc->mgtq);
406 rt2661_free_rx_ring(sc, &sc->rxq);
407
408 return 0;
409 }
410
411 static int
412 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring,
413 int count)
414 {
415 int i, nsegs, error;
416
417 ring->count = count;
418 ring->queued = 0;
419 ring->cur = ring->next = ring->stat = 0;
420
421 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_TX_DESC_SIZE, 1,
422 count * RT2661_TX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map);
423 if (error != 0) {
424 aprint_error_dev(&sc->sc_dev, "could not create desc DMA map\n");
425 goto fail;
426 }
427
428 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_TX_DESC_SIZE,
429 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT);
430 if (error != 0) {
431 aprint_error_dev(&sc->sc_dev, "could not allocate DMA memory\n");
432 goto fail;
433 }
434
435 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs,
436 count * RT2661_TX_DESC_SIZE, (void **)&ring->desc,
437 BUS_DMA_NOWAIT);
438 if (error != 0) {
439 aprint_error_dev(&sc->sc_dev, "could not map desc DMA memory\n");
440 goto fail;
441 }
442
443 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc,
444 count * RT2661_TX_DESC_SIZE, NULL, BUS_DMA_NOWAIT);
445 if (error != 0) {
446 aprint_error_dev(&sc->sc_dev, "could not load desc DMA map\n");
447 goto fail;
448 }
449
450 memset(ring->desc, 0, count * RT2661_TX_DESC_SIZE);
451 ring->physaddr = ring->map->dm_segs->ds_addr;
452
453 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF,
454 M_NOWAIT);
455 if (ring->data == NULL) {
456 aprint_error_dev(&sc->sc_dev, "could not allocate soft data\n");
457 error = ENOMEM;
458 goto fail;
459 }
460
461 memset(ring->data, 0, count * sizeof (struct rt2661_tx_data));
462 for (i = 0; i < count; i++) {
463 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES,
464 RT2661_MAX_SCATTER, MCLBYTES, 0, BUS_DMA_NOWAIT,
465 &ring->data[i].map);
466 if (error != 0) {
467 aprint_error_dev(&sc->sc_dev, "could not create DMA map\n");
468 goto fail;
469 }
470 }
471
472 return 0;
473
474 fail: rt2661_free_tx_ring(sc, ring);
475 return error;
476 }
477
478 static void
479 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring)
480 {
481 struct rt2661_tx_desc *desc;
482 struct rt2661_tx_data *data;
483 int i;
484
485 for (i = 0; i < ring->count; i++) {
486 desc = &ring->desc[i];
487 data = &ring->data[i];
488
489 if (data->m != NULL) {
490 bus_dmamap_sync(sc->sc_dmat, data->map, 0,
491 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
492 bus_dmamap_unload(sc->sc_dmat, data->map);
493 m_freem(data->m);
494 data->m = NULL;
495 }
496
497 if (data->ni != NULL) {
498 ieee80211_free_node(data->ni);
499 data->ni = NULL;
500 }
501
502 desc->flags = 0;
503 }
504
505 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize,
506 BUS_DMASYNC_PREWRITE);
507
508 ring->queued = 0;
509 ring->cur = ring->next = ring->stat = 0;
510 }
511
512
513 static void
514 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring)
515 {
516 struct rt2661_tx_data *data;
517 int i;
518
519 if (ring->desc != NULL) {
520 bus_dmamap_sync(sc->sc_dmat, ring->map, 0,
521 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
522 bus_dmamap_unload(sc->sc_dmat, ring->map);
523 bus_dmamem_unmap(sc->sc_dmat, (void *)ring->desc,
524 ring->count * RT2661_TX_DESC_SIZE);
525 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1);
526 }
527
528 if (ring->data != NULL) {
529 for (i = 0; i < ring->count; i++) {
530 data = &ring->data[i];
531
532 if (data->m != NULL) {
533 bus_dmamap_sync(sc->sc_dmat, data->map, 0,
534 data->map->dm_mapsize,
535 BUS_DMASYNC_POSTWRITE);
536 bus_dmamap_unload(sc->sc_dmat, data->map);
537 m_freem(data->m);
538 }
539
540 if (data->ni != NULL)
541 ieee80211_free_node(data->ni);
542
543 if (data->map != NULL)
544 bus_dmamap_destroy(sc->sc_dmat, data->map);
545 }
546 free(ring->data, M_DEVBUF);
547 }
548 }
549
550 static int
551 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring,
552 int count)
553 {
554 struct rt2661_rx_desc *desc;
555 struct rt2661_rx_data *data;
556 int i, nsegs, error;
557
558 ring->count = count;
559 ring->cur = ring->next = 0;
560
561 error = bus_dmamap_create(sc->sc_dmat, count * RT2661_RX_DESC_SIZE, 1,
562 count * RT2661_RX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map);
563 if (error != 0) {
564 aprint_error_dev(&sc->sc_dev, "could not create desc DMA map\n");
565 goto fail;
566 }
567
568 error = bus_dmamem_alloc(sc->sc_dmat, count * RT2661_RX_DESC_SIZE,
569 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT);
570 if (error != 0) {
571 aprint_error_dev(&sc->sc_dev, "could not allocate DMA memory\n");
572 goto fail;
573 }
574
575 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs,
576 count * RT2661_RX_DESC_SIZE, (void **)&ring->desc,
577 BUS_DMA_NOWAIT);
578 if (error != 0) {
579 aprint_error_dev(&sc->sc_dev, "could not map desc DMA memory\n");
580 goto fail;
581 }
582
583 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc,
584 count * RT2661_RX_DESC_SIZE, NULL, BUS_DMA_NOWAIT);
585 if (error != 0) {
586 aprint_error_dev(&sc->sc_dev, "could not load desc DMA map\n");
587 goto fail;
588 }
589
590 memset(ring->desc, 0, count * RT2661_RX_DESC_SIZE);
591 ring->physaddr = ring->map->dm_segs->ds_addr;
592
593 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF,
594 M_NOWAIT);
595 if (ring->data == NULL) {
596 aprint_error_dev(&sc->sc_dev, "could not allocate soft data\n");
597 error = ENOMEM;
598 goto fail;
599 }
600
601 /*
602 * Pre-allocate Rx buffers and populate Rx ring.
603 */
604 memset(ring->data, 0, count * sizeof (struct rt2661_rx_data));
605 for (i = 0; i < count; i++) {
606 desc = &sc->rxq.desc[i];
607 data = &sc->rxq.data[i];
608
609 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES,
610 0, BUS_DMA_NOWAIT, &data->map);
611 if (error != 0) {
612 aprint_error_dev(&sc->sc_dev, "could not create DMA map\n");
613 goto fail;
614 }
615
616 MGETHDR(data->m, M_DONTWAIT, MT_DATA);
617 if (data->m == NULL) {
618 aprint_error_dev(&sc->sc_dev, "could not allocate rx mbuf\n");
619 error = ENOMEM;
620 goto fail;
621 }
622
623 MCLGET(data->m, M_DONTWAIT);
624 if (!(data->m->m_flags & M_EXT)) {
625 aprint_error_dev(&sc->sc_dev, "could not allocate rx mbuf cluster\n");
626 error = ENOMEM;
627 goto fail;
628 }
629
630 error = bus_dmamap_load(sc->sc_dmat, data->map,
631 mtod(data->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT);
632 if (error != 0) {
633 aprint_error_dev(&sc->sc_dev, "could not load rx buf DMA map");
634 goto fail;
635 }
636
637 desc->physaddr = htole32(data->map->dm_segs->ds_addr);
638 desc->flags = htole32(RT2661_RX_BUSY);
639 }
640
641 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize,
642 BUS_DMASYNC_PREWRITE);
643
644 return 0;
645
646 fail: rt2661_free_rx_ring(sc, ring);
647 return error;
648 }
649
650 static void
651 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring)
652 {
653 int i;
654
655 for (i = 0; i < ring->count; i++)
656 ring->desc[i].flags = htole32(RT2661_RX_BUSY);
657
658 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize,
659 BUS_DMASYNC_PREWRITE);
660
661 ring->cur = ring->next = 0;
662 }
663
664 static void
665 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring)
666 {
667 struct rt2661_rx_data *data;
668 int i;
669
670 if (ring->desc != NULL) {
671 bus_dmamap_sync(sc->sc_dmat, ring->map, 0,
672 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
673 bus_dmamap_unload(sc->sc_dmat, ring->map);
674 bus_dmamem_unmap(sc->sc_dmat, (void *)ring->desc,
675 ring->count * RT2661_RX_DESC_SIZE);
676 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1);
677 }
678
679 if (ring->data != NULL) {
680 for (i = 0; i < ring->count; i++) {
681 data = &ring->data[i];
682
683 if (data->m != NULL) {
684 bus_dmamap_sync(sc->sc_dmat, data->map, 0,
685 data->map->dm_mapsize,
686 BUS_DMASYNC_POSTREAD);
687 bus_dmamap_unload(sc->sc_dmat, data->map);
688 m_freem(data->m);
689 }
690
691 if (data->map != NULL)
692 bus_dmamap_destroy(sc->sc_dmat, data->map);
693 }
694 free(ring->data, M_DEVBUF);
695 }
696 }
697
698 static struct ieee80211_node *
699 rt2661_node_alloc(struct ieee80211_node_table *nt)
700 {
701 struct rt2661_node *rn;
702
703 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE,
704 M_NOWAIT | M_ZERO);
705
706 return (rn != NULL) ? &rn->ni : NULL;
707 }
708
709 static int
710 rt2661_media_change(struct ifnet *ifp)
711 {
712 int error;
713
714 error = ieee80211_media_change(ifp);
715 if (error != ENETRESET)
716 return error;
717
718 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
719 rt2661_init(ifp);
720
721 return 0;
722 }
723
724 /*
725 * This function is called periodically (every 200ms) during scanning to
726 * switch from one channel to another.
727 */
728 static void
729 rt2661_next_scan(void *arg)
730 {
731 struct rt2661_softc *sc = arg;
732 struct ieee80211com *ic = &sc->sc_ic;
733 int s;
734
735 s = splnet();
736 if (ic->ic_state == IEEE80211_S_SCAN)
737 ieee80211_next_scan(ic);
738 splx(s);
739 }
740
741 /*
742 * This function is called for each neighbor node.
743 */
744 static void
745 rt2661_iter_func(void *arg, struct ieee80211_node *ni)
746 {
747 struct rt2661_softc *sc = arg;
748 struct rt2661_node *rn = (struct rt2661_node *)ni;
749
750 ieee80211_amrr_choose(&sc->amrr, ni, &rn->amn);
751 }
752
753 /*
754 * This function is called periodically (every 500ms) in RUN state to update
755 * various settings like rate control statistics or Rx sensitivity.
756 */
757 static void
758 rt2661_updatestats(void *arg)
759 {
760 struct rt2661_softc *sc = arg;
761 struct ieee80211com *ic = &sc->sc_ic;
762 int s;
763
764 s = splnet();
765 if (ic->ic_opmode == IEEE80211_M_STA)
766 rt2661_iter_func(sc, ic->ic_bss);
767 else
768 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg);
769
770 /* update rx sensitivity every 1 sec */
771 if (++sc->ncalls & 1)
772 rt2661_rx_tune(sc);
773 splx(s);
774
775 callout_reset(&sc->amrr_ch, hz / 2, rt2661_updatestats, sc);
776 }
777
778 static void
779 rt2661_newassoc(struct ieee80211_node *ni, int isnew)
780 {
781 struct rt2661_softc *sc = ni->ni_ic->ic_ifp->if_softc;
782 int i;
783
784 ieee80211_amrr_node_init(&sc->amrr, &((struct rt2661_node *)ni)->amn);
785
786 /* set rate to some reasonable initial value */
787 for (i = ni->ni_rates.rs_nrates - 1;
788 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72;
789 i--);
790 ni->ni_txrate = i;
791 }
792
793 static int
794 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
795 {
796 struct rt2661_softc *sc = ic->ic_ifp->if_softc;
797 enum ieee80211_state ostate;
798 struct ieee80211_node *ni;
799 uint32_t tmp;
800
801 ostate = ic->ic_state;
802 callout_stop(&sc->scan_ch);
803
804 switch (nstate) {
805 case IEEE80211_S_INIT:
806 callout_stop(&sc->amrr_ch);
807
808 if (ostate == IEEE80211_S_RUN) {
809 /* abort TSF synchronization */
810 tmp = RAL_READ(sc, RT2661_TXRX_CSR9);
811 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff);
812 }
813 break;
814
815 case IEEE80211_S_SCAN:
816 rt2661_set_chan(sc, ic->ic_curchan);
817 callout_reset(&sc->scan_ch, hz / 5, rt2661_next_scan, sc);
818 break;
819
820 case IEEE80211_S_AUTH:
821 case IEEE80211_S_ASSOC:
822 rt2661_set_chan(sc, ic->ic_curchan);
823 break;
824
825 case IEEE80211_S_RUN:
826 rt2661_set_chan(sc, ic->ic_curchan);
827
828 ni = ic->ic_bss;
829
830 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
831 rt2661_set_slottime(sc);
832 rt2661_enable_mrr(sc);
833 rt2661_set_txpreamble(sc);
834 rt2661_set_basicrates(sc, &ni->ni_rates);
835 rt2661_set_bssid(sc, ni->ni_bssid);
836 }
837
838 if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
839 ic->ic_opmode == IEEE80211_M_IBSS)
840 rt2661_prepare_beacon(sc);
841
842 if (ic->ic_opmode == IEEE80211_M_STA) {
843 /* fake a join to init the tx rate */
844 rt2661_newassoc(ni, 1);
845 }
846
847 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
848 sc->ncalls = 0;
849 sc->avg_rssi = -95; /* reset EMA */
850 callout_reset(&sc->amrr_ch, hz / 2,
851 rt2661_updatestats, sc);
852 rt2661_enable_tsf_sync(sc);
853 }
854 break;
855 }
856
857 return sc->sc_newstate(ic, nstate, arg);
858 }
859
860 /*
861 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or
862 * 93C66).
863 */
864 static uint16_t
865 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr)
866 {
867 uint32_t tmp;
868 uint16_t val;
869 int n;
870
871 /* clock C once before the first command */
872 RT2661_EEPROM_CTL(sc, 0);
873
874 RT2661_EEPROM_CTL(sc, RT2661_S);
875 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
876 RT2661_EEPROM_CTL(sc, RT2661_S);
877
878 /* write start bit (1) */
879 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D);
880 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C);
881
882 /* write READ opcode (10) */
883 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D);
884 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C);
885 RT2661_EEPROM_CTL(sc, RT2661_S);
886 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
887
888 /* write address (A5-A0 or A7-A0) */
889 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7;
890 for (; n >= 0; n--) {
891 RT2661_EEPROM_CTL(sc, RT2661_S |
892 (((addr >> n) & 1) << RT2661_SHIFT_D));
893 RT2661_EEPROM_CTL(sc, RT2661_S |
894 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C);
895 }
896
897 RT2661_EEPROM_CTL(sc, RT2661_S);
898
899 /* read data Q15-Q0 */
900 val = 0;
901 for (n = 15; n >= 0; n--) {
902 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
903 tmp = RAL_READ(sc, RT2661_E2PROM_CSR);
904 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n;
905 RT2661_EEPROM_CTL(sc, RT2661_S);
906 }
907
908 RT2661_EEPROM_CTL(sc, 0);
909
910 /* clear Chip Select and clock C */
911 RT2661_EEPROM_CTL(sc, RT2661_S);
912 RT2661_EEPROM_CTL(sc, 0);
913 RT2661_EEPROM_CTL(sc, RT2661_C);
914
915 return val;
916 }
917
918 static void
919 rt2661_tx_intr(struct rt2661_softc *sc)
920 {
921 struct ifnet *ifp = &sc->sc_if;
922 struct rt2661_tx_ring *txq;
923 struct rt2661_tx_data *data;
924 struct rt2661_node *rn;
925 uint32_t val;
926 int qid, retrycnt;
927
928 for (;;) {
929 val = RAL_READ(sc, RT2661_STA_CSR4);
930 if (!(val & RT2661_TX_STAT_VALID))
931 break;
932
933 /* retrieve the queue in which this frame was sent */
934 qid = RT2661_TX_QID(val);
935 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq;
936
937 /* retrieve rate control algorithm context */
938 data = &txq->data[txq->stat];
939 rn = (struct rt2661_node *)data->ni;
940
941 /* if no frame has been sent, ignore */
942 if (rn == NULL)
943 continue;
944
945 switch (RT2661_TX_RESULT(val)) {
946 case RT2661_TX_SUCCESS:
947 retrycnt = RT2661_TX_RETRYCNT(val);
948
949 DPRINTFN(10, ("data frame sent successfully after "
950 "%d retries\n", retrycnt));
951 rn->amn.amn_txcnt++;
952 if (retrycnt > 0)
953 rn->amn.amn_retrycnt++;
954 ifp->if_opackets++;
955 break;
956
957 case RT2661_TX_RETRY_FAIL:
958 DPRINTFN(9, ("sending data frame failed (too much "
959 "retries)\n"));
960 rn->amn.amn_txcnt++;
961 rn->amn.amn_retrycnt++;
962 ifp->if_oerrors++;
963 break;
964
965 default:
966 /* other failure */
967 aprint_error_dev(&sc->sc_dev, "sending data frame failed 0x%08x\n", val);
968 ifp->if_oerrors++;
969 }
970
971 ieee80211_free_node(data->ni);
972 data->ni = NULL;
973
974 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat));
975
976 txq->queued--;
977 if (++txq->stat >= txq->count) /* faster than % count */
978 txq->stat = 0;
979 }
980
981 sc->sc_tx_timer = 0;
982 ifp->if_flags &= ~IFF_OACTIVE;
983 rt2661_start(ifp);
984 }
985
986 static void
987 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq)
988 {
989 struct rt2661_tx_desc *desc;
990 struct rt2661_tx_data *data;
991
992 for (;;) {
993 desc = &txq->desc[txq->next];
994 data = &txq->data[txq->next];
995
996 bus_dmamap_sync(sc->sc_dmat, txq->map,
997 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE,
998 BUS_DMASYNC_POSTREAD);
999
1000 if ((le32toh(desc->flags) & RT2661_TX_BUSY) ||
1001 !(le32toh(desc->flags) & RT2661_TX_VALID))
1002 break;
1003
1004 bus_dmamap_sync(sc->sc_dmat, data->map, 0,
1005 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
1006 bus_dmamap_unload(sc->sc_dmat, data->map);
1007 m_freem(data->m);
1008 data->m = NULL;
1009 /* node reference is released in rt2661_tx_intr() */
1010
1011 /* descriptor is no longer valid */
1012 desc->flags &= ~htole32(RT2661_TX_VALID);
1013
1014 bus_dmamap_sync(sc->sc_dmat, txq->map,
1015 txq->next * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE,
1016 BUS_DMASYNC_PREWRITE);
1017
1018 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next));
1019
1020 if (++txq->next >= txq->count) /* faster than % count */
1021 txq->next = 0;
1022 }
1023 }
1024
1025 static void
1026 rt2661_rx_intr(struct rt2661_softc *sc)
1027 {
1028 struct ieee80211com *ic = &sc->sc_ic;
1029 struct ifnet *ifp = &sc->sc_if;
1030 struct rt2661_rx_desc *desc;
1031 struct rt2661_rx_data *data;
1032 struct ieee80211_frame *wh;
1033 struct ieee80211_node *ni;
1034 struct mbuf *mnew, *m;
1035 int error, rssi;
1036
1037 for (;;) {
1038 desc = &sc->rxq.desc[sc->rxq.cur];
1039 data = &sc->rxq.data[sc->rxq.cur];
1040
1041 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map,
1042 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE,
1043 BUS_DMASYNC_POSTREAD);
1044
1045 if (le32toh(desc->flags) & RT2661_RX_BUSY)
1046 break;
1047
1048 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) ||
1049 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) {
1050 /*
1051 * This should not happen since we did not request
1052 * to receive those frames when we filled TXRX_CSR0.
1053 */
1054 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n",
1055 le32toh(desc->flags)));
1056 ifp->if_ierrors++;
1057 goto skip;
1058 }
1059
1060 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) {
1061 ifp->if_ierrors++;
1062 goto skip;
1063 }
1064
1065 /*
1066 * Try to allocate a new mbuf for this ring element and load it
1067 * before processing the current mbuf. If the ring element
1068 * cannot be loaded, drop the received packet and reuse the old
1069 * mbuf. In the unlikely case that the old mbuf can't be
1070 * reloaded either, explicitly panic.
1071 */
1072 MGETHDR(mnew, M_DONTWAIT, MT_DATA);
1073 if (mnew == NULL) {
1074 ifp->if_ierrors++;
1075 goto skip;
1076 }
1077
1078 MCLGET(mnew, M_DONTWAIT);
1079 if (!(mnew->m_flags & M_EXT)) {
1080 m_freem(mnew);
1081 ifp->if_ierrors++;
1082 goto skip;
1083 }
1084
1085 bus_dmamap_sync(sc->sc_dmat, data->map, 0,
1086 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD);
1087 bus_dmamap_unload(sc->sc_dmat, data->map);
1088
1089 error = bus_dmamap_load(sc->sc_dmat, data->map,
1090 mtod(mnew, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT);
1091 if (error != 0) {
1092 m_freem(mnew);
1093
1094 /* try to reload the old mbuf */
1095 error = bus_dmamap_load(sc->sc_dmat, data->map,
1096 mtod(data->m, void *), MCLBYTES, NULL,
1097 BUS_DMA_NOWAIT);
1098 if (error != 0) {
1099 /* very unlikely that it will fail... */
1100 panic("%s: could not load old rx mbuf",
1101 device_xname(&sc->sc_dev));
1102 }
1103 /* physical address may have changed */
1104 desc->physaddr = htole32(data->map->dm_segs->ds_addr);
1105 ifp->if_ierrors++;
1106 goto skip;
1107 }
1108
1109 /*
1110 * New mbuf successfully loaded, update Rx ring and continue
1111 * processing.
1112 */
1113 m = data->m;
1114 data->m = mnew;
1115 desc->physaddr = htole32(data->map->dm_segs->ds_addr);
1116
1117 /* finalize mbuf */
1118 m->m_pkthdr.rcvif = ifp;
1119 m->m_pkthdr.len = m->m_len =
1120 (le32toh(desc->flags) >> 16) & 0xfff;
1121
1122 #if NBPFILTER > 0
1123 if (sc->sc_drvbpf != NULL) {
1124 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap;
1125 uint32_t tsf_lo, tsf_hi;
1126
1127 /* get timestamp (low and high 32 bits) */
1128 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13);
1129 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12);
1130
1131 tap->wr_tsf =
1132 htole64(((uint64_t)tsf_hi << 32) | tsf_lo);
1133 tap->wr_flags = 0;
1134 tap->wr_rate = rt2661_rxrate(desc);
1135 tap->wr_chan_freq = htole16(sc->sc_curchan->ic_freq);
1136 tap->wr_chan_flags = htole16(sc->sc_curchan->ic_flags);
1137 tap->wr_antsignal = desc->rssi;
1138
1139 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m);
1140 }
1141 #endif
1142
1143 wh = mtod(m, struct ieee80211_frame *);
1144 ni = ieee80211_find_rxnode(ic,
1145 (struct ieee80211_frame_min *)wh);
1146
1147 /* send the frame to the 802.11 layer */
1148 ieee80211_input(ic, m, ni, desc->rssi, 0);
1149
1150 /*-
1151 * Keep track of the average RSSI using an Exponential Moving
1152 * Average (EMA) of 8 Wilder's days:
1153 * avg = (1 / N) x rssi + ((N - 1) / N) x avg
1154 */
1155 rssi = rt2661_get_rssi(sc, desc->rssi);
1156 sc->avg_rssi = (rssi + 7 * sc->avg_rssi) / 8;
1157
1158 /* node is no longer needed */
1159 ieee80211_free_node(ni);
1160
1161 skip: desc->flags |= htole32(RT2661_RX_BUSY);
1162
1163 bus_dmamap_sync(sc->sc_dmat, sc->rxq.map,
1164 sc->rxq.cur * RT2661_RX_DESC_SIZE, RT2661_RX_DESC_SIZE,
1165 BUS_DMASYNC_PREWRITE);
1166
1167 DPRINTFN(16, ("rx intr idx=%u\n", sc->rxq.cur));
1168
1169 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT;
1170 }
1171
1172 /*
1173 * In HostAP mode, ieee80211_input() will enqueue packets in if_snd
1174 * without calling if_start().
1175 */
1176 if (!IFQ_IS_EMPTY(&ifp->if_snd) && !(ifp->if_flags & IFF_OACTIVE))
1177 rt2661_start(ifp);
1178 }
1179
1180 /*
1181 * This function is called in HostAP or IBSS modes when it's time to send a
1182 * new beacon (every ni_intval milliseconds).
1183 */
1184 static void
1185 rt2661_mcu_beacon_expire(struct rt2661_softc *sc)
1186 {
1187 struct ieee80211com *ic = &sc->sc_ic;
1188
1189 if (sc->sc_flags & RT2661_UPDATE_SLOT) {
1190 sc->sc_flags &= ~RT2661_UPDATE_SLOT;
1191 sc->sc_flags |= RT2661_SET_SLOTTIME;
1192 } else if (sc->sc_flags & RT2661_SET_SLOTTIME) {
1193 sc->sc_flags &= ~RT2661_SET_SLOTTIME;
1194 rt2661_set_slottime(sc);
1195 }
1196
1197 if (ic->ic_curmode == IEEE80211_MODE_11G) {
1198 /* update ERP Information Element */
1199 RAL_WRITE_1(sc, sc->erp_csr, ic->ic_bss->ni_erp);
1200 RAL_RW_BARRIER_1(sc, sc->erp_csr);
1201 }
1202
1203 DPRINTFN(15, ("beacon expired\n"));
1204 }
1205
1206 static void
1207 rt2661_mcu_wakeup(struct rt2661_softc *sc)
1208 {
1209 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16);
1210
1211 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7);
1212 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18);
1213 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20);
1214
1215 /* send wakeup command to MCU */
1216 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0);
1217 }
1218
1219 static void
1220 rt2661_mcu_cmd_intr(struct rt2661_softc *sc)
1221 {
1222 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR);
1223 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff);
1224 }
1225
1226 int
1227 rt2661_intr(void *arg)
1228 {
1229 struct rt2661_softc *sc = arg;
1230 struct ifnet *ifp = &sc->sc_if;
1231 uint32_t r1, r2;
1232 int rv = 0;
1233
1234 /* don't re-enable interrupts if we're shutting down */
1235 if (!(ifp->if_flags & IFF_RUNNING)) {
1236 /* disable MAC and MCU interrupts */
1237 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f);
1238 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff);
1239 return 0;
1240 }
1241
1242 for (;;) {
1243 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR);
1244 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR);
1245
1246 if ((r1 & RT2661_INT_CSR_ALL) == 0 &&
1247 (r2 & RT2661_MCU_INT_ALL) == 0)
1248 break;
1249
1250 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1);
1251 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2);
1252
1253 rv = 1;
1254
1255 if (r1 & RT2661_MGT_DONE)
1256 rt2661_tx_dma_intr(sc, &sc->mgtq);
1257
1258 if (r1 & RT2661_RX_DONE)
1259 rt2661_rx_intr(sc);
1260
1261 if (r1 & RT2661_TX0_DMA_DONE)
1262 rt2661_tx_dma_intr(sc, &sc->txq[0]);
1263
1264 if (r1 & RT2661_TX1_DMA_DONE)
1265 rt2661_tx_dma_intr(sc, &sc->txq[1]);
1266
1267 if (r1 & RT2661_TX2_DMA_DONE)
1268 rt2661_tx_dma_intr(sc, &sc->txq[2]);
1269
1270 if (r1 & RT2661_TX3_DMA_DONE)
1271 rt2661_tx_dma_intr(sc, &sc->txq[3]);
1272
1273 if (r1 & RT2661_TX_DONE)
1274 rt2661_tx_intr(sc);
1275
1276 if (r2 & RT2661_MCU_CMD_DONE)
1277 rt2661_mcu_cmd_intr(sc);
1278
1279 if (r2 & RT2661_MCU_BEACON_EXPIRE)
1280 rt2661_mcu_beacon_expire(sc);
1281
1282 if (r2 & RT2661_MCU_WAKEUP)
1283 rt2661_mcu_wakeup(sc);
1284 }
1285
1286 return rv;
1287 }
1288
1289 /* quickly determine if a given rate is CCK or OFDM */
1290 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
1291
1292 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */
1293 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */
1294
1295 /*
1296 * This function is only used by the Rx radiotap code. It returns the rate at
1297 * which a given frame was received.
1298 */
1299 #if NBPFILTER > 0
1300 static uint8_t
1301 rt2661_rxrate(struct rt2661_rx_desc *desc)
1302 {
1303 if (le32toh(desc->flags) & RT2661_RX_OFDM) {
1304 /* reverse function of rt2661_plcp_signal */
1305 switch (desc->rate & 0xf) {
1306 case 0xb: return 12;
1307 case 0xf: return 18;
1308 case 0xa: return 24;
1309 case 0xe: return 36;
1310 case 0x9: return 48;
1311 case 0xd: return 72;
1312 case 0x8: return 96;
1313 case 0xc: return 108;
1314 }
1315 } else {
1316 if (desc->rate == 10)
1317 return 2;
1318 if (desc->rate == 20)
1319 return 4;
1320 if (desc->rate == 55)
1321 return 11;
1322 if (desc->rate == 110)
1323 return 22;
1324 }
1325 return 2; /* should not get there */
1326 }
1327 #endif
1328
1329 /*
1330 * Return the expected ack rate for a frame transmitted at rate `rate'.
1331 * XXX: this should depend on the destination node basic rate set.
1332 */
1333 static int
1334 rt2661_ack_rate(struct ieee80211com *ic, int rate)
1335 {
1336 switch (rate) {
1337 /* CCK rates */
1338 case 2:
1339 return 2;
1340 case 4:
1341 case 11:
1342 case 22:
1343 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate;
1344
1345 /* OFDM rates */
1346 case 12:
1347 case 18:
1348 return 12;
1349 case 24:
1350 case 36:
1351 return 24;
1352 case 48:
1353 case 72:
1354 case 96:
1355 case 108:
1356 return 48;
1357 }
1358
1359 /* default to 1Mbps */
1360 return 2;
1361 }
1362
1363 /*
1364 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'.
1365 * The function automatically determines the operating mode depending on the
1366 * given rate. `flags' indicates whether short preamble is in use or not.
1367 */
1368 static uint16_t
1369 rt2661_txtime(int len, int rate, uint32_t flags)
1370 {
1371 uint16_t txtime;
1372
1373 if (RAL_RATE_IS_OFDM(rate)) {
1374 /* IEEE Std 802.11g-2003, pp. 44 */
1375 txtime = (8 + 4 * len + 3 + rate - 1) / rate;
1376 txtime = 16 + 4 + 4 * txtime + 6;
1377 } else {
1378 /* IEEE Std 802.11b-1999, pp. 28 */
1379 txtime = (16 * len + rate - 1) / rate;
1380 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE))
1381 txtime += 72 + 24;
1382 else
1383 txtime += 144 + 48;
1384 }
1385 return txtime;
1386 }
1387
1388 static uint8_t
1389 rt2661_plcp_signal(int rate)
1390 {
1391 switch (rate) {
1392 /* CCK rates (returned values are device-dependent) */
1393 case 2: return 0x0;
1394 case 4: return 0x1;
1395 case 11: return 0x2;
1396 case 22: return 0x3;
1397
1398 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
1399 case 12: return 0xb;
1400 case 18: return 0xf;
1401 case 24: return 0xa;
1402 case 36: return 0xe;
1403 case 48: return 0x9;
1404 case 72: return 0xd;
1405 case 96: return 0x8;
1406 case 108: return 0xc;
1407
1408 /* unsupported rates (should not get there) */
1409 default: return 0xff;
1410 }
1411 }
1412
1413 static void
1414 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc,
1415 uint32_t flags, uint16_t xflags, int len, int rate,
1416 const bus_dma_segment_t *segs, int nsegs, int ac)
1417 {
1418 struct ieee80211com *ic = &sc->sc_ic;
1419 uint16_t plcp_length;
1420 int i, remainder;
1421
1422 desc->flags = htole32(flags);
1423 desc->flags |= htole32(len << 16);
1424
1425 desc->xflags = htole16(xflags);
1426 desc->xflags |= htole16(nsegs << 13);
1427
1428 desc->wme = htole16(
1429 RT2661_QID(ac) |
1430 RT2661_AIFSN(2) |
1431 RT2661_LOGCWMIN(4) |
1432 RT2661_LOGCWMAX(10));
1433
1434 /*
1435 * Remember in which queue this frame was sent. This field is driver
1436 * private data only. It will be made available by the NIC in STA_CSR4
1437 * on Tx interrupts.
1438 */
1439 desc->qid = ac;
1440
1441 /* setup PLCP fields */
1442 desc->plcp_signal = rt2661_plcp_signal(rate);
1443 desc->plcp_service = 4;
1444
1445 len += IEEE80211_CRC_LEN;
1446 if (RAL_RATE_IS_OFDM(rate)) {
1447 desc->flags |= htole32(RT2661_TX_OFDM);
1448
1449 plcp_length = len & 0xfff;
1450 desc->plcp_length_hi = plcp_length >> 6;
1451 desc->plcp_length_lo = plcp_length & 0x3f;
1452 } else {
1453 plcp_length = (16 * len + rate - 1) / rate;
1454 if (rate == 22) {
1455 remainder = (16 * len) % 22;
1456 if (remainder != 0 && remainder < 7)
1457 desc->plcp_service |= RT2661_PLCP_LENGEXT;
1458 }
1459 desc->plcp_length_hi = plcp_length >> 8;
1460 desc->plcp_length_lo = plcp_length & 0xff;
1461
1462 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
1463 desc->plcp_signal |= 0x08;
1464 }
1465
1466 /* RT2x61 supports scatter with up to 5 segments */
1467 for (i = 0; i < nsegs; i++) {
1468 desc->addr[i] = htole32(segs[i].ds_addr);
1469 desc->len [i] = htole16(segs[i].ds_len);
1470 }
1471
1472 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID);
1473 }
1474
1475 static int
1476 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0,
1477 struct ieee80211_node *ni)
1478 {
1479 struct ieee80211com *ic = &sc->sc_ic;
1480 struct rt2661_tx_desc *desc;
1481 struct rt2661_tx_data *data;
1482 struct ieee80211_frame *wh;
1483 uint16_t dur;
1484 uint32_t flags = 0;
1485 int rate, error;
1486
1487 desc = &sc->mgtq.desc[sc->mgtq.cur];
1488 data = &sc->mgtq.data[sc->mgtq.cur];
1489
1490 /* send mgt frames at the lowest available rate */
1491 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
1492
1493 wh = mtod(m0, struct ieee80211_frame *);
1494
1495 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1496 if (ieee80211_crypto_encap(ic, ni, m0) == NULL) {
1497 m_freem(m0);
1498 return ENOBUFS;
1499 }
1500
1501 /* packet header may have moved, reset our local pointer */
1502 wh = mtod(m0, struct ieee80211_frame *);
1503 }
1504
1505 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0,
1506 BUS_DMA_NOWAIT);
1507 if (error != 0) {
1508 aprint_error_dev(&sc->sc_dev, "could not map mbuf (error %d)\n",
1509 error);
1510 m_freem(m0);
1511 return error;
1512 }
1513
1514 #if NBPFILTER > 0
1515 if (sc->sc_drvbpf != NULL) {
1516 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap;
1517
1518 tap->wt_flags = 0;
1519 tap->wt_rate = rate;
1520 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq);
1521 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags);
1522
1523 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0);
1524 }
1525 #endif
1526
1527 data->m = m0;
1528 data->ni = ni;
1529
1530 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1531 flags |= RT2661_TX_NEED_ACK;
1532
1533 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) +
1534 sc->sifs;
1535 *(uint16_t *)wh->i_dur = htole16(dur);
1536
1537 /* tell hardware to set timestamp in probe responses */
1538 if ((wh->i_fc[0] &
1539 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
1540 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
1541 flags |= RT2661_TX_TIMESTAMP;
1542 }
1543
1544 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */,
1545 m0->m_pkthdr.len, rate, data->map->dm_segs, data->map->dm_nsegs,
1546 RT2661_QID_MGT);
1547
1548 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize,
1549 BUS_DMASYNC_PREWRITE);
1550 bus_dmamap_sync(sc->sc_dmat, sc->mgtq.map,
1551 sc->mgtq.cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE,
1552 BUS_DMASYNC_PREWRITE);
1553
1554 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n",
1555 m0->m_pkthdr.len, sc->mgtq.cur, rate));
1556
1557 /* kick mgt */
1558 sc->mgtq.queued++;
1559 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT;
1560 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT);
1561
1562 return 0;
1563 }
1564
1565 /*
1566 * Build a RTS control frame.
1567 */
1568 static struct mbuf *
1569 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh,
1570 uint16_t dur)
1571 {
1572 struct ieee80211_frame_rts *rts;
1573 struct mbuf *m;
1574
1575 MGETHDR(m, M_DONTWAIT, MT_DATA);
1576 if (m == NULL) {
1577 sc->sc_ic.ic_stats.is_tx_nobuf++;
1578 aprint_error_dev(&sc->sc_dev, "could not allocate RTS frame\n");
1579 return NULL;
1580 }
1581
1582 rts = mtod(m, struct ieee80211_frame_rts *);
1583
1584 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL |
1585 IEEE80211_FC0_SUBTYPE_RTS;
1586 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS;
1587 *(uint16_t *)rts->i_dur = htole16(dur);
1588 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1);
1589 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2);
1590
1591 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts);
1592
1593 return m;
1594 }
1595
1596 static int
1597 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0,
1598 struct ieee80211_node *ni, int ac)
1599 {
1600 struct ieee80211com *ic = &sc->sc_ic;
1601 struct rt2661_tx_ring *txq = &sc->txq[ac];
1602 struct rt2661_tx_desc *desc;
1603 struct rt2661_tx_data *data;
1604 struct ieee80211_frame *wh;
1605 struct ieee80211_key *k;
1606 struct mbuf *mnew;
1607 uint16_t dur;
1608 uint32_t flags = 0;
1609 int rate, useprot, error, tid;
1610
1611 wh = mtod(m0, struct ieee80211_frame *);
1612
1613 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) {
1614 rate = ic->ic_sup_rates[ic->ic_curmode].
1615 rs_rates[ic->ic_fixed_rate];
1616 } else
1617 rate = ni->ni_rates.rs_rates[ni->ni_txrate];
1618 rate &= IEEE80211_RATE_VAL;
1619 if (rate == 0)
1620 rate = 2; /* XXX should not happen */
1621
1622 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1623 k = ieee80211_crypto_encap(ic, ni, m0);
1624 if (k == NULL) {
1625 m_freem(m0);
1626 return ENOBUFS;
1627 }
1628
1629 /* packet header may have moved, reset our local pointer */
1630 wh = mtod(m0, struct ieee80211_frame *);
1631 }
1632
1633 /*
1634 * Packet Bursting: backoff after ppb=8 frames to give other STAs a
1635 * chance to contend for the wireless medium.
1636 */
1637 tid = WME_AC_TO_TID(M_WME_GETAC(m0));
1638 if (ic->ic_opmode == IEEE80211_M_STA && (ni->ni_txseqs[tid] & 7))
1639 flags |= RT2661_TX_IFS_SIFS;
1640
1641 /*
1642 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange
1643 * for directed frames only when the length of the MPDU is greater
1644 * than the length threshold indicated by" ic_rtsthreshold.
1645 *
1646 * IEEE Std 802.11-2003g, pp 13: "ERP STAs shall use protection
1647 * mechanism (such as RTS/CTS or CTS-to-self) for ERP-OFDM MPDUs of
1648 * type Data or an MMPDU".
1649 */
1650 useprot = !IEEE80211_IS_MULTICAST(wh->i_addr1) &&
1651 (m0->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold ||
1652 ((ic->ic_flags & IEEE80211_F_USEPROT) && RAL_RATE_IS_OFDM(rate)));
1653 if (useprot) {
1654 struct mbuf *m;
1655 int rtsrate, ackrate;
1656
1657 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
1658 ackrate = rt2661_ack_rate(ic, rate);
1659
1660 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) +
1661 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) +
1662 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) +
1663 3 * sc->sifs;
1664
1665 m = rt2661_get_rts(sc, wh, dur);
1666 if (m == NULL) {
1667 aprint_error_dev(&sc->sc_dev, "could not allocate RTS "
1668 "frame\n");
1669 m_freem(m0);
1670 return ENOBUFS;
1671 }
1672
1673 desc = &txq->desc[txq->cur];
1674 data = &txq->data[txq->cur];
1675
1676 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m,
1677 BUS_DMA_NOWAIT);
1678 if (error != 0) {
1679 aprint_error_dev(&sc->sc_dev, "could not map mbuf (error %d)\n", error);
1680 m_freem(m);
1681 m_freem(m0);
1682 return error;
1683 }
1684
1685 /* avoid multiple free() of the same node for each fragment */
1686 ieee80211_ref_node(ni);
1687
1688 data->m = m;
1689 data->ni = ni;
1690
1691 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK |
1692 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate,
1693 data->map->dm_segs, data->map->dm_nsegs, ac);
1694
1695 bus_dmamap_sync(sc->sc_dmat, data->map, 0,
1696 data->map->dm_mapsize, BUS_DMASYNC_PREWRITE);
1697 bus_dmamap_sync(sc->sc_dmat, txq->map,
1698 txq->cur * RT2661_TX_DESC_SIZE, RT2661_TX_DESC_SIZE,
1699 BUS_DMASYNC_PREWRITE);
1700
1701 txq->queued++;
1702 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT;
1703
1704 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS_SIFS;
1705 }
1706
1707 data = &txq->data[txq->cur];
1708 desc = &txq->desc[txq->cur];
1709
1710 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0,
1711 BUS_DMA_NOWAIT);
1712 if (error != 0 && error != EFBIG) {
1713 aprint_error_dev(&sc->sc_dev, "could not map mbuf (error %d)\n",
1714 error);
1715 m_freem(m0);
1716 return error;
1717 }
1718 if (error != 0) {
1719 /* too many fragments, linearize */
1720
1721 MGETHDR(mnew, M_DONTWAIT, MT_DATA);
1722 if (mnew == NULL) {
1723 m_freem(m0);
1724 return ENOMEM;
1725 }
1726
1727 M_COPY_PKTHDR(mnew, m0);
1728 if (m0->m_pkthdr.len > MHLEN) {
1729 MCLGET(mnew, M_DONTWAIT);
1730 if (!(mnew->m_flags & M_EXT)) {
1731 m_freem(m0);
1732 m_freem(mnew);
1733 return ENOMEM;
1734 }
1735 }
1736
1737 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, void *));
1738 m_freem(m0);
1739 mnew->m_len = mnew->m_pkthdr.len;
1740 m0 = mnew;
1741
1742 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0,
1743 BUS_DMA_NOWAIT);
1744 if (error != 0) {
1745 aprint_error_dev(&sc->sc_dev, "could not map mbuf (error %d)\n", error);
1746 m_freem(m0);
1747 return error;
1748 }
1749
1750 /* packet header have moved, reset our local pointer */
1751 wh = mtod(m0, struct ieee80211_frame *);
1752 }
1753
1754 #if NBPFILTER > 0
1755 if (sc->sc_drvbpf != NULL) {
1756 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap;
1757
1758 tap->wt_flags = 0;
1759 tap->wt_rate = rate;
1760 tap->wt_chan_freq = htole16(sc->sc_curchan->ic_freq);
1761 tap->wt_chan_flags = htole16(sc->sc_curchan->ic_flags);
1762
1763 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0);
1764 }
1765 #endif
1766
1767 data->m = m0;
1768 data->ni = ni;
1769
1770 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1771 flags |= RT2661_TX_NEED_ACK;
1772
1773 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate),
1774 ic->ic_flags) + sc->sifs;
1775 *(uint16_t *)wh->i_dur = htole16(dur);
1776 }
1777
1778 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate,
1779 data->map->dm_segs, data->map->dm_nsegs, ac);
1780
1781 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize,
1782 BUS_DMASYNC_PREWRITE);
1783 bus_dmamap_sync(sc->sc_dmat, txq->map, txq->cur * RT2661_TX_DESC_SIZE,
1784 RT2661_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE);
1785
1786 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n",
1787 m0->m_pkthdr.len, txq->cur, rate));
1788
1789 /* kick Tx */
1790 txq->queued++;
1791 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT;
1792 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1);
1793
1794 return 0;
1795 }
1796
1797 static void
1798 rt2661_start(struct ifnet *ifp)
1799 {
1800 struct rt2661_softc *sc = ifp->if_softc;
1801 struct ieee80211com *ic = &sc->sc_ic;
1802 struct mbuf *m0;
1803 struct ether_header *eh;
1804 struct ieee80211_node *ni = NULL;
1805
1806 /*
1807 * net80211 may still try to send management frames even if the
1808 * IFF_RUNNING flag is not set...
1809 */
1810 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING)
1811 return;
1812
1813 for (;;) {
1814 IF_POLL(&ic->ic_mgtq, m0);
1815 if (m0 != NULL) {
1816 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) {
1817 ifp->if_flags |= IFF_OACTIVE;
1818 break;
1819 }
1820 IF_DEQUEUE(&ic->ic_mgtq, m0);
1821 if (m0 == NULL)
1822 break;
1823
1824 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif;
1825 m0->m_pkthdr.rcvif = NULL;
1826 #if NBPFILTER > 0
1827 if (ic->ic_rawbpf != NULL)
1828 bpf_mtap(ic->ic_rawbpf, m0);
1829 #endif
1830 if (rt2661_tx_mgt(sc, m0, ni) != 0)
1831 break;
1832
1833 } else {
1834 IF_POLL(&ifp->if_snd, m0);
1835 if (m0 == NULL || ic->ic_state != IEEE80211_S_RUN)
1836 break;
1837
1838 if (sc->txq[0].queued >= RT2661_TX_RING_COUNT - 1) {
1839 /* there is no place left in this ring */
1840 ifp->if_flags |= IFF_OACTIVE;
1841 break;
1842 }
1843
1844 IFQ_DEQUEUE(&ifp->if_snd, m0);
1845
1846 if (m0->m_len < sizeof (struct ether_header) &&
1847 !(m0 = m_pullup(m0, sizeof (struct ether_header))))
1848 continue;
1849
1850 eh = mtod(m0, struct ether_header *);
1851 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1852 if (ni == NULL) {
1853 m_freem(m0);
1854 ifp->if_oerrors++;
1855 continue;
1856 }
1857
1858 #if NBPFILTER > 0
1859 if (ifp->if_bpf != NULL)
1860 bpf_mtap(ifp->if_bpf, m0);
1861 #endif
1862 m0 = ieee80211_encap(ic, m0, ni);
1863 if (m0 == NULL) {
1864 ieee80211_free_node(ni);
1865 ifp->if_oerrors++;
1866 continue;
1867 }
1868 #if NBPFILTER > 0
1869 if (ic->ic_rawbpf != NULL)
1870 bpf_mtap(ic->ic_rawbpf, m0);
1871 #endif
1872 if (rt2661_tx_data(sc, m0, ni, 0) != 0) {
1873 if (ni != NULL)
1874 ieee80211_free_node(ni);
1875 ifp->if_oerrors++;
1876 break;
1877 }
1878 }
1879
1880 sc->sc_tx_timer = 5;
1881 ifp->if_timer = 1;
1882 }
1883 }
1884
1885 static void
1886 rt2661_watchdog(struct ifnet *ifp)
1887 {
1888 struct rt2661_softc *sc = ifp->if_softc;
1889
1890 ifp->if_timer = 0;
1891
1892 if (sc->sc_tx_timer > 0) {
1893 if (--sc->sc_tx_timer == 0) {
1894 aprint_error_dev(&sc->sc_dev, "device timeout\n");
1895 rt2661_init(ifp);
1896 ifp->if_oerrors++;
1897 return;
1898 }
1899 ifp->if_timer = 1;
1900 }
1901
1902 ieee80211_watchdog(&sc->sc_ic);
1903 }
1904
1905 /*
1906 * This function allows for fast channel switching in monitor mode (used by
1907 * kismet). In IBSS mode, we must explicitly reset the interface to
1908 * generate a new beacon frame.
1909 */
1910 static int
1911 rt2661_reset(struct ifnet *ifp)
1912 {
1913 struct rt2661_softc *sc = ifp->if_softc;
1914 struct ieee80211com *ic = &sc->sc_ic;
1915
1916 if (ic->ic_opmode != IEEE80211_M_MONITOR)
1917 return ENETRESET;
1918
1919 rt2661_set_chan(sc, ic->ic_curchan);
1920
1921 return 0;
1922 }
1923
1924 static int
1925 rt2661_ioctl(struct ifnet *ifp, u_long cmd, void *data)
1926 {
1927 struct rt2661_softc *sc = ifp->if_softc;
1928 struct ieee80211com *ic = &sc->sc_ic;
1929 int s, error = 0;
1930
1931 s = splnet();
1932
1933 switch (cmd) {
1934 case SIOCSIFFLAGS:
1935 if ((error = ifioctl_common(ifp, cmd, data)) != 0)
1936 break;
1937 if (ifp->if_flags & IFF_UP) {
1938 if (ifp->if_flags & IFF_RUNNING)
1939 rt2661_update_promisc(sc);
1940 else
1941 rt2661_init(ifp);
1942 } else {
1943 if (ifp->if_flags & IFF_RUNNING)
1944 rt2661_stop(ifp, 1);
1945 }
1946 break;
1947
1948 case SIOCADDMULTI:
1949 case SIOCDELMULTI:
1950 /* XXX no h/w multicast filter? --dyoung */
1951 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET)
1952 error = 0;
1953 break;
1954
1955 case SIOCS80211CHANNEL:
1956 /*
1957 * This allows for fast channel switching in monitor mode
1958 * (used by kismet). In IBSS mode, we must explicitly reset
1959 * the interface to generate a new beacon frame.
1960 */
1961 error = ieee80211_ioctl(ic, cmd, data);
1962 if (error == ENETRESET &&
1963 ic->ic_opmode == IEEE80211_M_MONITOR) {
1964 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
1965 (IFF_UP | IFF_RUNNING))
1966 rt2661_set_chan(sc, ic->ic_ibss_chan);
1967 error = 0;
1968 }
1969 break;
1970
1971 default:
1972 error = ieee80211_ioctl(ic, cmd, data);
1973
1974 }
1975
1976 if (error == ENETRESET) {
1977 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
1978 (IFF_UP | IFF_RUNNING))
1979 rt2661_init(ifp);
1980 error = 0;
1981 }
1982
1983 splx(s);
1984
1985 return error;
1986 }
1987
1988 static void
1989 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val)
1990 {
1991 uint32_t tmp;
1992 int ntries;
1993
1994 for (ntries = 0; ntries < 100; ntries++) {
1995 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY))
1996 break;
1997 DELAY(1);
1998 }
1999 if (ntries == 100) {
2000 aprint_error_dev(&sc->sc_dev, "could not write to BBP\n");
2001 return;
2002 }
2003
2004 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val;
2005 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp);
2006
2007 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val));
2008 }
2009
2010 static uint8_t
2011 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg)
2012 {
2013 uint32_t val;
2014 int ntries;
2015
2016 for (ntries = 0; ntries < 100; ntries++) {
2017 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY))
2018 break;
2019 DELAY(1);
2020 }
2021 if (ntries == 100) {
2022 aprint_error_dev(&sc->sc_dev, "could not read from BBP\n");
2023 return 0;
2024 }
2025
2026 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8;
2027 RAL_WRITE(sc, RT2661_PHY_CSR3, val);
2028
2029 for (ntries = 0; ntries < 100; ntries++) {
2030 val = RAL_READ(sc, RT2661_PHY_CSR3);
2031 if (!(val & RT2661_BBP_BUSY))
2032 return val & 0xff;
2033 DELAY(1);
2034 }
2035
2036 aprint_error_dev(&sc->sc_dev, "could not read from BBP\n");
2037 return 0;
2038 }
2039
2040 static void
2041 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val)
2042 {
2043 uint32_t tmp;
2044 int ntries;
2045
2046 for (ntries = 0; ntries < 100; ntries++) {
2047 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY))
2048 break;
2049 DELAY(1);
2050 }
2051 if (ntries == 100) {
2052 aprint_error_dev(&sc->sc_dev, "could not write to RF\n");
2053 return;
2054 }
2055 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 |
2056 (reg & 3);
2057 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp);
2058
2059 /* remember last written value in sc */
2060 sc->rf_regs[reg] = val;
2061
2062 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff));
2063 }
2064
2065 static int
2066 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg)
2067 {
2068 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY)
2069 return EIO; /* there is already a command pending */
2070
2071 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR,
2072 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg);
2073
2074 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd);
2075
2076 return 0;
2077 }
2078
2079 static void
2080 rt2661_select_antenna(struct rt2661_softc *sc)
2081 {
2082 uint8_t bbp4, bbp77;
2083 uint32_t tmp;
2084
2085 bbp4 = rt2661_bbp_read(sc, 4);
2086 bbp77 = rt2661_bbp_read(sc, 77);
2087
2088 /* TBD */
2089
2090 /* make sure Rx is disabled before switching antenna */
2091 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2092 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2093
2094 rt2661_bbp_write(sc, 4, bbp4);
2095 rt2661_bbp_write(sc, 77, bbp77);
2096
2097 /* restore Rx filter */
2098 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2099 }
2100
2101 /*
2102 * Enable multi-rate retries for frames sent at OFDM rates.
2103 * In 802.11b/g mode, allow fallback to CCK rates.
2104 */
2105 static void
2106 rt2661_enable_mrr(struct rt2661_softc *sc)
2107 {
2108 struct ieee80211com *ic = &sc->sc_ic;
2109 uint32_t tmp;
2110
2111 tmp = RAL_READ(sc, RT2661_TXRX_CSR4);
2112
2113 tmp &= ~RT2661_MRR_CCK_FALLBACK;
2114 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan))
2115 tmp |= RT2661_MRR_CCK_FALLBACK;
2116 tmp |= RT2661_MRR_ENABLED;
2117
2118 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp);
2119 }
2120
2121 static void
2122 rt2661_set_txpreamble(struct rt2661_softc *sc)
2123 {
2124 uint32_t tmp;
2125
2126 tmp = RAL_READ(sc, RT2661_TXRX_CSR4);
2127
2128 tmp &= ~RT2661_SHORT_PREAMBLE;
2129 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
2130 tmp |= RT2661_SHORT_PREAMBLE;
2131
2132 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp);
2133 }
2134
2135 static void
2136 rt2661_set_basicrates(struct rt2661_softc *sc,
2137 const struct ieee80211_rateset *rs)
2138 {
2139 #define RV(r) ((r) & IEEE80211_RATE_VAL)
2140 uint32_t mask = 0;
2141 uint8_t rate;
2142 int i, j;
2143
2144 for (i = 0; i < rs->rs_nrates; i++) {
2145 rate = rs->rs_rates[i];
2146
2147 if (!(rate & IEEE80211_RATE_BASIC))
2148 continue;
2149
2150 /*
2151 * Find h/w rate index. We know it exists because the rate
2152 * set has already been negotiated.
2153 */
2154 for (j = 0; rt2661_rateset_11g.rs_rates[j] != RV(rate); j++);
2155
2156 mask |= 1 << j;
2157 }
2158
2159 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask);
2160
2161 DPRINTF(("Setting basic rate mask to 0x%x\n", mask));
2162 #undef RV
2163 }
2164
2165 /*
2166 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference
2167 * driver.
2168 */
2169 static void
2170 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c)
2171 {
2172 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104;
2173 uint32_t tmp;
2174
2175 /* update all BBP registers that depend on the band */
2176 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c;
2177 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48;
2178 if (IEEE80211_IS_CHAN_5GHZ(c)) {
2179 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c;
2180 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10;
2181 }
2182 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
2183 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
2184 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10;
2185 }
2186
2187 sc->bbp17 = bbp17;
2188 rt2661_bbp_write(sc, 17, bbp17);
2189 rt2661_bbp_write(sc, 96, bbp96);
2190 rt2661_bbp_write(sc, 104, bbp104);
2191
2192 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
2193 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
2194 rt2661_bbp_write(sc, 75, 0x80);
2195 rt2661_bbp_write(sc, 86, 0x80);
2196 rt2661_bbp_write(sc, 88, 0x80);
2197 }
2198
2199 rt2661_bbp_write(sc, 35, bbp35);
2200 rt2661_bbp_write(sc, 97, bbp97);
2201 rt2661_bbp_write(sc, 98, bbp98);
2202
2203 tmp = RAL_READ(sc, RT2661_PHY_CSR0);
2204 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ);
2205 if (IEEE80211_IS_CHAN_2GHZ(c))
2206 tmp |= RT2661_PA_PE_2GHZ;
2207 else
2208 tmp |= RT2661_PA_PE_5GHZ;
2209 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp);
2210
2211 /* 802.11a uses a 16 microseconds short interframe space */
2212 sc->sifs = IEEE80211_IS_CHAN_5GHZ(c) ? 16 : 10;
2213 }
2214
2215 static void
2216 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c)
2217 {
2218 struct ieee80211com *ic = &sc->sc_ic;
2219 const struct rfprog *rfprog;
2220 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT;
2221 int8_t power;
2222 u_int i, chan;
2223
2224 chan = ieee80211_chan2ieee(ic, c);
2225 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
2226 return;
2227
2228 /* select the appropriate RF settings based on what EEPROM says */
2229 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2;
2230
2231 /* find the settings for this channel (we know it exists) */
2232 for (i = 0; rfprog[i].chan != chan; i++);
2233
2234 power = sc->txpow[i];
2235 if (power < 0) {
2236 bbp94 += power;
2237 power = 0;
2238 } else if (power > 31) {
2239 bbp94 += power - 31;
2240 power = 31;
2241 }
2242
2243 /*
2244 * If we've yet to select a channel, or we are switching from the
2245 * 2GHz band to the 5GHz band or vice-versa, BBP registers need to
2246 * be reprogrammed.
2247 */
2248 if (sc->sc_curchan == NULL || c->ic_flags != sc->sc_curchan->ic_flags) {
2249 rt2661_select_band(sc, c);
2250 rt2661_select_antenna(sc);
2251 }
2252 sc->sc_curchan = c;
2253
2254 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2255 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2256 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7);
2257 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2258
2259 DELAY(200);
2260
2261 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2262 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2263 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1);
2264 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2265
2266 DELAY(200);
2267
2268 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2269 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2270 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7);
2271 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2272
2273 /* enable smart mode for MIMO-capable RFs */
2274 bbp3 = rt2661_bbp_read(sc, 3);
2275
2276 bbp3 &= ~RT2661_SMART_MODE;
2277 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529)
2278 bbp3 |= RT2661_SMART_MODE;
2279
2280 rt2661_bbp_write(sc, 3, bbp3);
2281
2282 if (bbp94 != RT2661_BBPR94_DEFAULT)
2283 rt2661_bbp_write(sc, 94, bbp94);
2284
2285 /* 5GHz radio needs a 1ms delay here */
2286 if (IEEE80211_IS_CHAN_5GHZ(c))
2287 DELAY(1000);
2288 }
2289
2290 static void
2291 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid)
2292 {
2293 uint32_t tmp;
2294
2295 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24;
2296 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp);
2297
2298 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16;
2299 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp);
2300 }
2301
2302 static void
2303 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr)
2304 {
2305 uint32_t tmp;
2306
2307 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24;
2308 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp);
2309
2310 tmp = addr[4] | addr[5] << 8 | 0xff << 16;
2311 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp);
2312 }
2313
2314 static void
2315 rt2661_update_promisc(struct rt2661_softc *sc)
2316 {
2317 struct ifnet *ifp = sc->sc_ic.ic_ifp;
2318 uint32_t tmp;
2319
2320 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2321
2322 tmp &= ~RT2661_DROP_NOT_TO_ME;
2323 if (!(ifp->if_flags & IFF_PROMISC))
2324 tmp |= RT2661_DROP_NOT_TO_ME;
2325
2326 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2327
2328 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
2329 "entering" : "leaving"));
2330 }
2331
2332 #if 0
2333 /*
2334 * Update QoS (802.11e) settings for each h/w Tx ring.
2335 */
2336 static int
2337 rt2661_wme_update(struct ieee80211com *ic)
2338 {
2339 struct rt2661_softc *sc = ic->ic_ifp->if_softc;
2340 const struct wmeParams *wmep;
2341
2342 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams;
2343
2344 /* XXX: not sure about shifts. */
2345 /* XXX: the reference driver plays with AC_VI settings too. */
2346
2347 /* update TxOp */
2348 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0,
2349 wmep[WME_AC_BE].wmep_txopLimit << 16 |
2350 wmep[WME_AC_BK].wmep_txopLimit);
2351 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1,
2352 wmep[WME_AC_VI].wmep_txopLimit << 16 |
2353 wmep[WME_AC_VO].wmep_txopLimit);
2354
2355 /* update CWmin */
2356 RAL_WRITE(sc, RT2661_CWMIN_CSR,
2357 wmep[WME_AC_BE].wmep_logcwmin << 12 |
2358 wmep[WME_AC_BK].wmep_logcwmin << 8 |
2359 wmep[WME_AC_VI].wmep_logcwmin << 4 |
2360 wmep[WME_AC_VO].wmep_logcwmin);
2361
2362 /* update CWmax */
2363 RAL_WRITE(sc, RT2661_CWMAX_CSR,
2364 wmep[WME_AC_BE].wmep_logcwmax << 12 |
2365 wmep[WME_AC_BK].wmep_logcwmax << 8 |
2366 wmep[WME_AC_VI].wmep_logcwmax << 4 |
2367 wmep[WME_AC_VO].wmep_logcwmax);
2368
2369 /* update Aifsn */
2370 RAL_WRITE(sc, RT2661_AIFSN_CSR,
2371 wmep[WME_AC_BE].wmep_aifsn << 12 |
2372 wmep[WME_AC_BK].wmep_aifsn << 8 |
2373 wmep[WME_AC_VI].wmep_aifsn << 4 |
2374 wmep[WME_AC_VO].wmep_aifsn);
2375
2376 return 0;
2377 }
2378 #endif
2379
2380 static void
2381 rt2661_updateslot(struct ifnet *ifp)
2382 {
2383 struct rt2661_softc *sc = ifp->if_softc;
2384 struct ieee80211com *ic = &sc->sc_ic;
2385
2386 if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
2387 /*
2388 * In HostAP mode, we defer setting of new slot time until
2389 * updated ERP Information Element has propagated to all
2390 * associated STAs.
2391 */
2392 sc->sc_flags |= RT2661_UPDATE_SLOT;
2393 } else
2394 rt2661_set_slottime(sc);
2395 }
2396
2397 static void
2398 rt2661_set_slottime(struct rt2661_softc *sc)
2399 {
2400 struct ieee80211com *ic = &sc->sc_ic;
2401 uint8_t slottime;
2402 uint32_t tmp;
2403
2404 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
2405
2406 tmp = RAL_READ(sc, RT2661_MAC_CSR9);
2407 tmp = (tmp & ~0xff) | slottime;
2408 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp);
2409
2410 DPRINTF(("setting slot time to %uus\n", slottime));
2411 }
2412
2413 static const char *
2414 rt2661_get_rf(int rev)
2415 {
2416 switch (rev) {
2417 case RT2661_RF_5225: return "RT5225";
2418 case RT2661_RF_5325: return "RT5325 (MIMO XR)";
2419 case RT2661_RF_2527: return "RT2527";
2420 case RT2661_RF_2529: return "RT2529 (MIMO XR)";
2421 default: return "unknown";
2422 }
2423 }
2424
2425 static void
2426 rt2661_read_eeprom(struct rt2661_softc *sc)
2427 {
2428 struct ieee80211com *ic = &sc->sc_ic;
2429 uint16_t val;
2430 int i;
2431
2432 /* read MAC address */
2433 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01);
2434 ic->ic_myaddr[0] = val & 0xff;
2435 ic->ic_myaddr[1] = val >> 8;
2436
2437 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23);
2438 ic->ic_myaddr[2] = val & 0xff;
2439 ic->ic_myaddr[3] = val >> 8;
2440
2441 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45);
2442 ic->ic_myaddr[4] = val & 0xff;
2443 ic->ic_myaddr[5] = val >> 8;
2444
2445 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA);
2446 /* XXX: test if different from 0xffff? */
2447 sc->rf_rev = (val >> 11) & 0x1f;
2448 sc->hw_radio = (val >> 10) & 0x1;
2449 sc->rx_ant = (val >> 4) & 0x3;
2450 sc->tx_ant = (val >> 2) & 0x3;
2451 sc->nb_ant = val & 0x3;
2452
2453 DPRINTF(("RF revision=%d\n", sc->rf_rev));
2454
2455 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2);
2456 sc->ext_5ghz_lna = (val >> 6) & 0x1;
2457 sc->ext_2ghz_lna = (val >> 4) & 0x1;
2458
2459 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n",
2460 sc->ext_2ghz_lna, sc->ext_5ghz_lna));
2461
2462 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET);
2463 if ((val & 0xff) != 0xff)
2464 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */
2465
2466 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET);
2467 if ((val & 0xff) != 0xff)
2468 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */
2469
2470 /* adjust RSSI correction for external low-noise amplifier */
2471 if (sc->ext_2ghz_lna)
2472 sc->rssi_2ghz_corr -= 14;
2473 if (sc->ext_5ghz_lna)
2474 sc->rssi_5ghz_corr -= 14;
2475
2476 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n",
2477 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr));
2478
2479 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET);
2480 if ((val >> 8) != 0xff)
2481 sc->rfprog = (val >> 8) & 0x3;
2482 if ((val & 0xff) != 0xff)
2483 sc->rffreq = val & 0xff;
2484
2485 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq));
2486
2487 /* read Tx power for all a/b/g channels */
2488 for (i = 0; i < 19; i++) {
2489 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i);
2490 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */
2491 DPRINTF(("Channel=%d Tx power=%d\n",
2492 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2]));
2493 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */
2494 DPRINTF(("Channel=%d Tx power=%d\n",
2495 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1]));
2496 }
2497
2498 /* read vendor-specific BBP values */
2499 for (i = 0; i < 16; i++) {
2500 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i);
2501 if (val == 0 || val == 0xffff)
2502 continue; /* skip invalid entries */
2503 sc->bbp_prom[i].reg = val >> 8;
2504 sc->bbp_prom[i].val = val & 0xff;
2505 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg,
2506 sc->bbp_prom[i].val));
2507 }
2508 }
2509
2510 static int
2511 rt2661_bbp_init(struct rt2661_softc *sc)
2512 {
2513 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2514 int i, ntries;
2515 uint8_t val;
2516
2517 /* wait for BBP to be ready */
2518 for (ntries = 0; ntries < 100; ntries++) {
2519 val = rt2661_bbp_read(sc, 0);
2520 if (val != 0 && val != 0xff)
2521 break;
2522 DELAY(100);
2523 }
2524 if (ntries == 100) {
2525 aprint_error_dev(&sc->sc_dev, "timeout waiting for BBP\n");
2526 return EIO;
2527 }
2528
2529 /* initialize BBP registers to default values */
2530 for (i = 0; i < N(rt2661_def_bbp); i++) {
2531 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg,
2532 rt2661_def_bbp[i].val);
2533 }
2534
2535 /* write vendor-specific BBP values (from EEPROM) */
2536 for (i = 0; i < 16; i++) {
2537 if (sc->bbp_prom[i].reg == 0)
2538 continue;
2539 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val);
2540 }
2541
2542 return 0;
2543 #undef N
2544 }
2545
2546 static int
2547 rt2661_init(struct ifnet *ifp)
2548 {
2549 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2550 struct rt2661_softc *sc = ifp->if_softc;
2551 struct ieee80211com *ic = &sc->sc_ic;
2552 const char *name = NULL; /* make lint happy */
2553 uint8_t *ucode;
2554 size_t size;
2555 uint32_t tmp, star[3];
2556 int i, ntries;
2557 firmware_handle_t fh;
2558
2559 /* for CardBus, power on the socket */
2560 if (!(sc->sc_flags & RT2661_ENABLED)) {
2561 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) {
2562 aprint_error_dev(&sc->sc_dev, "could not enable device\n");
2563 return EIO;
2564 }
2565 sc->sc_flags |= RT2661_ENABLED;
2566 }
2567
2568 rt2661_stop(ifp, 0);
2569
2570 if (!(sc->sc_flags & RT2661_FWLOADED)) {
2571 switch (sc->sc_id) {
2572 case PCI_PRODUCT_RALINK_RT2561:
2573 name = "ral-rt2561";
2574 break;
2575 case PCI_PRODUCT_RALINK_RT2561S:
2576 name = "ral-rt2561s";
2577 break;
2578 case PCI_PRODUCT_RALINK_RT2661:
2579 name = "ral-rt2661";
2580 break;
2581 }
2582
2583 if (firmware_open("ral", name, &fh) != 0) {
2584 aprint_error_dev(&sc->sc_dev, "could not open microcode %s\n", name);
2585 rt2661_stop(ifp, 1);
2586 return EIO;
2587 }
2588
2589 size = firmware_get_size(fh);
2590 if (!(ucode = firmware_malloc(size))) {
2591 aprint_error_dev(&sc->sc_dev, "could not alloc microcode memory\n");
2592 firmware_close(fh);
2593 rt2661_stop(ifp, 1);
2594 return ENOMEM;
2595 }
2596
2597 if (firmware_read(fh, 0, ucode, size) != 0) {
2598 aprint_error_dev(&sc->sc_dev, "could not read microcode %s\n", name);
2599 firmware_free(ucode, 0);
2600 firmware_close(fh);
2601 rt2661_stop(ifp, 1);
2602 return EIO;
2603 }
2604
2605 if (rt2661_load_microcode(sc, ucode, size) != 0) {
2606 aprint_error_dev(&sc->sc_dev, "could not load 8051 microcode\n");
2607 firmware_free(ucode, 0);
2608 firmware_close(fh);
2609 rt2661_stop(ifp, 1);
2610 return EIO;
2611 }
2612
2613 firmware_free(ucode, 0);
2614 firmware_close(fh);
2615 sc->sc_flags |= RT2661_FWLOADED;
2616 }
2617
2618 /* initialize Tx rings */
2619 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr);
2620 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr);
2621 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr);
2622 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr);
2623
2624 /* initialize Mgt ring */
2625 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr);
2626
2627 /* initialize Rx ring */
2628 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr);
2629
2630 /* initialize Tx rings sizes */
2631 RAL_WRITE(sc, RT2661_TX_RING_CSR0,
2632 RT2661_TX_RING_COUNT << 24 |
2633 RT2661_TX_RING_COUNT << 16 |
2634 RT2661_TX_RING_COUNT << 8 |
2635 RT2661_TX_RING_COUNT);
2636
2637 RAL_WRITE(sc, RT2661_TX_RING_CSR1,
2638 RT2661_TX_DESC_WSIZE << 16 |
2639 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */
2640 RT2661_MGT_RING_COUNT);
2641
2642 /* initialize Rx rings */
2643 RAL_WRITE(sc, RT2661_RX_RING_CSR,
2644 RT2661_RX_DESC_BACK << 16 |
2645 RT2661_RX_DESC_WSIZE << 8 |
2646 RT2661_RX_RING_COUNT);
2647
2648 /* XXX: some magic here */
2649 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa);
2650
2651 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */
2652 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f);
2653
2654 /* load base address of Rx ring */
2655 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2);
2656
2657 /* initialize MAC registers to default values */
2658 for (i = 0; i < N(rt2661_def_mac); i++)
2659 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val);
2660
2661 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl));
2662 rt2661_set_macaddr(sc, ic->ic_myaddr);
2663
2664 /* set host ready */
2665 RAL_WRITE(sc, RT2661_MAC_CSR1, 3);
2666 RAL_WRITE(sc, RT2661_MAC_CSR1, 0);
2667
2668 /* wait for BBP/RF to wakeup */
2669 for (ntries = 0; ntries < 1000; ntries++) {
2670 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8)
2671 break;
2672 DELAY(1000);
2673 }
2674 if (ntries == 1000) {
2675 printf("timeout waiting for BBP/RF to wakeup\n");
2676 rt2661_stop(ifp, 1);
2677 return EIO;
2678 }
2679
2680 if (rt2661_bbp_init(sc) != 0) {
2681 rt2661_stop(ifp, 1);
2682 return EIO;
2683 }
2684
2685 /* select default channel */
2686 sc->sc_curchan = ic->ic_curchan;
2687 rt2661_select_band(sc, sc->sc_curchan);
2688 rt2661_select_antenna(sc);
2689 rt2661_set_chan(sc, sc->sc_curchan);
2690
2691 /* update Rx filter */
2692 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff;
2693
2694 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR;
2695 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2696 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR |
2697 RT2661_DROP_ACKCTS;
2698 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
2699 tmp |= RT2661_DROP_TODS;
2700 if (!(ifp->if_flags & IFF_PROMISC))
2701 tmp |= RT2661_DROP_NOT_TO_ME;
2702 }
2703
2704 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2705
2706 /* clear STA registers */
2707 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, star, N(star));
2708
2709 /* initialize ASIC */
2710 RAL_WRITE(sc, RT2661_MAC_CSR1, 4);
2711
2712 /* clear any pending interrupt */
2713 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff);
2714
2715 /* enable interrupts */
2716 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10);
2717 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0);
2718
2719 /* kick Rx */
2720 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1);
2721
2722 ifp->if_flags &= ~IFF_OACTIVE;
2723 ifp->if_flags |= IFF_RUNNING;
2724
2725 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2726 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
2727 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2728 } else
2729 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2730
2731 return 0;
2732 #undef N
2733 }
2734
2735 static void
2736 rt2661_stop(struct ifnet *ifp, int disable)
2737 {
2738 struct rt2661_softc *sc = ifp->if_softc;
2739 struct ieee80211com *ic = &sc->sc_ic;
2740 uint32_t tmp;
2741
2742 sc->sc_tx_timer = 0;
2743 ifp->if_timer = 0;
2744 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
2745
2746 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */
2747
2748 /* abort Tx (for all 5 Tx rings) */
2749 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16);
2750
2751 /* disable Rx (value remains after reset!) */
2752 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2753 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2754
2755 /* reset ASIC */
2756 RAL_WRITE(sc, RT2661_MAC_CSR1, 3);
2757 RAL_WRITE(sc, RT2661_MAC_CSR1, 0);
2758
2759 /* disable interrupts */
2760 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f);
2761 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff);
2762
2763 /* clear any pending interrupt */
2764 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff);
2765 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff);
2766
2767 /* reset Tx and Rx rings */
2768 rt2661_reset_tx_ring(sc, &sc->txq[0]);
2769 rt2661_reset_tx_ring(sc, &sc->txq[1]);
2770 rt2661_reset_tx_ring(sc, &sc->txq[2]);
2771 rt2661_reset_tx_ring(sc, &sc->txq[3]);
2772 rt2661_reset_tx_ring(sc, &sc->mgtq);
2773 rt2661_reset_rx_ring(sc, &sc->rxq);
2774
2775 /* for CardBus, power down the socket */
2776 if (disable && sc->sc_disable != NULL) {
2777 if (sc->sc_flags & RT2661_ENABLED) {
2778 (*sc->sc_disable)(sc);
2779 sc->sc_flags &= ~(RT2661_ENABLED | RT2661_FWLOADED);
2780 }
2781 }
2782 }
2783
2784 static int
2785 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size)
2786 {
2787 int ntries;
2788
2789 /* reset 8051 */
2790 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET);
2791
2792 /* cancel any pending Host to MCU command */
2793 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0);
2794 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff);
2795 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0);
2796
2797 /* write 8051's microcode */
2798 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL);
2799 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size);
2800 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET);
2801
2802 /* kick 8051's ass */
2803 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0);
2804
2805 /* wait for 8051 to initialize */
2806 for (ntries = 0; ntries < 500; ntries++) {
2807 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY)
2808 break;
2809 DELAY(100);
2810 }
2811 if (ntries == 500) {
2812 printf("timeout waiting for MCU to initialize\n");
2813 return EIO;
2814 }
2815 return 0;
2816 }
2817
2818 /*
2819 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and
2820 * false CCA count. This function is called periodically (every seconds) when
2821 * in the RUN state. Values taken from the reference driver.
2822 */
2823 static void
2824 rt2661_rx_tune(struct rt2661_softc *sc)
2825 {
2826 uint8_t bbp17;
2827 uint16_t cca;
2828 int lo, hi, dbm;
2829
2830 /*
2831 * Tuning range depends on operating band and on the presence of an
2832 * external low-noise amplifier.
2833 */
2834 lo = 0x20;
2835 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan))
2836 lo += 0x08;
2837 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) ||
2838 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna))
2839 lo += 0x10;
2840 hi = lo + 0x20;
2841
2842 dbm = sc->avg_rssi;
2843 /* retrieve false CCA count since last call (clear on read) */
2844 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff;
2845
2846 DPRINTFN(2, ("RSSI=%ddBm false CCA=%d\n", dbm, cca));
2847
2848 if (dbm < -74) {
2849 /* very bad RSSI, tune using false CCA count */
2850 bbp17 = sc->bbp17; /* current value */
2851
2852 hi -= 2 * (-74 - dbm);
2853 if (hi < lo)
2854 hi = lo;
2855
2856 if (bbp17 > hi)
2857 bbp17 = hi;
2858 else if (cca > 512)
2859 bbp17 = min(bbp17 + 1, hi);
2860 else if (cca < 100)
2861 bbp17 = max(bbp17 - 1, lo);
2862
2863 } else if (dbm < -66) {
2864 bbp17 = lo + 0x08;
2865 } else if (dbm < -58) {
2866 bbp17 = lo + 0x10;
2867 } else if (dbm < -35) {
2868 bbp17 = hi;
2869 } else { /* very good RSSI >= -35dBm */
2870 bbp17 = 0x60; /* very low sensitivity */
2871 }
2872
2873 if (bbp17 != sc->bbp17) {
2874 DPRINTF(("BBP17 %x->%x\n", sc->bbp17, bbp17));
2875 rt2661_bbp_write(sc, 17, bbp17);
2876 sc->bbp17 = bbp17;
2877 }
2878 }
2879
2880 #ifdef notyet
2881 /*
2882 * Enter/Leave radar detection mode.
2883 * This is for 802.11h additional regulatory domains.
2884 */
2885 static void
2886 rt2661_radar_start(struct rt2661_softc *sc)
2887 {
2888 uint32_t tmp;
2889
2890 /* disable Rx */
2891 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2892 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2893
2894 rt2661_bbp_write(sc, 82, 0x20);
2895 rt2661_bbp_write(sc, 83, 0x00);
2896 rt2661_bbp_write(sc, 84, 0x40);
2897
2898 /* save current BBP registers values */
2899 sc->bbp18 = rt2661_bbp_read(sc, 18);
2900 sc->bbp21 = rt2661_bbp_read(sc, 21);
2901 sc->bbp22 = rt2661_bbp_read(sc, 22);
2902 sc->bbp16 = rt2661_bbp_read(sc, 16);
2903 sc->bbp17 = rt2661_bbp_read(sc, 17);
2904 sc->bbp64 = rt2661_bbp_read(sc, 64);
2905
2906 rt2661_bbp_write(sc, 18, 0xff);
2907 rt2661_bbp_write(sc, 21, 0x3f);
2908 rt2661_bbp_write(sc, 22, 0x3f);
2909 rt2661_bbp_write(sc, 16, 0xbd);
2910 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34);
2911 rt2661_bbp_write(sc, 64, 0x21);
2912
2913 /* restore Rx filter */
2914 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2915 }
2916
2917 static int
2918 rt2661_radar_stop(struct rt2661_softc *sc)
2919 {
2920 uint8_t bbp66;
2921
2922 /* read radar detection result */
2923 bbp66 = rt2661_bbp_read(sc, 66);
2924
2925 /* restore BBP registers values */
2926 rt2661_bbp_write(sc, 16, sc->bbp16);
2927 rt2661_bbp_write(sc, 17, sc->bbp17);
2928 rt2661_bbp_write(sc, 18, sc->bbp18);
2929 rt2661_bbp_write(sc, 21, sc->bbp21);
2930 rt2661_bbp_write(sc, 22, sc->bbp22);
2931 rt2661_bbp_write(sc, 64, sc->bbp64);
2932
2933 return bbp66 == 1;
2934 }
2935 #endif
2936
2937 static int
2938 rt2661_prepare_beacon(struct rt2661_softc *sc)
2939 {
2940 struct ieee80211com *ic = &sc->sc_ic;
2941 struct ieee80211_node *ni = ic->ic_bss;
2942 struct rt2661_tx_desc desc;
2943 struct mbuf *m0;
2944 struct ieee80211_beacon_offsets bo;
2945 int rate;
2946
2947 m0 = ieee80211_beacon_alloc(ic, ni, &bo);
2948 if (m0 == NULL) {
2949 aprint_error_dev(&sc->sc_dev, "could not allocate beacon frame\n");
2950 return ENOBUFS;
2951 }
2952
2953 /* send beacons at the lowest available rate */
2954 rate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 2;
2955
2956 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ,
2957 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT);
2958
2959 /* copy the first 24 bytes of Tx descriptor into NIC memory */
2960 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24);
2961
2962 /* copy beacon header and payload into NIC memory */
2963 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24,
2964 mtod(m0, uint8_t *), m0->m_pkthdr.len);
2965
2966 m_freem(m0);
2967
2968 /*
2969 * Store offset of ERP Information Element so that we can update it
2970 * dynamically when the slot time changes.
2971 * XXX: this is ugly since it depends on how net80211 builds beacon
2972 * frames but ieee80211_beacon_alloc() doesn't store offsets for us.
2973 */
2974 if (ic->ic_curmode == IEEE80211_MODE_11G) {
2975 sc->erp_csr =
2976 RT2661_HW_BEACON_BASE0 + 24 +
2977 sizeof (struct ieee80211_frame) +
2978 8 + 2 + 2 + 2 + ni->ni_esslen +
2979 2 + min(ni->ni_rates.rs_nrates, IEEE80211_RATE_SIZE) +
2980 2 + 1 +
2981 ((ic->ic_opmode == IEEE80211_M_IBSS) ? 4 : 6) +
2982 2;
2983 }
2984
2985 return 0;
2986 }
2987
2988 /*
2989 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS
2990 * and HostAP operating modes.
2991 */
2992 static void
2993 rt2661_enable_tsf_sync(struct rt2661_softc *sc)
2994 {
2995 struct ieee80211com *ic = &sc->sc_ic;
2996 uint32_t tmp;
2997
2998 if (ic->ic_opmode != IEEE80211_M_STA) {
2999 /*
3000 * Change default 16ms TBTT adjustment to 8ms.
3001 * Must be done before enabling beacon generation.
3002 */
3003 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8);
3004 }
3005
3006 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000;
3007
3008 /* set beacon interval (in 1/16ms unit) */
3009 tmp |= ic->ic_bss->ni_intval * 16;
3010
3011 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT;
3012 if (ic->ic_opmode == IEEE80211_M_STA)
3013 tmp |= RT2661_TSF_MODE(1);
3014 else
3015 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON;
3016
3017 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp);
3018 }
3019
3020 /*
3021 * Retrieve the "Received Signal Strength Indicator" from the raw values
3022 * contained in Rx descriptors. The computation depends on which band the
3023 * frame was received. Correction values taken from the reference driver.
3024 */
3025 static int
3026 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw)
3027 {
3028 int lna, agc, rssi;
3029
3030 lna = (raw >> 5) & 0x3;
3031 agc = raw & 0x1f;
3032
3033 rssi = 2 * agc;
3034
3035 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) {
3036 rssi += sc->rssi_2ghz_corr;
3037
3038 if (lna == 1)
3039 rssi -= 64;
3040 else if (lna == 2)
3041 rssi -= 74;
3042 else if (lna == 3)
3043 rssi -= 90;
3044 } else {
3045 rssi += sc->rssi_5ghz_corr;
3046
3047 if (lna == 1)
3048 rssi -= 64;
3049 else if (lna == 2)
3050 rssi -= 86;
3051 else if (lna == 3)
3052 rssi -= 100;
3053 }
3054 return rssi;
3055 }
NetBSD on the FriendlyARM MINI2440