3 * Damien Bergamini <damien.bergamini@free.fr>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 * $FreeBSD: src/sys/dev/ral/rt2661.c,v 1.4 2006/03/21 21:15:43 damien Exp $
18 * $DragonFly: src/sys/dev/netif/ral/rt2661.c,v 1.27 2008/01/17 08:56:14 sephe Exp $
22 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver
23 * http://www.ralinktech.com/
26 #include <sys/param.h>
28 #include <sys/endian.h>
29 #include <sys/kernel.h>
30 #include <sys/malloc.h>
32 #include <sys/module.h>
33 #include <sys/queue.h>
35 #include <sys/socket.h>
36 #include <sys/sockio.h>
37 #include <sys/sysctl.h>
38 #include <sys/serialize.h>
42 #include <net/if_arp.h>
43 #include <net/ethernet.h>
44 #include <net/if_dl.h>
45 #include <net/if_media.h>
46 #include <net/ifq_var.h>
48 #include <netproto/802_11/ieee80211_var.h>
49 #include <netproto/802_11/ieee80211_radiotap.h>
50 #include <netproto/802_11/wlan_ratectl/onoe/ieee80211_onoe_param.h>
51 #include <netproto/802_11/wlan_ratectl/sample/ieee80211_sample_param.h>
53 #include <dev/netif/ral/rt2661reg.h>
54 #include <dev/netif/ral/rt2661var.h>
55 #include <dev/netif/ral/rt2661_ucode.h>
58 #define DPRINTF(x) do { if (ral_debug > 0) kprintf x; } while (0)
59 #define DPRINTFN(n, x) do { if (ral_debug >= (n)) kprintf x; } while (0)
61 SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level");
64 #define DPRINTFN(n, x)
67 MALLOC_DEFINE(M_RT2661, "rt2661_ratectl", "rt2661 rate control data");
69 static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int,
71 static void rt2661_dma_map_mbuf(void *, bus_dma_segment_t *, int,
73 static int rt2661_alloc_tx_ring(struct rt2661_softc *,
74 struct rt2661_tx_ring *, int);
75 static void rt2661_reset_tx_ring(struct rt2661_softc *,
76 struct rt2661_tx_ring *);
77 static void rt2661_free_tx_ring(struct rt2661_softc *,
78 struct rt2661_tx_ring *);
79 static int rt2661_alloc_rx_ring(struct rt2661_softc *,
80 struct rt2661_rx_ring *, int);
81 static void rt2661_reset_rx_ring(struct rt2661_softc *,
82 struct rt2661_rx_ring *);
83 static void rt2661_free_rx_ring(struct rt2661_softc *,
84 struct rt2661_rx_ring *);
85 static int rt2661_media_change(struct ifnet *);
86 static void rt2661_next_scan(void *);
87 static int rt2661_newstate(struct ieee80211com *,
88 enum ieee80211_state, int);
89 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t);
90 static void rt2661_rx_intr(struct rt2661_softc *);
91 static void rt2661_tx_intr(struct rt2661_softc *);
92 static void rt2661_tx_dma_intr(struct rt2661_softc *,
93 struct rt2661_tx_ring *);
94 static void rt2661_mcu_beacon_expire(struct rt2661_softc *);
95 static void rt2661_mcu_wakeup(struct rt2661_softc *);
96 static void rt2661_mcu_cmd_intr(struct rt2661_softc *);
97 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *);
98 static uint8_t rt2661_plcp_signal(int);
99 static void rt2661_setup_tx_desc(struct rt2661_softc *,
100 struct rt2661_tx_desc *, uint32_t, uint16_t, int,
101 int, const bus_dma_segment_t *, int, int, int,
102 const struct ieee80211_key *, void *,
103 const struct ieee80211_crypto_iv *);
104 static struct mbuf * rt2661_get_rts(struct rt2661_softc *,
105 struct ieee80211_frame *, uint16_t);
106 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *,
107 struct ieee80211_node *, int);
108 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *,
109 struct ieee80211_node *);
110 static void rt2661_start(struct ifnet *);
111 static void rt2661_watchdog(struct ifnet *);
112 static int rt2661_reset(struct ifnet *);
113 static int rt2661_ioctl(struct ifnet *, u_long, caddr_t,
115 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t,
117 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t);
118 static void rt2661_rf_write(struct rt2661_softc *, uint8_t,
120 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t,
122 static void rt2661_select_antenna(struct rt2661_softc *);
123 static void rt2661_enable_mrr(struct rt2661_softc *);
124 static void rt2661_set_txpreamble(struct rt2661_softc *);
125 static void rt2661_set_ackrates(struct rt2661_softc *,
126 const struct ieee80211_rateset *);
127 static void rt2661_select_band(struct rt2661_softc *,
128 struct ieee80211_channel *);
129 static void rt2661_set_chan(struct rt2661_softc *,
130 struct ieee80211_channel *);
131 static void rt2661_set_bssid(struct rt2661_softc *,
133 static void rt2661_set_macaddr(struct rt2661_softc *,
135 static void rt2661_update_promisc(struct rt2661_softc *);
136 static int rt2661_wme_update(struct ieee80211com *) __unused;
137 static void rt2661_update_slot(struct ifnet *);
138 static const char *rt2661_get_rf(int);
139 static void rt2661_read_config(struct rt2661_softc *);
140 static void rt2661_read_txpower_config(struct rt2661_softc *,
141 uint8_t, int, int *);
142 static int rt2661_bbp_init(struct rt2661_softc *);
143 static void rt2661_init(void *);
144 static void rt2661_stop(void *);
145 static void rt2661_intr(void *);
146 static int rt2661_load_microcode(struct rt2661_softc *,
147 const uint8_t *, int);
148 static int rt2661_prepare_beacon(struct rt2661_softc *);
149 static void rt2661_enable_tsf_sync(struct rt2661_softc *);
150 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t, int);
151 static void rt2661_led_newstate(struct rt2661_softc *,
152 enum ieee80211_state);
153 static int rt2661_key_alloc(struct ieee80211com *,
154 const struct ieee80211_key *,
155 ieee80211_keyix *, ieee80211_keyix *);
156 static int rt2661_key_delete(struct ieee80211com *,
157 const struct ieee80211_key *);
158 static int rt2661_key_set(struct ieee80211com *,
159 const struct ieee80211_key *,
160 const uint8_t mac[IEEE80211_ADDR_LEN]);
161 static void *rt2661_ratectl_attach(struct ieee80211com *, u_int);
162 static void rt2661_set_txpower(struct rt2661_softc *, int8_t);
163 static void rt2661_calibrate(void *);
164 static void rt2661_calib_txpower(struct rt2661_softc *);
165 static void rt2661_calib_rxsensibility(struct rt2661_softc *,
169 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
171 static const struct ieee80211_rateset rt2661_rateset_11a =
172 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
174 static const struct ieee80211_rateset rt2661_rateset_11b =
175 { 4, { 2, 4, 11, 22 } };
177 static const struct ieee80211_rateset rt2661_rateset_11g =
178 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
180 static const struct {
183 } rt2661_def_mac[] = {
187 static const struct {
190 } rt2661_def_bbp[] = {
194 static const struct rt2661_rfprog rt2661_rf5225_1[] = { RT2661_RF5225_1 };
195 static const struct rt2661_rfprog rt2661_rf5225_2[] = { RT2661_RF5225_2 };
197 #define LED_EE2MCU(bit) { \
198 .ee_bit = RT2661_EE_LED_##bit, \
199 .mcu_bit = RT2661_MCU_LED_##bit \
201 static const struct {
216 struct rt2661_dmamap {
217 bus_dma_segment_t segs[RT2661_MAX_SCATTER];
222 rt2661_cipher(const struct ieee80211_key *k)
224 switch (k->wk_cipher->ic_cipher) {
225 case IEEE80211_CIPHER_WEP:
226 if (k->wk_keylen == (40 / NBBY))
227 return RT2661_CIPHER_WEP40;
229 return RT2661_CIPHER_WEP104;
230 case IEEE80211_CIPHER_TKIP:
231 return RT2661_CIPHER_TKIP;
232 case IEEE80211_CIPHER_AES_CCM:
233 return RT2661_CIPHER_AES;
235 return RT2661_CIPHER_NONE;
239 static __inline int8_t
240 rt2661_txpower(const struct rt2661_softc *sc, int8_t power)
242 if (sc->sc_txpwr_corr > 0) {
243 if (power > sc->sc_txpwr_corr)
244 power -= sc->sc_txpwr_corr;
252 rt2661_avgrssi(const struct rt2661_softc *sc)
256 rssi_dbm = sc->avg_rssi[0] + RT2661_NOISE_FLOOR;
257 if (sc->rf_rev == RT2661_RF_2529) {
258 if (sc->avg_rssi[1] > sc->avg_rssi[0])
259 rssi_dbm = sc->avg_rssi[0] + RT2661_NOISE_FLOOR;
265 rt2661_attach(device_t dev, int id)
267 struct rt2661_softc *sc = device_get_softc(dev);
268 struct ieee80211com *ic = &sc->sc_ic;
269 struct ifnet *ifp = &ic->ic_if;
270 uint32_t val, bbp_type;
271 const uint8_t *ucode = NULL;
272 int error, i, ac, ntries, size = 0;
274 callout_init(&sc->scan_ch);
275 callout_init(&sc->calib_ch);
278 sc->sc_irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->sc_irq_rid,
279 RF_ACTIVE | RF_SHAREABLE);
280 if (sc->sc_irq == NULL) {
281 device_printf(dev, "could not allocate interrupt resource\n");
285 /* wait for NIC to initialize */
286 for (ntries = 0; ntries < 1000; ntries++) {
287 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0)
291 if (ntries == 1000) {
292 device_printf(sc->sc_dev,
293 "timeout waiting for NIC to initialize\n");
299 /* retrieve RF rev. no and various other things from EEPROM */
300 rt2661_read_config(sc);
302 device_printf(dev, "MAC/BBP RT%X, RF %s\n", bbp_type,
303 rt2661_get_rf(sc->rf_rev));
306 * Load 8051 microcode into NIC.
310 ucode = rt2561s_ucode;
311 size = sizeof rt2561s_ucode;
314 ucode = rt2561_ucode;
315 size = sizeof rt2561_ucode;
318 ucode = rt2661_ucode;
319 size = sizeof rt2661_ucode;
323 error = rt2661_load_microcode(sc, ucode, size);
325 device_printf(sc->sc_dev, "could not load 8051 microcode\n");
330 * Allocate Tx and Rx rings.
332 for (ac = 0; ac < 4; ac++) {
333 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac],
334 RT2661_TX_RING_COUNT);
336 device_printf(sc->sc_dev,
337 "could not allocate Tx ring %d\n", ac);
342 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT);
344 device_printf(sc->sc_dev, "could not allocate Mgt ring\n");
348 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT);
350 device_printf(sc->sc_dev, "could not allocate Rx ring\n");
354 STAILQ_INIT(&sc->tx_ratectl);
356 sysctl_ctx_init(&sc->sysctl_ctx);
357 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx,
358 SYSCTL_STATIC_CHILDREN(_hw),
360 device_get_nameunit(dev),
362 if (sc->sysctl_tree == NULL) {
363 device_printf(dev, "could not add sysctl node\n");
369 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
370 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
371 ifp->if_init = rt2661_init;
372 ifp->if_ioctl = rt2661_ioctl;
373 ifp->if_start = rt2661_start;
374 ifp->if_watchdog = rt2661_watchdog;
375 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
376 ifq_set_ready(&ifp->if_snd);
378 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
379 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
380 ic->ic_state = IEEE80211_S_INIT;
381 rt2661_led_newstate(sc, IEEE80211_S_INIT);
383 IEEE80211_ONOE_PARAM_SETUP(&sc->sc_onoe_param);
384 ic->ic_ratectl.rc_st_ratectl_cap = IEEE80211_RATECTL_CAP_ONOE;
385 if (bbp_type == RT2661_BBP_2661D) {
386 ic->ic_ratectl.rc_st_ratectl = IEEE80211_RATECTL_ONOE;
388 IEEE80211_SAMPLE_PARAM_SETUP(&sc->sc_sample_param);
389 ic->ic_ratectl.rc_st_ratectl_cap |=
390 IEEE80211_RATECTL_CAP_SAMPLE;
391 ic->ic_ratectl.rc_st_ratectl = IEEE80211_RATECTL_SAMPLE;
393 ic->ic_ratectl.rc_st_attach = rt2661_ratectl_attach;
395 /* set device capabilities */
397 IEEE80211_C_IBSS | /* IBSS mode supported */
398 IEEE80211_C_MONITOR | /* monitor mode supported */
399 IEEE80211_C_HOSTAP | /* HostAp mode supported */
400 IEEE80211_C_TXPMGT | /* tx power management */
401 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
402 IEEE80211_C_SHSLOT | /* short slot time supported */
404 IEEE80211_C_WME | /* 802.11e */
406 IEEE80211_C_WPA; /* 802.11i */
408 /* Set hardware crypto capabilities. */
409 ic->ic_caps |= IEEE80211_C_WEP |
411 IEEE80211_C_TKIPMIC |
414 ic->ic_caps_ext = IEEE80211_CEXT_CRYPTO_HDR |
415 IEEE80211_CEXT_STRIP_MIC;
417 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) {
418 /* set supported .11a rates */
419 ic->ic_sup_rates[IEEE80211_MODE_11A] = rt2661_rateset_11a;
421 /* set supported .11a channels */
422 for (i = 36; i <= 64; i += 4) {
423 ic->ic_channels[i].ic_freq =
424 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
425 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
427 for (i = 100; i <= 140; i += 4) {
428 ic->ic_channels[i].ic_freq =
429 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
430 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
432 for (i = 149; i <= 165; i += 4) {
433 ic->ic_channels[i].ic_freq =
434 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
435 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
439 /* set supported .11b and .11g rates */
440 ic->ic_sup_rates[IEEE80211_MODE_11B] = rt2661_rateset_11b;
441 ic->ic_sup_rates[IEEE80211_MODE_11G] = rt2661_rateset_11g;
443 /* set supported .11b and .11g channels (1 through 14) */
444 for (i = 1; i <= 14; i++) {
445 ic->ic_channels[i].ic_freq =
446 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
447 ic->ic_channels[i].ic_flags =
448 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
449 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
452 sc->sc_sifs = IEEE80211_DUR_SIFS; /* Default SIFS */
454 ieee80211_ifattach(ic);
455 /* ic->ic_wme.wme_update = rt2661_wme_update;*/
456 ic->ic_updateslot = rt2661_update_slot;
457 ic->ic_reset = rt2661_reset;
458 /* enable s/w bmiss handling in sta mode */
459 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
461 sc->sc_key_alloc = ic->ic_crypto.cs_key_alloc;
462 sc->sc_key_delete = ic->ic_crypto.cs_key_delete;
463 sc->sc_key_set = ic->ic_crypto.cs_key_set;
465 ic->ic_crypto.cs_max_keyix = RT2661_KEY_MAX;
466 ic->ic_crypto.cs_key_alloc = rt2661_key_alloc;
467 ic->ic_crypto.cs_key_delete = rt2661_key_delete;
468 ic->ic_crypto.cs_key_set = rt2661_key_set;
470 /* override state transition machine */
471 sc->sc_newstate = ic->ic_newstate;
472 ic->ic_newstate = rt2661_newstate;
473 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status);
475 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO,
476 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf);
478 sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
479 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
480 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT);
482 sc->sc_txtap_len = sizeof sc->sc_txtapu;
483 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
484 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT);
487 * Add a few sysctl knobs.
489 sc->sc_dwelltime = 200; /* milliseconds */
490 sc->sc_txpwr_corr = -1; /* Disable */
491 sc->sc_calib_txpwr = 0; /* Disable */
492 sc->sc_calib_rxsns = 0; /* Disable */
494 SYSCTL_ADD_INT(&sc->sysctl_ctx,
495 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell",
496 CTLFLAG_RW, &sc->sc_dwelltime, 0,
497 "Channel dwell time (ms) for AP/station scanning");
499 SYSCTL_ADD_INT(&sc->sysctl_ctx,
500 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "txpwr_corr",
501 CTLFLAG_RW, &sc->sc_txpwr_corr, 0,
502 "TX power correction value (<0 no correction)");
504 SYSCTL_ADD_INT(&sc->sysctl_ctx,
505 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "calib_txpwr",
506 CTLFLAG_RW, &sc->sc_calib_txpwr, 0,
507 "Enable TX power calibration (sta mode)");
508 SYSCTL_ADD_INT(&sc->sysctl_ctx,
509 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "calib_rxsns",
510 CTLFLAG_RW, &sc->sc_calib_rxsns, 0,
511 "Enable RX sensibility calibration (sta mode)");
513 error = bus_setup_intr(dev, sc->sc_irq, INTR_MPSAFE, rt2661_intr,
514 sc, &sc->sc_ih, ifp->if_serializer);
516 device_printf(dev, "could not set up interrupt\n");
518 ieee80211_ifdetach(ic);
523 ieee80211_announce(ic);
531 rt2661_detach(void *xsc)
533 struct rt2661_softc *sc = xsc;
534 struct ieee80211com *ic = &sc->sc_ic;
535 struct ifnet *ifp = &ic->ic_if;
537 if (device_is_attached(sc->sc_dev)) {
538 lwkt_serialize_enter(ifp->if_serializer);
540 callout_stop(&sc->scan_ch);
542 bus_teardown_intr(sc->sc_dev, sc->sc_irq, sc->sc_ih);
544 lwkt_serialize_exit(ifp->if_serializer);
547 ieee80211_ifdetach(ic);
550 rt2661_free_tx_ring(sc, &sc->txq[0]);
551 rt2661_free_tx_ring(sc, &sc->txq[1]);
552 rt2661_free_tx_ring(sc, &sc->txq[2]);
553 rt2661_free_tx_ring(sc, &sc->txq[3]);
554 rt2661_free_tx_ring(sc, &sc->mgtq);
555 rt2661_free_rx_ring(sc, &sc->rxq);
557 if (sc->sc_irq != NULL) {
558 bus_release_resource(sc->sc_dev, SYS_RES_IRQ, sc->sc_irq_rid,
562 if (sc->sysctl_tree != NULL)
563 sysctl_ctx_free(&sc->sysctl_ctx);
569 rt2661_shutdown(void *xsc)
571 struct rt2661_softc *sc = xsc;
572 struct ifnet *ifp = &sc->sc_ic.ic_if;
574 lwkt_serialize_enter(ifp->if_serializer);
576 lwkt_serialize_exit(ifp->if_serializer);
580 rt2661_suspend(void *xsc)
582 struct rt2661_softc *sc = xsc;
583 struct ifnet *ifp = &sc->sc_ic.ic_if;
585 lwkt_serialize_enter(ifp->if_serializer);
587 lwkt_serialize_exit(ifp->if_serializer);
591 rt2661_resume(void *xsc)
593 struct rt2661_softc *sc = xsc;
594 struct ifnet *ifp = sc->sc_ic.ic_ifp;
596 lwkt_serialize_enter(ifp->if_serializer);
597 if (ifp->if_flags & IFF_UP) {
598 ifp->if_init(ifp->if_softc);
599 if (ifp->if_flags & IFF_RUNNING)
602 lwkt_serialize_exit(ifp->if_serializer);
606 rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error)
611 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg));
613 *(bus_addr_t *)arg = segs[0].ds_addr;
617 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring,
624 ring->cur = ring->next = 0;
626 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
627 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_TX_DESC_SIZE, 1,
628 count * RT2661_TX_DESC_SIZE, 0, &ring->desc_dmat);
630 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
634 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
635 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map);
637 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
641 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
642 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr,
645 device_printf(sc->sc_dev, "could not load desc DMA map\n");
647 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
652 ring->data = kmalloc(count * sizeof (struct rt2661_data), M_DEVBUF,
655 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
656 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES * RT2661_MAX_SCATTER,
657 RT2661_MAX_SCATTER, MCLBYTES, 0, &ring->data_dmat);
659 device_printf(sc->sc_dev, "could not create data DMA tag\n");
663 for (i = 0; i < count; i++) {
664 error = bus_dmamap_create(ring->data_dmat, 0,
667 device_printf(sc->sc_dev, "could not create DMA map\n");
673 fail: rt2661_free_tx_ring(sc, ring);
678 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring)
680 struct rt2661_tx_desc *desc;
681 struct rt2661_data *data;
684 for (i = 0; i < ring->count; i++) {
685 desc = &ring->desc[i];
686 data = &ring->data[i];
688 if (data->m != NULL) {
689 bus_dmamap_sync(ring->data_dmat, data->map,
690 BUS_DMASYNC_POSTWRITE);
691 bus_dmamap_unload(ring->data_dmat, data->map);
699 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
702 ring->cur = ring->next = 0;
706 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring)
708 struct rt2661_data *data;
711 if (ring->desc != NULL) {
712 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
713 BUS_DMASYNC_POSTWRITE);
714 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
715 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
719 if (ring->desc_dmat != NULL) {
720 bus_dma_tag_destroy(ring->desc_dmat);
721 ring->desc_dmat = NULL;
724 if (ring->data != NULL) {
725 for (i = 0; i < ring->count; i++) {
726 data = &ring->data[i];
728 if (data->m != NULL) {
729 bus_dmamap_sync(ring->data_dmat, data->map,
730 BUS_DMASYNC_POSTWRITE);
731 bus_dmamap_unload(ring->data_dmat, data->map);
736 if (data->map != NULL) {
737 bus_dmamap_destroy(ring->data_dmat, data->map);
742 kfree(ring->data, M_DEVBUF);
746 if (ring->data_dmat != NULL) {
747 bus_dma_tag_destroy(ring->data_dmat);
748 ring->data_dmat = NULL;
753 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring,
756 struct rt2661_rx_desc *desc;
757 struct rt2661_data *data;
762 ring->cur = ring->next = 0;
764 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
765 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_RX_DESC_SIZE, 1,
766 count * RT2661_RX_DESC_SIZE, 0, &ring->desc_dmat);
768 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
772 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
773 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map);
775 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
779 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
780 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr,
783 device_printf(sc->sc_dev, "could not load desc DMA map\n");
785 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
790 ring->data = kmalloc(count * sizeof (struct rt2661_data), M_DEVBUF,
794 * Pre-allocate Rx buffers and populate Rx ring.
796 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
797 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0,
800 device_printf(sc->sc_dev, "could not create data DMA tag\n");
804 for (i = 0; i < count; i++) {
805 desc = &sc->rxq.desc[i];
806 data = &sc->rxq.data[i];
808 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
810 device_printf(sc->sc_dev, "could not create DMA map\n");
814 data->m = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR);
815 if (data->m == NULL) {
816 device_printf(sc->sc_dev,
817 "could not allocate rx mbuf\n");
822 error = bus_dmamap_load(ring->data_dmat, data->map,
823 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr,
826 device_printf(sc->sc_dev,
827 "could not load rx buf DMA map");
834 desc->flags = htole32(RT2661_RX_BUSY);
835 desc->physaddr = htole32(physaddr);
838 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
842 fail: rt2661_free_rx_ring(sc, ring);
847 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring)
851 for (i = 0; i < ring->count; i++)
852 ring->desc[i].flags = htole32(RT2661_RX_BUSY);
854 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
856 ring->cur = ring->next = 0;
860 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring)
862 struct rt2661_data *data;
865 if (ring->desc != NULL) {
866 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
867 BUS_DMASYNC_POSTWRITE);
868 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
869 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
873 if (ring->desc_dmat != NULL) {
874 bus_dma_tag_destroy(ring->desc_dmat);
875 ring->desc_dmat = NULL;
878 if (ring->data != NULL) {
879 for (i = 0; i < ring->count; i++) {
880 data = &ring->data[i];
882 if (data->m != NULL) {
883 bus_dmamap_sync(ring->data_dmat, data->map,
884 BUS_DMASYNC_POSTREAD);
885 bus_dmamap_unload(ring->data_dmat, data->map);
890 if (data->map != NULL) {
891 bus_dmamap_destroy(ring->data_dmat, data->map);
896 kfree(ring->data, M_DEVBUF);
900 if (ring->data_dmat != NULL) {
901 bus_dma_tag_destroy(ring->data_dmat);
902 ring->data_dmat = NULL;
907 rt2661_media_change(struct ifnet *ifp)
909 struct rt2661_softc *sc = ifp->if_softc;
912 error = ieee80211_media_change(ifp);
913 if (error != ENETRESET)
916 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
922 * This function is called periodically (every 200ms) during scanning to
923 * switch from one channel to another.
926 rt2661_next_scan(void *arg)
928 struct rt2661_softc *sc = arg;
929 struct ieee80211com *ic = &sc->sc_ic;
930 struct ifnet *ifp = &ic->ic_if;
932 lwkt_serialize_enter(ifp->if_serializer);
933 if (ic->ic_state == IEEE80211_S_SCAN)
934 ieee80211_next_scan(ic);
935 lwkt_serialize_exit(ifp->if_serializer);
939 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
941 struct rt2661_softc *sc = ic->ic_ifp->if_softc;
942 enum ieee80211_state ostate;
943 struct ieee80211_node *ni;
947 ostate = ic->ic_state;
948 callout_stop(&sc->scan_ch);
949 callout_stop(&sc->calib_ch);
951 if (ostate != nstate)
952 rt2661_led_newstate(sc, nstate);
954 ieee80211_ratectl_newstate(ic, nstate);
957 case IEEE80211_S_INIT:
958 if (ostate == IEEE80211_S_RUN) {
959 /* abort TSF synchronization */
960 tmp = RAL_READ(sc, RT2661_TXRX_CSR9);
961 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff);
965 case IEEE80211_S_SCAN:
966 rt2661_set_chan(sc, ic->ic_curchan);
967 callout_reset(&sc->scan_ch, (sc->sc_dwelltime * hz) / 1000,
968 rt2661_next_scan, sc);
971 case IEEE80211_S_AUTH:
972 case IEEE80211_S_ASSOC:
973 rt2661_set_chan(sc, ic->ic_curchan);
976 case IEEE80211_S_RUN:
977 RT2661_RESET_AVG_RSSI(sc);
979 rt2661_set_chan(sc, ic->ic_curchan);
983 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
984 rt2661_enable_mrr(sc);
985 rt2661_set_txpreamble(sc);
986 rt2661_set_ackrates(sc, &ni->ni_rates);
987 rt2661_set_bssid(sc, ni->ni_bssid);
990 if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
991 ic->ic_opmode == IEEE80211_M_IBSS) {
992 if ((error = rt2661_prepare_beacon(sc)) != 0)
996 if (ic->ic_opmode != IEEE80211_M_MONITOR)
997 rt2661_enable_tsf_sync(sc);
999 if (ic->ic_opmode == IEEE80211_M_STA) {
1002 #define N(arr) (int)(sizeof(arr) / sizeof(arr[0]))
1003 /* clear STA registers */
1004 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta));
1006 sc->sc_txpwr_cnt = 0;
1007 callout_reset(&sc->calib_ch, hz, rt2661_calibrate, sc);
1012 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg);
1016 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or
1020 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr)
1026 /* clock C once before the first command */
1027 RT2661_EEPROM_CTL(sc, 0);
1029 RT2661_EEPROM_CTL(sc, RT2661_S);
1030 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
1031 RT2661_EEPROM_CTL(sc, RT2661_S);
1033 /* write start bit (1) */
1034 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D);
1035 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C);
1037 /* write READ opcode (10) */
1038 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D);
1039 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C);
1040 RT2661_EEPROM_CTL(sc, RT2661_S);
1041 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
1043 /* write address (A5-A0 or A7-A0) */
1044 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7;
1045 for (; n >= 0; n--) {
1046 RT2661_EEPROM_CTL(sc, RT2661_S |
1047 (((addr >> n) & 1) << RT2661_SHIFT_D));
1048 RT2661_EEPROM_CTL(sc, RT2661_S |
1049 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C);
1052 RT2661_EEPROM_CTL(sc, RT2661_S);
1054 /* read data Q15-Q0 */
1056 for (n = 15; n >= 0; n--) {
1057 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
1058 tmp = RAL_READ(sc, RT2661_E2PROM_CSR);
1059 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n;
1060 RT2661_EEPROM_CTL(sc, RT2661_S);
1063 RT2661_EEPROM_CTL(sc, 0);
1065 /* clear Chip Select and clock C */
1066 RT2661_EEPROM_CTL(sc, RT2661_S);
1067 RT2661_EEPROM_CTL(sc, 0);
1068 RT2661_EEPROM_CTL(sc, RT2661_C);
1074 rt2661_tx_intr(struct rt2661_softc *sc)
1076 struct ieee80211com *ic = &sc->sc_ic;
1077 struct ifnet *ifp = ic->ic_ifp;
1078 struct rt2661_tx_ratectl *rctl;
1079 uint32_t val, result;
1083 struct ieee80211_ratectl_res res;
1085 val = RAL_READ(sc, RT2661_STA_CSR4);
1086 if (!(val & RT2661_TX_STAT_VALID))
1089 /* Gather statistics */
1090 result = RT2661_TX_RESULT(val);
1091 if (result == RT2661_TX_SUCCESS)
1096 /* No rate control */
1097 if (RT2661_TX_QID(val) == 0)
1100 /* retrieve rate control algorithm context */
1101 rctl = STAILQ_FIRST(&sc->tx_ratectl);
1105 * This really should not happen. Maybe we should
1106 * use assertion here? But why should we rely on
1107 * hardware to do the correct things? Even the
1108 * reference driver (RT61?) provided by Ralink does
1109 * not provide enough clue that this kind of interrupt
1110 * is promised to be generated for each packet. So
1111 * just print a message and keep going ...
1113 if_printf(ifp, "WARNING: no rate control information\n");
1116 STAILQ_REMOVE_HEAD(&sc->tx_ratectl, link);
1120 case RT2661_TX_SUCCESS:
1121 retrycnt = RT2661_TX_RETRYCNT(val);
1122 DPRINTFN(10, ("data frame sent successfully after "
1123 "%d retries\n", retrycnt));
1126 case RT2661_TX_RETRY_FAIL:
1127 DPRINTFN(9, ("sending data frame failed (too much "
1133 device_printf(sc->sc_dev,
1134 "sending data frame failed 0x%08x\n", val);
1138 res.rc_res_rateidx = rctl->rateidx;
1139 res.rc_res_tries = retrycnt + 1;
1140 ieee80211_ratectl_tx_complete(rctl->ni, rctl->len, &res, 1,
1141 retrycnt, 0, result != RT2661_TX_SUCCESS);
1143 ieee80211_free_node(rctl->ni);
1145 kfree(rctl, M_RT2661);
1150 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq)
1152 struct rt2661_tx_desc *desc;
1153 struct rt2661_data *data;
1155 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD);
1158 desc = &txq->desc[txq->next];
1159 data = &txq->data[txq->next];
1161 if ((le32toh(desc->flags) & RT2661_TX_BUSY) ||
1162 !(le32toh(desc->flags) & RT2661_TX_VALID))
1165 bus_dmamap_sync(txq->data_dmat, data->map,
1166 BUS_DMASYNC_POSTWRITE);
1167 bus_dmamap_unload(txq->data_dmat, data->map);
1171 /* descriptor is no longer valid */
1172 desc->flags &= ~htole32(RT2661_TX_VALID);
1174 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next));
1177 if (++txq->next >= txq->count) /* faster than % count */
1181 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE);
1183 if (txq->queued < txq->count) {
1184 struct ifnet *ifp = &sc->sc_ic.ic_if;
1186 sc->sc_tx_timer = 0;
1187 ifp->if_flags &= ~IFF_OACTIVE;
1193 rt2661_rx_intr(struct rt2661_softc *sc)
1195 struct ieee80211com *ic = &sc->sc_ic;
1196 struct ifnet *ifp = ic->ic_ifp;
1197 struct rt2661_rx_desc *desc;
1198 struct rt2661_data *data;
1199 bus_addr_t physaddr;
1200 struct ieee80211_frame_min *wh;
1201 struct ieee80211_node *ni;
1202 struct mbuf *mnew, *m;
1205 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1206 BUS_DMASYNC_POSTREAD);
1212 desc = &sc->rxq.desc[sc->rxq.cur];
1213 data = &sc->rxq.data[sc->rxq.cur];
1214 flags = le32toh(desc->flags);
1216 if (flags & RT2661_RX_BUSY)
1219 if (flags & RT2661_RX_CRC_ERROR) {
1221 * This should not happen since we did not request
1222 * to receive those frames when we filled TXRX_CSR0.
1224 DPRINTFN(5, ("CRC error flags 0x%08x\n", flags));
1229 if (flags & RT2661_RX_CIPHER_MASK) {
1230 DPRINTFN(5, ("cipher error 0x%08x\n", flags));
1236 * Try to allocate a new mbuf for this ring element and load it
1237 * before processing the current mbuf. If the ring element
1238 * cannot be loaded, drop the received packet and reuse the old
1239 * mbuf. In the unlikely case that the old mbuf can't be
1240 * reloaded either, explicitly panic.
1242 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR);
1248 bus_dmamap_sync(sc->rxq.data_dmat, data->map,
1249 BUS_DMASYNC_POSTREAD);
1250 bus_dmamap_unload(sc->rxq.data_dmat, data->map);
1252 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1253 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr,
1258 /* try to reload the old mbuf */
1259 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1260 mtod(data->m, void *), MCLBYTES,
1261 rt2661_dma_map_addr, &physaddr, 0);
1263 /* very unlikely that it will fail... */
1264 panic("%s: could not load old rx mbuf",
1265 device_get_name(sc->sc_dev));
1272 * New mbuf successfully loaded, update Rx ring and continue
1277 desc->physaddr = htole32(physaddr);
1280 m->m_pkthdr.rcvif = ifp;
1281 m->m_pkthdr.len = m->m_len = (flags >> 16) & 0xfff;
1283 rssi = rt2661_get_rssi(sc, desc->rssi, 0);
1284 if (sc->rf_rev == RT2661_RF_2529)
1285 rt2661_get_rssi(sc, desc->rssi, 1);
1287 wh = mtod(m, struct ieee80211_frame_min *);
1288 if (wh->i_fc[1] & IEEE80211_FC1_WEP)
1289 DPRINTFN(5, ("keyix %d\n", RT2661_RX_KEYIX(flags)));
1291 ni = ieee80211_find_rxnode(ic, wh);
1293 /* Error happened during RSSI conversion. */
1297 if (sc->sc_drvbpf != NULL) {
1298 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap;
1299 uint32_t tsf_lo, tsf_hi;
1301 /* get timestamp (low and high 32 bits) */
1302 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13);
1303 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12);
1306 htole64(((uint64_t)tsf_hi << 32) | tsf_lo);
1308 tap->wr_rate = rt2661_rxrate(desc);
1309 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq);
1310 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags);
1311 tap->wr_antsignal = rssi;
1313 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len);
1316 /* send the frame to the 802.11 layer */
1317 if (RT2661_RX_CIPHER(flags) != RT2661_CIPHER_NONE) {
1318 struct ieee80211_crypto_iv iv;
1320 memcpy(iv.ic_iv, desc->iv, sizeof(iv.ic_iv));
1321 memcpy(iv.ic_eiv, desc->eiv, sizeof(iv.ic_eiv));
1322 ieee80211_input_withiv(ic, m, ni, rssi, 0, &iv);
1324 ieee80211_input(ic, m, ni, rssi, 0);
1327 /* node is no longer needed */
1328 ieee80211_free_node(ni);
1330 skip: desc->flags |= htole32(RT2661_RX_BUSY);
1332 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur));
1334 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT;
1337 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1338 BUS_DMASYNC_PREWRITE);
1343 rt2661_mcu_beacon_expire(struct rt2661_softc *sc)
1349 rt2661_mcu_wakeup(struct rt2661_softc *sc)
1351 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16);
1353 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7);
1354 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18);
1355 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20);
1357 /* send wakeup command to MCU */
1358 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0);
1362 rt2661_mcu_cmd_intr(struct rt2661_softc *sc)
1364 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR);
1365 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff);
1369 rt2661_intr(void *arg)
1371 struct rt2661_softc *sc = arg;
1372 struct ifnet *ifp = &sc->sc_ic.ic_if;
1375 /* disable MAC and MCU interrupts */
1376 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f);
1377 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff);
1379 /* don't re-enable interrupts if we're shutting down */
1380 if (!(ifp->if_flags & IFF_RUNNING))
1383 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR);
1384 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1);
1386 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR);
1387 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2);
1389 if (r1 & RT2661_MGT_DONE)
1390 rt2661_tx_dma_intr(sc, &sc->mgtq);
1392 if (r1 & RT2661_RX_DONE)
1395 if (r1 & RT2661_TX0_DMA_DONE)
1396 rt2661_tx_dma_intr(sc, &sc->txq[0]);
1398 if (r1 & RT2661_TX1_DMA_DONE)
1399 rt2661_tx_dma_intr(sc, &sc->txq[1]);
1401 if (r1 & RT2661_TX2_DMA_DONE)
1402 rt2661_tx_dma_intr(sc, &sc->txq[2]);
1404 if (r1 & RT2661_TX3_DMA_DONE)
1405 rt2661_tx_dma_intr(sc, &sc->txq[3]);
1407 if (r1 & RT2661_TX_DONE)
1410 if (r2 & RT2661_MCU_CMD_DONE)
1411 rt2661_mcu_cmd_intr(sc);
1413 if (r2 & RT2661_MCU_BEACON_EXPIRE)
1414 rt2661_mcu_beacon_expire(sc);
1416 if (r2 & RT2661_MCU_WAKEUP)
1417 rt2661_mcu_wakeup(sc);
1419 /* re-enable MAC and MCU interrupts */
1420 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10);
1421 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0);
1424 /* quickly determine if a given rate is CCK or OFDM */
1425 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
1427 #define RAL_ACK_SIZE (sizeof(struct ieee80211_frame_ack) + IEEE80211_CRC_LEN)
1428 #define RAL_CTS_SIZE (sizeof(struct ieee80211_frame_cts) + IEEE80211_CRC_LEN)
1431 * This function is only used by the Rx radiotap code. It returns the rate at
1432 * which a given frame was received.
1435 rt2661_rxrate(struct rt2661_rx_desc *desc)
1437 if (le32toh(desc->flags) & RT2661_RX_OFDM) {
1438 /* reverse function of rt2661_plcp_signal */
1439 switch (desc->rate & 0xf) {
1440 case 0xb: return 12;
1441 case 0xf: return 18;
1442 case 0xa: return 24;
1443 case 0xe: return 36;
1444 case 0x9: return 48;
1445 case 0xd: return 72;
1446 case 0x8: return 96;
1447 case 0xc: return 108;
1450 if (desc->rate == 10)
1452 if (desc->rate == 20)
1454 if (desc->rate == 55)
1456 if (desc->rate == 110)
1459 return 2; /* should not get there */
1463 rt2661_plcp_signal(int rate)
1466 /* CCK rates (returned values are device-dependent) */
1469 case 11: return 0x2;
1470 case 22: return 0x3;
1472 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
1473 case 12: return 0xb;
1474 case 18: return 0xf;
1475 case 24: return 0xa;
1476 case 36: return 0xe;
1477 case 48: return 0x9;
1478 case 72: return 0xd;
1479 case 96: return 0x8;
1480 case 108: return 0xc;
1482 /* unsupported rates (should not get there) */
1483 default: return 0xff;
1488 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc,
1489 uint32_t flags, uint16_t xflags, int len, int rate,
1490 const bus_dma_segment_t *segs, int nsegs, int ac, int ratectl,
1491 const struct ieee80211_key *key, void *buf,
1492 const struct ieee80211_crypto_iv *iv)
1494 const struct ieee80211_cipher *cip = NULL;
1495 struct ieee80211com *ic = &sc->sc_ic;
1496 uint16_t plcp_length;
1500 cip = key->wk_cipher;
1502 desc->flags = htole32(flags);
1503 desc->flags |= htole32(len << 16);
1504 desc->flags |= htole32(RT2661_TX_VALID);
1506 int cipher = rt2661_cipher(key);
1508 desc->flags |= htole32(cipher << 29);
1509 desc->flags |= htole32(key->wk_keyix << 10);
1510 if (key->wk_keyix >= IEEE80211_WEP_NKID)
1511 desc->flags |= htole32(RT2661_TX_PAIRWISE_KEY);
1513 /* XXX fragmentation */
1514 desc->flags |= htole32(RT2661_TX_HWMIC);
1517 desc->xflags = htole16(xflags);
1518 desc->xflags |= htole16(nsegs << 13);
1522 hdrsize = ieee80211_hdrspace(ic, buf);
1523 desc->xflags |= htole16(hdrsize);
1526 desc->wme = htole16(
1529 RT2661_LOGCWMIN(4) |
1530 RT2661_LOGCWMAX(10));
1532 if (key != NULL && iv != NULL) {
1533 memcpy(desc->iv, iv->ic_iv, sizeof(desc->iv));
1534 memcpy(desc->eiv, iv->ic_eiv, sizeof(desc->eiv));
1538 * Remember whether TX rate control information should be gathered.
1539 * This field is driver private data only. It will be made available
1540 * by the NIC in STA_CSR4 on Tx done interrupts.
1542 desc->qid = ratectl;
1544 /* setup PLCP fields */
1545 desc->plcp_signal = rt2661_plcp_signal(rate);
1546 desc->plcp_service = 4;
1548 len += IEEE80211_CRC_LEN;
1550 len += cip->ic_header + cip->ic_trailer;
1552 /* XXX fragmentation */
1553 len += cip->ic_miclen;
1556 if (RAL_RATE_IS_OFDM(rate)) {
1557 desc->flags |= htole32(RT2661_TX_OFDM);
1559 plcp_length = len & 0xfff;
1560 desc->plcp_length_hi = plcp_length >> 6;
1561 desc->plcp_length_lo = plcp_length & 0x3f;
1563 plcp_length = (16 * len + rate - 1) / rate;
1565 remainder = (16 * len) % 22;
1566 if (remainder != 0 && remainder < 7)
1567 desc->plcp_service |= RT2661_PLCP_LENGEXT;
1569 desc->plcp_length_hi = plcp_length >> 8;
1570 desc->plcp_length_lo = plcp_length & 0xff;
1572 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
1573 desc->plcp_signal |= 0x08;
1576 /* RT2x61 supports scatter with up to 5 segments */
1577 for (i = 0; i < nsegs; i++) {
1578 desc->addr[i] = htole32(segs[i].ds_addr);
1579 desc->len [i] = htole16(segs[i].ds_len);
1582 desc->flags |= htole32(RT2661_TX_BUSY);
1586 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0,
1587 struct ieee80211_node *ni)
1589 struct ieee80211com *ic = &sc->sc_ic;
1590 struct rt2661_tx_desc *desc;
1591 struct rt2661_data *data;
1592 struct ieee80211_frame *wh;
1593 struct rt2661_dmamap map;
1595 uint32_t flags = 0; /* XXX HWSEQ */
1598 desc = &sc->mgtq.desc[sc->mgtq.cur];
1599 data = &sc->mgtq.data[sc->mgtq.cur];
1601 /* send mgt frames at the lowest available rate */
1602 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
1604 error = bus_dmamap_load_mbuf(sc->mgtq.data_dmat, data->map, m0,
1605 rt2661_dma_map_mbuf, &map, 0);
1607 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1609 ieee80211_free_node(ni);
1614 if (sc->sc_drvbpf != NULL) {
1615 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap;
1618 tap->wt_rate = rate;
1619 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq);
1620 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags);
1622 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len);
1627 wh = mtod(m0, struct ieee80211_frame *);
1629 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1630 flags |= RT2661_TX_NEED_ACK;
1632 dur = ieee80211_txtime(ni, RAL_ACK_SIZE, rate, ic->ic_flags) +
1634 *(uint16_t *)wh->i_dur = htole16(dur);
1636 /* tell hardware to add timestamp in probe responses */
1638 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
1639 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
1640 flags |= RT2661_TX_TIMESTAMP;
1643 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */,
1644 m0->m_pkthdr.len, rate, map.segs, map.nseg, RT2661_QID_MGT, 0, NULL, NULL, NULL);
1646 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1647 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map,
1648 BUS_DMASYNC_PREWRITE);
1650 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n",
1651 m0->m_pkthdr.len, sc->mgtq.cur, rate));
1655 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT;
1656 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT);
1658 ieee80211_free_node(ni);
1664 * Build a RTS control frame.
1666 static struct mbuf *
1667 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh,
1670 struct ieee80211_frame_rts *rts;
1673 MGETHDR(m, MB_DONTWAIT, MT_DATA);
1675 sc->sc_ic.ic_stats.is_tx_nobuf++;
1676 device_printf(sc->sc_dev, "could not allocate RTS frame\n");
1680 rts = mtod(m, struct ieee80211_frame_rts *);
1682 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL |
1683 IEEE80211_FC0_SUBTYPE_RTS;
1684 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS;
1685 *(uint16_t *)rts->i_dur = htole16(dur);
1686 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1);
1687 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2);
1689 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts);
1695 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0,
1696 struct ieee80211_node *ni, int ac)
1698 struct ieee80211com *ic = &sc->sc_ic;
1699 struct rt2661_tx_ring *txq = &sc->txq[ac];
1700 struct rt2661_tx_desc *desc;
1701 struct rt2661_data *data;
1702 struct rt2661_tx_ratectl *rctl;
1703 struct ieee80211_frame *wh;
1704 struct ieee80211_key *k = NULL;
1705 const struct chanAccParams *cap;
1707 struct rt2661_dmamap map;
1710 int error, rate, ackrate, noack = 0, rateidx;
1711 struct ieee80211_crypto_iv iv, *ivp = NULL;
1713 wh = mtod(m0, struct ieee80211_frame *);
1714 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) {
1715 cap = &ic->ic_wme.wme_chanParams;
1716 noack = cap->cap_wmeParams[ac].wmep_noackPolicy;
1719 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1720 k = ieee80211_crypto_findkey(ic, ni, m0);
1726 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
1727 k = ieee80211_crypto_encap_withkey(ic, m0, k);
1729 k = ieee80211_crypto_getiv(ic, &iv, k);
1740 /* packet header may have moved, reset our local pointer */
1741 wh = mtod(m0, struct ieee80211_frame *);
1744 ieee80211_ratectl_findrate(ni, m0->m_pkthdr.len, &rateidx, 1);
1745 rate = IEEE80211_RS_RATE(&ni->ni_rates, rateidx);
1747 ackrate = ieee80211_ack_rate(ni, rate);
1750 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange
1751 * for directed frames only when the length of the MPDU is greater
1752 * than the length threshold indicated by [...]" ic_rtsthreshold.
1754 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
1755 m0->m_pkthdr.len > ic->ic_rtsthreshold) {
1760 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
1762 /* XXX: noack (QoS)? */
1763 dur = ieee80211_txtime(ni, m0->m_pkthdr.len + IEEE80211_CRC_LEN,
1764 rate, ic->ic_flags) +
1765 ieee80211_txtime(ni, RAL_CTS_SIZE, rtsrate, ic->ic_flags)+
1766 ieee80211_txtime(ni, RAL_ACK_SIZE, ackrate, ic->ic_flags)+
1769 m = rt2661_get_rts(sc, wh, dur);
1771 desc = &txq->desc[txq->cur];
1772 data = &txq->data[txq->cur];
1774 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m,
1775 rt2661_dma_map_mbuf, &map, 0);
1777 device_printf(sc->sc_dev,
1778 "could not map mbuf (error %d)\n", error);
1786 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK |
1787 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len,
1788 rtsrate, map.segs, map.nseg, ac, 0, NULL, NULL, NULL);
1790 bus_dmamap_sync(txq->data_dmat, data->map,
1791 BUS_DMASYNC_PREWRITE);
1794 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT;
1797 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the
1798 * asynchronous data frame shall be transmitted after the CTS
1799 * frame and a SIFS period.
1801 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS;
1804 data = &txq->data[txq->cur];
1805 desc = &txq->desc[txq->cur];
1807 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0,
1808 rt2661_dma_map_mbuf, &map, 0);
1809 if (error != 0 && error != EFBIG) {
1810 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1816 mnew = m_defrag(m0, MB_DONTWAIT);
1818 device_printf(sc->sc_dev,
1819 "could not defragment mbuf\n");
1825 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0,
1826 rt2661_dma_map_mbuf, &map, 0);
1828 device_printf(sc->sc_dev,
1829 "could not map mbuf (error %d)\n", error);
1834 /* packet header have moved, reset our local pointer */
1835 wh = mtod(m0, struct ieee80211_frame *);
1838 if (sc->sc_drvbpf != NULL) {
1839 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap;
1842 tap->wt_rate = rate;
1843 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq);
1844 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags);
1846 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len);
1851 rctl = kmalloc(sizeof(*rctl), M_RT2661, M_NOWAIT);
1854 rctl->len = m0->m_pkthdr.len;
1855 rctl->rateidx = rateidx;
1856 STAILQ_INSERT_TAIL(&sc->tx_ratectl, rctl, link);
1859 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1860 flags |= RT2661_TX_NEED_ACK;
1862 dur = ieee80211_txtime(ni, RAL_ACK_SIZE, ackrate, ic->ic_flags)+
1864 *(uint16_t *)wh->i_dur = htole16(dur);
1867 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate,
1868 map.segs, map.nseg, ac, rctl != NULL, k, wh, ivp);
1870 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1871 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE);
1873 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n",
1874 m0->m_pkthdr.len, txq->cur, rate));
1878 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT;
1879 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac);
1882 ieee80211_free_node(ni);
1888 rt2661_start(struct ifnet *ifp)
1890 struct rt2661_softc *sc = ifp->if_softc;
1891 struct ieee80211com *ic = &sc->sc_ic;
1893 struct ether_header *eh;
1894 struct ieee80211_node *ni;
1897 /* prevent management frames from being sent if we're not ready */
1898 if (!(ifp->if_flags & IFF_RUNNING))
1902 IF_POLL(&ic->ic_mgtq, m0);
1904 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) {
1905 ifp->if_flags |= IFF_OACTIVE;
1908 IF_DEQUEUE(&ic->ic_mgtq, m0);
1910 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif;
1911 m0->m_pkthdr.rcvif = NULL;
1913 if (ic->ic_rawbpf != NULL)
1914 bpf_mtap(ic->ic_rawbpf, m0);
1916 if (rt2661_tx_mgt(sc, m0, ni) != 0)
1919 if (ic->ic_state != IEEE80211_S_RUN)
1922 m0 = ifq_dequeue(&ifp->if_snd, NULL);
1926 if (m0->m_len < sizeof (struct ether_header) &&
1927 !(m0 = m_pullup(m0, sizeof (struct ether_header))))
1930 eh = mtod(m0, struct ether_header *);
1931 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1938 /* classify mbuf so we can find which tx ring to use */
1939 if (ieee80211_classify(ic, m0, ni) != 0) {
1941 ieee80211_free_node(ni);
1946 /* no QoS encapsulation for EAPOL frames */
1947 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ?
1948 M_WME_GETAC(m0) : WME_AC_BE;
1950 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) {
1951 /* there is no place left in this ring */
1952 ifp->if_flags |= IFF_OACTIVE;
1954 ieee80211_free_node(ni);
1960 m0 = ieee80211_encap(ic, m0, ni);
1962 ieee80211_free_node(ni);
1967 if (ic->ic_rawbpf != NULL)
1968 bpf_mtap(ic->ic_rawbpf, m0);
1970 if (rt2661_tx_data(sc, m0, ni, ac) != 0) {
1971 ieee80211_free_node(ni);
1977 sc->sc_tx_timer = 5;
1983 rt2661_watchdog(struct ifnet *ifp)
1985 struct rt2661_softc *sc = ifp->if_softc;
1986 struct ieee80211com *ic = &sc->sc_ic;
1990 if (sc->sc_tx_timer > 0) {
1991 if (--sc->sc_tx_timer == 0) {
1992 device_printf(sc->sc_dev, "device timeout\n");
2000 ieee80211_watchdog(ic);
2004 * This function allows for fast channel switching in monitor mode (used by
2005 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to
2006 * generate a new beacon frame.
2009 rt2661_reset(struct ifnet *ifp)
2011 struct rt2661_softc *sc = ifp->if_softc;
2012 struct ieee80211com *ic = &sc->sc_ic;
2014 if (ic->ic_opmode != IEEE80211_M_MONITOR)
2017 rt2661_set_chan(sc, ic->ic_curchan);
2023 rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
2025 struct rt2661_softc *sc = ifp->if_softc;
2026 struct ieee80211com *ic = &sc->sc_ic;
2031 if (ifp->if_flags & IFF_UP) {
2032 if (ifp->if_flags & IFF_RUNNING)
2033 rt2661_update_promisc(sc);
2037 if (ifp->if_flags & IFF_RUNNING)
2043 error = ieee80211_ioctl(ic, cmd, data, cr);
2046 if (error == ENETRESET) {
2047 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
2048 (IFF_UP | IFF_RUNNING) &&
2049 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL))
2057 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val)
2062 for (ntries = 0; ntries < 100; ntries++) {
2063 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY))
2067 if (ntries == 100) {
2068 device_printf(sc->sc_dev, "could not write to BBP\n");
2072 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val;
2073 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp);
2075 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val));
2079 DPRINTF(("record bbp17 %#x\n", val));
2085 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg)
2090 for (ntries = 0; ntries < 100; ntries++) {
2091 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY))
2095 if (ntries == 100) {
2096 device_printf(sc->sc_dev, "could not read from BBP\n");
2100 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8;
2101 RAL_WRITE(sc, RT2661_PHY_CSR3, val);
2103 for (ntries = 0; ntries < 100; ntries++) {
2104 val = RAL_READ(sc, RT2661_PHY_CSR3);
2105 if (!(val & RT2661_BBP_BUSY))
2110 device_printf(sc->sc_dev, "could not read from BBP\n");
2115 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val)
2120 for (ntries = 0; ntries < 100; ntries++) {
2121 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY))
2125 if (ntries == 100) {
2126 device_printf(sc->sc_dev, "could not write to RF\n");
2130 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 |
2132 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp);
2134 /* remember last written value in sc */
2135 sc->rf_regs[reg] = val;
2137 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff));
2141 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg)
2143 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY)
2144 return EIO; /* there is already a command pending */
2146 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR,
2147 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg);
2149 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd);
2155 rt2661_select_antenna(struct rt2661_softc *sc)
2157 uint8_t bbp4, bbp77;
2160 bbp4 = rt2661_bbp_read(sc, 4);
2161 bbp77 = rt2661_bbp_read(sc, 77);
2165 /* make sure Rx is disabled before switching antenna */
2166 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2167 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2169 rt2661_bbp_write(sc, 4, bbp4);
2170 rt2661_bbp_write(sc, 77, bbp77);
2172 /* restore Rx filter */
2173 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2177 * Enable multi-rate retries for frames sent at OFDM rates.
2178 * In 802.11b/g mode, allow fallback to CCK rates.
2181 rt2661_enable_mrr(struct rt2661_softc *sc)
2183 struct ieee80211com *ic = &sc->sc_ic;
2186 tmp = RAL_READ(sc, RT2661_TXRX_CSR4);
2188 tmp &= ~RT2661_MRR_CCK_FALLBACK;
2189 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan))
2190 tmp |= RT2661_MRR_CCK_FALLBACK;
2191 tmp |= RT2661_MRR_ENABLED;
2192 tmp |= RT2661_SRETRY_LIMIT(7) | RT2661_LRETRY_LIMIT(4);
2194 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp);
2198 rt2661_set_txpreamble(struct rt2661_softc *sc)
2202 tmp = RAL_READ(sc, RT2661_TXRX_CSR4);
2204 tmp &= ~RT2661_SHORT_PREAMBLE;
2205 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
2206 tmp |= RT2661_SHORT_PREAMBLE;
2208 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp);
2212 rt2661_set_ackrates(struct rt2661_softc *sc, const struct ieee80211_rateset *rs)
2214 #define RV(r) ((r) & IEEE80211_RATE_VAL)
2215 struct ieee80211com *ic = &sc->sc_ic;
2220 for (i = 0; i < rs->rs_nrates; i++) {
2221 rate = rs->rs_rates[i];
2223 if (!(rate & IEEE80211_RATE_BASIC))
2227 * Find h/w rate index. We know it exists because the rate
2228 * set has already been negotiated.
2230 for (j = 0; rt2661_rateset_11g.rs_rates[j] != RV(rate); j++)
2236 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) &&
2237 ic->ic_curmode != IEEE80211_MODE_11B &&
2238 ieee80211_iserp_rateset(ic, rs)) {
2240 * Always set following rates as ACK rates to conform
2241 * IEEE Std 802.11g-2003 clause 9.6
2250 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask);
2252 DPRINTF(("Setting ack rate mask to 0x%x\n", mask));
2257 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference
2261 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c)
2263 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104;
2266 /* update all BBP registers that depend on the band */
2267 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c;
2268 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48;
2269 if (IEEE80211_IS_CHAN_5GHZ(c)) {
2270 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c;
2271 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10;
2273 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
2274 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
2275 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10;
2278 rt2661_bbp_write(sc, 17, bbp17);
2279 rt2661_bbp_write(sc, 96, bbp96);
2280 rt2661_bbp_write(sc, 104, bbp104);
2282 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
2283 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
2284 rt2661_bbp_write(sc, 75, 0x80);
2285 rt2661_bbp_write(sc, 86, 0x80);
2286 rt2661_bbp_write(sc, 88, 0x80);
2289 rt2661_bbp_write(sc, 35, bbp35);
2290 rt2661_bbp_write(sc, 97, bbp97);
2291 rt2661_bbp_write(sc, 98, bbp98);
2293 tmp = RAL_READ(sc, RT2661_PHY_CSR0);
2294 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ);
2295 if (IEEE80211_IS_CHAN_2GHZ(c))
2296 tmp |= RT2661_PA_PE_2GHZ;
2298 tmp |= RT2661_PA_PE_5GHZ;
2299 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp);
2303 rt2661_set_txpower(struct rt2661_softc *sc, int8_t power)
2305 const struct rt2661_rfprog *rfprog = sc->rfprog;
2306 int i = sc->sc_curchan_idx;
2308 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2309 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2310 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7);
2311 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2315 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2316 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2317 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1);
2318 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2322 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2323 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2324 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7);
2325 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2327 sc->sc_txpwr = power;
2331 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c)
2333 struct ieee80211com *ic = &sc->sc_ic;
2334 const struct rt2661_rfprog *rfprog = sc->rfprog;
2335 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT;
2339 chan = ieee80211_chan2ieee(ic, c);
2340 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
2343 /* find the settings for this channel (we know it exists) */
2344 for (i = 0; rfprog[i].chan != chan; i++)
2346 KASSERT(i < RT2661_NCHAN_MAX, ("invalid channel %d\n", chan));
2347 sc->sc_curchan_idx = i;
2349 power = sc->txpow[i];
2353 } else if (power > 31) {
2354 bbp94 += power - 31;
2358 power = rt2661_txpower(sc, power);
2361 * If we are switching from the 2GHz band to the 5GHz band or
2362 * vice-versa, BBP registers need to be reprogrammed.
2364 if (c->ic_flags != sc->sc_curchan->ic_flags) {
2365 rt2661_select_band(sc, c);
2366 rt2661_select_antenna(sc);
2370 rt2661_set_txpower(sc, power);
2372 /* enable smart mode for MIMO-capable RFs */
2373 bbp3 = rt2661_bbp_read(sc, 3);
2375 bbp3 &= ~RT2661_SMART_MODE;
2376 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529)
2377 bbp3 |= RT2661_SMART_MODE;
2379 rt2661_bbp_write(sc, 3, bbp3);
2381 if (bbp94 != RT2661_BBPR94_DEFAULT)
2382 rt2661_bbp_write(sc, 94, bbp94);
2384 /* 5GHz radio needs a 1ms delay here */
2385 if (IEEE80211_IS_CHAN_5GHZ(c))
2388 sc->sc_sifs = IEEE80211_IS_CHAN_5GHZ(c) ? IEEE80211_DUR_OFDM_SIFS
2389 : IEEE80211_DUR_SIFS;
2393 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid)
2397 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24;
2398 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp);
2400 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16;
2401 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp);
2405 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr)
2409 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24;
2410 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp);
2412 tmp = addr[4] | addr[5] << 8;
2413 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp);
2417 rt2661_update_promisc(struct rt2661_softc *sc)
2419 struct ifnet *ifp = sc->sc_ic.ic_ifp;
2422 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2424 tmp &= ~RT2661_DROP_NOT_TO_ME;
2425 if (!(ifp->if_flags & IFF_PROMISC))
2426 tmp |= RT2661_DROP_NOT_TO_ME;
2428 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2430 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
2431 "entering" : "leaving"));
2435 * Update QoS (802.11e) settings for each h/w Tx ring.
2438 rt2661_wme_update(struct ieee80211com *ic)
2440 struct rt2661_softc *sc = ic->ic_ifp->if_softc;
2441 const struct wmeParams *wmep;
2443 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams;
2445 /* XXX: not sure about shifts. */
2446 /* XXX: the reference driver plays with AC_VI settings too. */
2449 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0,
2450 wmep[WME_AC_BE].wmep_txopLimit << 16 |
2451 wmep[WME_AC_BK].wmep_txopLimit);
2452 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1,
2453 wmep[WME_AC_VI].wmep_txopLimit << 16 |
2454 wmep[WME_AC_VO].wmep_txopLimit);
2457 RAL_WRITE(sc, RT2661_CWMIN_CSR,
2458 wmep[WME_AC_BE].wmep_logcwmin << 12 |
2459 wmep[WME_AC_BK].wmep_logcwmin << 8 |
2460 wmep[WME_AC_VI].wmep_logcwmin << 4 |
2461 wmep[WME_AC_VO].wmep_logcwmin);
2464 RAL_WRITE(sc, RT2661_CWMAX_CSR,
2465 wmep[WME_AC_BE].wmep_logcwmax << 12 |
2466 wmep[WME_AC_BK].wmep_logcwmax << 8 |
2467 wmep[WME_AC_VI].wmep_logcwmax << 4 |
2468 wmep[WME_AC_VO].wmep_logcwmax);
2471 RAL_WRITE(sc, RT2661_AIFSN_CSR,
2472 wmep[WME_AC_BE].wmep_aifsn << 12 |
2473 wmep[WME_AC_BK].wmep_aifsn << 8 |
2474 wmep[WME_AC_VI].wmep_aifsn << 4 |
2475 wmep[WME_AC_VO].wmep_aifsn);
2481 rt2661_update_slot(struct ifnet *ifp)
2483 struct rt2661_softc *sc = ifp->if_softc;
2484 struct ieee80211com *ic = &sc->sc_ic;
2488 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
2490 tmp = RAL_READ(sc, RT2661_MAC_CSR9);
2491 tmp = (tmp & ~0xff) | slottime;
2492 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp);
2496 rt2661_get_rf(int rev)
2499 case RT2661_RF_5225: return "RT5225";
2500 case RT2661_RF_5325: return "RT5325 (MIMO XR)";
2501 case RT2661_RF_2527: return "RT2527";
2502 case RT2661_RF_2529: return "RT2529 (MIMO XR)";
2503 default: return "unknown";
2508 rt2661_read_config(struct rt2661_softc *sc)
2510 struct ieee80211com *ic = &sc->sc_ic;
2515 /* read MAC address */
2516 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01);
2517 ic->ic_myaddr[0] = val & 0xff;
2518 ic->ic_myaddr[1] = val >> 8;
2520 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23);
2521 ic->ic_myaddr[2] = val & 0xff;
2522 ic->ic_myaddr[3] = val >> 8;
2524 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45);
2525 ic->ic_myaddr[4] = val & 0xff;
2526 ic->ic_myaddr[5] = val >> 8;
2528 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA);
2529 /* XXX: test if different from 0xffff? */
2530 sc->rf_rev = (val >> 11) & 0x1f;
2531 sc->hw_radio = (val >> 10) & 0x1;
2532 sc->rx_ant = (val >> 4) & 0x3;
2533 sc->tx_ant = (val >> 2) & 0x3;
2534 sc->nb_ant = val & 0x3;
2536 DPRINTF(("RF revision=%d, nb_ant %d, rxant %d, txant %d\n",
2537 sc->rf_rev, sc->nb_ant, sc->rx_ant, sc->tx_ant));
2539 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2);
2540 sc->ext_5ghz_lna = (val >> 6) & 0x1;
2541 sc->ext_2ghz_lna = (val >> 4) & 0x1;
2543 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n",
2544 sc->ext_2ghz_lna, sc->ext_5ghz_lna));
2546 if (sc->ext_2ghz_lna) {
2547 sc->bbp17_2ghz_min = 0x30;
2548 sc->bbp17_2ghz_max = 0x50;
2550 sc->bbp17_2ghz_min = 0x20;
2551 sc->bbp17_2ghz_max = 0x40;
2554 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET);
2555 sc->rssi_2ghz_corr[0] = (int8_t)(val & 0xff); /* signed */
2556 sc->rssi_2ghz_corr[1] = (int8_t)(val >> 8); /* signed */
2558 /* Only [-10, 10] is valid */
2559 for (i = 0; i < 2; ++i) {
2560 if (sc->rssi_2ghz_corr[i] < -10 || sc->rssi_2ghz_corr[i] > 10)
2561 sc->rssi_2ghz_corr[i] = 0;
2564 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET);
2565 if ((val & 0xff) != 0xff)
2566 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */
2568 /* Only [-10, 10] is valid */
2569 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10)
2570 sc->rssi_5ghz_corr = 0;
2572 /* adjust RSSI correction for external low-noise amplifier */
2573 if (sc->ext_2ghz_lna) {
2574 sc->rssi_2ghz_corr[0] -= 14;
2575 sc->rssi_2ghz_corr[1] -= 14;
2577 if (sc->ext_5ghz_lna)
2578 sc->rssi_5ghz_corr -= 14;
2580 DPRINTF(("RSSI 2GHz corr0=%d corr1=%d\nRSSI 5GHz corr=%d\n",
2581 sc->rssi_2ghz_corr[0], sc->rssi_2ghz_corr[1], sc->rssi_5ghz_corr));
2583 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET);
2584 if ((val >> 8) != 0xff)
2585 rfprog = (val >> 8) & 0x3;
2586 if ((val & 0xff) != 0xff)
2587 sc->rffreq = val & 0xff;
2589 DPRINTF(("RF prog=%d\nRF freq=%d\n", rfprog, sc->rffreq));
2591 sc->rfprog = rfprog == 0 ? rt2661_rf5225_1 : rt2661_rf5225_2;
2593 #define NCHAN_2GHZ 14
2594 #define NCHAN_5GHZ 24
2596 * Read channel TX power
2599 rt2661_read_txpower_config(sc, RT2661_EEPROM_TXPOWER_2GHZ,
2600 NCHAN_2GHZ, &start_chan);
2601 rt2661_read_txpower_config(sc, RT2661_EEPROM_TXPOWER_5GHZ,
2602 NCHAN_5GHZ, &start_chan);
2606 /* read vendor-specific BBP values */
2607 for (i = 0; i < 16; i++) {
2608 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i);
2609 if (val == 0 || val == 0xffff)
2610 continue; /* skip invalid entries */
2611 sc->bbp_prom[i].reg = val >> 8;
2612 sc->bbp_prom[i].val = val & 0xff;
2613 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg,
2614 sc->bbp_prom[i].val));
2617 val = rt2661_eeprom_read(sc, RT2661_EEPROM_LED_OFFSET);
2618 DPRINTF(("LED %02x\n", val));
2619 if (val == 0xffff) {
2620 sc->mcu_led = RT2661_MCU_LED_DEFAULT;
2622 #define N(arr) (int)(sizeof(arr) / sizeof(arr[0]))
2624 for (i = 0; i < N(led_ee2mcu); ++i) {
2625 if (val & led_ee2mcu[i].ee_bit)
2626 sc->mcu_led |= led_ee2mcu[i].mcu_bit;
2631 sc->mcu_led |= ((val >> RT2661_EE_LED_MODE_SHIFT) &
2632 RT2661_EE_LED_MODE_MASK);
2635 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TSSI5);
2636 DPRINTF(("tssi5 %#x\n", val));
2640 rt2661_bbp_init(struct rt2661_softc *sc)
2642 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2646 /* wait for BBP to be ready */
2647 for (ntries = 0; ntries < 100; ntries++) {
2648 val = rt2661_bbp_read(sc, 0);
2649 if (val != 0 && val != 0xff)
2653 if (ntries == 100) {
2654 device_printf(sc->sc_dev, "timeout waiting for BBP\n");
2658 /* initialize BBP registers to default values */
2659 for (i = 0; i < N(rt2661_def_bbp); i++) {
2660 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg,
2661 rt2661_def_bbp[i].val);
2664 /* write vendor-specific BBP values (from EEPROM) */
2665 for (i = 0; i < 16; i++) {
2666 if (sc->bbp_prom[i].reg == 0)
2668 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val);
2676 rt2661_init(void *priv)
2678 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2679 struct rt2661_softc *sc = priv;
2680 struct ieee80211com *ic = &sc->sc_ic;
2681 struct ifnet *ifp = ic->ic_ifp;
2682 uint32_t tmp, sta[3];
2687 /* initialize Tx rings */
2688 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr);
2689 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr);
2690 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr);
2691 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr);
2693 /* initialize Mgt ring */
2694 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr);
2696 /* initialize Rx ring */
2697 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr);
2699 /* initialize Tx rings sizes */
2700 RAL_WRITE(sc, RT2661_TX_RING_CSR0,
2701 RT2661_TX_RING_COUNT << 24 |
2702 RT2661_TX_RING_COUNT << 16 |
2703 RT2661_TX_RING_COUNT << 8 |
2704 RT2661_TX_RING_COUNT);
2706 RAL_WRITE(sc, RT2661_TX_RING_CSR1,
2707 RT2661_TX_DESC_WSIZE << 16 |
2708 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */
2709 RT2661_MGT_RING_COUNT);
2711 /* initialize Rx rings */
2712 RAL_WRITE(sc, RT2661_RX_RING_CSR,
2713 RT2661_RX_DESC_BACK << 16 |
2714 RT2661_RX_DESC_WSIZE << 8 |
2715 RT2661_RX_RING_COUNT);
2717 /* XXX: some magic here */
2718 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa);
2720 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */
2721 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f);
2723 /* load base address of Rx ring */
2724 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2);
2726 /* initialize MAC registers to default values */
2727 for (i = 0; i < N(rt2661_def_mac); i++)
2728 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val);
2730 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp));
2731 rt2661_set_macaddr(sc, ic->ic_myaddr);
2733 /* set host ready */
2734 RAL_WRITE(sc, RT2661_MAC_CSR1, 3);
2735 RAL_WRITE(sc, RT2661_MAC_CSR1, 0);
2737 /* wait for BBP/RF to wakeup */
2738 for (ntries = 0; ntries < 1000; ntries++) {
2739 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8)
2743 if (ntries == 1000) {
2744 kprintf("timeout waiting for BBP/RF to wakeup\n");
2749 if (rt2661_bbp_init(sc) != 0) {
2754 /* select default channel */
2755 sc->sc_curchan = ic->ic_curchan;
2756 rt2661_select_band(sc, sc->sc_curchan);
2757 rt2661_select_antenna(sc);
2758 rt2661_set_chan(sc, sc->sc_curchan);
2760 /* update Rx filter */
2761 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff;
2763 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR;
2764 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2765 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR |
2767 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
2768 tmp |= RT2661_DROP_TODS;
2769 if (!(ifp->if_flags & IFF_PROMISC))
2770 tmp |= RT2661_DROP_NOT_TO_ME;
2773 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2775 /* clear STA registers */
2776 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta));
2778 /* initialize ASIC */
2779 RAL_WRITE(sc, RT2661_MAC_CSR1, 4);
2781 /* clear any pending interrupt */
2782 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff);
2784 /* enable interrupts */
2785 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10);
2786 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0);
2789 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1);
2791 ifp->if_flags &= ~IFF_OACTIVE;
2792 ifp->if_flags |= IFF_RUNNING;
2794 for (i = 0; i < IEEE80211_WEP_NKID; ++i) {
2795 uint8_t mac[IEEE80211_ADDR_LEN];
2796 const struct ieee80211_key *k = &ic->ic_nw_keys[i];
2798 if (k->wk_keyix != IEEE80211_KEYIX_NONE)
2799 rt2661_key_set(ic, k, mac);
2802 RT2661_RESET_AVG_RSSI(sc);
2804 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2805 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
2806 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2808 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2814 rt2661_stop(void *priv)
2816 struct rt2661_softc *sc = priv;
2817 struct ieee80211com *ic = &sc->sc_ic;
2818 struct ifnet *ifp = ic->ic_ifp;
2819 struct rt2661_tx_ratectl *rctl;
2822 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
2824 sc->sc_tx_timer = 0;
2826 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
2828 /* abort Tx (for all 5 Tx rings) */
2829 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16);
2831 /* disable Rx (value remains after reset!) */
2832 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2833 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2836 RAL_WRITE(sc, RT2661_MAC_CSR1, 3);
2837 RAL_WRITE(sc, RT2661_MAC_CSR1, 0);
2839 /* disable interrupts */
2840 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff);
2841 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff);
2843 /* clear any pending interrupt */
2844 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff);
2845 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff);
2847 while ((rctl = STAILQ_FIRST(&sc->tx_ratectl)) != NULL) {
2848 STAILQ_REMOVE_HEAD(&sc->tx_ratectl, link);
2849 ieee80211_free_node(rctl->ni);
2851 kfree(rctl, M_RT2661);
2854 /* reset Tx and Rx rings */
2855 rt2661_reset_tx_ring(sc, &sc->txq[0]);
2856 rt2661_reset_tx_ring(sc, &sc->txq[1]);
2857 rt2661_reset_tx_ring(sc, &sc->txq[2]);
2858 rt2661_reset_tx_ring(sc, &sc->txq[3]);
2859 rt2661_reset_tx_ring(sc, &sc->mgtq);
2860 rt2661_reset_rx_ring(sc, &sc->rxq);
2862 /* Clear key map. */
2863 bzero(sc->sc_keymap, sizeof(sc->sc_keymap));
2867 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size)
2872 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET);
2874 /* cancel any pending Host to MCU command */
2875 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0);
2876 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff);
2877 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0);
2879 /* write 8051's microcode */
2880 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL);
2881 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size);
2882 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET);
2884 /* kick 8051's ass */
2885 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0);
2887 /* wait for 8051 to initialize */
2888 for (ntries = 0; ntries < 500; ntries++) {
2889 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY)
2893 if (ntries == 500) {
2894 kprintf("timeout waiting for MCU to initialize\n");
2901 rt2661_prepare_beacon(struct rt2661_softc *sc)
2903 struct ieee80211com *ic = &sc->sc_ic;
2904 struct ieee80211_beacon_offsets bo;
2905 struct rt2661_tx_desc desc;
2909 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo);
2911 device_printf(sc->sc_dev, "could not allocate beacon frame\n");
2915 /* send beacons at the lowest available rate */
2916 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2;
2918 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ,
2919 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT, 0, NULL, NULL, NULL);
2921 /* copy the first 24 bytes of Tx descriptor into NIC memory */
2922 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24);
2924 /* copy beacon header and payload into NIC memory */
2925 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24,
2926 mtod(m0, uint8_t *), m0->m_pkthdr.len);
2933 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS
2934 * and HostAP operating modes.
2937 rt2661_enable_tsf_sync(struct rt2661_softc *sc)
2939 struct ieee80211com *ic = &sc->sc_ic;
2942 if (ic->ic_opmode != IEEE80211_M_STA) {
2944 * Change default 16ms TBTT adjustment to 8ms.
2945 * Must be done before enabling beacon generation.
2947 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8);
2950 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000;
2952 /* set beacon interval (in 1/16ms unit) */
2953 tmp |= ic->ic_bss->ni_intval * 16;
2955 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT;
2956 if (ic->ic_opmode == IEEE80211_M_STA)
2957 tmp |= RT2661_TSF_MODE(1);
2959 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON;
2961 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp);
2965 * Retrieve the "Received Signal Strength Indicator" from the raw values
2966 * contained in Rx descriptors. The computation depends on which band the
2967 * frame was received. Correction values taken from the reference driver.
2970 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw, int i)
2974 lna = (raw >> 5) & 0x3;
2981 * NB: Since RSSI is relative to noise floor, -1 is
2982 * adequate for caller to know error happened.
2987 rssi = (2 * agc) - RT2661_NOISE_FLOOR;
2989 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) {
2990 rssi += sc->rssi_2ghz_corr[i];
2999 rssi += sc->rssi_5ghz_corr;
3009 if (sc->avg_rssi[i] < 0) {
3010 sc->avg_rssi[i] = rssi;
3013 ((sc->avg_rssi[i] << 3) - sc->avg_rssi[i] + rssi) >> 3;
3019 rt2661_dma_map_mbuf(void *arg, bus_dma_segment_t *seg, int nseg,
3020 bus_size_t map_size __unused, int error)
3022 struct rt2661_dmamap *map = arg;
3027 KASSERT(nseg <= RT2661_MAX_SCATTER, ("too many DMA segments"));
3029 bcopy(seg, map->segs, nseg * sizeof(bus_dma_segment_t));
3034 rt2661_led_newstate(struct rt2661_softc *sc, enum ieee80211_state nstate)
3036 struct ieee80211com *ic = &sc->sc_ic;
3038 uint32_t mail = sc->mcu_led;
3040 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) {
3041 DPRINTF(("%s failed\n", __func__));
3046 case IEEE80211_S_INIT:
3047 mail &= ~(RT2661_MCU_LED_LINKA | RT2661_MCU_LED_LINKG |
3051 if (ic->ic_curchan == NULL)
3054 on = RT2661_MCU_LED_LINKG;
3055 off = RT2661_MCU_LED_LINKA;
3056 if (IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan)) {
3057 on = RT2661_MCU_LED_LINKA;
3058 off = RT2661_MCU_LED_LINKG;
3061 mail |= RT2661_MCU_LED_RF | on;
3066 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR,
3067 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | mail);
3068 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | RT2661_MCU_SET_LED);
3072 rt2661_read_txpower_config(struct rt2661_softc *sc, uint8_t txpwr_ofs,
3073 int nchan, int *start_chan0)
3076 int start_chan = *start_chan0;
3078 KASSERT(nchan % 2 == 0, ("number of channels %d is not even\n", nchan));
3079 KASSERT(start_chan + nchan <= RT2661_NCHAN_MAX, ("too many channels"));
3081 loop_max = nchan / 2;
3083 for (i = 0; i < loop_max; i++) {
3087 val = rt2661_eeprom_read(sc, txpwr_ofs + i);
3088 chan_idx = i * 2 + start_chan;
3090 for (j = 0; j < 2; ++j) {
3091 int8_t tx_power; /* signed */
3093 tx_power = (int8_t)((val >> (8 * j)) & 0xff);
3094 if (tx_power > RT2661_TXPOWER_MAX)
3095 tx_power = RT2661_TXPOWER_DEFAULT;
3097 sc->txpow[chan_idx] = tx_power;
3098 DPRINTF(("Channel=%d Tx power=%d\n",
3099 rt2661_rf5225_1[chan_idx].chan, sc->txpow[chan_idx]));
3104 *start_chan0 += nchan;
3108 rt2661_key_alloc(struct ieee80211com *ic, const struct ieee80211_key *key,
3109 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix)
3111 struct rt2661_softc *sc = ic->ic_if.if_softc;
3113 DPRINTF(("%s: ", __func__));
3115 if (key->wk_flags & IEEE80211_KEY_SWCRYPT) {
3116 DPRINTF(("alloc sw key\n"));
3117 return sc->sc_key_alloc(ic, key, keyix, rxkeyix);
3120 if (key->wk_flags & IEEE80211_KEY_GROUP) { /* Global key */
3121 DPRINTF(("alloc group key\n"));
3123 KASSERT(key >= &ic->ic_nw_keys[0] &&
3124 key < &ic->ic_nw_keys[IEEE80211_WEP_NKID],
3125 ("bogus group key\n"));
3127 *keyix = *rxkeyix = key - ic->ic_nw_keys;
3129 } else { /* Pairwise key */
3132 DPRINTF(("alloc pairwise key\n"));
3134 for (i = IEEE80211_WEP_NKID; i < RT2661_KEY_MAX; ++i) {
3135 if (!RT2661_KEY_ISSET(sc, i))
3138 #ifndef MIXED_KEY_TEST
3139 if (i == RT2661_KEY_MAX)
3142 if (i != IEEE80211_WEP_NKID)
3146 RT2661_KEY_SET(sc, i);
3147 *keyix = *rxkeyix = i;
3153 rt2661_key_delete(struct ieee80211com *ic, const struct ieee80211_key *key)
3155 struct rt2661_softc *sc = ic->ic_if.if_softc;
3158 DPRINTF(("%s: keyix %d, rxkeyix %d, ", __func__,
3159 key->wk_keyix, key->wk_rxkeyix));
3161 if (key->wk_flags & IEEE80211_KEY_SWCRYPT) {
3162 DPRINTF(("delete sw key\n"));
3163 return sc->sc_key_delete(ic, key);
3166 if (key->wk_keyix < IEEE80211_WEP_NKID) { /* Global key */
3167 DPRINTF(("delete global key\n"));
3168 val = RAL_READ(sc, RT2661_SEC_CSR0);
3169 val &= ~(1 << key->wk_keyix);
3170 RAL_WRITE(sc, RT2661_SEC_CSR0, val);
3171 } else { /* Pairwise key */
3172 DPRINTF(("delete pairwise key\n"));
3174 RT2661_KEY_CLR(sc, key->wk_keyix);
3175 if (key->wk_keyix < 32) {
3176 val = RAL_READ(sc, RT2661_SEC_CSR2);
3177 val &= ~(1 << key->wk_keyix);
3178 RAL_WRITE(sc, RT2661_SEC_CSR2, val);
3180 val = RAL_READ(sc, RT2661_SEC_CSR3);
3181 val &= ~(1 << (key->wk_keyix - 32));
3182 RAL_WRITE(sc, RT2661_SEC_CSR3, val);
3189 rt2661_key_set(struct ieee80211com *ic, const struct ieee80211_key *key,
3190 const uint8_t mac[IEEE80211_ADDR_LEN])
3192 struct rt2661_softc *sc = ic->ic_if.if_softc;
3195 DPRINTF(("%s: keyix %d, rxkeyix %d, flags 0x%04x, ", __func__,
3196 key->wk_keyix, key->wk_rxkeyix, key->wk_flags));
3198 if (key->wk_flags & IEEE80211_KEY_SWCRYPT) {
3199 DPRINTF(("set sw key\n"));
3200 return sc->sc_key_set(ic, key, mac);
3203 if (key->wk_keyix < IEEE80211_WEP_NKID) { /* Global Key */
3204 int cipher, keyix_shift;
3206 DPRINTF(("set global key\n"));
3209 * Install key content.
3211 addr = RT2661_GLOBAL_KEY_BASE +
3212 (key->wk_keyix * sizeof(key->wk_key));
3213 RAL_WRITE_REGION_1(sc, addr, key->wk_key, sizeof(key->wk_key));
3218 cipher = rt2661_cipher(key);
3219 keyix_shift = key->wk_keyix * 4;
3221 val = RAL_READ(sc, RT2661_SEC_CSR1);
3222 val &= ~(0xf << keyix_shift);
3223 val |= cipher << keyix_shift;
3224 RAL_WRITE(sc, RT2661_SEC_CSR1, val);
3229 val = RAL_READ(sc, RT2661_SEC_CSR0);
3230 val |= 1 << key->wk_keyix;
3231 RAL_WRITE(sc, RT2661_SEC_CSR0, val);
3232 } else { /* Pairwise key */
3233 uint8_t mac_cipher[IEEE80211_ADDR_LEN + 1];
3235 DPRINTF(("set pairwise key\n"));
3238 * Install key content.
3240 addr = RT2661_PAIRWISE_KEY_BASE +
3241 (key->wk_keyix * sizeof(key->wk_key));
3242 RAL_WRITE_REGION_1(sc, addr, key->wk_key, sizeof(key->wk_key));
3245 * Set target address and key cipher.
3247 memcpy(mac_cipher, mac, IEEE80211_ADDR_LEN);
3248 mac_cipher[IEEE80211_ADDR_LEN] = rt2661_cipher(key);
3250 /* XXX Actually slot size is 1 byte bigger than mac_cipher */
3251 addr = RT2661_TARGET_ADDR_BASE +
3252 (key->wk_keyix * (IEEE80211_ADDR_LEN + 2));
3253 RAL_WRITE_REGION_1(sc, addr, mac_cipher, sizeof(mac_cipher));
3258 if (key->wk_keyix < 32) {
3259 val = RAL_READ(sc, RT2661_SEC_CSR2);
3260 val |= 1 << key->wk_keyix;
3261 RAL_WRITE(sc, RT2661_SEC_CSR2, val);
3263 val = RAL_READ(sc, RT2661_SEC_CSR3);
3264 val |= 1 << (key->wk_keyix - 32);
3265 RAL_WRITE(sc, RT2661_SEC_CSR3, val);
3269 * Enable pairwise key looking up when RX.
3271 RAL_WRITE(sc, RT2661_SEC_CSR4, 1);
3277 rt2661_ratectl_attach(struct ieee80211com *ic, u_int rc)
3279 struct rt2661_softc *sc = ic->ic_if.if_softc;
3282 case IEEE80211_RATECTL_ONOE:
3283 return &sc->sc_onoe_param;
3285 case IEEE80211_RATECTL_SAMPLE:
3286 if ((ic->ic_ratectl.rc_st_ratectl_cap &
3287 IEEE80211_RATECTL_CAP_SAMPLE) == 0)
3288 panic("sample rate control algo is not supported\n");
3289 return &sc->sc_sample_param;
3291 case IEEE80211_RATECTL_NONE:
3292 /* This could only happen during detaching */
3296 panic("unknown rate control algo %u\n", rc);
3302 rt2661_calib_txpower(struct rt2661_softc *sc)
3307 if (sc->sc_ic.ic_state != IEEE80211_S_RUN)
3310 cnt = sc->sc_txpwr_cnt;
3313 rssi_dbm = rt2661_avgrssi(sc);
3315 txpower = sc->txpow[sc->sc_curchan_idx];
3318 else if (txpower > 31)
3320 txpower = rt2661_txpower(sc, txpower);
3328 DPRINTF(("dbm %d, txpower %d\n", rssi_dbm, txpower));
3330 if (rssi_dbm > -30) {
3335 } else if (rssi_dbm > -45) {
3342 if (txpower != sc->sc_txpwr)
3343 rt2661_set_txpower(sc, txpower);
3347 rt2661_calib_rxsensibility(struct rt2661_softc *sc, uint32_t false_cca)
3349 #define MIDRANGE_RSSI -74
3354 if (sc->sc_ic.ic_state != IEEE80211_S_RUN)
3357 rssi_dbm = rt2661_avgrssi(sc);
3359 if (rssi_dbm >= MIDRANGE_RSSI) {
3360 if (rssi_dbm >= -35)
3362 else if (rssi_dbm >= -58)
3363 bbp17 = sc->bbp17_2ghz_max;
3364 else if (rssi_dbm >= -66)
3365 bbp17 = sc->bbp17_2ghz_min + 0x10;
3367 bbp17 = sc->bbp17_2ghz_min + 0x8;
3369 if (sc->bbp17 != bbp17)
3370 rt2661_bbp_write(sc, 17, bbp17);
3374 bbp17 = sc->bbp17_2ghz_max - (2 * (MIDRANGE_RSSI - rssi_dbm));
3375 if (bbp17 < sc->bbp17_2ghz_min)
3376 bbp17 = sc->bbp17_2ghz_min;
3378 if (sc->bbp17 > bbp17) {
3379 rt2661_bbp_write(sc, 17, bbp17);
3383 DPRINTF(("calibrate according to false CCA\n"));
3385 if (false_cca > 512 && sc->bbp17 > sc->bbp17_2ghz_min)
3386 rt2661_bbp_write(sc, 17, sc->bbp17 - 1);
3387 else if (false_cca < 100 && sc->bbp17 < bbp17)
3388 rt2661_bbp_write(sc, 17, sc->bbp17 + 1);
3390 #undef MIDRANGE_RSSI
3394 rt2661_calibrate(void *xsc)
3396 struct rt2661_softc *sc = xsc;
3397 struct ifnet *ifp = &sc->sc_ic.ic_if;
3400 lwkt_serialize_enter(ifp->if_serializer);
3402 false_cca = (RAL_READ(sc, RT2661_STA_CSR1) >> 16);
3403 DPRINTF(("false cca %u\n", false_cca));
3405 if (sc->sc_calib_rxsns)
3406 rt2661_calib_rxsensibility(sc, false_cca);
3408 if (sc->sc_calib_txpwr)
3409 rt2661_calib_txpower(sc);
3411 callout_reset(&sc->calib_ch, hz, rt2661_calibrate, sc);
3413 lwkt_serialize_exit(ifp->if_serializer);
projects / dragonfly.git / blob