3 * Damien Bergamini <damien.bergamini@free.fr>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 * $FreeBSD: src/sys/dev/ral/rt2661.c,v 1.4 2006/03/21 21:15:43 damien Exp $
18 * $DragonFly: src/sys/dev/netif/ral/rt2661.c,v 1.29 2008/02/08 09:42:30 sephe Exp $
22 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver
23 * http://www.ralinktech.com/
26 #include <sys/param.h>
28 #include <sys/endian.h>
29 #include <sys/kernel.h>
30 #include <sys/malloc.h>
32 #include <sys/module.h>
33 #include <sys/queue.h>
35 #include <sys/socket.h>
36 #include <sys/sockio.h>
37 #include <sys/sysctl.h>
38 #include <sys/serialize.h>
42 #include <net/if_arp.h>
43 #include <net/ethernet.h>
44 #include <net/if_dl.h>
45 #include <net/if_media.h>
46 #include <net/ifq_var.h>
48 #include <netproto/802_11/ieee80211_var.h>
49 #include <netproto/802_11/ieee80211_radiotap.h>
50 #include <netproto/802_11/wlan_ratectl/onoe/ieee80211_onoe_param.h>
51 #include <netproto/802_11/wlan_ratectl/sample/ieee80211_sample_param.h>
53 #include <dev/netif/ral/rt2661reg.h>
54 #include <dev/netif/ral/rt2661var.h>
55 #include <dev/netif/ral/rt2661_ucode.h>
58 #define DPRINTF(sc, x) \
59 do { if ((sc)->sc_debug > 0) kprintf x; } while (0)
60 #define DPRINTFN(sc, n, x) \
61 do { if ((sc)->sc_debug >= (n)) kprintf x; } while (0)
63 #define DPRINTF(sc, x)
64 #define DPRINTFN(sc, n, x)
67 MALLOC_DEFINE(M_RT2661, "rt2661_ratectl", "rt2661 rate control data");
69 static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int,
71 static void rt2661_dma_map_mbuf(void *, bus_dma_segment_t *, int,
73 static int rt2661_alloc_tx_ring(struct rt2661_softc *,
74 struct rt2661_tx_ring *, int);
75 static void rt2661_reset_tx_ring(struct rt2661_softc *,
76 struct rt2661_tx_ring *);
77 static void rt2661_free_tx_ring(struct rt2661_softc *,
78 struct rt2661_tx_ring *);
79 static int rt2661_alloc_rx_ring(struct rt2661_softc *,
80 struct rt2661_rx_ring *, int);
81 static void rt2661_reset_rx_ring(struct rt2661_softc *,
82 struct rt2661_rx_ring *);
83 static void rt2661_free_rx_ring(struct rt2661_softc *,
84 struct rt2661_rx_ring *);
85 static int rt2661_media_change(struct ifnet *);
86 static void rt2661_next_scan(void *);
87 static int rt2661_newstate(struct ieee80211com *,
88 enum ieee80211_state, int);
89 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t);
90 static void rt2661_rx_intr(struct rt2661_softc *);
91 static void rt2661_tx_intr(struct rt2661_softc *);
92 static void rt2661_tx_dma_intr(struct rt2661_softc *,
93 struct rt2661_tx_ring *);
94 static void rt2661_mcu_beacon_expire(struct rt2661_softc *);
95 static void rt2661_mcu_wakeup(struct rt2661_softc *);
96 static void rt2661_mcu_cmd_intr(struct rt2661_softc *);
97 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *);
98 static uint8_t rt2661_plcp_signal(int);
99 static void rt2661_setup_tx_desc(struct rt2661_softc *,
100 struct rt2661_tx_desc *, uint32_t, uint16_t, int,
101 int, const bus_dma_segment_t *, int, int, int,
102 const struct ieee80211_key *, void *,
103 const struct ieee80211_crypto_iv *);
104 static struct mbuf * rt2661_get_rts(struct rt2661_softc *,
105 struct ieee80211_frame *, uint16_t);
106 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *,
107 struct ieee80211_node *, int);
108 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *,
109 struct ieee80211_node *);
110 static void rt2661_start(struct ifnet *);
111 static void rt2661_watchdog(struct ifnet *);
112 static int rt2661_reset(struct ifnet *);
113 static int rt2661_ioctl(struct ifnet *, u_long, caddr_t,
115 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t,
117 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t);
118 static void rt2661_rf_write(struct rt2661_softc *, uint8_t,
120 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t,
122 static void rt2661_select_antenna(struct rt2661_softc *);
123 static void rt2661_enable_mrr(struct rt2661_softc *);
124 static void rt2661_set_txpreamble(struct rt2661_softc *);
125 static void rt2661_set_ackrates(struct rt2661_softc *,
126 const struct ieee80211_rateset *);
127 static void rt2661_select_band(struct rt2661_softc *,
128 struct ieee80211_channel *);
129 static void rt2661_set_chan(struct rt2661_softc *,
130 struct ieee80211_channel *);
131 static void rt2661_set_bssid(struct rt2661_softc *,
133 static void rt2661_set_macaddr(struct rt2661_softc *,
135 static void rt2661_update_promisc(struct rt2661_softc *);
136 static int rt2661_wme_update(struct ieee80211com *) __unused;
137 static void rt2661_update_slot(struct ifnet *);
138 static const char *rt2661_get_rf(int);
139 static void rt2661_read_config(struct rt2661_softc *);
140 static void rt2661_read_txpower_config(struct rt2661_softc *,
141 uint8_t, int, int *);
142 static int rt2661_bbp_init(struct rt2661_softc *);
143 static void rt2661_init(void *);
144 static void rt2661_stop(void *);
145 static void rt2661_intr(void *);
146 static int rt2661_load_microcode(struct rt2661_softc *,
147 const uint8_t *, int);
148 static int rt2661_prepare_beacon(struct rt2661_softc *);
149 static void rt2661_enable_tsf_sync(struct rt2661_softc *);
150 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t, int);
151 static void rt2661_led_newstate(struct rt2661_softc *,
152 enum ieee80211_state);
153 static int rt2661_key_alloc(struct ieee80211com *,
154 const struct ieee80211_key *,
155 ieee80211_keyix *, ieee80211_keyix *);
156 static int rt2661_key_delete(struct ieee80211com *,
157 const struct ieee80211_key *);
158 static int rt2661_key_set(struct ieee80211com *,
159 const struct ieee80211_key *,
160 const uint8_t mac[IEEE80211_ADDR_LEN]);
161 static void *rt2661_ratectl_attach(struct ieee80211com *, u_int);
162 static void rt2661_set_txpower(struct rt2661_softc *, int8_t);
163 static void rt2661_calibrate(void *);
164 static void rt2661_calib_txpower(struct rt2661_softc *);
165 static void rt2661_calib_rxsensibility(struct rt2661_softc *,
169 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
171 static const struct ieee80211_rateset rt2661_rateset_11a =
172 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
174 static const struct ieee80211_rateset rt2661_rateset_11b =
175 { 4, { 2, 4, 11, 22 } };
177 static const struct ieee80211_rateset rt2661_rateset_11g =
178 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
180 static const struct {
183 } rt2661_def_mac[] = {
187 static const struct {
190 } rt2661_def_bbp[] = {
194 static const struct rt2661_rfprog rt2661_rf5225_1[] = { RT2661_RF5225_1 };
195 static const struct rt2661_rfprog rt2661_rf5225_2[] = { RT2661_RF5225_2 };
197 #define LED_EE2MCU(bit) { \
198 .ee_bit = RT2661_EE_LED_##bit, \
199 .mcu_bit = RT2661_MCU_LED_##bit \
201 static const struct {
216 struct rt2661_dmamap {
217 bus_dma_segment_t segs[RT2661_MAX_SCATTER];
222 rt2661_cipher(const struct ieee80211_key *k)
224 switch (k->wk_cipher->ic_cipher) {
225 case IEEE80211_CIPHER_WEP:
226 if (k->wk_keylen == (40 / NBBY))
227 return RT2661_CIPHER_WEP40;
229 return RT2661_CIPHER_WEP104;
230 case IEEE80211_CIPHER_TKIP:
231 return RT2661_CIPHER_TKIP;
232 case IEEE80211_CIPHER_AES_CCM:
233 return RT2661_CIPHER_AES;
235 return RT2661_CIPHER_NONE;
239 static __inline int8_t
240 rt2661_txpower(const struct rt2661_softc *sc, int8_t power)
242 if (sc->sc_txpwr_corr > 0) {
243 if (power > sc->sc_txpwr_corr)
244 power -= sc->sc_txpwr_corr;
252 rt2661_avgrssi(const struct rt2661_softc *sc)
256 rssi_dbm = sc->avg_rssi[0] + RT2661_NOISE_FLOOR;
257 if (sc->rf_rev == RT2661_RF_2529) {
258 if (sc->avg_rssi[1] > sc->avg_rssi[0])
259 rssi_dbm = sc->avg_rssi[0] + RT2661_NOISE_FLOOR;
265 rt2661_attach(device_t dev, int id)
267 struct rt2661_softc *sc = device_get_softc(dev);
268 struct ieee80211com *ic = &sc->sc_ic;
269 struct ifnet *ifp = &ic->ic_if;
270 uint32_t val, bbp_type;
271 const uint8_t *ucode = NULL;
272 int error, i, ac, ntries, size = 0;
274 callout_init(&sc->scan_ch);
275 callout_init(&sc->calib_ch);
281 sc->sc_irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->sc_irq_rid,
282 RF_ACTIVE | RF_SHAREABLE);
283 if (sc->sc_irq == NULL) {
284 device_printf(dev, "could not allocate interrupt resource\n");
288 /* wait for NIC to initialize */
289 for (ntries = 0; ntries < 1000; ntries++) {
290 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0)
294 if (ntries == 1000) {
295 device_printf(sc->sc_dev,
296 "timeout waiting for NIC to initialize\n");
302 /* retrieve RF rev. no and various other things from EEPROM */
303 rt2661_read_config(sc);
305 device_printf(dev, "MAC/BBP RT%X, RF %s\n", bbp_type,
306 rt2661_get_rf(sc->rf_rev));
309 * Load 8051 microcode into NIC.
313 ucode = rt2561s_ucode;
314 size = sizeof rt2561s_ucode;
317 ucode = rt2561_ucode;
318 size = sizeof rt2561_ucode;
321 ucode = rt2661_ucode;
322 size = sizeof rt2661_ucode;
326 error = rt2661_load_microcode(sc, ucode, size);
328 device_printf(sc->sc_dev, "could not load 8051 microcode\n");
333 * Allocate Tx and Rx rings.
335 for (ac = 0; ac < 4; ac++) {
336 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac],
337 RT2661_TX_RING_COUNT);
339 device_printf(sc->sc_dev,
340 "could not allocate Tx ring %d\n", ac);
345 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT);
347 device_printf(sc->sc_dev, "could not allocate Mgt ring\n");
351 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT);
353 device_printf(sc->sc_dev, "could not allocate Rx ring\n");
357 STAILQ_INIT(&sc->tx_ratectl);
359 sysctl_ctx_init(&sc->sysctl_ctx);
360 sc->sysctl_tree = SYSCTL_ADD_NODE(&sc->sysctl_ctx,
361 SYSCTL_STATIC_CHILDREN(_hw),
363 device_get_nameunit(dev),
365 if (sc->sysctl_tree == NULL) {
366 device_printf(dev, "could not add sysctl node\n");
372 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
373 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
374 ifp->if_init = rt2661_init;
375 ifp->if_ioctl = rt2661_ioctl;
376 ifp->if_start = rt2661_start;
377 ifp->if_watchdog = rt2661_watchdog;
378 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
379 ifq_set_ready(&ifp->if_snd);
381 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
382 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
383 ic->ic_state = IEEE80211_S_INIT;
384 rt2661_led_newstate(sc, IEEE80211_S_INIT);
386 IEEE80211_ONOE_PARAM_SETUP(&sc->sc_onoe_param);
387 ic->ic_ratectl.rc_st_ratectl_cap = IEEE80211_RATECTL_CAP_ONOE;
388 if (bbp_type == RT2661_BBP_2661D) {
389 ic->ic_ratectl.rc_st_ratectl = IEEE80211_RATECTL_ONOE;
391 IEEE80211_SAMPLE_PARAM_SETUP(&sc->sc_sample_param);
392 ic->ic_ratectl.rc_st_ratectl_cap |=
393 IEEE80211_RATECTL_CAP_SAMPLE;
394 ic->ic_ratectl.rc_st_ratectl = IEEE80211_RATECTL_SAMPLE;
396 ic->ic_ratectl.rc_st_attach = rt2661_ratectl_attach;
398 /* set device capabilities */
400 IEEE80211_C_IBSS | /* IBSS mode supported */
401 IEEE80211_C_MONITOR | /* monitor mode supported */
402 IEEE80211_C_HOSTAP | /* HostAp mode supported */
403 IEEE80211_C_TXPMGT | /* tx power management */
404 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
405 IEEE80211_C_SHSLOT | /* short slot time supported */
407 IEEE80211_C_WME | /* 802.11e */
409 IEEE80211_C_WPA; /* 802.11i */
411 /* Set hardware crypto capabilities. */
412 ic->ic_caps |= IEEE80211_C_WEP |
414 IEEE80211_C_TKIPMIC |
417 ic->ic_caps_ext = IEEE80211_CEXT_CRYPTO_HDR |
418 IEEE80211_CEXT_STRIP_MIC;
420 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325) {
421 /* set supported .11a rates */
422 ic->ic_sup_rates[IEEE80211_MODE_11A] = rt2661_rateset_11a;
424 /* set supported .11a channels */
425 for (i = 36; i <= 64; i += 4) {
426 ic->ic_channels[i].ic_freq =
427 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
428 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
430 for (i = 100; i <= 140; i += 4) {
431 ic->ic_channels[i].ic_freq =
432 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
433 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
435 for (i = 149; i <= 165; i += 4) {
436 ic->ic_channels[i].ic_freq =
437 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
438 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
442 /* set supported .11b and .11g rates */
443 ic->ic_sup_rates[IEEE80211_MODE_11B] = rt2661_rateset_11b;
444 ic->ic_sup_rates[IEEE80211_MODE_11G] = rt2661_rateset_11g;
446 /* set supported .11b and .11g channels (1 through 14) */
447 for (i = 1; i <= 14; i++) {
448 ic->ic_channels[i].ic_freq =
449 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
450 ic->ic_channels[i].ic_flags =
451 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
452 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
455 sc->sc_sifs = IEEE80211_DUR_SIFS; /* Default SIFS */
457 ieee80211_ifattach(ic);
458 /* ic->ic_wme.wme_update = rt2661_wme_update;*/
459 ic->ic_updateslot = rt2661_update_slot;
460 ic->ic_reset = rt2661_reset;
461 /* enable s/w bmiss handling in sta mode */
462 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
464 sc->sc_key_alloc = ic->ic_crypto.cs_key_alloc;
465 sc->sc_key_delete = ic->ic_crypto.cs_key_delete;
466 sc->sc_key_set = ic->ic_crypto.cs_key_set;
468 ic->ic_crypto.cs_max_keyix = RT2661_KEY_MAX;
469 ic->ic_crypto.cs_key_alloc = rt2661_key_alloc;
470 ic->ic_crypto.cs_key_delete = rt2661_key_delete;
471 ic->ic_crypto.cs_key_set = rt2661_key_set;
473 /* override state transition machine */
474 sc->sc_newstate = ic->ic_newstate;
475 ic->ic_newstate = rt2661_newstate;
476 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status);
478 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO,
479 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf);
481 sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
482 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
483 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT);
485 sc->sc_txtap_len = sizeof sc->sc_txtapu;
486 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
487 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT);
490 * Add a few sysctl knobs.
492 sc->sc_dwelltime = 200; /* milliseconds */
493 sc->sc_txpwr_corr = -1; /* Disable */
494 sc->sc_calib_txpwr = 0; /* Disable */
495 sc->sc_calib_rxsns = 0; /* Disable */
497 SYSCTL_ADD_INT(&sc->sysctl_ctx,
498 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "dwell",
499 CTLFLAG_RW, &sc->sc_dwelltime, 0,
500 "Channel dwell time (ms) for AP/station scanning");
503 SYSCTL_ADD_INT(&sc->sysctl_ctx,
504 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "debug",
505 CTLFLAG_RW, &sc->sc_debug, 0, "debug level");
508 SYSCTL_ADD_INT(&sc->sysctl_ctx,
509 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "txpwr_corr",
510 CTLFLAG_RW, &sc->sc_txpwr_corr, 0,
511 "TX power correction value (<0 no correction)");
513 SYSCTL_ADD_INT(&sc->sysctl_ctx,
514 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "calib_txpwr",
515 CTLFLAG_RW, &sc->sc_calib_txpwr, 0,
516 "Enable TX power calibration (sta mode)");
517 SYSCTL_ADD_INT(&sc->sysctl_ctx,
518 SYSCTL_CHILDREN(sc->sysctl_tree), OID_AUTO, "calib_rxsns",
519 CTLFLAG_RW, &sc->sc_calib_rxsns, 0,
520 "Enable RX sensibility calibration (sta mode)");
522 error = bus_setup_intr(dev, sc->sc_irq, INTR_MPSAFE, rt2661_intr,
523 sc, &sc->sc_ih, ifp->if_serializer);
525 device_printf(dev, "could not set up interrupt\n");
527 ieee80211_ifdetach(ic);
532 ieee80211_announce(ic);
540 rt2661_detach(void *xsc)
542 struct rt2661_softc *sc = xsc;
543 struct ieee80211com *ic = &sc->sc_ic;
544 struct ifnet *ifp = &ic->ic_if;
546 if (device_is_attached(sc->sc_dev)) {
547 lwkt_serialize_enter(ifp->if_serializer);
549 callout_stop(&sc->scan_ch);
551 bus_teardown_intr(sc->sc_dev, sc->sc_irq, sc->sc_ih);
553 lwkt_serialize_exit(ifp->if_serializer);
556 ieee80211_ifdetach(ic);
559 rt2661_free_tx_ring(sc, &sc->txq[0]);
560 rt2661_free_tx_ring(sc, &sc->txq[1]);
561 rt2661_free_tx_ring(sc, &sc->txq[2]);
562 rt2661_free_tx_ring(sc, &sc->txq[3]);
563 rt2661_free_tx_ring(sc, &sc->mgtq);
564 rt2661_free_rx_ring(sc, &sc->rxq);
566 if (sc->sc_irq != NULL) {
567 bus_release_resource(sc->sc_dev, SYS_RES_IRQ, sc->sc_irq_rid,
571 if (sc->sysctl_tree != NULL)
572 sysctl_ctx_free(&sc->sysctl_ctx);
578 rt2661_shutdown(void *xsc)
580 struct rt2661_softc *sc = xsc;
581 struct ifnet *ifp = &sc->sc_ic.ic_if;
583 lwkt_serialize_enter(ifp->if_serializer);
585 lwkt_serialize_exit(ifp->if_serializer);
589 rt2661_suspend(void *xsc)
591 struct rt2661_softc *sc = xsc;
592 struct ifnet *ifp = &sc->sc_ic.ic_if;
594 lwkt_serialize_enter(ifp->if_serializer);
596 lwkt_serialize_exit(ifp->if_serializer);
600 rt2661_resume(void *xsc)
602 struct rt2661_softc *sc = xsc;
603 struct ifnet *ifp = sc->sc_ic.ic_ifp;
605 lwkt_serialize_enter(ifp->if_serializer);
606 if (ifp->if_flags & IFF_UP) {
607 ifp->if_init(ifp->if_softc);
608 if (ifp->if_flags & IFF_RUNNING)
611 lwkt_serialize_exit(ifp->if_serializer);
615 rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error)
620 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg));
622 *(bus_addr_t *)arg = segs[0].ds_addr;
626 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring,
633 ring->cur = ring->next = 0;
635 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
636 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_TX_DESC_SIZE, 1,
637 count * RT2661_TX_DESC_SIZE, 0, &ring->desc_dmat);
639 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
643 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
644 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map);
646 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
650 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
651 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr,
654 device_printf(sc->sc_dev, "could not load desc DMA map\n");
656 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
661 ring->data = kmalloc(count * sizeof (struct rt2661_data), M_DEVBUF,
664 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
665 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES * RT2661_MAX_SCATTER,
666 RT2661_MAX_SCATTER, MCLBYTES, 0, &ring->data_dmat);
668 device_printf(sc->sc_dev, "could not create data DMA tag\n");
672 for (i = 0; i < count; i++) {
673 error = bus_dmamap_create(ring->data_dmat, 0,
676 device_printf(sc->sc_dev, "could not create DMA map\n");
682 fail: rt2661_free_tx_ring(sc, ring);
687 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring)
689 struct rt2661_tx_desc *desc;
690 struct rt2661_data *data;
693 for (i = 0; i < ring->count; i++) {
694 desc = &ring->desc[i];
695 data = &ring->data[i];
697 if (data->m != NULL) {
698 bus_dmamap_sync(ring->data_dmat, data->map,
699 BUS_DMASYNC_POSTWRITE);
700 bus_dmamap_unload(ring->data_dmat, data->map);
708 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
711 ring->cur = ring->next = 0;
715 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring)
717 struct rt2661_data *data;
720 if (ring->desc != NULL) {
721 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
722 BUS_DMASYNC_POSTWRITE);
723 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
724 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
728 if (ring->desc_dmat != NULL) {
729 bus_dma_tag_destroy(ring->desc_dmat);
730 ring->desc_dmat = NULL;
733 if (ring->data != NULL) {
734 for (i = 0; i < ring->count; i++) {
735 data = &ring->data[i];
737 if (data->m != NULL) {
738 bus_dmamap_sync(ring->data_dmat, data->map,
739 BUS_DMASYNC_POSTWRITE);
740 bus_dmamap_unload(ring->data_dmat, data->map);
745 if (data->map != NULL) {
746 bus_dmamap_destroy(ring->data_dmat, data->map);
751 kfree(ring->data, M_DEVBUF);
755 if (ring->data_dmat != NULL) {
756 bus_dma_tag_destroy(ring->data_dmat);
757 ring->data_dmat = NULL;
762 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring,
765 struct rt2661_rx_desc *desc;
766 struct rt2661_data *data;
771 ring->cur = ring->next = 0;
773 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
774 BUS_SPACE_MAXADDR, NULL, NULL, count * RT2661_RX_DESC_SIZE, 1,
775 count * RT2661_RX_DESC_SIZE, 0, &ring->desc_dmat);
777 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
781 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
782 BUS_DMA_WAITOK | BUS_DMA_ZERO, &ring->desc_map);
784 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
788 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
789 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr,
792 device_printf(sc->sc_dev, "could not load desc DMA map\n");
794 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
799 ring->data = kmalloc(count * sizeof (struct rt2661_data), M_DEVBUF,
803 * Pre-allocate Rx buffers and populate Rx ring.
805 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
806 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0,
809 device_printf(sc->sc_dev, "could not create data DMA tag\n");
813 for (i = 0; i < count; i++) {
814 desc = &sc->rxq.desc[i];
815 data = &sc->rxq.data[i];
817 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
819 device_printf(sc->sc_dev, "could not create DMA map\n");
823 data->m = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR);
824 if (data->m == NULL) {
825 device_printf(sc->sc_dev,
826 "could not allocate rx mbuf\n");
831 error = bus_dmamap_load(ring->data_dmat, data->map,
832 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr,
835 device_printf(sc->sc_dev,
836 "could not load rx buf DMA map");
843 desc->flags = htole32(RT2661_RX_BUSY);
844 desc->physaddr = htole32(physaddr);
847 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
851 fail: rt2661_free_rx_ring(sc, ring);
856 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring)
860 for (i = 0; i < ring->count; i++)
861 ring->desc[i].flags = htole32(RT2661_RX_BUSY);
863 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
865 ring->cur = ring->next = 0;
869 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring)
871 struct rt2661_data *data;
874 if (ring->desc != NULL) {
875 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
876 BUS_DMASYNC_POSTWRITE);
877 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
878 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
882 if (ring->desc_dmat != NULL) {
883 bus_dma_tag_destroy(ring->desc_dmat);
884 ring->desc_dmat = NULL;
887 if (ring->data != NULL) {
888 for (i = 0; i < ring->count; i++) {
889 data = &ring->data[i];
891 if (data->m != NULL) {
892 bus_dmamap_sync(ring->data_dmat, data->map,
893 BUS_DMASYNC_POSTREAD);
894 bus_dmamap_unload(ring->data_dmat, data->map);
899 if (data->map != NULL) {
900 bus_dmamap_destroy(ring->data_dmat, data->map);
905 kfree(ring->data, M_DEVBUF);
909 if (ring->data_dmat != NULL) {
910 bus_dma_tag_destroy(ring->data_dmat);
911 ring->data_dmat = NULL;
916 rt2661_media_change(struct ifnet *ifp)
918 struct rt2661_softc *sc = ifp->if_softc;
921 error = ieee80211_media_change(ifp);
922 if (error != ENETRESET)
925 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
931 * This function is called periodically (every 200ms) during scanning to
932 * switch from one channel to another.
935 rt2661_next_scan(void *arg)
937 struct rt2661_softc *sc = arg;
938 struct ieee80211com *ic = &sc->sc_ic;
939 struct ifnet *ifp = &ic->ic_if;
941 lwkt_serialize_enter(ifp->if_serializer);
942 if (ic->ic_state == IEEE80211_S_SCAN)
943 ieee80211_next_scan(ic);
944 lwkt_serialize_exit(ifp->if_serializer);
948 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
950 struct rt2661_softc *sc = ic->ic_ifp->if_softc;
951 enum ieee80211_state ostate;
952 struct ieee80211_node *ni;
956 ostate = ic->ic_state;
957 callout_stop(&sc->scan_ch);
958 callout_stop(&sc->calib_ch);
960 if (ostate != nstate)
961 rt2661_led_newstate(sc, nstate);
963 ieee80211_ratectl_newstate(ic, nstate);
966 case IEEE80211_S_INIT:
967 if (ostate == IEEE80211_S_RUN) {
968 /* abort TSF synchronization */
969 tmp = RAL_READ(sc, RT2661_TXRX_CSR9);
970 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff);
974 case IEEE80211_S_SCAN:
975 rt2661_set_chan(sc, ic->ic_curchan);
976 callout_reset(&sc->scan_ch, (sc->sc_dwelltime * hz) / 1000,
977 rt2661_next_scan, sc);
980 case IEEE80211_S_AUTH:
981 case IEEE80211_S_ASSOC:
982 rt2661_set_chan(sc, ic->ic_curchan);
985 case IEEE80211_S_RUN:
986 RT2661_RESET_AVG_RSSI(sc);
988 rt2661_set_chan(sc, ic->ic_curchan);
992 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
993 rt2661_enable_mrr(sc);
994 rt2661_set_txpreamble(sc);
995 rt2661_set_ackrates(sc, &ni->ni_rates);
996 rt2661_set_bssid(sc, ni->ni_bssid);
999 if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
1000 ic->ic_opmode == IEEE80211_M_IBSS) {
1001 if ((error = rt2661_prepare_beacon(sc)) != 0)
1005 if (ic->ic_opmode != IEEE80211_M_MONITOR)
1006 rt2661_enable_tsf_sync(sc);
1008 if (ic->ic_opmode == IEEE80211_M_STA) {
1011 #define N(arr) (int)(sizeof(arr) / sizeof(arr[0]))
1012 /* clear STA registers */
1013 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta));
1015 sc->sc_txpwr_cnt = 0;
1016 callout_reset(&sc->calib_ch, hz, rt2661_calibrate, sc);
1021 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg);
1025 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or
1029 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr)
1035 /* clock C once before the first command */
1036 RT2661_EEPROM_CTL(sc, 0);
1038 RT2661_EEPROM_CTL(sc, RT2661_S);
1039 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
1040 RT2661_EEPROM_CTL(sc, RT2661_S);
1042 /* write start bit (1) */
1043 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D);
1044 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C);
1046 /* write READ opcode (10) */
1047 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D);
1048 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C);
1049 RT2661_EEPROM_CTL(sc, RT2661_S);
1050 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
1052 /* write address (A5-A0 or A7-A0) */
1053 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7;
1054 for (; n >= 0; n--) {
1055 RT2661_EEPROM_CTL(sc, RT2661_S |
1056 (((addr >> n) & 1) << RT2661_SHIFT_D));
1057 RT2661_EEPROM_CTL(sc, RT2661_S |
1058 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C);
1061 RT2661_EEPROM_CTL(sc, RT2661_S);
1063 /* read data Q15-Q0 */
1065 for (n = 15; n >= 0; n--) {
1066 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
1067 tmp = RAL_READ(sc, RT2661_E2PROM_CSR);
1068 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n;
1069 RT2661_EEPROM_CTL(sc, RT2661_S);
1072 RT2661_EEPROM_CTL(sc, 0);
1074 /* clear Chip Select and clock C */
1075 RT2661_EEPROM_CTL(sc, RT2661_S);
1076 RT2661_EEPROM_CTL(sc, 0);
1077 RT2661_EEPROM_CTL(sc, RT2661_C);
1083 rt2661_tx_intr(struct rt2661_softc *sc)
1085 struct ieee80211com *ic = &sc->sc_ic;
1086 struct ifnet *ifp = ic->ic_ifp;
1087 struct rt2661_tx_ratectl *rctl;
1088 uint32_t val, result;
1092 struct ieee80211_ratectl_res res;
1094 val = RAL_READ(sc, RT2661_STA_CSR4);
1095 if (!(val & RT2661_TX_STAT_VALID))
1098 /* Gather statistics */
1099 result = RT2661_TX_RESULT(val);
1100 if (result == RT2661_TX_SUCCESS)
1105 /* No rate control */
1106 if (RT2661_TX_QID(val) == 0)
1109 /* retrieve rate control algorithm context */
1110 rctl = STAILQ_FIRST(&sc->tx_ratectl);
1114 * This really should not happen. Maybe we should
1115 * use assertion here? But why should we rely on
1116 * hardware to do the correct things? Even the
1117 * reference driver (RT61?) provided by Ralink does
1118 * not provide enough clue that this kind of interrupt
1119 * is promised to be generated for each packet. So
1120 * just print a message and keep going ...
1122 if_printf(ifp, "WARNING: no rate control information\n");
1125 STAILQ_REMOVE_HEAD(&sc->tx_ratectl, link);
1129 case RT2661_TX_SUCCESS:
1130 retrycnt = RT2661_TX_RETRYCNT(val);
1131 DPRINTFN(sc, 10, ("data frame sent successfully after "
1132 "%d retries\n", retrycnt));
1135 case RT2661_TX_RETRY_FAIL:
1136 DPRINTFN(sc, 9, ("sending data frame failed (too much "
1142 device_printf(sc->sc_dev,
1143 "sending data frame failed 0x%08x\n", val);
1147 res.rc_res_rateidx = rctl->rateidx;
1148 res.rc_res_tries = retrycnt + 1;
1149 ieee80211_ratectl_tx_complete(rctl->ni, rctl->len, &res, 1,
1150 retrycnt, 0, result != RT2661_TX_SUCCESS);
1152 ieee80211_free_node(rctl->ni);
1154 kfree(rctl, M_RT2661);
1159 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq)
1161 struct rt2661_tx_desc *desc;
1162 struct rt2661_data *data;
1164 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD);
1167 desc = &txq->desc[txq->next];
1168 data = &txq->data[txq->next];
1170 if ((le32toh(desc->flags) & RT2661_TX_BUSY) ||
1171 !(le32toh(desc->flags) & RT2661_TX_VALID))
1174 bus_dmamap_sync(txq->data_dmat, data->map,
1175 BUS_DMASYNC_POSTWRITE);
1176 bus_dmamap_unload(txq->data_dmat, data->map);
1180 /* descriptor is no longer valid */
1181 desc->flags &= ~htole32(RT2661_TX_VALID);
1183 DPRINTFN(sc, 15, ("tx dma done q=%p idx=%u\n", txq, txq->next));
1186 if (++txq->next >= txq->count) /* faster than % count */
1190 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE);
1192 if (txq->queued < txq->count) {
1193 struct ifnet *ifp = &sc->sc_ic.ic_if;
1195 sc->sc_tx_timer = 0;
1196 ifp->if_flags &= ~IFF_OACTIVE;
1202 rt2661_rx_intr(struct rt2661_softc *sc)
1204 struct ieee80211com *ic = &sc->sc_ic;
1205 struct ifnet *ifp = ic->ic_ifp;
1206 struct rt2661_rx_desc *desc;
1207 struct rt2661_data *data;
1208 bus_addr_t physaddr;
1209 struct ieee80211_frame_min *wh;
1210 struct ieee80211_node *ni;
1211 struct mbuf *mnew, *m;
1214 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1215 BUS_DMASYNC_POSTREAD);
1221 desc = &sc->rxq.desc[sc->rxq.cur];
1222 data = &sc->rxq.data[sc->rxq.cur];
1223 flags = le32toh(desc->flags);
1225 if (flags & RT2661_RX_BUSY)
1228 if (flags & RT2661_RX_CRC_ERROR) {
1230 * This should not happen since we did not request
1231 * to receive those frames when we filled TXRX_CSR0.
1233 DPRINTFN(sc, 5, ("CRC error flags 0x%08x\n", flags));
1238 if (flags & RT2661_RX_CIPHER_MASK) {
1239 DPRINTFN(sc, 5, ("cipher error 0x%08x\n", flags));
1245 * Try to allocate a new mbuf for this ring element and load it
1246 * before processing the current mbuf. If the ring element
1247 * cannot be loaded, drop the received packet and reuse the old
1248 * mbuf. In the unlikely case that the old mbuf can't be
1249 * reloaded either, explicitly panic.
1251 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR);
1257 bus_dmamap_sync(sc->rxq.data_dmat, data->map,
1258 BUS_DMASYNC_POSTREAD);
1259 bus_dmamap_unload(sc->rxq.data_dmat, data->map);
1261 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1262 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr,
1267 /* try to reload the old mbuf */
1268 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1269 mtod(data->m, void *), MCLBYTES,
1270 rt2661_dma_map_addr, &physaddr, 0);
1272 /* very unlikely that it will fail... */
1273 panic("%s: could not load old rx mbuf",
1274 device_get_name(sc->sc_dev));
1281 * New mbuf successfully loaded, update Rx ring and continue
1286 desc->physaddr = htole32(physaddr);
1289 m->m_pkthdr.rcvif = ifp;
1290 m->m_pkthdr.len = m->m_len = (flags >> 16) & 0xfff;
1292 rssi = rt2661_get_rssi(sc, desc->rssi, 0);
1293 if (sc->rf_rev == RT2661_RF_2529)
1294 rt2661_get_rssi(sc, desc->rssi, 1);
1296 wh = mtod(m, struct ieee80211_frame_min *);
1297 if (wh->i_fc[1] & IEEE80211_FC1_WEP)
1298 DPRINTFN(sc, 5, ("keyix %d\n", RT2661_RX_KEYIX(flags)));
1300 ni = ieee80211_find_rxnode(ic, wh);
1302 /* Error happened during RSSI conversion. */
1306 if (sc->sc_drvbpf != NULL) {
1307 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap;
1308 uint32_t tsf_lo, tsf_hi;
1310 /* get timestamp (low and high 32 bits) */
1311 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13);
1312 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12);
1315 htole64(((uint64_t)tsf_hi << 32) | tsf_lo);
1317 tap->wr_rate = rt2661_rxrate(desc);
1318 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq);
1319 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags);
1320 tap->wr_antsignal = rssi;
1322 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len);
1325 /* send the frame to the 802.11 layer */
1326 if (RT2661_RX_CIPHER(flags) != RT2661_CIPHER_NONE) {
1327 struct ieee80211_crypto_iv iv;
1329 memcpy(iv.ic_iv, desc->iv, sizeof(iv.ic_iv));
1330 memcpy(iv.ic_eiv, desc->eiv, sizeof(iv.ic_eiv));
1331 ieee80211_input_withiv(ic, m, ni, rssi, 0, &iv);
1333 ieee80211_input(ic, m, ni, rssi, 0);
1336 /* node is no longer needed */
1337 ieee80211_free_node(ni);
1339 skip: desc->flags |= htole32(RT2661_RX_BUSY);
1341 DPRINTFN(sc, 15, ("rx intr idx=%u\n", sc->rxq.cur));
1343 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT;
1346 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1347 BUS_DMASYNC_PREWRITE);
1352 rt2661_mcu_beacon_expire(struct rt2661_softc *sc)
1358 rt2661_mcu_wakeup(struct rt2661_softc *sc)
1360 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16);
1362 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7);
1363 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18);
1364 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20);
1366 /* send wakeup command to MCU */
1367 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0);
1371 rt2661_mcu_cmd_intr(struct rt2661_softc *sc)
1373 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR);
1374 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff);
1378 rt2661_intr(void *arg)
1380 struct rt2661_softc *sc = arg;
1381 struct ifnet *ifp = &sc->sc_ic.ic_if;
1384 /* disable MAC and MCU interrupts */
1385 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f);
1386 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff);
1388 /* don't re-enable interrupts if we're shutting down */
1389 if (!(ifp->if_flags & IFF_RUNNING))
1392 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR);
1393 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1);
1395 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR);
1396 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2);
1398 if (r1 & RT2661_MGT_DONE)
1399 rt2661_tx_dma_intr(sc, &sc->mgtq);
1401 if (r1 & RT2661_RX_DONE)
1404 if (r1 & RT2661_TX0_DMA_DONE)
1405 rt2661_tx_dma_intr(sc, &sc->txq[0]);
1407 if (r1 & RT2661_TX1_DMA_DONE)
1408 rt2661_tx_dma_intr(sc, &sc->txq[1]);
1410 if (r1 & RT2661_TX2_DMA_DONE)
1411 rt2661_tx_dma_intr(sc, &sc->txq[2]);
1413 if (r1 & RT2661_TX3_DMA_DONE)
1414 rt2661_tx_dma_intr(sc, &sc->txq[3]);
1416 if (r1 & RT2661_TX_DONE)
1419 if (r2 & RT2661_MCU_CMD_DONE)
1420 rt2661_mcu_cmd_intr(sc);
1422 if (r2 & RT2661_MCU_BEACON_EXPIRE)
1423 rt2661_mcu_beacon_expire(sc);
1425 if (r2 & RT2661_MCU_WAKEUP)
1426 rt2661_mcu_wakeup(sc);
1428 /* re-enable MAC and MCU interrupts */
1429 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10);
1430 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0);
1433 /* quickly determine if a given rate is CCK or OFDM */
1434 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
1436 #define RAL_ACK_SIZE (sizeof(struct ieee80211_frame_ack) + IEEE80211_CRC_LEN)
1437 #define RAL_CTS_SIZE (sizeof(struct ieee80211_frame_cts) + IEEE80211_CRC_LEN)
1440 * This function is only used by the Rx radiotap code. It returns the rate at
1441 * which a given frame was received.
1444 rt2661_rxrate(struct rt2661_rx_desc *desc)
1446 if (le32toh(desc->flags) & RT2661_RX_OFDM) {
1447 /* reverse function of rt2661_plcp_signal */
1448 switch (desc->rate & 0xf) {
1449 case 0xb: return 12;
1450 case 0xf: return 18;
1451 case 0xa: return 24;
1452 case 0xe: return 36;
1453 case 0x9: return 48;
1454 case 0xd: return 72;
1455 case 0x8: return 96;
1456 case 0xc: return 108;
1459 if (desc->rate == 10)
1461 if (desc->rate == 20)
1463 if (desc->rate == 55)
1465 if (desc->rate == 110)
1468 return 2; /* should not get there */
1472 rt2661_plcp_signal(int rate)
1475 /* CCK rates (returned values are device-dependent) */
1478 case 11: return 0x2;
1479 case 22: return 0x3;
1481 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
1482 case 12: return 0xb;
1483 case 18: return 0xf;
1484 case 24: return 0xa;
1485 case 36: return 0xe;
1486 case 48: return 0x9;
1487 case 72: return 0xd;
1488 case 96: return 0x8;
1489 case 108: return 0xc;
1491 /* unsupported rates (should not get there) */
1492 default: return 0xff;
1497 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc,
1498 uint32_t flags, uint16_t xflags, int len, int rate,
1499 const bus_dma_segment_t *segs, int nsegs, int ac, int ratectl,
1500 const struct ieee80211_key *key, void *buf,
1501 const struct ieee80211_crypto_iv *iv)
1503 const struct ieee80211_cipher *cip = NULL;
1504 struct ieee80211com *ic = &sc->sc_ic;
1505 uint16_t plcp_length;
1509 cip = key->wk_cipher;
1511 desc->flags = htole32(flags);
1512 desc->flags |= htole32(len << 16);
1513 desc->flags |= htole32(RT2661_TX_VALID);
1515 int cipher = rt2661_cipher(key);
1517 desc->flags |= htole32(cipher << 29);
1518 desc->flags |= htole32(key->wk_keyix << 10);
1519 if (key->wk_keyix >= IEEE80211_WEP_NKID)
1520 desc->flags |= htole32(RT2661_TX_PAIRWISE_KEY);
1522 /* XXX fragmentation */
1523 desc->flags |= htole32(RT2661_TX_HWMIC);
1526 desc->xflags = htole16(xflags);
1527 desc->xflags |= htole16(nsegs << 13);
1531 hdrsize = ieee80211_hdrspace(ic, buf);
1532 desc->xflags |= htole16(hdrsize);
1535 desc->wme = htole16(
1538 RT2661_LOGCWMIN(4) |
1539 RT2661_LOGCWMAX(10));
1541 if (key != NULL && iv != NULL) {
1542 memcpy(desc->iv, iv->ic_iv, sizeof(desc->iv));
1543 memcpy(desc->eiv, iv->ic_eiv, sizeof(desc->eiv));
1547 * Remember whether TX rate control information should be gathered.
1548 * This field is driver private data only. It will be made available
1549 * by the NIC in STA_CSR4 on Tx done interrupts.
1551 desc->qid = ratectl;
1553 /* setup PLCP fields */
1554 desc->plcp_signal = rt2661_plcp_signal(rate);
1555 desc->plcp_service = 4;
1557 len += IEEE80211_CRC_LEN;
1559 len += cip->ic_header + cip->ic_trailer;
1561 /* XXX fragmentation */
1562 len += cip->ic_miclen;
1565 if (RAL_RATE_IS_OFDM(rate)) {
1566 desc->flags |= htole32(RT2661_TX_OFDM);
1568 plcp_length = len & 0xfff;
1569 desc->plcp_length_hi = plcp_length >> 6;
1570 desc->plcp_length_lo = plcp_length & 0x3f;
1572 plcp_length = (16 * len + rate - 1) / rate;
1574 remainder = (16 * len) % 22;
1575 if (remainder != 0 && remainder < 7)
1576 desc->plcp_service |= RT2661_PLCP_LENGEXT;
1578 desc->plcp_length_hi = plcp_length >> 8;
1579 desc->plcp_length_lo = plcp_length & 0xff;
1581 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
1582 desc->plcp_signal |= 0x08;
1585 /* RT2x61 supports scatter with up to 5 segments */
1586 for (i = 0; i < nsegs; i++) {
1587 desc->addr[i] = htole32(segs[i].ds_addr);
1588 desc->len [i] = htole16(segs[i].ds_len);
1591 desc->flags |= htole32(RT2661_TX_BUSY);
1595 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0,
1596 struct ieee80211_node *ni)
1598 struct ieee80211com *ic = &sc->sc_ic;
1599 struct rt2661_tx_desc *desc;
1600 struct rt2661_data *data;
1601 struct ieee80211_frame *wh;
1602 struct rt2661_dmamap map;
1604 uint32_t flags = 0; /* XXX HWSEQ */
1607 desc = &sc->mgtq.desc[sc->mgtq.cur];
1608 data = &sc->mgtq.data[sc->mgtq.cur];
1610 /* send mgt frames at the lowest available rate */
1611 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
1613 error = bus_dmamap_load_mbuf(sc->mgtq.data_dmat, data->map, m0,
1614 rt2661_dma_map_mbuf, &map, 0);
1616 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1618 ieee80211_free_node(ni);
1623 if (sc->sc_drvbpf != NULL) {
1624 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap;
1627 tap->wt_rate = rate;
1628 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq);
1629 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags);
1631 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len);
1636 wh = mtod(m0, struct ieee80211_frame *);
1638 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1639 flags |= RT2661_TX_NEED_ACK;
1641 dur = ieee80211_txtime(ni, RAL_ACK_SIZE, rate, ic->ic_flags) +
1643 *(uint16_t *)wh->i_dur = htole16(dur);
1645 /* tell hardware to add timestamp in probe responses */
1647 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
1648 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
1649 flags |= RT2661_TX_TIMESTAMP;
1652 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */,
1653 m0->m_pkthdr.len, rate, map.segs, map.nseg, RT2661_QID_MGT, 0, NULL, NULL, NULL);
1655 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1656 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map,
1657 BUS_DMASYNC_PREWRITE);
1659 DPRINTFN(sc, 10, ("sending mgt frame len=%u idx=%u rate=%u\n",
1660 m0->m_pkthdr.len, sc->mgtq.cur, rate));
1664 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT;
1665 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT);
1667 ieee80211_free_node(ni);
1673 * Build a RTS control frame.
1675 static struct mbuf *
1676 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh,
1679 struct ieee80211_frame_rts *rts;
1682 MGETHDR(m, MB_DONTWAIT, MT_DATA);
1684 sc->sc_ic.ic_stats.is_tx_nobuf++;
1685 device_printf(sc->sc_dev, "could not allocate RTS frame\n");
1689 rts = mtod(m, struct ieee80211_frame_rts *);
1691 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL |
1692 IEEE80211_FC0_SUBTYPE_RTS;
1693 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS;
1694 *(uint16_t *)rts->i_dur = htole16(dur);
1695 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1);
1696 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2);
1698 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts);
1704 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0,
1705 struct ieee80211_node *ni, int ac)
1707 struct ieee80211com *ic = &sc->sc_ic;
1708 struct rt2661_tx_ring *txq = &sc->txq[ac];
1709 struct rt2661_tx_desc *desc;
1710 struct rt2661_data *data;
1711 struct rt2661_tx_ratectl *rctl;
1712 struct ieee80211_frame *wh;
1713 struct ieee80211_key *k = NULL;
1714 const struct chanAccParams *cap;
1716 struct rt2661_dmamap map;
1719 int error, rate, ackrate, noack = 0, rateidx;
1720 struct ieee80211_crypto_iv iv, *ivp = NULL;
1722 wh = mtod(m0, struct ieee80211_frame *);
1723 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) {
1724 cap = &ic->ic_wme.wme_chanParams;
1725 noack = cap->cap_wmeParams[ac].wmep_noackPolicy;
1728 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1729 k = ieee80211_crypto_findkey(ic, ni, m0);
1735 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
1736 k = ieee80211_crypto_encap_withkey(ic, m0, k);
1738 k = ieee80211_crypto_getiv(ic, &iv, k);
1749 /* packet header may have moved, reset our local pointer */
1750 wh = mtod(m0, struct ieee80211_frame *);
1753 ieee80211_ratectl_findrate(ni, m0->m_pkthdr.len, &rateidx, 1);
1754 rate = IEEE80211_RS_RATE(&ni->ni_rates, rateidx);
1756 ackrate = ieee80211_ack_rate(ni, rate);
1759 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange
1760 * for directed frames only when the length of the MPDU is greater
1761 * than the length threshold indicated by [...]" ic_rtsthreshold.
1763 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
1764 m0->m_pkthdr.len > ic->ic_rtsthreshold) {
1769 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
1771 /* XXX: noack (QoS)? */
1772 dur = ieee80211_txtime(ni, m0->m_pkthdr.len + IEEE80211_CRC_LEN,
1773 rate, ic->ic_flags) +
1774 ieee80211_txtime(ni, RAL_CTS_SIZE, rtsrate, ic->ic_flags)+
1775 ieee80211_txtime(ni, RAL_ACK_SIZE, ackrate, ic->ic_flags)+
1778 m = rt2661_get_rts(sc, wh, dur);
1780 desc = &txq->desc[txq->cur];
1781 data = &txq->data[txq->cur];
1783 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m,
1784 rt2661_dma_map_mbuf, &map, 0);
1786 device_printf(sc->sc_dev,
1787 "could not map mbuf (error %d)\n", error);
1795 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK |
1796 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len,
1797 rtsrate, map.segs, map.nseg, ac, 0, NULL, NULL, NULL);
1799 bus_dmamap_sync(txq->data_dmat, data->map,
1800 BUS_DMASYNC_PREWRITE);
1803 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT;
1806 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the
1807 * asynchronous data frame shall be transmitted after the CTS
1808 * frame and a SIFS period.
1810 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS;
1813 data = &txq->data[txq->cur];
1814 desc = &txq->desc[txq->cur];
1816 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0,
1817 rt2661_dma_map_mbuf, &map, 0);
1818 if (error != 0 && error != EFBIG) {
1819 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1825 mnew = m_defrag(m0, MB_DONTWAIT);
1827 device_printf(sc->sc_dev,
1828 "could not defragment mbuf\n");
1834 error = bus_dmamap_load_mbuf(txq->data_dmat, data->map, m0,
1835 rt2661_dma_map_mbuf, &map, 0);
1837 device_printf(sc->sc_dev,
1838 "could not map mbuf (error %d)\n", error);
1843 /* packet header have moved, reset our local pointer */
1844 wh = mtod(m0, struct ieee80211_frame *);
1847 if (sc->sc_drvbpf != NULL) {
1848 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap;
1851 tap->wt_rate = rate;
1852 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq);
1853 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags);
1855 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len);
1860 rctl = kmalloc(sizeof(*rctl), M_RT2661, M_NOWAIT);
1863 rctl->len = m0->m_pkthdr.len;
1864 rctl->rateidx = rateidx;
1865 STAILQ_INSERT_TAIL(&sc->tx_ratectl, rctl, link);
1868 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1869 flags |= RT2661_TX_NEED_ACK;
1871 dur = ieee80211_txtime(ni, RAL_ACK_SIZE, ackrate, ic->ic_flags)+
1873 *(uint16_t *)wh->i_dur = htole16(dur);
1876 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate,
1877 map.segs, map.nseg, ac, rctl != NULL, k, wh, ivp);
1879 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1880 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE);
1882 DPRINTFN(sc, 10, ("sending data frame len=%u idx=%u rate=%u\n",
1883 m0->m_pkthdr.len, txq->cur, rate));
1887 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT;
1888 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac);
1891 ieee80211_free_node(ni);
1897 rt2661_start(struct ifnet *ifp)
1899 struct rt2661_softc *sc = ifp->if_softc;
1900 struct ieee80211com *ic = &sc->sc_ic;
1902 struct ether_header *eh;
1903 struct ieee80211_node *ni;
1906 /* prevent management frames from being sent if we're not ready */
1907 if (!(ifp->if_flags & IFF_RUNNING))
1911 IF_POLL(&ic->ic_mgtq, m0);
1913 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) {
1914 ifp->if_flags |= IFF_OACTIVE;
1917 IF_DEQUEUE(&ic->ic_mgtq, m0);
1919 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif;
1920 m0->m_pkthdr.rcvif = NULL;
1922 if (ic->ic_rawbpf != NULL)
1923 bpf_mtap(ic->ic_rawbpf, m0);
1925 if (rt2661_tx_mgt(sc, m0, ni) != 0)
1928 if (ic->ic_state != IEEE80211_S_RUN)
1931 m0 = ifq_dequeue(&ifp->if_snd, NULL);
1935 if (m0->m_len < sizeof (struct ether_header) &&
1936 !(m0 = m_pullup(m0, sizeof (struct ether_header))))
1939 eh = mtod(m0, struct ether_header *);
1940 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1947 /* classify mbuf so we can find which tx ring to use */
1948 if (ieee80211_classify(ic, m0, ni) != 0) {
1950 ieee80211_free_node(ni);
1955 /* no QoS encapsulation for EAPOL frames */
1956 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ?
1957 M_WME_GETAC(m0) : WME_AC_BE;
1959 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) {
1960 /* there is no place left in this ring */
1961 ifp->if_flags |= IFF_OACTIVE;
1963 ieee80211_free_node(ni);
1969 m0 = ieee80211_encap(ic, m0, ni);
1971 ieee80211_free_node(ni);
1976 if (ic->ic_rawbpf != NULL)
1977 bpf_mtap(ic->ic_rawbpf, m0);
1979 if (rt2661_tx_data(sc, m0, ni, ac) != 0) {
1980 ieee80211_free_node(ni);
1986 sc->sc_tx_timer = 5;
1992 rt2661_watchdog(struct ifnet *ifp)
1994 struct rt2661_softc *sc = ifp->if_softc;
1995 struct ieee80211com *ic = &sc->sc_ic;
1999 if (sc->sc_tx_timer > 0) {
2000 if (--sc->sc_tx_timer == 0) {
2001 device_printf(sc->sc_dev, "device timeout\n");
2009 ieee80211_watchdog(ic);
2013 * This function allows for fast channel switching in monitor mode (used by
2014 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to
2015 * generate a new beacon frame.
2018 rt2661_reset(struct ifnet *ifp)
2020 struct rt2661_softc *sc = ifp->if_softc;
2021 struct ieee80211com *ic = &sc->sc_ic;
2023 if (ic->ic_opmode != IEEE80211_M_MONITOR)
2026 rt2661_set_chan(sc, ic->ic_curchan);
2032 rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
2034 struct rt2661_softc *sc = ifp->if_softc;
2035 struct ieee80211com *ic = &sc->sc_ic;
2040 if (ifp->if_flags & IFF_UP) {
2041 if (ifp->if_flags & IFF_RUNNING)
2042 rt2661_update_promisc(sc);
2046 if (ifp->if_flags & IFF_RUNNING)
2052 error = ieee80211_ioctl(ic, cmd, data, cr);
2055 if (error == ENETRESET) {
2056 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
2057 (IFF_UP | IFF_RUNNING) &&
2058 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL))
2066 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val)
2071 for (ntries = 0; ntries < 100; ntries++) {
2072 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY))
2076 if (ntries == 100) {
2077 device_printf(sc->sc_dev, "could not write to BBP\n");
2081 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val;
2082 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp);
2084 DPRINTFN(sc, 15, ("BBP R%u <- 0x%02x\n", reg, val));
2088 DPRINTF(sc, ("record bbp17 %#x\n", val));
2094 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg)
2099 for (ntries = 0; ntries < 100; ntries++) {
2100 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY))
2104 if (ntries == 100) {
2105 device_printf(sc->sc_dev, "could not read from BBP\n");
2109 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8;
2110 RAL_WRITE(sc, RT2661_PHY_CSR3, val);
2112 for (ntries = 0; ntries < 100; ntries++) {
2113 val = RAL_READ(sc, RT2661_PHY_CSR3);
2114 if (!(val & RT2661_BBP_BUSY))
2119 device_printf(sc->sc_dev, "could not read from BBP\n");
2124 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val)
2129 for (ntries = 0; ntries < 100; ntries++) {
2130 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY))
2134 if (ntries == 100) {
2135 device_printf(sc->sc_dev, "could not write to RF\n");
2139 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 |
2141 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp);
2143 /* remember last written value in sc */
2144 sc->rf_regs[reg] = val;
2146 DPRINTFN(sc, 15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff));
2150 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg)
2152 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY)
2153 return EIO; /* there is already a command pending */
2155 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR,
2156 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg);
2158 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd);
2164 rt2661_select_antenna(struct rt2661_softc *sc)
2166 uint8_t bbp4, bbp77;
2169 bbp4 = rt2661_bbp_read(sc, 4);
2170 bbp77 = rt2661_bbp_read(sc, 77);
2174 /* make sure Rx is disabled before switching antenna */
2175 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2176 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2178 rt2661_bbp_write(sc, 4, bbp4);
2179 rt2661_bbp_write(sc, 77, bbp77);
2181 /* restore Rx filter */
2182 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2186 * Enable multi-rate retries for frames sent at OFDM rates.
2187 * In 802.11b/g mode, allow fallback to CCK rates.
2190 rt2661_enable_mrr(struct rt2661_softc *sc)
2192 struct ieee80211com *ic = &sc->sc_ic;
2195 tmp = RAL_READ(sc, RT2661_TXRX_CSR4);
2197 tmp &= ~RT2661_MRR_CCK_FALLBACK;
2198 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan))
2199 tmp |= RT2661_MRR_CCK_FALLBACK;
2200 tmp |= RT2661_MRR_ENABLED;
2201 tmp |= RT2661_SRETRY_LIMIT(7) | RT2661_LRETRY_LIMIT(4);
2203 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp);
2207 rt2661_set_txpreamble(struct rt2661_softc *sc)
2211 tmp = RAL_READ(sc, RT2661_TXRX_CSR4);
2213 tmp &= ~RT2661_SHORT_PREAMBLE;
2214 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
2215 tmp |= RT2661_SHORT_PREAMBLE;
2217 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp);
2221 rt2661_set_ackrates(struct rt2661_softc *sc, const struct ieee80211_rateset *rs)
2223 #define RV(r) ((r) & IEEE80211_RATE_VAL)
2224 struct ieee80211com *ic = &sc->sc_ic;
2229 for (i = 0; i < rs->rs_nrates; i++) {
2230 rate = rs->rs_rates[i];
2232 if (!(rate & IEEE80211_RATE_BASIC))
2236 * Find h/w rate index. We know it exists because the rate
2237 * set has already been negotiated.
2239 for (j = 0; rt2661_rateset_11g.rs_rates[j] != RV(rate); j++)
2245 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) &&
2246 ic->ic_curmode != IEEE80211_MODE_11B &&
2247 ieee80211_iserp_rateset(ic, rs)) {
2249 * Always set following rates as ACK rates to conform
2250 * IEEE Std 802.11g-2003 clause 9.6
2259 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask);
2261 DPRINTF(sc, ("Setting ack rate mask to 0x%x\n", mask));
2266 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference
2270 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c)
2272 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104;
2275 /* update all BBP registers that depend on the band */
2276 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c;
2277 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48;
2278 if (IEEE80211_IS_CHAN_5GHZ(c)) {
2279 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c;
2280 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10;
2282 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
2283 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
2284 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10;
2287 rt2661_bbp_write(sc, 17, bbp17);
2288 rt2661_bbp_write(sc, 96, bbp96);
2289 rt2661_bbp_write(sc, 104, bbp104);
2291 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
2292 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
2293 rt2661_bbp_write(sc, 75, 0x80);
2294 rt2661_bbp_write(sc, 86, 0x80);
2295 rt2661_bbp_write(sc, 88, 0x80);
2298 rt2661_bbp_write(sc, 35, bbp35);
2299 rt2661_bbp_write(sc, 97, bbp97);
2300 rt2661_bbp_write(sc, 98, bbp98);
2302 tmp = RAL_READ(sc, RT2661_PHY_CSR0);
2303 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ);
2304 if (IEEE80211_IS_CHAN_2GHZ(c))
2305 tmp |= RT2661_PA_PE_2GHZ;
2307 tmp |= RT2661_PA_PE_5GHZ;
2308 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp);
2312 rt2661_set_txpower(struct rt2661_softc *sc, int8_t power)
2314 const struct rt2661_rfprog *rfprog = sc->rfprog;
2315 int i = sc->sc_curchan_idx;
2317 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2318 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2319 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7);
2320 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2324 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2325 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2326 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1);
2327 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2331 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2332 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2333 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7);
2334 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2336 sc->sc_txpwr = power;
2340 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c)
2342 struct ieee80211com *ic = &sc->sc_ic;
2343 const struct rt2661_rfprog *rfprog = sc->rfprog;
2344 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT;
2348 chan = ieee80211_chan2ieee(ic, c);
2349 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
2352 /* find the settings for this channel (we know it exists) */
2353 for (i = 0; rfprog[i].chan != chan; i++)
2355 KASSERT(i < RT2661_NCHAN_MAX, ("invalid channel %d\n", chan));
2356 sc->sc_curchan_idx = i;
2358 power = sc->txpow[i];
2362 } else if (power > 31) {
2363 bbp94 += power - 31;
2367 power = rt2661_txpower(sc, power);
2370 * If we are switching from the 2GHz band to the 5GHz band or
2371 * vice-versa, BBP registers need to be reprogrammed.
2373 if (c->ic_flags != sc->sc_curchan->ic_flags) {
2374 rt2661_select_band(sc, c);
2375 rt2661_select_antenna(sc);
2379 rt2661_set_txpower(sc, power);
2381 /* enable smart mode for MIMO-capable RFs */
2382 bbp3 = rt2661_bbp_read(sc, 3);
2384 bbp3 &= ~RT2661_SMART_MODE;
2385 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529)
2386 bbp3 |= RT2661_SMART_MODE;
2388 rt2661_bbp_write(sc, 3, bbp3);
2390 if (bbp94 != RT2661_BBPR94_DEFAULT)
2391 rt2661_bbp_write(sc, 94, bbp94);
2393 /* 5GHz radio needs a 1ms delay here */
2394 if (IEEE80211_IS_CHAN_5GHZ(c))
2397 sc->sc_sifs = IEEE80211_IS_CHAN_5GHZ(c) ? IEEE80211_DUR_OFDM_SIFS
2398 : IEEE80211_DUR_SIFS;
2402 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid)
2406 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24;
2407 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp);
2409 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16;
2410 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp);
2414 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr)
2418 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24;
2419 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp);
2421 tmp = addr[4] | addr[5] << 8;
2422 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp);
2426 rt2661_update_promisc(struct rt2661_softc *sc)
2428 struct ifnet *ifp = sc->sc_ic.ic_ifp;
2431 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2433 tmp &= ~RT2661_DROP_NOT_TO_ME;
2434 if (!(ifp->if_flags & IFF_PROMISC))
2435 tmp |= RT2661_DROP_NOT_TO_ME;
2437 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2439 DPRINTF(sc, ("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
2440 "entering" : "leaving"));
2444 * Update QoS (802.11e) settings for each h/w Tx ring.
2447 rt2661_wme_update(struct ieee80211com *ic)
2449 struct rt2661_softc *sc = ic->ic_ifp->if_softc;
2450 const struct wmeParams *wmep;
2452 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams;
2454 /* XXX: not sure about shifts. */
2455 /* XXX: the reference driver plays with AC_VI settings too. */
2458 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0,
2459 wmep[WME_AC_BE].wmep_txopLimit << 16 |
2460 wmep[WME_AC_BK].wmep_txopLimit);
2461 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1,
2462 wmep[WME_AC_VI].wmep_txopLimit << 16 |
2463 wmep[WME_AC_VO].wmep_txopLimit);
2466 RAL_WRITE(sc, RT2661_CWMIN_CSR,
2467 wmep[WME_AC_BE].wmep_logcwmin << 12 |
2468 wmep[WME_AC_BK].wmep_logcwmin << 8 |
2469 wmep[WME_AC_VI].wmep_logcwmin << 4 |
2470 wmep[WME_AC_VO].wmep_logcwmin);
2473 RAL_WRITE(sc, RT2661_CWMAX_CSR,
2474 wmep[WME_AC_BE].wmep_logcwmax << 12 |
2475 wmep[WME_AC_BK].wmep_logcwmax << 8 |
2476 wmep[WME_AC_VI].wmep_logcwmax << 4 |
2477 wmep[WME_AC_VO].wmep_logcwmax);
2480 RAL_WRITE(sc, RT2661_AIFSN_CSR,
2481 wmep[WME_AC_BE].wmep_aifsn << 12 |
2482 wmep[WME_AC_BK].wmep_aifsn << 8 |
2483 wmep[WME_AC_VI].wmep_aifsn << 4 |
2484 wmep[WME_AC_VO].wmep_aifsn);
2490 rt2661_update_slot(struct ifnet *ifp)
2492 struct rt2661_softc *sc = ifp->if_softc;
2493 struct ieee80211com *ic = &sc->sc_ic;
2497 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
2499 tmp = RAL_READ(sc, RT2661_MAC_CSR9);
2500 tmp = (tmp & ~0xff) | slottime;
2501 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp);
2505 rt2661_get_rf(int rev)
2508 case RT2661_RF_5225: return "RT5225";
2509 case RT2661_RF_5325: return "RT5325 (MIMO XR)";
2510 case RT2661_RF_2527: return "RT2527";
2511 case RT2661_RF_2529: return "RT2529 (MIMO XR)";
2512 default: return "unknown";
2517 rt2661_read_config(struct rt2661_softc *sc)
2519 struct ieee80211com *ic = &sc->sc_ic;
2524 /* read MAC address */
2525 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01);
2526 ic->ic_myaddr[0] = val & 0xff;
2527 ic->ic_myaddr[1] = val >> 8;
2529 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23);
2530 ic->ic_myaddr[2] = val & 0xff;
2531 ic->ic_myaddr[3] = val >> 8;
2533 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45);
2534 ic->ic_myaddr[4] = val & 0xff;
2535 ic->ic_myaddr[5] = val >> 8;
2537 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA);
2538 /* XXX: test if different from 0xffff? */
2539 sc->rf_rev = (val >> 11) & 0x1f;
2540 sc->hw_radio = (val >> 10) & 0x1;
2541 sc->auto_txagc = (val >> 9) & 0x1;
2542 sc->rx_ant = (val >> 4) & 0x3;
2543 sc->tx_ant = (val >> 2) & 0x3;
2544 sc->nb_ant = val & 0x3;
2546 DPRINTF(sc, ("RF revision=%d\n", sc->rf_rev));
2547 DPRINTF(sc, ("Number of ant %d, rxant %d, txant %d\n",
2548 sc->nb_ant, sc->rx_ant, sc->tx_ant));
2550 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2);
2551 sc->ext_5ghz_lna = (val >> 6) & 0x1;
2552 sc->ext_2ghz_lna = (val >> 4) & 0x1;
2554 DPRINTF(sc, ("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n",
2555 sc->ext_2ghz_lna, sc->ext_5ghz_lna));
2557 if (sc->ext_2ghz_lna) {
2558 sc->bbp17_2ghz_min = 0x30;
2559 sc->bbp17_2ghz_max = 0x50;
2561 sc->bbp17_2ghz_min = 0x20;
2562 sc->bbp17_2ghz_max = 0x40;
2565 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET);
2566 sc->rssi_2ghz_corr[0] = (int8_t)(val & 0xff); /* signed */
2567 sc->rssi_2ghz_corr[1] = (int8_t)(val >> 8); /* signed */
2569 /* Only [-10, 10] is valid */
2570 for (i = 0; i < 2; ++i) {
2571 if (sc->rssi_2ghz_corr[i] < -10 || sc->rssi_2ghz_corr[i] > 10)
2572 sc->rssi_2ghz_corr[i] = 0;
2575 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET);
2576 if ((val & 0xff) != 0xff)
2577 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */
2579 /* Only [-10, 10] is valid */
2580 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10)
2581 sc->rssi_5ghz_corr = 0;
2583 /* adjust RSSI correction for external low-noise amplifier */
2584 if (sc->ext_2ghz_lna) {
2585 sc->rssi_2ghz_corr[0] -= 14;
2586 sc->rssi_2ghz_corr[1] -= 14;
2588 if (sc->ext_5ghz_lna)
2589 sc->rssi_5ghz_corr -= 14;
2591 DPRINTF(sc, ("RSSI 2GHz corr0=%d corr1=%d\nRSSI 5GHz corr=%d\n",
2592 sc->rssi_2ghz_corr[0], sc->rssi_2ghz_corr[1], sc->rssi_5ghz_corr));
2594 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET);
2595 if ((val >> 8) != 0xff)
2596 rfprog = (val >> 8) & 0x3;
2597 if ((val & 0xff) != 0xff)
2598 sc->rffreq = val & 0xff;
2600 DPRINTF(sc, ("RF prog=%d\nRF freq=%d\n", rfprog, sc->rffreq));
2602 sc->rfprog = rfprog == 0 ? rt2661_rf5225_1 : rt2661_rf5225_2;
2604 #define NCHAN_2GHZ 14
2605 #define NCHAN_5GHZ 24
2607 * Read channel TX power
2610 rt2661_read_txpower_config(sc, RT2661_EEPROM_TXPOWER_2GHZ,
2611 NCHAN_2GHZ, &start_chan);
2612 rt2661_read_txpower_config(sc, RT2661_EEPROM_TXPOWER_5GHZ,
2613 NCHAN_5GHZ, &start_chan);
2617 /* read vendor-specific BBP values */
2618 for (i = 0; i < 16; i++) {
2619 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i);
2620 if (val == 0 || val == 0xffff)
2621 continue; /* skip invalid entries */
2622 sc->bbp_prom[i].reg = val >> 8;
2623 sc->bbp_prom[i].val = val & 0xff;
2624 DPRINTF(sc, ("BBP R%d=%02x\n", sc->bbp_prom[i].reg,
2625 sc->bbp_prom[i].val));
2628 val = rt2661_eeprom_read(sc, RT2661_EEPROM_LED_OFFSET);
2629 DPRINTF(sc, ("LED %02x\n", val));
2630 if (val == 0xffff) {
2631 sc->mcu_led = RT2661_MCU_LED_DEFAULT;
2633 #define N(arr) (int)(sizeof(arr) / sizeof(arr[0]))
2635 for (i = 0; i < N(led_ee2mcu); ++i) {
2636 if (val & led_ee2mcu[i].ee_bit)
2637 sc->mcu_led |= led_ee2mcu[i].mcu_bit;
2642 sc->mcu_led |= ((val >> RT2661_EE_LED_MODE_SHIFT) &
2643 RT2661_EE_LED_MODE_MASK);
2646 /* TX power down step array */
2647 val = rt2661_eeprom_read(sc, RT2661_EEPROM_2GHZ_TSSI1);
2648 sc->tssi_2ghz_down[3] = val & 0xff;
2649 sc->tssi_2ghz_down[2] = val >> 8;
2650 val = rt2661_eeprom_read(sc, RT2661_EEPROM_2GHZ_TSSI2);
2651 sc->tssi_2ghz_down[1] = val & 0xff;
2652 sc->tssi_2ghz_down[0] = val >> 8;
2653 DPRINTF(sc, ("2GHZ tssi down 0:%u 1:%u 2:%u 3:%u\n",
2654 sc->tssi_2ghz_down[0], sc->tssi_2ghz_down[1],
2655 sc->tssi_2ghz_down[2], sc->tssi_2ghz_down[3]));
2657 /* TX power up step array */
2658 val = rt2661_eeprom_read(sc, RT2661_EEPROM_2GHZ_TSSI3);
2659 sc->tssi_2ghz_up[0] = val & 0xff;
2660 sc->tssi_2ghz_up[1] = val >> 8;
2661 val = rt2661_eeprom_read(sc, RT2661_EEPROM_2GHZ_TSSI4);
2662 sc->tssi_2ghz_up[2] = val & 0xff;
2663 sc->tssi_2ghz_up[3] = val >> 8;
2664 DPRINTF(sc, ("2GHZ tssi up 0:%u 1:%u 2:%u 3:%u\n",
2665 sc->tssi_2ghz_up[0], sc->tssi_2ghz_up[1],
2666 sc->tssi_2ghz_up[2], sc->tssi_2ghz_up[3]));
2668 /* TX power adjustment reference value and step */
2669 val = rt2661_eeprom_read(sc, RT2661_EEPROM_2GHZ_TSSI5);
2670 sc->tssi_2ghz_ref = val & 0xff;
2671 sc->tssi_2ghz_step = val >> 8;
2672 DPRINTF(sc, ("2GHZ tssi ref %u, step %d\n",
2673 sc->tssi_2ghz_ref, sc->tssi_2ghz_step));
2675 if (sc->tssi_2ghz_ref == 0xff)
2677 DPRINTF(sc, ("Auto TX AGC %d\n", sc->auto_txagc));
2681 rt2661_bbp_init(struct rt2661_softc *sc)
2683 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2687 /* wait for BBP to be ready */
2688 for (ntries = 0; ntries < 100; ntries++) {
2689 val = rt2661_bbp_read(sc, 0);
2690 if (val != 0 && val != 0xff)
2694 if (ntries == 100) {
2695 device_printf(sc->sc_dev, "timeout waiting for BBP\n");
2699 /* initialize BBP registers to default values */
2700 for (i = 0; i < N(rt2661_def_bbp); i++) {
2701 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg,
2702 rt2661_def_bbp[i].val);
2705 /* write vendor-specific BBP values (from EEPROM) */
2706 for (i = 0; i < 16; i++) {
2707 if (sc->bbp_prom[i].reg == 0)
2709 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val);
2717 rt2661_init(void *priv)
2719 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2720 struct rt2661_softc *sc = priv;
2721 struct ieee80211com *ic = &sc->sc_ic;
2722 struct ifnet *ifp = ic->ic_ifp;
2723 uint32_t tmp, sta[3];
2728 /* initialize Tx rings */
2729 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr);
2730 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr);
2731 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr);
2732 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr);
2734 /* initialize Mgt ring */
2735 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr);
2737 /* initialize Rx ring */
2738 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr);
2740 /* initialize Tx rings sizes */
2741 RAL_WRITE(sc, RT2661_TX_RING_CSR0,
2742 RT2661_TX_RING_COUNT << 24 |
2743 RT2661_TX_RING_COUNT << 16 |
2744 RT2661_TX_RING_COUNT << 8 |
2745 RT2661_TX_RING_COUNT);
2747 RAL_WRITE(sc, RT2661_TX_RING_CSR1,
2748 RT2661_TX_DESC_WSIZE << 16 |
2749 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */
2750 RT2661_MGT_RING_COUNT);
2752 /* initialize Rx rings */
2753 RAL_WRITE(sc, RT2661_RX_RING_CSR,
2754 RT2661_RX_DESC_BACK << 16 |
2755 RT2661_RX_DESC_WSIZE << 8 |
2756 RT2661_RX_RING_COUNT);
2758 /* XXX: some magic here */
2759 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa);
2761 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */
2762 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f);
2764 /* load base address of Rx ring */
2765 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2);
2767 /* initialize MAC registers to default values */
2768 for (i = 0; i < N(rt2661_def_mac); i++)
2769 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val);
2771 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp));
2772 rt2661_set_macaddr(sc, ic->ic_myaddr);
2774 /* set host ready */
2775 RAL_WRITE(sc, RT2661_MAC_CSR1, 3);
2776 RAL_WRITE(sc, RT2661_MAC_CSR1, 0);
2778 /* wait for BBP/RF to wakeup */
2779 for (ntries = 0; ntries < 1000; ntries++) {
2780 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8)
2784 if (ntries == 1000) {
2785 kprintf("timeout waiting for BBP/RF to wakeup\n");
2790 if (rt2661_bbp_init(sc) != 0) {
2795 /* select default channel */
2796 sc->sc_curchan = ic->ic_curchan;
2797 rt2661_select_band(sc, sc->sc_curchan);
2798 rt2661_select_antenna(sc);
2799 rt2661_set_chan(sc, sc->sc_curchan);
2801 /* update Rx filter */
2802 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff;
2804 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR;
2805 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2806 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR |
2808 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
2809 tmp |= RT2661_DROP_TODS;
2810 if (!(ifp->if_flags & IFF_PROMISC))
2811 tmp |= RT2661_DROP_NOT_TO_ME;
2814 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2816 /* clear STA registers */
2817 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta));
2819 /* initialize ASIC */
2820 RAL_WRITE(sc, RT2661_MAC_CSR1, 4);
2822 /* clear any pending interrupt */
2823 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff);
2825 /* enable interrupts */
2826 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10);
2827 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0);
2830 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1);
2832 ifp->if_flags &= ~IFF_OACTIVE;
2833 ifp->if_flags |= IFF_RUNNING;
2835 for (i = 0; i < IEEE80211_WEP_NKID; ++i) {
2836 uint8_t mac[IEEE80211_ADDR_LEN];
2837 const struct ieee80211_key *k = &ic->ic_nw_keys[i];
2839 if (k->wk_keyix != IEEE80211_KEYIX_NONE)
2840 rt2661_key_set(ic, k, mac);
2843 RT2661_RESET_AVG_RSSI(sc);
2845 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2846 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
2847 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2849 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2855 rt2661_stop(void *priv)
2857 struct rt2661_softc *sc = priv;
2858 struct ieee80211com *ic = &sc->sc_ic;
2859 struct ifnet *ifp = ic->ic_ifp;
2860 struct rt2661_tx_ratectl *rctl;
2863 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
2865 sc->sc_tx_timer = 0;
2867 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
2869 /* abort Tx (for all 5 Tx rings) */
2870 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16);
2872 /* disable Rx (value remains after reset!) */
2873 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2874 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2877 RAL_WRITE(sc, RT2661_MAC_CSR1, 3);
2878 RAL_WRITE(sc, RT2661_MAC_CSR1, 0);
2880 /* disable interrupts */
2881 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff);
2882 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff);
2884 /* clear any pending interrupt */
2885 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff);
2886 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff);
2888 while ((rctl = STAILQ_FIRST(&sc->tx_ratectl)) != NULL) {
2889 STAILQ_REMOVE_HEAD(&sc->tx_ratectl, link);
2890 ieee80211_free_node(rctl->ni);
2892 kfree(rctl, M_RT2661);
2895 /* reset Tx and Rx rings */
2896 rt2661_reset_tx_ring(sc, &sc->txq[0]);
2897 rt2661_reset_tx_ring(sc, &sc->txq[1]);
2898 rt2661_reset_tx_ring(sc, &sc->txq[2]);
2899 rt2661_reset_tx_ring(sc, &sc->txq[3]);
2900 rt2661_reset_tx_ring(sc, &sc->mgtq);
2901 rt2661_reset_rx_ring(sc, &sc->rxq);
2903 /* Clear key map. */
2904 bzero(sc->sc_keymap, sizeof(sc->sc_keymap));
2908 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size)
2913 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET);
2915 /* cancel any pending Host to MCU command */
2916 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0);
2917 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff);
2918 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0);
2920 /* write 8051's microcode */
2921 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL);
2922 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size);
2923 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET);
2925 /* kick 8051's ass */
2926 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0);
2928 /* wait for 8051 to initialize */
2929 for (ntries = 0; ntries < 500; ntries++) {
2930 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY)
2934 if (ntries == 500) {
2935 kprintf("timeout waiting for MCU to initialize\n");
2942 rt2661_prepare_beacon(struct rt2661_softc *sc)
2944 struct ieee80211com *ic = &sc->sc_ic;
2945 struct ieee80211_beacon_offsets bo;
2946 struct rt2661_tx_desc desc;
2950 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo);
2952 device_printf(sc->sc_dev, "could not allocate beacon frame\n");
2956 /* send beacons at the lowest available rate */
2957 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2;
2959 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ,
2960 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT, 0, NULL, NULL, NULL);
2962 /* copy the first 24 bytes of Tx descriptor into NIC memory */
2963 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24);
2965 /* copy beacon header and payload into NIC memory */
2966 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24,
2967 mtod(m0, uint8_t *), m0->m_pkthdr.len);
2974 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS
2975 * and HostAP operating modes.
2978 rt2661_enable_tsf_sync(struct rt2661_softc *sc)
2980 struct ieee80211com *ic = &sc->sc_ic;
2983 if (ic->ic_opmode != IEEE80211_M_STA) {
2985 * Change default 16ms TBTT adjustment to 8ms.
2986 * Must be done before enabling beacon generation.
2988 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8);
2991 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000;
2993 /* set beacon interval (in 1/16ms unit) */
2994 tmp |= ic->ic_bss->ni_intval * 16;
2996 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT;
2997 if (ic->ic_opmode == IEEE80211_M_STA)
2998 tmp |= RT2661_TSF_MODE(1);
3000 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON;
3002 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp);
3006 * Retrieve the "Received Signal Strength Indicator" from the raw values
3007 * contained in Rx descriptors. The computation depends on which band the
3008 * frame was received. Correction values taken from the reference driver.
3011 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw, int i)
3015 lna = (raw >> 5) & 0x3;
3022 * NB: Since RSSI is relative to noise floor, -1 is
3023 * adequate for caller to know error happened.
3028 rssi = (2 * agc) - RT2661_NOISE_FLOOR;
3030 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) {
3031 rssi += sc->rssi_2ghz_corr[i];
3040 rssi += sc->rssi_5ghz_corr;
3050 if (sc->avg_rssi[i] < 0) {
3051 sc->avg_rssi[i] = rssi;
3054 ((sc->avg_rssi[i] << 3) - sc->avg_rssi[i] + rssi) >> 3;
3060 rt2661_dma_map_mbuf(void *arg, bus_dma_segment_t *seg, int nseg,
3061 bus_size_t map_size __unused, int error)
3063 struct rt2661_dmamap *map = arg;
3068 KASSERT(nseg <= RT2661_MAX_SCATTER, ("too many DMA segments"));
3070 bcopy(seg, map->segs, nseg * sizeof(bus_dma_segment_t));
3075 rt2661_led_newstate(struct rt2661_softc *sc, enum ieee80211_state nstate)
3077 struct ieee80211com *ic = &sc->sc_ic;
3079 uint32_t mail = sc->mcu_led;
3081 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY) {
3082 DPRINTF(sc, ("%s failed\n", __func__));
3087 case IEEE80211_S_INIT:
3088 mail &= ~(RT2661_MCU_LED_LINKA | RT2661_MCU_LED_LINKG |
3092 if (ic->ic_curchan == NULL)
3095 on = RT2661_MCU_LED_LINKG;
3096 off = RT2661_MCU_LED_LINKA;
3097 if (IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan)) {
3098 on = RT2661_MCU_LED_LINKA;
3099 off = RT2661_MCU_LED_LINKG;
3102 mail |= RT2661_MCU_LED_RF | on;
3107 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR,
3108 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | mail);
3109 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | RT2661_MCU_SET_LED);
3113 rt2661_read_txpower_config(struct rt2661_softc *sc, uint8_t txpwr_ofs,
3114 int nchan, int *start_chan0)
3117 int start_chan = *start_chan0;
3119 KASSERT(nchan % 2 == 0, ("number of channels %d is not even\n", nchan));
3120 KASSERT(start_chan + nchan <= RT2661_NCHAN_MAX, ("too many channels"));
3122 loop_max = nchan / 2;
3124 for (i = 0; i < loop_max; i++) {
3128 val = rt2661_eeprom_read(sc, txpwr_ofs + i);
3129 chan_idx = i * 2 + start_chan;
3131 for (j = 0; j < 2; ++j) {
3132 int8_t tx_power; /* signed */
3134 tx_power = (int8_t)((val >> (8 * j)) & 0xff);
3135 if (tx_power > RT2661_TXPOWER_MAX)
3136 tx_power = RT2661_TXPOWER_DEFAULT;
3138 sc->txpow[chan_idx] = tx_power;
3139 DPRINTF(sc, ("Channel=%d Tx power=%d\n",
3140 rt2661_rf5225_1[chan_idx].chan, sc->txpow[chan_idx]));
3145 *start_chan0 += nchan;
3149 rt2661_key_alloc(struct ieee80211com *ic, const struct ieee80211_key *key,
3150 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix)
3152 struct rt2661_softc *sc = ic->ic_if.if_softc;
3154 DPRINTF(sc, ("%s: ", __func__));
3156 if (key->wk_flags & IEEE80211_KEY_SWCRYPT) {
3157 DPRINTF(sc, ("alloc sw key\n"));
3158 return sc->sc_key_alloc(ic, key, keyix, rxkeyix);
3161 if (key->wk_flags & IEEE80211_KEY_GROUP) { /* Global key */
3162 DPRINTF(sc, ("alloc group key\n"));
3164 KASSERT(key >= &ic->ic_nw_keys[0] &&
3165 key < &ic->ic_nw_keys[IEEE80211_WEP_NKID],
3166 ("bogus group key\n"));
3168 *keyix = *rxkeyix = key - ic->ic_nw_keys;
3170 } else { /* Pairwise key */
3173 DPRINTF(sc, ("alloc pairwise key\n"));
3175 for (i = IEEE80211_WEP_NKID; i < RT2661_KEY_MAX; ++i) {
3176 if (!RT2661_KEY_ISSET(sc, i))
3179 #ifndef MIXED_KEY_TEST
3180 if (i == RT2661_KEY_MAX)
3183 if (i != IEEE80211_WEP_NKID)
3187 RT2661_KEY_SET(sc, i);
3188 *keyix = *rxkeyix = i;
3194 rt2661_key_delete(struct ieee80211com *ic, const struct ieee80211_key *key)
3196 struct rt2661_softc *sc = ic->ic_if.if_softc;
3199 DPRINTF(sc, ("%s: keyix %d, rxkeyix %d, ", __func__,
3200 key->wk_keyix, key->wk_rxkeyix));
3202 if (key->wk_flags & IEEE80211_KEY_SWCRYPT) {
3203 DPRINTF(sc, ("delete sw key\n"));
3204 return sc->sc_key_delete(ic, key);
3207 if (key->wk_keyix < IEEE80211_WEP_NKID) { /* Global key */
3208 DPRINTF(sc, ("delete global key\n"));
3209 val = RAL_READ(sc, RT2661_SEC_CSR0);
3210 val &= ~(1 << key->wk_keyix);
3211 RAL_WRITE(sc, RT2661_SEC_CSR0, val);
3212 } else { /* Pairwise key */
3213 DPRINTF(sc, ("delete pairwise key\n"));
3215 RT2661_KEY_CLR(sc, key->wk_keyix);
3216 if (key->wk_keyix < 32) {
3217 val = RAL_READ(sc, RT2661_SEC_CSR2);
3218 val &= ~(1 << key->wk_keyix);
3219 RAL_WRITE(sc, RT2661_SEC_CSR2, val);
3221 val = RAL_READ(sc, RT2661_SEC_CSR3);
3222 val &= ~(1 << (key->wk_keyix - 32));
3223 RAL_WRITE(sc, RT2661_SEC_CSR3, val);
3230 rt2661_key_set(struct ieee80211com *ic, const struct ieee80211_key *key,
3231 const uint8_t mac[IEEE80211_ADDR_LEN])
3233 struct rt2661_softc *sc = ic->ic_if.if_softc;
3236 DPRINTF(sc, ("%s: keyix %d, rxkeyix %d, flags 0x%04x, ", __func__,
3237 key->wk_keyix, key->wk_rxkeyix, key->wk_flags));
3239 if (key->wk_flags & IEEE80211_KEY_SWCRYPT) {
3240 DPRINTF(sc, ("set sw key\n"));
3241 return sc->sc_key_set(ic, key, mac);
3244 if (key->wk_keyix < IEEE80211_WEP_NKID) { /* Global Key */
3245 int cipher, keyix_shift;
3247 DPRINTF(sc, ("set global key\n"));
3250 * Install key content.
3252 addr = RT2661_GLOBAL_KEY_BASE +
3253 (key->wk_keyix * sizeof(key->wk_key));
3254 RAL_WRITE_REGION_1(sc, addr, key->wk_key, sizeof(key->wk_key));
3259 cipher = rt2661_cipher(key);
3260 keyix_shift = key->wk_keyix * 4;
3262 val = RAL_READ(sc, RT2661_SEC_CSR1);
3263 val &= ~(0xf << keyix_shift);
3264 val |= cipher << keyix_shift;
3265 RAL_WRITE(sc, RT2661_SEC_CSR1, val);
3270 val = RAL_READ(sc, RT2661_SEC_CSR0);
3271 val |= 1 << key->wk_keyix;
3272 RAL_WRITE(sc, RT2661_SEC_CSR0, val);
3273 } else { /* Pairwise key */
3274 uint8_t mac_cipher[IEEE80211_ADDR_LEN + 1];
3276 DPRINTF(sc, ("set pairwise key\n"));
3279 * Install key content.
3281 addr = RT2661_PAIRWISE_KEY_BASE +
3282 (key->wk_keyix * sizeof(key->wk_key));
3283 RAL_WRITE_REGION_1(sc, addr, key->wk_key, sizeof(key->wk_key));
3286 * Set target address and key cipher.
3288 memcpy(mac_cipher, mac, IEEE80211_ADDR_LEN);
3289 mac_cipher[IEEE80211_ADDR_LEN] = rt2661_cipher(key);
3291 /* XXX Actually slot size is 1 byte bigger than mac_cipher */
3292 addr = RT2661_TARGET_ADDR_BASE +
3293 (key->wk_keyix * (IEEE80211_ADDR_LEN + 2));
3294 RAL_WRITE_REGION_1(sc, addr, mac_cipher, sizeof(mac_cipher));
3299 if (key->wk_keyix < 32) {
3300 val = RAL_READ(sc, RT2661_SEC_CSR2);
3301 val |= 1 << key->wk_keyix;
3302 RAL_WRITE(sc, RT2661_SEC_CSR2, val);
3304 val = RAL_READ(sc, RT2661_SEC_CSR3);
3305 val |= 1 << (key->wk_keyix - 32);
3306 RAL_WRITE(sc, RT2661_SEC_CSR3, val);
3310 * Enable pairwise key looking up when RX.
3312 RAL_WRITE(sc, RT2661_SEC_CSR4, 1);
3318 rt2661_ratectl_attach(struct ieee80211com *ic, u_int rc)
3320 struct rt2661_softc *sc = ic->ic_if.if_softc;
3323 case IEEE80211_RATECTL_ONOE:
3324 return &sc->sc_onoe_param;
3326 case IEEE80211_RATECTL_SAMPLE:
3327 if ((ic->ic_ratectl.rc_st_ratectl_cap &
3328 IEEE80211_RATECTL_CAP_SAMPLE) == 0)
3329 panic("sample rate control algo is not supported\n");
3330 return &sc->sc_sample_param;
3332 case IEEE80211_RATECTL_NONE:
3333 /* This could only happen during detaching */
3337 panic("unknown rate control algo %u\n", rc);
3343 rt2661_calib_txpower(struct rt2661_softc *sc)
3348 if (sc->sc_ic.ic_state != IEEE80211_S_RUN)
3351 txpower = sc->txpow[sc->sc_curchan_idx];
3354 else if (txpower > 31)
3356 txpower = rt2661_txpower(sc, txpower);
3358 if (sc->auto_txagc) {
3360 * Compensate TX power according to temperature change
3362 if (sc->sc_txpwr_cnt++ % 4 == 0) {
3367 * Adjust compensation very 4 seconds
3369 bbp1 = rt2661_bbp_read(sc, 1);
3370 if (bbp1 > sc->tssi_2ghz_ref) {
3371 for (i = 0; i < RT2661_TSSI_LIMSZ; ++i) {
3372 if (bbp1 <= sc->tssi_2ghz_down[i])
3375 if (txpower > (sc->tssi_2ghz_step * i)) {
3376 sc->tssi_2ghz_comp =
3377 -(sc->tssi_2ghz_step * i);
3379 sc->tssi_2ghz_comp = -txpower;
3381 } else if (bbp1 < sc->tssi_2ghz_ref) {
3382 for (i = 0; i < RT2661_TSSI_LIMSZ; ++i) {
3383 if (bbp1 >= sc->tssi_2ghz_up[i])
3386 sc->tssi_2ghz_comp = sc->tssi_2ghz_step * i;
3389 txpower += sc->tssi_2ghz_comp;
3393 * Adjust TX power according to RSSI
3395 rssi_dbm = rt2661_avgrssi(sc);
3396 DPRINTF(sc, ("dbm %d, txpower %d\n", rssi_dbm, txpower));
3398 if (rssi_dbm > -30) {
3403 } else if (rssi_dbm > -45) {
3410 if (txpower != sc->sc_txpwr)
3411 rt2661_set_txpower(sc, txpower);
3415 rt2661_calib_rxsensibility(struct rt2661_softc *sc, uint32_t false_cca)
3417 #define MIDRANGE_RSSI -74
3422 if (sc->sc_ic.ic_state != IEEE80211_S_RUN)
3425 rssi_dbm = rt2661_avgrssi(sc);
3427 if (rssi_dbm >= MIDRANGE_RSSI) {
3428 if (rssi_dbm >= -35)
3430 else if (rssi_dbm >= -58)
3431 bbp17 = sc->bbp17_2ghz_max;
3432 else if (rssi_dbm >= -66)
3433 bbp17 = sc->bbp17_2ghz_min + 0x10;
3435 bbp17 = sc->bbp17_2ghz_min + 0x8;
3437 if (sc->bbp17 != bbp17)
3438 rt2661_bbp_write(sc, 17, bbp17);
3442 bbp17 = sc->bbp17_2ghz_max - (2 * (MIDRANGE_RSSI - rssi_dbm));
3443 if (bbp17 < sc->bbp17_2ghz_min)
3444 bbp17 = sc->bbp17_2ghz_min;
3446 if (sc->bbp17 > bbp17) {
3447 rt2661_bbp_write(sc, 17, bbp17);
3451 DPRINTF(sc, ("calibrate according to false CCA\n"));
3453 if (false_cca > 512 && sc->bbp17 > sc->bbp17_2ghz_min)
3454 rt2661_bbp_write(sc, 17, sc->bbp17 - 1);
3455 else if (false_cca < 100 && sc->bbp17 < bbp17)
3456 rt2661_bbp_write(sc, 17, sc->bbp17 + 1);
3458 #undef MIDRANGE_RSSI
3462 rt2661_calibrate(void *xsc)
3464 struct rt2661_softc *sc = xsc;
3465 struct ifnet *ifp = &sc->sc_ic.ic_if;
3468 lwkt_serialize_enter(ifp->if_serializer);
3470 false_cca = (RAL_READ(sc, RT2661_STA_CSR1) >> 16);
3471 DPRINTF(sc, ("false cca %u\n", false_cca));
3473 if (sc->sc_calib_rxsns)
3474 rt2661_calib_rxsensibility(sc, false_cca);
3476 if (sc->sc_calib_txpwr)
3477 rt2661_calib_txpower(sc);
3479 callout_reset(&sc->calib_ch, hz, rt2661_calibrate, sc);
3481 lwkt_serialize_exit(ifp->if_serializer);
projects / dragonfly.git / blob