5 * Damien Bergamini <damien.bergamini@free.fr>
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 #include <sys/cdefs.h>
21 __FBSDID("$FreeBSD$");
24 * Ralink Technology RT2561, RT2561S and RT2661 chipset driver
25 * http://www.ralinktech.com/
28 #include <sys/param.h>
29 #include <sys/sysctl.h>
30 #include <sys/sockio.h>
32 #include <sys/kernel.h>
33 #include <sys/socket.h>
34 #include <sys/systm.h>
35 #include <sys/malloc.h>
37 #include <sys/mutex.h>
38 #include <sys/module.h>
40 #include <sys/endian.h>
42 #include <machine/bus.h>
43 #include <machine/resource.h>
48 #include <net/if_arp.h>
49 #include <net/ethernet.h>
50 #include <net/if_dl.h>
51 #include <net/if_media.h>
52 #include <net/if_types.h>
54 #include <net80211/ieee80211_var.h>
55 #include <net80211/ieee80211_radiotap.h>
56 #include <net80211/ieee80211_regdomain.h>
58 #include <netinet/in.h>
59 #include <netinet/in_systm.h>
60 #include <netinet/in_var.h>
61 #include <netinet/ip.h>
62 #include <netinet/if_ether.h>
64 #include <dev/ral/if_ralrate.h>
65 #include <dev/ral/rt2661reg.h>
66 #include <dev/ral/rt2661var.h>
67 #include <dev/ral/rt2661_ucode.h>
70 #define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0)
71 #define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0)
73 SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level");
76 #define DPRINTFN(n, x)
79 static void rt2661_dma_map_addr(void *, bus_dma_segment_t *, int,
81 static int rt2661_alloc_tx_ring(struct rt2661_softc *,
82 struct rt2661_tx_ring *, int);
83 static void rt2661_reset_tx_ring(struct rt2661_softc *,
84 struct rt2661_tx_ring *);
85 static void rt2661_free_tx_ring(struct rt2661_softc *,
86 struct rt2661_tx_ring *);
87 static int rt2661_alloc_rx_ring(struct rt2661_softc *,
88 struct rt2661_rx_ring *, int);
89 static void rt2661_reset_rx_ring(struct rt2661_softc *,
90 struct rt2661_rx_ring *);
91 static void rt2661_free_rx_ring(struct rt2661_softc *,
92 struct rt2661_rx_ring *);
93 static struct ieee80211_node *rt2661_node_alloc(
94 struct ieee80211_node_table *);
95 static int rt2661_media_change(struct ifnet *);
96 static int rt2661_newstate(struct ieee80211com *,
97 enum ieee80211_state, int);
98 static uint16_t rt2661_eeprom_read(struct rt2661_softc *, uint8_t);
99 static void rt2661_rx_intr(struct rt2661_softc *);
100 static void rt2661_tx_intr(struct rt2661_softc *);
101 static void rt2661_tx_dma_intr(struct rt2661_softc *,
102 struct rt2661_tx_ring *);
103 static void rt2661_mcu_beacon_expire(struct rt2661_softc *);
104 static void rt2661_mcu_wakeup(struct rt2661_softc *);
105 static void rt2661_mcu_cmd_intr(struct rt2661_softc *);
106 static int rt2661_ack_rate(struct ieee80211com *, int);
107 static void rt2661_scan_start(struct ieee80211com *);
108 static void rt2661_scan_end(struct ieee80211com *);
109 static void rt2661_set_channel(struct ieee80211com *);
110 static uint16_t rt2661_txtime(int, int, uint32_t);
111 static uint8_t rt2661_rxrate(struct rt2661_rx_desc *);
112 static uint8_t rt2661_plcp_signal(int);
113 static void rt2661_setup_tx_desc(struct rt2661_softc *,
114 struct rt2661_tx_desc *, uint32_t, uint16_t, int,
115 int, const bus_dma_segment_t *, int, int);
116 static struct mbuf * rt2661_get_rts(struct rt2661_softc *,
117 struct ieee80211_frame *, uint16_t);
118 static int rt2661_tx_data(struct rt2661_softc *, struct mbuf *,
119 struct ieee80211_node *, int);
120 static int rt2661_tx_mgt(struct rt2661_softc *, struct mbuf *,
121 struct ieee80211_node *);
122 static void rt2661_start(struct ifnet *);
123 static void rt2661_watchdog(void *);
124 static int rt2661_reset(struct ifnet *);
125 static int rt2661_ioctl(struct ifnet *, u_long, caddr_t);
126 static void rt2661_bbp_write(struct rt2661_softc *, uint8_t,
128 static uint8_t rt2661_bbp_read(struct rt2661_softc *, uint8_t);
129 static void rt2661_rf_write(struct rt2661_softc *, uint8_t,
131 static int rt2661_tx_cmd(struct rt2661_softc *, uint8_t,
133 static void rt2661_select_antenna(struct rt2661_softc *);
134 static void rt2661_enable_mrr(struct rt2661_softc *);
135 static void rt2661_set_txpreamble(struct rt2661_softc *);
136 static void rt2661_set_basicrates(struct rt2661_softc *,
137 const struct ieee80211_rateset *);
138 static void rt2661_select_band(struct rt2661_softc *,
139 struct ieee80211_channel *);
140 static void rt2661_set_chan(struct rt2661_softc *,
141 struct ieee80211_channel *);
142 static void rt2661_set_bssid(struct rt2661_softc *,
144 static void rt2661_set_macaddr(struct rt2661_softc *,
146 static void rt2661_update_promisc(struct rt2661_softc *);
147 static int rt2661_wme_update(struct ieee80211com *) __unused;
148 static void rt2661_update_slot(struct ifnet *);
149 static const char *rt2661_get_rf(int);
150 static void rt2661_read_eeprom(struct rt2661_softc *);
151 static int rt2661_bbp_init(struct rt2661_softc *);
152 static void rt2661_init(void *);
153 static void rt2661_stop(void *);
154 static void rt2661_stop_locked(struct rt2661_softc *);
155 static int rt2661_load_microcode(struct rt2661_softc *,
156 const uint8_t *, int);
158 static void rt2661_rx_tune(struct rt2661_softc *);
159 static void rt2661_radar_start(struct rt2661_softc *);
160 static int rt2661_radar_stop(struct rt2661_softc *);
162 static int rt2661_prepare_beacon(struct rt2661_softc *);
163 static void rt2661_enable_tsf_sync(struct rt2661_softc *);
164 static int rt2661_get_rssi(struct rt2661_softc *, uint8_t);
166 static const struct {
169 } rt2661_def_mac[] = {
173 static const struct {
176 } rt2661_def_bbp[] = {
180 static const struct rfprog {
182 uint32_t r1, r2, r3, r4;
183 } rt2661_rf5225_1[] = {
185 }, rt2661_rf5225_2[] = {
190 rt2661_attach(device_t dev, int id)
192 struct rt2661_softc *sc = device_get_softc(dev);
193 struct ieee80211com *ic = &sc->sc_ic;
196 const uint8_t *ucode = NULL;
197 int bands, error, ac, ntries, size = 0;
201 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK,
202 MTX_DEF | MTX_RECURSE);
204 callout_init_mtx(&sc->watchdog_ch, &sc->sc_mtx, 0);
205 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE);
207 /* wait for NIC to initialize */
208 for (ntries = 0; ntries < 1000; ntries++) {
209 if ((val = RAL_READ(sc, RT2661_MAC_CSR0)) != 0)
213 if (ntries == 1000) {
214 device_printf(sc->sc_dev,
215 "timeout waiting for NIC to initialize\n");
220 /* retrieve RF rev. no and various other things from EEPROM */
221 rt2661_read_eeprom(sc);
223 device_printf(dev, "MAC/BBP RT%X, RF %s\n", val,
224 rt2661_get_rf(sc->rf_rev));
227 * Load 8051 microcode into NIC.
231 ucode = rt2561s_ucode;
232 size = sizeof rt2561s_ucode;
235 ucode = rt2561_ucode;
236 size = sizeof rt2561_ucode;
239 ucode = rt2661_ucode;
240 size = sizeof rt2661_ucode;
244 error = rt2661_load_microcode(sc, ucode, size);
246 device_printf(sc->sc_dev, "could not load 8051 microcode\n");
251 * Allocate Tx and Rx rings.
253 for (ac = 0; ac < 4; ac++) {
254 error = rt2661_alloc_tx_ring(sc, &sc->txq[ac],
255 RT2661_TX_RING_COUNT);
257 device_printf(sc->sc_dev,
258 "could not allocate Tx ring %d\n", ac);
263 error = rt2661_alloc_tx_ring(sc, &sc->mgtq, RT2661_MGT_RING_COUNT);
265 device_printf(sc->sc_dev, "could not allocate Mgt ring\n");
269 error = rt2661_alloc_rx_ring(sc, &sc->rxq, RT2661_RX_RING_COUNT);
271 device_printf(sc->sc_dev, "could not allocate Rx ring\n");
275 ifp = sc->sc_ifp = if_alloc(IFT_ETHER);
277 device_printf(sc->sc_dev, "can not if_alloc()\n");
283 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
284 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
285 ifp->if_init = rt2661_init;
286 ifp->if_ioctl = rt2661_ioctl;
287 ifp->if_start = rt2661_start;
288 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN);
289 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN;
290 IFQ_SET_READY(&ifp->if_snd);
293 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
294 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
295 ic->ic_state = IEEE80211_S_INIT;
297 /* set device capabilities */
299 IEEE80211_C_IBSS | /* IBSS mode supported */
300 IEEE80211_C_MONITOR | /* monitor mode supported */
301 IEEE80211_C_HOSTAP | /* HostAp mode supported */
302 IEEE80211_C_TXPMGT | /* tx power management */
303 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
304 IEEE80211_C_SHSLOT | /* short slot time supported */
306 IEEE80211_C_WME | /* 802.11e */
308 IEEE80211_C_BGSCAN | /* bg scanning support */
309 IEEE80211_C_WPA; /* 802.11i */
312 setbit(&bands, IEEE80211_MODE_11B);
313 setbit(&bands, IEEE80211_MODE_11G);
314 if (sc->rf_rev == RT2661_RF_5225 || sc->rf_rev == RT2661_RF_5325)
315 setbit(&bands, IEEE80211_MODE_11A);
316 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1);
318 ieee80211_ifattach(ic);
319 ic->ic_node_alloc = rt2661_node_alloc;
320 /* ic->ic_wme.wme_update = rt2661_wme_update;*/
321 ic->ic_scan_start = rt2661_scan_start;
322 ic->ic_scan_end = rt2661_scan_end;
323 ic->ic_set_channel = rt2661_set_channel;
324 ic->ic_updateslot = rt2661_update_slot;
325 ic->ic_reset = rt2661_reset;
326 /* enable s/w bmiss handling in sta mode */
327 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
329 /* override state transition machine */
330 sc->sc_newstate = ic->ic_newstate;
331 ic->ic_newstate = rt2661_newstate;
332 ieee80211_media_init(ic, rt2661_media_change, ieee80211_media_status);
334 bpfattach2(ifp, DLT_IEEE802_11_RADIO,
335 sizeof (struct ieee80211_frame) + sizeof (sc->sc_txtap),
338 sc->sc_rxtap_len = sizeof sc->sc_rxtap;
339 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
340 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2661_RX_RADIOTAP_PRESENT);
342 sc->sc_txtap_len = sizeof sc->sc_txtap;
343 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
344 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2661_TX_RADIOTAP_PRESENT);
348 * Add a few sysctl knobs.
352 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev),
353 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell",
354 CTLFLAG_RW, &sc->dwelltime, 0,
355 "channel dwell time (ms) for AP/station scanning");
358 ieee80211_announce(ic);
362 fail4: rt2661_free_rx_ring(sc, &sc->rxq);
363 fail3: rt2661_free_tx_ring(sc, &sc->mgtq);
364 fail2: while (--ac >= 0)
365 rt2661_free_tx_ring(sc, &sc->txq[ac]);
366 fail1: mtx_destroy(&sc->sc_mtx);
371 rt2661_detach(void *xsc)
373 struct rt2661_softc *sc = xsc;
374 struct ieee80211com *ic = &sc->sc_ic;
375 struct ifnet *ifp = ic->ic_ifp;
378 rt2661_stop_locked(sc);
379 callout_stop(&sc->watchdog_ch);
381 callout_stop(&sc->rssadapt_ch);
384 ieee80211_ifdetach(ic);
386 rt2661_free_tx_ring(sc, &sc->txq[0]);
387 rt2661_free_tx_ring(sc, &sc->txq[1]);
388 rt2661_free_tx_ring(sc, &sc->txq[2]);
389 rt2661_free_tx_ring(sc, &sc->txq[3]);
390 rt2661_free_tx_ring(sc, &sc->mgtq);
391 rt2661_free_rx_ring(sc, &sc->rxq);
395 mtx_destroy(&sc->sc_mtx);
401 rt2661_shutdown(void *xsc)
403 struct rt2661_softc *sc = xsc;
409 rt2661_suspend(void *xsc)
411 struct rt2661_softc *sc = xsc;
417 rt2661_resume(void *xsc)
419 struct rt2661_softc *sc = xsc;
420 struct ifnet *ifp = sc->sc_ic.ic_ifp;
422 if (ifp->if_flags & IFF_UP) {
423 ifp->if_init(ifp->if_softc);
424 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
430 rt2661_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error)
435 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg));
437 *(bus_addr_t *)arg = segs[0].ds_addr;
441 rt2661_alloc_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring,
448 ring->cur = ring->next = ring->stat = 0;
450 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0,
451 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL,
452 count * RT2661_TX_DESC_SIZE, 1, count * RT2661_TX_DESC_SIZE,
453 0, NULL, NULL, &ring->desc_dmat);
455 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
459 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
460 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map);
462 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
466 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
467 count * RT2661_TX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr,
470 device_printf(sc->sc_dev, "could not load desc DMA map\n");
474 ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF,
476 if (ring->data == NULL) {
477 device_printf(sc->sc_dev, "could not allocate soft data\n");
482 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0,
483 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES,
484 RT2661_MAX_SCATTER, MCLBYTES, 0, NULL, NULL, &ring->data_dmat);
486 device_printf(sc->sc_dev, "could not create data DMA tag\n");
490 for (i = 0; i < count; i++) {
491 error = bus_dmamap_create(ring->data_dmat, 0,
494 device_printf(sc->sc_dev, "could not create DMA map\n");
501 fail: rt2661_free_tx_ring(sc, ring);
506 rt2661_reset_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring)
508 struct rt2661_tx_desc *desc;
509 struct rt2661_tx_data *data;
512 for (i = 0; i < ring->count; i++) {
513 desc = &ring->desc[i];
514 data = &ring->data[i];
516 if (data->m != NULL) {
517 bus_dmamap_sync(ring->data_dmat, data->map,
518 BUS_DMASYNC_POSTWRITE);
519 bus_dmamap_unload(ring->data_dmat, data->map);
524 if (data->ni != NULL) {
525 ieee80211_free_node(data->ni);
532 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
535 ring->cur = ring->next = ring->stat = 0;
539 rt2661_free_tx_ring(struct rt2661_softc *sc, struct rt2661_tx_ring *ring)
541 struct rt2661_tx_data *data;
544 if (ring->desc != NULL) {
545 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
546 BUS_DMASYNC_POSTWRITE);
547 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
548 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
551 if (ring->desc_dmat != NULL)
552 bus_dma_tag_destroy(ring->desc_dmat);
554 if (ring->data != NULL) {
555 for (i = 0; i < ring->count; i++) {
556 data = &ring->data[i];
558 if (data->m != NULL) {
559 bus_dmamap_sync(ring->data_dmat, data->map,
560 BUS_DMASYNC_POSTWRITE);
561 bus_dmamap_unload(ring->data_dmat, data->map);
565 if (data->ni != NULL)
566 ieee80211_free_node(data->ni);
568 if (data->map != NULL)
569 bus_dmamap_destroy(ring->data_dmat, data->map);
572 free(ring->data, M_DEVBUF);
575 if (ring->data_dmat != NULL)
576 bus_dma_tag_destroy(ring->data_dmat);
580 rt2661_alloc_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring,
583 struct rt2661_rx_desc *desc;
584 struct rt2661_rx_data *data;
589 ring->cur = ring->next = 0;
591 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0,
592 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL,
593 count * RT2661_RX_DESC_SIZE, 1, count * RT2661_RX_DESC_SIZE,
594 0, NULL, NULL, &ring->desc_dmat);
596 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
600 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
601 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map);
603 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
607 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
608 count * RT2661_RX_DESC_SIZE, rt2661_dma_map_addr, &ring->physaddr,
611 device_printf(sc->sc_dev, "could not load desc DMA map\n");
615 ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF,
617 if (ring->data == NULL) {
618 device_printf(sc->sc_dev, "could not allocate soft data\n");
624 * Pre-allocate Rx buffers and populate Rx ring.
626 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0,
627 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES,
628 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat);
630 device_printf(sc->sc_dev, "could not create data DMA tag\n");
634 for (i = 0; i < count; i++) {
635 desc = &sc->rxq.desc[i];
636 data = &sc->rxq.data[i];
638 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
640 device_printf(sc->sc_dev, "could not create DMA map\n");
644 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR);
645 if (data->m == NULL) {
646 device_printf(sc->sc_dev,
647 "could not allocate rx mbuf\n");
652 error = bus_dmamap_load(ring->data_dmat, data->map,
653 mtod(data->m, void *), MCLBYTES, rt2661_dma_map_addr,
656 device_printf(sc->sc_dev,
657 "could not load rx buf DMA map");
661 desc->flags = htole32(RT2661_RX_BUSY);
662 desc->physaddr = htole32(physaddr);
665 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
669 fail: rt2661_free_rx_ring(sc, ring);
674 rt2661_reset_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring)
678 for (i = 0; i < ring->count; i++)
679 ring->desc[i].flags = htole32(RT2661_RX_BUSY);
681 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
683 ring->cur = ring->next = 0;
687 rt2661_free_rx_ring(struct rt2661_softc *sc, struct rt2661_rx_ring *ring)
689 struct rt2661_rx_data *data;
692 if (ring->desc != NULL) {
693 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
694 BUS_DMASYNC_POSTWRITE);
695 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
696 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
699 if (ring->desc_dmat != NULL)
700 bus_dma_tag_destroy(ring->desc_dmat);
702 if (ring->data != NULL) {
703 for (i = 0; i < ring->count; i++) {
704 data = &ring->data[i];
706 if (data->m != NULL) {
707 bus_dmamap_sync(ring->data_dmat, data->map,
708 BUS_DMASYNC_POSTREAD);
709 bus_dmamap_unload(ring->data_dmat, data->map);
713 if (data->map != NULL)
714 bus_dmamap_destroy(ring->data_dmat, data->map);
717 free(ring->data, M_DEVBUF);
720 if (ring->data_dmat != NULL)
721 bus_dma_tag_destroy(ring->data_dmat);
724 static struct ieee80211_node *
725 rt2661_node_alloc(struct ieee80211_node_table *nt)
727 struct rt2661_node *rn;
729 rn = malloc(sizeof (struct rt2661_node), M_80211_NODE,
732 return (rn != NULL) ? &rn->ni : NULL;
736 rt2661_media_change(struct ifnet *ifp)
738 struct rt2661_softc *sc = ifp->if_softc;
741 error = ieee80211_media_change(ifp);
742 if (error != ENETRESET)
745 if ((ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING))
752 * This function is called for each node present in the node station table.
755 rt2661_iter_func(void *arg, struct ieee80211_node *ni)
757 struct rt2661_node *rn = (struct rt2661_node *)ni;
759 ral_rssadapt_updatestats(&rn->rssadapt);
763 * This function is called periodically (every 100ms) in RUN state to update
764 * the rate adaptation statistics.
767 rt2661_update_rssadapt(void *arg)
769 struct rt2661_softc *sc = arg;
770 struct ieee80211com *ic = &sc->sc_ic;
774 ieee80211_iterate_nodes(&ic->ic_sta, rt2661_iter_func, arg);
775 callout_reset(&sc->rssadapt_ch, hz / 10, rt2661_update_rssadapt, sc);
781 rt2661_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
783 struct rt2661_softc *sc = ic->ic_ifp->if_softc;
784 enum ieee80211_state ostate;
785 struct ieee80211_node *ni;
789 ostate = ic->ic_state;
792 case IEEE80211_S_INIT:
793 callout_stop(&sc->rssadapt_ch);
795 if (ostate == IEEE80211_S_RUN) {
796 /* abort TSF synchronization */
797 tmp = RAL_READ(sc, RT2661_TXRX_CSR9);
798 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0x00ffffff);
801 case IEEE80211_S_RUN:
804 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
805 rt2661_enable_mrr(sc);
806 rt2661_set_txpreamble(sc);
807 rt2661_set_basicrates(sc, &ni->ni_rates);
808 rt2661_set_bssid(sc, ni->ni_bssid);
811 if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
812 ic->ic_opmode == IEEE80211_M_IBSS) {
813 if ((error = rt2661_prepare_beacon(sc)) != 0)
817 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
818 callout_reset(&sc->rssadapt_ch, hz / 10,
819 rt2661_update_rssadapt, sc);
820 rt2661_enable_tsf_sync(sc);
823 case IEEE80211_S_SCAN:
824 case IEEE80211_S_AUTH:
825 case IEEE80211_S_ASSOC:
830 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg);
834 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or
838 rt2661_eeprom_read(struct rt2661_softc *sc, uint8_t addr)
844 /* clock C once before the first command */
845 RT2661_EEPROM_CTL(sc, 0);
847 RT2661_EEPROM_CTL(sc, RT2661_S);
848 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
849 RT2661_EEPROM_CTL(sc, RT2661_S);
851 /* write start bit (1) */
852 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D);
853 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C);
855 /* write READ opcode (10) */
856 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D);
857 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_D | RT2661_C);
858 RT2661_EEPROM_CTL(sc, RT2661_S);
859 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
861 /* write address (A5-A0 or A7-A0) */
862 n = (RAL_READ(sc, RT2661_E2PROM_CSR) & RT2661_93C46) ? 5 : 7;
863 for (; n >= 0; n--) {
864 RT2661_EEPROM_CTL(sc, RT2661_S |
865 (((addr >> n) & 1) << RT2661_SHIFT_D));
866 RT2661_EEPROM_CTL(sc, RT2661_S |
867 (((addr >> n) & 1) << RT2661_SHIFT_D) | RT2661_C);
870 RT2661_EEPROM_CTL(sc, RT2661_S);
872 /* read data Q15-Q0 */
874 for (n = 15; n >= 0; n--) {
875 RT2661_EEPROM_CTL(sc, RT2661_S | RT2661_C);
876 tmp = RAL_READ(sc, RT2661_E2PROM_CSR);
877 val |= ((tmp & RT2661_Q) >> RT2661_SHIFT_Q) << n;
878 RT2661_EEPROM_CTL(sc, RT2661_S);
881 RT2661_EEPROM_CTL(sc, 0);
883 /* clear Chip Select and clock C */
884 RT2661_EEPROM_CTL(sc, RT2661_S);
885 RT2661_EEPROM_CTL(sc, 0);
886 RT2661_EEPROM_CTL(sc, RT2661_C);
892 rt2661_tx_intr(struct rt2661_softc *sc)
894 struct ieee80211com *ic = &sc->sc_ic;
895 struct ifnet *ifp = ic->ic_ifp;
896 struct rt2661_tx_ring *txq;
897 struct rt2661_tx_data *data;
898 struct rt2661_node *rn;
903 struct ieee80211_node *ni;
906 val = RAL_READ(sc, RT2661_STA_CSR4);
907 if (!(val & RT2661_TX_STAT_VALID))
910 /* retrieve the queue in which this frame was sent */
911 qid = RT2661_TX_QID(val);
912 txq = (qid <= 3) ? &sc->txq[qid] : &sc->mgtq;
914 /* retrieve rate control algorithm context */
915 data = &txq->data[txq->stat];
921 /* if no frame has been sent, ignore */
925 rn = (struct rt2661_node *)ni;
927 switch (RT2661_TX_RESULT(val)) {
928 case RT2661_TX_SUCCESS:
929 retrycnt = RT2661_TX_RETRYCNT(val);
931 DPRINTFN(10, ("data frame sent successfully after "
932 "%d retries\n", retrycnt));
933 if (retrycnt == 0 && data->id.id_node != NULL) {
934 ral_rssadapt_raise_rate(ic, &rn->rssadapt,
940 case RT2661_TX_RETRY_FAIL:
941 DPRINTFN(9, ("sending data frame failed (too much "
943 if (data->id.id_node != NULL) {
944 ral_rssadapt_lower_rate(ic, ni,
945 &rn->rssadapt, &data->id);
952 device_printf(sc->sc_dev,
953 "sending data frame failed 0x%08x\n", val);
957 DPRINTFN(15, ("tx done q=%d idx=%u\n", qid, txq->stat));
960 if (++txq->stat >= txq->count) /* faster than % count */
963 if (m->m_flags & M_TXCB)
964 ieee80211_process_callback(ni, m,
965 RT2661_TX_RESULT(val) != RT2661_TX_SUCCESS);
967 ieee80211_free_node(ni);
971 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
976 rt2661_tx_dma_intr(struct rt2661_softc *sc, struct rt2661_tx_ring *txq)
978 struct rt2661_tx_desc *desc;
979 struct rt2661_tx_data *data;
981 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_POSTREAD);
984 desc = &txq->desc[txq->next];
985 data = &txq->data[txq->next];
987 if ((le32toh(desc->flags) & RT2661_TX_BUSY) ||
988 !(le32toh(desc->flags) & RT2661_TX_VALID))
991 bus_dmamap_sync(txq->data_dmat, data->map,
992 BUS_DMASYNC_POSTWRITE);
993 bus_dmamap_unload(txq->data_dmat, data->map);
995 /* descriptor is no longer valid */
996 desc->flags &= ~htole32(RT2661_TX_VALID);
998 DPRINTFN(15, ("tx dma done q=%p idx=%u\n", txq, txq->next));
1000 if (++txq->next >= txq->count) /* faster than % count */
1004 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE);
1008 rt2661_rx_intr(struct rt2661_softc *sc)
1010 struct ieee80211com *ic = &sc->sc_ic;
1011 struct ifnet *ifp = ic->ic_ifp;
1012 struct rt2661_rx_desc *desc;
1013 struct rt2661_rx_data *data;
1014 bus_addr_t physaddr;
1015 struct ieee80211_frame *wh;
1016 struct ieee80211_node *ni;
1017 struct rt2661_node *rn;
1018 struct mbuf *mnew, *m;
1021 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1022 BUS_DMASYNC_POSTREAD);
1027 desc = &sc->rxq.desc[sc->rxq.cur];
1028 data = &sc->rxq.data[sc->rxq.cur];
1030 if (le32toh(desc->flags) & RT2661_RX_BUSY)
1033 if ((le32toh(desc->flags) & RT2661_RX_PHY_ERROR) ||
1034 (le32toh(desc->flags) & RT2661_RX_CRC_ERROR)) {
1036 * This should not happen since we did not request
1037 * to receive those frames when we filled TXRX_CSR0.
1039 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n",
1040 le32toh(desc->flags)));
1045 if ((le32toh(desc->flags) & RT2661_RX_CIPHER_MASK) != 0) {
1051 * Try to allocate a new mbuf for this ring element and load it
1052 * before processing the current mbuf. If the ring element
1053 * cannot be loaded, drop the received packet and reuse the old
1054 * mbuf. In the unlikely case that the old mbuf can't be
1055 * reloaded either, explicitly panic.
1057 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR);
1063 bus_dmamap_sync(sc->rxq.data_dmat, data->map,
1064 BUS_DMASYNC_POSTREAD);
1065 bus_dmamap_unload(sc->rxq.data_dmat, data->map);
1067 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1068 mtod(mnew, void *), MCLBYTES, rt2661_dma_map_addr,
1073 /* try to reload the old mbuf */
1074 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1075 mtod(data->m, void *), MCLBYTES,
1076 rt2661_dma_map_addr, &physaddr, 0);
1078 /* very unlikely that it will fail... */
1079 panic("%s: could not load old rx mbuf",
1080 device_get_name(sc->sc_dev));
1087 * New mbuf successfully loaded, update Rx ring and continue
1092 desc->physaddr = htole32(physaddr);
1095 m->m_pkthdr.rcvif = ifp;
1096 m->m_pkthdr.len = m->m_len =
1097 (le32toh(desc->flags) >> 16) & 0xfff;
1099 rssi = rt2661_get_rssi(sc, desc->rssi);
1101 if (bpf_peers_present(sc->sc_drvbpf)) {
1102 struct rt2661_rx_radiotap_header *tap = &sc->sc_rxtap;
1103 uint32_t tsf_lo, tsf_hi;
1105 /* get timestamp (low and high 32 bits) */
1106 tsf_hi = RAL_READ(sc, RT2661_TXRX_CSR13);
1107 tsf_lo = RAL_READ(sc, RT2661_TXRX_CSR12);
1110 htole64(((uint64_t)tsf_hi << 32) | tsf_lo);
1112 tap->wr_rate = rt2661_rxrate(desc);
1113 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq);
1114 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags);
1115 tap->wr_antsignal = rssi < 0 ? 0 : rssi;
1117 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m);
1119 sc->sc_flags |= RAL_INPUT_RUNNING;
1121 wh = mtod(m, struct ieee80211_frame *);
1122 ni = ieee80211_find_rxnode(ic,
1123 (struct ieee80211_frame_min *)wh);
1125 /* Error happened during RSSI conversion. */
1129 /* send the frame to the 802.11 layer */
1130 ieee80211_input(ic, m, ni, rssi, RT2661_NOISE_FLOOR, 0);
1132 /* give rssi to the rate adatation algorithm */
1133 rn = (struct rt2661_node *)ni;
1135 sc->sc_flags &= ~RAL_INPUT_RUNNING;
1136 ral_rssadapt_input(ic, ni, &rn->rssadapt, rssi);
1138 /* node is no longer needed */
1139 ieee80211_free_node(ni);
1141 skip: desc->flags |= htole32(RT2661_RX_BUSY);
1143 DPRINTFN(15, ("rx intr idx=%u\n", sc->rxq.cur));
1145 sc->rxq.cur = (sc->rxq.cur + 1) % RT2661_RX_RING_COUNT;
1148 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1149 BUS_DMASYNC_PREWRITE);
1154 rt2661_mcu_beacon_expire(struct rt2661_softc *sc)
1160 rt2661_mcu_wakeup(struct rt2661_softc *sc)
1162 RAL_WRITE(sc, RT2661_MAC_CSR11, 5 << 16);
1164 RAL_WRITE(sc, RT2661_SOFT_RESET_CSR, 0x7);
1165 RAL_WRITE(sc, RT2661_IO_CNTL_CSR, 0x18);
1166 RAL_WRITE(sc, RT2661_PCI_USEC_CSR, 0x20);
1168 /* send wakeup command to MCU */
1169 rt2661_tx_cmd(sc, RT2661_MCU_CMD_WAKEUP, 0);
1173 rt2661_mcu_cmd_intr(struct rt2661_softc *sc)
1175 RAL_READ(sc, RT2661_M2H_CMD_DONE_CSR);
1176 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff);
1180 rt2661_intr(void *arg)
1182 struct rt2661_softc *sc = arg;
1183 struct ifnet *ifp = sc->sc_ifp;
1188 /* disable MAC and MCU interrupts */
1189 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffff7f);
1190 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff);
1192 /* don't re-enable interrupts if we're shutting down */
1193 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) {
1198 r1 = RAL_READ(sc, RT2661_INT_SOURCE_CSR);
1199 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, r1);
1201 r2 = RAL_READ(sc, RT2661_MCU_INT_SOURCE_CSR);
1202 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, r2);
1204 if (r1 & RT2661_MGT_DONE)
1205 rt2661_tx_dma_intr(sc, &sc->mgtq);
1207 if (r1 & RT2661_RX_DONE)
1210 if (r1 & RT2661_TX0_DMA_DONE)
1211 rt2661_tx_dma_intr(sc, &sc->txq[0]);
1213 if (r1 & RT2661_TX1_DMA_DONE)
1214 rt2661_tx_dma_intr(sc, &sc->txq[1]);
1216 if (r1 & RT2661_TX2_DMA_DONE)
1217 rt2661_tx_dma_intr(sc, &sc->txq[2]);
1219 if (r1 & RT2661_TX3_DMA_DONE)
1220 rt2661_tx_dma_intr(sc, &sc->txq[3]);
1222 if (r1 & RT2661_TX_DONE)
1225 if (r2 & RT2661_MCU_CMD_DONE)
1226 rt2661_mcu_cmd_intr(sc);
1228 if (r2 & RT2661_MCU_BEACON_EXPIRE)
1229 rt2661_mcu_beacon_expire(sc);
1231 if (r2 & RT2661_MCU_WAKEUP)
1232 rt2661_mcu_wakeup(sc);
1234 /* re-enable MAC and MCU interrupts */
1235 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10);
1236 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0);
1241 /* quickly determine if a given rate is CCK or OFDM */
1242 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
1244 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */
1245 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */
1247 #define RAL_SIFS 10 /* us */
1250 * This function is only used by the Rx radiotap code. It returns the rate at
1251 * which a given frame was received.
1254 rt2661_rxrate(struct rt2661_rx_desc *desc)
1256 if (le32toh(desc->flags) & RT2661_RX_OFDM) {
1257 /* reverse function of rt2661_plcp_signal */
1258 switch (desc->rate & 0xf) {
1259 case 0xb: return 12;
1260 case 0xf: return 18;
1261 case 0xa: return 24;
1262 case 0xe: return 36;
1263 case 0x9: return 48;
1264 case 0xd: return 72;
1265 case 0x8: return 96;
1266 case 0xc: return 108;
1269 if (desc->rate == 10)
1271 if (desc->rate == 20)
1273 if (desc->rate == 55)
1275 if (desc->rate == 110)
1278 return 2; /* should not get there */
1282 * Return the expected ack rate for a frame transmitted at rate `rate'.
1283 * XXX: this should depend on the destination node basic rate set.
1286 rt2661_ack_rate(struct ieee80211com *ic, int rate)
1295 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate;
1311 /* default to 1Mbps */
1316 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'.
1317 * The function automatically determines the operating mode depending on the
1318 * given rate. `flags' indicates whether short preamble is in use or not.
1321 rt2661_txtime(int len, int rate, uint32_t flags)
1325 if (RAL_RATE_IS_OFDM(rate)) {
1326 /* IEEE Std 802.11a-1999, pp. 37 */
1327 txtime = (8 + 4 * len + 3 + rate - 1) / rate;
1328 txtime = 16 + 4 + 4 * txtime + 6;
1330 /* IEEE Std 802.11b-1999, pp. 28 */
1331 txtime = (16 * len + rate - 1) / rate;
1332 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE))
1342 rt2661_plcp_signal(int rate)
1345 /* CCK rates (returned values are device-dependent) */
1348 case 11: return 0x2;
1349 case 22: return 0x3;
1351 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
1352 case 12: return 0xb;
1353 case 18: return 0xf;
1354 case 24: return 0xa;
1355 case 36: return 0xe;
1356 case 48: return 0x9;
1357 case 72: return 0xd;
1358 case 96: return 0x8;
1359 case 108: return 0xc;
1361 /* unsupported rates (should not get there) */
1362 default: return 0xff;
1367 rt2661_setup_tx_desc(struct rt2661_softc *sc, struct rt2661_tx_desc *desc,
1368 uint32_t flags, uint16_t xflags, int len, int rate,
1369 const bus_dma_segment_t *segs, int nsegs, int ac)
1371 struct ieee80211com *ic = &sc->sc_ic;
1372 uint16_t plcp_length;
1375 desc->flags = htole32(flags);
1376 desc->flags |= htole32(len << 16);
1377 desc->flags |= htole32(RT2661_TX_BUSY | RT2661_TX_VALID);
1379 desc->xflags = htole16(xflags);
1380 desc->xflags |= htole16(nsegs << 13);
1382 desc->wme = htole16(
1385 RT2661_LOGCWMIN(4) |
1386 RT2661_LOGCWMAX(10));
1389 * Remember in which queue this frame was sent. This field is driver
1390 * private data only. It will be made available by the NIC in STA_CSR4
1395 /* setup PLCP fields */
1396 desc->plcp_signal = rt2661_plcp_signal(rate);
1397 desc->plcp_service = 4;
1399 len += IEEE80211_CRC_LEN;
1400 if (RAL_RATE_IS_OFDM(rate)) {
1401 desc->flags |= htole32(RT2661_TX_OFDM);
1403 plcp_length = len & 0xfff;
1404 desc->plcp_length_hi = plcp_length >> 6;
1405 desc->plcp_length_lo = plcp_length & 0x3f;
1407 plcp_length = (16 * len + rate - 1) / rate;
1409 remainder = (16 * len) % 22;
1410 if (remainder != 0 && remainder < 7)
1411 desc->plcp_service |= RT2661_PLCP_LENGEXT;
1413 desc->plcp_length_hi = plcp_length >> 8;
1414 desc->plcp_length_lo = plcp_length & 0xff;
1416 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
1417 desc->plcp_signal |= 0x08;
1420 /* RT2x61 supports scatter with up to 5 segments */
1421 for (i = 0; i < nsegs; i++) {
1422 desc->addr[i] = htole32(segs[i].ds_addr);
1423 desc->len [i] = htole16(segs[i].ds_len);
1428 rt2661_tx_mgt(struct rt2661_softc *sc, struct mbuf *m0,
1429 struct ieee80211_node *ni)
1431 struct ieee80211com *ic = &sc->sc_ic;
1432 struct rt2661_tx_desc *desc;
1433 struct rt2661_tx_data *data;
1434 struct ieee80211_frame *wh;
1435 bus_dma_segment_t segs[RT2661_MAX_SCATTER];
1437 uint32_t flags = 0; /* XXX HWSEQ */
1438 int nsegs, rate, error;
1440 desc = &sc->mgtq.desc[sc->mgtq.cur];
1441 data = &sc->mgtq.data[sc->mgtq.cur];
1443 /* send mgt frames at the lowest available rate */
1444 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
1446 error = bus_dmamap_load_mbuf_sg(sc->mgtq.data_dmat, data->map, m0,
1449 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1455 if (bpf_peers_present(sc->sc_drvbpf)) {
1456 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap;
1459 tap->wt_rate = rate;
1460 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq);
1461 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags);
1463 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0);
1469 wh = mtod(m0, struct ieee80211_frame *);
1471 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1472 flags |= RT2661_TX_NEED_ACK;
1474 dur = rt2661_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) +
1476 *(uint16_t *)wh->i_dur = htole16(dur);
1478 /* tell hardware to add timestamp in probe responses */
1480 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
1481 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
1482 flags |= RT2661_TX_TIMESTAMP;
1485 rt2661_setup_tx_desc(sc, desc, flags, 0 /* XXX HWSEQ */,
1486 m0->m_pkthdr.len, rate, segs, nsegs, RT2661_QID_MGT);
1488 bus_dmamap_sync(sc->mgtq.data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1489 bus_dmamap_sync(sc->mgtq.desc_dmat, sc->mgtq.desc_map,
1490 BUS_DMASYNC_PREWRITE);
1492 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n",
1493 m0->m_pkthdr.len, sc->mgtq.cur, rate));
1497 sc->mgtq.cur = (sc->mgtq.cur + 1) % RT2661_MGT_RING_COUNT;
1498 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, RT2661_KICK_MGT);
1504 * Build a RTS control frame.
1506 static struct mbuf *
1507 rt2661_get_rts(struct rt2661_softc *sc, struct ieee80211_frame *wh,
1510 struct ieee80211_frame_rts *rts;
1513 MGETHDR(m, M_DONTWAIT, MT_DATA);
1515 sc->sc_ic.ic_stats.is_tx_nobuf++;
1516 device_printf(sc->sc_dev, "could not allocate RTS frame\n");
1520 rts = mtod(m, struct ieee80211_frame_rts *);
1522 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL |
1523 IEEE80211_FC0_SUBTYPE_RTS;
1524 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS;
1525 *(uint16_t *)rts->i_dur = htole16(dur);
1526 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1);
1527 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2);
1529 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts);
1535 rt2661_tx_data(struct rt2661_softc *sc, struct mbuf *m0,
1536 struct ieee80211_node *ni, int ac)
1538 struct ieee80211com *ic = &sc->sc_ic;
1539 struct rt2661_tx_ring *txq = &sc->txq[ac];
1540 struct rt2661_tx_desc *desc;
1541 struct rt2661_tx_data *data;
1542 struct rt2661_node *rn;
1543 struct ieee80211_frame *wh;
1544 struct ieee80211_key *k;
1545 const struct chanAccParams *cap;
1547 bus_dma_segment_t segs[RT2661_MAX_SCATTER];
1550 int error, nsegs, rate, noack = 0;
1552 wh = mtod(m0, struct ieee80211_frame *);
1554 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) {
1555 rate = ic->ic_fixed_rate;
1557 struct ieee80211_rateset *rs;
1560 rn = (struct rt2661_node *)ni;
1561 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs,
1562 wh, m0->m_pkthdr.len, NULL, 0);
1563 rate = rs->rs_rates[ni->ni_txrate];
1565 rate &= IEEE80211_RATE_VAL;
1567 if (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_QOS) {
1568 cap = &ic->ic_wme.wme_chanParams;
1569 noack = cap->cap_wmeParams[ac].wmep_noackPolicy;
1572 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1573 k = ieee80211_crypto_encap(ic, ni, m0);
1579 /* packet header may have moved, reset our local pointer */
1580 wh = mtod(m0, struct ieee80211_frame *);
1584 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange
1585 * for directed frames only when the length of the MPDU is greater
1586 * than the length threshold indicated by [...]" ic_rtsthreshold.
1588 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
1589 m0->m_pkthdr.len > ic->ic_rtsthreshold) {
1592 int rtsrate, ackrate;
1594 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
1595 ackrate = rt2661_ack_rate(ic, rate);
1597 dur = rt2661_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) +
1598 rt2661_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) +
1599 /* XXX: noack (QoS)? */
1600 rt2661_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) +
1603 m = rt2661_get_rts(sc, wh, dur);
1605 desc = &txq->desc[txq->cur];
1606 data = &txq->data[txq->cur];
1608 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m,
1611 device_printf(sc->sc_dev,
1612 "could not map mbuf (error %d)\n", error);
1618 /* avoid multiple free() of the same node for each fragment */
1619 ieee80211_ref_node(ni);
1624 /* RTS frames are not taken into account for rssadapt */
1625 data->id.id_node = NULL;
1627 rt2661_setup_tx_desc(sc, desc, RT2661_TX_NEED_ACK |
1628 RT2661_TX_MORE_FRAG, 0, m->m_pkthdr.len, rtsrate, segs,
1631 bus_dmamap_sync(txq->data_dmat, data->map,
1632 BUS_DMASYNC_PREWRITE);
1635 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT;
1638 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the
1639 * asynchronous data frame shall be transmitted after the CTS
1640 * frame and a SIFS period.
1642 flags |= RT2661_TX_LONG_RETRY | RT2661_TX_IFS;
1645 data = &txq->data[txq->cur];
1646 desc = &txq->desc[txq->cur];
1648 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs,
1650 if (error != 0 && error != EFBIG) {
1651 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1657 mnew = m_defrag(m0, M_DONTWAIT);
1659 device_printf(sc->sc_dev,
1660 "could not defragment mbuf\n");
1666 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0,
1669 device_printf(sc->sc_dev,
1670 "could not map mbuf (error %d)\n", error);
1675 /* packet header have moved, reset our local pointer */
1676 wh = mtod(m0, struct ieee80211_frame *);
1679 if (bpf_peers_present(sc->sc_drvbpf)) {
1680 struct rt2661_tx_radiotap_header *tap = &sc->sc_txtap;
1683 tap->wt_rate = rate;
1684 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq);
1685 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags);
1687 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0);
1693 /* remember link conditions for rate adaptation algorithm */
1694 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) {
1695 data->id.id_len = m0->m_pkthdr.len;
1696 data->id.id_rateidx = ni->ni_txrate;
1697 data->id.id_node = ni;
1698 data->id.id_rssi = ni->ni_rssi;
1700 data->id.id_node = NULL;
1702 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1703 flags |= RT2661_TX_NEED_ACK;
1705 dur = rt2661_txtime(RAL_ACK_SIZE, rt2661_ack_rate(ic, rate),
1706 ic->ic_flags) + RAL_SIFS;
1707 *(uint16_t *)wh->i_dur = htole16(dur);
1710 rt2661_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate, segs,
1713 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1714 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE);
1716 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n",
1717 m0->m_pkthdr.len, txq->cur, rate));
1721 txq->cur = (txq->cur + 1) % RT2661_TX_RING_COUNT;
1722 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 1 << ac);
1728 rt2661_start(struct ifnet *ifp)
1730 struct rt2661_softc *sc = ifp->if_softc;
1731 struct ieee80211com *ic = &sc->sc_ic;
1733 struct ether_header *eh;
1734 struct ieee80211_node *ni;
1739 /* prevent management frames from being sent if we're not ready */
1740 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING) || sc->sc_invalid) {
1746 IF_POLL(&ic->ic_mgtq, m0);
1748 if (sc->mgtq.queued >= RT2661_MGT_RING_COUNT) {
1749 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
1752 IF_DEQUEUE(&ic->ic_mgtq, m0);
1754 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif;
1755 m0->m_pkthdr.rcvif = NULL;
1757 if (bpf_peers_present(ic->ic_rawbpf))
1758 bpf_mtap(ic->ic_rawbpf, m0);
1760 if (rt2661_tx_mgt(sc, m0, ni) != 0) {
1761 ieee80211_free_node(ni);
1765 if (ic->ic_state != IEEE80211_S_RUN)
1768 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0);
1772 * Cancel any background scan.
1774 if (ic->ic_flags & IEEE80211_F_SCAN)
1775 ieee80211_cancel_scan(ic);
1777 if (m0->m_len < sizeof (struct ether_header) &&
1778 !(m0 = m_pullup(m0, sizeof (struct ether_header))))
1781 eh = mtod(m0, struct ether_header *);
1782 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1789 /* classify mbuf so we can find which tx ring to use */
1790 if (ieee80211_classify(ic, m0, ni) != 0) {
1792 ieee80211_free_node(ni);
1797 /* no QoS encapsulation for EAPOL frames */
1798 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ?
1799 M_WME_GETAC(m0) : WME_AC_BE;
1801 if (sc->txq[ac].queued >= RT2661_TX_RING_COUNT - 1) {
1802 /* there is no place left in this ring */
1803 IFQ_DRV_PREPEND(&ifp->if_snd, m0);
1804 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
1805 ieee80211_free_node(ni);
1811 m0 = ieee80211_encap(ic, m0, ni);
1813 ieee80211_free_node(ni);
1818 if (bpf_peers_present(ic->ic_rawbpf))
1819 bpf_mtap(ic->ic_rawbpf, m0);
1821 if (rt2661_tx_data(sc, m0, ni, ac) != 0) {
1822 ieee80211_free_node(ni);
1828 sc->sc_tx_timer = 5;
1829 ic->ic_lastdata = ticks;
1830 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc);
1837 rt2661_watchdog(void *arg)
1839 struct rt2661_softc *sc = (struct rt2661_softc *)arg;
1841 if (sc->sc_tx_timer > 0 && !sc->sc_invalid) {
1842 if (--sc->sc_tx_timer == 0) {
1843 device_printf(sc->sc_dev, "device timeout\n");
1845 sc->sc_ifp->if_oerrors++;
1848 callout_reset(&sc->watchdog_ch, hz, rt2661_watchdog, sc);
1853 * This function allows for fast channel switching in monitor mode (used by
1854 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to
1855 * generate a new beacon frame.
1858 rt2661_reset(struct ifnet *ifp)
1860 struct rt2661_softc *sc = ifp->if_softc;
1861 struct ieee80211com *ic = &sc->sc_ic;
1863 if (ic->ic_opmode != IEEE80211_M_MONITOR)
1866 rt2661_set_chan(sc, ic->ic_curchan);
1872 rt2661_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
1874 struct rt2661_softc *sc = ifp->if_softc;
1875 struct ieee80211com *ic = &sc->sc_ic;
1880 if (ifp->if_flags & IFF_UP) {
1881 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
1882 rt2661_update_promisc(sc);
1886 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
1892 error = ieee80211_ioctl(ic, cmd, data);
1895 if (error == ENETRESET) {
1896 if ((ifp->if_flags & IFF_UP) &&
1897 (ifp->if_drv_flags & IFF_DRV_RUNNING) &&
1898 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL))
1907 rt2661_bbp_write(struct rt2661_softc *sc, uint8_t reg, uint8_t val)
1912 for (ntries = 0; ntries < 100; ntries++) {
1913 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY))
1917 if (ntries == 100) {
1918 device_printf(sc->sc_dev, "could not write to BBP\n");
1922 tmp = RT2661_BBP_BUSY | (reg & 0x7f) << 8 | val;
1923 RAL_WRITE(sc, RT2661_PHY_CSR3, tmp);
1925 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val));
1929 rt2661_bbp_read(struct rt2661_softc *sc, uint8_t reg)
1934 for (ntries = 0; ntries < 100; ntries++) {
1935 if (!(RAL_READ(sc, RT2661_PHY_CSR3) & RT2661_BBP_BUSY))
1939 if (ntries == 100) {
1940 device_printf(sc->sc_dev, "could not read from BBP\n");
1944 val = RT2661_BBP_BUSY | RT2661_BBP_READ | reg << 8;
1945 RAL_WRITE(sc, RT2661_PHY_CSR3, val);
1947 for (ntries = 0; ntries < 100; ntries++) {
1948 val = RAL_READ(sc, RT2661_PHY_CSR3);
1949 if (!(val & RT2661_BBP_BUSY))
1954 device_printf(sc->sc_dev, "could not read from BBP\n");
1959 rt2661_rf_write(struct rt2661_softc *sc, uint8_t reg, uint32_t val)
1964 for (ntries = 0; ntries < 100; ntries++) {
1965 if (!(RAL_READ(sc, RT2661_PHY_CSR4) & RT2661_RF_BUSY))
1969 if (ntries == 100) {
1970 device_printf(sc->sc_dev, "could not write to RF\n");
1974 tmp = RT2661_RF_BUSY | RT2661_RF_21BIT | (val & 0x1fffff) << 2 |
1976 RAL_WRITE(sc, RT2661_PHY_CSR4, tmp);
1978 /* remember last written value in sc */
1979 sc->rf_regs[reg] = val;
1981 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0x1fffff));
1985 rt2661_tx_cmd(struct rt2661_softc *sc, uint8_t cmd, uint16_t arg)
1987 if (RAL_READ(sc, RT2661_H2M_MAILBOX_CSR) & RT2661_H2M_BUSY)
1988 return EIO; /* there is already a command pending */
1990 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR,
1991 RT2661_H2M_BUSY | RT2661_TOKEN_NO_INTR << 16 | arg);
1993 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, RT2661_KICK_CMD | cmd);
1999 rt2661_select_antenna(struct rt2661_softc *sc)
2001 uint8_t bbp4, bbp77;
2004 bbp4 = rt2661_bbp_read(sc, 4);
2005 bbp77 = rt2661_bbp_read(sc, 77);
2009 /* make sure Rx is disabled before switching antenna */
2010 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2011 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2013 rt2661_bbp_write(sc, 4, bbp4);
2014 rt2661_bbp_write(sc, 77, bbp77);
2016 /* restore Rx filter */
2017 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2021 * Enable multi-rate retries for frames sent at OFDM rates.
2022 * In 802.11b/g mode, allow fallback to CCK rates.
2025 rt2661_enable_mrr(struct rt2661_softc *sc)
2027 struct ieee80211com *ic = &sc->sc_ic;
2030 tmp = RAL_READ(sc, RT2661_TXRX_CSR4);
2032 tmp &= ~RT2661_MRR_CCK_FALLBACK;
2033 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan))
2034 tmp |= RT2661_MRR_CCK_FALLBACK;
2035 tmp |= RT2661_MRR_ENABLED;
2037 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp);
2041 rt2661_set_txpreamble(struct rt2661_softc *sc)
2045 tmp = RAL_READ(sc, RT2661_TXRX_CSR4);
2047 tmp &= ~RT2661_SHORT_PREAMBLE;
2048 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
2049 tmp |= RT2661_SHORT_PREAMBLE;
2051 RAL_WRITE(sc, RT2661_TXRX_CSR4, tmp);
2055 * Supported rates for 802.11g. XXX should use ic_sup_rates.
2057 static const struct ieee80211_rateset rt2661_rateset_11g =
2058 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
2061 rt2661_set_basicrates(struct rt2661_softc *sc,
2062 const struct ieee80211_rateset *rs)
2064 #define RV(r) ((r) & IEEE80211_RATE_VAL)
2065 struct ieee80211com *ic = &sc->sc_ic;
2070 for (i = 0; i < rs->rs_nrates; i++) {
2071 rate = rs->rs_rates[i];
2073 if (!(rate & IEEE80211_RATE_BASIC))
2077 * Find h/w rate index. We know it exists because the rate
2078 * set has already been negotiated.
2080 for (j = 0; ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates[j] != RV(rate); j++);
2085 RAL_WRITE(sc, RT2661_TXRX_CSR5, mask);
2087 DPRINTF(("Setting basic rate mask to 0x%x\n", mask));
2092 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference
2096 rt2661_select_band(struct rt2661_softc *sc, struct ieee80211_channel *c)
2098 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104;
2101 /* update all BBP registers that depend on the band */
2102 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c;
2103 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48;
2104 if (IEEE80211_IS_CHAN_5GHZ(c)) {
2105 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c;
2106 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10;
2108 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
2109 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
2110 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10;
2113 rt2661_bbp_write(sc, 17, bbp17);
2114 rt2661_bbp_write(sc, 96, bbp96);
2115 rt2661_bbp_write(sc, 104, bbp104);
2117 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
2118 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
2119 rt2661_bbp_write(sc, 75, 0x80);
2120 rt2661_bbp_write(sc, 86, 0x80);
2121 rt2661_bbp_write(sc, 88, 0x80);
2124 rt2661_bbp_write(sc, 35, bbp35);
2125 rt2661_bbp_write(sc, 97, bbp97);
2126 rt2661_bbp_write(sc, 98, bbp98);
2128 tmp = RAL_READ(sc, RT2661_PHY_CSR0);
2129 tmp &= ~(RT2661_PA_PE_2GHZ | RT2661_PA_PE_5GHZ);
2130 if (IEEE80211_IS_CHAN_2GHZ(c))
2131 tmp |= RT2661_PA_PE_2GHZ;
2133 tmp |= RT2661_PA_PE_5GHZ;
2134 RAL_WRITE(sc, RT2661_PHY_CSR0, tmp);
2138 rt2661_set_chan(struct rt2661_softc *sc, struct ieee80211_channel *c)
2140 struct ieee80211com *ic = &sc->sc_ic;
2141 const struct rfprog *rfprog;
2142 uint8_t bbp3, bbp94 = RT2661_BBPR94_DEFAULT;
2146 chan = ieee80211_chan2ieee(ic, c);
2147 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
2150 /* select the appropriate RF settings based on what EEPROM says */
2151 rfprog = (sc->rfprog == 0) ? rt2661_rf5225_1 : rt2661_rf5225_2;
2153 /* find the settings for this channel (we know it exists) */
2154 for (i = 0; rfprog[i].chan != chan; i++);
2156 power = sc->txpow[i];
2160 } else if (power > 31) {
2161 bbp94 += power - 31;
2166 * If we are switching from the 2GHz band to the 5GHz band or
2167 * vice-versa, BBP registers need to be reprogrammed.
2169 if (c->ic_flags != sc->sc_curchan->ic_flags) {
2170 rt2661_select_band(sc, c);
2171 rt2661_select_antenna(sc);
2175 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2176 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2177 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7);
2178 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2182 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2183 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2184 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7 | 1);
2185 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2189 rt2661_rf_write(sc, RAL_RF1, rfprog[i].r1);
2190 rt2661_rf_write(sc, RAL_RF2, rfprog[i].r2);
2191 rt2661_rf_write(sc, RAL_RF3, rfprog[i].r3 | power << 7);
2192 rt2661_rf_write(sc, RAL_RF4, rfprog[i].r4 | sc->rffreq << 10);
2194 /* enable smart mode for MIMO-capable RFs */
2195 bbp3 = rt2661_bbp_read(sc, 3);
2197 bbp3 &= ~RT2661_SMART_MODE;
2198 if (sc->rf_rev == RT2661_RF_5325 || sc->rf_rev == RT2661_RF_2529)
2199 bbp3 |= RT2661_SMART_MODE;
2201 rt2661_bbp_write(sc, 3, bbp3);
2203 if (bbp94 != RT2661_BBPR94_DEFAULT)
2204 rt2661_bbp_write(sc, 94, bbp94);
2206 /* 5GHz radio needs a 1ms delay here */
2207 if (IEEE80211_IS_CHAN_5GHZ(c))
2212 rt2661_set_bssid(struct rt2661_softc *sc, const uint8_t *bssid)
2216 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24;
2217 RAL_WRITE(sc, RT2661_MAC_CSR4, tmp);
2219 tmp = bssid[4] | bssid[5] << 8 | RT2661_ONE_BSSID << 16;
2220 RAL_WRITE(sc, RT2661_MAC_CSR5, tmp);
2224 rt2661_set_macaddr(struct rt2661_softc *sc, const uint8_t *addr)
2228 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24;
2229 RAL_WRITE(sc, RT2661_MAC_CSR2, tmp);
2231 tmp = addr[4] | addr[5] << 8;
2232 RAL_WRITE(sc, RT2661_MAC_CSR3, tmp);
2236 rt2661_update_promisc(struct rt2661_softc *sc)
2238 struct ifnet *ifp = sc->sc_ic.ic_ifp;
2241 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2243 tmp &= ~RT2661_DROP_NOT_TO_ME;
2244 if (!(ifp->if_flags & IFF_PROMISC))
2245 tmp |= RT2661_DROP_NOT_TO_ME;
2247 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2249 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
2250 "entering" : "leaving"));
2254 * Update QoS (802.11e) settings for each h/w Tx ring.
2257 rt2661_wme_update(struct ieee80211com *ic)
2259 struct rt2661_softc *sc = ic->ic_ifp->if_softc;
2260 const struct wmeParams *wmep;
2262 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams;
2264 /* XXX: not sure about shifts. */
2265 /* XXX: the reference driver plays with AC_VI settings too. */
2268 RAL_WRITE(sc, RT2661_AC_TXOP_CSR0,
2269 wmep[WME_AC_BE].wmep_txopLimit << 16 |
2270 wmep[WME_AC_BK].wmep_txopLimit);
2271 RAL_WRITE(sc, RT2661_AC_TXOP_CSR1,
2272 wmep[WME_AC_VI].wmep_txopLimit << 16 |
2273 wmep[WME_AC_VO].wmep_txopLimit);
2276 RAL_WRITE(sc, RT2661_CWMIN_CSR,
2277 wmep[WME_AC_BE].wmep_logcwmin << 12 |
2278 wmep[WME_AC_BK].wmep_logcwmin << 8 |
2279 wmep[WME_AC_VI].wmep_logcwmin << 4 |
2280 wmep[WME_AC_VO].wmep_logcwmin);
2283 RAL_WRITE(sc, RT2661_CWMAX_CSR,
2284 wmep[WME_AC_BE].wmep_logcwmax << 12 |
2285 wmep[WME_AC_BK].wmep_logcwmax << 8 |
2286 wmep[WME_AC_VI].wmep_logcwmax << 4 |
2287 wmep[WME_AC_VO].wmep_logcwmax);
2290 RAL_WRITE(sc, RT2661_AIFSN_CSR,
2291 wmep[WME_AC_BE].wmep_aifsn << 12 |
2292 wmep[WME_AC_BK].wmep_aifsn << 8 |
2293 wmep[WME_AC_VI].wmep_aifsn << 4 |
2294 wmep[WME_AC_VO].wmep_aifsn);
2300 rt2661_update_slot(struct ifnet *ifp)
2302 struct rt2661_softc *sc = ifp->if_softc;
2303 struct ieee80211com *ic = &sc->sc_ic;
2307 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
2309 tmp = RAL_READ(sc, RT2661_MAC_CSR9);
2310 tmp = (tmp & ~0xff) | slottime;
2311 RAL_WRITE(sc, RT2661_MAC_CSR9, tmp);
2315 rt2661_get_rf(int rev)
2318 case RT2661_RF_5225: return "RT5225";
2319 case RT2661_RF_5325: return "RT5325 (MIMO XR)";
2320 case RT2661_RF_2527: return "RT2527";
2321 case RT2661_RF_2529: return "RT2529 (MIMO XR)";
2322 default: return "unknown";
2327 rt2661_read_eeprom(struct rt2661_softc *sc)
2329 struct ieee80211com *ic = &sc->sc_ic;
2333 /* read MAC address */
2334 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC01);
2335 ic->ic_myaddr[0] = val & 0xff;
2336 ic->ic_myaddr[1] = val >> 8;
2338 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC23);
2339 ic->ic_myaddr[2] = val & 0xff;
2340 ic->ic_myaddr[3] = val >> 8;
2342 val = rt2661_eeprom_read(sc, RT2661_EEPROM_MAC45);
2343 ic->ic_myaddr[4] = val & 0xff;
2344 ic->ic_myaddr[5] = val >> 8;
2346 val = rt2661_eeprom_read(sc, RT2661_EEPROM_ANTENNA);
2347 /* XXX: test if different from 0xffff? */
2348 sc->rf_rev = (val >> 11) & 0x1f;
2349 sc->hw_radio = (val >> 10) & 0x1;
2350 sc->rx_ant = (val >> 4) & 0x3;
2351 sc->tx_ant = (val >> 2) & 0x3;
2352 sc->nb_ant = val & 0x3;
2354 DPRINTF(("RF revision=%d\n", sc->rf_rev));
2356 val = rt2661_eeprom_read(sc, RT2661_EEPROM_CONFIG2);
2357 sc->ext_5ghz_lna = (val >> 6) & 0x1;
2358 sc->ext_2ghz_lna = (val >> 4) & 0x1;
2360 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n",
2361 sc->ext_2ghz_lna, sc->ext_5ghz_lna));
2363 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_2GHZ_OFFSET);
2364 if ((val & 0xff) != 0xff)
2365 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */
2367 /* Only [-10, 10] is valid */
2368 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10)
2369 sc->rssi_2ghz_corr = 0;
2371 val = rt2661_eeprom_read(sc, RT2661_EEPROM_RSSI_5GHZ_OFFSET);
2372 if ((val & 0xff) != 0xff)
2373 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */
2375 /* Only [-10, 10] is valid */
2376 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10)
2377 sc->rssi_5ghz_corr = 0;
2379 /* adjust RSSI correction for external low-noise amplifier */
2380 if (sc->ext_2ghz_lna)
2381 sc->rssi_2ghz_corr -= 14;
2382 if (sc->ext_5ghz_lna)
2383 sc->rssi_5ghz_corr -= 14;
2385 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n",
2386 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr));
2388 val = rt2661_eeprom_read(sc, RT2661_EEPROM_FREQ_OFFSET);
2389 if ((val >> 8) != 0xff)
2390 sc->rfprog = (val >> 8) & 0x3;
2391 if ((val & 0xff) != 0xff)
2392 sc->rffreq = val & 0xff;
2394 DPRINTF(("RF prog=%d\nRF freq=%d\n", sc->rfprog, sc->rffreq));
2396 /* read Tx power for all a/b/g channels */
2397 for (i = 0; i < 19; i++) {
2398 val = rt2661_eeprom_read(sc, RT2661_EEPROM_TXPOWER + i);
2399 sc->txpow[i * 2] = (int8_t)(val >> 8); /* signed */
2400 DPRINTF(("Channel=%d Tx power=%d\n",
2401 rt2661_rf5225_1[i * 2].chan, sc->txpow[i * 2]));
2402 sc->txpow[i * 2 + 1] = (int8_t)(val & 0xff); /* signed */
2403 DPRINTF(("Channel=%d Tx power=%d\n",
2404 rt2661_rf5225_1[i * 2 + 1].chan, sc->txpow[i * 2 + 1]));
2407 /* read vendor-specific BBP values */
2408 for (i = 0; i < 16; i++) {
2409 val = rt2661_eeprom_read(sc, RT2661_EEPROM_BBP_BASE + i);
2410 if (val == 0 || val == 0xffff)
2411 continue; /* skip invalid entries */
2412 sc->bbp_prom[i].reg = val >> 8;
2413 sc->bbp_prom[i].val = val & 0xff;
2414 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg,
2415 sc->bbp_prom[i].val));
2420 rt2661_bbp_init(struct rt2661_softc *sc)
2422 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2426 /* wait for BBP to be ready */
2427 for (ntries = 0; ntries < 100; ntries++) {
2428 val = rt2661_bbp_read(sc, 0);
2429 if (val != 0 && val != 0xff)
2433 if (ntries == 100) {
2434 device_printf(sc->sc_dev, "timeout waiting for BBP\n");
2438 /* initialize BBP registers to default values */
2439 for (i = 0; i < N(rt2661_def_bbp); i++) {
2440 rt2661_bbp_write(sc, rt2661_def_bbp[i].reg,
2441 rt2661_def_bbp[i].val);
2444 /* write vendor-specific BBP values (from EEPROM) */
2445 for (i = 0; i < 16; i++) {
2446 if (sc->bbp_prom[i].reg == 0)
2448 rt2661_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val);
2456 rt2661_init(void *priv)
2458 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2459 struct rt2661_softc *sc = priv;
2460 struct ieee80211com *ic = &sc->sc_ic;
2461 struct ifnet *ifp = ic->ic_ifp;
2462 uint32_t tmp, sta[3];
2467 rt2661_stop_locked(sc);
2469 /* initialize Tx rings */
2470 RAL_WRITE(sc, RT2661_AC1_BASE_CSR, sc->txq[1].physaddr);
2471 RAL_WRITE(sc, RT2661_AC0_BASE_CSR, sc->txq[0].physaddr);
2472 RAL_WRITE(sc, RT2661_AC2_BASE_CSR, sc->txq[2].physaddr);
2473 RAL_WRITE(sc, RT2661_AC3_BASE_CSR, sc->txq[3].physaddr);
2475 /* initialize Mgt ring */
2476 RAL_WRITE(sc, RT2661_MGT_BASE_CSR, sc->mgtq.physaddr);
2478 /* initialize Rx ring */
2479 RAL_WRITE(sc, RT2661_RX_BASE_CSR, sc->rxq.physaddr);
2481 /* initialize Tx rings sizes */
2482 RAL_WRITE(sc, RT2661_TX_RING_CSR0,
2483 RT2661_TX_RING_COUNT << 24 |
2484 RT2661_TX_RING_COUNT << 16 |
2485 RT2661_TX_RING_COUNT << 8 |
2486 RT2661_TX_RING_COUNT);
2488 RAL_WRITE(sc, RT2661_TX_RING_CSR1,
2489 RT2661_TX_DESC_WSIZE << 16 |
2490 RT2661_TX_RING_COUNT << 8 | /* XXX: HCCA ring unused */
2491 RT2661_MGT_RING_COUNT);
2493 /* initialize Rx rings */
2494 RAL_WRITE(sc, RT2661_RX_RING_CSR,
2495 RT2661_RX_DESC_BACK << 16 |
2496 RT2661_RX_DESC_WSIZE << 8 |
2497 RT2661_RX_RING_COUNT);
2499 /* XXX: some magic here */
2500 RAL_WRITE(sc, RT2661_TX_DMA_DST_CSR, 0xaa);
2502 /* load base addresses of all 5 Tx rings (4 data + 1 mgt) */
2503 RAL_WRITE(sc, RT2661_LOAD_TX_RING_CSR, 0x1f);
2505 /* load base address of Rx ring */
2506 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 2);
2508 /* initialize MAC registers to default values */
2509 for (i = 0; i < N(rt2661_def_mac); i++)
2510 RAL_WRITE(sc, rt2661_def_mac[i].reg, rt2661_def_mac[i].val);
2512 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp));
2513 rt2661_set_macaddr(sc, ic->ic_myaddr);
2515 /* set host ready */
2516 RAL_WRITE(sc, RT2661_MAC_CSR1, 3);
2517 RAL_WRITE(sc, RT2661_MAC_CSR1, 0);
2519 /* wait for BBP/RF to wakeup */
2520 for (ntries = 0; ntries < 1000; ntries++) {
2521 if (RAL_READ(sc, RT2661_MAC_CSR12) & 8)
2525 if (ntries == 1000) {
2526 printf("timeout waiting for BBP/RF to wakeup\n");
2527 rt2661_stop_locked(sc);
2532 if (rt2661_bbp_init(sc) != 0) {
2533 rt2661_stop_locked(sc);
2538 /* select default channel */
2539 sc->sc_curchan = ic->ic_curchan;
2540 rt2661_select_band(sc, sc->sc_curchan);
2541 rt2661_select_antenna(sc);
2542 rt2661_set_chan(sc, sc->sc_curchan);
2544 /* update Rx filter */
2545 tmp = RAL_READ(sc, RT2661_TXRX_CSR0) & 0xffff;
2547 tmp |= RT2661_DROP_PHY_ERROR | RT2661_DROP_CRC_ERROR;
2548 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2549 tmp |= RT2661_DROP_CTL | RT2661_DROP_VER_ERROR |
2551 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
2552 tmp |= RT2661_DROP_TODS;
2553 if (!(ifp->if_flags & IFF_PROMISC))
2554 tmp |= RT2661_DROP_NOT_TO_ME;
2557 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2559 /* clear STA registers */
2560 RAL_READ_REGION_4(sc, RT2661_STA_CSR0, sta, N(sta));
2562 /* initialize ASIC */
2563 RAL_WRITE(sc, RT2661_MAC_CSR1, 4);
2565 /* clear any pending interrupt */
2566 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff);
2568 /* enable interrupts */
2569 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0x0000ff10);
2570 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0);
2573 RAL_WRITE(sc, RT2661_RX_CNTL_CSR, 1);
2576 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
2577 ifp->if_drv_flags |= IFF_DRV_RUNNING;
2579 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2580 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
2581 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2583 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2590 rt2661_stop(void *priv)
2592 struct rt2661_softc *sc = priv;
2595 rt2661_stop_locked(sc);
2600 rt2661_stop_locked(struct rt2661_softc *sc)
2602 struct ieee80211com *ic = &sc->sc_ic;
2603 struct ifnet *ifp = ic->ic_ifp;
2605 volatile int *flags = &sc->sc_flags;
2607 while (*flags & RAL_INPUT_RUNNING) {
2608 msleep(sc, &sc->sc_mtx, 0, "ralrunning", hz/10);
2611 if (ifp->if_drv_flags & IFF_DRV_RUNNING) {
2612 sc->sc_tx_timer = 0;
2613 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE);
2615 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
2617 /* abort Tx (for all 5 Tx rings) */
2618 RAL_WRITE(sc, RT2661_TX_CNTL_CSR, 0x1f << 16);
2620 /* disable Rx (value remains after reset!) */
2621 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2622 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2625 RAL_WRITE(sc, RT2661_MAC_CSR1, 3);
2626 RAL_WRITE(sc, RT2661_MAC_CSR1, 0);
2628 /* disable interrupts */
2629 RAL_WRITE(sc, RT2661_INT_MASK_CSR, 0xffffffff);
2630 RAL_WRITE(sc, RT2661_MCU_INT_MASK_CSR, 0xffffffff);
2632 /* clear any pending interrupt */
2633 RAL_WRITE(sc, RT2661_INT_SOURCE_CSR, 0xffffffff);
2634 RAL_WRITE(sc, RT2661_MCU_INT_SOURCE_CSR, 0xffffffff);
2636 /* reset Tx and Rx rings */
2637 rt2661_reset_tx_ring(sc, &sc->txq[0]);
2638 rt2661_reset_tx_ring(sc, &sc->txq[1]);
2639 rt2661_reset_tx_ring(sc, &sc->txq[2]);
2640 rt2661_reset_tx_ring(sc, &sc->txq[3]);
2641 rt2661_reset_tx_ring(sc, &sc->mgtq);
2642 rt2661_reset_rx_ring(sc, &sc->rxq);
2647 rt2661_load_microcode(struct rt2661_softc *sc, const uint8_t *ucode, int size)
2652 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET);
2654 /* cancel any pending Host to MCU command */
2655 RAL_WRITE(sc, RT2661_H2M_MAILBOX_CSR, 0);
2656 RAL_WRITE(sc, RT2661_M2H_CMD_DONE_CSR, 0xffffffff);
2657 RAL_WRITE(sc, RT2661_HOST_CMD_CSR, 0);
2659 /* write 8051's microcode */
2660 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET | RT2661_MCU_SEL);
2661 RAL_WRITE_REGION_1(sc, RT2661_MCU_CODE_BASE, ucode, size);
2662 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, RT2661_MCU_RESET);
2664 /* kick 8051's ass */
2665 RAL_WRITE(sc, RT2661_MCU_CNTL_CSR, 0);
2667 /* wait for 8051 to initialize */
2668 for (ntries = 0; ntries < 500; ntries++) {
2669 if (RAL_READ(sc, RT2661_MCU_CNTL_CSR) & RT2661_MCU_READY)
2673 if (ntries == 500) {
2674 printf("timeout waiting for MCU to initialize\n");
2682 * Dynamically tune Rx sensitivity (BBP register 17) based on average RSSI and
2683 * false CCA count. This function is called periodically (every seconds) when
2684 * in the RUN state. Values taken from the reference driver.
2687 rt2661_rx_tune(struct rt2661_softc *sc)
2694 * Tuning range depends on operating band and on the presence of an
2695 * external low-noise amplifier.
2698 if (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan))
2700 if ((IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan) && sc->ext_2ghz_lna) ||
2701 (IEEE80211_IS_CHAN_5GHZ(sc->sc_curchan) && sc->ext_5ghz_lna))
2705 /* retrieve false CCA count since last call (clear on read) */
2706 cca = RAL_READ(sc, RT2661_STA_CSR1) & 0xffff;
2710 } else if (dbm >= -58) {
2712 } else if (dbm >= -66) {
2714 } else if (dbm >= -74) {
2717 /* RSSI < -74dBm, tune using false CCA count */
2719 bbp17 = sc->bbp17; /* current value */
2721 hi -= 2 * (-74 - dbm);
2728 } else if (cca > 512) {
2731 } else if (cca < 100) {
2737 if (bbp17 != sc->bbp17) {
2738 rt2661_bbp_write(sc, 17, bbp17);
2744 * Enter/Leave radar detection mode.
2745 * This is for 802.11h additional regulatory domains.
2748 rt2661_radar_start(struct rt2661_softc *sc)
2753 tmp = RAL_READ(sc, RT2661_TXRX_CSR0);
2754 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp | RT2661_DISABLE_RX);
2756 rt2661_bbp_write(sc, 82, 0x20);
2757 rt2661_bbp_write(sc, 83, 0x00);
2758 rt2661_bbp_write(sc, 84, 0x40);
2760 /* save current BBP registers values */
2761 sc->bbp18 = rt2661_bbp_read(sc, 18);
2762 sc->bbp21 = rt2661_bbp_read(sc, 21);
2763 sc->bbp22 = rt2661_bbp_read(sc, 22);
2764 sc->bbp16 = rt2661_bbp_read(sc, 16);
2765 sc->bbp17 = rt2661_bbp_read(sc, 17);
2766 sc->bbp64 = rt2661_bbp_read(sc, 64);
2768 rt2661_bbp_write(sc, 18, 0xff);
2769 rt2661_bbp_write(sc, 21, 0x3f);
2770 rt2661_bbp_write(sc, 22, 0x3f);
2771 rt2661_bbp_write(sc, 16, 0xbd);
2772 rt2661_bbp_write(sc, 17, sc->ext_5ghz_lna ? 0x44 : 0x34);
2773 rt2661_bbp_write(sc, 64, 0x21);
2775 /* restore Rx filter */
2776 RAL_WRITE(sc, RT2661_TXRX_CSR0, tmp);
2780 rt2661_radar_stop(struct rt2661_softc *sc)
2784 /* read radar detection result */
2785 bbp66 = rt2661_bbp_read(sc, 66);
2787 /* restore BBP registers values */
2788 rt2661_bbp_write(sc, 16, sc->bbp16);
2789 rt2661_bbp_write(sc, 17, sc->bbp17);
2790 rt2661_bbp_write(sc, 18, sc->bbp18);
2791 rt2661_bbp_write(sc, 21, sc->bbp21);
2792 rt2661_bbp_write(sc, 22, sc->bbp22);
2793 rt2661_bbp_write(sc, 64, sc->bbp64);
2800 rt2661_prepare_beacon(struct rt2661_softc *sc)
2802 struct ieee80211com *ic = &sc->sc_ic;
2803 struct ieee80211_beacon_offsets bo;
2804 struct rt2661_tx_desc desc;
2808 m0 = ieee80211_beacon_alloc(ic->ic_bss, &bo);
2810 device_printf(sc->sc_dev, "could not allocate beacon frame\n");
2814 /* send beacons at the lowest available rate */
2815 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2;
2817 rt2661_setup_tx_desc(sc, &desc, RT2661_TX_TIMESTAMP, RT2661_TX_HWSEQ,
2818 m0->m_pkthdr.len, rate, NULL, 0, RT2661_QID_MGT);
2820 /* copy the first 24 bytes of Tx descriptor into NIC memory */
2821 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0, (uint8_t *)&desc, 24);
2823 /* copy beacon header and payload into NIC memory */
2824 RAL_WRITE_REGION_1(sc, RT2661_HW_BEACON_BASE0 + 24,
2825 mtod(m0, uint8_t *), m0->m_pkthdr.len);
2833 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS
2834 * and HostAP operating modes.
2837 rt2661_enable_tsf_sync(struct rt2661_softc *sc)
2839 struct ieee80211com *ic = &sc->sc_ic;
2842 if (ic->ic_opmode != IEEE80211_M_STA) {
2844 * Change default 16ms TBTT adjustment to 8ms.
2845 * Must be done before enabling beacon generation.
2847 RAL_WRITE(sc, RT2661_TXRX_CSR10, 1 << 12 | 8);
2850 tmp = RAL_READ(sc, RT2661_TXRX_CSR9) & 0xff000000;
2852 /* set beacon interval (in 1/16ms unit) */
2853 tmp |= ic->ic_bss->ni_intval * 16;
2855 tmp |= RT2661_TSF_TICKING | RT2661_ENABLE_TBTT;
2856 if (ic->ic_opmode == IEEE80211_M_STA)
2857 tmp |= RT2661_TSF_MODE(1);
2859 tmp |= RT2661_TSF_MODE(2) | RT2661_GENERATE_BEACON;
2861 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp);
2865 * Retrieve the "Received Signal Strength Indicator" from the raw values
2866 * contained in Rx descriptors. The computation depends on which band the
2867 * frame was received. Correction values taken from the reference driver.
2870 rt2661_get_rssi(struct rt2661_softc *sc, uint8_t raw)
2874 lna = (raw >> 5) & 0x3;
2879 * No mapping available.
2881 * NB: Since RSSI is relative to noise floor, -1 is
2882 * adequate for caller to know error happened.
2887 rssi = (2 * agc) - RT2661_NOISE_FLOOR;
2889 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) {
2890 rssi += sc->rssi_2ghz_corr;
2899 rssi += sc->rssi_5ghz_corr;
2912 rt2661_scan_start(struct ieee80211com *ic)
2914 struct ifnet *ifp = ic->ic_ifp;
2915 struct rt2661_softc *sc = ifp->if_softc;
2918 /* abort TSF synchronization */
2919 tmp = RAL_READ(sc, RT2661_TXRX_CSR9);
2920 RAL_WRITE(sc, RT2661_TXRX_CSR9, tmp & ~0xffffff);
2921 rt2661_set_bssid(sc, ifp->if_broadcastaddr);
2925 rt2661_scan_end(struct ieee80211com *ic)
2927 struct ifnet *ifp = ic->ic_ifp;
2928 struct rt2661_softc *sc = ifp->if_softc;
2930 rt2661_enable_tsf_sync(sc);
2931 /* XXX keep local copy */
2932 rt2661_set_bssid(sc, ic->ic_bss->ni_bssid);
2936 rt2661_set_channel(struct ieee80211com *ic)
2938 struct ifnet *ifp = ic->ic_ifp;
2939 struct rt2661_softc *sc = ifp->if_softc;
2942 rt2661_set_chan(sc, ic->ic_curchan);
projects / FreeBSD / releng / 7.2.git / blob