FreeBSD/Linux Kernel Cross Reference
sys/dev/ral/if_ral.c
1 /* $FreeBSD: releng/6.0/sys/dev/ral/if_ral.c 151142 2005-10-09 04:15:59Z delphij $ */
2
3 /*-
4 * Copyright (c) 2005
5 * Damien Bergamini <damien.bergamini@free.fr>
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 #include <sys/cdefs.h>
21 __FBSDID("$FreeBSD: releng/6.0/sys/dev/ral/if_ral.c 151142 2005-10-09 04:15:59Z delphij $");
22
23 /*-
24 * Ralink Technology RT2500 chipset driver
25 * http://www.ralinktech.com/
26 */
27
28 #include <sys/param.h>
29 #include <sys/sysctl.h>
30 #include <sys/sockio.h>
31 #include <sys/mbuf.h>
32 #include <sys/kernel.h>
33 #include <sys/socket.h>
34 #include <sys/systm.h>
35 #include <sys/malloc.h>
36 #include <sys/module.h>
37 #include <sys/bus.h>
38 #include <sys/endian.h>
39
40 #include <machine/bus.h>
41 #include <machine/resource.h>
42 #include <machine/clock.h>
43 #include <sys/rman.h>
44
45 #include <net/bpf.h>
46 #include <net/if.h>
47 #include <net/if_arp.h>
48 #include <net/ethernet.h>
49 #include <net/if_dl.h>
50 #include <net/if_media.h>
51 #include <net/if_types.h>
52
53 #include <net80211/ieee80211_var.h>
54 #include <net80211/ieee80211_radiotap.h>
55
56 #include <netinet/in.h>
57 #include <netinet/in_systm.h>
58 #include <netinet/in_var.h>
59 #include <netinet/ip.h>
60 #include <netinet/if_ether.h>
61
62 #include <dev/ral/if_ralrate.h>
63 #include <dev/ral/if_ralreg.h>
64 #include <dev/ral/if_ralvar.h>
65
66 #ifdef RAL_DEBUG
67 #define DPRINTF(x) do { if (ral_debug > 0) printf x; } while (0)
68 #define DPRINTFN(n, x) do { if (ral_debug >= (n)) printf x; } while (0)
69 int ral_debug = 0;
70 SYSCTL_INT(_debug, OID_AUTO, ral, CTLFLAG_RW, &ral_debug, 0, "ral debug level");
71 #else
72 #define DPRINTF(x)
73 #define DPRINTFN(n, x)
74 #endif
75
76 MODULE_DEPEND(ral, wlan, 1, 1, 1);
77
78 static void ral_dma_map_addr(void *, bus_dma_segment_t *, int, int);
79 static int ral_alloc_tx_ring(struct ral_softc *,
80 struct ral_tx_ring *, int);
81 static void ral_reset_tx_ring(struct ral_softc *,
82 struct ral_tx_ring *);
83 static void ral_free_tx_ring(struct ral_softc *,
84 struct ral_tx_ring *);
85 static int ral_alloc_rx_ring(struct ral_softc *,
86 struct ral_rx_ring *, int);
87 static void ral_reset_rx_ring(struct ral_softc *,
88 struct ral_rx_ring *);
89 static void ral_free_rx_ring(struct ral_softc *,
90 struct ral_rx_ring *);
91 static struct ieee80211_node *ral_node_alloc(
92 struct ieee80211_node_table *);
93 static int ral_media_change(struct ifnet *);
94 static void ral_next_scan(void *);
95 static void ral_iter_func(void *, struct ieee80211_node *);
96 static void ral_update_rssadapt(void *);
97 static int ral_newstate(struct ieee80211com *,
98 enum ieee80211_state, int);
99 static uint16_t ral_eeprom_read(struct ral_softc *, uint8_t);
100 static void ral_encryption_intr(struct ral_softc *);
101 static void ral_tx_intr(struct ral_softc *);
102 static void ral_prio_intr(struct ral_softc *);
103 static void ral_decryption_intr(struct ral_softc *);
104 static void ral_rx_intr(struct ral_softc *);
105 static void ral_beacon_expire(struct ral_softc *);
106 static void ral_wakeup_expire(struct ral_softc *);
107 static void ral_intr(void *);
108 static int ral_ack_rate(struct ieee80211com *, int);
109 static uint16_t ral_txtime(int, int, uint32_t);
110 static uint8_t ral_plcp_signal(int);
111 static void ral_setup_tx_desc(struct ral_softc *,
112 struct ral_tx_desc *, uint32_t, int, int, int,
113 bus_addr_t);
114 static int ral_tx_bcn(struct ral_softc *, struct mbuf *,
115 struct ieee80211_node *);
116 static int ral_tx_mgt(struct ral_softc *, struct mbuf *,
117 struct ieee80211_node *);
118 static struct mbuf *ral_get_rts(struct ral_softc *,
119 struct ieee80211_frame *, uint16_t);
120 static int ral_tx_data(struct ral_softc *, struct mbuf *,
121 struct ieee80211_node *);
122 static void ral_start(struct ifnet *);
123 static void ral_watchdog(struct ifnet *);
124 static int ral_reset(struct ifnet *);
125 static int ral_ioctl(struct ifnet *, u_long, caddr_t);
126 static void ral_bbp_write(struct ral_softc *, uint8_t, uint8_t);
127 static uint8_t ral_bbp_read(struct ral_softc *, uint8_t);
128 static void ral_rf_write(struct ral_softc *, uint8_t, uint32_t);
129 static void ral_set_chan(struct ral_softc *,
130 struct ieee80211_channel *);
131 #if 0
132 static void ral_disable_rf_tune(struct ral_softc *);
133 #endif
134 static void ral_enable_tsf_sync(struct ral_softc *);
135 static void ral_update_plcp(struct ral_softc *);
136 static void ral_update_slot(struct ifnet *);
137 static void ral_update_led(struct ral_softc *, int, int);
138 static void ral_set_bssid(struct ral_softc *, uint8_t *);
139 static void ral_set_macaddr(struct ral_softc *, uint8_t *);
140 static void ral_get_macaddr(struct ral_softc *, uint8_t *);
141 static void ral_update_promisc(struct ral_softc *);
142 static const char *ral_get_rf(int);
143 static void ral_read_eeprom(struct ral_softc *);
144 static int ral_bbp_init(struct ral_softc *);
145 static void ral_set_txantenna(struct ral_softc *, int);
146 static void ral_set_rxantenna(struct ral_softc *, int);
147 static void ral_init(void *);
148
149 devclass_t ral_devclass;
150
151 /*
152 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
153 */
154 static const struct ieee80211_rateset ral_rateset_11a =
155 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
156
157 static const struct ieee80211_rateset ral_rateset_11b =
158 { 4, { 2, 4, 11, 22 } };
159
160 static const struct ieee80211_rateset ral_rateset_11g =
161 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
162
163 /*
164 * Default values for MAC registers; values taken from the reference driver.
165 */
166 static const struct {
167 uint32_t reg;
168 uint32_t val;
169 } ral_def_mac[] = {
170 { RAL_PSCSR0, 0x00020002 },
171 { RAL_PSCSR1, 0x00000002 },
172 { RAL_PSCSR2, 0x00020002 },
173 { RAL_PSCSR3, 0x00000002 },
174 { RAL_TIMECSR, 0x00003f21 },
175 { RAL_CSR9, 0x00000780 },
176 { RAL_CSR11, 0x07041483 },
177 { RAL_CNT3, 0x00000000 },
178 { RAL_TXCSR1, 0x07614562 },
179 { RAL_ARSP_PLCP_0, 0x8c8d8b8a },
180 { RAL_ACKPCTCSR, 0x7038140a },
181 { RAL_ARTCSR1, 0x1d21252d },
182 { RAL_ARTCSR2, 0x1919191d },
183 { RAL_RXCSR0, 0xffffffff },
184 { RAL_RXCSR3, 0xb3aab3af },
185 { RAL_PCICSR, 0x000003b8 },
186 { RAL_PWRCSR0, 0x3f3b3100 },
187 { RAL_GPIOCSR, 0x0000ff00 },
188 { RAL_TESTCSR, 0x000000f0 },
189 { RAL_PWRCSR1, 0x000001ff },
190 { RAL_MACCSR0, 0x00213223 },
191 { RAL_MACCSR1, 0x00235518 },
192 { RAL_RLPWCSR, 0x00000040 },
193 { RAL_RALINKCSR, 0x9a009a11 },
194 { RAL_CSR7, 0xffffffff },
195 { RAL_BBPCSR1, 0x82188200 },
196 { RAL_TXACKCSR0, 0x00000020 },
197 { RAL_SECCSR3, 0x0000e78f }
198 };
199
200 /*
201 * Default values for BBP registers; values taken from the reference driver.
202 */
203 static const struct {
204 uint8_t reg;
205 uint8_t val;
206 } ral_def_bbp[] = {
207 { 3, 0x02 },
208 { 4, 0x19 },
209 { 14, 0x1c },
210 { 15, 0x30 },
211 { 16, 0xac },
212 { 17, 0x48 },
213 { 18, 0x18 },
214 { 19, 0xff },
215 { 20, 0x1e },
216 { 21, 0x08 },
217 { 22, 0x08 },
218 { 23, 0x08 },
219 { 24, 0x80 },
220 { 25, 0x50 },
221 { 26, 0x08 },
222 { 27, 0x23 },
223 { 30, 0x10 },
224 { 31, 0x2b },
225 { 32, 0xb9 },
226 { 34, 0x12 },
227 { 35, 0x50 },
228 { 39, 0xc4 },
229 { 40, 0x02 },
230 { 41, 0x60 },
231 { 53, 0x10 },
232 { 54, 0x18 },
233 { 56, 0x08 },
234 { 57, 0x10 },
235 { 58, 0x08 },
236 { 61, 0x60 },
237 { 62, 0x10 },
238 { 75, 0xff }
239 };
240
241 /*
242 * Default values for RF register R2 indexed by channel numbers; values taken
243 * from the reference driver.
244 */
245 static const uint32_t ral_rf2522_r2[] = {
246 0x307f6, 0x307fb, 0x30800, 0x30805, 0x3080a, 0x3080f, 0x30814,
247 0x30819, 0x3081e, 0x30823, 0x30828, 0x3082d, 0x30832, 0x3083e
248 };
249
250 static const uint32_t ral_rf2523_r2[] = {
251 0x00327, 0x00328, 0x00329, 0x0032a, 0x0032b, 0x0032c, 0x0032d,
252 0x0032e, 0x0032f, 0x00340, 0x00341, 0x00342, 0x00343, 0x00346
253 };
254
255 static const uint32_t ral_rf2524_r2[] = {
256 0x00327, 0x00328, 0x00329, 0x0032a, 0x0032b, 0x0032c, 0x0032d,
257 0x0032e, 0x0032f, 0x00340, 0x00341, 0x00342, 0x00343, 0x00346
258 };
259
260 static const uint32_t ral_rf2525_r2[] = {
261 0x20327, 0x20328, 0x20329, 0x2032a, 0x2032b, 0x2032c, 0x2032d,
262 0x2032e, 0x2032f, 0x20340, 0x20341, 0x20342, 0x20343, 0x20346
263 };
264
265 static const uint32_t ral_rf2525_hi_r2[] = {
266 0x2032f, 0x20340, 0x20341, 0x20342, 0x20343, 0x20344, 0x20345,
267 0x20346, 0x20347, 0x20348, 0x20349, 0x2034a, 0x2034b, 0x2034e
268 };
269
270 static const uint32_t ral_rf2525e_r2[] = {
271 0x2044d, 0x2044e, 0x2044f, 0x20460, 0x20461, 0x20462, 0x20463,
272 0x20464, 0x20465, 0x20466, 0x20467, 0x20468, 0x20469, 0x2046b
273 };
274
275 static const uint32_t ral_rf2526_hi_r2[] = {
276 0x0022a, 0x0022b, 0x0022b, 0x0022c, 0x0022c, 0x0022d, 0x0022d,
277 0x0022e, 0x0022e, 0x0022f, 0x0022d, 0x00240, 0x00240, 0x00241
278 };
279
280 static const uint32_t ral_rf2526_r2[] = {
281 0x00226, 0x00227, 0x00227, 0x00228, 0x00228, 0x00229, 0x00229,
282 0x0022a, 0x0022a, 0x0022b, 0x0022b, 0x0022c, 0x0022c, 0x0022d
283 };
284
285 /*
286 * For dual-band RF, RF registers R1 and R4 also depend on channel number;
287 * values taken from the reference driver.
288 */
289 static const struct {
290 uint8_t chan;
291 uint32_t r1;
292 uint32_t r2;
293 uint32_t r4;
294 } ral_rf5222[] = {
295 /* channels in the 2.4GHz band */
296 { 1, 0x08808, 0x0044d, 0x00282 },
297 { 2, 0x08808, 0x0044e, 0x00282 },
298 { 3, 0x08808, 0x0044f, 0x00282 },
299 { 4, 0x08808, 0x00460, 0x00282 },
300 { 5, 0x08808, 0x00461, 0x00282 },
301 { 6, 0x08808, 0x00462, 0x00282 },
302 { 7, 0x08808, 0x00463, 0x00282 },
303 { 8, 0x08808, 0x00464, 0x00282 },
304 { 9, 0x08808, 0x00465, 0x00282 },
305 { 10, 0x08808, 0x00466, 0x00282 },
306 { 11, 0x08808, 0x00467, 0x00282 },
307 { 12, 0x08808, 0x00468, 0x00282 },
308 { 13, 0x08808, 0x00469, 0x00282 },
309 { 14, 0x08808, 0x0046b, 0x00286 },
310
311 /* channels in the 5.2GHz band */
312 { 36, 0x08804, 0x06225, 0x00287 },
313 { 40, 0x08804, 0x06226, 0x00287 },
314 { 44, 0x08804, 0x06227, 0x00287 },
315 { 48, 0x08804, 0x06228, 0x00287 },
316 { 52, 0x08804, 0x06229, 0x00287 },
317 { 56, 0x08804, 0x0622a, 0x00287 },
318 { 60, 0x08804, 0x0622b, 0x00287 },
319 { 64, 0x08804, 0x0622c, 0x00287 },
320
321 { 100, 0x08804, 0x02200, 0x00283 },
322 { 104, 0x08804, 0x02201, 0x00283 },
323 { 108, 0x08804, 0x02202, 0x00283 },
324 { 112, 0x08804, 0x02203, 0x00283 },
325 { 116, 0x08804, 0x02204, 0x00283 },
326 { 120, 0x08804, 0x02205, 0x00283 },
327 { 124, 0x08804, 0x02206, 0x00283 },
328 { 128, 0x08804, 0x02207, 0x00283 },
329 { 132, 0x08804, 0x02208, 0x00283 },
330 { 136, 0x08804, 0x02209, 0x00283 },
331 { 140, 0x08804, 0x0220a, 0x00283 },
332
333 { 149, 0x08808, 0x02429, 0x00281 },
334 { 153, 0x08808, 0x0242b, 0x00281 },
335 { 157, 0x08808, 0x0242d, 0x00281 },
336 { 161, 0x08808, 0x0242f, 0x00281 }
337 };
338
339 int
340 ral_attach(device_t dev)
341 {
342 struct ral_softc *sc = device_get_softc(dev);
343 struct ifnet *ifp;
344 struct ieee80211com *ic = &sc->sc_ic;
345 int error, i;
346
347 sc->sc_dev = dev;
348
349 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK,
350 MTX_DEF | MTX_RECURSE);
351
352 callout_init(&sc->scan_ch, debug_mpsafenet ? CALLOUT_MPSAFE : 0);
353 callout_init(&sc->rssadapt_ch, CALLOUT_MPSAFE);
354
355 /* retrieve RT2560 rev. no */
356 sc->asic_rev = RAL_READ(sc, RAL_CSR0);
357
358 /* retrieve MAC address */
359 ral_get_macaddr(sc, ic->ic_myaddr);
360
361 /* retrieve RF rev. no and various other things from EEPROM */
362 ral_read_eeprom(sc);
363
364 device_printf(dev, "MAC/BBP RT2560 (rev 0x%02x), RF %s\n",
365 sc->asic_rev, ral_get_rf(sc->rf_rev));
366
367 /*
368 * Allocate Tx and Rx rings.
369 */
370 if (ral_alloc_tx_ring(sc, &sc->txq, RAL_TX_RING_COUNT) != 0) {
371 device_printf(sc->sc_dev, "could not allocate Tx ring\n");
372 goto fail1;
373 }
374
375 if (ral_alloc_tx_ring(sc, &sc->atimq, RAL_ATIM_RING_COUNT) != 0) {
376 device_printf(sc->sc_dev, "could not allocate ATIM ring\n");
377 goto fail2;
378 }
379
380 if (ral_alloc_tx_ring(sc, &sc->prioq, RAL_PRIO_RING_COUNT) != 0) {
381 device_printf(sc->sc_dev, "could not allocate Prio ring\n");
382 goto fail3;
383 }
384
385 if (ral_alloc_tx_ring(sc, &sc->bcnq, RAL_BEACON_RING_COUNT) != 0) {
386 device_printf(sc->sc_dev, "could not allocate Beacon ring\n");
387 goto fail4;
388 }
389
390 if (ral_alloc_rx_ring(sc, &sc->rxq, RAL_RX_RING_COUNT) != 0) {
391 device_printf(sc->sc_dev, "could not allocate Rx ring\n");
392 goto fail5;
393 }
394 ifp = sc->sc_ifp = if_alloc(IFT_ETHER);
395 if (ifp == NULL) {
396 device_printf(sc->sc_dev, "can not if_alloc()\n");
397 goto fail6;
398 }
399 ifp->if_softc = sc;
400 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
401 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
402 ifp->if_init = ral_init;
403 ifp->if_ioctl = ral_ioctl;
404 ifp->if_start = ral_start;
405 ifp->if_watchdog = ral_watchdog;
406 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN);
407 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN;
408 IFQ_SET_READY(&ifp->if_snd);
409
410 ic->ic_ifp = ifp;
411 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
412 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
413 ic->ic_state = IEEE80211_S_INIT;
414
415 /* set device capabilities */
416 ic->ic_caps = IEEE80211_C_MONITOR | IEEE80211_C_IBSS |
417 IEEE80211_C_HOSTAP | IEEE80211_C_SHPREAMBLE | IEEE80211_C_SHSLOT |
418 IEEE80211_C_PMGT | IEEE80211_C_TXPMGT | IEEE80211_C_WPA;
419
420 if (sc->rf_rev == RAL_RF_5222) {
421 /* set supported .11a rates */
422 ic->ic_sup_rates[IEEE80211_MODE_11A] = ral_rateset_11a;
423
424 /* set supported .11a channels */
425 for (i = 36; i <= 64; i += 4) {
426 ic->ic_channels[i].ic_freq =
427 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
428 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
429 }
430 for (i = 100; i <= 140; i += 4) {
431 ic->ic_channels[i].ic_freq =
432 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
433 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
434 }
435 for (i = 149; i <= 161; i += 4) {
436 ic->ic_channels[i].ic_freq =
437 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
438 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
439 }
440 }
441
442 /* set supported .11b and .11g rates */
443 ic->ic_sup_rates[IEEE80211_MODE_11B] = ral_rateset_11b;
444 ic->ic_sup_rates[IEEE80211_MODE_11G] = ral_rateset_11g;
445
446 /* set supported .11b and .11g channels (1 through 14) */
447 for (i = 1; i <= 14; i++) {
448 ic->ic_channels[i].ic_freq =
449 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
450 ic->ic_channels[i].ic_flags =
451 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
452 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
453 }
454
455 ieee80211_ifattach(ic);
456 ic->ic_node_alloc = ral_node_alloc;
457 ic->ic_updateslot = ral_update_slot;
458 ic->ic_reset = ral_reset;
459
460 /* override state transition machine */
461 sc->sc_newstate = ic->ic_newstate;
462 ic->ic_newstate = ral_newstate;
463 ieee80211_media_init(ic, ral_media_change, ieee80211_media_status);
464
465 bpfattach2(ifp, DLT_IEEE802_11_RADIO,
466 sizeof (struct ieee80211_frame) + 64, &sc->sc_drvbpf);
467
468 sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
469 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
470 sc->sc_rxtap.wr_ihdr.it_present = htole32(RAL_RX_RADIOTAP_PRESENT);
471
472 sc->sc_txtap_len = sizeof sc->sc_txtapu;
473 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
474 sc->sc_txtap.wt_ihdr.it_present = htole32(RAL_TX_RADIOTAP_PRESENT);
475
476 /*
477 * Add a few sysctl knobs.
478 */
479 sc->dwelltime = 200;
480
481 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev),
482 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO,
483 "txantenna", CTLFLAG_RW, &sc->tx_ant, 0, "tx antenna (0=auto)");
484
485 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev),
486 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO,
487 "rxantenna", CTLFLAG_RW, &sc->rx_ant, 0, "rx antenna (0=auto)");
488
489 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev),
490 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), OID_AUTO, "dwell",
491 CTLFLAG_RW, &sc->dwelltime, 0,
492 "channel dwell time (ms) for AP/station scanning");
493
494 /*
495 * Hook our interrupt after all initialization is complete.
496 */
497 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE,
498 ral_intr, sc, &sc->sc_ih);
499 if (error != 0) {
500 device_printf(dev, "could not set up interrupt\n");
501 goto fail7;
502 }
503
504 if (bootverbose)
505 ieee80211_announce(ic);
506
507 return 0;
508
509 fail7: bpfdetach(ifp);
510 ieee80211_ifdetach(ic);
511 if_free(ifp);
512 fail6: ral_free_rx_ring(sc, &sc->rxq);
513 fail5: ral_free_tx_ring(sc, &sc->bcnq);
514 fail4: ral_free_tx_ring(sc, &sc->prioq);
515 fail3: ral_free_tx_ring(sc, &sc->atimq);
516 fail2: ral_free_tx_ring(sc, &sc->txq);
517 fail1: mtx_destroy(&sc->sc_mtx);
518
519 return ENXIO;
520 }
521
522 int
523 ral_detach(device_t dev)
524 {
525 struct ral_softc *sc = device_get_softc(dev);
526 struct ieee80211com *ic = &sc->sc_ic;
527 struct ifnet *ifp = ic->ic_ifp;
528
529 callout_stop(&sc->scan_ch);
530 callout_stop(&sc->rssadapt_ch);
531
532 bpfdetach(ifp);
533 ieee80211_ifdetach(ic);
534 if_free(ifp);
535
536 ral_free_tx_ring(sc, &sc->txq);
537 ral_free_tx_ring(sc, &sc->atimq);
538 ral_free_tx_ring(sc, &sc->prioq);
539 ral_free_tx_ring(sc, &sc->bcnq);
540 ral_free_rx_ring(sc, &sc->rxq);
541
542 bus_teardown_intr(dev, sc->irq, sc->sc_ih);
543 ral_free(dev);
544
545 mtx_destroy(&sc->sc_mtx);
546
547 return 0;
548 }
549
550 void
551 ral_shutdown(device_t dev)
552 {
553 struct ral_softc *sc = device_get_softc(dev);
554
555 ral_stop(sc);
556 }
557
558 int
559 ral_alloc(device_t dev, int rid)
560 {
561 struct ral_softc *sc = device_get_softc(dev);
562
563 sc->mem_rid = rid;
564 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid,
565 RF_ACTIVE);
566 if (sc->mem == NULL) {
567 device_printf(dev, "could not allocate memory resource\n");
568 return ENXIO;
569 }
570
571 sc->sc_st = rman_get_bustag(sc->mem);
572 sc->sc_sh = rman_get_bushandle(sc->mem);
573
574 sc->irq_rid = 0;
575 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid,
576 RF_ACTIVE | RF_SHAREABLE);
577 if (sc->irq == NULL) {
578 device_printf(dev, "could not allocate interrupt resource\n");
579 ral_free(dev);
580 return ENXIO;
581 }
582
583 return 0;
584 }
585
586 void
587 ral_free(device_t dev)
588 {
589 struct ral_softc *sc = device_get_softc(dev);
590
591 if (sc->irq != NULL) {
592 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq);
593 sc->irq = NULL;
594 }
595
596 if (sc->mem != NULL) {
597 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem);
598 sc->mem = NULL;
599 }
600 }
601
602 static void
603 ral_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error)
604 {
605 if (error != 0)
606 return;
607
608 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg));
609
610 *(bus_addr_t *)arg = segs[0].ds_addr;
611 }
612
613 static int
614 ral_alloc_tx_ring(struct ral_softc *sc, struct ral_tx_ring *ring, int count)
615 {
616 int i, error;
617
618 ring->count = count;
619 ring->queued = 0;
620 ring->cur = ring->next = 0;
621 ring->cur_encrypt = ring->next_encrypt = 0;
622
623 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
624 BUS_SPACE_MAXADDR, NULL, NULL, count * RAL_TX_DESC_SIZE, 1,
625 count * RAL_TX_DESC_SIZE, 0, NULL, NULL, &ring->desc_dmat);
626 if (error != 0) {
627 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
628 goto fail;
629 }
630
631 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
632 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map);
633 if (error != 0) {
634 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
635 goto fail;
636 }
637
638 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
639 count * RAL_TX_DESC_SIZE, ral_dma_map_addr, &ring->physaddr, 0);
640 if (error != 0) {
641 device_printf(sc->sc_dev, "could not load desc DMA map\n");
642 goto fail;
643 }
644
645 ring->data = malloc(count * sizeof (struct ral_tx_data), M_DEVBUF,
646 M_NOWAIT | M_ZERO);
647 if (ring->data == NULL) {
648 device_printf(sc->sc_dev, "could not allocate soft data\n");
649 error = ENOMEM;
650 goto fail;
651 }
652
653 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
654 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, RAL_MAX_SCATTER, MCLBYTES,
655 0, NULL, NULL, &ring->data_dmat);
656 if (error != 0) {
657 device_printf(sc->sc_dev, "could not create data DMA tag\n");
658 goto fail;
659 }
660
661 for (i = 0; i < count; i++) {
662 error = bus_dmamap_create(ring->data_dmat, 0,
663 &ring->data[i].map);
664 if (error != 0) {
665 device_printf(sc->sc_dev, "could not create DMA map\n");
666 goto fail;
667 }
668 }
669
670 return 0;
671
672 fail: ral_free_tx_ring(sc, ring);
673 return error;
674 }
675
676 static void
677 ral_reset_tx_ring(struct ral_softc *sc, struct ral_tx_ring *ring)
678 {
679 struct ral_tx_desc *desc;
680 struct ral_tx_data *data;
681 int i;
682
683 for (i = 0; i < ring->count; i++) {
684 desc = &ring->desc[i];
685 data = &ring->data[i];
686
687 if (data->m != NULL) {
688 bus_dmamap_sync(ring->data_dmat, data->map,
689 BUS_DMASYNC_POSTWRITE);
690 bus_dmamap_unload(ring->data_dmat, data->map);
691 m_freem(data->m);
692 data->m = NULL;
693 }
694
695 if (data->ni != NULL) {
696 ieee80211_free_node(data->ni);
697 data->ni = NULL;
698 }
699
700 desc->flags = 0;
701 }
702
703 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
704
705 ring->queued = 0;
706 ring->cur = ring->next = 0;
707 ring->cur_encrypt = ring->next_encrypt = 0;
708 }
709
710 static void
711 ral_free_tx_ring(struct ral_softc *sc, struct ral_tx_ring *ring)
712 {
713 struct ral_tx_data *data;
714 int i;
715
716 if (ring->desc != NULL) {
717 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
718 BUS_DMASYNC_POSTWRITE);
719 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
720 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
721 }
722
723 if (ring->desc_dmat != NULL)
724 bus_dma_tag_destroy(ring->desc_dmat);
725
726 if (ring->data != NULL) {
727 for (i = 0; i < ring->count; i++) {
728 data = &ring->data[i];
729
730 if (data->m != NULL) {
731 bus_dmamap_sync(ring->data_dmat, data->map,
732 BUS_DMASYNC_POSTWRITE);
733 bus_dmamap_unload(ring->data_dmat, data->map);
734 m_freem(data->m);
735 }
736
737 if (data->ni != NULL)
738 ieee80211_free_node(data->ni);
739
740 if (data->map != NULL)
741 bus_dmamap_destroy(ring->data_dmat, data->map);
742 }
743
744 free(ring->data, M_DEVBUF);
745 }
746
747 if (ring->data_dmat != NULL)
748 bus_dma_tag_destroy(ring->data_dmat);
749 }
750
751 static int
752 ral_alloc_rx_ring(struct ral_softc *sc, struct ral_rx_ring *ring, int count)
753 {
754 struct ral_rx_desc *desc;
755 struct ral_rx_data *data;
756 bus_addr_t physaddr;
757 int i, error;
758
759 ring->count = count;
760 ring->cur = ring->next = 0;
761 ring->cur_decrypt = 0;
762
763 error = bus_dma_tag_create(NULL, 4, 0, BUS_SPACE_MAXADDR_32BIT,
764 BUS_SPACE_MAXADDR, NULL, NULL, count * RAL_RX_DESC_SIZE, 1,
765 count * RAL_RX_DESC_SIZE, 0, NULL, NULL, &ring->desc_dmat);
766 if (error != 0) {
767 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
768 goto fail;
769 }
770
771 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc,
772 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map);
773 if (error != 0) {
774 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
775 goto fail;
776 }
777
778 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc,
779 count * RAL_RX_DESC_SIZE, ral_dma_map_addr, &ring->physaddr, 0);
780 if (error != 0) {
781 device_printf(sc->sc_dev, "could not load desc DMA map\n");
782 goto fail;
783 }
784
785 ring->data = malloc(count * sizeof (struct ral_rx_data), M_DEVBUF,
786 M_NOWAIT | M_ZERO);
787 if (ring->data == NULL) {
788 device_printf(sc->sc_dev, "could not allocate soft data\n");
789 error = ENOMEM;
790 goto fail;
791 }
792
793 /*
794 * Pre-allocate Rx buffers and populate Rx ring.
795 */
796 error = bus_dma_tag_create(NULL, 1, 0, BUS_SPACE_MAXADDR_32BIT,
797 BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1, MCLBYTES, 0, NULL,
798 NULL, &ring->data_dmat);
799 if (error != 0) {
800 device_printf(sc->sc_dev, "could not create data DMA tag\n");
801 goto fail;
802 }
803
804 for (i = 0; i < count; i++) {
805 desc = &sc->rxq.desc[i];
806 data = &sc->rxq.data[i];
807
808 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
809 if (error != 0) {
810 device_printf(sc->sc_dev, "could not create DMA map\n");
811 goto fail;
812 }
813
814 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR);
815 if (data->m == NULL) {
816 device_printf(sc->sc_dev,
817 "could not allocate rx mbuf\n");
818 error = ENOMEM;
819 goto fail;
820 }
821
822 error = bus_dmamap_load(ring->data_dmat, data->map,
823 mtod(data->m, void *), MCLBYTES, ral_dma_map_addr,
824 &physaddr, 0);
825 if (error != 0) {
826 device_printf(sc->sc_dev,
827 "could not load rx buf DMA map");
828 goto fail;
829 }
830
831 desc->flags = htole32(RAL_RX_BUSY);
832 desc->physaddr = htole32(physaddr);
833 }
834
835 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
836
837 return 0;
838
839 fail: ral_free_rx_ring(sc, ring);
840 return error;
841 }
842
843 static void
844 ral_reset_rx_ring(struct ral_softc *sc, struct ral_rx_ring *ring)
845 {
846 int i;
847
848 for (i = 0; i < ring->count; i++) {
849 ring->desc[i].flags = htole32(RAL_RX_BUSY);
850 ring->data[i].drop = 0;
851 }
852
853 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
854
855 ring->cur = ring->next = 0;
856 ring->cur_decrypt = 0;
857 }
858
859 static void
860 ral_free_rx_ring(struct ral_softc *sc, struct ral_rx_ring *ring)
861 {
862 struct ral_rx_data *data;
863 int i;
864
865 if (ring->desc != NULL) {
866 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
867 BUS_DMASYNC_POSTWRITE);
868 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
869 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map);
870 }
871
872 if (ring->desc_dmat != NULL)
873 bus_dma_tag_destroy(ring->desc_dmat);
874
875 if (ring->data != NULL) {
876 for (i = 0; i < ring->count; i++) {
877 data = &ring->data[i];
878
879 if (data->m != NULL) {
880 bus_dmamap_sync(ring->data_dmat, data->map,
881 BUS_DMASYNC_POSTREAD);
882 bus_dmamap_unload(ring->data_dmat, data->map);
883 m_freem(data->m);
884 }
885
886 if (data->map != NULL)
887 bus_dmamap_destroy(ring->data_dmat, data->map);
888 }
889
890 free(ring->data, M_DEVBUF);
891 }
892
893 if (ring->data_dmat != NULL)
894 bus_dma_tag_destroy(ring->data_dmat);
895 }
896
897 static struct ieee80211_node *
898 ral_node_alloc(struct ieee80211_node_table *nt)
899 {
900 struct ral_node *rn;
901
902 rn = malloc(sizeof (struct ral_node), M_80211_NODE, M_NOWAIT | M_ZERO);
903
904 return (rn != NULL) ? &rn->ni : NULL;
905 }
906
907 static int
908 ral_media_change(struct ifnet *ifp)
909 {
910 struct ral_softc *sc = ifp->if_softc;
911 int error;
912
913 error = ieee80211_media_change(ifp);
914 if (error != ENETRESET)
915 return error;
916
917 if ((ifp->if_flags & IFF_UP) &&
918 (ifp->if_drv_flags & IFF_DRV_RUNNING))
919 ral_init(sc);
920
921 return 0;
922 }
923
924 /*
925 * This function is called periodically (every 200ms) during scanning to
926 * switch from one channel to another.
927 */
928 static void
929 ral_next_scan(void *arg)
930 {
931 struct ral_softc *sc = arg;
932 struct ieee80211com *ic = &sc->sc_ic;
933
934 if (ic->ic_state == IEEE80211_S_SCAN)
935 ieee80211_next_scan(ic);
936 }
937
938 /*
939 * This function is called for each node present in the node station table.
940 */
941 static void
942 ral_iter_func(void *arg, struct ieee80211_node *ni)
943 {
944 struct ral_node *rn = (struct ral_node *)ni;
945
946 ral_rssadapt_updatestats(&rn->rssadapt);
947 }
948
949 /*
950 * This function is called periodically (every 100ms) in RUN state to update
951 * the rate adaptation statistics.
952 */
953 static void
954 ral_update_rssadapt(void *arg)
955 {
956 struct ral_softc *sc = arg;
957 struct ieee80211com *ic = &sc->sc_ic;
958
959 RAL_LOCK(sc);
960
961 ieee80211_iterate_nodes(&ic->ic_sta, ral_iter_func, arg);
962 callout_reset(&sc->rssadapt_ch, hz / 10, ral_update_rssadapt, sc);
963
964 RAL_UNLOCK(sc);
965 }
966
967 static int
968 ral_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
969 {
970 struct ral_softc *sc = ic->ic_ifp->if_softc;
971 struct mbuf *m;
972 enum ieee80211_state ostate;
973 int error = 0;
974
975 ostate = ic->ic_state;
976 callout_stop(&sc->scan_ch);
977
978 switch (nstate) {
979 case IEEE80211_S_INIT:
980 callout_stop(&sc->rssadapt_ch);
981
982 if (ostate == IEEE80211_S_RUN) {
983 /* abort TSF synchronization */
984 RAL_WRITE(sc, RAL_CSR14, 0);
985
986 /* turn association led off */
987 ral_update_led(sc, 0, 0);
988 }
989 break;
990
991 case IEEE80211_S_SCAN:
992 ral_set_chan(sc, ic->ic_curchan);
993 callout_reset(&sc->scan_ch, (sc->dwelltime * hz) / 1000,
994 ral_next_scan, sc);
995 break;
996
997 case IEEE80211_S_AUTH:
998 ral_set_chan(sc, ic->ic_curchan);
999 break;
1000
1001 case IEEE80211_S_ASSOC:
1002 ral_set_chan(sc, ic->ic_curchan);
1003 break;
1004
1005 case IEEE80211_S_RUN:
1006 ral_set_chan(sc, ic->ic_curchan);
1007
1008 /* update basic rate set */
1009 if (ic->ic_curmode == IEEE80211_MODE_11B) {
1010 /* 11b basic rates: 1, 2Mbps */
1011 RAL_WRITE(sc, RAL_ARSP_PLCP_1, 0x3);
1012 } else if (IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan)) {
1013 /* 11a basic rates: 6, 12, 24Mbps */
1014 RAL_WRITE(sc, RAL_ARSP_PLCP_1, 0x150);
1015 } else {
1016 /* 11g basic rates: 1, 2, 5.5, 11, 6, 12, 24Mbps */
1017 RAL_WRITE(sc, RAL_ARSP_PLCP_1, 0x15f);
1018 }
1019
1020 if (ic->ic_opmode != IEEE80211_M_MONITOR)
1021 ral_set_bssid(sc, ic->ic_bss->ni_bssid);
1022
1023 if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
1024 ic->ic_opmode == IEEE80211_M_IBSS) {
1025 m = ieee80211_beacon_alloc(ic, ic->ic_bss, &sc->sc_bo);
1026 if (m == NULL) {
1027 device_printf(sc->sc_dev,
1028 "could not allocate beacon\n");
1029 error = ENOBUFS;
1030 break;
1031 }
1032
1033 ieee80211_ref_node(ic->ic_bss);
1034 error = ral_tx_bcn(sc, m, ic->ic_bss);
1035 if (error != 0)
1036 break;
1037 }
1038
1039 /* turn assocation led on */
1040 ral_update_led(sc, 1, 0);
1041
1042 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1043 callout_reset(&sc->rssadapt_ch, hz / 10,
1044 ral_update_rssadapt, sc);
1045
1046 ral_enable_tsf_sync(sc);
1047 }
1048 break;
1049 }
1050
1051 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg);
1052 }
1053
1054 /*
1055 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or
1056 * 93C66).
1057 */
1058 static uint16_t
1059 ral_eeprom_read(struct ral_softc *sc, uint8_t addr)
1060 {
1061 uint32_t tmp;
1062 uint16_t val;
1063 int n;
1064
1065 /* clock C once before the first command */
1066 RAL_EEPROM_CTL(sc, 0);
1067
1068 RAL_EEPROM_CTL(sc, RAL_EEPROM_S);
1069 RAL_EEPROM_CTL(sc, RAL_EEPROM_S | RAL_EEPROM_C);
1070 RAL_EEPROM_CTL(sc, RAL_EEPROM_S);
1071
1072 /* write start bit (1) */
1073 RAL_EEPROM_CTL(sc, RAL_EEPROM_S | RAL_EEPROM_D);
1074 RAL_EEPROM_CTL(sc, RAL_EEPROM_S | RAL_EEPROM_D | RAL_EEPROM_C);
1075
1076 /* write READ opcode (10) */
1077 RAL_EEPROM_CTL(sc, RAL_EEPROM_S | RAL_EEPROM_D);
1078 RAL_EEPROM_CTL(sc, RAL_EEPROM_S | RAL_EEPROM_D | RAL_EEPROM_C);
1079 RAL_EEPROM_CTL(sc, RAL_EEPROM_S);
1080 RAL_EEPROM_CTL(sc, RAL_EEPROM_S | RAL_EEPROM_C);
1081
1082 /* write address (A5-A0 or A7-A0) */
1083 n = (RAL_READ(sc, RAL_CSR21) & RAL_EEPROM_93C46) ? 5 : 7;
1084 for (; n >= 0; n--) {
1085 RAL_EEPROM_CTL(sc, RAL_EEPROM_S |
1086 (((addr >> n) & 1) << RAL_EEPROM_SHIFT_D));
1087 RAL_EEPROM_CTL(sc, RAL_EEPROM_S |
1088 (((addr >> n) & 1) << RAL_EEPROM_SHIFT_D) | RAL_EEPROM_C);
1089 }
1090
1091 RAL_EEPROM_CTL(sc, RAL_EEPROM_S);
1092
1093 /* read data Q15-Q0 */
1094 val = 0;
1095 for (n = 15; n >= 0; n--) {
1096 RAL_EEPROM_CTL(sc, RAL_EEPROM_S | RAL_EEPROM_C);
1097 tmp = RAL_READ(sc, RAL_CSR21);
1098 val |= ((tmp & RAL_EEPROM_Q) >> RAL_EEPROM_SHIFT_Q) << n;
1099 RAL_EEPROM_CTL(sc, RAL_EEPROM_S);
1100 }
1101
1102 RAL_EEPROM_CTL(sc, 0);
1103
1104 /* clear Chip Select and clock C */
1105 RAL_EEPROM_CTL(sc, RAL_EEPROM_S);
1106 RAL_EEPROM_CTL(sc, 0);
1107 RAL_EEPROM_CTL(sc, RAL_EEPROM_C);
1108
1109 return le16toh(val);
1110 }
1111
1112 /*
1113 * Some frames were processed by the hardware cipher engine and are ready for
1114 * transmission.
1115 */
1116 static void
1117 ral_encryption_intr(struct ral_softc *sc)
1118 {
1119 struct ral_tx_desc *desc;
1120 int hw;
1121
1122 /* retrieve last descriptor index processed by cipher engine */
1123 hw = (RAL_READ(sc, RAL_SECCSR1) - sc->txq.physaddr) / RAL_TX_DESC_SIZE;
1124
1125 bus_dmamap_sync(sc->txq.desc_dmat, sc->txq.desc_map,
1126 BUS_DMASYNC_POSTREAD);
1127
1128 for (; sc->txq.next_encrypt != hw;) {
1129 desc = &sc->txq.desc[sc->txq.next_encrypt];
1130
1131 if ((le32toh(desc->flags) & RAL_TX_BUSY) ||
1132 (le32toh(desc->flags) & RAL_TX_CIPHER_BUSY))
1133 break;
1134
1135 /* for TKIP, swap eiv field to fix a bug in ASIC */
1136 if ((le32toh(desc->flags) & RAL_TX_CIPHER_MASK) ==
1137 RAL_TX_CIPHER_TKIP)
1138 desc->eiv = bswap32(desc->eiv);
1139
1140 /* mark the frame ready for transmission */
1141 desc->flags |= htole32(RAL_TX_BUSY | RAL_TX_VALID);
1142
1143 DPRINTFN(15, ("encryption done idx=%u\n",
1144 sc->txq.next_encrypt));
1145
1146 sc->txq.next_encrypt =
1147 (sc->txq.next_encrypt + 1) % RAL_TX_RING_COUNT;
1148 }
1149
1150 bus_dmamap_sync(sc->txq.desc_dmat, sc->txq.desc_map,
1151 BUS_DMASYNC_PREWRITE);
1152
1153 /* kick Tx */
1154 RAL_WRITE(sc, RAL_TXCSR0, RAL_KICK_TX);
1155 }
1156
1157 static void
1158 ral_tx_intr(struct ral_softc *sc)
1159 {
1160 struct ieee80211com *ic = &sc->sc_ic;
1161 struct ifnet *ifp = ic->ic_ifp;
1162 struct ral_tx_desc *desc;
1163 struct ral_tx_data *data;
1164 struct ral_node *rn;
1165
1166 bus_dmamap_sync(sc->txq.desc_dmat, sc->txq.desc_map,
1167 BUS_DMASYNC_POSTREAD);
1168
1169 for (;;) {
1170 desc = &sc->txq.desc[sc->txq.next];
1171 data = &sc->txq.data[sc->txq.next];
1172
1173 if ((le32toh(desc->flags) & RAL_TX_BUSY) ||
1174 (le32toh(desc->flags) & RAL_TX_CIPHER_BUSY) ||
1175 !(le32toh(desc->flags) & RAL_TX_VALID))
1176 break;
1177
1178 rn = (struct ral_node *)data->ni;
1179
1180 switch (le32toh(desc->flags) & RAL_TX_RESULT_MASK) {
1181 case RAL_TX_SUCCESS:
1182 DPRINTFN(10, ("data frame sent successfully\n"));
1183 if (data->id.id_node != NULL) {
1184 ral_rssadapt_raise_rate(ic, &rn->rssadapt,
1185 &data->id);
1186 }
1187 ifp->if_opackets++;
1188 break;
1189
1190 case RAL_TX_SUCCESS_RETRY:
1191 DPRINTFN(9, ("data frame sent after %u retries\n",
1192 (le32toh(desc->flags) >> 5) & 0x7));
1193 ifp->if_opackets++;
1194 break;
1195
1196 case RAL_TX_FAIL_RETRY:
1197 DPRINTFN(9, ("sending data frame failed (too much "
1198 "retries)\n"));
1199 if (data->id.id_node != NULL) {
1200 ral_rssadapt_lower_rate(ic, data->ni,
1201 &rn->rssadapt, &data->id);
1202 }
1203 ifp->if_oerrors++;
1204 break;
1205
1206 case RAL_TX_FAIL_INVALID:
1207 case RAL_TX_FAIL_OTHER:
1208 default:
1209 device_printf(sc->sc_dev, "sending data frame failed "
1210 "0x%08x\n", le32toh(desc->flags));
1211 ifp->if_oerrors++;
1212 }
1213
1214 bus_dmamap_sync(sc->txq.data_dmat, data->map,
1215 BUS_DMASYNC_POSTWRITE);
1216 bus_dmamap_unload(sc->txq.data_dmat, data->map);
1217 m_freem(data->m);
1218 data->m = NULL;
1219 ieee80211_free_node(data->ni);
1220 data->ni = NULL;
1221
1222 /* descriptor is no longer valid */
1223 desc->flags &= ~htole32(RAL_TX_VALID);
1224
1225 DPRINTFN(15, ("tx done idx=%u\n", sc->txq.next));
1226
1227 sc->txq.queued--;
1228 sc->txq.next = (sc->txq.next + 1) % RAL_TX_RING_COUNT;
1229 }
1230
1231 bus_dmamap_sync(sc->txq.desc_dmat, sc->txq.desc_map,
1232 BUS_DMASYNC_PREWRITE);
1233
1234 sc->sc_tx_timer = 0;
1235 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
1236 ral_start(ifp);
1237 }
1238
1239 static void
1240 ral_prio_intr(struct ral_softc *sc)
1241 {
1242 struct ieee80211com *ic = &sc->sc_ic;
1243 struct ifnet *ifp = ic->ic_ifp;
1244 struct ral_tx_desc *desc;
1245 struct ral_tx_data *data;
1246
1247 bus_dmamap_sync(sc->prioq.desc_dmat, sc->prioq.desc_map,
1248 BUS_DMASYNC_POSTREAD);
1249
1250 for (;;) {
1251 desc = &sc->prioq.desc[sc->prioq.next];
1252 data = &sc->prioq.data[sc->prioq.next];
1253
1254 if ((le32toh(desc->flags) & RAL_TX_BUSY) ||
1255 !(le32toh(desc->flags) & RAL_TX_VALID))
1256 break;
1257
1258 switch (le32toh(desc->flags) & RAL_TX_RESULT_MASK) {
1259 case RAL_TX_SUCCESS:
1260 DPRINTFN(10, ("mgt frame sent successfully\n"));
1261 break;
1262
1263 case RAL_TX_SUCCESS_RETRY:
1264 DPRINTFN(9, ("mgt frame sent after %u retries\n",
1265 (le32toh(desc->flags) >> 5) & 0x7));
1266 break;
1267
1268 case RAL_TX_FAIL_RETRY:
1269 DPRINTFN(9, ("sending mgt frame failed (too much "
1270 "retries)\n"));
1271 break;
1272
1273 case RAL_TX_FAIL_INVALID:
1274 case RAL_TX_FAIL_OTHER:
1275 default:
1276 device_printf(sc->sc_dev, "sending mgt frame failed "
1277 "0x%08x\n", le32toh(desc->flags));
1278 }
1279
1280 bus_dmamap_sync(sc->prioq.data_dmat, data->map,
1281 BUS_DMASYNC_POSTWRITE);
1282 bus_dmamap_unload(sc->prioq.data_dmat, data->map);
1283 m_freem(data->m);
1284 data->m = NULL;
1285 ieee80211_free_node(data->ni);
1286 data->ni = NULL;
1287
1288 /* descriptor is no longer valid */
1289 desc->flags &= ~htole32(RAL_TX_VALID);
1290
1291 DPRINTFN(15, ("prio done idx=%u\n", sc->prioq.next));
1292
1293 sc->prioq.queued--;
1294 sc->prioq.next = (sc->prioq.next + 1) % RAL_PRIO_RING_COUNT;
1295 }
1296
1297 bus_dmamap_sync(sc->prioq.desc_dmat, sc->prioq.desc_map,
1298 BUS_DMASYNC_PREWRITE);
1299
1300 sc->sc_tx_timer = 0;
1301 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
1302 ral_start(ifp);
1303 }
1304
1305 /*
1306 * Some frames were processed by the hardware cipher engine and are ready for
1307 * transmission to the IEEE802.11 layer.
1308 */
1309 static void
1310 ral_decryption_intr(struct ral_softc *sc)
1311 {
1312 struct ieee80211com *ic = &sc->sc_ic;
1313 struct ifnet *ifp = ic->ic_ifp;
1314 struct ral_rx_desc *desc;
1315 struct ral_rx_data *data;
1316 bus_addr_t physaddr;
1317 struct ieee80211_frame *wh;
1318 struct ieee80211_node *ni;
1319 struct ral_node *rn;
1320 struct mbuf *m;
1321 int hw, error;
1322
1323 /* retrieve last decriptor index processed by cipher engine */
1324 hw = (RAL_READ(sc, RAL_SECCSR0) - sc->rxq.physaddr) / RAL_RX_DESC_SIZE;
1325
1326 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1327 BUS_DMASYNC_POSTREAD);
1328
1329 for (; sc->rxq.cur_decrypt != hw;) {
1330 desc = &sc->rxq.desc[sc->rxq.cur_decrypt];
1331 data = &sc->rxq.data[sc->rxq.cur_decrypt];
1332
1333 if ((le32toh(desc->flags) & RAL_RX_BUSY) ||
1334 (le32toh(desc->flags) & RAL_RX_CIPHER_BUSY))
1335 break;
1336
1337 if (data->drop) {
1338 ifp->if_ierrors++;
1339 goto skip;
1340 }
1341
1342 if ((le32toh(desc->flags) & RAL_RX_CIPHER_MASK) != 0 &&
1343 (le32toh(desc->flags) & RAL_RX_ICV_ERROR)) {
1344 ifp->if_ierrors++;
1345 goto skip;
1346 }
1347
1348 bus_dmamap_sync(sc->rxq.data_dmat, data->map,
1349 BUS_DMASYNC_POSTREAD);
1350 bus_dmamap_unload(sc->rxq.data_dmat, data->map);
1351
1352 /* finalize mbuf */
1353 m = data->m;
1354 m->m_pkthdr.rcvif = ifp;
1355 m->m_pkthdr.len = m->m_len =
1356 (le32toh(desc->flags) >> 16) & 0xfff;
1357
1358 if (sc->sc_drvbpf != NULL) {
1359 struct ral_rx_radiotap_header *tap = &sc->sc_rxtap;
1360 uint32_t tsf_lo, tsf_hi;
1361
1362 /* get timestamp (low and high 32 bits) */
1363 tsf_lo = RAL_READ(sc, RAL_CSR16);
1364 tsf_hi = RAL_READ(sc, RAL_CSR17);
1365
1366 tap->wr_tsf =
1367 htole64(((uint64_t)tsf_hi << 32) | tsf_lo);
1368 tap->wr_flags = 0;
1369 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
1370 tap->wr_chan_flags =
1371 htole16(ic->ic_ibss_chan->ic_flags);
1372 tap->wr_antenna = sc->rx_ant;
1373 tap->wr_antsignal = desc->rssi;
1374
1375 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m);
1376 }
1377
1378 wh = mtod(m, struct ieee80211_frame *);
1379 ni = ieee80211_find_rxnode(ic,
1380 (struct ieee80211_frame_min *)wh);
1381
1382 /* send the frame to the 802.11 layer */
1383 ieee80211_input(ic, m, ni, desc->rssi, 0);
1384
1385 /* give rssi to the rate adatation algorithm */
1386 rn = (struct ral_node *)ni;
1387 ral_rssadapt_input(ic, ni, &rn->rssadapt, desc->rssi);
1388
1389 /* node is no longer needed */
1390 ieee80211_free_node(ni);
1391
1392 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR);
1393 if (data->m == NULL) {
1394 device_printf(sc->sc_dev,
1395 "could not allocate rx mbuf\n");
1396 break;
1397 }
1398
1399 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1400 mtod(data->m, void *), MCLBYTES, ral_dma_map_addr,
1401 &physaddr, 0);
1402 if (error != 0) {
1403 device_printf(sc->sc_dev,
1404 "could not load rx buf DMA map\n");
1405 m_freem(data->m);
1406 data->m = NULL;
1407 break;
1408 }
1409
1410 desc->physaddr = htole32(physaddr);
1411 skip: desc->flags = htole32(RAL_RX_BUSY);
1412
1413 DPRINTFN(15, ("decryption done idx=%u\n", sc->rxq.cur_decrypt));
1414
1415 sc->rxq.cur_decrypt =
1416 (sc->rxq.cur_decrypt + 1) % RAL_RX_RING_COUNT;
1417 }
1418
1419 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1420 BUS_DMASYNC_PREWRITE);
1421 }
1422
1423 /*
1424 * Some frames were received. Pass them to the hardware cipher engine before
1425 * sending them to the 802.11 layer.
1426 */
1427 static void
1428 ral_rx_intr(struct ral_softc *sc)
1429 {
1430 struct ral_rx_desc *desc;
1431 struct ral_rx_data *data;
1432
1433 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1434 BUS_DMASYNC_POSTREAD);
1435
1436 for (;;) {
1437 desc = &sc->rxq.desc[sc->rxq.cur];
1438 data = &sc->rxq.data[sc->rxq.cur];
1439
1440 if ((le32toh(desc->flags) & RAL_RX_BUSY) ||
1441 (le32toh(desc->flags) & RAL_RX_CIPHER_BUSY))
1442 break;
1443
1444 data->drop = 0;
1445
1446 if ((le32toh(desc->flags) & RAL_RX_PHY_ERROR) ||
1447 (le32toh(desc->flags) & RAL_RX_CRC_ERROR)) {
1448 /*
1449 * This should not happen since we did not request
1450 * to receive those frames when we filled RXCSR0.
1451 */
1452 DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n",
1453 le32toh(desc->flags)));
1454 data->drop = 1;
1455 }
1456
1457 if (((le32toh(desc->flags) >> 16) & 0xfff) > MCLBYTES) {
1458 DPRINTFN(5, ("bad length\n"));
1459 data->drop = 1;
1460 }
1461
1462 /* mark the frame for decryption */
1463 desc->flags |= htole32(RAL_RX_CIPHER_BUSY);
1464
1465 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur));
1466
1467 sc->rxq.cur = (sc->rxq.cur + 1) % RAL_RX_RING_COUNT;
1468 }
1469
1470 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1471 BUS_DMASYNC_PREWRITE);
1472
1473 /* kick decrypt */
1474 RAL_WRITE(sc, RAL_SECCSR0, RAL_KICK_DECRYPT);
1475 }
1476
1477 /*
1478 * This function is called periodically in IBSS mode when a new beacon must be
1479 * sent out.
1480 */
1481 static void
1482 ral_beacon_expire(struct ral_softc *sc)
1483 {
1484 struct ieee80211com *ic = &sc->sc_ic;
1485 struct ral_tx_data *data;
1486
1487 if (ic->ic_opmode != IEEE80211_M_IBSS &&
1488 ic->ic_opmode != IEEE80211_M_HOSTAP)
1489 return;
1490
1491 data = &sc->bcnq.data[sc->bcnq.next];
1492
1493 bus_dmamap_sync(sc->bcnq.data_dmat, data->map, BUS_DMASYNC_POSTWRITE);
1494 bus_dmamap_unload(sc->bcnq.data_dmat, data->map);
1495
1496 ieee80211_beacon_update(ic, data->ni, &sc->sc_bo, data->m, 1);
1497
1498 if (ic->ic_rawbpf != NULL)
1499 bpf_mtap(ic->ic_rawbpf, data->m);
1500
1501 ral_tx_bcn(sc, data->m, data->ni);
1502
1503 DPRINTFN(15, ("beacon expired\n"));
1504
1505 sc->bcnq.next = (sc->bcnq.next + 1) % RAL_BEACON_RING_COUNT;
1506 }
1507
1508 static void
1509 ral_wakeup_expire(struct ral_softc *sc)
1510 {
1511 DPRINTFN(2, ("wakeup expired\n"));
1512 }
1513
1514 static void
1515 ral_intr(void *arg)
1516 {
1517 struct ral_softc *sc = arg;
1518 uint32_t r;
1519
1520 RAL_LOCK(sc);
1521
1522 /* disable interrupts */
1523 RAL_WRITE(sc, RAL_CSR8, 0xffffffff);
1524
1525 r = RAL_READ(sc, RAL_CSR7);
1526 RAL_WRITE(sc, RAL_CSR7, r);
1527
1528 if (r & RAL_BEACON_EXPIRE)
1529 ral_beacon_expire(sc);
1530
1531 if (r & RAL_WAKEUP_EXPIRE)
1532 ral_wakeup_expire(sc);
1533
1534 if (r & RAL_ENCRYPTION_DONE)
1535 ral_encryption_intr(sc);
1536
1537 if (r & RAL_TX_DONE)
1538 ral_tx_intr(sc);
1539
1540 if (r & RAL_PRIO_DONE)
1541 ral_prio_intr(sc);
1542
1543 if (r & RAL_DECRYPTION_DONE)
1544 ral_decryption_intr(sc);
1545
1546 if (r & RAL_RX_DONE)
1547 ral_rx_intr(sc);
1548
1549 /* re-enable interrupts */
1550 RAL_WRITE(sc, RAL_CSR8, RAL_INTR_MASK);
1551
1552 RAL_UNLOCK(sc);
1553 }
1554
1555 /* quickly determine if a given rate is CCK or OFDM */
1556 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
1557
1558 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */
1559 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */
1560
1561 #define RAL_SIFS 10 /* us */
1562 #define RAL_TXRX_TURNAROUND 10 /* us */
1563
1564 /*
1565 * Return the expected ack rate for a frame transmitted at rate `rate'.
1566 * XXX: this should depend on the destination node basic rate set.
1567 */
1568 static int
1569 ral_ack_rate(struct ieee80211com *ic, int rate)
1570 {
1571 switch (rate) {
1572 /* CCK rates */
1573 case 2:
1574 return 2;
1575 case 4:
1576 case 11:
1577 case 22:
1578 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate;
1579
1580 /* OFDM rates */
1581 case 12:
1582 case 18:
1583 return 12;
1584 case 24:
1585 case 36:
1586 return 24;
1587 case 48:
1588 case 72:
1589 case 96:
1590 case 108:
1591 return 48;
1592 }
1593
1594 /* default to 1Mbps */
1595 return 2;
1596 }
1597
1598 /*
1599 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'.
1600 * The function automatically determines the operating mode depending on the
1601 * given rate. `flags' indicates whether short preamble is in use or not.
1602 */
1603 static uint16_t
1604 ral_txtime(int len, int rate, uint32_t flags)
1605 {
1606 uint16_t txtime;
1607 int ceil, dbps;
1608
1609 if (RAL_RATE_IS_OFDM(rate)) {
1610 /*
1611 * OFDM TXTIME calculation.
1612 * From IEEE Std 802.11a-1999, pp. 37.
1613 */
1614 dbps = rate * 2; /* data bits per OFDM symbol */
1615
1616 ceil = (16 + 8 * len + 6) / dbps;
1617 if ((16 + 8 * len + 6) % dbps != 0)
1618 ceil++;
1619
1620 txtime = 16 + 4 + 4 * ceil + 6;
1621 } else {
1622 /*
1623 * High Rate TXTIME calculation.
1624 * From IEEE Std 802.11b-1999, pp. 28.
1625 */
1626 ceil = (8 * len * 2) / rate;
1627 if ((8 * len * 2) % rate != 0)
1628 ceil++;
1629
1630 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE))
1631 txtime = 72 + 24 + ceil;
1632 else
1633 txtime = 144 + 48 + ceil;
1634 }
1635
1636 return txtime;
1637 }
1638
1639 static uint8_t
1640 ral_plcp_signal(int rate)
1641 {
1642 switch (rate) {
1643 /* CCK rates (returned values are device-dependent) */
1644 case 2: return 0x0;
1645 case 4: return 0x1;
1646 case 11: return 0x2;
1647 case 22: return 0x3;
1648
1649 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
1650 case 12: return 0xb;
1651 case 18: return 0xf;
1652 case 24: return 0xa;
1653 case 36: return 0xe;
1654 case 48: return 0x9;
1655 case 72: return 0xd;
1656 case 96: return 0x8;
1657 case 108: return 0xc;
1658
1659 /* unsupported rates (should not get there) */
1660 default: return 0xff;
1661 }
1662 }
1663
1664 static void
1665 ral_setup_tx_desc(struct ral_softc *sc, struct ral_tx_desc *desc,
1666 uint32_t flags, int len, int rate, int encrypt, bus_addr_t physaddr)
1667 {
1668 struct ieee80211com *ic = &sc->sc_ic;
1669 uint16_t plcp_length;
1670 int remainder;
1671
1672 desc->flags = htole32(flags);
1673 desc->flags |= htole32(len << 16);
1674 desc->flags |= encrypt ? htole32(RAL_TX_CIPHER_BUSY) :
1675 htole32(RAL_TX_BUSY | RAL_TX_VALID);
1676 if (RAL_RATE_IS_OFDM(rate))
1677 desc->flags |= htole32(RAL_TX_OFDM);
1678
1679 desc->physaddr = htole32(physaddr);
1680 desc->wme = htole16(RAL_AIFSN(3) | RAL_LOGCWMIN(4) | RAL_LOGCWMAX(6));
1681
1682 /*
1683 * Fill PLCP fields.
1684 */
1685 desc->plcp_service = 4;
1686
1687 len += 4; /* account for FCS */
1688 if (RAL_RATE_IS_OFDM(rate)) {
1689 /*
1690 * PLCP length field (LENGTH).
1691 * From IEEE Std 802.11a-1999, pp. 14.
1692 */
1693 plcp_length = len & 0xfff;
1694 desc->plcp_length = htole16((plcp_length >> 6) << 8 |
1695 (plcp_length & 0x3f));
1696 } else {
1697 /*
1698 * Long PLCP LENGTH field.
1699 * From IEEE Std 802.11b-1999, pp. 16.
1700 */
1701 plcp_length = (8 * len * 2) / rate;
1702 remainder = (8 * len * 2) % rate;
1703 if (remainder != 0) {
1704 if (rate == 22 && (rate - remainder) / 16 != 0)
1705 desc->plcp_service |= RAL_PLCP_LENGEXT;
1706 plcp_length++;
1707 }
1708 desc->plcp_length = htole16(plcp_length);
1709 }
1710
1711 desc->plcp_signal = ral_plcp_signal(rate);
1712 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
1713 desc->plcp_signal |= 0x08;
1714 }
1715
1716 static int
1717 ral_tx_bcn(struct ral_softc *sc, struct mbuf *m0, struct ieee80211_node *ni)
1718 {
1719 struct ieee80211com *ic = &sc->sc_ic;
1720 struct ral_tx_desc *desc;
1721 struct ral_tx_data *data;
1722 bus_dma_segment_t segs[RAL_MAX_SCATTER];
1723 int nsegs, rate, error;
1724
1725 desc = &sc->bcnq.desc[sc->bcnq.cur];
1726 data = &sc->bcnq.data[sc->bcnq.cur];
1727
1728 rate = IEEE80211_IS_CHAN_5GHZ(ni->ni_chan) ? 12 : 4;
1729
1730 error = bus_dmamap_load_mbuf_sg(sc->bcnq.data_dmat, data->map, m0,
1731 segs, &nsegs, BUS_DMA_NOWAIT);
1732 if (error != 0) {
1733 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1734 error);
1735 m_freem(m0);
1736 return error;
1737 }
1738
1739 if (sc->sc_drvbpf != NULL) {
1740 struct ral_tx_radiotap_header *tap = &sc->sc_txtap;
1741
1742 tap->wt_flags = 0;
1743 tap->wt_rate = rate;
1744 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
1745 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags);
1746 tap->wt_antenna = sc->tx_ant;
1747
1748 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0);
1749 }
1750
1751 data->m = m0;
1752 data->ni = ni;
1753
1754 ral_setup_tx_desc(sc, desc, RAL_TX_IFS_NEWBACKOFF | RAL_TX_TIMESTAMP,
1755 m0->m_pkthdr.len, rate, 0, segs->ds_addr);
1756
1757 DPRINTFN(10, ("sending beacon frame len=%u idx=%u rate=%u\n",
1758 m0->m_pkthdr.len, sc->bcnq.cur, rate));
1759
1760 bus_dmamap_sync(sc->bcnq.data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1761 bus_dmamap_sync(sc->bcnq.desc_dmat, sc->bcnq.desc_map,
1762 BUS_DMASYNC_PREWRITE);
1763
1764 sc->bcnq.cur = (sc->bcnq.cur + 1) % RAL_BEACON_RING_COUNT;
1765
1766 return 0;
1767 }
1768
1769 static int
1770 ral_tx_mgt(struct ral_softc *sc, struct mbuf *m0, struct ieee80211_node *ni)
1771 {
1772 struct ieee80211com *ic = &sc->sc_ic;
1773 struct ral_tx_desc *desc;
1774 struct ral_tx_data *data;
1775 struct ieee80211_frame *wh;
1776 bus_dma_segment_t segs[RAL_MAX_SCATTER];
1777 uint16_t dur;
1778 uint32_t flags = 0;
1779 int nsegs, rate, error;
1780
1781 desc = &sc->prioq.desc[sc->prioq.cur];
1782 data = &sc->prioq.data[sc->prioq.cur];
1783
1784 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 4;
1785
1786 error = bus_dmamap_load_mbuf_sg(sc->prioq.data_dmat, data->map, m0,
1787 segs, &nsegs, 0);
1788 if (error != 0) {
1789 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1790 error);
1791 m_freem(m0);
1792 return error;
1793 }
1794
1795 if (sc->sc_drvbpf != NULL) {
1796 struct ral_tx_radiotap_header *tap = &sc->sc_txtap;
1797
1798 tap->wt_flags = 0;
1799 tap->wt_rate = rate;
1800 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
1801 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags);
1802 tap->wt_antenna = sc->tx_ant;
1803
1804 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0);
1805 }
1806
1807 data->m = m0;
1808 data->ni = ni;
1809
1810 wh = mtod(m0, struct ieee80211_frame *);
1811
1812 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1813 flags |= RAL_TX_ACK;
1814
1815 dur = ral_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) + RAL_SIFS;
1816 *(uint16_t *)wh->i_dur = htole16(dur);
1817
1818 /* tell hardware to add timestamp for probe responses */
1819 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
1820 IEEE80211_FC0_TYPE_MGT &&
1821 (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) ==
1822 IEEE80211_FC0_SUBTYPE_PROBE_RESP)
1823 flags |= RAL_TX_TIMESTAMP;
1824 }
1825
1826 ral_setup_tx_desc(sc, desc, flags, m0->m_pkthdr.len, rate, 0,
1827 segs->ds_addr);
1828
1829 bus_dmamap_sync(sc->prioq.data_dmat, data->map, BUS_DMASYNC_PREWRITE);
1830 bus_dmamap_sync(sc->prioq.desc_dmat, sc->prioq.desc_map,
1831 BUS_DMASYNC_PREWRITE);
1832
1833 DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n",
1834 m0->m_pkthdr.len, sc->prioq.cur, rate));
1835
1836 /* kick prio */
1837 sc->prioq.queued++;
1838 sc->prioq.cur = (sc->prioq.cur + 1) % RAL_PRIO_RING_COUNT;
1839 RAL_WRITE(sc, RAL_TXCSR0, RAL_KICK_PRIO);
1840
1841 return 0;
1842 }
1843
1844 /*
1845 * Build a RTS control frame.
1846 */
1847 static struct mbuf *
1848 ral_get_rts(struct ral_softc *sc, struct ieee80211_frame *wh, uint16_t dur)
1849 {
1850 struct ieee80211_frame_rts *rts;
1851 struct mbuf *m;
1852
1853 MGETHDR(m, M_DONTWAIT, MT_DATA);
1854 if (m == NULL) {
1855 sc->sc_ic.ic_stats.is_tx_nobuf++;
1856 device_printf(sc->sc_dev, "could not allocate RTS frame\n");
1857 return NULL;
1858 }
1859
1860 rts = mtod(m, struct ieee80211_frame_rts *);
1861
1862 rts->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_CTL |
1863 IEEE80211_FC0_SUBTYPE_RTS;
1864 rts->i_fc[1] = IEEE80211_FC1_DIR_NODS;
1865 *(uint16_t *)rts->i_dur = htole16(dur);
1866 IEEE80211_ADDR_COPY(rts->i_ra, wh->i_addr1);
1867 IEEE80211_ADDR_COPY(rts->i_ta, wh->i_addr2);
1868
1869 m->m_pkthdr.len = m->m_len = sizeof (struct ieee80211_frame_rts);
1870
1871 return m;
1872 }
1873
1874 static int
1875 ral_tx_data(struct ral_softc *sc, struct mbuf *m0, struct ieee80211_node *ni)
1876 {
1877 struct ieee80211com *ic = &sc->sc_ic;
1878 struct ral_tx_desc *desc;
1879 struct ral_tx_data *data;
1880 struct ral_node *rn;
1881 struct ieee80211_rateset *rs;
1882 struct ieee80211_frame *wh;
1883 struct ieee80211_key *k;
1884 struct mbuf *mnew;
1885 bus_dma_segment_t segs[RAL_MAX_SCATTER];
1886 uint16_t dur;
1887 uint32_t flags = 0;
1888 int nsegs, rate, error;
1889
1890 wh = mtod(m0, struct ieee80211_frame *);
1891
1892 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) {
1893 rs = &ic->ic_sup_rates[ic->ic_curmode];
1894 rate = rs->rs_rates[ic->ic_fixed_rate];
1895 } else {
1896 rs = &ni->ni_rates;
1897 rn = (struct ral_node *)ni;
1898 ni->ni_txrate = ral_rssadapt_choose(&rn->rssadapt, rs,
1899 wh, m0->m_pkthdr.len, NULL, 0);
1900 rate = rs->rs_rates[ni->ni_txrate];
1901 }
1902 rate &= IEEE80211_RATE_VAL;
1903
1904 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1905 k = ieee80211_crypto_encap(ic, ni, m0);
1906 if (k == NULL) {
1907 m_freem(m0);
1908 return ENOBUFS;
1909 }
1910
1911 /* packet header may have moved, reset our local pointer */
1912 wh = mtod(m0, struct ieee80211_frame *);
1913 }
1914
1915 /*
1916 * IEEE Std 802.11-1999, pp 82: "A STA shall use an RTS/CTS exchange
1917 * for directed frames only when the length of the MPDU is greater
1918 * than the length threshold indicated by [...]" ic_rtsthreshold.
1919 */
1920 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
1921 m0->m_pkthdr.len > ic->ic_rtsthreshold) {
1922 struct mbuf *m;
1923 uint16_t dur;
1924 int rtsrate, ackrate;
1925
1926 rtsrate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 4;
1927 ackrate = ral_ack_rate(ic, rate);
1928
1929 dur = ral_txtime(m0->m_pkthdr.len + 4, rate, ic->ic_flags) +
1930 ral_txtime(RAL_CTS_SIZE, rtsrate, ic->ic_flags) +
1931 ral_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) +
1932 3 * RAL_SIFS;
1933
1934 m = ral_get_rts(sc, wh, dur);
1935
1936 desc = &sc->txq.desc[sc->txq.cur_encrypt];
1937 data = &sc->txq.data[sc->txq.cur_encrypt];
1938
1939 error = bus_dmamap_load_mbuf_sg(sc->txq.data_dmat, data->map,
1940 m, segs, &nsegs, 0);
1941 if (error != 0) {
1942 device_printf(sc->sc_dev,
1943 "could not map mbuf (error %d)\n", error);
1944 m_freem(m);
1945 m_freem(m0);
1946 return error;
1947 }
1948
1949 /* avoid multiple free() of the same node for each fragment */
1950 ieee80211_ref_node(ni);
1951
1952 data->m = m;
1953 data->ni = ni;
1954
1955 /* RTS frames are not taken into account for rssadapt */
1956 data->id.id_node = NULL;
1957
1958 ral_setup_tx_desc(sc, desc, RAL_TX_ACK | RAL_TX_MORE_FRAG,
1959 m->m_pkthdr.len, rtsrate, 1, segs->ds_addr);
1960
1961 bus_dmamap_sync(sc->txq.data_dmat, data->map,
1962 BUS_DMASYNC_PREWRITE);
1963
1964 sc->txq.queued++;
1965 sc->txq.cur_encrypt =
1966 (sc->txq.cur_encrypt + 1) % RAL_TX_RING_COUNT;
1967
1968 /*
1969 * IEEE Std 802.11-1999: when an RTS/CTS exchange is used, the
1970 * asynchronous data frame shall be transmitted after the CTS
1971 * frame and a SIFS period.
1972 */
1973 flags |= RAL_TX_LONG_RETRY | RAL_TX_IFS_SIFS;
1974 }
1975
1976 data = &sc->txq.data[sc->txq.cur_encrypt];
1977 desc = &sc->txq.desc[sc->txq.cur_encrypt];
1978
1979 error = bus_dmamap_load_mbuf_sg(sc->txq.data_dmat, data->map, m0,
1980 segs, &nsegs, 0);
1981 if (error != 0 && error != EFBIG) {
1982 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n",
1983 error);
1984 m_freem(m0);
1985 return error;
1986 }
1987 if (error != 0) {
1988 mnew = m_defrag(m0, M_DONTWAIT);
1989 if (mnew == NULL) {
1990 device_printf(sc->sc_dev,
1991 "could not defragment mbuf\n");
1992 m_freem(m0);
1993 return ENOBUFS;
1994 }
1995 m0 = mnew;
1996
1997 error = bus_dmamap_load_mbuf_sg(sc->txq.data_dmat, data->map,
1998 m0, segs, &nsegs, 0);
1999 if (error != 0) {
2000 device_printf(sc->sc_dev,
2001 "could not map mbuf (error %d)\n", error);
2002 m_freem(m0);
2003 return error;
2004 }
2005
2006 /* packet header may have moved, reset our local pointer */
2007 wh = mtod(m0, struct ieee80211_frame *);
2008 }
2009
2010 if (sc->sc_drvbpf != NULL) {
2011 struct ral_tx_radiotap_header *tap = &sc->sc_txtap;
2012
2013 tap->wt_flags = 0;
2014 tap->wt_rate = rate;
2015 tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
2016 tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags);
2017 tap->wt_antenna = sc->tx_ant;
2018
2019 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0);
2020 }
2021
2022 data->m = m0;
2023 data->ni = ni;
2024
2025 /* remember link conditions for rate adaptation algorithm */
2026 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) {
2027 data->id.id_len = m0->m_pkthdr.len;
2028 data->id.id_rateidx = ni->ni_txrate;
2029 data->id.id_node = ni;
2030 data->id.id_rssi = ni->ni_rssi;
2031 } else
2032 data->id.id_node = NULL;
2033
2034 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
2035 flags |= RAL_TX_ACK;
2036
2037 dur = ral_txtime(RAL_ACK_SIZE, ral_ack_rate(ic, rate),
2038 ic->ic_flags) + RAL_SIFS;
2039 *(uint16_t *)wh->i_dur = htole16(dur);
2040 }
2041
2042 ral_setup_tx_desc(sc, desc, flags, m0->m_pkthdr.len, rate, 1,
2043 segs->ds_addr);
2044
2045 bus_dmamap_sync(sc->txq.data_dmat, data->map, BUS_DMASYNC_PREWRITE);
2046 bus_dmamap_sync(sc->txq.desc_dmat, sc->txq.desc_map,
2047 BUS_DMASYNC_PREWRITE);
2048
2049 DPRINTFN(10, ("sending data frame len=%u idx=%u rate=%u\n",
2050 m0->m_pkthdr.len, sc->txq.cur_encrypt, rate));
2051
2052 /* kick encrypt */
2053 sc->txq.queued++;
2054 sc->txq.cur_encrypt = (sc->txq.cur_encrypt + 1) % RAL_TX_RING_COUNT;
2055 RAL_WRITE(sc, RAL_SECCSR1, RAL_KICK_ENCRYPT);
2056
2057 return 0;
2058 }
2059
2060 static void
2061 ral_start(struct ifnet *ifp)
2062 {
2063 struct ral_softc *sc = ifp->if_softc;
2064 struct ieee80211com *ic = &sc->sc_ic;
2065 struct mbuf *m0;
2066 struct ether_header *eh;
2067 struct ieee80211_node *ni;
2068
2069 RAL_LOCK(sc);
2070
2071 for (;;) {
2072 IF_POLL(&ic->ic_mgtq, m0);
2073 if (m0 != NULL) {
2074 if (sc->prioq.queued >= RAL_PRIO_RING_COUNT) {
2075 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
2076 break;
2077 }
2078 IF_DEQUEUE(&ic->ic_mgtq, m0);
2079
2080 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif;
2081 m0->m_pkthdr.rcvif = NULL;
2082
2083 if (ic->ic_rawbpf != NULL)
2084 bpf_mtap(ic->ic_rawbpf, m0);
2085
2086 if (ral_tx_mgt(sc, m0, ni) != 0)
2087 break;
2088
2089 } else {
2090 if (ic->ic_state != IEEE80211_S_RUN)
2091 break;
2092 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0);
2093 if (m0 == NULL)
2094 break;
2095 if (sc->txq.queued >= RAL_TX_RING_COUNT - 1) {
2096 IFQ_DRV_PREPEND(&ifp->if_snd, m0);
2097 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
2098 break;
2099 }
2100
2101 if (m0->m_len < sizeof (struct ether_header) &&
2102 !(m0 = m_pullup(m0, sizeof (struct ether_header))))
2103 continue;
2104
2105 eh = mtod(m0, struct ether_header *);
2106 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
2107 if (ni == NULL) {
2108 m_freem(m0);
2109 continue;
2110 }
2111 BPF_MTAP(ifp, m0);
2112
2113 m0 = ieee80211_encap(ic, m0, ni);
2114 if (m0 == NULL) {
2115 ieee80211_free_node(ni);
2116 continue;
2117 }
2118
2119 if (ic->ic_rawbpf != NULL)
2120 bpf_mtap(ic->ic_rawbpf, m0);
2121
2122 if (ral_tx_data(sc, m0, ni) != 0) {
2123 ieee80211_free_node(ni);
2124 ifp->if_oerrors++;
2125 break;
2126 }
2127 }
2128
2129 sc->sc_tx_timer = 5;
2130 ifp->if_timer = 1;
2131 }
2132
2133 RAL_UNLOCK(sc);
2134 }
2135
2136 static void
2137 ral_watchdog(struct ifnet *ifp)
2138 {
2139 struct ral_softc *sc = ifp->if_softc;
2140 struct ieee80211com *ic = &sc->sc_ic;
2141
2142 RAL_LOCK(sc);
2143
2144 ifp->if_timer = 0;
2145
2146 if (sc->sc_tx_timer > 0) {
2147 if (--sc->sc_tx_timer == 0) {
2148 device_printf(sc->sc_dev, "device timeout\n");
2149 ral_init(sc);
2150 ifp->if_oerrors++;
2151 RAL_UNLOCK(sc);
2152 return;
2153 }
2154 ifp->if_timer = 1;
2155 }
2156
2157 ieee80211_watchdog(ic);
2158
2159 RAL_UNLOCK(sc);
2160 }
2161
2162 /*
2163 * This function allows for fast channel switching in monitor mode (used by
2164 * net-mgmt/kismet). In IBSS mode, we must explicitly reset the interface to
2165 * generate a new beacon frame.
2166 */
2167 static int
2168 ral_reset(struct ifnet *ifp)
2169 {
2170 struct ral_softc *sc = ifp->if_softc;
2171 struct ieee80211com *ic = &sc->sc_ic;
2172
2173 if (ic->ic_opmode != IEEE80211_M_MONITOR)
2174 return ENETRESET;
2175
2176 ral_set_chan(sc, ic->ic_ibss_chan);
2177
2178 return 0;
2179 }
2180
2181 static int
2182 ral_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
2183 {
2184 struct ral_softc *sc = ifp->if_softc;
2185 struct ieee80211com *ic = &sc->sc_ic;
2186 int error = 0;
2187
2188 RAL_LOCK(sc);
2189
2190 switch (cmd) {
2191 case SIOCSIFFLAGS:
2192 if (ifp->if_flags & IFF_UP) {
2193 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
2194 ral_update_promisc(sc);
2195 else
2196 ral_init(sc);
2197 } else {
2198 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
2199 ral_stop(sc);
2200 }
2201 break;
2202
2203 default:
2204 error = ieee80211_ioctl(ic, cmd, data);
2205 }
2206
2207 if (error == ENETRESET) {
2208 if ((ifp->if_flags & IFF_UP) &&
2209 (ifp->if_drv_flags & IFF_DRV_RUNNING) &&
2210 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL))
2211 ral_init(sc);
2212 error = 0;
2213 }
2214
2215 RAL_UNLOCK(sc);
2216
2217 return error;
2218 }
2219
2220 static void
2221 ral_bbp_write(struct ral_softc *sc, uint8_t reg, uint8_t val)
2222 {
2223 uint32_t tmp;
2224 int ntries;
2225
2226 for (ntries = 0; ntries < 100; ntries++) {
2227 if (!(RAL_READ(sc, RAL_BBPCSR) & RAL_BBP_BUSY))
2228 break;
2229 DELAY(1);
2230 }
2231 if (ntries == 100) {
2232 device_printf(sc->sc_dev, "could not write to BBP\n");
2233 return;
2234 }
2235
2236 tmp = RAL_BBP_WRITE | RAL_BBP_BUSY | reg << 8 | val;
2237 RAL_WRITE(sc, RAL_BBPCSR, tmp);
2238
2239 DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val));
2240 }
2241
2242 static uint8_t
2243 ral_bbp_read(struct ral_softc *sc, uint8_t reg)
2244 {
2245 uint32_t val;
2246 int ntries;
2247
2248 val = RAL_BBP_BUSY | reg << 8;
2249 RAL_WRITE(sc, RAL_BBPCSR, val);
2250
2251 for (ntries = 0; ntries < 100; ntries++) {
2252 val = RAL_READ(sc, RAL_BBPCSR);
2253 if (!(val & RAL_BBP_BUSY))
2254 return val & 0xff;
2255 DELAY(1);
2256 }
2257
2258 device_printf(sc->sc_dev, "could not read from BBP\n");
2259 return 0;
2260 }
2261
2262 static void
2263 ral_rf_write(struct ral_softc *sc, uint8_t reg, uint32_t val)
2264 {
2265 uint32_t tmp;
2266 int ntries;
2267
2268 for (ntries = 0; ntries < 100; ntries++) {
2269 if (!(RAL_READ(sc, RAL_RFCSR) & RAL_RF_BUSY))
2270 break;
2271 DELAY(1);
2272 }
2273 if (ntries == 100) {
2274 device_printf(sc->sc_dev, "could not write to RF\n");
2275 return;
2276 }
2277
2278 tmp = RAL_RF_BUSY | RAL_RF_20BIT | (val & 0xfffff) << 2 | (reg & 0x3);
2279 RAL_WRITE(sc, RAL_RFCSR, tmp);
2280
2281 /* remember last written value in sc */
2282 sc->rf_regs[reg] = val;
2283
2284 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 0x3, val & 0xfffff));
2285 }
2286
2287 static void
2288 ral_set_chan(struct ral_softc *sc, struct ieee80211_channel *c)
2289 {
2290 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2291 struct ieee80211com *ic = &sc->sc_ic;
2292 uint8_t power, tmp;
2293 u_int i, chan;
2294
2295 chan = ieee80211_chan2ieee(ic, c);
2296 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
2297 return;
2298
2299 if (IEEE80211_IS_CHAN_2GHZ(c))
2300 power = min(sc->txpow[chan - 1], 31);
2301 else
2302 power = 31;
2303
2304 DPRINTFN(2, ("setting channel to %u, txpower to %u\n", chan, power));
2305
2306 switch (sc->rf_rev) {
2307 case RAL_RF_2522:
2308 ral_rf_write(sc, RAL_RF1, 0x00814);
2309 ral_rf_write(sc, RAL_RF2, ral_rf2522_r2[chan - 1]);
2310 ral_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
2311 break;
2312
2313 case RAL_RF_2523:
2314 ral_rf_write(sc, RAL_RF1, 0x08804);
2315 ral_rf_write(sc, RAL_RF2, ral_rf2523_r2[chan - 1]);
2316 ral_rf_write(sc, RAL_RF3, power << 7 | 0x38044);
2317 ral_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
2318 break;
2319
2320 case RAL_RF_2524:
2321 ral_rf_write(sc, RAL_RF1, 0x0c808);
2322 ral_rf_write(sc, RAL_RF2, ral_rf2524_r2[chan - 1]);
2323 ral_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
2324 ral_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
2325 break;
2326
2327 case RAL_RF_2525:
2328 ral_rf_write(sc, RAL_RF1, 0x08808);
2329 ral_rf_write(sc, RAL_RF2, ral_rf2525_hi_r2[chan - 1]);
2330 ral_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
2331 ral_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
2332
2333 ral_rf_write(sc, RAL_RF1, 0x08808);
2334 ral_rf_write(sc, RAL_RF2, ral_rf2525_r2[chan - 1]);
2335 ral_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
2336 ral_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
2337 break;
2338
2339 case RAL_RF_2525E:
2340 ral_rf_write(sc, RAL_RF1, 0x08808);
2341 ral_rf_write(sc, RAL_RF2, ral_rf2525e_r2[chan - 1]);
2342 ral_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
2343 ral_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00286 : 0x00282);
2344 break;
2345
2346 case RAL_RF_2526:
2347 ral_rf_write(sc, RAL_RF2, ral_rf2526_hi_r2[chan - 1]);
2348 ral_rf_write(sc, RAL_RF4, (chan & 1) ? 0x00386 : 0x00381);
2349 ral_rf_write(sc, RAL_RF1, 0x08804);
2350
2351 ral_rf_write(sc, RAL_RF2, ral_rf2526_r2[chan - 1]);
2352 ral_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
2353 ral_rf_write(sc, RAL_RF4, (chan & 1) ? 0x00386 : 0x00381);
2354 break;
2355
2356 /* dual-band RF */
2357 case RAL_RF_5222:
2358 for (i = 0; i < N(ral_rf5222); i++)
2359 if (ral_rf5222[i].chan == chan)
2360 break;
2361
2362 if (i < N(ral_rf5222)) {
2363 ral_rf_write(sc, RAL_RF1, ral_rf5222[i].r1);
2364 ral_rf_write(sc, RAL_RF2, ral_rf5222[i].r2);
2365 ral_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
2366 ral_rf_write(sc, RAL_RF4, ral_rf5222[i].r4);
2367 }
2368 break;
2369 }
2370
2371 if (ic->ic_state != IEEE80211_S_SCAN) {
2372 /* set Japan filter bit for channel 14 */
2373 tmp = ral_bbp_read(sc, 70);
2374
2375 tmp &= ~RAL_JAPAN_FILTER;
2376 if (chan == 14)
2377 tmp |= RAL_JAPAN_FILTER;
2378
2379 ral_bbp_write(sc, 70, tmp);
2380
2381 /* clear CRC errors */
2382 RAL_READ(sc, RAL_CNT0);
2383 }
2384 #undef N
2385 }
2386
2387 #if 0
2388 /*
2389 * Disable RF auto-tuning.
2390 */
2391 static void
2392 ral_disable_rf_tune(struct ral_softc *sc)
2393 {
2394 uint32_t tmp;
2395
2396 if (sc->rf_rev != RAL_RF_2523) {
2397 tmp = sc->rf_regs[RAL_RF1] & ~RAL_RF1_AUTOTUNE;
2398 ral_rf_write(sc, RAL_RF1, tmp);
2399 }
2400
2401 tmp = sc->rf_regs[RAL_RF3] & ~RAL_RF3_AUTOTUNE;
2402 ral_rf_write(sc, RAL_RF3, tmp);
2403
2404 DPRINTFN(2, ("disabling RF autotune\n"));
2405 }
2406 #endif
2407
2408 /*
2409 * Refer to IEEE Std 802.11-1999 pp. 123 for more information on TSF
2410 * synchronization.
2411 */
2412 static void
2413 ral_enable_tsf_sync(struct ral_softc *sc)
2414 {
2415 struct ieee80211com *ic = &sc->sc_ic;
2416 uint16_t logcwmin, preload;
2417 uint32_t tmp;
2418
2419 /* first, disable TSF synchronization */
2420 RAL_WRITE(sc, RAL_CSR14, 0);
2421
2422 tmp = 16 * ic->ic_bss->ni_intval;
2423 RAL_WRITE(sc, RAL_CSR12, tmp);
2424
2425 RAL_WRITE(sc, RAL_CSR13, 0);
2426
2427 logcwmin = 5;
2428 preload = (ic->ic_opmode == IEEE80211_M_STA) ? 384 : 1024;
2429 tmp = logcwmin << 16 | preload;
2430 RAL_WRITE(sc, RAL_BCNOCSR, tmp);
2431
2432 /* finally, enable TSF synchronization */
2433 tmp = RAL_ENABLE_TSF | RAL_ENABLE_TBCN;
2434 if (ic->ic_opmode == IEEE80211_M_STA)
2435 tmp |= RAL_ENABLE_TSF_SYNC(1);
2436 else
2437 tmp |= RAL_ENABLE_TSF_SYNC(2) | RAL_ENABLE_BEACON_GENERATOR;
2438 RAL_WRITE(sc, RAL_CSR14, tmp);
2439
2440 DPRINTF(("enabling TSF synchronization\n"));
2441 }
2442
2443 static void
2444 ral_update_plcp(struct ral_softc *sc)
2445 {
2446 struct ieee80211com *ic = &sc->sc_ic;
2447
2448 /* no short preamble for 1Mbps */
2449 RAL_WRITE(sc, RAL_PLCP1MCSR, 0x00700400);
2450
2451 if (!(ic->ic_flags & IEEE80211_F_SHPREAMBLE)) {
2452 /* values taken from the reference driver */
2453 RAL_WRITE(sc, RAL_PLCP2MCSR, 0x00380401);
2454 RAL_WRITE(sc, RAL_PLCP5p5MCSR, 0x00150402);
2455 RAL_WRITE(sc, RAL_PLCP11MCSR, 0x000b8403);
2456 } else {
2457 /* same values as above or'ed 0x8 */
2458 RAL_WRITE(sc, RAL_PLCP2MCSR, 0x00380409);
2459 RAL_WRITE(sc, RAL_PLCP5p5MCSR, 0x0015040a);
2460 RAL_WRITE(sc, RAL_PLCP11MCSR, 0x000b840b);
2461 }
2462
2463 DPRINTF(("updating PLCP for %s preamble\n",
2464 (ic->ic_flags & IEEE80211_F_SHPREAMBLE) ? "short" : "long"));
2465 }
2466
2467 /*
2468 * This function can be called by ieee80211_set_shortslottime(). Refer to
2469 * IEEE Std 802.11-1999 pp. 85 to know how these values are computed.
2470 */
2471 static void
2472 ral_update_slot(struct ifnet *ifp)
2473 {
2474 struct ral_softc *sc = ifp->if_softc;
2475 struct ieee80211com *ic = &sc->sc_ic;
2476 uint8_t slottime;
2477 uint16_t tx_sifs, tx_pifs, tx_difs, eifs;
2478 uint32_t tmp;
2479
2480 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
2481
2482 /* update the MAC slot boundaries */
2483 tx_sifs = RAL_SIFS - RAL_TXRX_TURNAROUND;
2484 tx_pifs = tx_sifs + slottime;
2485 tx_difs = tx_sifs + 2 * slottime;
2486 eifs = (ic->ic_curmode == IEEE80211_MODE_11B) ? 364 : 60;
2487
2488 tmp = RAL_READ(sc, RAL_CSR11);
2489 tmp = (tmp & ~0x1f00) | slottime << 8;
2490 RAL_WRITE(sc, RAL_CSR11, tmp);
2491
2492 tmp = tx_pifs << 16 | tx_sifs;
2493 RAL_WRITE(sc, RAL_CSR18, tmp);
2494
2495 tmp = eifs << 16 | tx_difs;
2496 RAL_WRITE(sc, RAL_CSR19, tmp);
2497
2498 DPRINTF(("setting slottime to %uus\n", slottime));
2499 }
2500
2501 static void
2502 ral_update_led(struct ral_softc *sc, int led1, int led2)
2503 {
2504 uint32_t tmp;
2505
2506 /* set ON period to 70ms and OFF period to 30ms */
2507 tmp = led1 << 16 | led2 << 17 | 70 << 8 | 30;
2508 RAL_WRITE(sc, RAL_LEDCSR, tmp);
2509 }
2510
2511 static void
2512 ral_set_bssid(struct ral_softc *sc, uint8_t *bssid)
2513 {
2514 uint32_t tmp;
2515
2516 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24;
2517 RAL_WRITE(sc, RAL_CSR5, tmp);
2518
2519 tmp = bssid[4] | bssid[5] << 8;
2520 RAL_WRITE(sc, RAL_CSR6, tmp);
2521
2522 DPRINTF(("setting BSSID to %6D\n", bssid, ":"));
2523 }
2524
2525 static void
2526 ral_set_macaddr(struct ral_softc *sc, uint8_t *addr)
2527 {
2528 uint32_t tmp;
2529
2530 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24;
2531 RAL_WRITE(sc, RAL_CSR3, tmp);
2532
2533 tmp = addr[4] | addr[5] << 8;
2534 RAL_WRITE(sc, RAL_CSR4, tmp);
2535
2536 DPRINTF(("setting MAC address to %6D\n", addr, ":"));
2537 }
2538
2539 static void
2540 ral_get_macaddr(struct ral_softc *sc, uint8_t *addr)
2541 {
2542 uint32_t tmp;
2543
2544 tmp = RAL_READ(sc, RAL_CSR3);
2545 addr[0] = tmp & 0xff;
2546 addr[1] = (tmp >> 8) & 0xff;
2547 addr[2] = (tmp >> 16) & 0xff;
2548 addr[3] = (tmp >> 24);
2549
2550 tmp = RAL_READ(sc, RAL_CSR4);
2551 addr[4] = tmp & 0xff;
2552 addr[5] = (tmp >> 8) & 0xff;
2553 }
2554
2555 static void
2556 ral_update_promisc(struct ral_softc *sc)
2557 {
2558 struct ifnet *ifp = sc->sc_ic.ic_ifp;
2559 uint32_t tmp;
2560
2561 tmp = RAL_READ(sc, RAL_RXCSR0);
2562
2563 tmp &= ~RAL_DROP_NOT_TO_ME;
2564 if (!(ifp->if_flags & IFF_PROMISC))
2565 tmp |= RAL_DROP_NOT_TO_ME;
2566
2567 RAL_WRITE(sc, RAL_RXCSR0, tmp);
2568
2569 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
2570 "entering" : "leaving"));
2571 }
2572
2573 static const char *
2574 ral_get_rf(int rev)
2575 {
2576 switch (rev) {
2577 case RAL_RF_2522: return "RT2522";
2578 case RAL_RF_2523: return "RT2523";
2579 case RAL_RF_2524: return "RT2524";
2580 case RAL_RF_2525: return "RT2525";
2581 case RAL_RF_2525E: return "RT2525e";
2582 case RAL_RF_2526: return "RT2526";
2583 case RAL_RF_5222: return "RT5222";
2584 default: return "unknown";
2585 }
2586 }
2587
2588 static void
2589 ral_read_eeprom(struct ral_softc *sc)
2590 {
2591 uint16_t val;
2592 int i;
2593
2594 val = ral_eeprom_read(sc, RAL_EEPROM_CONFIG0);
2595 sc->rf_rev = (val >> 11) & 0x7;
2596 sc->hw_radio = (val >> 10) & 0x1;
2597 sc->led_mode = (val >> 6) & 0x7;
2598 sc->rx_ant = (val >> 4) & 0x3;
2599 sc->tx_ant = (val >> 2) & 0x3;
2600 sc->nb_ant = val & 0x3;
2601
2602 /* read default values for BBP registers */
2603 for (i = 0; i < 16; i++) {
2604 val = ral_eeprom_read(sc, RAL_EEPROM_BBP_BASE + i);
2605 sc->bbp_prom[i].reg = val >> 8;
2606 sc->bbp_prom[i].val = val & 0xff;
2607 }
2608
2609 /* read Tx power for all b/g channels */
2610 for (i = 0; i < 14 / 2; i++) {
2611 val = ral_eeprom_read(sc, RAL_EEPROM_TXPOWER + i);
2612 sc->txpow[i * 2] = val >> 8;
2613 sc->txpow[i * 2 + 1] = val & 0xff;
2614 }
2615 }
2616
2617 static int
2618 ral_bbp_init(struct ral_softc *sc)
2619 {
2620 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2621 int i, ntries;
2622
2623 /* wait for BBP to be ready */
2624 for (ntries = 0; ntries < 100; ntries++) {
2625 if (ral_bbp_read(sc, RAL_BBP_VERSION) != 0)
2626 break;
2627 DELAY(1);
2628 }
2629 if (ntries == 100) {
2630 device_printf(sc->sc_dev, "timeout waiting for BBP\n");
2631 return EIO;
2632 }
2633
2634 /* initialize BBP registers to default values */
2635 for (i = 0; i < N(ral_def_bbp); i++)
2636 ral_bbp_write(sc, ral_def_bbp[i].reg, ral_def_bbp[i].val);
2637
2638 #if 0
2639 /* initialize BBP registers to values stored in EEPROM */
2640 for (i = 0; i < 16; i++) {
2641 if (sc->bbp_prom[i].reg == 0xff)
2642 continue;
2643 ral_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val);
2644 }
2645 #endif
2646
2647 return 0;
2648 #undef N
2649 }
2650
2651 static void
2652 ral_set_txantenna(struct ral_softc *sc, int antenna)
2653 {
2654 uint32_t tmp;
2655 uint8_t tx;
2656
2657 tx = ral_bbp_read(sc, RAL_BBP_TX) & ~RAL_BBP_ANTMASK;
2658 if (antenna == 1)
2659 tx |= RAL_BBP_ANTA;
2660 else if (antenna == 2)
2661 tx |= RAL_BBP_ANTB;
2662 else
2663 tx |= RAL_BBP_DIVERSITY;
2664
2665 /* need to force I/Q flip for RF 2525e, 2526 and 5222 */
2666 if (sc->rf_rev == RAL_RF_2525E || sc->rf_rev == RAL_RF_2526 ||
2667 sc->rf_rev == RAL_RF_5222)
2668 tx |= RAL_BBP_FLIPIQ;
2669
2670 ral_bbp_write(sc, RAL_BBP_TX, tx);
2671
2672 /* update values for CCK and OFDM in BBPCSR1 */
2673 tmp = RAL_READ(sc, RAL_BBPCSR1) & ~0x00070007;
2674 tmp |= (tx & 0x7) << 16 | (tx & 0x7);
2675 RAL_WRITE(sc, RAL_BBPCSR1, tmp);
2676 }
2677
2678 static void
2679 ral_set_rxantenna(struct ral_softc *sc, int antenna)
2680 {
2681 uint8_t rx;
2682
2683 rx = ral_bbp_read(sc, RAL_BBP_RX) & ~RAL_BBP_ANTMASK;
2684 if (antenna == 1)
2685 rx |= RAL_BBP_ANTA;
2686 else if (antenna == 2)
2687 rx |= RAL_BBP_ANTB;
2688 else
2689 rx |= RAL_BBP_DIVERSITY;
2690
2691 /* need to force no I/Q flip for RF 2525e and 2526 */
2692 if (sc->rf_rev == RAL_RF_2525E || sc->rf_rev == RAL_RF_2526)
2693 rx &= ~RAL_BBP_FLIPIQ;
2694
2695 ral_bbp_write(sc, RAL_BBP_RX, rx);
2696 }
2697
2698 static void
2699 ral_init(void *priv)
2700 {
2701 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2702 struct ral_softc *sc = priv;
2703 struct ieee80211com *ic = &sc->sc_ic;
2704 struct ifnet *ifp = ic->ic_ifp;
2705 uint32_t tmp;
2706 int i;
2707
2708 ral_stop(sc);
2709
2710 /* setup tx rings */
2711 tmp = RAL_PRIO_RING_COUNT << 24 |
2712 RAL_ATIM_RING_COUNT << 16 |
2713 RAL_TX_RING_COUNT << 8 |
2714 RAL_TX_DESC_SIZE;
2715
2716 /* rings _must_ be initialized in this _exact_ order! */
2717 RAL_WRITE(sc, RAL_TXCSR2, tmp);
2718 RAL_WRITE(sc, RAL_TXCSR3, sc->txq.physaddr);
2719 RAL_WRITE(sc, RAL_TXCSR5, sc->prioq.physaddr);
2720 RAL_WRITE(sc, RAL_TXCSR4, sc->atimq.physaddr);
2721 RAL_WRITE(sc, RAL_TXCSR6, sc->bcnq.physaddr);
2722
2723 /* setup rx ring */
2724 tmp = RAL_RX_RING_COUNT << 8 | RAL_RX_DESC_SIZE;
2725
2726 RAL_WRITE(sc, RAL_RXCSR1, tmp);
2727 RAL_WRITE(sc, RAL_RXCSR2, sc->rxq.physaddr);
2728
2729 /* initialize MAC registers to default values */
2730 for (i = 0; i < N(ral_def_mac); i++)
2731 RAL_WRITE(sc, ral_def_mac[i].reg, ral_def_mac[i].val);
2732
2733 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp));
2734 ral_set_macaddr(sc, ic->ic_myaddr);
2735
2736 /* set basic rate set (will be updated later) */
2737 RAL_WRITE(sc, RAL_ARSP_PLCP_1, 0x153);
2738
2739 ral_set_txantenna(sc, sc->tx_ant);
2740 ral_set_rxantenna(sc, sc->rx_ant);
2741 ral_update_slot(ifp);
2742 ral_update_plcp(sc);
2743 ral_update_led(sc, 0, 0);
2744
2745 RAL_WRITE(sc, RAL_CSR1, RAL_RESET_ASIC);
2746 RAL_WRITE(sc, RAL_CSR1, RAL_HOST_READY);
2747
2748 if (ral_bbp_init(sc) != 0) {
2749 ral_stop(sc);
2750 return;
2751 }
2752
2753 /* set default BSS channel */
2754 ic->ic_bss->ni_chan = ic->ic_ibss_chan;
2755 ic->ic_curchan = ic->ic_ibss_chan;
2756 ral_set_chan(sc, ic->ic_curchan);
2757
2758 /* kick Rx */
2759 tmp = RAL_DROP_PHY_ERROR | RAL_DROP_CRC_ERROR;
2760 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2761 tmp |= RAL_DROP_CTL | RAL_DROP_VERSION_ERROR;
2762 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
2763 tmp |= RAL_DROP_TODS;
2764 if (!(ifp->if_flags & IFF_PROMISC))
2765 tmp |= RAL_DROP_NOT_TO_ME;
2766 }
2767 RAL_WRITE(sc, RAL_RXCSR0, tmp);
2768
2769 /* clear old FCS and Rx FIFO errors */
2770 RAL_READ(sc, RAL_CNT0);
2771 RAL_READ(sc, RAL_CNT4);
2772
2773 /* clear any pending interrupts */
2774 RAL_WRITE(sc, RAL_CSR7, 0xffffffff);
2775
2776 /* enable interrupts */
2777 RAL_WRITE(sc, RAL_CSR8, RAL_INTR_MASK);
2778
2779 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
2780 ifp->if_drv_flags |= IFF_DRV_RUNNING;
2781
2782 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2783 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
2784 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2785 } else
2786 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2787 #undef N
2788 }
2789
2790 void
2791 ral_stop(void *priv)
2792 {
2793 struct ral_softc *sc = priv;
2794 struct ieee80211com *ic = &sc->sc_ic;
2795 struct ifnet *ifp = ic->ic_ifp;
2796
2797 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
2798
2799 sc->sc_tx_timer = 0;
2800 ifp->if_timer = 0;
2801 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE);
2802
2803 /* abort Tx */
2804 RAL_WRITE(sc, RAL_TXCSR0, RAL_ABORT_TX);
2805
2806 /* disable Rx */
2807 RAL_WRITE(sc, RAL_RXCSR0, RAL_DISABLE_RX);
2808
2809 /* reset ASIC (imply reset BBP) */
2810 RAL_WRITE(sc, RAL_CSR1, RAL_RESET_ASIC);
2811 RAL_WRITE(sc, RAL_CSR1, 0);
2812
2813 /* disable interrupts */
2814 RAL_WRITE(sc, RAL_CSR8, 0xffffffff);
2815
2816 /* reset Tx and Rx rings */
2817 ral_reset_tx_ring(sc, &sc->txq);
2818 ral_reset_tx_ring(sc, &sc->atimq);
2819 ral_reset_tx_ring(sc, &sc->prioq);
2820 ral_reset_tx_ring(sc, &sc->bcnq);
2821 ral_reset_rx_ring(sc, &sc->rxq);
2822 }
Cache object: b21ed45ef4100bedbb97b14847c8045b
|