search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Nuke SIMPLEQ_* and logprintf.
[dragonfly/vkernel-mp.git] / sys / dev / netif / rum / if_rum.c
blob7481c95c92a136db952fe2176e5a93da4a76ef29
1 /* $OpenBSD: if_rum.c,v 1.40 2006/09/18 16:20:20 damien Exp $ */
2 /* $DragonFly: src/sys/dev/netif/rum/if_rum.c,v 1.15 2007/06/28 13:55:12 hasso Exp $ */
3
4 /*-
5 * Copyright (c) 2005, 2006 Damien Bergamini <damien.bergamini@free.fr>
6 * Copyright (c) 2006 Niall O'Higgins <niallo@openbsd.org>
7 *
8 * Permission to use, copy, modify, and distribute this software for any
9 * purpose with or without fee is hereby granted, provided that the above
10 * copyright notice and this permission notice appear in all copies.
11 *
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 */
20
21 /*-
22 * Ralink Technology RT2501USB/RT2601USB chipset driver
23 * http://www.ralinktech.com/
24 */
25
26 #include <sys/param.h>
27 #include <sys/bus.h>
28 #include <sys/endian.h>
29 #include <sys/kernel.h>
30 #include <sys/malloc.h>
31 #include <sys/mbuf.h>
32 #include <sys/rman.h>
33 #include <sys/serialize.h>
34 #include <sys/socket.h>
35 #include <sys/sockio.h>
36
37 #include <net/bpf.h>
38 #include <net/ethernet.h>
39 #include <net/if.h>
40 #include <net/if_arp.h>
41 #include <net/if_dl.h>
42 #include <net/if_media.h>
43 #include <net/ifq_var.h>
44
45 #include <netproto/802_11/ieee80211_var.h>
46 #include <netproto/802_11/ieee80211_radiotap.h>
47 #include <netproto/802_11/wlan_ratectl/onoe/ieee80211_onoe_param.h>
48
49 #include <bus/usb/usb.h>
50 #include <bus/usb/usbdi.h>
51 #include <bus/usb/usbdi_util.h>
52 #include <bus/usb/usbdevs.h>
53
54 #include "if_rumreg.h"
55 #include "if_rumvar.h"
56 #include "rum_ucode.h"
57
58 #ifdef USB_DEBUG
59 #define RUM_DEBUG
60 #endif
61
62 #ifdef RUM_DEBUG
63 #define DPRINTF(x) do { if (rum_debug) kprintf x; } while (0)
64 #define DPRINTFN(n, x) do { if (rum_debug >= (n)) kprintf x; } while (0)
65 int rum_debug = 0;
66 #else
67 #define DPRINTF(x)
68 #define DPRINTFN(n, x)
69 #endif
70
71 /* various supported device vendors/products */
72 static const struct usb_devno rum_devs[] = {
73 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_HWU54DM },
74 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT2573 },
75 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT2573_1 },
76 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT2573_2 },
77 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_WUG2700 },
78 { USB_VENDOR_AMIT, USB_PRODUCT_AMIT_CGWLUSB2GO },
79 { USB_VENDOR_ASUS, USB_PRODUCT_ASUS_WL167G_2 },
80 { USB_VENDOR_ASUS, USB_PRODUCT_ASUS_WL167G_3 },
81 { USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F5D7050A },
82 { USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F5D9050V3 },
83 { USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB54GC },
84 { USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB54GR },
85 { USB_VENDOR_CONCEPTRONIC, USB_PRODUCT_CONCEPTRONIC_C54RU2 },
86 { USB_VENDOR_DICKSMITH, USB_PRODUCT_DICKSMITH_CWD854F },
87 { USB_VENDOR_DICKSMITH, USB_PRODUCT_DICKSMITH_RT2573 },
88 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWLG122C1 },
89 { USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_WUA1340 },
90 { USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_GNWB01GS },
91 { USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_GNWI05GS },
92 { USB_VENDOR_GIGASET, USB_PRODUCT_GIGASET_RT2573 },
93 { USB_VENDOR_GOODWAY, USB_PRODUCT_GOODWAY_RT2573 },
94 { USB_VENDOR_GUILLEMOT, USB_PRODUCT_GUILLEMOT_HWGUSB254LB },
95 { USB_VENDOR_GUILLEMOT, USB_PRODUCT_GUILLEMOT_HWGUSB254V2AP },
96 { USB_VENDOR_HUAWEI3COM, USB_PRODUCT_HUAWEI3COM_RT2573 },
97 { USB_VENDOR_MELCO, USB_PRODUCT_MELCO_G54HP },
98 { USB_VENDOR_MELCO, USB_PRODUCT_MELCO_SG54HP },
99 { USB_VENDOR_MSI, USB_PRODUCT_MSI_RT2573 },
100 { USB_VENDOR_MSI, USB_PRODUCT_MSI_RT2573_1 },
101 { USB_VENDOR_MSI, USB_PRODUCT_MSI_RT2573_2 },
102 { USB_VENDOR_MSI, USB_PRODUCT_MSI_RT2573_3 },
103 { USB_VENDOR_NOVATECH, USB_PRODUCT_NOVATECH_RT2573 },
104 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GWUS54HP },
105 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GWUS54MINI2 },
106 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GWUSMM },
107 { USB_VENDOR_QCOM, USB_PRODUCT_QCOM_RT2573 },
108 { USB_VENDOR_QCOM, USB_PRODUCT_QCOM_RT2573_2 },
109 { USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2573 },
110 { USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2671 },
111 { USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2573_2 },
112 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_WL113R2 },
113 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_WL172 },
114 { USB_VENDOR_SURECOM, USB_PRODUCT_SURECOM_RT2573 }
115 };
116
117 static int rum_alloc_tx_list(struct rum_softc *);
118 static void rum_free_tx_list(struct rum_softc *);
119 static int rum_alloc_rx_list(struct rum_softc *);
120 static void rum_free_rx_list(struct rum_softc *);
121 static int rum_media_change(struct ifnet *);
122 static void rum_next_scan(void *);
123 static void rum_task(void *);
124 static int rum_newstate(struct ieee80211com *,
125 enum ieee80211_state, int);
126 static void rum_txeof(usbd_xfer_handle, usbd_private_handle,
127 usbd_status);
128 static void rum_rxeof(usbd_xfer_handle, usbd_private_handle,
129 usbd_status);
130 static uint8_t rum_rxrate(struct rum_rx_desc *);
131 static uint8_t rum_plcp_signal(int);
132 static void rum_setup_tx_desc(struct rum_softc *,
133 struct rum_tx_desc *, uint32_t, uint16_t, int,
134 int);
135 static int rum_tx_data(struct rum_softc *, struct mbuf *,
136 struct ieee80211_node *);
137 static void rum_start(struct ifnet *);
138 static void rum_watchdog(struct ifnet *);
139 static int rum_ioctl(struct ifnet *, u_long, caddr_t,
140 struct ucred *);
141 static void rum_eeprom_read(struct rum_softc *, uint16_t, void *,
142 int);
143 static uint32_t rum_read(struct rum_softc *, uint16_t);
144 static void rum_read_multi(struct rum_softc *, uint16_t, void *,
145 int);
146 static void rum_write(struct rum_softc *, uint16_t, uint32_t);
147 static void rum_write_multi(struct rum_softc *, uint16_t, void *,
148 size_t);
149 static void rum_bbp_write(struct rum_softc *, uint8_t, uint8_t);
150 static uint8_t rum_bbp_read(struct rum_softc *, uint8_t);
151 static void rum_rf_write(struct rum_softc *, uint8_t, uint32_t);
152 static void rum_select_antenna(struct rum_softc *);
153 static void rum_enable_mrr(struct rum_softc *);
154 static void rum_set_txpreamble(struct rum_softc *);
155 static void rum_set_basicrates(struct rum_softc *);
156 static void rum_select_band(struct rum_softc *,
157 struct ieee80211_channel *);
158 static void rum_set_chan(struct rum_softc *,
159 struct ieee80211_channel *);
160 static void rum_enable_tsf_sync(struct rum_softc *);
161 static void rum_update_slot(struct rum_softc *);
162 static void rum_set_bssid(struct rum_softc *, const uint8_t *);
163 static void rum_set_macaddr(struct rum_softc *, const uint8_t *);
164 static void rum_update_promisc(struct rum_softc *);
165 static const char *rum_get_rf(int);
166 static void rum_read_eeprom(struct rum_softc *);
167 static int rum_bbp_init(struct rum_softc *);
168 static void rum_init(void *);
169 static void rum_stop(struct rum_softc *);
170 static int rum_load_microcode(struct rum_softc *, const uint8_t *,
171 size_t);
172 static int rum_prepare_beacon(struct rum_softc *);
173
174 static void rum_stats_timeout(void *);
175 static void rum_stats_update(usbd_xfer_handle, usbd_private_handle,
176 usbd_status);
177 static void rum_stats(struct ieee80211com *,
178 struct ieee80211_node *,
179 struct ieee80211_ratectl_stats *);
180 static void rum_ratectl_change(struct ieee80211com *ic, u_int,
181 u_int);
182 static int rum_get_rssi(struct rum_softc *, uint8_t);
183
184 /*
185 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
186 */
187 static const struct ieee80211_rateset rum_rateset_11a =
188 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
189
190 static const struct ieee80211_rateset rum_rateset_11b =
191 { 4, { 2, 4, 11, 22 } };
192
193 static const struct ieee80211_rateset rum_rateset_11g =
194 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
195
196 static const struct {
197 uint32_t reg;
198 uint32_t val;
199 } rum_def_mac[] = {
200 RT2573_DEF_MAC
201 };
202
203 static const struct {
204 uint8_t reg;
205 uint8_t val;
206 } rum_def_bbp[] = {
207 RT2573_DEF_BBP
208 };
209
210 static const struct rfprog {
211 uint8_t chan;
212 uint32_t r1, r2, r3, r4;
213 } rum_rf5226[] = {
214 RT2573_RF5226
215 }, rum_rf5225[] = {
216 RT2573_RF5225
217 };
218
219 USB_DECLARE_DRIVER(rum);
220 DRIVER_MODULE(rum, uhub, rum_driver, rum_devclass, usbd_driver_load, 0);
221
222 USB_MATCH(rum)
223 {
224 USB_MATCH_START(rum, uaa);
225
226 if (uaa->iface != NULL)
227 return UMATCH_NONE;
228
229 return (usb_lookup(rum_devs, uaa->vendor, uaa->product) != NULL) ?
230 UMATCH_VENDOR_PRODUCT : UMATCH_NONE;
231 }
232
233 USB_ATTACH(rum)
234 {
235 USB_ATTACH_START(rum, sc, uaa);
236 struct ieee80211com *ic = &sc->sc_ic;
237 struct ifnet *ifp = &ic->ic_if;
238 usb_interface_descriptor_t *id;
239 usb_endpoint_descriptor_t *ed;
240 usbd_status error;
241 char devinfo[1024];
242 int i, ntries;
243 uint32_t tmp;
244
245 sc->sc_udev = uaa->device;
246
247 usbd_devinfo(uaa->device, 0, devinfo);
248 USB_ATTACH_SETUP;
249
250 if (usbd_set_config_no(sc->sc_udev, RT2573_CONFIG_NO, 0) != 0) {
251 kprintf("%s: could not set configuration no\n",
252 device_get_nameunit(sc->sc_dev));
253 USB_ATTACH_ERROR_RETURN;
254 }
255
256 /* get the first interface handle */
257 error = usbd_device2interface_handle(sc->sc_udev, RT2573_IFACE_INDEX,
258 &sc->sc_iface);
259 if (error != 0) {
260 kprintf("%s: could not get interface handle\n",
261 device_get_nameunit(sc->sc_dev));
262 USB_ATTACH_ERROR_RETURN;
263 }
264
265 /*
266 * Find endpoints.
267 */
268 id = usbd_get_interface_descriptor(sc->sc_iface);
269
270 sc->sc_rx_no = sc->sc_tx_no = -1;
271 for (i = 0; i < id->bNumEndpoints; i++) {
272 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i);
273 if (ed == NULL) {
274 kprintf("%s: no endpoint descriptor for iface %d\n",
275 device_get_nameunit(sc->sc_dev), i);
276 USB_ATTACH_ERROR_RETURN;
277 }
278
279 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN &&
280 UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK)
281 sc->sc_rx_no = ed->bEndpointAddress;
282 else if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_OUT &&
283 UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK)
284 sc->sc_tx_no = ed->bEndpointAddress;
285 }
286 if (sc->sc_rx_no == -1 || sc->sc_tx_no == -1) {
287 kprintf("%s: missing endpoint\n", device_get_nameunit(sc->sc_dev));
288 USB_ATTACH_ERROR_RETURN;
289 }
290
291 usb_init_task(&sc->sc_task, rum_task, sc);
292
293 callout_init(&sc->scan_ch);
294 callout_init(&sc->stats_ch);
295
296 /* retrieve RT2573 rev. no */
297 for (ntries = 0; ntries < 1000; ntries++) {
298 if ((tmp = rum_read(sc, RT2573_MAC_CSR0)) != 0)
299 break;
300 DELAY(1000);
301 }
302 if (ntries == 1000) {
303 kprintf("%s: timeout waiting for chip to settle\n",
304 device_get_nameunit(sc->sc_dev));
305 USB_ATTACH_ERROR_RETURN;
306 }
307
308 /* retrieve MAC address and various other things from EEPROM */
309 rum_read_eeprom(sc);
310
311 kprintf("%s: MAC/BBP RT%04x (rev 0x%05x), RF %s, address %6D\n",
312 device_get_nameunit(sc->sc_dev), sc->macbbp_rev, tmp,
313 rum_get_rf(sc->rf_rev), ic->ic_myaddr, ":");
314
315 error = rum_load_microcode(sc, rt2573, sizeof(rt2573));
316 if (error != 0) {
317 device_printf(self, "can't load microcode\n");
318 USB_ATTACH_ERROR_RETURN;
319 }
320
321 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
322 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
323 ic->ic_state = IEEE80211_S_INIT;
324
325 /* set device capabilities */
326 ic->ic_caps =
327 IEEE80211_C_IBSS | /* IBSS mode supported */
328 IEEE80211_C_MONITOR | /* monitor mode supported */
329 IEEE80211_C_HOSTAP | /* HostAp mode supported */
330 IEEE80211_C_TXPMGT | /* tx power management */
331 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
332 IEEE80211_C_SHSLOT | /* short slot time supported */
333 IEEE80211_C_WPA; /* WPA 1+2 */
334
335 if (sc->rf_rev == RT2573_RF_5225 || sc->rf_rev == RT2573_RF_5226) {
336 /* set supported .11a rates */
337 ic->ic_sup_rates[IEEE80211_MODE_11A] = rum_rateset_11a;
338
339 /* set supported .11a channels */
340 for (i = 34; i <= 46; i += 4) {
341 ic->ic_channels[i].ic_freq =
342 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
343 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
344 }
345 for (i = 36; i <= 64; i += 4) {
346 ic->ic_channels[i].ic_freq =
347 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
348 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
349 }
350 for (i = 100; i <= 140; i += 4) {
351 ic->ic_channels[i].ic_freq =
352 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
353 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
354 }
355 for (i = 149; i <= 165; i += 4) {
356 ic->ic_channels[i].ic_freq =
357 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
358 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
359 }
360 }
361
362 /* set supported .11b and .11g rates */
363 ic->ic_sup_rates[IEEE80211_MODE_11B] = rum_rateset_11b;
364 ic->ic_sup_rates[IEEE80211_MODE_11G] = rum_rateset_11g;
365
366 /* set supported .11b and .11g channels (1 through 14) */
367 for (i = 1; i <= 14; i++) {
368 ic->ic_channels[i].ic_freq =
369 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
370 ic->ic_channels[i].ic_flags =
371 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
372 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
373 }
374
375 sc->sc_sifs = IEEE80211_DUR_SIFS; /* Default SIFS */
376
377 if_initname(ifp, device_get_name(self), device_get_unit(self));
378 ifp->if_softc = sc;
379 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
380 ifp->if_init = rum_init;
381 ifp->if_ioctl = rum_ioctl;
382 ifp->if_start = rum_start;
383 ifp->if_watchdog = rum_watchdog;
384 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
385 ifq_set_ready(&ifp->if_snd);
386
387 ic->ic_ratectl.rc_st_ratectl_cap = IEEE80211_RATECTL_CAP_ONOE;
388 ic->ic_ratectl.rc_st_ratectl = IEEE80211_RATECTL_ONOE;
389 ic->ic_ratectl.rc_st_valid_stats =
390 IEEE80211_RATECTL_STATS_PKT_NORETRY |
391 IEEE80211_RATECTL_STATS_PKT_OK |
392 IEEE80211_RATECTL_STATS_PKT_ERR |
393 IEEE80211_RATECTL_STATS_RETRIES;
394 ic->ic_ratectl.rc_st_stats = rum_stats;
395 ic->ic_ratectl.rc_st_change = rum_ratectl_change;
396
397 ieee80211_ifattach(ic);
398
399 /* Enable software beacon missing handling. */
400 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
401
402 /* override state transition machine */
403 sc->sc_newstate = ic->ic_newstate;
404 ic->ic_newstate = rum_newstate;
405 ieee80211_media_init(ic, rum_media_change, ieee80211_media_status);
406
407 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO,
408 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN,
409 &sc->sc_drvbpf);
410
411 sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
412 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
413 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2573_RX_RADIOTAP_PRESENT);
414
415 sc->sc_txtap_len = sizeof sc->sc_txtapu;
416 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
417 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2573_TX_RADIOTAP_PRESENT);
418
419 if (bootverbose)
420 ieee80211_announce(ic);
421
422 USB_ATTACH_SUCCESS_RETURN;
423 }
424
425 USB_DETACH(rum)
426 {
427 USB_DETACH_START(rum, sc);
428 struct ifnet *ifp = &sc->sc_ic.ic_if;
429 #ifdef INVARIANTS
430 int i;
431 #endif
432
433 crit_enter();
434
435 callout_stop(&sc->scan_ch);
436 callout_stop(&sc->stats_ch);
437
438 lwkt_serialize_enter(ifp->if_serializer);
439 rum_stop(sc);
440 lwkt_serialize_exit(ifp->if_serializer);
441
442 usb_rem_task(sc->sc_udev, &sc->sc_task);
443
444 bpfdetach(ifp);
445 ieee80211_ifdetach(&sc->sc_ic); /* free all nodes */
446
447 crit_exit();
448
449 KKASSERT(sc->stats_xfer == NULL);
450 KKASSERT(sc->sc_rx_pipeh == NULL);
451 KKASSERT(sc->sc_tx_pipeh == NULL);
452
453 #ifdef INVARIANTS
454 /*
455 * Make sure TX/RX list is empty
456 */
457 for (i = 0; i < RT2573_TX_LIST_COUNT; i++) {
458 struct rum_tx_data *data = &sc->tx_data[i];
459
460 KKASSERT(data->xfer == NULL);
461 KKASSERT(data->ni == NULL);
462 KKASSERT(data->m == NULL);
463 }
464 for (i = 0; i < RT2573_RX_LIST_COUNT; i++) {
465 struct rum_rx_data *data = &sc->rx_data[i];
466
467 KKASSERT(data->xfer == NULL);
468 KKASSERT(data->m == NULL);
469 }
470 #endif
471 return 0;
472 }
473
474 static int
475 rum_alloc_tx_list(struct rum_softc *sc)
476 {
477 int i;
478
479 sc->tx_queued = 0;
480 for (i = 0; i < RT2573_TX_LIST_COUNT; i++) {
481 struct rum_tx_data *data = &sc->tx_data[i];
482
483 data->sc = sc;
484
485 data->xfer = usbd_alloc_xfer(sc->sc_udev);
486 if (data->xfer == NULL) {
487 kprintf("%s: could not allocate tx xfer\n",
488 device_get_nameunit(sc->sc_dev));
489 return ENOMEM;
490 }
491
492 data->buf = usbd_alloc_buffer(data->xfer,
493 RT2573_TX_DESC_SIZE + IEEE80211_MAX_LEN);
494 if (data->buf == NULL) {
495 kprintf("%s: could not allocate tx buffer\n",
496 device_get_nameunit(sc->sc_dev));
497 return ENOMEM;
498 }
499
500 /* clean Tx descriptor */
501 bzero(data->buf, RT2573_TX_DESC_SIZE);
502 }
503 return 0;
504 }
505
506 static void
507 rum_free_tx_list(struct rum_softc *sc)
508 {
509 int i;
510
511 for (i = 0; i < RT2573_TX_LIST_COUNT; i++) {
512 struct rum_tx_data *data = &sc->tx_data[i];
513
514 if (data->xfer != NULL) {
515 usbd_free_xfer(data->xfer);
516 data->xfer = NULL;
517 }
518 if (data->ni != NULL) {
519 ieee80211_free_node(data->ni);
520 data->ni = NULL;
521 }
522 if (data->m != NULL) {
523 m_freem(data->m);
524 data->m = NULL;
525 }
526 }
527 sc->tx_queued = 0;
528 }
529
530 static int
531 rum_alloc_rx_list(struct rum_softc *sc)
532 {
533 int i;
534
535 for (i = 0; i < RT2573_RX_LIST_COUNT; i++) {
536 struct rum_rx_data *data = &sc->rx_data[i];
537
538 data->sc = sc;
539
540 data->xfer = usbd_alloc_xfer(sc->sc_udev);
541 if (data->xfer == NULL) {
542 kprintf("%s: could not allocate rx xfer\n",
543 device_get_nameunit(sc->sc_dev));
544 return ENOMEM;
545 }
546
547 if (usbd_alloc_buffer(data->xfer, MCLBYTES) == NULL) {
548 kprintf("%s: could not allocate rx buffer\n",
549 device_get_nameunit(sc->sc_dev));
550 return ENOMEM;
551 }
552
553 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR);
554
555 data->buf = mtod(data->m, uint8_t *);
556 bzero(data->buf, sizeof(struct rum_rx_desc));
557 }
558 return 0;
559 }
560
561 static void
562 rum_free_rx_list(struct rum_softc *sc)
563 {
564 int i;
565
566 for (i = 0; i < RT2573_RX_LIST_COUNT; i++) {
567 struct rum_rx_data *data = &sc->rx_data[i];
568
569 if (data->xfer != NULL) {
570 usbd_free_xfer(data->xfer);
571 data->xfer = NULL;
572 }
573 if (data->m != NULL) {
574 m_freem(data->m);
575 data->m = NULL;
576 }
577 }
578 }
579
580 static int
581 rum_media_change(struct ifnet *ifp)
582 {
583 int error;
584
585 error = ieee80211_media_change(ifp);
586 if (error != ENETRESET)
587 return error;
588
589 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
590 rum_init(ifp->if_softc);
591
592 return 0;
593 }
594
595 /*
596 * This function is called periodically (every 200ms) during scanning to
597 * switch from one channel to another.
598 */
599 static void
600 rum_next_scan(void *arg)
601 {
602 struct rum_softc *sc = arg;
603 struct ieee80211com *ic = &sc->sc_ic;
604 struct ifnet *ifp = &ic->ic_if;
605
606 if (sc->sc_stopped)
607 return;
608
609 crit_enter();
610
611 if (ic->ic_state == IEEE80211_S_SCAN) {
612 lwkt_serialize_enter(ifp->if_serializer);
613 ieee80211_next_scan(ic);
614 lwkt_serialize_exit(ifp->if_serializer);
615 }
616
617 crit_exit();
618 }
619
620 static void
621 rum_task(void *xarg)
622 {
623 struct rum_softc *sc = xarg;
624 struct ieee80211com *ic = &sc->sc_ic;
625 struct ifnet *ifp = &ic->ic_if;
626 enum ieee80211_state nstate;
627 struct ieee80211_node *ni;
628 int arg;
629
630 if (sc->sc_stopped)
631 return;
632
633 crit_enter();
634
635 nstate = sc->sc_state;
636 arg = sc->sc_arg;
637
638 KASSERT(nstate != IEEE80211_S_INIT,
639 ("->INIT state transition should not be defered\n"));
640 rum_set_chan(sc, ic->ic_curchan);
641
642 switch (nstate) {
643 case IEEE80211_S_RUN:
644 ni = ic->ic_bss;
645
646 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
647 rum_update_slot(sc);
648 rum_enable_mrr(sc);
649 rum_set_txpreamble(sc);
650 rum_set_basicrates(sc);
651 rum_set_bssid(sc, ni->ni_bssid);
652 }
653
654 if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
655 ic->ic_opmode == IEEE80211_M_IBSS)
656 rum_prepare_beacon(sc);
657
658 if (ic->ic_opmode != IEEE80211_M_MONITOR)
659 rum_enable_tsf_sync(sc);
660
661 /* clear statistic registers (STA_CSR0 to STA_CSR5) */
662 rum_read_multi(sc, RT2573_STA_CSR0, sc->sta, sizeof(sc->sta));
663 callout_reset(&sc->stats_ch, 4 * hz / 5, rum_stats_timeout, sc);
664 break;
665
666 case IEEE80211_S_SCAN:
667 callout_reset(&sc->scan_ch, hz / 5, rum_next_scan, sc);
668 break;
669
670 default:
671 break;
672 }
673
674 lwkt_serialize_enter(ifp->if_serializer);
675 ieee80211_ratectl_newstate(ic, nstate);
676 sc->sc_newstate(ic, nstate, arg);
677 lwkt_serialize_exit(ifp->if_serializer);
678
679 crit_exit();
680 }
681
682 static int
683 rum_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
684 {
685 struct rum_softc *sc = ic->ic_if.if_softc;
686 struct ifnet *ifp = &ic->ic_if;
687
688 crit_enter();
689
690 ASSERT_SERIALIZED(ifp->if_serializer);
691
692 callout_stop(&sc->scan_ch);
693 callout_stop(&sc->stats_ch);
694
695 /* do it in a process context */
696 sc->sc_state = nstate;
697 sc->sc_arg = arg;
698
699 lwkt_serialize_exit(ifp->if_serializer);
700 usb_rem_task(sc->sc_udev, &sc->sc_task);
701
702 if (nstate == IEEE80211_S_INIT) {
703 lwkt_serialize_enter(ifp->if_serializer);
704 ieee80211_ratectl_newstate(ic, nstate);
705 sc->sc_newstate(ic, nstate, arg);
706 } else {
707 usb_add_task(sc->sc_udev, &sc->sc_task, USB_TASKQ_DRIVER);
708 lwkt_serialize_enter(ifp->if_serializer);
709 }
710
711 crit_exit();
712 return 0;
713 }
714
715 /* quickly determine if a given rate is CCK or OFDM */
716 #define RUM_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
717
718 #define RUM_ACK_SIZE (sizeof(struct ieee80211_frame_ack) + IEEE80211_FCS_LEN)
719
720 static void
721 rum_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status)
722 {
723 struct rum_tx_data *data = priv;
724 struct rum_softc *sc = data->sc;
725 struct ieee80211com *ic = &sc->sc_ic;
726 struct ifnet *ifp = &ic->ic_if;
727 struct ieee80211_node *ni;
728
729 if (sc->sc_stopped)
730 return;
731
732 crit_enter();
733
734 if (status != USBD_NORMAL_COMPLETION) {
735 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) {
736 crit_exit();
737 return;
738 }
739
740 kprintf("%s: could not transmit buffer: %s\n",
741 device_get_nameunit(sc->sc_dev), usbd_errstr(status));
742
743 if (status == USBD_STALLED)
744 usbd_clear_endpoint_stall_async(sc->sc_tx_pipeh);
745
746 ifp->if_oerrors++;
747 crit_exit();
748 return;
749 }
750
751 m_freem(data->m);
752 data->m = NULL;
753 ni = data->ni;
754 data->ni = NULL;
755
756 bzero(data->buf, sizeof(struct rum_tx_data));
757 sc->tx_queued--;
758 ifp->if_opackets++; /* XXX may fail too */
759
760 DPRINTFN(10, ("tx done\n"));
761
762 sc->sc_tx_timer = 0;
763 ifp->if_flags &= ~IFF_OACTIVE;
764
765 lwkt_serialize_enter(ifp->if_serializer);
766 ieee80211_free_node(ni);
767 ifp->if_start(ifp);
768 lwkt_serialize_exit(ifp->if_serializer);
769
770 crit_exit();
771 }
772
773 static void
774 rum_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status)
775 {
776 struct rum_rx_data *data = priv;
777 struct rum_softc *sc = data->sc;
778 struct ieee80211com *ic = &sc->sc_ic;
779 struct ifnet *ifp = &ic->ic_if;
780 struct rum_rx_desc *desc;
781 struct ieee80211_frame_min *wh;
782 struct ieee80211_node *ni;
783 struct mbuf *mnew, *m;
784 int len, rssi;
785
786 if (sc->sc_stopped)
787 return;
788
789 crit_enter();
790
791 if (status != USBD_NORMAL_COMPLETION) {
792 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) {
793 crit_exit();
794 return;
795 }
796
797 if (status == USBD_STALLED)
798 usbd_clear_endpoint_stall_async(sc->sc_rx_pipeh);
799 goto skip;
800 }
801
802 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL);
803
804 if (len < RT2573_RX_DESC_SIZE + sizeof(struct ieee80211_frame_min)) {
805 DPRINTF(("%s: xfer too short %d\n", device_get_nameunit(sc->sc_dev),
806 len));
807 ifp->if_ierrors++;
808 goto skip;
809 }
810
811 desc = (struct rum_rx_desc *)data->buf;
812
813 if (le32toh(desc->flags) & RT2573_RX_CRC_ERROR) {
814 /*
815 * This should not happen since we did not request to receive
816 * those frames when we filled RT2573_TXRX_CSR0.
817 */
818 DPRINTFN(5, ("CRC error\n"));
819 ifp->if_ierrors++;
820 goto skip;
821 }
822
823 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR);
824 if (mnew == NULL) {
825 kprintf("%s: could not allocate rx mbuf\n",
826 device_get_nameunit(sc->sc_dev));
827 ifp->if_ierrors++;
828 goto skip;
829 }
830
831 m = data->m;
832 data->m = NULL;
833 data->buf = NULL;
834
835 lwkt_serialize_enter(ifp->if_serializer);
836
837 /* finalize mbuf */
838 m->m_pkthdr.rcvif = ifp;
839 m->m_data = (caddr_t)(desc + 1);
840 m->m_pkthdr.len = m->m_len = (le32toh(desc->flags) >> 16) & 0xfff;
841
842 rssi = rum_get_rssi(sc, desc->rssi);
843
844 wh = mtod(m, struct ieee80211_frame_min *);
845 ni = ieee80211_find_rxnode(ic, wh);
846
847 /* Error happened during RSSI conversion. */
848 if (rssi < 0)
849 rssi = ni->ni_rssi;
850
851 if (sc->sc_drvbpf != NULL) {
852 struct rum_rx_radiotap_header *tap = &sc->sc_rxtap;
853
854 tap->wr_flags = 0;
855 tap->wr_rate = rum_rxrate(desc);
856 tap->wr_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq);
857 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags);
858 tap->wr_antenna = sc->rx_ant;
859 tap->wr_antsignal = rssi;
860
861 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len);
862 }
863
864 /* send the frame to the 802.11 layer */
865 ieee80211_input(ic, m, ni, rssi, 0);
866
867 /* node is no longer needed */
868 ieee80211_free_node(ni);
869
870 if ((ifp->if_flags & IFF_OACTIVE) == 0)
871 ifp->if_start(ifp);
872
873 lwkt_serialize_exit(ifp->if_serializer);
874
875 data->m = mnew;
876 data->buf = mtod(data->m, uint8_t *);
877
878 DPRINTFN(15, ("rx done\n"));
879
880 skip: /* setup a new transfer */
881 bzero(data->buf, sizeof(struct rum_rx_desc));
882 usbd_setup_xfer(xfer, sc->sc_rx_pipeh, data, data->buf, MCLBYTES,
883 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, rum_rxeof);
884 usbd_transfer(xfer);
885
886 crit_exit();
887 }
888
889 /*
890 * This function is only used by the Rx radiotap code. It returns the rate at
891 * which a given frame was received.
892 */
893 static uint8_t
894 rum_rxrate(struct rum_rx_desc *desc)
895 {
896 if (le32toh(desc->flags) & RT2573_RX_OFDM) {
897 /* reverse function of rum_plcp_signal */
898 switch (desc->rate) {
899 case 0xb: return 12;
900 case 0xf: return 18;
901 case 0xa: return 24;
902 case 0xe: return 36;
903 case 0x9: return 48;
904 case 0xd: return 72;
905 case 0x8: return 96;
906 case 0xc: return 108;
907 }
908 } else {
909 if (desc->rate == 10)
910 return 2;
911 if (desc->rate == 20)
912 return 4;
913 if (desc->rate == 55)
914 return 11;
915 if (desc->rate == 110)
916 return 22;
917 }
918 return 2; /* should not get there */
919 }
920
921 static uint8_t
922 rum_plcp_signal(int rate)
923 {
924 switch (rate) {
925 /* CCK rates (returned values are device-dependent) */
926 case 2: return 0x0;
927 case 4: return 0x1;
928 case 11: return 0x2;
929 case 22: return 0x3;
930
931 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
932 case 12: return 0xb;
933 case 18: return 0xf;
934 case 24: return 0xa;
935 case 36: return 0xe;
936 case 48: return 0x9;
937 case 72: return 0xd;
938 case 96: return 0x8;
939 case 108: return 0xc;
940
941 /* unsupported rates (should not get there) */
942 default: return 0xff;
943 }
944 }
945
946 static void
947 rum_setup_tx_desc(struct rum_softc *sc, struct rum_tx_desc *desc,
948 uint32_t flags, uint16_t xflags, int len, int rate)
949 {
950 struct ieee80211com *ic = &sc->sc_ic;
951 uint16_t plcp_length;
952 int remainder;
953
954 desc->flags = htole32(flags);
955 desc->flags |= htole32(len << 16);
956
957 desc->xflags = htole16(xflags);
958
959 desc->wme = htole16(
960 RT2573_QID(0) |
961 RT2573_AIFSN(2) |
962 RT2573_LOGCWMIN(4) |
963 RT2573_LOGCWMAX(10));
964
965 /* setup PLCP fields */
966 desc->plcp_signal = rum_plcp_signal(rate);
967 desc->plcp_service = 4;
968
969 len += IEEE80211_CRC_LEN;
970 if (RUM_RATE_IS_OFDM(rate)) {
971 desc->flags |= htole32(RT2573_TX_OFDM);
972
973 plcp_length = len & 0xfff;
974 desc->plcp_length_hi = plcp_length >> 6;
975 desc->plcp_length_lo = plcp_length & 0x3f;
976 } else {
977 plcp_length = (16 * len + rate - 1) / rate;
978 if (rate == 22) {
979 remainder = (16 * len) % 22;
980 if (remainder != 0 && remainder < 7)
981 desc->plcp_service |= RT2573_PLCP_LENGEXT;
982 }
983 desc->plcp_length_hi = plcp_length >> 8;
984 desc->plcp_length_lo = plcp_length & 0xff;
985
986 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
987 desc->plcp_signal |= 0x08;
988 }
989 desc->flags |= htole32(RT2573_TX_VALID);
990 }
991
992 #define RUM_TX_TIMEOUT 5000
993
994 static int
995 rum_tx_data(struct rum_softc *sc, struct mbuf *m0, struct ieee80211_node *ni)
996 {
997 struct ieee80211com *ic = &sc->sc_ic;
998 struct ifnet *ifp = &ic->ic_if;
999 struct rum_tx_desc *desc;
1000 struct rum_tx_data *data;
1001 struct ieee80211_frame *wh;
1002 uint32_t flags = 0;
1003 uint16_t dur;
1004 usbd_status error;
1005 int xferlen, rate, rateidx;
1006
1007 wh = mtod(m0, struct ieee80211_frame *);
1008
1009 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1010 if (ieee80211_crypto_encap(ic, ni, m0) == NULL) {
1011 m_freem(m0);
1012 return ENOBUFS;
1013 }
1014
1015 /* packet header may have moved, reset our local pointer */
1016 wh = mtod(m0, struct ieee80211_frame *);
1017 }
1018
1019 /* pickup a rate */
1020 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
1021 IEEE80211_FC0_TYPE_MGT) {
1022 /* mgmt frames are sent at the lowest available bit-rate */
1023 rateidx = 0;
1024 } else {
1025 ieee80211_ratectl_findrate(ni, m0->m_pkthdr.len, &rateidx, 1);
1026 }
1027 rate = IEEE80211_RS_RATE(&ni->ni_rates, rateidx);
1028
1029 data = &sc->tx_data[0];
1030 desc = (struct rum_tx_desc *)data->buf;
1031
1032 data->m = m0;
1033 data->ni = ni;
1034
1035 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1036 flags |= RT2573_TX_ACK;
1037
1038 dur = ieee80211_txtime(ni, RUM_ACK_SIZE,
1039 ieee80211_ack_rate(ni, rate), ic->ic_flags) +
1040 sc->sc_sifs;
1041 *(uint16_t *)wh->i_dur = htole16(dur);
1042
1043 /* tell hardware to set timestamp in probe responses */
1044 if ((wh->i_fc[0] &
1045 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
1046 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
1047 flags |= RT2573_TX_TIMESTAMP;
1048 }
1049
1050 if (sc->sc_drvbpf != NULL) {
1051 struct rum_tx_radiotap_header *tap = &sc->sc_txtap;
1052
1053 tap->wt_flags = 0;
1054 tap->wt_rate = rate;
1055 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq);
1056 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags);
1057 tap->wt_antenna = sc->tx_ant;
1058
1059 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len);
1060 }
1061
1062 m_copydata(m0, 0, m0->m_pkthdr.len, data->buf + RT2573_TX_DESC_SIZE);
1063 rum_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate);
1064
1065 /* Align end on a 4-bytes boundary */
1066 xferlen = roundup(RT2573_TX_DESC_SIZE + m0->m_pkthdr.len, 4);
1067
1068 /*
1069 * No space left in the last URB to store the extra 4 bytes, force
1070 * sending of another URB.
1071 */
1072 if ((xferlen % 64) == 0)
1073 xferlen += 4;
1074
1075 DPRINTFN(10, ("sending frame len=%u rate=%u xfer len=%u\n",
1076 m0->m_pkthdr.len + RT2573_TX_DESC_SIZE, rate, xferlen));
1077
1078 lwkt_serialize_exit(ifp->if_serializer);
1079
1080 usbd_setup_xfer(data->xfer, sc->sc_tx_pipeh, data, data->buf, xferlen,
1081 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUM_TX_TIMEOUT, rum_txeof);
1082
1083 error = usbd_transfer(data->xfer);
1084 if (error != USBD_NORMAL_COMPLETION && error != USBD_IN_PROGRESS) {
1085 m_freem(m0);
1086 data->m = NULL;
1087 data->ni = NULL;
1088 } else {
1089 sc->tx_queued++;
1090 error = 0;
1091 }
1092
1093 lwkt_serialize_enter(ifp->if_serializer);
1094 return error;
1095 }
1096
1097 static void
1098 rum_start(struct ifnet *ifp)
1099 {
1100 struct rum_softc *sc = ifp->if_softc;
1101 struct ieee80211com *ic = &sc->sc_ic;
1102
1103 ASSERT_SERIALIZED(ifp->if_serializer);
1104
1105 if (sc->sc_stopped)
1106 return;
1107
1108 crit_enter();
1109
1110 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) {
1111 crit_exit();
1112 return;
1113 }
1114
1115 for (;;) {
1116 struct ieee80211_node *ni;
1117 struct mbuf *m0;
1118
1119 if (!IF_QEMPTY(&ic->ic_mgtq)) {
1120 if (sc->tx_queued >= RT2573_TX_LIST_COUNT) {
1121 ifp->if_flags |= IFF_OACTIVE;
1122 break;
1123 }
1124 IF_DEQUEUE(&ic->ic_mgtq, m0);
1125
1126 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif;
1127 m0->m_pkthdr.rcvif = NULL;
1128
1129 BPF_MTAP(ifp, m0);
1130
1131 if (rum_tx_data(sc, m0, ni) != 0) {
1132 ieee80211_free_node(ni);
1133 break;
1134 }
1135 } else {
1136 struct ether_header *eh;
1137
1138 if (ic->ic_state != IEEE80211_S_RUN)
1139 break;
1140
1141 m0 = ifq_poll(&ifp->if_snd);
1142 if (m0 == NULL)
1143 break;
1144 if (sc->tx_queued >= RT2573_TX_LIST_COUNT) {
1145 ifp->if_flags |= IFF_OACTIVE;
1146 break;
1147 }
1148 ifq_dequeue(&ifp->if_snd, m0);
1149
1150 if (m0->m_len < sizeof(struct ether_header)) {
1151 m0 = m_pullup(m0, sizeof(struct ether_header));
1152 if (m0 == NULL) {
1153 ifp->if_oerrors++;
1154 continue;
1155 }
1156 }
1157 eh = mtod(m0, struct ether_header *);
1158
1159 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1160 if (ni == NULL) {
1161 m_freem(m0);
1162 continue;
1163 }
1164
1165 BPF_MTAP(ifp, m0);
1166
1167 m0 = ieee80211_encap(ic, m0, ni);
1168 if (m0 == NULL) {
1169 ieee80211_free_node(ni);
1170 continue;
1171 }
1172
1173 if (ic->ic_rawbpf != NULL)
1174 bpf_mtap(ic->ic_rawbpf, m0);
1175
1176 if (rum_tx_data(sc, m0, ni) != 0) {
1177 ieee80211_free_node(ni);
1178 ifp->if_oerrors++;
1179 break;
1180 }
1181 }
1182
1183 sc->sc_tx_timer = 5;
1184 ifp->if_timer = 1;
1185 }
1186
1187 crit_exit();
1188 }
1189
1190 static void
1191 rum_watchdog(struct ifnet *ifp)
1192 {
1193 struct rum_softc *sc = ifp->if_softc;
1194
1195 ASSERT_SERIALIZED(ifp->if_serializer);
1196
1197 crit_enter();
1198
1199 ifp->if_timer = 0;
1200
1201 if (sc->sc_tx_timer > 0) {
1202 if (--sc->sc_tx_timer == 0) {
1203 kprintf("%s: device timeout\n", device_get_nameunit(sc->sc_dev));
1204 /*rum_init(sc); XXX needs a process context! */
1205 ifp->if_oerrors++;
1206
1207 crit_exit();
1208 return;
1209 }
1210 ifp->if_timer = 1;
1211 }
1212
1213 ieee80211_watchdog(&sc->sc_ic);
1214
1215 crit_exit();
1216 }
1217
1218 static int
1219 rum_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
1220 {
1221 struct rum_softc *sc = ifp->if_softc;
1222 struct ieee80211com *ic = &sc->sc_ic;
1223 int error = 0;
1224
1225 ASSERT_SERIALIZED(ifp->if_serializer);
1226
1227 crit_enter();
1228
1229 switch (cmd) {
1230 case SIOCSIFFLAGS:
1231 if (ifp->if_flags & IFF_UP) {
1232 if (ifp->if_flags & IFF_RUNNING) {
1233 lwkt_serialize_exit(ifp->if_serializer);
1234 rum_update_promisc(sc);
1235 lwkt_serialize_enter(ifp->if_serializer);
1236 } else {
1237 rum_init(sc);
1238 }
1239 } else {
1240 if (ifp->if_flags & IFF_RUNNING)
1241 rum_stop(sc);
1242 }
1243 break;
1244 default:
1245 error = ieee80211_ioctl(ic, cmd, data, cr);
1246 break;
1247 }
1248
1249 if (error == ENETRESET) {
1250 struct ieee80211req *ireq = (struct ieee80211req *)data;
1251
1252 if (cmd == SIOCS80211 &&
1253 ireq->i_type == IEEE80211_IOC_CHANNEL &&
1254 ic->ic_opmode == IEEE80211_M_MONITOR) {
1255 /*
1256 * This allows for fast channel switching in monitor
1257 * mode (used by kismet). In IBSS mode, we must
1258 * explicitly reset the interface to generate a new
1259 * beacon frame.
1260 */
1261 lwkt_serialize_exit(ifp->if_serializer);
1262 rum_set_chan(sc, ic->ic_ibss_chan);
1263 lwkt_serialize_enter(ifp->if_serializer);
1264 } else if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
1265 (IFF_UP | IFF_RUNNING)) {
1266 rum_init(sc);
1267 }
1268 error = 0;
1269 }
1270
1271 crit_exit();
1272 return error;
1273 }
1274
1275 static void
1276 rum_eeprom_read(struct rum_softc *sc, uint16_t addr, void *buf, int len)
1277 {
1278 usb_device_request_t req;
1279 usbd_status error;
1280
1281 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1282 req.bRequest = RT2573_READ_EEPROM;
1283 USETW(req.wValue, 0);
1284 USETW(req.wIndex, addr);
1285 USETW(req.wLength, len);
1286
1287 error = usbd_do_request(sc->sc_udev, &req, buf);
1288 if (error != 0) {
1289 kprintf("%s: could not read EEPROM: %s\n",
1290 device_get_nameunit(sc->sc_dev), usbd_errstr(error));
1291 }
1292 }
1293
1294 static uint32_t
1295 rum_read(struct rum_softc *sc, uint16_t reg)
1296 {
1297 uint32_t val;
1298
1299 rum_read_multi(sc, reg, &val, sizeof val);
1300
1301 return le32toh(val);
1302 }
1303
1304 static void
1305 rum_read_multi(struct rum_softc *sc, uint16_t reg, void *buf, int len)
1306 {
1307 usb_device_request_t req;
1308 usbd_status error;
1309
1310 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1311 req.bRequest = RT2573_READ_MULTI_MAC;
1312 USETW(req.wValue, 0);
1313 USETW(req.wIndex, reg);
1314 USETW(req.wLength, len);
1315
1316 error = usbd_do_request(sc->sc_udev, &req, buf);
1317 if (error != 0) {
1318 kprintf("%s: could not multi read MAC register: %s\n",
1319 device_get_nameunit(sc->sc_dev), usbd_errstr(error));
1320 }
1321 }
1322
1323 static void
1324 rum_write(struct rum_softc *sc, uint16_t reg, uint32_t val)
1325 {
1326 uint32_t tmp = htole32(val);
1327
1328 rum_write_multi(sc, reg, &tmp, sizeof tmp);
1329 }
1330
1331 static void
1332 rum_write_multi(struct rum_softc *sc, uint16_t reg, void *buf, size_t len)
1333 {
1334 usb_device_request_t req;
1335 usbd_status error;
1336
1337 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1338 req.bRequest = RT2573_WRITE_MULTI_MAC;
1339 USETW(req.wValue, 0);
1340 USETW(req.wIndex, reg);
1341 USETW(req.wLength, len);
1342
1343 error = usbd_do_request(sc->sc_udev, &req, buf);
1344 if (error != 0) {
1345 kprintf("%s: could not multi write MAC register: %s\n",
1346 device_get_nameunit(sc->sc_dev), usbd_errstr(error));
1347 }
1348 }
1349
1350 static void
1351 rum_bbp_write(struct rum_softc *sc, uint8_t reg, uint8_t val)
1352 {
1353 uint32_t tmp;
1354 int ntries;
1355
1356 for (ntries = 0; ntries < 5; ntries++) {
1357 if (!(rum_read(sc, RT2573_PHY_CSR3) & RT2573_BBP_BUSY))
1358 break;
1359 }
1360 if (ntries == 5) {
1361 kprintf("%s: could not write to BBP\n", device_get_nameunit(sc->sc_dev));
1362 return;
1363 }
1364
1365 tmp = RT2573_BBP_BUSY | (reg & 0x7f) << 8 | val;
1366 rum_write(sc, RT2573_PHY_CSR3, tmp);
1367 }
1368
1369 static uint8_t
1370 rum_bbp_read(struct rum_softc *sc, uint8_t reg)
1371 {
1372 uint32_t val;
1373 int ntries;
1374
1375 for (ntries = 0; ntries < 5; ntries++) {
1376 if (!(rum_read(sc, RT2573_PHY_CSR3) & RT2573_BBP_BUSY))
1377 break;
1378 }
1379 if (ntries == 5) {
1380 kprintf("%s: could not read BBP\n", device_get_nameunit(sc->sc_dev));
1381 return 0;
1382 }
1383
1384 val = RT2573_BBP_BUSY | RT2573_BBP_READ | reg << 8;
1385 rum_write(sc, RT2573_PHY_CSR3, val);
1386
1387 for (ntries = 0; ntries < 100; ntries++) {
1388 val = rum_read(sc, RT2573_PHY_CSR3);
1389 if (!(val & RT2573_BBP_BUSY))
1390 return val & 0xff;
1391 DELAY(1);
1392 }
1393
1394 kprintf("%s: could not read BBP\n", device_get_nameunit(sc->sc_dev));
1395 return 0;
1396 }
1397
1398 static void
1399 rum_rf_write(struct rum_softc *sc, uint8_t reg, uint32_t val)
1400 {
1401 uint32_t tmp;
1402 int ntries;
1403
1404 for (ntries = 0; ntries < 5; ntries++) {
1405 if (!(rum_read(sc, RT2573_PHY_CSR4) & RT2573_RF_BUSY))
1406 break;
1407 }
1408 if (ntries == 5) {
1409 kprintf("%s: could not write to RF\n", device_get_nameunit(sc->sc_dev));
1410 return;
1411 }
1412
1413 tmp = RT2573_RF_BUSY | RT2573_RF_20BIT | (val & 0xfffff) << 2 |
1414 (reg & 3);
1415 rum_write(sc, RT2573_PHY_CSR4, tmp);
1416
1417 /* remember last written value in sc */
1418 sc->rf_regs[reg] = val;
1419
1420 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0xfffff));
1421 }
1422
1423 static void
1424 rum_select_antenna(struct rum_softc *sc)
1425 {
1426 uint8_t bbp4, bbp77;
1427 uint32_t tmp;
1428
1429 bbp4 = rum_bbp_read(sc, 4);
1430 bbp77 = rum_bbp_read(sc, 77);
1431
1432 /* TBD */
1433
1434 /* make sure Rx is disabled before switching antenna */
1435 tmp = rum_read(sc, RT2573_TXRX_CSR0);
1436 rum_write(sc, RT2573_TXRX_CSR0, tmp | RT2573_DISABLE_RX);
1437
1438 rum_bbp_write(sc, 4, bbp4);
1439 rum_bbp_write(sc, 77, bbp77);
1440
1441 rum_write(sc, RT2573_TXRX_CSR0, tmp);
1442 }
1443
1444 /*
1445 * Enable multi-rate retries for frames sent at OFDM rates.
1446 * In 802.11b/g mode, allow fallback to CCK rates.
1447 */
1448 static void
1449 rum_enable_mrr(struct rum_softc *sc)
1450 {
1451 struct ieee80211com *ic = &sc->sc_ic;
1452 uint32_t tmp;
1453
1454 tmp = rum_read(sc, RT2573_TXRX_CSR4);
1455
1456 tmp &= ~RT2573_MRR_CCK_FALLBACK;
1457 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan))
1458 tmp |= RT2573_MRR_CCK_FALLBACK;
1459 tmp |= RT2573_MRR_ENABLED;
1460
1461 rum_write(sc, RT2573_TXRX_CSR4, tmp);
1462 }
1463
1464 static void
1465 rum_set_txpreamble(struct rum_softc *sc)
1466 {
1467 uint32_t tmp;
1468
1469 tmp = rum_read(sc, RT2573_TXRX_CSR4);
1470
1471 tmp &= ~RT2573_SHORT_PREAMBLE;
1472 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
1473 tmp |= RT2573_SHORT_PREAMBLE;
1474
1475 rum_write(sc, RT2573_TXRX_CSR4, tmp);
1476 }
1477
1478 static void
1479 rum_set_basicrates(struct rum_softc *sc)
1480 {
1481 struct ieee80211com *ic = &sc->sc_ic;
1482
1483 /* update basic rate set */
1484 if (ic->ic_curmode == IEEE80211_MODE_11B) {
1485 /* 11b basic rates: 1, 2Mbps */
1486 rum_write(sc, RT2573_TXRX_CSR5, 0x3);
1487 } else if (IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) {
1488 /* 11a basic rates: 6, 12, 24Mbps */
1489 rum_write(sc, RT2573_TXRX_CSR5, 0x150);
1490 } else {
1491 /* 11g basic rates: 1, 2, 5.5, 11, 6, 12, 24Mbps */
1492 rum_write(sc, RT2573_TXRX_CSR5, 0x15f);
1493 }
1494 }
1495
1496 /*
1497 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference
1498 * driver.
1499 */
1500 static void
1501 rum_select_band(struct rum_softc *sc, struct ieee80211_channel *c)
1502 {
1503 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104;
1504 uint32_t tmp;
1505
1506 /* update all BBP registers that depend on the band */
1507 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c;
1508 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48;
1509 if (IEEE80211_IS_CHAN_5GHZ(c)) {
1510 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c;
1511 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10;
1512 }
1513 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
1514 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
1515 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10;
1516 }
1517
1518 sc->bbp17 = bbp17;
1519 rum_bbp_write(sc, 17, bbp17);
1520 rum_bbp_write(sc, 96, bbp96);
1521 rum_bbp_write(sc, 104, bbp104);
1522
1523 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
1524 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
1525 rum_bbp_write(sc, 75, 0x80);
1526 rum_bbp_write(sc, 86, 0x80);
1527 rum_bbp_write(sc, 88, 0x80);
1528 }
1529
1530 rum_bbp_write(sc, 35, bbp35);
1531 rum_bbp_write(sc, 97, bbp97);
1532 rum_bbp_write(sc, 98, bbp98);
1533
1534 tmp = rum_read(sc, RT2573_PHY_CSR0);
1535 tmp &= ~(RT2573_PA_PE_2GHZ | RT2573_PA_PE_5GHZ);
1536 if (IEEE80211_IS_CHAN_2GHZ(c))
1537 tmp |= RT2573_PA_PE_2GHZ;
1538 else
1539 tmp |= RT2573_PA_PE_5GHZ;
1540 rum_write(sc, RT2573_PHY_CSR0, tmp);
1541 }
1542
1543 static void
1544 rum_set_chan(struct rum_softc *sc, struct ieee80211_channel *c)
1545 {
1546 struct ieee80211com *ic = &sc->sc_ic;
1547 const struct rfprog *rfprog;
1548 uint8_t bbp3, bbp94 = RT2573_BBPR94_DEFAULT;
1549 int8_t power;
1550 u_int i, chan;
1551
1552 chan = ieee80211_chan2ieee(ic, c);
1553 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
1554 return;
1555
1556 /* select the appropriate RF settings based on what EEPROM says */
1557 rfprog = (sc->rf_rev == RT2573_RF_5225 ||
1558 sc->rf_rev == RT2573_RF_2527) ? rum_rf5225 : rum_rf5226;
1559
1560 /* find the settings for this channel (we know it exists) */
1561 for (i = 0; rfprog[i].chan != chan; i++)
1562 ; /* EMPTY */
1563
1564 power = sc->txpow[i];
1565 if (power < 0) {
1566 bbp94 += power;
1567 power = 0;
1568 } else if (power > 31) {
1569 bbp94 += power - 31;
1570 power = 31;
1571 }
1572
1573 /*
1574 * If we are switching from the 2GHz band to the 5GHz band or
1575 * vice-versa, BBP registers need to be reprogrammed.
1576 */
1577 if (c->ic_flags != sc->sc_curchan->ic_flags) {
1578 rum_select_band(sc, c);
1579 rum_select_antenna(sc);
1580 }
1581 sc->sc_curchan = c;
1582
1583 rum_rf_write(sc, RT2573_RF1, rfprog[i].r1);
1584 rum_rf_write(sc, RT2573_RF2, rfprog[i].r2);
1585 rum_rf_write(sc, RT2573_RF3, rfprog[i].r3 | power << 7);
1586 rum_rf_write(sc, RT2573_RF4, rfprog[i].r4 | sc->rffreq << 10);
1587
1588 rum_rf_write(sc, RT2573_RF1, rfprog[i].r1);
1589 rum_rf_write(sc, RT2573_RF2, rfprog[i].r2);
1590 rum_rf_write(sc, RT2573_RF3, rfprog[i].r3 | power << 7 | 1);
1591 rum_rf_write(sc, RT2573_RF4, rfprog[i].r4 | sc->rffreq << 10);
1592
1593 rum_rf_write(sc, RT2573_RF1, rfprog[i].r1);
1594 rum_rf_write(sc, RT2573_RF2, rfprog[i].r2);
1595 rum_rf_write(sc, RT2573_RF3, rfprog[i].r3 | power << 7);
1596 rum_rf_write(sc, RT2573_RF4, rfprog[i].r4 | sc->rffreq << 10);
1597
1598 DELAY(10);
1599
1600 /* enable smart mode for MIMO-capable RFs */
1601 bbp3 = rum_bbp_read(sc, 3);
1602
1603 if (sc->rf_rev == RT2573_RF_5225 || sc->rf_rev == RT2573_RF_2527)
1604 bbp3 &= ~RT2573_SMART_MODE;
1605 else
1606 bbp3 |= RT2573_SMART_MODE;
1607
1608 rum_bbp_write(sc, 3, bbp3);
1609
1610 if (bbp94 != RT2573_BBPR94_DEFAULT)
1611 rum_bbp_write(sc, 94, bbp94);
1612
1613 sc->sc_sifs = IEEE80211_IS_CHAN_5GHZ(c) ? IEEE80211_DUR_OFDM_SIFS
1614 : IEEE80211_DUR_SIFS;
1615 }
1616
1617 /*
1618 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS
1619 * and HostAP operating modes.
1620 */
1621 static void
1622 rum_enable_tsf_sync(struct rum_softc *sc)
1623 {
1624 struct ieee80211com *ic = &sc->sc_ic;
1625 uint32_t tmp;
1626
1627 if (ic->ic_opmode != IEEE80211_M_STA) {
1628 /*
1629 * Change default 16ms TBTT adjustment to 8ms.
1630 * Must be done before enabling beacon generation.
1631 */
1632 rum_write(sc, RT2573_TXRX_CSR10, 1 << 12 | 8);
1633 }
1634
1635 tmp = rum_read(sc, RT2573_TXRX_CSR9) & 0xff000000;
1636
1637 /* set beacon interval (in 1/16ms unit) */
1638 tmp |= ic->ic_bss->ni_intval * 16;
1639
1640 tmp |= RT2573_TSF_TICKING | RT2573_ENABLE_TBTT;
1641 if (ic->ic_opmode == IEEE80211_M_STA)
1642 tmp |= RT2573_TSF_MODE(1);
1643 else
1644 tmp |= RT2573_TSF_MODE(2) | RT2573_GENERATE_BEACON;
1645
1646 rum_write(sc, RT2573_TXRX_CSR9, tmp);
1647 }
1648
1649 static void
1650 rum_update_slot(struct rum_softc *sc)
1651 {
1652 struct ieee80211com *ic = &sc->sc_ic;
1653 uint8_t slottime;
1654 uint32_t tmp;
1655
1656 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
1657
1658 tmp = rum_read(sc, RT2573_MAC_CSR9);
1659 tmp = (tmp & ~0xff) | slottime;
1660 rum_write(sc, RT2573_MAC_CSR9, tmp);
1661
1662 DPRINTF(("setting slot time to %uus\n", slottime));
1663 }
1664
1665 static void
1666 rum_set_bssid(struct rum_softc *sc, const uint8_t *bssid)
1667 {
1668 uint32_t tmp;
1669
1670 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24;
1671 rum_write(sc, RT2573_MAC_CSR4, tmp);
1672
1673 tmp = bssid[4] | bssid[5] << 8 | RT2573_ONE_BSSID << 16;
1674 rum_write(sc, RT2573_MAC_CSR5, tmp);
1675 }
1676
1677 static void
1678 rum_set_macaddr(struct rum_softc *sc, const uint8_t *addr)
1679 {
1680 uint32_t tmp;
1681
1682 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24;
1683 rum_write(sc, RT2573_MAC_CSR2, tmp);
1684
1685 tmp = addr[4] | addr[5] << 8 | 0xff << 16;
1686 rum_write(sc, RT2573_MAC_CSR3, tmp);
1687 }
1688
1689 static void
1690 rum_update_promisc(struct rum_softc *sc)
1691 {
1692 struct ifnet *ifp = &sc->sc_ic.ic_if;
1693 uint32_t tmp;
1694
1695 tmp = rum_read(sc, RT2573_TXRX_CSR0);
1696
1697 tmp &= ~RT2573_DROP_NOT_TO_ME;
1698 if (!(ifp->if_flags & IFF_PROMISC))
1699 tmp |= RT2573_DROP_NOT_TO_ME;
1700
1701 rum_write(sc, RT2573_TXRX_CSR0, tmp);
1702
1703 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
1704 "entering" : "leaving"));
1705 }
1706
1707 static const char *
1708 rum_get_rf(int rev)
1709 {
1710 switch (rev) {
1711 case RT2573_RF_2527: return "RT2527 (MIMO XR)";
1712 case RT2573_RF_2528: return "RT2528";
1713 case RT2573_RF_5225: return "RT5225 (MIMO XR)";
1714 case RT2573_RF_5226: return "RT5226";
1715 default: return "unknown";
1716 }
1717 }
1718
1719 static void
1720 rum_read_eeprom(struct rum_softc *sc)
1721 {
1722 struct ieee80211com *ic = &sc->sc_ic;
1723 uint16_t val;
1724 #ifdef RUM_DEBUG
1725 int i;
1726 #endif
1727
1728 /* read MAC/BBP type */
1729 rum_eeprom_read(sc, RT2573_EEPROM_MACBBP, &val, 2);
1730 sc->macbbp_rev = le16toh(val);
1731
1732 /* read MAC address */
1733 rum_eeprom_read(sc, RT2573_EEPROM_ADDRESS, ic->ic_myaddr, 6);
1734
1735 rum_eeprom_read(sc, RT2573_EEPROM_ANTENNA, &val, 2);
1736 val = le16toh(val);
1737 sc->rf_rev = (val >> 11) & 0x1f;
1738 sc->hw_radio = (val >> 10) & 0x1;
1739 sc->rx_ant = (val >> 4) & 0x3;
1740 sc->tx_ant = (val >> 2) & 0x3;
1741 sc->nb_ant = val & 0x3;
1742
1743 DPRINTF(("RF revision=%d\n", sc->rf_rev));
1744
1745 rum_eeprom_read(sc, RT2573_EEPROM_CONFIG2, &val, 2);
1746 val = le16toh(val);
1747 sc->ext_5ghz_lna = (val >> 6) & 0x1;
1748 sc->ext_2ghz_lna = (val >> 4) & 0x1;
1749
1750 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n",
1751 sc->ext_2ghz_lna, sc->ext_5ghz_lna));
1752
1753 rum_eeprom_read(sc, RT2573_EEPROM_RSSI_2GHZ_OFFSET, &val, 2);
1754 val = le16toh(val);
1755 if ((val & 0xff) != 0xff)
1756 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */
1757
1758 /* Only [-10, 10] is valid */
1759 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10)
1760 sc->rssi_2ghz_corr = 0;
1761
1762 rum_eeprom_read(sc, RT2573_EEPROM_RSSI_5GHZ_OFFSET, &val, 2);
1763 val = le16toh(val);
1764 if ((val & 0xff) != 0xff)
1765 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */
1766
1767 /* Only [-10, 10] is valid */
1768 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10)
1769 sc->rssi_5ghz_corr = 0;
1770
1771 if (sc->ext_2ghz_lna)
1772 sc->rssi_2ghz_corr -= 14;
1773 if (sc->ext_5ghz_lna)
1774 sc->rssi_5ghz_corr -= 14;
1775
1776 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n",
1777 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr));
1778
1779 rum_eeprom_read(sc, RT2573_EEPROM_FREQ_OFFSET, &val, 2);
1780 val = le16toh(val);
1781 if ((val & 0xff) != 0xff)
1782 sc->rffreq = val & 0xff;
1783
1784 DPRINTF(("RF freq=%d\n", sc->rffreq));
1785
1786 /* read Tx power for all a/b/g channels */
1787 rum_eeprom_read(sc, RT2573_EEPROM_TXPOWER, sc->txpow, 14);
1788 /* XXX default Tx power for 802.11a channels */
1789 memset(sc->txpow + 14, 24, sizeof (sc->txpow) - 14);
1790 #ifdef RUM_DEBUG
1791 for (i = 0; i < 14; i++)
1792 DPRINTF(("Channel=%d Tx power=%d\n", i + 1, sc->txpow[i]));
1793 #endif
1794
1795 /* read default values for BBP registers */
1796 rum_eeprom_read(sc, RT2573_EEPROM_BBP_BASE, sc->bbp_prom, 2 * 16);
1797 #ifdef RUM_DEBUG
1798 for (i = 0; i < 14; i++) {
1799 if (sc->bbp_prom[i].reg == 0 || sc->bbp_prom[i].reg == 0xff)
1800 continue;
1801 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg,
1802 sc->bbp_prom[i].val));
1803 }
1804 #endif
1805 }
1806
1807 static int
1808 rum_bbp_init(struct rum_softc *sc)
1809 {
1810 #define N(a) (sizeof (a) / sizeof ((a)[0]))
1811 int i, ntries;
1812 uint8_t val;
1813
1814 /* wait for BBP to be ready */
1815 for (ntries = 0; ntries < 100; ntries++) {
1816 val = rum_bbp_read(sc, 0);
1817 if (val != 0 && val != 0xff)
1818 break;
1819 DELAY(1000);
1820 }
1821 if (ntries == 100) {
1822 kprintf("%s: timeout waiting for BBP\n",
1823 device_get_nameunit(sc->sc_dev));
1824 return EIO;
1825 }
1826
1827 /* initialize BBP registers to default values */
1828 for (i = 0; i < N(rum_def_bbp); i++)
1829 rum_bbp_write(sc, rum_def_bbp[i].reg, rum_def_bbp[i].val);
1830
1831 /* write vendor-specific BBP values (from EEPROM) */
1832 for (i = 0; i < 16; i++) {
1833 if (sc->bbp_prom[i].reg == 0 || sc->bbp_prom[i].reg == 0xff)
1834 continue;
1835 rum_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val);
1836 }
1837
1838 return 0;
1839 #undef N
1840 }
1841
1842 static void
1843 rum_init(void *xsc)
1844 {
1845 #define N(a) (sizeof(a) / sizeof((a)[0]))
1846 struct rum_softc *sc = xsc;
1847 struct ieee80211com *ic = &sc->sc_ic;
1848 struct ifnet *ifp = &ic->ic_if;
1849 struct rum_rx_data *data;
1850 uint32_t tmp;
1851 usbd_status usb_err;
1852 int i, ntries, error;
1853
1854 ASSERT_SERIALIZED(ifp->if_serializer);
1855
1856 crit_enter();
1857
1858 rum_stop(sc);
1859 sc->sc_stopped = 0;
1860
1861 lwkt_serialize_exit(ifp->if_serializer);
1862
1863 /* initialize MAC registers to default values */
1864 for (i = 0; i < N(rum_def_mac); i++)
1865 rum_write(sc, rum_def_mac[i].reg, rum_def_mac[i].val);
1866
1867 /* set host ready */
1868 rum_write(sc, RT2573_MAC_CSR1, 3);
1869 rum_write(sc, RT2573_MAC_CSR1, 0);
1870
1871 /* wait for BBP/RF to wakeup */
1872 for (ntries = 0; ntries < 1000; ntries++) {
1873 if (rum_read(sc, RT2573_MAC_CSR12) & 8)
1874 break;
1875 rum_write(sc, RT2573_MAC_CSR12, 4); /* force wakeup */
1876 DELAY(1000);
1877 }
1878 if (ntries == 1000) {
1879 kprintf("%s: timeout waiting for BBP/RF to wakeup\n",
1880 device_get_nameunit(sc->sc_dev));
1881 error = ETIMEDOUT;
1882 goto fail;
1883 }
1884
1885 error = rum_bbp_init(sc);
1886 if (error)
1887 goto fail;
1888
1889 /* select default channel */
1890 sc->sc_curchan = ic->ic_curchan = ic->ic_ibss_chan;
1891
1892 rum_select_band(sc, sc->sc_curchan);
1893 rum_select_antenna(sc);
1894 rum_set_chan(sc, sc->sc_curchan);
1895
1896 /* clear STA registers */
1897 rum_read_multi(sc, RT2573_STA_CSR0, sc->sta, sizeof sc->sta);
1898
1899 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp));
1900 rum_set_macaddr(sc, ic->ic_myaddr);
1901
1902 /* initialize ASIC */
1903 rum_write(sc, RT2573_MAC_CSR1, 4);
1904
1905 /*
1906 * Allocate xfer for AMRR statistics requests.
1907 */
1908 sc->stats_xfer = usbd_alloc_xfer(sc->sc_udev);
1909 if (sc->stats_xfer == NULL) {
1910 kprintf("%s: could not allocate AMRR xfer\n",
1911 device_get_nameunit(sc->sc_dev));
1912 error = ENOMEM;
1913 goto fail;
1914 }
1915
1916 /*
1917 * Open Tx and Rx USB bulk pipes.
1918 */
1919 usb_err = usbd_open_pipe(sc->sc_iface, sc->sc_tx_no, USBD_EXCLUSIVE_USE,
1920 &sc->sc_tx_pipeh);
1921 if (usb_err != USBD_NORMAL_COMPLETION) {
1922 kprintf("%s: could not open Tx pipe: %s\n",
1923 device_get_nameunit(sc->sc_dev), usbd_errstr(usb_err));
1924 error = EIO;
1925 goto fail;
1926 }
1927
1928 usb_err = usbd_open_pipe(sc->sc_iface, sc->sc_rx_no, USBD_EXCLUSIVE_USE,
1929 &sc->sc_rx_pipeh);
1930 if (usb_err != USBD_NORMAL_COMPLETION) {
1931 kprintf("%s: could not open Rx pipe: %s\n",
1932 device_get_nameunit(sc->sc_dev), usbd_errstr(usb_err));
1933 error = EIO;
1934 goto fail;
1935 }
1936
1937 /*
1938 * Allocate Tx and Rx xfer queues.
1939 */
1940 error = rum_alloc_tx_list(sc);
1941 if (error) {
1942 kprintf("%s: could not allocate Tx list\n",
1943 device_get_nameunit(sc->sc_dev));
1944 goto fail;
1945 }
1946
1947 error = rum_alloc_rx_list(sc);
1948 if (error) {
1949 kprintf("%s: could not allocate Rx list\n",
1950 device_get_nameunit(sc->sc_dev));
1951 goto fail;
1952 }
1953
1954 /*
1955 * Start up the receive pipe.
1956 */
1957 for (i = 0; i < RT2573_RX_LIST_COUNT; i++) {
1958 data = &sc->rx_data[i];
1959
1960 usbd_setup_xfer(data->xfer, sc->sc_rx_pipeh, data, data->buf,
1961 MCLBYTES, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, rum_rxeof);
1962 usbd_transfer(data->xfer);
1963 }
1964
1965 /* update Rx filter */
1966 tmp = rum_read(sc, RT2573_TXRX_CSR0) & 0xffff;
1967
1968 tmp |= RT2573_DROP_PHY_ERROR | RT2573_DROP_CRC_ERROR;
1969 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1970 tmp |= RT2573_DROP_CTL | RT2573_DROP_VER_ERROR |
1971 RT2573_DROP_ACKCTS;
1972 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
1973 tmp |= RT2573_DROP_TODS;
1974 if (!(ifp->if_flags & IFF_PROMISC))
1975 tmp |= RT2573_DROP_NOT_TO_ME;
1976 }
1977 rum_write(sc, RT2573_TXRX_CSR0, tmp);
1978 fail:
1979 lwkt_serialize_enter(ifp->if_serializer);
1980
1981 if (error) {
1982 rum_stop(sc);
1983 } else {
1984 ifp->if_flags &= ~IFF_OACTIVE;
1985 ifp->if_flags |= IFF_RUNNING;
1986
1987 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1988 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
1989 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
1990 } else {
1991 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
1992 }
1993 }
1994
1995 crit_exit();
1996 #undef N
1997 }
1998
1999 static void
2000 rum_stop(struct rum_softc *sc)
2001 {
2002 struct ieee80211com *ic = &sc->sc_ic;
2003 struct ifnet *ifp = &ic->ic_if;
2004 uint32_t tmp;
2005
2006 ASSERT_SERIALIZED(ifp->if_serializer);
2007
2008 crit_enter();
2009
2010 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
2011 sc->sc_stopped = 1;
2012
2013 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */
2014
2015 sc->sc_tx_timer = 0;
2016 ifp->if_timer = 0;
2017
2018 lwkt_serialize_exit(ifp->if_serializer);
2019
2020 /* disable Rx */
2021 tmp = rum_read(sc, RT2573_TXRX_CSR0);
2022 rum_write(sc, RT2573_TXRX_CSR0, tmp | RT2573_DISABLE_RX);
2023
2024 /* reset ASIC */
2025 rum_write(sc, RT2573_MAC_CSR1, 3);
2026 rum_write(sc, RT2573_MAC_CSR1, 0);
2027
2028 if (sc->stats_xfer != NULL) {
2029 usbd_free_xfer(sc->stats_xfer);
2030 sc->stats_xfer = NULL;
2031 }
2032
2033 if (sc->sc_rx_pipeh != NULL) {
2034 usbd_abort_pipe(sc->sc_rx_pipeh);
2035 usbd_close_pipe(sc->sc_rx_pipeh);
2036 sc->sc_rx_pipeh = NULL;
2037 }
2038
2039 if (sc->sc_tx_pipeh != NULL) {
2040 usbd_abort_pipe(sc->sc_tx_pipeh);
2041 usbd_close_pipe(sc->sc_tx_pipeh);
2042 sc->sc_tx_pipeh = NULL;
2043 }
2044
2045 lwkt_serialize_enter(ifp->if_serializer);
2046
2047 rum_free_rx_list(sc);
2048 rum_free_tx_list(sc);
2049
2050 crit_exit();
2051 }
2052
2053 static int
2054 rum_load_microcode(struct rum_softc *sc, const uint8_t *ucode, size_t size)
2055 {
2056 usb_device_request_t req;
2057 uint16_t reg = RT2573_MCU_CODE_BASE;
2058 usbd_status error;
2059
2060 /* copy firmware image into NIC */
2061 for (; size >= 4; reg += 4, ucode += 4, size -= 4)
2062 rum_write(sc, reg, UGETDW(ucode));
2063
2064 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
2065 req.bRequest = RT2573_MCU_CNTL;
2066 USETW(req.wValue, RT2573_MCU_RUN);
2067 USETW(req.wIndex, 0);
2068 USETW(req.wLength, 0);
2069
2070 error = usbd_do_request(sc->sc_udev, &req, NULL);
2071 if (error != 0) {
2072 kprintf("%s: could not run firmware: %s\n",
2073 device_get_nameunit(sc->sc_dev), usbd_errstr(error));
2074 }
2075 return error;
2076 }
2077
2078 static int
2079 rum_prepare_beacon(struct rum_softc *sc)
2080 {
2081 struct ieee80211com *ic = &sc->sc_ic;
2082 struct ifnet *ifp = &ic->ic_if;
2083 struct ieee80211_beacon_offsets bo;
2084 struct rum_tx_desc desc;
2085 struct mbuf *m0;
2086 int rate;
2087
2088 lwkt_serialize_enter(ifp->if_serializer);
2089 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo);
2090 lwkt_serialize_exit(ifp->if_serializer);
2091
2092 if (m0 == NULL) {
2093 if_printf(&ic->ic_if, "could not allocate beacon frame\n");
2094 return ENOBUFS;
2095 }
2096
2097 /* send beacons at the lowest available rate */
2098 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2;
2099
2100 rum_setup_tx_desc(sc, &desc, RT2573_TX_TIMESTAMP, RT2573_TX_HWSEQ,
2101 m0->m_pkthdr.len, rate);
2102
2103 /* copy the first 24 bytes of Tx descriptor into NIC memory */
2104 rum_write_multi(sc, RT2573_HW_BEACON_BASE0, (uint8_t *)&desc, 24);
2105
2106 /* copy beacon header and payload into NIC memory */
2107 rum_write_multi(sc, RT2573_HW_BEACON_BASE0 + 24, mtod(m0, uint8_t *),
2108 m0->m_pkthdr.len);
2109
2110 m_freem(m0);
2111
2112 return 0;
2113 }
2114
2115 static void
2116 rum_stats_timeout(void *arg)
2117 {
2118 struct rum_softc *sc = arg;
2119 usb_device_request_t req;
2120
2121 if (sc->sc_stopped)
2122 return;
2123
2124 crit_enter();
2125
2126 /*
2127 * Asynchronously read statistic registers (cleared by read).
2128 */
2129 req.bmRequestType = UT_READ_VENDOR_DEVICE;
2130 req.bRequest = RT2573_READ_MULTI_MAC;
2131 USETW(req.wValue, 0);
2132 USETW(req.wIndex, RT2573_STA_CSR0);
2133 USETW(req.wLength, sizeof(sc->sta));
2134
2135 usbd_setup_default_xfer(sc->stats_xfer, sc->sc_udev, sc,
2136 USBD_DEFAULT_TIMEOUT, &req,
2137 sc->sta, sizeof(sc->sta), 0,
2138 rum_stats_update);
2139 usbd_transfer(sc->stats_xfer);
2140
2141 crit_exit();
2142 }
2143
2144 static void
2145 rum_stats_update(usbd_xfer_handle xfer, usbd_private_handle priv,
2146 usbd_status status)
2147 {
2148 struct rum_softc *sc = (struct rum_softc *)priv;
2149 struct ifnet *ifp = &sc->sc_ic.ic_if;
2150 struct ieee80211_ratectl_stats *stats = &sc->sc_stats;
2151
2152 if (status != USBD_NORMAL_COMPLETION) {
2153 kprintf("%s: could not retrieve Tx statistics - cancelling "
2154 "automatic rate control\n", device_get_nameunit(sc->sc_dev));
2155 return;
2156 }
2157
2158 crit_enter();
2159
2160 /* count TX retry-fail as Tx errors */
2161 ifp->if_oerrors += RUM_TX_PKT_FAIL(sc);
2162
2163 stats->stats_pkt_noretry += RUM_TX_PKT_NO_RETRY(sc);
2164 stats->stats_pkt_ok += RUM_TX_PKT_NO_RETRY(sc) +
2165 RUM_TX_PKT_ONE_RETRY(sc) +
2166 RUM_TX_PKT_MULTI_RETRY(sc);
2167 stats->stats_pkt_err += RUM_TX_PKT_FAIL(sc);
2168
2169 stats->stats_retries += RUM_TX_PKT_ONE_RETRY(sc);
2170 #if 1
2171 /*
2172 * XXX Estimated average:
2173 * Actual number of retries for each packet should belong to
2174 * [2, RUM_TX_SHORT_RETRY_MAX]
2175 */
2176 stats->stats_retries += RUM_TX_PKT_MULTI_RETRY(sc) *
2177 ((2 + RUM_TX_SHORT_RETRY_MAX) / 2);
2178 #else
2179 stats->stats_retries += RUM_TX_PKT_MULTI_RETRY(sc);
2180 #endif
2181 stats->stats_retries += RUM_TX_PKT_FAIL(sc) * RUM_TX_SHORT_RETRY_MAX;
2182
2183 callout_reset(&sc->stats_ch, 4 * hz / 5, rum_stats_timeout, sc);
2184
2185 crit_exit();
2186 }
2187
2188 static void
2189 rum_stats(struct ieee80211com *ic, struct ieee80211_node *ni __unused,
2190 struct ieee80211_ratectl_stats *stats)
2191 {
2192 struct ifnet *ifp = &ic->ic_if;
2193 struct rum_softc *sc = ifp->if_softc;
2194
2195 ASSERT_SERIALIZED(ifp->if_serializer);
2196
2197 bcopy(&sc->sc_stats, stats, sizeof(*stats));
2198 bzero(&sc->sc_stats, sizeof(sc->sc_stats));
2199 }
2200
2201 static void
2202 rum_ratectl_change(struct ieee80211com *ic, u_int orc __unused, u_int nrc)
2203 {
2204 struct ieee80211_ratectl_state *st = &ic->ic_ratectl;
2205 struct ieee80211_onoe_param *oparam;
2206
2207 if (st->rc_st_param != NULL) {
2208 kfree(st->rc_st_param, M_DEVBUF);
2209 st->rc_st_param = NULL;
2210 }
2211
2212 switch (nrc) {
2213 case IEEE80211_RATECTL_ONOE:
2214 oparam = kmalloc(sizeof(*oparam), M_DEVBUF, M_INTWAIT);
2215
2216 IEEE80211_ONOE_PARAM_SETUP(oparam);
2217 oparam->onoe_raise = 15;
2218
2219 st->rc_st_param = oparam;
2220 break;
2221 case IEEE80211_RATECTL_NONE:
2222 /* This could only happen during detaching */
2223 break;
2224 default:
2225 panic("unknown rate control algo %u\n", nrc);
2226 }
2227 }
2228
2229 static int
2230 rum_get_rssi(struct rum_softc *sc, uint8_t raw)
2231 {
2232 int lna, agc, rssi;
2233
2234 lna = (raw >> 5) & 0x3;
2235 agc = raw & 0x1f;
2236
2237 if (lna == 0) {
2238 /*
2239 * No RSSI mapping
2240 *
2241 * NB: Since RSSI is relative to noise floor, -1 is
2242 * adequate for caller to know error happened.
2243 */
2244 return -1;
2245 }
2246
2247 rssi = (2 * agc) - RT2573_NOISE_FLOOR;
2248
2249 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) {
2250 rssi += sc->rssi_2ghz_corr;
2251
2252 if (lna == 1)
2253 rssi -= 64;
2254 else if (lna == 2)
2255 rssi -= 74;
2256 else if (lna == 3)
2257 rssi -= 90;
2258 } else {
2259 rssi += sc->rssi_5ghz_corr;
2260
2261 if (!sc->ext_5ghz_lna && lna != 1)
2262 rssi += 4;
2263
2264 if (lna == 1)
2265 rssi -= 64;
2266 else if (lna == 2)
2267 rssi -= 86;
2268 else if (lna == 3)
2269 rssi -= 100;
2270 }
2271 return rssi;
2272 }
DragonFly vkernel multiprocessor port