search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Nuke usbdevs and references to it.
[dragonfly.git] / sys / dev / netif / rum / if_rum.c
blob82a3aa7d1157bb7d06c31e8dc266bc326f0cb258
1 /* $OpenBSD: if_rum.c,v 1.40 2006/09/18 16:20:20 damien Exp $ */
2 /* $DragonFly: src/sys/dev/netif/rum/if_rum.c,v 1.21 2007/11/05 19:09:43 hasso Exp $ */
3
4 /*-
5 * Copyright (c) 2005, 2006 Damien Bergamini <damien.bergamini@free.fr>
6 * Copyright (c) 2006 Niall O'Higgins <niallo@openbsd.org>
7 *
8 * Permission to use, copy, modify, and distribute this software for any
9 * purpose with or without fee is hereby granted, provided that the above
10 * copyright notice and this permission notice appear in all copies.
11 *
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 */
20
21 /*-
22 * Ralink Technology RT2501USB/RT2601USB chipset driver
23 * http://www.ralinktech.com/
24 */
25
26 #include <sys/param.h>
27 #include <sys/bus.h>
28 #include <sys/endian.h>
29 #include <sys/kernel.h>
30 #include <sys/malloc.h>
31 #include <sys/mbuf.h>
32 #include <sys/rman.h>
33 #include <sys/serialize.h>
34 #include <sys/socket.h>
35 #include <sys/sockio.h>
36
37 #include <net/bpf.h>
38 #include <net/ethernet.h>
39 #include <net/if.h>
40 #include <net/if_arp.h>
41 #include <net/if_dl.h>
42 #include <net/if_media.h>
43 #include <net/ifq_var.h>
44
45 #include <netproto/802_11/ieee80211_var.h>
46 #include <netproto/802_11/ieee80211_radiotap.h>
47 #include <netproto/802_11/wlan_ratectl/onoe/ieee80211_onoe_param.h>
48
49 #include <bus/usb/usb.h>
50 #include <bus/usb/usbdi.h>
51 #include <bus/usb/usbdi_util.h>
52
53 #include "if_rumreg.h"
54 #include "if_rumvar.h"
55 #include "rum_ucode.h"
56
57 #ifdef USB_DEBUG
58 #define RUM_DEBUG
59 #endif
60
61 #ifdef RUM_DEBUG
62 #define DPRINTF(x) do { if (rum_debug) kprintf x; } while (0)
63 #define DPRINTFN(n, x) do { if (rum_debug >= (n)) kprintf x; } while (0)
64 int rum_debug = 0;
65 #else
66 #define DPRINTF(x)
67 #define DPRINTFN(n, x)
68 #endif
69
70 /* various supported device vendors/products */
71 static const struct usb_devno rum_devs[] = {
72 { USB_DEVICE(0x0411, 0x00d8) }, /* Melco WLI-U2-SG54HP */
73 { USB_DEVICE(0x0411, 0x00d9) }, /* Melco WLI-U2-G54HP */
74 { USB_DEVICE(0x050d, 0x705a) }, /* Belkin F5D7050A */
75 { USB_DEVICE(0x050d, 0x905b) }, /* Belkin F5D9050 ver3 */
76 { USB_DEVICE(0x06f8, 0xe010) }, /* Guillemot HWGUSB2-54-LB */
77 { USB_DEVICE(0x06f8, 0xe020) }, /* Guillemot HWGUSB2-54V2-AP */
78 { USB_DEVICE(0x0769, 0x31f3) }, /* Surecom RT2573 */
79 { USB_DEVICE(0x07b8, 0xb21b) }, /* AboCom HWU54DM */
80 { USB_DEVICE(0x07b8, 0xb21c) }, /* AboCom RT2573 */
81 { USB_DEVICE(0x07b8, 0xb21d) }, /* AboCom RT2573 */
82 { USB_DEVICE(0x07b8, 0xb21e) }, /* AboCom RT2573 */
83 { USB_DEVICE(0x07b8, 0xb21f) }, /* AboCom WUG2700 */
84 { USB_DEVICE(0x07d1, 0x3c03) }, /* D-Link DWL-G122 rev c1 */
85 { USB_DEVICE(0x07d1, 0x3c04) }, /* D-Link WUA-1340 */
86 { USB_DEVICE(0x0b05, 0x1723) }, /* Asus WL-167g */
87 { USB_DEVICE(0x0b05, 0x1724) }, /* Asus WL-167g */
88 { USB_DEVICE(0x0db0, 0x6874) }, /* MSI RT2573 */
89 { USB_DEVICE(0x0db0, 0x6877) }, /* MSI RT2573 */
90 { USB_DEVICE(0x0db0, 0xa861) }, /* MSI RT2573 */
91 { USB_DEVICE(0x0db0, 0xa874) }, /* MSI RT2573 */
92 { USB_DEVICE(0x0df6, 0x90ac) }, /* Sitecom WL-172 */
93 { USB_DEVICE(0x0df6, 0x9712) }, /* Sitecom WL-113 rev 2 */
94 { USB_DEVICE(0x0eb0, 0x9021) }, /* Nova Technology RT2573 */
95 { USB_DEVICE(0x1044, 0x8008) }, /* GIGABYTE GN-WB01GS */
96 { USB_DEVICE(0x1044, 0x800a) }, /* GIGABYTE GN-WI05GS */
97 { USB_DEVICE(0x1371, 0x9022) }, /* (really) C-Net RT2573 */
98 { USB_DEVICE(0x1371, 0x9032) }, /* (really) C-Net CWD854F */
99 { USB_DEVICE(0x1472, 0x0009) }, /* Huawei RT2573 */
100 { USB_DEVICE(0x148f, 0x2573) }, /* Ralink RT2573 */
101 { USB_DEVICE(0x148f, 0x2671) }, /* Ralink RT2671 */
102 { USB_DEVICE(0x148f, 0x9021) }, /* Ralink RT2573 */
103 { USB_DEVICE(0x14b2, 0x3c22) }, /* Conceptronic C54RU */
104 { USB_DEVICE(0x1631, 0xc019) }, /* Good Way Technology RT2573 */
105 { USB_DEVICE(0x1690, 0x0722) }, /* Gigaset RT2573 */
106 { USB_DEVICE(0x1737, 0x0020) }, /* Linksys WUSB54GC */
107 { USB_DEVICE(0x1737, 0x0023) }, /* Linksys WUSB54GR */
108 { USB_DEVICE(0x18c5, 0x0002) }, /* AMIT CG-WLUSB2GO */
109 { USB_DEVICE(0x18e8, 0x6196) }, /* Qcom RT2573 */
110 { USB_DEVICE(0x18e8, 0x6229) }, /* Qcom RT2573 */
111 { USB_DEVICE(0x2019, 0xab01) }, /* Planex GW-US54HP */
112 { USB_DEVICE(0x2019, 0xab50) }, /* Planex GW-US54Mini2 */
113 { USB_DEVICE(0x2019, 0xed02) }, /* Planex GW-USMM */
114 };
115
116 static int rum_alloc_tx_list(struct rum_softc *);
117 static void rum_free_tx_list(struct rum_softc *);
118 static int rum_alloc_rx_list(struct rum_softc *);
119 static void rum_free_rx_list(struct rum_softc *);
120 static int rum_media_change(struct ifnet *);
121 static void rum_next_scan(void *);
122 static void rum_task(void *);
123 static int rum_newstate(struct ieee80211com *,
124 enum ieee80211_state, int);
125 static void rum_txeof(usbd_xfer_handle, usbd_private_handle,
126 usbd_status);
127 static void rum_rxeof(usbd_xfer_handle, usbd_private_handle,
128 usbd_status);
129 static uint8_t rum_rxrate(struct rum_rx_desc *);
130 static uint8_t rum_plcp_signal(int);
131 static void rum_setup_tx_desc(struct rum_softc *,
132 struct rum_tx_desc *, uint32_t, uint16_t, int,
133 int);
134 static int rum_tx_data(struct rum_softc *, struct mbuf *,
135 struct ieee80211_node *);
136 static void rum_start(struct ifnet *);
137 static void rum_watchdog(struct ifnet *);
138 static int rum_ioctl(struct ifnet *, u_long, caddr_t,
139 struct ucred *);
140 static void rum_eeprom_read(struct rum_softc *, uint16_t, void *,
141 int);
142 static uint32_t rum_read(struct rum_softc *, uint16_t);
143 static void rum_read_multi(struct rum_softc *, uint16_t, void *,
144 int);
145 static void rum_write(struct rum_softc *, uint16_t, uint32_t);
146 static void rum_write_multi(struct rum_softc *, uint16_t, void *,
147 size_t);
148 static void rum_bbp_write(struct rum_softc *, uint8_t, uint8_t);
149 static uint8_t rum_bbp_read(struct rum_softc *, uint8_t);
150 static void rum_rf_write(struct rum_softc *, uint8_t, uint32_t);
151 static void rum_select_antenna(struct rum_softc *);
152 static void rum_enable_mrr(struct rum_softc *);
153 static void rum_set_txpreamble(struct rum_softc *);
154 static void rum_set_basicrates(struct rum_softc *);
155 static void rum_select_band(struct rum_softc *,
156 struct ieee80211_channel *);
157 static void rum_set_chan(struct rum_softc *,
158 struct ieee80211_channel *);
159 static void rum_enable_tsf_sync(struct rum_softc *);
160 static void rum_update_slot(struct rum_softc *);
161 static void rum_set_bssid(struct rum_softc *, const uint8_t *);
162 static void rum_set_macaddr(struct rum_softc *, const uint8_t *);
163 static void rum_update_promisc(struct rum_softc *);
164 static const char *rum_get_rf(int);
165 static void rum_read_eeprom(struct rum_softc *);
166 static int rum_bbp_init(struct rum_softc *);
167 static void rum_init(void *);
168 static void rum_stop(struct rum_softc *);
169 static int rum_load_microcode(struct rum_softc *, const uint8_t *,
170 size_t);
171 static int rum_prepare_beacon(struct rum_softc *);
172
173 static void rum_stats_timeout(void *);
174 static void rum_stats_update(usbd_xfer_handle, usbd_private_handle,
175 usbd_status);
176 static void rum_stats(struct ieee80211com *,
177 struct ieee80211_node *,
178 struct ieee80211_ratectl_stats *);
179 static void rum_ratectl_change(struct ieee80211com *ic, u_int,
180 u_int);
181 static int rum_get_rssi(struct rum_softc *, uint8_t);
182
183 /*
184 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
185 */
186 static const struct ieee80211_rateset rum_rateset_11a =
187 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
188
189 static const struct ieee80211_rateset rum_rateset_11b =
190 { 4, { 2, 4, 11, 22 } };
191
192 static const struct ieee80211_rateset rum_rateset_11g =
193 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
194
195 static const struct {
196 uint32_t reg;
197 uint32_t val;
198 } rum_def_mac[] = {
199 RT2573_DEF_MAC
200 };
201
202 static const struct {
203 uint8_t reg;
204 uint8_t val;
205 } rum_def_bbp[] = {
206 RT2573_DEF_BBP
207 };
208
209 static const struct rfprog {
210 uint8_t chan;
211 uint32_t r1, r2, r3, r4;
212 } rum_rf5226[] = {
213 RT2573_RF5226
214 }, rum_rf5225[] = {
215 RT2573_RF5225
216 };
217
218 static device_probe_t rum_match;
219 static device_attach_t rum_attach;
220 static device_detach_t rum_detach;
221
222 static devclass_t rum_devclass;
223
224 static kobj_method_t rum_methods[] = {
225 DEVMETHOD(device_probe, rum_match),
226 DEVMETHOD(device_attach, rum_attach),
227 DEVMETHOD(device_detach, rum_detach),
228 {0,0}
229 };
230
231 static driver_t rum_driver = {
232 "rum",
233 rum_methods,
234 sizeof(struct rum_softc)
235 };
236
237 MODULE_DEPEND(rum, usb, 1, 1, 1);
238 DRIVER_MODULE(rum, uhub, rum_driver, rum_devclass, usbd_driver_load, 0);
239
240 static int
241 rum_match(device_t self)
242 {
243 struct usb_attach_arg *uaa = device_get_ivars(self);
244
245 if (uaa->iface != NULL)
246 return UMATCH_NONE;
247
248 return (usb_lookup(rum_devs, uaa->vendor, uaa->product) != NULL) ?
249 UMATCH_VENDOR_PRODUCT : UMATCH_NONE;
250 }
251
252 static int
253 rum_attach(device_t self)
254 {
255 struct rum_softc *sc = device_get_softc(self);
256 struct usb_attach_arg *uaa = device_get_ivars(self);
257 struct ieee80211com *ic = &sc->sc_ic;
258 struct ifnet *ifp = &ic->ic_if;
259 usb_interface_descriptor_t *id;
260 usb_endpoint_descriptor_t *ed;
261 usbd_status error;
262 char devinfo[1024];
263 int i, ntries;
264 uint32_t tmp;
265
266 sc->sc_udev = uaa->device;
267
268 usbd_devinfo(uaa->device, 0, devinfo);
269 sc->sc_dev = self;
270 device_set_desc_copy(self, devinfo);
271
272 if (usbd_set_config_no(sc->sc_udev, RT2573_CONFIG_NO, 0) != 0) {
273 kprintf("%s: could not set configuration no\n",
274 device_get_nameunit(sc->sc_dev));
275 return ENXIO;
276 }
277
278 /* get the first interface handle */
279 error = usbd_device2interface_handle(sc->sc_udev, RT2573_IFACE_INDEX,
280 &sc->sc_iface);
281 if (error != 0) {
282 kprintf("%s: could not get interface handle\n",
283 device_get_nameunit(sc->sc_dev));
284 return ENXIO;
285 }
286
287 /*
288 * Find endpoints.
289 */
290 id = usbd_get_interface_descriptor(sc->sc_iface);
291
292 sc->sc_rx_no = sc->sc_tx_no = -1;
293 for (i = 0; i < id->bNumEndpoints; i++) {
294 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i);
295 if (ed == NULL) {
296 kprintf("%s: no endpoint descriptor for iface %d\n",
297 device_get_nameunit(sc->sc_dev), i);
298 return ENXIO;
299 }
300
301 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN &&
302 UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK)
303 sc->sc_rx_no = ed->bEndpointAddress;
304 else if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_OUT &&
305 UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK)
306 sc->sc_tx_no = ed->bEndpointAddress;
307 }
308 if (sc->sc_rx_no == -1 || sc->sc_tx_no == -1) {
309 kprintf("%s: missing endpoint\n", device_get_nameunit(sc->sc_dev));
310 return ENXIO;
311 }
312
313 usb_init_task(&sc->sc_task, rum_task, sc);
314
315 callout_init(&sc->scan_ch);
316 callout_init(&sc->stats_ch);
317
318 /* retrieve RT2573 rev. no */
319 for (ntries = 0; ntries < 1000; ntries++) {
320 if ((tmp = rum_read(sc, RT2573_MAC_CSR0)) != 0)
321 break;
322 DELAY(1000);
323 }
324 if (ntries == 1000) {
325 kprintf("%s: timeout waiting for chip to settle\n",
326 device_get_nameunit(sc->sc_dev));
327 return ENXIO;
328 }
329
330 /* retrieve MAC address and various other things from EEPROM */
331 rum_read_eeprom(sc);
332
333 kprintf("%s: MAC/BBP RT%04x (rev 0x%05x), RF %s, address %6D\n",
334 device_get_nameunit(sc->sc_dev), sc->macbbp_rev, tmp,
335 rum_get_rf(sc->rf_rev), ic->ic_myaddr, ":");
336
337 error = rum_load_microcode(sc, rt2573, sizeof(rt2573));
338 if (error != 0) {
339 device_printf(self, "can't load microcode\n");
340 return ENXIO;
341 }
342
343 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
344 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
345 ic->ic_state = IEEE80211_S_INIT;
346
347 /* set device capabilities */
348 ic->ic_caps =
349 IEEE80211_C_IBSS | /* IBSS mode supported */
350 IEEE80211_C_MONITOR | /* monitor mode supported */
351 IEEE80211_C_HOSTAP | /* HostAp mode supported */
352 IEEE80211_C_TXPMGT | /* tx power management */
353 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
354 IEEE80211_C_SHSLOT | /* short slot time supported */
355 IEEE80211_C_WPA; /* WPA 1+2 */
356
357 if (sc->rf_rev == RT2573_RF_5225 || sc->rf_rev == RT2573_RF_5226) {
358 /* set supported .11a rates */
359 ic->ic_sup_rates[IEEE80211_MODE_11A] = rum_rateset_11a;
360
361 /* set supported .11a channels */
362 for (i = 34; i <= 46; i += 4) {
363 ic->ic_channels[i].ic_freq =
364 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
365 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
366 }
367 for (i = 36; i <= 64; i += 4) {
368 ic->ic_channels[i].ic_freq =
369 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
370 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
371 }
372 for (i = 100; i <= 140; i += 4) {
373 ic->ic_channels[i].ic_freq =
374 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
375 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
376 }
377 for (i = 149; i <= 165; i += 4) {
378 ic->ic_channels[i].ic_freq =
379 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
380 ic->ic_channels[i].ic_flags = IEEE80211_CHAN_A;
381 }
382 }
383
384 /* set supported .11b and .11g rates */
385 ic->ic_sup_rates[IEEE80211_MODE_11B] = rum_rateset_11b;
386 ic->ic_sup_rates[IEEE80211_MODE_11G] = rum_rateset_11g;
387
388 /* set supported .11b and .11g channels (1 through 14) */
389 for (i = 1; i <= 14; i++) {
390 ic->ic_channels[i].ic_freq =
391 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
392 ic->ic_channels[i].ic_flags =
393 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
394 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
395 }
396
397 sc->sc_sifs = IEEE80211_DUR_SIFS; /* Default SIFS */
398
399 if_initname(ifp, device_get_name(self), device_get_unit(self));
400 ifp->if_softc = sc;
401 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
402 ifp->if_init = rum_init;
403 ifp->if_ioctl = rum_ioctl;
404 ifp->if_start = rum_start;
405 ifp->if_watchdog = rum_watchdog;
406 ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
407 ifq_set_ready(&ifp->if_snd);
408
409 ic->ic_ratectl.rc_st_ratectl_cap = IEEE80211_RATECTL_CAP_ONOE;
410 ic->ic_ratectl.rc_st_ratectl = IEEE80211_RATECTL_ONOE;
411 ic->ic_ratectl.rc_st_valid_stats =
412 IEEE80211_RATECTL_STATS_PKT_NORETRY |
413 IEEE80211_RATECTL_STATS_PKT_OK |
414 IEEE80211_RATECTL_STATS_PKT_ERR |
415 IEEE80211_RATECTL_STATS_RETRIES;
416 ic->ic_ratectl.rc_st_stats = rum_stats;
417 ic->ic_ratectl.rc_st_change = rum_ratectl_change;
418
419 ieee80211_ifattach(ic);
420
421 /* Enable software beacon missing handling. */
422 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
423
424 /* override state transition machine */
425 sc->sc_newstate = ic->ic_newstate;
426 ic->ic_newstate = rum_newstate;
427 ieee80211_media_init(ic, rum_media_change, ieee80211_media_status);
428
429 bpfattach_dlt(ifp, DLT_IEEE802_11_RADIO,
430 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN,
431 &sc->sc_drvbpf);
432
433 sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
434 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
435 sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2573_RX_RADIOTAP_PRESENT);
436
437 sc->sc_txtap_len = sizeof sc->sc_txtapu;
438 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
439 sc->sc_txtap.wt_ihdr.it_present = htole32(RT2573_TX_RADIOTAP_PRESENT);
440
441 if (bootverbose)
442 ieee80211_announce(ic);
443
444 return 0;
445 }
446
447 static int
448 rum_detach(device_t self)
449 {
450 struct rum_softc *sc = device_get_softc(self);
451 struct ifnet *ifp = &sc->sc_ic.ic_if;
452 #ifdef INVARIANTS
453 int i;
454 #endif
455
456 crit_enter();
457
458 callout_stop(&sc->scan_ch);
459 callout_stop(&sc->stats_ch);
460
461 lwkt_serialize_enter(ifp->if_serializer);
462 rum_stop(sc);
463 lwkt_serialize_exit(ifp->if_serializer);
464
465 usb_rem_task(sc->sc_udev, &sc->sc_task);
466
467 bpfdetach(ifp);
468 ieee80211_ifdetach(&sc->sc_ic); /* free all nodes */
469
470 crit_exit();
471
472 KKASSERT(sc->stats_xfer == NULL);
473 KKASSERT(sc->sc_rx_pipeh == NULL);
474 KKASSERT(sc->sc_tx_pipeh == NULL);
475
476 #ifdef INVARIANTS
477 /*
478 * Make sure TX/RX list is empty
479 */
480 for (i = 0; i < RT2573_TX_LIST_COUNT; i++) {
481 struct rum_tx_data *data = &sc->tx_data[i];
482
483 KKASSERT(data->xfer == NULL);
484 KKASSERT(data->ni == NULL);
485 KKASSERT(data->m == NULL);
486 }
487 for (i = 0; i < RT2573_RX_LIST_COUNT; i++) {
488 struct rum_rx_data *data = &sc->rx_data[i];
489
490 KKASSERT(data->xfer == NULL);
491 KKASSERT(data->m == NULL);
492 }
493 #endif
494 return 0;
495 }
496
497 static int
498 rum_alloc_tx_list(struct rum_softc *sc)
499 {
500 int i;
501
502 sc->tx_queued = 0;
503 for (i = 0; i < RT2573_TX_LIST_COUNT; i++) {
504 struct rum_tx_data *data = &sc->tx_data[i];
505
506 data->sc = sc;
507
508 data->xfer = usbd_alloc_xfer(sc->sc_udev);
509 if (data->xfer == NULL) {
510 kprintf("%s: could not allocate tx xfer\n",
511 device_get_nameunit(sc->sc_dev));
512 return ENOMEM;
513 }
514
515 data->buf = usbd_alloc_buffer(data->xfer,
516 RT2573_TX_DESC_SIZE + IEEE80211_MAX_LEN);
517 if (data->buf == NULL) {
518 kprintf("%s: could not allocate tx buffer\n",
519 device_get_nameunit(sc->sc_dev));
520 return ENOMEM;
521 }
522
523 /* clean Tx descriptor */
524 bzero(data->buf, RT2573_TX_DESC_SIZE);
525 }
526 return 0;
527 }
528
529 static void
530 rum_free_tx_list(struct rum_softc *sc)
531 {
532 int i;
533
534 for (i = 0; i < RT2573_TX_LIST_COUNT; i++) {
535 struct rum_tx_data *data = &sc->tx_data[i];
536
537 if (data->xfer != NULL) {
538 usbd_free_xfer(data->xfer);
539 data->xfer = NULL;
540 }
541 if (data->ni != NULL) {
542 ieee80211_free_node(data->ni);
543 data->ni = NULL;
544 }
545 if (data->m != NULL) {
546 m_freem(data->m);
547 data->m = NULL;
548 }
549 }
550 sc->tx_queued = 0;
551 }
552
553 static int
554 rum_alloc_rx_list(struct rum_softc *sc)
555 {
556 int i;
557
558 for (i = 0; i < RT2573_RX_LIST_COUNT; i++) {
559 struct rum_rx_data *data = &sc->rx_data[i];
560
561 data->sc = sc;
562
563 data->xfer = usbd_alloc_xfer(sc->sc_udev);
564 if (data->xfer == NULL) {
565 kprintf("%s: could not allocate rx xfer\n",
566 device_get_nameunit(sc->sc_dev));
567 return ENOMEM;
568 }
569
570 if (usbd_alloc_buffer(data->xfer, MCLBYTES) == NULL) {
571 kprintf("%s: could not allocate rx buffer\n",
572 device_get_nameunit(sc->sc_dev));
573 return ENOMEM;
574 }
575
576 data->m = m_getcl(MB_WAIT, MT_DATA, M_PKTHDR);
577
578 data->buf = mtod(data->m, uint8_t *);
579 bzero(data->buf, sizeof(struct rum_rx_desc));
580 }
581 return 0;
582 }
583
584 static void
585 rum_free_rx_list(struct rum_softc *sc)
586 {
587 int i;
588
589 for (i = 0; i < RT2573_RX_LIST_COUNT; i++) {
590 struct rum_rx_data *data = &sc->rx_data[i];
591
592 if (data->xfer != NULL) {
593 usbd_free_xfer(data->xfer);
594 data->xfer = NULL;
595 }
596 if (data->m != NULL) {
597 m_freem(data->m);
598 data->m = NULL;
599 }
600 }
601 }
602
603 static int
604 rum_media_change(struct ifnet *ifp)
605 {
606 int error;
607
608 error = ieee80211_media_change(ifp);
609 if (error != ENETRESET)
610 return error;
611
612 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
613 rum_init(ifp->if_softc);
614
615 return 0;
616 }
617
618 /*
619 * This function is called periodically (every 200ms) during scanning to
620 * switch from one channel to another.
621 */
622 static void
623 rum_next_scan(void *arg)
624 {
625 struct rum_softc *sc = arg;
626 struct ieee80211com *ic = &sc->sc_ic;
627 struct ifnet *ifp = &ic->ic_if;
628
629 if (sc->sc_stopped)
630 return;
631
632 crit_enter();
633
634 if (ic->ic_state == IEEE80211_S_SCAN) {
635 lwkt_serialize_enter(ifp->if_serializer);
636 ieee80211_next_scan(ic);
637 lwkt_serialize_exit(ifp->if_serializer);
638 }
639
640 crit_exit();
641 }
642
643 static void
644 rum_task(void *xarg)
645 {
646 struct rum_softc *sc = xarg;
647 struct ieee80211com *ic = &sc->sc_ic;
648 struct ifnet *ifp = &ic->ic_if;
649 enum ieee80211_state nstate;
650 struct ieee80211_node *ni;
651 int arg;
652
653 if (sc->sc_stopped)
654 return;
655
656 crit_enter();
657
658 nstate = sc->sc_state;
659 arg = sc->sc_arg;
660
661 KASSERT(nstate != IEEE80211_S_INIT,
662 ("->INIT state transition should not be defered\n"));
663 rum_set_chan(sc, ic->ic_curchan);
664
665 switch (nstate) {
666 case IEEE80211_S_RUN:
667 ni = ic->ic_bss;
668
669 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
670 rum_update_slot(sc);
671 rum_enable_mrr(sc);
672 rum_set_txpreamble(sc);
673 rum_set_basicrates(sc);
674 rum_set_bssid(sc, ni->ni_bssid);
675 }
676
677 if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
678 ic->ic_opmode == IEEE80211_M_IBSS)
679 rum_prepare_beacon(sc);
680
681 if (ic->ic_opmode != IEEE80211_M_MONITOR)
682 rum_enable_tsf_sync(sc);
683
684 /* clear statistic registers (STA_CSR0 to STA_CSR5) */
685 rum_read_multi(sc, RT2573_STA_CSR0, sc->sta, sizeof(sc->sta));
686 callout_reset(&sc->stats_ch, 4 * hz / 5, rum_stats_timeout, sc);
687 break;
688
689 case IEEE80211_S_SCAN:
690 callout_reset(&sc->scan_ch, hz / 5, rum_next_scan, sc);
691 break;
692
693 default:
694 break;
695 }
696
697 lwkt_serialize_enter(ifp->if_serializer);
698 ieee80211_ratectl_newstate(ic, nstate);
699 sc->sc_newstate(ic, nstate, arg);
700 lwkt_serialize_exit(ifp->if_serializer);
701
702 crit_exit();
703 }
704
705 static int
706 rum_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
707 {
708 struct rum_softc *sc = ic->ic_if.if_softc;
709 struct ifnet *ifp = &ic->ic_if;
710
711 crit_enter();
712
713 ASSERT_SERIALIZED(ifp->if_serializer);
714
715 callout_stop(&sc->scan_ch);
716 callout_stop(&sc->stats_ch);
717
718 /* do it in a process context */
719 sc->sc_state = nstate;
720 sc->sc_arg = arg;
721
722 lwkt_serialize_exit(ifp->if_serializer);
723 usb_rem_task(sc->sc_udev, &sc->sc_task);
724
725 if (nstate == IEEE80211_S_INIT) {
726 lwkt_serialize_enter(ifp->if_serializer);
727 ieee80211_ratectl_newstate(ic, nstate);
728 sc->sc_newstate(ic, nstate, arg);
729 } else {
730 usb_add_task(sc->sc_udev, &sc->sc_task, USB_TASKQ_DRIVER);
731 lwkt_serialize_enter(ifp->if_serializer);
732 }
733
734 crit_exit();
735 return 0;
736 }
737
738 /* quickly determine if a given rate is CCK or OFDM */
739 #define RUM_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
740
741 #define RUM_ACK_SIZE (sizeof(struct ieee80211_frame_ack) + IEEE80211_CRC_LEN)
742
743 static void
744 rum_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status)
745 {
746 struct rum_tx_data *data = priv;
747 struct rum_softc *sc = data->sc;
748 struct ieee80211com *ic = &sc->sc_ic;
749 struct ifnet *ifp = &ic->ic_if;
750 struct ieee80211_node *ni;
751
752 if (sc->sc_stopped)
753 return;
754
755 crit_enter();
756
757 if (status != USBD_NORMAL_COMPLETION) {
758 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) {
759 crit_exit();
760 return;
761 }
762
763 kprintf("%s: could not transmit buffer: %s\n",
764 device_get_nameunit(sc->sc_dev), usbd_errstr(status));
765
766 if (status == USBD_STALLED)
767 usbd_clear_endpoint_stall_async(sc->sc_tx_pipeh);
768
769 ifp->if_oerrors++;
770 crit_exit();
771 return;
772 }
773
774 m_freem(data->m);
775 data->m = NULL;
776 ni = data->ni;
777 data->ni = NULL;
778
779 bzero(data->buf, sizeof(struct rum_tx_data));
780 sc->tx_queued--;
781 ifp->if_opackets++; /* XXX may fail too */
782
783 DPRINTFN(10, ("tx done\n"));
784
785 sc->sc_tx_timer = 0;
786 ifp->if_flags &= ~IFF_OACTIVE;
787
788 lwkt_serialize_enter(ifp->if_serializer);
789 ieee80211_free_node(ni);
790 ifp->if_start(ifp);
791 lwkt_serialize_exit(ifp->if_serializer);
792
793 crit_exit();
794 }
795
796 static void
797 rum_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status)
798 {
799 struct rum_rx_data *data = priv;
800 struct rum_softc *sc = data->sc;
801 struct ieee80211com *ic = &sc->sc_ic;
802 struct ifnet *ifp = &ic->ic_if;
803 struct rum_rx_desc *desc;
804 struct ieee80211_frame_min *wh;
805 struct ieee80211_node *ni;
806 struct mbuf *mnew, *m;
807 int len, rssi;
808
809 if (sc->sc_stopped)
810 return;
811
812 crit_enter();
813
814 if (status != USBD_NORMAL_COMPLETION) {
815 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) {
816 crit_exit();
817 return;
818 }
819
820 if (status == USBD_STALLED)
821 usbd_clear_endpoint_stall_async(sc->sc_rx_pipeh);
822 goto skip;
823 }
824
825 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL);
826
827 if (len < RT2573_RX_DESC_SIZE + sizeof(struct ieee80211_frame_min)) {
828 DPRINTF(("%s: xfer too short %d\n", device_get_nameunit(sc->sc_dev),
829 len));
830 ifp->if_ierrors++;
831 goto skip;
832 }
833
834 desc = (struct rum_rx_desc *)data->buf;
835
836 if (le32toh(desc->flags) & RT2573_RX_CRC_ERROR) {
837 /*
838 * This should not happen since we did not request to receive
839 * those frames when we filled RT2573_TXRX_CSR0.
840 */
841 DPRINTFN(5, ("CRC error\n"));
842 ifp->if_ierrors++;
843 goto skip;
844 }
845
846 mnew = m_getcl(MB_DONTWAIT, MT_DATA, M_PKTHDR);
847 if (mnew == NULL) {
848 kprintf("%s: could not allocate rx mbuf\n",
849 device_get_nameunit(sc->sc_dev));
850 ifp->if_ierrors++;
851 goto skip;
852 }
853
854 m = data->m;
855 data->m = NULL;
856 data->buf = NULL;
857
858 lwkt_serialize_enter(ifp->if_serializer);
859
860 /* finalize mbuf */
861 m->m_pkthdr.rcvif = ifp;
862 m->m_data = (caddr_t)(desc + 1);
863 m->m_pkthdr.len = m->m_len = (le32toh(desc->flags) >> 16) & 0xfff;
864
865 rssi = rum_get_rssi(sc, desc->rssi);
866
867 wh = mtod(m, struct ieee80211_frame_min *);
868 ni = ieee80211_find_rxnode(ic, wh);
869
870 /* Error happened during RSSI conversion. */
871 if (rssi < 0)
872 rssi = ni->ni_rssi;
873
874 if (sc->sc_drvbpf != NULL) {
875 struct rum_rx_radiotap_header *tap = &sc->sc_rxtap;
876
877 tap->wr_flags = 0;
878 tap->wr_rate = rum_rxrate(desc);
879 tap->wr_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq);
880 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags);
881 tap->wr_antenna = sc->rx_ant;
882 tap->wr_antsignal = rssi;
883
884 bpf_ptap(sc->sc_drvbpf, m, tap, sc->sc_rxtap_len);
885 }
886
887 /* send the frame to the 802.11 layer */
888 ieee80211_input(ic, m, ni, rssi, 0);
889
890 /* node is no longer needed */
891 ieee80211_free_node(ni);
892
893 if ((ifp->if_flags & IFF_OACTIVE) == 0)
894 ifp->if_start(ifp);
895
896 lwkt_serialize_exit(ifp->if_serializer);
897
898 data->m = mnew;
899 data->buf = mtod(data->m, uint8_t *);
900
901 DPRINTFN(15, ("rx done\n"));
902
903 skip: /* setup a new transfer */
904 bzero(data->buf, sizeof(struct rum_rx_desc));
905 usbd_setup_xfer(xfer, sc->sc_rx_pipeh, data, data->buf, MCLBYTES,
906 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, rum_rxeof);
907 usbd_transfer(xfer);
908
909 crit_exit();
910 }
911
912 /*
913 * This function is only used by the Rx radiotap code. It returns the rate at
914 * which a given frame was received.
915 */
916 static uint8_t
917 rum_rxrate(struct rum_rx_desc *desc)
918 {
919 if (le32toh(desc->flags) & RT2573_RX_OFDM) {
920 /* reverse function of rum_plcp_signal */
921 switch (desc->rate) {
922 case 0xb: return 12;
923 case 0xf: return 18;
924 case 0xa: return 24;
925 case 0xe: return 36;
926 case 0x9: return 48;
927 case 0xd: return 72;
928 case 0x8: return 96;
929 case 0xc: return 108;
930 }
931 } else {
932 if (desc->rate == 10)
933 return 2;
934 if (desc->rate == 20)
935 return 4;
936 if (desc->rate == 55)
937 return 11;
938 if (desc->rate == 110)
939 return 22;
940 }
941 return 2; /* should not get there */
942 }
943
944 static uint8_t
945 rum_plcp_signal(int rate)
946 {
947 switch (rate) {
948 /* CCK rates (returned values are device-dependent) */
949 case 2: return 0x0;
950 case 4: return 0x1;
951 case 11: return 0x2;
952 case 22: return 0x3;
953
954 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
955 case 12: return 0xb;
956 case 18: return 0xf;
957 case 24: return 0xa;
958 case 36: return 0xe;
959 case 48: return 0x9;
960 case 72: return 0xd;
961 case 96: return 0x8;
962 case 108: return 0xc;
963
964 /* unsupported rates (should not get there) */
965 default: return 0xff;
966 }
967 }
968
969 static void
970 rum_setup_tx_desc(struct rum_softc *sc, struct rum_tx_desc *desc,
971 uint32_t flags, uint16_t xflags, int len, int rate)
972 {
973 struct ieee80211com *ic = &sc->sc_ic;
974 uint16_t plcp_length;
975 int remainder;
976
977 desc->flags = htole32(flags);
978 desc->flags |= htole32(len << 16);
979
980 desc->xflags = htole16(xflags);
981
982 desc->wme = htole16(
983 RT2573_QID(0) |
984 RT2573_AIFSN(2) |
985 RT2573_LOGCWMIN(4) |
986 RT2573_LOGCWMAX(10));
987
988 /* setup PLCP fields */
989 desc->plcp_signal = rum_plcp_signal(rate);
990 desc->plcp_service = 4;
991
992 len += IEEE80211_CRC_LEN;
993 if (RUM_RATE_IS_OFDM(rate)) {
994 desc->flags |= htole32(RT2573_TX_OFDM);
995
996 plcp_length = len & 0xfff;
997 desc->plcp_length_hi = plcp_length >> 6;
998 desc->plcp_length_lo = plcp_length & 0x3f;
999 } else {
1000 plcp_length = (16 * len + rate - 1) / rate;
1001 if (rate == 22) {
1002 remainder = (16 * len) % 22;
1003 if (remainder != 0 && remainder < 7)
1004 desc->plcp_service |= RT2573_PLCP_LENGEXT;
1005 }
1006 desc->plcp_length_hi = plcp_length >> 8;
1007 desc->plcp_length_lo = plcp_length & 0xff;
1008
1009 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
1010 desc->plcp_signal |= 0x08;
1011 }
1012 desc->flags |= htole32(RT2573_TX_VALID);
1013 }
1014
1015 #define RUM_TX_TIMEOUT 5000
1016
1017 static int
1018 rum_tx_data(struct rum_softc *sc, struct mbuf *m0, struct ieee80211_node *ni)
1019 {
1020 struct ieee80211com *ic = &sc->sc_ic;
1021 struct ifnet *ifp = &ic->ic_if;
1022 struct rum_tx_desc *desc;
1023 struct rum_tx_data *data;
1024 struct ieee80211_frame *wh;
1025 uint32_t flags = 0;
1026 uint16_t dur;
1027 usbd_status error;
1028 int xferlen, rate, rateidx;
1029
1030 wh = mtod(m0, struct ieee80211_frame *);
1031
1032 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1033 if (ieee80211_crypto_encap(ic, ni, m0) == NULL) {
1034 m_freem(m0);
1035 return ENOBUFS;
1036 }
1037
1038 /* packet header may have moved, reset our local pointer */
1039 wh = mtod(m0, struct ieee80211_frame *);
1040 }
1041
1042 /* pickup a rate */
1043 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
1044 IEEE80211_FC0_TYPE_MGT) {
1045 /* mgmt frames are sent at the lowest available bit-rate */
1046 rateidx = 0;
1047 } else {
1048 ieee80211_ratectl_findrate(ni, m0->m_pkthdr.len, &rateidx, 1);
1049 }
1050 rate = IEEE80211_RS_RATE(&ni->ni_rates, rateidx);
1051
1052 data = &sc->tx_data[0];
1053 desc = (struct rum_tx_desc *)data->buf;
1054
1055 data->m = m0;
1056 data->ni = ni;
1057
1058 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1059 flags |= RT2573_TX_ACK;
1060
1061 dur = ieee80211_txtime(ni, RUM_ACK_SIZE,
1062 ieee80211_ack_rate(ni, rate), ic->ic_flags) +
1063 sc->sc_sifs;
1064 *(uint16_t *)wh->i_dur = htole16(dur);
1065
1066 /* tell hardware to set timestamp in probe responses */
1067 if ((wh->i_fc[0] &
1068 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
1069 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
1070 flags |= RT2573_TX_TIMESTAMP;
1071 }
1072
1073 if (sc->sc_drvbpf != NULL) {
1074 struct rum_tx_radiotap_header *tap = &sc->sc_txtap;
1075
1076 tap->wt_flags = 0;
1077 tap->wt_rate = rate;
1078 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq);
1079 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags);
1080 tap->wt_antenna = sc->tx_ant;
1081
1082 bpf_ptap(sc->sc_drvbpf, m0, tap, sc->sc_txtap_len);
1083 }
1084
1085 m_copydata(m0, 0, m0->m_pkthdr.len, data->buf + RT2573_TX_DESC_SIZE);
1086 rum_setup_tx_desc(sc, desc, flags, 0, m0->m_pkthdr.len, rate);
1087
1088 /* Align end on a 4-bytes boundary */
1089 xferlen = roundup(RT2573_TX_DESC_SIZE + m0->m_pkthdr.len, 4);
1090
1091 /*
1092 * No space left in the last URB to store the extra 4 bytes, force
1093 * sending of another URB.
1094 */
1095 if ((xferlen % 64) == 0)
1096 xferlen += 4;
1097
1098 DPRINTFN(10, ("sending frame len=%u rate=%u xfer len=%u\n",
1099 m0->m_pkthdr.len + RT2573_TX_DESC_SIZE, rate, xferlen));
1100
1101 lwkt_serialize_exit(ifp->if_serializer);
1102
1103 usbd_setup_xfer(data->xfer, sc->sc_tx_pipeh, data, data->buf, xferlen,
1104 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUM_TX_TIMEOUT, rum_txeof);
1105
1106 error = usbd_transfer(data->xfer);
1107 if (error != USBD_NORMAL_COMPLETION && error != USBD_IN_PROGRESS) {
1108 m_freem(m0);
1109 data->m = NULL;
1110 data->ni = NULL;
1111 } else {
1112 sc->tx_queued++;
1113 error = 0;
1114 }
1115
1116 lwkt_serialize_enter(ifp->if_serializer);
1117 return error;
1118 }
1119
1120 static void
1121 rum_start(struct ifnet *ifp)
1122 {
1123 struct rum_softc *sc = ifp->if_softc;
1124 struct ieee80211com *ic = &sc->sc_ic;
1125
1126 ASSERT_SERIALIZED(ifp->if_serializer);
1127
1128 if (sc->sc_stopped)
1129 return;
1130
1131 crit_enter();
1132
1133 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) {
1134 crit_exit();
1135 return;
1136 }
1137
1138 for (;;) {
1139 struct ieee80211_node *ni;
1140 struct mbuf *m0;
1141
1142 if (!IF_QEMPTY(&ic->ic_mgtq)) {
1143 if (sc->tx_queued >= RT2573_TX_LIST_COUNT) {
1144 ifp->if_flags |= IFF_OACTIVE;
1145 break;
1146 }
1147 IF_DEQUEUE(&ic->ic_mgtq, m0);
1148
1149 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif;
1150 m0->m_pkthdr.rcvif = NULL;
1151
1152 BPF_MTAP(ifp, m0);
1153
1154 if (rum_tx_data(sc, m0, ni) != 0) {
1155 ieee80211_free_node(ni);
1156 break;
1157 }
1158 } else {
1159 struct ether_header *eh;
1160
1161 if (ic->ic_state != IEEE80211_S_RUN)
1162 break;
1163
1164 m0 = ifq_poll(&ifp->if_snd);
1165 if (m0 == NULL)
1166 break;
1167 if (sc->tx_queued >= RT2573_TX_LIST_COUNT) {
1168 ifp->if_flags |= IFF_OACTIVE;
1169 break;
1170 }
1171 ifq_dequeue(&ifp->if_snd, m0);
1172
1173 if (m0->m_len < sizeof(struct ether_header)) {
1174 m0 = m_pullup(m0, sizeof(struct ether_header));
1175 if (m0 == NULL) {
1176 ifp->if_oerrors++;
1177 continue;
1178 }
1179 }
1180 eh = mtod(m0, struct ether_header *);
1181
1182 ni = ieee80211_find_txnode(ic, eh->ether_dhost);
1183 if (ni == NULL) {
1184 m_freem(m0);
1185 continue;
1186 }
1187
1188 BPF_MTAP(ifp, m0);
1189
1190 m0 = ieee80211_encap(ic, m0, ni);
1191 if (m0 == NULL) {
1192 ieee80211_free_node(ni);
1193 continue;
1194 }
1195
1196 if (ic->ic_rawbpf != NULL)
1197 bpf_mtap(ic->ic_rawbpf, m0);
1198
1199 if (rum_tx_data(sc, m0, ni) != 0) {
1200 ieee80211_free_node(ni);
1201 ifp->if_oerrors++;
1202 break;
1203 }
1204 }
1205
1206 sc->sc_tx_timer = 5;
1207 ifp->if_timer = 1;
1208 }
1209
1210 crit_exit();
1211 }
1212
1213 static void
1214 rum_watchdog(struct ifnet *ifp)
1215 {
1216 struct rum_softc *sc = ifp->if_softc;
1217
1218 ASSERT_SERIALIZED(ifp->if_serializer);
1219
1220 crit_enter();
1221
1222 ifp->if_timer = 0;
1223
1224 if (sc->sc_tx_timer > 0) {
1225 if (--sc->sc_tx_timer == 0) {
1226 kprintf("%s: device timeout\n", device_get_nameunit(sc->sc_dev));
1227 /*rum_init(sc); XXX needs a process context! */
1228 ifp->if_oerrors++;
1229
1230 crit_exit();
1231 return;
1232 }
1233 ifp->if_timer = 1;
1234 }
1235
1236 ieee80211_watchdog(&sc->sc_ic);
1237
1238 crit_exit();
1239 }
1240
1241 static int
1242 rum_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr)
1243 {
1244 struct rum_softc *sc = ifp->if_softc;
1245 struct ieee80211com *ic = &sc->sc_ic;
1246 int error = 0;
1247
1248 ASSERT_SERIALIZED(ifp->if_serializer);
1249
1250 crit_enter();
1251
1252 switch (cmd) {
1253 case SIOCSIFFLAGS:
1254 if (ifp->if_flags & IFF_UP) {
1255 if (ifp->if_flags & IFF_RUNNING) {
1256 lwkt_serialize_exit(ifp->if_serializer);
1257 rum_update_promisc(sc);
1258 lwkt_serialize_enter(ifp->if_serializer);
1259 } else {
1260 rum_init(sc);
1261 }
1262 } else {
1263 if (ifp->if_flags & IFF_RUNNING)
1264 rum_stop(sc);
1265 }
1266 break;
1267 default:
1268 error = ieee80211_ioctl(ic, cmd, data, cr);
1269 break;
1270 }
1271
1272 if (error == ENETRESET) {
1273 struct ieee80211req *ireq = (struct ieee80211req *)data;
1274
1275 if (cmd == SIOCS80211 &&
1276 ireq->i_type == IEEE80211_IOC_CHANNEL &&
1277 ic->ic_opmode == IEEE80211_M_MONITOR) {
1278 /*
1279 * This allows for fast channel switching in monitor
1280 * mode (used by kismet). In IBSS mode, we must
1281 * explicitly reset the interface to generate a new
1282 * beacon frame.
1283 */
1284 lwkt_serialize_exit(ifp->if_serializer);
1285 rum_set_chan(sc, ic->ic_ibss_chan);
1286 lwkt_serialize_enter(ifp->if_serializer);
1287 } else if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
1288 (IFF_UP | IFF_RUNNING)) {
1289 rum_init(sc);
1290 }
1291 error = 0;
1292 }
1293
1294 crit_exit();
1295 return error;
1296 }
1297
1298 static void
1299 rum_eeprom_read(struct rum_softc *sc, uint16_t addr, void *buf, int len)
1300 {
1301 usb_device_request_t req;
1302 usbd_status error;
1303
1304 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1305 req.bRequest = RT2573_READ_EEPROM;
1306 USETW(req.wValue, 0);
1307 USETW(req.wIndex, addr);
1308 USETW(req.wLength, len);
1309
1310 error = usbd_do_request(sc->sc_udev, &req, buf);
1311 if (error != 0) {
1312 kprintf("%s: could not read EEPROM: %s\n",
1313 device_get_nameunit(sc->sc_dev), usbd_errstr(error));
1314 }
1315 }
1316
1317 static uint32_t
1318 rum_read(struct rum_softc *sc, uint16_t reg)
1319 {
1320 uint32_t val;
1321
1322 rum_read_multi(sc, reg, &val, sizeof val);
1323
1324 return le32toh(val);
1325 }
1326
1327 static void
1328 rum_read_multi(struct rum_softc *sc, uint16_t reg, void *buf, int len)
1329 {
1330 usb_device_request_t req;
1331 usbd_status error;
1332
1333 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1334 req.bRequest = RT2573_READ_MULTI_MAC;
1335 USETW(req.wValue, 0);
1336 USETW(req.wIndex, reg);
1337 USETW(req.wLength, len);
1338
1339 error = usbd_do_request(sc->sc_udev, &req, buf);
1340 if (error != 0) {
1341 kprintf("%s: could not multi read MAC register: %s\n",
1342 device_get_nameunit(sc->sc_dev), usbd_errstr(error));
1343 }
1344 }
1345
1346 static void
1347 rum_write(struct rum_softc *sc, uint16_t reg, uint32_t val)
1348 {
1349 uint32_t tmp = htole32(val);
1350
1351 rum_write_multi(sc, reg, &tmp, sizeof tmp);
1352 }
1353
1354 static void
1355 rum_write_multi(struct rum_softc *sc, uint16_t reg, void *buf, size_t len)
1356 {
1357 usb_device_request_t req;
1358 usbd_status error;
1359
1360 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1361 req.bRequest = RT2573_WRITE_MULTI_MAC;
1362 USETW(req.wValue, 0);
1363 USETW(req.wIndex, reg);
1364 USETW(req.wLength, len);
1365
1366 error = usbd_do_request(sc->sc_udev, &req, buf);
1367 if (error != 0) {
1368 kprintf("%s: could not multi write MAC register: %s\n",
1369 device_get_nameunit(sc->sc_dev), usbd_errstr(error));
1370 }
1371 }
1372
1373 static void
1374 rum_bbp_write(struct rum_softc *sc, uint8_t reg, uint8_t val)
1375 {
1376 uint32_t tmp;
1377 int ntries;
1378
1379 for (ntries = 0; ntries < 5; ntries++) {
1380 if (!(rum_read(sc, RT2573_PHY_CSR3) & RT2573_BBP_BUSY))
1381 break;
1382 }
1383 if (ntries == 5) {
1384 kprintf("%s: could not write to BBP\n", device_get_nameunit(sc->sc_dev));
1385 return;
1386 }
1387
1388 tmp = RT2573_BBP_BUSY | (reg & 0x7f) << 8 | val;
1389 rum_write(sc, RT2573_PHY_CSR3, tmp);
1390 }
1391
1392 static uint8_t
1393 rum_bbp_read(struct rum_softc *sc, uint8_t reg)
1394 {
1395 uint32_t val;
1396 int ntries;
1397
1398 for (ntries = 0; ntries < 5; ntries++) {
1399 if (!(rum_read(sc, RT2573_PHY_CSR3) & RT2573_BBP_BUSY))
1400 break;
1401 }
1402 if (ntries == 5) {
1403 kprintf("%s: could not read BBP\n", device_get_nameunit(sc->sc_dev));
1404 return 0;
1405 }
1406
1407 val = RT2573_BBP_BUSY | RT2573_BBP_READ | reg << 8;
1408 rum_write(sc, RT2573_PHY_CSR3, val);
1409
1410 for (ntries = 0; ntries < 100; ntries++) {
1411 val = rum_read(sc, RT2573_PHY_CSR3);
1412 if (!(val & RT2573_BBP_BUSY))
1413 return val & 0xff;
1414 DELAY(1);
1415 }
1416
1417 kprintf("%s: could not read BBP\n", device_get_nameunit(sc->sc_dev));
1418 return 0;
1419 }
1420
1421 static void
1422 rum_rf_write(struct rum_softc *sc, uint8_t reg, uint32_t val)
1423 {
1424 uint32_t tmp;
1425 int ntries;
1426
1427 for (ntries = 0; ntries < 5; ntries++) {
1428 if (!(rum_read(sc, RT2573_PHY_CSR4) & RT2573_RF_BUSY))
1429 break;
1430 }
1431 if (ntries == 5) {
1432 kprintf("%s: could not write to RF\n", device_get_nameunit(sc->sc_dev));
1433 return;
1434 }
1435
1436 tmp = RT2573_RF_BUSY | RT2573_RF_20BIT | (val & 0xfffff) << 2 |
1437 (reg & 3);
1438 rum_write(sc, RT2573_PHY_CSR4, tmp);
1439
1440 /* remember last written value in sc */
1441 sc->rf_regs[reg] = val;
1442
1443 DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 3, val & 0xfffff));
1444 }
1445
1446 static void
1447 rum_select_antenna(struct rum_softc *sc)
1448 {
1449 uint8_t bbp4, bbp77;
1450 uint32_t tmp;
1451
1452 bbp4 = rum_bbp_read(sc, 4);
1453 bbp77 = rum_bbp_read(sc, 77);
1454
1455 /* TBD */
1456
1457 /* make sure Rx is disabled before switching antenna */
1458 tmp = rum_read(sc, RT2573_TXRX_CSR0);
1459 rum_write(sc, RT2573_TXRX_CSR0, tmp | RT2573_DISABLE_RX);
1460
1461 rum_bbp_write(sc, 4, bbp4);
1462 rum_bbp_write(sc, 77, bbp77);
1463
1464 rum_write(sc, RT2573_TXRX_CSR0, tmp);
1465 }
1466
1467 /*
1468 * Enable multi-rate retries for frames sent at OFDM rates.
1469 * In 802.11b/g mode, allow fallback to CCK rates.
1470 */
1471 static void
1472 rum_enable_mrr(struct rum_softc *sc)
1473 {
1474 struct ieee80211com *ic = &sc->sc_ic;
1475 uint32_t tmp;
1476
1477 tmp = rum_read(sc, RT2573_TXRX_CSR4);
1478
1479 tmp &= ~RT2573_MRR_CCK_FALLBACK;
1480 if (!IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan))
1481 tmp |= RT2573_MRR_CCK_FALLBACK;
1482 tmp |= RT2573_MRR_ENABLED;
1483
1484 rum_write(sc, RT2573_TXRX_CSR4, tmp);
1485 }
1486
1487 static void
1488 rum_set_txpreamble(struct rum_softc *sc)
1489 {
1490 uint32_t tmp;
1491
1492 tmp = rum_read(sc, RT2573_TXRX_CSR4);
1493
1494 tmp &= ~RT2573_SHORT_PREAMBLE;
1495 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
1496 tmp |= RT2573_SHORT_PREAMBLE;
1497
1498 rum_write(sc, RT2573_TXRX_CSR4, tmp);
1499 }
1500
1501 static void
1502 rum_set_basicrates(struct rum_softc *sc)
1503 {
1504 struct ieee80211com *ic = &sc->sc_ic;
1505
1506 /* update basic rate set */
1507 if (ic->ic_curmode == IEEE80211_MODE_11B) {
1508 /* 11b basic rates: 1, 2Mbps */
1509 rum_write(sc, RT2573_TXRX_CSR5, 0x3);
1510 } else if (IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan)) {
1511 /* 11a basic rates: 6, 12, 24Mbps */
1512 rum_write(sc, RT2573_TXRX_CSR5, 0x150);
1513 } else {
1514 /* 11g basic rates: 1, 2, 5.5, 11, 6, 12, 24Mbps */
1515 rum_write(sc, RT2573_TXRX_CSR5, 0x15f);
1516 }
1517 }
1518
1519 /*
1520 * Reprogram MAC/BBP to switch to a new band. Values taken from the reference
1521 * driver.
1522 */
1523 static void
1524 rum_select_band(struct rum_softc *sc, struct ieee80211_channel *c)
1525 {
1526 uint8_t bbp17, bbp35, bbp96, bbp97, bbp98, bbp104;
1527 uint32_t tmp;
1528
1529 /* update all BBP registers that depend on the band */
1530 bbp17 = 0x20; bbp96 = 0x48; bbp104 = 0x2c;
1531 bbp35 = 0x50; bbp97 = 0x48; bbp98 = 0x48;
1532 if (IEEE80211_IS_CHAN_5GHZ(c)) {
1533 bbp17 += 0x08; bbp96 += 0x10; bbp104 += 0x0c;
1534 bbp35 += 0x10; bbp97 += 0x10; bbp98 += 0x10;
1535 }
1536 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
1537 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
1538 bbp17 += 0x10; bbp96 += 0x10; bbp104 += 0x10;
1539 }
1540
1541 sc->bbp17 = bbp17;
1542 rum_bbp_write(sc, 17, bbp17);
1543 rum_bbp_write(sc, 96, bbp96);
1544 rum_bbp_write(sc, 104, bbp104);
1545
1546 if ((IEEE80211_IS_CHAN_2GHZ(c) && sc->ext_2ghz_lna) ||
1547 (IEEE80211_IS_CHAN_5GHZ(c) && sc->ext_5ghz_lna)) {
1548 rum_bbp_write(sc, 75, 0x80);
1549 rum_bbp_write(sc, 86, 0x80);
1550 rum_bbp_write(sc, 88, 0x80);
1551 }
1552
1553 rum_bbp_write(sc, 35, bbp35);
1554 rum_bbp_write(sc, 97, bbp97);
1555 rum_bbp_write(sc, 98, bbp98);
1556
1557 tmp = rum_read(sc, RT2573_PHY_CSR0);
1558 tmp &= ~(RT2573_PA_PE_2GHZ | RT2573_PA_PE_5GHZ);
1559 if (IEEE80211_IS_CHAN_2GHZ(c))
1560 tmp |= RT2573_PA_PE_2GHZ;
1561 else
1562 tmp |= RT2573_PA_PE_5GHZ;
1563 rum_write(sc, RT2573_PHY_CSR0, tmp);
1564 }
1565
1566 static void
1567 rum_set_chan(struct rum_softc *sc, struct ieee80211_channel *c)
1568 {
1569 struct ieee80211com *ic = &sc->sc_ic;
1570 const struct rfprog *rfprog;
1571 uint8_t bbp3, bbp94 = RT2573_BBPR94_DEFAULT;
1572 int8_t power;
1573 u_int i, chan;
1574
1575 chan = ieee80211_chan2ieee(ic, c);
1576 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
1577 return;
1578
1579 /* select the appropriate RF settings based on what EEPROM says */
1580 rfprog = (sc->rf_rev == RT2573_RF_5225 ||
1581 sc->rf_rev == RT2573_RF_2527) ? rum_rf5225 : rum_rf5226;
1582
1583 /* find the settings for this channel (we know it exists) */
1584 for (i = 0; rfprog[i].chan != chan; i++)
1585 ; /* EMPTY */
1586
1587 power = sc->txpow[i];
1588 if (power < 0) {
1589 bbp94 += power;
1590 power = 0;
1591 } else if (power > 31) {
1592 bbp94 += power - 31;
1593 power = 31;
1594 }
1595
1596 /*
1597 * If we are switching from the 2GHz band to the 5GHz band or
1598 * vice-versa, BBP registers need to be reprogrammed.
1599 */
1600 if (c->ic_flags != sc->sc_curchan->ic_flags) {
1601 rum_select_band(sc, c);
1602 rum_select_antenna(sc);
1603 }
1604 sc->sc_curchan = c;
1605
1606 rum_rf_write(sc, RT2573_RF1, rfprog[i].r1);
1607 rum_rf_write(sc, RT2573_RF2, rfprog[i].r2);
1608 rum_rf_write(sc, RT2573_RF3, rfprog[i].r3 | power << 7);
1609 rum_rf_write(sc, RT2573_RF4, rfprog[i].r4 | sc->rffreq << 10);
1610
1611 rum_rf_write(sc, RT2573_RF1, rfprog[i].r1);
1612 rum_rf_write(sc, RT2573_RF2, rfprog[i].r2);
1613 rum_rf_write(sc, RT2573_RF3, rfprog[i].r3 | power << 7 | 1);
1614 rum_rf_write(sc, RT2573_RF4, rfprog[i].r4 | sc->rffreq << 10);
1615
1616 rum_rf_write(sc, RT2573_RF1, rfprog[i].r1);
1617 rum_rf_write(sc, RT2573_RF2, rfprog[i].r2);
1618 rum_rf_write(sc, RT2573_RF3, rfprog[i].r3 | power << 7);
1619 rum_rf_write(sc, RT2573_RF4, rfprog[i].r4 | sc->rffreq << 10);
1620
1621 DELAY(10);
1622
1623 /* enable smart mode for MIMO-capable RFs */
1624 bbp3 = rum_bbp_read(sc, 3);
1625
1626 if (sc->rf_rev == RT2573_RF_5225 || sc->rf_rev == RT2573_RF_2527)
1627 bbp3 &= ~RT2573_SMART_MODE;
1628 else
1629 bbp3 |= RT2573_SMART_MODE;
1630
1631 rum_bbp_write(sc, 3, bbp3);
1632
1633 if (bbp94 != RT2573_BBPR94_DEFAULT)
1634 rum_bbp_write(sc, 94, bbp94);
1635
1636 sc->sc_sifs = IEEE80211_IS_CHAN_5GHZ(c) ? IEEE80211_DUR_OFDM_SIFS
1637 : IEEE80211_DUR_SIFS;
1638 }
1639
1640 /*
1641 * Enable TSF synchronization and tell h/w to start sending beacons for IBSS
1642 * and HostAP operating modes.
1643 */
1644 static void
1645 rum_enable_tsf_sync(struct rum_softc *sc)
1646 {
1647 struct ieee80211com *ic = &sc->sc_ic;
1648 uint32_t tmp;
1649
1650 if (ic->ic_opmode != IEEE80211_M_STA) {
1651 /*
1652 * Change default 16ms TBTT adjustment to 8ms.
1653 * Must be done before enabling beacon generation.
1654 */
1655 rum_write(sc, RT2573_TXRX_CSR10, 1 << 12 | 8);
1656 }
1657
1658 tmp = rum_read(sc, RT2573_TXRX_CSR9) & 0xff000000;
1659
1660 /* set beacon interval (in 1/16ms unit) */
1661 tmp |= ic->ic_bss->ni_intval * 16;
1662
1663 tmp |= RT2573_TSF_TICKING | RT2573_ENABLE_TBTT;
1664 if (ic->ic_opmode == IEEE80211_M_STA)
1665 tmp |= RT2573_TSF_MODE(1);
1666 else
1667 tmp |= RT2573_TSF_MODE(2) | RT2573_GENERATE_BEACON;
1668
1669 rum_write(sc, RT2573_TXRX_CSR9, tmp);
1670 }
1671
1672 static void
1673 rum_update_slot(struct rum_softc *sc)
1674 {
1675 struct ieee80211com *ic = &sc->sc_ic;
1676 uint8_t slottime;
1677 uint32_t tmp;
1678
1679 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
1680
1681 tmp = rum_read(sc, RT2573_MAC_CSR9);
1682 tmp = (tmp & ~0xff) | slottime;
1683 rum_write(sc, RT2573_MAC_CSR9, tmp);
1684
1685 DPRINTF(("setting slot time to %uus\n", slottime));
1686 }
1687
1688 static void
1689 rum_set_bssid(struct rum_softc *sc, const uint8_t *bssid)
1690 {
1691 uint32_t tmp;
1692
1693 tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24;
1694 rum_write(sc, RT2573_MAC_CSR4, tmp);
1695
1696 tmp = bssid[4] | bssid[5] << 8 | RT2573_ONE_BSSID << 16;
1697 rum_write(sc, RT2573_MAC_CSR5, tmp);
1698 }
1699
1700 static void
1701 rum_set_macaddr(struct rum_softc *sc, const uint8_t *addr)
1702 {
1703 uint32_t tmp;
1704
1705 tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24;
1706 rum_write(sc, RT2573_MAC_CSR2, tmp);
1707
1708 tmp = addr[4] | addr[5] << 8 | 0xff << 16;
1709 rum_write(sc, RT2573_MAC_CSR3, tmp);
1710 }
1711
1712 static void
1713 rum_update_promisc(struct rum_softc *sc)
1714 {
1715 struct ifnet *ifp = &sc->sc_ic.ic_if;
1716 uint32_t tmp;
1717
1718 tmp = rum_read(sc, RT2573_TXRX_CSR0);
1719
1720 tmp &= ~RT2573_DROP_NOT_TO_ME;
1721 if (!(ifp->if_flags & IFF_PROMISC))
1722 tmp |= RT2573_DROP_NOT_TO_ME;
1723
1724 rum_write(sc, RT2573_TXRX_CSR0, tmp);
1725
1726 DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
1727 "entering" : "leaving"));
1728 }
1729
1730 static const char *
1731 rum_get_rf(int rev)
1732 {
1733 switch (rev) {
1734 case RT2573_RF_2527: return "RT2527 (MIMO XR)";
1735 case RT2573_RF_2528: return "RT2528";
1736 case RT2573_RF_5225: return "RT5225 (MIMO XR)";
1737 case RT2573_RF_5226: return "RT5226";
1738 default: return "unknown";
1739 }
1740 }
1741
1742 static void
1743 rum_read_eeprom(struct rum_softc *sc)
1744 {
1745 struct ieee80211com *ic = &sc->sc_ic;
1746 uint16_t val;
1747 #ifdef RUM_DEBUG
1748 int i;
1749 #endif
1750
1751 /* read MAC/BBP type */
1752 rum_eeprom_read(sc, RT2573_EEPROM_MACBBP, &val, 2);
1753 sc->macbbp_rev = le16toh(val);
1754
1755 /* read MAC address */
1756 rum_eeprom_read(sc, RT2573_EEPROM_ADDRESS, ic->ic_myaddr, 6);
1757
1758 rum_eeprom_read(sc, RT2573_EEPROM_ANTENNA, &val, 2);
1759 val = le16toh(val);
1760 sc->rf_rev = (val >> 11) & 0x1f;
1761 sc->hw_radio = (val >> 10) & 0x1;
1762 sc->rx_ant = (val >> 4) & 0x3;
1763 sc->tx_ant = (val >> 2) & 0x3;
1764 sc->nb_ant = val & 0x3;
1765
1766 DPRINTF(("RF revision=%d\n", sc->rf_rev));
1767
1768 rum_eeprom_read(sc, RT2573_EEPROM_CONFIG2, &val, 2);
1769 val = le16toh(val);
1770 sc->ext_5ghz_lna = (val >> 6) & 0x1;
1771 sc->ext_2ghz_lna = (val >> 4) & 0x1;
1772
1773 DPRINTF(("External 2GHz LNA=%d\nExternal 5GHz LNA=%d\n",
1774 sc->ext_2ghz_lna, sc->ext_5ghz_lna));
1775
1776 rum_eeprom_read(sc, RT2573_EEPROM_RSSI_2GHZ_OFFSET, &val, 2);
1777 val = le16toh(val);
1778 if ((val & 0xff) != 0xff)
1779 sc->rssi_2ghz_corr = (int8_t)(val & 0xff); /* signed */
1780
1781 /* Only [-10, 10] is valid */
1782 if (sc->rssi_2ghz_corr < -10 || sc->rssi_2ghz_corr > 10)
1783 sc->rssi_2ghz_corr = 0;
1784
1785 rum_eeprom_read(sc, RT2573_EEPROM_RSSI_5GHZ_OFFSET, &val, 2);
1786 val = le16toh(val);
1787 if ((val & 0xff) != 0xff)
1788 sc->rssi_5ghz_corr = (int8_t)(val & 0xff); /* signed */
1789
1790 /* Only [-10, 10] is valid */
1791 if (sc->rssi_5ghz_corr < -10 || sc->rssi_5ghz_corr > 10)
1792 sc->rssi_5ghz_corr = 0;
1793
1794 if (sc->ext_2ghz_lna)
1795 sc->rssi_2ghz_corr -= 14;
1796 if (sc->ext_5ghz_lna)
1797 sc->rssi_5ghz_corr -= 14;
1798
1799 DPRINTF(("RSSI 2GHz corr=%d\nRSSI 5GHz corr=%d\n",
1800 sc->rssi_2ghz_corr, sc->rssi_5ghz_corr));
1801
1802 rum_eeprom_read(sc, RT2573_EEPROM_FREQ_OFFSET, &val, 2);
1803 val = le16toh(val);
1804 if ((val & 0xff) != 0xff)
1805 sc->rffreq = val & 0xff;
1806
1807 DPRINTF(("RF freq=%d\n", sc->rffreq));
1808
1809 /* read Tx power for all a/b/g channels */
1810 rum_eeprom_read(sc, RT2573_EEPROM_TXPOWER, sc->txpow, 14);
1811 /* XXX default Tx power for 802.11a channels */
1812 memset(sc->txpow + 14, 24, sizeof (sc->txpow) - 14);
1813 #ifdef RUM_DEBUG
1814 for (i = 0; i < 14; i++)
1815 DPRINTF(("Channel=%d Tx power=%d\n", i + 1, sc->txpow[i]));
1816 #endif
1817
1818 /* read default values for BBP registers */
1819 rum_eeprom_read(sc, RT2573_EEPROM_BBP_BASE, sc->bbp_prom, 2 * 16);
1820 #ifdef RUM_DEBUG
1821 for (i = 0; i < 14; i++) {
1822 if (sc->bbp_prom[i].reg == 0 || sc->bbp_prom[i].reg == 0xff)
1823 continue;
1824 DPRINTF(("BBP R%d=%02x\n", sc->bbp_prom[i].reg,
1825 sc->bbp_prom[i].val));
1826 }
1827 #endif
1828 }
1829
1830 static int
1831 rum_bbp_init(struct rum_softc *sc)
1832 {
1833 #define N(a) (sizeof (a) / sizeof ((a)[0]))
1834 int i, ntries;
1835 uint8_t val;
1836
1837 /* wait for BBP to be ready */
1838 for (ntries = 0; ntries < 100; ntries++) {
1839 val = rum_bbp_read(sc, 0);
1840 if (val != 0 && val != 0xff)
1841 break;
1842 DELAY(1000);
1843 }
1844 if (ntries == 100) {
1845 kprintf("%s: timeout waiting for BBP\n",
1846 device_get_nameunit(sc->sc_dev));
1847 return EIO;
1848 }
1849
1850 /* initialize BBP registers to default values */
1851 for (i = 0; i < N(rum_def_bbp); i++)
1852 rum_bbp_write(sc, rum_def_bbp[i].reg, rum_def_bbp[i].val);
1853
1854 /* write vendor-specific BBP values (from EEPROM) */
1855 for (i = 0; i < 16; i++) {
1856 if (sc->bbp_prom[i].reg == 0 || sc->bbp_prom[i].reg == 0xff)
1857 continue;
1858 rum_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val);
1859 }
1860
1861 return 0;
1862 #undef N
1863 }
1864
1865 static void
1866 rum_init(void *xsc)
1867 {
1868 #define N(a) (sizeof(a) / sizeof((a)[0]))
1869 struct rum_softc *sc = xsc;
1870 struct ieee80211com *ic = &sc->sc_ic;
1871 struct ifnet *ifp = &ic->ic_if;
1872 struct rum_rx_data *data;
1873 uint32_t tmp;
1874 usbd_status usb_err;
1875 int i, ntries, error;
1876
1877 ASSERT_SERIALIZED(ifp->if_serializer);
1878
1879 crit_enter();
1880
1881 rum_stop(sc);
1882 sc->sc_stopped = 0;
1883
1884 lwkt_serialize_exit(ifp->if_serializer);
1885
1886 /* initialize MAC registers to default values */
1887 for (i = 0; i < N(rum_def_mac); i++)
1888 rum_write(sc, rum_def_mac[i].reg, rum_def_mac[i].val);
1889
1890 /* set host ready */
1891 rum_write(sc, RT2573_MAC_CSR1, 3);
1892 rum_write(sc, RT2573_MAC_CSR1, 0);
1893
1894 /* wait for BBP/RF to wakeup */
1895 for (ntries = 0; ntries < 1000; ntries++) {
1896 if (rum_read(sc, RT2573_MAC_CSR12) & 8)
1897 break;
1898 rum_write(sc, RT2573_MAC_CSR12, 4); /* force wakeup */
1899 DELAY(1000);
1900 }
1901 if (ntries == 1000) {
1902 kprintf("%s: timeout waiting for BBP/RF to wakeup\n",
1903 device_get_nameunit(sc->sc_dev));
1904 error = ETIMEDOUT;
1905 goto fail;
1906 }
1907
1908 error = rum_bbp_init(sc);
1909 if (error)
1910 goto fail;
1911
1912 /* select default channel */
1913 sc->sc_curchan = ic->ic_curchan = ic->ic_ibss_chan;
1914
1915 rum_select_band(sc, sc->sc_curchan);
1916 rum_select_antenna(sc);
1917 rum_set_chan(sc, sc->sc_curchan);
1918
1919 /* clear STA registers */
1920 rum_read_multi(sc, RT2573_STA_CSR0, sc->sta, sizeof sc->sta);
1921
1922 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp));
1923 rum_set_macaddr(sc, ic->ic_myaddr);
1924
1925 /* initialize ASIC */
1926 rum_write(sc, RT2573_MAC_CSR1, 4);
1927
1928 /*
1929 * Allocate xfer for AMRR statistics requests.
1930 */
1931 sc->stats_xfer = usbd_alloc_xfer(sc->sc_udev);
1932 if (sc->stats_xfer == NULL) {
1933 kprintf("%s: could not allocate AMRR xfer\n",
1934 device_get_nameunit(sc->sc_dev));
1935 error = ENOMEM;
1936 goto fail;
1937 }
1938
1939 /*
1940 * Open Tx and Rx USB bulk pipes.
1941 */
1942 usb_err = usbd_open_pipe(sc->sc_iface, sc->sc_tx_no, USBD_EXCLUSIVE_USE,
1943 &sc->sc_tx_pipeh);
1944 if (usb_err != USBD_NORMAL_COMPLETION) {
1945 kprintf("%s: could not open Tx pipe: %s\n",
1946 device_get_nameunit(sc->sc_dev), usbd_errstr(usb_err));
1947 error = EIO;
1948 goto fail;
1949 }
1950
1951 usb_err = usbd_open_pipe(sc->sc_iface, sc->sc_rx_no, USBD_EXCLUSIVE_USE,
1952 &sc->sc_rx_pipeh);
1953 if (usb_err != USBD_NORMAL_COMPLETION) {
1954 kprintf("%s: could not open Rx pipe: %s\n",
1955 device_get_nameunit(sc->sc_dev), usbd_errstr(usb_err));
1956 error = EIO;
1957 goto fail;
1958 }
1959
1960 /*
1961 * Allocate Tx and Rx xfer queues.
1962 */
1963 error = rum_alloc_tx_list(sc);
1964 if (error) {
1965 kprintf("%s: could not allocate Tx list\n",
1966 device_get_nameunit(sc->sc_dev));
1967 goto fail;
1968 }
1969
1970 error = rum_alloc_rx_list(sc);
1971 if (error) {
1972 kprintf("%s: could not allocate Rx list\n",
1973 device_get_nameunit(sc->sc_dev));
1974 goto fail;
1975 }
1976
1977 /*
1978 * Start up the receive pipe.
1979 */
1980 for (i = 0; i < RT2573_RX_LIST_COUNT; i++) {
1981 data = &sc->rx_data[i];
1982
1983 usbd_setup_xfer(data->xfer, sc->sc_rx_pipeh, data, data->buf,
1984 MCLBYTES, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, rum_rxeof);
1985 usbd_transfer(data->xfer);
1986 }
1987
1988 /* update Rx filter */
1989 tmp = rum_read(sc, RT2573_TXRX_CSR0) & 0xffff;
1990
1991 tmp |= RT2573_DROP_PHY_ERROR | RT2573_DROP_CRC_ERROR;
1992 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1993 tmp |= RT2573_DROP_CTL | RT2573_DROP_VER_ERROR |
1994 RT2573_DROP_ACKCTS;
1995 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
1996 tmp |= RT2573_DROP_TODS;
1997 if (!(ifp->if_flags & IFF_PROMISC))
1998 tmp |= RT2573_DROP_NOT_TO_ME;
1999 }
2000 rum_write(sc, RT2573_TXRX_CSR0, tmp);
2001 fail:
2002 lwkt_serialize_enter(ifp->if_serializer);
2003
2004 if (error) {
2005 rum_stop(sc);
2006 } else {
2007 ifp->if_flags &= ~IFF_OACTIVE;
2008 ifp->if_flags |= IFF_RUNNING;
2009
2010 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
2011 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)
2012 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2013 } else {
2014 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
2015 }
2016 }
2017
2018 crit_exit();
2019 #undef N
2020 }
2021
2022 static void
2023 rum_stop(struct rum_softc *sc)
2024 {
2025 struct ieee80211com *ic = &sc->sc_ic;
2026 struct ifnet *ifp = &ic->ic_if;
2027 uint32_t tmp;
2028
2029 ASSERT_SERIALIZED(ifp->if_serializer);
2030
2031 crit_enter();
2032
2033 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
2034 sc->sc_stopped = 1;
2035
2036 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */
2037
2038 sc->sc_tx_timer = 0;
2039 ifp->if_timer = 0;
2040
2041 lwkt_serialize_exit(ifp->if_serializer);
2042
2043 /* disable Rx */
2044 tmp = rum_read(sc, RT2573_TXRX_CSR0);
2045 rum_write(sc, RT2573_TXRX_CSR0, tmp | RT2573_DISABLE_RX);
2046
2047 /* reset ASIC */
2048 rum_write(sc, RT2573_MAC_CSR1, 3);
2049 rum_write(sc, RT2573_MAC_CSR1, 0);
2050
2051 if (sc->stats_xfer != NULL) {
2052 usbd_free_xfer(sc->stats_xfer);
2053 sc->stats_xfer = NULL;
2054 }
2055
2056 if (sc->sc_rx_pipeh != NULL) {
2057 usbd_abort_pipe(sc->sc_rx_pipeh);
2058 usbd_close_pipe(sc->sc_rx_pipeh);
2059 sc->sc_rx_pipeh = NULL;
2060 }
2061
2062 if (sc->sc_tx_pipeh != NULL) {
2063 usbd_abort_pipe(sc->sc_tx_pipeh);
2064 usbd_close_pipe(sc->sc_tx_pipeh);
2065 sc->sc_tx_pipeh = NULL;
2066 }
2067
2068 lwkt_serialize_enter(ifp->if_serializer);
2069
2070 rum_free_rx_list(sc);
2071 rum_free_tx_list(sc);
2072
2073 crit_exit();
2074 }
2075
2076 static int
2077 rum_load_microcode(struct rum_softc *sc, const uint8_t *ucode, size_t size)
2078 {
2079 usb_device_request_t req;
2080 uint16_t reg = RT2573_MCU_CODE_BASE;
2081 usbd_status error;
2082
2083 /* copy firmware image into NIC */
2084 for (; size >= 4; reg += 4, ucode += 4, size -= 4)
2085 rum_write(sc, reg, UGETDW(ucode));
2086
2087 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
2088 req.bRequest = RT2573_MCU_CNTL;
2089 USETW(req.wValue, RT2573_MCU_RUN);
2090 USETW(req.wIndex, 0);
2091 USETW(req.wLength, 0);
2092
2093 error = usbd_do_request(sc->sc_udev, &req, NULL);
2094 if (error != 0) {
2095 kprintf("%s: could not run firmware: %s\n",
2096 device_get_nameunit(sc->sc_dev), usbd_errstr(error));
2097 }
2098 return error;
2099 }
2100
2101 static int
2102 rum_prepare_beacon(struct rum_softc *sc)
2103 {
2104 struct ieee80211com *ic = &sc->sc_ic;
2105 struct ifnet *ifp = &ic->ic_if;
2106 struct ieee80211_beacon_offsets bo;
2107 struct rum_tx_desc desc;
2108 struct mbuf *m0;
2109 int rate;
2110
2111 lwkt_serialize_enter(ifp->if_serializer);
2112 m0 = ieee80211_beacon_alloc(ic, ic->ic_bss, &bo);
2113 lwkt_serialize_exit(ifp->if_serializer);
2114
2115 if (m0 == NULL) {
2116 if_printf(&ic->ic_if, "could not allocate beacon frame\n");
2117 return ENOBUFS;
2118 }
2119
2120 /* send beacons at the lowest available rate */
2121 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->ni_chan) ? 12 : 2;
2122
2123 rum_setup_tx_desc(sc, &desc, RT2573_TX_TIMESTAMP, RT2573_TX_HWSEQ,
2124 m0->m_pkthdr.len, rate);
2125
2126 /* copy the first 24 bytes of Tx descriptor into NIC memory */
2127 rum_write_multi(sc, RT2573_HW_BEACON_BASE0, (uint8_t *)&desc, 24);
2128
2129 /* copy beacon header and payload into NIC memory */
2130 rum_write_multi(sc, RT2573_HW_BEACON_BASE0 + 24, mtod(m0, uint8_t *),
2131 m0->m_pkthdr.len);
2132
2133 m_freem(m0);
2134
2135 return 0;
2136 }
2137
2138 static void
2139 rum_stats_timeout(void *arg)
2140 {
2141 struct rum_softc *sc = arg;
2142 usb_device_request_t req;
2143
2144 if (sc->sc_stopped)
2145 return;
2146
2147 crit_enter();
2148
2149 /*
2150 * Asynchronously read statistic registers (cleared by read).
2151 */
2152 req.bmRequestType = UT_READ_VENDOR_DEVICE;
2153 req.bRequest = RT2573_READ_MULTI_MAC;
2154 USETW(req.wValue, 0);
2155 USETW(req.wIndex, RT2573_STA_CSR0);
2156 USETW(req.wLength, sizeof(sc->sta));
2157
2158 usbd_setup_default_xfer(sc->stats_xfer, sc->sc_udev, sc,
2159 USBD_DEFAULT_TIMEOUT, &req,
2160 sc->sta, sizeof(sc->sta), 0,
2161 rum_stats_update);
2162 usbd_transfer(sc->stats_xfer);
2163
2164 crit_exit();
2165 }
2166
2167 static void
2168 rum_stats_update(usbd_xfer_handle xfer, usbd_private_handle priv,
2169 usbd_status status)
2170 {
2171 struct rum_softc *sc = (struct rum_softc *)priv;
2172 struct ifnet *ifp = &sc->sc_ic.ic_if;
2173 struct ieee80211_ratectl_stats *stats = &sc->sc_stats;
2174
2175 if (status != USBD_NORMAL_COMPLETION) {
2176 kprintf("%s: could not retrieve Tx statistics - cancelling "
2177 "automatic rate control\n", device_get_nameunit(sc->sc_dev));
2178 return;
2179 }
2180
2181 crit_enter();
2182
2183 /* count TX retry-fail as Tx errors */
2184 ifp->if_oerrors += RUM_TX_PKT_FAIL(sc);
2185
2186 stats->stats_pkt_noretry += RUM_TX_PKT_NO_RETRY(sc);
2187 stats->stats_pkt_ok += RUM_TX_PKT_NO_RETRY(sc) +
2188 RUM_TX_PKT_ONE_RETRY(sc) +
2189 RUM_TX_PKT_MULTI_RETRY(sc);
2190 stats->stats_pkt_err += RUM_TX_PKT_FAIL(sc);
2191
2192 stats->stats_retries += RUM_TX_PKT_ONE_RETRY(sc);
2193 #if 1
2194 /*
2195 * XXX Estimated average:
2196 * Actual number of retries for each packet should belong to
2197 * [2, RUM_TX_SHORT_RETRY_MAX]
2198 */
2199 stats->stats_retries += RUM_TX_PKT_MULTI_RETRY(sc) *
2200 ((2 + RUM_TX_SHORT_RETRY_MAX) / 2);
2201 #else
2202 stats->stats_retries += RUM_TX_PKT_MULTI_RETRY(sc);
2203 #endif
2204 stats->stats_retries += RUM_TX_PKT_FAIL(sc) * RUM_TX_SHORT_RETRY_MAX;
2205
2206 callout_reset(&sc->stats_ch, 4 * hz / 5, rum_stats_timeout, sc);
2207
2208 crit_exit();
2209 }
2210
2211 static void
2212 rum_stats(struct ieee80211com *ic, struct ieee80211_node *ni __unused,
2213 struct ieee80211_ratectl_stats *stats)
2214 {
2215 struct ifnet *ifp = &ic->ic_if;
2216 struct rum_softc *sc = ifp->if_softc;
2217
2218 ASSERT_SERIALIZED(ifp->if_serializer);
2219
2220 bcopy(&sc->sc_stats, stats, sizeof(*stats));
2221 bzero(&sc->sc_stats, sizeof(sc->sc_stats));
2222 }
2223
2224 static void
2225 rum_ratectl_change(struct ieee80211com *ic, u_int orc __unused, u_int nrc)
2226 {
2227 struct ieee80211_ratectl_state *st = &ic->ic_ratectl;
2228 struct ieee80211_onoe_param *oparam;
2229
2230 if (st->rc_st_param != NULL) {
2231 kfree(st->rc_st_param, M_DEVBUF);
2232 st->rc_st_param = NULL;
2233 }
2234
2235 switch (nrc) {
2236 case IEEE80211_RATECTL_ONOE:
2237 oparam = kmalloc(sizeof(*oparam), M_DEVBUF, M_INTWAIT);
2238
2239 IEEE80211_ONOE_PARAM_SETUP(oparam);
2240 oparam->onoe_raise = 15;
2241
2242 st->rc_st_param = oparam;
2243 break;
2244 case IEEE80211_RATECTL_NONE:
2245 /* This could only happen during detaching */
2246 break;
2247 default:
2248 panic("unknown rate control algo %u\n", nrc);
2249 }
2250 }
2251
2252 static int
2253 rum_get_rssi(struct rum_softc *sc, uint8_t raw)
2254 {
2255 int lna, agc, rssi;
2256
2257 lna = (raw >> 5) & 0x3;
2258 agc = raw & 0x1f;
2259
2260 if (lna == 0) {
2261 /*
2262 * No RSSI mapping
2263 *
2264 * NB: Since RSSI is relative to noise floor, -1 is
2265 * adequate for caller to know error happened.
2266 */
2267 return -1;
2268 }
2269
2270 rssi = (2 * agc) - RT2573_NOISE_FLOOR;
2271
2272 if (IEEE80211_IS_CHAN_2GHZ(sc->sc_curchan)) {
2273 rssi += sc->rssi_2ghz_corr;
2274
2275 if (lna == 1)
2276 rssi -= 64;
2277 else if (lna == 2)
2278 rssi -= 74;
2279 else if (lna == 3)
2280 rssi -= 90;
2281 } else {
2282 rssi += sc->rssi_5ghz_corr;
2283
2284 if (!sc->ext_5ghz_lna && lna != 1)
2285 rssi += 4;
2286
2287 if (lna == 1)
2288 rssi -= 64;
2289 else if (lna == 2)
2290 rssi -= 86;
2291 else if (lna == 3)
2292 rssi -= 100;
2293 }
2294 return rssi;
2295 }
DragonFly BSD