root/dev/ic/rt2560.c

DEFINITIONS

1. rt2560_attach
2. rt2560_detach
3. rt2560_alloc_tx_ring
4. rt2560_reset_tx_ring
5. rt2560_free_tx_ring
6. rt2560_alloc_rx_ring
7. rt2560_reset_rx_ring
8. rt2560_free_rx_ring
9. rt2560_node_alloc
10. rt2560_media_change
11. rt2560_next_scan
12. rt2560_iter_func
13. rt2560_amrr_timeout
14. rt2560_newassoc
15. rt2560_newstate
16. rt2560_eeprom_read
17. rt2560_encryption_intr
18. rt2560_tx_intr
19. rt2560_prio_intr
20. rt2560_decryption_intr
21. rt2560_rx_intr
22. rt2560_beacon_expire
23. rt2560_wakeup_expire
24. rt2560_intr
25. rt2560_rxrate
26. rt2560_ack_rate
27. rt2560_txtime
28. rt2560_plcp_signal
29. rt2560_setup_tx_desc
30. rt2560_tx_bcn
31. rt2560_tx_mgt
32. rt2560_tx_data
33. rt2560_start
34. rt2560_watchdog
35. rt2560_ioctl
36. rt2560_bbp_write
37. rt2560_bbp_read
38. rt2560_rf_write
39. rt2560_set_chan
40. rt2560_disable_rf_tune
41. rt2560_enable_tsf_sync
42. rt2560_update_plcp
43. rt2560_updateslot
44. rt2560_set_slottime
45. rt2560_set_basicrates
46. rt2560_update_led
47. rt2560_set_bssid
48. rt2560_set_macaddr
49. rt2560_get_macaddr
50. rt2560_update_promisc
51. rt2560_set_txantenna
52. rt2560_set_rxantenna
53. rt2560_get_rf
54. rt2560_read_eeprom
55. rt2560_bbp_init
56. rt2560_init
57. rt2560_stop
58. rt2560_power
59. rt2560_shutdown

    1 /*      $OpenBSD: rt2560.c,v 1.32 2007/03/08 21:58:27 deraadt Exp $  */
    3 /*-
    4  * Copyright (c) 2005, 2006
    5  *      Damien Bergamini <damien.bergamini@free.fr>
    6  *
    7  * Permission to use, copy, modify, and distribute this software for any
    8  * purpose with or without fee is hereby granted, provided that the above
    9  * copyright notice and this permission notice appear in all copies.
   10  *
   11  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
   12  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
   13  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
   14  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
   15  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   16  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   17  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   18  */
   20 /*-
   21  * Ralink Technology RT2560 chipset driver
   22  * http://www.ralinktech.com/
   23  */
   25 #include "bpfilter.h"
   27 #include <sys/param.h>
   28 #include <sys/sockio.h>
   29 #include <sys/sysctl.h>
   30 #include <sys/mbuf.h>
   31 #include <sys/kernel.h>
   32 #include <sys/socket.h>
   33 #include <sys/systm.h>
   34 #include <sys/malloc.h>
   35 #include <sys/timeout.h>
   36 #include <sys/conf.h>
   37 #include <sys/device.h>
   39 #include <machine/bus.h>
   40 #include <machine/endian.h>
   41 #include <machine/intr.h>
   43 #if NBPFILTER > 0
   44 #include <net/bpf.h>
   45 #endif
   46 #include <net/if.h>
   47 #include <net/if_arp.h>
   48 #include <net/if_dl.h>
   49 #include <net/if_media.h>
   50 #include <net/if_types.h>
   52 #include <netinet/in.h>
   53 #include <netinet/in_systm.h>
   54 #include <netinet/in_var.h>
   55 #include <netinet/if_ether.h>
   56 #include <netinet/ip.h>
   58 #include <net80211/ieee80211_var.h>
   59 #include <net80211/ieee80211_amrr.h>
   60 #include <net80211/ieee80211_radiotap.h>
   62 #include <dev/ic/rt2560reg.h>
   63 #include <dev/ic/rt2560var.h>
   65 #include <dev/pci/pcireg.h>
   66 #include <dev/pci/pcivar.h>
   67 #include <dev/pci/pcidevs.h>
   69 #ifdef RAL_DEBUG
   70 #define DPRINTF(x)      do { if (rt2560_debug > 0) printf x; } while (0)
   71 #define DPRINTFN(n, x)  do { if (rt2560_debug >= (n)) printf x; } while (0)
   72 int rt2560_debug = 1;
   73 #else
   74 #define DPRINTF(x)
   75 #define DPRINTFN(n, x)
   76 #endif
   78 int             rt2560_alloc_tx_ring(struct rt2560_softc *,
   79                     struct rt2560_tx_ring *, int);
   80 void            rt2560_reset_tx_ring(struct rt2560_softc *,
   81                     struct rt2560_tx_ring *);
   82 void            rt2560_free_tx_ring(struct rt2560_softc *,
   83                     struct rt2560_tx_ring *);
   84 int             rt2560_alloc_rx_ring(struct rt2560_softc *,
   85                     struct rt2560_rx_ring *, int);
   86 void            rt2560_reset_rx_ring(struct rt2560_softc *,
   87                     struct rt2560_rx_ring *);
   88 void            rt2560_free_rx_ring(struct rt2560_softc *,
   89                     struct rt2560_rx_ring *);
   90 struct          ieee80211_node *rt2560_node_alloc(struct ieee80211com *);
   91 int             rt2560_media_change(struct ifnet *);
   92 void            rt2560_next_scan(void *);
   93 void            rt2560_iter_func(void *, struct ieee80211_node *);
   94 void            rt2560_amrr_timeout(void *);
   95 void            rt2560_newassoc(struct ieee80211com *, struct ieee80211_node *,
   96                     int);
   97 int             rt2560_newstate(struct ieee80211com *, enum ieee80211_state,
   98                     int);
uint16_t        rt2560_eeprom_read(struct rt2560_softc *, uint8_t);
  100 void            rt2560_encryption_intr(struct rt2560_softc *);
  101 void            rt2560_tx_intr(struct rt2560_softc *);
  102 void            rt2560_prio_intr(struct rt2560_softc *);
  103 void            rt2560_decryption_intr(struct rt2560_softc *);
  104 void            rt2560_rx_intr(struct rt2560_softc *);
  105 void            rt2560_beacon_expire(struct rt2560_softc *);
  106 void            rt2560_wakeup_expire(struct rt2560_softc *);
  107 #if NBPFILTER > 0
uint8_t         rt2560_rxrate(const struct rt2560_rx_desc *);
  109 #endif
  110 int             rt2560_ack_rate(struct ieee80211com *, int);
uint16_t        rt2560_txtime(int, int, uint32_t);
uint8_t         rt2560_plcp_signal(int);
  113 void            rt2560_setup_tx_desc(struct rt2560_softc *,
  114                     struct rt2560_tx_desc *, uint32_t, int, int, int,
bus_addr_t);
  116 int             rt2560_tx_bcn(struct rt2560_softc *, struct mbuf *,
  117                     struct ieee80211_node *);
  118 int             rt2560_tx_mgt(struct rt2560_softc *, struct mbuf *,
  119                     struct ieee80211_node *);
  120 int             rt2560_tx_data(struct rt2560_softc *, struct mbuf *,
  121                     struct ieee80211_node *);
  122 void            rt2560_start(struct ifnet *);
  123 void            rt2560_watchdog(struct ifnet *);
  124 int             rt2560_ioctl(struct ifnet *, u_long, caddr_t);
  125 void            rt2560_bbp_write(struct rt2560_softc *, uint8_t, uint8_t);
uint8_t         rt2560_bbp_read(struct rt2560_softc *, uint8_t);
  127 void            rt2560_rf_write(struct rt2560_softc *, uint8_t, uint32_t);
  128 void            rt2560_set_chan(struct rt2560_softc *,
  129                     struct ieee80211_channel *);
  130 void            rt2560_disable_rf_tune(struct rt2560_softc *);
  131 void            rt2560_enable_tsf_sync(struct rt2560_softc *);
  132 void            rt2560_update_plcp(struct rt2560_softc *);
  133 void            rt2560_updateslot(struct ieee80211com *);
  134 void            rt2560_set_slottime(struct rt2560_softc *);
  135 void            rt2560_set_basicrates(struct rt2560_softc *);
  136 void            rt2560_update_led(struct rt2560_softc *, int, int);
  137 void            rt2560_set_bssid(struct rt2560_softc *, uint8_t *);
  138 void            rt2560_set_macaddr(struct rt2560_softc *, uint8_t *);
  139 void            rt2560_get_macaddr(struct rt2560_softc *, uint8_t *);
  140 void            rt2560_update_promisc(struct rt2560_softc *);
  141 void            rt2560_set_txantenna(struct rt2560_softc *, int);
  142 void            rt2560_set_rxantenna(struct rt2560_softc *, int);
  143 const char      *rt2560_get_rf(int);
  144 void            rt2560_read_eeprom(struct rt2560_softc *);
  145 int             rt2560_bbp_init(struct rt2560_softc *);
  146 int             rt2560_init(struct ifnet *);
  147 void            rt2560_stop(struct ifnet *, int);
  148 void            rt2560_power(int, void *);
  150 static const struct {
uint32_t        reg;
uint32_t        val;
  153 } rt2560_def_mac[] = {
RT2560_DEF_MAC
  155 };
  157 static const struct {
uint8_t reg;
uint8_t val;
  160 } rt2560_def_bbp[] = {
RT2560_DEF_BBP
  162 };
  164 static const uint32_t rt2560_rf2522_r2[]    = RT2560_RF2522_R2;
  165 static const uint32_t rt2560_rf2523_r2[]    = RT2560_RF2523_R2;
  166 static const uint32_t rt2560_rf2524_r2[]    = RT2560_RF2524_R2;
  167 static const uint32_t rt2560_rf2525_r2[]    = RT2560_RF2525_R2;
  168 static const uint32_t rt2560_rf2525_hi_r2[] = RT2560_RF2525_HI_R2;
  169 static const uint32_t rt2560_rf2525e_r2[]   = RT2560_RF2525E_R2;
  170 static const uint32_t rt2560_rf2526_r2[]    = RT2560_RF2526_R2;
  171 static const uint32_t rt2560_rf2526_hi_r2[] = RT2560_RF2526_HI_R2;
  173 int
rt2560_attach(void *xsc, int id)
  175 {
  176         struct rt2560_softc *sc = xsc;
  177         struct ieee80211com *ic = &sc->sc_ic;
  178         struct ifnet *ifp = &ic->ic_if;
  179         int error, i;
sc->amrr.amrr_min_success_threshold =  1;
sc->amrr.amrr_max_success_threshold = 15;
timeout_set(&sc->amrr_to, rt2560_amrr_timeout, sc);
timeout_set(&sc->scan_to, rt2560_next_scan, sc);
  186         /* retrieve RT2560 rev. no */
sc->asic_rev = RAL_READ(sc, RT2560_CSR0);
  189         /* retrieve MAC address */
rt2560_get_macaddr(sc, ic->ic_myaddr);
printf(", address %s\n", ether_sprintf(ic->ic_myaddr));
  193         /* retrieve RF rev. no and various other things from EEPROM */
rt2560_read_eeprom(sc);
printf("%s: MAC/BBP RT2560 (rev 0x%02x), RF %s\n", sc->sc_dev.dv_xname,
sc->asic_rev, rt2560_get_rf(sc->rf_rev));
  199         /*
  200          * Allocate Tx and Rx rings.
  201          */
error = rt2560_alloc_tx_ring(sc, &sc->txq, RT2560_TX_RING_COUNT);
  203         if (error != 0) {
printf("%s: could not allocate Tx ring\n",
sc->sc_dev.dv_xname);
  206                 goto fail1;
  207         }
error = rt2560_alloc_tx_ring(sc, &sc->atimq, RT2560_ATIM_RING_COUNT);
  209         if (error != 0) {
printf("%s: could not allocate ATIM ring\n",
sc->sc_dev.dv_xname);
  212                 goto fail2;
  213         }
error = rt2560_alloc_tx_ring(sc, &sc->prioq, RT2560_PRIO_RING_COUNT);
  215         if (error != 0) {
printf("%s: could not allocate Prio ring\n",
sc->sc_dev.dv_xname);
  218                 goto fail3;
  219         }
error = rt2560_alloc_tx_ring(sc, &sc->bcnq, RT2560_BEACON_RING_COUNT);
  221         if (error != 0) {
printf("%s: could not allocate Beacon ring\n",
sc->sc_dev.dv_xname);
  224                 goto fail4;
  225         }
error = rt2560_alloc_rx_ring(sc, &sc->rxq, RT2560_RX_RING_COUNT);
  227         if (error != 0) {
printf("%s: could not allocate Rx ring\n",
sc->sc_dev.dv_xname);
  230                 goto fail5;
  231         }
ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
ic->ic_state = IEEE80211_S_INIT;
  237         /* set device capabilities */
ic->ic_caps =
IEEE80211_C_IBSS |          /* IBSS mode supported */
IEEE80211_C_MONITOR |       /* monitor mode supported */
IEEE80211_C_HOSTAP |        /* HostAp mode supported */
IEEE80211_C_TXPMGT |        /* tx power management */
IEEE80211_C_SHPREAMBLE |    /* short preamble supported */
IEEE80211_C_SHSLOT |        /* short slot time supported */
IEEE80211_C_WEP;            /* s/w WEP */
  247         /* set supported .11b and .11g rates */
ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b;
ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g;
  251         /* set supported .11b and .11g channels (1 through 14) */
  252         for (i = 1; i <= 14; i++) {
ic->ic_channels[i].ic_freq =
ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
ic->ic_channels[i].ic_flags =
IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
  258         }
ifp->if_softc = sc;
ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
ifp->if_init = rt2560_init;
ifp->if_ioctl = rt2560_ioctl;
ifp->if_start = rt2560_start;
ifp->if_watchdog = rt2560_watchdog;
IFQ_SET_READY(&ifp->if_snd);
memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ);
if_attach(ifp);
ieee80211_ifattach(ifp);
ic->ic_node_alloc = rt2560_node_alloc;
ic->ic_newassoc = rt2560_newassoc;
ic->ic_updateslot = rt2560_updateslot;
  275         /* override state transition machine */
sc->sc_newstate = ic->ic_newstate;
ic->ic_newstate = rt2560_newstate;
ieee80211_media_init(ifp, rt2560_media_change, ieee80211_media_status);
  280 #if NBPFILTER > 0
bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO,
  282             sizeof (struct ieee80211_frame) + 64);
sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
sc->sc_rxtap.wr_ihdr.it_present = htole32(RT2560_RX_RADIOTAP_PRESENT);
sc->sc_txtap_len = sizeof sc->sc_txtapu;
sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
sc->sc_txtap.wt_ihdr.it_present = htole32(RT2560_TX_RADIOTAP_PRESENT);
  291 #endif
  293         /*
  294          * Make sure the interface is shutdown during reboot.
  295          */
sc->sc_sdhook = shutdownhook_establish(rt2560_shutdown, sc);
  297         if (sc->sc_sdhook == NULL) {
printf("%s: WARNING: unable to establish shutdown hook\n",
sc->sc_dev.dv_xname);
  300         }
sc->sc_powerhook = powerhook_establish(rt2560_power, sc);
  302         if (sc->sc_powerhook == NULL) {
printf("%s: WARNING: unable to establish power hook\n",
sc->sc_dev.dv_xname);
  305         }
  306         return 0;
fail5:  rt2560_free_tx_ring(sc, &sc->bcnq);
fail4:  rt2560_free_tx_ring(sc, &sc->prioq);
fail3:  rt2560_free_tx_ring(sc, &sc->atimq);
fail2:  rt2560_free_tx_ring(sc, &sc->txq);
fail1:  return ENXIO;
  313 }
  315 int
rt2560_detach(void *xsc)
  317 {
  318         struct rt2560_softc *sc = xsc;
  319         struct ifnet *ifp = &sc->sc_ic.ic_if;
timeout_del(&sc->scan_to);
timeout_del(&sc->amrr_to);
ieee80211_ifdetach(ifp);        /* free all nodes */
if_detach(ifp);
  327         if (sc->sc_powerhook != NULL)
powerhook_disestablish(sc->sc_powerhook);
  329         if (sc->sc_sdhook != NULL)
shutdownhook_disestablish(sc->sc_sdhook);
rt2560_free_tx_ring(sc, &sc->txq);
rt2560_free_tx_ring(sc, &sc->atimq);
rt2560_free_tx_ring(sc, &sc->prioq);
rt2560_free_tx_ring(sc, &sc->bcnq);
rt2560_free_rx_ring(sc, &sc->rxq);
  338         return 0;
  339 }
  341 int
rt2560_alloc_tx_ring(struct rt2560_softc *sc, struct rt2560_tx_ring *ring,
  343     int count)
  344 {
  345         int i, nsegs, error;
ring->count = count;
ring->queued = 0;
ring->cur = ring->next = 0;
ring->cur_encrypt = ring->next_encrypt = 0;
error = bus_dmamap_create(sc->sc_dmat, count * RT2560_TX_DESC_SIZE, 1,
count * RT2560_TX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map);
  354         if (error != 0) {
printf("%s: could not create desc DMA map\n",
sc->sc_dev.dv_xname);
  357                 goto fail;
  358         }
error = bus_dmamem_alloc(sc->sc_dmat, count * RT2560_TX_DESC_SIZE,
PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT);
  362         if (error != 0) {
printf("%s: could not allocate DMA memory\n",
sc->sc_dev.dv_xname);
  365                 goto fail;
  366         }
error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs,
count * RT2560_TX_DESC_SIZE, (caddr_t *)&ring->desc,
BUS_DMA_NOWAIT);
  371         if (error != 0) {
printf("%s: could not map desc DMA memory\n",
sc->sc_dev.dv_xname);
  374                 goto fail;
  375         }
error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc,
count * RT2560_TX_DESC_SIZE, NULL, BUS_DMA_NOWAIT);
  379         if (error != 0) {
printf("%s: could not load desc DMA map\n",
sc->sc_dev.dv_xname);
  382                 goto fail;
  383         }
memset(ring->desc, 0, count * RT2560_TX_DESC_SIZE);
ring->physaddr = ring->map->dm_segs->ds_addr;
ring->data = malloc(count * sizeof (struct rt2560_tx_data), M_DEVBUF,
M_NOWAIT);
  390         if (ring->data == NULL) {
printf("%s: could not allocate soft data\n",
sc->sc_dev.dv_xname);
error = ENOMEM;
  394                 goto fail;
  395         }
memset(ring->data, 0, count * sizeof (struct rt2560_tx_data));
  398         for (i = 0; i < count; i++) {
error = bus_dmamap_create(sc->sc_dmat, MCLBYTES,
RT2560_MAX_SCATTER, MCLBYTES, 0, BUS_DMA_NOWAIT,
  401                     &ring->data[i].map);
  402                 if (error != 0) {
printf("%s: could not create DMA map\n",
sc->sc_dev.dv_xname);
  405                         goto fail;
  406                 }
  407         }
  409         return 0;
fail:   rt2560_free_tx_ring(sc, ring);
  412         return error;
  413 }
  415 void
rt2560_reset_tx_ring(struct rt2560_softc *sc, struct rt2560_tx_ring *ring)
  417 {
  418         int i;
  420         for (i = 0; i < ring->count; i++) {
  421                 struct rt2560_tx_desc *desc = &ring->desc[i];
  422                 struct rt2560_tx_data *data = &ring->data[i];
  424                 if (data->m != NULL) {
bus_dmamap_sync(sc->sc_dmat, data->map, 0,
data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
bus_dmamap_unload(sc->sc_dmat, data->map);
m_freem(data->m);
data->m = NULL;
  430                 }
  432                 /*
  433                  * The node has already been freed at that point so don't call
  434                  * ieee80211_release_node() here.
  435                  */
data->ni = NULL;
desc->flags = 0;
  439         }
bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize,
BUS_DMASYNC_PREWRITE);
ring->queued = 0;
ring->cur = ring->next = 0;
ring->cur_encrypt = ring->next_encrypt = 0;
  447 }
  449 void
rt2560_free_tx_ring(struct rt2560_softc *sc, struct rt2560_tx_ring *ring)
  451 {
  452         int i;
  454         if (ring->desc != NULL) {
bus_dmamap_sync(sc->sc_dmat, ring->map, 0,
ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
bus_dmamap_unload(sc->sc_dmat, ring->map);
bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc,
ring->count * RT2560_TX_DESC_SIZE);
bus_dmamem_free(sc->sc_dmat, &ring->seg, 1);
  461         }
  463         if (ring->data != NULL) {
  464                 for (i = 0; i < ring->count; i++) {
  465                         struct rt2560_tx_data *data = &ring->data[i];
  467                         if (data->m != NULL) {
bus_dmamap_sync(sc->sc_dmat, data->map, 0,
data->map->dm_mapsize,
BUS_DMASYNC_POSTWRITE);
bus_dmamap_unload(sc->sc_dmat, data->map);
m_freem(data->m);
  473                         }
  475                         /*
  476                          * The node has already been freed at that point so
  477                          * don't call ieee80211_release_node() here.
  478                          */
data->ni = NULL;
  481                         if (data->map != NULL)
bus_dmamap_destroy(sc->sc_dmat, data->map);
  483                 }
free(ring->data, M_DEVBUF);
  485         }
  486 }
  488 int
rt2560_alloc_rx_ring(struct rt2560_softc *sc, struct rt2560_rx_ring *ring,
  490     int count)
  491 {
  492         int i, nsegs, error;
ring->count = count;
ring->cur = ring->next = 0;
ring->cur_decrypt = 0;
error = bus_dmamap_create(sc->sc_dmat, count * RT2560_RX_DESC_SIZE, 1,
count * RT2560_RX_DESC_SIZE, 0, BUS_DMA_NOWAIT, &ring->map);
  500         if (error != 0) {
printf("%s: could not create desc DMA map\n",
sc->sc_dev.dv_xname);
  503                 goto fail;
  504         }
error = bus_dmamem_alloc(sc->sc_dmat, count * RT2560_RX_DESC_SIZE,
PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT);
  508         if (error != 0) {
printf("%s: could not allocate DMA memory\n",
sc->sc_dev.dv_xname);
  511                 goto fail;
  512         }
error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs,
count * RT2560_RX_DESC_SIZE, (caddr_t *)&ring->desc,
BUS_DMA_NOWAIT);
  517         if (error != 0) {
printf("%s: could not map desc DMA memory\n",
sc->sc_dev.dv_xname);
  520                 goto fail;
  521         }
error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc,
count * RT2560_RX_DESC_SIZE, NULL, BUS_DMA_NOWAIT);
  525         if (error != 0) {
printf("%s: could not load desc DMA map\n",
sc->sc_dev.dv_xname);
  528                 goto fail;
  529         }
memset(ring->desc, 0, count * RT2560_RX_DESC_SIZE);
ring->physaddr = ring->map->dm_segs->ds_addr;
ring->data = malloc(count * sizeof (struct rt2560_rx_data), M_DEVBUF,
M_NOWAIT);
  536         if (ring->data == NULL) {
printf("%s: could not allocate soft data\n",
sc->sc_dev.dv_xname);
error = ENOMEM;
  540                 goto fail;
  541         }
  543         /*
  544          * Pre-allocate Rx buffers and populate Rx ring.
  545          */
memset(ring->data, 0, count * sizeof (struct rt2560_rx_data));
  547         for (i = 0; i < count; i++) {
  548                 struct rt2560_rx_desc *desc = &sc->rxq.desc[i];
  549                 struct rt2560_rx_data *data = &sc->rxq.data[i];
error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES,
  552                     0, BUS_DMA_NOWAIT, &data->map);
  553                 if (error != 0) {
printf("%s: could not create DMA map\n",
sc->sc_dev.dv_xname);
  556                         goto fail;
  557                 }
MGETHDR(data->m, M_DONTWAIT, MT_DATA);
  560                 if (data->m == NULL) {
printf("%s: could not allocate rx mbuf\n",
sc->sc_dev.dv_xname);
error = ENOMEM;
  564                         goto fail;
  565                 }
MCLGET(data->m, M_DONTWAIT);
  567                 if (!(data->m->m_flags & M_EXT)) {
printf("%s: could not allocate rx mbuf cluster\n",
sc->sc_dev.dv_xname);
error = ENOMEM;
  571                         goto fail;
  572                 }
error = bus_dmamap_load(sc->sc_dmat, data->map,
mtod(data->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT);
  576                 if (error != 0) {
printf("%s: could not load rx buf DMA map",
sc->sc_dev.dv_xname);
  579                         goto fail;
  580                 }
desc->flags = htole32(RT2560_RX_BUSY);
desc->physaddr = htole32(data->map->dm_segs->ds_addr);
  584         }
bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize,
BUS_DMASYNC_PREWRITE);
  589         return 0;
fail:   rt2560_free_rx_ring(sc, ring);
  592         return error;
  593 }
  595 void
rt2560_reset_rx_ring(struct rt2560_softc *sc, struct rt2560_rx_ring *ring)
  597 {
  598         int i;
  600         for (i = 0; i < ring->count; i++) {
ring->desc[i].flags = htole32(RT2560_RX_BUSY);
ring->data[i].drop = 0;
  603         }
bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize,
BUS_DMASYNC_PREWRITE);
ring->cur = ring->next = 0;
ring->cur_decrypt = 0;
  610 }
  612 void
rt2560_free_rx_ring(struct rt2560_softc *sc, struct rt2560_rx_ring *ring)
  614 {
  615         int i;
  617         if (ring->desc != NULL) {
bus_dmamap_sync(sc->sc_dmat, ring->map, 0,
ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
bus_dmamap_unload(sc->sc_dmat, ring->map);
bus_dmamem_unmap(sc->sc_dmat, (caddr_t)ring->desc,
ring->count * RT2560_RX_DESC_SIZE);
bus_dmamem_free(sc->sc_dmat, &ring->seg, 1);
  624         }
  626         if (ring->data != NULL) {
  627                 for (i = 0; i < ring->count; i++) {
  628                         struct rt2560_rx_data *data = &ring->data[i];
  630                         if (data->m != NULL) {
bus_dmamap_sync(sc->sc_dmat, data->map, 0,
data->map->dm_mapsize,
BUS_DMASYNC_POSTREAD);
bus_dmamap_unload(sc->sc_dmat, data->map);
m_freem(data->m);
  636                         }
  638                         if (data->map != NULL)
bus_dmamap_destroy(sc->sc_dmat, data->map);
  640                 }
free(ring->data, M_DEVBUF);
  642         }
  643 }
  645 struct ieee80211_node *
rt2560_node_alloc(struct ieee80211com *ic)
  647 {
  648         struct rt2560_node *rn;
rn = malloc(sizeof (struct rt2560_node), M_DEVBUF, M_NOWAIT);
  651         if (rn != NULL)
bzero(rn, sizeof (struct rt2560_node));
  653         return (struct ieee80211_node *)rn;
  654 }
  656 int
rt2560_media_change(struct ifnet *ifp)
  658 {
  659         int error;
error = ieee80211_media_change(ifp);
  662         if (error != ENETRESET)
  663                 return error;
  665         if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING))
rt2560_init(ifp);
  668         return 0;
  669 }
  671 /*
  672  * This function is called periodically (every 200ms) during scanning to
  673  * switch from one channel to another.
  674  */
  675 void
rt2560_next_scan(void *arg)
  677 {
  678         struct rt2560_softc *sc = arg;
  679         struct ieee80211com *ic = &sc->sc_ic;
  680         struct ifnet *ifp = &ic->ic_if;
  681         int s;
s = splnet();
  684         if (ic->ic_state == IEEE80211_S_SCAN)
ieee80211_next_scan(ifp);
splx(s);
  687 }
  689 /*
  690  * This function is called for each neighbor node.
  691  */
  692 void
rt2560_iter_func(void *arg, struct ieee80211_node *ni)
  694 {
  695         struct rt2560_softc *sc = arg;
  696         struct rt2560_node *rn = (struct rt2560_node *)ni;
ieee80211_amrr_choose(&sc->amrr, ni, &rn->amn);
  699 }
  701 void
rt2560_amrr_timeout(void *arg)
  703 {
  704         struct rt2560_softc *sc = arg;
  705         struct ieee80211com *ic = &sc->sc_ic;
  706         int s;
s = splnet();
  709         if (ic->ic_opmode == IEEE80211_M_STA)
rt2560_iter_func(sc, ic->ic_bss);
  711         else
ieee80211_iterate_nodes(ic, rt2560_iter_func, sc);
splx(s);
timeout_add(&sc->amrr_to, hz / 2);
  716 }
  718 void
rt2560_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew)
  720 {
  721         struct rt2560_softc *sc = ic->ic_softc;
  722         int i;
ieee80211_amrr_node_init(&sc->amrr, &((struct rt2560_node *)ni)->amn);
  726         /* set rate to some reasonable initial value */
  727         for (i = ni->ni_rates.rs_nrates - 1;
i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72;
i--);
ni->ni_txrate = i;
  731 }
  733 int
rt2560_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
  735 {
  736         struct rt2560_softc *sc = ic->ic_if.if_softc;
  737         enum ieee80211_state ostate;
  738         struct ieee80211_node *ni;
  739         struct mbuf *m;
  740         int error = 0;
ostate = ic->ic_state;
timeout_del(&sc->scan_to);
timeout_del(&sc->amrr_to);
  746         switch (nstate) {
  747         case IEEE80211_S_INIT:
  748                 if (ostate == IEEE80211_S_RUN) {
  749                         /* abort TSF synchronization */
RAL_WRITE(sc, RT2560_CSR14, 0);
  752                         /* turn association led off */
rt2560_update_led(sc, 0, 0);
  754                 }
  755                 break;
  757         case IEEE80211_S_SCAN:
rt2560_set_chan(sc, ic->ic_bss->ni_chan);
timeout_add(&sc->scan_to, hz / 5);
  760                 break;
  762         case IEEE80211_S_AUTH:
rt2560_set_chan(sc, ic->ic_bss->ni_chan);
  764                 break;
  766         case IEEE80211_S_ASSOC:
rt2560_set_chan(sc, ic->ic_bss->ni_chan);
  768                 break;
  770         case IEEE80211_S_RUN:
rt2560_set_chan(sc, ic->ic_bss->ni_chan);
ni = ic->ic_bss;
  775                 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
rt2560_update_plcp(sc);
rt2560_set_slottime(sc);
rt2560_set_basicrates(sc);
rt2560_set_bssid(sc, ni->ni_bssid);
  780                 }
  782                 if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
ic->ic_opmode == IEEE80211_M_IBSS) {
m = ieee80211_beacon_alloc(ic, ni);
  785                         if (m == NULL) {
printf("%s: could not allocate beacon\n",
sc->sc_dev.dv_xname);
error = ENOBUFS;
  789                                 break;
  790                         }
error = rt2560_tx_bcn(sc, m, ni);
  793                         if (error != 0)
  794                                 break;
  795                 }
  797                 /* turn assocation led on */
rt2560_update_led(sc, 1, 0);
  800                 if (ic->ic_opmode == IEEE80211_M_STA) {
  801                         /* fake a join to init the tx rate */
rt2560_newassoc(ic, ni, 1);
  803                 }
  805                 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
  806                         /* start automatic rate control timer */
  807                         if (ic->ic_fixed_rate == -1)
timeout_add(&sc->amrr_to, hz / 2);
rt2560_enable_tsf_sync(sc);
  811                 }
  812                 break;
  813         }
  815         return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg);
  816 }
  818 /*
  819  * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46 or
  820  * 93C66).
  821  */
uint16_t
rt2560_eeprom_read(struct rt2560_softc *sc, uint8_t addr)
  824 {
uint32_t tmp;
uint16_t val;
  827         int n;
  829         /* clock C once before the first command */
RT2560_EEPROM_CTL(sc, 0);
RT2560_EEPROM_CTL(sc, RT2560_S);
RT2560_EEPROM_CTL(sc, RT2560_S | RT2560_C);
RT2560_EEPROM_CTL(sc, RT2560_S);
  836         /* write start bit (1) */
RT2560_EEPROM_CTL(sc, RT2560_S | RT2560_D);
RT2560_EEPROM_CTL(sc, RT2560_S | RT2560_D | RT2560_C);
  840         /* write READ opcode (10) */
RT2560_EEPROM_CTL(sc, RT2560_S | RT2560_D);
RT2560_EEPROM_CTL(sc, RT2560_S | RT2560_D | RT2560_C);
RT2560_EEPROM_CTL(sc, RT2560_S);
RT2560_EEPROM_CTL(sc, RT2560_S | RT2560_C);
  846         /* write address (A5-A0 or A7-A0) */
n = (RAL_READ(sc, RT2560_CSR21) & RT2560_93C46) ? 5 : 7;
  848         for (; n >= 0; n--) {
RT2560_EEPROM_CTL(sc, RT2560_S |
  850                     (((addr >> n) & 1) << RT2560_SHIFT_D));
RT2560_EEPROM_CTL(sc, RT2560_S |
  852                     (((addr >> n) & 1) << RT2560_SHIFT_D) | RT2560_C);
  853         }
RT2560_EEPROM_CTL(sc, RT2560_S);
  857         /* read data Q15-Q0 */
val = 0;
  859         for (n = 15; n >= 0; n--) {
RT2560_EEPROM_CTL(sc, RT2560_S | RT2560_C);
tmp = RAL_READ(sc, RT2560_CSR21);
val |= ((tmp & RT2560_Q) >> RT2560_SHIFT_Q) << n;
RT2560_EEPROM_CTL(sc, RT2560_S);
  864         }
RT2560_EEPROM_CTL(sc, 0);
  868         /* clear Chip Select and clock C */
RT2560_EEPROM_CTL(sc, RT2560_S);
RT2560_EEPROM_CTL(sc, 0);
RT2560_EEPROM_CTL(sc, RT2560_C);
  873         return val;
  874 }
  876 /*
  877  * Some frames were processed by the hardware cipher engine and are ready for
  878  * transmission.
  879  */
  880 void
rt2560_encryption_intr(struct rt2560_softc *sc)
  882 {
  883         int hw;
  885         /* retrieve last descriptor index processed by cipher engine */
hw = (RAL_READ(sc, RT2560_SECCSR1) - sc->txq.physaddr) /
RT2560_TX_DESC_SIZE;
  889         for (; sc->txq.next_encrypt != hw;) {
  890                 struct rt2560_tx_desc *desc =
  891                     &sc->txq.desc[sc->txq.next_encrypt];
bus_dmamap_sync(sc->sc_dmat, sc->txq.map,
sc->txq.next_encrypt * RT2560_TX_DESC_SIZE,
RT2560_TX_DESC_SIZE, BUS_DMASYNC_POSTREAD);
  897                 if (letoh32(desc->flags) &
  898                     (RT2560_TX_BUSY | RT2560_TX_CIPHER_BUSY))
  899                         break;
  901                 /* for TKIP, swap eiv field to fix a bug in ASIC */
  902                 if ((letoh32(desc->flags) & RT2560_TX_CIPHER_MASK) ==
RT2560_TX_CIPHER_TKIP)
desc->eiv = swap32(desc->eiv);
  906                 /* mark the frame ready for transmission */
desc->flags |= htole32(RT2560_TX_BUSY | RT2560_TX_VALID);
bus_dmamap_sync(sc->sc_dmat, sc->txq.map,
sc->txq.next_encrypt * RT2560_TX_DESC_SIZE,
RT2560_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE);
DPRINTFN(15, ("encryption done idx=%u\n",
sc->txq.next_encrypt));
sc->txq.next_encrypt =
  917                     (sc->txq.next_encrypt + 1) % RT2560_TX_RING_COUNT;
  918         }
  920         /* kick Tx */
RAL_WRITE(sc, RT2560_TXCSR0, RT2560_KICK_TX);
  922 }
  924 void
rt2560_tx_intr(struct rt2560_softc *sc)
  926 {
  927         struct ieee80211com *ic = &sc->sc_ic;
  928         struct ifnet *ifp = &ic->ic_if;
  930         for (;;) {
  931                 struct rt2560_tx_desc *desc = &sc->txq.desc[sc->txq.next];
  932                 struct rt2560_tx_data *data = &sc->txq.data[sc->txq.next];
  933                 struct rt2560_node *rn;
bus_dmamap_sync(sc->sc_dmat, sc->txq.map,
sc->txq.next * RT2560_TX_DESC_SIZE, RT2560_TX_DESC_SIZE,
BUS_DMASYNC_POSTREAD);
  939                 if ((letoh32(desc->flags) & RT2560_TX_BUSY) ||
  940                     (letoh32(desc->flags) & RT2560_TX_CIPHER_BUSY) ||
  941                     !(letoh32(desc->flags) & RT2560_TX_VALID))
  942                         break;
rn = (struct rt2560_node *)data->ni;
  946                 switch (letoh32(desc->flags) & RT2560_TX_RESULT_MASK) {
  947                 case RT2560_TX_SUCCESS:
DPRINTFN(10, ("data frame sent successfully\n"));
rn->amn.amn_txcnt++;
ifp->if_opackets++;
  951                         break;
  953                 case RT2560_TX_SUCCESS_RETRY:
DPRINTFN(9, ("data frame sent after %u retries\n",
  955                             (letoh32(desc->flags) >> 5) & 0x7));
rn->amn.amn_txcnt++;
rn->amn.amn_retrycnt++;
ifp->if_opackets++;
  959                         break;
  961                 case RT2560_TX_FAIL_RETRY:
DPRINTFN(9, ("sending data frame failed (too much "
  963                             "retries)\n"));
rn->amn.amn_txcnt++;
rn->amn.amn_retrycnt++;
ifp->if_oerrors++;
  967                         break;
  969                 case RT2560_TX_FAIL_INVALID:
  970                 case RT2560_TX_FAIL_OTHER:
  971                 default:
printf("%s: sending data frame failed 0x%08x\n",
sc->sc_dev.dv_xname, letoh32(desc->flags));
ifp->if_oerrors++;
  975                 }
bus_dmamap_sync(sc->sc_dmat, data->map, 0,
data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
bus_dmamap_unload(sc->sc_dmat, data->map);
m_freem(data->m);
data->m = NULL;
ieee80211_release_node(ic, data->ni);
data->ni = NULL;
  985                 /* descriptor is no longer valid */
desc->flags &= ~htole32(RT2560_TX_VALID);
bus_dmamap_sync(sc->sc_dmat, sc->txq.map,
sc->txq.next * RT2560_TX_DESC_SIZE, RT2560_TX_DESC_SIZE,
BUS_DMASYNC_PREWRITE);
DPRINTFN(15, ("tx done idx=%u\n", sc->txq.next));
sc->txq.queued--;
sc->txq.next = (sc->txq.next + 1) % RT2560_TX_RING_COUNT;
  996         }
sc->sc_tx_timer = 0;
ifp->if_flags &= ~IFF_OACTIVE;
rt2560_start(ifp);
 1001 }
 1003 void
rt2560_prio_intr(struct rt2560_softc *sc)
 1005 {
 1006         struct ieee80211com *ic = &sc->sc_ic;
 1007         struct ifnet *ifp = &ic->ic_if;
 1009         for (;;) {
 1010                 struct rt2560_tx_desc *desc = &sc->prioq.desc[sc->prioq.next];
 1011                 struct rt2560_tx_data *data = &sc->prioq.data[sc->prioq.next];
bus_dmamap_sync(sc->sc_dmat, sc->prioq.map,
sc->prioq.next * RT2560_TX_DESC_SIZE, RT2560_TX_DESC_SIZE,
BUS_DMASYNC_POSTREAD);
 1017                 if ((letoh32(desc->flags) & RT2560_TX_BUSY) ||
 1018                     !(letoh32(desc->flags) & RT2560_TX_VALID))
 1019                         break;
 1021                 switch (letoh32(desc->flags) & RT2560_TX_RESULT_MASK) {
 1022                 case RT2560_TX_SUCCESS:
DPRINTFN(10, ("mgt frame sent successfully\n"));
 1024                         break;
 1026                 case RT2560_TX_SUCCESS_RETRY:
DPRINTFN(9, ("mgt frame sent after %u retries\n",
 1028                             (letoh32(desc->flags) >> 5) & 0x7));
 1029                         break;
 1031                 case RT2560_TX_FAIL_RETRY:
DPRINTFN(9, ("sending mgt frame failed (too much "
 1033                             "retries)\n"));
 1034                         break;
 1036                 case RT2560_TX_FAIL_INVALID:
 1037                 case RT2560_TX_FAIL_OTHER:
 1038                 default:
printf("%s: sending mgt frame failed 0x%08x\n",
sc->sc_dev.dv_xname, letoh32(desc->flags));
 1041                 }
bus_dmamap_sync(sc->sc_dmat, data->map, 0,
data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE);
bus_dmamap_unload(sc->sc_dmat, data->map);
m_freem(data->m);
data->m = NULL;
ieee80211_release_node(ic, data->ni);
data->ni = NULL;
 1051                 /* descriptor is no longer valid */
desc->flags &= ~htole32(RT2560_TX_VALID);
bus_dmamap_sync(sc->sc_dmat, sc->prioq.map,
sc->prioq.next * RT2560_TX_DESC_SIZE, RT2560_TX_DESC_SIZE,
BUS_DMASYNC_PREWRITE);
DPRINTFN(15, ("prio done idx=%u\n", sc->prioq.next));
sc->prioq.queued--;
sc->prioq.next = (sc->prioq.next + 1) % RT2560_PRIO_RING_COUNT;
 1062         }
sc->sc_tx_timer = 0;
ifp->if_flags &= ~IFF_OACTIVE;
rt2560_start(ifp);
 1067 }
 1069 /*
 1070  * Some frames were processed by the hardware cipher engine and are ready for
 1071  * transmission to the IEEE802.11 layer.
 1072  */
 1073 void
rt2560_decryption_intr(struct rt2560_softc *sc)
 1075 {
 1076         struct ieee80211com *ic = &sc->sc_ic;
 1077         struct ifnet *ifp = &ic->ic_if;
 1078         struct ieee80211_frame *wh;
 1079         struct ieee80211_node *ni;
 1080         struct mbuf *mnew, *m;
 1081         int hw, error;
 1083         /* retrieve last decriptor index processed by cipher engine */
hw = (RAL_READ(sc, RT2560_SECCSR0) - sc->rxq.physaddr) /
RT2560_RX_DESC_SIZE;
 1087         for (; sc->rxq.cur_decrypt != hw;) {
 1088                 struct rt2560_rx_desc *desc =
 1089                     &sc->rxq.desc[sc->rxq.cur_decrypt];
 1090                 struct rt2560_rx_data *data =
 1091                     &sc->rxq.data[sc->rxq.cur_decrypt];
bus_dmamap_sync(sc->sc_dmat, sc->rxq.map,
sc->rxq.cur_decrypt * RT2560_TX_DESC_SIZE,
RT2560_TX_DESC_SIZE, BUS_DMASYNC_POSTREAD);
 1097                 if (letoh32(desc->flags) &
 1098                     (RT2560_RX_BUSY | RT2560_RX_CIPHER_BUSY))
 1099                         break;
 1101                 if (data->drop) {
ifp->if_ierrors++;
 1103                         goto skip;
 1104                 }
 1106                 if ((letoh32(desc->flags) & RT2560_RX_CIPHER_MASK) != 0 &&
 1107                     (letoh32(desc->flags) & RT2560_RX_ICV_ERROR)) {
ifp->if_ierrors++;
 1109                         goto skip;
 1110                 }
 1112                 /*
 1113                  * Try to allocate a new mbuf for this ring element and load it
 1114                  * before processing the current mbuf.  If the ring element
 1115                  * cannot be loaded, drop the received packet and reuse the old
 1116                  * mbuf.  In the unlikely case that the old mbuf can't be
 1117                  * reloaded either, explicitly panic.
 1118                  */
MGETHDR(mnew, M_DONTWAIT, MT_DATA);
 1120                 if (mnew == NULL) {
ifp->if_ierrors++;
 1122                         goto skip;
 1123                 }
MCLGET(mnew, M_DONTWAIT);
 1125                 if (!(mnew->m_flags & M_EXT)) {
m_freem(mnew);
ifp->if_ierrors++;
 1128                         goto skip;
 1129                 }
bus_dmamap_sync(sc->sc_dmat, data->map, 0,
data->map->dm_mapsize, BUS_DMASYNC_POSTREAD);
bus_dmamap_unload(sc->sc_dmat, data->map);
error = bus_dmamap_load(sc->sc_dmat, data->map,
mtod(mnew, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT);
 1137                 if (error != 0) {
m_freem(mnew);
 1140                         /* try to reload the old mbuf */
error = bus_dmamap_load(sc->sc_dmat, data->map,
mtod(data->m, void *), MCLBYTES, NULL,
BUS_DMA_NOWAIT);
 1144                         if (error != 0) {
 1145                                 /* very unlikely that it will fail... */
panic("%s: could not load old rx mbuf",
sc->sc_dev.dv_xname);
 1148                         }
ifp->if_ierrors++;
 1150                         goto skip;
 1151                 }
 1153                 /*
 1154                  * New mbuf successfully loaded, update Rx ring and continue
 1155                  * processing.
 1156                  */
m = data->m;
data->m = mnew;
desc->physaddr = htole32(data->map->dm_segs->ds_addr);
 1161                 /* finalize mbuf */
m->m_pkthdr.rcvif = ifp;
m->m_pkthdr.len = m->m_len =
 1164                     (letoh32(desc->flags) >> 16) & 0xfff;
 1166 #if NBPFILTER > 0
 1167                 if (sc->sc_drvbpf != NULL) {
 1168                         struct mbuf mb;
 1169                         struct rt2560_rx_radiotap_header *tap = &sc->sc_rxtap;
uint32_t tsf_lo, tsf_hi;
 1172                         /* get timestamp (low and high 32 bits) */
tsf_hi = RAL_READ(sc, RT2560_CSR17);
tsf_lo = RAL_READ(sc, RT2560_CSR16);
tap->wr_tsf =
htole64(((uint64_t)tsf_hi << 32) | tsf_lo);
tap->wr_flags = 0;
tap->wr_rate = rt2560_rxrate(desc);
tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
tap->wr_chan_flags =
htole16(ic->ic_ibss_chan->ic_flags);
tap->wr_antenna = sc->rx_ant;
tap->wr_antsignal = desc->rssi;
mb.m_data = (caddr_t)tap;
mb.m_len = sc->sc_txtap_len;
mb.m_next = m;
mb.m_nextpkt = NULL;
mb.m_type = 0;
mb.m_flags = 0;
bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN);
 1193                 }
 1194 #endif
wh = mtod(m, struct ieee80211_frame *);
ni = ieee80211_find_rxnode(ic, wh);
 1198                 /* send the frame to the 802.11 layer */
ieee80211_input(ifp, m, ni, desc->rssi, 0);
 1201                 /* node is no longer needed */
ieee80211_release_node(ic, ni);
skip:           desc->flags = htole32(RT2560_RX_BUSY);
bus_dmamap_sync(sc->sc_dmat, sc->rxq.map,
sc->rxq.cur_decrypt * RT2560_TX_DESC_SIZE,
RT2560_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE);
DPRINTFN(15, ("decryption done idx=%u\n", sc->rxq.cur_decrypt));
sc->rxq.cur_decrypt =
 1213                     (sc->rxq.cur_decrypt + 1) % RT2560_RX_RING_COUNT;
 1214         }
 1216         /*
 1217          * In HostAP mode, ieee80211_input() will enqueue packets in if_snd
 1218          * without calling if_start().
 1219          */
 1220         if (!IFQ_IS_EMPTY(&ifp->if_snd) && !(ifp->if_flags & IFF_OACTIVE))
rt2560_start(ifp);
 1222 }
 1224 /*
 1225  * Some frames were received. Pass them to the hardware cipher engine before
 1226  * sending them to the 802.11 layer.
 1227  */
 1228 void
rt2560_rx_intr(struct rt2560_softc *sc)
 1230 {
 1231         for (;;) {
 1232                 struct rt2560_rx_desc *desc = &sc->rxq.desc[sc->rxq.cur];
 1233                 struct rt2560_rx_data *data = &sc->rxq.data[sc->rxq.cur];
bus_dmamap_sync(sc->sc_dmat, sc->rxq.map,
sc->rxq.cur * RT2560_RX_DESC_SIZE, RT2560_RX_DESC_SIZE,
BUS_DMASYNC_POSTREAD);
 1239                 if (letoh32(desc->flags) &
 1240                     (RT2560_RX_BUSY | RT2560_RX_CIPHER_BUSY))
 1241                         break;
data->drop = 0;
 1245                 if (letoh32(desc->flags) &
 1246                     (RT2560_RX_PHY_ERROR | RT2560_RX_CRC_ERROR)) {
 1247                         /*
 1248                          * This should not happen since we did not request
 1249                          * to receive those frames when we filled RXCSR0.
 1250                          */
DPRINTFN(5, ("PHY or CRC error flags 0x%08x\n",
letoh32(desc->flags)));
data->drop = 1;
 1254                 }
 1256                 if (((letoh32(desc->flags) >> 16) & 0xfff) > MCLBYTES) {
DPRINTFN(5, ("bad length\n"));
data->drop = 1;
 1259                 }
 1261                 /* mark the frame for decryption */
desc->flags |= htole32(RT2560_RX_CIPHER_BUSY);
bus_dmamap_sync(sc->sc_dmat, sc->rxq.map,
sc->rxq.cur * RT2560_RX_DESC_SIZE, RT2560_RX_DESC_SIZE,
BUS_DMASYNC_PREWRITE);
DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur));
sc->rxq.cur = (sc->rxq.cur + 1) % RT2560_RX_RING_COUNT;
 1271         }
 1273         /* kick decrypt */
RAL_WRITE(sc, RT2560_SECCSR0, RT2560_KICK_DECRYPT);
 1275 }
 1277 /*
 1278  * This function is called in HostAP or IBSS modes when it's time to send a
 1279  * new beacon (every ni_intval milliseconds).
 1280  */
 1281 void
rt2560_beacon_expire(struct rt2560_softc *sc)
 1283 {
 1284         struct ieee80211com *ic = &sc->sc_ic;
 1285         struct rt2560_tx_data *data;
 1287         if (ic->ic_opmode != IEEE80211_M_IBSS &&
ic->ic_opmode != IEEE80211_M_HOSTAP)
 1289                 return;
data = &sc->bcnq.data[sc->bcnq.next];
 1293         if (sc->sc_flags & RT2560_UPDATE_SLOT) {
sc->sc_flags &= ~RT2560_UPDATE_SLOT;
sc->sc_flags |= RT2560_SET_SLOTTIME;
 1296         } else if (sc->sc_flags & RT2560_SET_SLOTTIME) {
sc->sc_flags &= ~RT2560_SET_SLOTTIME;
rt2560_set_slottime(sc);
 1299         }
 1301         if (ic->ic_curmode == IEEE80211_MODE_11G) {
 1302                 /* update ERP Information Element */
 1303                 *sc->erp = ic->ic_bss->ni_erp;
bus_dmamap_sync(sc->sc_dmat, data->map, 0,
data->map->dm_mapsize, BUS_DMASYNC_PREWRITE);
 1306         }
 1308 #if defined(RT2560_DEBUG) && NBPFILTER > 0
 1309         if (ic->ic_rawbpf != NULL)
bpf_mtap(ic->ic_rawbpf, data->m, BPF_DIRECTION_OUT);
 1311 #endif
DPRINTFN(15, ("beacon expired\n"));
 1314 }
 1316 void
rt2560_wakeup_expire(struct rt2560_softc *sc)
 1318 {
DPRINTFN(15, ("wakeup expired\n"));
 1320 }
 1322 int
rt2560_intr(void *arg)
 1324 {
 1325         struct rt2560_softc *sc = arg;
 1326         struct ifnet *ifp = &sc->sc_ic.ic_if;
uint32_t r;
 1329         if ((r = RAL_READ(sc, RT2560_CSR7)) == 0)
 1330                 return 0;       /* not for us */
 1332         /* disable interrupts */
RAL_WRITE(sc, RT2560_CSR8, 0xffffffff);
 1335         /* acknowledge interrupts */
RAL_WRITE(sc, RT2560_CSR7, r);
 1338         /* don't re-enable interrupts if we're shutting down */
 1339         if (!(ifp->if_flags & IFF_RUNNING))
 1340                 return 0;
 1342         if (r & RT2560_BEACON_EXPIRE)
rt2560_beacon_expire(sc);
 1345         if (r & RT2560_WAKEUP_EXPIRE)
rt2560_wakeup_expire(sc);
 1348         if (r & RT2560_ENCRYPTION_DONE)
rt2560_encryption_intr(sc);
 1351         if (r & RT2560_TX_DONE)
rt2560_tx_intr(sc);
 1354         if (r & RT2560_PRIO_DONE)
rt2560_prio_intr(sc);
 1357         if (r & RT2560_DECRYPTION_DONE)
rt2560_decryption_intr(sc);
 1360         if (r & RT2560_RX_DONE)
rt2560_rx_intr(sc);
 1363         /* re-enable interrupts */
RAL_WRITE(sc, RT2560_CSR8, RT2560_INTR_MASK);
 1366         return 1;
 1367 }
 1369 /* quickly determine if a given rate is CCK or OFDM */
 1370 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
 1372 #define RAL_ACK_SIZE    14      /* 10 + 4(FCS) */
 1373 #define RAL_CTS_SIZE    14      /* 10 + 4(FCS) */
 1375 #define RAL_SIFS                10      /* us */
 1377 #define RT2560_RXTX_TURNAROUND  10      /* us */
 1379 /*
 1380  * This function is only used by the Rx radiotap code. It returns the rate at
 1381  * which a given frame was received.
 1382  */
 1383 #if NBPFILTER > 0
uint8_t
rt2560_rxrate(const struct rt2560_rx_desc *desc)
 1386 {
 1387         if (letoh32(desc->flags) & RT2560_RX_OFDM) {
 1388                 /* reverse function of rt2560_plcp_signal */
 1389                 switch (desc->rate) {
 1390                 case 0xb:       return 12;
 1391                 case 0xf:       return 18;
 1392                 case 0xa:       return 24;
 1393                 case 0xe:       return 36;
 1394                 case 0x9:       return 48;
 1395                 case 0xd:       return 72;
 1396                 case 0x8:       return 96;
 1397                 case 0xc:       return 108;
 1398                 }
 1399         } else {
 1400                 if (desc->rate == 10)
 1401                         return 2;
 1402                 if (desc->rate == 20)
 1403                         return 4;
 1404                 if (desc->rate == 55)
 1405                         return 11;
 1406                 if (desc->rate == 110)
 1407                         return 22;
 1408         }
 1409         return 2;       /* should not get there */
 1410 }
 1411 #endif
 1413 /*
 1414  * Return the expected ack rate for a frame transmitted at rate `rate'.
 1415  */
 1416 int
rt2560_ack_rate(struct ieee80211com *ic, int rate)
 1418 {
 1419         switch (rate) {
 1420         /* CCK rates */
 1421         case 2:
 1422                 return 2;
 1423         case 4:
 1424         case 11:
 1425         case 22:
 1426                 return (ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate;
 1428         /* OFDM rates */
 1429         case 12:
 1430         case 18:
 1431                 return 12;
 1432         case 24:
 1433         case 36:
 1434                 return 24;
 1435         case 48:
 1436         case 72:
 1437         case 96:
 1438         case 108:
 1439                 return 48;
 1440         }
 1442         /* default to 1Mbps */
 1443         return 2;
 1444 }
 1446 /*
 1447  * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'.
 1448  * The function automatically determines the operating mode depending on the
 1449  * given rate. `flags' indicates whether short preamble is in use or not.
 1450  */
uint16_t
rt2560_txtime(int len, int rate, uint32_t flags)
 1453 {
uint16_t txtime;
 1456         if (RAL_RATE_IS_OFDM(rate)) {
 1457                 /* IEEE Std 802.11g-2003, pp. 44 */
txtime = (8 + 4 * len + 3 + rate - 1) / rate;
txtime = 16 + 4 + 4 * txtime + 6;
 1460         } else {
 1461                 /* IEEE Std 802.11b-1999, pp. 28 */
txtime = (16 * len + rate - 1) / rate;
 1463                 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE))
txtime +=  72 + 24;
 1465                 else
txtime += 144 + 48;
 1467         }
 1468         return txtime;
 1469 }
uint8_t
rt2560_plcp_signal(int rate)
 1473 {
 1474         switch (rate) {
 1475         /* CCK rates (returned values are device-dependent) */
 1476         case 2:         return 0x0;
 1477         case 4:         return 0x1;
 1478         case 11:        return 0x2;
 1479         case 22:        return 0x3;
 1481         /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
 1482         case 12:        return 0xb;
 1483         case 18:        return 0xf;
 1484         case 24:        return 0xa;
 1485         case 36:        return 0xe;
 1486         case 48:        return 0x9;
 1487         case 72:        return 0xd;
 1488         case 96:        return 0x8;
 1489         case 108:       return 0xc;
 1491         /* unsupported rates (should not get there) */
 1492         default:        return 0xff;
 1493         }
 1494 }
 1496 void
rt2560_setup_tx_desc(struct rt2560_softc *sc, struct rt2560_tx_desc *desc,
uint32_t flags, int len, int rate, int encrypt, bus_addr_t physaddr)
 1499 {
 1500         struct ieee80211com *ic = &sc->sc_ic;
uint16_t plcp_length;
 1502         int remainder;
desc->flags = htole32(flags);
desc->flags |= htole32(len << 16);
desc->flags |= encrypt ? htole32(RT2560_TX_CIPHER_BUSY) :
htole32(RT2560_TX_BUSY | RT2560_TX_VALID);
desc->physaddr = htole32(physaddr);
desc->wme = htole16(
RT2560_AIFSN(2) |
RT2560_LOGCWMIN(3) |
RT2560_LOGCWMAX(8));
 1515         /* setup PLCP fields */
desc->plcp_signal  = rt2560_plcp_signal(rate);
desc->plcp_service = 4;
len += IEEE80211_CRC_LEN;
 1520         if (RAL_RATE_IS_OFDM(rate)) {
desc->flags |= htole32(RT2560_TX_OFDM);
plcp_length = len & 0xfff;
desc->plcp_length_hi = plcp_length >> 6;
desc->plcp_length_lo = plcp_length & 0x3f;
 1526         } else {
plcp_length = (16 * len + rate - 1) / rate;
 1528                 if (rate == 22) {
remainder = (16 * len) % 22;
 1530                         if (remainder != 0 && remainder < 7)
desc->plcp_service |= RT2560_PLCP_LENGEXT;
 1532                 }
desc->plcp_length_hi = plcp_length >> 8;
desc->plcp_length_lo = plcp_length & 0xff;
 1536                 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
desc->plcp_signal |= 0x08;
 1538         }
 1539 }
 1541 int
rt2560_tx_bcn(struct rt2560_softc *sc, struct mbuf *m0,
 1543     struct ieee80211_node *ni)
 1544 {
 1545         struct ieee80211com *ic = &sc->sc_ic;
 1546         struct rt2560_tx_desc *desc;
 1547         struct rt2560_tx_data *data;
 1548         int rate = 2, error;
desc = &sc->bcnq.desc[sc->bcnq.cur];
data = &sc->bcnq.data[sc->bcnq.cur];
error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0,
BUS_DMA_NOWAIT);
 1555         if (error != 0) {
printf("%s: could not map mbuf (error %d)\n",
sc->sc_dev.dv_xname, error);
m_freem(m0);
 1559                 return error;
 1560         }
data->m = m0;
data->ni = ni;
rt2560_setup_tx_desc(sc, desc, RT2560_TX_IFS_NEWBACKOFF |
RT2560_TX_TIMESTAMP, m0->m_pkthdr.len, rate, 0,
data->map->dm_segs->ds_addr);
bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize,
BUS_DMASYNC_PREWRITE);
bus_dmamap_sync(sc->sc_dmat, sc->bcnq.map,
sc->bcnq.cur * RT2560_TX_DESC_SIZE, RT2560_TX_DESC_SIZE,
BUS_DMASYNC_PREWRITE);
 1575         /*
 1576          * Store pointer to ERP Information Element so that we can update it
 1577          * dynamically when the slot time changes.
 1578          * XXX: this is ugly since it depends on how net80211 builds beacon
 1579          * frames but ieee80211_beacon_alloc() don't store offsets for us.
 1580          */
 1581         if (ic->ic_curmode == IEEE80211_MODE_11G) {
sc->erp =
mtod(m0, uint8_t *) +
 1584                     sizeof (struct ieee80211_frame) +
 1585                     8 + 2 + 2 +
 1586                     ((ic->ic_flags & IEEE80211_F_HIDENWID) ?
 1587                         1 : 2 + ni->ni_esslen) +
 1588                     2 + min(ni->ni_rates.rs_nrates, IEEE80211_RATE_SIZE) +
 1589                     2 + 1 +
 1590                     ((ic->ic_opmode == IEEE80211_M_IBSS) ? 4 : 6) +
 1591                     2;
 1592         }
 1594         return 0;
 1595 }
 1597 int
rt2560_tx_mgt(struct rt2560_softc *sc, struct mbuf *m0,
 1599     struct ieee80211_node *ni)
 1600 {
 1601         struct ieee80211com *ic = &sc->sc_ic;
 1602         struct ifnet *ifp = &ic->ic_if;
 1603         struct rt2560_tx_desc *desc;
 1604         struct rt2560_tx_data *data;
 1605         struct ieee80211_frame *wh;
uint16_t dur;
uint32_t flags = 0;
 1608         int rate = 2, error;
desc = &sc->prioq.desc[sc->prioq.cur];
data = &sc->prioq.data[sc->prioq.cur];
wh = mtod(m0, struct ieee80211_frame *);
 1615         if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
m0 = ieee80211_wep_crypt(ifp, m0, 1);
 1617                 if (m0 == NULL)
 1618                         return ENOBUFS;
 1620                 /* packet header may have moved, reset our local pointer */
wh = mtod(m0, struct ieee80211_frame *);
 1622         }
error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0,
BUS_DMA_NOWAIT);
 1626         if (error != 0) {
printf("%s: could not map mbuf (error %d)\n",
sc->sc_dev.dv_xname, error);
m_freem(m0);
 1630                 return error;
 1631         }
 1633 #if NBPFILTER > 0
 1634         if (sc->sc_drvbpf != NULL) {
 1635                 struct mbuf mb;
 1636                 struct rt2560_tx_radiotap_header *tap = &sc->sc_txtap;
tap->wt_flags = 0;
tap->wt_rate = rate;
tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags);
tap->wt_antenna = sc->tx_ant;
mb.m_data = (caddr_t)tap;
mb.m_len = sc->sc_txtap_len;
mb.m_next = m0;
mb.m_nextpkt = NULL;
mb.m_type = 0;
mb.m_flags = 0;
bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT);
 1651         }
 1652 #endif
data->m = m0;
data->ni = ni;
wh = mtod(m0, struct ieee80211_frame *);
 1659         if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
flags |= RT2560_TX_NEED_ACK;
dur = rt2560_txtime(RAL_ACK_SIZE, rate, ic->ic_flags) +
RAL_SIFS;
 1664                 *(uint16_t *)wh->i_dur = htole16(dur);
 1666                 /* tell hardware to set timestamp for probe responses */
 1667                 if ((wh->i_fc[0] &
 1668                     (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
 1669                     (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
flags |= RT2560_TX_TIMESTAMP;
 1671         }
rt2560_setup_tx_desc(sc, desc, flags, m0->m_pkthdr.len, rate, 0,
data->map->dm_segs->ds_addr);
bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize,
BUS_DMASYNC_PREWRITE);
bus_dmamap_sync(sc->sc_dmat, sc->prioq.map,
sc->prioq.cur * RT2560_TX_DESC_SIZE, RT2560_TX_DESC_SIZE,
BUS_DMASYNC_PREWRITE);
DPRINTFN(10, ("sending mgt frame len=%u idx=%u rate=%u\n",
m0->m_pkthdr.len, sc->prioq.cur, rate));
 1685         /* kick prio */
sc->prioq.queued++;
sc->prioq.cur = (sc->prioq.cur + 1) % RT2560_PRIO_RING_COUNT;
RAL_WRITE(sc, RT2560_TXCSR0, RT2560_KICK_PRIO);
 1690         return 0;
 1691 }
 1693 int
rt2560_tx_data(struct rt2560_softc *sc, struct mbuf *m0,
 1695     struct ieee80211_node *ni)
 1696 {
 1697         struct ieee80211com *ic = &sc->sc_ic;
 1698         struct ifnet *ifp = &ic->ic_if;
 1699         struct rt2560_tx_ring *txq = &sc->txq;
 1700         struct rt2560_tx_desc *desc;
 1701         struct rt2560_tx_data *data;
 1702         struct ieee80211_frame *wh;
 1703         struct mbuf *mnew;
uint16_t dur;
uint32_t flags = 0;
 1706         int pktlen, rate, needcts = 0, needrts = 0, error;
wh = mtod(m0, struct ieee80211_frame *);
 1710         if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
m0 = ieee80211_wep_crypt(ifp, m0, 1);
 1712                 if (m0 == NULL)
 1713                         return ENOBUFS;
 1715                 /* packet header may have moved, reset our local pointer */
wh = mtod(m0, struct ieee80211_frame *);
 1717         }
 1719         /* compute actual packet length (including CRC and crypto overhead) */
pktlen = m0->m_pkthdr.len + IEEE80211_CRC_LEN;
 1722         /* pickup a rate */
 1723         if (IEEE80211_IS_MULTICAST(wh->i_addr1) ||
 1724             ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
IEEE80211_FC0_TYPE_MGT)) {
 1726                 /* mgmt/multicast frames are sent at the lowest avail. rate */
rate = ni->ni_rates.rs_rates[0];
 1728         } else if (ic->ic_fixed_rate != -1) {
rate = ic->ic_sup_rates[ic->ic_curmode].
rs_rates[ic->ic_fixed_rate];
 1731         } else
rate = ni->ni_rates.rs_rates[ni->ni_txrate];
 1733         if (rate == 0)
rate = 2;       /* XXX should not happen */
rate &= IEEE80211_RATE_VAL;
 1737         /*
 1738          * Packet Bursting: backoff after ppb=8 frames to give other STAs a
 1739          * chance to contend for the wireless medium.
 1740          */
 1741         if (ic->ic_opmode == IEEE80211_M_STA && (ni->ni_txseq & 7))
flags |= RT2560_TX_IFS_SIFS;
 1744         /* check if RTS/CTS or CTS-to-self protection must be used */
 1745         if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
 1746                 /* multicast frames are not sent at OFDM rates in 802.11b/g */
 1747                 if (pktlen > ic->ic_rtsthreshold) {
needrts = 1;    /* RTS/CTS based on frame length */
 1749                 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) &&
RAL_RATE_IS_OFDM(rate)) {
 1751                         if (ic->ic_protmode == IEEE80211_PROT_CTSONLY)
needcts = 1;    /* CTS-to-self */
 1753                         else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS)
needrts = 1;    /* RTS/CTS */
 1755                 }
 1756         }
 1757         if (needrts || needcts) {
 1758                 struct mbuf *mprot;
 1759                 int protrate, ackrate;
uint16_t dur;
protrate = 2;   /* XXX */
ackrate  = rt2560_ack_rate(ic, rate);
dur = rt2560_txtime(pktlen, rate, ic->ic_flags) +
rt2560_txtime(RAL_ACK_SIZE, ackrate, ic->ic_flags) +
 1767                       2 * RAL_SIFS;
 1768                 if (needrts) {
dur += rt2560_txtime(RAL_CTS_SIZE, rt2560_ack_rate(ic,
protrate), ic->ic_flags) + RAL_SIFS;
mprot = ieee80211_get_rts(ic, wh, dur);
 1772                 } else {
mprot = ieee80211_get_cts_to_self(ic, dur);
 1774                 }
 1775                 if (mprot == NULL) {
printf("%s: could not allocate protection frame\n",
sc->sc_dev.dv_xname);
m_freem(m0);
 1779                         return ENOBUFS;
 1780                 }
desc = &txq->desc[txq->cur_encrypt];
data = &txq->data[txq->cur_encrypt];
error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, mprot,
BUS_DMA_NOWAIT);
 1787                 if (error != 0) {
printf("%s: could not map mbuf (error %d)\n",
sc->sc_dev.dv_xname, error);
m_freem(mprot);
m_freem(m0);
 1792                         return error;
 1793                 }
data->m = mprot;
 1796                 /* avoid multiple free() of the same node for each fragment */
data->ni = ieee80211_ref_node(ni);
 1799                 /* XXX may want to pass the protection frame to BPF */
rt2560_setup_tx_desc(sc, desc,
 1802                     (needrts ? RT2560_TX_NEED_ACK : 0) | RT2560_TX_MORE_FRAG,
mprot->m_pkthdr.len, protrate, 1,
data->map->dm_segs->ds_addr);
bus_dmamap_sync(sc->sc_dmat, data->map, 0,
data->map->dm_mapsize, BUS_DMASYNC_PREWRITE);
bus_dmamap_sync(sc->sc_dmat, txq->map,
txq->cur_encrypt * RT2560_TX_DESC_SIZE,
RT2560_TX_DESC_SIZE, BUS_DMASYNC_PREWRITE);
txq->queued++;
 1813                 if (++txq->cur_encrypt >= txq->count)
txq->cur_encrypt = 0;
flags |= RT2560_TX_LONG_RETRY | RT2560_TX_IFS_SIFS;
 1817         }
data = &txq->data[txq->cur_encrypt];
desc = &txq->desc[txq->cur_encrypt];
error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0,
BUS_DMA_NOWAIT);
 1824         if (error != 0 && error != EFBIG) {
printf("%s: could not map mbuf (error %d)\n",
sc->sc_dev.dv_xname, error);
m_freem(m0);
 1828                 return error;
 1829         }
 1830         if (error != 0) {
 1831                 /* too many fragments, linearize */
MGETHDR(mnew, M_DONTWAIT, MT_DATA);
 1834                 if (mnew == NULL) {
m_freem(m0);
 1836                         return ENOMEM;
 1837                 }
M_DUP_PKTHDR(mnew, m0);
 1839                 if (m0->m_pkthdr.len > MHLEN) {
MCLGET(mnew, M_DONTWAIT);
 1841                         if (!(mnew->m_flags & M_EXT)) {
m_freem(m0);
m_freem(mnew);
 1844                                 return ENOMEM;
 1845                         }
 1846                 }
m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, caddr_t));
m_freem(m0);
mnew->m_len = mnew->m_pkthdr.len;
m0 = mnew;
error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0,
BUS_DMA_NOWAIT);
 1855                 if (error != 0) {
printf("%s: could not map mbuf (error %d)\n",
sc->sc_dev.dv_xname, error);
m_freem(m0);
 1859                         return error;
 1860                 }
 1862                 /* packet header have moved, reset our local pointer */
wh = mtod(m0, struct ieee80211_frame *);
 1864         }
 1866 #if NBPFILTER > 0
 1867         if (sc->sc_drvbpf != NULL) {
 1868                 struct mbuf mb;
 1869                 struct rt2560_tx_radiotap_header *tap = &sc->sc_txtap;
tap->wt_flags = 0;
tap->wt_rate = rate;
tap->wt_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
tap->wt_chan_flags = htole16(ic->ic_ibss_chan->ic_flags);
tap->wt_antenna = sc->tx_ant;
mb.m_data = (caddr_t)tap;
mb.m_len = sc->sc_txtap_len;
mb.m_next = m0;
mb.m_nextpkt = NULL;
mb.m_type = 0;
mb.m_flags = 0;
bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT);
 1884         }
 1885 #endif
data->m = m0;
data->ni = ni;
 1890         if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
flags |= RT2560_TX_NEED_ACK;
dur = rt2560_txtime(RAL_ACK_SIZE, rt2560_ack_rate(ic, rate),
ic->ic_flags) + RAL_SIFS;
 1895                 *(uint16_t *)wh->i_dur = htole16(dur);
 1896         }
rt2560_setup_tx_desc(sc, desc, flags, m0->m_pkthdr.len, rate, 1,
data->map->dm_segs->ds_addr);
bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize,
BUS_DMASYNC_PREWRITE);
bus_dmamap_sync(sc->sc_dmat, txq->map,
txq->cur_encrypt * RT2560_TX_DESC_SIZE, RT2560_TX_DESC_SIZE,
BUS_DMASYNC_PREWRITE);
DPRINTFN(10, ("sending frame len=%u idx=%u rate=%u\n",
m0->m_pkthdr.len, txq->cur_encrypt, rate));
 1910         /* kick encrypt */
txq->queued++;
 1912         if (++txq->cur_encrypt >= txq->count)
txq->cur_encrypt = 0;
RAL_WRITE(sc, RT2560_SECCSR1, RT2560_KICK_ENCRYPT);
 1916         return 0;
 1917 }
 1919 void
rt2560_start(struct ifnet *ifp)
 1921 {
 1922         struct rt2560_softc *sc = ifp->if_softc;
 1923         struct ieee80211com *ic = &sc->sc_ic;
 1924         struct mbuf *m0;
 1925         struct ieee80211_node *ni;
 1927         /*
 1928          * net80211 may still try to send management frames even if the
 1929          * IFF_RUNNING flag is not set...
 1930          */
 1931         if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING)
 1932                 return;
 1934         for (;;) {
IF_POLL(&ic->ic_mgtq, m0);
 1936                 if (m0 != NULL) {
 1937                         if (sc->prioq.queued >= RT2560_PRIO_RING_COUNT) {
ifp->if_flags |= IFF_OACTIVE;
 1939                                 break;
 1940                         }
IF_DEQUEUE(&ic->ic_mgtq, m0);
ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif;
m0->m_pkthdr.rcvif = NULL;
 1945 #if NBPFILTER > 0
 1946                         if (ic->ic_rawbpf != NULL)
bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT);
 1948 #endif
 1949                         if (rt2560_tx_mgt(sc, m0, ni) != 0)
 1950                                 break;
 1952                 } else {
 1953                         if (ic->ic_state != IEEE80211_S_RUN)
 1954                                 break;
IFQ_POLL(&ifp->if_snd, m0);
 1956                         if (m0 == NULL)
 1957                                 break;
 1958                         if (sc->txq.queued >= RT2560_TX_RING_COUNT - 1) {
ifp->if_flags |= IFF_OACTIVE;
 1960                                 break;
 1961                         }
IFQ_DEQUEUE(&ifp->if_snd, m0);
 1963 #if NBPFILTER > 0
 1964                         if (ifp->if_bpf != NULL)
bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT);
 1966 #endif
m0 = ieee80211_encap(ifp, m0, &ni);
 1968                         if (m0 == NULL)
 1969                                 continue;
 1970 #if NBPFILTER > 0
 1971                         if (ic->ic_rawbpf != NULL)
bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT);
 1973 #endif
 1974                         if (rt2560_tx_data(sc, m0, ni) != 0) {
 1975                                 if (ni != NULL)
ieee80211_release_node(ic, ni);
ifp->if_oerrors++;
 1978                                 break;
 1979                         }
 1980                 }
sc->sc_tx_timer = 5;
ifp->if_timer = 1;
 1984         }
 1985 }
 1987 void
rt2560_watchdog(struct ifnet *ifp)
 1989 {
 1990         struct rt2560_softc *sc = ifp->if_softc;
ifp->if_timer = 0;
 1994         if (sc->sc_tx_timer > 0) {
 1995                 if (--sc->sc_tx_timer == 0) {
printf("%s: device timeout\n", sc->sc_dev.dv_xname);
rt2560_init(ifp);
ifp->if_oerrors++;
 1999                         return;
 2000                 }
ifp->if_timer = 1;
 2002         }
ieee80211_watchdog(ifp);
 2005 }
 2007 int
rt2560_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 2009 {
 2010         struct rt2560_softc *sc = ifp->if_softc;
 2011         struct ieee80211com *ic = &sc->sc_ic;
 2012         struct ifaddr *ifa;
 2013         struct ifreq *ifr;
 2014         int s, error = 0;
s = splnet();
 2018         switch (cmd) {
 2019         case SIOCSIFADDR:
ifa = (struct ifaddr *)data;
ifp->if_flags |= IFF_UP;
 2022 #ifdef INET
 2023                 if (ifa->ifa_addr->sa_family == AF_INET)
arp_ifinit(&ic->ic_ac, ifa);
 2025 #endif
 2026                 /* FALLTHROUGH */
 2027         case SIOCSIFFLAGS:
 2028                 if (ifp->if_flags & IFF_UP) {
 2029                         if (ifp->if_flags & IFF_RUNNING)
rt2560_update_promisc(sc);
 2031                         else
rt2560_init(ifp);
 2033                 } else {
 2034                         if (ifp->if_flags & IFF_RUNNING)
rt2560_stop(ifp, 1);
 2036                 }
 2037                 break;
 2039         case SIOCADDMULTI:
 2040         case SIOCDELMULTI:
ifr = (struct ifreq *)data;
error = (cmd == SIOCADDMULTI) ?
ether_addmulti(ifr, &ic->ic_ac) :
ether_delmulti(ifr, &ic->ic_ac);
 2046                 if (error == ENETRESET)
error = 0;
 2048                 break;
 2050         case SIOCS80211CHANNEL:
 2051                 /*
 2052                  * This allows for fast channel switching in monitor mode
 2053                  * (used by kismet). In IBSS mode, we must explicitly reset
 2054                  * the interface to generate a new beacon frame.
 2055                  */
error = ieee80211_ioctl(ifp, cmd, data);
 2057                 if (error == ENETRESET &&
ic->ic_opmode == IEEE80211_M_MONITOR) {
 2059                         if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
 2060                             (IFF_UP | IFF_RUNNING))
rt2560_set_chan(sc, ic->ic_ibss_chan);
error = 0;
 2063                 }
 2064                 break;
 2066         default:
error = ieee80211_ioctl(ifp, cmd, data);
 2068         }
 2070         if (error == ENETRESET) {
 2071                 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
 2072                     (IFF_UP | IFF_RUNNING))
rt2560_init(ifp);
error = 0;
 2075         }
splx(s);
 2079         return error;
 2080 }
 2082 void
rt2560_bbp_write(struct rt2560_softc *sc, uint8_t reg, uint8_t val)
 2084 {
uint32_t tmp;
 2086         int ntries;
 2088         for (ntries = 0; ntries < 100; ntries++) {
 2089                 if (!(RAL_READ(sc, RT2560_BBPCSR) & RT2560_BBP_BUSY))
 2090                         break;
DELAY(1);
 2092         }
 2093         if (ntries == 100) {
printf("%s: could not write to BBP\n", sc->sc_dev.dv_xname);
 2095                 return;
 2096         }
tmp = RT2560_BBP_WRITE | RT2560_BBP_BUSY | reg << 8 | val;
RAL_WRITE(sc, RT2560_BBPCSR, tmp);
DPRINTFN(15, ("BBP R%u <- 0x%02x\n", reg, val));
 2102 }
uint8_t
rt2560_bbp_read(struct rt2560_softc *sc, uint8_t reg)
 2106 {
uint32_t val;
 2108         int ntries;
val = RT2560_BBP_BUSY | reg << 8;
RAL_WRITE(sc, RT2560_BBPCSR, val);
 2113         for (ntries = 0; ntries < 100; ntries++) {
val = RAL_READ(sc, RT2560_BBPCSR);
 2115                 if (!(val & RT2560_BBP_BUSY))
 2116                         return val & 0xff;
DELAY(1);
 2118         }
printf("%s: could not read from BBP\n", sc->sc_dev.dv_xname);
 2121         return 0;
 2122 }
 2124 void
rt2560_rf_write(struct rt2560_softc *sc, uint8_t reg, uint32_t val)
 2126 {
uint32_t tmp;
 2128         int ntries;
 2130         for (ntries = 0; ntries < 100; ntries++) {
 2131                 if (!(RAL_READ(sc, RT2560_RFCSR) & RT2560_RF_BUSY))
 2132                         break;
DELAY(1);
 2134         }
 2135         if (ntries == 100) {
printf("%s: could not write to RF\n", sc->sc_dev.dv_xname);
 2137                 return;
 2138         }
tmp = RT2560_RF_BUSY | RT2560_RF_20BIT | (val & 0xfffff) << 2 |
 2141             (reg & 0x3);
RAL_WRITE(sc, RT2560_RFCSR, tmp);
 2144         /* remember last written value in sc */
sc->rf_regs[reg] = val;
DPRINTFN(15, ("RF R[%u] <- 0x%05x\n", reg & 0x3, val & 0xfffff));
 2148 }
 2150 void
rt2560_set_chan(struct rt2560_softc *sc, struct ieee80211_channel *c)
 2152 {
 2153         struct ieee80211com *ic = &sc->sc_ic;
uint8_t power, tmp;
u_int chan;
chan = ieee80211_chan2ieee(ic, c);
 2158         if (chan == 0 || chan == IEEE80211_CHAN_ANY)
 2159                 return;
power = min(sc->txpow[chan - 1], 31);
DPRINTFN(2, ("setting channel to %u, txpower to %u\n", chan, power));
 2165         switch (sc->rf_rev) {
 2166         case RT2560_RF_2522:
rt2560_rf_write(sc, RT2560_RF1, 0x00814);
rt2560_rf_write(sc, RT2560_RF2, rt2560_rf2522_r2[chan - 1]);
rt2560_rf_write(sc, RT2560_RF3, power << 7 | 0x00040);
 2170                 break;
 2172         case RT2560_RF_2523:
rt2560_rf_write(sc, RT2560_RF1, 0x08804);
rt2560_rf_write(sc, RT2560_RF2, rt2560_rf2523_r2[chan - 1]);
rt2560_rf_write(sc, RT2560_RF3, power << 7 | 0x38044);
rt2560_rf_write(sc, RT2560_RF4,
 2177                     (chan == 14) ? 0x00280 : 0x00286);
 2178                 break;
 2180         case RT2560_RF_2524:
rt2560_rf_write(sc, RT2560_RF1, 0x0c808);
rt2560_rf_write(sc, RT2560_RF2, rt2560_rf2524_r2[chan - 1]);
rt2560_rf_write(sc, RT2560_RF3, power << 7 | 0x00040);
rt2560_rf_write(sc, RT2560_RF4,
 2185                     (chan == 14) ? 0x00280 : 0x00286);
 2186                 break;
 2188         case RT2560_RF_2525:
rt2560_rf_write(sc, RT2560_RF1, 0x08808);
rt2560_rf_write(sc, RT2560_RF2, rt2560_rf2525_hi_r2[chan - 1]);
rt2560_rf_write(sc, RT2560_RF3, power << 7 | 0x18044);
rt2560_rf_write(sc, RT2560_RF4,
 2193                     (chan == 14) ? 0x00280 : 0x00286);
rt2560_rf_write(sc, RT2560_RF1, 0x08808);
rt2560_rf_write(sc, RT2560_RF2, rt2560_rf2525_r2[chan - 1]);
rt2560_rf_write(sc, RT2560_RF3, power << 7 | 0x18044);
rt2560_rf_write(sc, RT2560_RF4,
 2199                     (chan == 14) ? 0x00280 : 0x00286);
 2200                 break;
 2202         case RT2560_RF_2525E:
rt2560_rf_write(sc, RT2560_RF1, 0x08808);
rt2560_rf_write(sc, RT2560_RF2, rt2560_rf2525e_r2[chan - 1]);
rt2560_rf_write(sc, RT2560_RF3, power << 7 | 0x18044);
rt2560_rf_write(sc, RT2560_RF4,
 2207                     (chan == 14) ? 0x00286 : 0x00282);
 2208                 break;
 2210         case RT2560_RF_2526:
rt2560_rf_write(sc, RT2560_RF2, rt2560_rf2526_hi_r2[chan - 1]);
rt2560_rf_write(sc, RT2560_RF4,
 2213                    (chan & 1) ? 0x00386 : 0x00381);
rt2560_rf_write(sc, RT2560_RF1, 0x08804);
rt2560_rf_write(sc, RT2560_RF2, rt2560_rf2526_r2[chan - 1]);
rt2560_rf_write(sc, RT2560_RF3, power << 7 | 0x18044);
rt2560_rf_write(sc, RT2560_RF4,
 2219                     (chan & 1) ? 0x00386 : 0x00381);
 2220                 break;
 2221         }
 2223         if (ic->ic_opmode != IEEE80211_M_MONITOR &&
ic->ic_state != IEEE80211_S_SCAN) {
 2225                 /* set Japan filter bit for channel 14 */
tmp = rt2560_bbp_read(sc, 70);
tmp &= ~RT2560_JAPAN_FILTER;
 2229                 if (chan == 14)
tmp |= RT2560_JAPAN_FILTER;
rt2560_bbp_write(sc, 70, tmp);
DELAY(1000); /* RF needs a 1ms delay here */
rt2560_disable_rf_tune(sc);
 2237                 /* clear CRC errors */
RAL_READ(sc, RT2560_CNT0);
 2239         }
 2240 }
 2242 /*
 2243  * Disable RF auto-tuning.
 2244  */
 2245 void
rt2560_disable_rf_tune(struct rt2560_softc *sc)
 2247 {
uint32_t tmp;
 2250         if (sc->rf_rev != RT2560_RF_2523) {
tmp = sc->rf_regs[RT2560_RF1] & ~RT2560_RF1_AUTOTUNE;
rt2560_rf_write(sc, RT2560_RF1, tmp);
 2253         }
tmp = sc->rf_regs[RT2560_RF3] & ~RT2560_RF3_AUTOTUNE;
rt2560_rf_write(sc, RT2560_RF3, tmp);
DPRINTFN(2, ("disabling RF autotune\n"));
 2259 }
 2261 /*
 2262  * Refer to IEEE Std 802.11-1999 pp. 123 for more information on TSF
 2263  * synchronization.
 2264  */
 2265 void
rt2560_enable_tsf_sync(struct rt2560_softc *sc)
 2267 {
 2268         struct ieee80211com *ic = &sc->sc_ic;
uint16_t logcwmin, preload;
uint32_t tmp;
 2272         /* first, disable TSF synchronization */
RAL_WRITE(sc, RT2560_CSR14, 0);
tmp = 16 * ic->ic_bss->ni_intval;
RAL_WRITE(sc, RT2560_CSR12, tmp);
RAL_WRITE(sc, RT2560_CSR13, 0);
logcwmin = 5;
preload = (ic->ic_opmode == IEEE80211_M_STA) ? 384 : 1024;
tmp = logcwmin << 16 | preload;
RAL_WRITE(sc, RT2560_BCNOCSR, tmp);
 2285         /* finally, enable TSF synchronization */
tmp = RT2560_ENABLE_TSF | RT2560_ENABLE_TBCN;
 2287         if (ic->ic_opmode == IEEE80211_M_STA)
tmp |= RT2560_ENABLE_TSF_SYNC(1);
 2289         else
tmp |= RT2560_ENABLE_TSF_SYNC(2) |
RT2560_ENABLE_BEACON_GENERATOR;
RAL_WRITE(sc, RT2560_CSR14, tmp);
DPRINTF(("enabling TSF synchronization\n"));
 2295 }
 2297 void
rt2560_update_plcp(struct rt2560_softc *sc)
 2299 {
 2300         struct ieee80211com *ic = &sc->sc_ic;
 2302         /* no short preamble for 1Mbps */
RAL_WRITE(sc, RT2560_PLCP1MCSR, 0x00700400);
 2305         if (!(ic->ic_flags & IEEE80211_F_SHPREAMBLE)) {
 2306                 /* values taken from the reference driver */
RAL_WRITE(sc, RT2560_PLCP2MCSR,   0x00380401);
RAL_WRITE(sc, RT2560_PLCP5p5MCSR, 0x00150402);
RAL_WRITE(sc, RT2560_PLCP11MCSR,  0x000b8403);
 2310         } else {
 2311                 /* same values as above or'ed 0x8 */
RAL_WRITE(sc, RT2560_PLCP2MCSR,   0x00380409);
RAL_WRITE(sc, RT2560_PLCP5p5MCSR, 0x0015040a);
RAL_WRITE(sc, RT2560_PLCP11MCSR,  0x000b840b);
 2315         }
DPRINTF(("updating PLCP for %s preamble\n",
 2318             (ic->ic_flags & IEEE80211_F_SHPREAMBLE) ? "short" : "long"));
 2319 }
 2321 void
rt2560_updateslot(struct ieee80211com *ic)
 2323 {
 2324         struct rt2560_softc *sc = ic->ic_if.if_softc;
 2326         if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
 2327                 /*
 2328                  * In HostAP mode, we defer setting of new slot time until
 2329                  * updated ERP Information Element has propagated to all
 2330                  * associated STAs.
 2331                  */
sc->sc_flags |= RT2560_UPDATE_SLOT;
 2333         } else
rt2560_set_slottime(sc);
 2335 }
 2337 /*
 2338  * IEEE 802.11a (and possibly 802.11g) use short slot time. Refer to
 2339  * IEEE Std 802.11-1999 pp. 85 to know how these values are computed.
 2340  */
 2341 void
rt2560_set_slottime(struct rt2560_softc *sc)
 2343 {
 2344         struct ieee80211com *ic = &sc->sc_ic;
uint8_t slottime;
uint16_t sifs, pifs, difs, eifs;
uint32_t tmp;
slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
 2351         /* define the MAC slot boundaries */
sifs = RAL_SIFS - RT2560_RXTX_TURNAROUND;
pifs = sifs + slottime;
difs = sifs + 2 * slottime;
eifs = (ic->ic_curmode == IEEE80211_MODE_11B) ? 364 : 60;
tmp = RAL_READ(sc, RT2560_CSR11);
tmp = (tmp & ~0x1f00) | slottime << 8;
RAL_WRITE(sc, RT2560_CSR11, tmp);
tmp = pifs << 16 | sifs;
RAL_WRITE(sc, RT2560_CSR18, tmp);
tmp = eifs << 16 | difs;
RAL_WRITE(sc, RT2560_CSR19, tmp);
DPRINTF(("setting slottime to %uus\n", slottime));
 2368 }
 2370 void
rt2560_set_basicrates(struct rt2560_softc *sc)
 2372 {
 2373         struct ieee80211com *ic = &sc->sc_ic;
 2375         /* update basic rate set */
 2376         if (ic->ic_curmode == IEEE80211_MODE_11B) {
 2377                 /* 11b basic rates: 1, 2Mbps */
RAL_WRITE(sc, RT2560_ARSP_PLCP_1, 0x3);
 2379         } else {
 2380                 /* 11b/g basic rates: 1, 2, 5.5, 11Mbps */
RAL_WRITE(sc, RT2560_ARSP_PLCP_1, 0xf);
 2382         }
 2383 }
 2385 void
rt2560_update_led(struct rt2560_softc *sc, int led1, int led2)
 2387 {
uint32_t tmp;
 2390         /* set ON period to 70ms and OFF period to 30ms */
tmp = led1 << 16 | led2 << 17 | 70 << 8 | 30;
RAL_WRITE(sc, RT2560_LEDCSR, tmp);
 2393 }
 2395 void
rt2560_set_bssid(struct rt2560_softc *sc, uint8_t *bssid)
 2397 {
uint32_t tmp;
tmp = bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24;
RAL_WRITE(sc, RT2560_CSR5, tmp);
tmp = bssid[4] | bssid[5] << 8;
RAL_WRITE(sc, RT2560_CSR6, tmp);
DPRINTF(("setting BSSID to %s\n", ether_sprintf(bssid)));
 2407 }
 2409 void
rt2560_set_macaddr(struct rt2560_softc *sc, uint8_t *addr)
 2411 {
uint32_t tmp;
tmp = addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24;
RAL_WRITE(sc, RT2560_CSR3, tmp);
tmp = addr[4] | addr[5] << 8;
RAL_WRITE(sc, RT2560_CSR4, tmp);
DPRINTF(("setting MAC address to %s\n", ether_sprintf(addr)));
 2421 }
 2423 void
rt2560_get_macaddr(struct rt2560_softc *sc, uint8_t *addr)
 2425 {
uint32_t tmp;
tmp = RAL_READ(sc, RT2560_CSR3);
addr[0] = tmp & 0xff;
addr[1] = (tmp >>  8) & 0xff;
addr[2] = (tmp >> 16) & 0xff;
addr[3] = (tmp >> 24);
tmp = RAL_READ(sc, RT2560_CSR4);
addr[4] = tmp & 0xff;
addr[5] = (tmp >> 8) & 0xff;
 2437 }
 2439 void
rt2560_update_promisc(struct rt2560_softc *sc)
 2441 {
 2442         struct ifnet *ifp = &sc->sc_ic.ic_if;
uint32_t tmp;
tmp = RAL_READ(sc, RT2560_RXCSR0);
tmp &= ~RT2560_DROP_NOT_TO_ME;
 2448         if (!(ifp->if_flags & IFF_PROMISC))
tmp |= RT2560_DROP_NOT_TO_ME;
RAL_WRITE(sc, RT2560_RXCSR0, tmp);
DPRINTF(("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
 2454             "entering" : "leaving"));
 2455 }
 2457 void
rt2560_set_txantenna(struct rt2560_softc *sc, int antenna)
 2459 {
uint32_t tmp;
uint8_t tx;
tx = rt2560_bbp_read(sc, RT2560_BBP_TX) & ~RT2560_BBP_ANTMASK;
 2464         if (antenna == 1)
tx |= RT2560_BBP_ANTA;
 2466         else if (antenna == 2)
tx |= RT2560_BBP_ANTB;
 2468         else
tx |= RT2560_BBP_DIVERSITY;
 2471         /* need to force I/Q flip for RF 2525e, 2526 and 5222 */
 2472         if (sc->rf_rev == RT2560_RF_2525E || sc->rf_rev == RT2560_RF_2526 ||
sc->rf_rev == RT2560_RF_5222)
tx |= RT2560_BBP_FLIPIQ;
rt2560_bbp_write(sc, RT2560_BBP_TX, tx);
 2478         /* update values for CCK and OFDM in BBPCSR1 */
tmp = RAL_READ(sc, RT2560_BBPCSR1) & ~0x00070007;
tmp |= (tx & 0x7) << 16 | (tx & 0x7);
RAL_WRITE(sc, RT2560_BBPCSR1, tmp);
 2482 }
 2484 void
rt2560_set_rxantenna(struct rt2560_softc *sc, int antenna)
 2486 {
uint8_t rx;
rx = rt2560_bbp_read(sc, RT2560_BBP_RX) & ~RT2560_BBP_ANTMASK;
 2490         if (antenna == 1)
rx |= RT2560_BBP_ANTA;
 2492         else if (antenna == 2)
rx |= RT2560_BBP_ANTB;
 2494         else
rx |= RT2560_BBP_DIVERSITY;
 2497         /* need to force no I/Q flip for RF 2525e and 2526 */
 2498         if (sc->rf_rev == RT2560_RF_2525E || sc->rf_rev == RT2560_RF_2526)
rx &= ~RT2560_BBP_FLIPIQ;
rt2560_bbp_write(sc, RT2560_BBP_RX, rx);
 2502 }
 2504 const char *
rt2560_get_rf(int rev)
 2506 {
 2507         switch (rev) {
 2508         case RT2560_RF_2522:    return "RT2522";
 2509         case RT2560_RF_2523:    return "RT2523";
 2510         case RT2560_RF_2524:    return "RT2524";
 2511         case RT2560_RF_2525:    return "RT2525";
 2512         case RT2560_RF_2525E:   return "RT2525e";
 2513         case RT2560_RF_2526:    return "RT2526";
 2514         case RT2560_RF_5222:    return "RT5222";
 2515         default:                return "unknown";
 2516         }
 2517 }
 2519 void
rt2560_read_eeprom(struct rt2560_softc *sc)
 2521 {
uint16_t val;
 2523         int i;
val = rt2560_eeprom_read(sc, RT2560_EEPROM_CONFIG0);
sc->rf_rev =   (val >> 11) & 0x1f;
sc->hw_radio = (val >> 10) & 0x1;
sc->led_mode = (val >> 6)  & 0x7;
sc->rx_ant =   (val >> 4)  & 0x3;
sc->tx_ant =   (val >> 2)  & 0x3;
sc->nb_ant =   val & 0x3;
 2533         /* read default values for BBP registers */
 2534         for (i = 0; i < 16; i++) {
val = rt2560_eeprom_read(sc, RT2560_EEPROM_BBP_BASE + i);
sc->bbp_prom[i].reg = val >> 8;
sc->bbp_prom[i].val = val & 0xff;
 2538         }
 2540         /* read Tx power for all b/g channels */
 2541         for (i = 0; i < 14 / 2; i++) {
val = rt2560_eeprom_read(sc, RT2560_EEPROM_TXPOWER + i);
sc->txpow[i * 2] = val >> 8;
sc->txpow[i * 2 + 1] = val & 0xff;
 2545         }
 2546 }
 2548 int
rt2560_bbp_init(struct rt2560_softc *sc)
 2550 {
 2551 #define N(a)    (sizeof (a) / sizeof ((a)[0]))
 2552         int i, ntries;
 2554         /* wait for BBP to be ready */
 2555         for (ntries = 0; ntries < 100; ntries++) {
 2556                 if (rt2560_bbp_read(sc, RT2560_BBP_VERSION) != 0)
 2557                         break;
DELAY(1);
 2559         }
 2560         if (ntries == 100) {
printf("%s: timeout waiting for BBP\n", sc->sc_dev.dv_xname);
 2562                 return EIO;
 2563         }
 2565         /* initialize BBP registers to default values */
 2566         for (i = 0; i < N(rt2560_def_bbp); i++) {
rt2560_bbp_write(sc, rt2560_def_bbp[i].reg,
rt2560_def_bbp[i].val);
 2569         }
 2570 #if 0
 2571         /* initialize BBP registers to values stored in EEPROM */
 2572         for (i = 0; i < 16; i++) {
 2573                 if (sc->bbp_prom[i].reg == 0xff)
 2574                         continue;
rt2560_bbp_write(sc, sc->bbp_prom[i].reg, sc->bbp_prom[i].val);
 2576         }
 2577 #endif
 2579         return 0;
 2580 #undef N
 2581 }
 2583 int
rt2560_init(struct ifnet *ifp)
 2585 {
 2586 #define N(a)    (sizeof (a) / sizeof ((a)[0]))
 2587         struct rt2560_softc *sc = ifp->if_softc;
 2588         struct ieee80211com *ic = &sc->sc_ic;
uint32_t tmp;
 2590         int i;
 2592         /* for CardBus, power on the socket */
 2593         if (!(sc->sc_flags & RT2560_ENABLED)) {
 2594                 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) {
printf("%s: could not enable device\n",
sc->sc_dev.dv_xname);
 2597                         return EIO;
 2598                 }
sc->sc_flags |= RT2560_ENABLED;
 2600         }
rt2560_stop(ifp, 0);
 2604         /* setup tx rings */
tmp = RT2560_PRIO_RING_COUNT << 24 |
RT2560_ATIM_RING_COUNT << 16 |
RT2560_TX_RING_COUNT   <<  8 |
RT2560_TX_DESC_SIZE;
 2610         /* rings _must_ be initialized in this _exact_ order! */
RAL_WRITE(sc, RT2560_TXCSR2, tmp);
RAL_WRITE(sc, RT2560_TXCSR3, sc->txq.physaddr);
RAL_WRITE(sc, RT2560_TXCSR5, sc->prioq.physaddr);
RAL_WRITE(sc, RT2560_TXCSR4, sc->atimq.physaddr);
RAL_WRITE(sc, RT2560_TXCSR6, sc->bcnq.physaddr);
 2617         /* setup rx ring */
tmp = RT2560_RX_RING_COUNT << 8 | RT2560_RX_DESC_SIZE;
RAL_WRITE(sc, RT2560_RXCSR1, tmp);
RAL_WRITE(sc, RT2560_RXCSR2, sc->rxq.physaddr);
 2623         /* initialize MAC registers to default values */
 2624         for (i = 0; i < N(rt2560_def_mac); i++)
RAL_WRITE(sc, rt2560_def_mac[i].reg, rt2560_def_mac[i].val);
IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl));
rt2560_set_macaddr(sc, ic->ic_myaddr);
 2630         /* set basic rate set (will be updated later) */
RAL_WRITE(sc, RT2560_ARSP_PLCP_1, 0x153);
rt2560_set_txantenna(sc, 1);
rt2560_set_rxantenna(sc, 1);
rt2560_set_slottime(sc);
rt2560_update_plcp(sc);
rt2560_update_led(sc, 0, 0);
RAL_WRITE(sc, RT2560_CSR1, RT2560_RESET_ASIC);
RAL_WRITE(sc, RT2560_CSR1, RT2560_HOST_READY);
 2642         if (rt2560_bbp_init(sc) != 0) {
rt2560_stop(ifp, 1);
 2644                 return EIO;
 2645         }
 2647         /* set default BSS channel */
ic->ic_bss->ni_chan = ic->ic_ibss_chan;
rt2560_set_chan(sc, ic->ic_bss->ni_chan);
 2651         /* kick Rx */
tmp = RT2560_DROP_PHY_ERROR | RT2560_DROP_CRC_ERROR;
 2653         if (ic->ic_opmode != IEEE80211_M_MONITOR) {
tmp |= RT2560_DROP_CTL | RT2560_DROP_VERSION_ERROR;
 2655                 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
tmp |= RT2560_DROP_TODS;
 2657                 if (!(ifp->if_flags & IFF_PROMISC))
tmp |= RT2560_DROP_NOT_TO_ME;
 2659         }
RAL_WRITE(sc, RT2560_RXCSR0, tmp);
 2662         /* clear old FCS and Rx FIFO errors */
RAL_READ(sc, RT2560_CNT0);
RAL_READ(sc, RT2560_CNT4);
 2666         /* clear any pending interrupts */
RAL_WRITE(sc, RT2560_CSR7, 0xffffffff);
 2669         /* enable interrupts */
RAL_WRITE(sc, RT2560_CSR8, RT2560_INTR_MASK);
ifp->if_flags &= ~IFF_OACTIVE;
ifp->if_flags |= IFF_RUNNING;
 2675         if (ic->ic_opmode == IEEE80211_M_MONITOR)
ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
 2677         else
ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
 2680         return 0;
 2681 #undef N
 2682 }
 2684 void
rt2560_stop(struct ifnet *ifp, int disable)
 2686 {
 2687         struct rt2560_softc *sc = ifp->if_softc;
 2688         struct ieee80211com *ic = &sc->sc_ic;
sc->sc_tx_timer = 0;
ifp->if_timer = 0;
ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE);
ieee80211_new_state(ic, IEEE80211_S_INIT, -1);  /* free all nodes */
 2696         /* abort Tx */
RAL_WRITE(sc, RT2560_TXCSR0, RT2560_ABORT_TX);
 2699         /* disable Rx */
RAL_WRITE(sc, RT2560_RXCSR0, RT2560_DISABLE_RX);
 2702         /* reset ASIC (and thus, BBP) */
RAL_WRITE(sc, RT2560_CSR1, RT2560_RESET_ASIC);
RAL_WRITE(sc, RT2560_CSR1, 0);
 2706         /* disable interrupts */
RAL_WRITE(sc, RT2560_CSR8, 0xffffffff);
 2709         /* clear any pending interrupt */
RAL_WRITE(sc, RT2560_CSR7, 0xffffffff);
 2712         /* reset Tx and Rx rings */
rt2560_reset_tx_ring(sc, &sc->txq);
rt2560_reset_tx_ring(sc, &sc->atimq);
rt2560_reset_tx_ring(sc, &sc->prioq);
rt2560_reset_tx_ring(sc, &sc->bcnq);
rt2560_reset_rx_ring(sc, &sc->rxq);
 2719         /* for CardBus, power down the socket */
 2720         if (disable && sc->sc_disable != NULL) {
 2721                 if (sc->sc_flags & RT2560_ENABLED) {
 2722                         (*sc->sc_disable)(sc);
sc->sc_flags &= ~RT2560_ENABLED;
 2724                 }
 2725         }
 2726 }
 2728 void
rt2560_power(int why, void *arg)
 2730 {
 2731         struct rt2560_softc *sc = arg;
 2732         struct ifnet *ifp = &sc->sc_ic.ic_if;
 2733         int s;
DPRINTF(("%s: rt2560_power(%d)\n", sc->sc_dev.dv_xname, why));
s = splnet();
 2738         switch (why) {
 2739         case PWR_SUSPEND:
 2740         case PWR_STANDBY:
rt2560_stop(ifp, 1);
 2742                 if (sc->sc_power != NULL)
 2743                         (*sc->sc_power)(sc, why);
 2744                 break;
 2745         case PWR_RESUME:
 2746                 if (ifp->if_flags & IFF_UP) {
rt2560_init(ifp);
 2748                         if (sc->sc_power != NULL)
 2749                                 (*sc->sc_power)(sc, why);
 2750                         if (ifp->if_flags & IFF_RUNNING)
rt2560_start(ifp);
 2752                 }
 2753                 break;
 2754         }
splx(s);
 2756 }
 2758 void
rt2560_shutdown(void *arg)
 2760 {
 2761         struct rt2560_softc *sc = arg;
rt2560_stop(&sc->sc_ic.ic_if, 1);
 2764 }
 2766 struct cfdriver ral_cd = {
NULL, "ral", DV_IFNET
 2768 };