1 /*
2 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 /*
7 * Copyright (c) 2005, 2006
8 * Damien Bergamini <damien.bergamini@free.fr>
9 *
10 * Permission to use, copy, modify, and distribute this software for any
11 * purpose with or without fee is hereby granted, provided that the above
12 * copyright notice and this permission notice appear in all copies.
13 *
14 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
15 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
16 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
17 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
18 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21 */
22
23 /*
24 * Ralink Technology RT2500USB chipset driver
25 * http://www.ralinktech.com/
26 */
27 #include <sys/types.h>
28 #include <sys/cmn_err.h>
29 #include <sys/strsubr.h>
30 #include <sys/modctl.h>
31 #include <sys/devops.h>
32 #include <sys/byteorder.h>
33 #include <sys/mac_provider.h>
34 #include <sys/mac_wifi.h>
35 #include <sys/net80211.h>
36
37 #define USBDRV_MAJOR_VER 2
38 #define USBDRV_MINOR_VER 0
39 #include <sys/usb/usba.h>
40 #include <sys/usb/usba/usba_types.h>
41
42 #include "ural_reg.h"
43 #include "ural_var.h"
44
45 static void *ural_soft_state_p = NULL;
46
47 #define RAL_TXBUF_SIZE (IEEE80211_MAX_LEN)
48 #define RAL_RXBUF_SIZE (IEEE80211_MAX_LEN)
49
50 /* quickly determine if a given rate is CCK or OFDM */
51 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
52 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */
53 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */
54 #define RAL_SIFS 10 /* us */
55 #define RAL_RXTX_TURNAROUND 5 /* us */
56
57 #define URAL_N(a) (sizeof (a) / sizeof ((a)[0]))
58
59 /*
60 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
61 */
62 static const struct ieee80211_rateset ural_rateset_11a =
63 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
64
65 static const struct ieee80211_rateset ural_rateset_11b =
66 { 4, { 2, 4, 11, 22 } };
67
68 static const struct ieee80211_rateset ural_rateset_11g =
69 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
70
71 /*
72 * Default values for MAC registers; values taken from the reference driver.
73 */
74 static const struct {
75 uint16_t reg;
76 uint16_t val;
77 } ural_def_mac[] = {
78 { RAL_TXRX_CSR5, 0x8c8d },
79 { RAL_TXRX_CSR6, 0x8b8a },
80 { RAL_TXRX_CSR7, 0x8687 },
81 { RAL_TXRX_CSR8, 0x0085 },
82 { RAL_MAC_CSR13, 0x1111 },
83 { RAL_MAC_CSR14, 0x1e11 },
84 { RAL_TXRX_CSR21, 0xe78f },
85 { RAL_MAC_CSR9, 0xff1d },
86 { RAL_MAC_CSR11, 0x0002 },
87 { RAL_MAC_CSR22, 0x0053 },
88 { RAL_MAC_CSR15, 0x0000 },
89 { RAL_MAC_CSR8, 0x0780 },
90 { RAL_TXRX_CSR19, 0x0000 },
91 { RAL_TXRX_CSR18, 0x005a },
92 { RAL_PHY_CSR2, 0x0000 },
93 { RAL_TXRX_CSR0, 0x1ec0 },
94 { RAL_PHY_CSR4, 0x000f }
95 };
96
97 /*
98 * Default values for BBP registers; values taken from the reference driver.
99 */
100 static const struct {
101 uint8_t reg;
102 uint8_t val;
103 } ural_def_bbp[] = {
104 { 3, 0x02 },
105 { 4, 0x19 },
106 { 14, 0x1c },
107 { 15, 0x30 },
108 { 16, 0xac },
109 { 17, 0x48 },
110 { 18, 0x18 },
111 { 19, 0xff },
112 { 20, 0x1e },
113 { 21, 0x08 },
114 { 22, 0x08 },
115 { 23, 0x08 },
116 { 24, 0x80 },
117 { 25, 0x50 },
118 { 26, 0x08 },
119 { 27, 0x23 },
120 { 30, 0x10 },
121 { 31, 0x2b },
122 { 32, 0xb9 },
123 { 34, 0x12 },
124 { 35, 0x50 },
125 { 39, 0xc4 },
126 { 40, 0x02 },
127 { 41, 0x60 },
128 { 53, 0x10 },
129 { 54, 0x18 },
130 { 56, 0x08 },
131 { 57, 0x10 },
132 { 58, 0x08 },
133 { 61, 0x60 },
134 { 62, 0x10 },
135 { 75, 0xff }
136 };
137
138 /*
139 * Default values for RF register R2 indexed by channel numbers.
140 */
141 static const uint32_t ural_rf2522_r2[] = {
142 0x307f6, 0x307fb, 0x30800, 0x30805, 0x3080a, 0x3080f, 0x30814,
143 0x30819, 0x3081e, 0x30823, 0x30828, 0x3082d, 0x30832, 0x3083e
144 };
145
146 static const uint32_t ural_rf2523_r2[] = {
147 0x00327, 0x00328, 0x00329, 0x0032a, 0x0032b, 0x0032c, 0x0032d,
148 0x0032e, 0x0032f, 0x00340, 0x00341, 0x00342, 0x00343, 0x00346
149 };
150
151 static const uint32_t ural_rf2524_r2[] = {
152 0x00327, 0x00328, 0x00329, 0x0032a, 0x0032b, 0x0032c, 0x0032d,
153 0x0032e, 0x0032f, 0x00340, 0x00341, 0x00342, 0x00343, 0x00346
154 };
155
156 static const uint32_t ural_rf2525_r2[] = {
157 0x20327, 0x20328, 0x20329, 0x2032a, 0x2032b, 0x2032c, 0x2032d,
158 0x2032e, 0x2032f, 0x20340, 0x20341, 0x20342, 0x20343, 0x20346
159 };
160
161 static const uint32_t ural_rf2525_hi_r2[] = {
162 0x2032f, 0x20340, 0x20341, 0x20342, 0x20343, 0x20344, 0x20345,
163 0x20346, 0x20347, 0x20348, 0x20349, 0x2034a, 0x2034b, 0x2034e
164 };
165
166 static const uint32_t ural_rf2525e_r2[] = {
167 0x2044d, 0x2044e, 0x2044f, 0x20460, 0x20461, 0x20462, 0x20463,
168 0x20464, 0x20465, 0x20466, 0x20467, 0x20468, 0x20469, 0x2046b
169 };
170
171 static const uint32_t ural_rf2526_hi_r2[] = {
172 0x0022a, 0x0022b, 0x0022b, 0x0022c, 0x0022c, 0x0022d, 0x0022d,
173 0x0022e, 0x0022e, 0x0022f, 0x0022d, 0x00240, 0x00240, 0x00241
174 };
175
176 static const uint32_t ural_rf2526_r2[] = {
177 0x00226, 0x00227, 0x00227, 0x00228, 0x00228, 0x00229, 0x00229,
178 0x0022a, 0x0022a, 0x0022b, 0x0022b, 0x0022c, 0x0022c, 0x0022d
179 };
180
181 /*
182 * For dual-band RF, RF registers R1 and R4 also depend on channel number;
183 * values taken from the reference driver.
184 */
185 static const struct {
186 uint8_t chan;
187 uint32_t r1;
188 uint32_t r2;
189 uint32_t r4;
190 } ural_rf5222[] = {
191 { 1, 0x08808, 0x0044d, 0x00282 },
192 { 2, 0x08808, 0x0044e, 0x00282 },
193 { 3, 0x08808, 0x0044f, 0x00282 },
194 { 4, 0x08808, 0x00460, 0x00282 },
195 { 5, 0x08808, 0x00461, 0x00282 },
196 { 6, 0x08808, 0x00462, 0x00282 },
197 { 7, 0x08808, 0x00463, 0x00282 },
198 { 8, 0x08808, 0x00464, 0x00282 },
199 { 9, 0x08808, 0x00465, 0x00282 },
200 { 10, 0x08808, 0x00466, 0x00282 },
201 { 11, 0x08808, 0x00467, 0x00282 },
202 { 12, 0x08808, 0x00468, 0x00282 },
203 { 13, 0x08808, 0x00469, 0x00282 },
204 { 14, 0x08808, 0x0046b, 0x00286 },
205
206 { 36, 0x08804, 0x06225, 0x00287 },
207 { 40, 0x08804, 0x06226, 0x00287 },
208 { 44, 0x08804, 0x06227, 0x00287 },
209 { 48, 0x08804, 0x06228, 0x00287 },
210 { 52, 0x08804, 0x06229, 0x00287 },
211 { 56, 0x08804, 0x0622a, 0x00287 },
212 { 60, 0x08804, 0x0622b, 0x00287 },
213 { 64, 0x08804, 0x0622c, 0x00287 },
214
215 { 100, 0x08804, 0x02200, 0x00283 },
216 { 104, 0x08804, 0x02201, 0x00283 },
217 { 108, 0x08804, 0x02202, 0x00283 },
218 { 112, 0x08804, 0x02203, 0x00283 },
219 { 116, 0x08804, 0x02204, 0x00283 },
220 { 120, 0x08804, 0x02205, 0x00283 },
221 { 124, 0x08804, 0x02206, 0x00283 },
222 { 128, 0x08804, 0x02207, 0x00283 },
223 { 132, 0x08804, 0x02208, 0x00283 },
224 { 136, 0x08804, 0x02209, 0x00283 },
225 { 140, 0x08804, 0x0220a, 0x00283 },
226
227 { 149, 0x08808, 0x02429, 0x00281 },
228 { 153, 0x08808, 0x0242b, 0x00281 },
229 { 157, 0x08808, 0x0242d, 0x00281 },
230 { 161, 0x08808, 0x0242f, 0x00281 }
231 };
232
233 /*
234 * device operations
235 */
236 static int ural_attach(dev_info_t *, ddi_attach_cmd_t);
237 static int ural_detach(dev_info_t *, ddi_detach_cmd_t);
238
239 /*
240 * Module Loading Data & Entry Points
241 */
242 DDI_DEFINE_STREAM_OPS(ural_dev_ops, nulldev, nulldev, ural_attach,
243 ural_detach, nodev, NULL, D_MP, NULL, ddi_quiesce_not_needed);
244
245 static struct modldrv ural_modldrv = {
246 &mod_driverops, /* Type of module. This one is a driver */
247 "ural driver v1.4", /* short description */
248 &ural_dev_ops /* driver specific ops */
249 };
250
251 static struct modlinkage modlinkage = {
252 MODREV_1,
253 (void *)&ural_modldrv,
254 NULL
255 };
256
257 static int ural_m_stat(void *, uint_t, uint64_t *);
258 static int ural_m_start(void *);
259 static void ural_m_stop(void *);
260 static int ural_m_promisc(void *, boolean_t);
261 static int ural_m_multicst(void *, boolean_t, const uint8_t *);
262 static int ural_m_unicst(void *, const uint8_t *);
263 static mblk_t *ural_m_tx(void *, mblk_t *);
264 static void ural_m_ioctl(void *, queue_t *, mblk_t *);
265 static int ural_m_setprop(void *, const char *, mac_prop_id_t,
266 uint_t, const void *);
267 static int ural_m_getprop(void *, const char *, mac_prop_id_t,
268 uint_t, void *);
269 static void ural_m_propinfo(void *, const char *, mac_prop_id_t,
270 mac_prop_info_handle_t);
271
272 static mac_callbacks_t ural_m_callbacks = {
273 MC_IOCTL | MC_SETPROP | MC_GETPROP | MC_PROPINFO,
274 ural_m_stat,
275 ural_m_start,
276 ural_m_stop,
277 ural_m_promisc,
278 ural_m_multicst,
279 ural_m_unicst,
280 ural_m_tx,
281 NULL,
282 ural_m_ioctl,
283 NULL, /* mc_getcapab */
284 NULL,
285 NULL,
286 ural_m_setprop,
287 ural_m_getprop,
288 ural_m_propinfo
289 };
290
291 static void ural_amrr_start(struct ural_softc *, struct ieee80211_node *);
292 static int ural_tx_trigger(struct ural_softc *, mblk_t *);
293 static int ural_rx_trigger(struct ural_softc *);
294
295 uint32_t ural_dbg_flags = 0;
296
297 void
298 ral_debug(uint32_t dbg_flags, const int8_t *fmt, ...)
299 {
300 va_list args;
301
302 if (dbg_flags & ural_dbg_flags) {
303 va_start(args, fmt);
304 vcmn_err(CE_CONT, fmt, args);
305 va_end(args);
306 }
307 }
308
309 static uint16_t
310 ural_read(struct ural_softc *sc, uint16_t reg)
311 {
312 usb_ctrl_setup_t req;
313 usb_cr_t cr;
314 usb_cb_flags_t cf;
315 mblk_t *mp;
316 int err;
317 uint16_t val;
318
319 bzero(&req, sizeof (req));
320 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_DEV_TO_HOST;
321 req.bRequest = RAL_READ_MAC;
322 req.wValue = 0;
323 req.wIndex = reg;
324 req.wLength = sizeof (uint16_t);
325
326 mp = NULL;
327 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, &mp,
328 &cr, &cf, 0);
329
330 if (err != USB_SUCCESS) {
331 ral_debug(RAL_DBG_ERR,
332 "ural_read(): could not read MAC register:"
333 " cr:%s(%d), cf:(%x)\n",
334 usb_str_cr(cr), cr, cf);
335 return (0);
336 }
337
338 bcopy(mp->b_rptr, &val, sizeof (uint16_t));
339
340 if (mp)
341 freemsg(mp);
342
343 return (LE_16(val));
344 }
345
346 static void
347 ural_read_multi(struct ural_softc *sc, uint16_t reg, void *buf, int len)
348 {
349 usb_ctrl_setup_t req;
350 usb_cr_t cr;
351 usb_cb_flags_t cf;
352 mblk_t *mp;
353 int err;
354
355 bzero(&req, sizeof (req));
356 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_DEV_TO_HOST;
357 req.bRequest = RAL_READ_MULTI_MAC;
358 req.wValue = 0;
359 req.wIndex = reg;
360 req.wLength = (uint16_t)len;
361 req.attrs = USB_ATTRS_AUTOCLEARING;
362
363 mp = NULL;
364 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, &mp,
365 &cr, &cf, 0);
366
367 if (err != USB_SUCCESS) {
368 ral_debug(RAL_DBG_ERR,
369 "ural_read_multi(): could not read MAC register:"
370 "cr:%s(%d), cf:(%x)\n",
371 usb_str_cr(cr), cr, cf);
372 return;
373 }
374
375 bcopy(mp->b_rptr, buf, len);
376
377 if (mp)
378 freemsg(mp);
379 }
380
381 static void
382 ural_write(struct ural_softc *sc, uint16_t reg, uint16_t val)
383 {
384 usb_ctrl_setup_t req;
385 usb_cr_t cr;
386 usb_cb_flags_t cf;
387 int err;
388
389 bzero(&req, sizeof (req));
390 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_HOST_TO_DEV;
391 req.bRequest = RAL_WRITE_MAC;
392 req.wValue = val;
393 req.wIndex = reg;
394 req.wLength = 0;
395 req.attrs = USB_ATTRS_NONE;
396
397 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, NULL,
398 &cr, &cf, 0);
399
400 if (err != USB_SUCCESS) {
401 ral_debug(RAL_DBG_ERR,
402 "ural_write(): could not write MAC register:"
403 "cr:%s(%d), cf:(%x)\n",
404 usb_str_cr(cr), cr, cf);
405 }
406 }
407
408 /* ARGSUSED */
409 static void
410 ural_txeof(usb_pipe_handle_t pipe, usb_bulk_req_t *req)
411 {
412 struct ural_softc *sc = (struct ural_softc *)req->bulk_client_private;
413 struct ieee80211com *ic = &sc->sc_ic;
414
415 ral_debug(RAL_DBG_TX,
416 "ural_txeof(): cr:%s(%d), flags:0x%x, tx_queued:%d",
417 usb_str_cr(req->bulk_completion_reason),
418 req->bulk_completion_reason,
419 req->bulk_cb_flags,
420 sc->tx_queued);
421
422 if (req->bulk_completion_reason != USB_CR_OK)
423 sc->sc_tx_err++;
424
425 mutex_enter(&sc->tx_lock);
426
427 sc->tx_queued--;
428 sc->sc_tx_timer = 0;
429
430 if (sc->sc_need_sched) {
431 sc->sc_need_sched = 0;
432 mac_tx_update(ic->ic_mach);
433 }
434
435 mutex_exit(&sc->tx_lock);
436 usb_free_bulk_req(req);
437 }
438
439 /* ARGSUSED */
440 static void
441 ural_rxeof(usb_pipe_handle_t pipe, usb_bulk_req_t *req)
442 {
443 struct ural_softc *sc = (struct ural_softc *)req->bulk_client_private;
444 struct ieee80211com *ic = &sc->sc_ic;
445
446 struct ural_rx_desc *desc;
447 struct ieee80211_frame *wh;
448 struct ieee80211_node *ni;
449
450 mblk_t *m, *mp;
451 int len, pktlen;
452 char *rxbuf;
453
454 mp = req->bulk_data;
455 req->bulk_data = NULL;
456
457 ral_debug(RAL_DBG_RX,
458 "ural_rxeof(): cr:%s(%d), flags:0x%x, rx_queued:%d",
459 usb_str_cr(req->bulk_completion_reason),
460 req->bulk_completion_reason,
461 req->bulk_cb_flags,
462 sc->rx_queued);
463
464 if (req->bulk_completion_reason != USB_CR_OK) {
465 sc->sc_rx_err++;
466 goto fail;
467 }
468
469 len = (uintptr_t)mp->b_wptr - (uintptr_t)mp->b_rptr;
470 rxbuf = (char *)mp->b_rptr;
471
472 if (len < RAL_RX_DESC_SIZE + IEEE80211_MIN_LEN) {
473 ral_debug(RAL_DBG_ERR,
474 "ural_rxeof(): xfer too short %d\n", len);
475 sc->sc_rx_err++;
476 goto fail;
477 }
478
479 /* rx descriptor is located at the end */
480 desc = (struct ural_rx_desc *)(rxbuf + len - RAL_RX_DESC_SIZE);
481
482 if ((LE_32(desc->flags) & RAL_RX_PHY_ERROR) ||
483 (LE_32(desc->flags) & RAL_RX_CRC_ERROR)) {
484 /*
485 * This should not happen since we did not request to receive
486 * those frames when we filled RAL_TXRX_CSR2.
487 */
488 ral_debug(RAL_DBG_ERR, "PHY or CRC error\n");
489 sc->sc_rx_err++;
490 goto fail;
491 }
492
493 pktlen = (LE_32(desc->flags) >> 16) & 0xfff;
494
495 if (pktlen > (len - RAL_RX_DESC_SIZE)) {
496 ral_debug(RAL_DBG_ERR,
497 "ural_rxeof(): pktlen mismatch <%d, %d>.\n", pktlen, len);
498 goto fail;
499 }
500
501 /* Strip trailing 802.11 MAC FCS. */
502 pktlen -= IEEE80211_CRC_LEN;
503
504 if ((m = allocb(pktlen, BPRI_MED)) == NULL) {
505 ral_debug(RAL_DBG_ERR,
506 "ural_rxeof(): allocate mblk failed.\n");
507 sc->sc_rx_nobuf++;
508 goto fail;
509 }
510
511 bcopy(rxbuf, m->b_rptr, pktlen);
512 m->b_wptr += pktlen;
513
514 wh = (struct ieee80211_frame *)m->b_rptr;
515 ni = ieee80211_find_rxnode(ic, wh);
516
517 /* send the frame to the 802.11 layer */
518 (void) ieee80211_input(ic, m, ni, desc->rssi, 0);
519
520 /* node is no longer needed */
521 ieee80211_free_node(ni);
522 fail:
523 mutex_enter(&sc->rx_lock);
524 sc->rx_queued--;
525 mutex_exit(&sc->rx_lock);
526
527 freemsg(mp);
528 usb_free_bulk_req(req);
529
530 if (RAL_IS_RUNNING(sc))
531 (void) ural_rx_trigger(sc);
532 }
533
534 /*
535 * Return the expected ack rate for a frame transmitted at rate `rate'.
536 * this should depend on the destination node basic rate set.
537 */
538 static int
539 ural_ack_rate(struct ieee80211com *ic, int rate)
540 {
541 switch (rate) {
542 /* CCK rates */
543 case 2:
544 return (2);
545 case 4:
546 case 11:
547 case 22:
548 return ((ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate);
549
550 /* OFDM rates */
551 case 12:
552 case 18:
553 return (12);
554 case 24:
555 case 36:
556 return (24);
557 case 48:
558 case 72:
559 case 96:
560 case 108:
561 return (48);
562 }
563
564 /* default to 1Mbps */
565 return (2);
566 }
567
568 /*
569 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'.
570 * The function automatically determines the operating mode depending on the
571 * given rate. `flags' indicates whether short preamble is in use or not.
572 */
573 static uint16_t
574 ural_txtime(int len, int rate, uint32_t flags)
575 {
576 uint16_t txtime;
577
578 if (RAL_RATE_IS_OFDM(rate)) {
579 /* IEEE Std 802.11a-1999, pp. 37 */
580 txtime = (8 + 4 * len + 3 + rate - 1) / rate;
581 txtime = 16 + 4 + 4 * txtime + 6;
582 } else {
583 /* IEEE Std 802.11b-1999, pp. 28 */
584 txtime = (16 * len + rate - 1) / rate;
585 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE))
586 txtime += 72 + 24;
587 else
588 txtime += 144 + 48;
589 }
590 return (txtime);
591 }
592
593 static uint8_t
594 ural_plcp_signal(int rate)
595 {
596 switch (rate) {
597 /* CCK rates (returned values are device-dependent) */
598 case 2: return (0x0);
599 case 4: return (0x1);
600 case 11: return (0x2);
601 case 22: return (0x3);
602
603 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
604 case 12: return (0xb);
605 case 18: return (0xf);
606 case 24: return (0xa);
607 case 36: return (0xe);
608 case 48: return (0x9);
609 case 72: return (0xd);
610 case 96: return (0x8);
611 case 108: return (0xc);
612
613 /* unsupported rates (should not get there) */
614 default: return (0xff);
615 }
616 }
617
618 static void
619 ural_setup_tx_desc(struct ural_softc *sc, struct ural_tx_desc *desc,
620 uint32_t flags, int len, int rate)
621 {
622 struct ieee80211com *ic = &sc->sc_ic;
623 uint16_t plcp_length;
624 int remainder;
625
626 desc->flags = LE_32(flags);
627 desc->flags |= LE_32(RAL_TX_NEWSEQ);
628 desc->flags |= LE_32(len << 16);
629
630 desc->wme = LE_16(RAL_AIFSN(2) | RAL_LOGCWMIN(3) | RAL_LOGCWMAX(5));
631 desc->wme |= LE_16(RAL_IVOFFSET(sizeof (struct ieee80211_frame)));
632
633 /* setup PLCP fields */
634 desc->plcp_signal = ural_plcp_signal(rate);
635 desc->plcp_service = 4;
636
637 len += IEEE80211_CRC_LEN;
638 if (RAL_RATE_IS_OFDM(rate)) {
639 desc->flags |= LE_32(RAL_TX_OFDM);
640
641 plcp_length = len & 0xfff;
642 desc->plcp_length_hi = plcp_length >> 6;
643 desc->plcp_length_lo = plcp_length & 0x3f;
644 } else {
645 plcp_length = (16 * len + rate - 1) / rate;
646 if (rate == 22) {
647 remainder = (16 * len) % 22;
648 if (remainder != 0 && remainder < 7)
649 desc->plcp_service |= RAL_PLCP_LENGEXT;
650 }
651 desc->plcp_length_hi = plcp_length >> 8;
652 desc->plcp_length_lo = plcp_length & 0xff;
653
654 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
655 desc->plcp_signal |= 0x08;
656 }
657
658 desc->iv = 0;
659 desc->eiv = 0;
660 }
661
662 #define RAL_TX_TIMEOUT 5
663
664 static int
665 ural_send(ieee80211com_t *ic, mblk_t *mp, uint8_t type)
666 {
667 struct ural_softc *sc = (struct ural_softc *)ic;
668 struct ural_tx_desc *desc;
669
670 struct ieee80211_frame *wh;
671 struct ieee80211_key *k;
672
673 uint16_t dur;
674 uint32_t flags = 0;
675 int rate, err = DDI_SUCCESS;
676
677 struct ieee80211_node *ni = NULL;
678 mblk_t *m, *m0;
679 int off, mblen, pktlen, xferlen;
680
681 /* discard packets while suspending or not inited */
682 if (!RAL_IS_RUNNING(sc)) {
683 freemsg(mp);
684 return (ENXIO);
685 }
686
687 mutex_enter(&sc->tx_lock);
688
689 if (sc->tx_queued > RAL_TX_LIST_COUNT) {
690 ral_debug(RAL_DBG_TX, "ural_send(): "
691 "no TX buffer available!\n");
692 if ((type & IEEE80211_FC0_TYPE_MASK) ==
693 IEEE80211_FC0_TYPE_DATA) {
694 sc->sc_need_sched = 1;
695 }
696 sc->sc_tx_nobuf++;
697 err = ENOMEM;
698 goto fail;
699 }
700
701 m = allocb(RAL_TXBUF_SIZE + RAL_TX_DESC_SIZE, BPRI_MED);
702 if (m == NULL) {
703 ral_debug(RAL_DBG_ERR, "ural_send(): can't alloc mblk.\n");
704 err = DDI_FAILURE;
705 goto fail;
706 }
707
708 m->b_rptr += RAL_TX_DESC_SIZE; /* skip TX descriptor */
709 m->b_wptr += RAL_TX_DESC_SIZE;
710
711 for (off = 0, m0 = mp; m0 != NULL; m0 = m0->b_cont) {
712 mblen = (uintptr_t)m0->b_wptr - (uintptr_t)m0->b_rptr;
713 (void) memcpy(m->b_rptr + off, m0->b_rptr, mblen);
714 off += mblen;
715 }
716 m->b_wptr += off;
717
718 wh = (struct ieee80211_frame *)m->b_rptr;
719
720 ni = ieee80211_find_txnode(ic, wh->i_addr1);
721 if (ni == NULL) {
722 err = DDI_FAILURE;
723 sc->sc_tx_err++;
724 freemsg(m);
725 goto fail;
726 }
727
728 if ((type & IEEE80211_FC0_TYPE_MASK) ==
729 IEEE80211_FC0_TYPE_DATA) {
730 (void) ieee80211_encap(ic, m, ni);
731 }
732
733 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
734 k = ieee80211_crypto_encap(ic, m);
735 if (k == NULL) {
736 sc->sc_tx_err++;
737 freemsg(m);
738 err = DDI_FAILURE;
739 goto fail;
740 }
741 /* packet header may have moved, reset our local pointer */
742 wh = (struct ieee80211_frame *)m->b_rptr;
743 }
744
745 m->b_rptr -= RAL_TX_DESC_SIZE; /* restore */
746 desc = (struct ural_tx_desc *)m->b_rptr;
747
748 if ((type & IEEE80211_FC0_TYPE_MASK) ==
749 IEEE80211_FC0_TYPE_DATA) { /* DATA */
750 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE)
751 rate = ic->ic_bss->in_rates.ir_rates[ic->ic_fixed_rate];
752 else
753 rate = ni->in_rates.ir_rates[ni->in_txrate];
754
755 rate &= IEEE80211_RATE_VAL;
756 if (rate <= 0) {
757 rate = 2; /* basic rate */
758 }
759
760 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
761 flags |= RAL_TX_ACK;
762 flags |= RAL_TX_RETRY(7);
763
764 dur = ural_txtime(RAL_ACK_SIZE, ural_ack_rate(ic, rate),
765 ic->ic_flags) + RAL_SIFS;
766 *(uint16_t *)(uintptr_t)wh->i_dur = LE_16(dur);
767 }
768 } else { /* MGMT */
769 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
770
771 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
772 flags |= RAL_TX_ACK;
773
774 dur = ural_txtime(RAL_ACK_SIZE, rate, ic->ic_flags)
775 + RAL_SIFS;
776 *(uint16_t *)(uintptr_t)wh->i_dur = LE_16(dur);
777
778 /* tell hardware to add timestamp for probe responses */
779 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
780 IEEE80211_FC0_TYPE_MGT &&
781 (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) ==
782 IEEE80211_FC0_SUBTYPE_PROBE_RESP)
783 flags |= RAL_TX_TIMESTAMP;
784 }
785 }
786
787 pktlen = (uintptr_t)m->b_wptr - (uintptr_t)m->b_rptr - RAL_TX_DESC_SIZE;
788 ural_setup_tx_desc(sc, desc, flags, pktlen, rate);
789
790 /* align end on a 2-bytes boundary */
791 xferlen = (RAL_TX_DESC_SIZE + pktlen + 1) & ~1;
792
793 /*
794 * No space left in the last URB to store the extra 2 bytes, force
795 * sending of another URB.
796 */
797 if ((xferlen % 64) == 0)
798 xferlen += 2;
799
800 m->b_wptr = m->b_rptr + xferlen;
801
802 ral_debug(RAL_DBG_TX, "sending data frame len=%u rate=%u xfer len=%u\n",
803 pktlen, rate, xferlen);
804
805 (void) ural_tx_trigger(sc, m);
806
807 ic->ic_stats.is_tx_frags++;
808 ic->ic_stats.is_tx_bytes += pktlen;
809
810 fail:
811 if (ni != NULL)
812 ieee80211_free_node(ni);
813
814 if ((type & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA ||
815 err == 0) {
816 freemsg(mp);
817 }
818
819 mutex_exit(&sc->tx_lock);
820
821 return (err);
822 }
823
824 static mblk_t *
825 ural_m_tx(void *arg, mblk_t *mp)
826 {
827 struct ural_softc *sc = (struct ural_softc *)arg;
828 struct ieee80211com *ic = &sc->sc_ic;
829 mblk_t *next;
830
831 /*
832 * No data frames go out unless we're associated; this
833 * should not happen as the 802.11 layer does not enable
834 * the xmit queue until we enter the RUN state.
835 */
836 if (ic->ic_state != IEEE80211_S_RUN) {
837 ral_debug(RAL_DBG_ERR, "ural_m_tx(): "
838 "discard, state %u\n", ic->ic_state);
839 freemsgchain(mp);
840 return (NULL);
841 }
842
843 while (mp != NULL) {
844 next = mp->b_next;
845 mp->b_next = NULL;
846 if (ural_send(ic, mp, IEEE80211_FC0_TYPE_DATA) != DDI_SUCCESS) {
847 mp->b_next = next;
848 freemsgchain(mp);
849 return (NULL);
850 }
851 mp = next;
852 }
853 return (mp);
854 }
855
856 static void
857 ural_set_testmode(struct ural_softc *sc)
858 {
859 usb_ctrl_setup_t req;
860 usb_cr_t cr;
861 usb_cb_flags_t cf;
862 int err;
863
864 bzero(&req, sizeof (req));
865 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_HOST_TO_DEV;
866 req.bRequest = RAL_VENDOR_REQUEST;
867 req.wValue = 4;
868 req.wIndex = 1;
869 req.wLength = 0;
870 req.attrs = USB_ATTRS_NONE;
871
872 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, NULL,
873 &cr, &cf, 0);
874
875 if (err != USB_SUCCESS) {
876 ral_debug(RAL_DBG_USB,
877 "ural_set_testmode(): could not set test mode:"
878 "cr:%s(%d), cf:%(x)\n",
879 usb_str_cr(cr), cr, cf);
880 }
881 }
882
883 static void
884 ural_eeprom_read(struct ural_softc *sc, uint16_t addr, void *buf, int len)
885 {
886 usb_ctrl_setup_t req;
887 usb_cr_t cr;
888 usb_cb_flags_t cf;
889 mblk_t *mp;
890 int err;
891
892 bzero(&req, sizeof (req));
893 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_DEV_TO_HOST;
894 req.bRequest = RAL_READ_EEPROM;
895 req.wValue = 0;
896 req.wIndex = addr;
897 req.wLength = (uint16_t)len;
898
899 mp = NULL;
900 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, &mp,
901 &cr, &cf, 0);
902
903 if (err != USB_SUCCESS) {
904 ral_debug(RAL_DBG_USB,
905 "ural_eeprom_read(): could not read EEPROM:"
906 "cr:%s(%d), cf:(%x)\n",
907 usb_str_cr(cr), cr, cf);
908 return;
909 }
910
911 bcopy(mp->b_rptr, buf, len);
912
913 if (mp)
914 freemsg(mp);
915 }
916
917 static void
918 ural_bbp_write(struct ural_softc *sc, uint8_t reg, uint8_t val)
919 {
920 uint16_t tmp;
921 int ntries;
922
923 for (ntries = 0; ntries < 5; ntries++) {
924 if (!(ural_read(sc, RAL_PHY_CSR8) & RAL_BBP_BUSY))
925 break;
926 }
927 if (ntries == 5) {
928 ral_debug(RAL_DBG_ERR,
929 "ural_bbp_write(): could not write to BBP\n");
930 return;
931 }
932
933 tmp = reg << 8 | val;
934 ural_write(sc, RAL_PHY_CSR7, tmp);
935 }
936
937 static uint8_t
938 ural_bbp_read(struct ural_softc *sc, uint8_t reg)
939 {
940 uint16_t val;
941 int ntries;
942
943 val = RAL_BBP_WRITE | reg << 8;
944 ural_write(sc, RAL_PHY_CSR7, val);
945
946 for (ntries = 0; ntries < 5; ntries++) {
947 if (!(ural_read(sc, RAL_PHY_CSR8) & RAL_BBP_BUSY))
948 break;
949 }
950 if (ntries == 5) {
951 ral_debug(RAL_DBG_ERR, "ural_bbp_read(): could not read BBP\n");
952 return (0);
953 }
954
955 return (ural_read(sc, RAL_PHY_CSR7) & 0xff);
956 }
957
958 static void
959 ural_rf_write(struct ural_softc *sc, uint8_t reg, uint32_t val)
960 {
961 uint32_t tmp;
962 int ntries;
963
964 for (ntries = 0; ntries < 5; ntries++) {
965 if (!(ural_read(sc, RAL_PHY_CSR10) & RAL_RF_LOBUSY))
966 break;
967 }
968 if (ntries == 5) {
969 ral_debug(RAL_DBG_ERR,
970 "ural_rf_write(): could not write to RF\n");
971 return;
972 }
973
974 tmp = RAL_RF_BUSY | RAL_RF_20BIT | (val & 0xffff) << 2 | (reg & 0x3);
975 ural_write(sc, RAL_PHY_CSR9, tmp & 0xffff);
976 ural_write(sc, RAL_PHY_CSR10, tmp >> 16);
977
978 /* remember last written value in sc */
979 sc->rf_regs[reg] = val;
980
981 ral_debug(RAL_DBG_HW, "RF R[%u] <- 0x%05x\n", reg & 0x3, val & 0xfffff);
982 }
983
984 /*
985 * Disable RF auto-tuning.
986 */
987 static void
988 ural_disable_rf_tune(struct ural_softc *sc)
989 {
990 uint32_t tmp;
991
992 if (sc->rf_rev != RAL_RF_2523) {
993 tmp = sc->rf_regs[RAL_RF1] & ~RAL_RF1_AUTOTUNE;
994 ural_rf_write(sc, RAL_RF1, tmp);
995 }
996
997 tmp = sc->rf_regs[RAL_RF3] & ~RAL_RF3_AUTOTUNE;
998 ural_rf_write(sc, RAL_RF3, tmp);
999
1000 ral_debug(RAL_DBG_HW, "disabling RF autotune\n");
1001 }
1002
1003
1004 static void
1005 ural_set_chan(struct ural_softc *sc, struct ieee80211_channel *c)
1006 {
1007 struct ieee80211com *ic = &sc->sc_ic;
1008 uint8_t power, tmp;
1009 uint_t i, chan;
1010
1011 chan = ieee80211_chan2ieee(ic, c);
1012 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
1013 return;
1014
1015 if (IEEE80211_IS_CHAN_2GHZ(c))
1016 power = min(sc->txpow[chan - 1], 31);
1017 else
1018 power = 31;
1019
1020 /* adjust txpower using ifconfig settings */
1021 power -= (100 - ic->ic_txpowlimit) / 8;
1022
1023 ral_debug(RAL_DBG_HW, "setting channel to %u, txpower to %u\n",
1024 chan, power);
1025
1026 switch (sc->rf_rev) {
1027 case RAL_RF_2522:
1028 ural_rf_write(sc, RAL_RF1, 0x00814);
1029 ural_rf_write(sc, RAL_RF2, ural_rf2522_r2[chan - 1]);
1030 ural_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
1031 break;
1032
1033 case RAL_RF_2523:
1034 ural_rf_write(sc, RAL_RF1, 0x08804);
1035 ural_rf_write(sc, RAL_RF2, ural_rf2523_r2[chan - 1]);
1036 ural_rf_write(sc, RAL_RF3, power << 7 | 0x38044);
1037 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
1038 break;
1039
1040 case RAL_RF_2524:
1041 ural_rf_write(sc, RAL_RF1, 0x0c808);
1042 ural_rf_write(sc, RAL_RF2, ural_rf2524_r2[chan - 1]);
1043 ural_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
1044 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
1045 break;
1046
1047 case RAL_RF_2525:
1048 ural_rf_write(sc, RAL_RF1, 0x08808);
1049 ural_rf_write(sc, RAL_RF2, ural_rf2525_hi_r2[chan - 1]);
1050 ural_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
1051 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
1052
1053 ural_rf_write(sc, RAL_RF1, 0x08808);
1054 ural_rf_write(sc, RAL_RF2, ural_rf2525_r2[chan - 1]);
1055 ural_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
1056 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
1057 break;
1058
1059 case RAL_RF_2525E:
1060 ural_rf_write(sc, RAL_RF1, 0x08808);
1061 ural_rf_write(sc, RAL_RF2, ural_rf2525e_r2[chan - 1]);
1062 ural_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
1063 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00286 : 0x00282);
1064 break;
1065
1066 case RAL_RF_2526:
1067 ural_rf_write(sc, RAL_RF2, ural_rf2526_hi_r2[chan - 1]);
1068 ural_rf_write(sc, RAL_RF4, (chan & 1) ? 0x00386 : 0x00381);
1069 ural_rf_write(sc, RAL_RF1, 0x08804);
1070
1071 ural_rf_write(sc, RAL_RF2, ural_rf2526_r2[chan - 1]);
1072 ural_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
1073 ural_rf_write(sc, RAL_RF4, (chan & 1) ? 0x00386 : 0x00381);
1074 break;
1075
1076 /* dual-band RF */
1077 case RAL_RF_5222:
1078 for (i = 0; ural_rf5222[i].chan != chan; i++) {
1079 if (i > URAL_N(ural_rf5222)) break;
1080 }
1081
1082 ural_rf_write(sc, RAL_RF1, ural_rf5222[i].r1);
1083 ural_rf_write(sc, RAL_RF2, ural_rf5222[i].r2);
1084 ural_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
1085 ural_rf_write(sc, RAL_RF4, ural_rf5222[i].r4);
1086 break;
1087 }
1088
1089 if (ic->ic_opmode != IEEE80211_M_MONITOR &&
1090 ic->ic_state != IEEE80211_S_SCAN) {
1091 /* set Japan filter bit for channel 14 */
1092 tmp = ural_bbp_read(sc, 70);
1093
1094 tmp &= ~RAL_JAPAN_FILTER;
1095 if (chan == 14)
1096 tmp |= RAL_JAPAN_FILTER;
1097
1098 ural_bbp_write(sc, 70, tmp);
1099
1100 /* clear CRC errs */
1101 (void) ural_read(sc, RAL_STA_CSR0);
1102
1103 drv_usecwait(10000);
1104 ural_disable_rf_tune(sc);
1105 }
1106 }
1107
1108 /*
1109 * Refer to IEEE Std 802.11-1999 pp. 123 for more information on TSF
1110 * synchronization.
1111 */
1112 static void
1113 ural_enable_tsf_sync(struct ural_softc *sc)
1114 {
1115 struct ieee80211com *ic = &sc->sc_ic;
1116 uint16_t logcwmin, preload, tmp;
1117
1118 /* first, disable TSF synchronization */
1119 ural_write(sc, RAL_TXRX_CSR19, 0);
1120
1121 tmp = (16 * ic->ic_bss->in_intval) << 4;
1122 ural_write(sc, RAL_TXRX_CSR18, tmp);
1123
1124 logcwmin = (ic->ic_opmode == IEEE80211_M_IBSS) ? 2 : 0;
1125 preload = (ic->ic_opmode == IEEE80211_M_IBSS) ? 320 : 6;
1126 tmp = logcwmin << 12 | preload;
1127 ural_write(sc, RAL_TXRX_CSR20, tmp);
1128
1129 /* finally, enable TSF synchronization */
1130 tmp = RAL_ENABLE_TSF | RAL_ENABLE_TBCN;
1131 if (ic->ic_opmode == IEEE80211_M_STA)
1132 tmp |= RAL_ENABLE_TSF_SYNC(1);
1133 else
1134 tmp |= RAL_ENABLE_TSF_SYNC(2) | RAL_ENABLE_BEACON_GENERATOR;
1135 ural_write(sc, RAL_TXRX_CSR19, tmp);
1136
1137 ral_debug(RAL_DBG_HW, "enabling TSF synchronization\n");
1138 }
1139
1140 /*
1141 * This function can be called by ieee80211_set_shortslottime(). Refer to
1142 * IEEE Std 802.11-1999 pp. 85 to know how these values are computed.
1143 */
1144 /* ARGSUSED */
1145 static void
1146 ural_update_slot(struct ieee80211com *ic, int onoff)
1147 {
1148 struct ural_softc *sc = (struct ural_softc *)ic;
1149 uint16_t slottime, sifs, eifs;
1150
1151 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
1152 /* slottime = (onoff ? 9 : 20); */
1153
1154 /*
1155 * These settings may sound a bit inconsistent but this is what the
1156 * reference driver does.
1157 */
1158 if (ic->ic_curmode == IEEE80211_MODE_11B) {
1159 sifs = 16 - RAL_RXTX_TURNAROUND;
1160 eifs = 364;
1161 } else {
1162 sifs = 10 - RAL_RXTX_TURNAROUND;
1163 eifs = 64;
1164 }
1165
1166 ural_write(sc, RAL_MAC_CSR10, slottime);
1167 ural_write(sc, RAL_MAC_CSR11, sifs);
1168 ural_write(sc, RAL_MAC_CSR12, eifs);
1169 }
1170
1171 static void
1172 ural_set_txpreamble(struct ural_softc *sc)
1173 {
1174 uint16_t tmp;
1175
1176 tmp = ural_read(sc, RAL_TXRX_CSR10);
1177
1178 tmp &= ~RAL_SHORT_PREAMBLE;
1179 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
1180 tmp |= RAL_SHORT_PREAMBLE;
1181
1182 ural_write(sc, RAL_TXRX_CSR10, tmp);
1183 }
1184
1185 static void
1186 ural_set_basicrates(struct ural_softc *sc)
1187 {
1188 struct ieee80211com *ic = &sc->sc_ic;
1189
1190 /* update basic rate set */
1191 if (ic->ic_curmode == IEEE80211_MODE_11B) {
1192 /* 11b basic rates: 1, 2Mbps */
1193 ural_write(sc, RAL_TXRX_CSR11, 0x3);
1194 } else if (IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->in_chan)) {
1195 /* 11a basic rates: 6, 12, 24Mbps */
1196 ural_write(sc, RAL_TXRX_CSR11, 0x150);
1197 } else {
1198 /* 11g basic rates: 1, 2, 5.5, 11, 6, 12, 24Mbps */
1199 ural_write(sc, RAL_TXRX_CSR11, 0x15f);
1200 }
1201 }
1202
1203 static void
1204 ural_set_bssid(struct ural_softc *sc, uint8_t *bssid)
1205 {
1206 uint16_t tmp;
1207
1208 tmp = bssid[0] | bssid[1] << 8;
1209 ural_write(sc, RAL_MAC_CSR5, tmp);
1210
1211 tmp = bssid[2] | bssid[3] << 8;
1212 ural_write(sc, RAL_MAC_CSR6, tmp);
1213
1214 tmp = bssid[4] | bssid[5] << 8;
1215 ural_write(sc, RAL_MAC_CSR7, tmp);
1216
1217 ral_debug(RAL_DBG_HW, "setting BSSID to " MACSTR "\n", MAC2STR(bssid));
1218 }
1219
1220 static void
1221 ural_set_macaddr(struct ural_softc *sc, uint8_t *addr)
1222 {
1223 uint16_t tmp;
1224
1225 tmp = addr[0] | addr[1] << 8;
1226 ural_write(sc, RAL_MAC_CSR2, tmp);
1227
1228 tmp = addr[2] | addr[3] << 8;
1229 ural_write(sc, RAL_MAC_CSR3, tmp);
1230
1231 tmp = addr[4] | addr[5] << 8;
1232 ural_write(sc, RAL_MAC_CSR4, tmp);
1233
1234 ral_debug(RAL_DBG_HW,
1235 "setting MAC address to " MACSTR "\n", MAC2STR(addr));
1236 }
1237
1238 static void
1239 ural_update_promisc(struct ural_softc *sc)
1240 {
1241 uint32_t tmp;
1242
1243 tmp = ural_read(sc, RAL_TXRX_CSR2);
1244
1245 tmp &= ~RAL_DROP_NOT_TO_ME;
1246 if (!(sc->sc_rcr & RAL_RCR_PROMISC))
1247 tmp |= RAL_DROP_NOT_TO_ME;
1248
1249 ural_write(sc, RAL_TXRX_CSR2, tmp);
1250
1251 ral_debug(RAL_DBG_HW, "%s promiscuous mode\n",
1252 (sc->sc_rcr & RAL_RCR_PROMISC) ? "entering" : "leaving");
1253 }
1254
1255 static const char *
1256 ural_get_rf(int rev)
1257 {
1258 switch (rev) {
1259 case RAL_RF_2522: return ("RT2522");
1260 case RAL_RF_2523: return ("RT2523");
1261 case RAL_RF_2524: return ("RT2524");
1262 case RAL_RF_2525: return ("RT2525");
1263 case RAL_RF_2525E: return ("RT2525e");
1264 case RAL_RF_2526: return ("RT2526");
1265 case RAL_RF_5222: return ("RT5222");
1266 default: return ("unknown");
1267 }
1268 }
1269
1270 static void
1271 ural_read_eeprom(struct ural_softc *sc)
1272 {
1273 struct ieee80211com *ic = &sc->sc_ic;
1274 uint16_t val;
1275
1276 ural_eeprom_read(sc, RAL_EEPROM_CONFIG0, &val, 2);
1277 val = LE_16(val);
1278 sc->rf_rev = (val >> 11) & 0x7;
1279 sc->hw_radio = (val >> 10) & 0x1;
1280 sc->led_mode = (val >> 6) & 0x7;
1281 sc->rx_ant = (val >> 4) & 0x3;
1282 sc->tx_ant = (val >> 2) & 0x3;
1283 sc->nb_ant = val & 0x3;
1284
1285 /* read MAC address */
1286 ural_eeprom_read(sc, RAL_EEPROM_ADDRESS, ic->ic_macaddr, 6);
1287
1288 /* read default values for BBP registers */
1289 ural_eeprom_read(sc, RAL_EEPROM_BBP_BASE, sc->bbp_prom, 2 * 16);
1290
1291 /* read Tx power for all b/g channels */
1292 ural_eeprom_read(sc, RAL_EEPROM_TXPOWER, sc->txpow, 14);
1293 }
1294
1295 static int
1296 ural_bbp_init(struct ural_softc *sc)
1297 {
1298 int i, ntries;
1299
1300 /* wait for BBP to be ready */
1301 for (ntries = 0; ntries < 100; ntries++) {
1302 if (ural_bbp_read(sc, RAL_BBP_VERSION) != 0)
1303 break;
1304 drv_usecwait(1000);
1305 }
1306 if (ntries == 100) {
1307 ral_debug(RAL_DBG_ERR, "timeout waiting for BBP\n");
1308 return (EIO);
1309 }
1310
1311 /* initialize BBP registers to default values */
1312 for (i = 0; i < URAL_N(ural_def_bbp); i++)
1313 ural_bbp_write(sc, ural_def_bbp[i].reg, ural_def_bbp[i].val);
1314
1315 return (0);
1316 }
1317
1318 static void
1319 ural_set_txantenna(struct ural_softc *sc, int antenna)
1320 {
1321 uint16_t tmp;
1322 uint8_t tx;
1323
1324 tx = ural_bbp_read(sc, RAL_BBP_TX) & ~RAL_BBP_ANTMASK;
1325 if (antenna == 1)
1326 tx |= RAL_BBP_ANTA;
1327 else if (antenna == 2)
1328 tx |= RAL_BBP_ANTB;
1329 else
1330 tx |= RAL_BBP_DIVERSITY;
1331
1332 /* need to force I/Q flip for RF 2525e, 2526 and 5222 */
1333 if (sc->rf_rev == RAL_RF_2525E || sc->rf_rev == RAL_RF_2526 ||
1334 sc->rf_rev == RAL_RF_5222)
1335 tx |= RAL_BBP_FLIPIQ;
1336
1337 ural_bbp_write(sc, RAL_BBP_TX, tx);
1338
1339 /* update values in PHY_CSR5 and PHY_CSR6 */
1340 tmp = ural_read(sc, RAL_PHY_CSR5) & ~0x7;
1341 ural_write(sc, RAL_PHY_CSR5, tmp | (tx & 0x7));
1342
1343 tmp = ural_read(sc, RAL_PHY_CSR6) & ~0x7;
1344 ural_write(sc, RAL_PHY_CSR6, tmp | (tx & 0x7));
1345 }
1346
1347 static void
1348 ural_set_rxantenna(struct ural_softc *sc, int antenna)
1349 {
1350 uint8_t rx;
1351
1352 rx = ural_bbp_read(sc, RAL_BBP_RX) & ~RAL_BBP_ANTMASK;
1353 if (antenna == 1)
1354 rx |= RAL_BBP_ANTA;
1355 else if (antenna == 2)
1356 rx |= RAL_BBP_ANTB;
1357 else
1358 rx |= RAL_BBP_DIVERSITY;
1359
1360 /* need to force no I/Q flip for RF 2525e and 2526 */
1361 if (sc->rf_rev == RAL_RF_2525E || sc->rf_rev == RAL_RF_2526)
1362 rx &= ~RAL_BBP_FLIPIQ;
1363
1364 ural_bbp_write(sc, RAL_BBP_RX, rx);
1365 }
1366
1367 /*
1368 * This function is called periodically (every 200ms) during scanning to
1369 * switch from one channel to another.
1370 */
1371 static void
1372 ural_next_scan(void *arg)
1373 {
1374 struct ural_softc *sc = arg;
1375 struct ieee80211com *ic = &sc->sc_ic;
1376
1377 if (ic->ic_state == IEEE80211_S_SCAN)
1378 ieee80211_next_scan(ic);
1379 }
1380
1381 static int
1382 ural_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
1383 {
1384 struct ural_softc *sc = (struct ural_softc *)ic;
1385 enum ieee80211_state ostate;
1386 struct ieee80211_node *ni;
1387 int err;
1388
1389 RAL_LOCK(sc);
1390
1391 ostate = ic->ic_state;
1392
1393 if (sc->sc_scan_id != 0) {
1394 (void) untimeout(sc->sc_scan_id);
1395 sc->sc_scan_id = 0;
1396 }
1397
1398 if (sc->sc_amrr_id != 0) {
1399 (void) untimeout(sc->sc_amrr_id);
1400 sc->sc_amrr_id = 0;
1401 }
1402
1403 switch (nstate) {
1404 case IEEE80211_S_INIT:
1405 if (ostate == IEEE80211_S_RUN) {
1406 /* abort TSF synchronization */
1407 ural_write(sc, RAL_TXRX_CSR19, 0);
1408 /* force tx led to stop blinking */
1409 ural_write(sc, RAL_MAC_CSR20, 0);
1410 }
1411 break;
1412
1413 case IEEE80211_S_SCAN:
1414 ural_set_chan(sc, ic->ic_curchan);
1415 sc->sc_scan_id = timeout(ural_next_scan, (void *)sc,
1416 drv_usectohz(sc->dwelltime * 1000));
1417 break;
1418
1419 case IEEE80211_S_AUTH:
1420 ural_set_chan(sc, ic->ic_curchan);
1421 break;
1422
1423 case IEEE80211_S_ASSOC:
1424 ural_set_chan(sc, ic->ic_curchan);
1425 break;
1426
1427 case IEEE80211_S_RUN:
1428 ural_set_chan(sc, ic->ic_curchan);
1429
1430 ni = ic->ic_bss;
1431
1432 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1433 ural_update_slot(ic, 1);
1434 ural_set_txpreamble(sc);
1435 ural_set_basicrates(sc);
1436 ural_set_bssid(sc, ni->in_bssid);
1437 }
1438
1439
1440 /* make tx led blink on tx (controlled by ASIC) */
1441 ural_write(sc, RAL_MAC_CSR20, 1);
1442
1443 if (ic->ic_opmode != IEEE80211_M_MONITOR)
1444 ural_enable_tsf_sync(sc);
1445
1446 /* enable automatic rate adaptation in STA mode */
1447 if (ic->ic_opmode == IEEE80211_M_STA &&
1448 ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE)
1449 ural_amrr_start(sc, ni);
1450
1451 break;
1452 }
1453
1454 RAL_UNLOCK(sc);
1455
1456 err = sc->sc_newstate(ic, nstate, arg);
1457 /*
1458 * Finally, start any timers.
1459 */
1460 if (nstate == IEEE80211_S_RUN)
1461 ieee80211_start_watchdog(ic, 1);
1462
1463 return (err);
1464 }
1465
1466
1467
1468 static void
1469 ural_close_pipes(struct ural_softc *sc)
1470 {
1471 usb_flags_t flags = USB_FLAGS_SLEEP;
1472
1473 if (sc->sc_rx_pipeh != NULL) {
1474 usb_pipe_reset(sc->sc_dev, sc->sc_rx_pipeh, flags, NULL, 0);
1475 usb_pipe_close(sc->sc_dev, sc->sc_rx_pipeh, flags, NULL, 0);
1476 sc->sc_rx_pipeh = NULL;
1477 }
1478
1479 if (sc->sc_tx_pipeh != NULL) {
1480 usb_pipe_reset(sc->sc_dev, sc->sc_tx_pipeh, flags, NULL, 0);
1481 usb_pipe_close(sc->sc_dev, sc->sc_tx_pipeh, flags, NULL, 0);
1482 sc->sc_tx_pipeh = NULL;
1483 }
1484 }
1485
1486 static int
1487 ural_open_pipes(struct ural_softc *sc)
1488 {
1489 usb_ep_data_t *ep_node;
1490 usb_pipe_policy_t policy;
1491 int err;
1492
1493 ep_node = usb_lookup_ep_data(sc->sc_dev, sc->sc_udev, 0, 0, 0,
1494 USB_EP_ATTR_BULK, USB_EP_DIR_OUT);
1495
1496 bzero(&policy, sizeof (usb_pipe_policy_t));
1497 policy.pp_max_async_reqs = RAL_TX_LIST_COUNT;
1498
1499 if ((err = usb_pipe_open(sc->sc_dev,
1500 &ep_node->ep_descr, &policy, USB_FLAGS_SLEEP,
1501 &sc->sc_tx_pipeh)) != USB_SUCCESS) {
1502 ral_debug(RAL_DBG_ERR,
1503 "ural_open_pipes(): %x failed to open tx pipe\n", err);
1504 goto fail;
1505 }
1506
1507 ep_node = usb_lookup_ep_data(sc->sc_dev, sc->sc_udev, 0, 0, 0,
1508 USB_EP_ATTR_BULK, USB_EP_DIR_IN);
1509
1510 bzero(&policy, sizeof (usb_pipe_policy_t));
1511 policy.pp_max_async_reqs = RAL_RX_LIST_COUNT + 32;
1512
1513 if ((err = usb_pipe_open(sc->sc_dev,
1514 &ep_node->ep_descr, &policy, USB_FLAGS_SLEEP,
1515 &sc->sc_rx_pipeh)) != USB_SUCCESS) {
1516 ral_debug(RAL_DBG_ERR,
1517 "ural_open_pipes(): %x failed to open rx pipe\n", err);
1518 goto fail;
1519 }
1520
1521 return (USB_SUCCESS);
1522
1523 fail:
1524 if (sc->sc_rx_pipeh != NULL) {
1525 usb_pipe_close(sc->sc_dev, sc->sc_rx_pipeh,
1526 USB_FLAGS_SLEEP, NULL, 0);
1527 sc->sc_rx_pipeh = NULL;
1528 }
1529
1530 if (sc->sc_tx_pipeh != NULL) {
1531 usb_pipe_close(sc->sc_dev, sc->sc_tx_pipeh,
1532 USB_FLAGS_SLEEP, NULL, 0);
1533 sc->sc_tx_pipeh = NULL;
1534 }
1535
1536 return (USB_FAILURE);
1537 }
1538
1539 static int
1540 ural_tx_trigger(struct ural_softc *sc, mblk_t *mp)
1541 {
1542 usb_bulk_req_t *req;
1543 int err;
1544
1545 sc->sc_tx_timer = RAL_TX_TIMEOUT;
1546
1547 req = usb_alloc_bulk_req(sc->sc_dev, 0, USB_FLAGS_SLEEP);
1548 if (req == NULL) {
1549 ral_debug(RAL_DBG_ERR,
1550 "ural_tx_trigger(): failed to allocate req");
1551 freemsg(mp);
1552 return (-1);
1553 }
1554
1555 req->bulk_len = (uintptr_t)mp->b_wptr - (uintptr_t)mp->b_rptr;
1556 req->bulk_data = mp;
1557 req->bulk_client_private = (usb_opaque_t)sc;
1558 req->bulk_timeout = RAL_TX_TIMEOUT;
1559 req->bulk_attributes = USB_ATTRS_AUTOCLEARING;
1560 req->bulk_cb = ural_txeof;
1561 req->bulk_exc_cb = ural_txeof;
1562 req->bulk_completion_reason = 0;
1563 req->bulk_cb_flags = 0;
1564
1565 if ((err = usb_pipe_bulk_xfer(sc->sc_tx_pipeh, req, 0))
1566 != USB_SUCCESS) {
1567
1568 ral_debug(RAL_DBG_ERR, "ural_tx_trigger(): "
1569 "failed to do tx xfer, %d", err);
1570 usb_free_bulk_req(req);
1571 return (-1);
1572 }
1573
1574 sc->tx_queued++;
1575
1576 return (0);
1577 }
1578
1579 static int
1580 ural_rx_trigger(struct ural_softc *sc)
1581 {
1582 usb_bulk_req_t *req;
1583 int err;
1584
1585 req = usb_alloc_bulk_req(sc->sc_dev, RAL_RXBUF_SIZE, USB_FLAGS_SLEEP);
1586 if (req == NULL) {
1587 ral_debug(RAL_DBG_ERR,
1588 "ural_rx_trigger(): failed to allocate req");
1589 return (-1);
1590 }
1591
1592 req->bulk_len = RAL_RXBUF_SIZE;
1593 req->bulk_client_private = (usb_opaque_t)sc;
1594 req->bulk_timeout = 0;
1595 req->bulk_attributes = USB_ATTRS_SHORT_XFER_OK
1596 | USB_ATTRS_AUTOCLEARING;
1597 req->bulk_cb = ural_rxeof;
1598 req->bulk_exc_cb = ural_rxeof;
1599 req->bulk_completion_reason = 0;
1600 req->bulk_cb_flags = 0;
1601
1602 err = usb_pipe_bulk_xfer(sc->sc_rx_pipeh, req, 0);
1603
1604 if (err != USB_SUCCESS) {
1605 ral_debug(RAL_DBG_ERR, "ural_rx_trigger(): "
1606 "failed to do rx xfer, %d", err);
1607 usb_free_bulk_req(req);
1608
1609 return (-1);
1610 }
1611
1612 mutex_enter(&sc->rx_lock);
1613 sc->rx_queued++;
1614 mutex_exit(&sc->rx_lock);
1615
1616 return (0);
1617 }
1618
1619 static void
1620 ural_init_tx_queue(struct ural_softc *sc)
1621 {
1622 sc->tx_queued = 0;
1623 }
1624
1625 static int
1626 ural_init_rx_queue(struct ural_softc *sc)
1627 {
1628 int i;
1629
1630 sc->rx_queued = 0;
1631
1632 for (i = 0; i < RAL_RX_LIST_COUNT; i++) {
1633 if (ural_rx_trigger(sc) != 0) {
1634 return (USB_FAILURE);
1635 }
1636 }
1637
1638 return (USB_SUCCESS);
1639 }
1640
1641 static void
1642 ural_stop(struct ural_softc *sc)
1643 {
1644 struct ieee80211com *ic = &sc->sc_ic;
1645
1646 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
1647 ieee80211_stop_watchdog(ic); /* stop the watchdog */
1648
1649 RAL_LOCK(sc);
1650
1651 sc->sc_tx_timer = 0;
1652 sc->sc_flags &= ~RAL_FLAG_RUNNING; /* STOP */
1653
1654 /* disable Rx */
1655 ural_write(sc, RAL_TXRX_CSR2, RAL_DISABLE_RX);
1656
1657 /* reset ASIC and BBP (but won't reset MAC registers!) */
1658 ural_write(sc, RAL_MAC_CSR1, RAL_RESET_ASIC | RAL_RESET_BBP);
1659 ural_write(sc, RAL_MAC_CSR1, 0);
1660
1661 ural_close_pipes(sc);
1662
1663 RAL_UNLOCK(sc);
1664 }
1665
1666 static int
1667 ural_init(struct ural_softc *sc)
1668 {
1669 struct ieee80211com *ic = &sc->sc_ic;
1670 uint16_t tmp;
1671 int i, ntries;
1672
1673 ural_set_testmode(sc);
1674 ural_write(sc, 0x308, 0x00f0); /* magic */
1675
1676 ural_stop(sc);
1677
1678 /* initialize MAC registers to default values */
1679 for (i = 0; i < URAL_N(ural_def_mac); i++)
1680 ural_write(sc, ural_def_mac[i].reg, ural_def_mac[i].val);
1681
1682 /* wait for BBP and RF to wake up (this can take a long time!) */
1683 for (ntries = 0; ntries < 100; ntries++) {
1684 tmp = ural_read(sc, RAL_MAC_CSR17);
1685 if ((tmp & (RAL_BBP_AWAKE | RAL_RF_AWAKE)) ==
1686 (RAL_BBP_AWAKE | RAL_RF_AWAKE))
1687 break;
1688 drv_usecwait(1000);
1689 }
1690 if (ntries == 100) {
1691 ral_debug(RAL_DBG_ERR,
1692 "ural_init(): timeout waiting for BBP/RF to wakeup\n");
1693 goto fail;
1694 }
1695
1696 /* we're ready! */
1697 ural_write(sc, RAL_MAC_CSR1, RAL_HOST_READY);
1698
1699 /* set basic rate set (will be updated later) */
1700 ural_write(sc, RAL_TXRX_CSR11, 0x15f);
1701
1702 if (ural_bbp_init(sc) != 0)
1703 goto fail;
1704
1705 /* set default BSS channel */
1706 ural_set_chan(sc, ic->ic_curchan);
1707
1708 /* clear statistic registers (STA_CSR0 to STA_CSR10) */
1709 ural_read_multi(sc, RAL_STA_CSR0, sc->sta, sizeof (sc->sta));
1710
1711 ural_set_txantenna(sc, sc->tx_ant);
1712 ural_set_rxantenna(sc, sc->rx_ant);
1713
1714 ural_set_macaddr(sc, ic->ic_macaddr);
1715
1716 if (ural_open_pipes(sc) != USB_SUCCESS) {
1717 ral_debug(RAL_DBG_ERR, "ural_init(): "
1718 "could not open pipes.\n");
1719 goto fail;
1720 }
1721
1722 ural_init_tx_queue(sc);
1723
1724 if (ural_init_rx_queue(sc) != USB_SUCCESS)
1725 goto fail;
1726
1727 /* kick Rx */
1728 tmp = RAL_DROP_PHY | RAL_DROP_CRC;
1729 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1730 tmp |= RAL_DROP_CTL | RAL_DROP_BAD_VERSION;
1731 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
1732 tmp |= RAL_DROP_TODS;
1733 if (!(sc->sc_rcr & RAL_RCR_PROMISC))
1734 tmp |= RAL_DROP_NOT_TO_ME;
1735 }
1736 ural_write(sc, RAL_TXRX_CSR2, tmp);
1737 sc->sc_flags |= RAL_FLAG_RUNNING; /* RUNNING */
1738
1739 return (DDI_SUCCESS);
1740 fail:
1741 ural_stop(sc);
1742 return (EIO);
1743 }
1744
1745 static int
1746 ural_disconnect(dev_info_t *devinfo)
1747 {
1748 struct ural_softc *sc;
1749 struct ieee80211com *ic;
1750
1751 /*
1752 * We can't call ural_stop() here, since the hardware is removed,
1753 * we can't access the register anymore.
1754 */
1755 sc = ddi_get_soft_state(ural_soft_state_p, ddi_get_instance(devinfo));
1756 ASSERT(sc != NULL);
1757
1758 if (!RAL_IS_RUNNING(sc)) /* different device or not inited */
1759 return (DDI_SUCCESS);
1760
1761 ic = &sc->sc_ic;
1762 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
1763 ieee80211_stop_watchdog(ic); /* stop the watchdog */
1764
1765 RAL_LOCK(sc);
1766
1767 sc->sc_tx_timer = 0;
1768 sc->sc_flags &= ~RAL_FLAG_RUNNING; /* STOP */
1769
1770 ural_close_pipes(sc);
1771
1772 RAL_UNLOCK(sc);
1773
1774 return (DDI_SUCCESS);
1775 }
1776
1777 static int
1778 ural_reconnect(dev_info_t *devinfo)
1779 {
1780 struct ural_softc *sc;
1781 int err;
1782
1783 sc = ddi_get_soft_state(ural_soft_state_p, ddi_get_instance(devinfo));
1784 ASSERT(sc != NULL);
1785
1786 /* check device changes after disconnect */
1787 if (usb_check_same_device(sc->sc_dev, NULL, USB_LOG_L2, -1,
1788 USB_CHK_BASIC | USB_CHK_CFG, NULL) != USB_SUCCESS) {
1789 ral_debug(RAL_DBG_ERR, "different device connected\n");
1790 return (DDI_FAILURE);
1791 }
1792
1793 err = ural_init(sc);
1794
1795 return (err);
1796 }
1797
1798 static void
1799 ural_resume(struct ural_softc *sc)
1800 {
1801 /* check device changes after suspend */
1802 if (usb_check_same_device(sc->sc_dev, NULL, USB_LOG_L2, -1,
1803 USB_CHK_BASIC | USB_CHK_CFG, NULL) != USB_SUCCESS) {
1804 ral_debug(RAL_DBG_ERR, "no or different device connected\n");
1805 return;
1806 }
1807
1808 (void) ural_init(sc);
1809 }
1810
1811 #define URAL_AMRR_MIN_SUCCESS_THRESHOLD 1
1812 #define URAL_AMRR_MAX_SUCCESS_THRESHOLD 10
1813
1814 /*
1815 * Naive implementation of the Adaptive Multi Rate Retry algorithm:
1816 * "IEEE 802.11 Rate Adaptation: A Practical Approach"
1817 * Mathieu Lacage, Hossein Manshaei, Thierry Turletti
1818 * INRIA Sophia - Projet Planete
1819 * http://www-sop.inria.fr/rapports/sophia/RR-5208.html
1820 *
1821 * This algorithm is particularly well suited for ural since it does not
1822 * require per-frame retry statistics. Note however that since h/w does
1823 * not provide per-frame stats, we can't do per-node rate adaptation and
1824 * thus automatic rate adaptation is only enabled in STA operating mode.
1825 */
1826 #define is_success(amrr) \
1827 ((amrr)->retrycnt < (amrr)->txcnt / 10)
1828 #define is_failure(amrr) \
1829 ((amrr)->retrycnt > (amrr)->txcnt / 3)
1830 #define is_enough(amrr) \
1831 ((amrr)->txcnt > 10)
1832 #define is_min_rate(ni) \
1833 ((ni)->in_txrate == 0)
1834 #define is_max_rate(ni) \
1835 ((ni)->in_txrate == (ni)->in_rates.ir_nrates - 1)
1836 #define increase_rate(ni) \
1837 ((ni)->in_txrate++)
1838 #define decrease_rate(ni) \
1839 ((ni)->in_txrate--)
1840 #define reset_cnt(amrr) do { \
1841 (amrr)->txcnt = (amrr)->retrycnt = 0; \
1842 _NOTE(CONSTCOND) \
1843 } while (/* CONSTCOND */0)
1844
1845 static void
1846 ural_ratectl(struct ural_amrr *amrr, struct ieee80211_node *ni)
1847 {
1848 int need_change = 0;
1849
1850 if (is_success(amrr) && is_enough(amrr)) {
1851 amrr->success++;
1852 if (amrr->success >= amrr->success_threshold &&
1853 !is_max_rate(ni)) {
1854 amrr->recovery = 1;
1855 amrr->success = 0;
1856 increase_rate(ni);
1857 need_change = 1;
1858 } else {
1859 amrr->recovery = 0;
1860 }
1861 } else if (is_failure(amrr)) {
1862 amrr->success = 0;
1863 if (!is_min_rate(ni)) {
1864 if (amrr->recovery) {
1865 amrr->success_threshold *= 2;
1866 if (amrr->success_threshold >
1867 URAL_AMRR_MAX_SUCCESS_THRESHOLD)
1868 amrr->success_threshold =
1869 URAL_AMRR_MAX_SUCCESS_THRESHOLD;
1870 } else {
1871 amrr->success_threshold =
1872 URAL_AMRR_MIN_SUCCESS_THRESHOLD;
1873 }
1874 decrease_rate(ni);
1875 need_change = 1;
1876 }
1877 amrr->recovery = 0; /* original paper was incorrect */
1878 }
1879
1880 if (is_enough(amrr) || need_change)
1881 reset_cnt(amrr);
1882 }
1883
1884 static void
1885 ural_amrr_timeout(void *arg)
1886 {
1887 struct ural_softc *sc = (struct ural_softc *)arg;
1888 struct ural_amrr *amrr = &sc->amrr;
1889
1890 ural_read_multi(sc, RAL_STA_CSR0, sc->sta, sizeof (sc->sta));
1891
1892 /* count TX retry-fail as Tx errors */
1893 sc->sc_tx_err += sc->sta[9];
1894 sc->sc_tx_retries += (sc->sta[7] + sc->sta[8]);
1895
1896 amrr->retrycnt =
1897 sc->sta[7] + /* TX one-retry ok count */
1898 sc->sta[8] + /* TX more-retry ok count */
1899 sc->sta[9]; /* TX retry-fail count */
1900
1901 amrr->txcnt =
1902 amrr->retrycnt +
1903 sc->sta[6]; /* TX no-retry ok count */
1904
1905 ural_ratectl(amrr, sc->sc_ic.ic_bss);
1906
1907 sc->sc_amrr_id = timeout(ural_amrr_timeout, (void *)sc,
1908 drv_usectohz(1000 * 1000)); /* 1 second */
1909 }
1910
1911
1912 static void
1913 ural_amrr_start(struct ural_softc *sc, struct ieee80211_node *ni)
1914 {
1915 struct ural_amrr *amrr = &sc->amrr;
1916 int i;
1917
1918 /* clear statistic registers (STA_CSR0 to STA_CSR10) */
1919 ural_read_multi(sc, RAL_STA_CSR0, sc->sta, sizeof (sc->sta));
1920
1921 amrr->success = 0;
1922 amrr->recovery = 0;
1923 amrr->txcnt = amrr->retrycnt = 0;
1924 amrr->success_threshold = URAL_AMRR_MIN_SUCCESS_THRESHOLD;
1925
1926 /* set rate to some reasonable initial value */
1927 for (i = ni->in_rates.ir_nrates - 1;
1928 i > 0 && (ni->in_rates.ir_rates[i] & IEEE80211_RATE_VAL) > 72;
1929 i--) {
1930 }
1931
1932 ni->in_txrate = i;
1933
1934 sc->sc_amrr_id = timeout(ural_amrr_timeout, (void *)sc,
1935 drv_usectohz(1000 * 1000)); /* 1 second */
1936 }
1937
1938 void
1939 ural_watchdog(void *arg)
1940 {
1941 struct ural_softc *sc = arg;
1942 struct ieee80211com *ic = &sc->sc_ic;
1943 int ntimer = 0;
1944
1945 RAL_LOCK(sc);
1946 ic->ic_watchdog_timer = 0;
1947
1948 if (!RAL_IS_RUNNING(sc)) {
1949 RAL_UNLOCK(sc);
1950 return;
1951 }
1952
1953 if (sc->sc_tx_timer > 0) {
1954 if (--sc->sc_tx_timer == 0) {
1955 ral_debug(RAL_DBG_ERR, "tx timer timeout\n");
1956 RAL_UNLOCK(sc);
1957 (void) ural_init(sc);
1958 (void) ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
1959 return;
1960 }
1961 }
1962
1963 if (ic->ic_state == IEEE80211_S_RUN)
1964 ntimer = 1;
1965
1966 RAL_UNLOCK(sc);
1967
1968 ieee80211_watchdog(ic);
1969
1970 if (ntimer)
1971 ieee80211_start_watchdog(ic, ntimer);
1972 }
1973
1974 static int
1975 ural_m_start(void *arg)
1976 {
1977 struct ural_softc *sc = (struct ural_softc *)arg;
1978 int err;
1979
1980 /*
1981 * initialize RT2500USB hardware
1982 */
1983 err = ural_init(sc);
1984 if (err != DDI_SUCCESS) {
1985 ral_debug(RAL_DBG_ERR, "device configuration failed\n");
1986 goto fail;
1987 }
1988 sc->sc_flags |= RAL_FLAG_RUNNING; /* RUNNING */
1989 return (err);
1990
1991 fail:
1992 ural_stop(sc);
1993 return (err);
1994 }
1995
1996 static void
1997 ural_m_stop(void *arg)
1998 {
1999 struct ural_softc *sc = (struct ural_softc *)arg;
2000
2001 (void) ural_stop(sc);
2002 sc->sc_flags &= ~RAL_FLAG_RUNNING; /* STOP */
2003 }
2004
2005 static int
2006 ural_m_unicst(void *arg, const uint8_t *macaddr)
2007 {
2008 struct ural_softc *sc = (struct ural_softc *)arg;
2009 struct ieee80211com *ic = &sc->sc_ic;
2010
2011 ral_debug(RAL_DBG_MSG, "ural_m_unicst(): " MACSTR "\n",
2012 MAC2STR(macaddr));
2013
2014 IEEE80211_ADDR_COPY(ic->ic_macaddr, macaddr);
2015 (void) ural_set_macaddr(sc, (uint8_t *)macaddr);
2016 (void) ural_init(sc);
2017
2018 return (0);
2019 }
2020
2021 /*ARGSUSED*/
2022 static int
2023 ural_m_multicst(void *arg, boolean_t add, const uint8_t *mca)
2024 {
2025 return (0);
2026 }
2027
2028 static int
2029 ural_m_promisc(void *arg, boolean_t on)
2030 {
2031 struct ural_softc *sc = (struct ural_softc *)arg;
2032
2033 if (on) {
2034 sc->sc_rcr |= RAL_RCR_PROMISC;
2035 sc->sc_rcr |= RAL_RCR_MULTI;
2036 } else {
2037 sc->sc_rcr &= ~RAL_RCR_PROMISC;
2038 sc->sc_rcr &= ~RAL_RCR_PROMISC;
2039 }
2040
2041 ural_update_promisc(sc);
2042 return (0);
2043 }
2044
2045 /*
2046 * callback functions for /get/set properties
2047 */
2048 static int
2049 ural_m_setprop(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
2050 uint_t wldp_length, const void *wldp_buf)
2051 {
2052 struct ural_softc *sc = (struct ural_softc *)arg;
2053 struct ieee80211com *ic = &sc->sc_ic;
2054 int err;
2055
2056 err = ieee80211_setprop(ic, pr_name, wldp_pr_num,
2057 wldp_length, wldp_buf);
2058 RAL_LOCK(sc);
2059 if (err == ENETRESET) {
2060 if (RAL_IS_RUNNING(sc)) {
2061 RAL_UNLOCK(sc);
2062 (void) ural_init(sc);
2063 (void) ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2064 RAL_LOCK(sc);
2065 }
2066 err = 0;
2067 }
2068 RAL_UNLOCK(sc);
2069
2070 return (err);
2071 }
2072
2073 static int
2074 ural_m_getprop(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
2075 uint_t wldp_length, void *wldp_buf)
2076 {
2077 struct ural_softc *sc = (struct ural_softc *)arg;
2078 int err;
2079
2080 err = ieee80211_getprop(&sc->sc_ic, pr_name, wldp_pr_num,
2081 wldp_length, wldp_buf);
2082
2083 return (err);
2084 }
2085
2086 static void
2087 ural_m_propinfo(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
2088 mac_prop_info_handle_t mph)
2089 {
2090 struct ural_softc *sc = (struct ural_softc *)arg;
2091
2092 ieee80211_propinfo(&sc->sc_ic, pr_name, wldp_pr_num, mph);
2093 }
2094
2095 static void
2096 ural_m_ioctl(void* arg, queue_t *wq, mblk_t *mp)
2097 {
2098 struct ural_softc *sc = (struct ural_softc *)arg;
2099 struct ieee80211com *ic = &sc->sc_ic;
2100 int err;
2101
2102 err = ieee80211_ioctl(ic, wq, mp);
2103 RAL_LOCK(sc);
2104 if (err == ENETRESET) {
2105 if (RAL_IS_RUNNING(sc)) {
2106 RAL_UNLOCK(sc);
2107 (void) ural_init(sc);
2108 (void) ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2109 RAL_LOCK(sc);
2110 }
2111 }
2112 RAL_UNLOCK(sc);
2113 }
2114
2115 static int
2116 ural_m_stat(void *arg, uint_t stat, uint64_t *val)
2117 {
2118 struct ural_softc *sc = (struct ural_softc *)arg;
2119 ieee80211com_t *ic = &sc->sc_ic;
2120 ieee80211_node_t *ni = ic->ic_bss;
2121 struct ieee80211_rateset *rs = &ni->in_rates;
2122
2123 RAL_LOCK(sc);
2124 switch (stat) {
2125 case MAC_STAT_IFSPEED:
2126 *val = ((ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) ?
2127 (rs->ir_rates[ni->in_txrate] & IEEE80211_RATE_VAL)
2128 : ic->ic_fixed_rate) / 2 * 1000000;
2129 break;
2130 case MAC_STAT_NOXMTBUF:
2131 *val = sc->sc_tx_nobuf;
2132 break;
2133 case MAC_STAT_NORCVBUF:
2134 *val = sc->sc_rx_nobuf;
2135 break;
2136 case MAC_STAT_IERRORS:
2137 *val = sc->sc_rx_err;
2138 break;
2139 case MAC_STAT_RBYTES:
2140 *val = ic->ic_stats.is_rx_bytes;
2141 break;
2142 case MAC_STAT_IPACKETS:
2143 *val = ic->ic_stats.is_rx_frags;
2144 break;
2145 case MAC_STAT_OBYTES:
2146 *val = ic->ic_stats.is_tx_bytes;
2147 break;
2148 case MAC_STAT_OPACKETS:
2149 *val = ic->ic_stats.is_tx_frags;
2150 break;
2151 case MAC_STAT_OERRORS:
2152 case WIFI_STAT_TX_FAILED:
2153 *val = sc->sc_tx_err;
2154 break;
2155 case WIFI_STAT_TX_RETRANS:
2156 *val = sc->sc_tx_retries;
2157 break;
2158 case WIFI_STAT_FCS_ERRORS:
2159 case WIFI_STAT_WEP_ERRORS:
2160 case WIFI_STAT_TX_FRAGS:
2161 case WIFI_STAT_MCAST_TX:
2162 case WIFI_STAT_RTS_SUCCESS:
2163 case WIFI_STAT_RTS_FAILURE:
2164 case WIFI_STAT_ACK_FAILURE:
2165 case WIFI_STAT_RX_FRAGS:
2166 case WIFI_STAT_MCAST_RX:
2167 case WIFI_STAT_RX_DUPS:
2168 RAL_UNLOCK(sc);
2169 return (ieee80211_stat(ic, stat, val));
2170 default:
2171 RAL_UNLOCK(sc);
2172 return (ENOTSUP);
2173 }
2174 RAL_UNLOCK(sc);
2175
2176 return (0);
2177 }
2178
2179
2180 static int
2181 ural_attach(dev_info_t *devinfo, ddi_attach_cmd_t cmd)
2182 {
2183 struct ural_softc *sc;
2184 struct ieee80211com *ic;
2185 int err, i;
2186 int instance;
2187
2188 char strbuf[32];
2189
2190 wifi_data_t wd = { 0 };
2191 mac_register_t *macp;
2192
2193 switch (cmd) {
2194 case DDI_ATTACH:
2195 break;
2196 case DDI_RESUME:
2197 sc = ddi_get_soft_state(ural_soft_state_p,
2198 ddi_get_instance(devinfo));
2199 ASSERT(sc != NULL);
2200 ural_resume(sc);
2201 return (DDI_SUCCESS);
2202 default:
2203 return (DDI_FAILURE);
2204 }
2205
2206 instance = ddi_get_instance(devinfo);
2207
2208 if (ddi_soft_state_zalloc(ural_soft_state_p, instance) != DDI_SUCCESS) {
2209 ral_debug(RAL_DBG_MSG, "ural_attach(): "
2210 "unable to alloc soft_state_p\n");
2211 return (DDI_FAILURE);
2212 }
2213
2214 sc = ddi_get_soft_state(ural_soft_state_p, instance);
2215 ic = (ieee80211com_t *)&sc->sc_ic;
2216 sc->sc_dev = devinfo;
2217
2218 if (usb_client_attach(devinfo, USBDRV_VERSION, 0) != USB_SUCCESS) {
2219 ral_debug(RAL_DBG_ERR,
2220 "ural_attach(): usb_client_attach failed\n");
2221 goto fail1;
2222 }
2223
2224 if (usb_get_dev_data(devinfo, &sc->sc_udev,
2225 USB_PARSE_LVL_ALL, 0) != USB_SUCCESS) {
2226 sc->sc_udev = NULL;
2227 goto fail2;
2228 }
2229
2230 mutex_init(&sc->sc_genlock, NULL, MUTEX_DRIVER, NULL);
2231 mutex_init(&sc->tx_lock, NULL, MUTEX_DRIVER, NULL);
2232 mutex_init(&sc->rx_lock, NULL, MUTEX_DRIVER, NULL);
2233
2234 /* retrieve RT2570 rev. no */
2235 sc->asic_rev = ural_read(sc, RAL_MAC_CSR0);
2236
2237 /* retrieve MAC address and various other things from EEPROM */
2238 ural_read_eeprom(sc);
2239
2240 ral_debug(RAL_DBG_MSG, "ural: MAC/BBP RT2570 (rev 0x%02x), RF %s\n",
2241 sc->asic_rev, ural_get_rf(sc->rf_rev));
2242
2243 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
2244 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
2245 ic->ic_state = IEEE80211_S_INIT;
2246
2247 ic->ic_maxrssi = 63;
2248 ic->ic_set_shortslot = ural_update_slot;
2249 ic->ic_xmit = ural_send;
2250
2251 /* set device capabilities */
2252 ic->ic_caps =
2253 IEEE80211_C_TXPMGT | /* tx power management */
2254 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
2255 IEEE80211_C_SHSLOT; /* short slot time supported */
2256
2257 ic->ic_caps |= IEEE80211_C_WPA; /* Support WPA/WPA2 */
2258
2259 #define IEEE80211_CHAN_A \
2260 (IEEE80211_CHAN_5GHZ | IEEE80211_CHAN_OFDM)
2261
2262 if (sc->rf_rev == RAL_RF_5222) {
2263 /* set supported .11a rates */
2264 ic->ic_sup_rates[IEEE80211_MODE_11A] = ural_rateset_11a;
2265
2266 /* set supported .11a channels */
2267 for (i = 36; i <= 64; i += 4) {
2268 ic->ic_sup_channels[i].ich_freq =
2269 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
2270 ic->ic_sup_channels[i].ich_flags = IEEE80211_CHAN_A;
2271 }
2272 for (i = 100; i <= 140; i += 4) {
2273 ic->ic_sup_channels[i].ich_freq =
2274 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
2275 ic->ic_sup_channels[i].ich_flags = IEEE80211_CHAN_A;
2276 }
2277 for (i = 149; i <= 161; i += 4) {
2278 ic->ic_sup_channels[i].ich_freq =
2279 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
2280 ic->ic_sup_channels[i].ich_flags = IEEE80211_CHAN_A;
2281 }
2282 }
2283
2284 /* set supported .11b and .11g rates */
2285 ic->ic_sup_rates[IEEE80211_MODE_11B] = ural_rateset_11b;
2286 ic->ic_sup_rates[IEEE80211_MODE_11G] = ural_rateset_11g;
2287
2288 /* set supported .11b and .11g channels (1 through 14) */
2289 for (i = 1; i <= 14; i++) {
2290 ic->ic_sup_channels[i].ich_freq =
2291 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
2292 ic->ic_sup_channels[i].ich_flags =
2293 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
2294 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
2295 }
2296
2297 ieee80211_attach(ic);
2298
2299 /* register WPA door */
2300 ieee80211_register_door(ic, ddi_driver_name(devinfo),
2301 ddi_get_instance(devinfo));
2302
2303 /* override state transition machine */
2304 sc->sc_newstate = ic->ic_newstate;
2305 ic->ic_newstate = ural_newstate;
2306 ic->ic_watchdog = ural_watchdog;
2307 ieee80211_media_init(ic);
2308 ic->ic_def_txkey = 0;
2309
2310 sc->sc_rcr = 0;
2311 sc->dwelltime = 300;
2312 sc->sc_flags &= 0;
2313
2314 /*
2315 * Provide initial settings for the WiFi plugin; whenever this
2316 * information changes, we need to call mac_plugindata_update()
2317 */
2318 wd.wd_opmode = ic->ic_opmode;
2319 wd.wd_secalloc = WIFI_SEC_NONE;
2320 IEEE80211_ADDR_COPY(wd.wd_bssid, ic->ic_bss->in_bssid);
2321
2322 if ((macp = mac_alloc(MAC_VERSION)) == NULL) {
2323 ral_debug(RAL_DBG_ERR, "ural_attach(): "
2324 "MAC version mismatch\n");
2325 goto fail3;
2326 }
2327
2328 macp->m_type_ident = MAC_PLUGIN_IDENT_WIFI;
2329 macp->m_driver = sc;
2330 macp->m_dip = devinfo;
2331 macp->m_src_addr = ic->ic_macaddr;
2332 macp->m_callbacks = &ural_m_callbacks;
2333 macp->m_min_sdu = 0;
2334 macp->m_max_sdu = IEEE80211_MTU;
2335 macp->m_pdata = &wd;
2336 macp->m_pdata_size = sizeof (wd);
2337
2338 err = mac_register(macp, &ic->ic_mach);
2339 mac_free(macp);
2340 if (err != 0) {
2341 ral_debug(RAL_DBG_ERR, "ural_attach(): "
2342 "mac_register() err %x\n", err);
2343 goto fail3;
2344 }
2345
2346 if (usb_register_hotplug_cbs(devinfo, ural_disconnect,
2347 ural_reconnect) != USB_SUCCESS) {
2348 ral_debug(RAL_DBG_ERR,
2349 "ural: ural_attach() failed to register events");
2350 goto fail4;
2351 }
2352
2353 /*
2354 * Create minor node of type DDI_NT_NET_WIFI
2355 */
2356 (void) snprintf(strbuf, sizeof (strbuf), "%s%d",
2357 "ural", instance);
2358 err = ddi_create_minor_node(devinfo, strbuf, S_IFCHR,
2359 instance + 1, DDI_NT_NET_WIFI, 0);
2360
2361 if (err != DDI_SUCCESS)
2362 ral_debug(RAL_DBG_ERR, "ddi_create_minor_node() failed\n");
2363
2364 /*
2365 * Notify link is down now
2366 */
2367 mac_link_update(ic->ic_mach, LINK_STATE_DOWN);
2368
2369 return (DDI_SUCCESS);
2370 fail4:
2371 (void) mac_unregister(ic->ic_mach);
2372 fail3:
2373 mutex_destroy(&sc->sc_genlock);
2374 mutex_destroy(&sc->tx_lock);
2375 mutex_destroy(&sc->rx_lock);
2376 fail2:
2377 usb_client_detach(sc->sc_dev, sc->sc_udev);
2378 fail1:
2379 ddi_soft_state_free(ural_soft_state_p, ddi_get_instance(devinfo));
2380
2381 return (DDI_FAILURE);
2382 }
2383
2384 static int
2385 ural_detach(dev_info_t *devinfo, ddi_detach_cmd_t cmd)
2386 {
2387 struct ural_softc *sc;
2388
2389 sc = ddi_get_soft_state(ural_soft_state_p, ddi_get_instance(devinfo));
2390 ASSERT(sc != NULL);
2391
2392 switch (cmd) {
2393 case DDI_DETACH:
2394 break;
2395 case DDI_SUSPEND:
2396 if (RAL_IS_RUNNING(sc))
2397 (void) ural_stop(sc);
2398 return (DDI_SUCCESS);
2399 default:
2400 return (DDI_FAILURE);
2401 }
2402
2403 if (mac_disable(sc->sc_ic.ic_mach) != 0)
2404 return (DDI_FAILURE);
2405
2406 ural_stop(sc);
2407 usb_unregister_hotplug_cbs(devinfo);
2408
2409 /*
2410 * Unregister from the MAC layer subsystem
2411 */
2412 (void) mac_unregister(sc->sc_ic.ic_mach);
2413
2414 /*
2415 * detach ieee80211 layer
2416 */
2417 ieee80211_detach(&sc->sc_ic);
2418
2419 mutex_destroy(&sc->sc_genlock);
2420 mutex_destroy(&sc->tx_lock);
2421 mutex_destroy(&sc->rx_lock);
2422
2423 /* pipes will be close in ural_stop() */
2424 usb_client_detach(devinfo, sc->sc_udev);
2425 sc->sc_udev = NULL;
2426
2427 ddi_remove_minor_node(devinfo, NULL);
2428 ddi_soft_state_free(ural_soft_state_p, ddi_get_instance(devinfo));
2429
2430 return (DDI_SUCCESS);
2431 }
2432
2433 int
2434 _info(struct modinfo *modinfop)
2435 {
2436 return (mod_info(&modlinkage, modinfop));
2437 }
2438
2439 int
2440 _init(void)
2441 {
2442 int status;
2443
2444 status = ddi_soft_state_init(&ural_soft_state_p,
2445 sizeof (struct ural_softc), 1);
2446 if (status != 0)
2447 return (status);
2448
2449 mac_init_ops(&ural_dev_ops, "ural");
2450 status = mod_install(&modlinkage);
2451 if (status != 0) {
2452 mac_fini_ops(&ural_dev_ops);
2453 ddi_soft_state_fini(&ural_soft_state_p);
2454 }
2455 return (status);
2456 }
2457
2458 int
2459 _fini(void)
2460 {
2461 int status;
2462
2463 status = mod_remove(&modlinkage);
2464 if (status == 0) {
2465 mac_fini_ops(&ural_dev_ops);
2466 ddi_soft_state_fini(&ural_soft_state_p);
2467 }
2468 return (status);
2469 }