1 /*
2 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 /*
7 * Copyright (c) 2005, 2006
8 * Damien Bergamini <damien.bergamini@free.fr>
9 *
10 * Permission to use, copy, modify, and distribute this software for any
11 * purpose with or without fee is hereby granted, provided that the above
12 * copyright notice and this permission notice appear in all copies.
13 *
14 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
15 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
16 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
17 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
18 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21 */
22
23 /*
24 * Ralink Technology RT2500USB chipset driver
25 * http://www.ralinktech.com/
26 */
27 #include <sys/types.h>
28 #include <sys/cmn_err.h>
29 #include <sys/strsubr.h>
30 #include <sys/modctl.h>
31 #include <sys/devops.h>
32 #include <sys/byteorder.h>
33 #include <sys/mac_provider.h>
34 #include <sys/mac_wifi.h>
35 #include <sys/net80211.h>
36
37 #define USBDRV_MAJOR_VER 2
38 #define USBDRV_MINOR_VER 0
39 #include <sys/usb/usba.h>
40 #include <sys/usb/usba/usba_types.h>
41
42 #include "ural_reg.h"
43 #include "ural_var.h"
44
45 static void *ural_soft_state_p = NULL;
46
47 #define RAL_TXBUF_SIZE (IEEE80211_MAX_LEN)
48 #define RAL_RXBUF_SIZE (IEEE80211_MAX_LEN)
49
50 /* quickly determine if a given rate is CCK or OFDM */
51 #define RAL_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22)
52 #define RAL_ACK_SIZE 14 /* 10 + 4(FCS) */
53 #define RAL_CTS_SIZE 14 /* 10 + 4(FCS) */
54 #define RAL_SIFS 10 /* us */
55 #define RAL_RXTX_TURNAROUND 5 /* us */
56
57 #define URAL_N(a) (sizeof (a) / sizeof ((a)[0]))
58
59 /*
60 * Supported rates for 802.11a/b/g modes (in 500Kbps unit).
61 */
62 static const struct ieee80211_rateset ural_rateset_11a =
63 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } };
64
65 static const struct ieee80211_rateset ural_rateset_11b =
66 { 4, { 2, 4, 11, 22 } };
67
68 static const struct ieee80211_rateset ural_rateset_11g =
69 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } };
70
71 /*
72 * Default values for MAC registers; values taken from the reference driver.
73 */
74 static const struct {
75 uint16_t reg;
76 uint16_t val;
77 } ural_def_mac[] = {
78 { RAL_TXRX_CSR5, 0x8c8d },
79 { RAL_TXRX_CSR6, 0x8b8a },
80 { RAL_TXRX_CSR7, 0x8687 },
81 { RAL_TXRX_CSR8, 0x0085 },
82 { RAL_MAC_CSR13, 0x1111 },
83 { RAL_MAC_CSR14, 0x1e11 },
84 { RAL_TXRX_CSR21, 0xe78f },
85 { RAL_MAC_CSR9, 0xff1d },
86 { RAL_MAC_CSR11, 0x0002 },
87 { RAL_MAC_CSR22, 0x0053 },
88 { RAL_MAC_CSR15, 0x0000 },
89 { RAL_MAC_CSR8, 0x0780 },
90 { RAL_TXRX_CSR19, 0x0000 },
91 { RAL_TXRX_CSR18, 0x005a },
92 { RAL_PHY_CSR2, 0x0000 },
93 { RAL_TXRX_CSR0, 0x1ec0 },
94 { RAL_PHY_CSR4, 0x000f }
95 };
96
97 /*
98 * Default values for BBP registers; values taken from the reference driver.
99 */
100 static const struct {
101 uint8_t reg;
102 uint8_t val;
103 } ural_def_bbp[] = {
104 { 3, 0x02 },
105 { 4, 0x19 },
106 { 14, 0x1c },
107 { 15, 0x30 },
108 { 16, 0xac },
109 { 17, 0x48 },
110 { 18, 0x18 },
111 { 19, 0xff },
112 { 20, 0x1e },
113 { 21, 0x08 },
114 { 22, 0x08 },
115 { 23, 0x08 },
116 { 24, 0x80 },
117 { 25, 0x50 },
118 { 26, 0x08 },
119 { 27, 0x23 },
120 { 30, 0x10 },
121 { 31, 0x2b },
122 { 32, 0xb9 },
123 { 34, 0x12 },
124 { 35, 0x50 },
125 { 39, 0xc4 },
126 { 40, 0x02 },
127 { 41, 0x60 },
128 { 53, 0x10 },
129 { 54, 0x18 },
130 { 56, 0x08 },
131 { 57, 0x10 },
132 { 58, 0x08 },
133 { 61, 0x60 },
134 { 62, 0x10 },
135 { 75, 0xff }
136 };
137
138 /*
139 * Default values for RF register R2 indexed by channel numbers.
140 */
141 static const uint32_t ural_rf2522_r2[] = {
142 0x307f6, 0x307fb, 0x30800, 0x30805, 0x3080a, 0x3080f, 0x30814,
143 0x30819, 0x3081e, 0x30823, 0x30828, 0x3082d, 0x30832, 0x3083e
144 };
145
146 static const uint32_t ural_rf2523_r2[] = {
147 0x00327, 0x00328, 0x00329, 0x0032a, 0x0032b, 0x0032c, 0x0032d,
148 0x0032e, 0x0032f, 0x00340, 0x00341, 0x00342, 0x00343, 0x00346
149 };
150
151 static const uint32_t ural_rf2524_r2[] = {
152 0x00327, 0x00328, 0x00329, 0x0032a, 0x0032b, 0x0032c, 0x0032d,
153 0x0032e, 0x0032f, 0x00340, 0x00341, 0x00342, 0x00343, 0x00346
154 };
155
156 static const uint32_t ural_rf2525_r2[] = {
157 0x20327, 0x20328, 0x20329, 0x2032a, 0x2032b, 0x2032c, 0x2032d,
158 0x2032e, 0x2032f, 0x20340, 0x20341, 0x20342, 0x20343, 0x20346
159 };
160
161 static const uint32_t ural_rf2525_hi_r2[] = {
162 0x2032f, 0x20340, 0x20341, 0x20342, 0x20343, 0x20344, 0x20345,
163 0x20346, 0x20347, 0x20348, 0x20349, 0x2034a, 0x2034b, 0x2034e
164 };
165
166 static const uint32_t ural_rf2525e_r2[] = {
167 0x2044d, 0x2044e, 0x2044f, 0x20460, 0x20461, 0x20462, 0x20463,
168 0x20464, 0x20465, 0x20466, 0x20467, 0x20468, 0x20469, 0x2046b
169 };
170
171 static const uint32_t ural_rf2526_hi_r2[] = {
172 0x0022a, 0x0022b, 0x0022b, 0x0022c, 0x0022c, 0x0022d, 0x0022d,
173 0x0022e, 0x0022e, 0x0022f, 0x0022d, 0x00240, 0x00240, 0x00241
174 };
175
176 static const uint32_t ural_rf2526_r2[] = {
177 0x00226, 0x00227, 0x00227, 0x00228, 0x00228, 0x00229, 0x00229,
178 0x0022a, 0x0022a, 0x0022b, 0x0022b, 0x0022c, 0x0022c, 0x0022d
179 };
180
181 /*
182 * For dual-band RF, RF registers R1 and R4 also depend on channel number;
183 * values taken from the reference driver.
184 */
185 static const struct {
186 uint8_t chan;
187 uint32_t r1;
188 uint32_t r2;
189 uint32_t r4;
190 } ural_rf5222[] = {
191 { 1, 0x08808, 0x0044d, 0x00282 },
192 { 2, 0x08808, 0x0044e, 0x00282 },
193 { 3, 0x08808, 0x0044f, 0x00282 },
194 { 4, 0x08808, 0x00460, 0x00282 },
195 { 5, 0x08808, 0x00461, 0x00282 },
196 { 6, 0x08808, 0x00462, 0x00282 },
197 { 7, 0x08808, 0x00463, 0x00282 },
198 { 8, 0x08808, 0x00464, 0x00282 },
199 { 9, 0x08808, 0x00465, 0x00282 },
200 { 10, 0x08808, 0x00466, 0x00282 },
201 { 11, 0x08808, 0x00467, 0x00282 },
202 { 12, 0x08808, 0x00468, 0x00282 },
203 { 13, 0x08808, 0x00469, 0x00282 },
204 { 14, 0x08808, 0x0046b, 0x00286 },
205
206 { 36, 0x08804, 0x06225, 0x00287 },
207 { 40, 0x08804, 0x06226, 0x00287 },
208 { 44, 0x08804, 0x06227, 0x00287 },
209 { 48, 0x08804, 0x06228, 0x00287 },
210 { 52, 0x08804, 0x06229, 0x00287 },
211 { 56, 0x08804, 0x0622a, 0x00287 },
212 { 60, 0x08804, 0x0622b, 0x00287 },
213 { 64, 0x08804, 0x0622c, 0x00287 },
214
215 { 100, 0x08804, 0x02200, 0x00283 },
216 { 104, 0x08804, 0x02201, 0x00283 },
217 { 108, 0x08804, 0x02202, 0x00283 },
218 { 112, 0x08804, 0x02203, 0x00283 },
219 { 116, 0x08804, 0x02204, 0x00283 },
220 { 120, 0x08804, 0x02205, 0x00283 },
221 { 124, 0x08804, 0x02206, 0x00283 },
222 { 128, 0x08804, 0x02207, 0x00283 },
223 { 132, 0x08804, 0x02208, 0x00283 },
224 { 136, 0x08804, 0x02209, 0x00283 },
225 { 140, 0x08804, 0x0220a, 0x00283 },
226
227 { 149, 0x08808, 0x02429, 0x00281 },
228 { 153, 0x08808, 0x0242b, 0x00281 },
229 { 157, 0x08808, 0x0242d, 0x00281 },
230 { 161, 0x08808, 0x0242f, 0x00281 }
231 };
232
233 /*
234 * device operations
235 */
236 static int ural_attach(dev_info_t *, ddi_attach_cmd_t);
237 static int ural_detach(dev_info_t *, ddi_detach_cmd_t);
238
239 /*
240 * Module Loading Data & Entry Points
241 */
242 DDI_DEFINE_STREAM_OPS(ural_dev_ops, nulldev, nulldev, ural_attach,
243 ural_detach, nodev, NULL, D_MP, NULL, ddi_quiesce_not_needed);
244
245 static struct modldrv ural_modldrv = {
246 &mod_driverops, /* Type of module. This one is a driver */
247 "ural driver v1.4", /* short description */
248 &ural_dev_ops /* driver specific ops */
249 };
250
251 static struct modlinkage modlinkage = {
252 MODREV_1,
253 { (void *)&ural_modldrv, NULL }
254 };
255
256 static int ural_m_stat(void *, uint_t, uint64_t *);
257 static int ural_m_start(void *);
258 static void ural_m_stop(void *);
259 static int ural_m_promisc(void *, boolean_t);
260 static int ural_m_multicst(void *, boolean_t, const uint8_t *);
261 static int ural_m_unicst(void *, const uint8_t *);
262 static mblk_t *ural_m_tx(void *, mblk_t *);
263 static void ural_m_ioctl(void *, queue_t *, mblk_t *);
264 static int ural_m_setprop(void *, const char *, mac_prop_id_t,
265 uint_t, const void *);
266 static int ural_m_getprop(void *, const char *, mac_prop_id_t,
267 uint_t, void *);
268 static void ural_m_propinfo(void *, const char *, mac_prop_id_t,
269 mac_prop_info_handle_t);
270
271 static mac_callbacks_t ural_m_callbacks = {
272 MC_IOCTL | MC_SETPROP | MC_GETPROP | MC_PROPINFO,
273 ural_m_stat,
274 ural_m_start,
275 ural_m_stop,
276 ural_m_promisc,
277 ural_m_multicst,
278 ural_m_unicst,
279 ural_m_tx,
280 NULL,
281 ural_m_ioctl,
282 NULL, /* mc_getcapab */
283 NULL,
284 NULL,
285 ural_m_setprop,
286 ural_m_getprop,
287 ural_m_propinfo
288 };
289
290 static void ural_amrr_start(struct ural_softc *, struct ieee80211_node *);
291 static int ural_tx_trigger(struct ural_softc *, mblk_t *);
292 static int ural_rx_trigger(struct ural_softc *);
293
294 uint32_t ural_dbg_flags = 0;
295
296 void
297 ral_debug(uint32_t dbg_flags, const int8_t *fmt, ...)
298 {
299 va_list args;
300
301 if (dbg_flags & ural_dbg_flags) {
302 va_start(args, fmt);
303 vcmn_err(CE_CONT, fmt, args);
304 va_end(args);
305 }
306 }
307
308 static uint16_t
309 ural_read(struct ural_softc *sc, uint16_t reg)
310 {
311 usb_ctrl_setup_t req;
312 usb_cr_t cr;
313 usb_cb_flags_t cf;
314 mblk_t *mp;
315 int err;
316 uint16_t val;
317
318 bzero(&req, sizeof (req));
319 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_DEV_TO_HOST;
320 req.bRequest = RAL_READ_MAC;
321 req.wValue = 0;
322 req.wIndex = reg;
323 req.wLength = sizeof (uint16_t);
324
325 mp = NULL;
326 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, &mp,
327 &cr, &cf, 0);
328
329 if (err != USB_SUCCESS) {
330 ral_debug(RAL_DBG_ERR,
331 "ural_read(): could not read MAC register:"
332 " cr:%s(%d), cf:(%x)\n",
333 usb_str_cr(cr), cr, cf);
334 return (0);
335 }
336
337 bcopy(mp->b_rptr, &val, sizeof (uint16_t));
338
339 if (mp)
340 freemsg(mp);
341
342 return (LE_16(val));
343 }
344
345 static void
346 ural_read_multi(struct ural_softc *sc, uint16_t reg, void *buf, int len)
347 {
348 usb_ctrl_setup_t req;
349 usb_cr_t cr;
350 usb_cb_flags_t cf;
351 mblk_t *mp;
352 int err;
353
354 bzero(&req, sizeof (req));
355 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_DEV_TO_HOST;
356 req.bRequest = RAL_READ_MULTI_MAC;
357 req.wValue = 0;
358 req.wIndex = reg;
359 req.wLength = (uint16_t)len;
360 req.attrs = USB_ATTRS_AUTOCLEARING;
361
362 mp = NULL;
363 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, &mp,
364 &cr, &cf, 0);
365
366 if (err != USB_SUCCESS) {
367 ral_debug(RAL_DBG_ERR,
368 "ural_read_multi(): could not read MAC register:"
369 "cr:%s(%d), cf:(%x)\n",
370 usb_str_cr(cr), cr, cf);
371 return;
372 }
373
374 bcopy(mp->b_rptr, buf, len);
375
376 if (mp)
377 freemsg(mp);
378 }
379
380 static void
381 ural_write(struct ural_softc *sc, uint16_t reg, uint16_t val)
382 {
383 usb_ctrl_setup_t req;
384 usb_cr_t cr;
385 usb_cb_flags_t cf;
386 int err;
387
388 bzero(&req, sizeof (req));
389 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_HOST_TO_DEV;
390 req.bRequest = RAL_WRITE_MAC;
391 req.wValue = val;
392 req.wIndex = reg;
393 req.wLength = 0;
394 req.attrs = USB_ATTRS_NONE;
395
396 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, NULL,
397 &cr, &cf, 0);
398
399 if (err != USB_SUCCESS) {
400 ral_debug(RAL_DBG_ERR,
401 "ural_write(): could not write MAC register:"
402 "cr:%s(%d), cf:(%x)\n",
403 usb_str_cr(cr), cr, cf);
404 }
405 }
406
407 /* ARGSUSED */
408 static void
409 ural_txeof(usb_pipe_handle_t pipe, usb_bulk_req_t *req)
410 {
411 struct ural_softc *sc = (struct ural_softc *)req->bulk_client_private;
412 struct ieee80211com *ic = &sc->sc_ic;
413
414 ral_debug(RAL_DBG_TX,
415 "ural_txeof(): cr:%s(%d), flags:0x%x, tx_queued:%d",
416 usb_str_cr(req->bulk_completion_reason),
417 req->bulk_completion_reason,
418 req->bulk_cb_flags,
419 sc->tx_queued);
420
421 if (req->bulk_completion_reason != USB_CR_OK)
422 sc->sc_tx_err++;
423
424 mutex_enter(&sc->tx_lock);
425
426 sc->tx_queued--;
427 sc->sc_tx_timer = 0;
428
429 if (sc->sc_need_sched) {
430 sc->sc_need_sched = 0;
431 mac_tx_update(ic->ic_mach);
432 }
433
434 mutex_exit(&sc->tx_lock);
435 usb_free_bulk_req(req);
436 }
437
438 /* ARGSUSED */
439 static void
440 ural_rxeof(usb_pipe_handle_t pipe, usb_bulk_req_t *req)
441 {
442 struct ural_softc *sc = (struct ural_softc *)req->bulk_client_private;
443 struct ieee80211com *ic = &sc->sc_ic;
444
445 struct ural_rx_desc *desc;
446 struct ieee80211_frame *wh;
447 struct ieee80211_node *ni;
448
449 mblk_t *m, *mp;
450 int len, pktlen;
451 char *rxbuf;
452
453 mp = req->bulk_data;
454 req->bulk_data = NULL;
455
456 ral_debug(RAL_DBG_RX,
457 "ural_rxeof(): cr:%s(%d), flags:0x%x, rx_queued:%d",
458 usb_str_cr(req->bulk_completion_reason),
459 req->bulk_completion_reason,
460 req->bulk_cb_flags,
461 sc->rx_queued);
462
463 if (req->bulk_completion_reason != USB_CR_OK) {
464 sc->sc_rx_err++;
465 goto fail;
466 }
467
468 len = (uintptr_t)mp->b_wptr - (uintptr_t)mp->b_rptr;
469 rxbuf = (char *)mp->b_rptr;
470
471 if (len < RAL_RX_DESC_SIZE + IEEE80211_MIN_LEN) {
472 ral_debug(RAL_DBG_ERR,
473 "ural_rxeof(): xfer too short %d\n", len);
474 sc->sc_rx_err++;
475 goto fail;
476 }
477
478 /* rx descriptor is located at the end */
479 desc = (struct ural_rx_desc *)(rxbuf + len - RAL_RX_DESC_SIZE);
480
481 if ((LE_32(desc->flags) & RAL_RX_PHY_ERROR) ||
482 (LE_32(desc->flags) & RAL_RX_CRC_ERROR)) {
483 /*
484 * This should not happen since we did not request to receive
485 * those frames when we filled RAL_TXRX_CSR2.
486 */
487 ral_debug(RAL_DBG_ERR, "PHY or CRC error\n");
488 sc->sc_rx_err++;
489 goto fail;
490 }
491
492 pktlen = (LE_32(desc->flags) >> 16) & 0xfff;
493
494 if (pktlen > (len - RAL_RX_DESC_SIZE)) {
495 ral_debug(RAL_DBG_ERR,
496 "ural_rxeof(): pktlen mismatch <%d, %d>.\n", pktlen, len);
497 goto fail;
498 }
499
500 /* Strip trailing 802.11 MAC FCS. */
501 pktlen -= IEEE80211_CRC_LEN;
502
503 if ((m = allocb(pktlen, BPRI_MED)) == NULL) {
504 ral_debug(RAL_DBG_ERR,
505 "ural_rxeof(): allocate mblk failed.\n");
506 sc->sc_rx_nobuf++;
507 goto fail;
508 }
509
510 bcopy(rxbuf, m->b_rptr, pktlen);
511 m->b_wptr += pktlen;
512
513 wh = (struct ieee80211_frame *)m->b_rptr;
514 ni = ieee80211_find_rxnode(ic, wh);
515
516 /* send the frame to the 802.11 layer */
517 (void) ieee80211_input(ic, m, ni, desc->rssi, 0);
518
519 /* node is no longer needed */
520 ieee80211_free_node(ni);
521 fail:
522 mutex_enter(&sc->rx_lock);
523 sc->rx_queued--;
524 mutex_exit(&sc->rx_lock);
525
526 freemsg(mp);
527 usb_free_bulk_req(req);
528
529 if (RAL_IS_RUNNING(sc))
530 (void) ural_rx_trigger(sc);
531 }
532
533 /*
534 * Return the expected ack rate for a frame transmitted at rate `rate'.
535 * this should depend on the destination node basic rate set.
536 */
537 static int
538 ural_ack_rate(struct ieee80211com *ic, int rate)
539 {
540 switch (rate) {
541 /* CCK rates */
542 case 2:
543 return (2);
544 case 4:
545 case 11:
546 case 22:
547 return ((ic->ic_curmode == IEEE80211_MODE_11B) ? 4 : rate);
548
549 /* OFDM rates */
550 case 12:
551 case 18:
552 return (12);
553 case 24:
554 case 36:
555 return (24);
556 case 48:
557 case 72:
558 case 96:
559 case 108:
560 return (48);
561 }
562
563 /* default to 1Mbps */
564 return (2);
565 }
566
567 /*
568 * Compute the duration (in us) needed to transmit `len' bytes at rate `rate'.
569 * The function automatically determines the operating mode depending on the
570 * given rate. `flags' indicates whether short preamble is in use or not.
571 */
572 static uint16_t
573 ural_txtime(int len, int rate, uint32_t flags)
574 {
575 uint16_t txtime;
576
577 if (RAL_RATE_IS_OFDM(rate)) {
578 /* IEEE Std 802.11a-1999, pp. 37 */
579 txtime = (8 + 4 * len + 3 + rate - 1) / rate;
580 txtime = 16 + 4 + 4 * txtime + 6;
581 } else {
582 /* IEEE Std 802.11b-1999, pp. 28 */
583 txtime = (16 * len + rate - 1) / rate;
584 if (rate != 2 && (flags & IEEE80211_F_SHPREAMBLE))
585 txtime += 72 + 24;
586 else
587 txtime += 144 + 48;
588 }
589 return (txtime);
590 }
591
592 static uint8_t
593 ural_plcp_signal(int rate)
594 {
595 switch (rate) {
596 /* CCK rates (returned values are device-dependent) */
597 case 2: return (0x0);
598 case 4: return (0x1);
599 case 11: return (0x2);
600 case 22: return (0x3);
601
602 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */
603 case 12: return (0xb);
604 case 18: return (0xf);
605 case 24: return (0xa);
606 case 36: return (0xe);
607 case 48: return (0x9);
608 case 72: return (0xd);
609 case 96: return (0x8);
610 case 108: return (0xc);
611
612 /* unsupported rates (should not get there) */
613 default: return (0xff);
614 }
615 }
616
617 static void
618 ural_setup_tx_desc(struct ural_softc *sc, struct ural_tx_desc *desc,
619 uint32_t flags, int len, int rate)
620 {
621 struct ieee80211com *ic = &sc->sc_ic;
622 uint16_t plcp_length;
623 int remainder;
624
625 desc->flags = LE_32(flags);
626 desc->flags |= LE_32(RAL_TX_NEWSEQ);
627 desc->flags |= LE_32(len << 16);
628
629 desc->wme = LE_16(RAL_AIFSN(2) | RAL_LOGCWMIN(3) | RAL_LOGCWMAX(5));
630 desc->wme |= LE_16(RAL_IVOFFSET(sizeof (struct ieee80211_frame)));
631
632 /* setup PLCP fields */
633 desc->plcp_signal = ural_plcp_signal(rate);
634 desc->plcp_service = 4;
635
636 len += IEEE80211_CRC_LEN;
637 if (RAL_RATE_IS_OFDM(rate)) {
638 desc->flags |= LE_32(RAL_TX_OFDM);
639
640 plcp_length = len & 0xfff;
641 desc->plcp_length_hi = plcp_length >> 6;
642 desc->plcp_length_lo = plcp_length & 0x3f;
643 } else {
644 plcp_length = (16 * len + rate - 1) / rate;
645 if (rate == 22) {
646 remainder = (16 * len) % 22;
647 if (remainder != 0 && remainder < 7)
648 desc->plcp_service |= RAL_PLCP_LENGEXT;
649 }
650 desc->plcp_length_hi = plcp_length >> 8;
651 desc->plcp_length_lo = plcp_length & 0xff;
652
653 if (rate != 2 && (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
654 desc->plcp_signal |= 0x08;
655 }
656
657 desc->iv = 0;
658 desc->eiv = 0;
659 }
660
661 #define RAL_TX_TIMEOUT 5
662
663 static int
664 ural_send(ieee80211com_t *ic, mblk_t *mp, uint8_t type)
665 {
666 struct ural_softc *sc = (struct ural_softc *)ic;
667 struct ural_tx_desc *desc;
668
669 struct ieee80211_frame *wh;
670 struct ieee80211_key *k;
671
672 uint16_t dur;
673 uint32_t flags = 0;
674 int rate, err = DDI_SUCCESS;
675
676 struct ieee80211_node *ni = NULL;
677 mblk_t *m, *m0;
678 int off, mblen, pktlen, xferlen;
679
680 /* discard packets while suspending or not inited */
681 if (!RAL_IS_RUNNING(sc)) {
682 freemsg(mp);
683 return (ENXIO);
684 }
685
686 mutex_enter(&sc->tx_lock);
687
688 if (sc->tx_queued > RAL_TX_LIST_COUNT) {
689 ral_debug(RAL_DBG_TX, "ural_send(): "
690 "no TX buffer available!\n");
691 if ((type & IEEE80211_FC0_TYPE_MASK) ==
692 IEEE80211_FC0_TYPE_DATA) {
693 sc->sc_need_sched = 1;
694 }
695 sc->sc_tx_nobuf++;
696 err = ENOMEM;
697 goto fail;
698 }
699
700 m = allocb(RAL_TXBUF_SIZE + RAL_TX_DESC_SIZE, BPRI_MED);
701 if (m == NULL) {
702 ral_debug(RAL_DBG_ERR, "ural_send(): can't alloc mblk.\n");
703 err = DDI_FAILURE;
704 goto fail;
705 }
706
707 m->b_rptr += RAL_TX_DESC_SIZE; /* skip TX descriptor */
708 m->b_wptr += RAL_TX_DESC_SIZE;
709
710 for (off = 0, m0 = mp; m0 != NULL; m0 = m0->b_cont) {
711 mblen = (uintptr_t)m0->b_wptr - (uintptr_t)m0->b_rptr;
712 (void) memcpy(m->b_rptr + off, m0->b_rptr, mblen);
713 off += mblen;
714 }
715 m->b_wptr += off;
716
717 wh = (struct ieee80211_frame *)m->b_rptr;
718
719 ni = ieee80211_find_txnode(ic, wh->i_addr1);
720 if (ni == NULL) {
721 err = DDI_FAILURE;
722 sc->sc_tx_err++;
723 freemsg(m);
724 goto fail;
725 }
726
727 if ((type & IEEE80211_FC0_TYPE_MASK) ==
728 IEEE80211_FC0_TYPE_DATA) {
729 (void) ieee80211_encap(ic, m, ni);
730 }
731
732 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
733 k = ieee80211_crypto_encap(ic, m);
734 if (k == NULL) {
735 sc->sc_tx_err++;
736 freemsg(m);
737 err = DDI_FAILURE;
738 goto fail;
739 }
740 /* packet header may have moved, reset our local pointer */
741 wh = (struct ieee80211_frame *)m->b_rptr;
742 }
743
744 m->b_rptr -= RAL_TX_DESC_SIZE; /* restore */
745 desc = (struct ural_tx_desc *)m->b_rptr;
746
747 if ((type & IEEE80211_FC0_TYPE_MASK) ==
748 IEEE80211_FC0_TYPE_DATA) { /* DATA */
749 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE)
750 rate = ic->ic_bss->in_rates.ir_rates[ic->ic_fixed_rate];
751 else
752 rate = ni->in_rates.ir_rates[ni->in_txrate];
753
754 rate &= IEEE80211_RATE_VAL;
755 if (rate <= 0) {
756 rate = 2; /* basic rate */
757 }
758
759 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
760 flags |= RAL_TX_ACK;
761 flags |= RAL_TX_RETRY(7);
762
763 dur = ural_txtime(RAL_ACK_SIZE, ural_ack_rate(ic, rate),
764 ic->ic_flags) + RAL_SIFS;
765 *(uint16_t *)(uintptr_t)wh->i_dur = LE_16(dur);
766 }
767 } else { /* MGMT */
768 rate = IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ? 12 : 2;
769
770 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
771 flags |= RAL_TX_ACK;
772
773 dur = ural_txtime(RAL_ACK_SIZE, rate, ic->ic_flags)
774 + RAL_SIFS;
775 *(uint16_t *)(uintptr_t)wh->i_dur = LE_16(dur);
776
777 /* tell hardware to add timestamp for probe responses */
778 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) ==
779 IEEE80211_FC0_TYPE_MGT &&
780 (wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) ==
781 IEEE80211_FC0_SUBTYPE_PROBE_RESP)
782 flags |= RAL_TX_TIMESTAMP;
783 }
784 }
785
786 pktlen = (uintptr_t)m->b_wptr - (uintptr_t)m->b_rptr - RAL_TX_DESC_SIZE;
787 ural_setup_tx_desc(sc, desc, flags, pktlen, rate);
788
789 /* align end on a 2-bytes boundary */
790 xferlen = (RAL_TX_DESC_SIZE + pktlen + 1) & ~1;
791
792 /*
793 * No space left in the last URB to store the extra 2 bytes, force
794 * sending of another URB.
795 */
796 if ((xferlen % 64) == 0)
797 xferlen += 2;
798
799 m->b_wptr = m->b_rptr + xferlen;
800
801 ral_debug(RAL_DBG_TX, "sending data frame len=%u rate=%u xfer len=%u\n",
802 pktlen, rate, xferlen);
803
804 (void) ural_tx_trigger(sc, m);
805
806 ic->ic_stats.is_tx_frags++;
807 ic->ic_stats.is_tx_bytes += pktlen;
808
809 fail:
810 if (ni != NULL)
811 ieee80211_free_node(ni);
812
813 if ((type & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_DATA ||
814 err == 0) {
815 freemsg(mp);
816 }
817
818 mutex_exit(&sc->tx_lock);
819
820 return (err);
821 }
822
823 static mblk_t *
824 ural_m_tx(void *arg, mblk_t *mp)
825 {
826 struct ural_softc *sc = (struct ural_softc *)arg;
827 struct ieee80211com *ic = &sc->sc_ic;
828 mblk_t *next;
829
830 /*
831 * No data frames go out unless we're associated; this
832 * should not happen as the 802.11 layer does not enable
833 * the xmit queue until we enter the RUN state.
834 */
835 if (ic->ic_state != IEEE80211_S_RUN) {
836 ral_debug(RAL_DBG_ERR, "ural_m_tx(): "
837 "discard, state %u\n", ic->ic_state);
838 freemsgchain(mp);
839 return (NULL);
840 }
841
842 while (mp != NULL) {
843 next = mp->b_next;
844 mp->b_next = NULL;
845 if (ural_send(ic, mp, IEEE80211_FC0_TYPE_DATA) != DDI_SUCCESS) {
846 mp->b_next = next;
847 freemsgchain(mp);
848 return (NULL);
849 }
850 mp = next;
851 }
852 return (mp);
853 }
854
855 static void
856 ural_set_testmode(struct ural_softc *sc)
857 {
858 usb_ctrl_setup_t req;
859 usb_cr_t cr;
860 usb_cb_flags_t cf;
861 int err;
862
863 bzero(&req, sizeof (req));
864 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_HOST_TO_DEV;
865 req.bRequest = RAL_VENDOR_REQUEST;
866 req.wValue = 4;
867 req.wIndex = 1;
868 req.wLength = 0;
869 req.attrs = USB_ATTRS_NONE;
870
871 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, NULL,
872 &cr, &cf, 0);
873
874 if (err != USB_SUCCESS) {
875 ral_debug(RAL_DBG_USB,
876 "ural_set_testmode(): could not set test mode:"
877 "cr:%s(%d), cf:%(x)\n",
878 usb_str_cr(cr), cr, cf);
879 }
880 }
881
882 static void
883 ural_eeprom_read(struct ural_softc *sc, uint16_t addr, void *buf, int len)
884 {
885 usb_ctrl_setup_t req;
886 usb_cr_t cr;
887 usb_cb_flags_t cf;
888 mblk_t *mp;
889 int err;
890
891 bzero(&req, sizeof (req));
892 req.bmRequestType = USB_DEV_REQ_TYPE_VENDOR | USB_DEV_REQ_DEV_TO_HOST;
893 req.bRequest = RAL_READ_EEPROM;
894 req.wValue = 0;
895 req.wIndex = addr;
896 req.wLength = (uint16_t)len;
897
898 mp = NULL;
899 err = usb_pipe_ctrl_xfer_wait(sc->sc_udev->dev_default_ph, &req, &mp,
900 &cr, &cf, 0);
901
902 if (err != USB_SUCCESS) {
903 ral_debug(RAL_DBG_USB,
904 "ural_eeprom_read(): could not read EEPROM:"
905 "cr:%s(%d), cf:(%x)\n",
906 usb_str_cr(cr), cr, cf);
907 return;
908 }
909
910 bcopy(mp->b_rptr, buf, len);
911
912 if (mp)
913 freemsg(mp);
914 }
915
916 static void
917 ural_bbp_write(struct ural_softc *sc, uint8_t reg, uint8_t val)
918 {
919 uint16_t tmp;
920 int ntries;
921
922 for (ntries = 0; ntries < 5; ntries++) {
923 if (!(ural_read(sc, RAL_PHY_CSR8) & RAL_BBP_BUSY))
924 break;
925 }
926 if (ntries == 5) {
927 ral_debug(RAL_DBG_ERR,
928 "ural_bbp_write(): could not write to BBP\n");
929 return;
930 }
931
932 tmp = reg << 8 | val;
933 ural_write(sc, RAL_PHY_CSR7, tmp);
934 }
935
936 static uint8_t
937 ural_bbp_read(struct ural_softc *sc, uint8_t reg)
938 {
939 uint16_t val;
940 int ntries;
941
942 val = RAL_BBP_WRITE | reg << 8;
943 ural_write(sc, RAL_PHY_CSR7, val);
944
945 for (ntries = 0; ntries < 5; ntries++) {
946 if (!(ural_read(sc, RAL_PHY_CSR8) & RAL_BBP_BUSY))
947 break;
948 }
949 if (ntries == 5) {
950 ral_debug(RAL_DBG_ERR, "ural_bbp_read(): could not read BBP\n");
951 return (0);
952 }
953
954 return (ural_read(sc, RAL_PHY_CSR7) & 0xff);
955 }
956
957 static void
958 ural_rf_write(struct ural_softc *sc, uint8_t reg, uint32_t val)
959 {
960 uint32_t tmp;
961 int ntries;
962
963 for (ntries = 0; ntries < 5; ntries++) {
964 if (!(ural_read(sc, RAL_PHY_CSR10) & RAL_RF_LOBUSY))
965 break;
966 }
967 if (ntries == 5) {
968 ral_debug(RAL_DBG_ERR,
969 "ural_rf_write(): could not write to RF\n");
970 return;
971 }
972
973 tmp = RAL_RF_BUSY | RAL_RF_20BIT | (val & 0xffff) << 2 | (reg & 0x3);
974 ural_write(sc, RAL_PHY_CSR9, tmp & 0xffff);
975 ural_write(sc, RAL_PHY_CSR10, tmp >> 16);
976
977 /* remember last written value in sc */
978 sc->rf_regs[reg] = val;
979
980 ral_debug(RAL_DBG_HW, "RF R[%u] <- 0x%05x\n", reg & 0x3, val & 0xfffff);
981 }
982
983 /*
984 * Disable RF auto-tuning.
985 */
986 static void
987 ural_disable_rf_tune(struct ural_softc *sc)
988 {
989 uint32_t tmp;
990
991 if (sc->rf_rev != RAL_RF_2523) {
992 tmp = sc->rf_regs[RAL_RF1] & ~RAL_RF1_AUTOTUNE;
993 ural_rf_write(sc, RAL_RF1, tmp);
994 }
995
996 tmp = sc->rf_regs[RAL_RF3] & ~RAL_RF3_AUTOTUNE;
997 ural_rf_write(sc, RAL_RF3, tmp);
998
999 ral_debug(RAL_DBG_HW, "disabling RF autotune\n");
1000 }
1001
1002
1003 static void
1004 ural_set_chan(struct ural_softc *sc, struct ieee80211_channel *c)
1005 {
1006 struct ieee80211com *ic = &sc->sc_ic;
1007 uint8_t power, tmp;
1008 uint_t i, chan;
1009
1010 chan = ieee80211_chan2ieee(ic, c);
1011 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
1012 return;
1013
1014 if (IEEE80211_IS_CHAN_2GHZ(c))
1015 power = min(sc->txpow[chan - 1], 31);
1016 else
1017 power = 31;
1018
1019 /* adjust txpower using ifconfig settings */
1020 power -= (100 - ic->ic_txpowlimit) / 8;
1021
1022 ral_debug(RAL_DBG_HW, "setting channel to %u, txpower to %u\n",
1023 chan, power);
1024
1025 switch (sc->rf_rev) {
1026 case RAL_RF_2522:
1027 ural_rf_write(sc, RAL_RF1, 0x00814);
1028 ural_rf_write(sc, RAL_RF2, ural_rf2522_r2[chan - 1]);
1029 ural_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
1030 break;
1031
1032 case RAL_RF_2523:
1033 ural_rf_write(sc, RAL_RF1, 0x08804);
1034 ural_rf_write(sc, RAL_RF2, ural_rf2523_r2[chan - 1]);
1035 ural_rf_write(sc, RAL_RF3, power << 7 | 0x38044);
1036 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
1037 break;
1038
1039 case RAL_RF_2524:
1040 ural_rf_write(sc, RAL_RF1, 0x0c808);
1041 ural_rf_write(sc, RAL_RF2, ural_rf2524_r2[chan - 1]);
1042 ural_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
1043 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
1044 break;
1045
1046 case RAL_RF_2525:
1047 ural_rf_write(sc, RAL_RF1, 0x08808);
1048 ural_rf_write(sc, RAL_RF2, ural_rf2525_hi_r2[chan - 1]);
1049 ural_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
1050 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
1051
1052 ural_rf_write(sc, RAL_RF1, 0x08808);
1053 ural_rf_write(sc, RAL_RF2, ural_rf2525_r2[chan - 1]);
1054 ural_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
1055 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00280 : 0x00286);
1056 break;
1057
1058 case RAL_RF_2525E:
1059 ural_rf_write(sc, RAL_RF1, 0x08808);
1060 ural_rf_write(sc, RAL_RF2, ural_rf2525e_r2[chan - 1]);
1061 ural_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
1062 ural_rf_write(sc, RAL_RF4, (chan == 14) ? 0x00286 : 0x00282);
1063 break;
1064
1065 case RAL_RF_2526:
1066 ural_rf_write(sc, RAL_RF2, ural_rf2526_hi_r2[chan - 1]);
1067 ural_rf_write(sc, RAL_RF4, (chan & 1) ? 0x00386 : 0x00381);
1068 ural_rf_write(sc, RAL_RF1, 0x08804);
1069
1070 ural_rf_write(sc, RAL_RF2, ural_rf2526_r2[chan - 1]);
1071 ural_rf_write(sc, RAL_RF3, power << 7 | 0x18044);
1072 ural_rf_write(sc, RAL_RF4, (chan & 1) ? 0x00386 : 0x00381);
1073 break;
1074
1075 /* dual-band RF */
1076 case RAL_RF_5222:
1077 for (i = 0; ural_rf5222[i].chan != chan; i++) {
1078 if (i > URAL_N(ural_rf5222)) break;
1079 }
1080
1081 ural_rf_write(sc, RAL_RF1, ural_rf5222[i].r1);
1082 ural_rf_write(sc, RAL_RF2, ural_rf5222[i].r2);
1083 ural_rf_write(sc, RAL_RF3, power << 7 | 0x00040);
1084 ural_rf_write(sc, RAL_RF4, ural_rf5222[i].r4);
1085 break;
1086 }
1087
1088 if (ic->ic_opmode != IEEE80211_M_MONITOR &&
1089 ic->ic_state != IEEE80211_S_SCAN) {
1090 /* set Japan filter bit for channel 14 */
1091 tmp = ural_bbp_read(sc, 70);
1092
1093 tmp &= ~RAL_JAPAN_FILTER;
1094 if (chan == 14)
1095 tmp |= RAL_JAPAN_FILTER;
1096
1097 ural_bbp_write(sc, 70, tmp);
1098
1099 /* clear CRC errs */
1100 (void) ural_read(sc, RAL_STA_CSR0);
1101
1102 drv_usecwait(10000);
1103 ural_disable_rf_tune(sc);
1104 }
1105 }
1106
1107 /*
1108 * Refer to IEEE Std 802.11-1999 pp. 123 for more information on TSF
1109 * synchronization.
1110 */
1111 static void
1112 ural_enable_tsf_sync(struct ural_softc *sc)
1113 {
1114 struct ieee80211com *ic = &sc->sc_ic;
1115 uint16_t logcwmin, preload, tmp;
1116
1117 /* first, disable TSF synchronization */
1118 ural_write(sc, RAL_TXRX_CSR19, 0);
1119
1120 tmp = (16 * ic->ic_bss->in_intval) << 4;
1121 ural_write(sc, RAL_TXRX_CSR18, tmp);
1122
1123 logcwmin = (ic->ic_opmode == IEEE80211_M_IBSS) ? 2 : 0;
1124 preload = (ic->ic_opmode == IEEE80211_M_IBSS) ? 320 : 6;
1125 tmp = logcwmin << 12 | preload;
1126 ural_write(sc, RAL_TXRX_CSR20, tmp);
1127
1128 /* finally, enable TSF synchronization */
1129 tmp = RAL_ENABLE_TSF | RAL_ENABLE_TBCN;
1130 if (ic->ic_opmode == IEEE80211_M_STA)
1131 tmp |= RAL_ENABLE_TSF_SYNC(1);
1132 else
1133 tmp |= RAL_ENABLE_TSF_SYNC(2) | RAL_ENABLE_BEACON_GENERATOR;
1134 ural_write(sc, RAL_TXRX_CSR19, tmp);
1135
1136 ral_debug(RAL_DBG_HW, "enabling TSF synchronization\n");
1137 }
1138
1139 /*
1140 * This function can be called by ieee80211_set_shortslottime(). Refer to
1141 * IEEE Std 802.11-1999 pp. 85 to know how these values are computed.
1142 */
1143 /* ARGSUSED */
1144 static void
1145 ural_update_slot(struct ieee80211com *ic, int onoff)
1146 {
1147 struct ural_softc *sc = (struct ural_softc *)ic;
1148 uint16_t slottime, sifs, eifs;
1149
1150 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
1151 /* slottime = (onoff ? 9 : 20); */
1152
1153 /*
1154 * These settings may sound a bit inconsistent but this is what the
1155 * reference driver does.
1156 */
1157 if (ic->ic_curmode == IEEE80211_MODE_11B) {
1158 sifs = 16 - RAL_RXTX_TURNAROUND;
1159 eifs = 364;
1160 } else {
1161 sifs = 10 - RAL_RXTX_TURNAROUND;
1162 eifs = 64;
1163 }
1164
1165 ural_write(sc, RAL_MAC_CSR10, slottime);
1166 ural_write(sc, RAL_MAC_CSR11, sifs);
1167 ural_write(sc, RAL_MAC_CSR12, eifs);
1168 }
1169
1170 static void
1171 ural_set_txpreamble(struct ural_softc *sc)
1172 {
1173 uint16_t tmp;
1174
1175 tmp = ural_read(sc, RAL_TXRX_CSR10);
1176
1177 tmp &= ~RAL_SHORT_PREAMBLE;
1178 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
1179 tmp |= RAL_SHORT_PREAMBLE;
1180
1181 ural_write(sc, RAL_TXRX_CSR10, tmp);
1182 }
1183
1184 static void
1185 ural_set_basicrates(struct ural_softc *sc)
1186 {
1187 struct ieee80211com *ic = &sc->sc_ic;
1188
1189 /* update basic rate set */
1190 if (ic->ic_curmode == IEEE80211_MODE_11B) {
1191 /* 11b basic rates: 1, 2Mbps */
1192 ural_write(sc, RAL_TXRX_CSR11, 0x3);
1193 } else if (IEEE80211_IS_CHAN_5GHZ(ic->ic_bss->in_chan)) {
1194 /* 11a basic rates: 6, 12, 24Mbps */
1195 ural_write(sc, RAL_TXRX_CSR11, 0x150);
1196 } else {
1197 /* 11g basic rates: 1, 2, 5.5, 11, 6, 12, 24Mbps */
1198 ural_write(sc, RAL_TXRX_CSR11, 0x15f);
1199 }
1200 }
1201
1202 static void
1203 ural_set_bssid(struct ural_softc *sc, uint8_t *bssid)
1204 {
1205 uint16_t tmp;
1206
1207 tmp = bssid[0] | bssid[1] << 8;
1208 ural_write(sc, RAL_MAC_CSR5, tmp);
1209
1210 tmp = bssid[2] | bssid[3] << 8;
1211 ural_write(sc, RAL_MAC_CSR6, tmp);
1212
1213 tmp = bssid[4] | bssid[5] << 8;
1214 ural_write(sc, RAL_MAC_CSR7, tmp);
1215
1216 ral_debug(RAL_DBG_HW, "setting BSSID to " MACSTR "\n", MAC2STR(bssid));
1217 }
1218
1219 static void
1220 ural_set_macaddr(struct ural_softc *sc, uint8_t *addr)
1221 {
1222 uint16_t tmp;
1223
1224 tmp = addr[0] | addr[1] << 8;
1225 ural_write(sc, RAL_MAC_CSR2, tmp);
1226
1227 tmp = addr[2] | addr[3] << 8;
1228 ural_write(sc, RAL_MAC_CSR3, tmp);
1229
1230 tmp = addr[4] | addr[5] << 8;
1231 ural_write(sc, RAL_MAC_CSR4, tmp);
1232
1233 ral_debug(RAL_DBG_HW,
1234 "setting MAC address to " MACSTR "\n", MAC2STR(addr));
1235 }
1236
1237 static void
1238 ural_update_promisc(struct ural_softc *sc)
1239 {
1240 uint32_t tmp;
1241
1242 tmp = ural_read(sc, RAL_TXRX_CSR2);
1243
1244 tmp &= ~RAL_DROP_NOT_TO_ME;
1245 if (!(sc->sc_rcr & RAL_RCR_PROMISC))
1246 tmp |= RAL_DROP_NOT_TO_ME;
1247
1248 ural_write(sc, RAL_TXRX_CSR2, tmp);
1249
1250 ral_debug(RAL_DBG_HW, "%s promiscuous mode\n",
1251 (sc->sc_rcr & RAL_RCR_PROMISC) ? "entering" : "leaving");
1252 }
1253
1254 static const char *
1255 ural_get_rf(int rev)
1256 {
1257 switch (rev) {
1258 case RAL_RF_2522: return ("RT2522");
1259 case RAL_RF_2523: return ("RT2523");
1260 case RAL_RF_2524: return ("RT2524");
1261 case RAL_RF_2525: return ("RT2525");
1262 case RAL_RF_2525E: return ("RT2525e");
1263 case RAL_RF_2526: return ("RT2526");
1264 case RAL_RF_5222: return ("RT5222");
1265 default: return ("unknown");
1266 }
1267 }
1268
1269 static void
1270 ural_read_eeprom(struct ural_softc *sc)
1271 {
1272 struct ieee80211com *ic = &sc->sc_ic;
1273 uint16_t val;
1274
1275 ural_eeprom_read(sc, RAL_EEPROM_CONFIG0, &val, 2);
1276 val = LE_16(val);
1277 sc->rf_rev = (val >> 11) & 0x7;
1278 sc->hw_radio = (val >> 10) & 0x1;
1279 sc->led_mode = (val >> 6) & 0x7;
1280 sc->rx_ant = (val >> 4) & 0x3;
1281 sc->tx_ant = (val >> 2) & 0x3;
1282 sc->nb_ant = val & 0x3;
1283
1284 /* read MAC address */
1285 ural_eeprom_read(sc, RAL_EEPROM_ADDRESS, ic->ic_macaddr, 6);
1286
1287 /* read default values for BBP registers */
1288 ural_eeprom_read(sc, RAL_EEPROM_BBP_BASE, sc->bbp_prom, 2 * 16);
1289
1290 /* read Tx power for all b/g channels */
1291 ural_eeprom_read(sc, RAL_EEPROM_TXPOWER, sc->txpow, 14);
1292 }
1293
1294 static int
1295 ural_bbp_init(struct ural_softc *sc)
1296 {
1297 int i, ntries;
1298
1299 /* wait for BBP to be ready */
1300 for (ntries = 0; ntries < 100; ntries++) {
1301 if (ural_bbp_read(sc, RAL_BBP_VERSION) != 0)
1302 break;
1303 drv_usecwait(1000);
1304 }
1305 if (ntries == 100) {
1306 ral_debug(RAL_DBG_ERR, "timeout waiting for BBP\n");
1307 return (EIO);
1308 }
1309
1310 /* initialize BBP registers to default values */
1311 for (i = 0; i < URAL_N(ural_def_bbp); i++)
1312 ural_bbp_write(sc, ural_def_bbp[i].reg, ural_def_bbp[i].val);
1313
1314 return (0);
1315 }
1316
1317 static void
1318 ural_set_txantenna(struct ural_softc *sc, int antenna)
1319 {
1320 uint16_t tmp;
1321 uint8_t tx;
1322
1323 tx = ural_bbp_read(sc, RAL_BBP_TX) & ~RAL_BBP_ANTMASK;
1324 if (antenna == 1)
1325 tx |= RAL_BBP_ANTA;
1326 else if (antenna == 2)
1327 tx |= RAL_BBP_ANTB;
1328 else
1329 tx |= RAL_BBP_DIVERSITY;
1330
1331 /* need to force I/Q flip for RF 2525e, 2526 and 5222 */
1332 if (sc->rf_rev == RAL_RF_2525E || sc->rf_rev == RAL_RF_2526 ||
1333 sc->rf_rev == RAL_RF_5222)
1334 tx |= RAL_BBP_FLIPIQ;
1335
1336 ural_bbp_write(sc, RAL_BBP_TX, tx);
1337
1338 /* update values in PHY_CSR5 and PHY_CSR6 */
1339 tmp = ural_read(sc, RAL_PHY_CSR5) & ~0x7;
1340 ural_write(sc, RAL_PHY_CSR5, tmp | (tx & 0x7));
1341
1342 tmp = ural_read(sc, RAL_PHY_CSR6) & ~0x7;
1343 ural_write(sc, RAL_PHY_CSR6, tmp | (tx & 0x7));
1344 }
1345
1346 static void
1347 ural_set_rxantenna(struct ural_softc *sc, int antenna)
1348 {
1349 uint8_t rx;
1350
1351 rx = ural_bbp_read(sc, RAL_BBP_RX) & ~RAL_BBP_ANTMASK;
1352 if (antenna == 1)
1353 rx |= RAL_BBP_ANTA;
1354 else if (antenna == 2)
1355 rx |= RAL_BBP_ANTB;
1356 else
1357 rx |= RAL_BBP_DIVERSITY;
1358
1359 /* need to force no I/Q flip for RF 2525e and 2526 */
1360 if (sc->rf_rev == RAL_RF_2525E || sc->rf_rev == RAL_RF_2526)
1361 rx &= ~RAL_BBP_FLIPIQ;
1362
1363 ural_bbp_write(sc, RAL_BBP_RX, rx);
1364 }
1365
1366 /*
1367 * This function is called periodically (every 200ms) during scanning to
1368 * switch from one channel to another.
1369 */
1370 static void
1371 ural_next_scan(void *arg)
1372 {
1373 struct ural_softc *sc = arg;
1374 struct ieee80211com *ic = &sc->sc_ic;
1375
1376 if (ic->ic_state == IEEE80211_S_SCAN)
1377 ieee80211_next_scan(ic);
1378 }
1379
1380 static int
1381 ural_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
1382 {
1383 struct ural_softc *sc = (struct ural_softc *)ic;
1384 enum ieee80211_state ostate;
1385 struct ieee80211_node *ni;
1386 int err;
1387
1388 RAL_LOCK(sc);
1389
1390 ostate = ic->ic_state;
1391
1392 if (sc->sc_scan_id != 0) {
1393 (void) untimeout(sc->sc_scan_id);
1394 sc->sc_scan_id = 0;
1395 }
1396
1397 if (sc->sc_amrr_id != 0) {
1398 (void) untimeout(sc->sc_amrr_id);
1399 sc->sc_amrr_id = 0;
1400 }
1401
1402 switch (nstate) {
1403 case IEEE80211_S_INIT:
1404 if (ostate == IEEE80211_S_RUN) {
1405 /* abort TSF synchronization */
1406 ural_write(sc, RAL_TXRX_CSR19, 0);
1407 /* force tx led to stop blinking */
1408 ural_write(sc, RAL_MAC_CSR20, 0);
1409 }
1410 break;
1411
1412 case IEEE80211_S_SCAN:
1413 ural_set_chan(sc, ic->ic_curchan);
1414 sc->sc_scan_id = timeout(ural_next_scan, (void *)sc,
1415 drv_usectohz(sc->dwelltime * 1000));
1416 break;
1417
1418 case IEEE80211_S_AUTH:
1419 ural_set_chan(sc, ic->ic_curchan);
1420 break;
1421
1422 case IEEE80211_S_ASSOC:
1423 ural_set_chan(sc, ic->ic_curchan);
1424 break;
1425
1426 case IEEE80211_S_RUN:
1427 ural_set_chan(sc, ic->ic_curchan);
1428
1429 ni = ic->ic_bss;
1430
1431 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1432 ural_update_slot(ic, 1);
1433 ural_set_txpreamble(sc);
1434 ural_set_basicrates(sc);
1435 ural_set_bssid(sc, ni->in_bssid);
1436 }
1437
1438
1439 /* make tx led blink on tx (controlled by ASIC) */
1440 ural_write(sc, RAL_MAC_CSR20, 1);
1441
1442 if (ic->ic_opmode != IEEE80211_M_MONITOR)
1443 ural_enable_tsf_sync(sc);
1444
1445 /* enable automatic rate adaptation in STA mode */
1446 if (ic->ic_opmode == IEEE80211_M_STA &&
1447 ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE)
1448 ural_amrr_start(sc, ni);
1449
1450 break;
1451 }
1452
1453 RAL_UNLOCK(sc);
1454
1455 err = sc->sc_newstate(ic, nstate, arg);
1456 /*
1457 * Finally, start any timers.
1458 */
1459 if (nstate == IEEE80211_S_RUN)
1460 ieee80211_start_watchdog(ic, 1);
1461
1462 return (err);
1463 }
1464
1465
1466
1467 static void
1468 ural_close_pipes(struct ural_softc *sc)
1469 {
1470 usb_flags_t flags = USB_FLAGS_SLEEP;
1471
1472 if (sc->sc_rx_pipeh != NULL) {
1473 usb_pipe_reset(sc->sc_dev, sc->sc_rx_pipeh, flags, NULL, 0);
1474 usb_pipe_close(sc->sc_dev, sc->sc_rx_pipeh, flags, NULL, 0);
1475 sc->sc_rx_pipeh = NULL;
1476 }
1477
1478 if (sc->sc_tx_pipeh != NULL) {
1479 usb_pipe_reset(sc->sc_dev, sc->sc_tx_pipeh, flags, NULL, 0);
1480 usb_pipe_close(sc->sc_dev, sc->sc_tx_pipeh, flags, NULL, 0);
1481 sc->sc_tx_pipeh = NULL;
1482 }
1483 }
1484
1485 static int
1486 ural_open_pipes(struct ural_softc *sc)
1487 {
1488 usb_ep_data_t *ep_node;
1489 usb_pipe_policy_t policy;
1490 int err;
1491
1492 ep_node = usb_lookup_ep_data(sc->sc_dev, sc->sc_udev, 0, 0, 0,
1493 USB_EP_ATTR_BULK, USB_EP_DIR_OUT);
1494
1495 bzero(&policy, sizeof (usb_pipe_policy_t));
1496 policy.pp_max_async_reqs = RAL_TX_LIST_COUNT;
1497
1498 if ((err = usb_pipe_open(sc->sc_dev,
1499 &ep_node->ep_descr, &policy, USB_FLAGS_SLEEP,
1500 &sc->sc_tx_pipeh)) != USB_SUCCESS) {
1501 ral_debug(RAL_DBG_ERR,
1502 "ural_open_pipes(): %x failed to open tx pipe\n", err);
1503 goto fail;
1504 }
1505
1506 ep_node = usb_lookup_ep_data(sc->sc_dev, sc->sc_udev, 0, 0, 0,
1507 USB_EP_ATTR_BULK, USB_EP_DIR_IN);
1508
1509 bzero(&policy, sizeof (usb_pipe_policy_t));
1510 policy.pp_max_async_reqs = RAL_RX_LIST_COUNT + 32;
1511
1512 if ((err = usb_pipe_open(sc->sc_dev,
1513 &ep_node->ep_descr, &policy, USB_FLAGS_SLEEP,
1514 &sc->sc_rx_pipeh)) != USB_SUCCESS) {
1515 ral_debug(RAL_DBG_ERR,
1516 "ural_open_pipes(): %x failed to open rx pipe\n", err);
1517 goto fail;
1518 }
1519
1520 return (USB_SUCCESS);
1521
1522 fail:
1523 if (sc->sc_rx_pipeh != NULL) {
1524 usb_pipe_close(sc->sc_dev, sc->sc_rx_pipeh,
1525 USB_FLAGS_SLEEP, NULL, 0);
1526 sc->sc_rx_pipeh = NULL;
1527 }
1528
1529 if (sc->sc_tx_pipeh != NULL) {
1530 usb_pipe_close(sc->sc_dev, sc->sc_tx_pipeh,
1531 USB_FLAGS_SLEEP, NULL, 0);
1532 sc->sc_tx_pipeh = NULL;
1533 }
1534
1535 return (USB_FAILURE);
1536 }
1537
1538 static int
1539 ural_tx_trigger(struct ural_softc *sc, mblk_t *mp)
1540 {
1541 usb_bulk_req_t *req;
1542 int err;
1543
1544 sc->sc_tx_timer = RAL_TX_TIMEOUT;
1545
1546 req = usb_alloc_bulk_req(sc->sc_dev, 0, USB_FLAGS_SLEEP);
1547 if (req == NULL) {
1548 ral_debug(RAL_DBG_ERR,
1549 "ural_tx_trigger(): failed to allocate req");
1550 freemsg(mp);
1551 return (-1);
1552 }
1553
1554 req->bulk_len = (uintptr_t)mp->b_wptr - (uintptr_t)mp->b_rptr;
1555 req->bulk_data = mp;
1556 req->bulk_client_private = (usb_opaque_t)sc;
1557 req->bulk_timeout = RAL_TX_TIMEOUT;
1558 req->bulk_attributes = USB_ATTRS_AUTOCLEARING;
1559 req->bulk_cb = ural_txeof;
1560 req->bulk_exc_cb = ural_txeof;
1561 req->bulk_completion_reason = 0;
1562 req->bulk_cb_flags = 0;
1563
1564 if ((err = usb_pipe_bulk_xfer(sc->sc_tx_pipeh, req, 0))
1565 != USB_SUCCESS) {
1566
1567 ral_debug(RAL_DBG_ERR, "ural_tx_trigger(): "
1568 "failed to do tx xfer, %d", err);
1569 usb_free_bulk_req(req);
1570 return (-1);
1571 }
1572
1573 sc->tx_queued++;
1574
1575 return (0);
1576 }
1577
1578 static int
1579 ural_rx_trigger(struct ural_softc *sc)
1580 {
1581 usb_bulk_req_t *req;
1582 int err;
1583
1584 req = usb_alloc_bulk_req(sc->sc_dev, RAL_RXBUF_SIZE, USB_FLAGS_SLEEP);
1585 if (req == NULL) {
1586 ral_debug(RAL_DBG_ERR,
1587 "ural_rx_trigger(): failed to allocate req");
1588 return (-1);
1589 }
1590
1591 req->bulk_len = RAL_RXBUF_SIZE;
1592 req->bulk_client_private = (usb_opaque_t)sc;
1593 req->bulk_timeout = 0;
1594 req->bulk_attributes = USB_ATTRS_SHORT_XFER_OK
1595 | USB_ATTRS_AUTOCLEARING;
1596 req->bulk_cb = ural_rxeof;
1597 req->bulk_exc_cb = ural_rxeof;
1598 req->bulk_completion_reason = 0;
1599 req->bulk_cb_flags = 0;
1600
1601 err = usb_pipe_bulk_xfer(sc->sc_rx_pipeh, req, 0);
1602
1603 if (err != USB_SUCCESS) {
1604 ral_debug(RAL_DBG_ERR, "ural_rx_trigger(): "
1605 "failed to do rx xfer, %d", err);
1606 usb_free_bulk_req(req);
1607
1608 return (-1);
1609 }
1610
1611 mutex_enter(&sc->rx_lock);
1612 sc->rx_queued++;
1613 mutex_exit(&sc->rx_lock);
1614
1615 return (0);
1616 }
1617
1618 static void
1619 ural_init_tx_queue(struct ural_softc *sc)
1620 {
1621 sc->tx_queued = 0;
1622 }
1623
1624 static int
1625 ural_init_rx_queue(struct ural_softc *sc)
1626 {
1627 int i;
1628
1629 sc->rx_queued = 0;
1630
1631 for (i = 0; i < RAL_RX_LIST_COUNT; i++) {
1632 if (ural_rx_trigger(sc) != 0) {
1633 return (USB_FAILURE);
1634 }
1635 }
1636
1637 return (USB_SUCCESS);
1638 }
1639
1640 static void
1641 ural_stop(struct ural_softc *sc)
1642 {
1643 struct ieee80211com *ic = &sc->sc_ic;
1644
1645 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
1646 ieee80211_stop_watchdog(ic); /* stop the watchdog */
1647
1648 RAL_LOCK(sc);
1649
1650 sc->sc_tx_timer = 0;
1651 sc->sc_flags &= ~RAL_FLAG_RUNNING; /* STOP */
1652
1653 /* disable Rx */
1654 ural_write(sc, RAL_TXRX_CSR2, RAL_DISABLE_RX);
1655
1656 /* reset ASIC and BBP (but won't reset MAC registers!) */
1657 ural_write(sc, RAL_MAC_CSR1, RAL_RESET_ASIC | RAL_RESET_BBP);
1658 ural_write(sc, RAL_MAC_CSR1, 0);
1659
1660 ural_close_pipes(sc);
1661
1662 RAL_UNLOCK(sc);
1663 }
1664
1665 static int
1666 ural_init(struct ural_softc *sc)
1667 {
1668 struct ieee80211com *ic = &sc->sc_ic;
1669 uint16_t tmp;
1670 int i, ntries;
1671
1672 ural_set_testmode(sc);
1673 ural_write(sc, 0x308, 0x00f0); /* magic */
1674
1675 ural_stop(sc);
1676
1677 /* initialize MAC registers to default values */
1678 for (i = 0; i < URAL_N(ural_def_mac); i++)
1679 ural_write(sc, ural_def_mac[i].reg, ural_def_mac[i].val);
1680
1681 /* wait for BBP and RF to wake up (this can take a long time!) */
1682 for (ntries = 0; ntries < 100; ntries++) {
1683 tmp = ural_read(sc, RAL_MAC_CSR17);
1684 if ((tmp & (RAL_BBP_AWAKE | RAL_RF_AWAKE)) ==
1685 (RAL_BBP_AWAKE | RAL_RF_AWAKE))
1686 break;
1687 drv_usecwait(1000);
1688 }
1689 if (ntries == 100) {
1690 ral_debug(RAL_DBG_ERR,
1691 "ural_init(): timeout waiting for BBP/RF to wakeup\n");
1692 goto fail;
1693 }
1694
1695 /* we're ready! */
1696 ural_write(sc, RAL_MAC_CSR1, RAL_HOST_READY);
1697
1698 /* set basic rate set (will be updated later) */
1699 ural_write(sc, RAL_TXRX_CSR11, 0x15f);
1700
1701 if (ural_bbp_init(sc) != 0)
1702 goto fail;
1703
1704 /* set default BSS channel */
1705 ural_set_chan(sc, ic->ic_curchan);
1706
1707 /* clear statistic registers (STA_CSR0 to STA_CSR10) */
1708 ural_read_multi(sc, RAL_STA_CSR0, sc->sta, sizeof (sc->sta));
1709
1710 ural_set_txantenna(sc, sc->tx_ant);
1711 ural_set_rxantenna(sc, sc->rx_ant);
1712
1713 ural_set_macaddr(sc, ic->ic_macaddr);
1714
1715 if (ural_open_pipes(sc) != USB_SUCCESS) {
1716 ral_debug(RAL_DBG_ERR, "ural_init(): "
1717 "could not open pipes.\n");
1718 goto fail;
1719 }
1720
1721 ural_init_tx_queue(sc);
1722
1723 if (ural_init_rx_queue(sc) != USB_SUCCESS)
1724 goto fail;
1725
1726 /* kick Rx */
1727 tmp = RAL_DROP_PHY | RAL_DROP_CRC;
1728 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1729 tmp |= RAL_DROP_CTL | RAL_DROP_BAD_VERSION;
1730 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
1731 tmp |= RAL_DROP_TODS;
1732 if (!(sc->sc_rcr & RAL_RCR_PROMISC))
1733 tmp |= RAL_DROP_NOT_TO_ME;
1734 }
1735 ural_write(sc, RAL_TXRX_CSR2, tmp);
1736 sc->sc_flags |= RAL_FLAG_RUNNING; /* RUNNING */
1737
1738 return (DDI_SUCCESS);
1739 fail:
1740 ural_stop(sc);
1741 return (EIO);
1742 }
1743
1744 static int
1745 ural_disconnect(dev_info_t *devinfo)
1746 {
1747 struct ural_softc *sc;
1748 struct ieee80211com *ic;
1749
1750 /*
1751 * We can't call ural_stop() here, since the hardware is removed,
1752 * we can't access the register anymore.
1753 */
1754 sc = ddi_get_soft_state(ural_soft_state_p, ddi_get_instance(devinfo));
1755 ASSERT(sc != NULL);
1756
1757 if (!RAL_IS_RUNNING(sc)) /* different device or not inited */
1758 return (DDI_SUCCESS);
1759
1760 ic = &sc->sc_ic;
1761 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
1762 ieee80211_stop_watchdog(ic); /* stop the watchdog */
1763
1764 RAL_LOCK(sc);
1765
1766 sc->sc_tx_timer = 0;
1767 sc->sc_flags &= ~RAL_FLAG_RUNNING; /* STOP */
1768
1769 ural_close_pipes(sc);
1770
1771 RAL_UNLOCK(sc);
1772
1773 return (DDI_SUCCESS);
1774 }
1775
1776 static int
1777 ural_reconnect(dev_info_t *devinfo)
1778 {
1779 struct ural_softc *sc;
1780 int err;
1781
1782 sc = ddi_get_soft_state(ural_soft_state_p, ddi_get_instance(devinfo));
1783 ASSERT(sc != NULL);
1784
1785 /* check device changes after disconnect */
1786 if (usb_check_same_device(sc->sc_dev, NULL, USB_LOG_L2, -1,
1787 USB_CHK_BASIC | USB_CHK_CFG, NULL) != USB_SUCCESS) {
1788 ral_debug(RAL_DBG_ERR, "different device connected\n");
1789 return (DDI_FAILURE);
1790 }
1791
1792 err = ural_init(sc);
1793
1794 return (err);
1795 }
1796
1797 static void
1798 ural_resume(struct ural_softc *sc)
1799 {
1800 /* check device changes after suspend */
1801 if (usb_check_same_device(sc->sc_dev, NULL, USB_LOG_L2, -1,
1802 USB_CHK_BASIC | USB_CHK_CFG, NULL) != USB_SUCCESS) {
1803 ral_debug(RAL_DBG_ERR, "no or different device connected\n");
1804 return;
1805 }
1806
1807 (void) ural_init(sc);
1808 }
1809
1810 #define URAL_AMRR_MIN_SUCCESS_THRESHOLD 1
1811 #define URAL_AMRR_MAX_SUCCESS_THRESHOLD 10
1812
1813 /*
1814 * Naive implementation of the Adaptive Multi Rate Retry algorithm:
1815 * "IEEE 802.11 Rate Adaptation: A Practical Approach"
1816 * Mathieu Lacage, Hossein Manshaei, Thierry Turletti
1817 * INRIA Sophia - Projet Planete
1818 * http://www-sop.inria.fr/rapports/sophia/RR-5208.html
1819 *
1820 * This algorithm is particularly well suited for ural since it does not
1821 * require per-frame retry statistics. Note however that since h/w does
1822 * not provide per-frame stats, we can't do per-node rate adaptation and
1823 * thus automatic rate adaptation is only enabled in STA operating mode.
1824 */
1825 #define is_success(amrr) \
1826 ((amrr)->retrycnt < (amrr)->txcnt / 10)
1827 #define is_failure(amrr) \
1828 ((amrr)->retrycnt > (amrr)->txcnt / 3)
1829 #define is_enough(amrr) \
1830 ((amrr)->txcnt > 10)
1831 #define is_min_rate(ni) \
1832 ((ni)->in_txrate == 0)
1833 #define is_max_rate(ni) \
1834 ((ni)->in_txrate == (ni)->in_rates.ir_nrates - 1)
1835 #define increase_rate(ni) \
1836 ((ni)->in_txrate++)
1837 #define decrease_rate(ni) \
1838 ((ni)->in_txrate--)
1839 #define reset_cnt(amrr) do { \
1840 (amrr)->txcnt = (amrr)->retrycnt = 0; \
1841 _NOTE(CONSTCOND) \
1842 } while (/* CONSTCOND */0)
1843
1844 static void
1845 ural_ratectl(struct ural_amrr *amrr, struct ieee80211_node *ni)
1846 {
1847 int need_change = 0;
1848
1849 if (is_success(amrr) && is_enough(amrr)) {
1850 amrr->success++;
1851 if (amrr->success >= amrr->success_threshold &&
1852 !is_max_rate(ni)) {
1853 amrr->recovery = 1;
1854 amrr->success = 0;
1855 increase_rate(ni);
1856 need_change = 1;
1857 } else {
1858 amrr->recovery = 0;
1859 }
1860 } else if (is_failure(amrr)) {
1861 amrr->success = 0;
1862 if (!is_min_rate(ni)) {
1863 if (amrr->recovery) {
1864 amrr->success_threshold *= 2;
1865 if (amrr->success_threshold >
1866 URAL_AMRR_MAX_SUCCESS_THRESHOLD)
1867 amrr->success_threshold =
1868 URAL_AMRR_MAX_SUCCESS_THRESHOLD;
1869 } else {
1870 amrr->success_threshold =
1871 URAL_AMRR_MIN_SUCCESS_THRESHOLD;
1872 }
1873 decrease_rate(ni);
1874 need_change = 1;
1875 }
1876 amrr->recovery = 0; /* original paper was incorrect */
1877 }
1878
1879 if (is_enough(amrr) || need_change)
1880 reset_cnt(amrr);
1881 }
1882
1883 static void
1884 ural_amrr_timeout(void *arg)
1885 {
1886 struct ural_softc *sc = (struct ural_softc *)arg;
1887 struct ural_amrr *amrr = &sc->amrr;
1888
1889 ural_read_multi(sc, RAL_STA_CSR0, sc->sta, sizeof (sc->sta));
1890
1891 /* count TX retry-fail as Tx errors */
1892 sc->sc_tx_err += sc->sta[9];
1893 sc->sc_tx_retries += (sc->sta[7] + sc->sta[8]);
1894
1895 amrr->retrycnt =
1896 sc->sta[7] + /* TX one-retry ok count */
1897 sc->sta[8] + /* TX more-retry ok count */
1898 sc->sta[9]; /* TX retry-fail count */
1899
1900 amrr->txcnt =
1901 amrr->retrycnt +
1902 sc->sta[6]; /* TX no-retry ok count */
1903
1904 ural_ratectl(amrr, sc->sc_ic.ic_bss);
1905
1906 sc->sc_amrr_id = timeout(ural_amrr_timeout, (void *)sc,
1907 drv_usectohz(1000 * 1000)); /* 1 second */
1908 }
1909
1910
1911 static void
1912 ural_amrr_start(struct ural_softc *sc, struct ieee80211_node *ni)
1913 {
1914 struct ural_amrr *amrr = &sc->amrr;
1915 int i;
1916
1917 /* clear statistic registers (STA_CSR0 to STA_CSR10) */
1918 ural_read_multi(sc, RAL_STA_CSR0, sc->sta, sizeof (sc->sta));
1919
1920 amrr->success = 0;
1921 amrr->recovery = 0;
1922 amrr->txcnt = amrr->retrycnt = 0;
1923 amrr->success_threshold = URAL_AMRR_MIN_SUCCESS_THRESHOLD;
1924
1925 /* set rate to some reasonable initial value */
1926 for (i = ni->in_rates.ir_nrates - 1;
1927 i > 0 && (ni->in_rates.ir_rates[i] & IEEE80211_RATE_VAL) > 72;
1928 i--) {
1929 }
1930
1931 ni->in_txrate = i;
1932
1933 sc->sc_amrr_id = timeout(ural_amrr_timeout, (void *)sc,
1934 drv_usectohz(1000 * 1000)); /* 1 second */
1935 }
1936
1937 void
1938 ural_watchdog(void *arg)
1939 {
1940 struct ural_softc *sc = arg;
1941 struct ieee80211com *ic = &sc->sc_ic;
1942 int ntimer = 0;
1943
1944 RAL_LOCK(sc);
1945 ic->ic_watchdog_timer = 0;
1946
1947 if (!RAL_IS_RUNNING(sc)) {
1948 RAL_UNLOCK(sc);
1949 return;
1950 }
1951
1952 if (sc->sc_tx_timer > 0) {
1953 if (--sc->sc_tx_timer == 0) {
1954 ral_debug(RAL_DBG_ERR, "tx timer timeout\n");
1955 RAL_UNLOCK(sc);
1956 (void) ural_init(sc);
1957 (void) ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
1958 return;
1959 }
1960 }
1961
1962 if (ic->ic_state == IEEE80211_S_RUN)
1963 ntimer = 1;
1964
1965 RAL_UNLOCK(sc);
1966
1967 ieee80211_watchdog(ic);
1968
1969 if (ntimer)
1970 ieee80211_start_watchdog(ic, ntimer);
1971 }
1972
1973 static int
1974 ural_m_start(void *arg)
1975 {
1976 struct ural_softc *sc = (struct ural_softc *)arg;
1977 int err;
1978
1979 /*
1980 * initialize RT2500USB hardware
1981 */
1982 err = ural_init(sc);
1983 if (err != DDI_SUCCESS) {
1984 ral_debug(RAL_DBG_ERR, "device configuration failed\n");
1985 goto fail;
1986 }
1987 sc->sc_flags |= RAL_FLAG_RUNNING; /* RUNNING */
1988 return (err);
1989
1990 fail:
1991 ural_stop(sc);
1992 return (err);
1993 }
1994
1995 static void
1996 ural_m_stop(void *arg)
1997 {
1998 struct ural_softc *sc = (struct ural_softc *)arg;
1999
2000 (void) ural_stop(sc);
2001 sc->sc_flags &= ~RAL_FLAG_RUNNING; /* STOP */
2002 }
2003
2004 static int
2005 ural_m_unicst(void *arg, const uint8_t *macaddr)
2006 {
2007 struct ural_softc *sc = (struct ural_softc *)arg;
2008 struct ieee80211com *ic = &sc->sc_ic;
2009
2010 ral_debug(RAL_DBG_MSG, "ural_m_unicst(): " MACSTR "\n",
2011 MAC2STR(macaddr));
2012
2013 IEEE80211_ADDR_COPY(ic->ic_macaddr, macaddr);
2014 (void) ural_set_macaddr(sc, (uint8_t *)macaddr);
2015 (void) ural_init(sc);
2016
2017 return (0);
2018 }
2019
2020 /*ARGSUSED*/
2021 static int
2022 ural_m_multicst(void *arg, boolean_t add, const uint8_t *mca)
2023 {
2024 return (0);
2025 }
2026
2027 static int
2028 ural_m_promisc(void *arg, boolean_t on)
2029 {
2030 struct ural_softc *sc = (struct ural_softc *)arg;
2031
2032 if (on) {
2033 sc->sc_rcr |= RAL_RCR_PROMISC;
2034 sc->sc_rcr |= RAL_RCR_MULTI;
2035 } else {
2036 sc->sc_rcr &= ~RAL_RCR_PROMISC;
2037 sc->sc_rcr &= ~RAL_RCR_PROMISC;
2038 }
2039
2040 ural_update_promisc(sc);
2041 return (0);
2042 }
2043
2044 /*
2045 * callback functions for /get/set properties
2046 */
2047 static int
2048 ural_m_setprop(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
2049 uint_t wldp_length, const void *wldp_buf)
2050 {
2051 struct ural_softc *sc = (struct ural_softc *)arg;
2052 struct ieee80211com *ic = &sc->sc_ic;
2053 int err;
2054
2055 err = ieee80211_setprop(ic, pr_name, wldp_pr_num,
2056 wldp_length, wldp_buf);
2057 RAL_LOCK(sc);
2058 if (err == ENETRESET) {
2059 if (RAL_IS_RUNNING(sc)) {
2060 RAL_UNLOCK(sc);
2061 (void) ural_init(sc);
2062 (void) ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2063 RAL_LOCK(sc);
2064 }
2065 err = 0;
2066 }
2067 RAL_UNLOCK(sc);
2068
2069 return (err);
2070 }
2071
2072 static int
2073 ural_m_getprop(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
2074 uint_t wldp_length, void *wldp_buf)
2075 {
2076 struct ural_softc *sc = (struct ural_softc *)arg;
2077 int err;
2078
2079 err = ieee80211_getprop(&sc->sc_ic, pr_name, wldp_pr_num,
2080 wldp_length, wldp_buf);
2081
2082 return (err);
2083 }
2084
2085 static void
2086 ural_m_propinfo(void *arg, const char *pr_name, mac_prop_id_t wldp_pr_num,
2087 mac_prop_info_handle_t mph)
2088 {
2089 struct ural_softc *sc = (struct ural_softc *)arg;
2090
2091 ieee80211_propinfo(&sc->sc_ic, pr_name, wldp_pr_num, mph);
2092 }
2093
2094 static void
2095 ural_m_ioctl(void* arg, queue_t *wq, mblk_t *mp)
2096 {
2097 struct ural_softc *sc = (struct ural_softc *)arg;
2098 struct ieee80211com *ic = &sc->sc_ic;
2099 int err;
2100
2101 err = ieee80211_ioctl(ic, wq, mp);
2102 RAL_LOCK(sc);
2103 if (err == ENETRESET) {
2104 if (RAL_IS_RUNNING(sc)) {
2105 RAL_UNLOCK(sc);
2106 (void) ural_init(sc);
2107 (void) ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2108 RAL_LOCK(sc);
2109 }
2110 }
2111 RAL_UNLOCK(sc);
2112 }
2113
2114 static int
2115 ural_m_stat(void *arg, uint_t stat, uint64_t *val)
2116 {
2117 struct ural_softc *sc = (struct ural_softc *)arg;
2118 ieee80211com_t *ic = &sc->sc_ic;
2119 ieee80211_node_t *ni = ic->ic_bss;
2120 struct ieee80211_rateset *rs = &ni->in_rates;
2121
2122 RAL_LOCK(sc);
2123 switch (stat) {
2124 case MAC_STAT_IFSPEED:
2125 *val = ((ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE) ?
2126 (rs->ir_rates[ni->in_txrate] & IEEE80211_RATE_VAL)
2127 : ic->ic_fixed_rate) / 2 * 1000000;
2128 break;
2129 case MAC_STAT_NOXMTBUF:
2130 *val = sc->sc_tx_nobuf;
2131 break;
2132 case MAC_STAT_NORCVBUF:
2133 *val = sc->sc_rx_nobuf;
2134 break;
2135 case MAC_STAT_IERRORS:
2136 *val = sc->sc_rx_err;
2137 break;
2138 case MAC_STAT_RBYTES:
2139 *val = ic->ic_stats.is_rx_bytes;
2140 break;
2141 case MAC_STAT_IPACKETS:
2142 *val = ic->ic_stats.is_rx_frags;
2143 break;
2144 case MAC_STAT_OBYTES:
2145 *val = ic->ic_stats.is_tx_bytes;
2146 break;
2147 case MAC_STAT_OPACKETS:
2148 *val = ic->ic_stats.is_tx_frags;
2149 break;
2150 case MAC_STAT_OERRORS:
2151 case WIFI_STAT_TX_FAILED:
2152 *val = sc->sc_tx_err;
2153 break;
2154 case WIFI_STAT_TX_RETRANS:
2155 *val = sc->sc_tx_retries;
2156 break;
2157 case WIFI_STAT_FCS_ERRORS:
2158 case WIFI_STAT_WEP_ERRORS:
2159 case WIFI_STAT_TX_FRAGS:
2160 case WIFI_STAT_MCAST_TX:
2161 case WIFI_STAT_RTS_SUCCESS:
2162 case WIFI_STAT_RTS_FAILURE:
2163 case WIFI_STAT_ACK_FAILURE:
2164 case WIFI_STAT_RX_FRAGS:
2165 case WIFI_STAT_MCAST_RX:
2166 case WIFI_STAT_RX_DUPS:
2167 RAL_UNLOCK(sc);
2168 return (ieee80211_stat(ic, stat, val));
2169 default:
2170 RAL_UNLOCK(sc);
2171 return (ENOTSUP);
2172 }
2173 RAL_UNLOCK(sc);
2174
2175 return (0);
2176 }
2177
2178
2179 static int
2180 ural_attach(dev_info_t *devinfo, ddi_attach_cmd_t cmd)
2181 {
2182 struct ural_softc *sc;
2183 struct ieee80211com *ic;
2184 int err, i;
2185 int instance;
2186
2187 char strbuf[32];
2188
2189 wifi_data_t wd = { 0 };
2190 mac_register_t *macp;
2191
2192 switch (cmd) {
2193 case DDI_ATTACH:
2194 break;
2195 case DDI_RESUME:
2196 sc = ddi_get_soft_state(ural_soft_state_p,
2197 ddi_get_instance(devinfo));
2198 ASSERT(sc != NULL);
2199 ural_resume(sc);
2200 return (DDI_SUCCESS);
2201 default:
2202 return (DDI_FAILURE);
2203 }
2204
2205 instance = ddi_get_instance(devinfo);
2206
2207 if (ddi_soft_state_zalloc(ural_soft_state_p, instance) != DDI_SUCCESS) {
2208 ral_debug(RAL_DBG_MSG, "ural_attach(): "
2209 "unable to alloc soft_state_p\n");
2210 return (DDI_FAILURE);
2211 }
2212
2213 sc = ddi_get_soft_state(ural_soft_state_p, instance);
2214 ic = (ieee80211com_t *)&sc->sc_ic;
2215 sc->sc_dev = devinfo;
2216
2217 if (usb_client_attach(devinfo, USBDRV_VERSION, 0) != USB_SUCCESS) {
2218 ral_debug(RAL_DBG_ERR,
2219 "ural_attach(): usb_client_attach failed\n");
2220 goto fail1;
2221 }
2222
2223 if (usb_get_dev_data(devinfo, &sc->sc_udev,
2224 USB_PARSE_LVL_ALL, 0) != USB_SUCCESS) {
2225 sc->sc_udev = NULL;
2226 goto fail2;
2227 }
2228
2229 mutex_init(&sc->sc_genlock, NULL, MUTEX_DRIVER, NULL);
2230 mutex_init(&sc->tx_lock, NULL, MUTEX_DRIVER, NULL);
2231 mutex_init(&sc->rx_lock, NULL, MUTEX_DRIVER, NULL);
2232
2233 /* retrieve RT2570 rev. no */
2234 sc->asic_rev = ural_read(sc, RAL_MAC_CSR0);
2235
2236 /* retrieve MAC address and various other things from EEPROM */
2237 ural_read_eeprom(sc);
2238
2239 ral_debug(RAL_DBG_MSG, "ural: MAC/BBP RT2570 (rev 0x%02x), RF %s\n",
2240 sc->asic_rev, ural_get_rf(sc->rf_rev));
2241
2242 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
2243 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
2244 ic->ic_state = IEEE80211_S_INIT;
2245
2246 ic->ic_maxrssi = 63;
2247 ic->ic_set_shortslot = ural_update_slot;
2248 ic->ic_xmit = ural_send;
2249
2250 /* set device capabilities */
2251 ic->ic_caps =
2252 IEEE80211_C_TXPMGT | /* tx power management */
2253 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
2254 IEEE80211_C_SHSLOT; /* short slot time supported */
2255
2256 ic->ic_caps |= IEEE80211_C_WPA; /* Support WPA/WPA2 */
2257
2258 #define IEEE80211_CHAN_A \
2259 (IEEE80211_CHAN_5GHZ | IEEE80211_CHAN_OFDM)
2260
2261 if (sc->rf_rev == RAL_RF_5222) {
2262 /* set supported .11a rates */
2263 ic->ic_sup_rates[IEEE80211_MODE_11A] = ural_rateset_11a;
2264
2265 /* set supported .11a channels */
2266 for (i = 36; i <= 64; i += 4) {
2267 ic->ic_sup_channels[i].ich_freq =
2268 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
2269 ic->ic_sup_channels[i].ich_flags = IEEE80211_CHAN_A;
2270 }
2271 for (i = 100; i <= 140; i += 4) {
2272 ic->ic_sup_channels[i].ich_freq =
2273 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
2274 ic->ic_sup_channels[i].ich_flags = IEEE80211_CHAN_A;
2275 }
2276 for (i = 149; i <= 161; i += 4) {
2277 ic->ic_sup_channels[i].ich_freq =
2278 ieee80211_ieee2mhz(i, IEEE80211_CHAN_5GHZ);
2279 ic->ic_sup_channels[i].ich_flags = IEEE80211_CHAN_A;
2280 }
2281 }
2282
2283 /* set supported .11b and .11g rates */
2284 ic->ic_sup_rates[IEEE80211_MODE_11B] = ural_rateset_11b;
2285 ic->ic_sup_rates[IEEE80211_MODE_11G] = ural_rateset_11g;
2286
2287 /* set supported .11b and .11g channels (1 through 14) */
2288 for (i = 1; i <= 14; i++) {
2289 ic->ic_sup_channels[i].ich_freq =
2290 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
2291 ic->ic_sup_channels[i].ich_flags =
2292 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
2293 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
2294 }
2295
2296 ieee80211_attach(ic);
2297
2298 /* register WPA door */
2299 ieee80211_register_door(ic, ddi_driver_name(devinfo),
2300 ddi_get_instance(devinfo));
2301
2302 /* override state transition machine */
2303 sc->sc_newstate = ic->ic_newstate;
2304 ic->ic_newstate = ural_newstate;
2305 ic->ic_watchdog = ural_watchdog;
2306 ieee80211_media_init(ic);
2307 ic->ic_def_txkey = 0;
2308
2309 sc->sc_rcr = 0;
2310 sc->dwelltime = 300;
2311 sc->sc_flags &= 0;
2312
2313 /*
2314 * Provide initial settings for the WiFi plugin; whenever this
2315 * information changes, we need to call mac_plugindata_update()
2316 */
2317 wd.wd_opmode = ic->ic_opmode;
2318 wd.wd_secalloc = WIFI_SEC_NONE;
2319 IEEE80211_ADDR_COPY(wd.wd_bssid, ic->ic_bss->in_bssid);
2320
2321 if ((macp = mac_alloc(MAC_VERSION)) == NULL) {
2322 ral_debug(RAL_DBG_ERR, "ural_attach(): "
2323 "MAC version mismatch\n");
2324 goto fail3;
2325 }
2326
2327 macp->m_type_ident = MAC_PLUGIN_IDENT_WIFI;
2328 macp->m_driver = sc;
2329 macp->m_dip = devinfo;
2330 macp->m_src_addr = ic->ic_macaddr;
2331 macp->m_callbacks = &ural_m_callbacks;
2332 macp->m_min_sdu = 0;
2333 macp->m_max_sdu = IEEE80211_MTU;
2334 macp->m_pdata = &wd;
2335 macp->m_pdata_size = sizeof (wd);
2336
2337 err = mac_register(macp, &ic->ic_mach);
2338 mac_free(macp);
2339 if (err != 0) {
2340 ral_debug(RAL_DBG_ERR, "ural_attach(): "
2341 "mac_register() err %x\n", err);
2342 goto fail3;
2343 }
2344
2345 if (usb_register_hotplug_cbs(devinfo, ural_disconnect,
2346 ural_reconnect) != USB_SUCCESS) {
2347 ral_debug(RAL_DBG_ERR,
2348 "ural: ural_attach() failed to register events");
2349 goto fail4;
2350 }
2351
2352 /*
2353 * Create minor node of type DDI_NT_NET_WIFI
2354 */
2355 (void) snprintf(strbuf, sizeof (strbuf), "%s%d",
2356 "ural", instance);
2357 err = ddi_create_minor_node(devinfo, strbuf, S_IFCHR,
2358 instance + 1, DDI_NT_NET_WIFI, 0);
2359
2360 if (err != DDI_SUCCESS)
2361 ral_debug(RAL_DBG_ERR, "ddi_create_minor_node() failed\n");
2362
2363 /*
2364 * Notify link is down now
2365 */
2366 mac_link_update(ic->ic_mach, LINK_STATE_DOWN);
2367
2368 return (DDI_SUCCESS);
2369 fail4:
2370 (void) mac_unregister(ic->ic_mach);
2371 fail3:
2372 mutex_destroy(&sc->sc_genlock);
2373 mutex_destroy(&sc->tx_lock);
2374 mutex_destroy(&sc->rx_lock);
2375 fail2:
2376 usb_client_detach(sc->sc_dev, sc->sc_udev);
2377 fail1:
2378 ddi_soft_state_free(ural_soft_state_p, ddi_get_instance(devinfo));
2379
2380 return (DDI_FAILURE);
2381 }
2382
2383 static int
2384 ural_detach(dev_info_t *devinfo, ddi_detach_cmd_t cmd)
2385 {
2386 struct ural_softc *sc;
2387
2388 sc = ddi_get_soft_state(ural_soft_state_p, ddi_get_instance(devinfo));
2389 ASSERT(sc != NULL);
2390
2391 switch (cmd) {
2392 case DDI_DETACH:
2393 break;
2394 case DDI_SUSPEND:
2395 if (RAL_IS_RUNNING(sc))
2396 (void) ural_stop(sc);
2397 return (DDI_SUCCESS);
2398 default:
2399 return (DDI_FAILURE);
2400 }
2401
2402 if (mac_disable(sc->sc_ic.ic_mach) != 0)
2403 return (DDI_FAILURE);
2404
2405 ural_stop(sc);
2406 usb_unregister_hotplug_cbs(devinfo);
2407
2408 /*
2409 * Unregister from the MAC layer subsystem
2410 */
2411 (void) mac_unregister(sc->sc_ic.ic_mach);
2412
2413 /*
2414 * detach ieee80211 layer
2415 */
2416 ieee80211_detach(&sc->sc_ic);
2417
2418 mutex_destroy(&sc->sc_genlock);
2419 mutex_destroy(&sc->tx_lock);
2420 mutex_destroy(&sc->rx_lock);
2421
2422 /* pipes will be close in ural_stop() */
2423 usb_client_detach(devinfo, sc->sc_udev);
2424 sc->sc_udev = NULL;
2425
2426 ddi_remove_minor_node(devinfo, NULL);
2427 ddi_soft_state_free(ural_soft_state_p, ddi_get_instance(devinfo));
2428
2429 return (DDI_SUCCESS);
2430 }
2431
2432 int
2433 _info(struct modinfo *modinfop)
2434 {
2435 return (mod_info(&modlinkage, modinfop));
2436 }
2437
2438 int
2439 _init(void)
2440 {
2441 int status;
2442
2443 status = ddi_soft_state_init(&ural_soft_state_p,
2444 sizeof (struct ural_softc), 1);
2445 if (status != 0)
2446 return (status);
2447
2448 mac_init_ops(&ural_dev_ops, "ural");
2449 status = mod_install(&modlinkage);
2450 if (status != 0) {
2451 mac_fini_ops(&ural_dev_ops);
2452 ddi_soft_state_fini(&ural_soft_state_p);
2453 }
2454 return (status);
2455 }
2456
2457 int
2458 _fini(void)
2459 {
2460 int status;
2461
2462 status = mod_remove(&modlinkage);
2463 if (status == 0) {
2464 mac_fini_ops(&ural_dev_ops);
2465 ddi_soft_state_fini(&ural_soft_state_p);
2466 }
2467 return (status);
2468 }