bcm-v4

[Specification

A Dummy Transmission is a transmission that doesn't actually get sent. The routine has two arguments: (1) ofdm - true for OFDM packet, and (2) pa_on.

Packet Composition

The packet that is sent depends on the PHY type. The first 6 bytes are for the PLCP data, the remainder is an ACK packet (type 0b01, subtype 0b1101)

OFDM frame

CC 01 02 00 00 00 D4 00 00 00 00 00 00 00 00 01 00 00 00 00

CCK frame

6E 84 0B 00 00 00 D4 00 00 00 00 00 00 00 00 01 00 00 00 00

These values are in big endian order (i.e. as they ought to be transmitted or written to the Template Ram if that is in big endian mode).

Note that we suspect a bug in the driver because the last 4 bytes of this overwrite the PLCP header of the next packet in the Template Ram. Also, the trailing zeroes would form the FCS of the 802.11 packet which don't seem to be present in other packets in the Template Ram, and are not correct either. That no one notices this bug probably means that the next packet isn't ever used. But we don't know.

As you can easily see, these packets differ only in the PLCP part, the actual packet is the same (an ACK packet).

Performing the Dummy Transmission

  1. Write the packet you wish to send to Template Ram, offset 0

  2. Write 0 to Core Register 0x568

  3. If the Core revision is less than 11
    1. Write 0 to Core Register 0x7C0

  4. Otherwise
    1. Write 0x100 to Core Register 0x7C0

  5. If you are writing an OFDM packet
    1. Write 0x41 to Core Register 0x50C

  6. Otherwise
    1. Write 0x40 to Core Register 0x50C

  7. If this is an N PHY, an LP PHY, or an SSLPN PHY (type 6)
    1. Write 0x1A02 to Core Register 0x514

  8. Write 0 to Core Register 0x508

  9. Write 0 to Core Register 0x50A

  10. Write 0 to Core Register 0x54C

  11. Write 0x14 to Core Register 0x56A

  12. Write 0x826 to Core Register 0x568

  13. Write 0 to Core Register 0x500

  14. If argument pa_on is false and this is an N PHY
    1. Read PHY Register 0x91 and save the result

    2. Read PHY Register 0x92 and save the result

    3. If the radio chanspec bitwise ANDed with 0xF000 equals 0x1000 (5 GHz)
      1. Set an override value to 0x180
    4. Otherwise (2.4 GHz)
      1. Set an override value of 0x120
    5. Write the override value to Phy Register 0x91

    6. Write the override value to Phy Register 0x92

  15. If this is a N PHY (type == 4) or an SSLPN PHY (type == 6)
    1. Set a mask to 0xD0
  16. Else if this is an LP PHY (type == 5)
    1. Set a mask to 0x50
  17. Otherwise
    1. Set a mask to 0x30
  18. Write the mask to Core Register 0x502

  19. Spinwait until Core Register 0x50E has bit 0x80 set, at most 300 usecs for OFDM packets, 2500 usecs for CCCK packets, with a delay of 10 usecs

  20. Spinwait until Core Register 0x50E has bit 0x400 set, at most 100 usecs, with a delay of 10 usecs

  21. Spinwait until Core Register 0x690 has bit 0x100 unset, at most 100 usecs, with a delay of 10 usecs

  22. If the input argument pa_on is zero and this is an N PHY
    1. Write the saved value to PHY Register 0x91

    2. Write the saved value to PHY Register 0x92


Exported/Archived from the wiki to HTML on 2016-10-27