494 int error;
495
496 device_set_usb_desc(self);
497 sc->sc_udev = uaa->device;
498 sc->sc_dev = self;
499 if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E)
500 sc->chip |= URTWN_CHIP_88E;
501
502#ifdef USB_DEBUG
503 int debug;
504 if (resource_int_value(device_get_name(sc->sc_dev),
505 device_get_unit(sc->sc_dev), "debug", &debug) == 0)
506 sc->sc_debug = debug;
507#endif
508
509 mtx_init(&sc->sc_mtx, device_get_nameunit(self),
510 MTX_NETWORK_LOCK, MTX_DEF);
511 URTWN_CMDQ_LOCK_INIT(sc);
512 URTWN_NT_LOCK_INIT(sc);
513 callout_init(&sc->sc_calib_to, 0);
514 callout_init(&sc->sc_watchdog_ch, 0);
515 mbufq_init(&sc->sc_snd, ifqmaxlen);
516
517 sc->sc_iface_index = URTWN_IFACE_INDEX;
518 error = usbd_transfer_setup(uaa->device, &sc->sc_iface_index,
519 sc->sc_xfer, urtwn_config, URTWN_N_TRANSFER, sc, &sc->sc_mtx);
520 if (error) {
521 device_printf(self, "could not allocate USB transfers, "
522 "err=%s\n", usbd_errstr(error));
523 goto detach;
524 }
525
526 URTWN_LOCK(sc);
527
528 error = urtwn_read_chipid(sc);
529 if (error) {
530 device_printf(sc->sc_dev, "unsupported test chip\n");
531 URTWN_UNLOCK(sc);
532 goto detach;
533 }
534
535 /* Determine number of Tx/Rx chains. */
536 if (sc->chip & URTWN_CHIP_92C) {
537 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2;
538 sc->nrxchains = 2;
539 } else {
540 sc->ntxchains = 1;
541 sc->nrxchains = 1;
542 }
543
544 if (sc->chip & URTWN_CHIP_88E)
545 error = urtwn_r88e_read_rom(sc);
546 else
547 error = urtwn_read_rom(sc);
548 if (error != 0) {
549 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n",
550 __func__, error);
551 URTWN_UNLOCK(sc);
552 goto detach;
553 }
554
555 device_printf(sc->sc_dev, "MAC/BB RTL%s, RF 6052 %dT%dR\n",
556 (sc->chip & URTWN_CHIP_92C) ? "8192CU" :
557 (sc->chip & URTWN_CHIP_88E) ? "8188EU" :
558 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" :
559 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" :
560 "8188CUS", sc->ntxchains, sc->nrxchains);
561
562 URTWN_UNLOCK(sc);
563
564 ic->ic_softc = sc;
565 ic->ic_name = device_get_nameunit(self);
566 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
567 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
568
569 /* set device capabilities */
570 ic->ic_caps =
571 IEEE80211_C_STA /* station mode */
572 | IEEE80211_C_MONITOR /* monitor mode */
573 | IEEE80211_C_IBSS /* adhoc mode */
574 | IEEE80211_C_HOSTAP /* hostap mode */
575 | IEEE80211_C_SHPREAMBLE /* short preamble supported */
576 | IEEE80211_C_SHSLOT /* short slot time supported */
577#if 0
578 | IEEE80211_C_BGSCAN /* capable of bg scanning */
579#endif
580 | IEEE80211_C_WPA /* 802.11i */
581 | IEEE80211_C_WME /* 802.11e */
582 | IEEE80211_C_SWAMSDUTX /* Do software A-MSDU TX */
583 | IEEE80211_C_FF /* Atheros fast-frames */
584 ;
585
586 ic->ic_cryptocaps =
587 IEEE80211_CRYPTO_WEP |
588 IEEE80211_CRYPTO_TKIP |
589 IEEE80211_CRYPTO_AES_CCM;
590
591 /* Assume they're all 11n capable for now */
592 if (urtwn_enable_11n) {
593 device_printf(self, "enabling 11n\n");
594 ic->ic_htcaps = IEEE80211_HTC_HT |
595#if 0
596 IEEE80211_HTC_AMPDU |
597#endif
598 IEEE80211_HTC_AMSDU |
599 IEEE80211_HTCAP_MAXAMSDU_3839 |
600 IEEE80211_HTCAP_SMPS_OFF;
601 /* no HT40 just yet */
602 // ic->ic_htcaps |= IEEE80211_HTCAP_CHWIDTH40;
603
604 /* XXX TODO: verify chains versus streams for urtwn */
605 ic->ic_txstream = sc->ntxchains;
606 ic->ic_rxstream = sc->nrxchains;
607 }
608
609 memset(bands, 0, sizeof(bands));
610 setbit(bands, IEEE80211_MODE_11B);
611 setbit(bands, IEEE80211_MODE_11G);
612 if (urtwn_enable_11n)
613 setbit(bands, IEEE80211_MODE_11NG);
614 ieee80211_init_channels(ic, NULL, bands);
615
616 ieee80211_ifattach(ic);
617 ic->ic_raw_xmit = urtwn_raw_xmit;
618 ic->ic_scan_start = urtwn_scan_start;
619 ic->ic_scan_end = urtwn_scan_end;
620 ic->ic_set_channel = urtwn_set_channel;
621 ic->ic_transmit = urtwn_transmit;
622 ic->ic_parent = urtwn_parent;
623 ic->ic_vap_create = urtwn_vap_create;
624 ic->ic_vap_delete = urtwn_vap_delete;
625 ic->ic_wme.wme_update = urtwn_wme_update;
626 ic->ic_updateslot = urtwn_update_slot;
627 ic->ic_update_promisc = urtwn_update_promisc;
628 ic->ic_update_mcast = urtwn_update_mcast;
629 if (sc->chip & URTWN_CHIP_88E) {
630 ic->ic_node_alloc = urtwn_node_alloc;
631 ic->ic_newassoc = urtwn_newassoc;
632 sc->sc_node_free = ic->ic_node_free;
633 ic->ic_node_free = urtwn_node_free;
634 }
635 ic->ic_update_chw = urtwn_update_chw;
636 ic->ic_ampdu_enable = urtwn_ampdu_enable;
637
638 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr,
639 sizeof(sc->sc_txtap), URTWN_TX_RADIOTAP_PRESENT,
640 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap),
641 URTWN_RX_RADIOTAP_PRESENT);
642
643 TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc);
644
645 urtwn_sysctlattach(sc);
646
647 if (bootverbose)
648 ieee80211_announce(ic);
649
650 return (0);
651
652detach:
653 urtwn_detach(self);
654 return (ENXIO); /* failure */
655}
656
657static void
658urtwn_sysctlattach(struct urtwn_softc *sc)
659{
660#ifdef USB_DEBUG
661 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev);
662 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev);
663
664 SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
665 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug,
666 "control debugging printfs");
667#endif
668}
669
670static int
671urtwn_detach(device_t self)
672{
673 struct urtwn_softc *sc = device_get_softc(self);
674 struct ieee80211com *ic = &sc->sc_ic;
675 unsigned int x;
676
677 /* Prevent further ioctls. */
678 URTWN_LOCK(sc);
679 sc->sc_flags |= URTWN_DETACHED;
680 URTWN_UNLOCK(sc);
681
682 urtwn_stop(sc);
683
684 callout_drain(&sc->sc_watchdog_ch);
685 callout_drain(&sc->sc_calib_to);
686
687 /* stop all USB transfers */
688 usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER);
689
690 /* Prevent further allocations from RX/TX data lists. */
691 URTWN_LOCK(sc);
692 STAILQ_INIT(&sc->sc_tx_active);
693 STAILQ_INIT(&sc->sc_tx_inactive);
694 STAILQ_INIT(&sc->sc_tx_pending);
695
696 STAILQ_INIT(&sc->sc_rx_active);
697 STAILQ_INIT(&sc->sc_rx_inactive);
698 URTWN_UNLOCK(sc);
699
700 /* drain USB transfers */
701 for (x = 0; x != URTWN_N_TRANSFER; x++)
702 usbd_transfer_drain(sc->sc_xfer[x]);
703
704 /* Free data buffers. */
705 URTWN_LOCK(sc);
706 urtwn_free_tx_list(sc);
707 urtwn_free_rx_list(sc);
708 URTWN_UNLOCK(sc);
709
710 if (ic->ic_softc == sc) {
711 ieee80211_draintask(ic, &sc->cmdq_task);
712 ieee80211_ifdetach(ic);
713 }
714
715 URTWN_NT_LOCK_DESTROY(sc);
716 URTWN_CMDQ_LOCK_DESTROY(sc);
717 mtx_destroy(&sc->sc_mtx);
718
719 return (0);
720}
721
722static void
723urtwn_drain_mbufq(struct urtwn_softc *sc)
724{
725 struct mbuf *m;
726 struct ieee80211_node *ni;
727 URTWN_ASSERT_LOCKED(sc);
728 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
729 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
730 m->m_pkthdr.rcvif = NULL;
731 ieee80211_free_node(ni);
732 m_freem(m);
733 }
734}
735
736static usb_error_t
737urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req,
738 void *data)
739{
740 usb_error_t err;
741 int ntries = 10;
742
743 URTWN_ASSERT_LOCKED(sc);
744
745 while (ntries--) {
746 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx,
747 req, data, 0, NULL, 250 /* ms */);
748 if (err == 0)
749 break;
750
751 URTWN_DPRINTF(sc, URTWN_DEBUG_USB,
752 "%s: control request failed, %s (retries left: %d)\n",
753 __func__, usbd_errstr(err), ntries);
754 usb_pause_mtx(&sc->sc_mtx, hz / 100);
755 }
756 return (err);
757}
758
759static struct ieee80211vap *
760urtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit,
761 enum ieee80211_opmode opmode, int flags,
762 const uint8_t bssid[IEEE80211_ADDR_LEN],
763 const uint8_t mac[IEEE80211_ADDR_LEN])
764{
765 struct urtwn_softc *sc = ic->ic_softc;
766 struct urtwn_vap *uvp;
767 struct ieee80211vap *vap;
768
769 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */
770 return (NULL);
771
772 uvp = malloc(sizeof(struct urtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO);
773 vap = &uvp->vap;
774 /* enable s/w bmiss handling for sta mode */
775
776 if (ieee80211_vap_setup(ic, vap, name, unit, opmode,
777 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) {
778 /* out of memory */
779 free(uvp, M_80211_VAP);
780 return (NULL);
781 }
782
783 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS)
784 urtwn_init_beacon(sc, uvp);
785
786 /* override state transition machine */
787 uvp->newstate = vap->iv_newstate;
788 vap->iv_newstate = urtwn_newstate;
789 vap->iv_update_beacon = urtwn_update_beacon;
790 vap->iv_key_alloc = urtwn_key_alloc;
791 vap->iv_key_set = urtwn_key_set;
792 vap->iv_key_delete = urtwn_key_delete;
793
794 /* 802.11n parameters */
795 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_16;
796 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K;
797
798 if (opmode == IEEE80211_M_IBSS) {
799 uvp->recv_mgmt = vap->iv_recv_mgmt;
800 vap->iv_recv_mgmt = urtwn_ibss_recv_mgmt;
801 TASK_INIT(&uvp->tsf_task_adhoc, 0, urtwn_tsf_task_adhoc, vap);
802 }
803
804 if (URTWN_CHIP_HAS_RATECTL(sc))
805 ieee80211_ratectl_init(vap);
806 /* complete setup */
807 ieee80211_vap_attach(vap, ieee80211_media_change,
808 ieee80211_media_status, mac);
809 ic->ic_opmode = opmode;
810 return (vap);
811}
812
813static void
814urtwn_vap_delete(struct ieee80211vap *vap)
815{
816 struct ieee80211com *ic = vap->iv_ic;
817 struct urtwn_softc *sc = ic->ic_softc;
818 struct urtwn_vap *uvp = URTWN_VAP(vap);
819
820 if (uvp->bcn_mbuf != NULL)
821 m_freem(uvp->bcn_mbuf);
822 if (vap->iv_opmode == IEEE80211_M_IBSS)
823 ieee80211_draintask(ic, &uvp->tsf_task_adhoc);
824 if (URTWN_CHIP_HAS_RATECTL(sc))
825 ieee80211_ratectl_deinit(vap);
826 ieee80211_vap_detach(vap);
827 free(uvp, M_80211_VAP);
828}
829
830static struct mbuf *
831urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat,
832 int totlen)
833{
834 struct ieee80211com *ic = &sc->sc_ic;
835 struct mbuf *m;
836 uint32_t rxdw0;
837 int pktlen;
838
839 /*
840 * don't pass packets to the ieee80211 framework if the driver isn't
841 * RUNNING.
842 */
843 if (!(sc->sc_flags & URTWN_RUNNING))
844 return (NULL);
845
846 rxdw0 = le32toh(stat->rxdw0);
847 if (rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR)) {
848 /*
849 * This should not happen since we setup our Rx filter
850 * to not receive these frames.
851 */
852 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
853 "%s: RX flags error (%s)\n", __func__,
854 rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV");
855 goto fail;
856 }
857
858 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN);
859 if (pktlen < sizeof(struct ieee80211_frame_ack)) {
860 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
861 "%s: frame is too short: %d\n", __func__, pktlen);
862 goto fail;
863 }
864
865 if (__predict_false(totlen > MCLBYTES)) {
866 /* convert to m_getjcl if this happens */
867 device_printf(sc->sc_dev, "%s: frame too long: %d (%d)\n",
868 __func__, pktlen, totlen);
869 goto fail;
870 }
871
872 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
873 if (__predict_false(m == NULL)) {
874 device_printf(sc->sc_dev, "%s: could not allocate RX mbuf\n",
875 __func__);
876 goto fail;
877 }
878
879 /* Finalize mbuf. */
880 memcpy(mtod(m, uint8_t *), (uint8_t *)stat, totlen);
881 m->m_pkthdr.len = m->m_len = totlen;
882
883 return (m);
884fail:
885 counter_u64_add(ic->ic_ierrors, 1);
886 return (NULL);
887}
888
889static struct mbuf *
890urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data)
891{
892 struct urtwn_softc *sc = data->sc;
893 struct ieee80211com *ic = &sc->sc_ic;
894 struct r92c_rx_stat *stat;
895 uint8_t *buf;
896 int len;
897
898 usbd_xfer_status(xfer, &len, NULL, NULL, NULL);
899
900 if (len < sizeof(*stat)) {
901 counter_u64_add(ic->ic_ierrors, 1);
902 return (NULL);
903 }
904
905 buf = data->buf;
906 stat = (struct r92c_rx_stat *)buf;
907
908 /*
909 * For 88E chips we can tie the FF flushing here;
910 * this is where we do know exactly how deep the
911 * transmit queue is.
912 *
913 * But it won't work for R92 chips, so we can't
914 * take the easy way out.
915 */
916
917 if (sc->chip & URTWN_CHIP_88E) {
918 int report_sel = MS(le32toh(stat->rxdw3), R88E_RXDW3_RPT);
919
920 switch (report_sel) {
921 case R88E_RXDW3_RPT_RX:
922 return (urtwn_rxeof(sc, buf, len));
923 case R88E_RXDW3_RPT_TX1:
924 urtwn_r88e_ratectl_tx_complete(sc, &stat[1]);
925 break;
926 default:
927 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR,
928 "%s: case %d was not handled\n", __func__,
929 report_sel);
930 break;
931 }
932 } else
933 return (urtwn_rxeof(sc, buf, len));
934
935 return (NULL);
936}
937
938static struct mbuf *
939urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len)
940{
941 struct r92c_rx_stat *stat;
942 struct mbuf *m, *m0 = NULL, *prevm = NULL;
943 uint32_t rxdw0;
944 int totlen, pktlen, infosz, npkts;
945
946 /* Get the number of encapsulated frames. */
947 stat = (struct r92c_rx_stat *)buf;
948 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT);
949 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
950 "%s: Rx %d frames in one chunk\n", __func__, npkts);
951
952 /* Process all of them. */
953 while (npkts-- > 0) {
954 if (len < sizeof(*stat))
955 break;
956 stat = (struct r92c_rx_stat *)buf;
957 rxdw0 = le32toh(stat->rxdw0);
958
959 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN);
960 if (pktlen == 0)
961 break;
962
963 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8;
964
965 /* Make sure everything fits in xfer. */
966 totlen = sizeof(*stat) + infosz + pktlen;
967 if (totlen > len)
968 break;
969
970 m = urtwn_rx_copy_to_mbuf(sc, stat, totlen);
971 if (m0 == NULL)
972 m0 = m;
973 if (prevm == NULL)
974 prevm = m;
975 else {
976 prevm->m_next = m;
977 prevm = m;
978 }
979
980 /* Next chunk is 128-byte aligned. */
981 totlen = (totlen + 127) & ~127;
982 buf += totlen;
983 len -= totlen;
984 }
985
986 return (m0);
987}
988
989static void
990urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg)
991{
992 struct r88e_tx_rpt_ccx *rpt = arg;
993 struct ieee80211vap *vap;
994 struct ieee80211_node *ni;
995 uint8_t macid;
996 int ntries;
997
998 macid = MS(rpt->rptb1, R88E_RPTB1_MACID);
999 ntries = MS(rpt->rptb2, R88E_RPTB2_RETRY_CNT);
1000
1001 URTWN_NT_LOCK(sc);
1002 ni = sc->node_list[macid];
1003 if (ni != NULL) {
1004 vap = ni->ni_vap;
1005 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: frame for macid %d was"
1006 "%s sent (%d retries)\n", __func__, macid,
1007 (rpt->rptb1 & R88E_RPTB1_PKT_OK) ? "" : " not",
1008 ntries);
1009
1010 if (rpt->rptb1 & R88E_RPTB1_PKT_OK) {
1011 ieee80211_ratectl_tx_complete(vap, ni,
1012 IEEE80211_RATECTL_TX_SUCCESS, &ntries, NULL);
1013 } else {
1014 ieee80211_ratectl_tx_complete(vap, ni,
1015 IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL);
1016 }
1017 } else {
1018 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: macid %d, ni is NULL\n",
1019 __func__, macid);
1020 }
1021 URTWN_NT_UNLOCK(sc);
1022}
1023
1024static struct ieee80211_node *
1025urtwn_rx_frame(struct urtwn_softc *sc, struct mbuf *m, int8_t *rssi_p)
1026{
1027 struct ieee80211com *ic = &sc->sc_ic;
1028 struct ieee80211_frame_min *wh;
1029 struct r92c_rx_stat *stat;
1030 uint32_t rxdw0, rxdw3;
1031 uint8_t rate, cipher;
1032 int8_t rssi = -127;
1033 int infosz;
1034
1035 stat = mtod(m, struct r92c_rx_stat *);
1036 rxdw0 = le32toh(stat->rxdw0);
1037 rxdw3 = le32toh(stat->rxdw3);
1038
1039 rate = MS(rxdw3, R92C_RXDW3_RATE);
1040 cipher = MS(rxdw0, R92C_RXDW0_CIPHER);
1041 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8;
1042
1043 /* Get RSSI from PHY status descriptor if present. */
1044 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) {
1045 if (sc->chip & URTWN_CHIP_88E)
1046 rssi = urtwn_r88e_get_rssi(sc, rate, &stat[1]);
1047 else
1048 rssi = urtwn_get_rssi(sc, rate, &stat[1]);
1049 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: rssi=%d\n", __func__, rssi);
1050 /* Update our average RSSI. */
1051 urtwn_update_avgrssi(sc, rate, rssi);
1052 }
1053
1054 if (ieee80211_radiotap_active(ic)) {
1055 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap;
1056
1057 tap->wr_flags = 0;
1058
1059 urtwn_get_tsf(sc, &tap->wr_tsft);
1060 if (__predict_false(le32toh((uint32_t)tap->wr_tsft) <
1061 le32toh(stat->rxdw5))) {
1062 tap->wr_tsft = le32toh(tap->wr_tsft >> 32) - 1;
1063 tap->wr_tsft = (uint64_t)htole32(tap->wr_tsft) << 32;
1064 } else
1065 tap->wr_tsft &= 0xffffffff00000000;
1066 tap->wr_tsft += stat->rxdw5;
1067
1068 /* XXX 20/40? */
1069 /* XXX shortgi? */
1070
1071 /* Map HW rate index to 802.11 rate. */
1072 if (!(rxdw3 & R92C_RXDW3_HT)) {
1073 tap->wr_rate = ridx2rate[rate];
1074 } else if (rate >= 12) { /* MCS0~15. */
1075 /* Bit 7 set means HT MCS instead of rate. */
1076 tap->wr_rate = 0x80 | (rate - 12);
1077 }
1078
1079 /* XXX TODO: this isn't right; should use the last good RSSI */
1080 tap->wr_dbm_antsignal = rssi;
1081 tap->wr_dbm_antnoise = URTWN_NOISE_FLOOR;
1082 }
1083
1084 *rssi_p = rssi;
1085
1086 /* Drop descriptor. */
1087 m_adj(m, sizeof(*stat) + infosz);
1088 wh = mtod(m, struct ieee80211_frame_min *);
1089
1090 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) &&
1091 cipher != R92C_CAM_ALGO_NONE) {
1092 m->m_flags |= M_WEP;
1093 }
1094
1095 if (m->m_len >= sizeof(*wh))
1096 return (ieee80211_find_rxnode(ic, wh));
1097
1098 return (NULL);
1099}
1100
1101static void
1102urtwn_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error)
1103{
1104 struct urtwn_softc *sc = usbd_xfer_softc(xfer);
1105 struct ieee80211com *ic = &sc->sc_ic;
1106 struct ieee80211_node *ni;
1107 struct mbuf *m = NULL, *next;
1108 struct urtwn_data *data;
1109 int8_t nf, rssi;
1110
1111 URTWN_ASSERT_LOCKED(sc);
1112
1113 switch (USB_GET_STATE(xfer)) {
1114 case USB_ST_TRANSFERRED:
1115 data = STAILQ_FIRST(&sc->sc_rx_active);
1116 if (data == NULL)
1117 goto tr_setup;
1118 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next);
1119 m = urtwn_report_intr(xfer, data);
1120 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next);
1121 /* FALLTHROUGH */
1122 case USB_ST_SETUP:
1123tr_setup:
1124 data = STAILQ_FIRST(&sc->sc_rx_inactive);
1125 if (data == NULL) {
1126 KASSERT(m == NULL, ("mbuf isn't NULL"));
1127 goto finish;
1128 }
1129 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next);
1130 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next);
1131 usbd_xfer_set_frame_data(xfer, 0, data->buf,
1132 usbd_xfer_max_len(xfer));
1133 usbd_transfer_submit(xfer);
1134
1135 /*
1136 * To avoid LOR we should unlock our private mutex here to call
1137 * ieee80211_input() because here is at the end of a USB
1138 * callback and safe to unlock.
1139 */
1140 while (m != NULL) {
1141 next = m->m_next;
1142 m->m_next = NULL;
1143
1144 ni = urtwn_rx_frame(sc, m, &rssi);
1145
1146 /* Store a global last-good RSSI */
1147 if (rssi != -127)
1148 sc->last_rssi = rssi;
1149
1150 URTWN_UNLOCK(sc);
1151
1152 nf = URTWN_NOISE_FLOOR;
1153 if (ni != NULL) {
1154 if (rssi != -127)
1155 URTWN_NODE(ni)->last_rssi = rssi;
1156 if (ni->ni_flags & IEEE80211_NODE_HT)
1157 m->m_flags |= M_AMPDU;
1158 (void)ieee80211_input(ni, m,
1159 URTWN_NODE(ni)->last_rssi - nf, nf);
1160 ieee80211_free_node(ni);
1161 } else {
1162 /* Use last good global RSSI */
1163 (void)ieee80211_input_all(ic, m,
1164 sc->last_rssi - nf, nf);
1165 }
1166 URTWN_LOCK(sc);
1167 m = next;
1168 }
1169 break;
1170 default:
1171 /* needs it to the inactive queue due to a error. */
1172 data = STAILQ_FIRST(&sc->sc_rx_active);
1173 if (data != NULL) {
1174 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next);
1175 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next);
1176 }
1177 if (error != USB_ERR_CANCELLED) {
1178 usbd_xfer_set_stall(xfer);
1179 counter_u64_add(ic->ic_ierrors, 1);
1180 goto tr_setup;
1181 }
1182 break;
1183 }
1184finish:
1185 /* Finished receive; age anything left on the FF queue by a little bump */
1186 /*
1187 * XXX TODO: just make this a callout timer schedule so we can
1188 * flush the FF staging queue if we're approaching idle.
1189 */
1190#ifdef IEEE80211_SUPPORT_SUPERG
1191 URTWN_UNLOCK(sc);
1192 ieee80211_ff_age_all(ic, 1);
1193 URTWN_LOCK(sc);
1194#endif
1195
1196 /* Kick-start more transmit in case we stalled */
1197 urtwn_start(sc);
1198}
1199
1200static void
1201urtwn_txeof(struct urtwn_softc *sc, struct urtwn_data *data, int status)
1202{
1203
1204 URTWN_ASSERT_LOCKED(sc);
1205
1206 if (data->ni != NULL) /* not a beacon frame */
1207 ieee80211_tx_complete(data->ni, data->m, status);
1208
1209 if (sc->sc_tx_n_active > 0)
1210 sc->sc_tx_n_active--;
1211
1212 data->ni = NULL;
1213 data->m = NULL;
1214
1215 sc->sc_txtimer = 0;
1216
1217 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next);
1218}
1219
1220static int
1221urtwn_alloc_list(struct urtwn_softc *sc, struct urtwn_data data[],
1222 int ndata, int maxsz)
1223{
1224 int i, error;
1225
1226 for (i = 0; i < ndata; i++) {
1227 struct urtwn_data *dp = &data[i];
1228 dp->sc = sc;
1229 dp->m = NULL;
1230 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT);
1231 if (dp->buf == NULL) {
1232 device_printf(sc->sc_dev,
1233 "could not allocate buffer\n");
1234 error = ENOMEM;
1235 goto fail;
1236 }
1237 dp->ni = NULL;
1238 }
1239
1240 return (0);
1241fail:
1242 urtwn_free_list(sc, data, ndata);
1243 return (error);
1244}
1245
1246static int
1247urtwn_alloc_rx_list(struct urtwn_softc *sc)
1248{
1249 int error, i;
1250
1251 error = urtwn_alloc_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT,
1252 URTWN_RXBUFSZ);
1253 if (error != 0)
1254 return (error);
1255
1256 STAILQ_INIT(&sc->sc_rx_active);
1257 STAILQ_INIT(&sc->sc_rx_inactive);
1258
1259 for (i = 0; i < URTWN_RX_LIST_COUNT; i++)
1260 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next);
1261
1262 return (0);
1263}
1264
1265static int
1266urtwn_alloc_tx_list(struct urtwn_softc *sc)
1267{
1268 int error, i;
1269
1270 error = urtwn_alloc_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT,
1271 URTWN_TXBUFSZ);
1272 if (error != 0)
1273 return (error);
1274
1275 STAILQ_INIT(&sc->sc_tx_active);
1276 STAILQ_INIT(&sc->sc_tx_inactive);
1277 STAILQ_INIT(&sc->sc_tx_pending);
1278
1279 for (i = 0; i < URTWN_TX_LIST_COUNT; i++)
1280 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next);
1281
1282 return (0);
1283}
1284
1285static void
1286urtwn_free_list(struct urtwn_softc *sc, struct urtwn_data data[], int ndata)
1287{
1288 int i;
1289
1290 for (i = 0; i < ndata; i++) {
1291 struct urtwn_data *dp = &data[i];
1292
1293 if (dp->buf != NULL) {
1294 free(dp->buf, M_USBDEV);
1295 dp->buf = NULL;
1296 }
1297 if (dp->ni != NULL) {
1298 ieee80211_free_node(dp->ni);
1299 dp->ni = NULL;
1300 }
1301 }
1302}
1303
1304static void
1305urtwn_free_rx_list(struct urtwn_softc *sc)
1306{
1307 urtwn_free_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT);
1308}
1309
1310static void
1311urtwn_free_tx_list(struct urtwn_softc *sc)
1312{
1313 urtwn_free_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT);
1314}
1315
1316static void
1317urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error)
1318{
1319 struct urtwn_softc *sc = usbd_xfer_softc(xfer);
1320#ifdef IEEE80211_SUPPORT_SUPERG
1321 struct ieee80211com *ic = &sc->sc_ic;
1322#endif
1323 struct urtwn_data *data;
1324
1325 URTWN_ASSERT_LOCKED(sc);
1326
1327 switch (USB_GET_STATE(xfer)){
1328 case USB_ST_TRANSFERRED:
1329 data = STAILQ_FIRST(&sc->sc_tx_active);
1330 if (data == NULL)
1331 goto tr_setup;
1332 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next);
1333 urtwn_txeof(sc, data, 0);
1334 /* FALLTHROUGH */
1335 case USB_ST_SETUP:
1336tr_setup:
1337 data = STAILQ_FIRST(&sc->sc_tx_pending);
1338 if (data == NULL) {
1339 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT,
1340 "%s: empty pending queue\n", __func__);
1341 sc->sc_tx_n_active = 0;
1342 goto finish;
1343 }
1344 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next);
1345 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next);
1346 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen);
1347 usbd_transfer_submit(xfer);
1348 sc->sc_tx_n_active++;
1349 break;
1350 default:
1351 data = STAILQ_FIRST(&sc->sc_tx_active);
1352 if (data == NULL)
1353 goto tr_setup;
1354 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next);
1355 urtwn_txeof(sc, data, 1);
1356 if (error != USB_ERR_CANCELLED) {
1357 usbd_xfer_set_stall(xfer);
1358 goto tr_setup;
1359 }
1360 break;
1361 }
1362finish:
1363#ifdef IEEE80211_SUPPORT_SUPERG
1364 /*
1365 * If the TX active queue drops below a certain
1366 * threshold, ensure we age fast-frames out so they're
1367 * transmitted.
1368 */
1369 if (sc->sc_tx_n_active <= 1) {
1370 /* XXX ew - net80211 should defer this for us! */
1371
1372 /*
1373 * Note: this sc_tx_n_active currently tracks
1374 * the number of pending transmit submissions
1375 * and not the actual depth of the TX frames
1376 * pending to the hardware. That means that
1377 * we're going to end up with some sub-optimal
1378 * aggregation behaviour.
1379 */
1380 /*
1381 * XXX TODO: just make this a callout timer schedule so we can
1382 * flush the FF staging queue if we're approaching idle.
1383 */
1384 URTWN_UNLOCK(sc);
1385 ieee80211_ff_flush(ic, WME_AC_VO);
1386 ieee80211_ff_flush(ic, WME_AC_VI);
1387 ieee80211_ff_flush(ic, WME_AC_BE);
1388 ieee80211_ff_flush(ic, WME_AC_BK);
1389 URTWN_LOCK(sc);
1390 }
1391#endif
1392 /* Kick-start more transmit */
1393 urtwn_start(sc);
1394}
1395
1396static struct urtwn_data *
1397_urtwn_getbuf(struct urtwn_softc *sc)
1398{
1399 struct urtwn_data *bf;
1400
1401 bf = STAILQ_FIRST(&sc->sc_tx_inactive);
1402 if (bf != NULL)
1403 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next);
1404 else {
1405 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT,
1406 "%s: out of xmit buffers\n", __func__);
1407 }
1408 return (bf);
1409}
1410
1411static struct urtwn_data *
1412urtwn_getbuf(struct urtwn_softc *sc)
1413{
1414 struct urtwn_data *bf;
1415
1416 URTWN_ASSERT_LOCKED(sc);
1417
1418 bf = _urtwn_getbuf(sc);
1419 if (bf == NULL) {
1420 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: stop queue\n",
1421 __func__);
1422 }
1423 return (bf);
1424}
1425
1426static usb_error_t
1427urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf,
1428 int len)
1429{
1430 usb_device_request_t req;
1431
1432 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1433 req.bRequest = R92C_REQ_REGS;
1434 USETW(req.wValue, addr);
1435 USETW(req.wIndex, 0);
1436 USETW(req.wLength, len);
1437 return (urtwn_do_request(sc, &req, buf));
1438}
1439
1440static usb_error_t
1441urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val)
1442{
1443 return (urtwn_write_region_1(sc, addr, &val, sizeof(val)));
1444}
1445
1446static usb_error_t
1447urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val)
1448{
1449 val = htole16(val);
1450 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val)));
1451}
1452
1453static usb_error_t
1454urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val)
1455{
1456 val = htole32(val);
1457 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val)));
1458}
1459
1460static usb_error_t
1461urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf,
1462 int len)
1463{
1464 usb_device_request_t req;
1465
1466 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1467 req.bRequest = R92C_REQ_REGS;
1468 USETW(req.wValue, addr);
1469 USETW(req.wIndex, 0);
1470 USETW(req.wLength, len);
1471 return (urtwn_do_request(sc, &req, buf));
1472}
1473
1474static uint8_t
1475urtwn_read_1(struct urtwn_softc *sc, uint16_t addr)
1476{
1477 uint8_t val;
1478
1479 if (urtwn_read_region_1(sc, addr, &val, 1) != 0)
1480 return (0xff);
1481 return (val);
1482}
1483
1484static uint16_t
1485urtwn_read_2(struct urtwn_softc *sc, uint16_t addr)
1486{
1487 uint16_t val;
1488
1489 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 2) != 0)
1490 return (0xffff);
1491 return (le16toh(val));
1492}
1493
1494static uint32_t
1495urtwn_read_4(struct urtwn_softc *sc, uint16_t addr)
1496{
1497 uint32_t val;
1498
1499 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 4) != 0)
1500 return (0xffffffff);
1501 return (le32toh(val));
1502}
1503
1504static int
1505urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len)
1506{
1507 struct r92c_fw_cmd cmd;
1508 usb_error_t error;
1509 int ntries;
1510
1511 if (!(sc->sc_flags & URTWN_FW_LOADED)) {
1512 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, "%s: firmware "
1513 "was not loaded; command (id %d) will be discarded\n",
1514 __func__, id);
1515 return (0);
1516 }
1517
1518 /* Wait for current FW box to be empty. */
1519 for (ntries = 0; ntries < 100; ntries++) {
1520 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << sc->fwcur)))
1521 break;
1522 urtwn_ms_delay(sc);
1523 }
1524 if (ntries == 100) {
1525 device_printf(sc->sc_dev,
1526 "could not send firmware command\n");
1527 return (ETIMEDOUT);
1528 }
1529 memset(&cmd, 0, sizeof(cmd));
1530 cmd.id = id;
1531 if (len > 3)
1532 cmd.id |= R92C_CMD_FLAG_EXT;
1533 KASSERT(len <= sizeof(cmd.msg), ("urtwn_fw_cmd\n"));
1534 memcpy(cmd.msg, buf, len);
1535
1536 /* Write the first word last since that will trigger the FW. */
1537 error = urtwn_write_region_1(sc, R92C_HMEBOX_EXT(sc->fwcur),
1538 (uint8_t *)&cmd + 4, 2);
1539 if (error != USB_ERR_NORMAL_COMPLETION)
1540 return (EIO);
1541 error = urtwn_write_region_1(sc, R92C_HMEBOX(sc->fwcur),
1542 (uint8_t *)&cmd + 0, 4);
1543 if (error != USB_ERR_NORMAL_COMPLETION)
1544 return (EIO);
1545
1546 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX;
1547 return (0);
1548}
1549
1550static void
1551urtwn_cmdq_cb(void *arg, int pending)
1552{
1553 struct urtwn_softc *sc = arg;
1554 struct urtwn_cmdq *item;
1555
1556 /*
1557 * Device must be powered on (via urtwn_power_on())
1558 * before any command may be sent.
1559 */
1560 URTWN_LOCK(sc);
1561 if (!(sc->sc_flags & URTWN_RUNNING)) {
1562 URTWN_UNLOCK(sc);
1563 return;
1564 }
1565
1566 URTWN_CMDQ_LOCK(sc);
1567 while (sc->cmdq[sc->cmdq_first].func != NULL) {
1568 item = &sc->cmdq[sc->cmdq_first];
1569 sc->cmdq_first = (sc->cmdq_first + 1) % URTWN_CMDQ_SIZE;
1570 URTWN_CMDQ_UNLOCK(sc);
1571
1572 item->func(sc, &item->data);
1573
1574 URTWN_CMDQ_LOCK(sc);
1575 memset(item, 0, sizeof (*item));
1576 }
1577 URTWN_CMDQ_UNLOCK(sc);
1578 URTWN_UNLOCK(sc);
1579}
1580
1581static int
1582urtwn_cmd_sleepable(struct urtwn_softc *sc, const void *ptr, size_t len,
1583 CMD_FUNC_PROTO)
1584{
1585 struct ieee80211com *ic = &sc->sc_ic;
1586
1587 KASSERT(len <= sizeof(union sec_param), ("buffer overflow"));
1588
1589 URTWN_CMDQ_LOCK(sc);
1590 if (sc->cmdq[sc->cmdq_last].func != NULL) {
1591 device_printf(sc->sc_dev, "%s: cmdq overflow\n", __func__);
1592 URTWN_CMDQ_UNLOCK(sc);
1593
1594 return (EAGAIN);
1595 }
1596
1597 if (ptr != NULL)
1598 memcpy(&sc->cmdq[sc->cmdq_last].data, ptr, len);
1599 sc->cmdq[sc->cmdq_last].func = func;
1600 sc->cmdq_last = (sc->cmdq_last + 1) % URTWN_CMDQ_SIZE;
1601 URTWN_CMDQ_UNLOCK(sc);
1602
1603 ieee80211_runtask(ic, &sc->cmdq_task);
1604
1605 return (0);
1606}
1607
1608static __inline void
1609urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val)
1610{
1611
1612 sc->sc_rf_write(sc, chain, addr, val);
1613}
1614
1615static void
1616urtwn_r92c_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr,
1617 uint32_t val)
1618{
1619 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain),
1620 SM(R92C_LSSI_PARAM_ADDR, addr) |
1621 SM(R92C_LSSI_PARAM_DATA, val));
1622}
1623
1624static void
1625urtwn_r88e_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr,
1626uint32_t val)
1627{
1628 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain),
1629 SM(R88E_LSSI_PARAM_ADDR, addr) |
1630 SM(R92C_LSSI_PARAM_DATA, val));
1631}
1632
1633static uint32_t
1634urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr)
1635{
1636 uint32_t reg[R92C_MAX_CHAINS], val;
1637
1638 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0));
1639 if (chain != 0)
1640 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain));
1641
1642 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0),
1643 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE);
1644 urtwn_ms_delay(sc);
1645
1646 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain),
1647 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) |
1648 R92C_HSSI_PARAM2_READ_EDGE);
1649 urtwn_ms_delay(sc);
1650
1651 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0),
1652 reg[0] | R92C_HSSI_PARAM2_READ_EDGE);
1653 urtwn_ms_delay(sc);
1654
1655 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI)
1656 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain));
1657 else
1658 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain));
1659 return (MS(val, R92C_LSSI_READBACK_DATA));
1660}
1661
1662static int
1663urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data)
1664{
1665 usb_error_t error;
1666 int ntries;
1667
1668 error = urtwn_write_4(sc, R92C_LLT_INIT,
1669 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) |
1670 SM(R92C_LLT_INIT_ADDR, addr) |
1671 SM(R92C_LLT_INIT_DATA, data));
1672 if (error != USB_ERR_NORMAL_COMPLETION)
1673 return (EIO);
1674 /* Wait for write operation to complete. */
1675 for (ntries = 0; ntries < 20; ntries++) {
1676 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) ==
1677 R92C_LLT_INIT_OP_NO_ACTIVE)
1678 return (0);
1679 urtwn_ms_delay(sc);
1680 }
1681 return (ETIMEDOUT);
1682}
1683
1684static int
1685urtwn_efuse_read_next(struct urtwn_softc *sc, uint8_t *val)
1686{
1687 uint32_t reg;
1688 usb_error_t error;
1689 int ntries;
1690
1691 if (sc->last_rom_addr >= URTWN_EFUSE_MAX_LEN)
1692 return (EFAULT);
1693
1694 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL);
1695 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, sc->last_rom_addr);
1696 reg &= ~R92C_EFUSE_CTRL_VALID;
1697
1698 error = urtwn_write_4(sc, R92C_EFUSE_CTRL, reg);
1699 if (error != USB_ERR_NORMAL_COMPLETION)
1700 return (EIO);
1701 /* Wait for read operation to complete. */
1702 for (ntries = 0; ntries < 100; ntries++) {
1703 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL);
1704 if (reg & R92C_EFUSE_CTRL_VALID)
1705 break;
1706 urtwn_ms_delay(sc);
1707 }
1708 if (ntries == 100) {
1709 device_printf(sc->sc_dev,
1710 "could not read efuse byte at address 0x%x\n",
1711 sc->last_rom_addr);
1712 return (ETIMEDOUT);
1713 }
1714
1715 *val = MS(reg, R92C_EFUSE_CTRL_DATA);
1716 sc->last_rom_addr++;
1717
1718 return (0);
1719}
1720
1721static int
1722urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off,
1723 uint8_t msk)
1724{
1725 uint8_t reg;
1726 int i, error;
1727
1728 for (i = 0; i < 4; i++) {
1729 if (msk & (1 << i))
1730 continue;
1731 error = urtwn_efuse_read_next(sc, ®);
1732 if (error != 0)
1733 return (error);
1734 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n",
1735 off * 8 + i * 2, reg);
1736 rom[off * 8 + i * 2 + 0] = reg;
1737
1738 error = urtwn_efuse_read_next(sc, ®);
1739 if (error != 0)
1740 return (error);
1741 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n",
1742 off * 8 + i * 2 + 1, reg);
1743 rom[off * 8 + i * 2 + 1] = reg;
1744 }
1745
1746 return (0);
1747}
1748
1749#ifdef USB_DEBUG
1750static void
1751urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size)
1752{
1753 int i;
1754
1755 /* Dump ROM contents. */
1756 device_printf(sc->sc_dev, "%s:", __func__);
1757 for (i = 0; i < size; i++) {
1758 if (i % 32 == 0)
1759 printf("\n%03X: ", i);
1760 else if (i % 4 == 0)
1761 printf(" ");
1762
1763 printf("%02X", rom[i]);
1764 }
1765 printf("\n");
1766}
1767#endif
1768
1769static int
1770urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size)
1771{
1772#define URTWN_CHK(res) do { \
1773 if ((error = res) != 0) \
1774 goto end; \
1775} while(0)
1776 uint8_t msk, off, reg;
1777 int error;
1778
1779 URTWN_CHK(urtwn_efuse_switch_power(sc));
1780
1781 /* Read full ROM image. */
1782 sc->last_rom_addr = 0;
1783 memset(rom, 0xff, size);
1784
1785 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1786 while (reg != 0xff) {
1787 /* check for extended header */
1788 if ((sc->chip & URTWN_CHIP_88E) && (reg & 0x1f) == 0x0f) {
1789 off = reg >> 5;
1790 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1791
1792 if ((reg & 0x0f) != 0x0f)
1793 off = ((reg & 0xf0) >> 1) | off;
1794 else
1795 continue;
1796 } else
1797 off = reg >> 4;
1798 msk = reg & 0xf;
1799
1800 URTWN_CHK(urtwn_efuse_read_data(sc, rom, off, msk));
1801 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1802 }
1803
1804end:
1805
1806#ifdef USB_DEBUG
1807 if (sc->sc_debug & URTWN_DEBUG_ROM)
1808 urtwn_dump_rom_contents(sc, rom, size);
1809#endif
1810
1811 urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_OFF);
1812
1813 if (error != 0) {
1814 device_printf(sc->sc_dev, "%s: error while reading ROM\n",
1815 __func__);
1816 }
1817
1818 return (error);
1819#undef URTWN_CHK
1820}
1821
1822static int
1823urtwn_efuse_switch_power(struct urtwn_softc *sc)
1824{
1825 usb_error_t error;
1826 uint32_t reg;
1827
1828 error = urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_ON);
1829 if (error != USB_ERR_NORMAL_COMPLETION)
1830 return (EIO);
1831
1832 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL);
1833 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) {
1834 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL,
1835 reg | R92C_SYS_ISO_CTRL_PWC_EV12V);
1836 if (error != USB_ERR_NORMAL_COMPLETION)
1837 return (EIO);
1838 }
1839 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
1840 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) {
1841 error = urtwn_write_2(sc, R92C_SYS_FUNC_EN,
1842 reg | R92C_SYS_FUNC_EN_ELDR);
1843 if (error != USB_ERR_NORMAL_COMPLETION)
1844 return (EIO);
1845 }
1846 reg = urtwn_read_2(sc, R92C_SYS_CLKR);
1847 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) !=
1848 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) {
1849 error = urtwn_write_2(sc, R92C_SYS_CLKR,
1850 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M);
1851 if (error != USB_ERR_NORMAL_COMPLETION)
1852 return (EIO);
1853 }
1854
1855 return (0);
1856}
1857
1858static int
1859urtwn_read_chipid(struct urtwn_softc *sc)
1860{
1861 uint32_t reg;
1862
1863 if (sc->chip & URTWN_CHIP_88E)
1864 return (0);
1865
1866 reg = urtwn_read_4(sc, R92C_SYS_CFG);
1867 if (reg & R92C_SYS_CFG_TRP_VAUX_EN)
1868 return (EIO);
1869
1870 if (reg & R92C_SYS_CFG_TYPE_92C) {
1871 sc->chip |= URTWN_CHIP_92C;
1872 /* Check if it is a castrated 8192C. */
1873 if (MS(urtwn_read_4(sc, R92C_HPON_FSM),
1874 R92C_HPON_FSM_CHIP_BONDING_ID) ==
1875 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R)
1876 sc->chip |= URTWN_CHIP_92C_1T2R;
1877 }
1878 if (reg & R92C_SYS_CFG_VENDOR_UMC) {
1879 sc->chip |= URTWN_CHIP_UMC;
1880 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0)
1881 sc->chip |= URTWN_CHIP_UMC_A_CUT;
1882 }
1883 return (0);
1884}
1885
1886static int
1887urtwn_read_rom(struct urtwn_softc *sc)
1888{
1889 struct r92c_rom *rom = &sc->rom.r92c_rom;
1890 int error;
1891
1892 /* Read full ROM image. */
1893 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(*rom));
1894 if (error != 0)
1895 return (error);
1896
1897 /* XXX Weird but this is what the vendor driver does. */
1898 sc->last_rom_addr = 0x1fa;
1899 error = urtwn_efuse_read_next(sc, &sc->pa_setting);
1900 if (error != 0)
1901 return (error);
1902 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: PA setting=0x%x\n", __func__,
1903 sc->pa_setting);
1904
1905 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE);
1906
1907 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY);
1908 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type=%d\n",
1909 __func__, sc->regulatory);
1910 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr);
1911
1912 sc->sc_rf_write = urtwn_r92c_rf_write;
1913 sc->sc_power_on = urtwn_r92c_power_on;
1914 sc->sc_power_off = urtwn_r92c_power_off;
1915
1916 return (0);
1917}
1918
1919static int
1920urtwn_r88e_read_rom(struct urtwn_softc *sc)
1921{
1922 struct r88e_rom *rom = &sc->rom.r88e_rom;
1923 int error;
1924
1925 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(sc->rom.r88e_rom));
1926 if (error != 0)
1927 return (error);
1928
1929 sc->bw20_tx_pwr_diff = (rom->tx_pwr_diff >> 4);
1930 if (sc->bw20_tx_pwr_diff & 0x08)
1931 sc->bw20_tx_pwr_diff |= 0xf0;
1932 sc->ofdm_tx_pwr_diff = (rom->tx_pwr_diff & 0xf);
1933 if (sc->ofdm_tx_pwr_diff & 0x08)
1934 sc->ofdm_tx_pwr_diff |= 0xf0;
1935 sc->regulatory = MS(rom->rf_board_opt, R92C_ROM_RF1_REGULATORY);
1936 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type %d\n",
1937 __func__,sc->regulatory);
1938 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr);
1939
1940 sc->sc_rf_write = urtwn_r88e_rf_write;
1941 sc->sc_power_on = urtwn_r88e_power_on;
1942 sc->sc_power_off = urtwn_r88e_power_off;
1943
1944 return (0);
1945}
1946
1947static __inline uint8_t
1948rate2ridx(uint8_t rate)
1949{
1950 if (rate & IEEE80211_RATE_MCS) {
1951 /* 11n rates start at idx 12 */
1952 return ((rate & 0xf) + 12);
1953 }
1954 switch (rate) {
1955 /* 11g */
1956 case 12: return 4;
1957 case 18: return 5;
1958 case 24: return 6;
1959 case 36: return 7;
1960 case 48: return 8;
1961 case 72: return 9;
1962 case 96: return 10;
1963 case 108: return 11;
1964 /* 11b */
1965 case 2: return 0;
1966 case 4: return 1;
1967 case 11: return 2;
1968 case 22: return 3;
1969 default: return URTWN_RIDX_UNKNOWN;
1970 }
1971}
1972
1973/*
1974 * Initialize rate adaptation in firmware.
1975 */
1976static int
1977urtwn_ra_init(struct urtwn_softc *sc)
1978{
1979 struct ieee80211com *ic = &sc->sc_ic;
1980 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
1981 struct ieee80211_node *ni;
1982 struct ieee80211_rateset *rs, *rs_ht;
1983 struct r92c_fw_cmd_macid_cfg cmd;
1984 uint32_t rates, basicrates;
1985 uint8_t mode, ridx;
1986 int maxrate, maxbasicrate, error, i;
1987
1988 ni = ieee80211_ref_node(vap->iv_bss);
1989 rs = &ni->ni_rates;
1990 rs_ht = (struct ieee80211_rateset *) &ni->ni_htrates;
1991
1992 /* Get normal and basic rates mask. */
1993 rates = basicrates = 0;
1994 maxrate = maxbasicrate = 0;
1995
1996 /* This is for 11bg */
1997 for (i = 0; i < rs->rs_nrates; i++) {
1998 /* Convert 802.11 rate to HW rate index. */
1999 ridx = rate2ridx(IEEE80211_RV(rs->rs_rates[i]));
2000 if (ridx == URTWN_RIDX_UNKNOWN) /* Unknown rate, skip. */
2001 continue;
2002 rates |= 1 << ridx;
2003 if (ridx > maxrate)
2004 maxrate = ridx;
2005 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) {
2006 basicrates |= 1 << ridx;
2007 if (ridx > maxbasicrate)
2008 maxbasicrate = ridx;
2009 }
2010 }
2011
2012 /* If we're doing 11n, enable 11n rates */
2013 if (ni->ni_flags & IEEE80211_NODE_HT) {
2014 for (i = 0; i < rs_ht->rs_nrates; i++) {
2015 if ((rs_ht->rs_rates[i] & 0x7f) > 0xf)
2016 continue;
2017 /* 11n rates start at index 12 */
2018 ridx = ((rs_ht->rs_rates[i]) & 0xf) + 12;
2019 rates |= (1 << ridx);
2020
2021 /* Guard against the rate table being oddly ordered */
2022 if (ridx > maxrate)
2023 maxrate = ridx;
2024 }
2025 }
2026
2027#if 0
2028 if (ic->ic_curmode == IEEE80211_MODE_11NG)
2029 raid = R92C_RAID_11GN;
2030#endif
2031 /* NB: group addressed frames are done at 11bg rates for now */
2032 if (ic->ic_curmode == IEEE80211_MODE_11B)
2033 mode = R92C_RAID_11B;
2034 else
2035 mode = R92C_RAID_11BG;
2036 /* XXX misleading 'mode' value here for unicast frames */
2037 URTWN_DPRINTF(sc, URTWN_DEBUG_RA,
2038 "%s: mode 0x%x, rates 0x%08x, basicrates 0x%08x\n", __func__,
2039 mode, rates, basicrates);
2040
2041 /* Set rates mask for group addressed frames. */
2042 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID;
2043 cmd.mask = htole32(mode << 28 | basicrates);
2044 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd));
2045 if (error != 0) {
2046 ieee80211_free_node(ni);
2047 device_printf(sc->sc_dev,
2048 "could not add broadcast station\n");
2049 return (error);
2050 }
2051
2052 /* Set initial MRR rate. */
2053 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxbasicrate %d\n", __func__,
2054 maxbasicrate);
2055 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC),
2056 maxbasicrate);
2057
2058 /* Set rates mask for unicast frames. */
2059 if (ni->ni_flags & IEEE80211_NODE_HT)
2060 mode = R92C_RAID_11GN;
2061 else if (ic->ic_curmode == IEEE80211_MODE_11B)
2062 mode = R92C_RAID_11B;
2063 else
2064 mode = R92C_RAID_11BG;
2065 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID;
2066 cmd.mask = htole32(mode << 28 | rates);
2067 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd));
2068 if (error != 0) {
2069 ieee80211_free_node(ni);
2070 device_printf(sc->sc_dev, "could not add BSS station\n");
2071 return (error);
2072 }
2073 /* Set initial MRR rate. */
2074 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxrate %d\n", __func__,
2075 maxrate);
2076 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS),
2077 maxrate);
2078
2079 /* Indicate highest supported rate. */
2080 if (ni->ni_flags & IEEE80211_NODE_HT)
2081 ni->ni_txrate = rs_ht->rs_rates[rs_ht->rs_nrates - 1]
2082 | IEEE80211_RATE_MCS;
2083 else
2084 ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1];
2085 ieee80211_free_node(ni);
2086
2087 return (0);
2088}
2089
2090static void
2091urtwn_init_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp)
2092{
2093 struct r92c_tx_desc *txd = &uvp->bcn_desc;
2094
2095 txd->txdw0 = htole32(
2096 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | R92C_TXDW0_BMCAST |
2097 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
2098 txd->txdw1 = htole32(
2099 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_BEACON) |
2100 SM(R92C_TXDW1_RAID, R92C_RAID_11B));
2101
2102 if (sc->chip & URTWN_CHIP_88E) {
2103 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC));
2104 txd->txdseq |= htole16(R88E_TXDSEQ_HWSEQ_EN);
2105 } else {
2106 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC));
2107 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
2108 }
2109
2110 txd->txdw4 = htole32(R92C_TXDW4_DRVRATE);
2111 txd->txdw5 = htole32(SM(R92C_TXDW5_DATARATE, URTWN_RIDX_CCK1));
2112}
2113
2114static int
2115urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni)
2116{
2117 struct ieee80211vap *vap = ni->ni_vap;
2118 struct urtwn_vap *uvp = URTWN_VAP(vap);
2119 struct mbuf *m;
2120 int error;
2121
2122 URTWN_ASSERT_LOCKED(sc);
2123
2124 if (ni->ni_chan == IEEE80211_CHAN_ANYC)
2125 return (EINVAL);
2126
2127 m = ieee80211_beacon_alloc(ni);
2128 if (m == NULL) {
2129 device_printf(sc->sc_dev,
2130 "%s: could not allocate beacon frame\n", __func__);
2131 return (ENOMEM);
2132 }
2133
2134 if (uvp->bcn_mbuf != NULL)
2135 m_freem(uvp->bcn_mbuf);
2136
2137 uvp->bcn_mbuf = m;
2138
2139 if ((error = urtwn_tx_beacon(sc, uvp)) != 0)
2140 return (error);
2141
2142 /* XXX bcnq stuck workaround */
2143 if ((error = urtwn_tx_beacon(sc, uvp)) != 0)
2144 return (error);
2145
2146 URTWN_DPRINTF(sc, URTWN_DEBUG_BEACON, "%s: beacon was %srecognized\n",
2147 __func__, urtwn_read_1(sc, R92C_TDECTRL + 2) &
2148 (R92C_TDECTRL_BCN_VALID >> 16) ? "" : "not ");
2149
2150 return (0);
2151}
2152
2153static void
2154urtwn_update_beacon(struct ieee80211vap *vap, int item)
2155{
2156 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2157 struct urtwn_vap *uvp = URTWN_VAP(vap);
2158 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off;
2159 struct ieee80211_node *ni = vap->iv_bss;
2160 int mcast = 0;
2161
2162 URTWN_LOCK(sc);
2163 if (uvp->bcn_mbuf == NULL) {
2164 uvp->bcn_mbuf = ieee80211_beacon_alloc(ni);
2165 if (uvp->bcn_mbuf == NULL) {
2166 device_printf(sc->sc_dev,
2167 "%s: could not allocate beacon frame\n", __func__);
2168 URTWN_UNLOCK(sc);
2169 return;
2170 }
2171 }
2172 URTWN_UNLOCK(sc);
2173
2174 if (item == IEEE80211_BEACON_TIM)
2175 mcast = 1; /* XXX */
2176
2177 setbit(bo->bo_flags, item);
2178 ieee80211_beacon_update(ni, uvp->bcn_mbuf, mcast);
2179
2180 URTWN_LOCK(sc);
2181 urtwn_tx_beacon(sc, uvp);
2182 URTWN_UNLOCK(sc);
2183}
2184
2185/*
2186 * Push a beacon frame into the chip. Beacon will
2187 * be repeated by the chip every R92C_BCN_INTERVAL.
2188 */
2189static int
2190urtwn_tx_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp)
2191{
2192 struct r92c_tx_desc *desc = &uvp->bcn_desc;
2193 struct urtwn_data *bf;
2194
2195 URTWN_ASSERT_LOCKED(sc);
2196
2197 bf = urtwn_getbuf(sc);
2198 if (bf == NULL)
2199 return (ENOMEM);
2200
2201 memcpy(bf->buf, desc, sizeof(*desc));
2202 urtwn_tx_start(sc, uvp->bcn_mbuf, IEEE80211_FC0_TYPE_MGT, bf);
2203
2204 sc->sc_txtimer = 5;
2205 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
2206
2207 return (0);
2208}
2209
2210static int
2211urtwn_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k,
2212 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix)
2213{
2214 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2215 uint8_t i;
2216
2217 if (!(&vap->iv_nw_keys[0] <= k &&
2218 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) {
2219 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
2220 URTWN_LOCK(sc);
2221 /*
2222 * First 4 slots for group keys,
2223 * what is left - for pairwise.
2224 * XXX incompatible with IBSS RSN.
2225 */
2226 for (i = IEEE80211_WEP_NKID;
2227 i < R92C_CAM_ENTRY_COUNT; i++) {
2228 if ((sc->keys_bmap & (1 << i)) == 0) {
2229 sc->keys_bmap |= 1 << i;
2230 *keyix = i;
2231 break;
2232 }
2233 }
2234 URTWN_UNLOCK(sc);
2235 if (i == R92C_CAM_ENTRY_COUNT) {
2236 device_printf(sc->sc_dev,
2237 "%s: no free space in the key table\n",
2238 __func__);
2239 return 0;
2240 }
2241 } else
2242 *keyix = 0;
2243 } else {
2244 *keyix = k - vap->iv_nw_keys;
2245 }
2246 *rxkeyix = *keyix;
2247 return 1;
2248}
2249
2250static void
2251urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data)
2252{
2253 struct ieee80211_key *k = &data->key;
2254 uint8_t algo, keyid;
2255 int i, error;
2256
2257 if (k->wk_keyix < IEEE80211_WEP_NKID)
2258 keyid = k->wk_keyix;
2259 else
2260 keyid = 0;
2261
2262 /* Map net80211 cipher to HW crypto algorithm. */
2263 switch (k->wk_cipher->ic_cipher) {
2264 case IEEE80211_CIPHER_WEP:
2265 if (k->wk_keylen < 8)
2266 algo = R92C_CAM_ALGO_WEP40;
2267 else
2268 algo = R92C_CAM_ALGO_WEP104;
2269 break;
2270 case IEEE80211_CIPHER_TKIP:
2271 algo = R92C_CAM_ALGO_TKIP;
2272 break;
2273 case IEEE80211_CIPHER_AES_CCM:
2274 algo = R92C_CAM_ALGO_AES;
2275 break;
2276 default:
2277 device_printf(sc->sc_dev, "%s: undefined cipher %d\n",
2278 __func__, k->wk_cipher->ic_cipher);
2279 return;
2280 }
2281
2282 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY,
2283 "%s: keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, "
2284 "macaddr %s\n", __func__, k->wk_keyix, keyid,
2285 k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen,
2286 ether_sprintf(k->wk_macaddr));
2287
2288 /* Write key. */
2289 for (i = 0; i < 4; i++) {
2290 error = urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i),
2291 le32dec(&k->wk_key[i * 4]));
2292 if (error != 0)
2293 goto fail;
2294 }
2295
2296 /* Write CTL0 last since that will validate the CAM entry. */
2297 error = urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix),
2298 le32dec(&k->wk_macaddr[2]));
2299 if (error != 0)
2300 goto fail;
2301 error = urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix),
2302 SM(R92C_CAM_ALGO, algo) |
2303 SM(R92C_CAM_KEYID, keyid) |
2304 SM(R92C_CAM_MACLO, le16dec(&k->wk_macaddr[0])) |
2305 R92C_CAM_VALID);
2306 if (error != 0)
2307 goto fail;
2308
2309 return;
2310
2311fail:
2312 device_printf(sc->sc_dev, "%s fails, error %d\n", __func__, error);
2313}
2314
2315static void
2316urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data)
2317{
2318 struct ieee80211_key *k = &data->key;
2319 int i;
2320
2321 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY,
2322 "%s: keyix %d, flags %04X, macaddr %s\n", __func__,
2323 k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr));
2324
2325 urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0);
2326 urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 0);
2327
2328 /* Clear key. */
2329 for (i = 0; i < 4; i++)
2330 urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 0);
2331 sc->keys_bmap &= ~(1 << k->wk_keyix);
2332}
2333
2334static int
2335urtwn_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k)
2336{
2337 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2338
2339 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
2340 /* Not for us. */
2341 return (1);
2342 }
2343
2344 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_set_cb));
2345}
2346
2347static int
2348urtwn_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k)
2349{
2350 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2351
2352 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
2353 /* Not for us. */
2354 return (1);
2355 }
2356
2357 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_del_cb));
2358}
2359
2360static void
2361urtwn_tsf_task_adhoc(void *arg, int pending)
2362{
2363 struct ieee80211vap *vap = arg;
2364 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2365 struct ieee80211_node *ni;
2366 uint32_t reg;
2367
2368 URTWN_LOCK(sc);
2369 ni = ieee80211_ref_node(vap->iv_bss);
2370 reg = urtwn_read_1(sc, R92C_BCN_CTRL);
2371
2372 /* Accept beacons with the same BSSID. */
2373 urtwn_set_rx_bssid_all(sc, 0);
2374
2375 /* Enable synchronization. */
2376 reg &= ~R92C_BCN_CTRL_DIS_TSF_UDT0;
2377 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2378
2379 /* Synchronize. */
2380 usb_pause_mtx(&sc->sc_mtx, hz * ni->ni_intval * 5 / 1000);
2381
2382 /* Disable synchronization. */
2383 reg |= R92C_BCN_CTRL_DIS_TSF_UDT0;
2384 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2385
2386 /* Remove beacon filter. */
2387 urtwn_set_rx_bssid_all(sc, 1);
2388
2389 /* Enable beaconing. */
2390 urtwn_write_1(sc, R92C_MBID_NUM,
2391 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0);
2392 reg |= R92C_BCN_CTRL_EN_BCN;
2393
2394 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2395 ieee80211_free_node(ni);
2396 URTWN_UNLOCK(sc);
2397}
2398
2399static void
2400urtwn_tsf_sync_enable(struct urtwn_softc *sc, struct ieee80211vap *vap)
2401{
2402 struct ieee80211com *ic = &sc->sc_ic;
2403 struct urtwn_vap *uvp = URTWN_VAP(vap);
2404
2405 /* Reset TSF. */
2406 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0);
2407
2408 switch (vap->iv_opmode) {
2409 case IEEE80211_M_STA:
2410 /* Enable TSF synchronization. */
2411 urtwn_write_1(sc, R92C_BCN_CTRL,
2412 urtwn_read_1(sc, R92C_BCN_CTRL) &
2413 ~R92C_BCN_CTRL_DIS_TSF_UDT0);
2414 break;
2415 case IEEE80211_M_IBSS:
2416 ieee80211_runtask(ic, &uvp->tsf_task_adhoc);
2417 break;
2418 case IEEE80211_M_HOSTAP:
2419 /* Enable beaconing. */
2420 urtwn_write_1(sc, R92C_MBID_NUM,
2421 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0);
2422 urtwn_write_1(sc, R92C_BCN_CTRL,
2423 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN);
2424 break;
2425 default:
2426 device_printf(sc->sc_dev, "undefined opmode %d\n",
2427 vap->iv_opmode);
2428 return;
2429 }
2430}
2431
2432static void
2433urtwn_get_tsf(struct urtwn_softc *sc, uint64_t *buf)
2434{
2435 urtwn_read_region_1(sc, R92C_TSFTR, (uint8_t *)buf, sizeof(*buf));
2436}
2437
2438static void
2439urtwn_set_led(struct urtwn_softc *sc, int led, int on)
2440{
2441 uint8_t reg;
2442
2443 if (led == URTWN_LED_LINK) {
2444 if (sc->chip & URTWN_CHIP_88E) {
2445 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0xf0;
2446 urtwn_write_1(sc, R92C_LEDCFG2, reg | 0x60);
2447 if (!on) {
2448 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0x90;
2449 urtwn_write_1(sc, R92C_LEDCFG2,
2450 reg | R92C_LEDCFG0_DIS);
2451 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG,
2452 urtwn_read_1(sc, R92C_MAC_PINMUX_CFG) &
2453 0xfe);
2454 }
2455 } else {
2456 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70;
2457 if (!on)
2458 reg |= R92C_LEDCFG0_DIS;
2459 urtwn_write_1(sc, R92C_LEDCFG0, reg);
2460 }
2461 sc->ledlink = on; /* Save LED state. */
2462 }
2463}
2464
2465static void
2466urtwn_set_mode(struct urtwn_softc *sc, uint8_t mode)
2467{
2468 uint8_t reg;
2469
2470 reg = urtwn_read_1(sc, R92C_MSR);
2471 reg = (reg & ~R92C_MSR_MASK) | mode;
2472 urtwn_write_1(sc, R92C_MSR, reg);
2473}
2474
2475static void
2476urtwn_ibss_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype,
2477 const struct ieee80211_rx_stats *rxs,
2478 int rssi, int nf)
2479{
2480 struct ieee80211vap *vap = ni->ni_vap;
2481 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2482 struct urtwn_vap *uvp = URTWN_VAP(vap);
2483 uint64_t ni_tstamp, curr_tstamp;
2484
2485 uvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf);
2486
2487 if (vap->iv_state == IEEE80211_S_RUN &&
2488 (subtype == IEEE80211_FC0_SUBTYPE_BEACON ||
2489 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) {
2490 ni_tstamp = le64toh(ni->ni_tstamp.tsf);
2491 URTWN_LOCK(sc);
2492 urtwn_get_tsf(sc, &curr_tstamp);
2493 URTWN_UNLOCK(sc);
2494 curr_tstamp = le64toh(curr_tstamp);
2495
2496 if (ni_tstamp >= curr_tstamp)
2497 (void) ieee80211_ibss_merge(ni);
2498 }
2499}
2500
2501static int
2502urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
2503{
2504 struct urtwn_vap *uvp = URTWN_VAP(vap);
2505 struct ieee80211com *ic = vap->iv_ic;
2506 struct urtwn_softc *sc = ic->ic_softc;
2507 struct ieee80211_node *ni;
2508 enum ieee80211_state ostate;
2509 uint32_t reg;
2510 uint8_t mode;
2511 int error = 0;
2512
2513 ostate = vap->iv_state;
2514 URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s -> %s\n",
2515 ieee80211_state_name[ostate], ieee80211_state_name[nstate]);
2516
2517 IEEE80211_UNLOCK(ic);
2518 URTWN_LOCK(sc);
2519 callout_stop(&sc->sc_watchdog_ch);
2520
2521 if (ostate == IEEE80211_S_RUN) {
2522 /* Stop calibration. */
2523 callout_stop(&sc->sc_calib_to);
2524
2525 /* Turn link LED off. */
2526 urtwn_set_led(sc, URTWN_LED_LINK, 0);
2527
2528 /* Set media status to 'No Link'. */
2529 urtwn_set_mode(sc, R92C_MSR_NOLINK);
2530
2531 /* Stop Rx of data frames. */
2532 urtwn_write_2(sc, R92C_RXFLTMAP2, 0);
2533
2534 /* Disable TSF synchronization. */
2535 urtwn_write_1(sc, R92C_BCN_CTRL,
2536 (urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN) |
2537 R92C_BCN_CTRL_DIS_TSF_UDT0);
2538
2539 /* Disable beaconing. */
2540 urtwn_write_1(sc, R92C_MBID_NUM,
2541 urtwn_read_1(sc, R92C_MBID_NUM) & ~R92C_MBID_TXBCN_RPT0);
2542
2543 /* Reset TSF. */
2544 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0);
2545
2546 /* Reset EDCA parameters. */
2547 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217);
2548 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317);
2549 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320);
2550 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444);
2551 }
2552
2553 switch (nstate) {
2554 case IEEE80211_S_INIT:
2555 /* Turn link LED off. */
2556 urtwn_set_led(sc, URTWN_LED_LINK, 0);
2557 break;
2558 case IEEE80211_S_SCAN:
2559 /* Pause AC Tx queues. */
2560 urtwn_write_1(sc, R92C_TXPAUSE,
2561 urtwn_read_1(sc, R92C_TXPAUSE) | R92C_TX_QUEUE_AC);
2562 break;
2563 case IEEE80211_S_AUTH:
2564 urtwn_set_chan(sc, ic->ic_curchan, NULL);
2565 break;
2566 case IEEE80211_S_RUN:
2567 if (vap->iv_opmode == IEEE80211_M_MONITOR) {
2568 /* Turn link LED on. */
2569 urtwn_set_led(sc, URTWN_LED_LINK, 1);
2570 break;
2571 }
2572
2573 ni = ieee80211_ref_node(vap->iv_bss);
2574
2575 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC ||
2576 ni->ni_chan == IEEE80211_CHAN_ANYC) {
2577 device_printf(sc->sc_dev,
2578 "%s: could not move to RUN state\n", __func__);
2579 error = EINVAL;
2580 goto end_run;
2581 }
2582
2583 switch (vap->iv_opmode) {
2584 case IEEE80211_M_STA:
2585 mode = R92C_MSR_INFRA;
2586 break;
2587 case IEEE80211_M_IBSS:
2588 mode = R92C_MSR_ADHOC;
2589 break;
2590 case IEEE80211_M_HOSTAP:
2591 mode = R92C_MSR_AP;
2592 break;
2593 default:
2594 device_printf(sc->sc_dev, "undefined opmode %d\n",
2595 vap->iv_opmode);
2596 error = EINVAL;
2597 goto end_run;
2598 }
2599
2600 /* Set media status to 'Associated'. */
2601 urtwn_set_mode(sc, mode);
2602
2603 /* Set BSSID. */
2604 urtwn_write_4(sc, R92C_BSSID + 0, le32dec(&ni->ni_bssid[0]));
2605 urtwn_write_4(sc, R92C_BSSID + 4, le16dec(&ni->ni_bssid[4]));
2606
2607 if (ic->ic_curmode == IEEE80211_MODE_11B)
2608 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0);
2609 else /* 802.11b/g */
2610 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3);
2611
2612 /* Enable Rx of data frames. */
2613 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff);
2614
2615 /* Flush all AC queues. */
2616 urtwn_write_1(sc, R92C_TXPAUSE, 0);
2617
2618 /* Set beacon interval. */
2619 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval);
2620
2621 /* Allow Rx from our BSSID only. */
2622 if (ic->ic_promisc == 0) {
2623 reg = urtwn_read_4(sc, R92C_RCR);
2624
2625 if (vap->iv_opmode != IEEE80211_M_HOSTAP)
2626 reg |= R92C_RCR_CBSSID_DATA;
2627 if (vap->iv_opmode != IEEE80211_M_IBSS)
2628 reg |= R92C_RCR_CBSSID_BCN;
2629
2630 urtwn_write_4(sc, R92C_RCR, reg);
2631 }
2632
2633 if (vap->iv_opmode == IEEE80211_M_HOSTAP ||
2634 vap->iv_opmode == IEEE80211_M_IBSS) {
2635 error = urtwn_setup_beacon(sc, ni);
2636 if (error != 0) {
2637 device_printf(sc->sc_dev,
2638 "unable to push beacon into the chip, "
2639 "error %d\n", error);
2640 goto end_run;
2641 }
2642 }
2643
2644 /* Enable TSF synchronization. */
2645 urtwn_tsf_sync_enable(sc, vap);
2646
2647 urtwn_write_1(sc, R92C_SIFS_CCK + 1, 10);
2648 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10);
2649 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10);
2650 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10);
2651 urtwn_write_1(sc, R92C_R2T_SIFS + 1, 10);
2652 urtwn_write_1(sc, R92C_T2T_SIFS + 1, 10);
2653
2654 /* Intialize rate adaptation. */
2655 if (!(sc->chip & URTWN_CHIP_88E))
2656 urtwn_ra_init(sc);
2657 /* Turn link LED on. */
2658 urtwn_set_led(sc, URTWN_LED_LINK, 1);
2659
2660 sc->avg_pwdb = -1; /* Reset average RSSI. */
2661 /* Reset temperature calibration state machine. */
2662 sc->sc_flags &= ~URTWN_TEMP_MEASURED;
2663 sc->thcal_lctemp = 0;
2664 /* Start periodic calibration. */
2665 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc);
2666
2667end_run:
2668 ieee80211_free_node(ni);
2669 break;
2670 default:
2671 break;
2672 }
2673
2674 URTWN_UNLOCK(sc);
2675 IEEE80211_LOCK(ic);
2676 return (error != 0 ? error : uvp->newstate(vap, nstate, arg));
2677}
2678
2679static void
2680urtwn_calib_to(void *arg)
2681{
2682 struct urtwn_softc *sc = arg;
2683
2684 /* Do it in a process context. */
2685 urtwn_cmd_sleepable(sc, NULL, 0, urtwn_calib_cb);
2686}
2687
2688static void
2689urtwn_calib_cb(struct urtwn_softc *sc, union sec_param *data)
2690{
2691 /* Do temperature compensation. */
2692 urtwn_temp_calib(sc);
2693
2694 if ((urtwn_read_1(sc, R92C_MSR) & R92C_MSR_MASK) != R92C_MSR_NOLINK)
2695 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc);
2696}
2697
2698static void
2699urtwn_watchdog(void *arg)
2700{
2701 struct urtwn_softc *sc = arg;
2702
2703 if (sc->sc_txtimer > 0) {
2704 if (--sc->sc_txtimer == 0) {
2705 device_printf(sc->sc_dev, "device timeout\n");
2706 counter_u64_add(sc->sc_ic.ic_oerrors, 1);
2707 return;
2708 }
2709 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
2710 }
2711}
2712
2713static void
2714urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi)
2715{
2716 int pwdb;
2717
2718 /* Convert antenna signal to percentage. */
2719 if (rssi <= -100 || rssi >= 20)
2720 pwdb = 0;
2721 else if (rssi >= 0)
2722 pwdb = 100;
2723 else
2724 pwdb = 100 + rssi;
2725 if (!(sc->chip & URTWN_CHIP_88E)) {
2726 if (rate <= URTWN_RIDX_CCK11) {
2727 /* CCK gain is smaller than OFDM/MCS gain. */
2728 pwdb += 6;
2729 if (pwdb > 100)
2730 pwdb = 100;
2731 if (pwdb <= 14)
2732 pwdb -= 4;
2733 else if (pwdb <= 26)
2734 pwdb -= 8;
2735 else if (pwdb <= 34)
2736 pwdb -= 6;
2737 else if (pwdb <= 42)
2738 pwdb -= 2;
2739 }
2740 }
2741 if (sc->avg_pwdb == -1) /* Init. */
2742 sc->avg_pwdb = pwdb;
2743 else if (sc->avg_pwdb < pwdb)
2744 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1;
2745 else
2746 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20);
2747 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: PWDB %d, EMA %d\n", __func__,
2748 pwdb, sc->avg_pwdb);
2749}
2750
2751static int8_t
2752urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt)
2753{
2754 static const int8_t cckoff[] = { 16, -12, -26, -46 };
2755 struct r92c_rx_phystat *phy;
2756 struct r92c_rx_cck *cck;
2757 uint8_t rpt;
2758 int8_t rssi;
2759
2760 if (rate <= URTWN_RIDX_CCK11) {
2761 cck = (struct r92c_rx_cck *)physt;
2762 if (sc->sc_flags & URTWN_FLAG_CCK_HIPWR) {
2763 rpt = (cck->agc_rpt >> 5) & 0x3;
2764 rssi = (cck->agc_rpt & 0x1f) << 1;
2765 } else {
2766 rpt = (cck->agc_rpt >> 6) & 0x3;
2767 rssi = cck->agc_rpt & 0x3e;
2768 }
2769 rssi = cckoff[rpt] - rssi;
2770 } else { /* OFDM/HT. */
2771 phy = (struct r92c_rx_phystat *)physt;
2772 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110;
2773 }
2774 return (rssi);
2775}
2776
2777static int8_t
2778urtwn_r88e_get_rssi(struct urtwn_softc *sc, int rate, void *physt)
2779{
2780 struct r92c_rx_phystat *phy;
2781 struct r88e_rx_cck *cck;
2782 uint8_t cck_agc_rpt, lna_idx, vga_idx;
2783 int8_t rssi;
2784
2785 rssi = 0;
2786 if (rate <= URTWN_RIDX_CCK11) {
2787 cck = (struct r88e_rx_cck *)physt;
2788 cck_agc_rpt = cck->agc_rpt;
2789 lna_idx = (cck_agc_rpt & 0xe0) >> 5;
2790 vga_idx = cck_agc_rpt & 0x1f;
2791 switch (lna_idx) {
2792 case 7:
2793 if (vga_idx <= 27)
2794 rssi = -100 + 2* (27 - vga_idx);
2795 else
2796 rssi = -100;
2797 break;
2798 case 6:
2799 rssi = -48 + 2 * (2 - vga_idx);
2800 break;
2801 case 5:
2802 rssi = -42 + 2 * (7 - vga_idx);
2803 break;
2804 case 4:
2805 rssi = -36 + 2 * (7 - vga_idx);
2806 break;
2807 case 3:
2808 rssi = -24 + 2 * (7 - vga_idx);
2809 break;
2810 case 2:
2811 rssi = -12 + 2 * (5 - vga_idx);
2812 break;
2813 case 1:
2814 rssi = 8 - (2 * vga_idx);
2815 break;
2816 case 0:
2817 rssi = 14 - (2 * vga_idx);
2818 break;
2819 }
2820 rssi += 6;
2821 } else { /* OFDM/HT. */
2822 phy = (struct r92c_rx_phystat *)physt;
2823 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110;
2824 }
2825 return (rssi);
2826}
2827
2828static int
2829urtwn_tx_data(struct urtwn_softc *sc, struct ieee80211_node *ni,
2830 struct mbuf *m, struct urtwn_data *data)
2831{
2832 const struct ieee80211_txparam *tp;
2833 struct ieee80211com *ic = &sc->sc_ic;
2834 struct ieee80211vap *vap = ni->ni_vap;
2835 struct ieee80211_key *k = NULL;
2836 struct ieee80211_channel *chan;
2837 struct ieee80211_frame *wh;
2838 struct r92c_tx_desc *txd;
2839 uint8_t macid, raid, rate, ridx, subtype, type, tid, qsel;
2840 int hasqos, ismcast;
2841
2842 URTWN_ASSERT_LOCKED(sc);
2843
2844 /*
2845 * Software crypto.
2846 */
2847 wh = mtod(m, struct ieee80211_frame *);
2848 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
2849 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
2850 hasqos = IEEE80211_QOS_HAS_SEQ(wh);
2851 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
2852
2853 /* Select TX ring for this frame. */
2854 if (hasqos) {
2855 tid = ((const struct ieee80211_qosframe *)wh)->i_qos[0];
2856 tid &= IEEE80211_QOS_TID;
2857 } else
2858 tid = 0;
2859
2860 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ?
2861 ni->ni_chan : ic->ic_curchan;
2862 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)];
2863
2864 /* Choose a TX rate index. */
2865 if (type == IEEE80211_FC0_TYPE_MGT)
2866 rate = tp->mgmtrate;
2867 else if (ismcast)
2868 rate = tp->mcastrate;
2869 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE)
2870 rate = tp->ucastrate;
2871 else if (m->m_flags & M_EAPOL)
2872 rate = tp->mgmtrate;
2873 else {
2874 if (URTWN_CHIP_HAS_RATECTL(sc)) {
2875 /* XXX pass pktlen */
2876 (void) ieee80211_ratectl_rate(ni, NULL, 0);
2877 rate = ni->ni_txrate;
2878 } else {
2879 /* XXX TODO: drop the default rate for 11b/11g? */
2880 if (ni->ni_flags & IEEE80211_NODE_HT)
2881 rate = IEEE80211_RATE_MCS | 0x4; /* MCS4 */
2882 else if (ic->ic_curmode != IEEE80211_MODE_11B)
2883 rate = 108;
2884 else
2885 rate = 22;
2886 }
2887 }
2888
2889 /*
2890 * XXX TODO: this should be per-node, for 11b versus 11bg
2891 * nodes in hostap mode
2892 */
2893 ridx = rate2ridx(rate);
2894 if (ni->ni_flags & IEEE80211_NODE_HT)
2895 raid = R92C_RAID_11GN;
2896 else if (ic->ic_curmode != IEEE80211_MODE_11B)
2897 raid = R92C_RAID_11BG;
2898 else
2899 raid = R92C_RAID_11B;
2900
2901 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) {
2902 k = ieee80211_crypto_encap(ni, m);
2903 if (k == NULL) {
2904 device_printf(sc->sc_dev,
2905 "ieee80211_crypto_encap returns NULL.\n");
2906 return (ENOBUFS);
2907 }
2908
2909 /* in case packet header moved, reset pointer */
2910 wh = mtod(m, struct ieee80211_frame *);
2911 }
2912
2913 /* Fill Tx descriptor. */
2914 txd = (struct r92c_tx_desc *)data->buf;
2915 memset(txd, 0, sizeof(*txd));
2916
2917 txd->txdw0 |= htole32(
2918 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) |
2919 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
2920 if (ismcast)
2921 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST);
2922
2923 if (!ismcast) {
2924 if (sc->chip & URTWN_CHIP_88E) {
2925 struct urtwn_node *un = URTWN_NODE(ni);
2926 macid = un->id;
2927 } else
2928 macid = URTWN_MACID_BSS;
2929
2930 if (type == IEEE80211_FC0_TYPE_DATA) {
2931 qsel = tid % URTWN_MAX_TID;
2932
2933 if (sc->chip & URTWN_CHIP_88E) {
2934 txd->txdw2 |= htole32(
2935 R88E_TXDW2_AGGBK |
2936 R88E_TXDW2_CCX_RPT);
2937 } else
2938 txd->txdw1 |= htole32(R92C_TXDW1_AGGBK);
2939
2940 /* protmode, non-HT */
2941 /* XXX TODO: noack frames? */
2942 if ((rate & 0x80) == 0 &&
2943 (ic->ic_flags & IEEE80211_F_USEPROT)) {
2944 switch (ic->ic_protmode) {
2945 case IEEE80211_PROT_CTSONLY:
2946 txd->txdw4 |= htole32(
2947 R92C_TXDW4_CTS2SELF |
2948 R92C_TXDW4_HWRTSEN);
2949 break;
2950 case IEEE80211_PROT_RTSCTS:
2951 txd->txdw4 |= htole32(
2952 R92C_TXDW4_RTSEN |
2953 R92C_TXDW4_HWRTSEN);
2954 break;
2955 default:
2956 break;
2957 }
2958 }
2959
2960 /* protmode, HT */
2961 /* XXX TODO: noack frames? */
2962 if ((rate & 0x80) &&
2963 (ic->ic_htprotmode == IEEE80211_PROT_RTSCTS)) {
2964 txd->txdw4 |= htole32(
2965 R92C_TXDW4_RTSEN |
2966 R92C_TXDW4_HWRTSEN);
2967 }
2968
2969 /* XXX TODO: rtsrate is configurable? 24mbit may
2970 * be a bit high for RTS rate? */
2971 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE,
2972 URTWN_RIDX_OFDM24));
2973
2974 txd->txdw5 |= htole32(0x0001ff00);
2975 } else /* IEEE80211_FC0_TYPE_MGT */
2976 qsel = R92C_TXDW1_QSEL_MGNT;
2977 } else {
2978 macid = URTWN_MACID_BC;
2979 qsel = R92C_TXDW1_QSEL_MGNT;
2980 }
2981
2982 txd->txdw1 |= htole32(
2983 SM(R92C_TXDW1_QSEL, qsel) |
2984 SM(R92C_TXDW1_RAID, raid));
2985
2986 /* XXX TODO: 40MHZ flag? */
2987 /* XXX TODO: AMPDU flag? (AGG_ENABLE or AGG_BREAK?) Density shift? */
2988 /* XXX Short preamble? */
2989 /* XXX Short-GI? */
2990
2991 if (sc->chip & URTWN_CHIP_88E)
2992 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, macid));
2993 else
2994 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, macid));
2995
2996 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx));
2997
2998 /* Force this rate if needed. */
2999 if (URTWN_CHIP_HAS_RATECTL(sc) || ismcast ||
3000 (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) ||
3001 (m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA)
3002 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE);
3003
3004 if (!hasqos) {
3005 /* Use HW sequence numbering for non-QoS frames. */
3006 if (sc->chip & URTWN_CHIP_88E)
3007 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN);
3008 else
3009 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
3010 } else {
3011 /* Set sequence number. */
3012 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE);
3013 }
3014
3015 if (k != NULL && !(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
3016 uint8_t cipher;
3017
3018 switch (k->wk_cipher->ic_cipher) {
3019 case IEEE80211_CIPHER_WEP:
3020 case IEEE80211_CIPHER_TKIP:
3021 cipher = R92C_TXDW1_CIPHER_RC4;
3022 break;
3023 case IEEE80211_CIPHER_AES_CCM:
3024 cipher = R92C_TXDW1_CIPHER_AES;
3025 break;
3026 default:
3027 device_printf(sc->sc_dev, "%s: unknown cipher %d\n",
3028 __func__, k->wk_cipher->ic_cipher);
3029 return (EINVAL);
3030 }
3031
3032 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher));
3033 }
3034
3035 if (ieee80211_radiotap_active_vap(vap)) {
3036 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap;
3037
3038 tap->wt_flags = 0;
3039 if (k != NULL)
3040 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP;
3041 ieee80211_radiotap_tx(vap, m);
3042 }
3043
3044 data->ni = ni;
3045
3046 urtwn_tx_start(sc, m, type, data);
3047
3048 return (0);
3049}
3050
3051static int
3052urtwn_tx_raw(struct urtwn_softc *sc, struct ieee80211_node *ni,
3053 struct mbuf *m, struct urtwn_data *data,
3054 const struct ieee80211_bpf_params *params)
3055{
3056 struct ieee80211vap *vap = ni->ni_vap;
3057 struct ieee80211_key *k = NULL;
3058 struct ieee80211_frame *wh;
3059 struct r92c_tx_desc *txd;
3060 uint8_t cipher, ridx, type;
3061
3062 /* Encrypt the frame if need be. */
3063 cipher = R92C_TXDW1_CIPHER_NONE;
3064 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) {
3065 /* Retrieve key for TX. */
3066 k = ieee80211_crypto_encap(ni, m);
3067 if (k == NULL)
3068 return (ENOBUFS);
3069
3070 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
3071 switch (k->wk_cipher->ic_cipher) {
3072 case IEEE80211_CIPHER_WEP:
3073 case IEEE80211_CIPHER_TKIP:
3074 cipher = R92C_TXDW1_CIPHER_RC4;
3075 break;
3076 case IEEE80211_CIPHER_AES_CCM:
3077 cipher = R92C_TXDW1_CIPHER_AES;
3078 break;
3079 default:
3080 device_printf(sc->sc_dev,
3081 "%s: unknown cipher %d\n",
3082 __func__, k->wk_cipher->ic_cipher);
3083 return (EINVAL);
3084 }
3085 }
3086 }
3087
3088 /* XXX TODO: 11n checks, matching urtwn_tx_data() */
3089
3090 wh = mtod(m, struct ieee80211_frame *);
3091 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
3092
3093 /* Fill Tx descriptor. */
3094 txd = (struct r92c_tx_desc *)data->buf;
3095 memset(txd, 0, sizeof(*txd));
3096
3097 txd->txdw0 |= htole32(
3098 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) |
3099 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
3100 if (IEEE80211_IS_MULTICAST(wh->i_addr1))
3101 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST);
3102
3103 if (params->ibp_flags & IEEE80211_BPF_RTS)
3104 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN);
3105 if (params->ibp_flags & IEEE80211_BPF_CTS)
3106 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF);
3107 if (txd->txdw4 & htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_CTS2SELF)) {
3108 txd->txdw4 |= htole32(R92C_TXDW4_HWRTSEN);
3109 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE,
3110 URTWN_RIDX_OFDM24));
3111 }
3112
3113 if (sc->chip & URTWN_CHIP_88E)
3114 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC));
3115 else
3116 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC));
3117
3118 /* XXX TODO: rate index/config (RAID) for 11n? */
3119 txd->txdw1 |= htole32(SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT));
3120 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher));
3121
3122 /* Choose a TX rate index. */
3123 ridx = rate2ridx(params->ibp_rate0);
3124 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx));
3125 txd->txdw5 |= htole32(0x0001ff00);
3126 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE);
3127
3128 if (!IEEE80211_QOS_HAS_SEQ(wh)) {
3129 /* Use HW sequence numbering for non-QoS frames. */
3130 if (sc->chip & URTWN_CHIP_88E)
3131 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN);
3132 else
3133 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
3134 } else {
3135 /* Set sequence number. */
3136 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE);
3137 }
3138
3139 if (ieee80211_radiotap_active_vap(vap)) {
3140 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap;
3141
3142 tap->wt_flags = 0;
3143 if (k != NULL)
3144 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP;
3145 ieee80211_radiotap_tx(vap, m);
3146 }
3147
3148 data->ni = ni;
3149
3150 urtwn_tx_start(sc, m, type, data);
3151
3152 return (0);
3153}
3154
3155static void
3156urtwn_tx_start(struct urtwn_softc *sc, struct mbuf *m, uint8_t type,
3157 struct urtwn_data *data)
3158{
3159 struct usb_xfer *xfer;
3160 struct r92c_tx_desc *txd;
3161 uint16_t ac, sum;
3162 int i, xferlen;
3163
3164 URTWN_ASSERT_LOCKED(sc);
3165
3166 ac = M_WME_GETAC(m);
3167
3168 switch (type) {
3169 case IEEE80211_FC0_TYPE_CTL:
3170 case IEEE80211_FC0_TYPE_MGT:
3171 xfer = sc->sc_xfer[URTWN_BULK_TX_VO];
3172 break;
3173 default:
3174 xfer = sc->sc_xfer[wme2queue[ac].qid];
3175 break;
3176 }
3177
3178 txd = (struct r92c_tx_desc *)data->buf;
3179 txd->txdw0 |= htole32(SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len));
3180
3181 /* Compute Tx descriptor checksum. */
3182 sum = 0;
3183 for (i = 0; i < sizeof(*txd) / 2; i++)
3184 sum ^= ((uint16_t *)txd)[i];
3185 txd->txdsum = sum; /* NB: already little endian. */
3186
3187 xferlen = sizeof(*txd) + m->m_pkthdr.len;
3188 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&txd[1]);
3189
3190 data->buflen = xferlen;
3191 data->m = m;
3192
3193 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next);
3194 usbd_transfer_start(xfer);
3195}
3196
3197static int
3198urtwn_transmit(struct ieee80211com *ic, struct mbuf *m)
3199{
3200 struct urtwn_softc *sc = ic->ic_softc;
3201 int error;
3202
3203 URTWN_LOCK(sc);
3204 if ((sc->sc_flags & URTWN_RUNNING) == 0) {
3205 URTWN_UNLOCK(sc);
3206 return (ENXIO);
3207 }
3208 error = mbufq_enqueue(&sc->sc_snd, m);
3209 if (error) {
3210 URTWN_UNLOCK(sc);
3211 return (error);
3212 }
3213 urtwn_start(sc);
3214 URTWN_UNLOCK(sc);
3215
3216 return (0);
3217}
3218
3219static void
3220urtwn_start(struct urtwn_softc *sc)
3221{
3222 struct ieee80211_node *ni;
3223 struct mbuf *m;
3224 struct urtwn_data *bf;
3225
3226 URTWN_ASSERT_LOCKED(sc);
3227 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
3228 bf = urtwn_getbuf(sc);
3229 if (bf == NULL) {
3230 mbufq_prepend(&sc->sc_snd, m);
3231 break;
3232 }
3233 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
3234 m->m_pkthdr.rcvif = NULL;
3235
3236 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n",
3237 __func__,
3238 m);
3239
3240 if (urtwn_tx_data(sc, ni, m, bf) != 0) {
3241 if_inc_counter(ni->ni_vap->iv_ifp,
3242 IFCOUNTER_OERRORS, 1);
3243 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next);
3244 m_freem(m);
3245 ieee80211_free_node(ni);
3246 break;
3247 }
3248 sc->sc_txtimer = 5;
3249 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
3250 }
3251}
3252
3253static void
3254urtwn_parent(struct ieee80211com *ic)
3255{
3256 struct urtwn_softc *sc = ic->ic_softc;
3257
3258 URTWN_LOCK(sc);
3259 if (sc->sc_flags & URTWN_DETACHED) {
3260 URTWN_UNLOCK(sc);
3261 return;
3262 }
3263 URTWN_UNLOCK(sc);
3264
3265 if (ic->ic_nrunning > 0) {
3266 if (urtwn_init(sc) != 0) {
3267 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
3268 if (vap != NULL)
3269 ieee80211_stop(vap);
3270 } else
3271 ieee80211_start_all(ic);
3272 } else
3273 urtwn_stop(sc);
3274}
3275
3276static __inline int
3277urtwn_power_on(struct urtwn_softc *sc)
3278{
3279
3280 return sc->sc_power_on(sc);
3281}
3282
3283static int
3284urtwn_r92c_power_on(struct urtwn_softc *sc)
3285{
3286 uint32_t reg;
3287 usb_error_t error;
3288 int ntries;
3289
3290 /* Wait for autoload done bit. */
3291 for (ntries = 0; ntries < 1000; ntries++) {
3292 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN)
3293 break;
3294 urtwn_ms_delay(sc);
3295 }
3296 if (ntries == 1000) {
3297 device_printf(sc->sc_dev,
3298 "timeout waiting for chip autoload\n");
3299 return (ETIMEDOUT);
3300 }
3301
3302 /* Unlock ISO/CLK/Power control register. */
3303 error = urtwn_write_1(sc, R92C_RSV_CTRL, 0);
3304 if (error != USB_ERR_NORMAL_COMPLETION)
3305 return (EIO);
3306 /* Move SPS into PWM mode. */
3307 error = urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b);
3308 if (error != USB_ERR_NORMAL_COMPLETION)
3309 return (EIO);
3310 urtwn_ms_delay(sc);
3311
3312 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL);
3313 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) {
3314 error = urtwn_write_1(sc, R92C_LDOV12D_CTRL,
3315 reg | R92C_LDOV12D_CTRL_LDV12_EN);
3316 if (error != USB_ERR_NORMAL_COMPLETION)
3317 return (EIO);
3318 urtwn_ms_delay(sc);
3319 error = urtwn_write_1(sc, R92C_SYS_ISO_CTRL,
3320 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) &
3321 ~R92C_SYS_ISO_CTRL_MD2PP);
3322 if (error != USB_ERR_NORMAL_COMPLETION)
3323 return (EIO);
3324 }
3325
3326 /* Auto enable WLAN. */
3327 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3328 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC);
3329 if (error != USB_ERR_NORMAL_COMPLETION)
3330 return (EIO);
3331 for (ntries = 0; ntries < 1000; ntries++) {
3332 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) &
3333 R92C_APS_FSMCO_APFM_ONMAC))
3334 break;
3335 urtwn_ms_delay(sc);
3336 }
3337 if (ntries == 1000) {
3338 device_printf(sc->sc_dev,
3339 "timeout waiting for MAC auto ON\n");
3340 return (ETIMEDOUT);
3341 }
3342
3343 /* Enable radio, GPIO and LED functions. */
3344 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3345 R92C_APS_FSMCO_AFSM_HSUS |
3346 R92C_APS_FSMCO_PDN_EN |
3347 R92C_APS_FSMCO_PFM_ALDN);
3348 if (error != USB_ERR_NORMAL_COMPLETION)
3349 return (EIO);
3350 /* Release RF digital isolation. */
3351 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL,
3352 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR);
3353 if (error != USB_ERR_NORMAL_COMPLETION)
3354 return (EIO);
3355
3356 /* Initialize MAC. */
3357 error = urtwn_write_1(sc, R92C_APSD_CTRL,
3358 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF);
3359 if (error != USB_ERR_NORMAL_COMPLETION)
3360 return (EIO);
3361 for (ntries = 0; ntries < 200; ntries++) {
3362 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) &
3363 R92C_APSD_CTRL_OFF_STATUS))
3364 break;
3365 urtwn_ms_delay(sc);
3366 }
3367 if (ntries == 200) {
3368 device_printf(sc->sc_dev,
3369 "timeout waiting for MAC initialization\n");
3370 return (ETIMEDOUT);
3371 }
3372
3373 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */
3374 reg = urtwn_read_2(sc, R92C_CR);
3375 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3376 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN |
3377 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN |
3378 R92C_CR_ENSEC;
3379 error = urtwn_write_2(sc, R92C_CR, reg);
3380 if (error != USB_ERR_NORMAL_COMPLETION)
3381 return (EIO);
3382
3383 error = urtwn_write_1(sc, 0xfe10, 0x19);
3384 if (error != USB_ERR_NORMAL_COMPLETION)
3385 return (EIO);
3386 return (0);
3387}
3388
3389static int
3390urtwn_r88e_power_on(struct urtwn_softc *sc)
3391{
3392 uint32_t reg;
3393 usb_error_t error;
3394 int ntries;
3395
3396 /* Wait for power ready bit. */
3397 for (ntries = 0; ntries < 5000; ntries++) {
3398 if (urtwn_read_4(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_SUS_HOST)
3399 break;
3400 urtwn_ms_delay(sc);
3401 }
3402 if (ntries == 5000) {
3403 device_printf(sc->sc_dev,
3404 "timeout waiting for chip power up\n");
3405 return (ETIMEDOUT);
3406 }
3407
3408 /* Reset BB. */
3409 error = urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3410 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~(R92C_SYS_FUNC_EN_BBRSTB |
3411 R92C_SYS_FUNC_EN_BB_GLB_RST));
3412 if (error != USB_ERR_NORMAL_COMPLETION)
3413 return (EIO);
3414
3415 error = urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2,
3416 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80);
3417 if (error != USB_ERR_NORMAL_COMPLETION)
3418 return (EIO);
3419
3420 /* Disable HWPDN. */
3421 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3422 urtwn_read_2(sc, R92C_APS_FSMCO) & ~R92C_APS_FSMCO_APDM_HPDN);
3423 if (error != USB_ERR_NORMAL_COMPLETION)
3424 return (EIO);
3425
3426 /* Disable WL suspend. */
3427 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3428 urtwn_read_2(sc, R92C_APS_FSMCO) &
3429 ~(R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_AFSM_PCIE));
3430 if (error != USB_ERR_NORMAL_COMPLETION)
3431 return (EIO);
3432
3433 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3434 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC);
3435 if (error != USB_ERR_NORMAL_COMPLETION)
3436 return (EIO);
3437 for (ntries = 0; ntries < 5000; ntries++) {
3438 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) &
3439 R92C_APS_FSMCO_APFM_ONMAC))
3440 break;
3441 urtwn_ms_delay(sc);
3442 }
3443 if (ntries == 5000)
3444 return (ETIMEDOUT);
3445
3446 /* Enable LDO normal mode. */
3447 error = urtwn_write_1(sc, R92C_LPLDO_CTRL,
3448 urtwn_read_1(sc, R92C_LPLDO_CTRL) & ~R92C_LPLDO_CTRL_SLEEP);
3449 if (error != USB_ERR_NORMAL_COMPLETION)
3450 return (EIO);
3451
3452 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */
3453 error = urtwn_write_2(sc, R92C_CR, 0);
3454 if (error != USB_ERR_NORMAL_COMPLETION)
3455 return (EIO);
3456 reg = urtwn_read_2(sc, R92C_CR);
3457 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3458 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN |
3459 R92C_CR_SCHEDULE_EN | R92C_CR_ENSEC | R92C_CR_CALTMR_EN;
3460 error = urtwn_write_2(sc, R92C_CR, reg);
3461 if (error != USB_ERR_NORMAL_COMPLETION)
3462 return (EIO);
3463
3464 return (0);
3465}
3466
3467static __inline void
3468urtwn_power_off(struct urtwn_softc *sc)
3469{
3470
3471 return sc->sc_power_off(sc);
3472}
3473
3474static void
3475urtwn_r92c_power_off(struct urtwn_softc *sc)
3476{
3477 uint32_t reg;
3478
3479 /* Block all Tx queues. */
3480 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
3481
3482 /* Disable RF */
3483 urtwn_rf_write(sc, 0, 0, 0);
3484
3485 urtwn_write_1(sc, R92C_APSD_CTRL, R92C_APSD_CTRL_OFF);
3486
3487 /* Reset BB state machine */
3488 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3489 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA |
3490 R92C_SYS_FUNC_EN_BB_GLB_RST);
3491 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3492 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA);
3493
3494 /*
3495 * Reset digital sequence
3496 */
3497#ifndef URTWN_WITHOUT_UCODE
3498 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) {
3499 /* Reset MCU ready status */
3500 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3501
3502 /* If firmware in ram code, do reset */
3503 urtwn_fw_reset(sc);
3504 }
3505#endif
3506
3507 /* Reset MAC and Enable 8051 */
3508 urtwn_write_1(sc, R92C_SYS_FUNC_EN + 1,
3509 (R92C_SYS_FUNC_EN_CPUEN |
3510 R92C_SYS_FUNC_EN_ELDR |
3511 R92C_SYS_FUNC_EN_HWPDN) >> 8);
3512
3513 /* Reset MCU ready status */
3514 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3515
3516 /* Disable MAC clock */
3517 urtwn_write_2(sc, R92C_SYS_CLKR,
3518 R92C_SYS_CLKR_ANAD16V_EN |
3519 R92C_SYS_CLKR_ANA8M |
3520 R92C_SYS_CLKR_LOADER_EN |
3521 R92C_SYS_CLKR_80M_SSC_DIS |
3522 R92C_SYS_CLKR_SYS_EN |
3523 R92C_SYS_CLKR_RING_EN |
3524 0x4000);
3525
3526 /* Disable AFE PLL */
3527 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x80);
3528
3529 /* Gated AFE DIG_CLOCK */
3530 urtwn_write_2(sc, R92C_AFE_XTAL_CTRL, 0x880F);
3531
3532 /* Isolated digital to PON */
3533 urtwn_write_1(sc, R92C_SYS_ISO_CTRL,
3534 R92C_SYS_ISO_CTRL_MD2PP |
3535 R92C_SYS_ISO_CTRL_PA2PCIE |
3536 R92C_SYS_ISO_CTRL_PD2CORE |
3537 R92C_SYS_ISO_CTRL_IP2MAC |
3538 R92C_SYS_ISO_CTRL_DIOP |
3539 R92C_SYS_ISO_CTRL_DIOE);
3540
3541 /*
3542 * Pull GPIO PIN to balance level and LED control
3543 */
3544 /* 1. Disable GPIO[7:0] */
3545 urtwn_write_2(sc, R92C_GPIO_IOSEL, 0x0000);
3546
3547 reg = urtwn_read_4(sc, R92C_GPIO_PIN_CTRL) & ~0x0000ff00;
3548 reg |= ((reg << 8) & 0x0000ff00) | 0x00ff0000;
3549 urtwn_write_4(sc, R92C_GPIO_PIN_CTRL, reg);
3550
3551 /* Disable GPIO[10:8] */
3552 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 0x00);
3553
3554 reg = urtwn_read_2(sc, R92C_GPIO_IO_SEL) & ~0x00f0;
3555 reg |= (((reg & 0x000f) << 4) | 0x0780);
3556 urtwn_write_2(sc, R92C_GPIO_IO_SEL, reg);
3557
3558 /* Disable LED0 & 1 */
3559 urtwn_write_2(sc, R92C_LEDCFG0, 0x8080);
3560
3561 /*
3562 * Reset digital sequence
3563 */
3564 /* Disable ELDR clock */
3565 urtwn_write_2(sc, R92C_SYS_CLKR,
3566 R92C_SYS_CLKR_ANAD16V_EN |
3567 R92C_SYS_CLKR_ANA8M |
3568 R92C_SYS_CLKR_LOADER_EN |
3569 R92C_SYS_CLKR_80M_SSC_DIS |
3570 R92C_SYS_CLKR_SYS_EN |
3571 R92C_SYS_CLKR_RING_EN |
3572 0x4000);
3573
3574 /* Isolated ELDR to PON */
3575 urtwn_write_1(sc, R92C_SYS_ISO_CTRL + 1,
3576 (R92C_SYS_ISO_CTRL_DIOR |
3577 R92C_SYS_ISO_CTRL_PWC_EV12V) >> 8);
3578
3579 /*
3580 * Disable analog sequence
3581 */
3582 /* Disable A15 power */
3583 urtwn_write_1(sc, R92C_LDOA15_CTRL, R92C_LDOA15_CTRL_OBUF);
3584 /* Disable digital core power */
3585 urtwn_write_1(sc, R92C_LDOV12D_CTRL,
3586 urtwn_read_1(sc, R92C_LDOV12D_CTRL) &
3587 ~R92C_LDOV12D_CTRL_LDV12_EN);
3588
3589 /* Enter PFM mode */
3590 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x23);
3591
3592 /* Set USB suspend */
3593 urtwn_write_2(sc, R92C_APS_FSMCO,
3594 R92C_APS_FSMCO_APDM_HOST |
3595 R92C_APS_FSMCO_AFSM_HSUS |
3596 R92C_APS_FSMCO_PFM_ALDN);
3597
3598 /* Lock ISO/CLK/Power control register. */
3599 urtwn_write_1(sc, R92C_RSV_CTRL, 0x0E);
3600}
3601
3602static void
3603urtwn_r88e_power_off(struct urtwn_softc *sc)
3604{
3605 uint8_t reg;
3606 int ntries;
3607
3608 /* Disable any kind of TX reports. */
3609 urtwn_write_1(sc, R88E_TX_RPT_CTRL,
3610 urtwn_read_1(sc, R88E_TX_RPT_CTRL) &
3611 ~(R88E_TX_RPT1_ENA | R88E_TX_RPT2_ENA));
3612
3613 /* Stop Rx. */
3614 urtwn_write_1(sc, R92C_CR, 0);
3615
3616 /* Move card to Low Power State. */
3617 /* Block all Tx queues. */
3618 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
3619
3620 for (ntries = 0; ntries < 20; ntries++) {
3621 /* Should be zero if no packet is transmitting. */
3622 if (urtwn_read_4(sc, R88E_SCH_TXCMD) == 0)
3623 break;
3624
3625 urtwn_ms_delay(sc);
3626 }
3627 if (ntries == 20) {
3628 device_printf(sc->sc_dev, "%s: failed to block Tx queues\n",
3629 __func__);
3630 return;
3631 }
3632
3633 /* CCK and OFDM are disabled, and clock are gated. */
3634 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3635 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~R92C_SYS_FUNC_EN_BBRSTB);
3636
3637 urtwn_ms_delay(sc);
3638
3639 /* Reset MAC TRX */
3640 urtwn_write_1(sc, R92C_CR,
3641 R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3642 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN |
3643 R92C_CR_PROTOCOL_EN | R92C_CR_SCHEDULE_EN);
3644
3645 /* check if removed later */
3646 urtwn_write_1(sc, R92C_CR + 1,
3647 urtwn_read_1(sc, R92C_CR + 1) & ~(R92C_CR_ENSEC >> 8));
3648
3649 /* Respond TxOK to scheduler */
3650 urtwn_write_1(sc, R92C_DUAL_TSF_RST,
3651 urtwn_read_1(sc, R92C_DUAL_TSF_RST) | 0x20);
3652
3653 /* If firmware in ram code, do reset. */
3654#ifndef URTWN_WITHOUT_UCODE
3655 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY)
3656 urtwn_r88e_fw_reset(sc);
3657#endif
3658
3659 /* Reset MCU ready status. */
3660 urtwn_write_1(sc, R92C_MCUFWDL, 0x00);
3661
3662 /* Disable 32k. */
3663 urtwn_write_1(sc, R88E_32K_CTRL,
3664 urtwn_read_1(sc, R88E_32K_CTRL) & ~0x01);
3665
3666 /* Move card to Disabled state. */
3667 /* Turn off RF. */
3668 urtwn_write_1(sc, R92C_RF_CTRL, 0);
3669
3670 /* LDO Sleep mode. */
3671 urtwn_write_1(sc, R92C_LPLDO_CTRL,
3672 urtwn_read_1(sc, R92C_LPLDO_CTRL) | R92C_LPLDO_CTRL_SLEEP);
3673
3674 /* Turn off MAC by HW state machine */
3675 urtwn_write_1(sc, R92C_APS_FSMCO + 1,
3676 urtwn_read_1(sc, R92C_APS_FSMCO + 1) |
3677 (R92C_APS_FSMCO_APFM_OFF >> 8));
3678
3679 for (ntries = 0; ntries < 20; ntries++) {
3680 /* Wait until it will be disabled. */
3681 if ((urtwn_read_1(sc, R92C_APS_FSMCO + 1) &
3682 (R92C_APS_FSMCO_APFM_OFF >> 8)) == 0)
3683 break;
3684
3685 urtwn_ms_delay(sc);
3686 }
3687 if (ntries == 20) {
3688 device_printf(sc->sc_dev, "%s: could not turn off MAC\n",
3689 __func__);
3690 return;
3691 }
3692
3693 /* schmit trigger */
3694 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2,
3695 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80);
3696
3697 /* Enable WL suspend. */
3698 urtwn_write_1(sc, R92C_APS_FSMCO + 1,
3699 (urtwn_read_1(sc, R92C_APS_FSMCO + 1) & ~0x10) | 0x08);
3700
3701 /* Enable bandgap mbias in suspend. */
3702 urtwn_write_1(sc, R92C_APS_FSMCO + 3, 0);
3703
3704 /* Clear SIC_EN register. */
3705 urtwn_write_1(sc, R92C_GPIO_MUXCFG + 1,
3706 urtwn_read_1(sc, R92C_GPIO_MUXCFG + 1) & ~0x10);
3707
3708 /* Set USB suspend enable local register */
3709 urtwn_write_1(sc, R92C_USB_SUSPEND,
3710 urtwn_read_1(sc, R92C_USB_SUSPEND) | 0x10);
3711
3712 /* Reset MCU IO Wrapper. */
3713 reg = urtwn_read_1(sc, R92C_RSV_CTRL + 1);
3714 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg & ~0x08);
3715 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg | 0x08);
3716
3717 /* marked as 'For Power Consumption' code. */
3718 urtwn_write_1(sc, R92C_GPIO_OUT, urtwn_read_1(sc, R92C_GPIO_IN));
3719 urtwn_write_1(sc, R92C_GPIO_IOSEL, 0xff);
3720
3721 urtwn_write_1(sc, R92C_GPIO_IO_SEL,
3722 urtwn_read_1(sc, R92C_GPIO_IO_SEL) << 4);
3723 urtwn_write_1(sc, R92C_GPIO_MOD,
3724 urtwn_read_1(sc, R92C_GPIO_MOD) | 0x0f);
3725
3726 /* Set LNA, TRSW, EX_PA Pin to output mode. */
3727 urtwn_write_4(sc, R88E_BB_PAD_CTRL, 0x00080808);
3728}
3729
3730static int
3731urtwn_llt_init(struct urtwn_softc *sc)
3732{
3733 int i, error, page_count, pktbuf_count;
3734
3735 page_count = (sc->chip & URTWN_CHIP_88E) ?
3736 R88E_TX_PAGE_COUNT : R92C_TX_PAGE_COUNT;
3737 pktbuf_count = (sc->chip & URTWN_CHIP_88E) ?
3738 R88E_TXPKTBUF_COUNT : R92C_TXPKTBUF_COUNT;
3739
3740 /* Reserve pages [0; page_count]. */
3741 for (i = 0; i < page_count; i++) {
3742 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0)
3743 return (error);
3744 }
3745 /* NB: 0xff indicates end-of-list. */
3746 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0)
3747 return (error);
3748 /*
3749 * Use pages [page_count + 1; pktbuf_count - 1]
3750 * as ring buffer.
3751 */
3752 for (++i; i < pktbuf_count - 1; i++) {
3753 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0)
3754 return (error);
3755 }
3756 /* Make the last page point to the beginning of the ring buffer. */
3757 error = urtwn_llt_write(sc, i, page_count + 1);
3758 return (error);
3759}
3760
3761#ifndef URTWN_WITHOUT_UCODE
3762static void
3763urtwn_fw_reset(struct urtwn_softc *sc)
3764{
3765 uint16_t reg;
3766 int ntries;
3767
3768 /* Tell 8051 to reset itself. */
3769 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20);
3770
3771 /* Wait until 8051 resets by itself. */
3772 for (ntries = 0; ntries < 100; ntries++) {
3773 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
3774 if (!(reg & R92C_SYS_FUNC_EN_CPUEN))
3775 return;
3776 urtwn_ms_delay(sc);
3777 }
3778 /* Force 8051 reset. */
3779 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN);
3780}
3781
3782static void
3783urtwn_r88e_fw_reset(struct urtwn_softc *sc)
3784{
3785 uint16_t reg;
3786
3787 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
3788 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN);
3789 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg | R92C_SYS_FUNC_EN_CPUEN);
3790}
3791
3792static int
3793urtwn_fw_loadpage(struct urtwn_softc *sc, int page, const uint8_t *buf, int len)
3794{
3795 uint32_t reg;
3796 usb_error_t error = USB_ERR_NORMAL_COMPLETION;
3797 int off, mlen;
3798
3799 reg = urtwn_read_4(sc, R92C_MCUFWDL);
3800 reg = RW(reg, R92C_MCUFWDL_PAGE, page);
3801 urtwn_write_4(sc, R92C_MCUFWDL, reg);
3802
3803 off = R92C_FW_START_ADDR;
3804 while (len > 0) {
3805 if (len > 196)
3806 mlen = 196;
3807 else if (len > 4)
3808 mlen = 4;
3809 else
3810 mlen = 1;
3811 /* XXX fix this deconst */
3812 error = urtwn_write_region_1(sc, off,
3813 __DECONST(uint8_t *, buf), mlen);
3814 if (error != USB_ERR_NORMAL_COMPLETION)
3815 break;
3816 off += mlen;
3817 buf += mlen;
3818 len -= mlen;
3819 }
3820 return (error);
3821}
3822
3823static int
3824urtwn_load_firmware(struct urtwn_softc *sc)
3825{
3826 const struct firmware *fw;
3827 const struct r92c_fw_hdr *hdr;
3828 const char *imagename;
3829 const u_char *ptr;
3830 size_t len;
3831 uint32_t reg;
3832 int mlen, ntries, page, error;
3833
3834 URTWN_UNLOCK(sc);
3835 /* Read firmware image from the filesystem. */
3836 if (sc->chip & URTWN_CHIP_88E)
3837 imagename = "urtwn-rtl8188eufw";
3838 else if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) ==
3839 URTWN_CHIP_UMC_A_CUT)
3840 imagename = "urtwn-rtl8192cfwU";
3841 else
3842 imagename = "urtwn-rtl8192cfwT";
3843
3844 fw = firmware_get(imagename);
3845 URTWN_LOCK(sc);
3846 if (fw == NULL) {
3847 device_printf(sc->sc_dev,
3848 "failed loadfirmware of file %s\n", imagename);
3849 return (ENOENT);
3850 }
3851
3852 len = fw->datasize;
3853
3854 if (len < sizeof(*hdr)) {
3855 device_printf(sc->sc_dev, "firmware too short\n");
3856 error = EINVAL;
3857 goto fail;
3858 }
3859 ptr = fw->data;
3860 hdr = (const struct r92c_fw_hdr *)ptr;
3861 /* Check if there is a valid FW header and skip it. */
3862 if ((le16toh(hdr->signature) >> 4) == 0x88c ||
3863 (le16toh(hdr->signature) >> 4) == 0x88e ||
3864 (le16toh(hdr->signature) >> 4) == 0x92c) {
3865 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE,
3866 "FW V%d.%d %02d-%02d %02d:%02d\n",
3867 le16toh(hdr->version), le16toh(hdr->subversion),
3868 hdr->month, hdr->date, hdr->hour, hdr->minute);
3869 ptr += sizeof(*hdr);
3870 len -= sizeof(*hdr);
3871 }
3872
3873 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RAM_DL_SEL) {
3874 if (sc->chip & URTWN_CHIP_88E)
3875 urtwn_r88e_fw_reset(sc);
3876 else
3877 urtwn_fw_reset(sc);
3878 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3879 }
3880
3881 if (!(sc->chip & URTWN_CHIP_88E)) {
3882 urtwn_write_2(sc, R92C_SYS_FUNC_EN,
3883 urtwn_read_2(sc, R92C_SYS_FUNC_EN) |
3884 R92C_SYS_FUNC_EN_CPUEN);
3885 }
3886 urtwn_write_1(sc, R92C_MCUFWDL,
3887 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN);
3888 urtwn_write_1(sc, R92C_MCUFWDL + 2,
3889 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08);
3890
3891 /* Reset the FWDL checksum. */
3892 urtwn_write_1(sc, R92C_MCUFWDL,
3893 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_CHKSUM_RPT);
3894
3895 for (page = 0; len > 0; page++) {
3896 mlen = min(len, R92C_FW_PAGE_SIZE);
3897 error = urtwn_fw_loadpage(sc, page, ptr, mlen);
3898 if (error != 0) {
3899 device_printf(sc->sc_dev,
3900 "could not load firmware page\n");
3901 goto fail;
3902 }
3903 ptr += mlen;
3904 len -= mlen;
3905 }
3906 urtwn_write_1(sc, R92C_MCUFWDL,
3907 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN);
3908 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0);
3909
3910 /* Wait for checksum report. */
3911 for (ntries = 0; ntries < 1000; ntries++) {
3912 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT)
3913 break;
3914 urtwn_ms_delay(sc);
3915 }
3916 if (ntries == 1000) {
3917 device_printf(sc->sc_dev,
3918 "timeout waiting for checksum report\n");
3919 error = ETIMEDOUT;
3920 goto fail;
3921 }
3922
3923 reg = urtwn_read_4(sc, R92C_MCUFWDL);
3924 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY;
3925 urtwn_write_4(sc, R92C_MCUFWDL, reg);
3926 if (sc->chip & URTWN_CHIP_88E)
3927 urtwn_r88e_fw_reset(sc);
3928 /* Wait for firmware readiness. */
3929 for (ntries = 0; ntries < 1000; ntries++) {
3930 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY)
3931 break;
3932 urtwn_ms_delay(sc);
3933 }
3934 if (ntries == 1000) {
3935 device_printf(sc->sc_dev,
3936 "timeout waiting for firmware readiness\n");
3937 error = ETIMEDOUT;
3938 goto fail;
3939 }
3940fail:
3941 firmware_put(fw, FIRMWARE_UNLOAD);
3942 return (error);
3943}
3944#endif
3945
3946static int
3947urtwn_dma_init(struct urtwn_softc *sc)
3948{
3949 struct usb_endpoint *ep, *ep_end;
3950 usb_error_t usb_err;
3951 uint32_t reg;
3952 int hashq, hasnq, haslq, nqueues, ntx;
3953 int error, pagecount, npubqpages, nqpages, nrempages, tx_boundary;
3954
3955 /* Initialize LLT table. */
3956 error = urtwn_llt_init(sc);
3957 if (error != 0)
3958 return (error);
3959
3960 /* Determine the number of bulk-out pipes. */
3961 ntx = 0;
3962 ep = sc->sc_udev->endpoints;
3963 ep_end = sc->sc_udev->endpoints + sc->sc_udev->endpoints_max;
3964 for (; ep != ep_end; ep++) {
3965 if ((ep->edesc == NULL) ||
3966 (ep->iface_index != sc->sc_iface_index))
3967 continue;
3968 if (UE_GET_DIR(ep->edesc->bEndpointAddress) == UE_DIR_OUT)
3969 ntx++;
3970 }
3971 if (ntx == 0) {
3972 device_printf(sc->sc_dev,
3973 "%d: invalid number of Tx bulk pipes\n", ntx);
3974 return (EIO);
3975 }
3976
3977 /* Get Tx queues to USB endpoints mapping. */
3978 hashq = hasnq = haslq = nqueues = 0;
3979 switch (ntx) {
3980 case 1: hashq = 1; break;
3981 case 2: hashq = hasnq = 1; break;
3982 case 3: case 4: hashq = hasnq = haslq = 1; break;
3983 }
3984 nqueues = hashq + hasnq + haslq;
3985 if (nqueues == 0)
3986 return (EIO);
3987
3988 npubqpages = nqpages = nrempages = pagecount = 0;
3989 if (sc->chip & URTWN_CHIP_88E)
3990 tx_boundary = R88E_TX_PAGE_BOUNDARY;
3991 else {
3992 pagecount = R92C_TX_PAGE_COUNT;
3993 npubqpages = R92C_PUBQ_NPAGES;
3994 tx_boundary = R92C_TX_PAGE_BOUNDARY;
3995 }
3996
3997 /* Set number of pages for normal priority queue. */
3998 if (sc->chip & URTWN_CHIP_88E) {
3999 usb_err = urtwn_write_2(sc, R92C_RQPN_NPQ, 0xd);
4000 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4001 return (EIO);
4002 usb_err = urtwn_write_4(sc, R92C_RQPN, 0x808e000d);
4003 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4004 return (EIO);
4005 } else {
4006 /* Get the number of pages for each queue. */
4007 nqpages = (pagecount - npubqpages) / nqueues;
4008 /*
4009 * The remaining pages are assigned to the high priority
4010 * queue.
4011 */
4012 nrempages = (pagecount - npubqpages) % nqueues;
4013 usb_err = urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0);
4014 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4015 return (EIO);
4016 usb_err = urtwn_write_4(sc, R92C_RQPN,
4017 /* Set number of pages for public queue. */
4018 SM(R92C_RQPN_PUBQ, npubqpages) |
4019 /* Set number of pages for high priority queue. */
4020 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) |
4021 /* Set number of pages for low priority queue. */
4022 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) |
4023 /* Load values. */
4024 R92C_RQPN_LD);
4025 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4026 return (EIO);
4027 }
4028
4029 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary);
4030 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4031 return (EIO);
4032 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary);
4033 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4034 return (EIO);
4035 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary);
4036 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4037 return (EIO);
4038 usb_err = urtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary);
4039 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4040 return (EIO);
4041 usb_err = urtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary);
4042 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4043 return (EIO);
4044
4045 /* Set queue to USB pipe mapping. */
4046 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL);
4047 reg &= ~R92C_TRXDMA_CTRL_QMAP_M;
4048 if (nqueues == 1) {
4049 if (hashq)
4050 reg |= R92C_TRXDMA_CTRL_QMAP_HQ;
4051 else if (hasnq)
4052 reg |= R92C_TRXDMA_CTRL_QMAP_NQ;
4053 else
4054 reg |= R92C_TRXDMA_CTRL_QMAP_LQ;
4055 } else if (nqueues == 2) {
4056 /*
4057 * All 2-endpoints configs have high and normal
4058 * priority queues.
4059 */
4060 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ;
4061 } else
4062 reg |= R92C_TRXDMA_CTRL_QMAP_3EP;
4063 usb_err = urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg);
4064 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4065 return (EIO);
4066
4067 /* Set Tx/Rx transfer page boundary. */
4068 usb_err = urtwn_write_2(sc, R92C_TRXFF_BNDY + 2,
4069 (sc->chip & URTWN_CHIP_88E) ? 0x23ff : 0x27ff);
4070 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4071 return (EIO);
4072
4073 /* Set Tx/Rx transfer page size. */
4074 usb_err = urtwn_write_1(sc, R92C_PBP,
4075 SM(R92C_PBP_PSRX, R92C_PBP_128) |
4076 SM(R92C_PBP_PSTX, R92C_PBP_128));
4077 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4078 return (EIO);
4079
4080 return (0);
4081}
4082
4083static int
4084urtwn_mac_init(struct urtwn_softc *sc)
4085{
4086 usb_error_t error;
4087 int i;
4088
4089 /* Write MAC initialization values. */
4090 if (sc->chip & URTWN_CHIP_88E) {
4091 for (i = 0; i < nitems(rtl8188eu_mac); i++) {
4092 error = urtwn_write_1(sc, rtl8188eu_mac[i].reg,
4093 rtl8188eu_mac[i].val);
4094 if (error != USB_ERR_NORMAL_COMPLETION)
4095 return (EIO);
4096 }
4097 urtwn_write_1(sc, R92C_MAX_AGGR_NUM, 0x07);
4098 } else {
4099 for (i = 0; i < nitems(rtl8192cu_mac); i++)
4100 error = urtwn_write_1(sc, rtl8192cu_mac[i].reg,
4101 rtl8192cu_mac[i].val);
4102 if (error != USB_ERR_NORMAL_COMPLETION)
4103 return (EIO);
4104 }
4105
4106 return (0);
4107}
4108
4109static void
4110urtwn_bb_init(struct urtwn_softc *sc)
4111{
4112 const struct urtwn_bb_prog *prog;
4113 uint32_t reg;
4114 uint8_t crystalcap;
4115 int i;
4116
4117 /* Enable BB and RF. */
4118 urtwn_write_2(sc, R92C_SYS_FUNC_EN,
4119 urtwn_read_2(sc, R92C_SYS_FUNC_EN) |
4120 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST |
4121 R92C_SYS_FUNC_EN_DIO_RF);
4122
4123 if (!(sc->chip & URTWN_CHIP_88E))
4124 urtwn_write_2(sc, R92C_AFE_PLL_CTRL, 0xdb83);
4125
4126 urtwn_write_1(sc, R92C_RF_CTRL,
4127 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB);
4128 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
4129 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD |
4130 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB);
4131
4132 if (!(sc->chip & URTWN_CHIP_88E)) {
4133 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f);
4134 urtwn_write_1(sc, 0x15, 0xe9);
4135 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80);
4136 }
4137
4138 /* Select BB programming based on board type. */
4139 if (sc->chip & URTWN_CHIP_88E)
4140 prog = &rtl8188eu_bb_prog;
4141 else if (!(sc->chip & URTWN_CHIP_92C)) {
4142 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4143 prog = &rtl8188ce_bb_prog;
4144 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4145 prog = &rtl8188ru_bb_prog;
4146 else
4147 prog = &rtl8188cu_bb_prog;
4148 } else {
4149 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4150 prog = &rtl8192ce_bb_prog;
4151 else
4152 prog = &rtl8192cu_bb_prog;
4153 }
4154 /* Write BB initialization values. */
4155 for (i = 0; i < prog->count; i++) {
4156 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]);
4157 urtwn_ms_delay(sc);
4158 }
4159
4160 if (sc->chip & URTWN_CHIP_92C_1T2R) {
4161 /* 8192C 1T only configuration. */
4162 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO);
4163 reg = (reg & ~0x00000003) | 0x2;
4164 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg);
4165
4166 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO);
4167 reg = (reg & ~0x00300033) | 0x00200022;
4168 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg);
4169
4170 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING);
4171 reg = (reg & ~0xff000000) | 0x45 << 24;
4172 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg);
4173
4174 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA);
4175 reg = (reg & ~0x000000ff) | 0x23;
4176 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg);
4177
4178 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1);
4179 reg = (reg & ~0x00000030) | 1 << 4;
4180 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg);
4181
4182 reg = urtwn_bb_read(sc, 0xe74);
4183 reg = (reg & ~0x0c000000) | 2 << 26;
4184 urtwn_bb_write(sc, 0xe74, reg);
4185 reg = urtwn_bb_read(sc, 0xe78);
4186 reg = (reg & ~0x0c000000) | 2 << 26;
4187 urtwn_bb_write(sc, 0xe78, reg);
4188 reg = urtwn_bb_read(sc, 0xe7c);
4189 reg = (reg & ~0x0c000000) | 2 << 26;
4190 urtwn_bb_write(sc, 0xe7c, reg);
4191 reg = urtwn_bb_read(sc, 0xe80);
4192 reg = (reg & ~0x0c000000) | 2 << 26;
4193 urtwn_bb_write(sc, 0xe80, reg);
4194 reg = urtwn_bb_read(sc, 0xe88);
4195 reg = (reg & ~0x0c000000) | 2 << 26;
4196 urtwn_bb_write(sc, 0xe88, reg);
4197 }
4198
4199 /* Write AGC values. */
4200 for (i = 0; i < prog->agccount; i++) {
4201 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE,
4202 prog->agcvals[i]);
4203 urtwn_ms_delay(sc);
4204 }
4205
4206 if (sc->chip & URTWN_CHIP_88E) {
4207 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553422);
4208 urtwn_ms_delay(sc);
4209 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553420);
4210 urtwn_ms_delay(sc);
4211
4212 crystalcap = sc->rom.r88e_rom.crystalcap;
4213 if (crystalcap == 0xff)
4214 crystalcap = 0x20;
4215 crystalcap &= 0x3f;
4216 reg = urtwn_bb_read(sc, R92C_AFE_XTAL_CTRL);
4217 urtwn_bb_write(sc, R92C_AFE_XTAL_CTRL,
4218 RW(reg, R92C_AFE_XTAL_CTRL_ADDR,
4219 crystalcap | crystalcap << 6));
4220 } else {
4221 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) &
4222 R92C_HSSI_PARAM2_CCK_HIPWR)
4223 sc->sc_flags |= URTWN_FLAG_CCK_HIPWR;
4224 }
4225}
4226
4227static void
4228urtwn_rf_init(struct urtwn_softc *sc)
4229{
4230 const struct urtwn_rf_prog *prog;
4231 uint32_t reg, type;
4232 int i, j, idx, off;
4233
4234 /* Select RF programming based on board type. */
4235 if (sc->chip & URTWN_CHIP_88E)
4236 prog = rtl8188eu_rf_prog;
4237 else if (!(sc->chip & URTWN_CHIP_92C)) {
4238 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4239 prog = rtl8188ce_rf_prog;
4240 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4241 prog = rtl8188ru_rf_prog;
4242 else
4243 prog = rtl8188cu_rf_prog;
4244 } else
4245 prog = rtl8192ce_rf_prog;
4246
4247 for (i = 0; i < sc->nrxchains; i++) {
4248 /* Save RF_ENV control type. */
4249 idx = i / 2;
4250 off = (i % 2) * 16;
4251 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx));
4252 type = (reg >> off) & 0x10;
4253
4254 /* Set RF_ENV enable. */
4255 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i));
4256 reg |= 0x100000;
4257 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg);
4258 urtwn_ms_delay(sc);
4259 /* Set RF_ENV output high. */
4260 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i));
4261 reg |= 0x10;
4262 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg);
4263 urtwn_ms_delay(sc);
4264 /* Set address and data lengths of RF registers. */
4265 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i));
4266 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH;
4267 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg);
4268 urtwn_ms_delay(sc);
4269 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i));
4270 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH;
4271 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg);
4272 urtwn_ms_delay(sc);
4273
4274 /* Write RF initialization values for this chain. */
4275 for (j = 0; j < prog[i].count; j++) {
4276 if (prog[i].regs[j] >= 0xf9 &&
4277 prog[i].regs[j] <= 0xfe) {
4278 /*
4279 * These are fake RF registers offsets that
4280 * indicate a delay is required.
4281 */
4282 usb_pause_mtx(&sc->sc_mtx, hz / 20); /* 50ms */
4283 continue;
4284 }
4285 urtwn_rf_write(sc, i, prog[i].regs[j],
4286 prog[i].vals[j]);
4287 urtwn_ms_delay(sc);
4288 }
4289
4290 /* Restore RF_ENV control type. */
4291 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx));
4292 reg &= ~(0x10 << off) | (type << off);
4293 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg);
4294
4295 /* Cache RF register CHNLBW. */
4296 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW);
4297 }
4298
4299 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) ==
4300 URTWN_CHIP_UMC_A_CUT) {
4301 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255);
4302 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00);
4303 }
4304}
4305
4306static void
4307urtwn_cam_init(struct urtwn_softc *sc)
4308{
4309 /* Invalidate all CAM entries. */
4310 urtwn_write_4(sc, R92C_CAMCMD,
4311 R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR);
4312}
4313
4314static int
4315urtwn_cam_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data)
4316{
4317 usb_error_t error;
4318
4319 error = urtwn_write_4(sc, R92C_CAMWRITE, data);
4320 if (error != USB_ERR_NORMAL_COMPLETION)
4321 return (EIO);
4322 error = urtwn_write_4(sc, R92C_CAMCMD,
4323 R92C_CAMCMD_POLLING | R92C_CAMCMD_WRITE |
4324 SM(R92C_CAMCMD_ADDR, addr));
4325 if (error != USB_ERR_NORMAL_COMPLETION)
4326 return (EIO);
4327
4328 return (0);
4329}
4330
4331static void
4332urtwn_pa_bias_init(struct urtwn_softc *sc)
4333{
4334 uint8_t reg;
4335 int i;
4336
4337 for (i = 0; i < sc->nrxchains; i++) {
4338 if (sc->pa_setting & (1 << i))
4339 continue;
4340 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406);
4341 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406);
4342 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406);
4343 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406);
4344 }
4345 if (!(sc->pa_setting & 0x10)) {
4346 reg = urtwn_read_1(sc, 0x16);
4347 reg = (reg & ~0xf0) | 0x90;
4348 urtwn_write_1(sc, 0x16, reg);
4349 }
4350}
4351
4352static void
4353urtwn_rxfilter_init(struct urtwn_softc *sc)
4354{
4355 struct ieee80211com *ic = &sc->sc_ic;
4356 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4357 uint32_t rcr;
4358 uint16_t filter;
4359
4360 URTWN_ASSERT_LOCKED(sc);
4361
4362 /* Accept all multicast frames. */
4363 urtwn_write_4(sc, R92C_MAR + 0, 0xffffffff);
4364 urtwn_write_4(sc, R92C_MAR + 4, 0xffffffff);
4365
4366 /* Filter for management frames. */
4367 filter = 0x7f3f;
4368 switch (vap->iv_opmode) {
4369 case IEEE80211_M_STA:
4370 filter &= ~(
4371 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_REQ) |
4372 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_REQ) |
4373 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_PROBE_REQ));
4374 break;
4375 case IEEE80211_M_HOSTAP:
4376 filter &= ~(
4377 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_RESP) |
4378 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_RESP));
4379 break;
4380 case IEEE80211_M_MONITOR:
4381 case IEEE80211_M_IBSS:
4382 break;
4383 default:
4384 device_printf(sc->sc_dev, "%s: undefined opmode %d\n",
4385 __func__, vap->iv_opmode);
4386 break;
4387 }
4388 urtwn_write_2(sc, R92C_RXFLTMAP0, filter);
4389
4390 /* Reject all control frames. */
4391 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000);
4392
4393 /* Reject all data frames. */
4394 urtwn_write_2(sc, R92C_RXFLTMAP2, 0x0000);
4395
4396 rcr = R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_APM |
4397 R92C_RCR_HTC_LOC_CTRL | R92C_RCR_APP_PHYSTS |
4398 R92C_RCR_APP_ICV | R92C_RCR_APP_MIC;
4399
4400 if (vap->iv_opmode == IEEE80211_M_MONITOR) {
4401 /* Accept all frames. */
4402 rcr |= R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF |
4403 R92C_RCR_AAP;
4404 }
4405
4406 /* Set Rx filter. */
4407 urtwn_write_4(sc, R92C_RCR, rcr);
4408
4409 if (ic->ic_promisc != 0) {
4410 /* Update Rx filter. */
4411 urtwn_set_promisc(sc);
4412 }
4413}
4414
4415static void
4416urtwn_edca_init(struct urtwn_softc *sc)
4417{
4418 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a);
4419 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a);
4420 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a);
4421 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a);
4422 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b);
4423 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f);
4424 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324);
4425 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226);
4426}
4427
4428static void
4429urtwn_write_txpower(struct urtwn_softc *sc, int chain,
4430 uint16_t power[URTWN_RIDX_COUNT])
4431{
4432 uint32_t reg;
4433
4434 /* Write per-CCK rate Tx power. */
4435 if (chain == 0) {
4436 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32);
4437 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]);
4438 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg);
4439 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11);
4440 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]);
4441 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]);
4442 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]);
4443 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg);
4444 } else {
4445 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32);
4446 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]);
4447 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]);
4448 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]);
4449 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg);
4450 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11);
4451 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]);
4452 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg);
4453 }
4454 /* Write per-OFDM rate Tx power. */
4455 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain),
4456 SM(R92C_TXAGC_RATE06, power[ 4]) |
4457 SM(R92C_TXAGC_RATE09, power[ 5]) |
4458 SM(R92C_TXAGC_RATE12, power[ 6]) |
4459 SM(R92C_TXAGC_RATE18, power[ 7]));
4460 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain),
4461 SM(R92C_TXAGC_RATE24, power[ 8]) |
4462 SM(R92C_TXAGC_RATE36, power[ 9]) |
4463 SM(R92C_TXAGC_RATE48, power[10]) |
4464 SM(R92C_TXAGC_RATE54, power[11]));
4465 /* Write per-MCS Tx power. */
4466 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain),
4467 SM(R92C_TXAGC_MCS00, power[12]) |
4468 SM(R92C_TXAGC_MCS01, power[13]) |
4469 SM(R92C_TXAGC_MCS02, power[14]) |
4470 SM(R92C_TXAGC_MCS03, power[15]));
4471 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain),
4472 SM(R92C_TXAGC_MCS04, power[16]) |
4473 SM(R92C_TXAGC_MCS05, power[17]) |
4474 SM(R92C_TXAGC_MCS06, power[18]) |
4475 SM(R92C_TXAGC_MCS07, power[19]));
4476 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain),
4477 SM(R92C_TXAGC_MCS08, power[20]) |
4478 SM(R92C_TXAGC_MCS09, power[21]) |
4479 SM(R92C_TXAGC_MCS10, power[22]) |
4480 SM(R92C_TXAGC_MCS11, power[23]));
4481 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain),
4482 SM(R92C_TXAGC_MCS12, power[24]) |
4483 SM(R92C_TXAGC_MCS13, power[25]) |
4484 SM(R92C_TXAGC_MCS14, power[26]) |
4485 SM(R92C_TXAGC_MCS15, power[27]));
4486}
4487
4488static void
4489urtwn_get_txpower(struct urtwn_softc *sc, int chain,
4490 struct ieee80211_channel *c, struct ieee80211_channel *extc,
4491 uint16_t power[URTWN_RIDX_COUNT])
4492{
4493 struct ieee80211com *ic = &sc->sc_ic;
4494 struct r92c_rom *rom = &sc->rom.r92c_rom;
4495 uint16_t cckpow, ofdmpow, htpow, diff, max;
4496 const struct urtwn_txpwr *base;
4497 int ridx, chan, group;
4498
4499 /* Determine channel group. */
4500 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
4501 if (chan <= 3)
4502 group = 0;
4503 else if (chan <= 9)
4504 group = 1;
4505 else
4506 group = 2;
4507
4508 /* Get original Tx power based on board type and RF chain. */
4509 if (!(sc->chip & URTWN_CHIP_92C)) {
4510 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4511 base = &rtl8188ru_txagc[chain];
4512 else
4513 base = &rtl8192cu_txagc[chain];
4514 } else
4515 base = &rtl8192cu_txagc[chain];
4516
4517 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0]));
4518 if (sc->regulatory == 0) {
4519 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++)
4520 power[ridx] = base->pwr[0][ridx];
4521 }
4522 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) {
4523 if (sc->regulatory == 3) {
4524 power[ridx] = base->pwr[0][ridx];
4525 /* Apply vendor limits. */
4526 if (extc != NULL)
4527 max = rom->ht40_max_pwr[group];
4528 else
4529 max = rom->ht20_max_pwr[group];
4530 max = (max >> (chain * 4)) & 0xf;
4531 if (power[ridx] > max)
4532 power[ridx] = max;
4533 } else if (sc->regulatory == 1) {
4534 if (extc == NULL)
4535 power[ridx] = base->pwr[group][ridx];
4536 } else if (sc->regulatory != 2)
4537 power[ridx] = base->pwr[0][ridx];
4538 }
4539
4540 /* Compute per-CCK rate Tx power. */
4541 cckpow = rom->cck_tx_pwr[chain][group];
4542 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) {
4543 power[ridx] += cckpow;
4544 if (power[ridx] > R92C_MAX_TX_PWR)
4545 power[ridx] = R92C_MAX_TX_PWR;
4546 }
4547
4548 htpow = rom->ht40_1s_tx_pwr[chain][group];
4549 if (sc->ntxchains > 1) {
4550 /* Apply reduction for 2 spatial streams. */
4551 diff = rom->ht40_2s_tx_pwr_diff[group];
4552 diff = (diff >> (chain * 4)) & 0xf;
4553 htpow = (htpow > diff) ? htpow - diff : 0;
4554 }
4555
4556 /* Compute per-OFDM rate Tx power. */
4557 diff = rom->ofdm_tx_pwr_diff[group];
4558 diff = (diff >> (chain * 4)) & 0xf;
4559 ofdmpow = htpow + diff; /* HT->OFDM correction. */
4560 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) {
4561 power[ridx] += ofdmpow;
4562 if (power[ridx] > R92C_MAX_TX_PWR)
4563 power[ridx] = R92C_MAX_TX_PWR;
4564 }
4565
4566 /* Compute per-MCS Tx power. */
4567 if (extc == NULL) {
4568 diff = rom->ht20_tx_pwr_diff[group];
4569 diff = (diff >> (chain * 4)) & 0xf;
4570 htpow += diff; /* HT40->HT20 correction. */
4571 }
4572 for (ridx = 12; ridx <= 27; ridx++) {
4573 power[ridx] += htpow;
4574 if (power[ridx] > R92C_MAX_TX_PWR)
4575 power[ridx] = R92C_MAX_TX_PWR;
4576 }
4577#ifdef USB_DEBUG
4578 if (sc->sc_debug & URTWN_DEBUG_TXPWR) {
4579 /* Dump per-rate Tx power values. */
4580 printf("Tx power for chain %d:\n", chain);
4581 for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++)
4582 printf("Rate %d = %u\n", ridx, power[ridx]);
4583 }
4584#endif
4585}
4586
4587static void
4588urtwn_r88e_get_txpower(struct urtwn_softc *sc, int chain,
4589 struct ieee80211_channel *c, struct ieee80211_channel *extc,
4590 uint16_t power[URTWN_RIDX_COUNT])
4591{
4592 struct ieee80211com *ic = &sc->sc_ic;
4593 struct r88e_rom *rom = &sc->rom.r88e_rom;
4594 uint16_t cckpow, ofdmpow, bw20pow, htpow;
4595 const struct urtwn_r88e_txpwr *base;
4596 int ridx, chan, group;
4597
4598 /* Determine channel group. */
4599 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
4600 if (chan <= 2)
4601 group = 0;
4602 else if (chan <= 5)
4603 group = 1;
4604 else if (chan <= 8)
4605 group = 2;
4606 else if (chan <= 11)
4607 group = 3;
4608 else if (chan <= 13)
4609 group = 4;
4610 else
4611 group = 5;
4612
4613 /* Get original Tx power based on board type and RF chain. */
4614 base = &rtl8188eu_txagc[chain];
4615
4616 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0]));
4617 if (sc->regulatory == 0) {
4618 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++)
4619 power[ridx] = base->pwr[0][ridx];
4620 }
4621 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) {
4622 if (sc->regulatory == 3)
4623 power[ridx] = base->pwr[0][ridx];
4624 else if (sc->regulatory == 1) {
4625 if (extc == NULL)
4626 power[ridx] = base->pwr[group][ridx];
4627 } else if (sc->regulatory != 2)
4628 power[ridx] = base->pwr[0][ridx];
4629 }
4630
4631 /* Compute per-CCK rate Tx power. */
4632 cckpow = rom->cck_tx_pwr[group];
4633 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) {
4634 power[ridx] += cckpow;
4635 if (power[ridx] > R92C_MAX_TX_PWR)
4636 power[ridx] = R92C_MAX_TX_PWR;
4637 }
4638
4639 htpow = rom->ht40_tx_pwr[group];
4640
4641 /* Compute per-OFDM rate Tx power. */
4642 ofdmpow = htpow + sc->ofdm_tx_pwr_diff;
4643 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) {
4644 power[ridx] += ofdmpow;
4645 if (power[ridx] > R92C_MAX_TX_PWR)
4646 power[ridx] = R92C_MAX_TX_PWR;
4647 }
4648
4649 bw20pow = htpow + sc->bw20_tx_pwr_diff;
4650 for (ridx = 12; ridx <= 27; ridx++) {
4651 power[ridx] += bw20pow;
4652 if (power[ridx] > R92C_MAX_TX_PWR)
4653 power[ridx] = R92C_MAX_TX_PWR;
4654 }
4655}
4656
4657static void
4658urtwn_set_txpower(struct urtwn_softc *sc, struct ieee80211_channel *c,
4659 struct ieee80211_channel *extc)
4660{
4661 uint16_t power[URTWN_RIDX_COUNT];
4662 int i;
4663
4664 for (i = 0; i < sc->ntxchains; i++) {
4665 /* Compute per-rate Tx power values. */
4666 if (sc->chip & URTWN_CHIP_88E)
4667 urtwn_r88e_get_txpower(sc, i, c, extc, power);
4668 else
4669 urtwn_get_txpower(sc, i, c, extc, power);
4670 /* Write per-rate Tx power values to hardware. */
4671 urtwn_write_txpower(sc, i, power);
4672 }
4673}
4674
4675static void
4676urtwn_set_rx_bssid_all(struct urtwn_softc *sc, int enable)
4677{
4678 uint32_t reg;
4679
4680 reg = urtwn_read_4(sc, R92C_RCR);
4681 if (enable)
4682 reg &= ~R92C_RCR_CBSSID_BCN;
4683 else
4684 reg |= R92C_RCR_CBSSID_BCN;
4685 urtwn_write_4(sc, R92C_RCR, reg);
4686}
4687
4688static void
4689urtwn_set_gain(struct urtwn_softc *sc, uint8_t gain)
4690{
4691 uint32_t reg;
4692
4693 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0));
4694 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain);
4695 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg);
4696
4697 if (!(sc->chip & URTWN_CHIP_88E)) {
4698 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1));
4699 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain);
4700 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg);
4701 }
4702}
4703
4704static void
4705urtwn_scan_start(struct ieee80211com *ic)
4706{
4707 struct urtwn_softc *sc = ic->ic_softc;
4708
4709 URTWN_LOCK(sc);
4710 /* Receive beacons / probe responses from any BSSID. */
4711 if (ic->ic_opmode != IEEE80211_M_IBSS)
4712 urtwn_set_rx_bssid_all(sc, 1);
4713
4714 /* Set gain for scanning. */
4715 urtwn_set_gain(sc, 0x20);
4716 URTWN_UNLOCK(sc);
4717}
4718
4719static void
4720urtwn_scan_end(struct ieee80211com *ic)
4721{
4722 struct urtwn_softc *sc = ic->ic_softc;
4723
4724 URTWN_LOCK(sc);
4725 /* Restore limitations. */
4726 if (ic->ic_promisc == 0 && ic->ic_opmode != IEEE80211_M_IBSS)
4727 urtwn_set_rx_bssid_all(sc, 0);
4728
4729 /* Set gain under link. */
4730 urtwn_set_gain(sc, 0x32);
4731 URTWN_UNLOCK(sc);
4732}
4733
4734static void
4735urtwn_set_channel(struct ieee80211com *ic)
4736{
4737 struct urtwn_softc *sc = ic->ic_softc;
4738 struct ieee80211_channel *c = ic->ic_curchan;
4739 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4740
4741 URTWN_LOCK(sc);
4742 if (vap->iv_state == IEEE80211_S_SCAN) {
4743 /* Make link LED blink during scan. */
4744 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink);
4745 }
4746 urtwn_set_chan(sc, c, NULL);
4747 sc->sc_rxtap.wr_chan_freq = htole16(c->ic_freq);
4748 sc->sc_rxtap.wr_chan_flags = htole16(c->ic_flags);
4749 sc->sc_txtap.wt_chan_freq = htole16(c->ic_freq);
4750 sc->sc_txtap.wt_chan_flags = htole16(c->ic_flags);
4751 URTWN_UNLOCK(sc);
4752}
4753
4754static int
4755urtwn_wme_update(struct ieee80211com *ic)
4756{
4757 const struct wmeParams *wmep =
4758 ic->ic_wme.wme_chanParams.cap_wmeParams;
4759 struct urtwn_softc *sc = ic->ic_softc;
4760 uint8_t aifs, acm, slottime;
4761 int ac;
4762
4763 acm = 0;
4764 slottime = IEEE80211_GET_SLOTTIME(ic);
4765
4766 URTWN_LOCK(sc);
4767 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
4768 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
4769 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS;
4770 urtwn_write_4(sc, wme2queue[ac].reg,
4771 SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) |
4772 SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) |
4773 SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) |
4774 SM(R92C_EDCA_PARAM_AIFS, aifs));
4775 if (ac != WME_AC_BE)
4776 acm |= wmep[ac].wmep_acm << ac;
4777 }
4778
4779 if (acm != 0)
4780 acm |= R92C_ACMHWCTRL_EN;
4781 urtwn_write_1(sc, R92C_ACMHWCTRL,
4782 (urtwn_read_1(sc, R92C_ACMHWCTRL) & ~R92C_ACMHWCTRL_ACM_MASK) |
4783 acm);
4784
4785 URTWN_UNLOCK(sc);
4786
4787 return 0;
4788}
4789
4790static void
4791urtwn_update_slot(struct ieee80211com *ic)
4792{
4793 urtwn_cmd_sleepable(ic->ic_softc, NULL, 0, urtwn_update_slot_cb);
4794}
4795
4796static void
4797urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data)
4798{
4799 struct ieee80211com *ic = &sc->sc_ic;
4800 uint8_t slottime;
4801
4802 slottime = IEEE80211_GET_SLOTTIME(ic);
4803
4804 URTWN_DPRINTF(sc, URTWN_DEBUG_ANY, "%s: setting slot time to %uus\n",
4805 __func__, slottime);
4806
4807 urtwn_write_1(sc, R92C_SLOT, slottime);
4808 urtwn_update_aifs(sc, slottime);
4809}
4810
4811static void
4812urtwn_update_aifs(struct urtwn_softc *sc, uint8_t slottime)
4813{
4814 const struct wmeParams *wmep =
4815 sc->sc_ic.ic_wme.wme_chanParams.cap_wmeParams;
4816 uint8_t aifs, ac;
4817
4818 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
4819 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
4820 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS;
4821 urtwn_write_1(sc, wme2queue[ac].reg, aifs);
4822 }
4823}
4824
4825static void
4826urtwn_set_promisc(struct urtwn_softc *sc)
4827{
4828 struct ieee80211com *ic = &sc->sc_ic;
4829 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4830 uint32_t rcr, mask1, mask2;
4831
4832 URTWN_ASSERT_LOCKED(sc);
4833
4834 if (vap->iv_opmode == IEEE80211_M_MONITOR)
4835 return;
4836
4837 mask1 = R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | R92C_RCR_AAP;
4838 mask2 = R92C_RCR_APM;
4839
4840 if (vap->iv_state == IEEE80211_S_RUN) {
4841 switch (vap->iv_opmode) {
4842 case IEEE80211_M_STA:
4843 mask2 |= R92C_RCR_CBSSID_DATA;
4844 /* FALLTHROUGH */
4845 case IEEE80211_M_HOSTAP:
4846 mask2 |= R92C_RCR_CBSSID_BCN;
4847 break;
4848 case IEEE80211_M_IBSS:
4849 mask2 |= R92C_RCR_CBSSID_DATA;
4850 break;
4851 default:
4852 device_printf(sc->sc_dev, "%s: undefined opmode %d\n",
4853 __func__, vap->iv_opmode);
4854 return;
4855 }
4856 }
4857
4858 rcr = urtwn_read_4(sc, R92C_RCR);
4859 if (ic->ic_promisc == 0)
4860 rcr = (rcr & ~mask1) | mask2;
4861 else
4862 rcr = (rcr & ~mask2) | mask1;
4863 urtwn_write_4(sc, R92C_RCR, rcr);
4864}
4865
4866static void
4867urtwn_update_promisc(struct ieee80211com *ic)
4868{
4869 struct urtwn_softc *sc = ic->ic_softc;
4870
4871 URTWN_LOCK(sc);
4872 if (sc->sc_flags & URTWN_RUNNING)
4873 urtwn_set_promisc(sc);
4874 URTWN_UNLOCK(sc);
4875}
4876
4877static void
4878urtwn_update_mcast(struct ieee80211com *ic)
4879{
4880 /* XXX do nothing? */
4881}
4882
4883static struct ieee80211_node *
4884urtwn_node_alloc(struct ieee80211vap *vap,
4885 const uint8_t mac[IEEE80211_ADDR_LEN])
4886{
4887 struct urtwn_node *un;
4888
4889 un = malloc(sizeof (struct urtwn_node), M_80211_NODE,
4890 M_NOWAIT | M_ZERO);
4891
4892 if (un == NULL)
4893 return NULL;
4894
4895 un->id = URTWN_MACID_UNDEFINED;
4896
4897 return &un->ni;
4898}
4899
4900static void
4901urtwn_newassoc(struct ieee80211_node *ni, int isnew)
4902{
4903 struct urtwn_softc *sc = ni->ni_ic->ic_softc;
4904 struct urtwn_node *un = URTWN_NODE(ni);
4905 uint8_t id;
4906
4907 /* Only do this bit for R88E chips */
4908 if (! (sc->chip & URTWN_CHIP_88E))
4909 return;
4910
4911 if (!isnew)
4912 return;
4913
4914 URTWN_NT_LOCK(sc);
4915 for (id = 0; id <= URTWN_MACID_MAX(sc); id++) {
4916 if (id != URTWN_MACID_BC && sc->node_list[id] == NULL) {
4917 un->id = id;
4918 sc->node_list[id] = ni;
4919 break;
4920 }
4921 }
4922 URTWN_NT_UNLOCK(sc);
4923
4924 if (id > URTWN_MACID_MAX(sc)) {
4925 device_printf(sc->sc_dev, "%s: node table is full\n",
4926 __func__);
4927 }
4928}
4929
4930static void
4931urtwn_node_free(struct ieee80211_node *ni)
4932{
4933 struct urtwn_softc *sc = ni->ni_ic->ic_softc;
4934 struct urtwn_node *un = URTWN_NODE(ni);
4935
4936 URTWN_NT_LOCK(sc);
4937 if (un->id != URTWN_MACID_UNDEFINED)
4938 sc->node_list[un->id] = NULL;
4939 URTWN_NT_UNLOCK(sc);
4940
4941 sc->sc_node_free(ni);
4942}
4943
4944static void
4945urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c,
4946 struct ieee80211_channel *extc)
4947{
4948 struct ieee80211com *ic = &sc->sc_ic;
4949 uint32_t reg;
4950 u_int chan;
4951 int i;
4952
4953 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
4954 if (chan == 0 || chan == IEEE80211_CHAN_ANY) {
4955 device_printf(sc->sc_dev,
4956 "%s: invalid channel %x\n", __func__, chan);
4957 return;
4958 }
4959
4960 /* Set Tx power for this new channel. */
4961 urtwn_set_txpower(sc, c, extc);
4962
4963 for (i = 0; i < sc->nrxchains; i++) {
4964 urtwn_rf_write(sc, i, R92C_RF_CHNLBW,
4965 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan));
4966 }
4967#ifndef IEEE80211_NO_HT
4968 if (extc != NULL) {
4969 /* Is secondary channel below or above primary? */
4970 int prichlo = c->ic_freq < extc->ic_freq;
4971
4972 urtwn_write_1(sc, R92C_BWOPMODE,
4973 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ);
4974
4975 reg = urtwn_read_1(sc, R92C_RRSR + 2);
4976 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5;
4977 urtwn_write_1(sc, R92C_RRSR + 2, reg);
4978
4979 urtwn_bb_write(sc, R92C_FPGA0_RFMOD,
4980 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ);
4981 urtwn_bb_write(sc, R92C_FPGA1_RFMOD,
4982 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ);
4983
4984 /* Set CCK side band. */
4985 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM);
4986 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4;
4987 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg);
4988
4989 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF);
4990 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10;
4991 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg);
4992
4993 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2,
4994 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) &
4995 ~R92C_FPGA0_ANAPARAM2_CBW20);
4996
4997 reg = urtwn_bb_read(sc, 0x818);
4998 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26;
4999 urtwn_bb_write(sc, 0x818, reg);
5000
5001 /* Select 40MHz bandwidth. */
5002 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5003 (sc->rf_chnlbw[0] & ~0xfff) | chan);
5004 } else
5005#endif
5006 {
5007 urtwn_write_1(sc, R92C_BWOPMODE,
5008 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ);
5009
5010 urtwn_bb_write(sc, R92C_FPGA0_RFMOD,
5011 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ);
5012 urtwn_bb_write(sc, R92C_FPGA1_RFMOD,
5013 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ);
5014
5015 if (!(sc->chip & URTWN_CHIP_88E)) {
5016 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2,
5017 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) |
5018 R92C_FPGA0_ANAPARAM2_CBW20);
5019 }
5020
5021 /* Select 20MHz bandwidth. */
5022 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5023 (sc->rf_chnlbw[0] & ~0xfff) | chan |
5024 ((sc->chip & URTWN_CHIP_88E) ? R88E_RF_CHNLBW_BW20 :
5025 R92C_RF_CHNLBW_BW20));
5026 }
5027}
5028
5029static void
5030urtwn_iq_calib(struct urtwn_softc *sc)
5031{
5032 /* TODO */
5033}
5034
5035static void
5036urtwn_lc_calib(struct urtwn_softc *sc)
5037{
5038 uint32_t rf_ac[2];
5039 uint8_t txmode;
5040 int i;
5041
5042 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3);
5043 if ((txmode & 0x70) != 0) {
5044 /* Disable all continuous Tx. */
5045 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70);
5046
5047 /* Set RF mode to standby mode. */
5048 for (i = 0; i < sc->nrxchains; i++) {
5049 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC);
5050 urtwn_rf_write(sc, i, R92C_RF_AC,
5051 RW(rf_ac[i], R92C_RF_AC_MODE,
5052 R92C_RF_AC_MODE_STANDBY));
5053 }
5054 } else {
5055 /* Block all Tx queues. */
5056 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
5057 }
5058 /* Start calibration. */
5059 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5060 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART);
5061
5062 /* Give calibration the time to complete. */
5063 usb_pause_mtx(&sc->sc_mtx, hz / 10); /* 100ms */
5064
5065 /* Restore configuration. */
5066 if ((txmode & 0x70) != 0) {
5067 /* Restore Tx mode. */
5068 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode);
5069 /* Restore RF mode. */
5070 for (i = 0; i < sc->nrxchains; i++)
5071 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]);
5072 } else {
5073 /* Unblock all Tx queues. */
5074 urtwn_write_1(sc, R92C_TXPAUSE, 0x00);
5075 }
5076}
5077
5078static void
5079urtwn_temp_calib(struct urtwn_softc *sc)
5080{
5081 uint8_t temp;
5082
5083 URTWN_ASSERT_LOCKED(sc);
5084
5085 if (!(sc->sc_flags & URTWN_TEMP_MEASURED)) {
5086 /* Start measuring temperature. */
5087 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5088 "%s: start measuring temperature\n", __func__);
5089 if (sc->chip & URTWN_CHIP_88E) {
5090 urtwn_rf_write(sc, 0, R88E_RF_T_METER,
5091 R88E_RF_T_METER_START);
5092 } else {
5093 urtwn_rf_write(sc, 0, R92C_RF_T_METER,
5094 R92C_RF_T_METER_START);
5095 }
5096 sc->sc_flags |= URTWN_TEMP_MEASURED;
5097 return;
5098 }
5099 sc->sc_flags &= ~URTWN_TEMP_MEASURED;
5100
5101 /* Read measured temperature. */
5102 if (sc->chip & URTWN_CHIP_88E) {
5103 temp = MS(urtwn_rf_read(sc, 0, R88E_RF_T_METER),
5104 R88E_RF_T_METER_VAL);
5105 } else {
5106 temp = MS(urtwn_rf_read(sc, 0, R92C_RF_T_METER),
5107 R92C_RF_T_METER_VAL);
5108 }
5109 if (temp == 0) { /* Read failed, skip. */
5110 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5111 "%s: temperature read failed, skipping\n", __func__);
5112 return;
5113 }
5114
5115 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5116 "%s: temperature: previous %u, current %u\n",
5117 __func__, sc->thcal_lctemp, temp);
5118
5119 /*
5120 * Redo LC calibration if temperature changed significantly since
5121 * last calibration.
5122 */
5123 if (sc->thcal_lctemp == 0) {
5124 /* First LC calibration is performed in urtwn_init(). */
5125 sc->thcal_lctemp = temp;
5126 } else if (abs(temp - sc->thcal_lctemp) > 1) {
5127 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5128 "%s: LC calib triggered by temp: %u -> %u\n",
5129 __func__, sc->thcal_lctemp, temp);
5130 urtwn_lc_calib(sc);
5131 /* Record temperature of last LC calibration. */
5132 sc->thcal_lctemp = temp;
5133 }
5134}
5135
5136static int
5137urtwn_init(struct urtwn_softc *sc)
5138{
5139 struct ieee80211com *ic = &sc->sc_ic;
5140 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
5141 uint8_t macaddr[IEEE80211_ADDR_LEN];
5142 uint32_t reg;
5143 usb_error_t usb_err = USB_ERR_NORMAL_COMPLETION;
5144 int error;
5145
5146 URTWN_LOCK(sc);
5147 if (sc->sc_flags & URTWN_RUNNING) {
5148 URTWN_UNLOCK(sc);
5149 return (0);
5150 }
5151
5152 /* Init firmware commands ring. */
5153 sc->fwcur = 0;
5154
5155 /* Allocate Tx/Rx buffers. */
5156 error = urtwn_alloc_rx_list(sc);
5157 if (error != 0)
5158 goto fail;
5159
5160 error = urtwn_alloc_tx_list(sc);
5161 if (error != 0)
5162 goto fail;
5163
5164 /* Power on adapter. */
5165 error = urtwn_power_on(sc);
5166 if (error != 0)
5167 goto fail;
5168
5169 /* Initialize DMA. */
5170 error = urtwn_dma_init(sc);
5171 if (error != 0)
5172 goto fail;
5173
5174 /* Set info size in Rx descriptors (in 64-bit words). */
5175 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4);
5176
5177 /* Init interrupts. */
5178 if (sc->chip & URTWN_CHIP_88E) {
5179 usb_err = urtwn_write_4(sc, R88E_HISR, 0xffffffff);
5180 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5181 goto fail;
5182 usb_err = urtwn_write_4(sc, R88E_HIMR, R88E_HIMR_CPWM | R88E_HIMR_CPWM2 |
5183 R88E_HIMR_TBDER | R88E_HIMR_PSTIMEOUT);
5184 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5185 goto fail;
5186 usb_err = urtwn_write_4(sc, R88E_HIMRE, R88E_HIMRE_RXFOVW |
5187 R88E_HIMRE_TXFOVW | R88E_HIMRE_RXERR | R88E_HIMRE_TXERR);
5188 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5189 goto fail;
5190 usb_err = urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION,
5191 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) |
5192 R92C_USB_SPECIAL_OPTION_INT_BULK_SEL);
5193 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5194 goto fail;
5195 } else {
5196 usb_err = urtwn_write_4(sc, R92C_HISR, 0xffffffff);
5197 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5198 goto fail;
5199 usb_err = urtwn_write_4(sc, R92C_HIMR, 0xffffffff);
5200 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5201 goto fail;
5202 }
5203
5204 /* Set MAC address. */
5205 IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr);
5206 usb_err = urtwn_write_region_1(sc, R92C_MACID, macaddr, IEEE80211_ADDR_LEN);
5207 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5208 goto fail;
5209
5210 /* Set initial network type. */
5211 urtwn_set_mode(sc, R92C_MSR_INFRA);
5212
5213 /* Initialize Rx filter. */
5214 urtwn_rxfilter_init(sc);
5215
5216 /* Set response rate. */
5217 reg = urtwn_read_4(sc, R92C_RRSR);
5218 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M);
5219 urtwn_write_4(sc, R92C_RRSR, reg);
5220
5221 /* Set short/long retry limits. */
5222 urtwn_write_2(sc, R92C_RL,
5223 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30));
5224
5225 /* Initialize EDCA parameters. */
5226 urtwn_edca_init(sc);
5227
5228 /* Setup rate fallback. */
5229 if (!(sc->chip & URTWN_CHIP_88E)) {
5230 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000);
5231 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404);
5232 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201);
5233 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605);
5234 }
5235
5236 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL,
5237 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) |
5238 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW);
5239 /* Set ACK timeout. */
5240 urtwn_write_1(sc, R92C_ACKTO, 0x40);
5241
5242 /* Setup USB aggregation. */
5243 reg = urtwn_read_4(sc, R92C_TDECTRL);
5244 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6);
5245 urtwn_write_4(sc, R92C_TDECTRL, reg);
5246 urtwn_write_1(sc, R92C_TRXDMA_CTRL,
5247 urtwn_read_1(sc, R92C_TRXDMA_CTRL) |
5248 R92C_TRXDMA_CTRL_RXDMA_AGG_EN);
5249 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48);
5250 if (sc->chip & URTWN_CHIP_88E)
5251 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH + 1, 4);
5252 else {
5253 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4);
5254 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION,
5255 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) |
5256 R92C_USB_SPECIAL_OPTION_AGG_EN);
5257 urtwn_write_1(sc, R92C_USB_AGG_TH, 8);
5258 urtwn_write_1(sc, R92C_USB_AGG_TO, 6);
5259 }
5260
5261 /* Initialize beacon parameters. */
5262 urtwn_write_2(sc, R92C_BCN_CTRL, 0x1010);
5263 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404);
5264 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05);
5265 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02);
5266 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f);
5267
5268 if (!(sc->chip & URTWN_CHIP_88E)) {
5269 /* Setup AMPDU aggregation. */
5270 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */
5271 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16);
5272 urtwn_write_2(sc, R92C_MAX_AGGR_NUM, 0x0708);
5273
5274 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff);
5275 }
5276
5277#ifndef URTWN_WITHOUT_UCODE
5278 /* Load 8051 microcode. */
5279 error = urtwn_load_firmware(sc);
5280 if (error == 0)
5281 sc->sc_flags |= URTWN_FW_LOADED;
5282#endif
5283
5284 /* Initialize MAC/BB/RF blocks. */
5285 error = urtwn_mac_init(sc);
5286 if (error != 0) {
5287 device_printf(sc->sc_dev,
5288 "%s: error while initializing MAC block\n", __func__);
5289 goto fail;
5290 }
5291 urtwn_bb_init(sc);
5292 urtwn_rf_init(sc);
5293
5294 /* Reinitialize Rx filter (D3845 is not committed yet). */
5295 urtwn_rxfilter_init(sc);
5296
5297 if (sc->chip & URTWN_CHIP_88E) {
5298 urtwn_write_2(sc, R92C_CR,
5299 urtwn_read_2(sc, R92C_CR) | R92C_CR_MACTXEN |
5300 R92C_CR_MACRXEN);
5301 }
5302
5303 /* Turn CCK and OFDM blocks on. */
5304 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD);
5305 reg |= R92C_RFMOD_CCK_EN;
5306 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg);
5307 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5308 goto fail;
5309 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD);
5310 reg |= R92C_RFMOD_OFDM_EN;
5311 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg);
5312 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5313 goto fail;
5314
5315 /* Clear per-station keys table. */
5316 urtwn_cam_init(sc);
5317
5318 /* Enable decryption / encryption. */
5319 urtwn_write_2(sc, R92C_SECCFG,
5320 R92C_SECCFG_TXUCKEY_DEF | R92C_SECCFG_RXUCKEY_DEF |
5321 R92C_SECCFG_TXENC_ENA | R92C_SECCFG_RXDEC_ENA |
5322 R92C_SECCFG_TXBCKEY_DEF | R92C_SECCFG_RXBCKEY_DEF);
5323
5324 /*
5325 * Install static keys (if any).
5326 * Must be called after urtwn_cam_init().
5327 */
5328 ieee80211_runtask(ic, &sc->cmdq_task);
5329
5330 /* Enable hardware sequence numbering. */
5331 urtwn_write_1(sc, R92C_HWSEQ_CTRL, R92C_TX_QUEUE_ALL);
5332
5333 /* Enable per-packet TX report. */
5334 if (sc->chip & URTWN_CHIP_88E) {
5335 urtwn_write_1(sc, R88E_TX_RPT_CTRL,
5336 urtwn_read_1(sc, R88E_TX_RPT_CTRL) | R88E_TX_RPT1_ENA);
5337 }
5338
5339 /* Perform LO and IQ calibrations. */
5340 urtwn_iq_calib(sc);
5341 /* Perform LC calibration. */
5342 urtwn_lc_calib(sc);
5343
5344 /* Fix USB interference issue. */
5345 if (!(sc->chip & URTWN_CHIP_88E)) {
5346 urtwn_write_1(sc, 0xfe40, 0xe0);
5347 urtwn_write_1(sc, 0xfe41, 0x8d);
5348 urtwn_write_1(sc, 0xfe42, 0x80);
5349
5350 urtwn_pa_bias_init(sc);
5351 }
5352
5353 /* Initialize GPIO setting. */
5354 urtwn_write_1(sc, R92C_GPIO_MUXCFG,
5355 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT);
5356
5357 /* Fix for lower temperature. */
5358 if (!(sc->chip & URTWN_CHIP_88E))
5359 urtwn_write_1(sc, 0x15, 0xe9);
5360
5361 usbd_transfer_start(sc->sc_xfer[URTWN_BULK_RX]);
5362
5363 sc->sc_flags |= URTWN_RUNNING;
5364
5365 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
5366fail:
5367 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5368 error = EIO;
5369
5370 URTWN_UNLOCK(sc);
5371
5372 return (error);
5373}
5374
5375static void
5376urtwn_stop(struct urtwn_softc *sc)
5377{
5378
5379 URTWN_LOCK(sc);
5380 if (!(sc->sc_flags & URTWN_RUNNING)) {
5381 URTWN_UNLOCK(sc);
5382 return;
5383 }
5384
5385 sc->sc_flags &= ~(URTWN_RUNNING | URTWN_FW_LOADED |
5386 URTWN_TEMP_MEASURED);
5387 sc->thcal_lctemp = 0;
5388 callout_stop(&sc->sc_watchdog_ch);
5389
5390 urtwn_abort_xfers(sc);
5391 urtwn_drain_mbufq(sc);
5392 urtwn_power_off(sc);
5393 URTWN_UNLOCK(sc);
5394}
5395
5396static void
5397urtwn_abort_xfers(struct urtwn_softc *sc)
5398{
5399 int i;
5400
5401 URTWN_ASSERT_LOCKED(sc);
5402
5403 /* abort any pending transfers */
5404 for (i = 0; i < URTWN_N_TRANSFER; i++)
5405 usbd_transfer_stop(sc->sc_xfer[i]);
5406}
5407
5408static int
5409urtwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
5410 const struct ieee80211_bpf_params *params)
5411{
5412 struct ieee80211com *ic = ni->ni_ic;
5413 struct urtwn_softc *sc = ic->ic_softc;
5414 struct urtwn_data *bf;
5415 int error;
5416
5417 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n",
5418 __func__,
5419 m);
5420
5421 /* prevent management frames from being sent if we're not ready */
5422 URTWN_LOCK(sc);
5423 if (!(sc->sc_flags & URTWN_RUNNING)) {
5424 error = ENETDOWN;
5425 goto end;
5426 }
5427
5428 bf = urtwn_getbuf(sc);
5429 if (bf == NULL) {
5430 error = ENOBUFS;
5431 goto end;
5432 }
5433
5434 if (params == NULL) {
5435 /*
5436 * Legacy path; interpret frame contents to decide
5437 * precisely how to send the frame.
5438 */
5439 error = urtwn_tx_data(sc, ni, m, bf);
5440 } else {
5441 /*
5442 * Caller supplied explicit parameters to use in
5443 * sending the frame.
5444 */
5445 error = urtwn_tx_raw(sc, ni, m, bf, params);
5446 }
5447 if (error != 0) {
5448 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next);
5449 goto end;
5450 }
5451
5452 sc->sc_txtimer = 5;
5453 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
5454
5455end:
5456 if (error != 0)
5457 m_freem(m);
5458
5459 URTWN_UNLOCK(sc);
5460
5461 return (error);
5462}
5463
5464static void
5465urtwn_ms_delay(struct urtwn_softc *sc)
5466{
5467 usb_pause_mtx(&sc->sc_mtx, hz / 1000);
5468}
5469
5470static device_method_t urtwn_methods[] = {
5471 /* Device interface */
5472 DEVMETHOD(device_probe, urtwn_match),
5473 DEVMETHOD(device_attach, urtwn_attach),
5474 DEVMETHOD(device_detach, urtwn_detach),
5475
5476 DEVMETHOD_END
5477};
5478
5479static driver_t urtwn_driver = {
5480 "urtwn",
5481 urtwn_methods,
5482 sizeof(struct urtwn_softc)
5483};
5484
5485static devclass_t urtwn_devclass;
5486
5487DRIVER_MODULE(urtwn, uhub, urtwn_driver, urtwn_devclass, NULL, NULL);
5488MODULE_DEPEND(urtwn, usb, 1, 1, 1);
5489MODULE_DEPEND(urtwn, wlan, 1, 1, 1);
5490#ifndef URTWN_WITHOUT_UCODE
5491MODULE_DEPEND(urtwn, firmware, 1, 1, 1);
5492#endif
5493MODULE_VERSION(urtwn, 1);
5494USB_PNP_HOST_INFO(urtwn_devs);
| 494 int error;
495
496 device_set_usb_desc(self);
497 sc->sc_udev = uaa->device;
498 sc->sc_dev = self;
499 if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E)
500 sc->chip |= URTWN_CHIP_88E;
501
502#ifdef USB_DEBUG
503 int debug;
504 if (resource_int_value(device_get_name(sc->sc_dev),
505 device_get_unit(sc->sc_dev), "debug", &debug) == 0)
506 sc->sc_debug = debug;
507#endif
508
509 mtx_init(&sc->sc_mtx, device_get_nameunit(self),
510 MTX_NETWORK_LOCK, MTX_DEF);
511 URTWN_CMDQ_LOCK_INIT(sc);
512 URTWN_NT_LOCK_INIT(sc);
513 callout_init(&sc->sc_calib_to, 0);
514 callout_init(&sc->sc_watchdog_ch, 0);
515 mbufq_init(&sc->sc_snd, ifqmaxlen);
516
517 sc->sc_iface_index = URTWN_IFACE_INDEX;
518 error = usbd_transfer_setup(uaa->device, &sc->sc_iface_index,
519 sc->sc_xfer, urtwn_config, URTWN_N_TRANSFER, sc, &sc->sc_mtx);
520 if (error) {
521 device_printf(self, "could not allocate USB transfers, "
522 "err=%s\n", usbd_errstr(error));
523 goto detach;
524 }
525
526 URTWN_LOCK(sc);
527
528 error = urtwn_read_chipid(sc);
529 if (error) {
530 device_printf(sc->sc_dev, "unsupported test chip\n");
531 URTWN_UNLOCK(sc);
532 goto detach;
533 }
534
535 /* Determine number of Tx/Rx chains. */
536 if (sc->chip & URTWN_CHIP_92C) {
537 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2;
538 sc->nrxchains = 2;
539 } else {
540 sc->ntxchains = 1;
541 sc->nrxchains = 1;
542 }
543
544 if (sc->chip & URTWN_CHIP_88E)
545 error = urtwn_r88e_read_rom(sc);
546 else
547 error = urtwn_read_rom(sc);
548 if (error != 0) {
549 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n",
550 __func__, error);
551 URTWN_UNLOCK(sc);
552 goto detach;
553 }
554
555 device_printf(sc->sc_dev, "MAC/BB RTL%s, RF 6052 %dT%dR\n",
556 (sc->chip & URTWN_CHIP_92C) ? "8192CU" :
557 (sc->chip & URTWN_CHIP_88E) ? "8188EU" :
558 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" :
559 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" :
560 "8188CUS", sc->ntxchains, sc->nrxchains);
561
562 URTWN_UNLOCK(sc);
563
564 ic->ic_softc = sc;
565 ic->ic_name = device_get_nameunit(self);
566 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
567 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
568
569 /* set device capabilities */
570 ic->ic_caps =
571 IEEE80211_C_STA /* station mode */
572 | IEEE80211_C_MONITOR /* monitor mode */
573 | IEEE80211_C_IBSS /* adhoc mode */
574 | IEEE80211_C_HOSTAP /* hostap mode */
575 | IEEE80211_C_SHPREAMBLE /* short preamble supported */
576 | IEEE80211_C_SHSLOT /* short slot time supported */
577#if 0
578 | IEEE80211_C_BGSCAN /* capable of bg scanning */
579#endif
580 | IEEE80211_C_WPA /* 802.11i */
581 | IEEE80211_C_WME /* 802.11e */
582 | IEEE80211_C_SWAMSDUTX /* Do software A-MSDU TX */
583 | IEEE80211_C_FF /* Atheros fast-frames */
584 ;
585
586 ic->ic_cryptocaps =
587 IEEE80211_CRYPTO_WEP |
588 IEEE80211_CRYPTO_TKIP |
589 IEEE80211_CRYPTO_AES_CCM;
590
591 /* Assume they're all 11n capable for now */
592 if (urtwn_enable_11n) {
593 device_printf(self, "enabling 11n\n");
594 ic->ic_htcaps = IEEE80211_HTC_HT |
595#if 0
596 IEEE80211_HTC_AMPDU |
597#endif
598 IEEE80211_HTC_AMSDU |
599 IEEE80211_HTCAP_MAXAMSDU_3839 |
600 IEEE80211_HTCAP_SMPS_OFF;
601 /* no HT40 just yet */
602 // ic->ic_htcaps |= IEEE80211_HTCAP_CHWIDTH40;
603
604 /* XXX TODO: verify chains versus streams for urtwn */
605 ic->ic_txstream = sc->ntxchains;
606 ic->ic_rxstream = sc->nrxchains;
607 }
608
609 memset(bands, 0, sizeof(bands));
610 setbit(bands, IEEE80211_MODE_11B);
611 setbit(bands, IEEE80211_MODE_11G);
612 if (urtwn_enable_11n)
613 setbit(bands, IEEE80211_MODE_11NG);
614 ieee80211_init_channels(ic, NULL, bands);
615
616 ieee80211_ifattach(ic);
617 ic->ic_raw_xmit = urtwn_raw_xmit;
618 ic->ic_scan_start = urtwn_scan_start;
619 ic->ic_scan_end = urtwn_scan_end;
620 ic->ic_set_channel = urtwn_set_channel;
621 ic->ic_transmit = urtwn_transmit;
622 ic->ic_parent = urtwn_parent;
623 ic->ic_vap_create = urtwn_vap_create;
624 ic->ic_vap_delete = urtwn_vap_delete;
625 ic->ic_wme.wme_update = urtwn_wme_update;
626 ic->ic_updateslot = urtwn_update_slot;
627 ic->ic_update_promisc = urtwn_update_promisc;
628 ic->ic_update_mcast = urtwn_update_mcast;
629 if (sc->chip & URTWN_CHIP_88E) {
630 ic->ic_node_alloc = urtwn_node_alloc;
631 ic->ic_newassoc = urtwn_newassoc;
632 sc->sc_node_free = ic->ic_node_free;
633 ic->ic_node_free = urtwn_node_free;
634 }
635 ic->ic_update_chw = urtwn_update_chw;
636 ic->ic_ampdu_enable = urtwn_ampdu_enable;
637
638 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr,
639 sizeof(sc->sc_txtap), URTWN_TX_RADIOTAP_PRESENT,
640 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap),
641 URTWN_RX_RADIOTAP_PRESENT);
642
643 TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc);
644
645 urtwn_sysctlattach(sc);
646
647 if (bootverbose)
648 ieee80211_announce(ic);
649
650 return (0);
651
652detach:
653 urtwn_detach(self);
654 return (ENXIO); /* failure */
655}
656
657static void
658urtwn_sysctlattach(struct urtwn_softc *sc)
659{
660#ifdef USB_DEBUG
661 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev);
662 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev);
663
664 SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
665 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug,
666 "control debugging printfs");
667#endif
668}
669
670static int
671urtwn_detach(device_t self)
672{
673 struct urtwn_softc *sc = device_get_softc(self);
674 struct ieee80211com *ic = &sc->sc_ic;
675 unsigned int x;
676
677 /* Prevent further ioctls. */
678 URTWN_LOCK(sc);
679 sc->sc_flags |= URTWN_DETACHED;
680 URTWN_UNLOCK(sc);
681
682 urtwn_stop(sc);
683
684 callout_drain(&sc->sc_watchdog_ch);
685 callout_drain(&sc->sc_calib_to);
686
687 /* stop all USB transfers */
688 usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER);
689
690 /* Prevent further allocations from RX/TX data lists. */
691 URTWN_LOCK(sc);
692 STAILQ_INIT(&sc->sc_tx_active);
693 STAILQ_INIT(&sc->sc_tx_inactive);
694 STAILQ_INIT(&sc->sc_tx_pending);
695
696 STAILQ_INIT(&sc->sc_rx_active);
697 STAILQ_INIT(&sc->sc_rx_inactive);
698 URTWN_UNLOCK(sc);
699
700 /* drain USB transfers */
701 for (x = 0; x != URTWN_N_TRANSFER; x++)
702 usbd_transfer_drain(sc->sc_xfer[x]);
703
704 /* Free data buffers. */
705 URTWN_LOCK(sc);
706 urtwn_free_tx_list(sc);
707 urtwn_free_rx_list(sc);
708 URTWN_UNLOCK(sc);
709
710 if (ic->ic_softc == sc) {
711 ieee80211_draintask(ic, &sc->cmdq_task);
712 ieee80211_ifdetach(ic);
713 }
714
715 URTWN_NT_LOCK_DESTROY(sc);
716 URTWN_CMDQ_LOCK_DESTROY(sc);
717 mtx_destroy(&sc->sc_mtx);
718
719 return (0);
720}
721
722static void
723urtwn_drain_mbufq(struct urtwn_softc *sc)
724{
725 struct mbuf *m;
726 struct ieee80211_node *ni;
727 URTWN_ASSERT_LOCKED(sc);
728 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
729 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
730 m->m_pkthdr.rcvif = NULL;
731 ieee80211_free_node(ni);
732 m_freem(m);
733 }
734}
735
736static usb_error_t
737urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req,
738 void *data)
739{
740 usb_error_t err;
741 int ntries = 10;
742
743 URTWN_ASSERT_LOCKED(sc);
744
745 while (ntries--) {
746 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx,
747 req, data, 0, NULL, 250 /* ms */);
748 if (err == 0)
749 break;
750
751 URTWN_DPRINTF(sc, URTWN_DEBUG_USB,
752 "%s: control request failed, %s (retries left: %d)\n",
753 __func__, usbd_errstr(err), ntries);
754 usb_pause_mtx(&sc->sc_mtx, hz / 100);
755 }
756 return (err);
757}
758
759static struct ieee80211vap *
760urtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit,
761 enum ieee80211_opmode opmode, int flags,
762 const uint8_t bssid[IEEE80211_ADDR_LEN],
763 const uint8_t mac[IEEE80211_ADDR_LEN])
764{
765 struct urtwn_softc *sc = ic->ic_softc;
766 struct urtwn_vap *uvp;
767 struct ieee80211vap *vap;
768
769 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */
770 return (NULL);
771
772 uvp = malloc(sizeof(struct urtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO);
773 vap = &uvp->vap;
774 /* enable s/w bmiss handling for sta mode */
775
776 if (ieee80211_vap_setup(ic, vap, name, unit, opmode,
777 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) {
778 /* out of memory */
779 free(uvp, M_80211_VAP);
780 return (NULL);
781 }
782
783 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS)
784 urtwn_init_beacon(sc, uvp);
785
786 /* override state transition machine */
787 uvp->newstate = vap->iv_newstate;
788 vap->iv_newstate = urtwn_newstate;
789 vap->iv_update_beacon = urtwn_update_beacon;
790 vap->iv_key_alloc = urtwn_key_alloc;
791 vap->iv_key_set = urtwn_key_set;
792 vap->iv_key_delete = urtwn_key_delete;
793
794 /* 802.11n parameters */
795 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_16;
796 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K;
797
798 if (opmode == IEEE80211_M_IBSS) {
799 uvp->recv_mgmt = vap->iv_recv_mgmt;
800 vap->iv_recv_mgmt = urtwn_ibss_recv_mgmt;
801 TASK_INIT(&uvp->tsf_task_adhoc, 0, urtwn_tsf_task_adhoc, vap);
802 }
803
804 if (URTWN_CHIP_HAS_RATECTL(sc))
805 ieee80211_ratectl_init(vap);
806 /* complete setup */
807 ieee80211_vap_attach(vap, ieee80211_media_change,
808 ieee80211_media_status, mac);
809 ic->ic_opmode = opmode;
810 return (vap);
811}
812
813static void
814urtwn_vap_delete(struct ieee80211vap *vap)
815{
816 struct ieee80211com *ic = vap->iv_ic;
817 struct urtwn_softc *sc = ic->ic_softc;
818 struct urtwn_vap *uvp = URTWN_VAP(vap);
819
820 if (uvp->bcn_mbuf != NULL)
821 m_freem(uvp->bcn_mbuf);
822 if (vap->iv_opmode == IEEE80211_M_IBSS)
823 ieee80211_draintask(ic, &uvp->tsf_task_adhoc);
824 if (URTWN_CHIP_HAS_RATECTL(sc))
825 ieee80211_ratectl_deinit(vap);
826 ieee80211_vap_detach(vap);
827 free(uvp, M_80211_VAP);
828}
829
830static struct mbuf *
831urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat,
832 int totlen)
833{
834 struct ieee80211com *ic = &sc->sc_ic;
835 struct mbuf *m;
836 uint32_t rxdw0;
837 int pktlen;
838
839 /*
840 * don't pass packets to the ieee80211 framework if the driver isn't
841 * RUNNING.
842 */
843 if (!(sc->sc_flags & URTWN_RUNNING))
844 return (NULL);
845
846 rxdw0 = le32toh(stat->rxdw0);
847 if (rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR)) {
848 /*
849 * This should not happen since we setup our Rx filter
850 * to not receive these frames.
851 */
852 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
853 "%s: RX flags error (%s)\n", __func__,
854 rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV");
855 goto fail;
856 }
857
858 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN);
859 if (pktlen < sizeof(struct ieee80211_frame_ack)) {
860 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
861 "%s: frame is too short: %d\n", __func__, pktlen);
862 goto fail;
863 }
864
865 if (__predict_false(totlen > MCLBYTES)) {
866 /* convert to m_getjcl if this happens */
867 device_printf(sc->sc_dev, "%s: frame too long: %d (%d)\n",
868 __func__, pktlen, totlen);
869 goto fail;
870 }
871
872 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
873 if (__predict_false(m == NULL)) {
874 device_printf(sc->sc_dev, "%s: could not allocate RX mbuf\n",
875 __func__);
876 goto fail;
877 }
878
879 /* Finalize mbuf. */
880 memcpy(mtod(m, uint8_t *), (uint8_t *)stat, totlen);
881 m->m_pkthdr.len = m->m_len = totlen;
882
883 return (m);
884fail:
885 counter_u64_add(ic->ic_ierrors, 1);
886 return (NULL);
887}
888
889static struct mbuf *
890urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data)
891{
892 struct urtwn_softc *sc = data->sc;
893 struct ieee80211com *ic = &sc->sc_ic;
894 struct r92c_rx_stat *stat;
895 uint8_t *buf;
896 int len;
897
898 usbd_xfer_status(xfer, &len, NULL, NULL, NULL);
899
900 if (len < sizeof(*stat)) {
901 counter_u64_add(ic->ic_ierrors, 1);
902 return (NULL);
903 }
904
905 buf = data->buf;
906 stat = (struct r92c_rx_stat *)buf;
907
908 /*
909 * For 88E chips we can tie the FF flushing here;
910 * this is where we do know exactly how deep the
911 * transmit queue is.
912 *
913 * But it won't work for R92 chips, so we can't
914 * take the easy way out.
915 */
916
917 if (sc->chip & URTWN_CHIP_88E) {
918 int report_sel = MS(le32toh(stat->rxdw3), R88E_RXDW3_RPT);
919
920 switch (report_sel) {
921 case R88E_RXDW3_RPT_RX:
922 return (urtwn_rxeof(sc, buf, len));
923 case R88E_RXDW3_RPT_TX1:
924 urtwn_r88e_ratectl_tx_complete(sc, &stat[1]);
925 break;
926 default:
927 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR,
928 "%s: case %d was not handled\n", __func__,
929 report_sel);
930 break;
931 }
932 } else
933 return (urtwn_rxeof(sc, buf, len));
934
935 return (NULL);
936}
937
938static struct mbuf *
939urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len)
940{
941 struct r92c_rx_stat *stat;
942 struct mbuf *m, *m0 = NULL, *prevm = NULL;
943 uint32_t rxdw0;
944 int totlen, pktlen, infosz, npkts;
945
946 /* Get the number of encapsulated frames. */
947 stat = (struct r92c_rx_stat *)buf;
948 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT);
949 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
950 "%s: Rx %d frames in one chunk\n", __func__, npkts);
951
952 /* Process all of them. */
953 while (npkts-- > 0) {
954 if (len < sizeof(*stat))
955 break;
956 stat = (struct r92c_rx_stat *)buf;
957 rxdw0 = le32toh(stat->rxdw0);
958
959 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN);
960 if (pktlen == 0)
961 break;
962
963 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8;
964
965 /* Make sure everything fits in xfer. */
966 totlen = sizeof(*stat) + infosz + pktlen;
967 if (totlen > len)
968 break;
969
970 m = urtwn_rx_copy_to_mbuf(sc, stat, totlen);
971 if (m0 == NULL)
972 m0 = m;
973 if (prevm == NULL)
974 prevm = m;
975 else {
976 prevm->m_next = m;
977 prevm = m;
978 }
979
980 /* Next chunk is 128-byte aligned. */
981 totlen = (totlen + 127) & ~127;
982 buf += totlen;
983 len -= totlen;
984 }
985
986 return (m0);
987}
988
989static void
990urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg)
991{
992 struct r88e_tx_rpt_ccx *rpt = arg;
993 struct ieee80211vap *vap;
994 struct ieee80211_node *ni;
995 uint8_t macid;
996 int ntries;
997
998 macid = MS(rpt->rptb1, R88E_RPTB1_MACID);
999 ntries = MS(rpt->rptb2, R88E_RPTB2_RETRY_CNT);
1000
1001 URTWN_NT_LOCK(sc);
1002 ni = sc->node_list[macid];
1003 if (ni != NULL) {
1004 vap = ni->ni_vap;
1005 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: frame for macid %d was"
1006 "%s sent (%d retries)\n", __func__, macid,
1007 (rpt->rptb1 & R88E_RPTB1_PKT_OK) ? "" : " not",
1008 ntries);
1009
1010 if (rpt->rptb1 & R88E_RPTB1_PKT_OK) {
1011 ieee80211_ratectl_tx_complete(vap, ni,
1012 IEEE80211_RATECTL_TX_SUCCESS, &ntries, NULL);
1013 } else {
1014 ieee80211_ratectl_tx_complete(vap, ni,
1015 IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL);
1016 }
1017 } else {
1018 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: macid %d, ni is NULL\n",
1019 __func__, macid);
1020 }
1021 URTWN_NT_UNLOCK(sc);
1022}
1023
1024static struct ieee80211_node *
1025urtwn_rx_frame(struct urtwn_softc *sc, struct mbuf *m, int8_t *rssi_p)
1026{
1027 struct ieee80211com *ic = &sc->sc_ic;
1028 struct ieee80211_frame_min *wh;
1029 struct r92c_rx_stat *stat;
1030 uint32_t rxdw0, rxdw3;
1031 uint8_t rate, cipher;
1032 int8_t rssi = -127;
1033 int infosz;
1034
1035 stat = mtod(m, struct r92c_rx_stat *);
1036 rxdw0 = le32toh(stat->rxdw0);
1037 rxdw3 = le32toh(stat->rxdw3);
1038
1039 rate = MS(rxdw3, R92C_RXDW3_RATE);
1040 cipher = MS(rxdw0, R92C_RXDW0_CIPHER);
1041 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8;
1042
1043 /* Get RSSI from PHY status descriptor if present. */
1044 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) {
1045 if (sc->chip & URTWN_CHIP_88E)
1046 rssi = urtwn_r88e_get_rssi(sc, rate, &stat[1]);
1047 else
1048 rssi = urtwn_get_rssi(sc, rate, &stat[1]);
1049 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: rssi=%d\n", __func__, rssi);
1050 /* Update our average RSSI. */
1051 urtwn_update_avgrssi(sc, rate, rssi);
1052 }
1053
1054 if (ieee80211_radiotap_active(ic)) {
1055 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap;
1056
1057 tap->wr_flags = 0;
1058
1059 urtwn_get_tsf(sc, &tap->wr_tsft);
1060 if (__predict_false(le32toh((uint32_t)tap->wr_tsft) <
1061 le32toh(stat->rxdw5))) {
1062 tap->wr_tsft = le32toh(tap->wr_tsft >> 32) - 1;
1063 tap->wr_tsft = (uint64_t)htole32(tap->wr_tsft) << 32;
1064 } else
1065 tap->wr_tsft &= 0xffffffff00000000;
1066 tap->wr_tsft += stat->rxdw5;
1067
1068 /* XXX 20/40? */
1069 /* XXX shortgi? */
1070
1071 /* Map HW rate index to 802.11 rate. */
1072 if (!(rxdw3 & R92C_RXDW3_HT)) {
1073 tap->wr_rate = ridx2rate[rate];
1074 } else if (rate >= 12) { /* MCS0~15. */
1075 /* Bit 7 set means HT MCS instead of rate. */
1076 tap->wr_rate = 0x80 | (rate - 12);
1077 }
1078
1079 /* XXX TODO: this isn't right; should use the last good RSSI */
1080 tap->wr_dbm_antsignal = rssi;
1081 tap->wr_dbm_antnoise = URTWN_NOISE_FLOOR;
1082 }
1083
1084 *rssi_p = rssi;
1085
1086 /* Drop descriptor. */
1087 m_adj(m, sizeof(*stat) + infosz);
1088 wh = mtod(m, struct ieee80211_frame_min *);
1089
1090 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) &&
1091 cipher != R92C_CAM_ALGO_NONE) {
1092 m->m_flags |= M_WEP;
1093 }
1094
1095 if (m->m_len >= sizeof(*wh))
1096 return (ieee80211_find_rxnode(ic, wh));
1097
1098 return (NULL);
1099}
1100
1101static void
1102urtwn_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error)
1103{
1104 struct urtwn_softc *sc = usbd_xfer_softc(xfer);
1105 struct ieee80211com *ic = &sc->sc_ic;
1106 struct ieee80211_node *ni;
1107 struct mbuf *m = NULL, *next;
1108 struct urtwn_data *data;
1109 int8_t nf, rssi;
1110
1111 URTWN_ASSERT_LOCKED(sc);
1112
1113 switch (USB_GET_STATE(xfer)) {
1114 case USB_ST_TRANSFERRED:
1115 data = STAILQ_FIRST(&sc->sc_rx_active);
1116 if (data == NULL)
1117 goto tr_setup;
1118 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next);
1119 m = urtwn_report_intr(xfer, data);
1120 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next);
1121 /* FALLTHROUGH */
1122 case USB_ST_SETUP:
1123tr_setup:
1124 data = STAILQ_FIRST(&sc->sc_rx_inactive);
1125 if (data == NULL) {
1126 KASSERT(m == NULL, ("mbuf isn't NULL"));
1127 goto finish;
1128 }
1129 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next);
1130 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next);
1131 usbd_xfer_set_frame_data(xfer, 0, data->buf,
1132 usbd_xfer_max_len(xfer));
1133 usbd_transfer_submit(xfer);
1134
1135 /*
1136 * To avoid LOR we should unlock our private mutex here to call
1137 * ieee80211_input() because here is at the end of a USB
1138 * callback and safe to unlock.
1139 */
1140 while (m != NULL) {
1141 next = m->m_next;
1142 m->m_next = NULL;
1143
1144 ni = urtwn_rx_frame(sc, m, &rssi);
1145
1146 /* Store a global last-good RSSI */
1147 if (rssi != -127)
1148 sc->last_rssi = rssi;
1149
1150 URTWN_UNLOCK(sc);
1151
1152 nf = URTWN_NOISE_FLOOR;
1153 if (ni != NULL) {
1154 if (rssi != -127)
1155 URTWN_NODE(ni)->last_rssi = rssi;
1156 if (ni->ni_flags & IEEE80211_NODE_HT)
1157 m->m_flags |= M_AMPDU;
1158 (void)ieee80211_input(ni, m,
1159 URTWN_NODE(ni)->last_rssi - nf, nf);
1160 ieee80211_free_node(ni);
1161 } else {
1162 /* Use last good global RSSI */
1163 (void)ieee80211_input_all(ic, m,
1164 sc->last_rssi - nf, nf);
1165 }
1166 URTWN_LOCK(sc);
1167 m = next;
1168 }
1169 break;
1170 default:
1171 /* needs it to the inactive queue due to a error. */
1172 data = STAILQ_FIRST(&sc->sc_rx_active);
1173 if (data != NULL) {
1174 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next);
1175 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next);
1176 }
1177 if (error != USB_ERR_CANCELLED) {
1178 usbd_xfer_set_stall(xfer);
1179 counter_u64_add(ic->ic_ierrors, 1);
1180 goto tr_setup;
1181 }
1182 break;
1183 }
1184finish:
1185 /* Finished receive; age anything left on the FF queue by a little bump */
1186 /*
1187 * XXX TODO: just make this a callout timer schedule so we can
1188 * flush the FF staging queue if we're approaching idle.
1189 */
1190#ifdef IEEE80211_SUPPORT_SUPERG
1191 URTWN_UNLOCK(sc);
1192 ieee80211_ff_age_all(ic, 1);
1193 URTWN_LOCK(sc);
1194#endif
1195
1196 /* Kick-start more transmit in case we stalled */
1197 urtwn_start(sc);
1198}
1199
1200static void
1201urtwn_txeof(struct urtwn_softc *sc, struct urtwn_data *data, int status)
1202{
1203
1204 URTWN_ASSERT_LOCKED(sc);
1205
1206 if (data->ni != NULL) /* not a beacon frame */
1207 ieee80211_tx_complete(data->ni, data->m, status);
1208
1209 if (sc->sc_tx_n_active > 0)
1210 sc->sc_tx_n_active--;
1211
1212 data->ni = NULL;
1213 data->m = NULL;
1214
1215 sc->sc_txtimer = 0;
1216
1217 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next);
1218}
1219
1220static int
1221urtwn_alloc_list(struct urtwn_softc *sc, struct urtwn_data data[],
1222 int ndata, int maxsz)
1223{
1224 int i, error;
1225
1226 for (i = 0; i < ndata; i++) {
1227 struct urtwn_data *dp = &data[i];
1228 dp->sc = sc;
1229 dp->m = NULL;
1230 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT);
1231 if (dp->buf == NULL) {
1232 device_printf(sc->sc_dev,
1233 "could not allocate buffer\n");
1234 error = ENOMEM;
1235 goto fail;
1236 }
1237 dp->ni = NULL;
1238 }
1239
1240 return (0);
1241fail:
1242 urtwn_free_list(sc, data, ndata);
1243 return (error);
1244}
1245
1246static int
1247urtwn_alloc_rx_list(struct urtwn_softc *sc)
1248{
1249 int error, i;
1250
1251 error = urtwn_alloc_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT,
1252 URTWN_RXBUFSZ);
1253 if (error != 0)
1254 return (error);
1255
1256 STAILQ_INIT(&sc->sc_rx_active);
1257 STAILQ_INIT(&sc->sc_rx_inactive);
1258
1259 for (i = 0; i < URTWN_RX_LIST_COUNT; i++)
1260 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next);
1261
1262 return (0);
1263}
1264
1265static int
1266urtwn_alloc_tx_list(struct urtwn_softc *sc)
1267{
1268 int error, i;
1269
1270 error = urtwn_alloc_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT,
1271 URTWN_TXBUFSZ);
1272 if (error != 0)
1273 return (error);
1274
1275 STAILQ_INIT(&sc->sc_tx_active);
1276 STAILQ_INIT(&sc->sc_tx_inactive);
1277 STAILQ_INIT(&sc->sc_tx_pending);
1278
1279 for (i = 0; i < URTWN_TX_LIST_COUNT; i++)
1280 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next);
1281
1282 return (0);
1283}
1284
1285static void
1286urtwn_free_list(struct urtwn_softc *sc, struct urtwn_data data[], int ndata)
1287{
1288 int i;
1289
1290 for (i = 0; i < ndata; i++) {
1291 struct urtwn_data *dp = &data[i];
1292
1293 if (dp->buf != NULL) {
1294 free(dp->buf, M_USBDEV);
1295 dp->buf = NULL;
1296 }
1297 if (dp->ni != NULL) {
1298 ieee80211_free_node(dp->ni);
1299 dp->ni = NULL;
1300 }
1301 }
1302}
1303
1304static void
1305urtwn_free_rx_list(struct urtwn_softc *sc)
1306{
1307 urtwn_free_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT);
1308}
1309
1310static void
1311urtwn_free_tx_list(struct urtwn_softc *sc)
1312{
1313 urtwn_free_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT);
1314}
1315
1316static void
1317urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error)
1318{
1319 struct urtwn_softc *sc = usbd_xfer_softc(xfer);
1320#ifdef IEEE80211_SUPPORT_SUPERG
1321 struct ieee80211com *ic = &sc->sc_ic;
1322#endif
1323 struct urtwn_data *data;
1324
1325 URTWN_ASSERT_LOCKED(sc);
1326
1327 switch (USB_GET_STATE(xfer)){
1328 case USB_ST_TRANSFERRED:
1329 data = STAILQ_FIRST(&sc->sc_tx_active);
1330 if (data == NULL)
1331 goto tr_setup;
1332 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next);
1333 urtwn_txeof(sc, data, 0);
1334 /* FALLTHROUGH */
1335 case USB_ST_SETUP:
1336tr_setup:
1337 data = STAILQ_FIRST(&sc->sc_tx_pending);
1338 if (data == NULL) {
1339 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT,
1340 "%s: empty pending queue\n", __func__);
1341 sc->sc_tx_n_active = 0;
1342 goto finish;
1343 }
1344 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next);
1345 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next);
1346 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen);
1347 usbd_transfer_submit(xfer);
1348 sc->sc_tx_n_active++;
1349 break;
1350 default:
1351 data = STAILQ_FIRST(&sc->sc_tx_active);
1352 if (data == NULL)
1353 goto tr_setup;
1354 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next);
1355 urtwn_txeof(sc, data, 1);
1356 if (error != USB_ERR_CANCELLED) {
1357 usbd_xfer_set_stall(xfer);
1358 goto tr_setup;
1359 }
1360 break;
1361 }
1362finish:
1363#ifdef IEEE80211_SUPPORT_SUPERG
1364 /*
1365 * If the TX active queue drops below a certain
1366 * threshold, ensure we age fast-frames out so they're
1367 * transmitted.
1368 */
1369 if (sc->sc_tx_n_active <= 1) {
1370 /* XXX ew - net80211 should defer this for us! */
1371
1372 /*
1373 * Note: this sc_tx_n_active currently tracks
1374 * the number of pending transmit submissions
1375 * and not the actual depth of the TX frames
1376 * pending to the hardware. That means that
1377 * we're going to end up with some sub-optimal
1378 * aggregation behaviour.
1379 */
1380 /*
1381 * XXX TODO: just make this a callout timer schedule so we can
1382 * flush the FF staging queue if we're approaching idle.
1383 */
1384 URTWN_UNLOCK(sc);
1385 ieee80211_ff_flush(ic, WME_AC_VO);
1386 ieee80211_ff_flush(ic, WME_AC_VI);
1387 ieee80211_ff_flush(ic, WME_AC_BE);
1388 ieee80211_ff_flush(ic, WME_AC_BK);
1389 URTWN_LOCK(sc);
1390 }
1391#endif
1392 /* Kick-start more transmit */
1393 urtwn_start(sc);
1394}
1395
1396static struct urtwn_data *
1397_urtwn_getbuf(struct urtwn_softc *sc)
1398{
1399 struct urtwn_data *bf;
1400
1401 bf = STAILQ_FIRST(&sc->sc_tx_inactive);
1402 if (bf != NULL)
1403 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next);
1404 else {
1405 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT,
1406 "%s: out of xmit buffers\n", __func__);
1407 }
1408 return (bf);
1409}
1410
1411static struct urtwn_data *
1412urtwn_getbuf(struct urtwn_softc *sc)
1413{
1414 struct urtwn_data *bf;
1415
1416 URTWN_ASSERT_LOCKED(sc);
1417
1418 bf = _urtwn_getbuf(sc);
1419 if (bf == NULL) {
1420 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: stop queue\n",
1421 __func__);
1422 }
1423 return (bf);
1424}
1425
1426static usb_error_t
1427urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf,
1428 int len)
1429{
1430 usb_device_request_t req;
1431
1432 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1433 req.bRequest = R92C_REQ_REGS;
1434 USETW(req.wValue, addr);
1435 USETW(req.wIndex, 0);
1436 USETW(req.wLength, len);
1437 return (urtwn_do_request(sc, &req, buf));
1438}
1439
1440static usb_error_t
1441urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val)
1442{
1443 return (urtwn_write_region_1(sc, addr, &val, sizeof(val)));
1444}
1445
1446static usb_error_t
1447urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val)
1448{
1449 val = htole16(val);
1450 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val)));
1451}
1452
1453static usb_error_t
1454urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val)
1455{
1456 val = htole32(val);
1457 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val)));
1458}
1459
1460static usb_error_t
1461urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf,
1462 int len)
1463{
1464 usb_device_request_t req;
1465
1466 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1467 req.bRequest = R92C_REQ_REGS;
1468 USETW(req.wValue, addr);
1469 USETW(req.wIndex, 0);
1470 USETW(req.wLength, len);
1471 return (urtwn_do_request(sc, &req, buf));
1472}
1473
1474static uint8_t
1475urtwn_read_1(struct urtwn_softc *sc, uint16_t addr)
1476{
1477 uint8_t val;
1478
1479 if (urtwn_read_region_1(sc, addr, &val, 1) != 0)
1480 return (0xff);
1481 return (val);
1482}
1483
1484static uint16_t
1485urtwn_read_2(struct urtwn_softc *sc, uint16_t addr)
1486{
1487 uint16_t val;
1488
1489 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 2) != 0)
1490 return (0xffff);
1491 return (le16toh(val));
1492}
1493
1494static uint32_t
1495urtwn_read_4(struct urtwn_softc *sc, uint16_t addr)
1496{
1497 uint32_t val;
1498
1499 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 4) != 0)
1500 return (0xffffffff);
1501 return (le32toh(val));
1502}
1503
1504static int
1505urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len)
1506{
1507 struct r92c_fw_cmd cmd;
1508 usb_error_t error;
1509 int ntries;
1510
1511 if (!(sc->sc_flags & URTWN_FW_LOADED)) {
1512 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, "%s: firmware "
1513 "was not loaded; command (id %d) will be discarded\n",
1514 __func__, id);
1515 return (0);
1516 }
1517
1518 /* Wait for current FW box to be empty. */
1519 for (ntries = 0; ntries < 100; ntries++) {
1520 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << sc->fwcur)))
1521 break;
1522 urtwn_ms_delay(sc);
1523 }
1524 if (ntries == 100) {
1525 device_printf(sc->sc_dev,
1526 "could not send firmware command\n");
1527 return (ETIMEDOUT);
1528 }
1529 memset(&cmd, 0, sizeof(cmd));
1530 cmd.id = id;
1531 if (len > 3)
1532 cmd.id |= R92C_CMD_FLAG_EXT;
1533 KASSERT(len <= sizeof(cmd.msg), ("urtwn_fw_cmd\n"));
1534 memcpy(cmd.msg, buf, len);
1535
1536 /* Write the first word last since that will trigger the FW. */
1537 error = urtwn_write_region_1(sc, R92C_HMEBOX_EXT(sc->fwcur),
1538 (uint8_t *)&cmd + 4, 2);
1539 if (error != USB_ERR_NORMAL_COMPLETION)
1540 return (EIO);
1541 error = urtwn_write_region_1(sc, R92C_HMEBOX(sc->fwcur),
1542 (uint8_t *)&cmd + 0, 4);
1543 if (error != USB_ERR_NORMAL_COMPLETION)
1544 return (EIO);
1545
1546 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX;
1547 return (0);
1548}
1549
1550static void
1551urtwn_cmdq_cb(void *arg, int pending)
1552{
1553 struct urtwn_softc *sc = arg;
1554 struct urtwn_cmdq *item;
1555
1556 /*
1557 * Device must be powered on (via urtwn_power_on())
1558 * before any command may be sent.
1559 */
1560 URTWN_LOCK(sc);
1561 if (!(sc->sc_flags & URTWN_RUNNING)) {
1562 URTWN_UNLOCK(sc);
1563 return;
1564 }
1565
1566 URTWN_CMDQ_LOCK(sc);
1567 while (sc->cmdq[sc->cmdq_first].func != NULL) {
1568 item = &sc->cmdq[sc->cmdq_first];
1569 sc->cmdq_first = (sc->cmdq_first + 1) % URTWN_CMDQ_SIZE;
1570 URTWN_CMDQ_UNLOCK(sc);
1571
1572 item->func(sc, &item->data);
1573
1574 URTWN_CMDQ_LOCK(sc);
1575 memset(item, 0, sizeof (*item));
1576 }
1577 URTWN_CMDQ_UNLOCK(sc);
1578 URTWN_UNLOCK(sc);
1579}
1580
1581static int
1582urtwn_cmd_sleepable(struct urtwn_softc *sc, const void *ptr, size_t len,
1583 CMD_FUNC_PROTO)
1584{
1585 struct ieee80211com *ic = &sc->sc_ic;
1586
1587 KASSERT(len <= sizeof(union sec_param), ("buffer overflow"));
1588
1589 URTWN_CMDQ_LOCK(sc);
1590 if (sc->cmdq[sc->cmdq_last].func != NULL) {
1591 device_printf(sc->sc_dev, "%s: cmdq overflow\n", __func__);
1592 URTWN_CMDQ_UNLOCK(sc);
1593
1594 return (EAGAIN);
1595 }
1596
1597 if (ptr != NULL)
1598 memcpy(&sc->cmdq[sc->cmdq_last].data, ptr, len);
1599 sc->cmdq[sc->cmdq_last].func = func;
1600 sc->cmdq_last = (sc->cmdq_last + 1) % URTWN_CMDQ_SIZE;
1601 URTWN_CMDQ_UNLOCK(sc);
1602
1603 ieee80211_runtask(ic, &sc->cmdq_task);
1604
1605 return (0);
1606}
1607
1608static __inline void
1609urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val)
1610{
1611
1612 sc->sc_rf_write(sc, chain, addr, val);
1613}
1614
1615static void
1616urtwn_r92c_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr,
1617 uint32_t val)
1618{
1619 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain),
1620 SM(R92C_LSSI_PARAM_ADDR, addr) |
1621 SM(R92C_LSSI_PARAM_DATA, val));
1622}
1623
1624static void
1625urtwn_r88e_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr,
1626uint32_t val)
1627{
1628 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain),
1629 SM(R88E_LSSI_PARAM_ADDR, addr) |
1630 SM(R92C_LSSI_PARAM_DATA, val));
1631}
1632
1633static uint32_t
1634urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr)
1635{
1636 uint32_t reg[R92C_MAX_CHAINS], val;
1637
1638 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0));
1639 if (chain != 0)
1640 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain));
1641
1642 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0),
1643 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE);
1644 urtwn_ms_delay(sc);
1645
1646 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain),
1647 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) |
1648 R92C_HSSI_PARAM2_READ_EDGE);
1649 urtwn_ms_delay(sc);
1650
1651 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0),
1652 reg[0] | R92C_HSSI_PARAM2_READ_EDGE);
1653 urtwn_ms_delay(sc);
1654
1655 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI)
1656 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain));
1657 else
1658 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain));
1659 return (MS(val, R92C_LSSI_READBACK_DATA));
1660}
1661
1662static int
1663urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data)
1664{
1665 usb_error_t error;
1666 int ntries;
1667
1668 error = urtwn_write_4(sc, R92C_LLT_INIT,
1669 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) |
1670 SM(R92C_LLT_INIT_ADDR, addr) |
1671 SM(R92C_LLT_INIT_DATA, data));
1672 if (error != USB_ERR_NORMAL_COMPLETION)
1673 return (EIO);
1674 /* Wait for write operation to complete. */
1675 for (ntries = 0; ntries < 20; ntries++) {
1676 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) ==
1677 R92C_LLT_INIT_OP_NO_ACTIVE)
1678 return (0);
1679 urtwn_ms_delay(sc);
1680 }
1681 return (ETIMEDOUT);
1682}
1683
1684static int
1685urtwn_efuse_read_next(struct urtwn_softc *sc, uint8_t *val)
1686{
1687 uint32_t reg;
1688 usb_error_t error;
1689 int ntries;
1690
1691 if (sc->last_rom_addr >= URTWN_EFUSE_MAX_LEN)
1692 return (EFAULT);
1693
1694 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL);
1695 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, sc->last_rom_addr);
1696 reg &= ~R92C_EFUSE_CTRL_VALID;
1697
1698 error = urtwn_write_4(sc, R92C_EFUSE_CTRL, reg);
1699 if (error != USB_ERR_NORMAL_COMPLETION)
1700 return (EIO);
1701 /* Wait for read operation to complete. */
1702 for (ntries = 0; ntries < 100; ntries++) {
1703 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL);
1704 if (reg & R92C_EFUSE_CTRL_VALID)
1705 break;
1706 urtwn_ms_delay(sc);
1707 }
1708 if (ntries == 100) {
1709 device_printf(sc->sc_dev,
1710 "could not read efuse byte at address 0x%x\n",
1711 sc->last_rom_addr);
1712 return (ETIMEDOUT);
1713 }
1714
1715 *val = MS(reg, R92C_EFUSE_CTRL_DATA);
1716 sc->last_rom_addr++;
1717
1718 return (0);
1719}
1720
1721static int
1722urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off,
1723 uint8_t msk)
1724{
1725 uint8_t reg;
1726 int i, error;
1727
1728 for (i = 0; i < 4; i++) {
1729 if (msk & (1 << i))
1730 continue;
1731 error = urtwn_efuse_read_next(sc, ®);
1732 if (error != 0)
1733 return (error);
1734 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n",
1735 off * 8 + i * 2, reg);
1736 rom[off * 8 + i * 2 + 0] = reg;
1737
1738 error = urtwn_efuse_read_next(sc, ®);
1739 if (error != 0)
1740 return (error);
1741 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n",
1742 off * 8 + i * 2 + 1, reg);
1743 rom[off * 8 + i * 2 + 1] = reg;
1744 }
1745
1746 return (0);
1747}
1748
1749#ifdef USB_DEBUG
1750static void
1751urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size)
1752{
1753 int i;
1754
1755 /* Dump ROM contents. */
1756 device_printf(sc->sc_dev, "%s:", __func__);
1757 for (i = 0; i < size; i++) {
1758 if (i % 32 == 0)
1759 printf("\n%03X: ", i);
1760 else if (i % 4 == 0)
1761 printf(" ");
1762
1763 printf("%02X", rom[i]);
1764 }
1765 printf("\n");
1766}
1767#endif
1768
1769static int
1770urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size)
1771{
1772#define URTWN_CHK(res) do { \
1773 if ((error = res) != 0) \
1774 goto end; \
1775} while(0)
1776 uint8_t msk, off, reg;
1777 int error;
1778
1779 URTWN_CHK(urtwn_efuse_switch_power(sc));
1780
1781 /* Read full ROM image. */
1782 sc->last_rom_addr = 0;
1783 memset(rom, 0xff, size);
1784
1785 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1786 while (reg != 0xff) {
1787 /* check for extended header */
1788 if ((sc->chip & URTWN_CHIP_88E) && (reg & 0x1f) == 0x0f) {
1789 off = reg >> 5;
1790 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1791
1792 if ((reg & 0x0f) != 0x0f)
1793 off = ((reg & 0xf0) >> 1) | off;
1794 else
1795 continue;
1796 } else
1797 off = reg >> 4;
1798 msk = reg & 0xf;
1799
1800 URTWN_CHK(urtwn_efuse_read_data(sc, rom, off, msk));
1801 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1802 }
1803
1804end:
1805
1806#ifdef USB_DEBUG
1807 if (sc->sc_debug & URTWN_DEBUG_ROM)
1808 urtwn_dump_rom_contents(sc, rom, size);
1809#endif
1810
1811 urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_OFF);
1812
1813 if (error != 0) {
1814 device_printf(sc->sc_dev, "%s: error while reading ROM\n",
1815 __func__);
1816 }
1817
1818 return (error);
1819#undef URTWN_CHK
1820}
1821
1822static int
1823urtwn_efuse_switch_power(struct urtwn_softc *sc)
1824{
1825 usb_error_t error;
1826 uint32_t reg;
1827
1828 error = urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_ON);
1829 if (error != USB_ERR_NORMAL_COMPLETION)
1830 return (EIO);
1831
1832 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL);
1833 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) {
1834 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL,
1835 reg | R92C_SYS_ISO_CTRL_PWC_EV12V);
1836 if (error != USB_ERR_NORMAL_COMPLETION)
1837 return (EIO);
1838 }
1839 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
1840 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) {
1841 error = urtwn_write_2(sc, R92C_SYS_FUNC_EN,
1842 reg | R92C_SYS_FUNC_EN_ELDR);
1843 if (error != USB_ERR_NORMAL_COMPLETION)
1844 return (EIO);
1845 }
1846 reg = urtwn_read_2(sc, R92C_SYS_CLKR);
1847 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) !=
1848 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) {
1849 error = urtwn_write_2(sc, R92C_SYS_CLKR,
1850 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M);
1851 if (error != USB_ERR_NORMAL_COMPLETION)
1852 return (EIO);
1853 }
1854
1855 return (0);
1856}
1857
1858static int
1859urtwn_read_chipid(struct urtwn_softc *sc)
1860{
1861 uint32_t reg;
1862
1863 if (sc->chip & URTWN_CHIP_88E)
1864 return (0);
1865
1866 reg = urtwn_read_4(sc, R92C_SYS_CFG);
1867 if (reg & R92C_SYS_CFG_TRP_VAUX_EN)
1868 return (EIO);
1869
1870 if (reg & R92C_SYS_CFG_TYPE_92C) {
1871 sc->chip |= URTWN_CHIP_92C;
1872 /* Check if it is a castrated 8192C. */
1873 if (MS(urtwn_read_4(sc, R92C_HPON_FSM),
1874 R92C_HPON_FSM_CHIP_BONDING_ID) ==
1875 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R)
1876 sc->chip |= URTWN_CHIP_92C_1T2R;
1877 }
1878 if (reg & R92C_SYS_CFG_VENDOR_UMC) {
1879 sc->chip |= URTWN_CHIP_UMC;
1880 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0)
1881 sc->chip |= URTWN_CHIP_UMC_A_CUT;
1882 }
1883 return (0);
1884}
1885
1886static int
1887urtwn_read_rom(struct urtwn_softc *sc)
1888{
1889 struct r92c_rom *rom = &sc->rom.r92c_rom;
1890 int error;
1891
1892 /* Read full ROM image. */
1893 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(*rom));
1894 if (error != 0)
1895 return (error);
1896
1897 /* XXX Weird but this is what the vendor driver does. */
1898 sc->last_rom_addr = 0x1fa;
1899 error = urtwn_efuse_read_next(sc, &sc->pa_setting);
1900 if (error != 0)
1901 return (error);
1902 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: PA setting=0x%x\n", __func__,
1903 sc->pa_setting);
1904
1905 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE);
1906
1907 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY);
1908 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type=%d\n",
1909 __func__, sc->regulatory);
1910 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr);
1911
1912 sc->sc_rf_write = urtwn_r92c_rf_write;
1913 sc->sc_power_on = urtwn_r92c_power_on;
1914 sc->sc_power_off = urtwn_r92c_power_off;
1915
1916 return (0);
1917}
1918
1919static int
1920urtwn_r88e_read_rom(struct urtwn_softc *sc)
1921{
1922 struct r88e_rom *rom = &sc->rom.r88e_rom;
1923 int error;
1924
1925 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(sc->rom.r88e_rom));
1926 if (error != 0)
1927 return (error);
1928
1929 sc->bw20_tx_pwr_diff = (rom->tx_pwr_diff >> 4);
1930 if (sc->bw20_tx_pwr_diff & 0x08)
1931 sc->bw20_tx_pwr_diff |= 0xf0;
1932 sc->ofdm_tx_pwr_diff = (rom->tx_pwr_diff & 0xf);
1933 if (sc->ofdm_tx_pwr_diff & 0x08)
1934 sc->ofdm_tx_pwr_diff |= 0xf0;
1935 sc->regulatory = MS(rom->rf_board_opt, R92C_ROM_RF1_REGULATORY);
1936 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type %d\n",
1937 __func__,sc->regulatory);
1938 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr);
1939
1940 sc->sc_rf_write = urtwn_r88e_rf_write;
1941 sc->sc_power_on = urtwn_r88e_power_on;
1942 sc->sc_power_off = urtwn_r88e_power_off;
1943
1944 return (0);
1945}
1946
1947static __inline uint8_t
1948rate2ridx(uint8_t rate)
1949{
1950 if (rate & IEEE80211_RATE_MCS) {
1951 /* 11n rates start at idx 12 */
1952 return ((rate & 0xf) + 12);
1953 }
1954 switch (rate) {
1955 /* 11g */
1956 case 12: return 4;
1957 case 18: return 5;
1958 case 24: return 6;
1959 case 36: return 7;
1960 case 48: return 8;
1961 case 72: return 9;
1962 case 96: return 10;
1963 case 108: return 11;
1964 /* 11b */
1965 case 2: return 0;
1966 case 4: return 1;
1967 case 11: return 2;
1968 case 22: return 3;
1969 default: return URTWN_RIDX_UNKNOWN;
1970 }
1971}
1972
1973/*
1974 * Initialize rate adaptation in firmware.
1975 */
1976static int
1977urtwn_ra_init(struct urtwn_softc *sc)
1978{
1979 struct ieee80211com *ic = &sc->sc_ic;
1980 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
1981 struct ieee80211_node *ni;
1982 struct ieee80211_rateset *rs, *rs_ht;
1983 struct r92c_fw_cmd_macid_cfg cmd;
1984 uint32_t rates, basicrates;
1985 uint8_t mode, ridx;
1986 int maxrate, maxbasicrate, error, i;
1987
1988 ni = ieee80211_ref_node(vap->iv_bss);
1989 rs = &ni->ni_rates;
1990 rs_ht = (struct ieee80211_rateset *) &ni->ni_htrates;
1991
1992 /* Get normal and basic rates mask. */
1993 rates = basicrates = 0;
1994 maxrate = maxbasicrate = 0;
1995
1996 /* This is for 11bg */
1997 for (i = 0; i < rs->rs_nrates; i++) {
1998 /* Convert 802.11 rate to HW rate index. */
1999 ridx = rate2ridx(IEEE80211_RV(rs->rs_rates[i]));
2000 if (ridx == URTWN_RIDX_UNKNOWN) /* Unknown rate, skip. */
2001 continue;
2002 rates |= 1 << ridx;
2003 if (ridx > maxrate)
2004 maxrate = ridx;
2005 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) {
2006 basicrates |= 1 << ridx;
2007 if (ridx > maxbasicrate)
2008 maxbasicrate = ridx;
2009 }
2010 }
2011
2012 /* If we're doing 11n, enable 11n rates */
2013 if (ni->ni_flags & IEEE80211_NODE_HT) {
2014 for (i = 0; i < rs_ht->rs_nrates; i++) {
2015 if ((rs_ht->rs_rates[i] & 0x7f) > 0xf)
2016 continue;
2017 /* 11n rates start at index 12 */
2018 ridx = ((rs_ht->rs_rates[i]) & 0xf) + 12;
2019 rates |= (1 << ridx);
2020
2021 /* Guard against the rate table being oddly ordered */
2022 if (ridx > maxrate)
2023 maxrate = ridx;
2024 }
2025 }
2026
2027#if 0
2028 if (ic->ic_curmode == IEEE80211_MODE_11NG)
2029 raid = R92C_RAID_11GN;
2030#endif
2031 /* NB: group addressed frames are done at 11bg rates for now */
2032 if (ic->ic_curmode == IEEE80211_MODE_11B)
2033 mode = R92C_RAID_11B;
2034 else
2035 mode = R92C_RAID_11BG;
2036 /* XXX misleading 'mode' value here for unicast frames */
2037 URTWN_DPRINTF(sc, URTWN_DEBUG_RA,
2038 "%s: mode 0x%x, rates 0x%08x, basicrates 0x%08x\n", __func__,
2039 mode, rates, basicrates);
2040
2041 /* Set rates mask for group addressed frames. */
2042 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID;
2043 cmd.mask = htole32(mode << 28 | basicrates);
2044 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd));
2045 if (error != 0) {
2046 ieee80211_free_node(ni);
2047 device_printf(sc->sc_dev,
2048 "could not add broadcast station\n");
2049 return (error);
2050 }
2051
2052 /* Set initial MRR rate. */
2053 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxbasicrate %d\n", __func__,
2054 maxbasicrate);
2055 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC),
2056 maxbasicrate);
2057
2058 /* Set rates mask for unicast frames. */
2059 if (ni->ni_flags & IEEE80211_NODE_HT)
2060 mode = R92C_RAID_11GN;
2061 else if (ic->ic_curmode == IEEE80211_MODE_11B)
2062 mode = R92C_RAID_11B;
2063 else
2064 mode = R92C_RAID_11BG;
2065 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID;
2066 cmd.mask = htole32(mode << 28 | rates);
2067 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd));
2068 if (error != 0) {
2069 ieee80211_free_node(ni);
2070 device_printf(sc->sc_dev, "could not add BSS station\n");
2071 return (error);
2072 }
2073 /* Set initial MRR rate. */
2074 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxrate %d\n", __func__,
2075 maxrate);
2076 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS),
2077 maxrate);
2078
2079 /* Indicate highest supported rate. */
2080 if (ni->ni_flags & IEEE80211_NODE_HT)
2081 ni->ni_txrate = rs_ht->rs_rates[rs_ht->rs_nrates - 1]
2082 | IEEE80211_RATE_MCS;
2083 else
2084 ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1];
2085 ieee80211_free_node(ni);
2086
2087 return (0);
2088}
2089
2090static void
2091urtwn_init_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp)
2092{
2093 struct r92c_tx_desc *txd = &uvp->bcn_desc;
2094
2095 txd->txdw0 = htole32(
2096 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | R92C_TXDW0_BMCAST |
2097 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
2098 txd->txdw1 = htole32(
2099 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_BEACON) |
2100 SM(R92C_TXDW1_RAID, R92C_RAID_11B));
2101
2102 if (sc->chip & URTWN_CHIP_88E) {
2103 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC));
2104 txd->txdseq |= htole16(R88E_TXDSEQ_HWSEQ_EN);
2105 } else {
2106 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC));
2107 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
2108 }
2109
2110 txd->txdw4 = htole32(R92C_TXDW4_DRVRATE);
2111 txd->txdw5 = htole32(SM(R92C_TXDW5_DATARATE, URTWN_RIDX_CCK1));
2112}
2113
2114static int
2115urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni)
2116{
2117 struct ieee80211vap *vap = ni->ni_vap;
2118 struct urtwn_vap *uvp = URTWN_VAP(vap);
2119 struct mbuf *m;
2120 int error;
2121
2122 URTWN_ASSERT_LOCKED(sc);
2123
2124 if (ni->ni_chan == IEEE80211_CHAN_ANYC)
2125 return (EINVAL);
2126
2127 m = ieee80211_beacon_alloc(ni);
2128 if (m == NULL) {
2129 device_printf(sc->sc_dev,
2130 "%s: could not allocate beacon frame\n", __func__);
2131 return (ENOMEM);
2132 }
2133
2134 if (uvp->bcn_mbuf != NULL)
2135 m_freem(uvp->bcn_mbuf);
2136
2137 uvp->bcn_mbuf = m;
2138
2139 if ((error = urtwn_tx_beacon(sc, uvp)) != 0)
2140 return (error);
2141
2142 /* XXX bcnq stuck workaround */
2143 if ((error = urtwn_tx_beacon(sc, uvp)) != 0)
2144 return (error);
2145
2146 URTWN_DPRINTF(sc, URTWN_DEBUG_BEACON, "%s: beacon was %srecognized\n",
2147 __func__, urtwn_read_1(sc, R92C_TDECTRL + 2) &
2148 (R92C_TDECTRL_BCN_VALID >> 16) ? "" : "not ");
2149
2150 return (0);
2151}
2152
2153static void
2154urtwn_update_beacon(struct ieee80211vap *vap, int item)
2155{
2156 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2157 struct urtwn_vap *uvp = URTWN_VAP(vap);
2158 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off;
2159 struct ieee80211_node *ni = vap->iv_bss;
2160 int mcast = 0;
2161
2162 URTWN_LOCK(sc);
2163 if (uvp->bcn_mbuf == NULL) {
2164 uvp->bcn_mbuf = ieee80211_beacon_alloc(ni);
2165 if (uvp->bcn_mbuf == NULL) {
2166 device_printf(sc->sc_dev,
2167 "%s: could not allocate beacon frame\n", __func__);
2168 URTWN_UNLOCK(sc);
2169 return;
2170 }
2171 }
2172 URTWN_UNLOCK(sc);
2173
2174 if (item == IEEE80211_BEACON_TIM)
2175 mcast = 1; /* XXX */
2176
2177 setbit(bo->bo_flags, item);
2178 ieee80211_beacon_update(ni, uvp->bcn_mbuf, mcast);
2179
2180 URTWN_LOCK(sc);
2181 urtwn_tx_beacon(sc, uvp);
2182 URTWN_UNLOCK(sc);
2183}
2184
2185/*
2186 * Push a beacon frame into the chip. Beacon will
2187 * be repeated by the chip every R92C_BCN_INTERVAL.
2188 */
2189static int
2190urtwn_tx_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp)
2191{
2192 struct r92c_tx_desc *desc = &uvp->bcn_desc;
2193 struct urtwn_data *bf;
2194
2195 URTWN_ASSERT_LOCKED(sc);
2196
2197 bf = urtwn_getbuf(sc);
2198 if (bf == NULL)
2199 return (ENOMEM);
2200
2201 memcpy(bf->buf, desc, sizeof(*desc));
2202 urtwn_tx_start(sc, uvp->bcn_mbuf, IEEE80211_FC0_TYPE_MGT, bf);
2203
2204 sc->sc_txtimer = 5;
2205 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
2206
2207 return (0);
2208}
2209
2210static int
2211urtwn_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k,
2212 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix)
2213{
2214 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2215 uint8_t i;
2216
2217 if (!(&vap->iv_nw_keys[0] <= k &&
2218 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) {
2219 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
2220 URTWN_LOCK(sc);
2221 /*
2222 * First 4 slots for group keys,
2223 * what is left - for pairwise.
2224 * XXX incompatible with IBSS RSN.
2225 */
2226 for (i = IEEE80211_WEP_NKID;
2227 i < R92C_CAM_ENTRY_COUNT; i++) {
2228 if ((sc->keys_bmap & (1 << i)) == 0) {
2229 sc->keys_bmap |= 1 << i;
2230 *keyix = i;
2231 break;
2232 }
2233 }
2234 URTWN_UNLOCK(sc);
2235 if (i == R92C_CAM_ENTRY_COUNT) {
2236 device_printf(sc->sc_dev,
2237 "%s: no free space in the key table\n",
2238 __func__);
2239 return 0;
2240 }
2241 } else
2242 *keyix = 0;
2243 } else {
2244 *keyix = k - vap->iv_nw_keys;
2245 }
2246 *rxkeyix = *keyix;
2247 return 1;
2248}
2249
2250static void
2251urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data)
2252{
2253 struct ieee80211_key *k = &data->key;
2254 uint8_t algo, keyid;
2255 int i, error;
2256
2257 if (k->wk_keyix < IEEE80211_WEP_NKID)
2258 keyid = k->wk_keyix;
2259 else
2260 keyid = 0;
2261
2262 /* Map net80211 cipher to HW crypto algorithm. */
2263 switch (k->wk_cipher->ic_cipher) {
2264 case IEEE80211_CIPHER_WEP:
2265 if (k->wk_keylen < 8)
2266 algo = R92C_CAM_ALGO_WEP40;
2267 else
2268 algo = R92C_CAM_ALGO_WEP104;
2269 break;
2270 case IEEE80211_CIPHER_TKIP:
2271 algo = R92C_CAM_ALGO_TKIP;
2272 break;
2273 case IEEE80211_CIPHER_AES_CCM:
2274 algo = R92C_CAM_ALGO_AES;
2275 break;
2276 default:
2277 device_printf(sc->sc_dev, "%s: undefined cipher %d\n",
2278 __func__, k->wk_cipher->ic_cipher);
2279 return;
2280 }
2281
2282 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY,
2283 "%s: keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, "
2284 "macaddr %s\n", __func__, k->wk_keyix, keyid,
2285 k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen,
2286 ether_sprintf(k->wk_macaddr));
2287
2288 /* Write key. */
2289 for (i = 0; i < 4; i++) {
2290 error = urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i),
2291 le32dec(&k->wk_key[i * 4]));
2292 if (error != 0)
2293 goto fail;
2294 }
2295
2296 /* Write CTL0 last since that will validate the CAM entry. */
2297 error = urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix),
2298 le32dec(&k->wk_macaddr[2]));
2299 if (error != 0)
2300 goto fail;
2301 error = urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix),
2302 SM(R92C_CAM_ALGO, algo) |
2303 SM(R92C_CAM_KEYID, keyid) |
2304 SM(R92C_CAM_MACLO, le16dec(&k->wk_macaddr[0])) |
2305 R92C_CAM_VALID);
2306 if (error != 0)
2307 goto fail;
2308
2309 return;
2310
2311fail:
2312 device_printf(sc->sc_dev, "%s fails, error %d\n", __func__, error);
2313}
2314
2315static void
2316urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data)
2317{
2318 struct ieee80211_key *k = &data->key;
2319 int i;
2320
2321 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY,
2322 "%s: keyix %d, flags %04X, macaddr %s\n", __func__,
2323 k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr));
2324
2325 urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0);
2326 urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 0);
2327
2328 /* Clear key. */
2329 for (i = 0; i < 4; i++)
2330 urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 0);
2331 sc->keys_bmap &= ~(1 << k->wk_keyix);
2332}
2333
2334static int
2335urtwn_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k)
2336{
2337 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2338
2339 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
2340 /* Not for us. */
2341 return (1);
2342 }
2343
2344 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_set_cb));
2345}
2346
2347static int
2348urtwn_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k)
2349{
2350 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2351
2352 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
2353 /* Not for us. */
2354 return (1);
2355 }
2356
2357 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_del_cb));
2358}
2359
2360static void
2361urtwn_tsf_task_adhoc(void *arg, int pending)
2362{
2363 struct ieee80211vap *vap = arg;
2364 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2365 struct ieee80211_node *ni;
2366 uint32_t reg;
2367
2368 URTWN_LOCK(sc);
2369 ni = ieee80211_ref_node(vap->iv_bss);
2370 reg = urtwn_read_1(sc, R92C_BCN_CTRL);
2371
2372 /* Accept beacons with the same BSSID. */
2373 urtwn_set_rx_bssid_all(sc, 0);
2374
2375 /* Enable synchronization. */
2376 reg &= ~R92C_BCN_CTRL_DIS_TSF_UDT0;
2377 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2378
2379 /* Synchronize. */
2380 usb_pause_mtx(&sc->sc_mtx, hz * ni->ni_intval * 5 / 1000);
2381
2382 /* Disable synchronization. */
2383 reg |= R92C_BCN_CTRL_DIS_TSF_UDT0;
2384 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2385
2386 /* Remove beacon filter. */
2387 urtwn_set_rx_bssid_all(sc, 1);
2388
2389 /* Enable beaconing. */
2390 urtwn_write_1(sc, R92C_MBID_NUM,
2391 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0);
2392 reg |= R92C_BCN_CTRL_EN_BCN;
2393
2394 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2395 ieee80211_free_node(ni);
2396 URTWN_UNLOCK(sc);
2397}
2398
2399static void
2400urtwn_tsf_sync_enable(struct urtwn_softc *sc, struct ieee80211vap *vap)
2401{
2402 struct ieee80211com *ic = &sc->sc_ic;
2403 struct urtwn_vap *uvp = URTWN_VAP(vap);
2404
2405 /* Reset TSF. */
2406 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0);
2407
2408 switch (vap->iv_opmode) {
2409 case IEEE80211_M_STA:
2410 /* Enable TSF synchronization. */
2411 urtwn_write_1(sc, R92C_BCN_CTRL,
2412 urtwn_read_1(sc, R92C_BCN_CTRL) &
2413 ~R92C_BCN_CTRL_DIS_TSF_UDT0);
2414 break;
2415 case IEEE80211_M_IBSS:
2416 ieee80211_runtask(ic, &uvp->tsf_task_adhoc);
2417 break;
2418 case IEEE80211_M_HOSTAP:
2419 /* Enable beaconing. */
2420 urtwn_write_1(sc, R92C_MBID_NUM,
2421 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0);
2422 urtwn_write_1(sc, R92C_BCN_CTRL,
2423 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN);
2424 break;
2425 default:
2426 device_printf(sc->sc_dev, "undefined opmode %d\n",
2427 vap->iv_opmode);
2428 return;
2429 }
2430}
2431
2432static void
2433urtwn_get_tsf(struct urtwn_softc *sc, uint64_t *buf)
2434{
2435 urtwn_read_region_1(sc, R92C_TSFTR, (uint8_t *)buf, sizeof(*buf));
2436}
2437
2438static void
2439urtwn_set_led(struct urtwn_softc *sc, int led, int on)
2440{
2441 uint8_t reg;
2442
2443 if (led == URTWN_LED_LINK) {
2444 if (sc->chip & URTWN_CHIP_88E) {
2445 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0xf0;
2446 urtwn_write_1(sc, R92C_LEDCFG2, reg | 0x60);
2447 if (!on) {
2448 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0x90;
2449 urtwn_write_1(sc, R92C_LEDCFG2,
2450 reg | R92C_LEDCFG0_DIS);
2451 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG,
2452 urtwn_read_1(sc, R92C_MAC_PINMUX_CFG) &
2453 0xfe);
2454 }
2455 } else {
2456 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70;
2457 if (!on)
2458 reg |= R92C_LEDCFG0_DIS;
2459 urtwn_write_1(sc, R92C_LEDCFG0, reg);
2460 }
2461 sc->ledlink = on; /* Save LED state. */
2462 }
2463}
2464
2465static void
2466urtwn_set_mode(struct urtwn_softc *sc, uint8_t mode)
2467{
2468 uint8_t reg;
2469
2470 reg = urtwn_read_1(sc, R92C_MSR);
2471 reg = (reg & ~R92C_MSR_MASK) | mode;
2472 urtwn_write_1(sc, R92C_MSR, reg);
2473}
2474
2475static void
2476urtwn_ibss_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype,
2477 const struct ieee80211_rx_stats *rxs,
2478 int rssi, int nf)
2479{
2480 struct ieee80211vap *vap = ni->ni_vap;
2481 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2482 struct urtwn_vap *uvp = URTWN_VAP(vap);
2483 uint64_t ni_tstamp, curr_tstamp;
2484
2485 uvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf);
2486
2487 if (vap->iv_state == IEEE80211_S_RUN &&
2488 (subtype == IEEE80211_FC0_SUBTYPE_BEACON ||
2489 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) {
2490 ni_tstamp = le64toh(ni->ni_tstamp.tsf);
2491 URTWN_LOCK(sc);
2492 urtwn_get_tsf(sc, &curr_tstamp);
2493 URTWN_UNLOCK(sc);
2494 curr_tstamp = le64toh(curr_tstamp);
2495
2496 if (ni_tstamp >= curr_tstamp)
2497 (void) ieee80211_ibss_merge(ni);
2498 }
2499}
2500
2501static int
2502urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
2503{
2504 struct urtwn_vap *uvp = URTWN_VAP(vap);
2505 struct ieee80211com *ic = vap->iv_ic;
2506 struct urtwn_softc *sc = ic->ic_softc;
2507 struct ieee80211_node *ni;
2508 enum ieee80211_state ostate;
2509 uint32_t reg;
2510 uint8_t mode;
2511 int error = 0;
2512
2513 ostate = vap->iv_state;
2514 URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s -> %s\n",
2515 ieee80211_state_name[ostate], ieee80211_state_name[nstate]);
2516
2517 IEEE80211_UNLOCK(ic);
2518 URTWN_LOCK(sc);
2519 callout_stop(&sc->sc_watchdog_ch);
2520
2521 if (ostate == IEEE80211_S_RUN) {
2522 /* Stop calibration. */
2523 callout_stop(&sc->sc_calib_to);
2524
2525 /* Turn link LED off. */
2526 urtwn_set_led(sc, URTWN_LED_LINK, 0);
2527
2528 /* Set media status to 'No Link'. */
2529 urtwn_set_mode(sc, R92C_MSR_NOLINK);
2530
2531 /* Stop Rx of data frames. */
2532 urtwn_write_2(sc, R92C_RXFLTMAP2, 0);
2533
2534 /* Disable TSF synchronization. */
2535 urtwn_write_1(sc, R92C_BCN_CTRL,
2536 (urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN) |
2537 R92C_BCN_CTRL_DIS_TSF_UDT0);
2538
2539 /* Disable beaconing. */
2540 urtwn_write_1(sc, R92C_MBID_NUM,
2541 urtwn_read_1(sc, R92C_MBID_NUM) & ~R92C_MBID_TXBCN_RPT0);
2542
2543 /* Reset TSF. */
2544 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0);
2545
2546 /* Reset EDCA parameters. */
2547 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217);
2548 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317);
2549 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320);
2550 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444);
2551 }
2552
2553 switch (nstate) {
2554 case IEEE80211_S_INIT:
2555 /* Turn link LED off. */
2556 urtwn_set_led(sc, URTWN_LED_LINK, 0);
2557 break;
2558 case IEEE80211_S_SCAN:
2559 /* Pause AC Tx queues. */
2560 urtwn_write_1(sc, R92C_TXPAUSE,
2561 urtwn_read_1(sc, R92C_TXPAUSE) | R92C_TX_QUEUE_AC);
2562 break;
2563 case IEEE80211_S_AUTH:
2564 urtwn_set_chan(sc, ic->ic_curchan, NULL);
2565 break;
2566 case IEEE80211_S_RUN:
2567 if (vap->iv_opmode == IEEE80211_M_MONITOR) {
2568 /* Turn link LED on. */
2569 urtwn_set_led(sc, URTWN_LED_LINK, 1);
2570 break;
2571 }
2572
2573 ni = ieee80211_ref_node(vap->iv_bss);
2574
2575 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC ||
2576 ni->ni_chan == IEEE80211_CHAN_ANYC) {
2577 device_printf(sc->sc_dev,
2578 "%s: could not move to RUN state\n", __func__);
2579 error = EINVAL;
2580 goto end_run;
2581 }
2582
2583 switch (vap->iv_opmode) {
2584 case IEEE80211_M_STA:
2585 mode = R92C_MSR_INFRA;
2586 break;
2587 case IEEE80211_M_IBSS:
2588 mode = R92C_MSR_ADHOC;
2589 break;
2590 case IEEE80211_M_HOSTAP:
2591 mode = R92C_MSR_AP;
2592 break;
2593 default:
2594 device_printf(sc->sc_dev, "undefined opmode %d\n",
2595 vap->iv_opmode);
2596 error = EINVAL;
2597 goto end_run;
2598 }
2599
2600 /* Set media status to 'Associated'. */
2601 urtwn_set_mode(sc, mode);
2602
2603 /* Set BSSID. */
2604 urtwn_write_4(sc, R92C_BSSID + 0, le32dec(&ni->ni_bssid[0]));
2605 urtwn_write_4(sc, R92C_BSSID + 4, le16dec(&ni->ni_bssid[4]));
2606
2607 if (ic->ic_curmode == IEEE80211_MODE_11B)
2608 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0);
2609 else /* 802.11b/g */
2610 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3);
2611
2612 /* Enable Rx of data frames. */
2613 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff);
2614
2615 /* Flush all AC queues. */
2616 urtwn_write_1(sc, R92C_TXPAUSE, 0);
2617
2618 /* Set beacon interval. */
2619 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval);
2620
2621 /* Allow Rx from our BSSID only. */
2622 if (ic->ic_promisc == 0) {
2623 reg = urtwn_read_4(sc, R92C_RCR);
2624
2625 if (vap->iv_opmode != IEEE80211_M_HOSTAP)
2626 reg |= R92C_RCR_CBSSID_DATA;
2627 if (vap->iv_opmode != IEEE80211_M_IBSS)
2628 reg |= R92C_RCR_CBSSID_BCN;
2629
2630 urtwn_write_4(sc, R92C_RCR, reg);
2631 }
2632
2633 if (vap->iv_opmode == IEEE80211_M_HOSTAP ||
2634 vap->iv_opmode == IEEE80211_M_IBSS) {
2635 error = urtwn_setup_beacon(sc, ni);
2636 if (error != 0) {
2637 device_printf(sc->sc_dev,
2638 "unable to push beacon into the chip, "
2639 "error %d\n", error);
2640 goto end_run;
2641 }
2642 }
2643
2644 /* Enable TSF synchronization. */
2645 urtwn_tsf_sync_enable(sc, vap);
2646
2647 urtwn_write_1(sc, R92C_SIFS_CCK + 1, 10);
2648 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10);
2649 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10);
2650 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10);
2651 urtwn_write_1(sc, R92C_R2T_SIFS + 1, 10);
2652 urtwn_write_1(sc, R92C_T2T_SIFS + 1, 10);
2653
2654 /* Intialize rate adaptation. */
2655 if (!(sc->chip & URTWN_CHIP_88E))
2656 urtwn_ra_init(sc);
2657 /* Turn link LED on. */
2658 urtwn_set_led(sc, URTWN_LED_LINK, 1);
2659
2660 sc->avg_pwdb = -1; /* Reset average RSSI. */
2661 /* Reset temperature calibration state machine. */
2662 sc->sc_flags &= ~URTWN_TEMP_MEASURED;
2663 sc->thcal_lctemp = 0;
2664 /* Start periodic calibration. */
2665 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc);
2666
2667end_run:
2668 ieee80211_free_node(ni);
2669 break;
2670 default:
2671 break;
2672 }
2673
2674 URTWN_UNLOCK(sc);
2675 IEEE80211_LOCK(ic);
2676 return (error != 0 ? error : uvp->newstate(vap, nstate, arg));
2677}
2678
2679static void
2680urtwn_calib_to(void *arg)
2681{
2682 struct urtwn_softc *sc = arg;
2683
2684 /* Do it in a process context. */
2685 urtwn_cmd_sleepable(sc, NULL, 0, urtwn_calib_cb);
2686}
2687
2688static void
2689urtwn_calib_cb(struct urtwn_softc *sc, union sec_param *data)
2690{
2691 /* Do temperature compensation. */
2692 urtwn_temp_calib(sc);
2693
2694 if ((urtwn_read_1(sc, R92C_MSR) & R92C_MSR_MASK) != R92C_MSR_NOLINK)
2695 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc);
2696}
2697
2698static void
2699urtwn_watchdog(void *arg)
2700{
2701 struct urtwn_softc *sc = arg;
2702
2703 if (sc->sc_txtimer > 0) {
2704 if (--sc->sc_txtimer == 0) {
2705 device_printf(sc->sc_dev, "device timeout\n");
2706 counter_u64_add(sc->sc_ic.ic_oerrors, 1);
2707 return;
2708 }
2709 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
2710 }
2711}
2712
2713static void
2714urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi)
2715{
2716 int pwdb;
2717
2718 /* Convert antenna signal to percentage. */
2719 if (rssi <= -100 || rssi >= 20)
2720 pwdb = 0;
2721 else if (rssi >= 0)
2722 pwdb = 100;
2723 else
2724 pwdb = 100 + rssi;
2725 if (!(sc->chip & URTWN_CHIP_88E)) {
2726 if (rate <= URTWN_RIDX_CCK11) {
2727 /* CCK gain is smaller than OFDM/MCS gain. */
2728 pwdb += 6;
2729 if (pwdb > 100)
2730 pwdb = 100;
2731 if (pwdb <= 14)
2732 pwdb -= 4;
2733 else if (pwdb <= 26)
2734 pwdb -= 8;
2735 else if (pwdb <= 34)
2736 pwdb -= 6;
2737 else if (pwdb <= 42)
2738 pwdb -= 2;
2739 }
2740 }
2741 if (sc->avg_pwdb == -1) /* Init. */
2742 sc->avg_pwdb = pwdb;
2743 else if (sc->avg_pwdb < pwdb)
2744 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1;
2745 else
2746 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20);
2747 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: PWDB %d, EMA %d\n", __func__,
2748 pwdb, sc->avg_pwdb);
2749}
2750
2751static int8_t
2752urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt)
2753{
2754 static const int8_t cckoff[] = { 16, -12, -26, -46 };
2755 struct r92c_rx_phystat *phy;
2756 struct r92c_rx_cck *cck;
2757 uint8_t rpt;
2758 int8_t rssi;
2759
2760 if (rate <= URTWN_RIDX_CCK11) {
2761 cck = (struct r92c_rx_cck *)physt;
2762 if (sc->sc_flags & URTWN_FLAG_CCK_HIPWR) {
2763 rpt = (cck->agc_rpt >> 5) & 0x3;
2764 rssi = (cck->agc_rpt & 0x1f) << 1;
2765 } else {
2766 rpt = (cck->agc_rpt >> 6) & 0x3;
2767 rssi = cck->agc_rpt & 0x3e;
2768 }
2769 rssi = cckoff[rpt] - rssi;
2770 } else { /* OFDM/HT. */
2771 phy = (struct r92c_rx_phystat *)physt;
2772 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110;
2773 }
2774 return (rssi);
2775}
2776
2777static int8_t
2778urtwn_r88e_get_rssi(struct urtwn_softc *sc, int rate, void *physt)
2779{
2780 struct r92c_rx_phystat *phy;
2781 struct r88e_rx_cck *cck;
2782 uint8_t cck_agc_rpt, lna_idx, vga_idx;
2783 int8_t rssi;
2784
2785 rssi = 0;
2786 if (rate <= URTWN_RIDX_CCK11) {
2787 cck = (struct r88e_rx_cck *)physt;
2788 cck_agc_rpt = cck->agc_rpt;
2789 lna_idx = (cck_agc_rpt & 0xe0) >> 5;
2790 vga_idx = cck_agc_rpt & 0x1f;
2791 switch (lna_idx) {
2792 case 7:
2793 if (vga_idx <= 27)
2794 rssi = -100 + 2* (27 - vga_idx);
2795 else
2796 rssi = -100;
2797 break;
2798 case 6:
2799 rssi = -48 + 2 * (2 - vga_idx);
2800 break;
2801 case 5:
2802 rssi = -42 + 2 * (7 - vga_idx);
2803 break;
2804 case 4:
2805 rssi = -36 + 2 * (7 - vga_idx);
2806 break;
2807 case 3:
2808 rssi = -24 + 2 * (7 - vga_idx);
2809 break;
2810 case 2:
2811 rssi = -12 + 2 * (5 - vga_idx);
2812 break;
2813 case 1:
2814 rssi = 8 - (2 * vga_idx);
2815 break;
2816 case 0:
2817 rssi = 14 - (2 * vga_idx);
2818 break;
2819 }
2820 rssi += 6;
2821 } else { /* OFDM/HT. */
2822 phy = (struct r92c_rx_phystat *)physt;
2823 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110;
2824 }
2825 return (rssi);
2826}
2827
2828static int
2829urtwn_tx_data(struct urtwn_softc *sc, struct ieee80211_node *ni,
2830 struct mbuf *m, struct urtwn_data *data)
2831{
2832 const struct ieee80211_txparam *tp;
2833 struct ieee80211com *ic = &sc->sc_ic;
2834 struct ieee80211vap *vap = ni->ni_vap;
2835 struct ieee80211_key *k = NULL;
2836 struct ieee80211_channel *chan;
2837 struct ieee80211_frame *wh;
2838 struct r92c_tx_desc *txd;
2839 uint8_t macid, raid, rate, ridx, subtype, type, tid, qsel;
2840 int hasqos, ismcast;
2841
2842 URTWN_ASSERT_LOCKED(sc);
2843
2844 /*
2845 * Software crypto.
2846 */
2847 wh = mtod(m, struct ieee80211_frame *);
2848 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
2849 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
2850 hasqos = IEEE80211_QOS_HAS_SEQ(wh);
2851 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
2852
2853 /* Select TX ring for this frame. */
2854 if (hasqos) {
2855 tid = ((const struct ieee80211_qosframe *)wh)->i_qos[0];
2856 tid &= IEEE80211_QOS_TID;
2857 } else
2858 tid = 0;
2859
2860 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ?
2861 ni->ni_chan : ic->ic_curchan;
2862 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)];
2863
2864 /* Choose a TX rate index. */
2865 if (type == IEEE80211_FC0_TYPE_MGT)
2866 rate = tp->mgmtrate;
2867 else if (ismcast)
2868 rate = tp->mcastrate;
2869 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE)
2870 rate = tp->ucastrate;
2871 else if (m->m_flags & M_EAPOL)
2872 rate = tp->mgmtrate;
2873 else {
2874 if (URTWN_CHIP_HAS_RATECTL(sc)) {
2875 /* XXX pass pktlen */
2876 (void) ieee80211_ratectl_rate(ni, NULL, 0);
2877 rate = ni->ni_txrate;
2878 } else {
2879 /* XXX TODO: drop the default rate for 11b/11g? */
2880 if (ni->ni_flags & IEEE80211_NODE_HT)
2881 rate = IEEE80211_RATE_MCS | 0x4; /* MCS4 */
2882 else if (ic->ic_curmode != IEEE80211_MODE_11B)
2883 rate = 108;
2884 else
2885 rate = 22;
2886 }
2887 }
2888
2889 /*
2890 * XXX TODO: this should be per-node, for 11b versus 11bg
2891 * nodes in hostap mode
2892 */
2893 ridx = rate2ridx(rate);
2894 if (ni->ni_flags & IEEE80211_NODE_HT)
2895 raid = R92C_RAID_11GN;
2896 else if (ic->ic_curmode != IEEE80211_MODE_11B)
2897 raid = R92C_RAID_11BG;
2898 else
2899 raid = R92C_RAID_11B;
2900
2901 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) {
2902 k = ieee80211_crypto_encap(ni, m);
2903 if (k == NULL) {
2904 device_printf(sc->sc_dev,
2905 "ieee80211_crypto_encap returns NULL.\n");
2906 return (ENOBUFS);
2907 }
2908
2909 /* in case packet header moved, reset pointer */
2910 wh = mtod(m, struct ieee80211_frame *);
2911 }
2912
2913 /* Fill Tx descriptor. */
2914 txd = (struct r92c_tx_desc *)data->buf;
2915 memset(txd, 0, sizeof(*txd));
2916
2917 txd->txdw0 |= htole32(
2918 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) |
2919 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
2920 if (ismcast)
2921 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST);
2922
2923 if (!ismcast) {
2924 if (sc->chip & URTWN_CHIP_88E) {
2925 struct urtwn_node *un = URTWN_NODE(ni);
2926 macid = un->id;
2927 } else
2928 macid = URTWN_MACID_BSS;
2929
2930 if (type == IEEE80211_FC0_TYPE_DATA) {
2931 qsel = tid % URTWN_MAX_TID;
2932
2933 if (sc->chip & URTWN_CHIP_88E) {
2934 txd->txdw2 |= htole32(
2935 R88E_TXDW2_AGGBK |
2936 R88E_TXDW2_CCX_RPT);
2937 } else
2938 txd->txdw1 |= htole32(R92C_TXDW1_AGGBK);
2939
2940 /* protmode, non-HT */
2941 /* XXX TODO: noack frames? */
2942 if ((rate & 0x80) == 0 &&
2943 (ic->ic_flags & IEEE80211_F_USEPROT)) {
2944 switch (ic->ic_protmode) {
2945 case IEEE80211_PROT_CTSONLY:
2946 txd->txdw4 |= htole32(
2947 R92C_TXDW4_CTS2SELF |
2948 R92C_TXDW4_HWRTSEN);
2949 break;
2950 case IEEE80211_PROT_RTSCTS:
2951 txd->txdw4 |= htole32(
2952 R92C_TXDW4_RTSEN |
2953 R92C_TXDW4_HWRTSEN);
2954 break;
2955 default:
2956 break;
2957 }
2958 }
2959
2960 /* protmode, HT */
2961 /* XXX TODO: noack frames? */
2962 if ((rate & 0x80) &&
2963 (ic->ic_htprotmode == IEEE80211_PROT_RTSCTS)) {
2964 txd->txdw4 |= htole32(
2965 R92C_TXDW4_RTSEN |
2966 R92C_TXDW4_HWRTSEN);
2967 }
2968
2969 /* XXX TODO: rtsrate is configurable? 24mbit may
2970 * be a bit high for RTS rate? */
2971 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE,
2972 URTWN_RIDX_OFDM24));
2973
2974 txd->txdw5 |= htole32(0x0001ff00);
2975 } else /* IEEE80211_FC0_TYPE_MGT */
2976 qsel = R92C_TXDW1_QSEL_MGNT;
2977 } else {
2978 macid = URTWN_MACID_BC;
2979 qsel = R92C_TXDW1_QSEL_MGNT;
2980 }
2981
2982 txd->txdw1 |= htole32(
2983 SM(R92C_TXDW1_QSEL, qsel) |
2984 SM(R92C_TXDW1_RAID, raid));
2985
2986 /* XXX TODO: 40MHZ flag? */
2987 /* XXX TODO: AMPDU flag? (AGG_ENABLE or AGG_BREAK?) Density shift? */
2988 /* XXX Short preamble? */
2989 /* XXX Short-GI? */
2990
2991 if (sc->chip & URTWN_CHIP_88E)
2992 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, macid));
2993 else
2994 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, macid));
2995
2996 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx));
2997
2998 /* Force this rate if needed. */
2999 if (URTWN_CHIP_HAS_RATECTL(sc) || ismcast ||
3000 (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) ||
3001 (m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA)
3002 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE);
3003
3004 if (!hasqos) {
3005 /* Use HW sequence numbering for non-QoS frames. */
3006 if (sc->chip & URTWN_CHIP_88E)
3007 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN);
3008 else
3009 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
3010 } else {
3011 /* Set sequence number. */
3012 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE);
3013 }
3014
3015 if (k != NULL && !(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
3016 uint8_t cipher;
3017
3018 switch (k->wk_cipher->ic_cipher) {
3019 case IEEE80211_CIPHER_WEP:
3020 case IEEE80211_CIPHER_TKIP:
3021 cipher = R92C_TXDW1_CIPHER_RC4;
3022 break;
3023 case IEEE80211_CIPHER_AES_CCM:
3024 cipher = R92C_TXDW1_CIPHER_AES;
3025 break;
3026 default:
3027 device_printf(sc->sc_dev, "%s: unknown cipher %d\n",
3028 __func__, k->wk_cipher->ic_cipher);
3029 return (EINVAL);
3030 }
3031
3032 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher));
3033 }
3034
3035 if (ieee80211_radiotap_active_vap(vap)) {
3036 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap;
3037
3038 tap->wt_flags = 0;
3039 if (k != NULL)
3040 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP;
3041 ieee80211_radiotap_tx(vap, m);
3042 }
3043
3044 data->ni = ni;
3045
3046 urtwn_tx_start(sc, m, type, data);
3047
3048 return (0);
3049}
3050
3051static int
3052urtwn_tx_raw(struct urtwn_softc *sc, struct ieee80211_node *ni,
3053 struct mbuf *m, struct urtwn_data *data,
3054 const struct ieee80211_bpf_params *params)
3055{
3056 struct ieee80211vap *vap = ni->ni_vap;
3057 struct ieee80211_key *k = NULL;
3058 struct ieee80211_frame *wh;
3059 struct r92c_tx_desc *txd;
3060 uint8_t cipher, ridx, type;
3061
3062 /* Encrypt the frame if need be. */
3063 cipher = R92C_TXDW1_CIPHER_NONE;
3064 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) {
3065 /* Retrieve key for TX. */
3066 k = ieee80211_crypto_encap(ni, m);
3067 if (k == NULL)
3068 return (ENOBUFS);
3069
3070 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
3071 switch (k->wk_cipher->ic_cipher) {
3072 case IEEE80211_CIPHER_WEP:
3073 case IEEE80211_CIPHER_TKIP:
3074 cipher = R92C_TXDW1_CIPHER_RC4;
3075 break;
3076 case IEEE80211_CIPHER_AES_CCM:
3077 cipher = R92C_TXDW1_CIPHER_AES;
3078 break;
3079 default:
3080 device_printf(sc->sc_dev,
3081 "%s: unknown cipher %d\n",
3082 __func__, k->wk_cipher->ic_cipher);
3083 return (EINVAL);
3084 }
3085 }
3086 }
3087
3088 /* XXX TODO: 11n checks, matching urtwn_tx_data() */
3089
3090 wh = mtod(m, struct ieee80211_frame *);
3091 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
3092
3093 /* Fill Tx descriptor. */
3094 txd = (struct r92c_tx_desc *)data->buf;
3095 memset(txd, 0, sizeof(*txd));
3096
3097 txd->txdw0 |= htole32(
3098 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) |
3099 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
3100 if (IEEE80211_IS_MULTICAST(wh->i_addr1))
3101 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST);
3102
3103 if (params->ibp_flags & IEEE80211_BPF_RTS)
3104 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN);
3105 if (params->ibp_flags & IEEE80211_BPF_CTS)
3106 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF);
3107 if (txd->txdw4 & htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_CTS2SELF)) {
3108 txd->txdw4 |= htole32(R92C_TXDW4_HWRTSEN);
3109 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE,
3110 URTWN_RIDX_OFDM24));
3111 }
3112
3113 if (sc->chip & URTWN_CHIP_88E)
3114 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC));
3115 else
3116 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC));
3117
3118 /* XXX TODO: rate index/config (RAID) for 11n? */
3119 txd->txdw1 |= htole32(SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT));
3120 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher));
3121
3122 /* Choose a TX rate index. */
3123 ridx = rate2ridx(params->ibp_rate0);
3124 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx));
3125 txd->txdw5 |= htole32(0x0001ff00);
3126 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE);
3127
3128 if (!IEEE80211_QOS_HAS_SEQ(wh)) {
3129 /* Use HW sequence numbering for non-QoS frames. */
3130 if (sc->chip & URTWN_CHIP_88E)
3131 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN);
3132 else
3133 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
3134 } else {
3135 /* Set sequence number. */
3136 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE);
3137 }
3138
3139 if (ieee80211_radiotap_active_vap(vap)) {
3140 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap;
3141
3142 tap->wt_flags = 0;
3143 if (k != NULL)
3144 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP;
3145 ieee80211_radiotap_tx(vap, m);
3146 }
3147
3148 data->ni = ni;
3149
3150 urtwn_tx_start(sc, m, type, data);
3151
3152 return (0);
3153}
3154
3155static void
3156urtwn_tx_start(struct urtwn_softc *sc, struct mbuf *m, uint8_t type,
3157 struct urtwn_data *data)
3158{
3159 struct usb_xfer *xfer;
3160 struct r92c_tx_desc *txd;
3161 uint16_t ac, sum;
3162 int i, xferlen;
3163
3164 URTWN_ASSERT_LOCKED(sc);
3165
3166 ac = M_WME_GETAC(m);
3167
3168 switch (type) {
3169 case IEEE80211_FC0_TYPE_CTL:
3170 case IEEE80211_FC0_TYPE_MGT:
3171 xfer = sc->sc_xfer[URTWN_BULK_TX_VO];
3172 break;
3173 default:
3174 xfer = sc->sc_xfer[wme2queue[ac].qid];
3175 break;
3176 }
3177
3178 txd = (struct r92c_tx_desc *)data->buf;
3179 txd->txdw0 |= htole32(SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len));
3180
3181 /* Compute Tx descriptor checksum. */
3182 sum = 0;
3183 for (i = 0; i < sizeof(*txd) / 2; i++)
3184 sum ^= ((uint16_t *)txd)[i];
3185 txd->txdsum = sum; /* NB: already little endian. */
3186
3187 xferlen = sizeof(*txd) + m->m_pkthdr.len;
3188 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&txd[1]);
3189
3190 data->buflen = xferlen;
3191 data->m = m;
3192
3193 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next);
3194 usbd_transfer_start(xfer);
3195}
3196
3197static int
3198urtwn_transmit(struct ieee80211com *ic, struct mbuf *m)
3199{
3200 struct urtwn_softc *sc = ic->ic_softc;
3201 int error;
3202
3203 URTWN_LOCK(sc);
3204 if ((sc->sc_flags & URTWN_RUNNING) == 0) {
3205 URTWN_UNLOCK(sc);
3206 return (ENXIO);
3207 }
3208 error = mbufq_enqueue(&sc->sc_snd, m);
3209 if (error) {
3210 URTWN_UNLOCK(sc);
3211 return (error);
3212 }
3213 urtwn_start(sc);
3214 URTWN_UNLOCK(sc);
3215
3216 return (0);
3217}
3218
3219static void
3220urtwn_start(struct urtwn_softc *sc)
3221{
3222 struct ieee80211_node *ni;
3223 struct mbuf *m;
3224 struct urtwn_data *bf;
3225
3226 URTWN_ASSERT_LOCKED(sc);
3227 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
3228 bf = urtwn_getbuf(sc);
3229 if (bf == NULL) {
3230 mbufq_prepend(&sc->sc_snd, m);
3231 break;
3232 }
3233 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
3234 m->m_pkthdr.rcvif = NULL;
3235
3236 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n",
3237 __func__,
3238 m);
3239
3240 if (urtwn_tx_data(sc, ni, m, bf) != 0) {
3241 if_inc_counter(ni->ni_vap->iv_ifp,
3242 IFCOUNTER_OERRORS, 1);
3243 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next);
3244 m_freem(m);
3245 ieee80211_free_node(ni);
3246 break;
3247 }
3248 sc->sc_txtimer = 5;
3249 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
3250 }
3251}
3252
3253static void
3254urtwn_parent(struct ieee80211com *ic)
3255{
3256 struct urtwn_softc *sc = ic->ic_softc;
3257
3258 URTWN_LOCK(sc);
3259 if (sc->sc_flags & URTWN_DETACHED) {
3260 URTWN_UNLOCK(sc);
3261 return;
3262 }
3263 URTWN_UNLOCK(sc);
3264
3265 if (ic->ic_nrunning > 0) {
3266 if (urtwn_init(sc) != 0) {
3267 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
3268 if (vap != NULL)
3269 ieee80211_stop(vap);
3270 } else
3271 ieee80211_start_all(ic);
3272 } else
3273 urtwn_stop(sc);
3274}
3275
3276static __inline int
3277urtwn_power_on(struct urtwn_softc *sc)
3278{
3279
3280 return sc->sc_power_on(sc);
3281}
3282
3283static int
3284urtwn_r92c_power_on(struct urtwn_softc *sc)
3285{
3286 uint32_t reg;
3287 usb_error_t error;
3288 int ntries;
3289
3290 /* Wait for autoload done bit. */
3291 for (ntries = 0; ntries < 1000; ntries++) {
3292 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN)
3293 break;
3294 urtwn_ms_delay(sc);
3295 }
3296 if (ntries == 1000) {
3297 device_printf(sc->sc_dev,
3298 "timeout waiting for chip autoload\n");
3299 return (ETIMEDOUT);
3300 }
3301
3302 /* Unlock ISO/CLK/Power control register. */
3303 error = urtwn_write_1(sc, R92C_RSV_CTRL, 0);
3304 if (error != USB_ERR_NORMAL_COMPLETION)
3305 return (EIO);
3306 /* Move SPS into PWM mode. */
3307 error = urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b);
3308 if (error != USB_ERR_NORMAL_COMPLETION)
3309 return (EIO);
3310 urtwn_ms_delay(sc);
3311
3312 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL);
3313 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) {
3314 error = urtwn_write_1(sc, R92C_LDOV12D_CTRL,
3315 reg | R92C_LDOV12D_CTRL_LDV12_EN);
3316 if (error != USB_ERR_NORMAL_COMPLETION)
3317 return (EIO);
3318 urtwn_ms_delay(sc);
3319 error = urtwn_write_1(sc, R92C_SYS_ISO_CTRL,
3320 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) &
3321 ~R92C_SYS_ISO_CTRL_MD2PP);
3322 if (error != USB_ERR_NORMAL_COMPLETION)
3323 return (EIO);
3324 }
3325
3326 /* Auto enable WLAN. */
3327 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3328 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC);
3329 if (error != USB_ERR_NORMAL_COMPLETION)
3330 return (EIO);
3331 for (ntries = 0; ntries < 1000; ntries++) {
3332 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) &
3333 R92C_APS_FSMCO_APFM_ONMAC))
3334 break;
3335 urtwn_ms_delay(sc);
3336 }
3337 if (ntries == 1000) {
3338 device_printf(sc->sc_dev,
3339 "timeout waiting for MAC auto ON\n");
3340 return (ETIMEDOUT);
3341 }
3342
3343 /* Enable radio, GPIO and LED functions. */
3344 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3345 R92C_APS_FSMCO_AFSM_HSUS |
3346 R92C_APS_FSMCO_PDN_EN |
3347 R92C_APS_FSMCO_PFM_ALDN);
3348 if (error != USB_ERR_NORMAL_COMPLETION)
3349 return (EIO);
3350 /* Release RF digital isolation. */
3351 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL,
3352 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR);
3353 if (error != USB_ERR_NORMAL_COMPLETION)
3354 return (EIO);
3355
3356 /* Initialize MAC. */
3357 error = urtwn_write_1(sc, R92C_APSD_CTRL,
3358 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF);
3359 if (error != USB_ERR_NORMAL_COMPLETION)
3360 return (EIO);
3361 for (ntries = 0; ntries < 200; ntries++) {
3362 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) &
3363 R92C_APSD_CTRL_OFF_STATUS))
3364 break;
3365 urtwn_ms_delay(sc);
3366 }
3367 if (ntries == 200) {
3368 device_printf(sc->sc_dev,
3369 "timeout waiting for MAC initialization\n");
3370 return (ETIMEDOUT);
3371 }
3372
3373 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */
3374 reg = urtwn_read_2(sc, R92C_CR);
3375 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3376 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN |
3377 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN |
3378 R92C_CR_ENSEC;
3379 error = urtwn_write_2(sc, R92C_CR, reg);
3380 if (error != USB_ERR_NORMAL_COMPLETION)
3381 return (EIO);
3382
3383 error = urtwn_write_1(sc, 0xfe10, 0x19);
3384 if (error != USB_ERR_NORMAL_COMPLETION)
3385 return (EIO);
3386 return (0);
3387}
3388
3389static int
3390urtwn_r88e_power_on(struct urtwn_softc *sc)
3391{
3392 uint32_t reg;
3393 usb_error_t error;
3394 int ntries;
3395
3396 /* Wait for power ready bit. */
3397 for (ntries = 0; ntries < 5000; ntries++) {
3398 if (urtwn_read_4(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_SUS_HOST)
3399 break;
3400 urtwn_ms_delay(sc);
3401 }
3402 if (ntries == 5000) {
3403 device_printf(sc->sc_dev,
3404 "timeout waiting for chip power up\n");
3405 return (ETIMEDOUT);
3406 }
3407
3408 /* Reset BB. */
3409 error = urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3410 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~(R92C_SYS_FUNC_EN_BBRSTB |
3411 R92C_SYS_FUNC_EN_BB_GLB_RST));
3412 if (error != USB_ERR_NORMAL_COMPLETION)
3413 return (EIO);
3414
3415 error = urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2,
3416 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80);
3417 if (error != USB_ERR_NORMAL_COMPLETION)
3418 return (EIO);
3419
3420 /* Disable HWPDN. */
3421 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3422 urtwn_read_2(sc, R92C_APS_FSMCO) & ~R92C_APS_FSMCO_APDM_HPDN);
3423 if (error != USB_ERR_NORMAL_COMPLETION)
3424 return (EIO);
3425
3426 /* Disable WL suspend. */
3427 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3428 urtwn_read_2(sc, R92C_APS_FSMCO) &
3429 ~(R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_AFSM_PCIE));
3430 if (error != USB_ERR_NORMAL_COMPLETION)
3431 return (EIO);
3432
3433 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3434 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC);
3435 if (error != USB_ERR_NORMAL_COMPLETION)
3436 return (EIO);
3437 for (ntries = 0; ntries < 5000; ntries++) {
3438 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) &
3439 R92C_APS_FSMCO_APFM_ONMAC))
3440 break;
3441 urtwn_ms_delay(sc);
3442 }
3443 if (ntries == 5000)
3444 return (ETIMEDOUT);
3445
3446 /* Enable LDO normal mode. */
3447 error = urtwn_write_1(sc, R92C_LPLDO_CTRL,
3448 urtwn_read_1(sc, R92C_LPLDO_CTRL) & ~R92C_LPLDO_CTRL_SLEEP);
3449 if (error != USB_ERR_NORMAL_COMPLETION)
3450 return (EIO);
3451
3452 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */
3453 error = urtwn_write_2(sc, R92C_CR, 0);
3454 if (error != USB_ERR_NORMAL_COMPLETION)
3455 return (EIO);
3456 reg = urtwn_read_2(sc, R92C_CR);
3457 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3458 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN |
3459 R92C_CR_SCHEDULE_EN | R92C_CR_ENSEC | R92C_CR_CALTMR_EN;
3460 error = urtwn_write_2(sc, R92C_CR, reg);
3461 if (error != USB_ERR_NORMAL_COMPLETION)
3462 return (EIO);
3463
3464 return (0);
3465}
3466
3467static __inline void
3468urtwn_power_off(struct urtwn_softc *sc)
3469{
3470
3471 return sc->sc_power_off(sc);
3472}
3473
3474static void
3475urtwn_r92c_power_off(struct urtwn_softc *sc)
3476{
3477 uint32_t reg;
3478
3479 /* Block all Tx queues. */
3480 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
3481
3482 /* Disable RF */
3483 urtwn_rf_write(sc, 0, 0, 0);
3484
3485 urtwn_write_1(sc, R92C_APSD_CTRL, R92C_APSD_CTRL_OFF);
3486
3487 /* Reset BB state machine */
3488 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3489 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA |
3490 R92C_SYS_FUNC_EN_BB_GLB_RST);
3491 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3492 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA);
3493
3494 /*
3495 * Reset digital sequence
3496 */
3497#ifndef URTWN_WITHOUT_UCODE
3498 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) {
3499 /* Reset MCU ready status */
3500 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3501
3502 /* If firmware in ram code, do reset */
3503 urtwn_fw_reset(sc);
3504 }
3505#endif
3506
3507 /* Reset MAC and Enable 8051 */
3508 urtwn_write_1(sc, R92C_SYS_FUNC_EN + 1,
3509 (R92C_SYS_FUNC_EN_CPUEN |
3510 R92C_SYS_FUNC_EN_ELDR |
3511 R92C_SYS_FUNC_EN_HWPDN) >> 8);
3512
3513 /* Reset MCU ready status */
3514 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3515
3516 /* Disable MAC clock */
3517 urtwn_write_2(sc, R92C_SYS_CLKR,
3518 R92C_SYS_CLKR_ANAD16V_EN |
3519 R92C_SYS_CLKR_ANA8M |
3520 R92C_SYS_CLKR_LOADER_EN |
3521 R92C_SYS_CLKR_80M_SSC_DIS |
3522 R92C_SYS_CLKR_SYS_EN |
3523 R92C_SYS_CLKR_RING_EN |
3524 0x4000);
3525
3526 /* Disable AFE PLL */
3527 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x80);
3528
3529 /* Gated AFE DIG_CLOCK */
3530 urtwn_write_2(sc, R92C_AFE_XTAL_CTRL, 0x880F);
3531
3532 /* Isolated digital to PON */
3533 urtwn_write_1(sc, R92C_SYS_ISO_CTRL,
3534 R92C_SYS_ISO_CTRL_MD2PP |
3535 R92C_SYS_ISO_CTRL_PA2PCIE |
3536 R92C_SYS_ISO_CTRL_PD2CORE |
3537 R92C_SYS_ISO_CTRL_IP2MAC |
3538 R92C_SYS_ISO_CTRL_DIOP |
3539 R92C_SYS_ISO_CTRL_DIOE);
3540
3541 /*
3542 * Pull GPIO PIN to balance level and LED control
3543 */
3544 /* 1. Disable GPIO[7:0] */
3545 urtwn_write_2(sc, R92C_GPIO_IOSEL, 0x0000);
3546
3547 reg = urtwn_read_4(sc, R92C_GPIO_PIN_CTRL) & ~0x0000ff00;
3548 reg |= ((reg << 8) & 0x0000ff00) | 0x00ff0000;
3549 urtwn_write_4(sc, R92C_GPIO_PIN_CTRL, reg);
3550
3551 /* Disable GPIO[10:8] */
3552 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 0x00);
3553
3554 reg = urtwn_read_2(sc, R92C_GPIO_IO_SEL) & ~0x00f0;
3555 reg |= (((reg & 0x000f) << 4) | 0x0780);
3556 urtwn_write_2(sc, R92C_GPIO_IO_SEL, reg);
3557
3558 /* Disable LED0 & 1 */
3559 urtwn_write_2(sc, R92C_LEDCFG0, 0x8080);
3560
3561 /*
3562 * Reset digital sequence
3563 */
3564 /* Disable ELDR clock */
3565 urtwn_write_2(sc, R92C_SYS_CLKR,
3566 R92C_SYS_CLKR_ANAD16V_EN |
3567 R92C_SYS_CLKR_ANA8M |
3568 R92C_SYS_CLKR_LOADER_EN |
3569 R92C_SYS_CLKR_80M_SSC_DIS |
3570 R92C_SYS_CLKR_SYS_EN |
3571 R92C_SYS_CLKR_RING_EN |
3572 0x4000);
3573
3574 /* Isolated ELDR to PON */
3575 urtwn_write_1(sc, R92C_SYS_ISO_CTRL + 1,
3576 (R92C_SYS_ISO_CTRL_DIOR |
3577 R92C_SYS_ISO_CTRL_PWC_EV12V) >> 8);
3578
3579 /*
3580 * Disable analog sequence
3581 */
3582 /* Disable A15 power */
3583 urtwn_write_1(sc, R92C_LDOA15_CTRL, R92C_LDOA15_CTRL_OBUF);
3584 /* Disable digital core power */
3585 urtwn_write_1(sc, R92C_LDOV12D_CTRL,
3586 urtwn_read_1(sc, R92C_LDOV12D_CTRL) &
3587 ~R92C_LDOV12D_CTRL_LDV12_EN);
3588
3589 /* Enter PFM mode */
3590 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x23);
3591
3592 /* Set USB suspend */
3593 urtwn_write_2(sc, R92C_APS_FSMCO,
3594 R92C_APS_FSMCO_APDM_HOST |
3595 R92C_APS_FSMCO_AFSM_HSUS |
3596 R92C_APS_FSMCO_PFM_ALDN);
3597
3598 /* Lock ISO/CLK/Power control register. */
3599 urtwn_write_1(sc, R92C_RSV_CTRL, 0x0E);
3600}
3601
3602static void
3603urtwn_r88e_power_off(struct urtwn_softc *sc)
3604{
3605 uint8_t reg;
3606 int ntries;
3607
3608 /* Disable any kind of TX reports. */
3609 urtwn_write_1(sc, R88E_TX_RPT_CTRL,
3610 urtwn_read_1(sc, R88E_TX_RPT_CTRL) &
3611 ~(R88E_TX_RPT1_ENA | R88E_TX_RPT2_ENA));
3612
3613 /* Stop Rx. */
3614 urtwn_write_1(sc, R92C_CR, 0);
3615
3616 /* Move card to Low Power State. */
3617 /* Block all Tx queues. */
3618 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
3619
3620 for (ntries = 0; ntries < 20; ntries++) {
3621 /* Should be zero if no packet is transmitting. */
3622 if (urtwn_read_4(sc, R88E_SCH_TXCMD) == 0)
3623 break;
3624
3625 urtwn_ms_delay(sc);
3626 }
3627 if (ntries == 20) {
3628 device_printf(sc->sc_dev, "%s: failed to block Tx queues\n",
3629 __func__);
3630 return;
3631 }
3632
3633 /* CCK and OFDM are disabled, and clock are gated. */
3634 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3635 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~R92C_SYS_FUNC_EN_BBRSTB);
3636
3637 urtwn_ms_delay(sc);
3638
3639 /* Reset MAC TRX */
3640 urtwn_write_1(sc, R92C_CR,
3641 R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3642 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN |
3643 R92C_CR_PROTOCOL_EN | R92C_CR_SCHEDULE_EN);
3644
3645 /* check if removed later */
3646 urtwn_write_1(sc, R92C_CR + 1,
3647 urtwn_read_1(sc, R92C_CR + 1) & ~(R92C_CR_ENSEC >> 8));
3648
3649 /* Respond TxOK to scheduler */
3650 urtwn_write_1(sc, R92C_DUAL_TSF_RST,
3651 urtwn_read_1(sc, R92C_DUAL_TSF_RST) | 0x20);
3652
3653 /* If firmware in ram code, do reset. */
3654#ifndef URTWN_WITHOUT_UCODE
3655 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY)
3656 urtwn_r88e_fw_reset(sc);
3657#endif
3658
3659 /* Reset MCU ready status. */
3660 urtwn_write_1(sc, R92C_MCUFWDL, 0x00);
3661
3662 /* Disable 32k. */
3663 urtwn_write_1(sc, R88E_32K_CTRL,
3664 urtwn_read_1(sc, R88E_32K_CTRL) & ~0x01);
3665
3666 /* Move card to Disabled state. */
3667 /* Turn off RF. */
3668 urtwn_write_1(sc, R92C_RF_CTRL, 0);
3669
3670 /* LDO Sleep mode. */
3671 urtwn_write_1(sc, R92C_LPLDO_CTRL,
3672 urtwn_read_1(sc, R92C_LPLDO_CTRL) | R92C_LPLDO_CTRL_SLEEP);
3673
3674 /* Turn off MAC by HW state machine */
3675 urtwn_write_1(sc, R92C_APS_FSMCO + 1,
3676 urtwn_read_1(sc, R92C_APS_FSMCO + 1) |
3677 (R92C_APS_FSMCO_APFM_OFF >> 8));
3678
3679 for (ntries = 0; ntries < 20; ntries++) {
3680 /* Wait until it will be disabled. */
3681 if ((urtwn_read_1(sc, R92C_APS_FSMCO + 1) &
3682 (R92C_APS_FSMCO_APFM_OFF >> 8)) == 0)
3683 break;
3684
3685 urtwn_ms_delay(sc);
3686 }
3687 if (ntries == 20) {
3688 device_printf(sc->sc_dev, "%s: could not turn off MAC\n",
3689 __func__);
3690 return;
3691 }
3692
3693 /* schmit trigger */
3694 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2,
3695 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80);
3696
3697 /* Enable WL suspend. */
3698 urtwn_write_1(sc, R92C_APS_FSMCO + 1,
3699 (urtwn_read_1(sc, R92C_APS_FSMCO + 1) & ~0x10) | 0x08);
3700
3701 /* Enable bandgap mbias in suspend. */
3702 urtwn_write_1(sc, R92C_APS_FSMCO + 3, 0);
3703
3704 /* Clear SIC_EN register. */
3705 urtwn_write_1(sc, R92C_GPIO_MUXCFG + 1,
3706 urtwn_read_1(sc, R92C_GPIO_MUXCFG + 1) & ~0x10);
3707
3708 /* Set USB suspend enable local register */
3709 urtwn_write_1(sc, R92C_USB_SUSPEND,
3710 urtwn_read_1(sc, R92C_USB_SUSPEND) | 0x10);
3711
3712 /* Reset MCU IO Wrapper. */
3713 reg = urtwn_read_1(sc, R92C_RSV_CTRL + 1);
3714 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg & ~0x08);
3715 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg | 0x08);
3716
3717 /* marked as 'For Power Consumption' code. */
3718 urtwn_write_1(sc, R92C_GPIO_OUT, urtwn_read_1(sc, R92C_GPIO_IN));
3719 urtwn_write_1(sc, R92C_GPIO_IOSEL, 0xff);
3720
3721 urtwn_write_1(sc, R92C_GPIO_IO_SEL,
3722 urtwn_read_1(sc, R92C_GPIO_IO_SEL) << 4);
3723 urtwn_write_1(sc, R92C_GPIO_MOD,
3724 urtwn_read_1(sc, R92C_GPIO_MOD) | 0x0f);
3725
3726 /* Set LNA, TRSW, EX_PA Pin to output mode. */
3727 urtwn_write_4(sc, R88E_BB_PAD_CTRL, 0x00080808);
3728}
3729
3730static int
3731urtwn_llt_init(struct urtwn_softc *sc)
3732{
3733 int i, error, page_count, pktbuf_count;
3734
3735 page_count = (sc->chip & URTWN_CHIP_88E) ?
3736 R88E_TX_PAGE_COUNT : R92C_TX_PAGE_COUNT;
3737 pktbuf_count = (sc->chip & URTWN_CHIP_88E) ?
3738 R88E_TXPKTBUF_COUNT : R92C_TXPKTBUF_COUNT;
3739
3740 /* Reserve pages [0; page_count]. */
3741 for (i = 0; i < page_count; i++) {
3742 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0)
3743 return (error);
3744 }
3745 /* NB: 0xff indicates end-of-list. */
3746 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0)
3747 return (error);
3748 /*
3749 * Use pages [page_count + 1; pktbuf_count - 1]
3750 * as ring buffer.
3751 */
3752 for (++i; i < pktbuf_count - 1; i++) {
3753 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0)
3754 return (error);
3755 }
3756 /* Make the last page point to the beginning of the ring buffer. */
3757 error = urtwn_llt_write(sc, i, page_count + 1);
3758 return (error);
3759}
3760
3761#ifndef URTWN_WITHOUT_UCODE
3762static void
3763urtwn_fw_reset(struct urtwn_softc *sc)
3764{
3765 uint16_t reg;
3766 int ntries;
3767
3768 /* Tell 8051 to reset itself. */
3769 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20);
3770
3771 /* Wait until 8051 resets by itself. */
3772 for (ntries = 0; ntries < 100; ntries++) {
3773 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
3774 if (!(reg & R92C_SYS_FUNC_EN_CPUEN))
3775 return;
3776 urtwn_ms_delay(sc);
3777 }
3778 /* Force 8051 reset. */
3779 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN);
3780}
3781
3782static void
3783urtwn_r88e_fw_reset(struct urtwn_softc *sc)
3784{
3785 uint16_t reg;
3786
3787 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
3788 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN);
3789 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg | R92C_SYS_FUNC_EN_CPUEN);
3790}
3791
3792static int
3793urtwn_fw_loadpage(struct urtwn_softc *sc, int page, const uint8_t *buf, int len)
3794{
3795 uint32_t reg;
3796 usb_error_t error = USB_ERR_NORMAL_COMPLETION;
3797 int off, mlen;
3798
3799 reg = urtwn_read_4(sc, R92C_MCUFWDL);
3800 reg = RW(reg, R92C_MCUFWDL_PAGE, page);
3801 urtwn_write_4(sc, R92C_MCUFWDL, reg);
3802
3803 off = R92C_FW_START_ADDR;
3804 while (len > 0) {
3805 if (len > 196)
3806 mlen = 196;
3807 else if (len > 4)
3808 mlen = 4;
3809 else
3810 mlen = 1;
3811 /* XXX fix this deconst */
3812 error = urtwn_write_region_1(sc, off,
3813 __DECONST(uint8_t *, buf), mlen);
3814 if (error != USB_ERR_NORMAL_COMPLETION)
3815 break;
3816 off += mlen;
3817 buf += mlen;
3818 len -= mlen;
3819 }
3820 return (error);
3821}
3822
3823static int
3824urtwn_load_firmware(struct urtwn_softc *sc)
3825{
3826 const struct firmware *fw;
3827 const struct r92c_fw_hdr *hdr;
3828 const char *imagename;
3829 const u_char *ptr;
3830 size_t len;
3831 uint32_t reg;
3832 int mlen, ntries, page, error;
3833
3834 URTWN_UNLOCK(sc);
3835 /* Read firmware image from the filesystem. */
3836 if (sc->chip & URTWN_CHIP_88E)
3837 imagename = "urtwn-rtl8188eufw";
3838 else if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) ==
3839 URTWN_CHIP_UMC_A_CUT)
3840 imagename = "urtwn-rtl8192cfwU";
3841 else
3842 imagename = "urtwn-rtl8192cfwT";
3843
3844 fw = firmware_get(imagename);
3845 URTWN_LOCK(sc);
3846 if (fw == NULL) {
3847 device_printf(sc->sc_dev,
3848 "failed loadfirmware of file %s\n", imagename);
3849 return (ENOENT);
3850 }
3851
3852 len = fw->datasize;
3853
3854 if (len < sizeof(*hdr)) {
3855 device_printf(sc->sc_dev, "firmware too short\n");
3856 error = EINVAL;
3857 goto fail;
3858 }
3859 ptr = fw->data;
3860 hdr = (const struct r92c_fw_hdr *)ptr;
3861 /* Check if there is a valid FW header and skip it. */
3862 if ((le16toh(hdr->signature) >> 4) == 0x88c ||
3863 (le16toh(hdr->signature) >> 4) == 0x88e ||
3864 (le16toh(hdr->signature) >> 4) == 0x92c) {
3865 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE,
3866 "FW V%d.%d %02d-%02d %02d:%02d\n",
3867 le16toh(hdr->version), le16toh(hdr->subversion),
3868 hdr->month, hdr->date, hdr->hour, hdr->minute);
3869 ptr += sizeof(*hdr);
3870 len -= sizeof(*hdr);
3871 }
3872
3873 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RAM_DL_SEL) {
3874 if (sc->chip & URTWN_CHIP_88E)
3875 urtwn_r88e_fw_reset(sc);
3876 else
3877 urtwn_fw_reset(sc);
3878 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3879 }
3880
3881 if (!(sc->chip & URTWN_CHIP_88E)) {
3882 urtwn_write_2(sc, R92C_SYS_FUNC_EN,
3883 urtwn_read_2(sc, R92C_SYS_FUNC_EN) |
3884 R92C_SYS_FUNC_EN_CPUEN);
3885 }
3886 urtwn_write_1(sc, R92C_MCUFWDL,
3887 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN);
3888 urtwn_write_1(sc, R92C_MCUFWDL + 2,
3889 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08);
3890
3891 /* Reset the FWDL checksum. */
3892 urtwn_write_1(sc, R92C_MCUFWDL,
3893 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_CHKSUM_RPT);
3894
3895 for (page = 0; len > 0; page++) {
3896 mlen = min(len, R92C_FW_PAGE_SIZE);
3897 error = urtwn_fw_loadpage(sc, page, ptr, mlen);
3898 if (error != 0) {
3899 device_printf(sc->sc_dev,
3900 "could not load firmware page\n");
3901 goto fail;
3902 }
3903 ptr += mlen;
3904 len -= mlen;
3905 }
3906 urtwn_write_1(sc, R92C_MCUFWDL,
3907 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN);
3908 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0);
3909
3910 /* Wait for checksum report. */
3911 for (ntries = 0; ntries < 1000; ntries++) {
3912 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT)
3913 break;
3914 urtwn_ms_delay(sc);
3915 }
3916 if (ntries == 1000) {
3917 device_printf(sc->sc_dev,
3918 "timeout waiting for checksum report\n");
3919 error = ETIMEDOUT;
3920 goto fail;
3921 }
3922
3923 reg = urtwn_read_4(sc, R92C_MCUFWDL);
3924 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY;
3925 urtwn_write_4(sc, R92C_MCUFWDL, reg);
3926 if (sc->chip & URTWN_CHIP_88E)
3927 urtwn_r88e_fw_reset(sc);
3928 /* Wait for firmware readiness. */
3929 for (ntries = 0; ntries < 1000; ntries++) {
3930 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY)
3931 break;
3932 urtwn_ms_delay(sc);
3933 }
3934 if (ntries == 1000) {
3935 device_printf(sc->sc_dev,
3936 "timeout waiting for firmware readiness\n");
3937 error = ETIMEDOUT;
3938 goto fail;
3939 }
3940fail:
3941 firmware_put(fw, FIRMWARE_UNLOAD);
3942 return (error);
3943}
3944#endif
3945
3946static int
3947urtwn_dma_init(struct urtwn_softc *sc)
3948{
3949 struct usb_endpoint *ep, *ep_end;
3950 usb_error_t usb_err;
3951 uint32_t reg;
3952 int hashq, hasnq, haslq, nqueues, ntx;
3953 int error, pagecount, npubqpages, nqpages, nrempages, tx_boundary;
3954
3955 /* Initialize LLT table. */
3956 error = urtwn_llt_init(sc);
3957 if (error != 0)
3958 return (error);
3959
3960 /* Determine the number of bulk-out pipes. */
3961 ntx = 0;
3962 ep = sc->sc_udev->endpoints;
3963 ep_end = sc->sc_udev->endpoints + sc->sc_udev->endpoints_max;
3964 for (; ep != ep_end; ep++) {
3965 if ((ep->edesc == NULL) ||
3966 (ep->iface_index != sc->sc_iface_index))
3967 continue;
3968 if (UE_GET_DIR(ep->edesc->bEndpointAddress) == UE_DIR_OUT)
3969 ntx++;
3970 }
3971 if (ntx == 0) {
3972 device_printf(sc->sc_dev,
3973 "%d: invalid number of Tx bulk pipes\n", ntx);
3974 return (EIO);
3975 }
3976
3977 /* Get Tx queues to USB endpoints mapping. */
3978 hashq = hasnq = haslq = nqueues = 0;
3979 switch (ntx) {
3980 case 1: hashq = 1; break;
3981 case 2: hashq = hasnq = 1; break;
3982 case 3: case 4: hashq = hasnq = haslq = 1; break;
3983 }
3984 nqueues = hashq + hasnq + haslq;
3985 if (nqueues == 0)
3986 return (EIO);
3987
3988 npubqpages = nqpages = nrempages = pagecount = 0;
3989 if (sc->chip & URTWN_CHIP_88E)
3990 tx_boundary = R88E_TX_PAGE_BOUNDARY;
3991 else {
3992 pagecount = R92C_TX_PAGE_COUNT;
3993 npubqpages = R92C_PUBQ_NPAGES;
3994 tx_boundary = R92C_TX_PAGE_BOUNDARY;
3995 }
3996
3997 /* Set number of pages for normal priority queue. */
3998 if (sc->chip & URTWN_CHIP_88E) {
3999 usb_err = urtwn_write_2(sc, R92C_RQPN_NPQ, 0xd);
4000 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4001 return (EIO);
4002 usb_err = urtwn_write_4(sc, R92C_RQPN, 0x808e000d);
4003 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4004 return (EIO);
4005 } else {
4006 /* Get the number of pages for each queue. */
4007 nqpages = (pagecount - npubqpages) / nqueues;
4008 /*
4009 * The remaining pages are assigned to the high priority
4010 * queue.
4011 */
4012 nrempages = (pagecount - npubqpages) % nqueues;
4013 usb_err = urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0);
4014 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4015 return (EIO);
4016 usb_err = urtwn_write_4(sc, R92C_RQPN,
4017 /* Set number of pages for public queue. */
4018 SM(R92C_RQPN_PUBQ, npubqpages) |
4019 /* Set number of pages for high priority queue. */
4020 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) |
4021 /* Set number of pages for low priority queue. */
4022 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) |
4023 /* Load values. */
4024 R92C_RQPN_LD);
4025 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4026 return (EIO);
4027 }
4028
4029 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary);
4030 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4031 return (EIO);
4032 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary);
4033 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4034 return (EIO);
4035 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary);
4036 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4037 return (EIO);
4038 usb_err = urtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary);
4039 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4040 return (EIO);
4041 usb_err = urtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary);
4042 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4043 return (EIO);
4044
4045 /* Set queue to USB pipe mapping. */
4046 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL);
4047 reg &= ~R92C_TRXDMA_CTRL_QMAP_M;
4048 if (nqueues == 1) {
4049 if (hashq)
4050 reg |= R92C_TRXDMA_CTRL_QMAP_HQ;
4051 else if (hasnq)
4052 reg |= R92C_TRXDMA_CTRL_QMAP_NQ;
4053 else
4054 reg |= R92C_TRXDMA_CTRL_QMAP_LQ;
4055 } else if (nqueues == 2) {
4056 /*
4057 * All 2-endpoints configs have high and normal
4058 * priority queues.
4059 */
4060 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ;
4061 } else
4062 reg |= R92C_TRXDMA_CTRL_QMAP_3EP;
4063 usb_err = urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg);
4064 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4065 return (EIO);
4066
4067 /* Set Tx/Rx transfer page boundary. */
4068 usb_err = urtwn_write_2(sc, R92C_TRXFF_BNDY + 2,
4069 (sc->chip & URTWN_CHIP_88E) ? 0x23ff : 0x27ff);
4070 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4071 return (EIO);
4072
4073 /* Set Tx/Rx transfer page size. */
4074 usb_err = urtwn_write_1(sc, R92C_PBP,
4075 SM(R92C_PBP_PSRX, R92C_PBP_128) |
4076 SM(R92C_PBP_PSTX, R92C_PBP_128));
4077 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4078 return (EIO);
4079
4080 return (0);
4081}
4082
4083static int
4084urtwn_mac_init(struct urtwn_softc *sc)
4085{
4086 usb_error_t error;
4087 int i;
4088
4089 /* Write MAC initialization values. */
4090 if (sc->chip & URTWN_CHIP_88E) {
4091 for (i = 0; i < nitems(rtl8188eu_mac); i++) {
4092 error = urtwn_write_1(sc, rtl8188eu_mac[i].reg,
4093 rtl8188eu_mac[i].val);
4094 if (error != USB_ERR_NORMAL_COMPLETION)
4095 return (EIO);
4096 }
4097 urtwn_write_1(sc, R92C_MAX_AGGR_NUM, 0x07);
4098 } else {
4099 for (i = 0; i < nitems(rtl8192cu_mac); i++)
4100 error = urtwn_write_1(sc, rtl8192cu_mac[i].reg,
4101 rtl8192cu_mac[i].val);
4102 if (error != USB_ERR_NORMAL_COMPLETION)
4103 return (EIO);
4104 }
4105
4106 return (0);
4107}
4108
4109static void
4110urtwn_bb_init(struct urtwn_softc *sc)
4111{
4112 const struct urtwn_bb_prog *prog;
4113 uint32_t reg;
4114 uint8_t crystalcap;
4115 int i;
4116
4117 /* Enable BB and RF. */
4118 urtwn_write_2(sc, R92C_SYS_FUNC_EN,
4119 urtwn_read_2(sc, R92C_SYS_FUNC_EN) |
4120 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST |
4121 R92C_SYS_FUNC_EN_DIO_RF);
4122
4123 if (!(sc->chip & URTWN_CHIP_88E))
4124 urtwn_write_2(sc, R92C_AFE_PLL_CTRL, 0xdb83);
4125
4126 urtwn_write_1(sc, R92C_RF_CTRL,
4127 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB);
4128 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
4129 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD |
4130 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB);
4131
4132 if (!(sc->chip & URTWN_CHIP_88E)) {
4133 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f);
4134 urtwn_write_1(sc, 0x15, 0xe9);
4135 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80);
4136 }
4137
4138 /* Select BB programming based on board type. */
4139 if (sc->chip & URTWN_CHIP_88E)
4140 prog = &rtl8188eu_bb_prog;
4141 else if (!(sc->chip & URTWN_CHIP_92C)) {
4142 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4143 prog = &rtl8188ce_bb_prog;
4144 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4145 prog = &rtl8188ru_bb_prog;
4146 else
4147 prog = &rtl8188cu_bb_prog;
4148 } else {
4149 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4150 prog = &rtl8192ce_bb_prog;
4151 else
4152 prog = &rtl8192cu_bb_prog;
4153 }
4154 /* Write BB initialization values. */
4155 for (i = 0; i < prog->count; i++) {
4156 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]);
4157 urtwn_ms_delay(sc);
4158 }
4159
4160 if (sc->chip & URTWN_CHIP_92C_1T2R) {
4161 /* 8192C 1T only configuration. */
4162 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO);
4163 reg = (reg & ~0x00000003) | 0x2;
4164 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg);
4165
4166 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO);
4167 reg = (reg & ~0x00300033) | 0x00200022;
4168 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg);
4169
4170 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING);
4171 reg = (reg & ~0xff000000) | 0x45 << 24;
4172 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg);
4173
4174 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA);
4175 reg = (reg & ~0x000000ff) | 0x23;
4176 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg);
4177
4178 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1);
4179 reg = (reg & ~0x00000030) | 1 << 4;
4180 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg);
4181
4182 reg = urtwn_bb_read(sc, 0xe74);
4183 reg = (reg & ~0x0c000000) | 2 << 26;
4184 urtwn_bb_write(sc, 0xe74, reg);
4185 reg = urtwn_bb_read(sc, 0xe78);
4186 reg = (reg & ~0x0c000000) | 2 << 26;
4187 urtwn_bb_write(sc, 0xe78, reg);
4188 reg = urtwn_bb_read(sc, 0xe7c);
4189 reg = (reg & ~0x0c000000) | 2 << 26;
4190 urtwn_bb_write(sc, 0xe7c, reg);
4191 reg = urtwn_bb_read(sc, 0xe80);
4192 reg = (reg & ~0x0c000000) | 2 << 26;
4193 urtwn_bb_write(sc, 0xe80, reg);
4194 reg = urtwn_bb_read(sc, 0xe88);
4195 reg = (reg & ~0x0c000000) | 2 << 26;
4196 urtwn_bb_write(sc, 0xe88, reg);
4197 }
4198
4199 /* Write AGC values. */
4200 for (i = 0; i < prog->agccount; i++) {
4201 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE,
4202 prog->agcvals[i]);
4203 urtwn_ms_delay(sc);
4204 }
4205
4206 if (sc->chip & URTWN_CHIP_88E) {
4207 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553422);
4208 urtwn_ms_delay(sc);
4209 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553420);
4210 urtwn_ms_delay(sc);
4211
4212 crystalcap = sc->rom.r88e_rom.crystalcap;
4213 if (crystalcap == 0xff)
4214 crystalcap = 0x20;
4215 crystalcap &= 0x3f;
4216 reg = urtwn_bb_read(sc, R92C_AFE_XTAL_CTRL);
4217 urtwn_bb_write(sc, R92C_AFE_XTAL_CTRL,
4218 RW(reg, R92C_AFE_XTAL_CTRL_ADDR,
4219 crystalcap | crystalcap << 6));
4220 } else {
4221 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) &
4222 R92C_HSSI_PARAM2_CCK_HIPWR)
4223 sc->sc_flags |= URTWN_FLAG_CCK_HIPWR;
4224 }
4225}
4226
4227static void
4228urtwn_rf_init(struct urtwn_softc *sc)
4229{
4230 const struct urtwn_rf_prog *prog;
4231 uint32_t reg, type;
4232 int i, j, idx, off;
4233
4234 /* Select RF programming based on board type. */
4235 if (sc->chip & URTWN_CHIP_88E)
4236 prog = rtl8188eu_rf_prog;
4237 else if (!(sc->chip & URTWN_CHIP_92C)) {
4238 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4239 prog = rtl8188ce_rf_prog;
4240 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4241 prog = rtl8188ru_rf_prog;
4242 else
4243 prog = rtl8188cu_rf_prog;
4244 } else
4245 prog = rtl8192ce_rf_prog;
4246
4247 for (i = 0; i < sc->nrxchains; i++) {
4248 /* Save RF_ENV control type. */
4249 idx = i / 2;
4250 off = (i % 2) * 16;
4251 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx));
4252 type = (reg >> off) & 0x10;
4253
4254 /* Set RF_ENV enable. */
4255 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i));
4256 reg |= 0x100000;
4257 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg);
4258 urtwn_ms_delay(sc);
4259 /* Set RF_ENV output high. */
4260 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i));
4261 reg |= 0x10;
4262 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg);
4263 urtwn_ms_delay(sc);
4264 /* Set address and data lengths of RF registers. */
4265 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i));
4266 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH;
4267 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg);
4268 urtwn_ms_delay(sc);
4269 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i));
4270 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH;
4271 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg);
4272 urtwn_ms_delay(sc);
4273
4274 /* Write RF initialization values for this chain. */
4275 for (j = 0; j < prog[i].count; j++) {
4276 if (prog[i].regs[j] >= 0xf9 &&
4277 prog[i].regs[j] <= 0xfe) {
4278 /*
4279 * These are fake RF registers offsets that
4280 * indicate a delay is required.
4281 */
4282 usb_pause_mtx(&sc->sc_mtx, hz / 20); /* 50ms */
4283 continue;
4284 }
4285 urtwn_rf_write(sc, i, prog[i].regs[j],
4286 prog[i].vals[j]);
4287 urtwn_ms_delay(sc);
4288 }
4289
4290 /* Restore RF_ENV control type. */
4291 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx));
4292 reg &= ~(0x10 << off) | (type << off);
4293 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg);
4294
4295 /* Cache RF register CHNLBW. */
4296 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW);
4297 }
4298
4299 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) ==
4300 URTWN_CHIP_UMC_A_CUT) {
4301 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255);
4302 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00);
4303 }
4304}
4305
4306static void
4307urtwn_cam_init(struct urtwn_softc *sc)
4308{
4309 /* Invalidate all CAM entries. */
4310 urtwn_write_4(sc, R92C_CAMCMD,
4311 R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR);
4312}
4313
4314static int
4315urtwn_cam_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data)
4316{
4317 usb_error_t error;
4318
4319 error = urtwn_write_4(sc, R92C_CAMWRITE, data);
4320 if (error != USB_ERR_NORMAL_COMPLETION)
4321 return (EIO);
4322 error = urtwn_write_4(sc, R92C_CAMCMD,
4323 R92C_CAMCMD_POLLING | R92C_CAMCMD_WRITE |
4324 SM(R92C_CAMCMD_ADDR, addr));
4325 if (error != USB_ERR_NORMAL_COMPLETION)
4326 return (EIO);
4327
4328 return (0);
4329}
4330
4331static void
4332urtwn_pa_bias_init(struct urtwn_softc *sc)
4333{
4334 uint8_t reg;
4335 int i;
4336
4337 for (i = 0; i < sc->nrxchains; i++) {
4338 if (sc->pa_setting & (1 << i))
4339 continue;
4340 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406);
4341 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406);
4342 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406);
4343 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406);
4344 }
4345 if (!(sc->pa_setting & 0x10)) {
4346 reg = urtwn_read_1(sc, 0x16);
4347 reg = (reg & ~0xf0) | 0x90;
4348 urtwn_write_1(sc, 0x16, reg);
4349 }
4350}
4351
4352static void
4353urtwn_rxfilter_init(struct urtwn_softc *sc)
4354{
4355 struct ieee80211com *ic = &sc->sc_ic;
4356 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4357 uint32_t rcr;
4358 uint16_t filter;
4359
4360 URTWN_ASSERT_LOCKED(sc);
4361
4362 /* Accept all multicast frames. */
4363 urtwn_write_4(sc, R92C_MAR + 0, 0xffffffff);
4364 urtwn_write_4(sc, R92C_MAR + 4, 0xffffffff);
4365
4366 /* Filter for management frames. */
4367 filter = 0x7f3f;
4368 switch (vap->iv_opmode) {
4369 case IEEE80211_M_STA:
4370 filter &= ~(
4371 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_REQ) |
4372 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_REQ) |
4373 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_PROBE_REQ));
4374 break;
4375 case IEEE80211_M_HOSTAP:
4376 filter &= ~(
4377 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_RESP) |
4378 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_RESP));
4379 break;
4380 case IEEE80211_M_MONITOR:
4381 case IEEE80211_M_IBSS:
4382 break;
4383 default:
4384 device_printf(sc->sc_dev, "%s: undefined opmode %d\n",
4385 __func__, vap->iv_opmode);
4386 break;
4387 }
4388 urtwn_write_2(sc, R92C_RXFLTMAP0, filter);
4389
4390 /* Reject all control frames. */
4391 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000);
4392
4393 /* Reject all data frames. */
4394 urtwn_write_2(sc, R92C_RXFLTMAP2, 0x0000);
4395
4396 rcr = R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_APM |
4397 R92C_RCR_HTC_LOC_CTRL | R92C_RCR_APP_PHYSTS |
4398 R92C_RCR_APP_ICV | R92C_RCR_APP_MIC;
4399
4400 if (vap->iv_opmode == IEEE80211_M_MONITOR) {
4401 /* Accept all frames. */
4402 rcr |= R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF |
4403 R92C_RCR_AAP;
4404 }
4405
4406 /* Set Rx filter. */
4407 urtwn_write_4(sc, R92C_RCR, rcr);
4408
4409 if (ic->ic_promisc != 0) {
4410 /* Update Rx filter. */
4411 urtwn_set_promisc(sc);
4412 }
4413}
4414
4415static void
4416urtwn_edca_init(struct urtwn_softc *sc)
4417{
4418 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a);
4419 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a);
4420 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a);
4421 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a);
4422 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b);
4423 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f);
4424 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324);
4425 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226);
4426}
4427
4428static void
4429urtwn_write_txpower(struct urtwn_softc *sc, int chain,
4430 uint16_t power[URTWN_RIDX_COUNT])
4431{
4432 uint32_t reg;
4433
4434 /* Write per-CCK rate Tx power. */
4435 if (chain == 0) {
4436 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32);
4437 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]);
4438 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg);
4439 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11);
4440 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]);
4441 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]);
4442 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]);
4443 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg);
4444 } else {
4445 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32);
4446 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]);
4447 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]);
4448 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]);
4449 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg);
4450 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11);
4451 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]);
4452 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg);
4453 }
4454 /* Write per-OFDM rate Tx power. */
4455 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain),
4456 SM(R92C_TXAGC_RATE06, power[ 4]) |
4457 SM(R92C_TXAGC_RATE09, power[ 5]) |
4458 SM(R92C_TXAGC_RATE12, power[ 6]) |
4459 SM(R92C_TXAGC_RATE18, power[ 7]));
4460 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain),
4461 SM(R92C_TXAGC_RATE24, power[ 8]) |
4462 SM(R92C_TXAGC_RATE36, power[ 9]) |
4463 SM(R92C_TXAGC_RATE48, power[10]) |
4464 SM(R92C_TXAGC_RATE54, power[11]));
4465 /* Write per-MCS Tx power. */
4466 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain),
4467 SM(R92C_TXAGC_MCS00, power[12]) |
4468 SM(R92C_TXAGC_MCS01, power[13]) |
4469 SM(R92C_TXAGC_MCS02, power[14]) |
4470 SM(R92C_TXAGC_MCS03, power[15]));
4471 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain),
4472 SM(R92C_TXAGC_MCS04, power[16]) |
4473 SM(R92C_TXAGC_MCS05, power[17]) |
4474 SM(R92C_TXAGC_MCS06, power[18]) |
4475 SM(R92C_TXAGC_MCS07, power[19]));
4476 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain),
4477 SM(R92C_TXAGC_MCS08, power[20]) |
4478 SM(R92C_TXAGC_MCS09, power[21]) |
4479 SM(R92C_TXAGC_MCS10, power[22]) |
4480 SM(R92C_TXAGC_MCS11, power[23]));
4481 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain),
4482 SM(R92C_TXAGC_MCS12, power[24]) |
4483 SM(R92C_TXAGC_MCS13, power[25]) |
4484 SM(R92C_TXAGC_MCS14, power[26]) |
4485 SM(R92C_TXAGC_MCS15, power[27]));
4486}
4487
4488static void
4489urtwn_get_txpower(struct urtwn_softc *sc, int chain,
4490 struct ieee80211_channel *c, struct ieee80211_channel *extc,
4491 uint16_t power[URTWN_RIDX_COUNT])
4492{
4493 struct ieee80211com *ic = &sc->sc_ic;
4494 struct r92c_rom *rom = &sc->rom.r92c_rom;
4495 uint16_t cckpow, ofdmpow, htpow, diff, max;
4496 const struct urtwn_txpwr *base;
4497 int ridx, chan, group;
4498
4499 /* Determine channel group. */
4500 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
4501 if (chan <= 3)
4502 group = 0;
4503 else if (chan <= 9)
4504 group = 1;
4505 else
4506 group = 2;
4507
4508 /* Get original Tx power based on board type and RF chain. */
4509 if (!(sc->chip & URTWN_CHIP_92C)) {
4510 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4511 base = &rtl8188ru_txagc[chain];
4512 else
4513 base = &rtl8192cu_txagc[chain];
4514 } else
4515 base = &rtl8192cu_txagc[chain];
4516
4517 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0]));
4518 if (sc->regulatory == 0) {
4519 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++)
4520 power[ridx] = base->pwr[0][ridx];
4521 }
4522 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) {
4523 if (sc->regulatory == 3) {
4524 power[ridx] = base->pwr[0][ridx];
4525 /* Apply vendor limits. */
4526 if (extc != NULL)
4527 max = rom->ht40_max_pwr[group];
4528 else
4529 max = rom->ht20_max_pwr[group];
4530 max = (max >> (chain * 4)) & 0xf;
4531 if (power[ridx] > max)
4532 power[ridx] = max;
4533 } else if (sc->regulatory == 1) {
4534 if (extc == NULL)
4535 power[ridx] = base->pwr[group][ridx];
4536 } else if (sc->regulatory != 2)
4537 power[ridx] = base->pwr[0][ridx];
4538 }
4539
4540 /* Compute per-CCK rate Tx power. */
4541 cckpow = rom->cck_tx_pwr[chain][group];
4542 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) {
4543 power[ridx] += cckpow;
4544 if (power[ridx] > R92C_MAX_TX_PWR)
4545 power[ridx] = R92C_MAX_TX_PWR;
4546 }
4547
4548 htpow = rom->ht40_1s_tx_pwr[chain][group];
4549 if (sc->ntxchains > 1) {
4550 /* Apply reduction for 2 spatial streams. */
4551 diff = rom->ht40_2s_tx_pwr_diff[group];
4552 diff = (diff >> (chain * 4)) & 0xf;
4553 htpow = (htpow > diff) ? htpow - diff : 0;
4554 }
4555
4556 /* Compute per-OFDM rate Tx power. */
4557 diff = rom->ofdm_tx_pwr_diff[group];
4558 diff = (diff >> (chain * 4)) & 0xf;
4559 ofdmpow = htpow + diff; /* HT->OFDM correction. */
4560 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) {
4561 power[ridx] += ofdmpow;
4562 if (power[ridx] > R92C_MAX_TX_PWR)
4563 power[ridx] = R92C_MAX_TX_PWR;
4564 }
4565
4566 /* Compute per-MCS Tx power. */
4567 if (extc == NULL) {
4568 diff = rom->ht20_tx_pwr_diff[group];
4569 diff = (diff >> (chain * 4)) & 0xf;
4570 htpow += diff; /* HT40->HT20 correction. */
4571 }
4572 for (ridx = 12; ridx <= 27; ridx++) {
4573 power[ridx] += htpow;
4574 if (power[ridx] > R92C_MAX_TX_PWR)
4575 power[ridx] = R92C_MAX_TX_PWR;
4576 }
4577#ifdef USB_DEBUG
4578 if (sc->sc_debug & URTWN_DEBUG_TXPWR) {
4579 /* Dump per-rate Tx power values. */
4580 printf("Tx power for chain %d:\n", chain);
4581 for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++)
4582 printf("Rate %d = %u\n", ridx, power[ridx]);
4583 }
4584#endif
4585}
4586
4587static void
4588urtwn_r88e_get_txpower(struct urtwn_softc *sc, int chain,
4589 struct ieee80211_channel *c, struct ieee80211_channel *extc,
4590 uint16_t power[URTWN_RIDX_COUNT])
4591{
4592 struct ieee80211com *ic = &sc->sc_ic;
4593 struct r88e_rom *rom = &sc->rom.r88e_rom;
4594 uint16_t cckpow, ofdmpow, bw20pow, htpow;
4595 const struct urtwn_r88e_txpwr *base;
4596 int ridx, chan, group;
4597
4598 /* Determine channel group. */
4599 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
4600 if (chan <= 2)
4601 group = 0;
4602 else if (chan <= 5)
4603 group = 1;
4604 else if (chan <= 8)
4605 group = 2;
4606 else if (chan <= 11)
4607 group = 3;
4608 else if (chan <= 13)
4609 group = 4;
4610 else
4611 group = 5;
4612
4613 /* Get original Tx power based on board type and RF chain. */
4614 base = &rtl8188eu_txagc[chain];
4615
4616 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0]));
4617 if (sc->regulatory == 0) {
4618 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++)
4619 power[ridx] = base->pwr[0][ridx];
4620 }
4621 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) {
4622 if (sc->regulatory == 3)
4623 power[ridx] = base->pwr[0][ridx];
4624 else if (sc->regulatory == 1) {
4625 if (extc == NULL)
4626 power[ridx] = base->pwr[group][ridx];
4627 } else if (sc->regulatory != 2)
4628 power[ridx] = base->pwr[0][ridx];
4629 }
4630
4631 /* Compute per-CCK rate Tx power. */
4632 cckpow = rom->cck_tx_pwr[group];
4633 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) {
4634 power[ridx] += cckpow;
4635 if (power[ridx] > R92C_MAX_TX_PWR)
4636 power[ridx] = R92C_MAX_TX_PWR;
4637 }
4638
4639 htpow = rom->ht40_tx_pwr[group];
4640
4641 /* Compute per-OFDM rate Tx power. */
4642 ofdmpow = htpow + sc->ofdm_tx_pwr_diff;
4643 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) {
4644 power[ridx] += ofdmpow;
4645 if (power[ridx] > R92C_MAX_TX_PWR)
4646 power[ridx] = R92C_MAX_TX_PWR;
4647 }
4648
4649 bw20pow = htpow + sc->bw20_tx_pwr_diff;
4650 for (ridx = 12; ridx <= 27; ridx++) {
4651 power[ridx] += bw20pow;
4652 if (power[ridx] > R92C_MAX_TX_PWR)
4653 power[ridx] = R92C_MAX_TX_PWR;
4654 }
4655}
4656
4657static void
4658urtwn_set_txpower(struct urtwn_softc *sc, struct ieee80211_channel *c,
4659 struct ieee80211_channel *extc)
4660{
4661 uint16_t power[URTWN_RIDX_COUNT];
4662 int i;
4663
4664 for (i = 0; i < sc->ntxchains; i++) {
4665 /* Compute per-rate Tx power values. */
4666 if (sc->chip & URTWN_CHIP_88E)
4667 urtwn_r88e_get_txpower(sc, i, c, extc, power);
4668 else
4669 urtwn_get_txpower(sc, i, c, extc, power);
4670 /* Write per-rate Tx power values to hardware. */
4671 urtwn_write_txpower(sc, i, power);
4672 }
4673}
4674
4675static void
4676urtwn_set_rx_bssid_all(struct urtwn_softc *sc, int enable)
4677{
4678 uint32_t reg;
4679
4680 reg = urtwn_read_4(sc, R92C_RCR);
4681 if (enable)
4682 reg &= ~R92C_RCR_CBSSID_BCN;
4683 else
4684 reg |= R92C_RCR_CBSSID_BCN;
4685 urtwn_write_4(sc, R92C_RCR, reg);
4686}
4687
4688static void
4689urtwn_set_gain(struct urtwn_softc *sc, uint8_t gain)
4690{
4691 uint32_t reg;
4692
4693 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0));
4694 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain);
4695 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg);
4696
4697 if (!(sc->chip & URTWN_CHIP_88E)) {
4698 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1));
4699 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain);
4700 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg);
4701 }
4702}
4703
4704static void
4705urtwn_scan_start(struct ieee80211com *ic)
4706{
4707 struct urtwn_softc *sc = ic->ic_softc;
4708
4709 URTWN_LOCK(sc);
4710 /* Receive beacons / probe responses from any BSSID. */
4711 if (ic->ic_opmode != IEEE80211_M_IBSS)
4712 urtwn_set_rx_bssid_all(sc, 1);
4713
4714 /* Set gain for scanning. */
4715 urtwn_set_gain(sc, 0x20);
4716 URTWN_UNLOCK(sc);
4717}
4718
4719static void
4720urtwn_scan_end(struct ieee80211com *ic)
4721{
4722 struct urtwn_softc *sc = ic->ic_softc;
4723
4724 URTWN_LOCK(sc);
4725 /* Restore limitations. */
4726 if (ic->ic_promisc == 0 && ic->ic_opmode != IEEE80211_M_IBSS)
4727 urtwn_set_rx_bssid_all(sc, 0);
4728
4729 /* Set gain under link. */
4730 urtwn_set_gain(sc, 0x32);
4731 URTWN_UNLOCK(sc);
4732}
4733
4734static void
4735urtwn_set_channel(struct ieee80211com *ic)
4736{
4737 struct urtwn_softc *sc = ic->ic_softc;
4738 struct ieee80211_channel *c = ic->ic_curchan;
4739 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4740
4741 URTWN_LOCK(sc);
4742 if (vap->iv_state == IEEE80211_S_SCAN) {
4743 /* Make link LED blink during scan. */
4744 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink);
4745 }
4746 urtwn_set_chan(sc, c, NULL);
4747 sc->sc_rxtap.wr_chan_freq = htole16(c->ic_freq);
4748 sc->sc_rxtap.wr_chan_flags = htole16(c->ic_flags);
4749 sc->sc_txtap.wt_chan_freq = htole16(c->ic_freq);
4750 sc->sc_txtap.wt_chan_flags = htole16(c->ic_flags);
4751 URTWN_UNLOCK(sc);
4752}
4753
4754static int
4755urtwn_wme_update(struct ieee80211com *ic)
4756{
4757 const struct wmeParams *wmep =
4758 ic->ic_wme.wme_chanParams.cap_wmeParams;
4759 struct urtwn_softc *sc = ic->ic_softc;
4760 uint8_t aifs, acm, slottime;
4761 int ac;
4762
4763 acm = 0;
4764 slottime = IEEE80211_GET_SLOTTIME(ic);
4765
4766 URTWN_LOCK(sc);
4767 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
4768 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
4769 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS;
4770 urtwn_write_4(sc, wme2queue[ac].reg,
4771 SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) |
4772 SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) |
4773 SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) |
4774 SM(R92C_EDCA_PARAM_AIFS, aifs));
4775 if (ac != WME_AC_BE)
4776 acm |= wmep[ac].wmep_acm << ac;
4777 }
4778
4779 if (acm != 0)
4780 acm |= R92C_ACMHWCTRL_EN;
4781 urtwn_write_1(sc, R92C_ACMHWCTRL,
4782 (urtwn_read_1(sc, R92C_ACMHWCTRL) & ~R92C_ACMHWCTRL_ACM_MASK) |
4783 acm);
4784
4785 URTWN_UNLOCK(sc);
4786
4787 return 0;
4788}
4789
4790static void
4791urtwn_update_slot(struct ieee80211com *ic)
4792{
4793 urtwn_cmd_sleepable(ic->ic_softc, NULL, 0, urtwn_update_slot_cb);
4794}
4795
4796static void
4797urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data)
4798{
4799 struct ieee80211com *ic = &sc->sc_ic;
4800 uint8_t slottime;
4801
4802 slottime = IEEE80211_GET_SLOTTIME(ic);
4803
4804 URTWN_DPRINTF(sc, URTWN_DEBUG_ANY, "%s: setting slot time to %uus\n",
4805 __func__, slottime);
4806
4807 urtwn_write_1(sc, R92C_SLOT, slottime);
4808 urtwn_update_aifs(sc, slottime);
4809}
4810
4811static void
4812urtwn_update_aifs(struct urtwn_softc *sc, uint8_t slottime)
4813{
4814 const struct wmeParams *wmep =
4815 sc->sc_ic.ic_wme.wme_chanParams.cap_wmeParams;
4816 uint8_t aifs, ac;
4817
4818 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
4819 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
4820 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS;
4821 urtwn_write_1(sc, wme2queue[ac].reg, aifs);
4822 }
4823}
4824
4825static void
4826urtwn_set_promisc(struct urtwn_softc *sc)
4827{
4828 struct ieee80211com *ic = &sc->sc_ic;
4829 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4830 uint32_t rcr, mask1, mask2;
4831
4832 URTWN_ASSERT_LOCKED(sc);
4833
4834 if (vap->iv_opmode == IEEE80211_M_MONITOR)
4835 return;
4836
4837 mask1 = R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | R92C_RCR_AAP;
4838 mask2 = R92C_RCR_APM;
4839
4840 if (vap->iv_state == IEEE80211_S_RUN) {
4841 switch (vap->iv_opmode) {
4842 case IEEE80211_M_STA:
4843 mask2 |= R92C_RCR_CBSSID_DATA;
4844 /* FALLTHROUGH */
4845 case IEEE80211_M_HOSTAP:
4846 mask2 |= R92C_RCR_CBSSID_BCN;
4847 break;
4848 case IEEE80211_M_IBSS:
4849 mask2 |= R92C_RCR_CBSSID_DATA;
4850 break;
4851 default:
4852 device_printf(sc->sc_dev, "%s: undefined opmode %d\n",
4853 __func__, vap->iv_opmode);
4854 return;
4855 }
4856 }
4857
4858 rcr = urtwn_read_4(sc, R92C_RCR);
4859 if (ic->ic_promisc == 0)
4860 rcr = (rcr & ~mask1) | mask2;
4861 else
4862 rcr = (rcr & ~mask2) | mask1;
4863 urtwn_write_4(sc, R92C_RCR, rcr);
4864}
4865
4866static void
4867urtwn_update_promisc(struct ieee80211com *ic)
4868{
4869 struct urtwn_softc *sc = ic->ic_softc;
4870
4871 URTWN_LOCK(sc);
4872 if (sc->sc_flags & URTWN_RUNNING)
4873 urtwn_set_promisc(sc);
4874 URTWN_UNLOCK(sc);
4875}
4876
4877static void
4878urtwn_update_mcast(struct ieee80211com *ic)
4879{
4880 /* XXX do nothing? */
4881}
4882
4883static struct ieee80211_node *
4884urtwn_node_alloc(struct ieee80211vap *vap,
4885 const uint8_t mac[IEEE80211_ADDR_LEN])
4886{
4887 struct urtwn_node *un;
4888
4889 un = malloc(sizeof (struct urtwn_node), M_80211_NODE,
4890 M_NOWAIT | M_ZERO);
4891
4892 if (un == NULL)
4893 return NULL;
4894
4895 un->id = URTWN_MACID_UNDEFINED;
4896
4897 return &un->ni;
4898}
4899
4900static void
4901urtwn_newassoc(struct ieee80211_node *ni, int isnew)
4902{
4903 struct urtwn_softc *sc = ni->ni_ic->ic_softc;
4904 struct urtwn_node *un = URTWN_NODE(ni);
4905 uint8_t id;
4906
4907 /* Only do this bit for R88E chips */
4908 if (! (sc->chip & URTWN_CHIP_88E))
4909 return;
4910
4911 if (!isnew)
4912 return;
4913
4914 URTWN_NT_LOCK(sc);
4915 for (id = 0; id <= URTWN_MACID_MAX(sc); id++) {
4916 if (id != URTWN_MACID_BC && sc->node_list[id] == NULL) {
4917 un->id = id;
4918 sc->node_list[id] = ni;
4919 break;
4920 }
4921 }
4922 URTWN_NT_UNLOCK(sc);
4923
4924 if (id > URTWN_MACID_MAX(sc)) {
4925 device_printf(sc->sc_dev, "%s: node table is full\n",
4926 __func__);
4927 }
4928}
4929
4930static void
4931urtwn_node_free(struct ieee80211_node *ni)
4932{
4933 struct urtwn_softc *sc = ni->ni_ic->ic_softc;
4934 struct urtwn_node *un = URTWN_NODE(ni);
4935
4936 URTWN_NT_LOCK(sc);
4937 if (un->id != URTWN_MACID_UNDEFINED)
4938 sc->node_list[un->id] = NULL;
4939 URTWN_NT_UNLOCK(sc);
4940
4941 sc->sc_node_free(ni);
4942}
4943
4944static void
4945urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c,
4946 struct ieee80211_channel *extc)
4947{
4948 struct ieee80211com *ic = &sc->sc_ic;
4949 uint32_t reg;
4950 u_int chan;
4951 int i;
4952
4953 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
4954 if (chan == 0 || chan == IEEE80211_CHAN_ANY) {
4955 device_printf(sc->sc_dev,
4956 "%s: invalid channel %x\n", __func__, chan);
4957 return;
4958 }
4959
4960 /* Set Tx power for this new channel. */
4961 urtwn_set_txpower(sc, c, extc);
4962
4963 for (i = 0; i < sc->nrxchains; i++) {
4964 urtwn_rf_write(sc, i, R92C_RF_CHNLBW,
4965 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan));
4966 }
4967#ifndef IEEE80211_NO_HT
4968 if (extc != NULL) {
4969 /* Is secondary channel below or above primary? */
4970 int prichlo = c->ic_freq < extc->ic_freq;
4971
4972 urtwn_write_1(sc, R92C_BWOPMODE,
4973 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ);
4974
4975 reg = urtwn_read_1(sc, R92C_RRSR + 2);
4976 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5;
4977 urtwn_write_1(sc, R92C_RRSR + 2, reg);
4978
4979 urtwn_bb_write(sc, R92C_FPGA0_RFMOD,
4980 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ);
4981 urtwn_bb_write(sc, R92C_FPGA1_RFMOD,
4982 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ);
4983
4984 /* Set CCK side band. */
4985 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM);
4986 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4;
4987 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg);
4988
4989 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF);
4990 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10;
4991 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg);
4992
4993 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2,
4994 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) &
4995 ~R92C_FPGA0_ANAPARAM2_CBW20);
4996
4997 reg = urtwn_bb_read(sc, 0x818);
4998 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26;
4999 urtwn_bb_write(sc, 0x818, reg);
5000
5001 /* Select 40MHz bandwidth. */
5002 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5003 (sc->rf_chnlbw[0] & ~0xfff) | chan);
5004 } else
5005#endif
5006 {
5007 urtwn_write_1(sc, R92C_BWOPMODE,
5008 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ);
5009
5010 urtwn_bb_write(sc, R92C_FPGA0_RFMOD,
5011 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ);
5012 urtwn_bb_write(sc, R92C_FPGA1_RFMOD,
5013 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ);
5014
5015 if (!(sc->chip & URTWN_CHIP_88E)) {
5016 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2,
5017 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) |
5018 R92C_FPGA0_ANAPARAM2_CBW20);
5019 }
5020
5021 /* Select 20MHz bandwidth. */
5022 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5023 (sc->rf_chnlbw[0] & ~0xfff) | chan |
5024 ((sc->chip & URTWN_CHIP_88E) ? R88E_RF_CHNLBW_BW20 :
5025 R92C_RF_CHNLBW_BW20));
5026 }
5027}
5028
5029static void
5030urtwn_iq_calib(struct urtwn_softc *sc)
5031{
5032 /* TODO */
5033}
5034
5035static void
5036urtwn_lc_calib(struct urtwn_softc *sc)
5037{
5038 uint32_t rf_ac[2];
5039 uint8_t txmode;
5040 int i;
5041
5042 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3);
5043 if ((txmode & 0x70) != 0) {
5044 /* Disable all continuous Tx. */
5045 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70);
5046
5047 /* Set RF mode to standby mode. */
5048 for (i = 0; i < sc->nrxchains; i++) {
5049 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC);
5050 urtwn_rf_write(sc, i, R92C_RF_AC,
5051 RW(rf_ac[i], R92C_RF_AC_MODE,
5052 R92C_RF_AC_MODE_STANDBY));
5053 }
5054 } else {
5055 /* Block all Tx queues. */
5056 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
5057 }
5058 /* Start calibration. */
5059 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5060 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART);
5061
5062 /* Give calibration the time to complete. */
5063 usb_pause_mtx(&sc->sc_mtx, hz / 10); /* 100ms */
5064
5065 /* Restore configuration. */
5066 if ((txmode & 0x70) != 0) {
5067 /* Restore Tx mode. */
5068 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode);
5069 /* Restore RF mode. */
5070 for (i = 0; i < sc->nrxchains; i++)
5071 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]);
5072 } else {
5073 /* Unblock all Tx queues. */
5074 urtwn_write_1(sc, R92C_TXPAUSE, 0x00);
5075 }
5076}
5077
5078static void
5079urtwn_temp_calib(struct urtwn_softc *sc)
5080{
5081 uint8_t temp;
5082
5083 URTWN_ASSERT_LOCKED(sc);
5084
5085 if (!(sc->sc_flags & URTWN_TEMP_MEASURED)) {
5086 /* Start measuring temperature. */
5087 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5088 "%s: start measuring temperature\n", __func__);
5089 if (sc->chip & URTWN_CHIP_88E) {
5090 urtwn_rf_write(sc, 0, R88E_RF_T_METER,
5091 R88E_RF_T_METER_START);
5092 } else {
5093 urtwn_rf_write(sc, 0, R92C_RF_T_METER,
5094 R92C_RF_T_METER_START);
5095 }
5096 sc->sc_flags |= URTWN_TEMP_MEASURED;
5097 return;
5098 }
5099 sc->sc_flags &= ~URTWN_TEMP_MEASURED;
5100
5101 /* Read measured temperature. */
5102 if (sc->chip & URTWN_CHIP_88E) {
5103 temp = MS(urtwn_rf_read(sc, 0, R88E_RF_T_METER),
5104 R88E_RF_T_METER_VAL);
5105 } else {
5106 temp = MS(urtwn_rf_read(sc, 0, R92C_RF_T_METER),
5107 R92C_RF_T_METER_VAL);
5108 }
5109 if (temp == 0) { /* Read failed, skip. */
5110 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5111 "%s: temperature read failed, skipping\n", __func__);
5112 return;
5113 }
5114
5115 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5116 "%s: temperature: previous %u, current %u\n",
5117 __func__, sc->thcal_lctemp, temp);
5118
5119 /*
5120 * Redo LC calibration if temperature changed significantly since
5121 * last calibration.
5122 */
5123 if (sc->thcal_lctemp == 0) {
5124 /* First LC calibration is performed in urtwn_init(). */
5125 sc->thcal_lctemp = temp;
5126 } else if (abs(temp - sc->thcal_lctemp) > 1) {
5127 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5128 "%s: LC calib triggered by temp: %u -> %u\n",
5129 __func__, sc->thcal_lctemp, temp);
5130 urtwn_lc_calib(sc);
5131 /* Record temperature of last LC calibration. */
5132 sc->thcal_lctemp = temp;
5133 }
5134}
5135
5136static int
5137urtwn_init(struct urtwn_softc *sc)
5138{
5139 struct ieee80211com *ic = &sc->sc_ic;
5140 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
5141 uint8_t macaddr[IEEE80211_ADDR_LEN];
5142 uint32_t reg;
5143 usb_error_t usb_err = USB_ERR_NORMAL_COMPLETION;
5144 int error;
5145
5146 URTWN_LOCK(sc);
5147 if (sc->sc_flags & URTWN_RUNNING) {
5148 URTWN_UNLOCK(sc);
5149 return (0);
5150 }
5151
5152 /* Init firmware commands ring. */
5153 sc->fwcur = 0;
5154
5155 /* Allocate Tx/Rx buffers. */
5156 error = urtwn_alloc_rx_list(sc);
5157 if (error != 0)
5158 goto fail;
5159
5160 error = urtwn_alloc_tx_list(sc);
5161 if (error != 0)
5162 goto fail;
5163
5164 /* Power on adapter. */
5165 error = urtwn_power_on(sc);
5166 if (error != 0)
5167 goto fail;
5168
5169 /* Initialize DMA. */
5170 error = urtwn_dma_init(sc);
5171 if (error != 0)
5172 goto fail;
5173
5174 /* Set info size in Rx descriptors (in 64-bit words). */
5175 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4);
5176
5177 /* Init interrupts. */
5178 if (sc->chip & URTWN_CHIP_88E) {
5179 usb_err = urtwn_write_4(sc, R88E_HISR, 0xffffffff);
5180 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5181 goto fail;
5182 usb_err = urtwn_write_4(sc, R88E_HIMR, R88E_HIMR_CPWM | R88E_HIMR_CPWM2 |
5183 R88E_HIMR_TBDER | R88E_HIMR_PSTIMEOUT);
5184 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5185 goto fail;
5186 usb_err = urtwn_write_4(sc, R88E_HIMRE, R88E_HIMRE_RXFOVW |
5187 R88E_HIMRE_TXFOVW | R88E_HIMRE_RXERR | R88E_HIMRE_TXERR);
5188 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5189 goto fail;
5190 usb_err = urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION,
5191 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) |
5192 R92C_USB_SPECIAL_OPTION_INT_BULK_SEL);
5193 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5194 goto fail;
5195 } else {
5196 usb_err = urtwn_write_4(sc, R92C_HISR, 0xffffffff);
5197 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5198 goto fail;
5199 usb_err = urtwn_write_4(sc, R92C_HIMR, 0xffffffff);
5200 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5201 goto fail;
5202 }
5203
5204 /* Set MAC address. */
5205 IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr);
5206 usb_err = urtwn_write_region_1(sc, R92C_MACID, macaddr, IEEE80211_ADDR_LEN);
5207 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5208 goto fail;
5209
5210 /* Set initial network type. */
5211 urtwn_set_mode(sc, R92C_MSR_INFRA);
5212
5213 /* Initialize Rx filter. */
5214 urtwn_rxfilter_init(sc);
5215
5216 /* Set response rate. */
5217 reg = urtwn_read_4(sc, R92C_RRSR);
5218 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M);
5219 urtwn_write_4(sc, R92C_RRSR, reg);
5220
5221 /* Set short/long retry limits. */
5222 urtwn_write_2(sc, R92C_RL,
5223 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30));
5224
5225 /* Initialize EDCA parameters. */
5226 urtwn_edca_init(sc);
5227
5228 /* Setup rate fallback. */
5229 if (!(sc->chip & URTWN_CHIP_88E)) {
5230 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000);
5231 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404);
5232 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201);
5233 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605);
5234 }
5235
5236 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL,
5237 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) |
5238 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW);
5239 /* Set ACK timeout. */
5240 urtwn_write_1(sc, R92C_ACKTO, 0x40);
5241
5242 /* Setup USB aggregation. */
5243 reg = urtwn_read_4(sc, R92C_TDECTRL);
5244 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6);
5245 urtwn_write_4(sc, R92C_TDECTRL, reg);
5246 urtwn_write_1(sc, R92C_TRXDMA_CTRL,
5247 urtwn_read_1(sc, R92C_TRXDMA_CTRL) |
5248 R92C_TRXDMA_CTRL_RXDMA_AGG_EN);
5249 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48);
5250 if (sc->chip & URTWN_CHIP_88E)
5251 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH + 1, 4);
5252 else {
5253 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4);
5254 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION,
5255 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) |
5256 R92C_USB_SPECIAL_OPTION_AGG_EN);
5257 urtwn_write_1(sc, R92C_USB_AGG_TH, 8);
5258 urtwn_write_1(sc, R92C_USB_AGG_TO, 6);
5259 }
5260
5261 /* Initialize beacon parameters. */
5262 urtwn_write_2(sc, R92C_BCN_CTRL, 0x1010);
5263 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404);
5264 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05);
5265 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02);
5266 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f);
5267
5268 if (!(sc->chip & URTWN_CHIP_88E)) {
5269 /* Setup AMPDU aggregation. */
5270 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */
5271 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16);
5272 urtwn_write_2(sc, R92C_MAX_AGGR_NUM, 0x0708);
5273
5274 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff);
5275 }
5276
5277#ifndef URTWN_WITHOUT_UCODE
5278 /* Load 8051 microcode. */
5279 error = urtwn_load_firmware(sc);
5280 if (error == 0)
5281 sc->sc_flags |= URTWN_FW_LOADED;
5282#endif
5283
5284 /* Initialize MAC/BB/RF blocks. */
5285 error = urtwn_mac_init(sc);
5286 if (error != 0) {
5287 device_printf(sc->sc_dev,
5288 "%s: error while initializing MAC block\n", __func__);
5289 goto fail;
5290 }
5291 urtwn_bb_init(sc);
5292 urtwn_rf_init(sc);
5293
5294 /* Reinitialize Rx filter (D3845 is not committed yet). */
5295 urtwn_rxfilter_init(sc);
5296
5297 if (sc->chip & URTWN_CHIP_88E) {
5298 urtwn_write_2(sc, R92C_CR,
5299 urtwn_read_2(sc, R92C_CR) | R92C_CR_MACTXEN |
5300 R92C_CR_MACRXEN);
5301 }
5302
5303 /* Turn CCK and OFDM blocks on. */
5304 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD);
5305 reg |= R92C_RFMOD_CCK_EN;
5306 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg);
5307 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5308 goto fail;
5309 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD);
5310 reg |= R92C_RFMOD_OFDM_EN;
5311 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg);
5312 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5313 goto fail;
5314
5315 /* Clear per-station keys table. */
5316 urtwn_cam_init(sc);
5317
5318 /* Enable decryption / encryption. */
5319 urtwn_write_2(sc, R92C_SECCFG,
5320 R92C_SECCFG_TXUCKEY_DEF | R92C_SECCFG_RXUCKEY_DEF |
5321 R92C_SECCFG_TXENC_ENA | R92C_SECCFG_RXDEC_ENA |
5322 R92C_SECCFG_TXBCKEY_DEF | R92C_SECCFG_RXBCKEY_DEF);
5323
5324 /*
5325 * Install static keys (if any).
5326 * Must be called after urtwn_cam_init().
5327 */
5328 ieee80211_runtask(ic, &sc->cmdq_task);
5329
5330 /* Enable hardware sequence numbering. */
5331 urtwn_write_1(sc, R92C_HWSEQ_CTRL, R92C_TX_QUEUE_ALL);
5332
5333 /* Enable per-packet TX report. */
5334 if (sc->chip & URTWN_CHIP_88E) {
5335 urtwn_write_1(sc, R88E_TX_RPT_CTRL,
5336 urtwn_read_1(sc, R88E_TX_RPT_CTRL) | R88E_TX_RPT1_ENA);
5337 }
5338
5339 /* Perform LO and IQ calibrations. */
5340 urtwn_iq_calib(sc);
5341 /* Perform LC calibration. */
5342 urtwn_lc_calib(sc);
5343
5344 /* Fix USB interference issue. */
5345 if (!(sc->chip & URTWN_CHIP_88E)) {
5346 urtwn_write_1(sc, 0xfe40, 0xe0);
5347 urtwn_write_1(sc, 0xfe41, 0x8d);
5348 urtwn_write_1(sc, 0xfe42, 0x80);
5349
5350 urtwn_pa_bias_init(sc);
5351 }
5352
5353 /* Initialize GPIO setting. */
5354 urtwn_write_1(sc, R92C_GPIO_MUXCFG,
5355 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT);
5356
5357 /* Fix for lower temperature. */
5358 if (!(sc->chip & URTWN_CHIP_88E))
5359 urtwn_write_1(sc, 0x15, 0xe9);
5360
5361 usbd_transfer_start(sc->sc_xfer[URTWN_BULK_RX]);
5362
5363 sc->sc_flags |= URTWN_RUNNING;
5364
5365 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
5366fail:
5367 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5368 error = EIO;
5369
5370 URTWN_UNLOCK(sc);
5371
5372 return (error);
5373}
5374
5375static void
5376urtwn_stop(struct urtwn_softc *sc)
5377{
5378
5379 URTWN_LOCK(sc);
5380 if (!(sc->sc_flags & URTWN_RUNNING)) {
5381 URTWN_UNLOCK(sc);
5382 return;
5383 }
5384
5385 sc->sc_flags &= ~(URTWN_RUNNING | URTWN_FW_LOADED |
5386 URTWN_TEMP_MEASURED);
5387 sc->thcal_lctemp = 0;
5388 callout_stop(&sc->sc_watchdog_ch);
5389
5390 urtwn_abort_xfers(sc);
5391 urtwn_drain_mbufq(sc);
5392 urtwn_power_off(sc);
5393 URTWN_UNLOCK(sc);
5394}
5395
5396static void
5397urtwn_abort_xfers(struct urtwn_softc *sc)
5398{
5399 int i;
5400
5401 URTWN_ASSERT_LOCKED(sc);
5402
5403 /* abort any pending transfers */
5404 for (i = 0; i < URTWN_N_TRANSFER; i++)
5405 usbd_transfer_stop(sc->sc_xfer[i]);
5406}
5407
5408static int
5409urtwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
5410 const struct ieee80211_bpf_params *params)
5411{
5412 struct ieee80211com *ic = ni->ni_ic;
5413 struct urtwn_softc *sc = ic->ic_softc;
5414 struct urtwn_data *bf;
5415 int error;
5416
5417 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n",
5418 __func__,
5419 m);
5420
5421 /* prevent management frames from being sent if we're not ready */
5422 URTWN_LOCK(sc);
5423 if (!(sc->sc_flags & URTWN_RUNNING)) {
5424 error = ENETDOWN;
5425 goto end;
5426 }
5427
5428 bf = urtwn_getbuf(sc);
5429 if (bf == NULL) {
5430 error = ENOBUFS;
5431 goto end;
5432 }
5433
5434 if (params == NULL) {
5435 /*
5436 * Legacy path; interpret frame contents to decide
5437 * precisely how to send the frame.
5438 */
5439 error = urtwn_tx_data(sc, ni, m, bf);
5440 } else {
5441 /*
5442 * Caller supplied explicit parameters to use in
5443 * sending the frame.
5444 */
5445 error = urtwn_tx_raw(sc, ni, m, bf, params);
5446 }
5447 if (error != 0) {
5448 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next);
5449 goto end;
5450 }
5451
5452 sc->sc_txtimer = 5;
5453 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
5454
5455end:
5456 if (error != 0)
5457 m_freem(m);
5458
5459 URTWN_UNLOCK(sc);
5460
5461 return (error);
5462}
5463
5464static void
5465urtwn_ms_delay(struct urtwn_softc *sc)
5466{
5467 usb_pause_mtx(&sc->sc_mtx, hz / 1000);
5468}
5469
5470static device_method_t urtwn_methods[] = {
5471 /* Device interface */
5472 DEVMETHOD(device_probe, urtwn_match),
5473 DEVMETHOD(device_attach, urtwn_attach),
5474 DEVMETHOD(device_detach, urtwn_detach),
5475
5476 DEVMETHOD_END
5477};
5478
5479static driver_t urtwn_driver = {
5480 "urtwn",
5481 urtwn_methods,
5482 sizeof(struct urtwn_softc)
5483};
5484
5485static devclass_t urtwn_devclass;
5486
5487DRIVER_MODULE(urtwn, uhub, urtwn_driver, urtwn_devclass, NULL, NULL);
5488MODULE_DEPEND(urtwn, usb, 1, 1, 1);
5489MODULE_DEPEND(urtwn, wlan, 1, 1, 1);
5490#ifndef URTWN_WITHOUT_UCODE
5491MODULE_DEPEND(urtwn, firmware, 1, 1, 1);
5492#endif
5493MODULE_VERSION(urtwn, 1);
5494USB_PNP_HOST_INFO(urtwn_devs);
|