Cross Reference: /freebsd-11.0-release/sys/dev/usb/wlan/if_rsu.c

Deleted Added

sdiff udiff text old ( 287949 ) new ( 287950 )

full compact

if_rsu.c (287949)	if_rsu.c (287950)
1/* $OpenBSD: if_rsu.c,v 1.17 2013/04/15 09:23:01 mglocker Exp $ / 2 3/- 4 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18#include <sys/cdefs.h>	1/* $OpenBSD: if_rsu.c,v 1.17 2013/04/15 09:23:01 mglocker Exp $ / 2 3/- 4 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18#include <sys/cdefs.h>
19__FBSDID("$FreeBSD: head/sys/dev/usb/wlan/if_rsu.c 287949 2015-09-18 05:03:01Z adrian $");	19__FBSDID("$FreeBSD: head/sys/dev/usb/wlan/if_rsu.c 287950 2015-09-18 05:59:15Z adrian $");
20 21/* 22 * Driver for Realtek RTL8188SU/RTL8191SU/RTL8192SU. 23 * 24 * TODO: 25 * o 11n support 26 * o h/w crypto 27 * o hostap / ibss / mesh 28 / 29 30#include <sys/param.h> 31#include <sys/endian.h> 32#include <sys/sockio.h> 33#include <sys/mbuf.h> 34#include <sys/kernel.h> 35#include <sys/socket.h> 36#include <sys/systm.h> 37#include <sys/conf.h> 38#include <sys/bus.h> 39#include <sys/rman.h> 40#include <sys/firmware.h> 41#include <sys/module.h> 42 43#include <machine/bus.h> 44#include <machine/resource.h> 45 46#include <net/bpf.h> 47#include <net/if.h> 48#include <net/if_var.h> 49#include <net/if_arp.h> 50#include <net/if_dl.h> 51#include <net/if_media.h> 52#include <net/if_types.h> 53 54#include <netinet/in.h> 55#include <netinet/in_systm.h> 56#include <netinet/in_var.h> 57#include <netinet/if_ether.h> 58#include <netinet/ip.h> 59 60#include <net80211/ieee80211_var.h> 61#include <net80211/ieee80211_regdomain.h> 62#include <net80211/ieee80211_radiotap.h> 63 64#include <dev/usb/usb.h> 65#include <dev/usb/usbdi.h> 66#include "usbdevs.h" 67 68#define USB_DEBUG_VAR rsu_debug 69#include <dev/usb/usb_debug.h> 70 71#include <dev/usb/wlan/if_rsureg.h> 72 73#ifdef USB_DEBUG 74static int rsu_debug = 0; 75SYSCTL_NODE(_hw_usb, OID_AUTO, rsu, CTLFLAG_RW, 0, "USB rsu"); 76SYSCTL_INT(_hw_usb_rsu, OID_AUTO, debug, CTLFLAG_RWTUN, &rsu_debug, 0, 77 "Debug level"); 78#define RSU_DPRINTF(_sc, _flg, ...) \ 79 do \ 80 if (((_flg) == (RSU_DEBUG_ANY)) \|\| (rsu_debug & (_flg))) \ 81 device_printf((_sc)->sc_dev, __VA_ARGS__); \ 82 while (0) 83#else 84#define RSU_DPRINTF(_sc, _flg, ...) 85#endif 86 87static int rsu_enable_11n = 0; 88TUNABLE_INT("hw.usb.rsu.enable_11n", &rsu_enable_11n); 89 90#define RSU_DEBUG_ANY 0xffffffff 91#define RSU_DEBUG_TX 0x00000001 92#define RSU_DEBUG_RX 0x00000002 93#define RSU_DEBUG_RESET 0x00000004 94#define RSU_DEBUG_CALIB 0x00000008 95#define RSU_DEBUG_STATE 0x00000010 96#define RSU_DEBUG_SCAN 0x00000020 97#define RSU_DEBUG_FWCMD 0x00000040 98#define RSU_DEBUG_TXDONE 0x00000080 99#define RSU_DEBUG_FW 0x00000100 100#define RSU_DEBUG_FWDBG 0x00000200 101* 102static const STRUCT_USB_HOST_ID rsu_devs[] = { 103#define RSU_HT_NOT_SUPPORTED 0 104#define RSU_HT_SUPPORTED 1 105#define RSU_DEV_HT(v,p) { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, \ 106 RSU_HT_SUPPORTED) } 107#define RSU_DEV(v,p) { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, \ 108 RSU_HT_NOT_SUPPORTED) } 109 RSU_DEV(ASUS, RTL8192SU), 110 RSU_DEV(AZUREWAVE, RTL8192SU_4), 111 RSU_DEV_HT(ACCTON, RTL8192SU), 112 RSU_DEV_HT(ASUS, USBN10), 113 RSU_DEV_HT(AZUREWAVE, RTL8192SU_1), 114 RSU_DEV_HT(AZUREWAVE, RTL8192SU_2), 115 RSU_DEV_HT(AZUREWAVE, RTL8192SU_3), 116 RSU_DEV_HT(AZUREWAVE, RTL8192SU_5), 117 RSU_DEV_HT(BELKIN, RTL8192SU_1), 118 RSU_DEV_HT(BELKIN, RTL8192SU_2), 119 RSU_DEV_HT(BELKIN, RTL8192SU_3), 120 RSU_DEV_HT(CONCEPTRONIC2, RTL8192SU_1), 121 RSU_DEV_HT(CONCEPTRONIC2, RTL8192SU_2), 122 RSU_DEV_HT(CONCEPTRONIC2, RTL8192SU_3), 123 RSU_DEV_HT(COREGA, RTL8192SU), 124 RSU_DEV_HT(DLINK2, DWA131A1), 125 RSU_DEV_HT(DLINK2, RTL8192SU_1), 126 RSU_DEV_HT(DLINK2, RTL8192SU_2), 127 RSU_DEV_HT(EDIMAX, RTL8192SU_1), 128 RSU_DEV_HT(EDIMAX, RTL8192SU_2), 129 RSU_DEV_HT(EDIMAX, EW7622UMN), 130 RSU_DEV_HT(GUILLEMOT, HWGUN54), 131 RSU_DEV_HT(GUILLEMOT, HWNUM300), 132 RSU_DEV_HT(HAWKING, RTL8192SU_1), 133 RSU_DEV_HT(HAWKING, RTL8192SU_2), 134 RSU_DEV_HT(PLANEX2, GWUSNANO), 135 RSU_DEV_HT(REALTEK, RTL8171), 136 RSU_DEV_HT(REALTEK, RTL8172), 137 RSU_DEV_HT(REALTEK, RTL8173), 138 RSU_DEV_HT(REALTEK, RTL8174), 139 RSU_DEV_HT(REALTEK, RTL8192SU), 140 RSU_DEV_HT(REALTEK, RTL8712), 141 RSU_DEV_HT(REALTEK, RTL8713), 142 RSU_DEV_HT(SENAO, RTL8192SU_1), 143 RSU_DEV_HT(SENAO, RTL8192SU_2), 144 RSU_DEV_HT(SITECOMEU, WL349V1), 145 RSU_DEV_HT(SITECOMEU, WL353), 146 RSU_DEV_HT(SWEEX2, LW154), 147 RSU_DEV_HT(TRENDNET, TEW646UBH), 148#undef RSU_DEV_HT 149#undef RSU_DEV 150}; 151 152static device_probe_t rsu_match; 153static device_attach_t rsu_attach; 154static device_detach_t rsu_detach; 155static usb_callback_t rsu_bulk_tx_callback_be_bk; 156static usb_callback_t rsu_bulk_tx_callback_vi_vo; 157static usb_callback_t rsu_bulk_tx_callback_h2c; 158static usb_callback_t rsu_bulk_rx_callback; 159static usb_error_t rsu_do_request(struct rsu_softc , 160* struct usb_device_request , void ); 161static struct ieee80211vap * 162 rsu_vap_create(struct ieee80211com , const char name[], 163* int, enum ieee80211_opmode, int, const uint8_t bssid[], 164 const uint8_t mac[]); 165static void rsu_vap_delete(struct ieee80211vap ); 166static void rsu_scan_start(struct ieee80211com ); 167static void rsu_scan_end(struct ieee80211com ); 168static void rsu_set_channel(struct ieee80211com ); 169static void rsu_update_mcast(struct ieee80211com ); 170static int rsu_alloc_rx_list(struct rsu_softc ); 171static void rsu_free_rx_list(struct rsu_softc ); 172static int rsu_alloc_tx_list(struct rsu_softc ); 173static void rsu_free_tx_list(struct rsu_softc ); 174static void rsu_free_list(struct rsu_softc , struct rsu_data [], int); 175static struct rsu_data _rsu_getbuf(struct rsu_softc ); 176static struct rsu_data rsu_getbuf(struct rsu_softc ); 177static int rsu_write_region_1(struct rsu_softc , uint16_t, uint8_t , 178 int); 179static void rsu_write_1(struct rsu_softc , uint16_t, uint8_t); 180static void rsu_write_2(struct rsu_softc , uint16_t, uint16_t); 181static void rsu_write_4(struct rsu_softc , uint16_t, uint32_t); 182static int rsu_read_region_1(struct rsu_softc , uint16_t, uint8_t , 183* int); 184static uint8_t rsu_read_1(struct rsu_softc , uint16_t); 185static uint16_t rsu_read_2(struct rsu_softc , uint16_t); 186static uint32_t rsu_read_4(struct rsu_softc , uint16_t); 187static int rsu_fw_iocmd(struct rsu_softc , uint32_t); 188static uint8_t rsu_efuse_read_1(struct rsu_softc , uint16_t); 189static int rsu_read_rom(struct rsu_softc ); 190static int rsu_fw_cmd(struct rsu_softc , uint8_t, void , int); 191static void rsu_calib_task(void , int); 192static int rsu_newstate(struct ieee80211vap , enum ieee80211_state, int); 193#ifdef notyet 194static void rsu_set_key(struct rsu_softc , const struct ieee80211_key ); 195static void rsu_delete_key(struct rsu_softc , const struct ieee80211_key ); 196#endif 197static int rsu_site_survey(struct rsu_softc , struct ieee80211vap ); 198static int rsu_join_bss(struct rsu_softc , struct ieee80211_node ); 199static int rsu_disconnect(struct rsu_softc ); 200static void rsu_event_survey(struct rsu_softc , uint8_t , int); 201static void rsu_event_join_bss(struct rsu_softc , uint8_t , int); 202static void rsu_rx_event(struct rsu_softc , uint8_t, uint8_t , int); 203static void rsu_rx_multi_event(struct rsu_softc , uint8_t , int); 204static int8_t rsu_get_rssi(struct rsu_softc , int, void ); 205static struct mbuf 206 rsu_rx_frame(struct rsu_softc , uint8_t , int, int ); 207static struct mbuf 208 rsu_rx_multi_frame(struct rsu_softc , uint8_t , int, int ); 209static struct mbuf 210 rsu_rxeof(struct usb_xfer , struct rsu_data , int ); 211static void rsu_txeof(struct usb_xfer , struct rsu_data ); 212static int rsu_raw_xmit(struct ieee80211_node , struct mbuf , 213* const struct ieee80211_bpf_params ); 214static void rsu_init(struct rsu_softc ); 215static int rsu_tx_start(struct rsu_softc , struct ieee80211_node , 216 struct mbuf , struct rsu_data ); 217static int rsu_transmit(struct ieee80211com , struct mbuf ); 218static void rsu_start(struct rsu_softc ); 219static void rsu_parent(struct ieee80211com ); 220static void rsu_stop(struct rsu_softc ); 221static void rsu_ms_delay(struct rsu_softc , int); 222 223static device_method_t rsu_methods[] = { 224 DEVMETHOD(device_probe, rsu_match), 225 DEVMETHOD(device_attach, rsu_attach), 226 DEVMETHOD(device_detach, rsu_detach), 227 228 DEVMETHOD_END 229}; 230 231static driver_t rsu_driver = { 232 .name = "rsu", 233 .methods = rsu_methods, 234 .size = sizeof(struct rsu_softc) 235}; 236 237static devclass_t rsu_devclass; 238 239DRIVER_MODULE(rsu, uhub, rsu_driver, rsu_devclass, NULL, 0); 240MODULE_DEPEND(rsu, wlan, 1, 1, 1); 241MODULE_DEPEND(rsu, usb, 1, 1, 1); 242MODULE_DEPEND(rsu, firmware, 1, 1, 1); 243MODULE_VERSION(rsu, 1); 244 245static uint8_t rsu_wme_ac_xfer_map[4] = { 246 [WME_AC_BE] = RSU_BULK_TX_BE_BK, 247 [WME_AC_BK] = RSU_BULK_TX_BE_BK, 248 [WME_AC_VI] = RSU_BULK_TX_VI_VO, 249 [WME_AC_VO] = RSU_BULK_TX_VI_VO, 250}; 251 252/* XXX hard-coded / 253#define RSU_H2C_ENDPOINT 3 254* 255static const struct usb_config rsu_config[RSU_N_TRANSFER] = { 256 [RSU_BULK_RX] = { 257 .type = UE_BULK, 258 .endpoint = UE_ADDR_ANY, 259 .direction = UE_DIR_IN, 260 .bufsize = RSU_RXBUFSZ, 261 .flags = { 262 .pipe_bof = 1, 263 .short_xfer_ok = 1 264 }, 265 .callback = rsu_bulk_rx_callback 266 }, 267 [RSU_BULK_TX_BE_BK] = { 268 .type = UE_BULK, 269 .endpoint = 0x06, 270 .direction = UE_DIR_OUT, 271 .bufsize = RSU_TXBUFSZ, 272 .flags = { 273 .ext_buffer = 1, 274 .pipe_bof = 1, 275 .force_short_xfer = 1 276 }, 277 .callback = rsu_bulk_tx_callback_be_bk, 278 .timeout = RSU_TX_TIMEOUT 279 }, 280 [RSU_BULK_TX_VI_VO] = { 281 .type = UE_BULK, 282 .endpoint = 0x04, 283 .direction = UE_DIR_OUT, 284 .bufsize = RSU_TXBUFSZ, 285 .flags = { 286 .ext_buffer = 1, 287 .pipe_bof = 1, 288 .force_short_xfer = 1 289 }, 290 .callback = rsu_bulk_tx_callback_vi_vo, 291 .timeout = RSU_TX_TIMEOUT 292 }, 293 [RSU_BULK_TX_H2C] = { 294 .type = UE_BULK, 295 .endpoint = 0x0d, 296 .direction = UE_DIR_OUT, 297 .bufsize = RSU_TXBUFSZ, 298 .flags = { 299 .ext_buffer = 1, 300 .pipe_bof = 1, 301 .short_xfer_ok = 1 302 }, 303 .callback = rsu_bulk_tx_callback_h2c, 304 .timeout = RSU_TX_TIMEOUT 305 }, 306}; 307 308static int 309rsu_match(device_t self) 310{ 311 struct usb_attach_arg uaa = device_get_ivars(self); 312* 313 if (uaa->usb_mode != USB_MODE_HOST \|\| 314 uaa->info.bIfaceIndex != 0 \|\| 315 uaa->info.bConfigIndex != 0) 316 return (ENXIO); 317 318 return (usbd_lookup_id_by_uaa(rsu_devs, sizeof(rsu_devs), uaa)); 319} 320 321static int 322rsu_send_mgmt(struct ieee80211_node ni, int type, int arg) 323{ 324* 325 return (ENOTSUP); 326} 327 328static void 329rsu_update_chw(struct ieee80211com ic) 330{ 331* 332} 333 334static int 335rsu_ampdu_enable(struct ieee80211_node ni, struct ieee80211_tx_ampdu tap) 336{ 337 338 /* Firmware handles this; not our problem / 339* return (0); 340} 341 342static int 343rsu_wme_update(struct ieee80211com ic) 344{ 345* 346 /* Firmware handles this; not our problem / 347* return (0); 348} 349 350static int 351rsu_attach(device_t self) 352{ 353 struct usb_attach_arg uaa = device_get_ivars(self); 354* struct rsu_softc sc = device_get_softc(self); 355* struct ieee80211com ic = &sc->sc_ic; 356* int error; 357 uint8_t iface_index, bands; 358 struct usb_interface iface; 359* 360 device_set_usb_desc(self); 361 sc->sc_udev = uaa->device; 362 sc->sc_dev = self; 363 if (rsu_enable_11n) 364 sc->sc_ht = !! (USB_GET_DRIVER_INFO(uaa) & RSU_HT_SUPPORTED); 365 366 /* Get number of endpoints / 367* iface = usbd_get_iface(sc->sc_udev, 0); 368 sc->sc_nendpoints = iface->idesc->bNumEndpoints; 369 370 /* Endpoints are hard-coded for now, so enforce 4-endpoint only / 371* if (sc->sc_nendpoints != 4) { 372 device_printf(sc->sc_dev, 373 "the driver currently only supports 4-endpoint devices\n"); 374 return (ENXIO); 375 } 376 377 mtx_init(&sc->sc_mtx, device_get_nameunit(self), MTX_NETWORK_LOCK, 378 MTX_DEF); 379 TIMEOUT_TASK_INIT(taskqueue_thread, &sc->calib_task, 0, 380 rsu_calib_task, sc); 381 mbufq_init(&sc->sc_snd, ifqmaxlen); 382 383 /* Allocate Tx/Rx buffers. / 384* error = rsu_alloc_rx_list(sc); 385 if (error != 0) { 386 device_printf(sc->sc_dev, "could not allocate Rx buffers\n"); 387 goto fail_usb; 388 } 389 390 error = rsu_alloc_tx_list(sc); 391 if (error != 0) { 392 device_printf(sc->sc_dev, "could not allocate Tx buffers\n"); 393 rsu_free_rx_list(sc); 394 goto fail_usb; 395 } 396 397 iface_index = 0; 398 error = usbd_transfer_setup(uaa->device, &iface_index, sc->sc_xfer, 399 rsu_config, RSU_N_TRANSFER, sc, &sc->sc_mtx); 400 if (error) { 401 device_printf(sc->sc_dev, 402 "could not allocate USB transfers, err=%s\n", 403 usbd_errstr(error)); 404 goto fail_usb; 405 } 406 RSU_LOCK(sc); 407 /* Read chip revision. / 408* sc->cut = MS(rsu_read_4(sc, R92S_PMC_FSM), R92S_PMC_FSM_CUT); 409 if (sc->cut != 3) 410 sc->cut = (sc->cut >> 1) + 1; 411 error = rsu_read_rom(sc); 412 RSU_UNLOCK(sc); 413 if (error != 0) { 414 device_printf(self, "could not read ROM\n"); 415 goto fail_rom; 416 } 417 IEEE80211_ADDR_COPY(ic->ic_macaddr, &sc->rom[0x12]); 418 device_printf(self, "MAC/BB RTL8712 cut %d\n", sc->cut); 419 420 ic->ic_softc = sc; 421 ic->ic_name = device_get_nameunit(self); 422 ic->ic_phytype = IEEE80211_T_OFDM; /* Not only, but not used. / 423* ic->ic_opmode = IEEE80211_M_STA; /* Default to BSS mode. / 424* 425 /* Set device capabilities. / 426* ic->ic_caps = 427 IEEE80211_C_STA \| /* station mode / 428#if 0 429* IEEE80211_C_BGSCAN \| /* Background scan. / 430#endif 431* IEEE80211_C_SHPREAMBLE \| /* Short preamble supported. / 432* IEEE80211_C_WME \| /* WME/QoS / 433* IEEE80211_C_SHSLOT \| /* Short slot time supported. / 434* IEEE80211_C_WPA; /* WPA/RSN. / 435* 436 /* Check if HT support is present. / 437* if (sc->sc_ht) { 438 device_printf(sc->sc_dev, "%s: enabling 11n\n", __func__); 439 440 /* Enable basic HT / 441* ic->ic_htcaps = IEEE80211_HTC_HT \| 442 IEEE80211_HTC_AMPDU \| 443 IEEE80211_HTC_AMSDU \| 444 IEEE80211_HTCAP_MAXAMSDU_3839 \| 445 IEEE80211_HTCAP_SMPS_OFF; 446 447 ic->ic_htcaps \|= IEEE80211_HTCAP_CHWIDTH40; 448 449 /* set number of spatial streams / 450* ic->ic_txstream = 1; 451 ic->ic_rxstream = 1; 452 } 453 454 /* Set supported .11b and .11g rates. / 455* bands = 0; 456 setbit(&bands, IEEE80211_MODE_11B); 457 setbit(&bands, IEEE80211_MODE_11G); 458 if (sc->sc_ht) 459 setbit(&bands, IEEE80211_MODE_11NG); 460 ieee80211_init_channels(ic, NULL, &bands); 461 462 ieee80211_ifattach(ic); 463 ic->ic_raw_xmit = rsu_raw_xmit; 464 ic->ic_scan_start = rsu_scan_start; 465 ic->ic_scan_end = rsu_scan_end; 466 ic->ic_set_channel = rsu_set_channel; 467 ic->ic_vap_create = rsu_vap_create; 468 ic->ic_vap_delete = rsu_vap_delete; 469 ic->ic_update_mcast = rsu_update_mcast; 470 ic->ic_parent = rsu_parent; 471 ic->ic_transmit = rsu_transmit; 472 ic->ic_send_mgmt = rsu_send_mgmt; 473 ic->ic_update_chw = rsu_update_chw; 474 ic->ic_ampdu_enable = rsu_ampdu_enable; 475 ic->ic_wme.wme_update = rsu_wme_update; 476 477 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr, 478 sizeof(sc->sc_txtap), RSU_TX_RADIOTAP_PRESENT, 479 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 480 RSU_RX_RADIOTAP_PRESENT); 481 482 if (bootverbose) 483 ieee80211_announce(ic); 484 485 return (0); 486 487fail_rom: 488 usbd_transfer_unsetup(sc->sc_xfer, RSU_N_TRANSFER); 489fail_usb: 490 mtx_destroy(&sc->sc_mtx); 491 return (ENXIO); 492} 493 494static int 495rsu_detach(device_t self) 496{ 497 struct rsu_softc sc = device_get_softc(self); 498* struct ieee80211com ic = &sc->sc_ic; 499* 500 RSU_LOCK(sc); 501 rsu_stop(sc); 502 RSU_UNLOCK(sc); 503 usbd_transfer_unsetup(sc->sc_xfer, RSU_N_TRANSFER); 504 ieee80211_ifdetach(ic); 505 506 taskqueue_drain_timeout(taskqueue_thread, &sc->calib_task); 507 508 /* Free Tx/Rx buffers. / 509* rsu_free_tx_list(sc); 510 rsu_free_rx_list(sc); 511 512 mbufq_drain(&sc->sc_snd); 513 mtx_destroy(&sc->sc_mtx); 514 515 return (0); 516} 517 518static usb_error_t 519rsu_do_request(struct rsu_softc sc, struct usb_device_request req, 520 void data) 521{ 522* usb_error_t err; 523 int ntries = 10; 524 525 RSU_ASSERT_LOCKED(sc); 526 527 while (ntries--) { 528 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 529 req, data, 0, NULL, 250 /* ms /); 530* if (err == 0 \|\| err == USB_ERR_NOT_CONFIGURED) 531 break; 532 DPRINTFN(1, "Control request failed, %s (retrying)\n", 533 usbd_errstr(err)); 534 rsu_ms_delay(sc, 10); 535 } 536 537 return (err); 538} 539 540static struct ieee80211vap * 541rsu_vap_create(struct ieee80211com ic, const char name[IFNAMSIZ], int unit, 542* enum ieee80211_opmode opmode, int flags, 543 const uint8_t bssid[IEEE80211_ADDR_LEN], 544 const uint8_t mac[IEEE80211_ADDR_LEN]) 545{ 546 struct rsu_vap uvp; 547* struct ieee80211vap vap; 548* 549 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time / 550* return (NULL); 551 552 uvp = malloc(sizeof(struct rsu_vap), M_80211_VAP, M_WAITOK \| M_ZERO); 553 vap = &uvp->vap; 554 555 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 556 flags, bssid) != 0) { 557 /* out of memory / 558* free(uvp, M_80211_VAP); 559 return (NULL); 560 } 561 562 /* override state transition machine / 563* uvp->newstate = vap->iv_newstate; 564 vap->iv_newstate = rsu_newstate; 565	20 21/* 22 * Driver for Realtek RTL8188SU/RTL8191SU/RTL8192SU. 23 * 24 * TODO: 25 * o 11n support 26 * o h/w crypto 27 * o hostap / ibss / mesh 28 / 29 30#include <sys/param.h> 31#include <sys/endian.h> 32#include <sys/sockio.h> 33#include <sys/mbuf.h> 34#include <sys/kernel.h> 35#include <sys/socket.h> 36#include <sys/systm.h> 37#include <sys/conf.h> 38#include <sys/bus.h> 39#include <sys/rman.h> 40#include <sys/firmware.h> 41#include <sys/module.h> 42 43#include <machine/bus.h> 44#include <machine/resource.h> 45 46#include <net/bpf.h> 47#include <net/if.h> 48#include <net/if_var.h> 49#include <net/if_arp.h> 50#include <net/if_dl.h> 51#include <net/if_media.h> 52#include <net/if_types.h> 53 54#include <netinet/in.h> 55#include <netinet/in_systm.h> 56#include <netinet/in_var.h> 57#include <netinet/if_ether.h> 58#include <netinet/ip.h> 59 60#include <net80211/ieee80211_var.h> 61#include <net80211/ieee80211_regdomain.h> 62#include <net80211/ieee80211_radiotap.h> 63 64#include <dev/usb/usb.h> 65#include <dev/usb/usbdi.h> 66#include "usbdevs.h" 67 68#define USB_DEBUG_VAR rsu_debug 69#include <dev/usb/usb_debug.h> 70 71#include <dev/usb/wlan/if_rsureg.h> 72 73#ifdef USB_DEBUG 74static int rsu_debug = 0; 75SYSCTL_NODE(_hw_usb, OID_AUTO, rsu, CTLFLAG_RW, 0, "USB rsu"); 76SYSCTL_INT(_hw_usb_rsu, OID_AUTO, debug, CTLFLAG_RWTUN, &rsu_debug, 0, 77 "Debug level"); 78#define RSU_DPRINTF(_sc, _flg, ...) \ 79 do \ 80 if (((_flg) == (RSU_DEBUG_ANY)) \|\| (rsu_debug & (_flg))) \ 81 device_printf((_sc)->sc_dev, __VA_ARGS__); \ 82 while (0) 83#else 84#define RSU_DPRINTF(_sc, _flg, ...) 85#endif 86 87static int rsu_enable_11n = 0; 88TUNABLE_INT("hw.usb.rsu.enable_11n", &rsu_enable_11n); 89 90#define RSU_DEBUG_ANY 0xffffffff 91#define RSU_DEBUG_TX 0x00000001 92#define RSU_DEBUG_RX 0x00000002 93#define RSU_DEBUG_RESET 0x00000004 94#define RSU_DEBUG_CALIB 0x00000008 95#define RSU_DEBUG_STATE 0x00000010 96#define RSU_DEBUG_SCAN 0x00000020 97#define RSU_DEBUG_FWCMD 0x00000040 98#define RSU_DEBUG_TXDONE 0x00000080 99#define RSU_DEBUG_FW 0x00000100 100#define RSU_DEBUG_FWDBG 0x00000200 101* 102static const STRUCT_USB_HOST_ID rsu_devs[] = { 103#define RSU_HT_NOT_SUPPORTED 0 104#define RSU_HT_SUPPORTED 1 105#define RSU_DEV_HT(v,p) { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, \ 106 RSU_HT_SUPPORTED) } 107#define RSU_DEV(v,p) { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, \ 108 RSU_HT_NOT_SUPPORTED) } 109 RSU_DEV(ASUS, RTL8192SU), 110 RSU_DEV(AZUREWAVE, RTL8192SU_4), 111 RSU_DEV_HT(ACCTON, RTL8192SU), 112 RSU_DEV_HT(ASUS, USBN10), 113 RSU_DEV_HT(AZUREWAVE, RTL8192SU_1), 114 RSU_DEV_HT(AZUREWAVE, RTL8192SU_2), 115 RSU_DEV_HT(AZUREWAVE, RTL8192SU_3), 116 RSU_DEV_HT(AZUREWAVE, RTL8192SU_5), 117 RSU_DEV_HT(BELKIN, RTL8192SU_1), 118 RSU_DEV_HT(BELKIN, RTL8192SU_2), 119 RSU_DEV_HT(BELKIN, RTL8192SU_3), 120 RSU_DEV_HT(CONCEPTRONIC2, RTL8192SU_1), 121 RSU_DEV_HT(CONCEPTRONIC2, RTL8192SU_2), 122 RSU_DEV_HT(CONCEPTRONIC2, RTL8192SU_3), 123 RSU_DEV_HT(COREGA, RTL8192SU), 124 RSU_DEV_HT(DLINK2, DWA131A1), 125 RSU_DEV_HT(DLINK2, RTL8192SU_1), 126 RSU_DEV_HT(DLINK2, RTL8192SU_2), 127 RSU_DEV_HT(EDIMAX, RTL8192SU_1), 128 RSU_DEV_HT(EDIMAX, RTL8192SU_2), 129 RSU_DEV_HT(EDIMAX, EW7622UMN), 130 RSU_DEV_HT(GUILLEMOT, HWGUN54), 131 RSU_DEV_HT(GUILLEMOT, HWNUM300), 132 RSU_DEV_HT(HAWKING, RTL8192SU_1), 133 RSU_DEV_HT(HAWKING, RTL8192SU_2), 134 RSU_DEV_HT(PLANEX2, GWUSNANO), 135 RSU_DEV_HT(REALTEK, RTL8171), 136 RSU_DEV_HT(REALTEK, RTL8172), 137 RSU_DEV_HT(REALTEK, RTL8173), 138 RSU_DEV_HT(REALTEK, RTL8174), 139 RSU_DEV_HT(REALTEK, RTL8192SU), 140 RSU_DEV_HT(REALTEK, RTL8712), 141 RSU_DEV_HT(REALTEK, RTL8713), 142 RSU_DEV_HT(SENAO, RTL8192SU_1), 143 RSU_DEV_HT(SENAO, RTL8192SU_2), 144 RSU_DEV_HT(SITECOMEU, WL349V1), 145 RSU_DEV_HT(SITECOMEU, WL353), 146 RSU_DEV_HT(SWEEX2, LW154), 147 RSU_DEV_HT(TRENDNET, TEW646UBH), 148#undef RSU_DEV_HT 149#undef RSU_DEV 150}; 151 152static device_probe_t rsu_match; 153static device_attach_t rsu_attach; 154static device_detach_t rsu_detach; 155static usb_callback_t rsu_bulk_tx_callback_be_bk; 156static usb_callback_t rsu_bulk_tx_callback_vi_vo; 157static usb_callback_t rsu_bulk_tx_callback_h2c; 158static usb_callback_t rsu_bulk_rx_callback; 159static usb_error_t rsu_do_request(struct rsu_softc , 160* struct usb_device_request , void ); 161static struct ieee80211vap * 162 rsu_vap_create(struct ieee80211com , const char name[], 163* int, enum ieee80211_opmode, int, const uint8_t bssid[], 164 const uint8_t mac[]); 165static void rsu_vap_delete(struct ieee80211vap ); 166static void rsu_scan_start(struct ieee80211com ); 167static void rsu_scan_end(struct ieee80211com ); 168static void rsu_set_channel(struct ieee80211com ); 169static void rsu_update_mcast(struct ieee80211com ); 170static int rsu_alloc_rx_list(struct rsu_softc ); 171static void rsu_free_rx_list(struct rsu_softc ); 172static int rsu_alloc_tx_list(struct rsu_softc ); 173static void rsu_free_tx_list(struct rsu_softc ); 174static void rsu_free_list(struct rsu_softc , struct rsu_data [], int); 175static struct rsu_data _rsu_getbuf(struct rsu_softc ); 176static struct rsu_data rsu_getbuf(struct rsu_softc ); 177static int rsu_write_region_1(struct rsu_softc , uint16_t, uint8_t , 178 int); 179static void rsu_write_1(struct rsu_softc , uint16_t, uint8_t); 180static void rsu_write_2(struct rsu_softc , uint16_t, uint16_t); 181static void rsu_write_4(struct rsu_softc , uint16_t, uint32_t); 182static int rsu_read_region_1(struct rsu_softc , uint16_t, uint8_t , 183* int); 184static uint8_t rsu_read_1(struct rsu_softc , uint16_t); 185static uint16_t rsu_read_2(struct rsu_softc , uint16_t); 186static uint32_t rsu_read_4(struct rsu_softc , uint16_t); 187static int rsu_fw_iocmd(struct rsu_softc , uint32_t); 188static uint8_t rsu_efuse_read_1(struct rsu_softc , uint16_t); 189static int rsu_read_rom(struct rsu_softc ); 190static int rsu_fw_cmd(struct rsu_softc , uint8_t, void , int); 191static void rsu_calib_task(void , int); 192static int rsu_newstate(struct ieee80211vap , enum ieee80211_state, int); 193#ifdef notyet 194static void rsu_set_key(struct rsu_softc , const struct ieee80211_key ); 195static void rsu_delete_key(struct rsu_softc , const struct ieee80211_key ); 196#endif 197static int rsu_site_survey(struct rsu_softc , struct ieee80211vap ); 198static int rsu_join_bss(struct rsu_softc , struct ieee80211_node ); 199static int rsu_disconnect(struct rsu_softc ); 200static void rsu_event_survey(struct rsu_softc , uint8_t , int); 201static void rsu_event_join_bss(struct rsu_softc , uint8_t , int); 202static void rsu_rx_event(struct rsu_softc , uint8_t, uint8_t , int); 203static void rsu_rx_multi_event(struct rsu_softc , uint8_t , int); 204static int8_t rsu_get_rssi(struct rsu_softc , int, void ); 205static struct mbuf 206 rsu_rx_frame(struct rsu_softc , uint8_t , int, int ); 207static struct mbuf 208 rsu_rx_multi_frame(struct rsu_softc , uint8_t , int, int ); 209static struct mbuf 210 rsu_rxeof(struct usb_xfer , struct rsu_data , int ); 211static void rsu_txeof(struct usb_xfer , struct rsu_data ); 212static int rsu_raw_xmit(struct ieee80211_node , struct mbuf , 213* const struct ieee80211_bpf_params ); 214static void rsu_init(struct rsu_softc ); 215static int rsu_tx_start(struct rsu_softc , struct ieee80211_node , 216 struct mbuf , struct rsu_data ); 217static int rsu_transmit(struct ieee80211com , struct mbuf ); 218static void rsu_start(struct rsu_softc ); 219static void rsu_parent(struct ieee80211com ); 220static void rsu_stop(struct rsu_softc ); 221static void rsu_ms_delay(struct rsu_softc , int); 222 223static device_method_t rsu_methods[] = { 224 DEVMETHOD(device_probe, rsu_match), 225 DEVMETHOD(device_attach, rsu_attach), 226 DEVMETHOD(device_detach, rsu_detach), 227 228 DEVMETHOD_END 229}; 230 231static driver_t rsu_driver = { 232 .name = "rsu", 233 .methods = rsu_methods, 234 .size = sizeof(struct rsu_softc) 235}; 236 237static devclass_t rsu_devclass; 238 239DRIVER_MODULE(rsu, uhub, rsu_driver, rsu_devclass, NULL, 0); 240MODULE_DEPEND(rsu, wlan, 1, 1, 1); 241MODULE_DEPEND(rsu, usb, 1, 1, 1); 242MODULE_DEPEND(rsu, firmware, 1, 1, 1); 243MODULE_VERSION(rsu, 1); 244 245static uint8_t rsu_wme_ac_xfer_map[4] = { 246 [WME_AC_BE] = RSU_BULK_TX_BE_BK, 247 [WME_AC_BK] = RSU_BULK_TX_BE_BK, 248 [WME_AC_VI] = RSU_BULK_TX_VI_VO, 249 [WME_AC_VO] = RSU_BULK_TX_VI_VO, 250}; 251 252/* XXX hard-coded / 253#define RSU_H2C_ENDPOINT 3 254* 255static const struct usb_config rsu_config[RSU_N_TRANSFER] = { 256 [RSU_BULK_RX] = { 257 .type = UE_BULK, 258 .endpoint = UE_ADDR_ANY, 259 .direction = UE_DIR_IN, 260 .bufsize = RSU_RXBUFSZ, 261 .flags = { 262 .pipe_bof = 1, 263 .short_xfer_ok = 1 264 }, 265 .callback = rsu_bulk_rx_callback 266 }, 267 [RSU_BULK_TX_BE_BK] = { 268 .type = UE_BULK, 269 .endpoint = 0x06, 270 .direction = UE_DIR_OUT, 271 .bufsize = RSU_TXBUFSZ, 272 .flags = { 273 .ext_buffer = 1, 274 .pipe_bof = 1, 275 .force_short_xfer = 1 276 }, 277 .callback = rsu_bulk_tx_callback_be_bk, 278 .timeout = RSU_TX_TIMEOUT 279 }, 280 [RSU_BULK_TX_VI_VO] = { 281 .type = UE_BULK, 282 .endpoint = 0x04, 283 .direction = UE_DIR_OUT, 284 .bufsize = RSU_TXBUFSZ, 285 .flags = { 286 .ext_buffer = 1, 287 .pipe_bof = 1, 288 .force_short_xfer = 1 289 }, 290 .callback = rsu_bulk_tx_callback_vi_vo, 291 .timeout = RSU_TX_TIMEOUT 292 }, 293 [RSU_BULK_TX_H2C] = { 294 .type = UE_BULK, 295 .endpoint = 0x0d, 296 .direction = UE_DIR_OUT, 297 .bufsize = RSU_TXBUFSZ, 298 .flags = { 299 .ext_buffer = 1, 300 .pipe_bof = 1, 301 .short_xfer_ok = 1 302 }, 303 .callback = rsu_bulk_tx_callback_h2c, 304 .timeout = RSU_TX_TIMEOUT 305 }, 306}; 307 308static int 309rsu_match(device_t self) 310{ 311 struct usb_attach_arg uaa = device_get_ivars(self); 312* 313 if (uaa->usb_mode != USB_MODE_HOST \|\| 314 uaa->info.bIfaceIndex != 0 \|\| 315 uaa->info.bConfigIndex != 0) 316 return (ENXIO); 317 318 return (usbd_lookup_id_by_uaa(rsu_devs, sizeof(rsu_devs), uaa)); 319} 320 321static int 322rsu_send_mgmt(struct ieee80211_node ni, int type, int arg) 323{ 324* 325 return (ENOTSUP); 326} 327 328static void 329rsu_update_chw(struct ieee80211com ic) 330{ 331* 332} 333 334static int 335rsu_ampdu_enable(struct ieee80211_node ni, struct ieee80211_tx_ampdu tap) 336{ 337 338 /* Firmware handles this; not our problem / 339* return (0); 340} 341 342static int 343rsu_wme_update(struct ieee80211com ic) 344{ 345* 346 /* Firmware handles this; not our problem / 347* return (0); 348} 349 350static int 351rsu_attach(device_t self) 352{ 353 struct usb_attach_arg uaa = device_get_ivars(self); 354* struct rsu_softc sc = device_get_softc(self); 355* struct ieee80211com ic = &sc->sc_ic; 356* int error; 357 uint8_t iface_index, bands; 358 struct usb_interface iface; 359* 360 device_set_usb_desc(self); 361 sc->sc_udev = uaa->device; 362 sc->sc_dev = self; 363 if (rsu_enable_11n) 364 sc->sc_ht = !! (USB_GET_DRIVER_INFO(uaa) & RSU_HT_SUPPORTED); 365 366 /* Get number of endpoints / 367* iface = usbd_get_iface(sc->sc_udev, 0); 368 sc->sc_nendpoints = iface->idesc->bNumEndpoints; 369 370 /* Endpoints are hard-coded for now, so enforce 4-endpoint only / 371* if (sc->sc_nendpoints != 4) { 372 device_printf(sc->sc_dev, 373 "the driver currently only supports 4-endpoint devices\n"); 374 return (ENXIO); 375 } 376 377 mtx_init(&sc->sc_mtx, device_get_nameunit(self), MTX_NETWORK_LOCK, 378 MTX_DEF); 379 TIMEOUT_TASK_INIT(taskqueue_thread, &sc->calib_task, 0, 380 rsu_calib_task, sc); 381 mbufq_init(&sc->sc_snd, ifqmaxlen); 382 383 /* Allocate Tx/Rx buffers. / 384* error = rsu_alloc_rx_list(sc); 385 if (error != 0) { 386 device_printf(sc->sc_dev, "could not allocate Rx buffers\n"); 387 goto fail_usb; 388 } 389 390 error = rsu_alloc_tx_list(sc); 391 if (error != 0) { 392 device_printf(sc->sc_dev, "could not allocate Tx buffers\n"); 393 rsu_free_rx_list(sc); 394 goto fail_usb; 395 } 396 397 iface_index = 0; 398 error = usbd_transfer_setup(uaa->device, &iface_index, sc->sc_xfer, 399 rsu_config, RSU_N_TRANSFER, sc, &sc->sc_mtx); 400 if (error) { 401 device_printf(sc->sc_dev, 402 "could not allocate USB transfers, err=%s\n", 403 usbd_errstr(error)); 404 goto fail_usb; 405 } 406 RSU_LOCK(sc); 407 /* Read chip revision. / 408* sc->cut = MS(rsu_read_4(sc, R92S_PMC_FSM), R92S_PMC_FSM_CUT); 409 if (sc->cut != 3) 410 sc->cut = (sc->cut >> 1) + 1; 411 error = rsu_read_rom(sc); 412 RSU_UNLOCK(sc); 413 if (error != 0) { 414 device_printf(self, "could not read ROM\n"); 415 goto fail_rom; 416 } 417 IEEE80211_ADDR_COPY(ic->ic_macaddr, &sc->rom[0x12]); 418 device_printf(self, "MAC/BB RTL8712 cut %d\n", sc->cut); 419 420 ic->ic_softc = sc; 421 ic->ic_name = device_get_nameunit(self); 422 ic->ic_phytype = IEEE80211_T_OFDM; /* Not only, but not used. / 423* ic->ic_opmode = IEEE80211_M_STA; /* Default to BSS mode. / 424* 425 /* Set device capabilities. / 426* ic->ic_caps = 427 IEEE80211_C_STA \| /* station mode / 428#if 0 429* IEEE80211_C_BGSCAN \| /* Background scan. / 430#endif 431* IEEE80211_C_SHPREAMBLE \| /* Short preamble supported. / 432* IEEE80211_C_WME \| /* WME/QoS / 433* IEEE80211_C_SHSLOT \| /* Short slot time supported. / 434* IEEE80211_C_WPA; /* WPA/RSN. / 435* 436 /* Check if HT support is present. / 437* if (sc->sc_ht) { 438 device_printf(sc->sc_dev, "%s: enabling 11n\n", __func__); 439 440 /* Enable basic HT / 441* ic->ic_htcaps = IEEE80211_HTC_HT \| 442 IEEE80211_HTC_AMPDU \| 443 IEEE80211_HTC_AMSDU \| 444 IEEE80211_HTCAP_MAXAMSDU_3839 \| 445 IEEE80211_HTCAP_SMPS_OFF; 446 447 ic->ic_htcaps \|= IEEE80211_HTCAP_CHWIDTH40; 448 449 /* set number of spatial streams / 450* ic->ic_txstream = 1; 451 ic->ic_rxstream = 1; 452 } 453 454 /* Set supported .11b and .11g rates. / 455* bands = 0; 456 setbit(&bands, IEEE80211_MODE_11B); 457 setbit(&bands, IEEE80211_MODE_11G); 458 if (sc->sc_ht) 459 setbit(&bands, IEEE80211_MODE_11NG); 460 ieee80211_init_channels(ic, NULL, &bands); 461 462 ieee80211_ifattach(ic); 463 ic->ic_raw_xmit = rsu_raw_xmit; 464 ic->ic_scan_start = rsu_scan_start; 465 ic->ic_scan_end = rsu_scan_end; 466 ic->ic_set_channel = rsu_set_channel; 467 ic->ic_vap_create = rsu_vap_create; 468 ic->ic_vap_delete = rsu_vap_delete; 469 ic->ic_update_mcast = rsu_update_mcast; 470 ic->ic_parent = rsu_parent; 471 ic->ic_transmit = rsu_transmit; 472 ic->ic_send_mgmt = rsu_send_mgmt; 473 ic->ic_update_chw = rsu_update_chw; 474 ic->ic_ampdu_enable = rsu_ampdu_enable; 475 ic->ic_wme.wme_update = rsu_wme_update; 476 477 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr, 478 sizeof(sc->sc_txtap), RSU_TX_RADIOTAP_PRESENT, 479 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 480 RSU_RX_RADIOTAP_PRESENT); 481 482 if (bootverbose) 483 ieee80211_announce(ic); 484 485 return (0); 486 487fail_rom: 488 usbd_transfer_unsetup(sc->sc_xfer, RSU_N_TRANSFER); 489fail_usb: 490 mtx_destroy(&sc->sc_mtx); 491 return (ENXIO); 492} 493 494static int 495rsu_detach(device_t self) 496{ 497 struct rsu_softc sc = device_get_softc(self); 498* struct ieee80211com ic = &sc->sc_ic; 499* 500 RSU_LOCK(sc); 501 rsu_stop(sc); 502 RSU_UNLOCK(sc); 503 usbd_transfer_unsetup(sc->sc_xfer, RSU_N_TRANSFER); 504 ieee80211_ifdetach(ic); 505 506 taskqueue_drain_timeout(taskqueue_thread, &sc->calib_task); 507 508 /* Free Tx/Rx buffers. / 509* rsu_free_tx_list(sc); 510 rsu_free_rx_list(sc); 511 512 mbufq_drain(&sc->sc_snd); 513 mtx_destroy(&sc->sc_mtx); 514 515 return (0); 516} 517 518static usb_error_t 519rsu_do_request(struct rsu_softc sc, struct usb_device_request req, 520 void data) 521{ 522* usb_error_t err; 523 int ntries = 10; 524 525 RSU_ASSERT_LOCKED(sc); 526 527 while (ntries--) { 528 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 529 req, data, 0, NULL, 250 /* ms /); 530* if (err == 0 \|\| err == USB_ERR_NOT_CONFIGURED) 531 break; 532 DPRINTFN(1, "Control request failed, %s (retrying)\n", 533 usbd_errstr(err)); 534 rsu_ms_delay(sc, 10); 535 } 536 537 return (err); 538} 539 540static struct ieee80211vap * 541rsu_vap_create(struct ieee80211com ic, const char name[IFNAMSIZ], int unit, 542* enum ieee80211_opmode opmode, int flags, 543 const uint8_t bssid[IEEE80211_ADDR_LEN], 544 const uint8_t mac[IEEE80211_ADDR_LEN]) 545{ 546 struct rsu_vap uvp; 547* struct ieee80211vap vap; 548* 549 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time / 550* return (NULL); 551 552 uvp = malloc(sizeof(struct rsu_vap), M_80211_VAP, M_WAITOK \| M_ZERO); 553 vap = &uvp->vap; 554 555 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 556 flags, bssid) != 0) { 557 /* out of memory / 558* free(uvp, M_80211_VAP); 559 return (NULL); 560 } 561 562 /* override state transition machine / 563* uvp->newstate = vap->iv_newstate; 564 vap->iv_newstate = rsu_newstate; 565
	566 /* Limits from the r92su driver / 567* vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_16; 568 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_32K; 569
566 /* complete setup / 567* ieee80211_vap_attach(vap, ieee80211_media_change, 568 ieee80211_media_status, mac); 569 ic->ic_opmode = opmode; 570 571 return (vap); 572} 573 574static void 575rsu_vap_delete(struct ieee80211vap vap) 576{ 577* struct rsu_vap uvp = RSU_VAP(vap); 578* 579 ieee80211_vap_detach(vap); 580 free(uvp, M_80211_VAP); 581} 582 583static void 584rsu_scan_start(struct ieee80211com ic) 585{ 586* struct rsu_softc sc = ic->ic_softc; 587* int error; 588 589 /* Scanning is done by the firmware. / 590* RSU_LOCK(sc); 591 error = rsu_site_survey(sc, TAILQ_FIRST(&ic->ic_vaps)); 592 RSU_UNLOCK(sc); 593 if (error != 0) 594 device_printf(sc->sc_dev, 595 "could not send site survey command\n"); 596} 597 598static void 599rsu_scan_end(struct ieee80211com ic) 600{ 601* /* Nothing to do here. / 602} 603* 604static void 605rsu_set_channel(struct ieee80211com ic __unused) 606{ 607* /* We are unable to switch channels, yet. / 608} 609* 610static void 611rsu_update_mcast(struct ieee80211com ic) 612{ 613* /* XXX do nothing? / 614} 615* 616static int 617rsu_alloc_list(struct rsu_softc sc, struct rsu_data data[], 618* int ndata, int maxsz) 619{ 620 int i, error; 621 622 for (i = 0; i < ndata; i++) { 623 struct rsu_data dp = &data[i]; 624* dp->sc = sc; 625 dp->m = NULL; 626 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT); 627 if (dp->buf == NULL) { 628 device_printf(sc->sc_dev, 629 "could not allocate buffer\n"); 630 error = ENOMEM; 631 goto fail; 632 } 633 dp->ni = NULL; 634 } 635 636 return (0); 637fail: 638 rsu_free_list(sc, data, ndata); 639 return (error); 640} 641 642static int 643rsu_alloc_rx_list(struct rsu_softc sc) 644{ 645* int error, i; 646 647 error = rsu_alloc_list(sc, sc->sc_rx, RSU_RX_LIST_COUNT, 648 RSU_RXBUFSZ); 649 if (error != 0) 650 return (error); 651 652 STAILQ_INIT(&sc->sc_rx_active); 653 STAILQ_INIT(&sc->sc_rx_inactive); 654 655 for (i = 0; i < RSU_RX_LIST_COUNT; i++) 656 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next); 657 658 return (0); 659} 660 661static int 662rsu_alloc_tx_list(struct rsu_softc sc) 663{ 664* int error, i; 665 666 error = rsu_alloc_list(sc, sc->sc_tx, RSU_TX_LIST_COUNT, 667 RSU_TXBUFSZ); 668 if (error != 0) 669 return (error); 670 671 STAILQ_INIT(&sc->sc_tx_inactive); 672 673 for (i = 0; i != RSU_N_TRANSFER; i++) { 674 STAILQ_INIT(&sc->sc_tx_active[i]); 675 STAILQ_INIT(&sc->sc_tx_pending[i]); 676 } 677 678 for (i = 0; i < RSU_TX_LIST_COUNT; i++) { 679 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next); 680 } 681 682 return (0); 683} 684 685static void 686rsu_free_tx_list(struct rsu_softc sc) 687{ 688* int i; 689 690 /* prevent further allocations from TX list(s) / 691* STAILQ_INIT(&sc->sc_tx_inactive); 692 693 for (i = 0; i != RSU_N_TRANSFER; i++) { 694 STAILQ_INIT(&sc->sc_tx_active[i]); 695 STAILQ_INIT(&sc->sc_tx_pending[i]); 696 } 697 698 rsu_free_list(sc, sc->sc_tx, RSU_TX_LIST_COUNT); 699} 700 701static void 702rsu_free_rx_list(struct rsu_softc sc) 703{ 704* /* prevent further allocations from RX list(s) / 705* STAILQ_INIT(&sc->sc_rx_inactive); 706 STAILQ_INIT(&sc->sc_rx_active); 707 708 rsu_free_list(sc, sc->sc_rx, RSU_RX_LIST_COUNT); 709} 710 711static void 712rsu_free_list(struct rsu_softc sc, struct rsu_data data[], int ndata) 713{ 714* int i; 715 716 for (i = 0; i < ndata; i++) { 717 struct rsu_data dp = &data[i]; 718* 719 if (dp->buf != NULL) { 720 free(dp->buf, M_USBDEV); 721 dp->buf = NULL; 722 } 723 if (dp->ni != NULL) { 724 ieee80211_free_node(dp->ni); 725 dp->ni = NULL; 726 } 727 } 728} 729 730static struct rsu_data * 731_rsu_getbuf(struct rsu_softc sc) 732{ 733* struct rsu_data bf; 734* 735 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 736 if (bf != NULL) 737 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 738 else 739 bf = NULL; 740 if (bf == NULL) 741 DPRINTF("out of xmit buffers\n"); 742 return (bf); 743} 744 745static struct rsu_data * 746rsu_getbuf(struct rsu_softc sc) 747{ 748* struct rsu_data bf; 749* 750 RSU_ASSERT_LOCKED(sc); 751 752 bf = _rsu_getbuf(sc); 753 if (bf == NULL) 754 DPRINTF("stop queue\n"); 755 return (bf); 756} 757 758static int 759rsu_write_region_1(struct rsu_softc sc, uint16_t addr, uint8_t buf, 760 int len) 761{ 762 usb_device_request_t req; 763 764 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 765 req.bRequest = R92S_REQ_REGS; 766 USETW(req.wValue, addr); 767 USETW(req.wIndex, 0); 768 USETW(req.wLength, len); 769 770 return (rsu_do_request(sc, &req, buf)); 771} 772 773static void 774rsu_write_1(struct rsu_softc sc, uint16_t addr, uint8_t val) 775{ 776* rsu_write_region_1(sc, addr, &val, 1); 777} 778 779static void 780rsu_write_2(struct rsu_softc sc, uint16_t addr, uint16_t val) 781{ 782* val = htole16(val); 783 rsu_write_region_1(sc, addr, (uint8_t )&val, 2); 784} 785* 786static void 787rsu_write_4(struct rsu_softc sc, uint16_t addr, uint32_t val) 788{ 789* val = htole32(val); 790 rsu_write_region_1(sc, addr, (uint8_t )&val, 4); 791} 792* 793static int 794rsu_read_region_1(struct rsu_softc sc, uint16_t addr, uint8_t buf, 795 int len) 796{ 797 usb_device_request_t req; 798 799 req.bmRequestType = UT_READ_VENDOR_DEVICE; 800 req.bRequest = R92S_REQ_REGS; 801 USETW(req.wValue, addr); 802 USETW(req.wIndex, 0); 803 USETW(req.wLength, len); 804 805 return (rsu_do_request(sc, &req, buf)); 806} 807 808static uint8_t 809rsu_read_1(struct rsu_softc sc, uint16_t addr) 810{ 811* uint8_t val; 812 813 if (rsu_read_region_1(sc, addr, &val, 1) != 0) 814 return (0xff); 815 return (val); 816} 817 818static uint16_t 819rsu_read_2(struct rsu_softc sc, uint16_t addr) 820{ 821* uint16_t val; 822 823 if (rsu_read_region_1(sc, addr, (uint8_t )&val, 2) != 0) 824* return (0xffff); 825 return (le16toh(val)); 826} 827 828static uint32_t 829rsu_read_4(struct rsu_softc sc, uint16_t addr) 830{ 831* uint32_t val; 832 833 if (rsu_read_region_1(sc, addr, (uint8_t )&val, 4) != 0) 834* return (0xffffffff); 835 return (le32toh(val)); 836} 837 838static int 839rsu_fw_iocmd(struct rsu_softc sc, uint32_t iocmd) 840{ 841* int ntries; 842 843 rsu_write_4(sc, R92S_IOCMD_CTRL, iocmd); 844 rsu_ms_delay(sc, 1); 845 for (ntries = 0; ntries < 50; ntries++) { 846 if (rsu_read_4(sc, R92S_IOCMD_CTRL) == 0) 847 return (0); 848 rsu_ms_delay(sc, 1); 849 } 850 return (ETIMEDOUT); 851} 852 853static uint8_t 854rsu_efuse_read_1(struct rsu_softc sc, uint16_t addr) 855{ 856* uint32_t reg; 857 int ntries; 858 859 reg = rsu_read_4(sc, R92S_EFUSE_CTRL); 860 reg = RW(reg, R92S_EFUSE_CTRL_ADDR, addr); 861 reg &= ~R92S_EFUSE_CTRL_VALID; 862 rsu_write_4(sc, R92S_EFUSE_CTRL, reg); 863 /* Wait for read operation to complete. / 864* for (ntries = 0; ntries < 100; ntries++) { 865 reg = rsu_read_4(sc, R92S_EFUSE_CTRL); 866 if (reg & R92S_EFUSE_CTRL_VALID) 867 return (MS(reg, R92S_EFUSE_CTRL_DATA)); 868 rsu_ms_delay(sc, 1); 869 } 870 device_printf(sc->sc_dev, 871 "could not read efuse byte at address 0x%x\n", addr); 872 return (0xff); 873} 874 875static int 876rsu_read_rom(struct rsu_softc sc) 877{ 878* uint8_t rom = sc->rom; 879* uint16_t addr = 0; 880 uint32_t reg; 881 uint8_t off, msk; 882 int i; 883 884 /* Make sure that ROM type is eFuse and that autoload succeeded. / 885* reg = rsu_read_1(sc, R92S_EE_9346CR); 886 if ((reg & (R92S_9356SEL \| R92S_EEPROM_EN)) != R92S_EEPROM_EN) 887 return (EIO); 888 889 /* Turn on 2.5V to prevent eFuse leakage. / 890* reg = rsu_read_1(sc, R92S_EFUSE_TEST + 3); 891 rsu_write_1(sc, R92S_EFUSE_TEST + 3, reg \| 0x80); 892 rsu_ms_delay(sc, 1); 893 rsu_write_1(sc, R92S_EFUSE_TEST + 3, reg & ~0x80); 894 895 /* Read full ROM image. / 896* memset(&sc->rom, 0xff, sizeof(sc->rom)); 897 while (addr < 512) { 898 reg = rsu_efuse_read_1(sc, addr); 899 if (reg == 0xff) 900 break; 901 addr++; 902 off = reg >> 4; 903 msk = reg & 0xf; 904 for (i = 0; i < 4; i++) { 905 if (msk & (1 << i)) 906 continue; 907 rom[off * 8 + i * 2 + 0] = 908 rsu_efuse_read_1(sc, addr); 909 addr++; 910 rom[off * 8 + i * 2 + 1] = 911 rsu_efuse_read_1(sc, addr); 912 addr++; 913 } 914 } 915#ifdef USB_DEBUG 916 if (rsu_debug >= 5) { 917 /* Dump ROM content. / 918* printf("\n"); 919 for (i = 0; i < sizeof(sc->rom); i++) 920 printf("%02x:", rom[i]); 921 printf("\n"); 922 } 923#endif 924 return (0); 925} 926 927static int 928rsu_fw_cmd(struct rsu_softc sc, uint8_t code, void buf, int len) 929{ 930 const uint8_t which = RSU_H2C_ENDPOINT; 931 struct rsu_data data; 932* struct r92s_tx_desc txd; 933* struct r92s_fw_cmd_hdr cmd; 934* int cmdsz; 935 int xferlen; 936 937 data = rsu_getbuf(sc); 938 if (data == NULL) 939 return (ENOMEM); 940 941 /* Round-up command length to a multiple of 8 bytes. / 942* cmdsz = (len + 7) & ~7; 943 944 xferlen = sizeof(txd) + sizeof(cmd) + cmdsz; 945 KASSERT(xferlen <= RSU_TXBUFSZ, ("%s: invalid length", __func__)); 946 memset(data->buf, 0, xferlen); 947 948 /* Setup Tx descriptor. / 949* txd = (struct r92s_tx_desc )data->buf; 950* txd->txdw0 = htole32( 951 SM(R92S_TXDW0_OFFSET, sizeof(txd)) \| 952* SM(R92S_TXDW0_PKTLEN, sizeof(cmd) + cmdsz) \| 953* R92S_TXDW0_OWN \| R92S_TXDW0_FSG \| R92S_TXDW0_LSG); 954 txd->txdw1 = htole32(SM(R92S_TXDW1_QSEL, R92S_TXDW1_QSEL_H2C)); 955 956 /* Setup command header. / 957* cmd = (struct r92s_fw_cmd_hdr )&txd[1]; 958* cmd->len = htole16(cmdsz); 959 cmd->code = code; 960 cmd->seq = sc->cmd_seq; 961 sc->cmd_seq = (sc->cmd_seq + 1) & 0x7f; 962 963 /* Copy command payload. / 964* memcpy(&cmd[1], buf, len); 965 966 RSU_DPRINTF(sc, RSU_DEBUG_TX \| RSU_DEBUG_FWCMD, 967 "%s: Tx cmd code=0x%x len=0x%x\n", 968 __func__, code, cmdsz); 969 data->buflen = xferlen; 970 STAILQ_INSERT_TAIL(&sc->sc_tx_pending[which], data, next); 971 usbd_transfer_start(sc->sc_xfer[which]); 972 973 return (0); 974} 975 976/* ARGSUSED / 977static void 978rsu_calib_task(void arg, int pending __unused) 979{ 980 struct rsu_softc sc = arg; 981* uint32_t reg; 982 983 RSU_DPRINTF(sc, RSU_DEBUG_CALIB, "%s: running calibration task\n", 984 __func__); 985 986 RSU_LOCK(sc); 987#ifdef notyet 988 /* Read WPS PBC status. / 989* rsu_write_1(sc, R92S_MAC_PINMUX_CTRL, 990 R92S_GPIOMUX_EN \| SM(R92S_GPIOSEL_GPIO, R92S_GPIOSEL_GPIO_JTAG)); 991 rsu_write_1(sc, R92S_GPIO_IO_SEL, 992 rsu_read_1(sc, R92S_GPIO_IO_SEL) & ~R92S_GPIO_WPS); 993 reg = rsu_read_1(sc, R92S_GPIO_CTRL); 994 if (reg != 0xff && (reg & R92S_GPIO_WPS)) 995 DPRINTF(("WPS PBC is pushed\n")); 996#endif 997 /* Read current signal level. / 998* if (rsu_fw_iocmd(sc, 0xf4000001) == 0) { 999 reg = rsu_read_4(sc, R92S_IOCMD_DATA); 1000 RSU_DPRINTF(sc, RSU_DEBUG_CALIB, "%s: RSSI=%d%%\n", 1001 __func__, reg >> 4); 1002 } 1003 if (sc->sc_calibrating) 1004 taskqueue_enqueue_timeout(taskqueue_thread, &sc->calib_task, hz); 1005 RSU_UNLOCK(sc); 1006} 1007 1008static int 1009rsu_newstate(struct ieee80211vap vap, enum ieee80211_state nstate, int arg) 1010{ 1011* struct rsu_vap uvp = RSU_VAP(vap); 1012* struct ieee80211com ic = vap->iv_ic; 1013* struct rsu_softc sc = ic->ic_softc; 1014* struct ieee80211_node ni; 1015* struct ieee80211_rateset rs; 1016* enum ieee80211_state ostate; 1017 int error, startcal = 0; 1018 1019 ostate = vap->iv_state; 1020 RSU_DPRINTF(sc, RSU_DEBUG_STATE, "%s: %s -> %s\n", 1021 __func__, 1022 ieee80211_state_name[ostate], 1023 ieee80211_state_name[nstate]); 1024 1025 IEEE80211_UNLOCK(ic); 1026 if (ostate == IEEE80211_S_RUN) { 1027 RSU_LOCK(sc); 1028 /* Stop calibration. / 1029* sc->sc_calibrating = 0; 1030 RSU_UNLOCK(sc); 1031 taskqueue_drain_timeout(taskqueue_thread, &sc->calib_task); 1032 /* Disassociate from our current BSS. / 1033* RSU_LOCK(sc); 1034 rsu_disconnect(sc); 1035 } else 1036 RSU_LOCK(sc); 1037 switch (nstate) { 1038 case IEEE80211_S_INIT: 1039 break; 1040 case IEEE80211_S_AUTH: 1041 ni = ieee80211_ref_node(vap->iv_bss); 1042 error = rsu_join_bss(sc, ni); 1043 ieee80211_free_node(ni); 1044 if (error != 0) { 1045 device_printf(sc->sc_dev, 1046 "could not send join command\n"); 1047 } 1048 break; 1049 case IEEE80211_S_RUN: 1050 ni = ieee80211_ref_node(vap->iv_bss); 1051 rs = &ni->ni_rates; 1052 /* Indicate highest supported rate. / 1053* ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1]; 1054 ieee80211_free_node(ni); 1055 startcal = 1; 1056 break; 1057 default: 1058 break; 1059 } 1060 sc->sc_calibrating = 1; 1061 /* Start periodic calibration. / 1062* taskqueue_enqueue_timeout(taskqueue_thread, &sc->calib_task, hz); 1063 RSU_UNLOCK(sc); 1064 IEEE80211_LOCK(ic); 1065 return (uvp->newstate(vap, nstate, arg)); 1066} 1067 1068#ifdef notyet 1069static void 1070rsu_set_key(struct rsu_softc sc, const struct ieee80211_key k) 1071{ 1072 struct r92s_fw_cmd_set_key key; 1073 1074 memset(&key, 0, sizeof(key)); 1075 /* Map net80211 cipher to HW crypto algorithm. / 1076* switch (k->wk_cipher->ic_cipher) { 1077 case IEEE80211_CIPHER_WEP: 1078 if (k->wk_keylen < 8) 1079 key.algo = R92S_KEY_ALGO_WEP40; 1080 else 1081 key.algo = R92S_KEY_ALGO_WEP104; 1082 break; 1083 case IEEE80211_CIPHER_TKIP: 1084 key.algo = R92S_KEY_ALGO_TKIP; 1085 break; 1086 case IEEE80211_CIPHER_AES_CCM: 1087 key.algo = R92S_KEY_ALGO_AES; 1088 break; 1089 default: 1090 return; 1091 } 1092 key.id = k->wk_keyix; 1093 key.grpkey = (k->wk_flags & IEEE80211_KEY_GROUP) != 0; 1094 memcpy(key.key, k->wk_key, MIN(k->wk_keylen, sizeof(key.key))); 1095 (void)rsu_fw_cmd(sc, R92S_CMD_SET_KEY, &key, sizeof(key)); 1096} 1097 1098static void 1099rsu_delete_key(struct rsu_softc sc, const struct ieee80211_key k) 1100{ 1101 struct r92s_fw_cmd_set_key key; 1102 1103 memset(&key, 0, sizeof(key)); 1104 key.id = k->wk_keyix; 1105 (void)rsu_fw_cmd(sc, R92S_CMD_SET_KEY, &key, sizeof(key)); 1106} 1107#endif 1108 1109static int 1110rsu_site_survey(struct rsu_softc sc, struct ieee80211vap vap) 1111{ 1112 struct r92s_fw_cmd_sitesurvey cmd; 1113 struct ieee80211com ic = &sc->sc_ic; 1114* 1115 memset(&cmd, 0, sizeof(cmd)); 1116 if ((ic->ic_flags & IEEE80211_F_ASCAN) \|\| sc->sc_scan_pass == 1) 1117 cmd.active = htole32(1); 1118 cmd.limit = htole32(48); 1119 if (sc->sc_scan_pass == 1 && vap->iv_des_nssid > 0) { 1120 /* Do a directed scan for second pass. / 1121* cmd.ssidlen = htole32(vap->iv_des_ssid[0].len); 1122 memcpy(cmd.ssid, vap->iv_des_ssid[0].ssid, 1123 vap->iv_des_ssid[0].len); 1124 1125 } 1126 DPRINTF("sending site survey command, pass=%d\n", sc->sc_scan_pass); 1127 return (rsu_fw_cmd(sc, R92S_CMD_SITE_SURVEY, &cmd, sizeof(cmd))); 1128} 1129 1130static int 1131rsu_join_bss(struct rsu_softc sc, struct ieee80211_node ni) 1132{ 1133 struct ieee80211com ic = &sc->sc_ic; 1134* struct ieee80211vap vap = ni->ni_vap; 1135* struct ndis_wlan_bssid_ex bss; 1136* struct ndis_802_11_fixed_ies fixed; 1137* struct r92s_fw_cmd_auth auth; 1138 uint8_t buf[sizeof(bss) + 128] __aligned(4); 1139* uint8_t frm; 1140* uint8_t opmode; 1141 int error; 1142 1143 /* Let the FW decide the opmode based on the capinfo field. / 1144* opmode = NDIS802_11AUTOUNKNOWN; 1145 RSU_DPRINTF(sc, RSU_DEBUG_RESET, 1146 "%s: setting operating mode to %d\n", 1147 __func__, opmode); 1148 error = rsu_fw_cmd(sc, R92S_CMD_SET_OPMODE, &opmode, sizeof(opmode)); 1149 if (error != 0) 1150 return (error); 1151 1152 memset(&auth, 0, sizeof(auth)); 1153 if (vap->iv_flags & IEEE80211_F_WPA) { 1154 auth.mode = R92S_AUTHMODE_WPA; 1155 auth.dot1x = (ni->ni_authmode == IEEE80211_AUTH_8021X); 1156 } else 1157 auth.mode = R92S_AUTHMODE_OPEN; 1158 RSU_DPRINTF(sc, RSU_DEBUG_RESET, 1159 "%s: setting auth mode to %d\n", 1160 __func__, auth.mode); 1161 error = rsu_fw_cmd(sc, R92S_CMD_SET_AUTH, &auth, sizeof(auth)); 1162 if (error != 0) 1163 return (error); 1164 1165 memset(buf, 0, sizeof(buf)); 1166 bss = (struct ndis_wlan_bssid_ex )buf; 1167* IEEE80211_ADDR_COPY(bss->macaddr, ni->ni_bssid); 1168 bss->ssid.ssidlen = htole32(ni->ni_esslen); 1169 memcpy(bss->ssid.ssid, ni->ni_essid, ni->ni_esslen); 1170 if (vap->iv_flags & (IEEE80211_F_PRIVACY \| IEEE80211_F_WPA)) 1171 bss->privacy = htole32(1); 1172 bss->rssi = htole32(ni->ni_avgrssi); 1173 if (ic->ic_curmode == IEEE80211_MODE_11B) 1174 bss->networktype = htole32(NDIS802_11DS); 1175 else 1176 bss->networktype = htole32(NDIS802_11OFDM24); 1177 bss->config.len = htole32(sizeof(bss->config)); 1178 bss->config.bintval = htole32(ni->ni_intval); 1179 bss->config.dsconfig = htole32(ieee80211_chan2ieee(ic, ni->ni_chan)); 1180 bss->inframode = htole32(NDIS802_11INFRASTRUCTURE); 1181 /* XXX verify how this is supposed to look! / 1182* memcpy(bss->supprates, ni->ni_rates.rs_rates, 1183 ni->ni_rates.rs_nrates); 1184 /* Write the fixed fields of the beacon frame. / 1185* fixed = (struct ndis_802_11_fixed_ies )&bss[1]; 1186* memcpy(&fixed->tstamp, ni->ni_tstamp.data, 8); 1187 fixed->bintval = htole16(ni->ni_intval); 1188 fixed->capabilities = htole16(ni->ni_capinfo); 1189 /* Write IEs to be included in the association request. / 1190* frm = (uint8_t )&fixed[1]; 1191* frm = ieee80211_add_rsn(frm, vap); 1192 frm = ieee80211_add_wpa(frm, vap); 1193 frm = ieee80211_add_qos(frm, ni); 1194 if ((ic->ic_flags & IEEE80211_F_WME) && 1195 (ni->ni_ies.wme_ie != NULL)) 1196 frm = ieee80211_add_wme_info(frm, &ic->ic_wme); 1197 if (ni->ni_flags & IEEE80211_NODE_HT) 1198 frm = ieee80211_add_htcap(frm, ni); 1199 bss->ieslen = htole32(frm - (uint8_t )fixed); 1200* bss->len = htole32(((frm - buf) + 3) & ~3); 1201 RSU_DPRINTF(sc, RSU_DEBUG_RESET \| RSU_DEBUG_FWCMD, 1202 "%s: sending join bss command to %s chan %d\n", 1203 __func__, 1204 ether_sprintf(bss->macaddr), le32toh(bss->config.dsconfig)); 1205 return (rsu_fw_cmd(sc, R92S_CMD_JOIN_BSS, buf, sizeof(buf))); 1206} 1207 1208static int 1209rsu_disconnect(struct rsu_softc sc) 1210{ 1211* uint32_t zero = 0; /* :-) / 1212* 1213 /* Disassociate from our current BSS. / 1214* RSU_DPRINTF(sc, RSU_DEBUG_STATE \| RSU_DEBUG_FWCMD, 1215 "%s: sending disconnect command\n", __func__); 1216 return (rsu_fw_cmd(sc, R92S_CMD_DISCONNECT, &zero, sizeof(zero))); 1217} 1218 1219static void 1220rsu_event_survey(struct rsu_softc sc, uint8_t buf, int len) 1221{ 1222 struct ieee80211com ic = &sc->sc_ic; 1223* struct ieee80211_frame wh; 1224* struct ndis_wlan_bssid_ex bss; 1225* struct ieee80211_rx_stats rxs; 1226 struct mbuf m; 1227* int pktlen; 1228 1229 if (__predict_false(len < sizeof(bss))) 1230* return; 1231 bss = (struct ndis_wlan_bssid_ex )buf; 1232* if (__predict_false(len < sizeof(bss) + le32toh(bss->ieslen))) 1233* return; 1234 1235 RSU_DPRINTF(sc, RSU_DEBUG_SCAN, 1236 "%s: found BSS %s: len=%d chan=%d inframode=%d " 1237 "networktype=%d privacy=%d, RSSI=%d\n", 1238 __func__, 1239 ether_sprintf(bss->macaddr), le32toh(bss->len), 1240 le32toh(bss->config.dsconfig), le32toh(bss->inframode), 1241 le32toh(bss->networktype), le32toh(bss->privacy), 1242 le32toh(bss->rssi)); 1243 1244 /* Build a fake beacon frame to let net80211 do all the parsing. / 1245* /* XXX TODO: just call the new scan API methods! / 1246* pktlen = sizeof(wh) + le32toh(bss->ieslen); 1247* if (__predict_false(pktlen > MCLBYTES)) 1248 return; 1249 m = m_get2(pktlen, M_NOWAIT, MT_DATA, M_PKTHDR); 1250 if (__predict_false(m == NULL)) 1251 return; 1252 wh = mtod(m, struct ieee80211_frame ); 1253* wh->i_fc[0] = IEEE80211_FC0_VERSION_0 \| IEEE80211_FC0_TYPE_MGT \| 1254 IEEE80211_FC0_SUBTYPE_BEACON; 1255 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1256 USETW(wh->i_dur, 0); 1257 IEEE80211_ADDR_COPY(wh->i_addr1, ieee80211broadcastaddr); 1258 IEEE80211_ADDR_COPY(wh->i_addr2, bss->macaddr); 1259 IEEE80211_ADDR_COPY(wh->i_addr3, bss->macaddr); 1260 (uint16_t )wh->i_seq = 0; 1261 memcpy(&wh[1], (uint8_t )&bss[1], le32toh(bss->ieslen)); 1262* 1263 /* Finalize mbuf. / 1264* m->m_pkthdr.len = m->m_len = pktlen; 1265 1266 /* Set channel flags for input path / 1267* bzero(&rxs, sizeof(rxs)); 1268 rxs.r_flags \|= IEEE80211_R_IEEE \| IEEE80211_R_FREQ; 1269 rxs.r_flags \|= IEEE80211_R_NF \| IEEE80211_R_RSSI; 1270 rxs.c_ieee = le32toh(bss->config.dsconfig); 1271 rxs.c_freq = ieee80211_ieee2mhz(rxs.c_ieee, IEEE80211_CHAN_2GHZ); 1272 rxs.rssi = le32toh(bss->rssi); 1273 rxs.nf = 0; /* XXX / 1274* 1275 /* XXX avoid a LOR / 1276* RSU_UNLOCK(sc); 1277 ieee80211_input_mimo_all(ic, m, &rxs); 1278 RSU_LOCK(sc); 1279} 1280 1281static void 1282rsu_event_join_bss(struct rsu_softc sc, uint8_t buf, int len) 1283{ 1284 struct ieee80211com ic = &sc->sc_ic; 1285* struct ieee80211vap vap = TAILQ_FIRST(&ic->ic_vaps); 1286* struct ieee80211_node ni = vap->iv_bss; 1287* struct r92s_event_join_bss rsp; 1288* uint32_t tmp; 1289 int res; 1290 1291 if (__predict_false(len < sizeof(rsp))) 1292* return; 1293 rsp = (struct r92s_event_join_bss )buf; 1294* res = (int)le32toh(rsp->join_res); 1295 1296 RSU_DPRINTF(sc, RSU_DEBUG_STATE \| RSU_DEBUG_FWCMD, 1297 "%s: Rx join BSS event len=%d res=%d\n", 1298 __func__, len, res); 1299 if (res <= 0) { 1300 RSU_UNLOCK(sc); 1301 ieee80211_new_state(vap, IEEE80211_S_SCAN, -1); 1302 RSU_LOCK(sc); 1303 return; 1304 } 1305 tmp = le32toh(rsp->associd); 1306 if (tmp >= vap->iv_max_aid) { 1307 DPRINTF("Assoc ID overflow\n"); 1308 tmp = 1; 1309 } 1310 RSU_DPRINTF(sc, RSU_DEBUG_STATE \| RSU_DEBUG_FWCMD, 1311 "%s: associated with %s associd=%d\n", 1312 __func__, ether_sprintf(rsp->bss.macaddr), tmp); 1313 /* XXX is this required? What's the top two bits for again? / 1314* ni->ni_associd = tmp \| 0xc000; 1315 RSU_UNLOCK(sc); 1316 ieee80211_new_state(vap, IEEE80211_S_RUN, 1317 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1318 RSU_LOCK(sc); 1319} 1320 1321static void 1322rsu_event_addba_req_report(struct rsu_softc sc, uint8_t buf, int len) 1323{ 1324 struct ieee80211com ic = &sc->sc_ic; 1325* struct ieee80211vap vap = TAILQ_FIRST(&ic->ic_vaps); 1326* struct r92s_add_ba_event ba = (void ) buf; 1327 struct ieee80211_node ni; 1328* 1329 if (len < sizeof(ba)) { 1330* device_printf(sc->sc_dev, "%s: short read (%d)\n", __func__, len); 1331 return; 1332 } 1333 1334 if (vap == NULL) 1335 return; 1336 1337 device_printf(sc->sc_dev, "%s: mac=%s, tid=%d, ssn=%d\n", 1338 __func__, 1339 ether_sprintf(ba->mac_addr), 1340 (int) ba->tid, 1341 (int) le16toh(ba->ssn)); 1342 1343 /* XXX do node lookup; this is STA specific / 1344* 1345 ni = ieee80211_ref_node(vap->iv_bss); 1346 ieee80211_ampdu_rx_start_ext(ni, ba->tid, le16toh(ba->ssn) >> 4, 32); 1347 ieee80211_free_node(ni); 1348} 1349 1350static void 1351rsu_rx_event(struct rsu_softc sc, uint8_t code, uint8_t buf, int len) 1352{ 1353 struct ieee80211com ic = &sc->sc_ic; 1354* struct ieee80211vap vap = TAILQ_FIRST(&ic->ic_vaps); 1355* 1356 RSU_DPRINTF(sc, RSU_DEBUG_RX \| RSU_DEBUG_FWCMD, 1357 "%s: Rx event code=%d len=%d\n", __func__, code, len); 1358 switch (code) { 1359 case R92S_EVT_SURVEY: 1360 rsu_event_survey(sc, buf, len); 1361 break; 1362 case R92S_EVT_SURVEY_DONE: 1363 RSU_DPRINTF(sc, RSU_DEBUG_SCAN, 1364 "%s: site survey pass %d done, found %d BSS\n", 1365 __func__, sc->sc_scan_pass, le32toh((uint32_t )buf)); 1366 if (vap->iv_state != IEEE80211_S_SCAN) 1367 break; /* Ignore if not scanning. / 1368* if (sc->sc_scan_pass == 0 && vap->iv_des_nssid != 0) { 1369 /* Schedule a directed scan for hidden APs. / 1370* /* XXX bad! / 1371* sc->sc_scan_pass = 1; 1372 RSU_UNLOCK(sc); 1373 ieee80211_new_state(vap, IEEE80211_S_SCAN, -1); 1374 RSU_LOCK(sc); 1375 break; 1376 } 1377 sc->sc_scan_pass = 0; 1378 break; 1379 case R92S_EVT_JOIN_BSS: 1380 if (vap->iv_state == IEEE80211_S_AUTH) 1381 rsu_event_join_bss(sc, buf, len); 1382 break; 1383 case R92S_EVT_DEL_STA: 1384 RSU_DPRINTF(sc, RSU_DEBUG_FWCMD \| RSU_DEBUG_STATE, 1385 "%s: disassociated from %s\n", __func__, 1386 ether_sprintf(buf)); 1387 if (vap->iv_state == IEEE80211_S_RUN && 1388 IEEE80211_ADDR_EQ(vap->iv_bss->ni_bssid, buf)) { 1389 RSU_UNLOCK(sc); 1390 ieee80211_new_state(vap, IEEE80211_S_SCAN, -1); 1391 RSU_LOCK(sc); 1392 } 1393 break; 1394 case R92S_EVT_WPS_PBC: 1395 RSU_DPRINTF(sc, RSU_DEBUG_RX \| RSU_DEBUG_FWCMD, 1396 "%s: WPS PBC pushed.\n", __func__); 1397 break; 1398 case R92S_EVT_FWDBG: 1399 buf[60] = '\0'; 1400 RSU_DPRINTF(sc, RSU_DEBUG_FWDBG, "FWDBG: %s\n", (char )buf); 1401* break; 1402 1403 case R92S_EVT_ADDBA_REQ_REPORT: 1404 rsu_event_addba_req_report(sc, buf, len); 1405 break; 1406 default: 1407 RSU_DPRINTF(sc, RSU_DEBUG_ANY, "%s: unhandled code (%d)\n", 1408 __func__, code); 1409 break; 1410 } 1411} 1412 1413static void 1414rsu_rx_multi_event(struct rsu_softc sc, uint8_t buf, int len) 1415{ 1416 struct r92s_fw_cmd_hdr cmd; 1417* int cmdsz; 1418 1419 RSU_DPRINTF(sc, RSU_DEBUG_RX, "%s: Rx events len=%d\n", __func__, len); 1420 1421 /* Skip Rx status. / 1422* buf += sizeof(struct r92s_rx_stat); 1423 len -= sizeof(struct r92s_rx_stat); 1424 1425 /* Process all events. / 1426* for (;;) { 1427 /* Check that command header fits. / 1428* if (__predict_false(len < sizeof(cmd))) 1429* break; 1430 cmd = (struct r92s_fw_cmd_hdr )buf; 1431* /* Check that command payload fits. / 1432* cmdsz = le16toh(cmd->len); 1433 if (__predict_false(len < sizeof(cmd) + cmdsz)) 1434* break; 1435 1436 /* Process firmware event. / 1437* rsu_rx_event(sc, cmd->code, (uint8_t )&cmd[1], cmdsz); 1438* 1439 if (!(cmd->seq & R92S_FW_CMD_MORE)) 1440 break; 1441 buf += sizeof(cmd) + cmdsz; 1442* len -= sizeof(cmd) + cmdsz; 1443* } 1444} 1445 1446static int8_t 1447rsu_get_rssi(struct rsu_softc sc, int rate, void physt) 1448{ 1449 static const int8_t cckoff[] = { 14, -2, -20, -40 }; 1450 struct r92s_rx_phystat phy; 1451* struct r92s_rx_cck cck; 1452* uint8_t rpt; 1453 int8_t rssi; 1454 1455 if (rate <= 3) { 1456 cck = (struct r92s_rx_cck )physt; 1457* rpt = (cck->agc_rpt >> 6) & 0x3; 1458 rssi = cck->agc_rpt & 0x3e; 1459 rssi = cckoff[rpt] - rssi; 1460 } else { /* OFDM/HT. / 1461* phy = (struct r92s_rx_phystat )physt; 1462* rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 106; 1463 } 1464 return (rssi); 1465} 1466 1467static struct mbuf * 1468rsu_rx_frame(struct rsu_softc sc, uint8_t buf, int pktlen, int rssi) 1469{ 1470* struct ieee80211com ic = &sc->sc_ic; 1471* struct ieee80211_frame wh; 1472* struct r92s_rx_stat stat; 1473* uint32_t rxdw0, rxdw3; 1474 struct mbuf m; 1475* uint8_t rate; 1476 int infosz; 1477 1478 stat = (struct r92s_rx_stat )buf; 1479* rxdw0 = le32toh(stat->rxdw0); 1480 rxdw3 = le32toh(stat->rxdw3); 1481 1482 if (__predict_false(rxdw0 & R92S_RXDW0_CRCERR)) { 1483 counter_u64_add(ic->ic_ierrors, 1); 1484 return NULL; 1485 } 1486 if (__predict_false(pktlen < sizeof(wh) \|\| pktlen > MCLBYTES)) { 1487* counter_u64_add(ic->ic_ierrors, 1); 1488 return NULL; 1489 } 1490 1491 rate = MS(rxdw3, R92S_RXDW3_RATE); 1492 infosz = MS(rxdw0, R92S_RXDW0_INFOSZ) * 8; 1493 1494 /* Get RSSI from PHY status descriptor if present. / 1495* if (infosz != 0) 1496 rssi = rsu_get_rssi(sc, rate, &stat[1]); 1497* else 1498 rssi = 0; 1499* 1500 RSU_DPRINTF(sc, RSU_DEBUG_RX, 1501 "%s: Rx frame len=%d rate=%d infosz=%d rssi=%d\n", 1502 __func__, 1503 pktlen, rate, infosz, rssi); 1504* 1505 m = m_get2(pktlen, M_NOWAIT, MT_DATA, M_PKTHDR); 1506 if (__predict_false(m == NULL)) { 1507 counter_u64_add(ic->ic_ierrors, 1); 1508 return NULL; 1509 } 1510 /* Hardware does Rx TCP checksum offload. / 1511* if (rxdw3 & R92S_RXDW3_TCPCHKVALID) { 1512 if (__predict_true(rxdw3 & R92S_RXDW3_TCPCHKRPT)) 1513 m->m_pkthdr.csum_flags \|= CSUM_DATA_VALID; 1514 } 1515 wh = (struct ieee80211_frame )((uint8_t )&stat[1] + infosz); 1516 memcpy(mtod(m, uint8_t ), wh, pktlen); 1517* m->m_pkthdr.len = m->m_len = pktlen; 1518 1519 if (ieee80211_radiotap_active(ic)) { 1520 struct rsu_rx_radiotap_header tap = &sc->sc_rxtap; 1521* 1522 /* Map HW rate index to 802.11 rate. / 1523* tap->wr_flags = 2; 1524 if (!(rxdw3 & R92S_RXDW3_HTC)) { 1525 switch (rate) { 1526 /* CCK. / 1527* case 0: tap->wr_rate = 2; break; 1528 case 1: tap->wr_rate = 4; break; 1529 case 2: tap->wr_rate = 11; break; 1530 case 3: tap->wr_rate = 22; break; 1531 /* OFDM. / 1532* case 4: tap->wr_rate = 12; break; 1533 case 5: tap->wr_rate = 18; break; 1534 case 6: tap->wr_rate = 24; break; 1535 case 7: tap->wr_rate = 36; break; 1536 case 8: tap->wr_rate = 48; break; 1537 case 9: tap->wr_rate = 72; break; 1538 case 10: tap->wr_rate = 96; break; 1539 case 11: tap->wr_rate = 108; break; 1540 } 1541 } else if (rate >= 12) { /* MCS0~15. / 1542* /* Bit 7 set means HT MCS instead of rate. / 1543* tap->wr_rate = 0x80 \| (rate - 12); 1544 } 1545 tap->wr_dbm_antsignal = rssi; 1546* tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1547 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1548 } 1549 1550 return (m); 1551} 1552 1553static struct mbuf * 1554rsu_rx_multi_frame(struct rsu_softc sc, uint8_t buf, int len, int rssi) 1555{ 1556* struct r92s_rx_stat stat; 1557* uint32_t rxdw0; 1558 int totlen, pktlen, infosz, npkts; 1559 struct mbuf m, m0 = NULL, prevm = NULL; 1560* 1561 /* Get the number of encapsulated frames. / 1562* stat = (struct r92s_rx_stat )buf; 1563* npkts = MS(le32toh(stat->rxdw2), R92S_RXDW2_PKTCNT); 1564 RSU_DPRINTF(sc, RSU_DEBUG_RX, 1565 "%s: Rx %d frames in one chunk\n", __func__, npkts); 1566 1567 /* Process all of them. / 1568* while (npkts-- > 0) { 1569 if (__predict_false(len < sizeof(stat))) 1570* break; 1571 stat = (struct r92s_rx_stat )buf; 1572* rxdw0 = le32toh(stat->rxdw0); 1573 1574 pktlen = MS(rxdw0, R92S_RXDW0_PKTLEN); 1575 if (__predict_false(pktlen == 0)) 1576 break; 1577 1578 infosz = MS(rxdw0, R92S_RXDW0_INFOSZ) * 8; 1579 1580 /* Make sure everything fits in xfer. / 1581* totlen = sizeof(stat) + infosz + pktlen; 1582* if (__predict_false(totlen > len)) 1583 break; 1584 1585 /* Process 802.11 frame. / 1586* m = rsu_rx_frame(sc, buf, pktlen, rssi); 1587 if (m0 == NULL) 1588 m0 = m; 1589 if (prevm == NULL) 1590 prevm = m; 1591 else { 1592 prevm->m_next = m; 1593 prevm = m; 1594 } 1595 /* Next chunk is 128-byte aligned. / 1596* totlen = (totlen + 127) & ~127; 1597 buf += totlen; 1598 len -= totlen; 1599 } 1600 1601 return (m0); 1602} 1603 1604static struct mbuf * 1605rsu_rxeof(struct usb_xfer xfer, struct rsu_data data, int rssi) 1606{ 1607* struct rsu_softc sc = data->sc; 1608* struct ieee80211com ic = &sc->sc_ic; 1609* struct r92s_rx_stat stat; 1610* int len; 1611 1612 usbd_xfer_status(xfer, &len, NULL, NULL, NULL); 1613 1614 if (__predict_false(len < sizeof(stat))) { 1615* DPRINTF("xfer too short %d\n", len); 1616 counter_u64_add(ic->ic_ierrors, 1); 1617 return (NULL); 1618 } 1619 /* Determine if it is a firmware C2H event or an 802.11 frame. / 1620* stat = (struct r92s_rx_stat )data->buf; 1621* if ((le32toh(stat->rxdw1) & 0x1ff) == 0x1ff) { 1622 rsu_rx_multi_event(sc, data->buf, len); 1623 /* No packets to process. / 1624* return (NULL); 1625 } else 1626 return (rsu_rx_multi_frame(sc, data->buf, len, rssi)); 1627} 1628 1629static void 1630rsu_bulk_rx_callback(struct usb_xfer xfer, usb_error_t error) 1631{ 1632* struct rsu_softc sc = usbd_xfer_softc(xfer); 1633* struct ieee80211com ic = &sc->sc_ic; 1634* struct ieee80211_frame wh; 1635* struct ieee80211_node ni; 1636* struct mbuf m = NULL, next; 1637 struct rsu_data data; 1638* int rssi = 1; 1639 1640 RSU_ASSERT_LOCKED(sc); 1641 1642 switch (USB_GET_STATE(xfer)) { 1643 case USB_ST_TRANSFERRED: 1644 data = STAILQ_FIRST(&sc->sc_rx_active); 1645 if (data == NULL) 1646 goto tr_setup; 1647 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1648 m = rsu_rxeof(xfer, data, &rssi); 1649 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1650 /* FALLTHROUGH / 1651* case USB_ST_SETUP: 1652tr_setup: 1653 data = STAILQ_FIRST(&sc->sc_rx_inactive); 1654 if (data == NULL) { 1655 KASSERT(m == NULL, ("mbuf isn't NULL")); 1656 return; 1657 } 1658 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 1659 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 1660 usbd_xfer_set_frame_data(xfer, 0, data->buf, 1661 usbd_xfer_max_len(xfer)); 1662 usbd_transfer_submit(xfer); 1663 /* 1664 * To avoid LOR we should unlock our private mutex here to call 1665 * ieee80211_input() because here is at the end of a USB 1666 * callback and safe to unlock. 1667 / 1668* RSU_UNLOCK(sc); 1669 while (m != NULL) { 1670 next = m->m_next; 1671 m->m_next = NULL; 1672 wh = mtod(m, struct ieee80211_frame ); 1673* ni = ieee80211_find_rxnode(ic, 1674 (struct ieee80211_frame_min )wh); 1675* if (ni != NULL) { 1676 if (ni->ni_flags & IEEE80211_NODE_HT) 1677 m->m_flags \|= M_AMPDU; 1678 (void)ieee80211_input(ni, m, rssi, 0); 1679 ieee80211_free_node(ni); 1680 } else 1681 (void)ieee80211_input_all(ic, m, rssi, 0); 1682 m = next; 1683 } 1684 RSU_LOCK(sc); 1685 break; 1686 default: 1687 /* needs it to the inactive queue due to a error. / 1688* data = STAILQ_FIRST(&sc->sc_rx_active); 1689 if (data != NULL) { 1690 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1691 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1692 } 1693 if (error != USB_ERR_CANCELLED) { 1694 usbd_xfer_set_stall(xfer); 1695 counter_u64_add(ic->ic_ierrors, 1); 1696 goto tr_setup; 1697 } 1698 break; 1699 } 1700 1701} 1702 1703static void 1704rsu_txeof(struct usb_xfer xfer, struct rsu_data data) 1705{ 1706#ifdef USB_DEBUG 1707 struct rsu_softc sc = usbd_xfer_softc(xfer); 1708#endif 1709* 1710 RSU_DPRINTF(sc, RSU_DEBUG_TXDONE, "%s: called; data=%p\n", 1711 __func__, 1712 data); 1713 1714 if (data->m) { 1715 /* XXX status? / 1716* ieee80211_tx_complete(data->ni, data->m, 0); 1717 data->m = NULL; 1718 data->ni = NULL; 1719 } 1720} 1721 1722static void 1723rsu_bulk_tx_callback_sub(struct usb_xfer xfer, usb_error_t error, 1724* uint8_t which) 1725{ 1726 struct rsu_softc sc = usbd_xfer_softc(xfer); 1727* struct ieee80211com ic = &sc->sc_ic; 1728* struct rsu_data data; 1729* 1730 RSU_ASSERT_LOCKED(sc); 1731 1732 switch (USB_GET_STATE(xfer)) { 1733 case USB_ST_TRANSFERRED: 1734 data = STAILQ_FIRST(&sc->sc_tx_active[which]); 1735 if (data == NULL) 1736 goto tr_setup; 1737 RSU_DPRINTF(sc, RSU_DEBUG_TXDONE, "%s: transfer done %p\n", 1738 __func__, data); 1739 STAILQ_REMOVE_HEAD(&sc->sc_tx_active[which], next); 1740 rsu_txeof(xfer, data); 1741 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1742 /* FALLTHROUGH / 1743* case USB_ST_SETUP: 1744tr_setup: 1745 data = STAILQ_FIRST(&sc->sc_tx_pending[which]); 1746 if (data == NULL) { 1747 RSU_DPRINTF(sc, RSU_DEBUG_TXDONE, 1748 "%s: empty pending queue sc %p\n", __func__, sc); 1749 return; 1750 } 1751 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending[which], next); 1752 STAILQ_INSERT_TAIL(&sc->sc_tx_active[which], data, next); 1753 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 1754 RSU_DPRINTF(sc, RSU_DEBUG_TXDONE, 1755 "%s: submitting transfer %p\n", 1756 __func__, 1757 data); 1758 usbd_transfer_submit(xfer); 1759 break; 1760 default: 1761 data = STAILQ_FIRST(&sc->sc_tx_active[which]); 1762 if (data != NULL) { 1763 STAILQ_REMOVE_HEAD(&sc->sc_tx_active[which], next); 1764 rsu_txeof(xfer, data); 1765 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1766 } 1767 counter_u64_add(ic->ic_oerrors, 1); 1768 1769 if (error != USB_ERR_CANCELLED) { 1770 usbd_xfer_set_stall(xfer); 1771 goto tr_setup; 1772 } 1773 break; 1774 } 1775} 1776 1777static void 1778rsu_bulk_tx_callback_be_bk(struct usb_xfer xfer, usb_error_t error) 1779{ 1780* rsu_bulk_tx_callback_sub(xfer, error, RSU_BULK_TX_BE_BK); 1781} 1782 1783static void 1784rsu_bulk_tx_callback_vi_vo(struct usb_xfer xfer, usb_error_t error) 1785{ 1786* rsu_bulk_tx_callback_sub(xfer, error, RSU_BULK_TX_VI_VO); 1787} 1788 1789static void 1790rsu_bulk_tx_callback_h2c(struct usb_xfer xfer, usb_error_t error) 1791{ 1792* rsu_bulk_tx_callback_sub(xfer, error, RSU_BULK_TX_H2C); 1793} 1794 1795static int 1796rsu_tx_start(struct rsu_softc sc, struct ieee80211_node ni, 1797 struct mbuf m0, struct rsu_data data) 1798{ 1799 struct ieee80211com ic = &sc->sc_ic; 1800* struct ieee80211vap vap = ni->ni_vap; 1801* struct ieee80211_frame wh; 1802* struct ieee80211_key k = NULL; 1803* struct r92s_tx_desc txd; 1804* uint8_t type; 1805 int prio = 0; 1806 uint8_t which; 1807 int hasqos; 1808 int xferlen; 1809 int qid; 1810 1811 RSU_ASSERT_LOCKED(sc); 1812 1813 wh = mtod(m0, struct ieee80211_frame ); 1814* type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1815 1816 RSU_DPRINTF(sc, RSU_DEBUG_TX, "%s: data=%p, m=%p\n", 1817 __func__, data, m0); 1818 1819 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1820 k = ieee80211_crypto_encap(ni, m0); 1821 if (k == NULL) { 1822 device_printf(sc->sc_dev, 1823 "ieee80211_crypto_encap returns NULL.\n"); 1824 /* XXX we don't expect the fragmented frames / 1825* m_freem(m0); 1826 return (ENOBUFS); 1827 } 1828 wh = mtod(m0, struct ieee80211_frame ); 1829* } 1830 /* If we have QoS then use it / 1831* /* XXX TODO: mbuf WME/PRI versus TID? / 1832* if (IEEE80211_QOS_HAS_SEQ(wh)) { 1833 /* Has QoS / 1834* prio = M_WME_GETAC(m0); 1835 which = rsu_wme_ac_xfer_map[prio]; 1836 hasqos = 1; 1837 } else { 1838 /* Non-QoS TID / 1839* /* XXX TODO: tid=0 for non-qos TID? / 1840* which = rsu_wme_ac_xfer_map[WME_AC_BE]; 1841 hasqos = 0; 1842 prio = 0; 1843 } 1844 1845 qid = rsu_ac2qid[prio]; 1846#if 0 1847 switch (type) { 1848 case IEEE80211_FC0_TYPE_CTL: 1849 case IEEE80211_FC0_TYPE_MGT: 1850 which = rsu_wme_ac_xfer_map[WME_AC_VO]; 1851 break; 1852 default: 1853 which = rsu_wme_ac_xfer_map[M_WME_GETAC(m0)]; 1854 break; 1855 } 1856 hasqos = 0; 1857#endif 1858 1859 RSU_DPRINTF(sc, RSU_DEBUG_TX, "%s: pri=%d, which=%d, hasqos=%d\n", 1860 __func__, 1861 prio, 1862 which, 1863 hasqos); 1864 1865 /* Fill Tx descriptor. / 1866* txd = (struct r92s_tx_desc )data->buf; 1867* memset(txd, 0, sizeof(txd)); 1868* 1869 txd->txdw0 \|= htole32( 1870 SM(R92S_TXDW0_PKTLEN, m0->m_pkthdr.len) \| 1871 SM(R92S_TXDW0_OFFSET, sizeof(txd)) \| 1872* R92S_TXDW0_OWN \| R92S_TXDW0_FSG \| R92S_TXDW0_LSG); 1873 1874 txd->txdw1 \|= htole32( 1875 SM(R92S_TXDW1_MACID, R92S_MACID_BSS) \| SM(R92S_TXDW1_QSEL, qid)); 1876 if (!hasqos) 1877 txd->txdw1 \|= htole32(R92S_TXDW1_NONQOS); 1878#ifdef notyet 1879 if (k != NULL) { 1880 switch (k->wk_cipher->ic_cipher) { 1881 case IEEE80211_CIPHER_WEP: 1882 cipher = R92S_TXDW1_CIPHER_WEP; 1883 break; 1884 case IEEE80211_CIPHER_TKIP: 1885 cipher = R92S_TXDW1_CIPHER_TKIP; 1886 break; 1887 case IEEE80211_CIPHER_AES_CCM: 1888 cipher = R92S_TXDW1_CIPHER_AES; 1889 break; 1890 default: 1891 cipher = R92S_TXDW1_CIPHER_NONE; 1892 } 1893 txd->txdw1 \|= htole32( 1894 SM(R92S_TXDW1_CIPHER, cipher) \| 1895 SM(R92S_TXDW1_KEYIDX, k->k_id)); 1896 } 1897#endif 1898 /* XXX todo: set AGGEN bit if appropriate? / 1899* txd->txdw2 \|= htole32(R92S_TXDW2_BK); 1900 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 1901 txd->txdw2 \|= htole32(R92S_TXDW2_BMCAST); 1902 /* 1903 * Firmware will use and increment the sequence number for the 1904 * specified priority. 1905 / 1906* txd->txdw3 \|= htole32(SM(R92S_TXDW3_SEQ, prio)); 1907 1908 if (ieee80211_radiotap_active_vap(vap)) { 1909 struct rsu_tx_radiotap_header tap = &sc->sc_txtap; 1910* 1911 tap->wt_flags = 0; 1912 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1913 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1914 ieee80211_radiotap_tx(vap, m0); 1915 } 1916 1917 xferlen = sizeof(txd) + m0->m_pkthdr.len; 1918* m_copydata(m0, 0, m0->m_pkthdr.len, (caddr_t)&txd[1]); 1919 1920 data->buflen = xferlen; 1921 data->ni = ni; 1922 data->m = m0; 1923 STAILQ_INSERT_TAIL(&sc->sc_tx_pending[which], data, next); 1924 1925 /* start transfer, if any / 1926* usbd_transfer_start(sc->sc_xfer[which]); 1927 return (0); 1928} 1929 1930static int 1931rsu_transmit(struct ieee80211com ic, struct mbuf m) 1932{ 1933 struct rsu_softc sc = ic->ic_softc; 1934* int error; 1935 1936 RSU_LOCK(sc); 1937 if (!sc->sc_running) { 1938 RSU_UNLOCK(sc); 1939 return (ENXIO); 1940 } 1941 error = mbufq_enqueue(&sc->sc_snd, m); 1942 if (error) { 1943 RSU_UNLOCK(sc); 1944 return (error); 1945 } 1946 rsu_start(sc); 1947 RSU_UNLOCK(sc); 1948 1949 return (0); 1950} 1951 1952static void 1953rsu_start(struct rsu_softc sc) 1954{ 1955* struct ieee80211_node ni; 1956* struct rsu_data bf; 1957* struct mbuf m; 1958* 1959 RSU_ASSERT_LOCKED(sc); 1960 1961 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 1962 bf = rsu_getbuf(sc); 1963 if (bf == NULL) { 1964 mbufq_prepend(&sc->sc_snd, m); 1965 break; 1966 } 1967 1968 ni = (struct ieee80211_node )m->m_pkthdr.rcvif; 1969* m->m_pkthdr.rcvif = NULL; 1970 1971 if (rsu_tx_start(sc, ni, m, bf) != 0) { 1972 if_inc_counter(ni->ni_vap->iv_ifp, 1973 IFCOUNTER_OERRORS, 1); 1974 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 1975 ieee80211_free_node(ni); 1976 break; 1977 } 1978 } 1979} 1980 1981static void 1982rsu_parent(struct ieee80211com ic) 1983{ 1984* struct rsu_softc sc = ic->ic_softc; 1985* int startall = 0; 1986 1987 RSU_LOCK(sc); 1988 if (ic->ic_nrunning > 0) { 1989 if (!sc->sc_running) { 1990 rsu_init(sc); 1991 startall = 1; 1992 } 1993 } else if (sc->sc_running) 1994 rsu_stop(sc); 1995 RSU_UNLOCK(sc); 1996 1997 if (startall) 1998 ieee80211_start_all(ic); 1999} 2000 2001/* 2002 * Power on sequence for A-cut adapters. 2003 / 2004static void 2005rsu_power_on_acut(struct rsu_softc sc) 2006{ 2007 uint32_t reg; 2008 2009 rsu_write_1(sc, R92S_SPS0_CTRL + 1, 0x53); 2010 rsu_write_1(sc, R92S_SPS0_CTRL + 0, 0x57); 2011 2012 /* Enable AFE macro block's bandgap and Mbias. / 2013* rsu_write_1(sc, R92S_AFE_MISC, 2014 rsu_read_1(sc, R92S_AFE_MISC) \| 2015 R92S_AFE_MISC_BGEN \| R92S_AFE_MISC_MBEN); 2016 /* Enable LDOA15 block. / 2017* rsu_write_1(sc, R92S_LDOA15_CTRL, 2018 rsu_read_1(sc, R92S_LDOA15_CTRL) \| R92S_LDA15_EN); 2019 2020 rsu_write_1(sc, R92S_SPS1_CTRL, 2021 rsu_read_1(sc, R92S_SPS1_CTRL) \| R92S_SPS1_LDEN); 2022 rsu_ms_delay(sc, 2000); 2023 /* Enable switch regulator block. / 2024* rsu_write_1(sc, R92S_SPS1_CTRL, 2025 rsu_read_1(sc, R92S_SPS1_CTRL) \| R92S_SPS1_SWEN); 2026 2027 rsu_write_4(sc, R92S_SPS1_CTRL, 0x00a7b267); 2028 2029 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 2030 rsu_read_1(sc, R92S_SYS_ISO_CTRL + 1) \| 0x08); 2031 2032 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2033 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x20); 2034 2035 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 2036 rsu_read_1(sc, R92S_SYS_ISO_CTRL + 1) & ~0x90); 2037 2038 /* Enable AFE clock. / 2039* rsu_write_1(sc, R92S_AFE_XTAL_CTRL + 1, 2040 rsu_read_1(sc, R92S_AFE_XTAL_CTRL + 1) & ~0x04); 2041 /* Enable AFE PLL macro block. / 2042* rsu_write_1(sc, R92S_AFE_PLL_CTRL, 2043 rsu_read_1(sc, R92S_AFE_PLL_CTRL) \| 0x11); 2044 /* Attach AFE PLL to MACTOP/BB. / 2045* rsu_write_1(sc, R92S_SYS_ISO_CTRL, 2046 rsu_read_1(sc, R92S_SYS_ISO_CTRL) & ~0x11); 2047 2048 /* Switch to 40MHz clock instead of 80MHz. / 2049* rsu_write_2(sc, R92S_SYS_CLKR, 2050 rsu_read_2(sc, R92S_SYS_CLKR) & ~R92S_SYS_CLKSEL); 2051 2052 /* Enable MAC clock. / 2053* rsu_write_2(sc, R92S_SYS_CLKR, 2054 rsu_read_2(sc, R92S_SYS_CLKR) \| 2055 R92S_MAC_CLK_EN \| R92S_SYS_CLK_EN); 2056 2057 rsu_write_1(sc, R92S_PMC_FSM, 0x02); 2058 2059 /* Enable digital core and IOREG R/W. / 2060* rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2061 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x08); 2062 2063 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2064 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x80); 2065 2066 /* Switch the control path to firmware. / 2067* reg = rsu_read_2(sc, R92S_SYS_CLKR); 2068 reg = (reg & ~R92S_SWHW_SEL) \| R92S_FWHW_SEL; 2069 rsu_write_2(sc, R92S_SYS_CLKR, reg); 2070 2071 rsu_write_2(sc, R92S_CR, 0x37fc); 2072 2073 /* Fix USB RX FIFO issue. / 2074* rsu_write_1(sc, 0xfe5c, 2075 rsu_read_1(sc, 0xfe5c) \| 0x80); 2076 rsu_write_1(sc, 0x00ab, 2077 rsu_read_1(sc, 0x00ab) \| 0xc0); 2078 2079 rsu_write_1(sc, R92S_SYS_CLKR, 2080 rsu_read_1(sc, R92S_SYS_CLKR) & ~R92S_SYS_CPU_CLKSEL); 2081} 2082 2083/* 2084 * Power on sequence for B-cut and C-cut adapters. 2085 / 2086static void 2087rsu_power_on_bcut(struct rsu_softc sc) 2088{ 2089 uint32_t reg; 2090 int ntries; 2091 2092 /* Prevent eFuse leakage. / 2093* rsu_write_1(sc, 0x37, 0xb0); 2094 rsu_ms_delay(sc, 10); 2095 rsu_write_1(sc, 0x37, 0x30); 2096 2097 /* Switch the control path to hardware. / 2098* reg = rsu_read_2(sc, R92S_SYS_CLKR); 2099 if (reg & R92S_FWHW_SEL) { 2100 rsu_write_2(sc, R92S_SYS_CLKR, 2101 reg & ~(R92S_SWHW_SEL \| R92S_FWHW_SEL)); 2102 } 2103 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2104 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) & ~0x8c); 2105 rsu_ms_delay(sc, 1); 2106 2107 rsu_write_1(sc, R92S_SPS0_CTRL + 1, 0x53); 2108 rsu_write_1(sc, R92S_SPS0_CTRL + 0, 0x57); 2109 2110 reg = rsu_read_1(sc, R92S_AFE_MISC); 2111 rsu_write_1(sc, R92S_AFE_MISC, reg \| R92S_AFE_MISC_BGEN); 2112 rsu_write_1(sc, R92S_AFE_MISC, reg \| R92S_AFE_MISC_BGEN \| 2113 R92S_AFE_MISC_MBEN \| R92S_AFE_MISC_I32_EN); 2114 2115 /* Enable PLL. / 2116* rsu_write_1(sc, R92S_LDOA15_CTRL, 2117 rsu_read_1(sc, R92S_LDOA15_CTRL) \| R92S_LDA15_EN); 2118 2119 rsu_write_1(sc, R92S_LDOV12D_CTRL, 2120 rsu_read_1(sc, R92S_LDOV12D_CTRL) \| R92S_LDV12_EN); 2121 2122 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 2123 rsu_read_1(sc, R92S_SYS_ISO_CTRL + 1) \| 0x08); 2124 2125 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2126 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x20); 2127 2128 /* Support 64KB IMEM. / 2129* rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 2130 rsu_read_1(sc, R92S_SYS_ISO_CTRL + 1) & ~0x97); 2131 2132 /* Enable AFE clock. / 2133* rsu_write_1(sc, R92S_AFE_XTAL_CTRL + 1, 2134 rsu_read_1(sc, R92S_AFE_XTAL_CTRL + 1) & ~0x04); 2135 /* Enable AFE PLL macro block. / 2136* reg = rsu_read_1(sc, R92S_AFE_PLL_CTRL); 2137 rsu_write_1(sc, R92S_AFE_PLL_CTRL, reg \| 0x11); 2138 rsu_ms_delay(sc, 1); 2139 rsu_write_1(sc, R92S_AFE_PLL_CTRL, reg \| 0x51); 2140 rsu_ms_delay(sc, 1); 2141 rsu_write_1(sc, R92S_AFE_PLL_CTRL, reg \| 0x11); 2142 rsu_ms_delay(sc, 1); 2143 2144 /* Attach AFE PLL to MACTOP/BB. / 2145* rsu_write_1(sc, R92S_SYS_ISO_CTRL, 2146 rsu_read_1(sc, R92S_SYS_ISO_CTRL) & ~0x11); 2147 2148 /* Switch to 40MHz clock. / 2149* rsu_write_1(sc, R92S_SYS_CLKR, 0x00); 2150 /* Disable CPU clock and 80MHz SSC. / 2151* rsu_write_1(sc, R92S_SYS_CLKR, 2152 rsu_read_1(sc, R92S_SYS_CLKR) \| 0xa0); 2153 /* Enable MAC clock. / 2154* rsu_write_2(sc, R92S_SYS_CLKR, 2155 rsu_read_2(sc, R92S_SYS_CLKR) \| 2156 R92S_MAC_CLK_EN \| R92S_SYS_CLK_EN); 2157 2158 rsu_write_1(sc, R92S_PMC_FSM, 0x02); 2159 2160 /* Enable digital core and IOREG R/W. / 2161* rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2162 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x08); 2163 2164 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2165 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x80); 2166 2167 /* Switch the control path to firmware. / 2168* reg = rsu_read_2(sc, R92S_SYS_CLKR); 2169 reg = (reg & ~R92S_SWHW_SEL) \| R92S_FWHW_SEL; 2170 rsu_write_2(sc, R92S_SYS_CLKR, reg); 2171 2172 rsu_write_2(sc, R92S_CR, 0x37fc); 2173 2174 /* Fix USB RX FIFO issue. / 2175* rsu_write_1(sc, 0xfe5c, 2176 rsu_read_1(sc, 0xfe5c) \| 0x80); 2177 2178 rsu_write_1(sc, R92S_SYS_CLKR, 2179 rsu_read_1(sc, R92S_SYS_CLKR) & ~R92S_SYS_CPU_CLKSEL); 2180 2181 rsu_write_1(sc, 0xfe1c, 0x80); 2182 2183 /* Make sure TxDMA is ready to download firmware. / 2184* for (ntries = 0; ntries < 20; ntries++) { 2185 reg = rsu_read_1(sc, R92S_TCR); 2186 if ((reg & (R92S_TCR_IMEM_CHK_RPT \| R92S_TCR_EMEM_CHK_RPT)) == 2187 (R92S_TCR_IMEM_CHK_RPT \| R92S_TCR_EMEM_CHK_RPT)) 2188 break; 2189 rsu_ms_delay(sc, 1); 2190 } 2191 if (ntries == 20) { 2192 RSU_DPRINTF(sc, RSU_DEBUG_RESET \| RSU_DEBUG_TX, 2193 "%s: TxDMA is not ready\n", 2194 __func__); 2195 /* Reset TxDMA. / 2196* reg = rsu_read_1(sc, R92S_CR); 2197 rsu_write_1(sc, R92S_CR, reg & ~R92S_CR_TXDMA_EN); 2198 rsu_ms_delay(sc, 1); 2199 rsu_write_1(sc, R92S_CR, reg \| R92S_CR_TXDMA_EN); 2200 } 2201} 2202 2203static void 2204rsu_power_off(struct rsu_softc sc) 2205{ 2206* /* Turn RF off. / 2207* rsu_write_1(sc, R92S_RF_CTRL, 0x00); 2208 rsu_ms_delay(sc, 5); 2209 2210 /* Turn MAC off. / 2211* /* Switch control path. / 2212* rsu_write_1(sc, R92S_SYS_CLKR + 1, 0x38); 2213 /* Reset MACTOP. / 2214* rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 0x70); 2215 rsu_write_1(sc, R92S_PMC_FSM, 0x06); 2216 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 0, 0xf9); 2217 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 0xe8); 2218 2219 /* Disable AFE PLL. / 2220* rsu_write_1(sc, R92S_AFE_PLL_CTRL, 0x00); 2221 /* Disable A15V. / 2222* rsu_write_1(sc, R92S_LDOA15_CTRL, 0x54); 2223 /* Disable eFuse 1.2V. / 2224* rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 0x50); 2225 rsu_write_1(sc, R92S_LDOV12D_CTRL, 0x24); 2226 /* Enable AFE macro block's bandgap and Mbias. / 2227* rsu_write_1(sc, R92S_AFE_MISC, 0x30); 2228 /* Disable 1.6V LDO. / 2229* rsu_write_1(sc, R92S_SPS0_CTRL + 0, 0x56); 2230 rsu_write_1(sc, R92S_SPS0_CTRL + 1, 0x43); 2231} 2232 2233static int 2234rsu_fw_loadsection(struct rsu_softc sc, const uint8_t buf, int len) 2235{ 2236 const uint8_t which = rsu_wme_ac_xfer_map[WME_AC_VO]; 2237 struct rsu_data data; 2238* struct r92s_tx_desc txd; 2239* int mlen; 2240 2241 while (len > 0) { 2242 data = rsu_getbuf(sc); 2243 if (data == NULL) 2244 return (ENOMEM); 2245 txd = (struct r92s_tx_desc )data->buf; 2246* memset(txd, 0, sizeof(txd)); 2247* if (len <= RSU_TXBUFSZ - sizeof(txd)) { 2248* /* Last chunk. / 2249* txd->txdw0 \|= htole32(R92S_TXDW0_LINIP); 2250 mlen = len; 2251 } else 2252 mlen = RSU_TXBUFSZ - sizeof(txd); 2253* txd->txdw0 \|= htole32(SM(R92S_TXDW0_PKTLEN, mlen)); 2254 memcpy(&txd[1], buf, mlen); 2255 data->buflen = sizeof(txd) + mlen; 2256* RSU_DPRINTF(sc, RSU_DEBUG_TX \| RSU_DEBUG_FW \| RSU_DEBUG_RESET, 2257 "%s: starting transfer %p\n", 2258 __func__, data); 2259 STAILQ_INSERT_TAIL(&sc->sc_tx_pending[which], data, next); 2260 buf += mlen; 2261 len -= mlen; 2262 } 2263 usbd_transfer_start(sc->sc_xfer[which]); 2264 return (0); 2265} 2266 2267static int 2268rsu_load_firmware(struct rsu_softc sc) 2269{ 2270* const struct r92s_fw_hdr hdr; 2271* struct r92s_fw_priv dmem; 2272* struct ieee80211com ic = &sc->sc_ic; 2273* const uint8_t imem, emem; 2274 int imemsz, ememsz; 2275 const struct firmware fw; 2276* size_t size; 2277 uint32_t reg; 2278 int ntries, error; 2279 2280 if (rsu_read_1(sc, R92S_TCR) & R92S_TCR_FWRDY) { 2281 RSU_DPRINTF(sc, RSU_DEBUG_FW \| RSU_DEBUG_RESET, 2282 "%s: Firmware already loaded\n", 2283 __func__); 2284 return (0); 2285 } 2286 2287 RSU_UNLOCK(sc); 2288 /* Read firmware image from the filesystem. / 2289* if ((fw = firmware_get("rsu-rtl8712fw")) == NULL) { 2290 device_printf(sc->sc_dev, 2291 "%s: failed load firmware of file rsu-rtl8712fw\n", 2292 __func__); 2293 RSU_LOCK(sc); 2294 return (ENXIO); 2295 } 2296 RSU_LOCK(sc); 2297 size = fw->datasize; 2298 if (size < sizeof(hdr)) { 2299* device_printf(sc->sc_dev, "firmware too short\n"); 2300 error = EINVAL; 2301 goto fail; 2302 } 2303 hdr = (const struct r92s_fw_hdr )fw->data; 2304* if (hdr->signature != htole16(0x8712) && 2305 hdr->signature != htole16(0x8192)) { 2306 device_printf(sc->sc_dev, 2307 "invalid firmware signature 0x%x\n", 2308 le16toh(hdr->signature)); 2309 error = EINVAL; 2310 goto fail; 2311 } 2312 DPRINTF("FW V%d %02x-%02x %02x:%02x\n", le16toh(hdr->version), 2313 hdr->month, hdr->day, hdr->hour, hdr->minute); 2314 2315 /* Make sure that driver and firmware are in sync. / 2316* if (hdr->privsz != htole32(sizeof(dmem))) { 2317* device_printf(sc->sc_dev, "unsupported firmware image\n"); 2318 error = EINVAL; 2319 goto fail; 2320 } 2321 /* Get FW sections sizes. / 2322* imemsz = le32toh(hdr->imemsz); 2323 ememsz = le32toh(hdr->sramsz); 2324 /* Check that all FW sections fit in image. / 2325* if (size < sizeof(hdr) + imemsz + ememsz) { 2326* device_printf(sc->sc_dev, "firmware too short\n"); 2327 error = EINVAL; 2328 goto fail; 2329 } 2330 imem = (const uint8_t )&hdr[1]; 2331* emem = imem + imemsz; 2332 2333 /* Load IMEM section. / 2334* error = rsu_fw_loadsection(sc, imem, imemsz); 2335 if (error != 0) { 2336 device_printf(sc->sc_dev, 2337 "could not load firmware section %s\n", "IMEM"); 2338 goto fail; 2339 } 2340 /* Wait for load to complete. / 2341* for (ntries = 0; ntries != 50; ntries++) { 2342 rsu_ms_delay(sc, 10); 2343 reg = rsu_read_1(sc, R92S_TCR); 2344 if (reg & R92S_TCR_IMEM_CODE_DONE) 2345 break; 2346 } 2347 if (ntries == 50) { 2348 device_printf(sc->sc_dev, "timeout waiting for IMEM transfer\n"); 2349 error = ETIMEDOUT; 2350 goto fail; 2351 } 2352 /* Load EMEM section. / 2353* error = rsu_fw_loadsection(sc, emem, ememsz); 2354 if (error != 0) { 2355 device_printf(sc->sc_dev, 2356 "could not load firmware section %s\n", "EMEM"); 2357 goto fail; 2358 } 2359 /* Wait for load to complete. / 2360* for (ntries = 0; ntries != 50; ntries++) { 2361 rsu_ms_delay(sc, 10); 2362 reg = rsu_read_2(sc, R92S_TCR); 2363 if (reg & R92S_TCR_EMEM_CODE_DONE) 2364 break; 2365 } 2366 if (ntries == 50) { 2367 device_printf(sc->sc_dev, "timeout waiting for EMEM transfer\n"); 2368 error = ETIMEDOUT; 2369 goto fail; 2370 } 2371 /* Enable CPU. / 2372* rsu_write_1(sc, R92S_SYS_CLKR, 2373 rsu_read_1(sc, R92S_SYS_CLKR) \| R92S_SYS_CPU_CLKSEL); 2374 if (!(rsu_read_1(sc, R92S_SYS_CLKR) & R92S_SYS_CPU_CLKSEL)) { 2375 device_printf(sc->sc_dev, "could not enable system clock\n"); 2376 error = EIO; 2377 goto fail; 2378 } 2379 rsu_write_2(sc, R92S_SYS_FUNC_EN, 2380 rsu_read_2(sc, R92S_SYS_FUNC_EN) \| R92S_FEN_CPUEN); 2381 if (!(rsu_read_2(sc, R92S_SYS_FUNC_EN) & R92S_FEN_CPUEN)) { 2382 device_printf(sc->sc_dev, 2383 "could not enable microcontroller\n"); 2384 error = EIO; 2385 goto fail; 2386 } 2387 /* Wait for CPU to initialize. / 2388* for (ntries = 0; ntries < 100; ntries++) { 2389 if (rsu_read_1(sc, R92S_TCR) & R92S_TCR_IMEM_RDY) 2390 break; 2391 rsu_ms_delay(sc, 1); 2392 } 2393 if (ntries == 100) { 2394 device_printf(sc->sc_dev, 2395 "timeout waiting for microcontroller\n"); 2396 error = ETIMEDOUT; 2397 goto fail; 2398 } 2399 2400 /* Update DMEM section before loading. / 2401* dmem = __DECONST(struct r92s_fw_priv , &hdr->priv); 2402* memset(dmem, 0, sizeof(dmem)); 2403* dmem->hci_sel = R92S_HCI_SEL_USB \| R92S_HCI_SEL_8172; 2404 dmem->nendpoints = sc->sc_nendpoints; 2405 /* XXX TODO: rf_config should come from ROM / 2406* dmem->rf_config = 0x11; /* 1T1R / 2407* dmem->vcs_type = R92S_VCS_TYPE_AUTO; 2408 dmem->vcs_mode = R92S_VCS_MODE_RTS_CTS; 2409 dmem->turbo_mode = 0; 2410 dmem->bw40_en = !! (ic->ic_htcaps & IEEE80211_HTCAP_CHWIDTH40); 2411 dmem->amsdu2ampdu_en = !! (sc->sc_ht); 2412 dmem->ampdu_en = !! (sc->sc_ht); 2413 dmem->agg_offload = !! (sc->sc_ht); 2414 dmem->qos_en = 1; 2415 /* Load DMEM section. / 2416* error = rsu_fw_loadsection(sc, (uint8_t )dmem, sizeof(dmem)); 2417 if (error != 0) { 2418 device_printf(sc->sc_dev, 2419 "could not load firmware section %s\n", "DMEM"); 2420 goto fail; 2421 } 2422 /* Wait for load to complete. / 2423* for (ntries = 0; ntries < 100; ntries++) { 2424 if (rsu_read_1(sc, R92S_TCR) & R92S_TCR_DMEM_CODE_DONE) 2425 break; 2426 rsu_ms_delay(sc, 1); 2427 } 2428 if (ntries == 100) { 2429 device_printf(sc->sc_dev, "timeout waiting for %s transfer\n", 2430 "DMEM"); 2431 error = ETIMEDOUT; 2432 goto fail; 2433 } 2434 /* Wait for firmware readiness. / 2435* for (ntries = 0; ntries < 60; ntries++) { 2436 if (!(rsu_read_1(sc, R92S_TCR) & R92S_TCR_FWRDY)) 2437 break; 2438 rsu_ms_delay(sc, 1); 2439 } 2440 if (ntries == 60) { 2441 device_printf(sc->sc_dev, 2442 "timeout waiting for firmware readiness\n"); 2443 error = ETIMEDOUT; 2444 goto fail; 2445 } 2446 fail: 2447 firmware_put(fw, FIRMWARE_UNLOAD); 2448 return (error); 2449} 2450 2451 2452static int 2453rsu_raw_xmit(struct ieee80211_node ni, struct mbuf m, 2454 const struct ieee80211_bpf_params params) 2455{ 2456* struct ieee80211com ic = ni->ni_ic; 2457* struct rsu_softc sc = ic->ic_softc; 2458* struct rsu_data bf; 2459* 2460 /* prevent management frames from being sent if we're not ready / 2461* if (!sc->sc_running) { 2462 m_freem(m); 2463 ieee80211_free_node(ni); 2464 return (ENETDOWN); 2465 } 2466 RSU_LOCK(sc); 2467 bf = rsu_getbuf(sc); 2468 if (bf == NULL) { 2469 ieee80211_free_node(ni); 2470 m_freem(m); 2471 RSU_UNLOCK(sc); 2472 return (ENOBUFS); 2473 } 2474 if (rsu_tx_start(sc, ni, m, bf) != 0) { 2475 ieee80211_free_node(ni); 2476 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 2477 RSU_UNLOCK(sc); 2478 return (EIO); 2479 } 2480 RSU_UNLOCK(sc); 2481 2482 return (0); 2483} 2484 2485static void 2486rsu_init(struct rsu_softc sc) 2487{ 2488* struct ieee80211com ic = &sc->sc_ic; 2489* struct ieee80211vap vap = TAILQ_FIRST(&ic->ic_vaps); 2490* uint8_t macaddr[IEEE80211_ADDR_LEN]; 2491 struct r92s_set_pwr_mode cmd; 2492 int error; 2493 int i; 2494 2495 RSU_ASSERT_LOCKED(sc); 2496 2497 /* Init host async commands ring. / 2498* sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 2499 2500 /* Power on adapter. / 2501* if (sc->cut == 1) 2502 rsu_power_on_acut(sc); 2503 else 2504 rsu_power_on_bcut(sc); 2505 2506 /* Load firmware. / 2507* error = rsu_load_firmware(sc); 2508 if (error != 0) 2509 goto fail; 2510 2511 /* Enable Rx TCP checksum offload. / 2512* rsu_write_4(sc, R92S_RCR, 2513 rsu_read_4(sc, R92S_RCR) \| 0x04000000); 2514 /* Append PHY status. / 2515* rsu_write_4(sc, R92S_RCR, 2516 rsu_read_4(sc, R92S_RCR) \| 0x02000000); 2517 2518 rsu_write_4(sc, R92S_CR, 2519 rsu_read_4(sc, R92S_CR) & ~0xff000000); 2520 2521 /* Use 128 bytes pages. / 2522* rsu_write_1(sc, 0x00b5, 2523 rsu_read_1(sc, 0x00b5) \| 0x01); 2524 /* Enable USB Rx aggregation. / 2525* rsu_write_1(sc, 0x00bd, 2526 rsu_read_1(sc, 0x00bd) \| 0x80); 2527 /* Set USB Rx aggregation threshold. / 2528* rsu_write_1(sc, 0x00d9, 0x01); 2529 /* Set USB Rx aggregation timeout (1.7ms/4). / 2530* rsu_write_1(sc, 0xfe5b, 0x04); 2531 /* Fix USB Rx FIFO issue. / 2532* rsu_write_1(sc, 0xfe5c, 2533 rsu_read_1(sc, 0xfe5c) \| 0x80); 2534 2535 /* Set MAC address. / 2536* IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr); 2537 rsu_write_region_1(sc, R92S_MACID, macaddr, IEEE80211_ADDR_LEN); 2538 2539 /* It really takes 1.5 seconds for the firmware to boot: / 2540* rsu_ms_delay(sc, 2000); 2541 2542 RSU_DPRINTF(sc, RSU_DEBUG_RESET, "%s: setting MAC address to %s\n", 2543 __func__, 2544 ether_sprintf(macaddr)); 2545 error = rsu_fw_cmd(sc, R92S_CMD_SET_MAC_ADDRESS, macaddr, 2546 IEEE80211_ADDR_LEN); 2547 if (error != 0) { 2548 device_printf(sc->sc_dev, "could not set MAC address\n"); 2549 goto fail; 2550 } 2551 2552 rsu_write_1(sc, R92S_USB_HRPWM, 2553 R92S_USB_HRPWM_PS_ST_ACTIVE \| R92S_USB_HRPWM_PS_ALL_ON); 2554 2555 /* Set PS mode fully active / 2556* memset(&cmd, 0, sizeof(cmd)); 2557 cmd.mode = R92S_PS_MODE_ACTIVE; 2558 RSU_DPRINTF(sc, RSU_DEBUG_RESET, "%s: setting ps mode to %d\n", 2559 __func__, cmd.mode); 2560 error = rsu_fw_cmd(sc, R92S_CMD_SET_PWR_MODE, &cmd, sizeof(cmd)); 2561 if (error != 0) { 2562 device_printf(sc->sc_dev, "could not set PS mode\n"); 2563 goto fail; 2564 } 2565 2566 if (ic->ic_htcaps & IEEE80211_HTCAP_CHWIDTH40) { 2567 /* Enable 40MHz mode. / 2568* error = rsu_fw_iocmd(sc, 2569 SM(R92S_IOCMD_CLASS, 0xf4) \| 2570 SM(R92S_IOCMD_INDEX, 0x00) \| 2571 SM(R92S_IOCMD_VALUE, 0x0007)); 2572 if (error != 0) { 2573 device_printf(sc->sc_dev, 2574 "could not enable 40MHz mode\n"); 2575 goto fail; 2576 } 2577 } 2578 2579 sc->sc_scan_pass = 0; 2580 usbd_transfer_start(sc->sc_xfer[RSU_BULK_RX]); 2581 2582 /* We're ready to go. / 2583* sc->sc_running = 1; 2584 return; 2585fail: 2586 /* Need to stop all failed transfers, if any / 2587* for (i = 0; i != RSU_N_TRANSFER; i++) 2588 usbd_transfer_stop(sc->sc_xfer[i]); 2589} 2590 2591static void 2592rsu_stop(struct rsu_softc sc) 2593{ 2594* int i; 2595 2596 sc->sc_running = 0; 2597 sc->sc_calibrating = 0; 2598 taskqueue_cancel_timeout(taskqueue_thread, &sc->calib_task, NULL); 2599 2600 /* Power off adapter. / 2601* rsu_power_off(sc); 2602 2603 for (i = 0; i < RSU_N_TRANSFER; i++) 2604 usbd_transfer_stop(sc->sc_xfer[i]); 2605} 2606 2607/* 2608 * Note: usb_pause_mtx() actually releases the mutex before calling pause(), 2609 * which breaks any kind of driver serialisation. 2610 / 2611static void 2612rsu_ms_delay(struct rsu_softc sc, int ms) 2613{ 2614 2615 //usb_pause_mtx(&sc->sc_mtx, hz / 1000); 2616 DELAY(ms * 1000); 2617}	570 /* complete setup / 571* ieee80211_vap_attach(vap, ieee80211_media_change, 572 ieee80211_media_status, mac); 573 ic->ic_opmode = opmode; 574 575 return (vap); 576} 577 578static void 579rsu_vap_delete(struct ieee80211vap vap) 580{ 581* struct rsu_vap uvp = RSU_VAP(vap); 582* 583 ieee80211_vap_detach(vap); 584 free(uvp, M_80211_VAP); 585} 586 587static void 588rsu_scan_start(struct ieee80211com ic) 589{ 590* struct rsu_softc sc = ic->ic_softc; 591* int error; 592 593 /* Scanning is done by the firmware. / 594* RSU_LOCK(sc); 595 error = rsu_site_survey(sc, TAILQ_FIRST(&ic->ic_vaps)); 596 RSU_UNLOCK(sc); 597 if (error != 0) 598 device_printf(sc->sc_dev, 599 "could not send site survey command\n"); 600} 601 602static void 603rsu_scan_end(struct ieee80211com ic) 604{ 605* /* Nothing to do here. / 606} 607* 608static void 609rsu_set_channel(struct ieee80211com ic __unused) 610{ 611* /* We are unable to switch channels, yet. / 612} 613* 614static void 615rsu_update_mcast(struct ieee80211com ic) 616{ 617* /* XXX do nothing? / 618} 619* 620static int 621rsu_alloc_list(struct rsu_softc sc, struct rsu_data data[], 622* int ndata, int maxsz) 623{ 624 int i, error; 625 626 for (i = 0; i < ndata; i++) { 627 struct rsu_data dp = &data[i]; 628* dp->sc = sc; 629 dp->m = NULL; 630 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT); 631 if (dp->buf == NULL) { 632 device_printf(sc->sc_dev, 633 "could not allocate buffer\n"); 634 error = ENOMEM; 635 goto fail; 636 } 637 dp->ni = NULL; 638 } 639 640 return (0); 641fail: 642 rsu_free_list(sc, data, ndata); 643 return (error); 644} 645 646static int 647rsu_alloc_rx_list(struct rsu_softc sc) 648{ 649* int error, i; 650 651 error = rsu_alloc_list(sc, sc->sc_rx, RSU_RX_LIST_COUNT, 652 RSU_RXBUFSZ); 653 if (error != 0) 654 return (error); 655 656 STAILQ_INIT(&sc->sc_rx_active); 657 STAILQ_INIT(&sc->sc_rx_inactive); 658 659 for (i = 0; i < RSU_RX_LIST_COUNT; i++) 660 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next); 661 662 return (0); 663} 664 665static int 666rsu_alloc_tx_list(struct rsu_softc sc) 667{ 668* int error, i; 669 670 error = rsu_alloc_list(sc, sc->sc_tx, RSU_TX_LIST_COUNT, 671 RSU_TXBUFSZ); 672 if (error != 0) 673 return (error); 674 675 STAILQ_INIT(&sc->sc_tx_inactive); 676 677 for (i = 0; i != RSU_N_TRANSFER; i++) { 678 STAILQ_INIT(&sc->sc_tx_active[i]); 679 STAILQ_INIT(&sc->sc_tx_pending[i]); 680 } 681 682 for (i = 0; i < RSU_TX_LIST_COUNT; i++) { 683 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next); 684 } 685 686 return (0); 687} 688 689static void 690rsu_free_tx_list(struct rsu_softc sc) 691{ 692* int i; 693 694 /* prevent further allocations from TX list(s) / 695* STAILQ_INIT(&sc->sc_tx_inactive); 696 697 for (i = 0; i != RSU_N_TRANSFER; i++) { 698 STAILQ_INIT(&sc->sc_tx_active[i]); 699 STAILQ_INIT(&sc->sc_tx_pending[i]); 700 } 701 702 rsu_free_list(sc, sc->sc_tx, RSU_TX_LIST_COUNT); 703} 704 705static void 706rsu_free_rx_list(struct rsu_softc sc) 707{ 708* /* prevent further allocations from RX list(s) / 709* STAILQ_INIT(&sc->sc_rx_inactive); 710 STAILQ_INIT(&sc->sc_rx_active); 711 712 rsu_free_list(sc, sc->sc_rx, RSU_RX_LIST_COUNT); 713} 714 715static void 716rsu_free_list(struct rsu_softc sc, struct rsu_data data[], int ndata) 717{ 718* int i; 719 720 for (i = 0; i < ndata; i++) { 721 struct rsu_data dp = &data[i]; 722* 723 if (dp->buf != NULL) { 724 free(dp->buf, M_USBDEV); 725 dp->buf = NULL; 726 } 727 if (dp->ni != NULL) { 728 ieee80211_free_node(dp->ni); 729 dp->ni = NULL; 730 } 731 } 732} 733 734static struct rsu_data * 735_rsu_getbuf(struct rsu_softc sc) 736{ 737* struct rsu_data bf; 738* 739 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 740 if (bf != NULL) 741 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 742 else 743 bf = NULL; 744 if (bf == NULL) 745 DPRINTF("out of xmit buffers\n"); 746 return (bf); 747} 748 749static struct rsu_data * 750rsu_getbuf(struct rsu_softc sc) 751{ 752* struct rsu_data bf; 753* 754 RSU_ASSERT_LOCKED(sc); 755 756 bf = _rsu_getbuf(sc); 757 if (bf == NULL) 758 DPRINTF("stop queue\n"); 759 return (bf); 760} 761 762static int 763rsu_write_region_1(struct rsu_softc sc, uint16_t addr, uint8_t buf, 764 int len) 765{ 766 usb_device_request_t req; 767 768 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 769 req.bRequest = R92S_REQ_REGS; 770 USETW(req.wValue, addr); 771 USETW(req.wIndex, 0); 772 USETW(req.wLength, len); 773 774 return (rsu_do_request(sc, &req, buf)); 775} 776 777static void 778rsu_write_1(struct rsu_softc sc, uint16_t addr, uint8_t val) 779{ 780* rsu_write_region_1(sc, addr, &val, 1); 781} 782 783static void 784rsu_write_2(struct rsu_softc sc, uint16_t addr, uint16_t val) 785{ 786* val = htole16(val); 787 rsu_write_region_1(sc, addr, (uint8_t )&val, 2); 788} 789* 790static void 791rsu_write_4(struct rsu_softc sc, uint16_t addr, uint32_t val) 792{ 793* val = htole32(val); 794 rsu_write_region_1(sc, addr, (uint8_t )&val, 4); 795} 796* 797static int 798rsu_read_region_1(struct rsu_softc sc, uint16_t addr, uint8_t buf, 799 int len) 800{ 801 usb_device_request_t req; 802 803 req.bmRequestType = UT_READ_VENDOR_DEVICE; 804 req.bRequest = R92S_REQ_REGS; 805 USETW(req.wValue, addr); 806 USETW(req.wIndex, 0); 807 USETW(req.wLength, len); 808 809 return (rsu_do_request(sc, &req, buf)); 810} 811 812static uint8_t 813rsu_read_1(struct rsu_softc sc, uint16_t addr) 814{ 815* uint8_t val; 816 817 if (rsu_read_region_1(sc, addr, &val, 1) != 0) 818 return (0xff); 819 return (val); 820} 821 822static uint16_t 823rsu_read_2(struct rsu_softc sc, uint16_t addr) 824{ 825* uint16_t val; 826 827 if (rsu_read_region_1(sc, addr, (uint8_t )&val, 2) != 0) 828* return (0xffff); 829 return (le16toh(val)); 830} 831 832static uint32_t 833rsu_read_4(struct rsu_softc sc, uint16_t addr) 834{ 835* uint32_t val; 836 837 if (rsu_read_region_1(sc, addr, (uint8_t )&val, 4) != 0) 838* return (0xffffffff); 839 return (le32toh(val)); 840} 841 842static int 843rsu_fw_iocmd(struct rsu_softc sc, uint32_t iocmd) 844{ 845* int ntries; 846 847 rsu_write_4(sc, R92S_IOCMD_CTRL, iocmd); 848 rsu_ms_delay(sc, 1); 849 for (ntries = 0; ntries < 50; ntries++) { 850 if (rsu_read_4(sc, R92S_IOCMD_CTRL) == 0) 851 return (0); 852 rsu_ms_delay(sc, 1); 853 } 854 return (ETIMEDOUT); 855} 856 857static uint8_t 858rsu_efuse_read_1(struct rsu_softc sc, uint16_t addr) 859{ 860* uint32_t reg; 861 int ntries; 862 863 reg = rsu_read_4(sc, R92S_EFUSE_CTRL); 864 reg = RW(reg, R92S_EFUSE_CTRL_ADDR, addr); 865 reg &= ~R92S_EFUSE_CTRL_VALID; 866 rsu_write_4(sc, R92S_EFUSE_CTRL, reg); 867 /* Wait for read operation to complete. / 868* for (ntries = 0; ntries < 100; ntries++) { 869 reg = rsu_read_4(sc, R92S_EFUSE_CTRL); 870 if (reg & R92S_EFUSE_CTRL_VALID) 871 return (MS(reg, R92S_EFUSE_CTRL_DATA)); 872 rsu_ms_delay(sc, 1); 873 } 874 device_printf(sc->sc_dev, 875 "could not read efuse byte at address 0x%x\n", addr); 876 return (0xff); 877} 878 879static int 880rsu_read_rom(struct rsu_softc sc) 881{ 882* uint8_t rom = sc->rom; 883* uint16_t addr = 0; 884 uint32_t reg; 885 uint8_t off, msk; 886 int i; 887 888 /* Make sure that ROM type is eFuse and that autoload succeeded. / 889* reg = rsu_read_1(sc, R92S_EE_9346CR); 890 if ((reg & (R92S_9356SEL \| R92S_EEPROM_EN)) != R92S_EEPROM_EN) 891 return (EIO); 892 893 /* Turn on 2.5V to prevent eFuse leakage. / 894* reg = rsu_read_1(sc, R92S_EFUSE_TEST + 3); 895 rsu_write_1(sc, R92S_EFUSE_TEST + 3, reg \| 0x80); 896 rsu_ms_delay(sc, 1); 897 rsu_write_1(sc, R92S_EFUSE_TEST + 3, reg & ~0x80); 898 899 /* Read full ROM image. / 900* memset(&sc->rom, 0xff, sizeof(sc->rom)); 901 while (addr < 512) { 902 reg = rsu_efuse_read_1(sc, addr); 903 if (reg == 0xff) 904 break; 905 addr++; 906 off = reg >> 4; 907 msk = reg & 0xf; 908 for (i = 0; i < 4; i++) { 909 if (msk & (1 << i)) 910 continue; 911 rom[off * 8 + i * 2 + 0] = 912 rsu_efuse_read_1(sc, addr); 913 addr++; 914 rom[off * 8 + i * 2 + 1] = 915 rsu_efuse_read_1(sc, addr); 916 addr++; 917 } 918 } 919#ifdef USB_DEBUG 920 if (rsu_debug >= 5) { 921 /* Dump ROM content. / 922* printf("\n"); 923 for (i = 0; i < sizeof(sc->rom); i++) 924 printf("%02x:", rom[i]); 925 printf("\n"); 926 } 927#endif 928 return (0); 929} 930 931static int 932rsu_fw_cmd(struct rsu_softc sc, uint8_t code, void buf, int len) 933{ 934 const uint8_t which = RSU_H2C_ENDPOINT; 935 struct rsu_data data; 936* struct r92s_tx_desc txd; 937* struct r92s_fw_cmd_hdr cmd; 938* int cmdsz; 939 int xferlen; 940 941 data = rsu_getbuf(sc); 942 if (data == NULL) 943 return (ENOMEM); 944 945 /* Round-up command length to a multiple of 8 bytes. / 946* cmdsz = (len + 7) & ~7; 947 948 xferlen = sizeof(txd) + sizeof(cmd) + cmdsz; 949 KASSERT(xferlen <= RSU_TXBUFSZ, ("%s: invalid length", __func__)); 950 memset(data->buf, 0, xferlen); 951 952 /* Setup Tx descriptor. / 953* txd = (struct r92s_tx_desc )data->buf; 954* txd->txdw0 = htole32( 955 SM(R92S_TXDW0_OFFSET, sizeof(txd)) \| 956* SM(R92S_TXDW0_PKTLEN, sizeof(cmd) + cmdsz) \| 957* R92S_TXDW0_OWN \| R92S_TXDW0_FSG \| R92S_TXDW0_LSG); 958 txd->txdw1 = htole32(SM(R92S_TXDW1_QSEL, R92S_TXDW1_QSEL_H2C)); 959 960 /* Setup command header. / 961* cmd = (struct r92s_fw_cmd_hdr )&txd[1]; 962* cmd->len = htole16(cmdsz); 963 cmd->code = code; 964 cmd->seq = sc->cmd_seq; 965 sc->cmd_seq = (sc->cmd_seq + 1) & 0x7f; 966 967 /* Copy command payload. / 968* memcpy(&cmd[1], buf, len); 969 970 RSU_DPRINTF(sc, RSU_DEBUG_TX \| RSU_DEBUG_FWCMD, 971 "%s: Tx cmd code=0x%x len=0x%x\n", 972 __func__, code, cmdsz); 973 data->buflen = xferlen; 974 STAILQ_INSERT_TAIL(&sc->sc_tx_pending[which], data, next); 975 usbd_transfer_start(sc->sc_xfer[which]); 976 977 return (0); 978} 979 980/* ARGSUSED / 981static void 982rsu_calib_task(void arg, int pending __unused) 983{ 984 struct rsu_softc sc = arg; 985* uint32_t reg; 986 987 RSU_DPRINTF(sc, RSU_DEBUG_CALIB, "%s: running calibration task\n", 988 __func__); 989 990 RSU_LOCK(sc); 991#ifdef notyet 992 /* Read WPS PBC status. / 993* rsu_write_1(sc, R92S_MAC_PINMUX_CTRL, 994 R92S_GPIOMUX_EN \| SM(R92S_GPIOSEL_GPIO, R92S_GPIOSEL_GPIO_JTAG)); 995 rsu_write_1(sc, R92S_GPIO_IO_SEL, 996 rsu_read_1(sc, R92S_GPIO_IO_SEL) & ~R92S_GPIO_WPS); 997 reg = rsu_read_1(sc, R92S_GPIO_CTRL); 998 if (reg != 0xff && (reg & R92S_GPIO_WPS)) 999 DPRINTF(("WPS PBC is pushed\n")); 1000#endif 1001 /* Read current signal level. / 1002* if (rsu_fw_iocmd(sc, 0xf4000001) == 0) { 1003 reg = rsu_read_4(sc, R92S_IOCMD_DATA); 1004 RSU_DPRINTF(sc, RSU_DEBUG_CALIB, "%s: RSSI=%d%%\n", 1005 __func__, reg >> 4); 1006 } 1007 if (sc->sc_calibrating) 1008 taskqueue_enqueue_timeout(taskqueue_thread, &sc->calib_task, hz); 1009 RSU_UNLOCK(sc); 1010} 1011 1012static int 1013rsu_newstate(struct ieee80211vap vap, enum ieee80211_state nstate, int arg) 1014{ 1015* struct rsu_vap uvp = RSU_VAP(vap); 1016* struct ieee80211com ic = vap->iv_ic; 1017* struct rsu_softc sc = ic->ic_softc; 1018* struct ieee80211_node ni; 1019* struct ieee80211_rateset rs; 1020* enum ieee80211_state ostate; 1021 int error, startcal = 0; 1022 1023 ostate = vap->iv_state; 1024 RSU_DPRINTF(sc, RSU_DEBUG_STATE, "%s: %s -> %s\n", 1025 __func__, 1026 ieee80211_state_name[ostate], 1027 ieee80211_state_name[nstate]); 1028 1029 IEEE80211_UNLOCK(ic); 1030 if (ostate == IEEE80211_S_RUN) { 1031 RSU_LOCK(sc); 1032 /* Stop calibration. / 1033* sc->sc_calibrating = 0; 1034 RSU_UNLOCK(sc); 1035 taskqueue_drain_timeout(taskqueue_thread, &sc->calib_task); 1036 /* Disassociate from our current BSS. / 1037* RSU_LOCK(sc); 1038 rsu_disconnect(sc); 1039 } else 1040 RSU_LOCK(sc); 1041 switch (nstate) { 1042 case IEEE80211_S_INIT: 1043 break; 1044 case IEEE80211_S_AUTH: 1045 ni = ieee80211_ref_node(vap->iv_bss); 1046 error = rsu_join_bss(sc, ni); 1047 ieee80211_free_node(ni); 1048 if (error != 0) { 1049 device_printf(sc->sc_dev, 1050 "could not send join command\n"); 1051 } 1052 break; 1053 case IEEE80211_S_RUN: 1054 ni = ieee80211_ref_node(vap->iv_bss); 1055 rs = &ni->ni_rates; 1056 /* Indicate highest supported rate. / 1057* ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1]; 1058 ieee80211_free_node(ni); 1059 startcal = 1; 1060 break; 1061 default: 1062 break; 1063 } 1064 sc->sc_calibrating = 1; 1065 /* Start periodic calibration. / 1066* taskqueue_enqueue_timeout(taskqueue_thread, &sc->calib_task, hz); 1067 RSU_UNLOCK(sc); 1068 IEEE80211_LOCK(ic); 1069 return (uvp->newstate(vap, nstate, arg)); 1070} 1071 1072#ifdef notyet 1073static void 1074rsu_set_key(struct rsu_softc sc, const struct ieee80211_key k) 1075{ 1076 struct r92s_fw_cmd_set_key key; 1077 1078 memset(&key, 0, sizeof(key)); 1079 /* Map net80211 cipher to HW crypto algorithm. / 1080* switch (k->wk_cipher->ic_cipher) { 1081 case IEEE80211_CIPHER_WEP: 1082 if (k->wk_keylen < 8) 1083 key.algo = R92S_KEY_ALGO_WEP40; 1084 else 1085 key.algo = R92S_KEY_ALGO_WEP104; 1086 break; 1087 case IEEE80211_CIPHER_TKIP: 1088 key.algo = R92S_KEY_ALGO_TKIP; 1089 break; 1090 case IEEE80211_CIPHER_AES_CCM: 1091 key.algo = R92S_KEY_ALGO_AES; 1092 break; 1093 default: 1094 return; 1095 } 1096 key.id = k->wk_keyix; 1097 key.grpkey = (k->wk_flags & IEEE80211_KEY_GROUP) != 0; 1098 memcpy(key.key, k->wk_key, MIN(k->wk_keylen, sizeof(key.key))); 1099 (void)rsu_fw_cmd(sc, R92S_CMD_SET_KEY, &key, sizeof(key)); 1100} 1101 1102static void 1103rsu_delete_key(struct rsu_softc sc, const struct ieee80211_key k) 1104{ 1105 struct r92s_fw_cmd_set_key key; 1106 1107 memset(&key, 0, sizeof(key)); 1108 key.id = k->wk_keyix; 1109 (void)rsu_fw_cmd(sc, R92S_CMD_SET_KEY, &key, sizeof(key)); 1110} 1111#endif 1112 1113static int 1114rsu_site_survey(struct rsu_softc sc, struct ieee80211vap vap) 1115{ 1116 struct r92s_fw_cmd_sitesurvey cmd; 1117 struct ieee80211com ic = &sc->sc_ic; 1118* 1119 memset(&cmd, 0, sizeof(cmd)); 1120 if ((ic->ic_flags & IEEE80211_F_ASCAN) \|\| sc->sc_scan_pass == 1) 1121 cmd.active = htole32(1); 1122 cmd.limit = htole32(48); 1123 if (sc->sc_scan_pass == 1 && vap->iv_des_nssid > 0) { 1124 /* Do a directed scan for second pass. / 1125* cmd.ssidlen = htole32(vap->iv_des_ssid[0].len); 1126 memcpy(cmd.ssid, vap->iv_des_ssid[0].ssid, 1127 vap->iv_des_ssid[0].len); 1128 1129 } 1130 DPRINTF("sending site survey command, pass=%d\n", sc->sc_scan_pass); 1131 return (rsu_fw_cmd(sc, R92S_CMD_SITE_SURVEY, &cmd, sizeof(cmd))); 1132} 1133 1134static int 1135rsu_join_bss(struct rsu_softc sc, struct ieee80211_node ni) 1136{ 1137 struct ieee80211com ic = &sc->sc_ic; 1138* struct ieee80211vap vap = ni->ni_vap; 1139* struct ndis_wlan_bssid_ex bss; 1140* struct ndis_802_11_fixed_ies fixed; 1141* struct r92s_fw_cmd_auth auth; 1142 uint8_t buf[sizeof(bss) + 128] __aligned(4); 1143* uint8_t frm; 1144* uint8_t opmode; 1145 int error; 1146 1147 /* Let the FW decide the opmode based on the capinfo field. / 1148* opmode = NDIS802_11AUTOUNKNOWN; 1149 RSU_DPRINTF(sc, RSU_DEBUG_RESET, 1150 "%s: setting operating mode to %d\n", 1151 __func__, opmode); 1152 error = rsu_fw_cmd(sc, R92S_CMD_SET_OPMODE, &opmode, sizeof(opmode)); 1153 if (error != 0) 1154 return (error); 1155 1156 memset(&auth, 0, sizeof(auth)); 1157 if (vap->iv_flags & IEEE80211_F_WPA) { 1158 auth.mode = R92S_AUTHMODE_WPA; 1159 auth.dot1x = (ni->ni_authmode == IEEE80211_AUTH_8021X); 1160 } else 1161 auth.mode = R92S_AUTHMODE_OPEN; 1162 RSU_DPRINTF(sc, RSU_DEBUG_RESET, 1163 "%s: setting auth mode to %d\n", 1164 __func__, auth.mode); 1165 error = rsu_fw_cmd(sc, R92S_CMD_SET_AUTH, &auth, sizeof(auth)); 1166 if (error != 0) 1167 return (error); 1168 1169 memset(buf, 0, sizeof(buf)); 1170 bss = (struct ndis_wlan_bssid_ex )buf; 1171* IEEE80211_ADDR_COPY(bss->macaddr, ni->ni_bssid); 1172 bss->ssid.ssidlen = htole32(ni->ni_esslen); 1173 memcpy(bss->ssid.ssid, ni->ni_essid, ni->ni_esslen); 1174 if (vap->iv_flags & (IEEE80211_F_PRIVACY \| IEEE80211_F_WPA)) 1175 bss->privacy = htole32(1); 1176 bss->rssi = htole32(ni->ni_avgrssi); 1177 if (ic->ic_curmode == IEEE80211_MODE_11B) 1178 bss->networktype = htole32(NDIS802_11DS); 1179 else 1180 bss->networktype = htole32(NDIS802_11OFDM24); 1181 bss->config.len = htole32(sizeof(bss->config)); 1182 bss->config.bintval = htole32(ni->ni_intval); 1183 bss->config.dsconfig = htole32(ieee80211_chan2ieee(ic, ni->ni_chan)); 1184 bss->inframode = htole32(NDIS802_11INFRASTRUCTURE); 1185 /* XXX verify how this is supposed to look! / 1186* memcpy(bss->supprates, ni->ni_rates.rs_rates, 1187 ni->ni_rates.rs_nrates); 1188 /* Write the fixed fields of the beacon frame. / 1189* fixed = (struct ndis_802_11_fixed_ies )&bss[1]; 1190* memcpy(&fixed->tstamp, ni->ni_tstamp.data, 8); 1191 fixed->bintval = htole16(ni->ni_intval); 1192 fixed->capabilities = htole16(ni->ni_capinfo); 1193 /* Write IEs to be included in the association request. / 1194* frm = (uint8_t )&fixed[1]; 1195* frm = ieee80211_add_rsn(frm, vap); 1196 frm = ieee80211_add_wpa(frm, vap); 1197 frm = ieee80211_add_qos(frm, ni); 1198 if ((ic->ic_flags & IEEE80211_F_WME) && 1199 (ni->ni_ies.wme_ie != NULL)) 1200 frm = ieee80211_add_wme_info(frm, &ic->ic_wme); 1201 if (ni->ni_flags & IEEE80211_NODE_HT) 1202 frm = ieee80211_add_htcap(frm, ni); 1203 bss->ieslen = htole32(frm - (uint8_t )fixed); 1204* bss->len = htole32(((frm - buf) + 3) & ~3); 1205 RSU_DPRINTF(sc, RSU_DEBUG_RESET \| RSU_DEBUG_FWCMD, 1206 "%s: sending join bss command to %s chan %d\n", 1207 __func__, 1208 ether_sprintf(bss->macaddr), le32toh(bss->config.dsconfig)); 1209 return (rsu_fw_cmd(sc, R92S_CMD_JOIN_BSS, buf, sizeof(buf))); 1210} 1211 1212static int 1213rsu_disconnect(struct rsu_softc sc) 1214{ 1215* uint32_t zero = 0; /* :-) / 1216* 1217 /* Disassociate from our current BSS. / 1218* RSU_DPRINTF(sc, RSU_DEBUG_STATE \| RSU_DEBUG_FWCMD, 1219 "%s: sending disconnect command\n", __func__); 1220 return (rsu_fw_cmd(sc, R92S_CMD_DISCONNECT, &zero, sizeof(zero))); 1221} 1222 1223static void 1224rsu_event_survey(struct rsu_softc sc, uint8_t buf, int len) 1225{ 1226 struct ieee80211com ic = &sc->sc_ic; 1227* struct ieee80211_frame wh; 1228* struct ndis_wlan_bssid_ex bss; 1229* struct ieee80211_rx_stats rxs; 1230 struct mbuf m; 1231* int pktlen; 1232 1233 if (__predict_false(len < sizeof(bss))) 1234* return; 1235 bss = (struct ndis_wlan_bssid_ex )buf; 1236* if (__predict_false(len < sizeof(bss) + le32toh(bss->ieslen))) 1237* return; 1238 1239 RSU_DPRINTF(sc, RSU_DEBUG_SCAN, 1240 "%s: found BSS %s: len=%d chan=%d inframode=%d " 1241 "networktype=%d privacy=%d, RSSI=%d\n", 1242 __func__, 1243 ether_sprintf(bss->macaddr), le32toh(bss->len), 1244 le32toh(bss->config.dsconfig), le32toh(bss->inframode), 1245 le32toh(bss->networktype), le32toh(bss->privacy), 1246 le32toh(bss->rssi)); 1247 1248 /* Build a fake beacon frame to let net80211 do all the parsing. / 1249* /* XXX TODO: just call the new scan API methods! / 1250* pktlen = sizeof(wh) + le32toh(bss->ieslen); 1251* if (__predict_false(pktlen > MCLBYTES)) 1252 return; 1253 m = m_get2(pktlen, M_NOWAIT, MT_DATA, M_PKTHDR); 1254 if (__predict_false(m == NULL)) 1255 return; 1256 wh = mtod(m, struct ieee80211_frame ); 1257* wh->i_fc[0] = IEEE80211_FC0_VERSION_0 \| IEEE80211_FC0_TYPE_MGT \| 1258 IEEE80211_FC0_SUBTYPE_BEACON; 1259 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 1260 USETW(wh->i_dur, 0); 1261 IEEE80211_ADDR_COPY(wh->i_addr1, ieee80211broadcastaddr); 1262 IEEE80211_ADDR_COPY(wh->i_addr2, bss->macaddr); 1263 IEEE80211_ADDR_COPY(wh->i_addr3, bss->macaddr); 1264 (uint16_t )wh->i_seq = 0; 1265 memcpy(&wh[1], (uint8_t )&bss[1], le32toh(bss->ieslen)); 1266* 1267 /* Finalize mbuf. / 1268* m->m_pkthdr.len = m->m_len = pktlen; 1269 1270 /* Set channel flags for input path / 1271* bzero(&rxs, sizeof(rxs)); 1272 rxs.r_flags \|= IEEE80211_R_IEEE \| IEEE80211_R_FREQ; 1273 rxs.r_flags \|= IEEE80211_R_NF \| IEEE80211_R_RSSI; 1274 rxs.c_ieee = le32toh(bss->config.dsconfig); 1275 rxs.c_freq = ieee80211_ieee2mhz(rxs.c_ieee, IEEE80211_CHAN_2GHZ); 1276 rxs.rssi = le32toh(bss->rssi); 1277 rxs.nf = 0; /* XXX / 1278* 1279 /* XXX avoid a LOR / 1280* RSU_UNLOCK(sc); 1281 ieee80211_input_mimo_all(ic, m, &rxs); 1282 RSU_LOCK(sc); 1283} 1284 1285static void 1286rsu_event_join_bss(struct rsu_softc sc, uint8_t buf, int len) 1287{ 1288 struct ieee80211com ic = &sc->sc_ic; 1289* struct ieee80211vap vap = TAILQ_FIRST(&ic->ic_vaps); 1290* struct ieee80211_node ni = vap->iv_bss; 1291* struct r92s_event_join_bss rsp; 1292* uint32_t tmp; 1293 int res; 1294 1295 if (__predict_false(len < sizeof(rsp))) 1296* return; 1297 rsp = (struct r92s_event_join_bss )buf; 1298* res = (int)le32toh(rsp->join_res); 1299 1300 RSU_DPRINTF(sc, RSU_DEBUG_STATE \| RSU_DEBUG_FWCMD, 1301 "%s: Rx join BSS event len=%d res=%d\n", 1302 __func__, len, res); 1303 if (res <= 0) { 1304 RSU_UNLOCK(sc); 1305 ieee80211_new_state(vap, IEEE80211_S_SCAN, -1); 1306 RSU_LOCK(sc); 1307 return; 1308 } 1309 tmp = le32toh(rsp->associd); 1310 if (tmp >= vap->iv_max_aid) { 1311 DPRINTF("Assoc ID overflow\n"); 1312 tmp = 1; 1313 } 1314 RSU_DPRINTF(sc, RSU_DEBUG_STATE \| RSU_DEBUG_FWCMD, 1315 "%s: associated with %s associd=%d\n", 1316 __func__, ether_sprintf(rsp->bss.macaddr), tmp); 1317 /* XXX is this required? What's the top two bits for again? / 1318* ni->ni_associd = tmp \| 0xc000; 1319 RSU_UNLOCK(sc); 1320 ieee80211_new_state(vap, IEEE80211_S_RUN, 1321 IEEE80211_FC0_SUBTYPE_ASSOC_RESP); 1322 RSU_LOCK(sc); 1323} 1324 1325static void 1326rsu_event_addba_req_report(struct rsu_softc sc, uint8_t buf, int len) 1327{ 1328 struct ieee80211com ic = &sc->sc_ic; 1329* struct ieee80211vap vap = TAILQ_FIRST(&ic->ic_vaps); 1330* struct r92s_add_ba_event ba = (void ) buf; 1331 struct ieee80211_node ni; 1332* 1333 if (len < sizeof(ba)) { 1334* device_printf(sc->sc_dev, "%s: short read (%d)\n", __func__, len); 1335 return; 1336 } 1337 1338 if (vap == NULL) 1339 return; 1340 1341 device_printf(sc->sc_dev, "%s: mac=%s, tid=%d, ssn=%d\n", 1342 __func__, 1343 ether_sprintf(ba->mac_addr), 1344 (int) ba->tid, 1345 (int) le16toh(ba->ssn)); 1346 1347 /* XXX do node lookup; this is STA specific / 1348* 1349 ni = ieee80211_ref_node(vap->iv_bss); 1350 ieee80211_ampdu_rx_start_ext(ni, ba->tid, le16toh(ba->ssn) >> 4, 32); 1351 ieee80211_free_node(ni); 1352} 1353 1354static void 1355rsu_rx_event(struct rsu_softc sc, uint8_t code, uint8_t buf, int len) 1356{ 1357 struct ieee80211com ic = &sc->sc_ic; 1358* struct ieee80211vap vap = TAILQ_FIRST(&ic->ic_vaps); 1359* 1360 RSU_DPRINTF(sc, RSU_DEBUG_RX \| RSU_DEBUG_FWCMD, 1361 "%s: Rx event code=%d len=%d\n", __func__, code, len); 1362 switch (code) { 1363 case R92S_EVT_SURVEY: 1364 rsu_event_survey(sc, buf, len); 1365 break; 1366 case R92S_EVT_SURVEY_DONE: 1367 RSU_DPRINTF(sc, RSU_DEBUG_SCAN, 1368 "%s: site survey pass %d done, found %d BSS\n", 1369 __func__, sc->sc_scan_pass, le32toh((uint32_t )buf)); 1370 if (vap->iv_state != IEEE80211_S_SCAN) 1371 break; /* Ignore if not scanning. / 1372* if (sc->sc_scan_pass == 0 && vap->iv_des_nssid != 0) { 1373 /* Schedule a directed scan for hidden APs. / 1374* /* XXX bad! / 1375* sc->sc_scan_pass = 1; 1376 RSU_UNLOCK(sc); 1377 ieee80211_new_state(vap, IEEE80211_S_SCAN, -1); 1378 RSU_LOCK(sc); 1379 break; 1380 } 1381 sc->sc_scan_pass = 0; 1382 break; 1383 case R92S_EVT_JOIN_BSS: 1384 if (vap->iv_state == IEEE80211_S_AUTH) 1385 rsu_event_join_bss(sc, buf, len); 1386 break; 1387 case R92S_EVT_DEL_STA: 1388 RSU_DPRINTF(sc, RSU_DEBUG_FWCMD \| RSU_DEBUG_STATE, 1389 "%s: disassociated from %s\n", __func__, 1390 ether_sprintf(buf)); 1391 if (vap->iv_state == IEEE80211_S_RUN && 1392 IEEE80211_ADDR_EQ(vap->iv_bss->ni_bssid, buf)) { 1393 RSU_UNLOCK(sc); 1394 ieee80211_new_state(vap, IEEE80211_S_SCAN, -1); 1395 RSU_LOCK(sc); 1396 } 1397 break; 1398 case R92S_EVT_WPS_PBC: 1399 RSU_DPRINTF(sc, RSU_DEBUG_RX \| RSU_DEBUG_FWCMD, 1400 "%s: WPS PBC pushed.\n", __func__); 1401 break; 1402 case R92S_EVT_FWDBG: 1403 buf[60] = '\0'; 1404 RSU_DPRINTF(sc, RSU_DEBUG_FWDBG, "FWDBG: %s\n", (char )buf); 1405* break; 1406 1407 case R92S_EVT_ADDBA_REQ_REPORT: 1408 rsu_event_addba_req_report(sc, buf, len); 1409 break; 1410 default: 1411 RSU_DPRINTF(sc, RSU_DEBUG_ANY, "%s: unhandled code (%d)\n", 1412 __func__, code); 1413 break; 1414 } 1415} 1416 1417static void 1418rsu_rx_multi_event(struct rsu_softc sc, uint8_t buf, int len) 1419{ 1420 struct r92s_fw_cmd_hdr cmd; 1421* int cmdsz; 1422 1423 RSU_DPRINTF(sc, RSU_DEBUG_RX, "%s: Rx events len=%d\n", __func__, len); 1424 1425 /* Skip Rx status. / 1426* buf += sizeof(struct r92s_rx_stat); 1427 len -= sizeof(struct r92s_rx_stat); 1428 1429 /* Process all events. / 1430* for (;;) { 1431 /* Check that command header fits. / 1432* if (__predict_false(len < sizeof(cmd))) 1433* break; 1434 cmd = (struct r92s_fw_cmd_hdr )buf; 1435* /* Check that command payload fits. / 1436* cmdsz = le16toh(cmd->len); 1437 if (__predict_false(len < sizeof(cmd) + cmdsz)) 1438* break; 1439 1440 /* Process firmware event. / 1441* rsu_rx_event(sc, cmd->code, (uint8_t )&cmd[1], cmdsz); 1442* 1443 if (!(cmd->seq & R92S_FW_CMD_MORE)) 1444 break; 1445 buf += sizeof(cmd) + cmdsz; 1446* len -= sizeof(cmd) + cmdsz; 1447* } 1448} 1449 1450static int8_t 1451rsu_get_rssi(struct rsu_softc sc, int rate, void physt) 1452{ 1453 static const int8_t cckoff[] = { 14, -2, -20, -40 }; 1454 struct r92s_rx_phystat phy; 1455* struct r92s_rx_cck cck; 1456* uint8_t rpt; 1457 int8_t rssi; 1458 1459 if (rate <= 3) { 1460 cck = (struct r92s_rx_cck )physt; 1461* rpt = (cck->agc_rpt >> 6) & 0x3; 1462 rssi = cck->agc_rpt & 0x3e; 1463 rssi = cckoff[rpt] - rssi; 1464 } else { /* OFDM/HT. / 1465* phy = (struct r92s_rx_phystat )physt; 1466* rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 106; 1467 } 1468 return (rssi); 1469} 1470 1471static struct mbuf * 1472rsu_rx_frame(struct rsu_softc sc, uint8_t buf, int pktlen, int rssi) 1473{ 1474* struct ieee80211com ic = &sc->sc_ic; 1475* struct ieee80211_frame wh; 1476* struct r92s_rx_stat stat; 1477* uint32_t rxdw0, rxdw3; 1478 struct mbuf m; 1479* uint8_t rate; 1480 int infosz; 1481 1482 stat = (struct r92s_rx_stat )buf; 1483* rxdw0 = le32toh(stat->rxdw0); 1484 rxdw3 = le32toh(stat->rxdw3); 1485 1486 if (__predict_false(rxdw0 & R92S_RXDW0_CRCERR)) { 1487 counter_u64_add(ic->ic_ierrors, 1); 1488 return NULL; 1489 } 1490 if (__predict_false(pktlen < sizeof(wh) \|\| pktlen > MCLBYTES)) { 1491* counter_u64_add(ic->ic_ierrors, 1); 1492 return NULL; 1493 } 1494 1495 rate = MS(rxdw3, R92S_RXDW3_RATE); 1496 infosz = MS(rxdw0, R92S_RXDW0_INFOSZ) * 8; 1497 1498 /* Get RSSI from PHY status descriptor if present. / 1499* if (infosz != 0) 1500 rssi = rsu_get_rssi(sc, rate, &stat[1]); 1501* else 1502 rssi = 0; 1503* 1504 RSU_DPRINTF(sc, RSU_DEBUG_RX, 1505 "%s: Rx frame len=%d rate=%d infosz=%d rssi=%d\n", 1506 __func__, 1507 pktlen, rate, infosz, rssi); 1508* 1509 m = m_get2(pktlen, M_NOWAIT, MT_DATA, M_PKTHDR); 1510 if (__predict_false(m == NULL)) { 1511 counter_u64_add(ic->ic_ierrors, 1); 1512 return NULL; 1513 } 1514 /* Hardware does Rx TCP checksum offload. / 1515* if (rxdw3 & R92S_RXDW3_TCPCHKVALID) { 1516 if (__predict_true(rxdw3 & R92S_RXDW3_TCPCHKRPT)) 1517 m->m_pkthdr.csum_flags \|= CSUM_DATA_VALID; 1518 } 1519 wh = (struct ieee80211_frame )((uint8_t )&stat[1] + infosz); 1520 memcpy(mtod(m, uint8_t ), wh, pktlen); 1521* m->m_pkthdr.len = m->m_len = pktlen; 1522 1523 if (ieee80211_radiotap_active(ic)) { 1524 struct rsu_rx_radiotap_header tap = &sc->sc_rxtap; 1525* 1526 /* Map HW rate index to 802.11 rate. / 1527* tap->wr_flags = 2; 1528 if (!(rxdw3 & R92S_RXDW3_HTC)) { 1529 switch (rate) { 1530 /* CCK. / 1531* case 0: tap->wr_rate = 2; break; 1532 case 1: tap->wr_rate = 4; break; 1533 case 2: tap->wr_rate = 11; break; 1534 case 3: tap->wr_rate = 22; break; 1535 /* OFDM. / 1536* case 4: tap->wr_rate = 12; break; 1537 case 5: tap->wr_rate = 18; break; 1538 case 6: tap->wr_rate = 24; break; 1539 case 7: tap->wr_rate = 36; break; 1540 case 8: tap->wr_rate = 48; break; 1541 case 9: tap->wr_rate = 72; break; 1542 case 10: tap->wr_rate = 96; break; 1543 case 11: tap->wr_rate = 108; break; 1544 } 1545 } else if (rate >= 12) { /* MCS0~15. / 1546* /* Bit 7 set means HT MCS instead of rate. / 1547* tap->wr_rate = 0x80 \| (rate - 12); 1548 } 1549 tap->wr_dbm_antsignal = rssi; 1550* tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 1551 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 1552 } 1553 1554 return (m); 1555} 1556 1557static struct mbuf * 1558rsu_rx_multi_frame(struct rsu_softc sc, uint8_t buf, int len, int rssi) 1559{ 1560* struct r92s_rx_stat stat; 1561* uint32_t rxdw0; 1562 int totlen, pktlen, infosz, npkts; 1563 struct mbuf m, m0 = NULL, prevm = NULL; 1564* 1565 /* Get the number of encapsulated frames. / 1566* stat = (struct r92s_rx_stat )buf; 1567* npkts = MS(le32toh(stat->rxdw2), R92S_RXDW2_PKTCNT); 1568 RSU_DPRINTF(sc, RSU_DEBUG_RX, 1569 "%s: Rx %d frames in one chunk\n", __func__, npkts); 1570 1571 /* Process all of them. / 1572* while (npkts-- > 0) { 1573 if (__predict_false(len < sizeof(stat))) 1574* break; 1575 stat = (struct r92s_rx_stat )buf; 1576* rxdw0 = le32toh(stat->rxdw0); 1577 1578 pktlen = MS(rxdw0, R92S_RXDW0_PKTLEN); 1579 if (__predict_false(pktlen == 0)) 1580 break; 1581 1582 infosz = MS(rxdw0, R92S_RXDW0_INFOSZ) * 8; 1583 1584 /* Make sure everything fits in xfer. / 1585* totlen = sizeof(stat) + infosz + pktlen; 1586* if (__predict_false(totlen > len)) 1587 break; 1588 1589 /* Process 802.11 frame. / 1590* m = rsu_rx_frame(sc, buf, pktlen, rssi); 1591 if (m0 == NULL) 1592 m0 = m; 1593 if (prevm == NULL) 1594 prevm = m; 1595 else { 1596 prevm->m_next = m; 1597 prevm = m; 1598 } 1599 /* Next chunk is 128-byte aligned. / 1600* totlen = (totlen + 127) & ~127; 1601 buf += totlen; 1602 len -= totlen; 1603 } 1604 1605 return (m0); 1606} 1607 1608static struct mbuf * 1609rsu_rxeof(struct usb_xfer xfer, struct rsu_data data, int rssi) 1610{ 1611* struct rsu_softc sc = data->sc; 1612* struct ieee80211com ic = &sc->sc_ic; 1613* struct r92s_rx_stat stat; 1614* int len; 1615 1616 usbd_xfer_status(xfer, &len, NULL, NULL, NULL); 1617 1618 if (__predict_false(len < sizeof(stat))) { 1619* DPRINTF("xfer too short %d\n", len); 1620 counter_u64_add(ic->ic_ierrors, 1); 1621 return (NULL); 1622 } 1623 /* Determine if it is a firmware C2H event or an 802.11 frame. / 1624* stat = (struct r92s_rx_stat )data->buf; 1625* if ((le32toh(stat->rxdw1) & 0x1ff) == 0x1ff) { 1626 rsu_rx_multi_event(sc, data->buf, len); 1627 /* No packets to process. / 1628* return (NULL); 1629 } else 1630 return (rsu_rx_multi_frame(sc, data->buf, len, rssi)); 1631} 1632 1633static void 1634rsu_bulk_rx_callback(struct usb_xfer xfer, usb_error_t error) 1635{ 1636* struct rsu_softc sc = usbd_xfer_softc(xfer); 1637* struct ieee80211com ic = &sc->sc_ic; 1638* struct ieee80211_frame wh; 1639* struct ieee80211_node ni; 1640* struct mbuf m = NULL, next; 1641 struct rsu_data data; 1642* int rssi = 1; 1643 1644 RSU_ASSERT_LOCKED(sc); 1645 1646 switch (USB_GET_STATE(xfer)) { 1647 case USB_ST_TRANSFERRED: 1648 data = STAILQ_FIRST(&sc->sc_rx_active); 1649 if (data == NULL) 1650 goto tr_setup; 1651 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1652 m = rsu_rxeof(xfer, data, &rssi); 1653 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1654 /* FALLTHROUGH / 1655* case USB_ST_SETUP: 1656tr_setup: 1657 data = STAILQ_FIRST(&sc->sc_rx_inactive); 1658 if (data == NULL) { 1659 KASSERT(m == NULL, ("mbuf isn't NULL")); 1660 return; 1661 } 1662 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 1663 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 1664 usbd_xfer_set_frame_data(xfer, 0, data->buf, 1665 usbd_xfer_max_len(xfer)); 1666 usbd_transfer_submit(xfer); 1667 /* 1668 * To avoid LOR we should unlock our private mutex here to call 1669 * ieee80211_input() because here is at the end of a USB 1670 * callback and safe to unlock. 1671 / 1672* RSU_UNLOCK(sc); 1673 while (m != NULL) { 1674 next = m->m_next; 1675 m->m_next = NULL; 1676 wh = mtod(m, struct ieee80211_frame ); 1677* ni = ieee80211_find_rxnode(ic, 1678 (struct ieee80211_frame_min )wh); 1679* if (ni != NULL) { 1680 if (ni->ni_flags & IEEE80211_NODE_HT) 1681 m->m_flags \|= M_AMPDU; 1682 (void)ieee80211_input(ni, m, rssi, 0); 1683 ieee80211_free_node(ni); 1684 } else 1685 (void)ieee80211_input_all(ic, m, rssi, 0); 1686 m = next; 1687 } 1688 RSU_LOCK(sc); 1689 break; 1690 default: 1691 /* needs it to the inactive queue due to a error. / 1692* data = STAILQ_FIRST(&sc->sc_rx_active); 1693 if (data != NULL) { 1694 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1695 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1696 } 1697 if (error != USB_ERR_CANCELLED) { 1698 usbd_xfer_set_stall(xfer); 1699 counter_u64_add(ic->ic_ierrors, 1); 1700 goto tr_setup; 1701 } 1702 break; 1703 } 1704 1705} 1706 1707static void 1708rsu_txeof(struct usb_xfer xfer, struct rsu_data data) 1709{ 1710#ifdef USB_DEBUG 1711 struct rsu_softc sc = usbd_xfer_softc(xfer); 1712#endif 1713* 1714 RSU_DPRINTF(sc, RSU_DEBUG_TXDONE, "%s: called; data=%p\n", 1715 __func__, 1716 data); 1717 1718 if (data->m) { 1719 /* XXX status? / 1720* ieee80211_tx_complete(data->ni, data->m, 0); 1721 data->m = NULL; 1722 data->ni = NULL; 1723 } 1724} 1725 1726static void 1727rsu_bulk_tx_callback_sub(struct usb_xfer xfer, usb_error_t error, 1728* uint8_t which) 1729{ 1730 struct rsu_softc sc = usbd_xfer_softc(xfer); 1731* struct ieee80211com ic = &sc->sc_ic; 1732* struct rsu_data data; 1733* 1734 RSU_ASSERT_LOCKED(sc); 1735 1736 switch (USB_GET_STATE(xfer)) { 1737 case USB_ST_TRANSFERRED: 1738 data = STAILQ_FIRST(&sc->sc_tx_active[which]); 1739 if (data == NULL) 1740 goto tr_setup; 1741 RSU_DPRINTF(sc, RSU_DEBUG_TXDONE, "%s: transfer done %p\n", 1742 __func__, data); 1743 STAILQ_REMOVE_HEAD(&sc->sc_tx_active[which], next); 1744 rsu_txeof(xfer, data); 1745 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1746 /* FALLTHROUGH / 1747* case USB_ST_SETUP: 1748tr_setup: 1749 data = STAILQ_FIRST(&sc->sc_tx_pending[which]); 1750 if (data == NULL) { 1751 RSU_DPRINTF(sc, RSU_DEBUG_TXDONE, 1752 "%s: empty pending queue sc %p\n", __func__, sc); 1753 return; 1754 } 1755 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending[which], next); 1756 STAILQ_INSERT_TAIL(&sc->sc_tx_active[which], data, next); 1757 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 1758 RSU_DPRINTF(sc, RSU_DEBUG_TXDONE, 1759 "%s: submitting transfer %p\n", 1760 __func__, 1761 data); 1762 usbd_transfer_submit(xfer); 1763 break; 1764 default: 1765 data = STAILQ_FIRST(&sc->sc_tx_active[which]); 1766 if (data != NULL) { 1767 STAILQ_REMOVE_HEAD(&sc->sc_tx_active[which], next); 1768 rsu_txeof(xfer, data); 1769 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1770 } 1771 counter_u64_add(ic->ic_oerrors, 1); 1772 1773 if (error != USB_ERR_CANCELLED) { 1774 usbd_xfer_set_stall(xfer); 1775 goto tr_setup; 1776 } 1777 break; 1778 } 1779} 1780 1781static void 1782rsu_bulk_tx_callback_be_bk(struct usb_xfer xfer, usb_error_t error) 1783{ 1784* rsu_bulk_tx_callback_sub(xfer, error, RSU_BULK_TX_BE_BK); 1785} 1786 1787static void 1788rsu_bulk_tx_callback_vi_vo(struct usb_xfer xfer, usb_error_t error) 1789{ 1790* rsu_bulk_tx_callback_sub(xfer, error, RSU_BULK_TX_VI_VO); 1791} 1792 1793static void 1794rsu_bulk_tx_callback_h2c(struct usb_xfer xfer, usb_error_t error) 1795{ 1796* rsu_bulk_tx_callback_sub(xfer, error, RSU_BULK_TX_H2C); 1797} 1798 1799static int 1800rsu_tx_start(struct rsu_softc sc, struct ieee80211_node ni, 1801 struct mbuf m0, struct rsu_data data) 1802{ 1803 struct ieee80211com ic = &sc->sc_ic; 1804* struct ieee80211vap vap = ni->ni_vap; 1805* struct ieee80211_frame wh; 1806* struct ieee80211_key k = NULL; 1807* struct r92s_tx_desc txd; 1808* uint8_t type; 1809 int prio = 0; 1810 uint8_t which; 1811 int hasqos; 1812 int xferlen; 1813 int qid; 1814 1815 RSU_ASSERT_LOCKED(sc); 1816 1817 wh = mtod(m0, struct ieee80211_frame ); 1818* type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1819 1820 RSU_DPRINTF(sc, RSU_DEBUG_TX, "%s: data=%p, m=%p\n", 1821 __func__, data, m0); 1822 1823 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1824 k = ieee80211_crypto_encap(ni, m0); 1825 if (k == NULL) { 1826 device_printf(sc->sc_dev, 1827 "ieee80211_crypto_encap returns NULL.\n"); 1828 /* XXX we don't expect the fragmented frames / 1829* m_freem(m0); 1830 return (ENOBUFS); 1831 } 1832 wh = mtod(m0, struct ieee80211_frame ); 1833* } 1834 /* If we have QoS then use it / 1835* /* XXX TODO: mbuf WME/PRI versus TID? / 1836* if (IEEE80211_QOS_HAS_SEQ(wh)) { 1837 /* Has QoS / 1838* prio = M_WME_GETAC(m0); 1839 which = rsu_wme_ac_xfer_map[prio]; 1840 hasqos = 1; 1841 } else { 1842 /* Non-QoS TID / 1843* /* XXX TODO: tid=0 for non-qos TID? / 1844* which = rsu_wme_ac_xfer_map[WME_AC_BE]; 1845 hasqos = 0; 1846 prio = 0; 1847 } 1848 1849 qid = rsu_ac2qid[prio]; 1850#if 0 1851 switch (type) { 1852 case IEEE80211_FC0_TYPE_CTL: 1853 case IEEE80211_FC0_TYPE_MGT: 1854 which = rsu_wme_ac_xfer_map[WME_AC_VO]; 1855 break; 1856 default: 1857 which = rsu_wme_ac_xfer_map[M_WME_GETAC(m0)]; 1858 break; 1859 } 1860 hasqos = 0; 1861#endif 1862 1863 RSU_DPRINTF(sc, RSU_DEBUG_TX, "%s: pri=%d, which=%d, hasqos=%d\n", 1864 __func__, 1865 prio, 1866 which, 1867 hasqos); 1868 1869 /* Fill Tx descriptor. / 1870* txd = (struct r92s_tx_desc )data->buf; 1871* memset(txd, 0, sizeof(txd)); 1872* 1873 txd->txdw0 \|= htole32( 1874 SM(R92S_TXDW0_PKTLEN, m0->m_pkthdr.len) \| 1875 SM(R92S_TXDW0_OFFSET, sizeof(txd)) \| 1876* R92S_TXDW0_OWN \| R92S_TXDW0_FSG \| R92S_TXDW0_LSG); 1877 1878 txd->txdw1 \|= htole32( 1879 SM(R92S_TXDW1_MACID, R92S_MACID_BSS) \| SM(R92S_TXDW1_QSEL, qid)); 1880 if (!hasqos) 1881 txd->txdw1 \|= htole32(R92S_TXDW1_NONQOS); 1882#ifdef notyet 1883 if (k != NULL) { 1884 switch (k->wk_cipher->ic_cipher) { 1885 case IEEE80211_CIPHER_WEP: 1886 cipher = R92S_TXDW1_CIPHER_WEP; 1887 break; 1888 case IEEE80211_CIPHER_TKIP: 1889 cipher = R92S_TXDW1_CIPHER_TKIP; 1890 break; 1891 case IEEE80211_CIPHER_AES_CCM: 1892 cipher = R92S_TXDW1_CIPHER_AES; 1893 break; 1894 default: 1895 cipher = R92S_TXDW1_CIPHER_NONE; 1896 } 1897 txd->txdw1 \|= htole32( 1898 SM(R92S_TXDW1_CIPHER, cipher) \| 1899 SM(R92S_TXDW1_KEYIDX, k->k_id)); 1900 } 1901#endif 1902 /* XXX todo: set AGGEN bit if appropriate? / 1903* txd->txdw2 \|= htole32(R92S_TXDW2_BK); 1904 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 1905 txd->txdw2 \|= htole32(R92S_TXDW2_BMCAST); 1906 /* 1907 * Firmware will use and increment the sequence number for the 1908 * specified priority. 1909 / 1910* txd->txdw3 \|= htole32(SM(R92S_TXDW3_SEQ, prio)); 1911 1912 if (ieee80211_radiotap_active_vap(vap)) { 1913 struct rsu_tx_radiotap_header tap = &sc->sc_txtap; 1914* 1915 tap->wt_flags = 0; 1916 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 1917 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 1918 ieee80211_radiotap_tx(vap, m0); 1919 } 1920 1921 xferlen = sizeof(txd) + m0->m_pkthdr.len; 1922* m_copydata(m0, 0, m0->m_pkthdr.len, (caddr_t)&txd[1]); 1923 1924 data->buflen = xferlen; 1925 data->ni = ni; 1926 data->m = m0; 1927 STAILQ_INSERT_TAIL(&sc->sc_tx_pending[which], data, next); 1928 1929 /* start transfer, if any / 1930* usbd_transfer_start(sc->sc_xfer[which]); 1931 return (0); 1932} 1933 1934static int 1935rsu_transmit(struct ieee80211com ic, struct mbuf m) 1936{ 1937 struct rsu_softc sc = ic->ic_softc; 1938* int error; 1939 1940 RSU_LOCK(sc); 1941 if (!sc->sc_running) { 1942 RSU_UNLOCK(sc); 1943 return (ENXIO); 1944 } 1945 error = mbufq_enqueue(&sc->sc_snd, m); 1946 if (error) { 1947 RSU_UNLOCK(sc); 1948 return (error); 1949 } 1950 rsu_start(sc); 1951 RSU_UNLOCK(sc); 1952 1953 return (0); 1954} 1955 1956static void 1957rsu_start(struct rsu_softc sc) 1958{ 1959* struct ieee80211_node ni; 1960* struct rsu_data bf; 1961* struct mbuf m; 1962* 1963 RSU_ASSERT_LOCKED(sc); 1964 1965 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 1966 bf = rsu_getbuf(sc); 1967 if (bf == NULL) { 1968 mbufq_prepend(&sc->sc_snd, m); 1969 break; 1970 } 1971 1972 ni = (struct ieee80211_node )m->m_pkthdr.rcvif; 1973* m->m_pkthdr.rcvif = NULL; 1974 1975 if (rsu_tx_start(sc, ni, m, bf) != 0) { 1976 if_inc_counter(ni->ni_vap->iv_ifp, 1977 IFCOUNTER_OERRORS, 1); 1978 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 1979 ieee80211_free_node(ni); 1980 break; 1981 } 1982 } 1983} 1984 1985static void 1986rsu_parent(struct ieee80211com ic) 1987{ 1988* struct rsu_softc sc = ic->ic_softc; 1989* int startall = 0; 1990 1991 RSU_LOCK(sc); 1992 if (ic->ic_nrunning > 0) { 1993 if (!sc->sc_running) { 1994 rsu_init(sc); 1995 startall = 1; 1996 } 1997 } else if (sc->sc_running) 1998 rsu_stop(sc); 1999 RSU_UNLOCK(sc); 2000 2001 if (startall) 2002 ieee80211_start_all(ic); 2003} 2004 2005/* 2006 * Power on sequence for A-cut adapters. 2007 / 2008static void 2009rsu_power_on_acut(struct rsu_softc sc) 2010{ 2011 uint32_t reg; 2012 2013 rsu_write_1(sc, R92S_SPS0_CTRL + 1, 0x53); 2014 rsu_write_1(sc, R92S_SPS0_CTRL + 0, 0x57); 2015 2016 /* Enable AFE macro block's bandgap and Mbias. / 2017* rsu_write_1(sc, R92S_AFE_MISC, 2018 rsu_read_1(sc, R92S_AFE_MISC) \| 2019 R92S_AFE_MISC_BGEN \| R92S_AFE_MISC_MBEN); 2020 /* Enable LDOA15 block. / 2021* rsu_write_1(sc, R92S_LDOA15_CTRL, 2022 rsu_read_1(sc, R92S_LDOA15_CTRL) \| R92S_LDA15_EN); 2023 2024 rsu_write_1(sc, R92S_SPS1_CTRL, 2025 rsu_read_1(sc, R92S_SPS1_CTRL) \| R92S_SPS1_LDEN); 2026 rsu_ms_delay(sc, 2000); 2027 /* Enable switch regulator block. / 2028* rsu_write_1(sc, R92S_SPS1_CTRL, 2029 rsu_read_1(sc, R92S_SPS1_CTRL) \| R92S_SPS1_SWEN); 2030 2031 rsu_write_4(sc, R92S_SPS1_CTRL, 0x00a7b267); 2032 2033 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 2034 rsu_read_1(sc, R92S_SYS_ISO_CTRL + 1) \| 0x08); 2035 2036 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2037 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x20); 2038 2039 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 2040 rsu_read_1(sc, R92S_SYS_ISO_CTRL + 1) & ~0x90); 2041 2042 /* Enable AFE clock. / 2043* rsu_write_1(sc, R92S_AFE_XTAL_CTRL + 1, 2044 rsu_read_1(sc, R92S_AFE_XTAL_CTRL + 1) & ~0x04); 2045 /* Enable AFE PLL macro block. / 2046* rsu_write_1(sc, R92S_AFE_PLL_CTRL, 2047 rsu_read_1(sc, R92S_AFE_PLL_CTRL) \| 0x11); 2048 /* Attach AFE PLL to MACTOP/BB. / 2049* rsu_write_1(sc, R92S_SYS_ISO_CTRL, 2050 rsu_read_1(sc, R92S_SYS_ISO_CTRL) & ~0x11); 2051 2052 /* Switch to 40MHz clock instead of 80MHz. / 2053* rsu_write_2(sc, R92S_SYS_CLKR, 2054 rsu_read_2(sc, R92S_SYS_CLKR) & ~R92S_SYS_CLKSEL); 2055 2056 /* Enable MAC clock. / 2057* rsu_write_2(sc, R92S_SYS_CLKR, 2058 rsu_read_2(sc, R92S_SYS_CLKR) \| 2059 R92S_MAC_CLK_EN \| R92S_SYS_CLK_EN); 2060 2061 rsu_write_1(sc, R92S_PMC_FSM, 0x02); 2062 2063 /* Enable digital core and IOREG R/W. / 2064* rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2065 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x08); 2066 2067 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2068 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x80); 2069 2070 /* Switch the control path to firmware. / 2071* reg = rsu_read_2(sc, R92S_SYS_CLKR); 2072 reg = (reg & ~R92S_SWHW_SEL) \| R92S_FWHW_SEL; 2073 rsu_write_2(sc, R92S_SYS_CLKR, reg); 2074 2075 rsu_write_2(sc, R92S_CR, 0x37fc); 2076 2077 /* Fix USB RX FIFO issue. / 2078* rsu_write_1(sc, 0xfe5c, 2079 rsu_read_1(sc, 0xfe5c) \| 0x80); 2080 rsu_write_1(sc, 0x00ab, 2081 rsu_read_1(sc, 0x00ab) \| 0xc0); 2082 2083 rsu_write_1(sc, R92S_SYS_CLKR, 2084 rsu_read_1(sc, R92S_SYS_CLKR) & ~R92S_SYS_CPU_CLKSEL); 2085} 2086 2087/* 2088 * Power on sequence for B-cut and C-cut adapters. 2089 / 2090static void 2091rsu_power_on_bcut(struct rsu_softc sc) 2092{ 2093 uint32_t reg; 2094 int ntries; 2095 2096 /* Prevent eFuse leakage. / 2097* rsu_write_1(sc, 0x37, 0xb0); 2098 rsu_ms_delay(sc, 10); 2099 rsu_write_1(sc, 0x37, 0x30); 2100 2101 /* Switch the control path to hardware. / 2102* reg = rsu_read_2(sc, R92S_SYS_CLKR); 2103 if (reg & R92S_FWHW_SEL) { 2104 rsu_write_2(sc, R92S_SYS_CLKR, 2105 reg & ~(R92S_SWHW_SEL \| R92S_FWHW_SEL)); 2106 } 2107 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2108 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) & ~0x8c); 2109 rsu_ms_delay(sc, 1); 2110 2111 rsu_write_1(sc, R92S_SPS0_CTRL + 1, 0x53); 2112 rsu_write_1(sc, R92S_SPS0_CTRL + 0, 0x57); 2113 2114 reg = rsu_read_1(sc, R92S_AFE_MISC); 2115 rsu_write_1(sc, R92S_AFE_MISC, reg \| R92S_AFE_MISC_BGEN); 2116 rsu_write_1(sc, R92S_AFE_MISC, reg \| R92S_AFE_MISC_BGEN \| 2117 R92S_AFE_MISC_MBEN \| R92S_AFE_MISC_I32_EN); 2118 2119 /* Enable PLL. / 2120* rsu_write_1(sc, R92S_LDOA15_CTRL, 2121 rsu_read_1(sc, R92S_LDOA15_CTRL) \| R92S_LDA15_EN); 2122 2123 rsu_write_1(sc, R92S_LDOV12D_CTRL, 2124 rsu_read_1(sc, R92S_LDOV12D_CTRL) \| R92S_LDV12_EN); 2125 2126 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 2127 rsu_read_1(sc, R92S_SYS_ISO_CTRL + 1) \| 0x08); 2128 2129 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2130 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x20); 2131 2132 /* Support 64KB IMEM. / 2133* rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 2134 rsu_read_1(sc, R92S_SYS_ISO_CTRL + 1) & ~0x97); 2135 2136 /* Enable AFE clock. / 2137* rsu_write_1(sc, R92S_AFE_XTAL_CTRL + 1, 2138 rsu_read_1(sc, R92S_AFE_XTAL_CTRL + 1) & ~0x04); 2139 /* Enable AFE PLL macro block. / 2140* reg = rsu_read_1(sc, R92S_AFE_PLL_CTRL); 2141 rsu_write_1(sc, R92S_AFE_PLL_CTRL, reg \| 0x11); 2142 rsu_ms_delay(sc, 1); 2143 rsu_write_1(sc, R92S_AFE_PLL_CTRL, reg \| 0x51); 2144 rsu_ms_delay(sc, 1); 2145 rsu_write_1(sc, R92S_AFE_PLL_CTRL, reg \| 0x11); 2146 rsu_ms_delay(sc, 1); 2147 2148 /* Attach AFE PLL to MACTOP/BB. / 2149* rsu_write_1(sc, R92S_SYS_ISO_CTRL, 2150 rsu_read_1(sc, R92S_SYS_ISO_CTRL) & ~0x11); 2151 2152 /* Switch to 40MHz clock. / 2153* rsu_write_1(sc, R92S_SYS_CLKR, 0x00); 2154 /* Disable CPU clock and 80MHz SSC. / 2155* rsu_write_1(sc, R92S_SYS_CLKR, 2156 rsu_read_1(sc, R92S_SYS_CLKR) \| 0xa0); 2157 /* Enable MAC clock. / 2158* rsu_write_2(sc, R92S_SYS_CLKR, 2159 rsu_read_2(sc, R92S_SYS_CLKR) \| 2160 R92S_MAC_CLK_EN \| R92S_SYS_CLK_EN); 2161 2162 rsu_write_1(sc, R92S_PMC_FSM, 0x02); 2163 2164 /* Enable digital core and IOREG R/W. / 2165* rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2166 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x08); 2167 2168 rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 2169 rsu_read_1(sc, R92S_SYS_FUNC_EN + 1) \| 0x80); 2170 2171 /* Switch the control path to firmware. / 2172* reg = rsu_read_2(sc, R92S_SYS_CLKR); 2173 reg = (reg & ~R92S_SWHW_SEL) \| R92S_FWHW_SEL; 2174 rsu_write_2(sc, R92S_SYS_CLKR, reg); 2175 2176 rsu_write_2(sc, R92S_CR, 0x37fc); 2177 2178 /* Fix USB RX FIFO issue. / 2179* rsu_write_1(sc, 0xfe5c, 2180 rsu_read_1(sc, 0xfe5c) \| 0x80); 2181 2182 rsu_write_1(sc, R92S_SYS_CLKR, 2183 rsu_read_1(sc, R92S_SYS_CLKR) & ~R92S_SYS_CPU_CLKSEL); 2184 2185 rsu_write_1(sc, 0xfe1c, 0x80); 2186 2187 /* Make sure TxDMA is ready to download firmware. / 2188* for (ntries = 0; ntries < 20; ntries++) { 2189 reg = rsu_read_1(sc, R92S_TCR); 2190 if ((reg & (R92S_TCR_IMEM_CHK_RPT \| R92S_TCR_EMEM_CHK_RPT)) == 2191 (R92S_TCR_IMEM_CHK_RPT \| R92S_TCR_EMEM_CHK_RPT)) 2192 break; 2193 rsu_ms_delay(sc, 1); 2194 } 2195 if (ntries == 20) { 2196 RSU_DPRINTF(sc, RSU_DEBUG_RESET \| RSU_DEBUG_TX, 2197 "%s: TxDMA is not ready\n", 2198 __func__); 2199 /* Reset TxDMA. / 2200* reg = rsu_read_1(sc, R92S_CR); 2201 rsu_write_1(sc, R92S_CR, reg & ~R92S_CR_TXDMA_EN); 2202 rsu_ms_delay(sc, 1); 2203 rsu_write_1(sc, R92S_CR, reg \| R92S_CR_TXDMA_EN); 2204 } 2205} 2206 2207static void 2208rsu_power_off(struct rsu_softc sc) 2209{ 2210* /* Turn RF off. / 2211* rsu_write_1(sc, R92S_RF_CTRL, 0x00); 2212 rsu_ms_delay(sc, 5); 2213 2214 /* Turn MAC off. / 2215* /* Switch control path. / 2216* rsu_write_1(sc, R92S_SYS_CLKR + 1, 0x38); 2217 /* Reset MACTOP. / 2218* rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 0x70); 2219 rsu_write_1(sc, R92S_PMC_FSM, 0x06); 2220 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 0, 0xf9); 2221 rsu_write_1(sc, R92S_SYS_ISO_CTRL + 1, 0xe8); 2222 2223 /* Disable AFE PLL. / 2224* rsu_write_1(sc, R92S_AFE_PLL_CTRL, 0x00); 2225 /* Disable A15V. / 2226* rsu_write_1(sc, R92S_LDOA15_CTRL, 0x54); 2227 /* Disable eFuse 1.2V. / 2228* rsu_write_1(sc, R92S_SYS_FUNC_EN + 1, 0x50); 2229 rsu_write_1(sc, R92S_LDOV12D_CTRL, 0x24); 2230 /* Enable AFE macro block's bandgap and Mbias. / 2231* rsu_write_1(sc, R92S_AFE_MISC, 0x30); 2232 /* Disable 1.6V LDO. / 2233* rsu_write_1(sc, R92S_SPS0_CTRL + 0, 0x56); 2234 rsu_write_1(sc, R92S_SPS0_CTRL + 1, 0x43); 2235} 2236 2237static int 2238rsu_fw_loadsection(struct rsu_softc sc, const uint8_t buf, int len) 2239{ 2240 const uint8_t which = rsu_wme_ac_xfer_map[WME_AC_VO]; 2241 struct rsu_data data; 2242* struct r92s_tx_desc txd; 2243* int mlen; 2244 2245 while (len > 0) { 2246 data = rsu_getbuf(sc); 2247 if (data == NULL) 2248 return (ENOMEM); 2249 txd = (struct r92s_tx_desc )data->buf; 2250* memset(txd, 0, sizeof(txd)); 2251* if (len <= RSU_TXBUFSZ - sizeof(txd)) { 2252* /* Last chunk. / 2253* txd->txdw0 \|= htole32(R92S_TXDW0_LINIP); 2254 mlen = len; 2255 } else 2256 mlen = RSU_TXBUFSZ - sizeof(txd); 2257* txd->txdw0 \|= htole32(SM(R92S_TXDW0_PKTLEN, mlen)); 2258 memcpy(&txd[1], buf, mlen); 2259 data->buflen = sizeof(txd) + mlen; 2260* RSU_DPRINTF(sc, RSU_DEBUG_TX \| RSU_DEBUG_FW \| RSU_DEBUG_RESET, 2261 "%s: starting transfer %p\n", 2262 __func__, data); 2263 STAILQ_INSERT_TAIL(&sc->sc_tx_pending[which], data, next); 2264 buf += mlen; 2265 len -= mlen; 2266 } 2267 usbd_transfer_start(sc->sc_xfer[which]); 2268 return (0); 2269} 2270 2271static int 2272rsu_load_firmware(struct rsu_softc sc) 2273{ 2274* const struct r92s_fw_hdr hdr; 2275* struct r92s_fw_priv dmem; 2276* struct ieee80211com ic = &sc->sc_ic; 2277* const uint8_t imem, emem; 2278 int imemsz, ememsz; 2279 const struct firmware fw; 2280* size_t size; 2281 uint32_t reg; 2282 int ntries, error; 2283 2284 if (rsu_read_1(sc, R92S_TCR) & R92S_TCR_FWRDY) { 2285 RSU_DPRINTF(sc, RSU_DEBUG_FW \| RSU_DEBUG_RESET, 2286 "%s: Firmware already loaded\n", 2287 __func__); 2288 return (0); 2289 } 2290 2291 RSU_UNLOCK(sc); 2292 /* Read firmware image from the filesystem. / 2293* if ((fw = firmware_get("rsu-rtl8712fw")) == NULL) { 2294 device_printf(sc->sc_dev, 2295 "%s: failed load firmware of file rsu-rtl8712fw\n", 2296 __func__); 2297 RSU_LOCK(sc); 2298 return (ENXIO); 2299 } 2300 RSU_LOCK(sc); 2301 size = fw->datasize; 2302 if (size < sizeof(hdr)) { 2303* device_printf(sc->sc_dev, "firmware too short\n"); 2304 error = EINVAL; 2305 goto fail; 2306 } 2307 hdr = (const struct r92s_fw_hdr )fw->data; 2308* if (hdr->signature != htole16(0x8712) && 2309 hdr->signature != htole16(0x8192)) { 2310 device_printf(sc->sc_dev, 2311 "invalid firmware signature 0x%x\n", 2312 le16toh(hdr->signature)); 2313 error = EINVAL; 2314 goto fail; 2315 } 2316 DPRINTF("FW V%d %02x-%02x %02x:%02x\n", le16toh(hdr->version), 2317 hdr->month, hdr->day, hdr->hour, hdr->minute); 2318 2319 /* Make sure that driver and firmware are in sync. / 2320* if (hdr->privsz != htole32(sizeof(dmem))) { 2321* device_printf(sc->sc_dev, "unsupported firmware image\n"); 2322 error = EINVAL; 2323 goto fail; 2324 } 2325 /* Get FW sections sizes. / 2326* imemsz = le32toh(hdr->imemsz); 2327 ememsz = le32toh(hdr->sramsz); 2328 /* Check that all FW sections fit in image. / 2329* if (size < sizeof(hdr) + imemsz + ememsz) { 2330* device_printf(sc->sc_dev, "firmware too short\n"); 2331 error = EINVAL; 2332 goto fail; 2333 } 2334 imem = (const uint8_t )&hdr[1]; 2335* emem = imem + imemsz; 2336 2337 /* Load IMEM section. / 2338* error = rsu_fw_loadsection(sc, imem, imemsz); 2339 if (error != 0) { 2340 device_printf(sc->sc_dev, 2341 "could not load firmware section %s\n", "IMEM"); 2342 goto fail; 2343 } 2344 /* Wait for load to complete. / 2345* for (ntries = 0; ntries != 50; ntries++) { 2346 rsu_ms_delay(sc, 10); 2347 reg = rsu_read_1(sc, R92S_TCR); 2348 if (reg & R92S_TCR_IMEM_CODE_DONE) 2349 break; 2350 } 2351 if (ntries == 50) { 2352 device_printf(sc->sc_dev, "timeout waiting for IMEM transfer\n"); 2353 error = ETIMEDOUT; 2354 goto fail; 2355 } 2356 /* Load EMEM section. / 2357* error = rsu_fw_loadsection(sc, emem, ememsz); 2358 if (error != 0) { 2359 device_printf(sc->sc_dev, 2360 "could not load firmware section %s\n", "EMEM"); 2361 goto fail; 2362 } 2363 /* Wait for load to complete. / 2364* for (ntries = 0; ntries != 50; ntries++) { 2365 rsu_ms_delay(sc, 10); 2366 reg = rsu_read_2(sc, R92S_TCR); 2367 if (reg & R92S_TCR_EMEM_CODE_DONE) 2368 break; 2369 } 2370 if (ntries == 50) { 2371 device_printf(sc->sc_dev, "timeout waiting for EMEM transfer\n"); 2372 error = ETIMEDOUT; 2373 goto fail; 2374 } 2375 /* Enable CPU. / 2376* rsu_write_1(sc, R92S_SYS_CLKR, 2377 rsu_read_1(sc, R92S_SYS_CLKR) \| R92S_SYS_CPU_CLKSEL); 2378 if (!(rsu_read_1(sc, R92S_SYS_CLKR) & R92S_SYS_CPU_CLKSEL)) { 2379 device_printf(sc->sc_dev, "could not enable system clock\n"); 2380 error = EIO; 2381 goto fail; 2382 } 2383 rsu_write_2(sc, R92S_SYS_FUNC_EN, 2384 rsu_read_2(sc, R92S_SYS_FUNC_EN) \| R92S_FEN_CPUEN); 2385 if (!(rsu_read_2(sc, R92S_SYS_FUNC_EN) & R92S_FEN_CPUEN)) { 2386 device_printf(sc->sc_dev, 2387 "could not enable microcontroller\n"); 2388 error = EIO; 2389 goto fail; 2390 } 2391 /* Wait for CPU to initialize. / 2392* for (ntries = 0; ntries < 100; ntries++) { 2393 if (rsu_read_1(sc, R92S_TCR) & R92S_TCR_IMEM_RDY) 2394 break; 2395 rsu_ms_delay(sc, 1); 2396 } 2397 if (ntries == 100) { 2398 device_printf(sc->sc_dev, 2399 "timeout waiting for microcontroller\n"); 2400 error = ETIMEDOUT; 2401 goto fail; 2402 } 2403 2404 /* Update DMEM section before loading. / 2405* dmem = __DECONST(struct r92s_fw_priv , &hdr->priv); 2406* memset(dmem, 0, sizeof(dmem)); 2407* dmem->hci_sel = R92S_HCI_SEL_USB \| R92S_HCI_SEL_8172; 2408 dmem->nendpoints = sc->sc_nendpoints; 2409 /* XXX TODO: rf_config should come from ROM / 2410* dmem->rf_config = 0x11; /* 1T1R / 2411* dmem->vcs_type = R92S_VCS_TYPE_AUTO; 2412 dmem->vcs_mode = R92S_VCS_MODE_RTS_CTS; 2413 dmem->turbo_mode = 0; 2414 dmem->bw40_en = !! (ic->ic_htcaps & IEEE80211_HTCAP_CHWIDTH40); 2415 dmem->amsdu2ampdu_en = !! (sc->sc_ht); 2416 dmem->ampdu_en = !! (sc->sc_ht); 2417 dmem->agg_offload = !! (sc->sc_ht); 2418 dmem->qos_en = 1; 2419 /* Load DMEM section. / 2420* error = rsu_fw_loadsection(sc, (uint8_t )dmem, sizeof(dmem)); 2421 if (error != 0) { 2422 device_printf(sc->sc_dev, 2423 "could not load firmware section %s\n", "DMEM"); 2424 goto fail; 2425 } 2426 /* Wait for load to complete. / 2427* for (ntries = 0; ntries < 100; ntries++) { 2428 if (rsu_read_1(sc, R92S_TCR) & R92S_TCR_DMEM_CODE_DONE) 2429 break; 2430 rsu_ms_delay(sc, 1); 2431 } 2432 if (ntries == 100) { 2433 device_printf(sc->sc_dev, "timeout waiting for %s transfer\n", 2434 "DMEM"); 2435 error = ETIMEDOUT; 2436 goto fail; 2437 } 2438 /* Wait for firmware readiness. / 2439* for (ntries = 0; ntries < 60; ntries++) { 2440 if (!(rsu_read_1(sc, R92S_TCR) & R92S_TCR_FWRDY)) 2441 break; 2442 rsu_ms_delay(sc, 1); 2443 } 2444 if (ntries == 60) { 2445 device_printf(sc->sc_dev, 2446 "timeout waiting for firmware readiness\n"); 2447 error = ETIMEDOUT; 2448 goto fail; 2449 } 2450 fail: 2451 firmware_put(fw, FIRMWARE_UNLOAD); 2452 return (error); 2453} 2454 2455 2456static int 2457rsu_raw_xmit(struct ieee80211_node ni, struct mbuf m, 2458 const struct ieee80211_bpf_params params) 2459{ 2460* struct ieee80211com ic = ni->ni_ic; 2461* struct rsu_softc sc = ic->ic_softc; 2462* struct rsu_data bf; 2463* 2464 /* prevent management frames from being sent if we're not ready / 2465* if (!sc->sc_running) { 2466 m_freem(m); 2467 ieee80211_free_node(ni); 2468 return (ENETDOWN); 2469 } 2470 RSU_LOCK(sc); 2471 bf = rsu_getbuf(sc); 2472 if (bf == NULL) { 2473 ieee80211_free_node(ni); 2474 m_freem(m); 2475 RSU_UNLOCK(sc); 2476 return (ENOBUFS); 2477 } 2478 if (rsu_tx_start(sc, ni, m, bf) != 0) { 2479 ieee80211_free_node(ni); 2480 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 2481 RSU_UNLOCK(sc); 2482 return (EIO); 2483 } 2484 RSU_UNLOCK(sc); 2485 2486 return (0); 2487} 2488 2489static void 2490rsu_init(struct rsu_softc sc) 2491{ 2492* struct ieee80211com ic = &sc->sc_ic; 2493* struct ieee80211vap vap = TAILQ_FIRST(&ic->ic_vaps); 2494* uint8_t macaddr[IEEE80211_ADDR_LEN]; 2495 struct r92s_set_pwr_mode cmd; 2496 int error; 2497 int i; 2498 2499 RSU_ASSERT_LOCKED(sc); 2500 2501 /* Init host async commands ring. / 2502* sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 2503 2504 /* Power on adapter. / 2505* if (sc->cut == 1) 2506 rsu_power_on_acut(sc); 2507 else 2508 rsu_power_on_bcut(sc); 2509 2510 /* Load firmware. / 2511* error = rsu_load_firmware(sc); 2512 if (error != 0) 2513 goto fail; 2514 2515 /* Enable Rx TCP checksum offload. / 2516* rsu_write_4(sc, R92S_RCR, 2517 rsu_read_4(sc, R92S_RCR) \| 0x04000000); 2518 /* Append PHY status. / 2519* rsu_write_4(sc, R92S_RCR, 2520 rsu_read_4(sc, R92S_RCR) \| 0x02000000); 2521 2522 rsu_write_4(sc, R92S_CR, 2523 rsu_read_4(sc, R92S_CR) & ~0xff000000); 2524 2525 /* Use 128 bytes pages. / 2526* rsu_write_1(sc, 0x00b5, 2527 rsu_read_1(sc, 0x00b5) \| 0x01); 2528 /* Enable USB Rx aggregation. / 2529* rsu_write_1(sc, 0x00bd, 2530 rsu_read_1(sc, 0x00bd) \| 0x80); 2531 /* Set USB Rx aggregation threshold. / 2532* rsu_write_1(sc, 0x00d9, 0x01); 2533 /* Set USB Rx aggregation timeout (1.7ms/4). / 2534* rsu_write_1(sc, 0xfe5b, 0x04); 2535 /* Fix USB Rx FIFO issue. / 2536* rsu_write_1(sc, 0xfe5c, 2537 rsu_read_1(sc, 0xfe5c) \| 0x80); 2538 2539 /* Set MAC address. / 2540* IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr); 2541 rsu_write_region_1(sc, R92S_MACID, macaddr, IEEE80211_ADDR_LEN); 2542 2543 /* It really takes 1.5 seconds for the firmware to boot: / 2544* rsu_ms_delay(sc, 2000); 2545 2546 RSU_DPRINTF(sc, RSU_DEBUG_RESET, "%s: setting MAC address to %s\n", 2547 __func__, 2548 ether_sprintf(macaddr)); 2549 error = rsu_fw_cmd(sc, R92S_CMD_SET_MAC_ADDRESS, macaddr, 2550 IEEE80211_ADDR_LEN); 2551 if (error != 0) { 2552 device_printf(sc->sc_dev, "could not set MAC address\n"); 2553 goto fail; 2554 } 2555 2556 rsu_write_1(sc, R92S_USB_HRPWM, 2557 R92S_USB_HRPWM_PS_ST_ACTIVE \| R92S_USB_HRPWM_PS_ALL_ON); 2558 2559 /* Set PS mode fully active / 2560* memset(&cmd, 0, sizeof(cmd)); 2561 cmd.mode = R92S_PS_MODE_ACTIVE; 2562 RSU_DPRINTF(sc, RSU_DEBUG_RESET, "%s: setting ps mode to %d\n", 2563 __func__, cmd.mode); 2564 error = rsu_fw_cmd(sc, R92S_CMD_SET_PWR_MODE, &cmd, sizeof(cmd)); 2565 if (error != 0) { 2566 device_printf(sc->sc_dev, "could not set PS mode\n"); 2567 goto fail; 2568 } 2569 2570 if (ic->ic_htcaps & IEEE80211_HTCAP_CHWIDTH40) { 2571 /* Enable 40MHz mode. / 2572* error = rsu_fw_iocmd(sc, 2573 SM(R92S_IOCMD_CLASS, 0xf4) \| 2574 SM(R92S_IOCMD_INDEX, 0x00) \| 2575 SM(R92S_IOCMD_VALUE, 0x0007)); 2576 if (error != 0) { 2577 device_printf(sc->sc_dev, 2578 "could not enable 40MHz mode\n"); 2579 goto fail; 2580 } 2581 } 2582 2583 sc->sc_scan_pass = 0; 2584 usbd_transfer_start(sc->sc_xfer[RSU_BULK_RX]); 2585 2586 /* We're ready to go. / 2587* sc->sc_running = 1; 2588 return; 2589fail: 2590 /* Need to stop all failed transfers, if any / 2591* for (i = 0; i != RSU_N_TRANSFER; i++) 2592 usbd_transfer_stop(sc->sc_xfer[i]); 2593} 2594 2595static void 2596rsu_stop(struct rsu_softc sc) 2597{ 2598* int i; 2599 2600 sc->sc_running = 0; 2601 sc->sc_calibrating = 0; 2602 taskqueue_cancel_timeout(taskqueue_thread, &sc->calib_task, NULL); 2603 2604 /* Power off adapter. / 2605* rsu_power_off(sc); 2606 2607 for (i = 0; i < RSU_N_TRANSFER; i++) 2608 usbd_transfer_stop(sc->sc_xfer[i]); 2609} 2610 2611/* 2612 * Note: usb_pause_mtx() actually releases the mutex before calling pause(), 2613 * which breaks any kind of driver serialisation. 2614 / 2615static void 2616rsu_ms_delay(struct rsu_softc sc, int ms) 2617{ 2618 2619 //usb_pause_mtx(&sc->sc_mtx, hz / 1000); 2620 DELAY(ms * 1000); 2621}