if_run.c revision 262007
1/*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/cdefs.h> 21__FBSDID("$FreeBSD: stable/10/sys/dev/usb/wlan/if_run.c 262007 2014-02-17 01:36:53Z kevlo $"); 22 23/*- 24 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 25 * http://www.ralinktech.com/ 26 */ 27 28#include <sys/param.h> 29#include <sys/sockio.h> 30#include <sys/sysctl.h> 31#include <sys/lock.h> 32#include <sys/mutex.h> 33#include <sys/mbuf.h> 34#include <sys/kernel.h> 35#include <sys/socket.h> 36#include <sys/systm.h> 37#include <sys/malloc.h> 38#include <sys/module.h> 39#include <sys/bus.h> 40#include <sys/endian.h> 41#include <sys/linker.h> 42#include <sys/firmware.h> 43#include <sys/kdb.h> 44 45#include <machine/bus.h> 46#include <machine/resource.h> 47#include <sys/rman.h> 48 49#include <net/bpf.h> 50#include <net/if.h> 51#include <net/if_arp.h> 52#include <net/ethernet.h> 53#include <net/if_dl.h> 54#include <net/if_media.h> 55#include <net/if_types.h> 56 57#include <netinet/in.h> 58#include <netinet/in_systm.h> 59#include <netinet/in_var.h> 60#include <netinet/if_ether.h> 61#include <netinet/ip.h> 62 63#include <net80211/ieee80211_var.h> 64#include <net80211/ieee80211_regdomain.h> 65#include <net80211/ieee80211_radiotap.h> 66#include <net80211/ieee80211_ratectl.h> 67 68#include <dev/usb/usb.h> 69#include <dev/usb/usbdi.h> 70#include "usbdevs.h" 71 72#define USB_DEBUG_VAR run_debug 73#include <dev/usb/usb_debug.h> 74#include <dev/usb/usb_msctest.h> 75 76#include <dev/usb/wlan/if_runreg.h> 77#include <dev/usb/wlan/if_runvar.h> 78 79#ifdef USB_DEBUG 80#define RUN_DEBUG 81#endif 82 83#ifdef RUN_DEBUG 84int run_debug = 0; 85static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 86SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 87 "run debug level"); 88#endif 89 90#define IEEE80211_HAS_ADDR4(wh) \ 91 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 92 93/* 94 * Because of LOR in run_key_delete(), use atomic instead. 95 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 96 */ 97#define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 98 99static const STRUCT_USB_HOST_ID run_devs[] = { 100#define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 101#define RUN_DEV_EJECT(v,p) \ 102 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, 0) } 103 RUN_DEV(ABOCOM, RT2770), 104 RUN_DEV(ABOCOM, RT2870), 105 RUN_DEV(ABOCOM, RT3070), 106 RUN_DEV(ABOCOM, RT3071), 107 RUN_DEV(ABOCOM, RT3072), 108 RUN_DEV(ABOCOM2, RT2870_1), 109 RUN_DEV(ACCTON, RT2770), 110 RUN_DEV(ACCTON, RT2870_1), 111 RUN_DEV(ACCTON, RT2870_2), 112 RUN_DEV(ACCTON, RT2870_3), 113 RUN_DEV(ACCTON, RT2870_4), 114 RUN_DEV(ACCTON, RT2870_5), 115 RUN_DEV(ACCTON, RT3070), 116 RUN_DEV(ACCTON, RT3070_1), 117 RUN_DEV(ACCTON, RT3070_2), 118 RUN_DEV(ACCTON, RT3070_3), 119 RUN_DEV(ACCTON, RT3070_4), 120 RUN_DEV(ACCTON, RT3070_5), 121 RUN_DEV(AIRTIES, RT3070), 122 RUN_DEV(ALLWIN, RT2070), 123 RUN_DEV(ALLWIN, RT2770), 124 RUN_DEV(ALLWIN, RT2870), 125 RUN_DEV(ALLWIN, RT3070), 126 RUN_DEV(ALLWIN, RT3071), 127 RUN_DEV(ALLWIN, RT3072), 128 RUN_DEV(ALLWIN, RT3572), 129 RUN_DEV(AMIGO, RT2870_1), 130 RUN_DEV(AMIGO, RT2870_2), 131 RUN_DEV(AMIT, CGWLUSB2GNR), 132 RUN_DEV(AMIT, RT2870_1), 133 RUN_DEV(AMIT2, RT2870), 134 RUN_DEV(ASUS, RT2870_1), 135 RUN_DEV(ASUS, RT2870_2), 136 RUN_DEV(ASUS, RT2870_3), 137 RUN_DEV(ASUS, RT2870_4), 138 RUN_DEV(ASUS, RT2870_5), 139 RUN_DEV(ASUS, USBN13), 140 RUN_DEV(ASUS, RT3070_1), 141 RUN_DEV(ASUS, USBN66), 142 RUN_DEV(ASUS, USB_N53), 143 RUN_DEV(ASUS2, USBN11), 144 RUN_DEV(AZUREWAVE, RT2870_1), 145 RUN_DEV(AZUREWAVE, RT2870_2), 146 RUN_DEV(AZUREWAVE, RT3070_1), 147 RUN_DEV(AZUREWAVE, RT3070_2), 148 RUN_DEV(AZUREWAVE, RT3070_3), 149 RUN_DEV(BELKIN, F9L1103), 150 RUN_DEV(BELKIN, F5D8053V3), 151 RUN_DEV(BELKIN, F5D8055), 152 RUN_DEV(BELKIN, F5D8055V2), 153 RUN_DEV(BELKIN, F6D4050V1), 154 RUN_DEV(BELKIN, F6D4050V2), 155 RUN_DEV(BELKIN, RT2870_1), 156 RUN_DEV(BELKIN, RT2870_2), 157 RUN_DEV(CISCOLINKSYS, AE1000), 158 RUN_DEV(CISCOLINKSYS2, RT3070), 159 RUN_DEV(CISCOLINKSYS3, RT3070), 160 RUN_DEV(CONCEPTRONIC2, RT2870_1), 161 RUN_DEV(CONCEPTRONIC2, RT2870_2), 162 RUN_DEV(CONCEPTRONIC2, RT2870_3), 163 RUN_DEV(CONCEPTRONIC2, RT2870_4), 164 RUN_DEV(CONCEPTRONIC2, RT2870_5), 165 RUN_DEV(CONCEPTRONIC2, RT2870_6), 166 RUN_DEV(CONCEPTRONIC2, RT2870_7), 167 RUN_DEV(CONCEPTRONIC2, RT2870_8), 168 RUN_DEV(CONCEPTRONIC2, RT3070_1), 169 RUN_DEV(CONCEPTRONIC2, RT3070_2), 170 RUN_DEV(CONCEPTRONIC2, VIGORN61), 171 RUN_DEV(COREGA, CGWLUSB300GNM), 172 RUN_DEV(COREGA, RT2870_1), 173 RUN_DEV(COREGA, RT2870_2), 174 RUN_DEV(COREGA, RT2870_3), 175 RUN_DEV(COREGA, RT3070), 176 RUN_DEV(CYBERTAN, RT2870), 177 RUN_DEV(DLINK, RT2870), 178 RUN_DEV(DLINK, RT3072), 179 RUN_DEV(DLINK, DWA127), 180 RUN_DEV(DLINK, DWA140B3), 181 RUN_DEV(DLINK, DWA160B2), 182 RUN_DEV(DLINK, DWA162), 183 RUN_DEV(DLINK2, DWA130), 184 RUN_DEV(DLINK2, RT2870_1), 185 RUN_DEV(DLINK2, RT2870_2), 186 RUN_DEV(DLINK2, RT3070_1), 187 RUN_DEV(DLINK2, RT3070_2), 188 RUN_DEV(DLINK2, RT3070_3), 189 RUN_DEV(DLINK2, RT3070_4), 190 RUN_DEV(DLINK2, RT3070_5), 191 RUN_DEV(DLINK2, RT3072), 192 RUN_DEV(DLINK2, RT3072_1), 193 RUN_DEV(EDIMAX, EW7717), 194 RUN_DEV(EDIMAX, EW7718), 195 RUN_DEV(EDIMAX, EW7733UND), 196 RUN_DEV(EDIMAX, RT2870_1), 197 RUN_DEV(ENCORE, RT3070_1), 198 RUN_DEV(ENCORE, RT3070_2), 199 RUN_DEV(ENCORE, RT3070_3), 200 RUN_DEV(GIGABYTE, GNWB31N), 201 RUN_DEV(GIGABYTE, GNWB32L), 202 RUN_DEV(GIGABYTE, RT2870_1), 203 RUN_DEV(GIGASET, RT3070_1), 204 RUN_DEV(GIGASET, RT3070_2), 205 RUN_DEV(GUILLEMOT, HWNU300), 206 RUN_DEV(HAWKING, HWUN2), 207 RUN_DEV(HAWKING, RT2870_1), 208 RUN_DEV(HAWKING, RT2870_2), 209 RUN_DEV(HAWKING, RT3070), 210 RUN_DEV(IODATA, RT3072_1), 211 RUN_DEV(IODATA, RT3072_2), 212 RUN_DEV(IODATA, RT3072_3), 213 RUN_DEV(IODATA, RT3072_4), 214 RUN_DEV(LINKSYS4, RT3070), 215 RUN_DEV(LINKSYS4, WUSB100), 216 RUN_DEV(LINKSYS4, WUSB54GCV3), 217 RUN_DEV(LINKSYS4, WUSB600N), 218 RUN_DEV(LINKSYS4, WUSB600NV2), 219 RUN_DEV(LOGITEC, RT2870_1), 220 RUN_DEV(LOGITEC, RT2870_2), 221 RUN_DEV(LOGITEC, RT2870_3), 222 RUN_DEV(LOGITEC, LANW300NU2), 223 RUN_DEV(LOGITEC, LANW150NU2), 224 RUN_DEV(LOGITEC, LANW300NU2S), 225 RUN_DEV(MELCO, RT2870_1), 226 RUN_DEV(MELCO, RT2870_2), 227 RUN_DEV(MELCO, WLIUCAG300N), 228 RUN_DEV(MELCO, WLIUCG300N), 229 RUN_DEV(MELCO, WLIUCG301N), 230 RUN_DEV(MELCO, WLIUCGN), 231 RUN_DEV(MELCO, WLIUCGNM), 232 RUN_DEV(MELCO, WLIUCGNM2), 233 RUN_DEV(MOTOROLA4, RT2770), 234 RUN_DEV(MOTOROLA4, RT3070), 235 RUN_DEV(MSI, RT3070_1), 236 RUN_DEV(MSI, RT3070_2), 237 RUN_DEV(MSI, RT3070_3), 238 RUN_DEV(MSI, RT3070_4), 239 RUN_DEV(MSI, RT3070_5), 240 RUN_DEV(MSI, RT3070_6), 241 RUN_DEV(MSI, RT3070_7), 242 RUN_DEV(MSI, RT3070_8), 243 RUN_DEV(MSI, RT3070_9), 244 RUN_DEV(MSI, RT3070_10), 245 RUN_DEV(MSI, RT3070_11), 246 RUN_DEV(OVISLINK, RT3072), 247 RUN_DEV(PARA, RT3070), 248 RUN_DEV(PEGATRON, RT2870), 249 RUN_DEV(PEGATRON, RT3070), 250 RUN_DEV(PEGATRON, RT3070_2), 251 RUN_DEV(PEGATRON, RT3070_3), 252 RUN_DEV(PHILIPS, RT2870), 253 RUN_DEV(PLANEX2, GWUS300MINIS), 254 RUN_DEV(PLANEX2, GWUSMICRON), 255 RUN_DEV(PLANEX2, RT2870), 256 RUN_DEV(PLANEX2, RT3070), 257 RUN_DEV(QCOM, RT2870), 258 RUN_DEV(QUANTA, RT3070), 259 RUN_DEV(RALINK, RT2070), 260 RUN_DEV(RALINK, RT2770), 261 RUN_DEV(RALINK, RT2870), 262 RUN_DEV(RALINK, RT3070), 263 RUN_DEV(RALINK, RT3071), 264 RUN_DEV(RALINK, RT3072), 265 RUN_DEV(RALINK, RT3370), 266 RUN_DEV(RALINK, RT3572), 267 RUN_DEV(RALINK, RT3573), 268 RUN_DEV(RALINK, RT5370), 269 RUN_DEV(RALINK, RT5572), 270 RUN_DEV(RALINK, RT8070), 271 RUN_DEV(SAMSUNG, WIS09ABGN), 272 RUN_DEV(SAMSUNG2, RT2870_1), 273 RUN_DEV(SENAO, RT2870_1), 274 RUN_DEV(SENAO, RT2870_2), 275 RUN_DEV(SENAO, RT2870_3), 276 RUN_DEV(SENAO, RT2870_4), 277 RUN_DEV(SENAO, RT3070), 278 RUN_DEV(SENAO, RT3071), 279 RUN_DEV(SENAO, RT3072_1), 280 RUN_DEV(SENAO, RT3072_2), 281 RUN_DEV(SENAO, RT3072_3), 282 RUN_DEV(SENAO, RT3072_4), 283 RUN_DEV(SENAO, RT3072_5), 284 RUN_DEV(SITECOMEU, RT2770), 285 RUN_DEV(SITECOMEU, RT2870_1), 286 RUN_DEV(SITECOMEU, RT2870_2), 287 RUN_DEV(SITECOMEU, RT2870_3), 288 RUN_DEV(SITECOMEU, RT2870_4), 289 RUN_DEV(SITECOMEU, RT3070), 290 RUN_DEV(SITECOMEU, RT3070_2), 291 RUN_DEV(SITECOMEU, RT3070_3), 292 RUN_DEV(SITECOMEU, RT3070_4), 293 RUN_DEV(SITECOMEU, RT3071), 294 RUN_DEV(SITECOMEU, RT3072_1), 295 RUN_DEV(SITECOMEU, RT3072_2), 296 RUN_DEV(SITECOMEU, RT3072_3), 297 RUN_DEV(SITECOMEU, RT3072_4), 298 RUN_DEV(SITECOMEU, RT3072_5), 299 RUN_DEV(SITECOMEU, RT3072_6), 300 RUN_DEV(SITECOMEU, WL608), 301 RUN_DEV(SPARKLAN, RT2870_1), 302 RUN_DEV(SPARKLAN, RT3070), 303 RUN_DEV(SWEEX2, LW153), 304 RUN_DEV(SWEEX2, LW303), 305 RUN_DEV(SWEEX2, LW313), 306 RUN_DEV(TOSHIBA, RT3070), 307 RUN_DEV(UMEDIA, RT2870_1), 308 RUN_DEV(ZCOM, RT2870_1), 309 RUN_DEV(ZCOM, RT2870_2), 310 RUN_DEV(ZINWELL, RT2870_1), 311 RUN_DEV(ZINWELL, RT2870_2), 312 RUN_DEV(ZINWELL, RT3070), 313 RUN_DEV(ZINWELL, RT3072_1), 314 RUN_DEV(ZINWELL, RT3072_2), 315 RUN_DEV(ZYXEL, RT2870_1), 316 RUN_DEV(ZYXEL, RT2870_2), 317 RUN_DEV(ZYXEL, NWD2705), 318 RUN_DEV_EJECT(RALINK, RT_STOR), 319#undef RUN_DEV_EJECT 320#undef RUN_DEV 321}; 322 323static device_probe_t run_match; 324static device_attach_t run_attach; 325static device_detach_t run_detach; 326 327static usb_callback_t run_bulk_rx_callback; 328static usb_callback_t run_bulk_tx_callback0; 329static usb_callback_t run_bulk_tx_callback1; 330static usb_callback_t run_bulk_tx_callback2; 331static usb_callback_t run_bulk_tx_callback3; 332static usb_callback_t run_bulk_tx_callback4; 333static usb_callback_t run_bulk_tx_callback5; 334 335static void run_autoinst(void *, struct usb_device *, 336 struct usb_attach_arg *); 337static int run_driver_loaded(struct module *, int, void *); 338static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 339 usb_error_t error, u_int index); 340static struct ieee80211vap *run_vap_create(struct ieee80211com *, 341 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 342 const uint8_t [IEEE80211_ADDR_LEN], 343 const uint8_t [IEEE80211_ADDR_LEN]); 344static void run_vap_delete(struct ieee80211vap *); 345static void run_cmdq_cb(void *, int); 346static void run_setup_tx_list(struct run_softc *, 347 struct run_endpoint_queue *); 348static void run_unsetup_tx_list(struct run_softc *, 349 struct run_endpoint_queue *); 350static int run_load_microcode(struct run_softc *); 351static int run_reset(struct run_softc *); 352static usb_error_t run_do_request(struct run_softc *, 353 struct usb_device_request *, void *); 354static int run_read(struct run_softc *, uint16_t, uint32_t *); 355static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 356static int run_write_2(struct run_softc *, uint16_t, uint16_t); 357static int run_write(struct run_softc *, uint16_t, uint32_t); 358static int run_write_region_1(struct run_softc *, uint16_t, 359 const uint8_t *, int); 360static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 361static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 362static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 363static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 364static int run_rt2870_rf_write(struct run_softc *, uint32_t); 365static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 366static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 367static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 368static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 369static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 370static const char *run_get_rf(uint16_t); 371static void run_rt3593_get_txpower(struct run_softc *); 372static void run_get_txpower(struct run_softc *); 373static int run_read_eeprom(struct run_softc *); 374static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 375 const uint8_t mac[IEEE80211_ADDR_LEN]); 376static int run_media_change(struct ifnet *); 377static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 378static int run_wme_update(struct ieee80211com *); 379static void run_wme_update_cb(void *); 380static void run_key_update_begin(struct ieee80211vap *); 381static void run_key_update_end(struct ieee80211vap *); 382static void run_key_set_cb(void *); 383static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 384 const uint8_t mac[IEEE80211_ADDR_LEN]); 385static void run_key_delete_cb(void *); 386static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 387static void run_ratectl_to(void *); 388static void run_ratectl_cb(void *, int); 389static void run_drain_fifo(void *); 390static void run_iter_func(void *, struct ieee80211_node *); 391static void run_newassoc_cb(void *); 392static void run_newassoc(struct ieee80211_node *, int); 393static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 394static void run_tx_free(struct run_endpoint_queue *pq, 395 struct run_tx_data *, int); 396static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 397static int run_tx(struct run_softc *, struct mbuf *, 398 struct ieee80211_node *); 399static int run_tx_mgt(struct run_softc *, struct mbuf *, 400 struct ieee80211_node *); 401static int run_sendprot(struct run_softc *, const struct mbuf *, 402 struct ieee80211_node *, int, int); 403static int run_tx_param(struct run_softc *, struct mbuf *, 404 struct ieee80211_node *, 405 const struct ieee80211_bpf_params *); 406static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 407 const struct ieee80211_bpf_params *); 408static void run_start(struct ifnet *); 409static int run_ioctl(struct ifnet *, u_long, caddr_t); 410static void run_iq_calib(struct run_softc *, u_int); 411static void run_set_agc(struct run_softc *, uint8_t); 412static void run_select_chan_group(struct run_softc *, int); 413static void run_set_rx_antenna(struct run_softc *, int); 414static void run_rt2870_set_chan(struct run_softc *, u_int); 415static void run_rt3070_set_chan(struct run_softc *, u_int); 416static void run_rt3572_set_chan(struct run_softc *, u_int); 417static void run_rt3593_set_chan(struct run_softc *, u_int); 418static void run_rt5390_set_chan(struct run_softc *, u_int); 419static void run_rt5592_set_chan(struct run_softc *, u_int); 420static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 421static void run_set_channel(struct ieee80211com *); 422static void run_scan_start(struct ieee80211com *); 423static void run_scan_end(struct ieee80211com *); 424static void run_update_beacon(struct ieee80211vap *, int); 425static void run_update_beacon_cb(void *); 426static void run_updateprot(struct ieee80211com *); 427static void run_updateprot_cb(void *); 428static void run_usb_timeout_cb(void *); 429static void run_reset_livelock(struct run_softc *); 430static void run_enable_tsf_sync(struct run_softc *); 431static void run_enable_mrr(struct run_softc *); 432static void run_set_txpreamble(struct run_softc *); 433static void run_set_basicrates(struct run_softc *); 434static void run_set_leds(struct run_softc *, uint16_t); 435static void run_set_bssid(struct run_softc *, const uint8_t *); 436static void run_set_macaddr(struct run_softc *, const uint8_t *); 437static void run_updateslot(struct ifnet *); 438static void run_updateslot_cb(void *); 439static void run_update_mcast(struct ifnet *); 440static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 441static void run_update_promisc_locked(struct ifnet *); 442static void run_update_promisc(struct ifnet *); 443static void run_rt5390_bbp_init(struct run_softc *); 444static int run_bbp_init(struct run_softc *); 445static int run_rt3070_rf_init(struct run_softc *); 446static void run_rt3593_rf_init(struct run_softc *); 447static void run_rt5390_rf_init(struct run_softc *); 448static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 449 uint8_t *); 450static void run_rt3070_rf_setup(struct run_softc *); 451static void run_rt3593_rf_setup(struct run_softc *); 452static void run_rt5390_rf_setup(struct run_softc *); 453static int run_txrx_enable(struct run_softc *); 454static void run_adjust_freq_offset(struct run_softc *); 455static void run_init(void *); 456static void run_init_locked(struct run_softc *); 457static void run_stop(void *); 458static void run_delay(struct run_softc *, u_int); 459 460static eventhandler_tag run_etag; 461 462static const struct rt2860_rate { 463 uint8_t rate; 464 uint8_t mcs; 465 enum ieee80211_phytype phy; 466 uint8_t ctl_ridx; 467 uint16_t sp_ack_dur; 468 uint16_t lp_ack_dur; 469} rt2860_rates[] = { 470 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 471 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 472 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 473 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 474 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 475 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 476 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 477 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 478 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 479 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 480 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 481 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 482}; 483 484static const struct { 485 uint16_t reg; 486 uint32_t val; 487} rt2870_def_mac[] = { 488 RT2870_DEF_MAC 489}; 490 491static const struct { 492 uint8_t reg; 493 uint8_t val; 494} rt2860_def_bbp[] = { 495 RT2860_DEF_BBP 496},rt5390_def_bbp[] = { 497 RT5390_DEF_BBP 498},rt5592_def_bbp[] = { 499 RT5592_DEF_BBP 500}; 501 502/* 503 * Default values for BBP register R196 for RT5592. 504 */ 505static const uint8_t rt5592_bbp_r196[] = { 506 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 507 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 508 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 509 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 510 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 511 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 512 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 513 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 514 0x2e, 0x36, 0x30, 0x6e 515}; 516 517static const struct rfprog { 518 uint8_t chan; 519 uint32_t r1, r2, r3, r4; 520} rt2860_rf2850[] = { 521 RT2860_RF2850 522}; 523 524struct { 525 uint8_t n, r, k; 526} rt3070_freqs[] = { 527 RT3070_RF3052 528}; 529 530static const struct rt5592_freqs { 531 uint16_t n; 532 uint8_t k, m, r; 533} rt5592_freqs_20mhz[] = { 534 RT5592_RF5592_20MHZ 535},rt5592_freqs_40mhz[] = { 536 RT5592_RF5592_40MHZ 537}; 538 539static const struct { 540 uint8_t reg; 541 uint8_t val; 542} rt3070_def_rf[] = { 543 RT3070_DEF_RF 544},rt3572_def_rf[] = { 545 RT3572_DEF_RF 546},rt3593_def_rf[] = { 547 RT3593_DEF_RF 548},rt5390_def_rf[] = { 549 RT5390_DEF_RF 550},rt5392_def_rf[] = { 551 RT5392_DEF_RF 552},rt5592_def_rf[] = { 553 RT5592_DEF_RF 554},rt5592_2ghz_def_rf[] = { 555 RT5592_2GHZ_DEF_RF 556},rt5592_5ghz_def_rf[] = { 557 RT5592_5GHZ_DEF_RF 558}; 559 560static const struct { 561 u_int firstchan; 562 u_int lastchan; 563 uint8_t reg; 564 uint8_t val; 565} rt5592_chan_5ghz[] = { 566 RT5592_CHAN_5GHZ 567}; 568 569static const struct usb_config run_config[RUN_N_XFER] = { 570 [RUN_BULK_TX_BE] = { 571 .type = UE_BULK, 572 .endpoint = UE_ADDR_ANY, 573 .ep_index = 0, 574 .direction = UE_DIR_OUT, 575 .bufsize = RUN_MAX_TXSZ, 576 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 577 .callback = run_bulk_tx_callback0, 578 .timeout = 5000, /* ms */ 579 }, 580 [RUN_BULK_TX_BK] = { 581 .type = UE_BULK, 582 .endpoint = UE_ADDR_ANY, 583 .direction = UE_DIR_OUT, 584 .ep_index = 1, 585 .bufsize = RUN_MAX_TXSZ, 586 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 587 .callback = run_bulk_tx_callback1, 588 .timeout = 5000, /* ms */ 589 }, 590 [RUN_BULK_TX_VI] = { 591 .type = UE_BULK, 592 .endpoint = UE_ADDR_ANY, 593 .direction = UE_DIR_OUT, 594 .ep_index = 2, 595 .bufsize = RUN_MAX_TXSZ, 596 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 597 .callback = run_bulk_tx_callback2, 598 .timeout = 5000, /* ms */ 599 }, 600 [RUN_BULK_TX_VO] = { 601 .type = UE_BULK, 602 .endpoint = UE_ADDR_ANY, 603 .direction = UE_DIR_OUT, 604 .ep_index = 3, 605 .bufsize = RUN_MAX_TXSZ, 606 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 607 .callback = run_bulk_tx_callback3, 608 .timeout = 5000, /* ms */ 609 }, 610 [RUN_BULK_TX_HCCA] = { 611 .type = UE_BULK, 612 .endpoint = UE_ADDR_ANY, 613 .direction = UE_DIR_OUT, 614 .ep_index = 4, 615 .bufsize = RUN_MAX_TXSZ, 616 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 617 .callback = run_bulk_tx_callback4, 618 .timeout = 5000, /* ms */ 619 }, 620 [RUN_BULK_TX_PRIO] = { 621 .type = UE_BULK, 622 .endpoint = UE_ADDR_ANY, 623 .direction = UE_DIR_OUT, 624 .ep_index = 5, 625 .bufsize = RUN_MAX_TXSZ, 626 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 627 .callback = run_bulk_tx_callback5, 628 .timeout = 5000, /* ms */ 629 }, 630 [RUN_BULK_RX] = { 631 .type = UE_BULK, 632 .endpoint = UE_ADDR_ANY, 633 .direction = UE_DIR_IN, 634 .bufsize = RUN_MAX_RXSZ, 635 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 636 .callback = run_bulk_rx_callback, 637 } 638}; 639 640static void 641run_autoinst(void *arg, struct usb_device *udev, 642 struct usb_attach_arg *uaa) 643{ 644 struct usb_interface *iface; 645 struct usb_interface_descriptor *id; 646 647 if (uaa->dev_state != UAA_DEV_READY) 648 return; 649 650 iface = usbd_get_iface(udev, 0); 651 if (iface == NULL) 652 return; 653 id = iface->idesc; 654 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 655 return; 656 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 657 return; 658 659 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 660 uaa->dev_state = UAA_DEV_EJECTING; 661} 662 663static int 664run_driver_loaded(struct module *mod, int what, void *arg) 665{ 666 switch (what) { 667 case MOD_LOAD: 668 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 669 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 670 break; 671 case MOD_UNLOAD: 672 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 673 break; 674 default: 675 return (EOPNOTSUPP); 676 } 677 return (0); 678} 679 680static int 681run_match(device_t self) 682{ 683 struct usb_attach_arg *uaa = device_get_ivars(self); 684 685 if (uaa->usb_mode != USB_MODE_HOST) 686 return (ENXIO); 687 if (uaa->info.bConfigIndex != 0) 688 return (ENXIO); 689 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 690 return (ENXIO); 691 692 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 693} 694 695static int 696run_attach(device_t self) 697{ 698 struct run_softc *sc = device_get_softc(self); 699 struct usb_attach_arg *uaa = device_get_ivars(self); 700 struct ieee80211com *ic; 701 struct ifnet *ifp; 702 uint32_t ver; 703 int ntries, error; 704 uint8_t iface_index, bands; 705 706 device_set_usb_desc(self); 707 sc->sc_udev = uaa->device; 708 sc->sc_dev = self; 709 710 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), 711 MTX_NETWORK_LOCK, MTX_DEF); 712 713 iface_index = RT2860_IFACE_INDEX; 714 715 error = usbd_transfer_setup(uaa->device, &iface_index, 716 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx); 717 if (error) { 718 device_printf(self, "could not allocate USB transfers, " 719 "err=%s\n", usbd_errstr(error)); 720 goto detach; 721 } 722 723 RUN_LOCK(sc); 724 725 /* wait for the chip to settle */ 726 for (ntries = 0; ntries < 100; ntries++) { 727 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 728 RUN_UNLOCK(sc); 729 goto detach; 730 } 731 if (ver != 0 && ver != 0xffffffff) 732 break; 733 run_delay(sc, 10); 734 } 735 if (ntries == 100) { 736 device_printf(sc->sc_dev, 737 "timeout waiting for NIC to initialize\n"); 738 RUN_UNLOCK(sc); 739 goto detach; 740 } 741 sc->mac_ver = ver >> 16; 742 sc->mac_rev = ver & 0xffff; 743 744 /* retrieve RF rev. no and various other things from EEPROM */ 745 run_read_eeprom(sc); 746 747 device_printf(sc->sc_dev, 748 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 749 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 750 sc->ntxchains, sc->nrxchains, ether_sprintf(sc->sc_bssid)); 751 752 RUN_UNLOCK(sc); 753 754 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 755 if (ifp == NULL) { 756 device_printf(sc->sc_dev, "can not if_alloc()\n"); 757 goto detach; 758 } 759 ic = ifp->if_l2com; 760 761 ifp->if_softc = sc; 762 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 763 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 764 ifp->if_init = run_init; 765 ifp->if_ioctl = run_ioctl; 766 ifp->if_start = run_start; 767 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 768 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 769 IFQ_SET_READY(&ifp->if_snd); 770 771 ic->ic_ifp = ifp; 772 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 773 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 774 775 /* set device capabilities */ 776 ic->ic_caps = 777 IEEE80211_C_STA | /* station mode supported */ 778 IEEE80211_C_MONITOR | /* monitor mode supported */ 779 IEEE80211_C_IBSS | 780 IEEE80211_C_HOSTAP | 781 IEEE80211_C_WDS | /* 4-address traffic works */ 782 IEEE80211_C_MBSS | 783 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 784 IEEE80211_C_SHSLOT | /* short slot time supported */ 785 IEEE80211_C_WME | /* WME */ 786 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 787 788 ic->ic_cryptocaps = 789 IEEE80211_CRYPTO_WEP | 790 IEEE80211_CRYPTO_AES_CCM | 791 IEEE80211_CRYPTO_TKIPMIC | 792 IEEE80211_CRYPTO_TKIP; 793 794 ic->ic_flags |= IEEE80211_F_DATAPAD; 795 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 796 797 bands = 0; 798 setbit(&bands, IEEE80211_MODE_11B); 799 setbit(&bands, IEEE80211_MODE_11G); 800 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 801 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 802 sc->rf_rev == RT5592_RF_5592) 803 setbit(&bands, IEEE80211_MODE_11A); 804 ieee80211_init_channels(ic, NULL, &bands); 805 806 ieee80211_ifattach(ic, sc->sc_bssid); 807 808 ic->ic_scan_start = run_scan_start; 809 ic->ic_scan_end = run_scan_end; 810 ic->ic_set_channel = run_set_channel; 811 ic->ic_node_alloc = run_node_alloc; 812 ic->ic_newassoc = run_newassoc; 813 ic->ic_updateslot = run_updateslot; 814 ic->ic_update_mcast = run_update_mcast; 815 ic->ic_wme.wme_update = run_wme_update; 816 ic->ic_raw_xmit = run_raw_xmit; 817 ic->ic_update_promisc = run_update_promisc; 818 819 ic->ic_vap_create = run_vap_create; 820 ic->ic_vap_delete = run_vap_delete; 821 822 ieee80211_radiotap_attach(ic, 823 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 824 RUN_TX_RADIOTAP_PRESENT, 825 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 826 RUN_RX_RADIOTAP_PRESENT); 827 828 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 829 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 830 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0); 831 832 if (bootverbose) 833 ieee80211_announce(ic); 834 835 return (0); 836 837detach: 838 run_detach(self); 839 return (ENXIO); 840} 841 842static int 843run_detach(device_t self) 844{ 845 struct run_softc *sc = device_get_softc(self); 846 struct ifnet *ifp = sc->sc_ifp; 847 struct ieee80211com *ic; 848 int i; 849 850 RUN_LOCK(sc); 851 sc->sc_detached = 1; 852 RUN_UNLOCK(sc); 853 854 /* stop all USB transfers */ 855 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 856 857 RUN_LOCK(sc); 858 sc->ratectl_run = RUN_RATECTL_OFF; 859 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 860 861 /* free TX list, if any */ 862 for (i = 0; i != RUN_EP_QUEUES; i++) 863 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 864 RUN_UNLOCK(sc); 865 866 if (ifp) { 867 ic = ifp->if_l2com; 868 /* drain tasks */ 869 usb_callout_drain(&sc->ratectl_ch); 870 ieee80211_draintask(ic, &sc->cmdq_task); 871 ieee80211_draintask(ic, &sc->ratectl_task); 872 ieee80211_ifdetach(ic); 873 if_free(ifp); 874 } 875 876 mtx_destroy(&sc->sc_mtx); 877 878 return (0); 879} 880 881static struct ieee80211vap * 882run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 883 enum ieee80211_opmode opmode, int flags, 884 const uint8_t bssid[IEEE80211_ADDR_LEN], 885 const uint8_t mac[IEEE80211_ADDR_LEN]) 886{ 887 struct ifnet *ifp = ic->ic_ifp; 888 struct run_softc *sc = ifp->if_softc; 889 struct run_vap *rvp; 890 struct ieee80211vap *vap; 891 int i; 892 893 if (sc->rvp_cnt >= RUN_VAP_MAX) { 894 if_printf(ifp, "number of VAPs maxed out\n"); 895 return (NULL); 896 } 897 898 switch (opmode) { 899 case IEEE80211_M_STA: 900 /* enable s/w bmiss handling for sta mode */ 901 flags |= IEEE80211_CLONE_NOBEACONS; 902 /* fall though */ 903 case IEEE80211_M_IBSS: 904 case IEEE80211_M_MONITOR: 905 case IEEE80211_M_HOSTAP: 906 case IEEE80211_M_MBSS: 907 /* other than WDS vaps, only one at a time */ 908 if (!TAILQ_EMPTY(&ic->ic_vaps)) 909 return (NULL); 910 break; 911 case IEEE80211_M_WDS: 912 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 913 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 914 continue; 915 /* WDS vap's always share the local mac address. */ 916 flags &= ~IEEE80211_CLONE_BSSID; 917 break; 918 } 919 if (vap == NULL) { 920 if_printf(ifp, "wds only supported in ap mode\n"); 921 return (NULL); 922 } 923 break; 924 default: 925 if_printf(ifp, "unknown opmode %d\n", opmode); 926 return (NULL); 927 } 928 929 rvp = (struct run_vap *) malloc(sizeof(struct run_vap), 930 M_80211_VAP, M_NOWAIT | M_ZERO); 931 if (rvp == NULL) 932 return (NULL); 933 vap = &rvp->vap; 934 935 if (ieee80211_vap_setup(ic, vap, name, unit, 936 opmode, flags, bssid, mac) != 0) { 937 /* out of memory */ 938 free(rvp, M_80211_VAP); 939 return (NULL); 940 } 941 942 vap->iv_key_update_begin = run_key_update_begin; 943 vap->iv_key_update_end = run_key_update_end; 944 vap->iv_update_beacon = run_update_beacon; 945 vap->iv_max_aid = RT2870_WCID_MAX; 946 /* 947 * To delete the right key from h/w, we need wcid. 948 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 949 * and matching wcid will be written into there. So, cast 950 * some spells to remove 'const' from ieee80211_key{} 951 */ 952 vap->iv_key_delete = (void *)run_key_delete; 953 vap->iv_key_set = (void *)run_key_set; 954 955 /* override state transition machine */ 956 rvp->newstate = vap->iv_newstate; 957 vap->iv_newstate = run_newstate; 958 959 ieee80211_ratectl_init(vap); 960 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 961 962 /* complete setup */ 963 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 964 965 /* make sure id is always unique */ 966 for (i = 0; i < RUN_VAP_MAX; i++) { 967 if((sc->rvp_bmap & 1 << i) == 0){ 968 sc->rvp_bmap |= 1 << i; 969 rvp->rvp_id = i; 970 break; 971 } 972 } 973 if (sc->rvp_cnt++ == 0) 974 ic->ic_opmode = opmode; 975 976 if (opmode == IEEE80211_M_HOSTAP) 977 sc->cmdq_run = RUN_CMDQ_GO; 978 979 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 980 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 981 982 return (vap); 983} 984 985static void 986run_vap_delete(struct ieee80211vap *vap) 987{ 988 struct run_vap *rvp = RUN_VAP(vap); 989 struct ifnet *ifp; 990 struct ieee80211com *ic; 991 struct run_softc *sc; 992 uint8_t rvp_id; 993 994 if (vap == NULL) 995 return; 996 997 ic = vap->iv_ic; 998 ifp = ic->ic_ifp; 999 1000 sc = ifp->if_softc; 1001 1002 RUN_LOCK(sc); 1003 1004 m_freem(rvp->beacon_mbuf); 1005 rvp->beacon_mbuf = NULL; 1006 1007 rvp_id = rvp->rvp_id; 1008 sc->ratectl_run &= ~(1 << rvp_id); 1009 sc->rvp_bmap &= ~(1 << rvp_id); 1010 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1011 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1012 --sc->rvp_cnt; 1013 1014 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1015 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1016 1017 RUN_UNLOCK(sc); 1018 1019 ieee80211_ratectl_deinit(vap); 1020 ieee80211_vap_detach(vap); 1021 free(rvp, M_80211_VAP); 1022} 1023 1024/* 1025 * There are numbers of functions need to be called in context thread. 1026 * Rather than creating taskqueue event for each of those functions, 1027 * here is all-for-one taskqueue callback function. This function 1028 * gurantees deferred functions are executed in the same order they 1029 * were enqueued. 1030 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1031 */ 1032static void 1033run_cmdq_cb(void *arg, int pending) 1034{ 1035 struct run_softc *sc = arg; 1036 uint8_t i; 1037 1038 /* call cmdq[].func locked */ 1039 RUN_LOCK(sc); 1040 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1041 i = sc->cmdq_exec, pending--) { 1042 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1043 if (sc->cmdq_run == RUN_CMDQ_GO) { 1044 /* 1045 * If arg0 is NULL, callback func needs more 1046 * than one arg. So, pass ptr to cmdq struct. 1047 */ 1048 if (sc->cmdq[i].arg0) 1049 sc->cmdq[i].func(sc->cmdq[i].arg0); 1050 else 1051 sc->cmdq[i].func(&sc->cmdq[i]); 1052 } 1053 sc->cmdq[i].arg0 = NULL; 1054 sc->cmdq[i].func = NULL; 1055 sc->cmdq_exec++; 1056 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1057 } 1058 RUN_UNLOCK(sc); 1059} 1060 1061static void 1062run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1063{ 1064 struct run_tx_data *data; 1065 1066 memset(pq, 0, sizeof(*pq)); 1067 1068 STAILQ_INIT(&pq->tx_qh); 1069 STAILQ_INIT(&pq->tx_fh); 1070 1071 for (data = &pq->tx_data[0]; 1072 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1073 data->sc = sc; 1074 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1075 } 1076 pq->tx_nfree = RUN_TX_RING_COUNT; 1077} 1078 1079static void 1080run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1081{ 1082 struct run_tx_data *data; 1083 1084 /* make sure any subsequent use of the queues will fail */ 1085 pq->tx_nfree = 0; 1086 STAILQ_INIT(&pq->tx_fh); 1087 STAILQ_INIT(&pq->tx_qh); 1088 1089 /* free up all node references and mbufs */ 1090 for (data = &pq->tx_data[0]; 1091 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1092 if (data->m != NULL) { 1093 m_freem(data->m); 1094 data->m = NULL; 1095 } 1096 if (data->ni != NULL) { 1097 ieee80211_free_node(data->ni); 1098 data->ni = NULL; 1099 } 1100 } 1101} 1102 1103static int 1104run_load_microcode(struct run_softc *sc) 1105{ 1106 usb_device_request_t req; 1107 const struct firmware *fw; 1108 const u_char *base; 1109 uint32_t tmp; 1110 int ntries, error; 1111 const uint64_t *temp; 1112 uint64_t bytes; 1113 1114 RUN_UNLOCK(sc); 1115 fw = firmware_get("runfw"); 1116 RUN_LOCK(sc); 1117 if (fw == NULL) { 1118 device_printf(sc->sc_dev, 1119 "failed loadfirmware of file %s\n", "runfw"); 1120 return ENOENT; 1121 } 1122 1123 if (fw->datasize != 8192) { 1124 device_printf(sc->sc_dev, 1125 "invalid firmware size (should be 8KB)\n"); 1126 error = EINVAL; 1127 goto fail; 1128 } 1129 1130 /* 1131 * RT3071/RT3072 use a different firmware 1132 * run-rt2870 (8KB) contains both, 1133 * first half (4KB) is for rt2870, 1134 * last half is for rt3071. 1135 */ 1136 base = fw->data; 1137 if ((sc->mac_ver) != 0x2860 && 1138 (sc->mac_ver) != 0x2872 && 1139 (sc->mac_ver) != 0x3070) { 1140 base += 4096; 1141 } 1142 1143 /* cheap sanity check */ 1144 temp = fw->data; 1145 bytes = *temp; 1146 if (bytes != be64toh(0xffffff0210280210ULL)) { 1147 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1148 error = EINVAL; 1149 goto fail; 1150 } 1151 1152 /* write microcode image */ 1153 if (sc->mac_ver != 0x3593) { 1154 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1155 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1156 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1157 } 1158 1159 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1160 req.bRequest = RT2870_RESET; 1161 USETW(req.wValue, 8); 1162 USETW(req.wIndex, 0); 1163 USETW(req.wLength, 0); 1164 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) 1165 != 0) { 1166 device_printf(sc->sc_dev, "firmware reset failed\n"); 1167 goto fail; 1168 } 1169 1170 run_delay(sc, 10); 1171 1172 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1173 run_write(sc, RT2860_H2M_MAILBOX, 0); 1174 run_write(sc, RT2860_H2M_INTSRC, 0); 1175 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1176 goto fail; 1177 1178 /* wait until microcontroller is ready */ 1179 for (ntries = 0; ntries < 1000; ntries++) { 1180 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1181 goto fail; 1182 if (tmp & RT2860_MCU_READY) 1183 break; 1184 run_delay(sc, 10); 1185 } 1186 if (ntries == 1000) { 1187 device_printf(sc->sc_dev, 1188 "timeout waiting for MCU to initialize\n"); 1189 error = ETIMEDOUT; 1190 goto fail; 1191 } 1192 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1193 (base == fw->data) ? "RT2870" : "RT3071", 1194 *(base + 4092), *(base + 4093)); 1195 1196fail: 1197 firmware_put(fw, FIRMWARE_UNLOAD); 1198 return (error); 1199} 1200 1201static int 1202run_reset(struct run_softc *sc) 1203{ 1204 usb_device_request_t req; 1205 1206 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1207 req.bRequest = RT2870_RESET; 1208 USETW(req.wValue, 1); 1209 USETW(req.wIndex, 0); 1210 USETW(req.wLength, 0); 1211 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)); 1212} 1213 1214static usb_error_t 1215run_do_request(struct run_softc *sc, 1216 struct usb_device_request *req, void *data) 1217{ 1218 usb_error_t err; 1219 int ntries = 10; 1220 1221 RUN_LOCK_ASSERT(sc, MA_OWNED); 1222 1223 while (ntries--) { 1224 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 1225 req, data, 0, NULL, 250 /* ms */); 1226 if (err == 0) 1227 break; 1228 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1229 usbd_errstr(err)); 1230 run_delay(sc, 10); 1231 } 1232 return (err); 1233} 1234 1235static int 1236run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1237{ 1238 uint32_t tmp; 1239 int error; 1240 1241 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1242 if (error == 0) 1243 *val = le32toh(tmp); 1244 else 1245 *val = 0xffffffff; 1246 return (error); 1247} 1248 1249static int 1250run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1251{ 1252 usb_device_request_t req; 1253 1254 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1255 req.bRequest = RT2870_READ_REGION_1; 1256 USETW(req.wValue, 0); 1257 USETW(req.wIndex, reg); 1258 USETW(req.wLength, len); 1259 1260 return (run_do_request(sc, &req, buf)); 1261} 1262 1263static int 1264run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1265{ 1266 usb_device_request_t req; 1267 1268 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1269 req.bRequest = RT2870_WRITE_2; 1270 USETW(req.wValue, val); 1271 USETW(req.wIndex, reg); 1272 USETW(req.wLength, 0); 1273 1274 return (run_do_request(sc, &req, NULL)); 1275} 1276 1277static int 1278run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1279{ 1280 int error; 1281 1282 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1283 error = run_write_2(sc, reg + 2, val >> 16); 1284 return (error); 1285} 1286 1287static int 1288run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1289 int len) 1290{ 1291#if 1 1292 int i, error = 0; 1293 /* 1294 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1295 * We thus issue multiple WRITE_2 commands instead. 1296 */ 1297 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1298 for (i = 0; i < len && error == 0; i += 2) 1299 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1300 return (error); 1301#else 1302 usb_device_request_t req; 1303 int error = 0; 1304 1305 /* 1306 * NOTE: It appears the WRITE_REGION_1 command cannot be 1307 * passed a huge amount of data, which will crash the 1308 * firmware. Limit amount of data passed to 64-bytes at a 1309 * time. 1310 */ 1311 while (len > 0) { 1312 int delta = 64; 1313 if (delta > len) 1314 delta = len; 1315 1316 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1317 req.bRequest = RT2870_WRITE_REGION_1; 1318 USETW(req.wValue, 0); 1319 USETW(req.wIndex, reg); 1320 USETW(req.wLength, delta); 1321 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1322 if (error != 0) 1323 break; 1324 reg += delta; 1325 buf += delta; 1326 len -= delta; 1327 } 1328 return (error); 1329#endif 1330} 1331 1332static int 1333run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1334{ 1335 int i, error = 0; 1336 1337 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1338 for (i = 0; i < len && error == 0; i += 4) 1339 error = run_write(sc, reg + i, val); 1340 return (error); 1341} 1342 1343static int 1344run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1345{ 1346 uint32_t tmp; 1347 uint16_t reg; 1348 int error, ntries; 1349 1350 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1351 return (error); 1352 1353 if (count == 2) 1354 addr *= 2; 1355 /*- 1356 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1357 * DATA0: F E D C 1358 * DATA1: B A 9 8 1359 * DATA2: 7 6 5 4 1360 * DATA3: 3 2 1 0 1361 */ 1362 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1363 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1364 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1365 for (ntries = 0; ntries < 100; ntries++) { 1366 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1367 return (error); 1368 if (!(tmp & RT3070_EFSROM_KICK)) 1369 break; 1370 run_delay(sc, 2); 1371 } 1372 if (ntries == 100) 1373 return (ETIMEDOUT); 1374 1375 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1376 *val = 0xffff; /* address not found */ 1377 return (0); 1378 } 1379 /* determine to which 32-bit register our 16-bit word belongs */ 1380 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1381 if ((error = run_read(sc, reg, &tmp)) != 0) 1382 return (error); 1383 1384 tmp >>= (8 * (addr & 0x3)); 1385 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1386 1387 return (0); 1388} 1389 1390/* Read 16-bit from eFUSE ROM for RT3xxx. */ 1391static int 1392run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1393{ 1394 return (run_efuse_read(sc, addr, val, 2)); 1395} 1396 1397static int 1398run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1399{ 1400 usb_device_request_t req; 1401 uint16_t tmp; 1402 int error; 1403 1404 addr *= 2; 1405 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1406 req.bRequest = RT2870_EEPROM_READ; 1407 USETW(req.wValue, 0); 1408 USETW(req.wIndex, addr); 1409 USETW(req.wLength, sizeof(tmp)); 1410 1411 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp); 1412 if (error == 0) 1413 *val = le16toh(tmp); 1414 else 1415 *val = 0xffff; 1416 return (error); 1417} 1418 1419static __inline int 1420run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1421{ 1422 /* either eFUSE ROM or EEPROM */ 1423 return sc->sc_srom_read(sc, addr, val); 1424} 1425 1426static int 1427run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1428{ 1429 uint32_t tmp; 1430 int error, ntries; 1431 1432 for (ntries = 0; ntries < 10; ntries++) { 1433 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1434 return (error); 1435 if (!(tmp & RT2860_RF_REG_CTRL)) 1436 break; 1437 } 1438 if (ntries == 10) 1439 return (ETIMEDOUT); 1440 1441 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1442} 1443 1444static int 1445run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1446{ 1447 uint32_t tmp; 1448 int error, ntries; 1449 1450 for (ntries = 0; ntries < 100; ntries++) { 1451 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1452 return (error); 1453 if (!(tmp & RT3070_RF_KICK)) 1454 break; 1455 } 1456 if (ntries == 100) 1457 return (ETIMEDOUT); 1458 1459 tmp = RT3070_RF_KICK | reg << 8; 1460 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1461 return (error); 1462 1463 for (ntries = 0; ntries < 100; ntries++) { 1464 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1465 return (error); 1466 if (!(tmp & RT3070_RF_KICK)) 1467 break; 1468 } 1469 if (ntries == 100) 1470 return (ETIMEDOUT); 1471 1472 *val = tmp & 0xff; 1473 return (0); 1474} 1475 1476static int 1477run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1478{ 1479 uint32_t tmp; 1480 int error, ntries; 1481 1482 for (ntries = 0; ntries < 10; ntries++) { 1483 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1484 return (error); 1485 if (!(tmp & RT3070_RF_KICK)) 1486 break; 1487 } 1488 if (ntries == 10) 1489 return (ETIMEDOUT); 1490 1491 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1492 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1493} 1494 1495static int 1496run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1497{ 1498 uint32_t tmp; 1499 int ntries, error; 1500 1501 for (ntries = 0; ntries < 10; ntries++) { 1502 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1503 return (error); 1504 if (!(tmp & RT2860_BBP_CSR_KICK)) 1505 break; 1506 } 1507 if (ntries == 10) 1508 return (ETIMEDOUT); 1509 1510 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1511 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1512 return (error); 1513 1514 for (ntries = 0; ntries < 10; ntries++) { 1515 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1516 return (error); 1517 if (!(tmp & RT2860_BBP_CSR_KICK)) 1518 break; 1519 } 1520 if (ntries == 10) 1521 return (ETIMEDOUT); 1522 1523 *val = tmp & 0xff; 1524 return (0); 1525} 1526 1527static int 1528run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1529{ 1530 uint32_t tmp; 1531 int ntries, error; 1532 1533 for (ntries = 0; ntries < 10; ntries++) { 1534 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1535 return (error); 1536 if (!(tmp & RT2860_BBP_CSR_KICK)) 1537 break; 1538 } 1539 if (ntries == 10) 1540 return (ETIMEDOUT); 1541 1542 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1543 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1544} 1545 1546/* 1547 * Send a command to the 8051 microcontroller unit. 1548 */ 1549static int 1550run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1551{ 1552 uint32_t tmp; 1553 int error, ntries; 1554 1555 for (ntries = 0; ntries < 100; ntries++) { 1556 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1557 return error; 1558 if (!(tmp & RT2860_H2M_BUSY)) 1559 break; 1560 } 1561 if (ntries == 100) 1562 return ETIMEDOUT; 1563 1564 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1565 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1566 error = run_write(sc, RT2860_HOST_CMD, cmd); 1567 return (error); 1568} 1569 1570/* 1571 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1572 * Used to adjust per-rate Tx power registers. 1573 */ 1574static __inline uint32_t 1575b4inc(uint32_t b32, int8_t delta) 1576{ 1577 int8_t i, b4; 1578 1579 for (i = 0; i < 8; i++) { 1580 b4 = b32 & 0xf; 1581 b4 += delta; 1582 if (b4 < 0) 1583 b4 = 0; 1584 else if (b4 > 0xf) 1585 b4 = 0xf; 1586 b32 = b32 >> 4 | b4 << 28; 1587 } 1588 return (b32); 1589} 1590 1591static const char * 1592run_get_rf(uint16_t rev) 1593{ 1594 switch (rev) { 1595 case RT2860_RF_2820: return "RT2820"; 1596 case RT2860_RF_2850: return "RT2850"; 1597 case RT2860_RF_2720: return "RT2720"; 1598 case RT2860_RF_2750: return "RT2750"; 1599 case RT3070_RF_3020: return "RT3020"; 1600 case RT3070_RF_2020: return "RT2020"; 1601 case RT3070_RF_3021: return "RT3021"; 1602 case RT3070_RF_3022: return "RT3022"; 1603 case RT3070_RF_3052: return "RT3052"; 1604 case RT3593_RF_3053: return "RT3053"; 1605 case RT5592_RF_5592: return "RT5592"; 1606 case RT5390_RF_5370: return "RT5370"; 1607 case RT5390_RF_5372: return "RT5372"; 1608 } 1609 return ("unknown"); 1610} 1611 1612static void 1613run_rt3593_get_txpower(struct run_softc *sc) 1614{ 1615 uint16_t addr, val; 1616 int i; 1617 1618 /* Read power settings for 2GHz channels. */ 1619 for (i = 0; i < 14; i += 2) { 1620 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1621 RT2860_EEPROM_PWR2GHZ_BASE1; 1622 run_srom_read(sc, addr + i / 2, &val); 1623 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1624 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1625 1626 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1627 RT2860_EEPROM_PWR2GHZ_BASE2; 1628 run_srom_read(sc, addr + i / 2, &val); 1629 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1630 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1631 1632 if (sc->ntxchains == 3) { 1633 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1634 &val); 1635 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1636 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1637 } 1638 } 1639 /* Fix broken Tx power entries. */ 1640 for (i = 0; i < 14; i++) { 1641 if (sc->txpow1[i] > 31) 1642 sc->txpow1[i] = 5; 1643 if (sc->txpow2[i] > 31) 1644 sc->txpow2[i] = 5; 1645 if (sc->ntxchains == 3) { 1646 if (sc->txpow3[i] > 31) 1647 sc->txpow3[i] = 5; 1648 } 1649 } 1650 /* Read power settings for 5GHz channels. */ 1651 for (i = 0; i < 40; i += 2) { 1652 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1653 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1654 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1655 1656 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1657 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1658 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1659 1660 if (sc->ntxchains == 3) { 1661 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1662 &val); 1663 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1664 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1665 } 1666 } 1667} 1668 1669static void 1670run_get_txpower(struct run_softc *sc) 1671{ 1672 uint16_t val; 1673 int i; 1674 1675 /* Read power settings for 2GHz channels. */ 1676 for (i = 0; i < 14; i += 2) { 1677 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1678 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1679 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1680 1681 if (sc->mac_ver != 0x5390) { 1682 run_srom_read(sc, 1683 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1684 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1685 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1686 } 1687 } 1688 /* Fix broken Tx power entries. */ 1689 for (i = 0; i < 14; i++) { 1690 if (sc->mac_ver >= 0x5390) { 1691 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1692 sc->txpow1[i] = 5; 1693 } else { 1694 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1695 sc->txpow1[i] = 5; 1696 } 1697 if (sc->mac_ver > 0x5390) { 1698 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1699 sc->txpow2[i] = 5; 1700 } else if (sc->mac_ver < 0x5390) { 1701 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1702 sc->txpow2[i] = 5; 1703 } 1704 DPRINTF("chan %d: power1=%d, power2=%d\n", 1705 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1706 } 1707 /* Read power settings for 5GHz channels. */ 1708 for (i = 0; i < 40; i += 2) { 1709 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1710 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1711 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1712 1713 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1714 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1715 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1716 } 1717 /* Fix broken Tx power entries. */ 1718 for (i = 0; i < 40; i++ ) { 1719 if (sc->mac_ver != 0x5592) { 1720 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1721 sc->txpow1[14 + i] = 5; 1722 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1723 sc->txpow2[14 + i] = 5; 1724 } 1725 DPRINTF("chan %d: power1=%d, power2=%d\n", 1726 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1727 sc->txpow2[14 + i]); 1728 } 1729} 1730 1731static int 1732run_read_eeprom(struct run_softc *sc) 1733{ 1734 int8_t delta_2ghz, delta_5ghz; 1735 uint32_t tmp; 1736 uint16_t val; 1737 int ridx, ant, i; 1738 1739 /* check whether the ROM is eFUSE ROM or EEPROM */ 1740 sc->sc_srom_read = run_eeprom_read_2; 1741 if (sc->mac_ver >= 0x3070) { 1742 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1743 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1744 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593) 1745 sc->sc_srom_read = run_efuse_read_2; 1746 } 1747 1748 /* read ROM version */ 1749 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1750 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1751 1752 /* read MAC address */ 1753 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1754 sc->sc_bssid[0] = val & 0xff; 1755 sc->sc_bssid[1] = val >> 8; 1756 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1757 sc->sc_bssid[2] = val & 0xff; 1758 sc->sc_bssid[3] = val >> 8; 1759 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1760 sc->sc_bssid[4] = val & 0xff; 1761 sc->sc_bssid[5] = val >> 8; 1762 1763 if (sc->mac_ver < 0x3593) { 1764 /* read vender BBP settings */ 1765 for (i = 0; i < 10; i++) { 1766 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1767 sc->bbp[i].val = val & 0xff; 1768 sc->bbp[i].reg = val >> 8; 1769 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1770 sc->bbp[i].val); 1771 } 1772 if (sc->mac_ver >= 0x3071) { 1773 /* read vendor RF settings */ 1774 for (i = 0; i < 10; i++) { 1775 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1776 &val); 1777 sc->rf[i].val = val & 0xff; 1778 sc->rf[i].reg = val >> 8; 1779 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1780 sc->rf[i].val); 1781 } 1782 } 1783 } 1784 1785 /* read RF frequency offset from EEPROM */ 1786 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1787 RT3593_EEPROM_FREQ, &val); 1788 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1789 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1790 1791 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1792 RT3593_EEPROM_FREQ_LEDS, &val); 1793 if (val >> 8 != 0xff) { 1794 /* read LEDs operating mode */ 1795 sc->leds = val >> 8; 1796 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1797 RT3593_EEPROM_LED1, &sc->led[0]); 1798 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1799 RT3593_EEPROM_LED2, &sc->led[1]); 1800 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1801 RT3593_EEPROM_LED3, &sc->led[2]); 1802 } else { 1803 /* broken EEPROM, use default settings */ 1804 sc->leds = 0x01; 1805 sc->led[0] = 0x5555; 1806 sc->led[1] = 0x2221; 1807 sc->led[2] = 0x5627; /* differs from RT2860 */ 1808 } 1809 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1810 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1811 1812 /* read RF information */ 1813 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1814 run_srom_read(sc, 0x00, &val); 1815 else 1816 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1817 1818 if (val == 0xffff) { 1819 device_printf(sc->sc_dev, 1820 "invalid EEPROM antenna info, using default\n"); 1821 DPRINTF("invalid EEPROM antenna info, using default\n"); 1822 if (sc->mac_ver == 0x3572) { 1823 /* default to RF3052 2T2R */ 1824 sc->rf_rev = RT3070_RF_3052; 1825 sc->ntxchains = 2; 1826 sc->nrxchains = 2; 1827 } else if (sc->mac_ver >= 0x3070) { 1828 /* default to RF3020 1T1R */ 1829 sc->rf_rev = RT3070_RF_3020; 1830 sc->ntxchains = 1; 1831 sc->nrxchains = 1; 1832 } else { 1833 /* default to RF2820 1T2R */ 1834 sc->rf_rev = RT2860_RF_2820; 1835 sc->ntxchains = 1; 1836 sc->nrxchains = 2; 1837 } 1838 } else { 1839 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1840 sc->rf_rev = val; 1841 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1842 } else 1843 sc->rf_rev = (val >> 8) & 0xf; 1844 sc->ntxchains = (val >> 4) & 0xf; 1845 sc->nrxchains = val & 0xf; 1846 } 1847 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1848 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1849 1850 /* check if RF supports automatic Tx access gain control */ 1851 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1852 DPRINTF("EEPROM CFG 0x%04x\n", val); 1853 /* check if driver should patch the DAC issue */ 1854 if ((val >> 8) != 0xff) 1855 sc->patch_dac = (val >> 15) & 1; 1856 if ((val & 0xff) != 0xff) { 1857 sc->ext_5ghz_lna = (val >> 3) & 1; 1858 sc->ext_2ghz_lna = (val >> 2) & 1; 1859 /* check if RF supports automatic Tx access gain control */ 1860 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1861 /* check if we have a hardware radio switch */ 1862 sc->rfswitch = val & 1; 1863 } 1864 1865 /* Read Tx power settings. */ 1866 if (sc->mac_ver == 0x3593) 1867 run_rt3593_get_txpower(sc); 1868 else 1869 run_get_txpower(sc); 1870 1871 /* read Tx power compensation for each Tx rate */ 1872 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1873 delta_2ghz = delta_5ghz = 0; 1874 if ((val & 0xff) != 0xff && (val & 0x80)) { 1875 delta_2ghz = val & 0xf; 1876 if (!(val & 0x40)) /* negative number */ 1877 delta_2ghz = -delta_2ghz; 1878 } 1879 val >>= 8; 1880 if ((val & 0xff) != 0xff && (val & 0x80)) { 1881 delta_5ghz = val & 0xf; 1882 if (!(val & 0x40)) /* negative number */ 1883 delta_5ghz = -delta_5ghz; 1884 } 1885 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1886 delta_2ghz, delta_5ghz); 1887 1888 for (ridx = 0; ridx < 5; ridx++) { 1889 uint32_t reg; 1890 1891 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1892 reg = val; 1893 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1894 reg |= (uint32_t)val << 16; 1895 1896 sc->txpow20mhz[ridx] = reg; 1897 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1898 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1899 1900 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1901 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1902 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1903 } 1904 1905 /* Read RSSI offsets and LNA gains from EEPROM. */ 1906 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1907 RT3593_EEPROM_RSSI1_2GHZ, &val); 1908 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1909 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1910 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1911 RT3593_EEPROM_RSSI2_2GHZ, &val); 1912 if (sc->mac_ver >= 0x3070) { 1913 if (sc->mac_ver == 0x3593) { 1914 sc->txmixgain_2ghz = 0; 1915 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1916 } else { 1917 /* 1918 * On RT3070 chips (limited to 2 Rx chains), this ROM 1919 * field contains the Tx mixer gain for the 2GHz band. 1920 */ 1921 if ((val & 0xff) != 0xff) 1922 sc->txmixgain_2ghz = val & 0x7; 1923 } 1924 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1925 } else 1926 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1927 if (sc->mac_ver == 0x3593) 1928 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1929 sc->lna[2] = val >> 8; /* channel group 2 */ 1930 1931 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1932 RT3593_EEPROM_RSSI1_5GHZ, &val); 1933 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1934 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1935 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1936 RT3593_EEPROM_RSSI2_5GHZ, &val); 1937 if (sc->mac_ver == 0x3572) { 1938 /* 1939 * On RT3572 chips (limited to 2 Rx chains), this ROM 1940 * field contains the Tx mixer gain for the 5GHz band. 1941 */ 1942 if ((val & 0xff) != 0xff) 1943 sc->txmixgain_5ghz = val & 0x7; 1944 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1945 } else 1946 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1947 if (sc->mac_ver == 0x3593) { 1948 sc->txmixgain_5ghz = 0; 1949 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1950 } 1951 sc->lna[3] = val >> 8; /* channel group 3 */ 1952 1953 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1954 RT3593_EEPROM_LNA, &val); 1955 sc->lna[0] = val & 0xff; /* channel group 0 */ 1956 sc->lna[1] = val >> 8; /* channel group 1 */ 1957 1958 /* fix broken 5GHz LNA entries */ 1959 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1960 DPRINTF("invalid LNA for channel group %d\n", 2); 1961 sc->lna[2] = sc->lna[1]; 1962 } 1963 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1964 DPRINTF("invalid LNA for channel group %d\n", 3); 1965 sc->lna[3] = sc->lna[1]; 1966 } 1967 1968 /* fix broken RSSI offset entries */ 1969 for (ant = 0; ant < 3; ant++) { 1970 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1971 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1972 ant + 1, sc->rssi_2ghz[ant]); 1973 sc->rssi_2ghz[ant] = 0; 1974 } 1975 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1976 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1977 ant + 1, sc->rssi_5ghz[ant]); 1978 sc->rssi_5ghz[ant] = 0; 1979 } 1980 } 1981 return (0); 1982} 1983 1984static struct ieee80211_node * 1985run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1986{ 1987 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1988} 1989 1990static int 1991run_media_change(struct ifnet *ifp) 1992{ 1993 struct ieee80211vap *vap = ifp->if_softc; 1994 struct ieee80211com *ic = vap->iv_ic; 1995 const struct ieee80211_txparam *tp; 1996 struct run_softc *sc = ic->ic_ifp->if_softc; 1997 uint8_t rate, ridx; 1998 int error; 1999 2000 RUN_LOCK(sc); 2001 2002 error = ieee80211_media_change(ifp); 2003 if (error != ENETRESET) { 2004 RUN_UNLOCK(sc); 2005 return (error); 2006 } 2007 2008 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2009 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2010 struct ieee80211_node *ni; 2011 struct run_node *rn; 2012 2013 rate = ic->ic_sup_rates[ic->ic_curmode]. 2014 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2015 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2016 if (rt2860_rates[ridx].rate == rate) 2017 break; 2018 ni = ieee80211_ref_node(vap->iv_bss); 2019 rn = (struct run_node *)ni; 2020 rn->fix_ridx = ridx; 2021 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2022 ieee80211_free_node(ni); 2023 } 2024 2025#if 0 2026 if ((ifp->if_flags & IFF_UP) && 2027 (ifp->if_drv_flags & IFF_DRV_RUNNING)){ 2028 run_init_locked(sc); 2029 } 2030#endif 2031 2032 RUN_UNLOCK(sc); 2033 2034 return (0); 2035} 2036 2037static int 2038run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2039{ 2040 const struct ieee80211_txparam *tp; 2041 struct ieee80211com *ic = vap->iv_ic; 2042 struct run_softc *sc = ic->ic_ifp->if_softc; 2043 struct run_vap *rvp = RUN_VAP(vap); 2044 enum ieee80211_state ostate; 2045 uint32_t sta[3]; 2046 uint32_t tmp; 2047 uint8_t ratectl; 2048 uint8_t restart_ratectl = 0; 2049 uint8_t bid = 1 << rvp->rvp_id; 2050 2051 ostate = vap->iv_state; 2052 DPRINTF("%s -> %s\n", 2053 ieee80211_state_name[ostate], 2054 ieee80211_state_name[nstate]); 2055 2056 IEEE80211_UNLOCK(ic); 2057 RUN_LOCK(sc); 2058 2059 ratectl = sc->ratectl_run; /* remember current state */ 2060 sc->ratectl_run = RUN_RATECTL_OFF; 2061 usb_callout_stop(&sc->ratectl_ch); 2062 2063 if (ostate == IEEE80211_S_RUN) { 2064 /* turn link LED off */ 2065 run_set_leds(sc, RT2860_LED_RADIO); 2066 } 2067 2068 switch (nstate) { 2069 case IEEE80211_S_INIT: 2070 restart_ratectl = 1; 2071 2072 if (ostate != IEEE80211_S_RUN) 2073 break; 2074 2075 ratectl &= ~bid; 2076 sc->runbmap &= ~bid; 2077 2078 /* abort TSF synchronization if there is no vap running */ 2079 if (--sc->running == 0) { 2080 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2081 run_write(sc, RT2860_BCN_TIME_CFG, 2082 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2083 RT2860_TBTT_TIMER_EN)); 2084 } 2085 break; 2086 2087 case IEEE80211_S_RUN: 2088 if (!(sc->runbmap & bid)) { 2089 if(sc->running++) 2090 restart_ratectl = 1; 2091 sc->runbmap |= bid; 2092 } 2093 2094 m_freem(rvp->beacon_mbuf); 2095 rvp->beacon_mbuf = NULL; 2096 2097 switch (vap->iv_opmode) { 2098 case IEEE80211_M_HOSTAP: 2099 case IEEE80211_M_MBSS: 2100 sc->ap_running |= bid; 2101 ic->ic_opmode = vap->iv_opmode; 2102 run_update_beacon_cb(vap); 2103 break; 2104 case IEEE80211_M_IBSS: 2105 sc->adhoc_running |= bid; 2106 if (!sc->ap_running) 2107 ic->ic_opmode = vap->iv_opmode; 2108 run_update_beacon_cb(vap); 2109 break; 2110 case IEEE80211_M_STA: 2111 sc->sta_running |= bid; 2112 if (!sc->ap_running && !sc->adhoc_running) 2113 ic->ic_opmode = vap->iv_opmode; 2114 2115 /* read statistic counters (clear on read) */ 2116 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2117 (uint8_t *)sta, sizeof sta); 2118 2119 break; 2120 default: 2121 ic->ic_opmode = vap->iv_opmode; 2122 break; 2123 } 2124 2125 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2126 struct ieee80211_node *ni; 2127 2128 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2129 RUN_UNLOCK(sc); 2130 IEEE80211_LOCK(ic); 2131 return (-1); 2132 } 2133 run_updateslot(ic->ic_ifp); 2134 run_enable_mrr(sc); 2135 run_set_txpreamble(sc); 2136 run_set_basicrates(sc); 2137 ni = ieee80211_ref_node(vap->iv_bss); 2138 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2139 run_set_bssid(sc, ni->ni_bssid); 2140 ieee80211_free_node(ni); 2141 run_enable_tsf_sync(sc); 2142 2143 /* enable automatic rate adaptation */ 2144 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2145 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2146 ratectl |= bid; 2147 } 2148 2149 /* turn link LED on */ 2150 run_set_leds(sc, RT2860_LED_RADIO | 2151 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2152 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2153 2154 break; 2155 default: 2156 DPRINTFN(6, "undefined case\n"); 2157 break; 2158 } 2159 2160 /* restart amrr for running VAPs */ 2161 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2162 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2163 2164 RUN_UNLOCK(sc); 2165 IEEE80211_LOCK(ic); 2166 2167 return(rvp->newstate(vap, nstate, arg)); 2168} 2169 2170/* ARGSUSED */ 2171static void 2172run_wme_update_cb(void *arg) 2173{ 2174 struct ieee80211com *ic = arg; 2175 struct run_softc *sc = ic->ic_ifp->if_softc; 2176 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2177 int aci, error = 0; 2178 2179 RUN_LOCK_ASSERT(sc, MA_OWNED); 2180 2181 /* update MAC TX configuration registers */ 2182 for (aci = 0; aci < WME_NUM_AC; aci++) { 2183 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2184 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2185 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2186 wmesp->wme_params[aci].wmep_aifsn << 8 | 2187 wmesp->wme_params[aci].wmep_txopLimit); 2188 if (error) goto err; 2189 } 2190 2191 /* update SCH/DMA registers too */ 2192 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2193 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2194 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2195 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2196 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2197 if (error) goto err; 2198 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2199 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2200 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2201 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2202 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2203 if (error) goto err; 2204 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2205 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2206 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2207 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2208 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2209 if (error) goto err; 2210 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2211 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2212 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2213 if (error) goto err; 2214 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2215 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2216 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2217 2218err: 2219 if (error) 2220 DPRINTF("WME update failed\n"); 2221 2222 return; 2223} 2224 2225static int 2226run_wme_update(struct ieee80211com *ic) 2227{ 2228 struct run_softc *sc = ic->ic_ifp->if_softc; 2229 2230 /* sometime called wothout lock */ 2231 if (mtx_owned(&ic->ic_comlock.mtx)) { 2232 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2233 DPRINTF("cmdq_store=%d\n", i); 2234 sc->cmdq[i].func = run_wme_update_cb; 2235 sc->cmdq[i].arg0 = ic; 2236 ieee80211_runtask(ic, &sc->cmdq_task); 2237 return (0); 2238 } 2239 2240 RUN_LOCK(sc); 2241 run_wme_update_cb(ic); 2242 RUN_UNLOCK(sc); 2243 2244 /* return whatever, upper layer desn't care anyway */ 2245 return (0); 2246} 2247 2248static void 2249run_key_update_begin(struct ieee80211vap *vap) 2250{ 2251 /* 2252 * To avoid out-of-order events, both run_key_set() and 2253 * _delete() are deferred and handled by run_cmdq_cb(). 2254 * So, there is nothing we need to do here. 2255 */ 2256} 2257 2258static void 2259run_key_update_end(struct ieee80211vap *vap) 2260{ 2261 /* null */ 2262} 2263 2264static void 2265run_key_set_cb(void *arg) 2266{ 2267 struct run_cmdq *cmdq = arg; 2268 struct ieee80211vap *vap = cmdq->arg1; 2269 struct ieee80211_key *k = cmdq->k; 2270 struct ieee80211com *ic = vap->iv_ic; 2271 struct run_softc *sc = ic->ic_ifp->if_softc; 2272 struct ieee80211_node *ni; 2273 uint32_t attr; 2274 uint16_t base, associd; 2275 uint8_t mode, wcid, iv[8]; 2276 2277 RUN_LOCK_ASSERT(sc, MA_OWNED); 2278 2279 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2280 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2281 else 2282 ni = vap->iv_bss; 2283 associd = (ni != NULL) ? ni->ni_associd : 0; 2284 2285 /* map net80211 cipher to RT2860 security mode */ 2286 switch (k->wk_cipher->ic_cipher) { 2287 case IEEE80211_CIPHER_WEP: 2288 if(k->wk_keylen < 8) 2289 mode = RT2860_MODE_WEP40; 2290 else 2291 mode = RT2860_MODE_WEP104; 2292 break; 2293 case IEEE80211_CIPHER_TKIP: 2294 mode = RT2860_MODE_TKIP; 2295 break; 2296 case IEEE80211_CIPHER_AES_CCM: 2297 mode = RT2860_MODE_AES_CCMP; 2298 break; 2299 default: 2300 DPRINTF("undefined case\n"); 2301 return; 2302 } 2303 2304 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2305 associd, k->wk_keyix, mode, 2306 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2307 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2308 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2309 2310 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2311 wcid = 0; /* NB: update WCID0 for group keys */ 2312 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2313 } else { 2314 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2315 1 : RUN_AID2WCID(associd); 2316 base = RT2860_PKEY(wcid); 2317 } 2318 2319 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2320 if(run_write_region_1(sc, base, k->wk_key, 16)) 2321 return; 2322 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2323 return; 2324 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2325 return; 2326 } else { 2327 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2328 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2329 return; 2330 } 2331 2332 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2333 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2334 /* set initial packet number in IV+EIV */ 2335 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2336 memset(iv, 0, sizeof iv); 2337 iv[3] = vap->iv_def_txkey << 6; 2338 } else { 2339 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2340 iv[0] = k->wk_keytsc >> 8; 2341 iv[1] = (iv[0] | 0x20) & 0x7f; 2342 iv[2] = k->wk_keytsc; 2343 } else /* CCMP */ { 2344 iv[0] = k->wk_keytsc; 2345 iv[1] = k->wk_keytsc >> 8; 2346 iv[2] = 0; 2347 } 2348 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2349 iv[4] = k->wk_keytsc >> 16; 2350 iv[5] = k->wk_keytsc >> 24; 2351 iv[6] = k->wk_keytsc >> 32; 2352 iv[7] = k->wk_keytsc >> 40; 2353 } 2354 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2355 return; 2356 } 2357 2358 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2359 /* install group key */ 2360 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2361 return; 2362 attr &= ~(0xf << (k->wk_keyix * 4)); 2363 attr |= mode << (k->wk_keyix * 4); 2364 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2365 return; 2366 } else { 2367 /* install pairwise key */ 2368 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2369 return; 2370 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2371 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2372 return; 2373 } 2374 2375 /* TODO create a pass-thru key entry? */ 2376 2377 /* need wcid to delete the right key later */ 2378 k->wk_pad = wcid; 2379} 2380 2381/* 2382 * Don't have to be deferred, but in order to keep order of 2383 * execution, i.e. with run_key_delete(), defer this and let 2384 * run_cmdq_cb() maintain the order. 2385 * 2386 * return 0 on error 2387 */ 2388static int 2389run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2390 const uint8_t mac[IEEE80211_ADDR_LEN]) 2391{ 2392 struct ieee80211com *ic = vap->iv_ic; 2393 struct run_softc *sc = ic->ic_ifp->if_softc; 2394 uint32_t i; 2395 2396 i = RUN_CMDQ_GET(&sc->cmdq_store); 2397 DPRINTF("cmdq_store=%d\n", i); 2398 sc->cmdq[i].func = run_key_set_cb; 2399 sc->cmdq[i].arg0 = NULL; 2400 sc->cmdq[i].arg1 = vap; 2401 sc->cmdq[i].k = k; 2402 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2403 ieee80211_runtask(ic, &sc->cmdq_task); 2404 2405 /* 2406 * To make sure key will be set when hostapd 2407 * calls iv_key_set() before if_init(). 2408 */ 2409 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2410 RUN_LOCK(sc); 2411 sc->cmdq_key_set = RUN_CMDQ_GO; 2412 RUN_UNLOCK(sc); 2413 } 2414 2415 return (1); 2416} 2417 2418/* 2419 * If wlan is destroyed without being brought down i.e. without 2420 * wlan down or wpa_cli terminate, this function is called after 2421 * vap is gone. Don't refer it. 2422 */ 2423static void 2424run_key_delete_cb(void *arg) 2425{ 2426 struct run_cmdq *cmdq = arg; 2427 struct run_softc *sc = cmdq->arg1; 2428 struct ieee80211_key *k = &cmdq->key; 2429 uint32_t attr; 2430 uint8_t wcid; 2431 2432 RUN_LOCK_ASSERT(sc, MA_OWNED); 2433 2434 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2435 /* remove group key */ 2436 DPRINTF("removing group key\n"); 2437 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2438 attr &= ~(0xf << (k->wk_keyix * 4)); 2439 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2440 } else { 2441 /* remove pairwise key */ 2442 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2443 /* matching wcid was written to wk_pad in run_key_set() */ 2444 wcid = k->wk_pad; 2445 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2446 attr &= ~0xf; 2447 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2448 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2449 } 2450 2451 k->wk_pad = 0; 2452} 2453 2454/* 2455 * return 0 on error 2456 */ 2457static int 2458run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2459{ 2460 struct ieee80211com *ic = vap->iv_ic; 2461 struct run_softc *sc = ic->ic_ifp->if_softc; 2462 struct ieee80211_key *k0; 2463 uint32_t i; 2464 2465 /* 2466 * When called back, key might be gone. So, make a copy 2467 * of some values need to delete keys before deferring. 2468 * But, because of LOR with node lock, cannot use lock here. 2469 * So, use atomic instead. 2470 */ 2471 i = RUN_CMDQ_GET(&sc->cmdq_store); 2472 DPRINTF("cmdq_store=%d\n", i); 2473 sc->cmdq[i].func = run_key_delete_cb; 2474 sc->cmdq[i].arg0 = NULL; 2475 sc->cmdq[i].arg1 = sc; 2476 k0 = &sc->cmdq[i].key; 2477 k0->wk_flags = k->wk_flags; 2478 k0->wk_keyix = k->wk_keyix; 2479 /* matching wcid was written to wk_pad in run_key_set() */ 2480 k0->wk_pad = k->wk_pad; 2481 ieee80211_runtask(ic, &sc->cmdq_task); 2482 return (1); /* return fake success */ 2483 2484} 2485 2486static void 2487run_ratectl_to(void *arg) 2488{ 2489 struct run_softc *sc = arg; 2490 2491 /* do it in a process context, so it can go sleep */ 2492 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2493 /* next timeout will be rescheduled in the callback task */ 2494} 2495 2496/* ARGSUSED */ 2497static void 2498run_ratectl_cb(void *arg, int pending) 2499{ 2500 struct run_softc *sc = arg; 2501 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2502 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2503 2504 if (vap == NULL) 2505 return; 2506 2507 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA) 2508 run_iter_func(sc, vap->iv_bss); 2509 else { 2510 /* 2511 * run_reset_livelock() doesn't do anything with AMRR, 2512 * but Ralink wants us to call it every 1 sec. So, we 2513 * piggyback here rather than creating another callout. 2514 * Livelock may occur only in HOSTAP or IBSS mode 2515 * (when h/w is sending beacons). 2516 */ 2517 RUN_LOCK(sc); 2518 run_reset_livelock(sc); 2519 /* just in case, there are some stats to drain */ 2520 run_drain_fifo(sc); 2521 RUN_UNLOCK(sc); 2522 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2523 } 2524 2525 RUN_LOCK(sc); 2526 if(sc->ratectl_run != RUN_RATECTL_OFF) 2527 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2528 RUN_UNLOCK(sc); 2529} 2530 2531static void 2532run_drain_fifo(void *arg) 2533{ 2534 struct run_softc *sc = arg; 2535 struct ifnet *ifp = sc->sc_ifp; 2536 uint32_t stat; 2537 uint16_t (*wstat)[3]; 2538 uint8_t wcid, mcs, pid; 2539 int8_t retry; 2540 2541 RUN_LOCK_ASSERT(sc, MA_OWNED); 2542 2543 for (;;) { 2544 /* drain Tx status FIFO (maxsize = 16) */ 2545 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2546 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2547 if (!(stat & RT2860_TXQ_VLD)) 2548 break; 2549 2550 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2551 2552 /* if no ACK was requested, no feedback is available */ 2553 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2554 wcid == 0) 2555 continue; 2556 2557 /* 2558 * Even though each stat is Tx-complete-status like format, 2559 * the device can poll stats. Because there is no guarantee 2560 * that the referring node is still around when read the stats. 2561 * So that, if we use ieee80211_ratectl_tx_update(), we will 2562 * have hard time not to refer already freed node. 2563 * 2564 * To eliminate such page faults, we poll stats in softc. 2565 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2566 */ 2567 wstat = &(sc->wcid_stats[wcid]); 2568 (*wstat)[RUN_TXCNT]++; 2569 if (stat & RT2860_TXQ_OK) 2570 (*wstat)[RUN_SUCCESS]++; 2571 else 2572 ifp->if_oerrors++; 2573 /* 2574 * Check if there were retries, ie if the Tx success rate is 2575 * different from the requested rate. Note that it works only 2576 * because we do not allow rate fallback from OFDM to CCK. 2577 */ 2578 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2579 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2580 if ((retry = pid -1 - mcs) > 0) { 2581 (*wstat)[RUN_TXCNT] += retry; 2582 (*wstat)[RUN_RETRY] += retry; 2583 } 2584 } 2585 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2586 2587 sc->fifo_cnt = 0; 2588} 2589 2590static void 2591run_iter_func(void *arg, struct ieee80211_node *ni) 2592{ 2593 struct run_softc *sc = arg; 2594 struct ieee80211vap *vap = ni->ni_vap; 2595 struct ieee80211com *ic = ni->ni_ic; 2596 struct ifnet *ifp = ic->ic_ifp; 2597 struct run_node *rn = (void *)ni; 2598 union run_stats sta[2]; 2599 uint16_t (*wstat)[3]; 2600 int txcnt, success, retrycnt, error; 2601 2602 RUN_LOCK(sc); 2603 2604 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2605 vap->iv_opmode == IEEE80211_M_STA)) { 2606 /* read statistic counters (clear on read) and update AMRR state */ 2607 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2608 sizeof sta); 2609 if (error != 0) 2610 goto fail; 2611 2612 /* count failed TX as errors */ 2613 ifp->if_oerrors += le16toh(sta[0].error.fail); 2614 2615 retrycnt = le16toh(sta[1].tx.retry); 2616 success = le16toh(sta[1].tx.success); 2617 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2618 2619 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2620 retrycnt, success, le16toh(sta[0].error.fail)); 2621 } else { 2622 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2623 2624 if (wstat == &(sc->wcid_stats[0]) || 2625 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2626 goto fail; 2627 2628 txcnt = (*wstat)[RUN_TXCNT]; 2629 success = (*wstat)[RUN_SUCCESS]; 2630 retrycnt = (*wstat)[RUN_RETRY]; 2631 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2632 retrycnt, txcnt, success); 2633 2634 memset(wstat, 0, sizeof(*wstat)); 2635 } 2636 2637 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2638 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2639 2640fail: 2641 RUN_UNLOCK(sc); 2642 2643 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2644} 2645 2646static void 2647run_newassoc_cb(void *arg) 2648{ 2649 struct run_cmdq *cmdq = arg; 2650 struct ieee80211_node *ni = cmdq->arg1; 2651 struct run_softc *sc = ni->ni_vap->iv_ic->ic_ifp->if_softc; 2652 uint8_t wcid = cmdq->wcid; 2653 2654 RUN_LOCK_ASSERT(sc, MA_OWNED); 2655 2656 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2657 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2658 2659 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2660} 2661 2662static void 2663run_newassoc(struct ieee80211_node *ni, int isnew) 2664{ 2665 struct run_node *rn = (void *)ni; 2666 struct ieee80211_rateset *rs = &ni->ni_rates; 2667 struct ieee80211vap *vap = ni->ni_vap; 2668 struct ieee80211com *ic = vap->iv_ic; 2669 struct run_softc *sc = ic->ic_ifp->if_softc; 2670 uint8_t rate; 2671 uint8_t ridx; 2672 uint8_t wcid; 2673 int i, j; 2674 2675 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2676 1 : RUN_AID2WCID(ni->ni_associd); 2677 2678 if (wcid > RT2870_WCID_MAX) { 2679 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2680 return; 2681 } 2682 2683 /* only interested in true associations */ 2684 if (isnew && ni->ni_associd != 0) { 2685 2686 /* 2687 * This function could is called though timeout function. 2688 * Need to defer. 2689 */ 2690 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2691 DPRINTF("cmdq_store=%d\n", cnt); 2692 sc->cmdq[cnt].func = run_newassoc_cb; 2693 sc->cmdq[cnt].arg0 = NULL; 2694 sc->cmdq[cnt].arg1 = ni; 2695 sc->cmdq[cnt].wcid = wcid; 2696 ieee80211_runtask(ic, &sc->cmdq_task); 2697 } 2698 2699 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2700 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr)); 2701 2702 for (i = 0; i < rs->rs_nrates; i++) { 2703 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2704 /* convert 802.11 rate to hardware rate index */ 2705 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2706 if (rt2860_rates[ridx].rate == rate) 2707 break; 2708 rn->ridx[i] = ridx; 2709 /* determine rate of control response frames */ 2710 for (j = i; j >= 0; j--) { 2711 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2712 rt2860_rates[rn->ridx[i]].phy == 2713 rt2860_rates[rn->ridx[j]].phy) 2714 break; 2715 } 2716 if (j >= 0) { 2717 rn->ctl_ridx[i] = rn->ridx[j]; 2718 } else { 2719 /* no basic rate found, use mandatory one */ 2720 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2721 } 2722 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2723 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2724 } 2725 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2726 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2727 if (rt2860_rates[ridx].rate == rate) 2728 break; 2729 rn->mgt_ridx = ridx; 2730 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2731 2732 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2733} 2734 2735/* 2736 * Return the Rx chain with the highest RSSI for a given frame. 2737 */ 2738static __inline uint8_t 2739run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2740{ 2741 uint8_t rxchain = 0; 2742 2743 if (sc->nrxchains > 1) { 2744 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2745 rxchain = 1; 2746 if (sc->nrxchains > 2) 2747 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2748 rxchain = 2; 2749 } 2750 return (rxchain); 2751} 2752 2753static void 2754run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2755{ 2756 struct ifnet *ifp = sc->sc_ifp; 2757 struct ieee80211com *ic = ifp->if_l2com; 2758 struct ieee80211_frame *wh; 2759 struct ieee80211_node *ni; 2760 struct rt2870_rxd *rxd; 2761 struct rt2860_rxwi *rxwi; 2762 uint32_t flags; 2763 uint16_t len, rxwisize; 2764 uint8_t ant, rssi; 2765 int8_t nf; 2766 2767 rxwi = mtod(m, struct rt2860_rxwi *); 2768 len = le16toh(rxwi->len) & 0xfff; 2769 rxwisize = sizeof(struct rt2860_rxwi); 2770 if (sc->mac_ver == 0x5592) 2771 rxwisize += sizeof(uint64_t); 2772 else if (sc->mac_ver == 0x3593) 2773 rxwisize += sizeof(uint32_t); 2774 if (__predict_false(len > dmalen)) { 2775 m_freem(m); 2776 ifp->if_ierrors++; 2777 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2778 return; 2779 } 2780 /* Rx descriptor is located at the end */ 2781 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2782 flags = le32toh(rxd->flags); 2783 2784 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2785 m_freem(m); 2786 ifp->if_ierrors++; 2787 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2788 return; 2789 } 2790 2791 m->m_data += rxwisize; 2792 m->m_pkthdr.len = m->m_len -= rxwisize; 2793 2794 wh = mtod(m, struct ieee80211_frame *); 2795 2796 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2797 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2798 m->m_flags |= M_WEP; 2799 } 2800 2801 if (flags & RT2860_RX_L2PAD) { 2802 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2803 len += 2; 2804 } 2805 2806 ni = ieee80211_find_rxnode(ic, 2807 mtod(m, struct ieee80211_frame_min *)); 2808 2809 if (__predict_false(flags & RT2860_RX_MICERR)) { 2810 /* report MIC failures to net80211 for TKIP */ 2811 if (ni != NULL) 2812 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2813 rxwi->keyidx); 2814 m_freem(m); 2815 ifp->if_ierrors++; 2816 DPRINTF("MIC error. Someone is lying.\n"); 2817 return; 2818 } 2819 2820 ant = run_maxrssi_chain(sc, rxwi); 2821 rssi = rxwi->rssi[ant]; 2822 nf = run_rssi2dbm(sc, rssi, ant); 2823 2824 m->m_pkthdr.rcvif = ifp; 2825 m->m_pkthdr.len = m->m_len = len; 2826 2827 if (ni != NULL) { 2828 (void)ieee80211_input(ni, m, rssi, nf); 2829 ieee80211_free_node(ni); 2830 } else { 2831 (void)ieee80211_input_all(ic, m, rssi, nf); 2832 } 2833 2834 if (__predict_false(ieee80211_radiotap_active(ic))) { 2835 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2836 uint16_t phy; 2837 2838 tap->wr_flags = 0; 2839 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2840 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2841 tap->wr_antsignal = rssi; 2842 tap->wr_antenna = ant; 2843 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2844 tap->wr_rate = 2; /* in case it can't be found below */ 2845 phy = le16toh(rxwi->phy); 2846 switch (phy & RT2860_PHY_MODE) { 2847 case RT2860_PHY_CCK: 2848 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2849 case 0: tap->wr_rate = 2; break; 2850 case 1: tap->wr_rate = 4; break; 2851 case 2: tap->wr_rate = 11; break; 2852 case 3: tap->wr_rate = 22; break; 2853 } 2854 if (phy & RT2860_PHY_SHPRE) 2855 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2856 break; 2857 case RT2860_PHY_OFDM: 2858 switch (phy & RT2860_PHY_MCS) { 2859 case 0: tap->wr_rate = 12; break; 2860 case 1: tap->wr_rate = 18; break; 2861 case 2: tap->wr_rate = 24; break; 2862 case 3: tap->wr_rate = 36; break; 2863 case 4: tap->wr_rate = 48; break; 2864 case 5: tap->wr_rate = 72; break; 2865 case 6: tap->wr_rate = 96; break; 2866 case 7: tap->wr_rate = 108; break; 2867 } 2868 break; 2869 } 2870 } 2871} 2872 2873static void 2874run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2875{ 2876 struct run_softc *sc = usbd_xfer_softc(xfer); 2877 struct ifnet *ifp = sc->sc_ifp; 2878 struct mbuf *m = NULL; 2879 struct mbuf *m0; 2880 uint32_t dmalen; 2881 uint16_t rxwisize; 2882 int xferlen; 2883 2884 rxwisize = sizeof(struct rt2860_rxwi); 2885 if (sc->mac_ver == 0x5592) 2886 rxwisize += sizeof(uint64_t); 2887 else if (sc->mac_ver == 0x3593) 2888 rxwisize += sizeof(uint32_t); 2889 2890 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2891 2892 switch (USB_GET_STATE(xfer)) { 2893 case USB_ST_TRANSFERRED: 2894 2895 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2896 2897 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2898 sizeof(struct rt2870_rxd))) { 2899 DPRINTF("xfer too short %d\n", xferlen); 2900 goto tr_setup; 2901 } 2902 2903 m = sc->rx_m; 2904 sc->rx_m = NULL; 2905 2906 /* FALLTHROUGH */ 2907 case USB_ST_SETUP: 2908tr_setup: 2909 if (sc->rx_m == NULL) { 2910 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2911 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2912 } 2913 if (sc->rx_m == NULL) { 2914 DPRINTF("could not allocate mbuf - idle with stall\n"); 2915 ifp->if_ierrors++; 2916 usbd_xfer_set_stall(xfer); 2917 usbd_xfer_set_frames(xfer, 0); 2918 } else { 2919 /* 2920 * Directly loading a mbuf cluster into DMA to 2921 * save some data copying. This works because 2922 * there is only one cluster. 2923 */ 2924 usbd_xfer_set_frame_data(xfer, 0, 2925 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2926 usbd_xfer_set_frames(xfer, 1); 2927 } 2928 usbd_transfer_submit(xfer); 2929 break; 2930 2931 default: /* Error */ 2932 if (error != USB_ERR_CANCELLED) { 2933 /* try to clear stall first */ 2934 usbd_xfer_set_stall(xfer); 2935 2936 if (error == USB_ERR_TIMEOUT) 2937 device_printf(sc->sc_dev, "device timeout\n"); 2938 2939 ifp->if_ierrors++; 2940 2941 goto tr_setup; 2942 } 2943 if (sc->rx_m != NULL) { 2944 m_freem(sc->rx_m); 2945 sc->rx_m = NULL; 2946 } 2947 break; 2948 } 2949 2950 if (m == NULL) 2951 return; 2952 2953 /* inputting all the frames must be last */ 2954 2955 RUN_UNLOCK(sc); 2956 2957 m->m_pkthdr.len = m->m_len = xferlen; 2958 2959 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2960 for(;;) { 2961 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2962 2963 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2964 ((dmalen & 3) != 0)) { 2965 DPRINTF("bad DMA length %u\n", dmalen); 2966 break; 2967 } 2968 if ((dmalen + 8) > (uint32_t)xferlen) { 2969 DPRINTF("bad DMA length %u > %d\n", 2970 dmalen + 8, xferlen); 2971 break; 2972 } 2973 2974 /* If it is the last one or a single frame, we won't copy. */ 2975 if ((xferlen -= dmalen + 8) <= 8) { 2976 /* trim 32-bit DMA-len header */ 2977 m->m_data += 4; 2978 m->m_pkthdr.len = m->m_len -= 4; 2979 run_rx_frame(sc, m, dmalen); 2980 m = NULL; /* don't free source buffer */ 2981 break; 2982 } 2983 2984 /* copy aggregated frames to another mbuf */ 2985 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 2986 if (__predict_false(m0 == NULL)) { 2987 DPRINTF("could not allocate mbuf\n"); 2988 ifp->if_ierrors++; 2989 break; 2990 } 2991 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 2992 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 2993 m0->m_pkthdr.len = m0->m_len = 2994 dmalen + sizeof(struct rt2870_rxd); 2995 run_rx_frame(sc, m0, dmalen); 2996 2997 /* update data ptr */ 2998 m->m_data += dmalen + 8; 2999 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3000 } 3001 3002 /* make sure we free the source buffer, if any */ 3003 m_freem(m); 3004 3005 RUN_LOCK(sc); 3006} 3007 3008static void 3009run_tx_free(struct run_endpoint_queue *pq, 3010 struct run_tx_data *data, int txerr) 3011{ 3012 if (data->m != NULL) { 3013 if (data->m->m_flags & M_TXCB) 3014 ieee80211_process_callback(data->ni, data->m, 3015 txerr ? ETIMEDOUT : 0); 3016 m_freem(data->m); 3017 data->m = NULL; 3018 3019 if (data->ni == NULL) { 3020 DPRINTF("no node\n"); 3021 } else { 3022 ieee80211_free_node(data->ni); 3023 data->ni = NULL; 3024 } 3025 } 3026 3027 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3028 pq->tx_nfree++; 3029} 3030 3031static void 3032run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3033{ 3034 struct run_softc *sc = usbd_xfer_softc(xfer); 3035 struct ifnet *ifp = sc->sc_ifp; 3036 struct ieee80211com *ic = ifp->if_l2com; 3037 struct run_tx_data *data; 3038 struct ieee80211vap *vap = NULL; 3039 struct usb_page_cache *pc; 3040 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3041 struct mbuf *m; 3042 usb_frlength_t size; 3043 int actlen; 3044 int sumlen; 3045 3046 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3047 3048 switch (USB_GET_STATE(xfer)) { 3049 case USB_ST_TRANSFERRED: 3050 DPRINTFN(11, "transfer complete: %d " 3051 "bytes @ index %d\n", actlen, index); 3052 3053 data = usbd_xfer_get_priv(xfer); 3054 3055 run_tx_free(pq, data, 0); 3056 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3057 3058 usbd_xfer_set_priv(xfer, NULL); 3059 3060 ifp->if_opackets++; 3061 3062 /* FALLTHROUGH */ 3063 case USB_ST_SETUP: 3064tr_setup: 3065 data = STAILQ_FIRST(&pq->tx_qh); 3066 if (data == NULL) 3067 break; 3068 3069 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3070 3071 m = data->m; 3072 size = (sc->mac_ver == 0x5592) ? 3073 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3074 if ((m->m_pkthdr.len + 3075 size + 3 + 8) > RUN_MAX_TXSZ) { 3076 DPRINTF("data overflow, %u bytes\n", 3077 m->m_pkthdr.len); 3078 3079 ifp->if_oerrors++; 3080 3081 run_tx_free(pq, data, 1); 3082 3083 goto tr_setup; 3084 } 3085 3086 pc = usbd_xfer_get_frame(xfer, 0); 3087 usbd_copy_in(pc, 0, &data->desc, size); 3088 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3089 size += m->m_pkthdr.len; 3090 /* 3091 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3092 * 4-byte padding), and be sure to zero those trailing 3093 * bytes: 3094 */ 3095 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3096 size += ((-size) & 3) + 8; 3097 3098 vap = data->ni->ni_vap; 3099 if (ieee80211_radiotap_active_vap(vap)) { 3100 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3101 struct rt2860_txwi *txwi = 3102 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3103 tap->wt_flags = 0; 3104 tap->wt_rate = rt2860_rates[data->ridx].rate; 3105 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3106 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3107 tap->wt_hwqueue = index; 3108 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3109 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3110 3111 ieee80211_radiotap_tx(vap, m); 3112 } 3113 3114 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3115 m->m_pkthdr.len, size, index); 3116 3117 usbd_xfer_set_frame_len(xfer, 0, size); 3118 usbd_xfer_set_priv(xfer, data); 3119 3120 usbd_transfer_submit(xfer); 3121 3122 RUN_UNLOCK(sc); 3123 run_start(ifp); 3124 RUN_LOCK(sc); 3125 3126 break; 3127 3128 default: 3129 DPRINTF("USB transfer error, %s\n", 3130 usbd_errstr(error)); 3131 3132 data = usbd_xfer_get_priv(xfer); 3133 3134 ifp->if_oerrors++; 3135 3136 if (data != NULL) { 3137 if(data->ni != NULL) 3138 vap = data->ni->ni_vap; 3139 run_tx_free(pq, data, error); 3140 usbd_xfer_set_priv(xfer, NULL); 3141 } 3142 if (vap == NULL) 3143 vap = TAILQ_FIRST(&ic->ic_vaps); 3144 3145 if (error != USB_ERR_CANCELLED) { 3146 if (error == USB_ERR_TIMEOUT) { 3147 device_printf(sc->sc_dev, "device timeout\n"); 3148 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3149 DPRINTF("cmdq_store=%d\n", i); 3150 sc->cmdq[i].func = run_usb_timeout_cb; 3151 sc->cmdq[i].arg0 = vap; 3152 ieee80211_runtask(ic, &sc->cmdq_task); 3153 } 3154 3155 /* 3156 * Try to clear stall first, also if other 3157 * errors occur, hence clearing stall 3158 * introduces a 50 ms delay: 3159 */ 3160 usbd_xfer_set_stall(xfer); 3161 goto tr_setup; 3162 } 3163 break; 3164 } 3165} 3166 3167static void 3168run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3169{ 3170 run_bulk_tx_callbackN(xfer, error, 0); 3171} 3172 3173static void 3174run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3175{ 3176 run_bulk_tx_callbackN(xfer, error, 1); 3177} 3178 3179static void 3180run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3181{ 3182 run_bulk_tx_callbackN(xfer, error, 2); 3183} 3184 3185static void 3186run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3187{ 3188 run_bulk_tx_callbackN(xfer, error, 3); 3189} 3190 3191static void 3192run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3193{ 3194 run_bulk_tx_callbackN(xfer, error, 4); 3195} 3196 3197static void 3198run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3199{ 3200 run_bulk_tx_callbackN(xfer, error, 5); 3201} 3202 3203static void 3204run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3205{ 3206 struct mbuf *m = data->m; 3207 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3208 struct ieee80211vap *vap = data->ni->ni_vap; 3209 struct ieee80211_frame *wh; 3210 struct rt2870_txd *txd; 3211 struct rt2860_txwi *txwi; 3212 uint16_t xferlen, txwisize; 3213 uint16_t mcs; 3214 uint8_t ridx = data->ridx; 3215 uint8_t pad; 3216 3217 /* get MCS code from rate index */ 3218 mcs = rt2860_rates[ridx].mcs; 3219 3220 txwisize = (sc->mac_ver == 0x5592) ? 3221 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3222 xferlen = txwisize + m->m_pkthdr.len; 3223 3224 /* roundup to 32-bit alignment */ 3225 xferlen = (xferlen + 3) & ~3; 3226 3227 txd = (struct rt2870_txd *)&data->desc; 3228 txd->len = htole16(xferlen); 3229 3230 wh = mtod(m, struct ieee80211_frame *); 3231 3232 /* 3233 * Ether both are true or both are false, the header 3234 * are nicely aligned to 32-bit. So, no L2 padding. 3235 */ 3236 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3237 pad = 0; 3238 else 3239 pad = 2; 3240 3241 /* setup TX Wireless Information */ 3242 txwi = (struct rt2860_txwi *)(txd + 1); 3243 txwi->len = htole16(m->m_pkthdr.len - pad); 3244 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3245 txwi->phy = htole16(RT2860_PHY_CCK); 3246 if (ridx != RT2860_RIDX_CCK1 && 3247 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3248 mcs |= RT2860_PHY_SHPRE; 3249 } else 3250 txwi->phy = htole16(RT2860_PHY_OFDM); 3251 txwi->phy |= htole16(mcs); 3252 3253 /* check if RTS/CTS or CTS-to-self protection is required */ 3254 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3255 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3256 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3257 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3258 txwi->txop |= RT2860_TX_TXOP_HT; 3259 else 3260 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3261 3262 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3263 txwi->xflags |= RT2860_TX_NSEQ; 3264} 3265 3266/* This function must be called locked */ 3267static int 3268run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3269{ 3270 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3271 struct ieee80211vap *vap = ni->ni_vap; 3272 struct ieee80211_frame *wh; 3273 struct ieee80211_channel *chan; 3274 const struct ieee80211_txparam *tp; 3275 struct run_node *rn = (void *)ni; 3276 struct run_tx_data *data; 3277 struct rt2870_txd *txd; 3278 struct rt2860_txwi *txwi; 3279 uint16_t qos; 3280 uint16_t dur; 3281 uint16_t qid; 3282 uint8_t type; 3283 uint8_t tid; 3284 uint8_t ridx; 3285 uint8_t ctl_ridx; 3286 uint8_t qflags; 3287 uint8_t xflags = 0; 3288 int hasqos; 3289 3290 RUN_LOCK_ASSERT(sc, MA_OWNED); 3291 3292 wh = mtod(m, struct ieee80211_frame *); 3293 3294 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3295 3296 /* 3297 * There are 7 bulk endpoints: 1 for RX 3298 * and 6 for TX (4 EDCAs + HCCA + Prio). 3299 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3300 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3301 */ 3302 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3303 uint8_t *frm; 3304 3305 if(IEEE80211_HAS_ADDR4(wh)) 3306 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3307 else 3308 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3309 3310 qos = le16toh(*(const uint16_t *)frm); 3311 tid = qos & IEEE80211_QOS_TID; 3312 qid = TID_TO_WME_AC(tid); 3313 } else { 3314 qos = 0; 3315 tid = 0; 3316 qid = WME_AC_BE; 3317 } 3318 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3319 3320 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3321 qos, qid, tid, qflags); 3322 3323 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3324 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3325 3326 /* pickup a rate index */ 3327 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3328 type != IEEE80211_FC0_TYPE_DATA) { 3329 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3330 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3331 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3332 } else { 3333 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3334 ridx = rn->fix_ridx; 3335 else 3336 ridx = rn->amrr_ridx; 3337 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3338 } 3339 3340 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3341 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3342 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3343 xflags |= RT2860_TX_ACK; 3344 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3345 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3346 else 3347 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3348 USETW(wh->i_dur, dur); 3349 } 3350 3351 /* reserve slots for mgmt packets, just in case */ 3352 if (sc->sc_epq[qid].tx_nfree < 3) { 3353 DPRINTFN(10, "tx ring %d is full\n", qid); 3354 return (-1); 3355 } 3356 3357 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3358 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3359 sc->sc_epq[qid].tx_nfree--; 3360 3361 txd = (struct rt2870_txd *)&data->desc; 3362 txd->flags = qflags; 3363 txwi = (struct rt2860_txwi *)(txd + 1); 3364 txwi->xflags = xflags; 3365 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3366 txwi->wcid = 0; 3367 else 3368 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3369 1 : RUN_AID2WCID(ni->ni_associd); 3370 3371 /* clear leftover garbage bits */ 3372 txwi->flags = 0; 3373 txwi->txop = 0; 3374 3375 data->m = m; 3376 data->ni = ni; 3377 data->ridx = ridx; 3378 3379 run_set_tx_desc(sc, data); 3380 3381 /* 3382 * The chip keeps track of 2 kind of Tx stats, 3383 * * TX_STAT_FIFO, for per WCID stats, and 3384 * * TX_STA_CNT0 for all-TX-in-one stats. 3385 * 3386 * To use FIFO stats, we need to store MCS into the driver-private 3387 * PacketID field. So that, we can tell whose stats when we read them. 3388 * We add 1 to the MCS because setting the PacketID field to 0 means 3389 * that we don't want feedback in TX_STAT_FIFO. 3390 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3391 * 3392 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3393 */ 3394 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3395 vap->iv_opmode == IEEE80211_M_MBSS) { 3396 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3397 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3398 3399 /* 3400 * Unlike PCI based devices, we don't get any interrupt from 3401 * USB devices, so we simulate FIFO-is-full interrupt here. 3402 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3403 * quickly get fulled. To prevent overflow, increment a counter on 3404 * every FIFO stat request, so we know how many slots are left. 3405 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3406 * are used only in those modes. 3407 * We just drain stats. AMRR gets updated every 1 sec by 3408 * run_ratectl_cb() via callout. 3409 * Call it early. Otherwise overflow. 3410 */ 3411 if (sc->fifo_cnt++ == 10) { 3412 /* 3413 * With multiple vaps or if_bridge, if_start() is called 3414 * with a non-sleepable lock, tcpinp. So, need to defer. 3415 */ 3416 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3417 DPRINTFN(6, "cmdq_store=%d\n", i); 3418 sc->cmdq[i].func = run_drain_fifo; 3419 sc->cmdq[i].arg0 = sc; 3420 ieee80211_runtask(ic, &sc->cmdq_task); 3421 } 3422 } 3423 3424 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3425 3426 usbd_transfer_start(sc->sc_xfer[qid]); 3427 3428 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3429 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3430 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3431 3432 return (0); 3433} 3434 3435static int 3436run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3437{ 3438 struct ifnet *ifp = sc->sc_ifp; 3439 struct ieee80211com *ic = ifp->if_l2com; 3440 struct run_node *rn = (void *)ni; 3441 struct run_tx_data *data; 3442 struct ieee80211_frame *wh; 3443 struct rt2870_txd *txd; 3444 struct rt2860_txwi *txwi; 3445 uint16_t dur; 3446 uint8_t ridx = rn->mgt_ridx; 3447 uint8_t type; 3448 uint8_t xflags = 0; 3449 uint8_t wflags = 0; 3450 3451 RUN_LOCK_ASSERT(sc, MA_OWNED); 3452 3453 wh = mtod(m, struct ieee80211_frame *); 3454 3455 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3456 3457 /* tell hardware to add timestamp for probe responses */ 3458 if ((wh->i_fc[0] & 3459 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3460 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3461 wflags |= RT2860_TX_TS; 3462 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3463 xflags |= RT2860_TX_ACK; 3464 3465 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3466 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3467 USETW(wh->i_dur, dur); 3468 } 3469 3470 if (sc->sc_epq[0].tx_nfree == 0) { 3471 /* let caller free mbuf */ 3472 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3473 return (EIO); 3474 } 3475 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3476 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3477 sc->sc_epq[0].tx_nfree--; 3478 3479 txd = (struct rt2870_txd *)&data->desc; 3480 txd->flags = RT2860_TX_QSEL_EDCA; 3481 txwi = (struct rt2860_txwi *)(txd + 1); 3482 txwi->wcid = 0xff; 3483 txwi->flags = wflags; 3484 txwi->xflags = xflags; 3485 txwi->txop = 0; /* clear leftover garbage bits */ 3486 3487 data->m = m; 3488 data->ni = ni; 3489 data->ridx = ridx; 3490 3491 run_set_tx_desc(sc, data); 3492 3493 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3494 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3495 rt2860_rates[ridx].rate); 3496 3497 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3498 3499 usbd_transfer_start(sc->sc_xfer[0]); 3500 3501 return (0); 3502} 3503 3504static int 3505run_sendprot(struct run_softc *sc, 3506 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3507{ 3508 struct ieee80211com *ic = ni->ni_ic; 3509 struct ieee80211_frame *wh; 3510 struct run_tx_data *data; 3511 struct rt2870_txd *txd; 3512 struct rt2860_txwi *txwi; 3513 struct mbuf *mprot; 3514 int ridx; 3515 int protrate; 3516 int ackrate; 3517 int pktlen; 3518 int isshort; 3519 uint16_t dur; 3520 uint8_t type; 3521 uint8_t wflags = 0; 3522 uint8_t xflags = 0; 3523 3524 RUN_LOCK_ASSERT(sc, MA_OWNED); 3525 3526 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3527 ("protection %d", prot)); 3528 3529 wh = mtod(m, struct ieee80211_frame *); 3530 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3531 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3532 3533 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3534 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3535 3536 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3537 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3538 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3539 wflags = RT2860_TX_FRAG; 3540 3541 /* check that there are free slots before allocating the mbuf */ 3542 if (sc->sc_epq[0].tx_nfree == 0) { 3543 /* let caller free mbuf */ 3544 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3545 return (ENOBUFS); 3546 } 3547 3548 if (prot == IEEE80211_PROT_RTSCTS) { 3549 /* NB: CTS is the same size as an ACK */ 3550 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3551 xflags |= RT2860_TX_ACK; 3552 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3553 } else { 3554 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3555 } 3556 if (mprot == NULL) { 3557 sc->sc_ifp->if_oerrors++; 3558 DPRINTF("could not allocate mbuf\n"); 3559 return (ENOBUFS); 3560 } 3561 3562 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3563 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3564 sc->sc_epq[0].tx_nfree--; 3565 3566 txd = (struct rt2870_txd *)&data->desc; 3567 txd->flags = RT2860_TX_QSEL_EDCA; 3568 txwi = (struct rt2860_txwi *)(txd + 1); 3569 txwi->wcid = 0xff; 3570 txwi->flags = wflags; 3571 txwi->xflags = xflags; 3572 txwi->txop = 0; /* clear leftover garbage bits */ 3573 3574 data->m = mprot; 3575 data->ni = ieee80211_ref_node(ni); 3576 3577 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3578 if (rt2860_rates[ridx].rate == protrate) 3579 break; 3580 data->ridx = ridx; 3581 3582 run_set_tx_desc(sc, data); 3583 3584 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3585 m->m_pkthdr.len, rate); 3586 3587 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3588 3589 usbd_transfer_start(sc->sc_xfer[0]); 3590 3591 return (0); 3592} 3593 3594static int 3595run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3596 const struct ieee80211_bpf_params *params) 3597{ 3598 struct ieee80211com *ic = ni->ni_ic; 3599 struct ieee80211_frame *wh; 3600 struct run_tx_data *data; 3601 struct rt2870_txd *txd; 3602 struct rt2860_txwi *txwi; 3603 uint8_t type; 3604 uint8_t ridx; 3605 uint8_t rate; 3606 uint8_t opflags = 0; 3607 uint8_t xflags = 0; 3608 int error; 3609 3610 RUN_LOCK_ASSERT(sc, MA_OWNED); 3611 3612 KASSERT(params != NULL, ("no raw xmit params")); 3613 3614 wh = mtod(m, struct ieee80211_frame *); 3615 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3616 3617 rate = params->ibp_rate0; 3618 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3619 /* let caller free mbuf */ 3620 return (EINVAL); 3621 } 3622 3623 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3624 xflags |= RT2860_TX_ACK; 3625 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3626 error = run_sendprot(sc, m, ni, 3627 params->ibp_flags & IEEE80211_BPF_RTS ? 3628 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3629 rate); 3630 if (error) { 3631 /* let caller free mbuf */ 3632 return error; 3633 } 3634 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3635 } 3636 3637 if (sc->sc_epq[0].tx_nfree == 0) { 3638 /* let caller free mbuf */ 3639 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3640 DPRINTF("sending raw frame, but tx ring is full\n"); 3641 return (EIO); 3642 } 3643 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3644 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3645 sc->sc_epq[0].tx_nfree--; 3646 3647 txd = (struct rt2870_txd *)&data->desc; 3648 txd->flags = RT2860_TX_QSEL_EDCA; 3649 txwi = (struct rt2860_txwi *)(txd + 1); 3650 txwi->wcid = 0xff; 3651 txwi->xflags = xflags; 3652 txwi->txop = opflags; 3653 txwi->flags = 0; /* clear leftover garbage bits */ 3654 3655 data->m = m; 3656 data->ni = ni; 3657 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3658 if (rt2860_rates[ridx].rate == rate) 3659 break; 3660 data->ridx = ridx; 3661 3662 run_set_tx_desc(sc, data); 3663 3664 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3665 m->m_pkthdr.len, rate); 3666 3667 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3668 3669 usbd_transfer_start(sc->sc_xfer[0]); 3670 3671 return (0); 3672} 3673 3674static int 3675run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3676 const struct ieee80211_bpf_params *params) 3677{ 3678 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3679 struct run_softc *sc = ifp->if_softc; 3680 int error = 0; 3681 3682 RUN_LOCK(sc); 3683 3684 /* prevent management frames from being sent if we're not ready */ 3685 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3686 error = ENETDOWN; 3687 goto done; 3688 } 3689 3690 if (params == NULL) { 3691 /* tx mgt packet */ 3692 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3693 ifp->if_oerrors++; 3694 DPRINTF("mgt tx failed\n"); 3695 goto done; 3696 } 3697 } else { 3698 /* tx raw packet with param */ 3699 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3700 ifp->if_oerrors++; 3701 DPRINTF("tx with param failed\n"); 3702 goto done; 3703 } 3704 } 3705 3706 ifp->if_opackets++; 3707 3708done: 3709 RUN_UNLOCK(sc); 3710 3711 if (error != 0) { 3712 if(m != NULL) 3713 m_freem(m); 3714 ieee80211_free_node(ni); 3715 } 3716 3717 return (error); 3718} 3719 3720static void 3721run_start(struct ifnet *ifp) 3722{ 3723 struct run_softc *sc = ifp->if_softc; 3724 struct ieee80211_node *ni; 3725 struct mbuf *m; 3726 3727 RUN_LOCK(sc); 3728 3729 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 3730 RUN_UNLOCK(sc); 3731 return; 3732 } 3733 3734 for (;;) { 3735 /* send data frames */ 3736 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 3737 if (m == NULL) 3738 break; 3739 3740 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3741 if (run_tx(sc, m, ni) != 0) { 3742 IFQ_DRV_PREPEND(&ifp->if_snd, m); 3743 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3744 break; 3745 } 3746 } 3747 3748 RUN_UNLOCK(sc); 3749} 3750 3751static int 3752run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3753{ 3754 struct run_softc *sc = ifp->if_softc; 3755 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3756 struct ifreq *ifr = (struct ifreq *) data; 3757 int startall = 0; 3758 int error; 3759 3760 RUN_LOCK(sc); 3761 error = sc->sc_detached ? ENXIO : 0; 3762 RUN_UNLOCK(sc); 3763 if (error) 3764 return (error); 3765 3766 switch (cmd) { 3767 case SIOCSIFFLAGS: 3768 RUN_LOCK(sc); 3769 if (ifp->if_flags & IFF_UP) { 3770 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){ 3771 startall = 1; 3772 run_init_locked(sc); 3773 } else 3774 run_update_promisc_locked(ifp); 3775 } else { 3776 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 3777 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3778 run_stop(sc); 3779 } 3780 } 3781 RUN_UNLOCK(sc); 3782 if (startall) 3783 ieee80211_start_all(ic); 3784 break; 3785 case SIOCGIFMEDIA: 3786 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3787 break; 3788 case SIOCGIFADDR: 3789 error = ether_ioctl(ifp, cmd, data); 3790 break; 3791 default: 3792 error = EINVAL; 3793 break; 3794 } 3795 3796 return (error); 3797} 3798 3799static void 3800run_iq_calib(struct run_softc *sc, u_int chan) 3801{ 3802 uint16_t val; 3803 3804 /* Tx0 IQ gain. */ 3805 run_bbp_write(sc, 158, 0x2c); 3806 if (chan <= 14) 3807 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3808 else if (chan <= 64) { 3809 run_efuse_read(sc, 3810 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3811 &val, 1); 3812 } else if (chan <= 138) { 3813 run_efuse_read(sc, 3814 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3815 &val, 1); 3816 } else if (chan <= 165) { 3817 run_efuse_read(sc, 3818 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3819 &val, 1); 3820 } else 3821 val = 0; 3822 run_bbp_write(sc, 159, val); 3823 3824 /* Tx0 IQ phase. */ 3825 run_bbp_write(sc, 158, 0x2d); 3826 if (chan <= 14) { 3827 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3828 &val, 1); 3829 } else if (chan <= 64) { 3830 run_efuse_read(sc, 3831 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3832 &val, 1); 3833 } else if (chan <= 138) { 3834 run_efuse_read(sc, 3835 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3836 &val, 1); 3837 } else if (chan <= 165) { 3838 run_efuse_read(sc, 3839 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3840 &val, 1); 3841 } else 3842 val = 0; 3843 run_bbp_write(sc, 159, val); 3844 3845 /* Tx1 IQ gain. */ 3846 run_bbp_write(sc, 158, 0x4a); 3847 if (chan <= 14) { 3848 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3849 &val, 1); 3850 } else if (chan <= 64) { 3851 run_efuse_read(sc, 3852 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3853 &val, 1); 3854 } else if (chan <= 138) { 3855 run_efuse_read(sc, 3856 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3857 &val, 1); 3858 } else if (chan <= 165) { 3859 run_efuse_read(sc, 3860 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3861 &val, 1); 3862 } else 3863 val = 0; 3864 run_bbp_write(sc, 159, val); 3865 3866 /* Tx1 IQ phase. */ 3867 run_bbp_write(sc, 158, 0x4b); 3868 if (chan <= 14) { 3869 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3870 &val, 1); 3871 } else if (chan <= 64) { 3872 run_efuse_read(sc, 3873 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3874 &val, 1); 3875 } else if (chan <= 138) { 3876 run_efuse_read(sc, 3877 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3878 &val, 1); 3879 } else if (chan <= 165) { 3880 run_efuse_read(sc, 3881 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3882 &val, 1); 3883 } else 3884 val = 0; 3885 run_bbp_write(sc, 159, val); 3886 3887 /* RF IQ compensation control. */ 3888 run_bbp_write(sc, 158, 0x04); 3889 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3890 &val, 1); 3891 run_bbp_write(sc, 159, val); 3892 3893 /* RF IQ imbalance compensation control. */ 3894 run_bbp_write(sc, 158, 0x03); 3895 run_efuse_read(sc, 3896 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3897 run_bbp_write(sc, 159, val); 3898} 3899 3900static void 3901run_set_agc(struct run_softc *sc, uint8_t agc) 3902{ 3903 uint8_t bbp; 3904 3905 if (sc->mac_ver == 0x3572) { 3906 run_bbp_read(sc, 27, &bbp); 3907 bbp &= ~(0x3 << 5); 3908 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3909 run_bbp_write(sc, 66, agc); 3910 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3911 run_bbp_write(sc, 66, agc); 3912 } else 3913 run_bbp_write(sc, 66, agc); 3914} 3915 3916static void 3917run_select_chan_group(struct run_softc *sc, int group) 3918{ 3919 uint32_t tmp; 3920 uint8_t agc; 3921 3922 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3923 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3924 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3925 if (sc->mac_ver < 0x3572) 3926 run_bbp_write(sc, 86, 0x00); 3927 3928 if (sc->mac_ver == 0x3593) { 3929 run_bbp_write(sc, 77, 0x98); 3930 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3931 } 3932 3933 if (group == 0) { 3934 if (sc->ext_2ghz_lna) { 3935 if (sc->mac_ver >= 0x5390) 3936 run_bbp_write(sc, 75, 0x52); 3937 else { 3938 run_bbp_write(sc, 82, 0x62); 3939 run_bbp_write(sc, 75, 0x46); 3940 } 3941 } else { 3942 if (sc->mac_ver == 0x5592) { 3943 run_bbp_write(sc, 79, 0x1c); 3944 run_bbp_write(sc, 80, 0x0e); 3945 run_bbp_write(sc, 81, 0x3a); 3946 run_bbp_write(sc, 82, 0x62); 3947 3948 run_bbp_write(sc, 195, 0x80); 3949 run_bbp_write(sc, 196, 0xe0); 3950 run_bbp_write(sc, 195, 0x81); 3951 run_bbp_write(sc, 196, 0x1f); 3952 run_bbp_write(sc, 195, 0x82); 3953 run_bbp_write(sc, 196, 0x38); 3954 run_bbp_write(sc, 195, 0x83); 3955 run_bbp_write(sc, 196, 0x32); 3956 run_bbp_write(sc, 195, 0x85); 3957 run_bbp_write(sc, 196, 0x28); 3958 run_bbp_write(sc, 195, 0x86); 3959 run_bbp_write(sc, 196, 0x19); 3960 } else if (sc->mac_ver >= 0x5390) 3961 run_bbp_write(sc, 75, 0x50); 3962 else { 3963 run_bbp_write(sc, 82, 3964 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3965 run_bbp_write(sc, 75, 0x50); 3966 } 3967 } 3968 } else { 3969 if (sc->mac_ver == 0x5592) { 3970 run_bbp_write(sc, 79, 0x18); 3971 run_bbp_write(sc, 80, 0x08); 3972 run_bbp_write(sc, 81, 0x38); 3973 run_bbp_write(sc, 82, 0x92); 3974 3975 run_bbp_write(sc, 195, 0x80); 3976 run_bbp_write(sc, 196, 0xf0); 3977 run_bbp_write(sc, 195, 0x81); 3978 run_bbp_write(sc, 196, 0x1e); 3979 run_bbp_write(sc, 195, 0x82); 3980 run_bbp_write(sc, 196, 0x28); 3981 run_bbp_write(sc, 195, 0x83); 3982 run_bbp_write(sc, 196, 0x20); 3983 run_bbp_write(sc, 195, 0x85); 3984 run_bbp_write(sc, 196, 0x7f); 3985 run_bbp_write(sc, 195, 0x86); 3986 run_bbp_write(sc, 196, 0x7f); 3987 } else if (sc->mac_ver == 0x3572) 3988 run_bbp_write(sc, 82, 0x94); 3989 else 3990 run_bbp_write(sc, 82, 3991 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 3992 if (sc->ext_5ghz_lna) 3993 run_bbp_write(sc, 75, 0x46); 3994 else 3995 run_bbp_write(sc, 75, 0x50); 3996 } 3997 3998 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 3999 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4000 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4001 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4002 4003 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4004 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4005 if (sc->mac_ver == 0x3593) 4006 tmp |= 1 << 29 | 1 << 28; 4007 if (sc->nrxchains > 1) 4008 tmp |= RT2860_LNA_PE1_EN; 4009 if (group == 0) { /* 2GHz */ 4010 tmp |= RT2860_PA_PE_G0_EN; 4011 if (sc->ntxchains > 1) 4012 tmp |= RT2860_PA_PE_G1_EN; 4013 if (sc->mac_ver == 0x3593) { 4014 if (sc->ntxchains > 2) 4015 tmp |= 1 << 25; 4016 } 4017 } else { /* 5GHz */ 4018 tmp |= RT2860_PA_PE_A0_EN; 4019 if (sc->ntxchains > 1) 4020 tmp |= RT2860_PA_PE_A1_EN; 4021 } 4022 if (sc->mac_ver == 0x3572) { 4023 run_rt3070_rf_write(sc, 8, 0x00); 4024 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4025 run_rt3070_rf_write(sc, 8, 0x80); 4026 } else 4027 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4028 4029 if (sc->mac_ver == 0x5592) { 4030 run_bbp_write(sc, 195, 0x8d); 4031 run_bbp_write(sc, 196, 0x1a); 4032 } 4033 4034 if (sc->mac_ver == 0x3593) { 4035 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4036 tmp &= ~0x01010000; 4037 if (group == 0) 4038 tmp |= 0x00010000; 4039 tmp = (tmp & ~0x00009090) | 0x00000090; 4040 run_write(sc, RT2860_GPIO_CTRL, tmp); 4041 } 4042 4043 /* set initial AGC value */ 4044 if (group == 0) { /* 2GHz band */ 4045 if (sc->mac_ver >= 0x3070) 4046 agc = 0x1c + sc->lna[0] * 2; 4047 else 4048 agc = 0x2e + sc->lna[0]; 4049 } else { /* 5GHz band */ 4050 if (sc->mac_ver == 0x5592) 4051 agc = 0x24 + sc->lna[group] * 2; 4052 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4053 agc = 0x22 + (sc->lna[group] * 5) / 3; 4054 else 4055 agc = 0x32 + (sc->lna[group] * 5) / 3; 4056 } 4057 run_set_agc(sc, agc); 4058} 4059 4060static void 4061run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4062{ 4063 const struct rfprog *rfprog = rt2860_rf2850; 4064 uint32_t r2, r3, r4; 4065 int8_t txpow1, txpow2; 4066 int i; 4067 4068 /* find the settings for this channel (we know it exists) */ 4069 for (i = 0; rfprog[i].chan != chan; i++); 4070 4071 r2 = rfprog[i].r2; 4072 if (sc->ntxchains == 1) 4073 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4074 if (sc->nrxchains == 1) 4075 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4076 else if (sc->nrxchains == 2) 4077 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4078 4079 /* use Tx power values from EEPROM */ 4080 txpow1 = sc->txpow1[i]; 4081 txpow2 = sc->txpow2[i]; 4082 4083 /* Initialize RF R3 and R4. */ 4084 r3 = rfprog[i].r3 & 0xffffc1ff; 4085 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4086 if (chan > 14) { 4087 if (txpow1 >= 0) { 4088 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4089 r3 |= (txpow1 << 10) | (1 << 9); 4090 } else { 4091 txpow1 += 7; 4092 4093 /* txpow1 is not possible larger than 15. */ 4094 r3 |= (txpow1 << 10); 4095 } 4096 if (txpow2 >= 0) { 4097 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4098 r4 |= (txpow2 << 7) | (1 << 6); 4099 } else { 4100 txpow2 += 7; 4101 r4 |= (txpow2 << 7); 4102 } 4103 } else { 4104 /* Set Tx0 power. */ 4105 r3 |= (txpow1 << 9); 4106 4107 /* Set frequency offset and Tx1 power. */ 4108 r4 |= (txpow2 << 6); 4109 } 4110 4111 run_rt2870_rf_write(sc, rfprog[i].r1); 4112 run_rt2870_rf_write(sc, r2); 4113 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4114 run_rt2870_rf_write(sc, r4); 4115 4116 run_delay(sc, 10); 4117 4118 run_rt2870_rf_write(sc, rfprog[i].r1); 4119 run_rt2870_rf_write(sc, r2); 4120 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4121 run_rt2870_rf_write(sc, r4); 4122 4123 run_delay(sc, 10); 4124 4125 run_rt2870_rf_write(sc, rfprog[i].r1); 4126 run_rt2870_rf_write(sc, r2); 4127 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4128 run_rt2870_rf_write(sc, r4); 4129} 4130 4131static void 4132run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4133{ 4134 int8_t txpow1, txpow2; 4135 uint8_t rf; 4136 int i; 4137 4138 /* find the settings for this channel (we know it exists) */ 4139 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4140 4141 /* use Tx power values from EEPROM */ 4142 txpow1 = sc->txpow1[i]; 4143 txpow2 = sc->txpow2[i]; 4144 4145 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4146 4147 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4148 run_rt3070_rf_read(sc, 3, &rf); 4149 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4150 run_rt3070_rf_write(sc, 3, rf); 4151 4152 run_rt3070_rf_read(sc, 6, &rf); 4153 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4154 run_rt3070_rf_write(sc, 6, rf); 4155 4156 /* set Tx0 power */ 4157 run_rt3070_rf_read(sc, 12, &rf); 4158 rf = (rf & ~0x1f) | txpow1; 4159 run_rt3070_rf_write(sc, 12, rf); 4160 4161 /* set Tx1 power */ 4162 run_rt3070_rf_read(sc, 13, &rf); 4163 rf = (rf & ~0x1f) | txpow2; 4164 run_rt3070_rf_write(sc, 13, rf); 4165 4166 run_rt3070_rf_read(sc, 1, &rf); 4167 rf &= ~0xfc; 4168 if (sc->ntxchains == 1) 4169 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4170 else if (sc->ntxchains == 2) 4171 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4172 if (sc->nrxchains == 1) 4173 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4174 else if (sc->nrxchains == 2) 4175 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4176 run_rt3070_rf_write(sc, 1, rf); 4177 4178 /* set RF offset */ 4179 run_rt3070_rf_read(sc, 23, &rf); 4180 rf = (rf & ~0x7f) | sc->freq; 4181 run_rt3070_rf_write(sc, 23, rf); 4182 4183 /* program RF filter */ 4184 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4185 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4186 run_rt3070_rf_write(sc, 24, rf); 4187 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4188 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4189 run_rt3070_rf_write(sc, 31, rf); 4190 4191 /* enable RF tuning */ 4192 run_rt3070_rf_read(sc, 7, &rf); 4193 run_rt3070_rf_write(sc, 7, rf | 0x01); 4194} 4195 4196static void 4197run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4198{ 4199 int8_t txpow1, txpow2; 4200 uint32_t tmp; 4201 uint8_t rf; 4202 int i; 4203 4204 /* find the settings for this channel (we know it exists) */ 4205 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4206 4207 /* use Tx power values from EEPROM */ 4208 txpow1 = sc->txpow1[i]; 4209 txpow2 = sc->txpow2[i]; 4210 4211 if (chan <= 14) { 4212 run_bbp_write(sc, 25, sc->bbp25); 4213 run_bbp_write(sc, 26, sc->bbp26); 4214 } else { 4215 /* enable IQ phase correction */ 4216 run_bbp_write(sc, 25, 0x09); 4217 run_bbp_write(sc, 26, 0xff); 4218 } 4219 4220 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4221 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4222 run_rt3070_rf_read(sc, 6, &rf); 4223 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4224 rf |= (chan <= 14) ? 0x08 : 0x04; 4225 run_rt3070_rf_write(sc, 6, rf); 4226 4227 /* set PLL mode */ 4228 run_rt3070_rf_read(sc, 5, &rf); 4229 rf &= ~(0x08 | 0x04); 4230 rf |= (chan <= 14) ? 0x04 : 0x08; 4231 run_rt3070_rf_write(sc, 5, rf); 4232 4233 /* set Tx power for chain 0 */ 4234 if (chan <= 14) 4235 rf = 0x60 | txpow1; 4236 else 4237 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4238 run_rt3070_rf_write(sc, 12, rf); 4239 4240 /* set Tx power for chain 1 */ 4241 if (chan <= 14) 4242 rf = 0x60 | txpow2; 4243 else 4244 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4245 run_rt3070_rf_write(sc, 13, rf); 4246 4247 /* set Tx/Rx streams */ 4248 run_rt3070_rf_read(sc, 1, &rf); 4249 rf &= ~0xfc; 4250 if (sc->ntxchains == 1) 4251 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4252 else if (sc->ntxchains == 2) 4253 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4254 if (sc->nrxchains == 1) 4255 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4256 else if (sc->nrxchains == 2) 4257 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4258 run_rt3070_rf_write(sc, 1, rf); 4259 4260 /* set RF offset */ 4261 run_rt3070_rf_read(sc, 23, &rf); 4262 rf = (rf & ~0x7f) | sc->freq; 4263 run_rt3070_rf_write(sc, 23, rf); 4264 4265 /* program RF filter */ 4266 rf = sc->rf24_20mhz; 4267 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4268 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4269 4270 /* enable RF tuning */ 4271 run_rt3070_rf_read(sc, 7, &rf); 4272 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4273 run_rt3070_rf_write(sc, 7, rf); 4274 4275 /* TSSI */ 4276 rf = (chan <= 14) ? 0xc3 : 0xc0; 4277 run_rt3070_rf_write(sc, 9, rf); 4278 4279 /* set loop filter 1 */ 4280 run_rt3070_rf_write(sc, 10, 0xf1); 4281 /* set loop filter 2 */ 4282 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4283 4284 /* set tx_mx2_ic */ 4285 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4286 /* set tx_mx1_ic */ 4287 if (chan <= 14) 4288 rf = 0x48 | sc->txmixgain_2ghz; 4289 else 4290 rf = 0x78 | sc->txmixgain_5ghz; 4291 run_rt3070_rf_write(sc, 16, rf); 4292 4293 /* set tx_lo1 */ 4294 run_rt3070_rf_write(sc, 17, 0x23); 4295 /* set tx_lo2 */ 4296 if (chan <= 14) 4297 rf = 0x93; 4298 else if (chan <= 64) 4299 rf = 0xb7; 4300 else if (chan <= 128) 4301 rf = 0x74; 4302 else 4303 rf = 0x72; 4304 run_rt3070_rf_write(sc, 19, rf); 4305 4306 /* set rx_lo1 */ 4307 if (chan <= 14) 4308 rf = 0xb3; 4309 else if (chan <= 64) 4310 rf = 0xf6; 4311 else if (chan <= 128) 4312 rf = 0xf4; 4313 else 4314 rf = 0xf3; 4315 run_rt3070_rf_write(sc, 20, rf); 4316 4317 /* set pfd_delay */ 4318 if (chan <= 14) 4319 rf = 0x15; 4320 else if (chan <= 64) 4321 rf = 0x3d; 4322 else 4323 rf = 0x01; 4324 run_rt3070_rf_write(sc, 25, rf); 4325 4326 /* set rx_lo2 */ 4327 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4328 /* set ldo_rf_vc */ 4329 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4330 /* set drv_cc */ 4331 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4332 4333 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4334 tmp &= ~0x8080; 4335 if (chan <= 14) 4336 tmp |= 0x80; 4337 run_write(sc, RT2860_GPIO_CTRL, tmp); 4338 4339 /* enable RF tuning */ 4340 run_rt3070_rf_read(sc, 7, &rf); 4341 run_rt3070_rf_write(sc, 7, rf | 0x01); 4342 4343 run_delay(sc, 2); 4344} 4345 4346static void 4347run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4348{ 4349 int8_t txpow1, txpow2, txpow3; 4350 uint8_t h20mhz, rf; 4351 int i; 4352 4353 /* find the settings for this channel (we know it exists) */ 4354 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4355 4356 /* use Tx power values from EEPROM */ 4357 txpow1 = sc->txpow1[i]; 4358 txpow2 = sc->txpow2[i]; 4359 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4360 4361 if (chan <= 14) { 4362 run_bbp_write(sc, 25, sc->bbp25); 4363 run_bbp_write(sc, 26, sc->bbp26); 4364 } else { 4365 /* Enable IQ phase correction. */ 4366 run_bbp_write(sc, 25, 0x09); 4367 run_bbp_write(sc, 26, 0xff); 4368 } 4369 4370 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4371 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4372 run_rt3070_rf_read(sc, 11, &rf); 4373 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4374 run_rt3070_rf_write(sc, 11, rf); 4375 4376 /* Set pll_idoh. */ 4377 run_rt3070_rf_read(sc, 11, &rf); 4378 rf &= ~0x4c; 4379 rf |= (chan <= 14) ? 0x44 : 0x48; 4380 run_rt3070_rf_write(sc, 11, rf); 4381 4382 if (chan <= 14) 4383 rf = txpow1 & 0x1f; 4384 else 4385 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4386 run_rt3070_rf_write(sc, 53, rf); 4387 4388 if (chan <= 14) 4389 rf = txpow2 & 0x1f; 4390 else 4391 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4392 run_rt3070_rf_write(sc, 55, rf); 4393 4394 if (chan <= 14) 4395 rf = txpow3 & 0x1f; 4396 else 4397 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4398 run_rt3070_rf_write(sc, 54, rf); 4399 4400 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4401 if (sc->ntxchains == 3) 4402 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4403 else 4404 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4405 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4406 run_rt3070_rf_write(sc, 1, rf); 4407 4408 run_adjust_freq_offset(sc); 4409 4410 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4411 4412 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4413 run_rt3070_rf_read(sc, 30, &rf); 4414 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4415 run_rt3070_rf_write(sc, 30, rf); 4416 4417 run_rt3070_rf_read(sc, 36, &rf); 4418 if (chan <= 14) 4419 rf |= 0x80; 4420 else 4421 rf &= ~0x80; 4422 run_rt3070_rf_write(sc, 36, rf); 4423 4424 /* Set vcolo_bs. */ 4425 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4426 /* Set pfd_delay. */ 4427 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4428 4429 /* Set vco bias current control. */ 4430 run_rt3070_rf_read(sc, 6, &rf); 4431 rf &= ~0xc0; 4432 if (chan <= 14) 4433 rf |= 0x40; 4434 else if (chan <= 128) 4435 rf |= 0x80; 4436 else 4437 rf |= 0x40; 4438 run_rt3070_rf_write(sc, 6, rf); 4439 4440 run_rt3070_rf_read(sc, 30, &rf); 4441 rf = (rf & ~0x18) | 0x10; 4442 run_rt3070_rf_write(sc, 30, rf); 4443 4444 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4445 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4446 4447 run_rt3070_rf_read(sc, 51, &rf); 4448 rf = (rf & ~0x03) | 0x01; 4449 run_rt3070_rf_write(sc, 51, rf); 4450 /* Set tx_mx1_cc. */ 4451 run_rt3070_rf_read(sc, 51, &rf); 4452 rf &= ~0x1c; 4453 rf |= (chan <= 14) ? 0x14 : 0x10; 4454 run_rt3070_rf_write(sc, 51, rf); 4455 /* Set tx_mx1_ic. */ 4456 run_rt3070_rf_read(sc, 51, &rf); 4457 rf &= ~0xe0; 4458 rf |= (chan <= 14) ? 0x60 : 0x40; 4459 run_rt3070_rf_write(sc, 51, rf); 4460 /* Set tx_lo1_ic. */ 4461 run_rt3070_rf_read(sc, 49, &rf); 4462 rf &= ~0x1c; 4463 rf |= (chan <= 14) ? 0x0c : 0x08; 4464 run_rt3070_rf_write(sc, 49, rf); 4465 /* Set tx_lo1_en. */ 4466 run_rt3070_rf_read(sc, 50, &rf); 4467 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4468 /* Set drv_cc. */ 4469 run_rt3070_rf_read(sc, 57, &rf); 4470 rf &= ~0xfc; 4471 rf |= (chan <= 14) ? 0x6c : 0x3c; 4472 run_rt3070_rf_write(sc, 57, rf); 4473 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4474 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4475 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4476 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4477 /* Enable VCO calibration. */ 4478 run_rt3070_rf_read(sc, 3, &rf); 4479 rf &= ~RT5390_VCOCAL; 4480 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4481 run_rt3070_rf_write(sc, 3, rf); 4482 4483 if (chan <= 14) 4484 rf = 0x23; 4485 else if (chan <= 64) 4486 rf = 0x36; 4487 else if (chan <= 128) 4488 rf = 0x32; 4489 else 4490 rf = 0x30; 4491 run_rt3070_rf_write(sc, 39, rf); 4492 if (chan <= 14) 4493 rf = 0xbb; 4494 else if (chan <= 64) 4495 rf = 0xeb; 4496 else if (chan <= 128) 4497 rf = 0xb3; 4498 else 4499 rf = 0x9b; 4500 run_rt3070_rf_write(sc, 45, rf); 4501 4502 /* Set FEQ/AEQ control. */ 4503 run_bbp_write(sc, 105, 0x34); 4504} 4505 4506static void 4507run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4508{ 4509 int8_t txpow1, txpow2; 4510 uint8_t rf; 4511 int i; 4512 4513 /* find the settings for this channel (we know it exists) */ 4514 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4515 4516 /* use Tx power values from EEPROM */ 4517 txpow1 = sc->txpow1[i]; 4518 txpow2 = sc->txpow2[i]; 4519 4520 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4521 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4522 run_rt3070_rf_read(sc, 11, &rf); 4523 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4524 run_rt3070_rf_write(sc, 11, rf); 4525 4526 run_rt3070_rf_read(sc, 49, &rf); 4527 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4528 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4529 if ((rf & 0x3f) > 0x27) 4530 rf = (rf & ~0x3f) | 0x27; 4531 run_rt3070_rf_write(sc, 49, rf); 4532 4533 if (sc->mac_ver == 0x5392) { 4534 run_rt3070_rf_read(sc, 50, &rf); 4535 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4536 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4537 if ((rf & 0x3f) > 0x27) 4538 rf = (rf & ~0x3f) | 0x27; 4539 run_rt3070_rf_write(sc, 50, rf); 4540 } 4541 4542 run_rt3070_rf_read(sc, 1, &rf); 4543 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4544 if (sc->mac_ver == 0x5392) 4545 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4546 run_rt3070_rf_write(sc, 1, rf); 4547 4548 if (sc->mac_ver != 0x5392) { 4549 run_rt3070_rf_read(sc, 2, &rf); 4550 rf |= 0x80; 4551 run_rt3070_rf_write(sc, 2, rf); 4552 run_delay(sc, 10); 4553 rf &= 0x7f; 4554 run_rt3070_rf_write(sc, 2, rf); 4555 } 4556 4557 run_adjust_freq_offset(sc); 4558 4559 if (sc->mac_ver == 0x5392) { 4560 /* Fix for RT5392C. */ 4561 if (sc->mac_rev >= 0x0223) { 4562 if (chan <= 4) 4563 rf = 0x0f; 4564 else if (chan >= 5 && chan <= 7) 4565 rf = 0x0e; 4566 else 4567 rf = 0x0d; 4568 run_rt3070_rf_write(sc, 23, rf); 4569 4570 if (chan <= 4) 4571 rf = 0x0c; 4572 else if (chan == 5) 4573 rf = 0x0b; 4574 else if (chan >= 6 && chan <= 7) 4575 rf = 0x0a; 4576 else if (chan >= 8 && chan <= 10) 4577 rf = 0x09; 4578 else 4579 rf = 0x08; 4580 run_rt3070_rf_write(sc, 59, rf); 4581 } else { 4582 if (chan <= 11) 4583 rf = 0x0f; 4584 else 4585 rf = 0x0b; 4586 run_rt3070_rf_write(sc, 59, rf); 4587 } 4588 } else { 4589 /* Fix for RT5390F. */ 4590 if (sc->mac_rev >= 0x0502) { 4591 if (chan <= 11) 4592 rf = 0x43; 4593 else 4594 rf = 0x23; 4595 run_rt3070_rf_write(sc, 55, rf); 4596 4597 if (chan <= 11) 4598 rf = 0x0f; 4599 else if (chan == 12) 4600 rf = 0x0d; 4601 else 4602 rf = 0x0b; 4603 run_rt3070_rf_write(sc, 59, rf); 4604 } else { 4605 run_rt3070_rf_write(sc, 55, 0x44); 4606 run_rt3070_rf_write(sc, 59, 0x8f); 4607 } 4608 } 4609 4610 /* Enable VCO calibration. */ 4611 run_rt3070_rf_read(sc, 3, &rf); 4612 rf |= RT5390_VCOCAL; 4613 run_rt3070_rf_write(sc, 3, rf); 4614} 4615 4616static void 4617run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4618{ 4619 const struct rt5592_freqs *freqs; 4620 uint32_t tmp; 4621 uint8_t reg, rf, txpow_bound; 4622 int8_t txpow1, txpow2; 4623 int i; 4624 4625 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4626 freqs = (tmp & RT5592_SEL_XTAL) ? 4627 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4628 4629 /* find the settings for this channel (we know it exists) */ 4630 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4631 4632 /* use Tx power values from EEPROM */ 4633 txpow1 = sc->txpow1[i]; 4634 txpow2 = sc->txpow2[i]; 4635 4636 run_read(sc, RT3070_LDO_CFG0, &tmp); 4637 tmp &= ~0x1c000000; 4638 if (chan > 14) 4639 tmp |= 0x14000000; 4640 run_write(sc, RT3070_LDO_CFG0, tmp); 4641 4642 /* N setting. */ 4643 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4644 run_rt3070_rf_read(sc, 9, &rf); 4645 rf &= ~(1 << 4); 4646 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4647 run_rt3070_rf_write(sc, 9, rf); 4648 4649 /* K setting. */ 4650 run_rt3070_rf_read(sc, 9, &rf); 4651 rf &= ~0x0f; 4652 rf |= (freqs->k & 0x0f); 4653 run_rt3070_rf_write(sc, 9, rf); 4654 4655 /* Mode setting. */ 4656 run_rt3070_rf_read(sc, 11, &rf); 4657 rf &= ~0x0c; 4658 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4659 run_rt3070_rf_write(sc, 11, rf); 4660 run_rt3070_rf_read(sc, 9, &rf); 4661 rf &= ~(1 << 7); 4662 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4663 run_rt3070_rf_write(sc, 9, rf); 4664 4665 /* R setting. */ 4666 run_rt3070_rf_read(sc, 11, &rf); 4667 rf &= ~0x03; 4668 rf |= (freqs->r - 0x1); 4669 run_rt3070_rf_write(sc, 11, rf); 4670 4671 if (chan <= 14) { 4672 /* Initialize RF registers for 2GHZ. */ 4673 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 4674 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4675 rt5592_2ghz_def_rf[i].val); 4676 } 4677 4678 rf = (chan <= 10) ? 0x07 : 0x06; 4679 run_rt3070_rf_write(sc, 23, rf); 4680 run_rt3070_rf_write(sc, 59, rf); 4681 4682 run_rt3070_rf_write(sc, 55, 0x43); 4683 4684 /* 4685 * RF R49/R50 Tx power ALC code. 4686 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4687 */ 4688 reg = 2; 4689 txpow_bound = 0x27; 4690 } else { 4691 /* Initialize RF registers for 5GHZ. */ 4692 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 4693 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4694 rt5592_5ghz_def_rf[i].val); 4695 } 4696 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 4697 if (chan >= rt5592_chan_5ghz[i].firstchan && 4698 chan <= rt5592_chan_5ghz[i].lastchan) { 4699 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4700 rt5592_chan_5ghz[i].val); 4701 } 4702 } 4703 4704 /* 4705 * RF R49/R50 Tx power ALC code. 4706 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4707 */ 4708 reg = 3; 4709 txpow_bound = 0x2b; 4710 } 4711 4712 /* RF R49 ch0 Tx power ALC code. */ 4713 run_rt3070_rf_read(sc, 49, &rf); 4714 rf &= ~0xc0; 4715 rf |= (reg << 6); 4716 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4717 if ((rf & 0x3f) > txpow_bound) 4718 rf = (rf & ~0x3f) | txpow_bound; 4719 run_rt3070_rf_write(sc, 49, rf); 4720 4721 /* RF R50 ch1 Tx power ALC code. */ 4722 run_rt3070_rf_read(sc, 50, &rf); 4723 rf &= ~(1 << 7 | 1 << 6); 4724 rf |= (reg << 6); 4725 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4726 if ((rf & 0x3f) > txpow_bound) 4727 rf = (rf & ~0x3f) | txpow_bound; 4728 run_rt3070_rf_write(sc, 50, rf); 4729 4730 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4731 run_rt3070_rf_read(sc, 1, &rf); 4732 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4733 if (sc->ntxchains > 1) 4734 rf |= RT3070_TX1_PD; 4735 if (sc->nrxchains > 1) 4736 rf |= RT3070_RX1_PD; 4737 run_rt3070_rf_write(sc, 1, rf); 4738 4739 run_rt3070_rf_write(sc, 6, 0xe4); 4740 4741 run_rt3070_rf_write(sc, 30, 0x10); 4742 run_rt3070_rf_write(sc, 31, 0x80); 4743 run_rt3070_rf_write(sc, 32, 0x80); 4744 4745 run_adjust_freq_offset(sc); 4746 4747 /* Enable VCO calibration. */ 4748 run_rt3070_rf_read(sc, 3, &rf); 4749 rf |= RT5390_VCOCAL; 4750 run_rt3070_rf_write(sc, 3, rf); 4751} 4752 4753static void 4754run_set_rx_antenna(struct run_softc *sc, int aux) 4755{ 4756 uint32_t tmp; 4757 uint8_t bbp152; 4758 4759 if (aux) { 4760 if (sc->rf_rev == RT5390_RF_5370) { 4761 run_bbp_read(sc, 152, &bbp152); 4762 run_bbp_write(sc, 152, bbp152 & ~0x80); 4763 } else { 4764 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4765 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4766 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4767 } 4768 } else { 4769 if (sc->rf_rev == RT5390_RF_5370) { 4770 run_bbp_read(sc, 152, &bbp152); 4771 run_bbp_write(sc, 152, bbp152 | 0x80); 4772 } else { 4773 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4774 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4775 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4776 } 4777 } 4778} 4779 4780static int 4781run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4782{ 4783 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4784 u_int chan, group; 4785 4786 chan = ieee80211_chan2ieee(ic, c); 4787 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4788 return (EINVAL); 4789 4790 if (sc->mac_ver == 0x5592) 4791 run_rt5592_set_chan(sc, chan); 4792 else if (sc->mac_ver >= 0x5390) 4793 run_rt5390_set_chan(sc, chan); 4794 else if (sc->mac_ver == 0x3593) 4795 run_rt3593_set_chan(sc, chan); 4796 else if (sc->mac_ver == 0x3572) 4797 run_rt3572_set_chan(sc, chan); 4798 else if (sc->mac_ver >= 0x3070) 4799 run_rt3070_set_chan(sc, chan); 4800 else 4801 run_rt2870_set_chan(sc, chan); 4802 4803 /* determine channel group */ 4804 if (chan <= 14) 4805 group = 0; 4806 else if (chan <= 64) 4807 group = 1; 4808 else if (chan <= 128) 4809 group = 2; 4810 else 4811 group = 3; 4812 4813 /* XXX necessary only when group has changed! */ 4814 run_select_chan_group(sc, group); 4815 4816 run_delay(sc, 10); 4817 4818 /* Perform IQ calibration. */ 4819 if (sc->mac_ver >= 0x5392) 4820 run_iq_calib(sc, chan); 4821 4822 return (0); 4823} 4824 4825static void 4826run_set_channel(struct ieee80211com *ic) 4827{ 4828 struct run_softc *sc = ic->ic_ifp->if_softc; 4829 4830 RUN_LOCK(sc); 4831 run_set_chan(sc, ic->ic_curchan); 4832 RUN_UNLOCK(sc); 4833 4834 return; 4835} 4836 4837static void 4838run_scan_start(struct ieee80211com *ic) 4839{ 4840 struct run_softc *sc = ic->ic_ifp->if_softc; 4841 uint32_t tmp; 4842 4843 RUN_LOCK(sc); 4844 4845 /* abort TSF synchronization */ 4846 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4847 run_write(sc, RT2860_BCN_TIME_CFG, 4848 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4849 RT2860_TBTT_TIMER_EN)); 4850 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4851 4852 RUN_UNLOCK(sc); 4853 4854 return; 4855} 4856 4857static void 4858run_scan_end(struct ieee80211com *ic) 4859{ 4860 struct run_softc *sc = ic->ic_ifp->if_softc; 4861 4862 RUN_LOCK(sc); 4863 4864 run_enable_tsf_sync(sc); 4865 /* XXX keep local copy */ 4866 run_set_bssid(sc, sc->sc_bssid); 4867 4868 RUN_UNLOCK(sc); 4869 4870 return; 4871} 4872 4873/* 4874 * Could be called from ieee80211_node_timeout() 4875 * (non-sleepable thread) 4876 */ 4877static void 4878run_update_beacon(struct ieee80211vap *vap, int item) 4879{ 4880 struct ieee80211com *ic = vap->iv_ic; 4881 struct run_softc *sc = ic->ic_ifp->if_softc; 4882 struct run_vap *rvp = RUN_VAP(vap); 4883 int mcast = 0; 4884 uint32_t i; 4885 4886 KASSERT(vap != NULL, ("no beacon")); 4887 4888 switch (item) { 4889 case IEEE80211_BEACON_ERP: 4890 run_updateslot(ic->ic_ifp); 4891 break; 4892 case IEEE80211_BEACON_HTINFO: 4893 run_updateprot(ic); 4894 break; 4895 case IEEE80211_BEACON_TIM: 4896 mcast = 1; /*TODO*/ 4897 break; 4898 default: 4899 break; 4900 } 4901 4902 setbit(rvp->bo.bo_flags, item); 4903 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4904 4905 i = RUN_CMDQ_GET(&sc->cmdq_store); 4906 DPRINTF("cmdq_store=%d\n", i); 4907 sc->cmdq[i].func = run_update_beacon_cb; 4908 sc->cmdq[i].arg0 = vap; 4909 ieee80211_runtask(ic, &sc->cmdq_task); 4910 4911 return; 4912} 4913 4914static void 4915run_update_beacon_cb(void *arg) 4916{ 4917 struct ieee80211vap *vap = arg; 4918 struct run_vap *rvp = RUN_VAP(vap); 4919 struct ieee80211com *ic = vap->iv_ic; 4920 struct run_softc *sc = ic->ic_ifp->if_softc; 4921 struct rt2860_txwi txwi; 4922 struct mbuf *m; 4923 uint16_t txwisize; 4924 uint8_t ridx; 4925 4926 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4927 return; 4928 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4929 return; 4930 4931 /* 4932 * No need to call ieee80211_beacon_update(), run_update_beacon() 4933 * is taking care of apropriate calls. 4934 */ 4935 if (rvp->beacon_mbuf == NULL) { 4936 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4937 &rvp->bo); 4938 if (rvp->beacon_mbuf == NULL) 4939 return; 4940 } 4941 m = rvp->beacon_mbuf; 4942 4943 memset(&txwi, 0, sizeof(txwi)); 4944 txwi.wcid = 0xff; 4945 txwi.len = htole16(m->m_pkthdr.len); 4946 4947 /* send beacons at the lowest available rate */ 4948 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4949 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4950 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4951 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4952 txwi.phy |= htole16(RT2860_PHY_OFDM); 4953 txwi.txop = RT2860_TX_TXOP_HT; 4954 txwi.flags = RT2860_TX_TS; 4955 txwi.xflags = RT2860_TX_NSEQ; 4956 4957 txwisize = (sc->mac_ver == 0x5592) ? 4958 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4959 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4960 txwisize); 4961 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4962 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4963} 4964 4965static void 4966run_updateprot(struct ieee80211com *ic) 4967{ 4968 struct run_softc *sc = ic->ic_ifp->if_softc; 4969 uint32_t i; 4970 4971 i = RUN_CMDQ_GET(&sc->cmdq_store); 4972 DPRINTF("cmdq_store=%d\n", i); 4973 sc->cmdq[i].func = run_updateprot_cb; 4974 sc->cmdq[i].arg0 = ic; 4975 ieee80211_runtask(ic, &sc->cmdq_task); 4976} 4977 4978static void 4979run_updateprot_cb(void *arg) 4980{ 4981 struct ieee80211com *ic = arg; 4982 struct run_softc *sc = ic->ic_ifp->if_softc; 4983 uint32_t tmp; 4984 4985 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 4986 /* setup protection frame rate (MCS code) */ 4987 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 4988 rt2860_rates[RT2860_RIDX_OFDM6].mcs : 4989 rt2860_rates[RT2860_RIDX_CCK11].mcs; 4990 4991 /* CCK frames don't require protection */ 4992 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 4993 if (ic->ic_flags & IEEE80211_F_USEPROT) { 4994 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 4995 tmp |= RT2860_PROT_CTRL_RTS_CTS; 4996 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 4997 tmp |= RT2860_PROT_CTRL_CTS; 4998 } 4999 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5000} 5001 5002static void 5003run_usb_timeout_cb(void *arg) 5004{ 5005 struct ieee80211vap *vap = arg; 5006 struct run_softc *sc = vap->iv_ic->ic_ifp->if_softc; 5007 5008 RUN_LOCK_ASSERT(sc, MA_OWNED); 5009 5010 if(vap->iv_state == IEEE80211_S_RUN && 5011 vap->iv_opmode != IEEE80211_M_STA) 5012 run_reset_livelock(sc); 5013 else if (vap->iv_state == IEEE80211_S_SCAN) { 5014 DPRINTF("timeout caused by scan\n"); 5015 /* cancel bgscan */ 5016 ieee80211_cancel_scan(vap); 5017 } else 5018 DPRINTF("timeout by unknown cause\n"); 5019} 5020 5021static void 5022run_reset_livelock(struct run_softc *sc) 5023{ 5024 uint32_t tmp; 5025 5026 RUN_LOCK_ASSERT(sc, MA_OWNED); 5027 5028 /* 5029 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5030 * can run into a livelock and start sending CTS-to-self frames like 5031 * crazy if protection is enabled. Reset MAC/BBP for a while 5032 */ 5033 run_read(sc, RT2860_DEBUG, &tmp); 5034 DPRINTFN(3, "debug reg %08x\n", tmp); 5035 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5036 DPRINTF("CTS-to-self livelock detected\n"); 5037 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5038 run_delay(sc, 1); 5039 run_write(sc, RT2860_MAC_SYS_CTRL, 5040 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5041 } 5042} 5043 5044static void 5045run_update_promisc_locked(struct ifnet *ifp) 5046{ 5047 struct run_softc *sc = ifp->if_softc; 5048 uint32_t tmp; 5049 5050 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5051 5052 tmp |= RT2860_DROP_UC_NOME; 5053 if (ifp->if_flags & IFF_PROMISC) 5054 tmp &= ~RT2860_DROP_UC_NOME; 5055 5056 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5057 5058 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 5059 "entering" : "leaving"); 5060} 5061 5062static void 5063run_update_promisc(struct ifnet *ifp) 5064{ 5065 struct run_softc *sc = ifp->if_softc; 5066 5067 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 5068 return; 5069 5070 RUN_LOCK(sc); 5071 run_update_promisc_locked(ifp); 5072 RUN_UNLOCK(sc); 5073} 5074 5075static void 5076run_enable_tsf_sync(struct run_softc *sc) 5077{ 5078 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5079 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5080 uint32_t tmp; 5081 5082 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5083 ic->ic_opmode); 5084 5085 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5086 tmp &= ~0x1fffff; 5087 tmp |= vap->iv_bss->ni_intval * 16; 5088 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5089 5090 if (ic->ic_opmode == IEEE80211_M_STA) { 5091 /* 5092 * Local TSF is always updated with remote TSF on beacon 5093 * reception. 5094 */ 5095 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5096 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5097 tmp |= RT2860_BCN_TX_EN; 5098 /* 5099 * Local TSF is updated with remote TSF on beacon reception 5100 * only if the remote TSF is greater than local TSF. 5101 */ 5102 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5103 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5104 ic->ic_opmode == IEEE80211_M_MBSS) { 5105 tmp |= RT2860_BCN_TX_EN; 5106 /* SYNC with nobody */ 5107 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5108 } else { 5109 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5110 return; 5111 } 5112 5113 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5114} 5115 5116static void 5117run_enable_mrr(struct run_softc *sc) 5118{ 5119#define CCK(mcs) (mcs) 5120#define OFDM(mcs) (1 << 3 | (mcs)) 5121 run_write(sc, RT2860_LG_FBK_CFG0, 5122 OFDM(6) << 28 | /* 54->48 */ 5123 OFDM(5) << 24 | /* 48->36 */ 5124 OFDM(4) << 20 | /* 36->24 */ 5125 OFDM(3) << 16 | /* 24->18 */ 5126 OFDM(2) << 12 | /* 18->12 */ 5127 OFDM(1) << 8 | /* 12-> 9 */ 5128 OFDM(0) << 4 | /* 9-> 6 */ 5129 OFDM(0)); /* 6-> 6 */ 5130 5131 run_write(sc, RT2860_LG_FBK_CFG1, 5132 CCK(2) << 12 | /* 11->5.5 */ 5133 CCK(1) << 8 | /* 5.5-> 2 */ 5134 CCK(0) << 4 | /* 2-> 1 */ 5135 CCK(0)); /* 1-> 1 */ 5136#undef OFDM 5137#undef CCK 5138} 5139 5140static void 5141run_set_txpreamble(struct run_softc *sc) 5142{ 5143 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5144 uint32_t tmp; 5145 5146 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5147 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5148 tmp |= RT2860_CCK_SHORT_EN; 5149 else 5150 tmp &= ~RT2860_CCK_SHORT_EN; 5151 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5152} 5153 5154static void 5155run_set_basicrates(struct run_softc *sc) 5156{ 5157 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5158 5159 /* set basic rates mask */ 5160 if (ic->ic_curmode == IEEE80211_MODE_11B) 5161 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5162 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5163 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5164 else /* 11g */ 5165 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5166} 5167 5168static void 5169run_set_leds(struct run_softc *sc, uint16_t which) 5170{ 5171 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5172 which | (sc->leds & 0x7f)); 5173} 5174 5175static void 5176run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5177{ 5178 run_write(sc, RT2860_MAC_BSSID_DW0, 5179 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5180 run_write(sc, RT2860_MAC_BSSID_DW1, 5181 bssid[4] | bssid[5] << 8); 5182} 5183 5184static void 5185run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5186{ 5187 run_write(sc, RT2860_MAC_ADDR_DW0, 5188 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5189 run_write(sc, RT2860_MAC_ADDR_DW1, 5190 addr[4] | addr[5] << 8 | 0xff << 16); 5191} 5192 5193static void 5194run_updateslot(struct ifnet *ifp) 5195{ 5196 struct run_softc *sc = ifp->if_softc; 5197 struct ieee80211com *ic = ifp->if_l2com; 5198 uint32_t i; 5199 5200 i = RUN_CMDQ_GET(&sc->cmdq_store); 5201 DPRINTF("cmdq_store=%d\n", i); 5202 sc->cmdq[i].func = run_updateslot_cb; 5203 sc->cmdq[i].arg0 = ifp; 5204 ieee80211_runtask(ic, &sc->cmdq_task); 5205 5206 return; 5207} 5208 5209/* ARGSUSED */ 5210static void 5211run_updateslot_cb(void *arg) 5212{ 5213 struct ifnet *ifp = arg; 5214 struct run_softc *sc = ifp->if_softc; 5215 struct ieee80211com *ic = ifp->if_l2com; 5216 uint32_t tmp; 5217 5218 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5219 tmp &= ~0xff; 5220 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5221 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5222} 5223 5224static void 5225run_update_mcast(struct ifnet *ifp) 5226{ 5227 /* h/w filter supports getting everything or nothing */ 5228 ifp->if_flags |= IFF_ALLMULTI; 5229} 5230 5231static int8_t 5232run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5233{ 5234 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5235 struct ieee80211_channel *c = ic->ic_curchan; 5236 int delta; 5237 5238 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5239 u_int chan = ieee80211_chan2ieee(ic, c); 5240 delta = sc->rssi_5ghz[rxchain]; 5241 5242 /* determine channel group */ 5243 if (chan <= 64) 5244 delta -= sc->lna[1]; 5245 else if (chan <= 128) 5246 delta -= sc->lna[2]; 5247 else 5248 delta -= sc->lna[3]; 5249 } else 5250 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5251 5252 return (-12 - delta - rssi); 5253} 5254 5255static void 5256run_rt5390_bbp_init(struct run_softc *sc) 5257{ 5258 int i; 5259 uint8_t bbp; 5260 5261 /* Apply maximum likelihood detection for 2 stream case. */ 5262 run_bbp_read(sc, 105, &bbp); 5263 if (sc->nrxchains > 1) 5264 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5265 5266 /* Avoid data lost and CRC error. */ 5267 run_bbp_read(sc, 4, &bbp); 5268 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5269 5270 if (sc->mac_ver == 0x5592) { 5271 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 5272 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5273 rt5592_def_bbp[i].val); 5274 } 5275 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 5276 run_bbp_write(sc, 195, i + 0x80); 5277 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5278 } 5279 } else { 5280 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 5281 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5282 rt5390_def_bbp[i].val); 5283 } 5284 } 5285 if (sc->mac_ver == 0x5392) { 5286 run_bbp_write(sc, 88, 0x90); 5287 run_bbp_write(sc, 95, 0x9a); 5288 run_bbp_write(sc, 98, 0x12); 5289 run_bbp_write(sc, 106, 0x12); 5290 run_bbp_write(sc, 134, 0xd0); 5291 run_bbp_write(sc, 135, 0xf6); 5292 run_bbp_write(sc, 148, 0x84); 5293 } 5294 5295 run_bbp_read(sc, 152, &bbp); 5296 run_bbp_write(sc, 152, bbp | 0x80); 5297 5298 /* Fix BBP254 for RT5592C. */ 5299 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5300 run_bbp_read(sc, 254, &bbp); 5301 run_bbp_write(sc, 254, bbp | 0x80); 5302 } 5303 5304 /* Disable hardware antenna diversity. */ 5305 if (sc->mac_ver == 0x5390) 5306 run_bbp_write(sc, 154, 0); 5307 5308 /* Initialize Rx CCK/OFDM frequency offset report. */ 5309 run_bbp_write(sc, 142, 1); 5310 run_bbp_write(sc, 143, 57); 5311} 5312 5313static int 5314run_bbp_init(struct run_softc *sc) 5315{ 5316 int i, error, ntries; 5317 uint8_t bbp0; 5318 5319 /* wait for BBP to wake up */ 5320 for (ntries = 0; ntries < 20; ntries++) { 5321 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5322 return error; 5323 if (bbp0 != 0 && bbp0 != 0xff) 5324 break; 5325 } 5326 if (ntries == 20) 5327 return (ETIMEDOUT); 5328 5329 /* initialize BBP registers to default values */ 5330 if (sc->mac_ver >= 0x5390) 5331 run_rt5390_bbp_init(sc); 5332 else { 5333 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 5334 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5335 rt2860_def_bbp[i].val); 5336 } 5337 } 5338 5339 if (sc->mac_ver == 0x3593) { 5340 run_bbp_write(sc, 79, 0x13); 5341 run_bbp_write(sc, 80, 0x05); 5342 run_bbp_write(sc, 81, 0x33); 5343 run_bbp_write(sc, 86, 0x46); 5344 run_bbp_write(sc, 137, 0x0f); 5345 } 5346 5347 /* fix BBP84 for RT2860E */ 5348 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5349 run_bbp_write(sc, 84, 0x19); 5350 5351 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5352 sc->mac_ver != 0x5592)) { 5353 run_bbp_write(sc, 79, 0x13); 5354 run_bbp_write(sc, 80, 0x05); 5355 run_bbp_write(sc, 81, 0x33); 5356 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5357 run_bbp_write(sc, 69, 0x16); 5358 run_bbp_write(sc, 73, 0x12); 5359 } 5360 return (0); 5361} 5362 5363static int 5364run_rt3070_rf_init(struct run_softc *sc) 5365{ 5366 uint32_t tmp; 5367 uint8_t bbp4, mingain, rf, target; 5368 int i; 5369 5370 run_rt3070_rf_read(sc, 30, &rf); 5371 /* toggle RF R30 bit 7 */ 5372 run_rt3070_rf_write(sc, 30, rf | 0x80); 5373 run_delay(sc, 10); 5374 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5375 5376 /* initialize RF registers to default value */ 5377 if (sc->mac_ver == 0x3572) { 5378 for (i = 0; i < nitems(rt3572_def_rf); i++) { 5379 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5380 rt3572_def_rf[i].val); 5381 } 5382 } else { 5383 for (i = 0; i < nitems(rt3070_def_rf); i++) { 5384 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5385 rt3070_def_rf[i].val); 5386 } 5387 } 5388 5389 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5390 /* 5391 * Change voltage from 1.2V to 1.35V for RT3070. 5392 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5393 * in RT3070(F). 5394 */ 5395 run_read(sc, RT3070_LDO_CFG0, &tmp); 5396 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5397 run_write(sc, RT3070_LDO_CFG0, tmp); 5398 5399 } else if (sc->mac_ver == 0x3071) { 5400 run_rt3070_rf_read(sc, 6, &rf); 5401 run_rt3070_rf_write(sc, 6, rf | 0x40); 5402 run_rt3070_rf_write(sc, 31, 0x14); 5403 5404 run_read(sc, RT3070_LDO_CFG0, &tmp); 5405 tmp &= ~0x1f000000; 5406 if (sc->mac_rev < 0x0211) 5407 tmp |= 0x0d000000; /* 1.3V */ 5408 else 5409 tmp |= 0x01000000; /* 1.2V */ 5410 run_write(sc, RT3070_LDO_CFG0, tmp); 5411 5412 /* patch LNA_PE_G1 */ 5413 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5414 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5415 5416 } else if (sc->mac_ver == 0x3572) { 5417 run_rt3070_rf_read(sc, 6, &rf); 5418 run_rt3070_rf_write(sc, 6, rf | 0x40); 5419 5420 /* increase voltage from 1.2V to 1.35V */ 5421 run_read(sc, RT3070_LDO_CFG0, &tmp); 5422 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5423 run_write(sc, RT3070_LDO_CFG0, tmp); 5424 5425 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5426 run_delay(sc, 1); /* wait for 1msec */ 5427 /* decrease voltage back to 1.2V */ 5428 tmp = (tmp & ~0x1f000000) | 0x01000000; 5429 run_write(sc, RT3070_LDO_CFG0, tmp); 5430 } 5431 } 5432 5433 /* select 20MHz bandwidth */ 5434 run_rt3070_rf_read(sc, 31, &rf); 5435 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5436 5437 /* calibrate filter for 20MHz bandwidth */ 5438 sc->rf24_20mhz = 0x1f; /* default value */ 5439 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5440 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5441 5442 /* select 40MHz bandwidth */ 5443 run_bbp_read(sc, 4, &bbp4); 5444 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5445 run_rt3070_rf_read(sc, 31, &rf); 5446 run_rt3070_rf_write(sc, 31, rf | 0x20); 5447 5448 /* calibrate filter for 40MHz bandwidth */ 5449 sc->rf24_40mhz = 0x2f; /* default value */ 5450 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5451 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5452 5453 /* go back to 20MHz bandwidth */ 5454 run_bbp_read(sc, 4, &bbp4); 5455 run_bbp_write(sc, 4, bbp4 & ~0x18); 5456 5457 if (sc->mac_ver == 0x3572) { 5458 /* save default BBP registers 25 and 26 values */ 5459 run_bbp_read(sc, 25, &sc->bbp25); 5460 run_bbp_read(sc, 26, &sc->bbp26); 5461 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5462 run_rt3070_rf_write(sc, 27, 0x03); 5463 5464 run_read(sc, RT3070_OPT_14, &tmp); 5465 run_write(sc, RT3070_OPT_14, tmp | 1); 5466 5467 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5468 run_rt3070_rf_read(sc, 17, &rf); 5469 rf &= ~RT3070_TX_LO1; 5470 if ((sc->mac_ver == 0x3070 || 5471 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5472 !sc->ext_2ghz_lna) 5473 rf |= 0x20; /* fix for long range Rx issue */ 5474 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5475 if (sc->txmixgain_2ghz >= mingain) 5476 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5477 run_rt3070_rf_write(sc, 17, rf); 5478 } 5479 5480 if (sc->mac_rev == 0x3071) { 5481 run_rt3070_rf_read(sc, 1, &rf); 5482 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5483 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5484 run_rt3070_rf_write(sc, 1, rf); 5485 5486 run_rt3070_rf_read(sc, 15, &rf); 5487 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5488 5489 run_rt3070_rf_read(sc, 20, &rf); 5490 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5491 5492 run_rt3070_rf_read(sc, 21, &rf); 5493 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5494 } 5495 5496 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5497 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5498 run_rt3070_rf_read(sc, 27, &rf); 5499 rf &= ~0x77; 5500 if (sc->mac_rev < 0x0211) 5501 rf |= 0x03; 5502 run_rt3070_rf_write(sc, 27, rf); 5503 } 5504 return (0); 5505} 5506 5507static void 5508run_rt3593_rf_init(struct run_softc *sc) 5509{ 5510 uint32_t tmp; 5511 uint8_t rf; 5512 int i; 5513 5514 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5515 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5516 tmp &= ~(1 << 4 | 1 << 7); 5517 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5518 5519 /* Initialize RF registers to default value. */ 5520 for (i = 0; i < nitems(rt3593_def_rf); i++) { 5521 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5522 rt3593_def_rf[i].val); 5523 } 5524 5525 /* Toggle RF R2 to initiate calibration. */ 5526 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5527 5528 /* Initialize RF frequency offset. */ 5529 run_adjust_freq_offset(sc); 5530 5531 run_rt3070_rf_read(sc, 18, &rf); 5532 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5533 5534 /* 5535 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5536 * decrease voltage back to 1.2V. 5537 */ 5538 run_read(sc, RT3070_LDO_CFG0, &tmp); 5539 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5540 run_write(sc, RT3070_LDO_CFG0, tmp); 5541 run_delay(sc, 1); 5542 tmp = (tmp & ~0x1f000000) | 0x01000000; 5543 run_write(sc, RT3070_LDO_CFG0, tmp); 5544 5545 sc->rf24_20mhz = 0x1f; 5546 sc->rf24_40mhz = 0x2f; 5547 5548 /* Save default BBP registers 25 and 26 values. */ 5549 run_bbp_read(sc, 25, &sc->bbp25); 5550 run_bbp_read(sc, 26, &sc->bbp26); 5551 5552 run_read(sc, RT3070_OPT_14, &tmp); 5553 run_write(sc, RT3070_OPT_14, tmp | 1); 5554} 5555 5556static void 5557run_rt5390_rf_init(struct run_softc *sc) 5558{ 5559 uint32_t tmp; 5560 uint8_t rf; 5561 int i; 5562 5563 /* Toggle RF R2 to initiate calibration. */ 5564 if (sc->mac_ver == 0x5390) { 5565 run_rt3070_rf_read(sc, 2, &rf); 5566 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5567 run_delay(sc, 10); 5568 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5569 } else { 5570 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5571 run_delay(sc, 10); 5572 } 5573 5574 /* Initialize RF registers to default value. */ 5575 if (sc->mac_ver == 0x5592) { 5576 for (i = 0; i < nitems(rt5592_def_rf); i++) { 5577 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5578 rt5592_def_rf[i].val); 5579 } 5580 /* Initialize RF frequency offset. */ 5581 run_adjust_freq_offset(sc); 5582 } else if (sc->mac_ver == 0x5392) { 5583 for (i = 0; i < nitems(rt5392_def_rf); i++) { 5584 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5585 rt5392_def_rf[i].val); 5586 } 5587 if (sc->mac_rev >= 0x0223) { 5588 run_rt3070_rf_write(sc, 23, 0x0f); 5589 run_rt3070_rf_write(sc, 24, 0x3e); 5590 run_rt3070_rf_write(sc, 51, 0x32); 5591 run_rt3070_rf_write(sc, 53, 0x22); 5592 run_rt3070_rf_write(sc, 56, 0xc1); 5593 run_rt3070_rf_write(sc, 59, 0x0f); 5594 } 5595 } else { 5596 for (i = 0; i < nitems(rt5390_def_rf); i++) { 5597 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5598 rt5390_def_rf[i].val); 5599 } 5600 if (sc->mac_rev >= 0x0502) { 5601 run_rt3070_rf_write(sc, 6, 0xe0); 5602 run_rt3070_rf_write(sc, 25, 0x80); 5603 run_rt3070_rf_write(sc, 46, 0x73); 5604 run_rt3070_rf_write(sc, 53, 0x00); 5605 run_rt3070_rf_write(sc, 56, 0x42); 5606 run_rt3070_rf_write(sc, 61, 0xd1); 5607 } 5608 } 5609 5610 sc->rf24_20mhz = 0x1f; /* default value */ 5611 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5612 5613 if (sc->mac_rev < 0x0211) 5614 run_rt3070_rf_write(sc, 27, 0x3); 5615 5616 run_read(sc, RT3070_OPT_14, &tmp); 5617 run_write(sc, RT3070_OPT_14, tmp | 1); 5618} 5619 5620static int 5621run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5622 uint8_t *val) 5623{ 5624 uint8_t rf22, rf24; 5625 uint8_t bbp55_pb, bbp55_sb, delta; 5626 int ntries; 5627 5628 /* program filter */ 5629 run_rt3070_rf_read(sc, 24, &rf24); 5630 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5631 run_rt3070_rf_write(sc, 24, rf24); 5632 5633 /* enable baseband loopback mode */ 5634 run_rt3070_rf_read(sc, 22, &rf22); 5635 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5636 5637 /* set power and frequency of passband test tone */ 5638 run_bbp_write(sc, 24, 0x00); 5639 for (ntries = 0; ntries < 100; ntries++) { 5640 /* transmit test tone */ 5641 run_bbp_write(sc, 25, 0x90); 5642 run_delay(sc, 10); 5643 /* read received power */ 5644 run_bbp_read(sc, 55, &bbp55_pb); 5645 if (bbp55_pb != 0) 5646 break; 5647 } 5648 if (ntries == 100) 5649 return (ETIMEDOUT); 5650 5651 /* set power and frequency of stopband test tone */ 5652 run_bbp_write(sc, 24, 0x06); 5653 for (ntries = 0; ntries < 100; ntries++) { 5654 /* transmit test tone */ 5655 run_bbp_write(sc, 25, 0x90); 5656 run_delay(sc, 10); 5657 /* read received power */ 5658 run_bbp_read(sc, 55, &bbp55_sb); 5659 5660 delta = bbp55_pb - bbp55_sb; 5661 if (delta > target) 5662 break; 5663 5664 /* reprogram filter */ 5665 rf24++; 5666 run_rt3070_rf_write(sc, 24, rf24); 5667 } 5668 if (ntries < 100) { 5669 if (rf24 != init) 5670 rf24--; /* backtrack */ 5671 *val = rf24; 5672 run_rt3070_rf_write(sc, 24, rf24); 5673 } 5674 5675 /* restore initial state */ 5676 run_bbp_write(sc, 24, 0x00); 5677 5678 /* disable baseband loopback mode */ 5679 run_rt3070_rf_read(sc, 22, &rf22); 5680 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5681 5682 return (0); 5683} 5684 5685static void 5686run_rt3070_rf_setup(struct run_softc *sc) 5687{ 5688 uint8_t bbp, rf; 5689 int i; 5690 5691 if (sc->mac_ver == 0x3572) { 5692 /* enable DC filter */ 5693 if (sc->mac_rev >= 0x0201) 5694 run_bbp_write(sc, 103, 0xc0); 5695 5696 run_bbp_read(sc, 138, &bbp); 5697 if (sc->ntxchains == 1) 5698 bbp |= 0x20; /* turn off DAC1 */ 5699 if (sc->nrxchains == 1) 5700 bbp &= ~0x02; /* turn off ADC1 */ 5701 run_bbp_write(sc, 138, bbp); 5702 5703 if (sc->mac_rev >= 0x0211) { 5704 /* improve power consumption */ 5705 run_bbp_read(sc, 31, &bbp); 5706 run_bbp_write(sc, 31, bbp & ~0x03); 5707 } 5708 5709 run_rt3070_rf_read(sc, 16, &rf); 5710 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5711 run_rt3070_rf_write(sc, 16, rf); 5712 5713 } else if (sc->mac_ver == 0x3071) { 5714 if (sc->mac_rev >= 0x0211) { 5715 /* enable DC filter */ 5716 run_bbp_write(sc, 103, 0xc0); 5717 5718 /* improve power consumption */ 5719 run_bbp_read(sc, 31, &bbp); 5720 run_bbp_write(sc, 31, bbp & ~0x03); 5721 } 5722 5723 run_bbp_read(sc, 138, &bbp); 5724 if (sc->ntxchains == 1) 5725 bbp |= 0x20; /* turn off DAC1 */ 5726 if (sc->nrxchains == 1) 5727 bbp &= ~0x02; /* turn off ADC1 */ 5728 run_bbp_write(sc, 138, bbp); 5729 5730 run_write(sc, RT2860_TX_SW_CFG1, 0); 5731 if (sc->mac_rev < 0x0211) { 5732 run_write(sc, RT2860_TX_SW_CFG2, 5733 sc->patch_dac ? 0x2c : 0x0f); 5734 } else 5735 run_write(sc, RT2860_TX_SW_CFG2, 0); 5736 5737 } else if (sc->mac_ver == 0x3070) { 5738 if (sc->mac_rev >= 0x0201) { 5739 /* enable DC filter */ 5740 run_bbp_write(sc, 103, 0xc0); 5741 5742 /* improve power consumption */ 5743 run_bbp_read(sc, 31, &bbp); 5744 run_bbp_write(sc, 31, bbp & ~0x03); 5745 } 5746 5747 if (sc->mac_rev < 0x0201) { 5748 run_write(sc, RT2860_TX_SW_CFG1, 0); 5749 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5750 } else 5751 run_write(sc, RT2860_TX_SW_CFG2, 0); 5752 } 5753 5754 /* initialize RF registers from ROM for >=RT3071*/ 5755 if (sc->mac_ver >= 0x3071) { 5756 for (i = 0; i < 10; i++) { 5757 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5758 continue; 5759 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5760 } 5761 } 5762} 5763 5764static void 5765run_rt3593_rf_setup(struct run_softc *sc) 5766{ 5767 uint8_t bbp, rf; 5768 5769 if (sc->mac_rev >= 0x0211) { 5770 /* Enable DC filter. */ 5771 run_bbp_write(sc, 103, 0xc0); 5772 } 5773 run_write(sc, RT2860_TX_SW_CFG1, 0); 5774 if (sc->mac_rev < 0x0211) { 5775 run_write(sc, RT2860_TX_SW_CFG2, 5776 sc->patch_dac ? 0x2c : 0x0f); 5777 } else 5778 run_write(sc, RT2860_TX_SW_CFG2, 0); 5779 5780 run_rt3070_rf_read(sc, 50, &rf); 5781 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5782 5783 run_rt3070_rf_read(sc, 51, &rf); 5784 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5785 ((sc->txmixgain_2ghz & 0x07) << 2); 5786 run_rt3070_rf_write(sc, 51, rf); 5787 5788 run_rt3070_rf_read(sc, 38, &rf); 5789 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5790 5791 run_rt3070_rf_read(sc, 39, &rf); 5792 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5793 5794 run_rt3070_rf_read(sc, 1, &rf); 5795 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5796 5797 run_rt3070_rf_read(sc, 30, &rf); 5798 rf = (rf & ~0x18) | 0x10; 5799 run_rt3070_rf_write(sc, 30, rf); 5800 5801 /* Apply maximum likelihood detection for 2 stream case. */ 5802 run_bbp_read(sc, 105, &bbp); 5803 if (sc->nrxchains > 1) 5804 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5805 5806 /* Avoid data lost and CRC error. */ 5807 run_bbp_read(sc, 4, &bbp); 5808 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5809 5810 run_bbp_write(sc, 92, 0x02); 5811 run_bbp_write(sc, 82, 0x82); 5812 run_bbp_write(sc, 106, 0x05); 5813 run_bbp_write(sc, 104, 0x92); 5814 run_bbp_write(sc, 88, 0x90); 5815 run_bbp_write(sc, 148, 0xc8); 5816 run_bbp_write(sc, 47, 0x48); 5817 run_bbp_write(sc, 120, 0x50); 5818 5819 run_bbp_write(sc, 163, 0x9d); 5820 5821 /* SNR mapping. */ 5822 run_bbp_write(sc, 142, 0x06); 5823 run_bbp_write(sc, 143, 0xa0); 5824 run_bbp_write(sc, 142, 0x07); 5825 run_bbp_write(sc, 143, 0xa1); 5826 run_bbp_write(sc, 142, 0x08); 5827 run_bbp_write(sc, 143, 0xa2); 5828 5829 run_bbp_write(sc, 31, 0x08); 5830 run_bbp_write(sc, 68, 0x0b); 5831 run_bbp_write(sc, 105, 0x04); 5832} 5833 5834static void 5835run_rt5390_rf_setup(struct run_softc *sc) 5836{ 5837 uint8_t bbp, rf; 5838 5839 if (sc->mac_rev >= 0x0211) { 5840 /* Enable DC filter. */ 5841 run_bbp_write(sc, 103, 0xc0); 5842 5843 if (sc->mac_ver != 0x5592) { 5844 /* Improve power consumption. */ 5845 run_bbp_read(sc, 31, &bbp); 5846 run_bbp_write(sc, 31, bbp & ~0x03); 5847 } 5848 } 5849 5850 run_bbp_read(sc, 138, &bbp); 5851 if (sc->ntxchains == 1) 5852 bbp |= 0x20; /* turn off DAC1 */ 5853 if (sc->nrxchains == 1) 5854 bbp &= ~0x02; /* turn off ADC1 */ 5855 run_bbp_write(sc, 138, bbp); 5856 5857 run_rt3070_rf_read(sc, 38, &rf); 5858 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5859 5860 run_rt3070_rf_read(sc, 39, &rf); 5861 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5862 5863 /* Avoid data lost and CRC error. */ 5864 run_bbp_read(sc, 4, &bbp); 5865 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5866 5867 run_rt3070_rf_read(sc, 30, &rf); 5868 rf = (rf & ~0x18) | 0x10; 5869 run_rt3070_rf_write(sc, 30, rf); 5870 5871 if (sc->mac_ver != 0x5592) { 5872 run_write(sc, RT2860_TX_SW_CFG1, 0); 5873 if (sc->mac_rev < 0x0211) { 5874 run_write(sc, RT2860_TX_SW_CFG2, 5875 sc->patch_dac ? 0x2c : 0x0f); 5876 } else 5877 run_write(sc, RT2860_TX_SW_CFG2, 0); 5878 } 5879} 5880 5881static int 5882run_txrx_enable(struct run_softc *sc) 5883{ 5884 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5885 uint32_t tmp; 5886 int error, ntries; 5887 5888 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5889 for (ntries = 0; ntries < 200; ntries++) { 5890 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5891 return (error); 5892 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5893 break; 5894 run_delay(sc, 50); 5895 } 5896 if (ntries == 200) 5897 return (ETIMEDOUT); 5898 5899 run_delay(sc, 50); 5900 5901 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5902 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5903 5904 /* enable Rx bulk aggregation (set timeout and limit) */ 5905 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5906 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5907 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5908 5909 /* set Rx filter */ 5910 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5911 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5912 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5913 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5914 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5915 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5916 if (ic->ic_opmode == IEEE80211_M_STA) 5917 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5918 } 5919 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5920 5921 run_write(sc, RT2860_MAC_SYS_CTRL, 5922 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5923 5924 return (0); 5925} 5926 5927static void 5928run_adjust_freq_offset(struct run_softc *sc) 5929{ 5930 uint8_t rf, tmp; 5931 5932 run_rt3070_rf_read(sc, 17, &rf); 5933 tmp = rf; 5934 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5935 rf = MIN(rf, 0x5f); 5936 5937 if (tmp != rf) 5938 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5939} 5940 5941static void 5942run_init_locked(struct run_softc *sc) 5943{ 5944 struct ifnet *ifp = sc->sc_ifp; 5945 struct ieee80211com *ic = ifp->if_l2com; 5946 uint32_t tmp; 5947 uint8_t bbp1, bbp3; 5948 int i; 5949 int ridx; 5950 int ntries; 5951 5952 if (ic->ic_nrunning > 1) 5953 return; 5954 5955 run_stop(sc); 5956 5957 if (run_load_microcode(sc) != 0) { 5958 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5959 goto fail; 5960 } 5961 5962 for (ntries = 0; ntries < 100; ntries++) { 5963 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5964 goto fail; 5965 if (tmp != 0 && tmp != 0xffffffff) 5966 break; 5967 run_delay(sc, 10); 5968 } 5969 if (ntries == 100) 5970 goto fail; 5971 5972 for (i = 0; i != RUN_EP_QUEUES; i++) 5973 run_setup_tx_list(sc, &sc->sc_epq[i]); 5974 5975 run_set_macaddr(sc, IF_LLADDR(ifp)); 5976 5977 for (ntries = 0; ntries < 100; ntries++) { 5978 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 5979 goto fail; 5980 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5981 break; 5982 run_delay(sc, 10); 5983 } 5984 if (ntries == 100) { 5985 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 5986 goto fail; 5987 } 5988 tmp &= 0xff0; 5989 tmp |= RT2860_TX_WB_DDONE; 5990 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5991 5992 /* turn off PME_OEN to solve high-current issue */ 5993 run_read(sc, RT2860_SYS_CTRL, &tmp); 5994 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 5995 5996 run_write(sc, RT2860_MAC_SYS_CTRL, 5997 RT2860_BBP_HRST | RT2860_MAC_SRST); 5998 run_write(sc, RT2860_USB_DMA_CFG, 0); 5999 6000 if (run_reset(sc) != 0) { 6001 device_printf(sc->sc_dev, "could not reset chipset\n"); 6002 goto fail; 6003 } 6004 6005 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6006 6007 /* init Tx power for all Tx rates (from EEPROM) */ 6008 for (ridx = 0; ridx < 5; ridx++) { 6009 if (sc->txpow20mhz[ridx] == 0xffffffff) 6010 continue; 6011 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6012 } 6013 6014 for (i = 0; i < nitems(rt2870_def_mac); i++) 6015 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6016 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6017 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6018 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6019 6020 if (sc->mac_ver >= 0x5390) { 6021 run_write(sc, RT2860_TX_SW_CFG0, 6022 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6023 if (sc->mac_ver >= 0x5392) { 6024 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6025 if (sc->mac_ver == 0x5592) { 6026 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6027 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6028 } else { 6029 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6030 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6031 } 6032 } 6033 } else if (sc->mac_ver == 0x3593) { 6034 run_write(sc, RT2860_TX_SW_CFG0, 6035 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6036 } else if (sc->mac_ver >= 0x3070) { 6037 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6038 run_write(sc, RT2860_TX_SW_CFG0, 6039 4 << RT2860_DLY_PAPE_EN_SHIFT); 6040 } 6041 6042 /* wait while MAC is busy */ 6043 for (ntries = 0; ntries < 100; ntries++) { 6044 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6045 goto fail; 6046 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6047 break; 6048 run_delay(sc, 10); 6049 } 6050 if (ntries == 100) 6051 goto fail; 6052 6053 /* clear Host to MCU mailbox */ 6054 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6055 run_write(sc, RT2860_H2M_MAILBOX, 0); 6056 run_delay(sc, 10); 6057 6058 if (run_bbp_init(sc) != 0) { 6059 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6060 goto fail; 6061 } 6062 6063 /* abort TSF synchronization */ 6064 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6065 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6066 RT2860_TBTT_TIMER_EN); 6067 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6068 6069 /* clear RX WCID search table */ 6070 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6071 /* clear WCID attribute table */ 6072 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6073 6074 /* hostapd sets a key before init. So, don't clear it. */ 6075 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6076 /* clear shared key table */ 6077 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6078 /* clear shared key mode */ 6079 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6080 } 6081 6082 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6083 tmp = (tmp & ~0xff) | 0x1e; 6084 run_write(sc, RT2860_US_CYC_CNT, tmp); 6085 6086 if (sc->mac_rev != 0x0101) 6087 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6088 6089 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6090 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6091 6092 /* write vendor-specific BBP values (from EEPROM) */ 6093 if (sc->mac_ver < 0x3593) { 6094 for (i = 0; i < 10; i++) { 6095 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6096 continue; 6097 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6098 } 6099 } 6100 6101 /* select Main antenna for 1T1R devices */ 6102 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6103 run_set_rx_antenna(sc, 0); 6104 6105 /* send LEDs operating mode to microcontroller */ 6106 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6107 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6108 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6109 6110 if (sc->mac_ver >= 0x5390) 6111 run_rt5390_rf_init(sc); 6112 else if (sc->mac_ver == 0x3593) 6113 run_rt3593_rf_init(sc); 6114 else if (sc->mac_ver >= 0x3070) 6115 run_rt3070_rf_init(sc); 6116 6117 /* disable non-existing Rx chains */ 6118 run_bbp_read(sc, 3, &bbp3); 6119 bbp3 &= ~(1 << 3 | 1 << 4); 6120 if (sc->nrxchains == 2) 6121 bbp3 |= 1 << 3; 6122 else if (sc->nrxchains == 3) 6123 bbp3 |= 1 << 4; 6124 run_bbp_write(sc, 3, bbp3); 6125 6126 /* disable non-existing Tx chains */ 6127 run_bbp_read(sc, 1, &bbp1); 6128 if (sc->ntxchains == 1) 6129 bbp1 &= ~(1 << 3 | 1 << 4); 6130 run_bbp_write(sc, 1, bbp1); 6131 6132 if (sc->mac_ver >= 0x5390) 6133 run_rt5390_rf_setup(sc); 6134 else if (sc->mac_ver == 0x3593) 6135 run_rt3593_rf_setup(sc); 6136 else if (sc->mac_ver >= 0x3070) 6137 run_rt3070_rf_setup(sc); 6138 6139 /* select default channel */ 6140 run_set_chan(sc, ic->ic_curchan); 6141 6142 /* setup initial protection mode */ 6143 run_updateprot_cb(ic); 6144 6145 /* turn radio LED on */ 6146 run_set_leds(sc, RT2860_LED_RADIO); 6147 6148 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 6149 ifp->if_drv_flags |= IFF_DRV_RUNNING; 6150 sc->cmdq_run = RUN_CMDQ_GO; 6151 6152 for (i = 0; i != RUN_N_XFER; i++) 6153 usbd_xfer_set_stall(sc->sc_xfer[i]); 6154 6155 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6156 6157 if (run_txrx_enable(sc) != 0) 6158 goto fail; 6159 6160 return; 6161 6162fail: 6163 run_stop(sc); 6164} 6165 6166static void 6167run_init(void *arg) 6168{ 6169 struct run_softc *sc = arg; 6170 struct ifnet *ifp = sc->sc_ifp; 6171 struct ieee80211com *ic = ifp->if_l2com; 6172 6173 RUN_LOCK(sc); 6174 run_init_locked(sc); 6175 RUN_UNLOCK(sc); 6176 6177 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6178 ieee80211_start_all(ic); 6179} 6180 6181static void 6182run_stop(void *arg) 6183{ 6184 struct run_softc *sc = (struct run_softc *)arg; 6185 struct ifnet *ifp = sc->sc_ifp; 6186 uint32_t tmp; 6187 int i; 6188 int ntries; 6189 6190 RUN_LOCK_ASSERT(sc, MA_OWNED); 6191 6192 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6193 run_set_leds(sc, 0); /* turn all LEDs off */ 6194 6195 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 6196 6197 sc->ratectl_run = RUN_RATECTL_OFF; 6198 sc->cmdq_run = sc->cmdq_key_set; 6199 6200 RUN_UNLOCK(sc); 6201 6202 for(i = 0; i < RUN_N_XFER; i++) 6203 usbd_transfer_drain(sc->sc_xfer[i]); 6204 6205 RUN_LOCK(sc); 6206 6207 if (sc->rx_m != NULL) { 6208 m_free(sc->rx_m); 6209 sc->rx_m = NULL; 6210 } 6211 6212 /* Disable Tx/Rx DMA. */ 6213 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6214 return; 6215 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6216 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6217 6218 for (ntries = 0; ntries < 100; ntries++) { 6219 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6220 return; 6221 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6222 break; 6223 run_delay(sc, 10); 6224 } 6225 if (ntries == 100) { 6226 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6227 return; 6228 } 6229 6230 /* disable Tx/Rx */ 6231 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6232 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6233 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6234 6235 /* wait for pending Tx to complete */ 6236 for (ntries = 0; ntries < 100; ntries++) { 6237 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6238 DPRINTF("Cannot read Tx queue count\n"); 6239 break; 6240 } 6241 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6242 DPRINTF("All Tx cleared\n"); 6243 break; 6244 } 6245 run_delay(sc, 10); 6246 } 6247 if (ntries >= 100) 6248 DPRINTF("There are still pending Tx\n"); 6249 run_delay(sc, 10); 6250 run_write(sc, RT2860_USB_DMA_CFG, 0); 6251 6252 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6253 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6254 6255 for (i = 0; i != RUN_EP_QUEUES; i++) 6256 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6257} 6258 6259static void 6260run_delay(struct run_softc *sc, u_int ms) 6261{ 6262 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ? 6263 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms)); 6264} 6265 6266static device_method_t run_methods[] = { 6267 /* Device interface */ 6268 DEVMETHOD(device_probe, run_match), 6269 DEVMETHOD(device_attach, run_attach), 6270 DEVMETHOD(device_detach, run_detach), 6271 DEVMETHOD_END 6272}; 6273 6274static driver_t run_driver = { 6275 .name = "run", 6276 .methods = run_methods, 6277 .size = sizeof(struct run_softc) 6278}; 6279 6280static devclass_t run_devclass; 6281 6282DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6283MODULE_DEPEND(run, wlan, 1, 1, 1); 6284MODULE_DEPEND(run, usb, 1, 1, 1); 6285MODULE_DEPEND(run, firmware, 1, 1, 1); 6286MODULE_VERSION(run, 1); 6287