1/* $OpenBSD: if_urtwn.c,v 1.16 2011/02/10 17:26:40 jakemsr Exp $ */ 2 3/*- 4 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2014 Kevin Lo <kevlo@FreeBSD.org> 6 * Copyright (c) 2015 Andriy Voskoboinyk <avos@FreeBSD.org> 7 * 8 * Permission to use, copy, modify, and distribute this software for any 9 * purpose with or without fee is hereby granted, provided that the above 10 * copyright notice and this permission notice appear in all copies. 11 * 12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 */ 20 21#include <sys/cdefs.h> 22__FBSDID("$FreeBSD: stable/11/sys/dev/urtwn/if_urtwn.c 360696 2020-05-06 17:44:17Z dim $"); 23 24/* 25 * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188EU/RTL8188RU/RTL8192CU. 26 */ 27 28#include "opt_wlan.h" 29#include "opt_urtwn.h" 30 31#include <sys/param.h> 32#include <sys/sockio.h> 33#include <sys/sysctl.h> 34#include <sys/lock.h> 35#include <sys/mutex.h> 36#include <sys/condvar.h> 37#include <sys/mbuf.h> 38#include <sys/kernel.h> 39#include <sys/socket.h> 40#include <sys/systm.h> 41#include <sys/malloc.h> 42#include <sys/module.h> 43#include <sys/bus.h> 44#include <sys/endian.h> 45#include <sys/linker.h> 46#include <sys/firmware.h> 47#include <sys/kdb.h> 48 49#include <machine/bus.h> 50#include <machine/resource.h> 51#include <sys/rman.h> 52 53#include <net/bpf.h> 54#include <net/if.h> 55#include <net/if_var.h> 56#include <net/if_arp.h> 57#include <net/ethernet.h> 58#include <net/if_dl.h> 59#include <net/if_media.h> 60#include <net/if_types.h> 61 62#include <netinet/in.h> 63#include <netinet/in_systm.h> 64#include <netinet/in_var.h> 65#include <netinet/if_ether.h> 66#include <netinet/ip.h> 67 68#include <net80211/ieee80211_var.h> 69#include <net80211/ieee80211_regdomain.h> 70#include <net80211/ieee80211_radiotap.h> 71#include <net80211/ieee80211_ratectl.h> 72#ifdef IEEE80211_SUPPORT_SUPERG 73#include <net80211/ieee80211_superg.h> 74#endif 75 76#include <dev/usb/usb.h> 77#include <dev/usb/usbdi.h> 78#include <dev/usb/usb_device.h> 79#include "usbdevs.h" 80 81#include <dev/usb/usb_debug.h> 82 83#include <dev/urtwn/if_urtwnreg.h> 84#include <dev/urtwn/if_urtwnvar.h> 85 86#ifdef USB_DEBUG 87enum { 88 URTWN_DEBUG_XMIT = 0x00000001, /* basic xmit operation */ 89 URTWN_DEBUG_RECV = 0x00000002, /* basic recv operation */ 90 URTWN_DEBUG_STATE = 0x00000004, /* 802.11 state transitions */ 91 URTWN_DEBUG_RA = 0x00000008, /* f/w rate adaptation setup */ 92 URTWN_DEBUG_USB = 0x00000010, /* usb requests */ 93 URTWN_DEBUG_FIRMWARE = 0x00000020, /* firmware(9) loading debug */ 94 URTWN_DEBUG_BEACON = 0x00000040, /* beacon handling */ 95 URTWN_DEBUG_INTR = 0x00000080, /* ISR */ 96 URTWN_DEBUG_TEMP = 0x00000100, /* temperature calibration */ 97 URTWN_DEBUG_ROM = 0x00000200, /* various ROM info */ 98 URTWN_DEBUG_KEY = 0x00000400, /* crypto keys management */ 99 URTWN_DEBUG_TXPWR = 0x00000800, /* dump Tx power values */ 100 URTWN_DEBUG_RSSI = 0x00001000, /* dump RSSI lookups */ 101 URTWN_DEBUG_ANY = 0xffffffff 102}; 103 104#define URTWN_DPRINTF(_sc, _m, ...) do { \ 105 if ((_sc)->sc_debug & (_m)) \ 106 device_printf((_sc)->sc_dev, __VA_ARGS__); \ 107} while(0) 108 109#else 110#define URTWN_DPRINTF(_sc, _m, ...) do { (void) sc; } while (0) 111#endif 112 113#define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh) 114 115static int urtwn_enable_11n = 1; 116TUNABLE_INT("hw.usb.urtwn.enable_11n", &urtwn_enable_11n); 117 118/* various supported device vendors/products */ 119static const STRUCT_USB_HOST_ID urtwn_devs[] = { 120#define URTWN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 121#define URTWN_RTL8188E_DEV(v,p) \ 122 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, URTWN_RTL8188E) } 123#define URTWN_RTL8188E 1 124 URTWN_DEV(ABOCOM, RTL8188CU_1), 125 URTWN_DEV(ABOCOM, RTL8188CU_2), 126 URTWN_DEV(ABOCOM, RTL8192CU), 127 URTWN_DEV(ASUS, RTL8192CU), 128 URTWN_DEV(ASUS, USBN10NANO), 129 URTWN_DEV(AZUREWAVE, RTL8188CE_1), 130 URTWN_DEV(AZUREWAVE, RTL8188CE_2), 131 URTWN_DEV(AZUREWAVE, RTL8188CU), 132 URTWN_DEV(BELKIN, F7D2102), 133 URTWN_DEV(BELKIN, RTL8188CU), 134 URTWN_DEV(BELKIN, RTL8192CU), 135 URTWN_DEV(CHICONY, RTL8188CUS_1), 136 URTWN_DEV(CHICONY, RTL8188CUS_2), 137 URTWN_DEV(CHICONY, RTL8188CUS_3), 138 URTWN_DEV(CHICONY, RTL8188CUS_4), 139 URTWN_DEV(CHICONY, RTL8188CUS_5), 140 URTWN_DEV(COREGA, RTL8192CU), 141 URTWN_DEV(DLINK, RTL8188CU), 142 URTWN_DEV(DLINK, RTL8192CU_1), 143 URTWN_DEV(DLINK, RTL8192CU_2), 144 URTWN_DEV(DLINK, RTL8192CU_3), 145 URTWN_DEV(DLINK, DWA131B), 146 URTWN_DEV(EDIMAX, EW7811UN), 147 URTWN_DEV(EDIMAX, RTL8192CU), 148 URTWN_DEV(FEIXUN, RTL8188CU), 149 URTWN_DEV(FEIXUN, RTL8192CU), 150 URTWN_DEV(GUILLEMOT, HWNUP150), 151 URTWN_DEV(HAWKING, RTL8192CU), 152 URTWN_DEV(HP3, RTL8188CU), 153 URTWN_DEV(NETGEAR, WNA1000M), 154 URTWN_DEV(NETGEAR, RTL8192CU), 155 URTWN_DEV(NETGEAR4, RTL8188CU), 156 URTWN_DEV(NOVATECH, RTL8188CU), 157 URTWN_DEV(PLANEX2, RTL8188CU_1), 158 URTWN_DEV(PLANEX2, RTL8188CU_2), 159 URTWN_DEV(PLANEX2, RTL8188CU_3), 160 URTWN_DEV(PLANEX2, RTL8188CU_4), 161 URTWN_DEV(PLANEX2, RTL8188CUS), 162 URTWN_DEV(PLANEX2, RTL8192CU), 163 URTWN_DEV(REALTEK, RTL8188CE_0), 164 URTWN_DEV(REALTEK, RTL8188CE_1), 165 URTWN_DEV(REALTEK, RTL8188CTV), 166 URTWN_DEV(REALTEK, RTL8188CU_0), 167 URTWN_DEV(REALTEK, RTL8188CU_1), 168 URTWN_DEV(REALTEK, RTL8188CU_2), 169 URTWN_DEV(REALTEK, RTL8188CU_3), 170 URTWN_DEV(REALTEK, RTL8188CU_COMBO), 171 URTWN_DEV(REALTEK, RTL8188CUS), 172 URTWN_DEV(REALTEK, RTL8188RU_1), 173 URTWN_DEV(REALTEK, RTL8188RU_2), 174 URTWN_DEV(REALTEK, RTL8188RU_3), 175 URTWN_DEV(REALTEK, RTL8191CU), 176 URTWN_DEV(REALTEK, RTL8192CE), 177 URTWN_DEV(REALTEK, RTL8192CU), 178 URTWN_DEV(SITECOMEU, RTL8188CU_1), 179 URTWN_DEV(SITECOMEU, RTL8188CU_2), 180 URTWN_DEV(SITECOMEU, RTL8192CU), 181 URTWN_DEV(TRENDNET, RTL8188CU), 182 URTWN_DEV(TRENDNET, RTL8192CU), 183 URTWN_DEV(ZYXEL, RTL8192CU), 184 /* URTWN_RTL8188E */ 185 URTWN_RTL8188E_DEV(ABOCOM, RTL8188EU), 186 URTWN_RTL8188E_DEV(DLINK, DWA123D1), 187 URTWN_RTL8188E_DEV(DLINK, DWA125D1), 188 URTWN_RTL8188E_DEV(ELECOM, WDC150SU2M), 189 URTWN_RTL8188E_DEV(TPLINK, WN722NV2), 190 URTWN_RTL8188E_DEV(REALTEK, RTL8188ETV), 191 URTWN_RTL8188E_DEV(REALTEK, RTL8188EU), 192#undef URTWN_RTL8188E_DEV 193#undef URTWN_DEV 194}; 195 196static device_probe_t urtwn_match; 197static device_attach_t urtwn_attach; 198static device_detach_t urtwn_detach; 199 200static usb_callback_t urtwn_bulk_tx_callback; 201static usb_callback_t urtwn_bulk_rx_callback; 202 203static void urtwn_sysctlattach(struct urtwn_softc *); 204static void urtwn_drain_mbufq(struct urtwn_softc *); 205static usb_error_t urtwn_do_request(struct urtwn_softc *, 206 struct usb_device_request *, void *); 207static struct ieee80211vap *urtwn_vap_create(struct ieee80211com *, 208 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 209 const uint8_t [IEEE80211_ADDR_LEN], 210 const uint8_t [IEEE80211_ADDR_LEN]); 211static void urtwn_vap_delete(struct ieee80211vap *); 212static void urtwn_vap_clear_tx(struct urtwn_softc *, 213 struct ieee80211vap *); 214static void urtwn_vap_clear_tx_queue(struct urtwn_softc *, 215 urtwn_datahead *, struct ieee80211vap *); 216static struct mbuf * urtwn_rx_copy_to_mbuf(struct urtwn_softc *, 217 struct r92c_rx_stat *, int); 218static struct mbuf * urtwn_report_intr(struct usb_xfer *, 219 struct urtwn_data *); 220static struct mbuf * urtwn_rxeof(struct urtwn_softc *, uint8_t *, int); 221static void urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *, 222 void *); 223static struct ieee80211_node *urtwn_rx_frame(struct urtwn_softc *, 224 struct mbuf *, int8_t *); 225static void urtwn_txeof(struct urtwn_softc *, struct urtwn_data *, 226 int); 227static int urtwn_alloc_list(struct urtwn_softc *, 228 struct urtwn_data[], int, int); 229static int urtwn_alloc_rx_list(struct urtwn_softc *); 230static int urtwn_alloc_tx_list(struct urtwn_softc *); 231static void urtwn_free_list(struct urtwn_softc *, 232 struct urtwn_data data[], int); 233static void urtwn_free_rx_list(struct urtwn_softc *); 234static void urtwn_free_tx_list(struct urtwn_softc *); 235static struct urtwn_data * _urtwn_getbuf(struct urtwn_softc *); 236static struct urtwn_data * urtwn_getbuf(struct urtwn_softc *); 237static usb_error_t urtwn_write_region_1(struct urtwn_softc *, uint16_t, 238 uint8_t *, int); 239static usb_error_t urtwn_write_1(struct urtwn_softc *, uint16_t, uint8_t); 240static usb_error_t urtwn_write_2(struct urtwn_softc *, uint16_t, uint16_t); 241static usb_error_t urtwn_write_4(struct urtwn_softc *, uint16_t, uint32_t); 242static usb_error_t urtwn_read_region_1(struct urtwn_softc *, uint16_t, 243 uint8_t *, int); 244static uint8_t urtwn_read_1(struct urtwn_softc *, uint16_t); 245static uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t); 246static uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t); 247static int urtwn_fw_cmd(struct urtwn_softc *, uint8_t, 248 const void *, int); 249static void urtwn_cmdq_cb(void *, int); 250static int urtwn_cmd_sleepable(struct urtwn_softc *, const void *, 251 size_t, CMD_FUNC_PROTO); 252static void urtwn_r92c_rf_write(struct urtwn_softc *, int, 253 uint8_t, uint32_t); 254static void urtwn_r88e_rf_write(struct urtwn_softc *, int, 255 uint8_t, uint32_t); 256static uint32_t urtwn_rf_read(struct urtwn_softc *, int, uint8_t); 257static int urtwn_llt_write(struct urtwn_softc *, uint32_t, 258 uint32_t); 259static int urtwn_efuse_read_next(struct urtwn_softc *, uint8_t *); 260static int urtwn_efuse_read_data(struct urtwn_softc *, uint8_t *, 261 uint8_t, uint8_t); 262#ifdef USB_DEBUG 263static void urtwn_dump_rom_contents(struct urtwn_softc *, 264 uint8_t *, uint16_t); 265#endif 266static int urtwn_efuse_read(struct urtwn_softc *, uint8_t *, 267 uint16_t); 268static int urtwn_efuse_switch_power(struct urtwn_softc *); 269static int urtwn_read_chipid(struct urtwn_softc *); 270static int urtwn_read_rom(struct urtwn_softc *); 271static int urtwn_r88e_read_rom(struct urtwn_softc *); 272static int urtwn_ra_init(struct urtwn_softc *); 273static void urtwn_init_beacon(struct urtwn_softc *, 274 struct urtwn_vap *); 275static int urtwn_setup_beacon(struct urtwn_softc *, 276 struct ieee80211_node *); 277static void urtwn_update_beacon(struct ieee80211vap *, int); 278static int urtwn_tx_beacon(struct urtwn_softc *sc, 279 struct urtwn_vap *); 280static int urtwn_key_alloc(struct ieee80211vap *, 281 struct ieee80211_key *, ieee80211_keyix *, 282 ieee80211_keyix *); 283static void urtwn_key_set_cb(struct urtwn_softc *, 284 union sec_param *); 285static void urtwn_key_del_cb(struct urtwn_softc *, 286 union sec_param *); 287static int urtwn_key_set(struct ieee80211vap *, 288 const struct ieee80211_key *); 289static int urtwn_key_delete(struct ieee80211vap *, 290 const struct ieee80211_key *); 291static void urtwn_tsf_task_adhoc(void *, int); 292static void urtwn_tsf_sync_enable(struct urtwn_softc *, 293 struct ieee80211vap *); 294static void urtwn_get_tsf(struct urtwn_softc *, uint64_t *); 295static void urtwn_set_led(struct urtwn_softc *, int, int); 296static void urtwn_set_mode(struct urtwn_softc *, uint8_t); 297static void urtwn_ibss_recv_mgmt(struct ieee80211_node *, 298 struct mbuf *, int, 299 const struct ieee80211_rx_stats *, int, int); 300static int urtwn_newstate(struct ieee80211vap *, 301 enum ieee80211_state, int); 302static void urtwn_calib_to(void *); 303static void urtwn_calib_cb(struct urtwn_softc *, 304 union sec_param *); 305static void urtwn_watchdog(void *); 306static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t); 307static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *); 308static int8_t urtwn_r88e_get_rssi(struct urtwn_softc *, int, void *); 309static int urtwn_tx_data(struct urtwn_softc *, 310 struct ieee80211_node *, struct mbuf *, 311 struct urtwn_data *); 312static int urtwn_tx_raw(struct urtwn_softc *, 313 struct ieee80211_node *, struct mbuf *, 314 struct urtwn_data *, 315 const struct ieee80211_bpf_params *); 316static void urtwn_tx_start(struct urtwn_softc *, struct mbuf *, 317 uint8_t, struct urtwn_data *); 318static int urtwn_transmit(struct ieee80211com *, struct mbuf *); 319static void urtwn_start(struct urtwn_softc *); 320static void urtwn_parent(struct ieee80211com *); 321static int urtwn_r92c_power_on(struct urtwn_softc *); 322static int urtwn_r88e_power_on(struct urtwn_softc *); 323static void urtwn_r92c_power_off(struct urtwn_softc *); 324static void urtwn_r88e_power_off(struct urtwn_softc *); 325static int urtwn_llt_init(struct urtwn_softc *); 326#ifndef URTWN_WITHOUT_UCODE 327static void urtwn_fw_reset(struct urtwn_softc *); 328static void urtwn_r88e_fw_reset(struct urtwn_softc *); 329static int urtwn_fw_loadpage(struct urtwn_softc *, int, 330 const uint8_t *, int); 331static int urtwn_load_firmware(struct urtwn_softc *); 332#endif 333static int urtwn_dma_init(struct urtwn_softc *); 334static int urtwn_mac_init(struct urtwn_softc *); 335static void urtwn_bb_init(struct urtwn_softc *); 336static void urtwn_rf_init(struct urtwn_softc *); 337static void urtwn_cam_init(struct urtwn_softc *); 338static int urtwn_cam_write(struct urtwn_softc *, uint32_t, 339 uint32_t); 340static void urtwn_pa_bias_init(struct urtwn_softc *); 341static void urtwn_rxfilter_init(struct urtwn_softc *); 342static void urtwn_edca_init(struct urtwn_softc *); 343static void urtwn_write_txpower(struct urtwn_softc *, int, 344 uint16_t[]); 345static void urtwn_get_txpower(struct urtwn_softc *, int, 346 struct ieee80211_channel *, 347 struct ieee80211_channel *, uint16_t[]); 348static void urtwn_r88e_get_txpower(struct urtwn_softc *, int, 349 struct ieee80211_channel *, 350 struct ieee80211_channel *, uint16_t[]); 351static void urtwn_set_txpower(struct urtwn_softc *, 352 struct ieee80211_channel *, 353 struct ieee80211_channel *); 354static void urtwn_set_rx_bssid_all(struct urtwn_softc *, int); 355static void urtwn_set_gain(struct urtwn_softc *, uint8_t); 356static void urtwn_scan_start(struct ieee80211com *); 357static void urtwn_scan_end(struct ieee80211com *); 358static void urtwn_getradiocaps(struct ieee80211com *, int, int *, 359 struct ieee80211_channel[]); 360static void urtwn_set_channel(struct ieee80211com *); 361static int urtwn_wme_update(struct ieee80211com *); 362static void urtwn_update_slot(struct ieee80211com *); 363static void urtwn_update_slot_cb(struct urtwn_softc *, 364 union sec_param *); 365static void urtwn_update_aifs(struct urtwn_softc *, uint8_t); 366static uint8_t urtwn_get_multi_pos(const uint8_t[]); 367static void urtwn_set_multi(struct urtwn_softc *); 368static void urtwn_set_promisc(struct urtwn_softc *); 369static void urtwn_update_promisc(struct ieee80211com *); 370static void urtwn_update_mcast(struct ieee80211com *); 371static struct ieee80211_node *urtwn_node_alloc(struct ieee80211vap *, 372 const uint8_t mac[IEEE80211_ADDR_LEN]); 373static void urtwn_newassoc(struct ieee80211_node *, int); 374static void urtwn_node_free(struct ieee80211_node *); 375static void urtwn_set_chan(struct urtwn_softc *, 376 struct ieee80211_channel *, 377 struct ieee80211_channel *); 378static void urtwn_iq_calib(struct urtwn_softc *); 379static void urtwn_lc_calib(struct urtwn_softc *); 380static void urtwn_temp_calib(struct urtwn_softc *); 381static void urtwn_setup_static_keys(struct urtwn_softc *, 382 struct urtwn_vap *); 383static int urtwn_init(struct urtwn_softc *); 384static void urtwn_stop(struct urtwn_softc *); 385static void urtwn_abort_xfers(struct urtwn_softc *); 386static int urtwn_raw_xmit(struct ieee80211_node *, struct mbuf *, 387 const struct ieee80211_bpf_params *); 388static void urtwn_ms_delay(struct urtwn_softc *); 389 390/* Aliases. */ 391#define urtwn_bb_write urtwn_write_4 392#define urtwn_bb_read urtwn_read_4 393 394static const struct usb_config urtwn_config[URTWN_N_TRANSFER] = { 395 [URTWN_BULK_RX] = { 396 .type = UE_BULK, 397 .endpoint = UE_ADDR_ANY, 398 .direction = UE_DIR_IN, 399 .bufsize = URTWN_RXBUFSZ, 400 .flags = { 401 .pipe_bof = 1, 402 .short_xfer_ok = 1 403 }, 404 .callback = urtwn_bulk_rx_callback, 405 }, 406 [URTWN_BULK_TX_BE] = { 407 .type = UE_BULK, 408 .endpoint = 0x03, 409 .direction = UE_DIR_OUT, 410 .bufsize = URTWN_TXBUFSZ, 411 .flags = { 412 .ext_buffer = 1, 413 .pipe_bof = 1, 414 .force_short_xfer = 1 415 }, 416 .callback = urtwn_bulk_tx_callback, 417 .timeout = URTWN_TX_TIMEOUT, /* ms */ 418 }, 419 [URTWN_BULK_TX_BK] = { 420 .type = UE_BULK, 421 .endpoint = 0x03, 422 .direction = UE_DIR_OUT, 423 .bufsize = URTWN_TXBUFSZ, 424 .flags = { 425 .ext_buffer = 1, 426 .pipe_bof = 1, 427 .force_short_xfer = 1, 428 }, 429 .callback = urtwn_bulk_tx_callback, 430 .timeout = URTWN_TX_TIMEOUT, /* ms */ 431 }, 432 [URTWN_BULK_TX_VI] = { 433 .type = UE_BULK, 434 .endpoint = 0x02, 435 .direction = UE_DIR_OUT, 436 .bufsize = URTWN_TXBUFSZ, 437 .flags = { 438 .ext_buffer = 1, 439 .pipe_bof = 1, 440 .force_short_xfer = 1 441 }, 442 .callback = urtwn_bulk_tx_callback, 443 .timeout = URTWN_TX_TIMEOUT, /* ms */ 444 }, 445 [URTWN_BULK_TX_VO] = { 446 .type = UE_BULK, 447 .endpoint = 0x02, 448 .direction = UE_DIR_OUT, 449 .bufsize = URTWN_TXBUFSZ, 450 .flags = { 451 .ext_buffer = 1, 452 .pipe_bof = 1, 453 .force_short_xfer = 1 454 }, 455 .callback = urtwn_bulk_tx_callback, 456 .timeout = URTWN_TX_TIMEOUT, /* ms */ 457 }, 458}; 459 460static const struct wme_to_queue { 461 uint16_t reg; 462 uint8_t qid; 463} wme2queue[WME_NUM_AC] = { 464 { R92C_EDCA_BE_PARAM, URTWN_BULK_TX_BE}, 465 { R92C_EDCA_BK_PARAM, URTWN_BULK_TX_BK}, 466 { R92C_EDCA_VI_PARAM, URTWN_BULK_TX_VI}, 467 { R92C_EDCA_VO_PARAM, URTWN_BULK_TX_VO} 468}; 469 470static int 471urtwn_match(device_t self) 472{ 473 struct usb_attach_arg *uaa = device_get_ivars(self); 474 475 if (uaa->usb_mode != USB_MODE_HOST) 476 return (ENXIO); 477 if (uaa->info.bConfigIndex != URTWN_CONFIG_INDEX) 478 return (ENXIO); 479 if (uaa->info.bIfaceIndex != URTWN_IFACE_INDEX) 480 return (ENXIO); 481 482 return (usbd_lookup_id_by_uaa(urtwn_devs, sizeof(urtwn_devs), uaa)); 483} 484 485static void 486urtwn_update_chw(struct ieee80211com *ic) 487{ 488} 489 490static int 491urtwn_ampdu_enable(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 492{ 493 494 /* We're driving this ourselves (eventually); don't involve net80211 */ 495 return (0); 496} 497 498static int 499urtwn_attach(device_t self) 500{ 501 struct usb_attach_arg *uaa = device_get_ivars(self); 502 struct urtwn_softc *sc = device_get_softc(self); 503 struct ieee80211com *ic = &sc->sc_ic; 504 int error; 505 506 device_set_usb_desc(self); 507 sc->sc_udev = uaa->device; 508 sc->sc_dev = self; 509 if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E) 510 sc->chip |= URTWN_CHIP_88E; 511 512#ifdef USB_DEBUG 513 int debug; 514 if (resource_int_value(device_get_name(sc->sc_dev), 515 device_get_unit(sc->sc_dev), "debug", &debug) == 0) 516 sc->sc_debug = debug; 517#endif 518 519 mtx_init(&sc->sc_mtx, device_get_nameunit(self), 520 MTX_NETWORK_LOCK, MTX_DEF); 521 URTWN_CMDQ_LOCK_INIT(sc); 522 URTWN_NT_LOCK_INIT(sc); 523 callout_init(&sc->sc_calib_to, 0); 524 callout_init(&sc->sc_watchdog_ch, 0); 525 mbufq_init(&sc->sc_snd, ifqmaxlen); 526 527 sc->sc_iface_index = URTWN_IFACE_INDEX; 528 error = usbd_transfer_setup(uaa->device, &sc->sc_iface_index, 529 sc->sc_xfer, urtwn_config, URTWN_N_TRANSFER, sc, &sc->sc_mtx); 530 if (error) { 531 device_printf(self, "could not allocate USB transfers, " 532 "err=%s\n", usbd_errstr(error)); 533 goto detach; 534 } 535 536 URTWN_LOCK(sc); 537 538 error = urtwn_read_chipid(sc); 539 if (error) { 540 device_printf(sc->sc_dev, "unsupported test chip\n"); 541 URTWN_UNLOCK(sc); 542 goto detach; 543 } 544 545 /* Determine number of Tx/Rx chains. */ 546 if (sc->chip & URTWN_CHIP_92C) { 547 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2; 548 sc->nrxchains = 2; 549 } else { 550 sc->ntxchains = 1; 551 sc->nrxchains = 1; 552 } 553 554 if (sc->chip & URTWN_CHIP_88E) 555 error = urtwn_r88e_read_rom(sc); 556 else 557 error = urtwn_read_rom(sc); 558 if (error != 0) { 559 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n", 560 __func__, error); 561 URTWN_UNLOCK(sc); 562 goto detach; 563 } 564 565 device_printf(sc->sc_dev, "MAC/BB RTL%s, RF 6052 %dT%dR\n", 566 (sc->chip & URTWN_CHIP_92C) ? "8192CU" : 567 (sc->chip & URTWN_CHIP_88E) ? "8188EU" : 568 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" : 569 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" : 570 "8188CUS", sc->ntxchains, sc->nrxchains); 571 572 URTWN_UNLOCK(sc); 573 574 ic->ic_softc = sc; 575 ic->ic_name = device_get_nameunit(self); 576 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 577 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 578 579 /* set device capabilities */ 580 ic->ic_caps = 581 IEEE80211_C_STA /* station mode */ 582 | IEEE80211_C_MONITOR /* monitor mode */ 583 | IEEE80211_C_IBSS /* adhoc mode */ 584 | IEEE80211_C_HOSTAP /* hostap mode */ 585 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 586 | IEEE80211_C_SHSLOT /* short slot time supported */ 587#if 0 588 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 589#endif 590 | IEEE80211_C_WPA /* 802.11i */ 591 | IEEE80211_C_WME /* 802.11e */ 592 | IEEE80211_C_SWAMSDUTX /* Do software A-MSDU TX */ 593 | IEEE80211_C_FF /* Atheros fast-frames */ 594 ; 595 596 ic->ic_cryptocaps = 597 IEEE80211_CRYPTO_WEP | 598 IEEE80211_CRYPTO_TKIP | 599 IEEE80211_CRYPTO_AES_CCM; 600 601 /* Assume they're all 11n capable for now */ 602 if (urtwn_enable_11n) { 603 device_printf(self, "enabling 11n\n"); 604 ic->ic_htcaps = IEEE80211_HTC_HT | 605#if 0 606 IEEE80211_HTC_AMPDU | 607#endif 608 IEEE80211_HTC_AMSDU | 609 IEEE80211_HTCAP_MAXAMSDU_3839 | 610 IEEE80211_HTCAP_SMPS_OFF; 611 /* no HT40 just yet */ 612 // ic->ic_htcaps |= IEEE80211_HTCAP_CHWIDTH40; 613 614 /* XXX TODO: verify chains versus streams for urtwn */ 615 ic->ic_txstream = sc->ntxchains; 616 ic->ic_rxstream = sc->nrxchains; 617 } 618 619 /* XXX TODO: setup regdomain if R92C_CHANNEL_PLAN_BY_HW bit is set. */ 620 621 urtwn_getradiocaps(ic, IEEE80211_CHAN_MAX, &ic->ic_nchans, 622 ic->ic_channels); 623 624 ieee80211_ifattach(ic); 625 ic->ic_raw_xmit = urtwn_raw_xmit; 626 ic->ic_scan_start = urtwn_scan_start; 627 ic->ic_scan_end = urtwn_scan_end; 628 ic->ic_getradiocaps = urtwn_getradiocaps; 629 ic->ic_set_channel = urtwn_set_channel; 630 ic->ic_transmit = urtwn_transmit; 631 ic->ic_parent = urtwn_parent; 632 ic->ic_vap_create = urtwn_vap_create; 633 ic->ic_vap_delete = urtwn_vap_delete; 634 ic->ic_wme.wme_update = urtwn_wme_update; 635 ic->ic_updateslot = urtwn_update_slot; 636 ic->ic_update_promisc = urtwn_update_promisc; 637 ic->ic_update_mcast = urtwn_update_mcast; 638 if (sc->chip & URTWN_CHIP_88E) { 639 ic->ic_node_alloc = urtwn_node_alloc; 640 ic->ic_newassoc = urtwn_newassoc; 641 sc->sc_node_free = ic->ic_node_free; 642 ic->ic_node_free = urtwn_node_free; 643 } 644 ic->ic_update_chw = urtwn_update_chw; 645 ic->ic_ampdu_enable = urtwn_ampdu_enable; 646 647 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr, 648 sizeof(sc->sc_txtap), URTWN_TX_RADIOTAP_PRESENT, 649 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 650 URTWN_RX_RADIOTAP_PRESENT); 651 652 TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc); 653 654 urtwn_sysctlattach(sc); 655 656 if (bootverbose) 657 ieee80211_announce(ic); 658 659 return (0); 660 661detach: 662 urtwn_detach(self); 663 return (ENXIO); /* failure */ 664} 665 666static void 667urtwn_sysctlattach(struct urtwn_softc *sc) 668{ 669#ifdef USB_DEBUG 670 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 671 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 672 673 SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 674 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug, 675 "control debugging printfs"); 676#endif 677} 678 679static int 680urtwn_detach(device_t self) 681{ 682 struct urtwn_softc *sc = device_get_softc(self); 683 struct ieee80211com *ic = &sc->sc_ic; 684 685 /* Prevent further ioctls. */ 686 URTWN_LOCK(sc); 687 sc->sc_flags |= URTWN_DETACHED; 688 URTWN_UNLOCK(sc); 689 690 urtwn_stop(sc); 691 692 callout_drain(&sc->sc_watchdog_ch); 693 callout_drain(&sc->sc_calib_to); 694 695 /* stop all USB transfers */ 696 usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER); 697 698 if (ic->ic_softc == sc) { 699 ieee80211_draintask(ic, &sc->cmdq_task); 700 ieee80211_ifdetach(ic); 701 } 702 703 URTWN_NT_LOCK_DESTROY(sc); 704 URTWN_CMDQ_LOCK_DESTROY(sc); 705 mtx_destroy(&sc->sc_mtx); 706 707 return (0); 708} 709 710static void 711urtwn_drain_mbufq(struct urtwn_softc *sc) 712{ 713 struct mbuf *m; 714 struct ieee80211_node *ni; 715 URTWN_ASSERT_LOCKED(sc); 716 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 717 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 718 m->m_pkthdr.rcvif = NULL; 719 ieee80211_free_node(ni); 720 m_freem(m); 721 } 722} 723 724static usb_error_t 725urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req, 726 void *data) 727{ 728 usb_error_t err; 729 int ntries = 10; 730 731 URTWN_ASSERT_LOCKED(sc); 732 733 while (ntries--) { 734 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 735 req, data, 0, NULL, 250 /* ms */); 736 if (err == 0) 737 break; 738 739 URTWN_DPRINTF(sc, URTWN_DEBUG_USB, 740 "%s: control request failed, %s (retries left: %d)\n", 741 __func__, usbd_errstr(err), ntries); 742 usb_pause_mtx(&sc->sc_mtx, hz / 100); 743 } 744 return (err); 745} 746 747static struct ieee80211vap * 748urtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 749 enum ieee80211_opmode opmode, int flags, 750 const uint8_t bssid[IEEE80211_ADDR_LEN], 751 const uint8_t mac[IEEE80211_ADDR_LEN]) 752{ 753 struct urtwn_softc *sc = ic->ic_softc; 754 struct urtwn_vap *uvp; 755 struct ieee80211vap *vap; 756 757 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 758 return (NULL); 759 760 uvp = malloc(sizeof(struct urtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO); 761 vap = &uvp->vap; 762 /* enable s/w bmiss handling for sta mode */ 763 764 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 765 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) { 766 /* out of memory */ 767 free(uvp, M_80211_VAP); 768 return (NULL); 769 } 770 771 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS) 772 urtwn_init_beacon(sc, uvp); 773 774 /* override state transition machine */ 775 uvp->newstate = vap->iv_newstate; 776 vap->iv_newstate = urtwn_newstate; 777 vap->iv_update_beacon = urtwn_update_beacon; 778 vap->iv_key_alloc = urtwn_key_alloc; 779 vap->iv_key_set = urtwn_key_set; 780 vap->iv_key_delete = urtwn_key_delete; 781 782 /* 802.11n parameters */ 783 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_16; 784 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K; 785 786 if (opmode == IEEE80211_M_IBSS) { 787 uvp->recv_mgmt = vap->iv_recv_mgmt; 788 vap->iv_recv_mgmt = urtwn_ibss_recv_mgmt; 789 TASK_INIT(&uvp->tsf_task_adhoc, 0, urtwn_tsf_task_adhoc, vap); 790 } 791 792 if (URTWN_CHIP_HAS_RATECTL(sc)) 793 ieee80211_ratectl_init(vap); 794 /* complete setup */ 795 ieee80211_vap_attach(vap, ieee80211_media_change, 796 ieee80211_media_status, mac); 797 ic->ic_opmode = opmode; 798 return (vap); 799} 800 801static void 802urtwn_vap_delete(struct ieee80211vap *vap) 803{ 804 struct ieee80211com *ic = vap->iv_ic; 805 struct urtwn_softc *sc = ic->ic_softc; 806 struct urtwn_vap *uvp = URTWN_VAP(vap); 807 808 /* Guarantee that nothing will go through this vap. */ 809 ieee80211_new_state(vap, IEEE80211_S_INIT, -1); 810 ieee80211_draintask(ic, &vap->iv_nstate_task); 811 812 URTWN_LOCK(sc); 813 if (uvp->bcn_mbuf != NULL) 814 m_freem(uvp->bcn_mbuf); 815 /* Cancel any unfinished Tx. */ 816 urtwn_vap_clear_tx(sc, vap); 817 URTWN_UNLOCK(sc); 818 if (vap->iv_opmode == IEEE80211_M_IBSS) 819 ieee80211_draintask(ic, &uvp->tsf_task_adhoc); 820 if (URTWN_CHIP_HAS_RATECTL(sc)) 821 ieee80211_ratectl_deinit(vap); 822 ieee80211_vap_detach(vap); 823 free(uvp, M_80211_VAP); 824} 825 826static void 827urtwn_vap_clear_tx(struct urtwn_softc *sc, struct ieee80211vap *vap) 828{ 829 830 URTWN_ASSERT_LOCKED(sc); 831 832 urtwn_vap_clear_tx_queue(sc, &sc->sc_tx_active, vap); 833 urtwn_vap_clear_tx_queue(sc, &sc->sc_tx_pending, vap); 834} 835 836static void 837urtwn_vap_clear_tx_queue(struct urtwn_softc *sc, urtwn_datahead *head, 838 struct ieee80211vap *vap) 839{ 840 struct urtwn_data *dp, *tmp; 841 842 STAILQ_FOREACH_SAFE(dp, head, next, tmp) { 843 if (dp->ni != NULL) { 844 if (dp->ni->ni_vap == vap) { 845 ieee80211_free_node(dp->ni); 846 dp->ni = NULL; 847 848 if (dp->m != NULL) { 849 m_freem(dp->m); 850 dp->m = NULL; 851 } 852 853 STAILQ_REMOVE(head, dp, urtwn_data, next); 854 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, dp, 855 next); 856 } 857 } 858 } 859} 860 861static struct mbuf * 862urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat, 863 int totlen) 864{ 865 struct ieee80211com *ic = &sc->sc_ic; 866 struct mbuf *m; 867 uint32_t rxdw0; 868 int pktlen; 869 870 /* 871 * don't pass packets to the ieee80211 framework if the driver isn't 872 * RUNNING. 873 */ 874 if (!(sc->sc_flags & URTWN_RUNNING)) 875 return (NULL); 876 877 rxdw0 = le32toh(stat->rxdw0); 878 if (rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR)) { 879 /* 880 * This should not happen since we setup our Rx filter 881 * to not receive these frames. 882 */ 883 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 884 "%s: RX flags error (%s)\n", __func__, 885 rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV"); 886 goto fail; 887 } 888 889 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 890 if (pktlen < sizeof(struct ieee80211_frame_ack)) { 891 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 892 "%s: frame is too short: %d\n", __func__, pktlen); 893 goto fail; 894 } 895 896 m = m_get2(totlen, M_NOWAIT, MT_DATA, M_PKTHDR); 897 if (__predict_false(m == NULL)) { 898 device_printf(sc->sc_dev, "%s: could not allocate RX mbuf\n", 899 __func__); 900 goto fail; 901 } 902 903 /* Finalize mbuf. */ 904 memcpy(mtod(m, uint8_t *), (uint8_t *)stat, totlen); 905 m->m_pkthdr.len = m->m_len = totlen; 906 907 return (m); 908fail: 909 counter_u64_add(ic->ic_ierrors, 1); 910 return (NULL); 911} 912 913static struct mbuf * 914urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data) 915{ 916 struct urtwn_softc *sc = data->sc; 917 struct ieee80211com *ic = &sc->sc_ic; 918 struct r92c_rx_stat *stat; 919 uint8_t *buf; 920 int len; 921 922 usbd_xfer_status(xfer, &len, NULL, NULL, NULL); 923 924 if (len < sizeof(*stat)) { 925 counter_u64_add(ic->ic_ierrors, 1); 926 return (NULL); 927 } 928 929 buf = data->buf; 930 stat = (struct r92c_rx_stat *)buf; 931 932 /* 933 * For 88E chips we can tie the FF flushing here; 934 * this is where we do know exactly how deep the 935 * transmit queue is. 936 * 937 * But it won't work for R92 chips, so we can't 938 * take the easy way out. 939 */ 940 941 if (sc->chip & URTWN_CHIP_88E) { 942 int report_sel = MS(le32toh(stat->rxdw3), R88E_RXDW3_RPT); 943 944 switch (report_sel) { 945 case R88E_RXDW3_RPT_RX: 946 return (urtwn_rxeof(sc, buf, len)); 947 case R88E_RXDW3_RPT_TX1: 948 urtwn_r88e_ratectl_tx_complete(sc, &stat[1]); 949 break; 950 default: 951 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, 952 "%s: case %d was not handled\n", __func__, 953 report_sel); 954 break; 955 } 956 } else 957 return (urtwn_rxeof(sc, buf, len)); 958 959 return (NULL); 960} 961 962static struct mbuf * 963urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len) 964{ 965 struct r92c_rx_stat *stat; 966 struct mbuf *m, *m0 = NULL, *prevm = NULL; 967 uint32_t rxdw0; 968 int totlen, pktlen, infosz, npkts; 969 970 /* Get the number of encapsulated frames. */ 971 stat = (struct r92c_rx_stat *)buf; 972 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT); 973 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 974 "%s: Rx %d frames in one chunk\n", __func__, npkts); 975 976 /* Process all of them. */ 977 while (npkts-- > 0) { 978 if (len < sizeof(*stat)) 979 break; 980 stat = (struct r92c_rx_stat *)buf; 981 rxdw0 = le32toh(stat->rxdw0); 982 983 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 984 if (pktlen == 0) 985 break; 986 987 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 988 989 /* Make sure everything fits in xfer. */ 990 totlen = sizeof(*stat) + infosz + pktlen; 991 if (totlen > len) 992 break; 993 994 m = urtwn_rx_copy_to_mbuf(sc, stat, totlen); 995 if (m0 == NULL) 996 m0 = m; 997 if (prevm == NULL) 998 prevm = m; 999 else { 1000 prevm->m_next = m; 1001 prevm = m; 1002 } 1003 1004 /* Next chunk is 128-byte aligned. */ 1005 totlen = (totlen + 127) & ~127; 1006 buf += totlen; 1007 len -= totlen; 1008 } 1009 1010 return (m0); 1011} 1012 1013static void 1014urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg) 1015{ 1016 struct r88e_tx_rpt_ccx *rpt = arg; 1017 struct ieee80211vap *vap; 1018 struct ieee80211_node *ni; 1019 uint8_t macid; 1020 int ntries; 1021 1022 macid = MS(rpt->rptb1, R88E_RPTB1_MACID); 1023 ntries = MS(rpt->rptb2, R88E_RPTB2_RETRY_CNT); 1024 1025 URTWN_NT_LOCK(sc); 1026 ni = sc->node_list[macid]; 1027 if (ni != NULL) { 1028 vap = ni->ni_vap; 1029 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: frame for macid %d was" 1030 "%s sent (%d retries)\n", __func__, macid, 1031 (rpt->rptb1 & R88E_RPTB1_PKT_OK) ? "" : " not", 1032 ntries); 1033 1034 if (rpt->rptb1 & R88E_RPTB1_PKT_OK) { 1035 ieee80211_ratectl_tx_complete(vap, ni, 1036 IEEE80211_RATECTL_TX_SUCCESS, &ntries, NULL); 1037 } else { 1038 ieee80211_ratectl_tx_complete(vap, ni, 1039 IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL); 1040 } 1041 } else { 1042 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: macid %d, ni is NULL\n", 1043 __func__, macid); 1044 } 1045 URTWN_NT_UNLOCK(sc); 1046} 1047 1048static struct ieee80211_node * 1049urtwn_rx_frame(struct urtwn_softc *sc, struct mbuf *m, int8_t *rssi_p) 1050{ 1051 struct ieee80211com *ic = &sc->sc_ic; 1052 struct ieee80211_frame_min *wh; 1053 struct r92c_rx_stat *stat; 1054 uint32_t rxdw0, rxdw3; 1055 uint8_t rate, cipher; 1056 int8_t rssi = -127; 1057 int infosz; 1058 1059 stat = mtod(m, struct r92c_rx_stat *); 1060 rxdw0 = le32toh(stat->rxdw0); 1061 rxdw3 = le32toh(stat->rxdw3); 1062 1063 rate = MS(rxdw3, R92C_RXDW3_RATE); 1064 cipher = MS(rxdw0, R92C_RXDW0_CIPHER); 1065 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 1066 1067 /* Get RSSI from PHY status descriptor if present. */ 1068 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) { 1069 if (sc->chip & URTWN_CHIP_88E) 1070 rssi = urtwn_r88e_get_rssi(sc, rate, &stat[1]); 1071 else 1072 rssi = urtwn_get_rssi(sc, rate, &stat[1]); 1073 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: rssi=%d\n", __func__, rssi); 1074 /* Update our average RSSI. */ 1075 urtwn_update_avgrssi(sc, rate, rssi); 1076 } 1077 1078 if (ieee80211_radiotap_active(ic)) { 1079 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap; 1080 1081 tap->wr_flags = 0; 1082 1083 urtwn_get_tsf(sc, &tap->wr_tsft); 1084 if (__predict_false(le32toh((uint32_t)tap->wr_tsft) < 1085 le32toh(stat->rxdw5))) { 1086 tap->wr_tsft = le32toh(tap->wr_tsft >> 32) - 1; 1087 tap->wr_tsft = (uint64_t)htole32(tap->wr_tsft) << 32; 1088 } else 1089 tap->wr_tsft &= 0xffffffff00000000; 1090 tap->wr_tsft += stat->rxdw5; 1091 1092 /* XXX 20/40? */ 1093 /* XXX shortgi? */ 1094 1095 /* Map HW rate index to 802.11 rate. */ 1096 if (!(rxdw3 & R92C_RXDW3_HT)) { 1097 tap->wr_rate = ridx2rate[rate]; 1098 } else if (rate >= 12) { /* MCS0~15. */ 1099 /* Bit 7 set means HT MCS instead of rate. */ 1100 tap->wr_rate = 0x80 | (rate - 12); 1101 } 1102 1103 /* XXX TODO: this isn't right; should use the last good RSSI */ 1104 tap->wr_dbm_antsignal = rssi; 1105 tap->wr_dbm_antnoise = URTWN_NOISE_FLOOR; 1106 } 1107 1108 *rssi_p = rssi; 1109 1110 /* Drop descriptor. */ 1111 m_adj(m, sizeof(*stat) + infosz); 1112 wh = mtod(m, struct ieee80211_frame_min *); 1113 1114 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) && 1115 cipher != R92C_CAM_ALGO_NONE) { 1116 m->m_flags |= M_WEP; 1117 } 1118 1119 if (m->m_len >= sizeof(*wh)) 1120 return (ieee80211_find_rxnode(ic, wh)); 1121 1122 return (NULL); 1123} 1124 1125static void 1126urtwn_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 1127{ 1128 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 1129 struct ieee80211com *ic = &sc->sc_ic; 1130 struct ieee80211_node *ni; 1131 struct mbuf *m = NULL, *next; 1132 struct urtwn_data *data; 1133 int8_t nf, rssi; 1134 1135 URTWN_ASSERT_LOCKED(sc); 1136 1137 switch (USB_GET_STATE(xfer)) { 1138 case USB_ST_TRANSFERRED: 1139 data = STAILQ_FIRST(&sc->sc_rx_active); 1140 if (data == NULL) 1141 goto tr_setup; 1142 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1143 m = urtwn_report_intr(xfer, data); 1144 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1145 /* FALLTHROUGH */ 1146 case USB_ST_SETUP: 1147tr_setup: 1148 data = STAILQ_FIRST(&sc->sc_rx_inactive); 1149 if (data == NULL) { 1150 KASSERT(m == NULL, ("mbuf isn't NULL")); 1151 goto finish; 1152 } 1153 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 1154 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 1155 usbd_xfer_set_frame_data(xfer, 0, data->buf, 1156 usbd_xfer_max_len(xfer)); 1157 usbd_transfer_submit(xfer); 1158 1159 /* 1160 * To avoid LOR we should unlock our private mutex here to call 1161 * ieee80211_input() because here is at the end of a USB 1162 * callback and safe to unlock. 1163 */ 1164 while (m != NULL) { 1165 next = m->m_next; 1166 m->m_next = NULL; 1167 1168 ni = urtwn_rx_frame(sc, m, &rssi); 1169 1170 /* Store a global last-good RSSI */ 1171 if (rssi != -127) 1172 sc->last_rssi = rssi; 1173 1174 URTWN_UNLOCK(sc); 1175 1176 nf = URTWN_NOISE_FLOOR; 1177 if (ni != NULL) { 1178 if (rssi != -127) 1179 URTWN_NODE(ni)->last_rssi = rssi; 1180 if (ni->ni_flags & IEEE80211_NODE_HT) 1181 m->m_flags |= M_AMPDU; 1182 (void)ieee80211_input(ni, m, 1183 URTWN_NODE(ni)->last_rssi - nf, nf); 1184 ieee80211_free_node(ni); 1185 } else { 1186 /* Use last good global RSSI */ 1187 (void)ieee80211_input_all(ic, m, 1188 sc->last_rssi - nf, nf); 1189 } 1190 URTWN_LOCK(sc); 1191 m = next; 1192 } 1193 break; 1194 default: 1195 /* needs it to the inactive queue due to a error. */ 1196 data = STAILQ_FIRST(&sc->sc_rx_active); 1197 if (data != NULL) { 1198 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1199 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1200 } 1201 if (error != USB_ERR_CANCELLED) { 1202 usbd_xfer_set_stall(xfer); 1203 counter_u64_add(ic->ic_ierrors, 1); 1204 goto tr_setup; 1205 } 1206 break; 1207 } 1208finish: 1209 /* Finished receive; age anything left on the FF queue by a little bump */ 1210 /* 1211 * XXX TODO: just make this a callout timer schedule so we can 1212 * flush the FF staging queue if we're approaching idle. 1213 */ 1214#ifdef IEEE80211_SUPPORT_SUPERG 1215 URTWN_UNLOCK(sc); 1216 ieee80211_ff_age_all(ic, 1); 1217 URTWN_LOCK(sc); 1218#endif 1219 1220 /* Kick-start more transmit in case we stalled */ 1221 urtwn_start(sc); 1222} 1223 1224static void 1225urtwn_txeof(struct urtwn_softc *sc, struct urtwn_data *data, int status) 1226{ 1227 1228 URTWN_ASSERT_LOCKED(sc); 1229 1230 if (data->ni != NULL) /* not a beacon frame */ 1231 ieee80211_tx_complete(data->ni, data->m, status); 1232 1233 if (sc->sc_tx_n_active > 0) 1234 sc->sc_tx_n_active--; 1235 1236 data->ni = NULL; 1237 data->m = NULL; 1238 1239 sc->sc_txtimer = 0; 1240 1241 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1242} 1243 1244static int 1245urtwn_alloc_list(struct urtwn_softc *sc, struct urtwn_data data[], 1246 int ndata, int maxsz) 1247{ 1248 int i, error; 1249 1250 for (i = 0; i < ndata; i++) { 1251 struct urtwn_data *dp = &data[i]; 1252 dp->sc = sc; 1253 dp->m = NULL; 1254 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT); 1255 if (dp->buf == NULL) { 1256 device_printf(sc->sc_dev, 1257 "could not allocate buffer\n"); 1258 error = ENOMEM; 1259 goto fail; 1260 } 1261 dp->ni = NULL; 1262 } 1263 1264 return (0); 1265fail: 1266 urtwn_free_list(sc, data, ndata); 1267 return (error); 1268} 1269 1270static int 1271urtwn_alloc_rx_list(struct urtwn_softc *sc) 1272{ 1273 int error, i; 1274 1275 error = urtwn_alloc_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT, 1276 URTWN_RXBUFSZ); 1277 if (error != 0) 1278 return (error); 1279 1280 STAILQ_INIT(&sc->sc_rx_active); 1281 STAILQ_INIT(&sc->sc_rx_inactive); 1282 1283 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) 1284 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next); 1285 1286 return (0); 1287} 1288 1289static int 1290urtwn_alloc_tx_list(struct urtwn_softc *sc) 1291{ 1292 int error, i; 1293 1294 error = urtwn_alloc_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT, 1295 URTWN_TXBUFSZ); 1296 if (error != 0) 1297 return (error); 1298 1299 STAILQ_INIT(&sc->sc_tx_active); 1300 STAILQ_INIT(&sc->sc_tx_inactive); 1301 STAILQ_INIT(&sc->sc_tx_pending); 1302 1303 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) 1304 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next); 1305 1306 return (0); 1307} 1308 1309static void 1310urtwn_free_list(struct urtwn_softc *sc, struct urtwn_data data[], int ndata) 1311{ 1312 int i; 1313 1314 for (i = 0; i < ndata; i++) { 1315 struct urtwn_data *dp = &data[i]; 1316 1317 if (dp->buf != NULL) { 1318 free(dp->buf, M_USBDEV); 1319 dp->buf = NULL; 1320 } 1321 if (dp->ni != NULL) { 1322 ieee80211_free_node(dp->ni); 1323 dp->ni = NULL; 1324 } 1325 } 1326} 1327 1328static void 1329urtwn_free_rx_list(struct urtwn_softc *sc) 1330{ 1331 urtwn_free_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT); 1332 1333 STAILQ_INIT(&sc->sc_rx_active); 1334 STAILQ_INIT(&sc->sc_rx_inactive); 1335} 1336 1337static void 1338urtwn_free_tx_list(struct urtwn_softc *sc) 1339{ 1340 urtwn_free_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT); 1341 1342 STAILQ_INIT(&sc->sc_tx_active); 1343 STAILQ_INIT(&sc->sc_tx_inactive); 1344 STAILQ_INIT(&sc->sc_tx_pending); 1345} 1346 1347static void 1348urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) 1349{ 1350 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 1351#ifdef IEEE80211_SUPPORT_SUPERG 1352 struct ieee80211com *ic = &sc->sc_ic; 1353#endif 1354 struct urtwn_data *data; 1355 1356 URTWN_ASSERT_LOCKED(sc); 1357 1358 switch (USB_GET_STATE(xfer)){ 1359 case USB_ST_TRANSFERRED: 1360 data = STAILQ_FIRST(&sc->sc_tx_active); 1361 if (data == NULL) 1362 goto tr_setup; 1363 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1364 urtwn_txeof(sc, data, 0); 1365 /* FALLTHROUGH */ 1366 case USB_ST_SETUP: 1367tr_setup: 1368 data = STAILQ_FIRST(&sc->sc_tx_pending); 1369 if (data == NULL) { 1370 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, 1371 "%s: empty pending queue\n", __func__); 1372 sc->sc_tx_n_active = 0; 1373 goto finish; 1374 } 1375 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); 1376 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next); 1377 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 1378 usbd_transfer_submit(xfer); 1379 sc->sc_tx_n_active++; 1380 break; 1381 default: 1382 data = STAILQ_FIRST(&sc->sc_tx_active); 1383 if (data == NULL) 1384 goto tr_setup; 1385 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1386 urtwn_txeof(sc, data, 1); 1387 if (error != USB_ERR_CANCELLED) { 1388 usbd_xfer_set_stall(xfer); 1389 goto tr_setup; 1390 } 1391 break; 1392 } 1393finish: 1394#ifdef IEEE80211_SUPPORT_SUPERG 1395 /* 1396 * If the TX active queue drops below a certain 1397 * threshold, ensure we age fast-frames out so they're 1398 * transmitted. 1399 */ 1400 if (sc->sc_tx_n_active <= 1) { 1401 /* XXX ew - net80211 should defer this for us! */ 1402 1403 /* 1404 * Note: this sc_tx_n_active currently tracks 1405 * the number of pending transmit submissions 1406 * and not the actual depth of the TX frames 1407 * pending to the hardware. That means that 1408 * we're going to end up with some sub-optimal 1409 * aggregation behaviour. 1410 */ 1411 /* 1412 * XXX TODO: just make this a callout timer schedule so we can 1413 * flush the FF staging queue if we're approaching idle. 1414 */ 1415 URTWN_UNLOCK(sc); 1416 ieee80211_ff_flush(ic, WME_AC_VO); 1417 ieee80211_ff_flush(ic, WME_AC_VI); 1418 ieee80211_ff_flush(ic, WME_AC_BE); 1419 ieee80211_ff_flush(ic, WME_AC_BK); 1420 URTWN_LOCK(sc); 1421 } 1422#endif 1423 /* Kick-start more transmit */ 1424 urtwn_start(sc); 1425} 1426 1427static struct urtwn_data * 1428_urtwn_getbuf(struct urtwn_softc *sc) 1429{ 1430 struct urtwn_data *bf; 1431 1432 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 1433 if (bf != NULL) 1434 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 1435 else { 1436 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, 1437 "%s: out of xmit buffers\n", __func__); 1438 } 1439 return (bf); 1440} 1441 1442static struct urtwn_data * 1443urtwn_getbuf(struct urtwn_softc *sc) 1444{ 1445 struct urtwn_data *bf; 1446 1447 URTWN_ASSERT_LOCKED(sc); 1448 1449 bf = _urtwn_getbuf(sc); 1450 if (bf == NULL) { 1451 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: stop queue\n", 1452 __func__); 1453 } 1454 return (bf); 1455} 1456 1457static usb_error_t 1458urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1459 int len) 1460{ 1461 usb_device_request_t req; 1462 1463 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1464 req.bRequest = R92C_REQ_REGS; 1465 USETW(req.wValue, addr); 1466 USETW(req.wIndex, 0); 1467 USETW(req.wLength, len); 1468 return (urtwn_do_request(sc, &req, buf)); 1469} 1470 1471static usb_error_t 1472urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val) 1473{ 1474 return (urtwn_write_region_1(sc, addr, &val, sizeof(val))); 1475} 1476 1477static usb_error_t 1478urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val) 1479{ 1480 val = htole16(val); 1481 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1482} 1483 1484static usb_error_t 1485urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val) 1486{ 1487 val = htole32(val); 1488 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1489} 1490 1491static usb_error_t 1492urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1493 int len) 1494{ 1495 usb_device_request_t req; 1496 1497 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1498 req.bRequest = R92C_REQ_REGS; 1499 USETW(req.wValue, addr); 1500 USETW(req.wIndex, 0); 1501 USETW(req.wLength, len); 1502 return (urtwn_do_request(sc, &req, buf)); 1503} 1504 1505static uint8_t 1506urtwn_read_1(struct urtwn_softc *sc, uint16_t addr) 1507{ 1508 uint8_t val; 1509 1510 if (urtwn_read_region_1(sc, addr, &val, 1) != 0) 1511 return (0xff); 1512 return (val); 1513} 1514 1515static uint16_t 1516urtwn_read_2(struct urtwn_softc *sc, uint16_t addr) 1517{ 1518 uint16_t val; 1519 1520 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 2) != 0) 1521 return (0xffff); 1522 return (le16toh(val)); 1523} 1524 1525static uint32_t 1526urtwn_read_4(struct urtwn_softc *sc, uint16_t addr) 1527{ 1528 uint32_t val; 1529 1530 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 4) != 0) 1531 return (0xffffffff); 1532 return (le32toh(val)); 1533} 1534 1535static int 1536urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len) 1537{ 1538 struct r92c_fw_cmd cmd; 1539 usb_error_t error; 1540 int ntries; 1541 1542 if (!(sc->sc_flags & URTWN_FW_LOADED)) { 1543 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, "%s: firmware " 1544 "was not loaded; command (id %d) will be discarded\n", 1545 __func__, id); 1546 return (0); 1547 } 1548 1549 /* Wait for current FW box to be empty. */ 1550 for (ntries = 0; ntries < 100; ntries++) { 1551 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << sc->fwcur))) 1552 break; 1553 urtwn_ms_delay(sc); 1554 } 1555 if (ntries == 100) { 1556 device_printf(sc->sc_dev, 1557 "could not send firmware command\n"); 1558 return (ETIMEDOUT); 1559 } 1560 memset(&cmd, 0, sizeof(cmd)); 1561 cmd.id = id; 1562 if (len > 3) 1563 cmd.id |= R92C_CMD_FLAG_EXT; 1564 KASSERT(len <= sizeof(cmd.msg), ("urtwn_fw_cmd\n")); 1565 memcpy(cmd.msg, buf, len); 1566 1567 /* Write the first word last since that will trigger the FW. */ 1568 error = urtwn_write_region_1(sc, R92C_HMEBOX_EXT(sc->fwcur), 1569 (uint8_t *)&cmd + 4, 2); 1570 if (error != USB_ERR_NORMAL_COMPLETION) 1571 return (EIO); 1572 error = urtwn_write_region_1(sc, R92C_HMEBOX(sc->fwcur), 1573 (uint8_t *)&cmd + 0, 4); 1574 if (error != USB_ERR_NORMAL_COMPLETION) 1575 return (EIO); 1576 1577 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX; 1578 return (0); 1579} 1580 1581static void 1582urtwn_cmdq_cb(void *arg, int pending) 1583{ 1584 struct urtwn_softc *sc = arg; 1585 struct urtwn_cmdq *item; 1586 1587 /* 1588 * Device must be powered on (via urtwn_power_on()) 1589 * before any command may be sent. 1590 */ 1591 URTWN_LOCK(sc); 1592 if (!(sc->sc_flags & URTWN_RUNNING)) { 1593 URTWN_UNLOCK(sc); 1594 return; 1595 } 1596 1597 URTWN_CMDQ_LOCK(sc); 1598 while (sc->cmdq[sc->cmdq_first].func != NULL) { 1599 item = &sc->cmdq[sc->cmdq_first]; 1600 sc->cmdq_first = (sc->cmdq_first + 1) % URTWN_CMDQ_SIZE; 1601 URTWN_CMDQ_UNLOCK(sc); 1602 1603 item->func(sc, &item->data); 1604 1605 URTWN_CMDQ_LOCK(sc); 1606 memset(item, 0, sizeof (*item)); 1607 } 1608 URTWN_CMDQ_UNLOCK(sc); 1609 URTWN_UNLOCK(sc); 1610} 1611 1612static int 1613urtwn_cmd_sleepable(struct urtwn_softc *sc, const void *ptr, size_t len, 1614 CMD_FUNC_PROTO) 1615{ 1616 struct ieee80211com *ic = &sc->sc_ic; 1617 1618 KASSERT(len <= sizeof(union sec_param), ("buffer overflow")); 1619 1620 URTWN_CMDQ_LOCK(sc); 1621 if (sc->cmdq[sc->cmdq_last].func != NULL) { 1622 device_printf(sc->sc_dev, "%s: cmdq overflow\n", __func__); 1623 URTWN_CMDQ_UNLOCK(sc); 1624 1625 return (EAGAIN); 1626 } 1627 1628 if (ptr != NULL) 1629 memcpy(&sc->cmdq[sc->cmdq_last].data, ptr, len); 1630 sc->cmdq[sc->cmdq_last].func = func; 1631 sc->cmdq_last = (sc->cmdq_last + 1) % URTWN_CMDQ_SIZE; 1632 URTWN_CMDQ_UNLOCK(sc); 1633 1634 ieee80211_runtask(ic, &sc->cmdq_task); 1635 1636 return (0); 1637} 1638 1639static __inline void 1640urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val) 1641{ 1642 1643 sc->sc_rf_write(sc, chain, addr, val); 1644} 1645 1646static void 1647urtwn_r92c_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1648 uint32_t val) 1649{ 1650 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1651 SM(R92C_LSSI_PARAM_ADDR, addr) | 1652 SM(R92C_LSSI_PARAM_DATA, val)); 1653} 1654 1655static void 1656urtwn_r88e_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1657uint32_t val) 1658{ 1659 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1660 SM(R88E_LSSI_PARAM_ADDR, addr) | 1661 SM(R92C_LSSI_PARAM_DATA, val)); 1662} 1663 1664static uint32_t 1665urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr) 1666{ 1667 uint32_t reg[R92C_MAX_CHAINS], val; 1668 1669 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)); 1670 if (chain != 0) 1671 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain)); 1672 1673 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1674 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE); 1675 urtwn_ms_delay(sc); 1676 1677 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain), 1678 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) | 1679 R92C_HSSI_PARAM2_READ_EDGE); 1680 urtwn_ms_delay(sc); 1681 1682 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1683 reg[0] | R92C_HSSI_PARAM2_READ_EDGE); 1684 urtwn_ms_delay(sc); 1685 1686 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI) 1687 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain)); 1688 else 1689 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain)); 1690 return (MS(val, R92C_LSSI_READBACK_DATA)); 1691} 1692 1693static int 1694urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 1695{ 1696 usb_error_t error; 1697 int ntries; 1698 1699 error = urtwn_write_4(sc, R92C_LLT_INIT, 1700 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) | 1701 SM(R92C_LLT_INIT_ADDR, addr) | 1702 SM(R92C_LLT_INIT_DATA, data)); 1703 if (error != USB_ERR_NORMAL_COMPLETION) 1704 return (EIO); 1705 /* Wait for write operation to complete. */ 1706 for (ntries = 0; ntries < 20; ntries++) { 1707 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) == 1708 R92C_LLT_INIT_OP_NO_ACTIVE) 1709 return (0); 1710 urtwn_ms_delay(sc); 1711 } 1712 return (ETIMEDOUT); 1713} 1714 1715static int 1716urtwn_efuse_read_next(struct urtwn_softc *sc, uint8_t *val) 1717{ 1718 uint32_t reg; 1719 usb_error_t error; 1720 int ntries; 1721 1722 if (sc->last_rom_addr >= URTWN_EFUSE_MAX_LEN) 1723 return (EFAULT); 1724 1725 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1726 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, sc->last_rom_addr); 1727 reg &= ~R92C_EFUSE_CTRL_VALID; 1728 1729 error = urtwn_write_4(sc, R92C_EFUSE_CTRL, reg); 1730 if (error != USB_ERR_NORMAL_COMPLETION) 1731 return (EIO); 1732 /* Wait for read operation to complete. */ 1733 for (ntries = 0; ntries < 100; ntries++) { 1734 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1735 if (reg & R92C_EFUSE_CTRL_VALID) 1736 break; 1737 urtwn_ms_delay(sc); 1738 } 1739 if (ntries == 100) { 1740 device_printf(sc->sc_dev, 1741 "could not read efuse byte at address 0x%x\n", 1742 sc->last_rom_addr); 1743 return (ETIMEDOUT); 1744 } 1745 1746 *val = MS(reg, R92C_EFUSE_CTRL_DATA); 1747 sc->last_rom_addr++; 1748 1749 return (0); 1750} 1751 1752static int 1753urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off, 1754 uint8_t msk) 1755{ 1756 uint8_t reg; 1757 int i, error; 1758 1759 for (i = 0; i < 4; i++) { 1760 if (msk & (1 << i)) 1761 continue; 1762 error = urtwn_efuse_read_next(sc, ®); 1763 if (error != 0) 1764 return (error); 1765 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n", 1766 off * 8 + i * 2, reg); 1767 rom[off * 8 + i * 2 + 0] = reg; 1768 1769 error = urtwn_efuse_read_next(sc, ®); 1770 if (error != 0) 1771 return (error); 1772 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n", 1773 off * 8 + i * 2 + 1, reg); 1774 rom[off * 8 + i * 2 + 1] = reg; 1775 } 1776 1777 return (0); 1778} 1779 1780#ifdef USB_DEBUG 1781static void 1782urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1783{ 1784 int i; 1785 1786 /* Dump ROM contents. */ 1787 device_printf(sc->sc_dev, "%s:", __func__); 1788 for (i = 0; i < size; i++) { 1789 if (i % 32 == 0) 1790 printf("\n%03X: ", i); 1791 else if (i % 4 == 0) 1792 printf(" "); 1793 1794 printf("%02X", rom[i]); 1795 } 1796 printf("\n"); 1797} 1798#endif 1799 1800static int 1801urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1802{ 1803#define URTWN_CHK(res) do { \ 1804 if ((error = res) != 0) \ 1805 goto end; \ 1806} while(0) 1807 uint8_t msk, off, reg; 1808 int error; 1809 1810 URTWN_CHK(urtwn_efuse_switch_power(sc)); 1811 1812 /* Read full ROM image. */ 1813 sc->last_rom_addr = 0; 1814 memset(rom, 0xff, size); 1815 1816 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1817 while (reg != 0xff) { 1818 /* check for extended header */ 1819 if ((sc->chip & URTWN_CHIP_88E) && (reg & 0x1f) == 0x0f) { 1820 off = reg >> 5; 1821 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1822 1823 if ((reg & 0x0f) != 0x0f) 1824 off = ((reg & 0xf0) >> 1) | off; 1825 else 1826 continue; 1827 } else 1828 off = reg >> 4; 1829 msk = reg & 0xf; 1830 1831 URTWN_CHK(urtwn_efuse_read_data(sc, rom, off, msk)); 1832 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1833 } 1834 1835end: 1836 1837#ifdef USB_DEBUG 1838 if (sc->sc_debug & URTWN_DEBUG_ROM) 1839 urtwn_dump_rom_contents(sc, rom, size); 1840#endif 1841 1842 urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_OFF); 1843 1844 if (error != 0) { 1845 device_printf(sc->sc_dev, "%s: error while reading ROM\n", 1846 __func__); 1847 } 1848 1849 return (error); 1850#undef URTWN_CHK 1851} 1852 1853static int 1854urtwn_efuse_switch_power(struct urtwn_softc *sc) 1855{ 1856 usb_error_t error; 1857 uint32_t reg; 1858 1859 error = urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_ON); 1860 if (error != USB_ERR_NORMAL_COMPLETION) 1861 return (EIO); 1862 1863 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL); 1864 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) { 1865 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 1866 reg | R92C_SYS_ISO_CTRL_PWC_EV12V); 1867 if (error != USB_ERR_NORMAL_COMPLETION) 1868 return (EIO); 1869 } 1870 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 1871 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) { 1872 error = urtwn_write_2(sc, R92C_SYS_FUNC_EN, 1873 reg | R92C_SYS_FUNC_EN_ELDR); 1874 if (error != USB_ERR_NORMAL_COMPLETION) 1875 return (EIO); 1876 } 1877 reg = urtwn_read_2(sc, R92C_SYS_CLKR); 1878 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) != 1879 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) { 1880 error = urtwn_write_2(sc, R92C_SYS_CLKR, 1881 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M); 1882 if (error != USB_ERR_NORMAL_COMPLETION) 1883 return (EIO); 1884 } 1885 1886 return (0); 1887} 1888 1889static int 1890urtwn_read_chipid(struct urtwn_softc *sc) 1891{ 1892 uint32_t reg; 1893 1894 if (sc->chip & URTWN_CHIP_88E) 1895 return (0); 1896 1897 reg = urtwn_read_4(sc, R92C_SYS_CFG); 1898 if (reg & R92C_SYS_CFG_TRP_VAUX_EN) 1899 return (EIO); 1900 1901 if (reg & R92C_SYS_CFG_TYPE_92C) { 1902 sc->chip |= URTWN_CHIP_92C; 1903 /* Check if it is a castrated 8192C. */ 1904 if (MS(urtwn_read_4(sc, R92C_HPON_FSM), 1905 R92C_HPON_FSM_CHIP_BONDING_ID) == 1906 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R) 1907 sc->chip |= URTWN_CHIP_92C_1T2R; 1908 } 1909 if (reg & R92C_SYS_CFG_VENDOR_UMC) { 1910 sc->chip |= URTWN_CHIP_UMC; 1911 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0) 1912 sc->chip |= URTWN_CHIP_UMC_A_CUT; 1913 } 1914 return (0); 1915} 1916 1917static int 1918urtwn_read_rom(struct urtwn_softc *sc) 1919{ 1920 struct r92c_rom *rom = &sc->rom.r92c_rom; 1921 int error; 1922 1923 /* Read full ROM image. */ 1924 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(*rom)); 1925 if (error != 0) 1926 return (error); 1927 1928 /* XXX Weird but this is what the vendor driver does. */ 1929 sc->last_rom_addr = 0x1fa; 1930 error = urtwn_efuse_read_next(sc, &sc->pa_setting); 1931 if (error != 0) 1932 return (error); 1933 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: PA setting=0x%x\n", __func__, 1934 sc->pa_setting); 1935 1936 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE); 1937 1938 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY); 1939 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type=%d\n", 1940 __func__, sc->regulatory); 1941 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); 1942 1943 sc->sc_rf_write = urtwn_r92c_rf_write; 1944 sc->sc_power_on = urtwn_r92c_power_on; 1945 sc->sc_power_off = urtwn_r92c_power_off; 1946 1947 return (0); 1948} 1949 1950static int 1951urtwn_r88e_read_rom(struct urtwn_softc *sc) 1952{ 1953 struct r88e_rom *rom = &sc->rom.r88e_rom; 1954 int error; 1955 1956 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(sc->rom.r88e_rom)); 1957 if (error != 0) 1958 return (error); 1959 1960 sc->bw20_tx_pwr_diff = (rom->tx_pwr_diff >> 4); 1961 if (sc->bw20_tx_pwr_diff & 0x08) 1962 sc->bw20_tx_pwr_diff |= 0xf0; 1963 sc->ofdm_tx_pwr_diff = (rom->tx_pwr_diff & 0xf); 1964 if (sc->ofdm_tx_pwr_diff & 0x08) 1965 sc->ofdm_tx_pwr_diff |= 0xf0; 1966 sc->regulatory = MS(rom->rf_board_opt, R92C_ROM_RF1_REGULATORY); 1967 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type %d\n", 1968 __func__,sc->regulatory); 1969 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); 1970 1971 sc->sc_rf_write = urtwn_r88e_rf_write; 1972 sc->sc_power_on = urtwn_r88e_power_on; 1973 sc->sc_power_off = urtwn_r88e_power_off; 1974 1975 return (0); 1976} 1977 1978static __inline uint8_t 1979rate2ridx(uint8_t rate) 1980{ 1981 if (rate & IEEE80211_RATE_MCS) { 1982 /* 11n rates start at idx 12 */ 1983 return ((rate & 0xf) + 12); 1984 } 1985 switch (rate) { 1986 /* 11g */ 1987 case 12: return 4; 1988 case 18: return 5; 1989 case 24: return 6; 1990 case 36: return 7; 1991 case 48: return 8; 1992 case 72: return 9; 1993 case 96: return 10; 1994 case 108: return 11; 1995 /* 11b */ 1996 case 2: return 0; 1997 case 4: return 1; 1998 case 11: return 2; 1999 case 22: return 3; 2000 default: return URTWN_RIDX_UNKNOWN; 2001 } 2002} 2003 2004/* 2005 * Initialize rate adaptation in firmware. 2006 */ 2007static int 2008urtwn_ra_init(struct urtwn_softc *sc) 2009{ 2010 struct ieee80211com *ic = &sc->sc_ic; 2011 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2012 struct ieee80211_node *ni; 2013 struct ieee80211_rateset *rs, *rs_ht; 2014 struct r92c_fw_cmd_macid_cfg cmd; 2015 uint32_t rates, basicrates; 2016 uint8_t mode, ridx; 2017 int maxrate, maxbasicrate, error, i; 2018 2019 ni = ieee80211_ref_node(vap->iv_bss); 2020 rs = &ni->ni_rates; 2021 rs_ht = (struct ieee80211_rateset *) &ni->ni_htrates; 2022 2023 /* Get normal and basic rates mask. */ 2024 rates = basicrates = 0; 2025 maxrate = maxbasicrate = 0; 2026 2027 /* This is for 11bg */ 2028 for (i = 0; i < rs->rs_nrates; i++) { 2029 /* Convert 802.11 rate to HW rate index. */ 2030 ridx = rate2ridx(IEEE80211_RV(rs->rs_rates[i])); 2031 if (ridx == URTWN_RIDX_UNKNOWN) /* Unknown rate, skip. */ 2032 continue; 2033 rates |= 1 << ridx; 2034 if (ridx > maxrate) 2035 maxrate = ridx; 2036 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) { 2037 basicrates |= 1 << ridx; 2038 if (ridx > maxbasicrate) 2039 maxbasicrate = ridx; 2040 } 2041 } 2042 2043 /* If we're doing 11n, enable 11n rates */ 2044 if (ni->ni_flags & IEEE80211_NODE_HT) { 2045 for (i = 0; i < rs_ht->rs_nrates; i++) { 2046 if ((rs_ht->rs_rates[i] & 0x7f) > 0xf) 2047 continue; 2048 /* 11n rates start at index 12 */ 2049 ridx = ((rs_ht->rs_rates[i]) & 0xf) + 12; 2050 rates |= (1 << ridx); 2051 2052 /* Guard against the rate table being oddly ordered */ 2053 if (ridx > maxrate) 2054 maxrate = ridx; 2055 } 2056 } 2057 2058#if 0 2059 if (ic->ic_curmode == IEEE80211_MODE_11NG) 2060 raid = R92C_RAID_11GN; 2061#endif 2062 /* NB: group addressed frames are done at 11bg rates for now */ 2063 if (ic->ic_curmode == IEEE80211_MODE_11B) 2064 mode = R92C_RAID_11B; 2065 else 2066 mode = R92C_RAID_11BG; 2067 /* XXX misleading 'mode' value here for unicast frames */ 2068 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, 2069 "%s: mode 0x%x, rates 0x%08x, basicrates 0x%08x\n", __func__, 2070 mode, rates, basicrates); 2071 2072 /* Set rates mask for group addressed frames. */ 2073 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID; 2074 cmd.mask = htole32(mode << 28 | basicrates); 2075 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 2076 if (error != 0) { 2077 ieee80211_free_node(ni); 2078 device_printf(sc->sc_dev, 2079 "could not add broadcast station\n"); 2080 return (error); 2081 } 2082 2083 /* Set initial MRR rate. */ 2084 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxbasicrate %d\n", __func__, 2085 maxbasicrate); 2086 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC), 2087 maxbasicrate); 2088 2089 /* Set rates mask for unicast frames. */ 2090 if (ni->ni_flags & IEEE80211_NODE_HT) 2091 mode = R92C_RAID_11GN; 2092 else if (ic->ic_curmode == IEEE80211_MODE_11B) 2093 mode = R92C_RAID_11B; 2094 else 2095 mode = R92C_RAID_11BG; 2096 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID; 2097 cmd.mask = htole32(mode << 28 | rates); 2098 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 2099 if (error != 0) { 2100 ieee80211_free_node(ni); 2101 device_printf(sc->sc_dev, "could not add BSS station\n"); 2102 return (error); 2103 } 2104 /* Set initial MRR rate. */ 2105 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxrate %d\n", __func__, 2106 maxrate); 2107 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS), 2108 maxrate); 2109 2110 /* Indicate highest supported rate. */ 2111 if (ni->ni_flags & IEEE80211_NODE_HT) 2112 ni->ni_txrate = rs_ht->rs_rates[rs_ht->rs_nrates - 1] 2113 | IEEE80211_RATE_MCS; 2114 else 2115 ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1]; 2116 ieee80211_free_node(ni); 2117 2118 return (0); 2119} 2120 2121static void 2122urtwn_init_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 2123{ 2124 struct r92c_tx_desc *txd = &uvp->bcn_desc; 2125 2126 txd->txdw0 = htole32( 2127 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | R92C_TXDW0_BMCAST | 2128 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2129 txd->txdw1 = htole32( 2130 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_BEACON) | 2131 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 2132 2133 if (sc->chip & URTWN_CHIP_88E) { 2134 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 2135 txd->txdseq |= htole16(R88E_TXDSEQ_HWSEQ_EN); 2136 } else { 2137 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 2138 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 2139 } 2140 2141 txd->txdw4 = htole32(R92C_TXDW4_DRVRATE); 2142 txd->txdw5 = htole32(SM(R92C_TXDW5_DATARATE, URTWN_RIDX_CCK1)); 2143} 2144 2145static int 2146urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni) 2147{ 2148 struct ieee80211vap *vap = ni->ni_vap; 2149 struct urtwn_vap *uvp = URTWN_VAP(vap); 2150 struct mbuf *m; 2151 int error; 2152 2153 URTWN_ASSERT_LOCKED(sc); 2154 2155 if (ni->ni_chan == IEEE80211_CHAN_ANYC) 2156 return (EINVAL); 2157 2158 m = ieee80211_beacon_alloc(ni); 2159 if (m == NULL) { 2160 device_printf(sc->sc_dev, 2161 "%s: could not allocate beacon frame\n", __func__); 2162 return (ENOMEM); 2163 } 2164 2165 if (uvp->bcn_mbuf != NULL) 2166 m_freem(uvp->bcn_mbuf); 2167 2168 uvp->bcn_mbuf = m; 2169 2170 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 2171 return (error); 2172 2173 /* XXX bcnq stuck workaround */ 2174 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 2175 return (error); 2176 2177 URTWN_DPRINTF(sc, URTWN_DEBUG_BEACON, "%s: beacon was %srecognized\n", 2178 __func__, urtwn_read_1(sc, R92C_TDECTRL + 2) & 2179 (R92C_TDECTRL_BCN_VALID >> 16) ? "" : "not "); 2180 2181 return (0); 2182} 2183 2184static void 2185urtwn_update_beacon(struct ieee80211vap *vap, int item) 2186{ 2187 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2188 struct urtwn_vap *uvp = URTWN_VAP(vap); 2189 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off; 2190 struct ieee80211_node *ni = vap->iv_bss; 2191 int mcast = 0; 2192 2193 URTWN_LOCK(sc); 2194 if (uvp->bcn_mbuf == NULL) { 2195 uvp->bcn_mbuf = ieee80211_beacon_alloc(ni); 2196 if (uvp->bcn_mbuf == NULL) { 2197 device_printf(sc->sc_dev, 2198 "%s: could not allocate beacon frame\n", __func__); 2199 URTWN_UNLOCK(sc); 2200 return; 2201 } 2202 } 2203 URTWN_UNLOCK(sc); 2204 2205 if (item == IEEE80211_BEACON_TIM) 2206 mcast = 1; /* XXX */ 2207 2208 setbit(bo->bo_flags, item); 2209 ieee80211_beacon_update(ni, uvp->bcn_mbuf, mcast); 2210 2211 URTWN_LOCK(sc); 2212 urtwn_tx_beacon(sc, uvp); 2213 URTWN_UNLOCK(sc); 2214} 2215 2216/* 2217 * Push a beacon frame into the chip. Beacon will 2218 * be repeated by the chip every R92C_BCN_INTERVAL. 2219 */ 2220static int 2221urtwn_tx_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 2222{ 2223 struct r92c_tx_desc *desc = &uvp->bcn_desc; 2224 struct urtwn_data *bf; 2225 2226 URTWN_ASSERT_LOCKED(sc); 2227 2228 bf = urtwn_getbuf(sc); 2229 if (bf == NULL) 2230 return (ENOMEM); 2231 2232 memcpy(bf->buf, desc, sizeof(*desc)); 2233 urtwn_tx_start(sc, uvp->bcn_mbuf, IEEE80211_FC0_TYPE_MGT, bf); 2234 2235 sc->sc_txtimer = 5; 2236 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2237 2238 return (0); 2239} 2240 2241static int 2242urtwn_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k, 2243 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix) 2244{ 2245 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2246 uint8_t i; 2247 2248 if (!(&vap->iv_nw_keys[0] <= k && 2249 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) { 2250 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 2251 URTWN_LOCK(sc); 2252 /* 2253 * First 4 slots for group keys, 2254 * what is left - for pairwise. 2255 * XXX incompatible with IBSS RSN. 2256 */ 2257 for (i = IEEE80211_WEP_NKID; 2258 i < R92C_CAM_ENTRY_COUNT; i++) { 2259 if ((sc->keys_bmap & (1 << i)) == 0) { 2260 sc->keys_bmap |= 1 << i; 2261 *keyix = i; 2262 break; 2263 } 2264 } 2265 URTWN_UNLOCK(sc); 2266 if (i == R92C_CAM_ENTRY_COUNT) { 2267 device_printf(sc->sc_dev, 2268 "%s: no free space in the key table\n", 2269 __func__); 2270 return 0; 2271 } 2272 } else 2273 *keyix = 0; 2274 } else { 2275 *keyix = k - vap->iv_nw_keys; 2276 } 2277 *rxkeyix = *keyix; 2278 return 1; 2279} 2280 2281static void 2282urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data) 2283{ 2284 struct ieee80211_key *k = &data->key; 2285 uint8_t algo, keyid; 2286 int i, error; 2287 2288 if (k->wk_keyix < IEEE80211_WEP_NKID) 2289 keyid = k->wk_keyix; 2290 else 2291 keyid = 0; 2292 2293 /* Map net80211 cipher to HW crypto algorithm. */ 2294 switch (k->wk_cipher->ic_cipher) { 2295 case IEEE80211_CIPHER_WEP: 2296 if (k->wk_keylen < 8) 2297 algo = R92C_CAM_ALGO_WEP40; 2298 else 2299 algo = R92C_CAM_ALGO_WEP104; 2300 break; 2301 case IEEE80211_CIPHER_TKIP: 2302 algo = R92C_CAM_ALGO_TKIP; 2303 break; 2304 case IEEE80211_CIPHER_AES_CCM: 2305 algo = R92C_CAM_ALGO_AES; 2306 break; 2307 default: 2308 device_printf(sc->sc_dev, "%s: undefined cipher %d\n", 2309 __func__, k->wk_cipher->ic_cipher); 2310 return; 2311 } 2312 2313 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY, 2314 "%s: keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, " 2315 "macaddr %s\n", __func__, k->wk_keyix, keyid, 2316 k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen, 2317 ether_sprintf(k->wk_macaddr)); 2318 2319 /* Clear high bits. */ 2320 urtwn_cam_write(sc, R92C_CAM_CTL6(k->wk_keyix), 0); 2321 urtwn_cam_write(sc, R92C_CAM_CTL7(k->wk_keyix), 0); 2322 2323 /* Write key. */ 2324 for (i = 0; i < 4; i++) { 2325 error = urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 2326 le32dec(&k->wk_key[i * 4])); 2327 if (error != 0) 2328 goto fail; 2329 } 2330 2331 /* Write CTL0 last since that will validate the CAM entry. */ 2332 error = urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 2333 le32dec(&k->wk_macaddr[2])); 2334 if (error != 0) 2335 goto fail; 2336 error = urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 2337 SM(R92C_CAM_ALGO, algo) | 2338 SM(R92C_CAM_KEYID, keyid) | 2339 SM(R92C_CAM_MACLO, le16dec(&k->wk_macaddr[0])) | 2340 R92C_CAM_VALID); 2341 if (error != 0) 2342 goto fail; 2343 2344 return; 2345 2346fail: 2347 device_printf(sc->sc_dev, "%s fails, error %d\n", __func__, error); 2348} 2349 2350static void 2351urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data) 2352{ 2353 struct ieee80211_key *k = &data->key; 2354 int i; 2355 2356 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY, 2357 "%s: keyix %d, flags %04X, macaddr %s\n", __func__, 2358 k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr)); 2359 2360 urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0); 2361 urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 0); 2362 2363 /* Clear key. */ 2364 for (i = 0; i < 4; i++) 2365 urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 0); 2366 sc->keys_bmap &= ~(1 << k->wk_keyix); 2367} 2368 2369static int 2370urtwn_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k) 2371{ 2372 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2373 struct urtwn_vap *uvp = URTWN_VAP(vap); 2374 2375 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 2376 /* Not for us. */ 2377 return (1); 2378 } 2379 2380 if (&vap->iv_nw_keys[0] <= k && 2381 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID]) { 2382 URTWN_LOCK(sc); 2383 uvp->keys[k->wk_keyix] = k; 2384 if ((sc->sc_flags & URTWN_RUNNING) == 0) { 2385 /* 2386 * The device was not started; 2387 * the key will be installed later. 2388 */ 2389 URTWN_UNLOCK(sc); 2390 return (1); 2391 } 2392 URTWN_UNLOCK(sc); 2393 } 2394 2395 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_set_cb)); 2396} 2397 2398static int 2399urtwn_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 2400{ 2401 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2402 struct urtwn_vap *uvp = URTWN_VAP(vap); 2403 2404 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 2405 /* Not for us. */ 2406 return (1); 2407 } 2408 2409 if (&vap->iv_nw_keys[0] <= k && 2410 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID]) { 2411 URTWN_LOCK(sc); 2412 uvp->keys[k->wk_keyix] = NULL; 2413 if ((sc->sc_flags & URTWN_RUNNING) == 0) { 2414 /* All keys are removed on device reset. */ 2415 URTWN_UNLOCK(sc); 2416 return (1); 2417 } 2418 URTWN_UNLOCK(sc); 2419 } 2420 2421 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_del_cb)); 2422} 2423 2424static void 2425urtwn_tsf_task_adhoc(void *arg, int pending) 2426{ 2427 struct ieee80211vap *vap = arg; 2428 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2429 struct ieee80211_node *ni; 2430 uint32_t reg; 2431 2432 URTWN_LOCK(sc); 2433 ni = ieee80211_ref_node(vap->iv_bss); 2434 reg = urtwn_read_1(sc, R92C_BCN_CTRL); 2435 2436 /* Accept beacons with the same BSSID. */ 2437 urtwn_set_rx_bssid_all(sc, 0); 2438 2439 /* Enable synchronization. */ 2440 reg &= ~R92C_BCN_CTRL_DIS_TSF_UDT0; 2441 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2442 2443 /* Synchronize. */ 2444 usb_pause_mtx(&sc->sc_mtx, hz * ni->ni_intval * 5 / 1000); 2445 2446 /* Disable synchronization. */ 2447 reg |= R92C_BCN_CTRL_DIS_TSF_UDT0; 2448 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2449 2450 /* Remove beacon filter. */ 2451 urtwn_set_rx_bssid_all(sc, 1); 2452 2453 /* Enable beaconing. */ 2454 urtwn_write_1(sc, R92C_MBID_NUM, 2455 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 2456 reg |= R92C_BCN_CTRL_EN_BCN; 2457 2458 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2459 ieee80211_free_node(ni); 2460 URTWN_UNLOCK(sc); 2461} 2462 2463static void 2464urtwn_tsf_sync_enable(struct urtwn_softc *sc, struct ieee80211vap *vap) 2465{ 2466 struct ieee80211com *ic = &sc->sc_ic; 2467 struct urtwn_vap *uvp = URTWN_VAP(vap); 2468 2469 /* Reset TSF. */ 2470 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 2471 2472 switch (vap->iv_opmode) { 2473 case IEEE80211_M_STA: 2474 /* Enable TSF synchronization. */ 2475 urtwn_write_1(sc, R92C_BCN_CTRL, 2476 urtwn_read_1(sc, R92C_BCN_CTRL) & 2477 ~R92C_BCN_CTRL_DIS_TSF_UDT0); 2478 break; 2479 case IEEE80211_M_IBSS: 2480 ieee80211_runtask(ic, &uvp->tsf_task_adhoc); 2481 break; 2482 case IEEE80211_M_HOSTAP: 2483 /* Enable beaconing. */ 2484 urtwn_write_1(sc, R92C_MBID_NUM, 2485 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 2486 urtwn_write_1(sc, R92C_BCN_CTRL, 2487 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN); 2488 break; 2489 default: 2490 device_printf(sc->sc_dev, "undefined opmode %d\n", 2491 vap->iv_opmode); 2492 return; 2493 } 2494} 2495 2496static void 2497urtwn_get_tsf(struct urtwn_softc *sc, uint64_t *buf) 2498{ 2499 urtwn_read_region_1(sc, R92C_TSFTR, (uint8_t *)buf, sizeof(*buf)); 2500} 2501 2502static void 2503urtwn_set_led(struct urtwn_softc *sc, int led, int on) 2504{ 2505 uint8_t reg; 2506 2507 if (led == URTWN_LED_LINK) { 2508 if (sc->chip & URTWN_CHIP_88E) { 2509 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0xf0; 2510 urtwn_write_1(sc, R92C_LEDCFG2, reg | 0x60); 2511 if (!on) { 2512 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0x90; 2513 urtwn_write_1(sc, R92C_LEDCFG2, 2514 reg | R92C_LEDCFG0_DIS); 2515 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 2516 urtwn_read_1(sc, R92C_MAC_PINMUX_CFG) & 2517 0xfe); 2518 } 2519 } else { 2520 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70; 2521 if (!on) 2522 reg |= R92C_LEDCFG0_DIS; 2523 urtwn_write_1(sc, R92C_LEDCFG0, reg); 2524 } 2525 sc->ledlink = on; /* Save LED state. */ 2526 } 2527} 2528 2529static void 2530urtwn_set_mode(struct urtwn_softc *sc, uint8_t mode) 2531{ 2532 uint8_t reg; 2533 2534 reg = urtwn_read_1(sc, R92C_MSR); 2535 reg = (reg & ~R92C_MSR_MASK) | mode; 2536 urtwn_write_1(sc, R92C_MSR, reg); 2537} 2538 2539static void 2540urtwn_ibss_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype, 2541 const struct ieee80211_rx_stats *rxs, 2542 int rssi, int nf) 2543{ 2544 struct ieee80211vap *vap = ni->ni_vap; 2545 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2546 struct urtwn_vap *uvp = URTWN_VAP(vap); 2547 uint64_t ni_tstamp, curr_tstamp; 2548 2549 uvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf); 2550 2551 if (vap->iv_state == IEEE80211_S_RUN && 2552 (subtype == IEEE80211_FC0_SUBTYPE_BEACON || 2553 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) { 2554 ni_tstamp = le64toh(ni->ni_tstamp.tsf); 2555 URTWN_LOCK(sc); 2556 urtwn_get_tsf(sc, &curr_tstamp); 2557 URTWN_UNLOCK(sc); 2558 curr_tstamp = le64toh(curr_tstamp); 2559 2560 if (ni_tstamp >= curr_tstamp) 2561 (void) ieee80211_ibss_merge(ni); 2562 } 2563} 2564 2565static int 2566urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2567{ 2568 struct urtwn_vap *uvp = URTWN_VAP(vap); 2569 struct ieee80211com *ic = vap->iv_ic; 2570 struct urtwn_softc *sc = ic->ic_softc; 2571 struct ieee80211_node *ni; 2572 enum ieee80211_state ostate; 2573 uint32_t reg; 2574 uint8_t mode; 2575 int error = 0; 2576 2577 ostate = vap->iv_state; 2578 URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s -> %s\n", 2579 ieee80211_state_name[ostate], ieee80211_state_name[nstate]); 2580 2581 IEEE80211_UNLOCK(ic); 2582 URTWN_LOCK(sc); 2583 callout_stop(&sc->sc_watchdog_ch); 2584 2585 if (ostate == IEEE80211_S_RUN) { 2586 /* Stop calibration. */ 2587 callout_stop(&sc->sc_calib_to); 2588 2589 /* Turn link LED off. */ 2590 urtwn_set_led(sc, URTWN_LED_LINK, 0); 2591 2592 /* Set media status to 'No Link'. */ 2593 urtwn_set_mode(sc, R92C_MSR_NOLINK); 2594 2595 /* Stop Rx of data frames. */ 2596 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 2597 2598 /* Disable TSF synchronization. */ 2599 urtwn_write_1(sc, R92C_BCN_CTRL, 2600 (urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN) | 2601 R92C_BCN_CTRL_DIS_TSF_UDT0); 2602 2603 /* Disable beaconing. */ 2604 urtwn_write_1(sc, R92C_MBID_NUM, 2605 urtwn_read_1(sc, R92C_MBID_NUM) & ~R92C_MBID_TXBCN_RPT0); 2606 2607 /* Reset TSF. */ 2608 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 2609 2610 /* Reset EDCA parameters. */ 2611 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217); 2612 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317); 2613 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320); 2614 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444); 2615 } 2616 2617 switch (nstate) { 2618 case IEEE80211_S_INIT: 2619 /* Turn link LED off. */ 2620 urtwn_set_led(sc, URTWN_LED_LINK, 0); 2621 break; 2622 case IEEE80211_S_SCAN: 2623 /* Pause AC Tx queues. */ 2624 urtwn_write_1(sc, R92C_TXPAUSE, 2625 urtwn_read_1(sc, R92C_TXPAUSE) | R92C_TX_QUEUE_AC); 2626 break; 2627 case IEEE80211_S_AUTH: 2628 urtwn_set_chan(sc, ic->ic_curchan, NULL); 2629 break; 2630 case IEEE80211_S_RUN: 2631 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 2632 /* Turn link LED on. */ 2633 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2634 break; 2635 } 2636 2637 ni = ieee80211_ref_node(vap->iv_bss); 2638 2639 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC || 2640 ni->ni_chan == IEEE80211_CHAN_ANYC) { 2641 device_printf(sc->sc_dev, 2642 "%s: could not move to RUN state\n", __func__); 2643 error = EINVAL; 2644 goto end_run; 2645 } 2646 2647 switch (vap->iv_opmode) { 2648 case IEEE80211_M_STA: 2649 mode = R92C_MSR_INFRA; 2650 break; 2651 case IEEE80211_M_IBSS: 2652 mode = R92C_MSR_ADHOC; 2653 break; 2654 case IEEE80211_M_HOSTAP: 2655 mode = R92C_MSR_AP; 2656 break; 2657 default: 2658 device_printf(sc->sc_dev, "undefined opmode %d\n", 2659 vap->iv_opmode); 2660 error = EINVAL; 2661 goto end_run; 2662 } 2663 2664 /* Set media status to 'Associated'. */ 2665 urtwn_set_mode(sc, mode); 2666 2667 /* Set BSSID. */ 2668 urtwn_write_4(sc, R92C_BSSID + 0, le32dec(&ni->ni_bssid[0])); 2669 urtwn_write_4(sc, R92C_BSSID + 4, le16dec(&ni->ni_bssid[4])); 2670 2671 if (ic->ic_curmode == IEEE80211_MODE_11B) 2672 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0); 2673 else /* 802.11b/g */ 2674 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3); 2675 2676 /* Enable Rx of data frames. */ 2677 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 2678 2679 /* Flush all AC queues. */ 2680 urtwn_write_1(sc, R92C_TXPAUSE, 0); 2681 2682 /* Set beacon interval. */ 2683 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval); 2684 2685 /* Allow Rx from our BSSID only. */ 2686 if (ic->ic_promisc == 0) { 2687 reg = urtwn_read_4(sc, R92C_RCR); 2688 2689 if (vap->iv_opmode != IEEE80211_M_HOSTAP) { 2690 reg |= R92C_RCR_CBSSID_DATA; 2691 if (vap->iv_opmode != IEEE80211_M_IBSS) 2692 reg |= R92C_RCR_CBSSID_BCN; 2693 } 2694 2695 urtwn_write_4(sc, R92C_RCR, reg); 2696 } 2697 2698 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 2699 vap->iv_opmode == IEEE80211_M_IBSS) { 2700 error = urtwn_setup_beacon(sc, ni); 2701 if (error != 0) { 2702 device_printf(sc->sc_dev, 2703 "unable to push beacon into the chip, " 2704 "error %d\n", error); 2705 goto end_run; 2706 } 2707 } 2708 2709 /* Enable TSF synchronization. */ 2710 urtwn_tsf_sync_enable(sc, vap); 2711 2712 urtwn_write_1(sc, R92C_SIFS_CCK + 1, 10); 2713 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10); 2714 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10); 2715 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10); 2716 urtwn_write_1(sc, R92C_R2T_SIFS + 1, 10); 2717 urtwn_write_1(sc, R92C_T2T_SIFS + 1, 10); 2718 2719 /* Intialize rate adaptation. */ 2720 if (!(sc->chip & URTWN_CHIP_88E)) 2721 urtwn_ra_init(sc); 2722 /* Turn link LED on. */ 2723 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2724 2725 sc->avg_pwdb = -1; /* Reset average RSSI. */ 2726 /* Reset temperature calibration state machine. */ 2727 sc->sc_flags &= ~URTWN_TEMP_MEASURED; 2728 sc->thcal_lctemp = 0; 2729 /* Start periodic calibration. */ 2730 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc); 2731 2732end_run: 2733 ieee80211_free_node(ni); 2734 break; 2735 default: 2736 break; 2737 } 2738 2739 URTWN_UNLOCK(sc); 2740 IEEE80211_LOCK(ic); 2741 return (error != 0 ? error : uvp->newstate(vap, nstate, arg)); 2742} 2743 2744static void 2745urtwn_calib_to(void *arg) 2746{ 2747 struct urtwn_softc *sc = arg; 2748 2749 /* Do it in a process context. */ 2750 urtwn_cmd_sleepable(sc, NULL, 0, urtwn_calib_cb); 2751} 2752 2753static void 2754urtwn_calib_cb(struct urtwn_softc *sc, union sec_param *data) 2755{ 2756 /* Do temperature compensation. */ 2757 urtwn_temp_calib(sc); 2758 2759 if ((urtwn_read_1(sc, R92C_MSR) & R92C_MSR_MASK) != R92C_MSR_NOLINK) 2760 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc); 2761} 2762 2763static void 2764urtwn_watchdog(void *arg) 2765{ 2766 struct urtwn_softc *sc = arg; 2767 2768 if (sc->sc_txtimer > 0) { 2769 if (--sc->sc_txtimer == 0) { 2770 device_printf(sc->sc_dev, "device timeout\n"); 2771 counter_u64_add(sc->sc_ic.ic_oerrors, 1); 2772 return; 2773 } 2774 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2775 } 2776} 2777 2778static void 2779urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi) 2780{ 2781 int pwdb; 2782 2783 /* Convert antenna signal to percentage. */ 2784 if (rssi <= -100 || rssi >= 20) 2785 pwdb = 0; 2786 else if (rssi >= 0) 2787 pwdb = 100; 2788 else 2789 pwdb = 100 + rssi; 2790 if (!(sc->chip & URTWN_CHIP_88E)) { 2791 if (rate <= URTWN_RIDX_CCK11) { 2792 /* CCK gain is smaller than OFDM/MCS gain. */ 2793 pwdb += 6; 2794 if (pwdb > 100) 2795 pwdb = 100; 2796 if (pwdb <= 14) 2797 pwdb -= 4; 2798 else if (pwdb <= 26) 2799 pwdb -= 8; 2800 else if (pwdb <= 34) 2801 pwdb -= 6; 2802 else if (pwdb <= 42) 2803 pwdb -= 2; 2804 } 2805 } 2806 if (sc->avg_pwdb == -1) /* Init. */ 2807 sc->avg_pwdb = pwdb; 2808 else if (sc->avg_pwdb < pwdb) 2809 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1; 2810 else 2811 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20); 2812 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: PWDB %d, EMA %d\n", __func__, 2813 pwdb, sc->avg_pwdb); 2814} 2815 2816static int8_t 2817urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2818{ 2819 static const int8_t cckoff[] = { 16, -12, -26, -46 }; 2820 struct r92c_rx_phystat *phy; 2821 struct r92c_rx_cck *cck; 2822 uint8_t rpt; 2823 int8_t rssi; 2824 2825 if (rate <= URTWN_RIDX_CCK11) { 2826 cck = (struct r92c_rx_cck *)physt; 2827 if (sc->sc_flags & URTWN_FLAG_CCK_HIPWR) { 2828 rpt = (cck->agc_rpt >> 5) & 0x3; 2829 rssi = (cck->agc_rpt & 0x1f) << 1; 2830 } else { 2831 rpt = (cck->agc_rpt >> 6) & 0x3; 2832 rssi = cck->agc_rpt & 0x3e; 2833 } 2834 rssi = cckoff[rpt] - rssi; 2835 } else { /* OFDM/HT. */ 2836 phy = (struct r92c_rx_phystat *)physt; 2837 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2838 } 2839 return (rssi); 2840} 2841 2842static int8_t 2843urtwn_r88e_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2844{ 2845 struct r92c_rx_phystat *phy; 2846 struct r88e_rx_cck *cck; 2847 uint8_t cck_agc_rpt, lna_idx, vga_idx; 2848 int8_t rssi; 2849 2850 rssi = 0; 2851 if (rate <= URTWN_RIDX_CCK11) { 2852 cck = (struct r88e_rx_cck *)physt; 2853 cck_agc_rpt = cck->agc_rpt; 2854 lna_idx = (cck_agc_rpt & 0xe0) >> 5; 2855 vga_idx = cck_agc_rpt & 0x1f; 2856 switch (lna_idx) { 2857 case 7: 2858 if (vga_idx <= 27) 2859 rssi = -100 + 2* (27 - vga_idx); 2860 else 2861 rssi = -100; 2862 break; 2863 case 6: 2864 rssi = -48 + 2 * (2 - vga_idx); 2865 break; 2866 case 5: 2867 rssi = -42 + 2 * (7 - vga_idx); 2868 break; 2869 case 4: 2870 rssi = -36 + 2 * (7 - vga_idx); 2871 break; 2872 case 3: 2873 rssi = -24 + 2 * (7 - vga_idx); 2874 break; 2875 case 2: 2876 rssi = -12 + 2 * (5 - vga_idx); 2877 break; 2878 case 1: 2879 rssi = 8 - (2 * vga_idx); 2880 break; 2881 case 0: 2882 rssi = 14 - (2 * vga_idx); 2883 break; 2884 } 2885 rssi += 6; 2886 } else { /* OFDM/HT. */ 2887 phy = (struct r92c_rx_phystat *)physt; 2888 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2889 } 2890 return (rssi); 2891} 2892 2893static int 2894urtwn_tx_data(struct urtwn_softc *sc, struct ieee80211_node *ni, 2895 struct mbuf *m, struct urtwn_data *data) 2896{ 2897 const struct ieee80211_txparam *tp; 2898 struct ieee80211com *ic = &sc->sc_ic; 2899 struct ieee80211vap *vap = ni->ni_vap; 2900 struct ieee80211_key *k = NULL; 2901 struct ieee80211_channel *chan; 2902 struct ieee80211_frame *wh; 2903 struct r92c_tx_desc *txd; 2904 uint8_t macid, raid, rate, ridx, type, tid, qos, qsel; 2905 int hasqos, ismcast; 2906 2907 URTWN_ASSERT_LOCKED(sc); 2908 2909 wh = mtod(m, struct ieee80211_frame *); 2910 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2911 hasqos = IEEE80211_QOS_HAS_SEQ(wh); 2912 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 2913 2914 /* Select TX ring for this frame. */ 2915 if (hasqos) { 2916 qos = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 2917 tid = qos & IEEE80211_QOS_TID; 2918 } else { 2919 qos = 0; 2920 tid = 0; 2921 } 2922 2923 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ? 2924 ni->ni_chan : ic->ic_curchan; 2925 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 2926 2927 /* Choose a TX rate index. */ 2928 if (type == IEEE80211_FC0_TYPE_MGT) 2929 rate = tp->mgmtrate; 2930 else if (ismcast) 2931 rate = tp->mcastrate; 2932 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 2933 rate = tp->ucastrate; 2934 else if (m->m_flags & M_EAPOL) 2935 rate = tp->mgmtrate; 2936 else { 2937 if (URTWN_CHIP_HAS_RATECTL(sc)) { 2938 /* XXX pass pktlen */ 2939 (void) ieee80211_ratectl_rate(ni, NULL, 0); 2940 rate = ni->ni_txrate; 2941 } else { 2942 /* XXX TODO: drop the default rate for 11b/11g? */ 2943 if (ni->ni_flags & IEEE80211_NODE_HT) 2944 rate = IEEE80211_RATE_MCS | 0x4; /* MCS4 */ 2945 else if (ic->ic_curmode != IEEE80211_MODE_11B) 2946 rate = 108; 2947 else 2948 rate = 22; 2949 } 2950 } 2951 2952 /* 2953 * XXX TODO: this should be per-node, for 11b versus 11bg 2954 * nodes in hostap mode 2955 */ 2956 ridx = rate2ridx(rate); 2957 if (ni->ni_flags & IEEE80211_NODE_HT) 2958 raid = R92C_RAID_11GN; 2959 else if (ic->ic_curmode != IEEE80211_MODE_11B) 2960 raid = R92C_RAID_11BG; 2961 else 2962 raid = R92C_RAID_11B; 2963 2964 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2965 k = ieee80211_crypto_encap(ni, m); 2966 if (k == NULL) { 2967 device_printf(sc->sc_dev, 2968 "ieee80211_crypto_encap returns NULL.\n"); 2969 return (ENOBUFS); 2970 } 2971 2972 /* in case packet header moved, reset pointer */ 2973 wh = mtod(m, struct ieee80211_frame *); 2974 } 2975 2976 /* Fill Tx descriptor. */ 2977 txd = (struct r92c_tx_desc *)data->buf; 2978 memset(txd, 0, sizeof(*txd)); 2979 2980 txd->txdw0 |= htole32( 2981 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2982 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2983 if (ismcast) 2984 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2985 2986 if (!ismcast) { 2987 /* Unicast frame, check if an ACK is expected. */ 2988 if (!qos || (qos & IEEE80211_QOS_ACKPOLICY) != 2989 IEEE80211_QOS_ACKPOLICY_NOACK) { 2990 txd->txdw5 |= htole32(R92C_TXDW5_RTY_LMT_ENA); 2991 txd->txdw5 |= htole32(SM(R92C_TXDW5_RTY_LMT, 2992 tp->maxretry)); 2993 } 2994 2995 if (sc->chip & URTWN_CHIP_88E) { 2996 struct urtwn_node *un = URTWN_NODE(ni); 2997 macid = un->id; 2998 } else 2999 macid = URTWN_MACID_BSS; 3000 3001 if (type == IEEE80211_FC0_TYPE_DATA) { 3002 qsel = tid % URTWN_MAX_TID; 3003 3004 if (sc->chip & URTWN_CHIP_88E) { 3005 txd->txdw2 |= htole32( 3006 R88E_TXDW2_AGGBK | 3007 R88E_TXDW2_CCX_RPT); 3008 } else 3009 txd->txdw1 |= htole32(R92C_TXDW1_AGGBK); 3010 3011 /* protmode, non-HT */ 3012 /* XXX TODO: noack frames? */ 3013 if ((rate & 0x80) == 0 && 3014 (ic->ic_flags & IEEE80211_F_USEPROT)) { 3015 switch (ic->ic_protmode) { 3016 case IEEE80211_PROT_CTSONLY: 3017 txd->txdw4 |= htole32( 3018 R92C_TXDW4_CTS2SELF); 3019 break; 3020 case IEEE80211_PROT_RTSCTS: 3021 txd->txdw4 |= htole32( 3022 R92C_TXDW4_RTSEN | 3023 R92C_TXDW4_HWRTSEN); 3024 break; 3025 default: 3026 break; 3027 } 3028 } 3029 3030 /* protmode, HT */ 3031 /* XXX TODO: noack frames? */ 3032 if ((rate & 0x80) && 3033 (ic->ic_htprotmode == IEEE80211_PROT_RTSCTS)) { 3034 txd->txdw4 |= htole32( 3035 R92C_TXDW4_RTSEN | 3036 R92C_TXDW4_HWRTSEN); 3037 } 3038 3039 if (!(sc->chip & URTWN_CHIP_88E)) { 3040 /* XXX other rates will not work without 3041 * urtwn_ra_init() */ 3042 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 3043 URTWN_RIDX_CCK1)); 3044 } else { 3045 /* XXX TODO: rtsrate is configurable? 24mbit 3046 * may be a bit high for RTS rate? */ 3047 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 3048 URTWN_RIDX_OFDM24)); 3049 } 3050 3051 txd->txdw5 |= htole32(0x0001ff00); 3052 } else /* IEEE80211_FC0_TYPE_MGT */ 3053 qsel = R92C_TXDW1_QSEL_MGNT; 3054 } else { 3055 macid = URTWN_MACID_BC; 3056 qsel = R92C_TXDW1_QSEL_MGNT; 3057 } 3058 3059 txd->txdw1 |= htole32( 3060 SM(R92C_TXDW1_QSEL, qsel) | 3061 SM(R92C_TXDW1_RAID, raid)); 3062 3063 /* XXX TODO: 40MHZ flag? */ 3064 /* XXX TODO: AMPDU flag? (AGG_ENABLE or AGG_BREAK?) Density shift? */ 3065 /* XXX Short preamble? */ 3066 /* XXX Short-GI? */ 3067 3068 if (sc->chip & URTWN_CHIP_88E) 3069 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, macid)); 3070 else 3071 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, macid)); 3072 3073 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 3074 3075 /* Force this rate if needed. */ 3076 if (URTWN_CHIP_HAS_RATECTL(sc) || ismcast || 3077 (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) || 3078 (m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA) 3079 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 3080 3081 if (!hasqos) { 3082 /* Use HW sequence numbering for non-QoS frames. */ 3083 if (sc->chip & URTWN_CHIP_88E) 3084 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 3085 else 3086 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 3087 } else { 3088 /* Set sequence number. */ 3089 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 3090 } 3091 3092 if (k != NULL && !(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 3093 uint8_t cipher; 3094 3095 switch (k->wk_cipher->ic_cipher) { 3096 case IEEE80211_CIPHER_WEP: 3097 case IEEE80211_CIPHER_TKIP: 3098 cipher = R92C_TXDW1_CIPHER_RC4; 3099 break; 3100 case IEEE80211_CIPHER_AES_CCM: 3101 cipher = R92C_TXDW1_CIPHER_AES; 3102 break; 3103 default: 3104 device_printf(sc->sc_dev, "%s: unknown cipher %d\n", 3105 __func__, k->wk_cipher->ic_cipher); 3106 return (EINVAL); 3107 } 3108 3109 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher)); 3110 } 3111 3112 if (ieee80211_radiotap_active_vap(vap)) { 3113 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 3114 3115 tap->wt_flags = 0; 3116 if (k != NULL) 3117 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 3118 ieee80211_radiotap_tx(vap, m); 3119 } 3120 3121 data->ni = ni; 3122 3123 urtwn_tx_start(sc, m, type, data); 3124 3125 return (0); 3126} 3127 3128static int 3129urtwn_tx_raw(struct urtwn_softc *sc, struct ieee80211_node *ni, 3130 struct mbuf *m, struct urtwn_data *data, 3131 const struct ieee80211_bpf_params *params) 3132{ 3133 struct ieee80211vap *vap = ni->ni_vap; 3134 struct ieee80211_key *k = NULL; 3135 struct ieee80211_frame *wh; 3136 struct r92c_tx_desc *txd; 3137 uint8_t cipher, ridx, type; 3138 3139 /* Encrypt the frame if need be. */ 3140 cipher = R92C_TXDW1_CIPHER_NONE; 3141 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) { 3142 /* Retrieve key for TX. */ 3143 k = ieee80211_crypto_encap(ni, m); 3144 if (k == NULL) 3145 return (ENOBUFS); 3146 3147 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 3148 switch (k->wk_cipher->ic_cipher) { 3149 case IEEE80211_CIPHER_WEP: 3150 case IEEE80211_CIPHER_TKIP: 3151 cipher = R92C_TXDW1_CIPHER_RC4; 3152 break; 3153 case IEEE80211_CIPHER_AES_CCM: 3154 cipher = R92C_TXDW1_CIPHER_AES; 3155 break; 3156 default: 3157 device_printf(sc->sc_dev, 3158 "%s: unknown cipher %d\n", 3159 __func__, k->wk_cipher->ic_cipher); 3160 return (EINVAL); 3161 } 3162 } 3163 } 3164 3165 /* XXX TODO: 11n checks, matching urtwn_tx_data() */ 3166 3167 wh = mtod(m, struct ieee80211_frame *); 3168 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3169 3170 /* Fill Tx descriptor. */ 3171 txd = (struct r92c_tx_desc *)data->buf; 3172 memset(txd, 0, sizeof(*txd)); 3173 3174 txd->txdw0 |= htole32( 3175 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 3176 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 3177 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3178 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 3179 3180 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) { 3181 txd->txdw5 |= htole32(R92C_TXDW5_RTY_LMT_ENA); 3182 txd->txdw5 |= htole32(SM(R92C_TXDW5_RTY_LMT, 3183 params->ibp_try0)); 3184 } 3185 if (params->ibp_flags & IEEE80211_BPF_RTS) 3186 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_HWRTSEN); 3187 if (params->ibp_flags & IEEE80211_BPF_CTS) 3188 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF); 3189 if (txd->txdw4 & htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_CTS2SELF)) { 3190 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 3191 URTWN_RIDX_OFDM24)); 3192 } 3193 3194 if (sc->chip & URTWN_CHIP_88E) 3195 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 3196 else 3197 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 3198 3199 /* XXX TODO: rate index/config (RAID) for 11n? */ 3200 txd->txdw1 |= htole32(SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT)); 3201 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher)); 3202 3203 /* Choose a TX rate index. */ 3204 ridx = rate2ridx(params->ibp_rate0); 3205 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 3206 txd->txdw5 |= htole32(0x0001ff00); 3207 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 3208 3209 if (!IEEE80211_QOS_HAS_SEQ(wh)) { 3210 /* Use HW sequence numbering for non-QoS frames. */ 3211 if (sc->chip & URTWN_CHIP_88E) 3212 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 3213 else 3214 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 3215 } else { 3216 /* Set sequence number. */ 3217 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 3218 } 3219 3220 if (ieee80211_radiotap_active_vap(vap)) { 3221 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 3222 3223 tap->wt_flags = 0; 3224 if (k != NULL) 3225 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 3226 ieee80211_radiotap_tx(vap, m); 3227 } 3228 3229 data->ni = ni; 3230 3231 urtwn_tx_start(sc, m, type, data); 3232 3233 return (0); 3234} 3235 3236static void 3237urtwn_tx_start(struct urtwn_softc *sc, struct mbuf *m, uint8_t type, 3238 struct urtwn_data *data) 3239{ 3240 struct usb_xfer *xfer; 3241 struct r92c_tx_desc *txd; 3242 uint16_t ac, sum; 3243 int i, xferlen; 3244 3245 URTWN_ASSERT_LOCKED(sc); 3246 3247 ac = M_WME_GETAC(m); 3248 3249 switch (type) { 3250 case IEEE80211_FC0_TYPE_CTL: 3251 case IEEE80211_FC0_TYPE_MGT: 3252 xfer = sc->sc_xfer[URTWN_BULK_TX_VO]; 3253 break; 3254 default: 3255 xfer = sc->sc_xfer[wme2queue[ac].qid]; 3256 break; 3257 } 3258 3259 txd = (struct r92c_tx_desc *)data->buf; 3260 txd->txdw0 |= htole32(SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len)); 3261 3262 /* Compute Tx descriptor checksum. */ 3263 sum = 0; 3264 for (i = 0; i < sizeof(*txd) / 2; i++) 3265 sum ^= ((uint16_t *)txd)[i]; 3266 txd->txdsum = sum; /* NB: already little endian. */ 3267 3268 xferlen = sizeof(*txd) + m->m_pkthdr.len; 3269 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&txd[1]); 3270 3271 data->buflen = xferlen; 3272 data->m = m; 3273 3274 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 3275 usbd_transfer_start(xfer); 3276} 3277 3278static int 3279urtwn_transmit(struct ieee80211com *ic, struct mbuf *m) 3280{ 3281 struct urtwn_softc *sc = ic->ic_softc; 3282 int error; 3283 3284 URTWN_LOCK(sc); 3285 if ((sc->sc_flags & URTWN_RUNNING) == 0) { 3286 URTWN_UNLOCK(sc); 3287 return (ENXIO); 3288 } 3289 error = mbufq_enqueue(&sc->sc_snd, m); 3290 if (error) { 3291 URTWN_UNLOCK(sc); 3292 return (error); 3293 } 3294 urtwn_start(sc); 3295 URTWN_UNLOCK(sc); 3296 3297 return (0); 3298} 3299 3300static void 3301urtwn_start(struct urtwn_softc *sc) 3302{ 3303 struct ieee80211_node *ni; 3304 struct mbuf *m; 3305 struct urtwn_data *bf; 3306 3307 URTWN_ASSERT_LOCKED(sc); 3308 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 3309 bf = urtwn_getbuf(sc); 3310 if (bf == NULL) { 3311 mbufq_prepend(&sc->sc_snd, m); 3312 break; 3313 } 3314 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3315 m->m_pkthdr.rcvif = NULL; 3316 3317 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n", 3318 __func__, 3319 m); 3320 3321 if (urtwn_tx_data(sc, ni, m, bf) != 0) { 3322 if_inc_counter(ni->ni_vap->iv_ifp, 3323 IFCOUNTER_OERRORS, 1); 3324 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 3325 m_freem(m); 3326 ieee80211_free_node(ni); 3327 break; 3328 } 3329 sc->sc_txtimer = 5; 3330 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 3331 } 3332} 3333 3334static void 3335urtwn_parent(struct ieee80211com *ic) 3336{ 3337 struct urtwn_softc *sc = ic->ic_softc; 3338 3339 URTWN_LOCK(sc); 3340 if (sc->sc_flags & URTWN_DETACHED) { 3341 URTWN_UNLOCK(sc); 3342 return; 3343 } 3344 URTWN_UNLOCK(sc); 3345 3346 if (ic->ic_nrunning > 0) { 3347 if (urtwn_init(sc) != 0) { 3348 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3349 if (vap != NULL) 3350 ieee80211_stop(vap); 3351 } else 3352 ieee80211_start_all(ic); 3353 } else 3354 urtwn_stop(sc); 3355} 3356 3357static __inline int 3358urtwn_power_on(struct urtwn_softc *sc) 3359{ 3360 3361 return sc->sc_power_on(sc); 3362} 3363 3364static int 3365urtwn_r92c_power_on(struct urtwn_softc *sc) 3366{ 3367 uint32_t reg; 3368 usb_error_t error; 3369 int ntries; 3370 3371 /* Wait for autoload done bit. */ 3372 for (ntries = 0; ntries < 1000; ntries++) { 3373 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN) 3374 break; 3375 urtwn_ms_delay(sc); 3376 } 3377 if (ntries == 1000) { 3378 device_printf(sc->sc_dev, 3379 "timeout waiting for chip autoload\n"); 3380 return (ETIMEDOUT); 3381 } 3382 3383 /* Unlock ISO/CLK/Power control register. */ 3384 error = urtwn_write_1(sc, R92C_RSV_CTRL, 0); 3385 if (error != USB_ERR_NORMAL_COMPLETION) 3386 return (EIO); 3387 /* Move SPS into PWM mode. */ 3388 error = urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b); 3389 if (error != USB_ERR_NORMAL_COMPLETION) 3390 return (EIO); 3391 urtwn_ms_delay(sc); 3392 3393 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL); 3394 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) { 3395 error = urtwn_write_1(sc, R92C_LDOV12D_CTRL, 3396 reg | R92C_LDOV12D_CTRL_LDV12_EN); 3397 if (error != USB_ERR_NORMAL_COMPLETION) 3398 return (EIO); 3399 urtwn_ms_delay(sc); 3400 error = urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 3401 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) & 3402 ~R92C_SYS_ISO_CTRL_MD2PP); 3403 if (error != USB_ERR_NORMAL_COMPLETION) 3404 return (EIO); 3405 } 3406 3407 /* Auto enable WLAN. */ 3408 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3409 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 3410 if (error != USB_ERR_NORMAL_COMPLETION) 3411 return (EIO); 3412 for (ntries = 0; ntries < 1000; ntries++) { 3413 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 3414 R92C_APS_FSMCO_APFM_ONMAC)) 3415 break; 3416 urtwn_ms_delay(sc); 3417 } 3418 if (ntries == 1000) { 3419 device_printf(sc->sc_dev, 3420 "timeout waiting for MAC auto ON\n"); 3421 return (ETIMEDOUT); 3422 } 3423 3424 /* Enable radio, GPIO and LED functions. */ 3425 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3426 R92C_APS_FSMCO_AFSM_HSUS | 3427 R92C_APS_FSMCO_PDN_EN | 3428 R92C_APS_FSMCO_PFM_ALDN); 3429 if (error != USB_ERR_NORMAL_COMPLETION) 3430 return (EIO); 3431 /* Release RF digital isolation. */ 3432 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 3433 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR); 3434 if (error != USB_ERR_NORMAL_COMPLETION) 3435 return (EIO); 3436 3437 /* Initialize MAC. */ 3438 error = urtwn_write_1(sc, R92C_APSD_CTRL, 3439 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF); 3440 if (error != USB_ERR_NORMAL_COMPLETION) 3441 return (EIO); 3442 for (ntries = 0; ntries < 200; ntries++) { 3443 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) & 3444 R92C_APSD_CTRL_OFF_STATUS)) 3445 break; 3446 urtwn_ms_delay(sc); 3447 } 3448 if (ntries == 200) { 3449 device_printf(sc->sc_dev, 3450 "timeout waiting for MAC initialization\n"); 3451 return (ETIMEDOUT); 3452 } 3453 3454 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 3455 reg = urtwn_read_2(sc, R92C_CR); 3456 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3457 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 3458 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN | 3459 R92C_CR_ENSEC; 3460 error = urtwn_write_2(sc, R92C_CR, reg); 3461 if (error != USB_ERR_NORMAL_COMPLETION) 3462 return (EIO); 3463 3464 error = urtwn_write_1(sc, 0xfe10, 0x19); 3465 if (error != USB_ERR_NORMAL_COMPLETION) 3466 return (EIO); 3467 return (0); 3468} 3469 3470static int 3471urtwn_r88e_power_on(struct urtwn_softc *sc) 3472{ 3473 uint32_t reg; 3474 usb_error_t error; 3475 int ntries; 3476 3477 /* Wait for power ready bit. */ 3478 for (ntries = 0; ntries < 5000; ntries++) { 3479 if (urtwn_read_4(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_SUS_HOST) 3480 break; 3481 urtwn_ms_delay(sc); 3482 } 3483 if (ntries == 5000) { 3484 device_printf(sc->sc_dev, 3485 "timeout waiting for chip power up\n"); 3486 return (ETIMEDOUT); 3487 } 3488 3489 /* Reset BB. */ 3490 error = urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3491 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~(R92C_SYS_FUNC_EN_BBRSTB | 3492 R92C_SYS_FUNC_EN_BB_GLB_RST)); 3493 if (error != USB_ERR_NORMAL_COMPLETION) 3494 return (EIO); 3495 3496 error = urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2, 3497 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80); 3498 if (error != USB_ERR_NORMAL_COMPLETION) 3499 return (EIO); 3500 3501 /* Disable HWPDN. */ 3502 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3503 urtwn_read_2(sc, R92C_APS_FSMCO) & ~R92C_APS_FSMCO_APDM_HPDN); 3504 if (error != USB_ERR_NORMAL_COMPLETION) 3505 return (EIO); 3506 3507 /* Disable WL suspend. */ 3508 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3509 urtwn_read_2(sc, R92C_APS_FSMCO) & 3510 ~(R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_AFSM_PCIE)); 3511 if (error != USB_ERR_NORMAL_COMPLETION) 3512 return (EIO); 3513 3514 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3515 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 3516 if (error != USB_ERR_NORMAL_COMPLETION) 3517 return (EIO); 3518 for (ntries = 0; ntries < 5000; ntries++) { 3519 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 3520 R92C_APS_FSMCO_APFM_ONMAC)) 3521 break; 3522 urtwn_ms_delay(sc); 3523 } 3524 if (ntries == 5000) 3525 return (ETIMEDOUT); 3526 3527 /* Enable LDO normal mode. */ 3528 error = urtwn_write_1(sc, R92C_LPLDO_CTRL, 3529 urtwn_read_1(sc, R92C_LPLDO_CTRL) & ~R92C_LPLDO_CTRL_SLEEP); 3530 if (error != USB_ERR_NORMAL_COMPLETION) 3531 return (EIO); 3532 3533 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 3534 error = urtwn_write_2(sc, R92C_CR, 0); 3535 if (error != USB_ERR_NORMAL_COMPLETION) 3536 return (EIO); 3537 reg = urtwn_read_2(sc, R92C_CR); 3538 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3539 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 3540 R92C_CR_SCHEDULE_EN | R92C_CR_ENSEC | R92C_CR_CALTMR_EN; 3541 error = urtwn_write_2(sc, R92C_CR, reg); 3542 if (error != USB_ERR_NORMAL_COMPLETION) 3543 return (EIO); 3544 3545 return (0); 3546} 3547 3548static __inline void 3549urtwn_power_off(struct urtwn_softc *sc) 3550{ 3551 3552 return sc->sc_power_off(sc); 3553} 3554 3555static void 3556urtwn_r92c_power_off(struct urtwn_softc *sc) 3557{ 3558 uint32_t reg; 3559 3560 /* Block all Tx queues. */ 3561 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL); 3562 3563 /* Disable RF */ 3564 urtwn_rf_write(sc, 0, 0, 0); 3565 3566 urtwn_write_1(sc, R92C_APSD_CTRL, R92C_APSD_CTRL_OFF); 3567 3568 /* Reset BB state machine */ 3569 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3570 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA | 3571 R92C_SYS_FUNC_EN_BB_GLB_RST); 3572 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3573 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA); 3574 3575 /* 3576 * Reset digital sequence 3577 */ 3578#ifndef URTWN_WITHOUT_UCODE 3579 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) { 3580 /* Reset MCU ready status */ 3581 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3582 3583 /* If firmware in ram code, do reset */ 3584 urtwn_fw_reset(sc); 3585 } 3586#endif 3587 3588 /* Reset MAC and Enable 8051 */ 3589 urtwn_write_1(sc, R92C_SYS_FUNC_EN + 1, 3590 (R92C_SYS_FUNC_EN_CPUEN | 3591 R92C_SYS_FUNC_EN_ELDR | 3592 R92C_SYS_FUNC_EN_HWPDN) >> 8); 3593 3594 /* Reset MCU ready status */ 3595 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3596 3597 /* Disable MAC clock */ 3598 urtwn_write_2(sc, R92C_SYS_CLKR, 3599 R92C_SYS_CLKR_ANAD16V_EN | 3600 R92C_SYS_CLKR_ANA8M | 3601 R92C_SYS_CLKR_LOADER_EN | 3602 R92C_SYS_CLKR_80M_SSC_DIS | 3603 R92C_SYS_CLKR_SYS_EN | 3604 R92C_SYS_CLKR_RING_EN | 3605 0x4000); 3606 3607 /* Disable AFE PLL */ 3608 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x80); 3609 3610 /* Gated AFE DIG_CLOCK */ 3611 urtwn_write_2(sc, R92C_AFE_XTAL_CTRL, 0x880F); 3612 3613 /* Isolated digital to PON */ 3614 urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 3615 R92C_SYS_ISO_CTRL_MD2PP | 3616 R92C_SYS_ISO_CTRL_PA2PCIE | 3617 R92C_SYS_ISO_CTRL_PD2CORE | 3618 R92C_SYS_ISO_CTRL_IP2MAC | 3619 R92C_SYS_ISO_CTRL_DIOP | 3620 R92C_SYS_ISO_CTRL_DIOE); 3621 3622 /* 3623 * Pull GPIO PIN to balance level and LED control 3624 */ 3625 /* 1. Disable GPIO[7:0] */ 3626 urtwn_write_2(sc, R92C_GPIO_IOSEL, 0x0000); 3627 3628 reg = urtwn_read_4(sc, R92C_GPIO_PIN_CTRL) & ~0x0000ff00; 3629 reg |= ((reg << 8) & 0x0000ff00) | 0x00ff0000; 3630 urtwn_write_4(sc, R92C_GPIO_PIN_CTRL, reg); 3631 3632 /* Disable GPIO[10:8] */ 3633 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 0x00); 3634 3635 reg = urtwn_read_2(sc, R92C_GPIO_IO_SEL) & ~0x00f0; 3636 reg |= (((reg & 0x000f) << 4) | 0x0780); 3637 urtwn_write_2(sc, R92C_GPIO_IO_SEL, reg); 3638 3639 /* Disable LED0 & 1 */ 3640 urtwn_write_2(sc, R92C_LEDCFG0, 0x8080); 3641 3642 /* 3643 * Reset digital sequence 3644 */ 3645 /* Disable ELDR clock */ 3646 urtwn_write_2(sc, R92C_SYS_CLKR, 3647 R92C_SYS_CLKR_ANAD16V_EN | 3648 R92C_SYS_CLKR_ANA8M | 3649 R92C_SYS_CLKR_LOADER_EN | 3650 R92C_SYS_CLKR_80M_SSC_DIS | 3651 R92C_SYS_CLKR_SYS_EN | 3652 R92C_SYS_CLKR_RING_EN | 3653 0x4000); 3654 3655 /* Isolated ELDR to PON */ 3656 urtwn_write_1(sc, R92C_SYS_ISO_CTRL + 1, 3657 (R92C_SYS_ISO_CTRL_DIOR | 3658 R92C_SYS_ISO_CTRL_PWC_EV12V) >> 8); 3659 3660 /* 3661 * Disable analog sequence 3662 */ 3663 /* Disable A15 power */ 3664 urtwn_write_1(sc, R92C_LDOA15_CTRL, R92C_LDOA15_CTRL_OBUF); 3665 /* Disable digital core power */ 3666 urtwn_write_1(sc, R92C_LDOV12D_CTRL, 3667 urtwn_read_1(sc, R92C_LDOV12D_CTRL) & 3668 ~R92C_LDOV12D_CTRL_LDV12_EN); 3669 3670 /* Enter PFM mode */ 3671 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x23); 3672 3673 /* Set USB suspend */ 3674 urtwn_write_2(sc, R92C_APS_FSMCO, 3675 R92C_APS_FSMCO_APDM_HOST | 3676 R92C_APS_FSMCO_AFSM_HSUS | 3677 R92C_APS_FSMCO_PFM_ALDN); 3678 3679 /* Lock ISO/CLK/Power control register. */ 3680 urtwn_write_1(sc, R92C_RSV_CTRL, 0x0E); 3681} 3682 3683static void 3684urtwn_r88e_power_off(struct urtwn_softc *sc) 3685{ 3686 uint8_t reg; 3687 int ntries; 3688 3689 /* Disable any kind of TX reports. */ 3690 urtwn_write_1(sc, R88E_TX_RPT_CTRL, 3691 urtwn_read_1(sc, R88E_TX_RPT_CTRL) & 3692 ~(R88E_TX_RPT1_ENA | R88E_TX_RPT2_ENA)); 3693 3694 /* Stop Rx. */ 3695 urtwn_write_1(sc, R92C_CR, 0); 3696 3697 /* Move card to Low Power State. */ 3698 /* Block all Tx queues. */ 3699 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL); 3700 3701 for (ntries = 0; ntries < 20; ntries++) { 3702 /* Should be zero if no packet is transmitting. */ 3703 if (urtwn_read_4(sc, R88E_SCH_TXCMD) == 0) 3704 break; 3705 3706 urtwn_ms_delay(sc); 3707 } 3708 if (ntries == 20) { 3709 device_printf(sc->sc_dev, "%s: failed to block Tx queues\n", 3710 __func__); 3711 return; 3712 } 3713 3714 /* CCK and OFDM are disabled, and clock are gated. */ 3715 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3716 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~R92C_SYS_FUNC_EN_BBRSTB); 3717 3718 urtwn_ms_delay(sc); 3719 3720 /* Reset MAC TRX */ 3721 urtwn_write_1(sc, R92C_CR, 3722 R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3723 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | 3724 R92C_CR_PROTOCOL_EN | R92C_CR_SCHEDULE_EN); 3725 3726 /* check if removed later */ 3727 urtwn_write_1(sc, R92C_CR + 1, 3728 urtwn_read_1(sc, R92C_CR + 1) & ~(R92C_CR_ENSEC >> 8)); 3729 3730 /* Respond TxOK to scheduler */ 3731 urtwn_write_1(sc, R92C_DUAL_TSF_RST, 3732 urtwn_read_1(sc, R92C_DUAL_TSF_RST) | 0x20); 3733 3734 /* If firmware in ram code, do reset. */ 3735#ifndef URTWN_WITHOUT_UCODE 3736 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) 3737 urtwn_r88e_fw_reset(sc); 3738#endif 3739 3740 /* Reset MCU ready status. */ 3741 urtwn_write_1(sc, R92C_MCUFWDL, 0x00); 3742 3743 /* Disable 32k. */ 3744 urtwn_write_1(sc, R88E_32K_CTRL, 3745 urtwn_read_1(sc, R88E_32K_CTRL) & ~0x01); 3746 3747 /* Move card to Disabled state. */ 3748 /* Turn off RF. */ 3749 urtwn_write_1(sc, R92C_RF_CTRL, 0); 3750 3751 /* LDO Sleep mode. */ 3752 urtwn_write_1(sc, R92C_LPLDO_CTRL, 3753 urtwn_read_1(sc, R92C_LPLDO_CTRL) | R92C_LPLDO_CTRL_SLEEP); 3754 3755 /* Turn off MAC by HW state machine */ 3756 urtwn_write_1(sc, R92C_APS_FSMCO + 1, 3757 urtwn_read_1(sc, R92C_APS_FSMCO + 1) | 3758 (R92C_APS_FSMCO_APFM_OFF >> 8)); 3759 3760 for (ntries = 0; ntries < 20; ntries++) { 3761 /* Wait until it will be disabled. */ 3762 if ((urtwn_read_1(sc, R92C_APS_FSMCO + 1) & 3763 (R92C_APS_FSMCO_APFM_OFF >> 8)) == 0) 3764 break; 3765 3766 urtwn_ms_delay(sc); 3767 } 3768 if (ntries == 20) { 3769 device_printf(sc->sc_dev, "%s: could not turn off MAC\n", 3770 __func__); 3771 return; 3772 } 3773 3774 /* schmit trigger */ 3775 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2, 3776 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80); 3777 3778 /* Enable WL suspend. */ 3779 urtwn_write_1(sc, R92C_APS_FSMCO + 1, 3780 (urtwn_read_1(sc, R92C_APS_FSMCO + 1) & ~0x10) | 0x08); 3781 3782 /* Enable bandgap mbias in suspend. */ 3783 urtwn_write_1(sc, R92C_APS_FSMCO + 3, 0); 3784 3785 /* Clear SIC_EN register. */ 3786 urtwn_write_1(sc, R92C_GPIO_MUXCFG + 1, 3787 urtwn_read_1(sc, R92C_GPIO_MUXCFG + 1) & ~0x10); 3788 3789 /* Set USB suspend enable local register */ 3790 urtwn_write_1(sc, R92C_USB_SUSPEND, 3791 urtwn_read_1(sc, R92C_USB_SUSPEND) | 0x10); 3792 3793 /* Reset MCU IO Wrapper. */ 3794 reg = urtwn_read_1(sc, R92C_RSV_CTRL + 1); 3795 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg & ~0x08); 3796 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg | 0x08); 3797 3798 /* marked as 'For Power Consumption' code. */ 3799 urtwn_write_1(sc, R92C_GPIO_OUT, urtwn_read_1(sc, R92C_GPIO_IN)); 3800 urtwn_write_1(sc, R92C_GPIO_IOSEL, 0xff); 3801 3802 urtwn_write_1(sc, R92C_GPIO_IO_SEL, 3803 urtwn_read_1(sc, R92C_GPIO_IO_SEL) << 4); 3804 urtwn_write_1(sc, R92C_GPIO_MOD, 3805 urtwn_read_1(sc, R92C_GPIO_MOD) | 0x0f); 3806 3807 /* Set LNA, TRSW, EX_PA Pin to output mode. */ 3808 urtwn_write_4(sc, R88E_BB_PAD_CTRL, 0x00080808); 3809} 3810 3811static int 3812urtwn_llt_init(struct urtwn_softc *sc) 3813{ 3814 int i, error, page_count, pktbuf_count; 3815 3816 page_count = (sc->chip & URTWN_CHIP_88E) ? 3817 R88E_TX_PAGE_COUNT : R92C_TX_PAGE_COUNT; 3818 pktbuf_count = (sc->chip & URTWN_CHIP_88E) ? 3819 R88E_TXPKTBUF_COUNT : R92C_TXPKTBUF_COUNT; 3820 3821 /* Reserve pages [0; page_count]. */ 3822 for (i = 0; i < page_count; i++) { 3823 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 3824 return (error); 3825 } 3826 /* NB: 0xff indicates end-of-list. */ 3827 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0) 3828 return (error); 3829 /* 3830 * Use pages [page_count + 1; pktbuf_count - 1] 3831 * as ring buffer. 3832 */ 3833 for (++i; i < pktbuf_count - 1; i++) { 3834 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 3835 return (error); 3836 } 3837 /* Make the last page point to the beginning of the ring buffer. */ 3838 error = urtwn_llt_write(sc, i, page_count + 1); 3839 return (error); 3840} 3841 3842#ifndef URTWN_WITHOUT_UCODE 3843static void 3844urtwn_fw_reset(struct urtwn_softc *sc) 3845{ 3846 uint16_t reg; 3847 int ntries; 3848 3849 /* Tell 8051 to reset itself. */ 3850 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20); 3851 3852 /* Wait until 8051 resets by itself. */ 3853 for (ntries = 0; ntries < 100; ntries++) { 3854 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 3855 if (!(reg & R92C_SYS_FUNC_EN_CPUEN)) 3856 return; 3857 urtwn_ms_delay(sc); 3858 } 3859 /* Force 8051 reset. */ 3860 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 3861} 3862 3863static void 3864urtwn_r88e_fw_reset(struct urtwn_softc *sc) 3865{ 3866 uint16_t reg; 3867 3868 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 3869 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 3870 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg | R92C_SYS_FUNC_EN_CPUEN); 3871} 3872 3873static int 3874urtwn_fw_loadpage(struct urtwn_softc *sc, int page, const uint8_t *buf, int len) 3875{ 3876 uint32_t reg; 3877 usb_error_t error = USB_ERR_NORMAL_COMPLETION; 3878 int off, mlen; 3879 3880 reg = urtwn_read_4(sc, R92C_MCUFWDL); 3881 reg = RW(reg, R92C_MCUFWDL_PAGE, page); 3882 urtwn_write_4(sc, R92C_MCUFWDL, reg); 3883 3884 off = R92C_FW_START_ADDR; 3885 while (len > 0) { 3886 if (len > 196) 3887 mlen = 196; 3888 else if (len > 4) 3889 mlen = 4; 3890 else 3891 mlen = 1; 3892 /* XXX fix this deconst */ 3893 error = urtwn_write_region_1(sc, off, 3894 __DECONST(uint8_t *, buf), mlen); 3895 if (error != USB_ERR_NORMAL_COMPLETION) 3896 break; 3897 off += mlen; 3898 buf += mlen; 3899 len -= mlen; 3900 } 3901 return (error); 3902} 3903 3904static int 3905urtwn_load_firmware(struct urtwn_softc *sc) 3906{ 3907 const struct firmware *fw; 3908 const struct r92c_fw_hdr *hdr; 3909 const char *imagename; 3910 const u_char *ptr; 3911 size_t len; 3912 uint32_t reg; 3913 int mlen, ntries, page, error; 3914 3915 URTWN_UNLOCK(sc); 3916 /* Read firmware image from the filesystem. */ 3917 if (sc->chip & URTWN_CHIP_88E) 3918 imagename = "urtwn-rtl8188eufw"; 3919 else if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3920 URTWN_CHIP_UMC_A_CUT) 3921 imagename = "urtwn-rtl8192cfwU"; 3922 else 3923 imagename = "urtwn-rtl8192cfwT"; 3924 3925 fw = firmware_get(imagename); 3926 URTWN_LOCK(sc); 3927 if (fw == NULL) { 3928 device_printf(sc->sc_dev, 3929 "failed loadfirmware of file %s\n", imagename); 3930 return (ENOENT); 3931 } 3932 3933 len = fw->datasize; 3934 3935 if (len < sizeof(*hdr)) { 3936 device_printf(sc->sc_dev, "firmware too short\n"); 3937 error = EINVAL; 3938 goto fail; 3939 } 3940 ptr = fw->data; 3941 hdr = (const struct r92c_fw_hdr *)ptr; 3942 /* Check if there is a valid FW header and skip it. */ 3943 if ((le16toh(hdr->signature) >> 4) == 0x88c || 3944 (le16toh(hdr->signature) >> 4) == 0x88e || 3945 (le16toh(hdr->signature) >> 4) == 0x92c) { 3946 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, 3947 "FW V%d.%d %02d-%02d %02d:%02d\n", 3948 le16toh(hdr->version), le16toh(hdr->subversion), 3949 hdr->month, hdr->date, hdr->hour, hdr->minute); 3950 ptr += sizeof(*hdr); 3951 len -= sizeof(*hdr); 3952 } 3953 3954 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RAM_DL_SEL) { 3955 if (sc->chip & URTWN_CHIP_88E) 3956 urtwn_r88e_fw_reset(sc); 3957 else 3958 urtwn_fw_reset(sc); 3959 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3960 } 3961 3962 if (!(sc->chip & URTWN_CHIP_88E)) { 3963 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 3964 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 3965 R92C_SYS_FUNC_EN_CPUEN); 3966 } 3967 urtwn_write_1(sc, R92C_MCUFWDL, 3968 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN); 3969 urtwn_write_1(sc, R92C_MCUFWDL + 2, 3970 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08); 3971 3972 /* Reset the FWDL checksum. */ 3973 urtwn_write_1(sc, R92C_MCUFWDL, 3974 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_CHKSUM_RPT); 3975 3976 for (page = 0; len > 0; page++) { 3977 mlen = min(len, R92C_FW_PAGE_SIZE); 3978 error = urtwn_fw_loadpage(sc, page, ptr, mlen); 3979 if (error != 0) { 3980 device_printf(sc->sc_dev, 3981 "could not load firmware page\n"); 3982 goto fail; 3983 } 3984 ptr += mlen; 3985 len -= mlen; 3986 } 3987 urtwn_write_1(sc, R92C_MCUFWDL, 3988 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN); 3989 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0); 3990 3991 /* Wait for checksum report. */ 3992 for (ntries = 0; ntries < 1000; ntries++) { 3993 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT) 3994 break; 3995 urtwn_ms_delay(sc); 3996 } 3997 if (ntries == 1000) { 3998 device_printf(sc->sc_dev, 3999 "timeout waiting for checksum report\n"); 4000 error = ETIMEDOUT; 4001 goto fail; 4002 } 4003 4004 reg = urtwn_read_4(sc, R92C_MCUFWDL); 4005 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY; 4006 urtwn_write_4(sc, R92C_MCUFWDL, reg); 4007 if (sc->chip & URTWN_CHIP_88E) 4008 urtwn_r88e_fw_reset(sc); 4009 /* Wait for firmware readiness. */ 4010 for (ntries = 0; ntries < 1000; ntries++) { 4011 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY) 4012 break; 4013 urtwn_ms_delay(sc); 4014 } 4015 if (ntries == 1000) { 4016 device_printf(sc->sc_dev, 4017 "timeout waiting for firmware readiness\n"); 4018 error = ETIMEDOUT; 4019 goto fail; 4020 } 4021fail: 4022 firmware_put(fw, FIRMWARE_UNLOAD); 4023 return (error); 4024} 4025#endif 4026 4027static int 4028urtwn_dma_init(struct urtwn_softc *sc) 4029{ 4030 struct usb_endpoint *ep, *ep_end; 4031 usb_error_t usb_err; 4032 uint32_t reg; 4033 int hashq, hasnq, haslq, nqueues, ntx; 4034 int error, pagecount, npubqpages, nqpages, nrempages, tx_boundary; 4035 4036 /* Initialize LLT table. */ 4037 error = urtwn_llt_init(sc); 4038 if (error != 0) 4039 return (error); 4040 4041 /* Determine the number of bulk-out pipes. */ 4042 ntx = 0; 4043 ep = sc->sc_udev->endpoints; 4044 ep_end = sc->sc_udev->endpoints + sc->sc_udev->endpoints_max; 4045 for (; ep != ep_end; ep++) { 4046 if ((ep->edesc == NULL) || 4047 (ep->iface_index != sc->sc_iface_index)) 4048 continue; 4049 if (UE_GET_DIR(ep->edesc->bEndpointAddress) == UE_DIR_OUT) 4050 ntx++; 4051 } 4052 if (ntx == 0) { 4053 device_printf(sc->sc_dev, 4054 "%d: invalid number of Tx bulk pipes\n", ntx); 4055 return (EIO); 4056 } 4057 4058 /* Get Tx queues to USB endpoints mapping. */ 4059 hashq = hasnq = haslq = nqueues = 0; 4060 switch (ntx) { 4061 case 1: hashq = 1; break; 4062 case 2: hashq = hasnq = 1; break; 4063 case 3: case 4: hashq = hasnq = haslq = 1; break; 4064 } 4065 nqueues = hashq + hasnq + haslq; 4066 if (nqueues == 0) 4067 return (EIO); 4068 4069 npubqpages = nqpages = nrempages = pagecount = 0; 4070 if (sc->chip & URTWN_CHIP_88E) 4071 tx_boundary = R88E_TX_PAGE_BOUNDARY; 4072 else { 4073 pagecount = R92C_TX_PAGE_COUNT; 4074 npubqpages = R92C_PUBQ_NPAGES; 4075 tx_boundary = R92C_TX_PAGE_BOUNDARY; 4076 } 4077 4078 /* Set number of pages for normal priority queue. */ 4079 if (sc->chip & URTWN_CHIP_88E) { 4080 usb_err = urtwn_write_2(sc, R92C_RQPN_NPQ, 0xd); 4081 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4082 return (EIO); 4083 usb_err = urtwn_write_4(sc, R92C_RQPN, 0x808e000d); 4084 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4085 return (EIO); 4086 } else { 4087 /* Get the number of pages for each queue. */ 4088 nqpages = (pagecount - npubqpages) / nqueues; 4089 /* 4090 * The remaining pages are assigned to the high priority 4091 * queue. 4092 */ 4093 nrempages = (pagecount - npubqpages) % nqueues; 4094 usb_err = urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0); 4095 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4096 return (EIO); 4097 usb_err = urtwn_write_4(sc, R92C_RQPN, 4098 /* Set number of pages for public queue. */ 4099 SM(R92C_RQPN_PUBQ, npubqpages) | 4100 /* Set number of pages for high priority queue. */ 4101 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) | 4102 /* Set number of pages for low priority queue. */ 4103 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) | 4104 /* Load values. */ 4105 R92C_RQPN_LD); 4106 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4107 return (EIO); 4108 } 4109 4110 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary); 4111 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4112 return (EIO); 4113 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary); 4114 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4115 return (EIO); 4116 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary); 4117 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4118 return (EIO); 4119 usb_err = urtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary); 4120 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4121 return (EIO); 4122 usb_err = urtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary); 4123 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4124 return (EIO); 4125 4126 /* Set queue to USB pipe mapping. */ 4127 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL); 4128 reg &= ~R92C_TRXDMA_CTRL_QMAP_M; 4129 if (nqueues == 1) { 4130 if (hashq) 4131 reg |= R92C_TRXDMA_CTRL_QMAP_HQ; 4132 else if (hasnq) 4133 reg |= R92C_TRXDMA_CTRL_QMAP_NQ; 4134 else 4135 reg |= R92C_TRXDMA_CTRL_QMAP_LQ; 4136 } else if (nqueues == 2) { 4137 /* 4138 * All 2-endpoints configs have high and normal 4139 * priority queues. 4140 */ 4141 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ; 4142 } else 4143 reg |= R92C_TRXDMA_CTRL_QMAP_3EP; 4144 usb_err = urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg); 4145 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4146 return (EIO); 4147 4148 /* Set Tx/Rx transfer page boundary. */ 4149 usb_err = urtwn_write_2(sc, R92C_TRXFF_BNDY + 2, 4150 (sc->chip & URTWN_CHIP_88E) ? 0x23ff : 0x27ff); 4151 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4152 return (EIO); 4153 4154 /* Set Tx/Rx transfer page size. */ 4155 usb_err = urtwn_write_1(sc, R92C_PBP, 4156 SM(R92C_PBP_PSRX, R92C_PBP_128) | 4157 SM(R92C_PBP_PSTX, R92C_PBP_128)); 4158 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4159 return (EIO); 4160 4161 return (0); 4162} 4163 4164static int 4165urtwn_mac_init(struct urtwn_softc *sc) 4166{ 4167 usb_error_t error; 4168 int i; 4169 4170 /* Write MAC initialization values. */ 4171 if (sc->chip & URTWN_CHIP_88E) { 4172 for (i = 0; i < nitems(rtl8188eu_mac); i++) { 4173 error = urtwn_write_1(sc, rtl8188eu_mac[i].reg, 4174 rtl8188eu_mac[i].val); 4175 if (error != USB_ERR_NORMAL_COMPLETION) 4176 return (EIO); 4177 } 4178 urtwn_write_1(sc, R92C_MAX_AGGR_NUM, 0x07); 4179 } else { 4180 for (i = 0; i < nitems(rtl8192cu_mac); i++) { 4181 error = urtwn_write_1(sc, rtl8192cu_mac[i].reg, 4182 rtl8192cu_mac[i].val); 4183 if (error != USB_ERR_NORMAL_COMPLETION) 4184 return (EIO); 4185 } 4186 } 4187 4188 return (0); 4189} 4190 4191static void 4192urtwn_bb_init(struct urtwn_softc *sc) 4193{ 4194 const struct urtwn_bb_prog *prog; 4195 uint32_t reg; 4196 uint8_t crystalcap; 4197 int i; 4198 4199 /* Enable BB and RF. */ 4200 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 4201 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 4202 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST | 4203 R92C_SYS_FUNC_EN_DIO_RF); 4204 4205 if (!(sc->chip & URTWN_CHIP_88E)) 4206 urtwn_write_2(sc, R92C_AFE_PLL_CTRL, 0xdb83); 4207 4208 urtwn_write_1(sc, R92C_RF_CTRL, 4209 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB); 4210 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 4211 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD | 4212 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB); 4213 4214 if (!(sc->chip & URTWN_CHIP_88E)) { 4215 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f); 4216 urtwn_write_1(sc, 0x15, 0xe9); 4217 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80); 4218 } 4219 4220 /* Select BB programming based on board type. */ 4221 if (sc->chip & URTWN_CHIP_88E) 4222 prog = &rtl8188eu_bb_prog; 4223 else if (!(sc->chip & URTWN_CHIP_92C)) { 4224 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 4225 prog = &rtl8188ce_bb_prog; 4226 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 4227 prog = &rtl8188ru_bb_prog; 4228 else 4229 prog = &rtl8188cu_bb_prog; 4230 } else { 4231 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 4232 prog = &rtl8192ce_bb_prog; 4233 else 4234 prog = &rtl8192cu_bb_prog; 4235 } 4236 /* Write BB initialization values. */ 4237 for (i = 0; i < prog->count; i++) { 4238 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]); 4239 urtwn_ms_delay(sc); 4240 } 4241 4242 if (sc->chip & URTWN_CHIP_92C_1T2R) { 4243 /* 8192C 1T only configuration. */ 4244 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO); 4245 reg = (reg & ~0x00000003) | 0x2; 4246 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg); 4247 4248 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO); 4249 reg = (reg & ~0x00300033) | 0x00200022; 4250 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg); 4251 4252 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING); 4253 reg = (reg & ~0xff000000) | 0x45 << 24; 4254 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg); 4255 4256 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA); 4257 reg = (reg & ~0x000000ff) | 0x23; 4258 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg); 4259 4260 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1); 4261 reg = (reg & ~0x00000030) | 1 << 4; 4262 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg); 4263 4264 reg = urtwn_bb_read(sc, 0xe74); 4265 reg = (reg & ~0x0c000000) | 2 << 26; 4266 urtwn_bb_write(sc, 0xe74, reg); 4267 reg = urtwn_bb_read(sc, 0xe78); 4268 reg = (reg & ~0x0c000000) | 2 << 26; 4269 urtwn_bb_write(sc, 0xe78, reg); 4270 reg = urtwn_bb_read(sc, 0xe7c); 4271 reg = (reg & ~0x0c000000) | 2 << 26; 4272 urtwn_bb_write(sc, 0xe7c, reg); 4273 reg = urtwn_bb_read(sc, 0xe80); 4274 reg = (reg & ~0x0c000000) | 2 << 26; 4275 urtwn_bb_write(sc, 0xe80, reg); 4276 reg = urtwn_bb_read(sc, 0xe88); 4277 reg = (reg & ~0x0c000000) | 2 << 26; 4278 urtwn_bb_write(sc, 0xe88, reg); 4279 } 4280 4281 /* Write AGC values. */ 4282 for (i = 0; i < prog->agccount; i++) { 4283 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE, 4284 prog->agcvals[i]); 4285 urtwn_ms_delay(sc); 4286 } 4287 4288 if (sc->chip & URTWN_CHIP_88E) { 4289 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553422); 4290 urtwn_ms_delay(sc); 4291 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553420); 4292 urtwn_ms_delay(sc); 4293 4294 crystalcap = sc->rom.r88e_rom.crystalcap; 4295 if (crystalcap == 0xff) 4296 crystalcap = 0x20; 4297 crystalcap &= 0x3f; 4298 reg = urtwn_bb_read(sc, R92C_AFE_XTAL_CTRL); 4299 urtwn_bb_write(sc, R92C_AFE_XTAL_CTRL, 4300 RW(reg, R92C_AFE_XTAL_CTRL_ADDR, 4301 crystalcap | crystalcap << 6)); 4302 } else { 4303 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) & 4304 R92C_HSSI_PARAM2_CCK_HIPWR) 4305 sc->sc_flags |= URTWN_FLAG_CCK_HIPWR; 4306 } 4307} 4308 4309static void 4310urtwn_rf_init(struct urtwn_softc *sc) 4311{ 4312 const struct urtwn_rf_prog *prog; 4313 uint32_t reg, type; 4314 int i, j, idx, off; 4315 4316 /* Select RF programming based on board type. */ 4317 if (sc->chip & URTWN_CHIP_88E) 4318 prog = rtl8188eu_rf_prog; 4319 else if (!(sc->chip & URTWN_CHIP_92C)) { 4320 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 4321 prog = rtl8188ce_rf_prog; 4322 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 4323 prog = rtl8188ru_rf_prog; 4324 else 4325 prog = rtl8188cu_rf_prog; 4326 } else 4327 prog = rtl8192ce_rf_prog; 4328 4329 for (i = 0; i < sc->nrxchains; i++) { 4330 /* Save RF_ENV control type. */ 4331 idx = i / 2; 4332 off = (i % 2) * 16; 4333 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 4334 type = (reg >> off) & 0x10; 4335 4336 /* Set RF_ENV enable. */ 4337 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 4338 reg |= 0x100000; 4339 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 4340 urtwn_ms_delay(sc); 4341 /* Set RF_ENV output high. */ 4342 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 4343 reg |= 0x10; 4344 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 4345 urtwn_ms_delay(sc); 4346 /* Set address and data lengths of RF registers. */ 4347 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 4348 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH; 4349 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 4350 urtwn_ms_delay(sc); 4351 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 4352 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH; 4353 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 4354 urtwn_ms_delay(sc); 4355 4356 /* Write RF initialization values for this chain. */ 4357 for (j = 0; j < prog[i].count; j++) { 4358 if (prog[i].regs[j] >= 0xf9 && 4359 prog[i].regs[j] <= 0xfe) { 4360 /* 4361 * These are fake RF registers offsets that 4362 * indicate a delay is required. 4363 */ 4364 usb_pause_mtx(&sc->sc_mtx, hz / 20); /* 50ms */ 4365 continue; 4366 } 4367 urtwn_rf_write(sc, i, prog[i].regs[j], 4368 prog[i].vals[j]); 4369 urtwn_ms_delay(sc); 4370 } 4371 4372 /* Restore RF_ENV control type. */ 4373 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 4374 reg &= ~(0x10 << off) | (type << off); 4375 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg); 4376 4377 /* Cache RF register CHNLBW. */ 4378 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW); 4379 } 4380 4381 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 4382 URTWN_CHIP_UMC_A_CUT) { 4383 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255); 4384 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00); 4385 } 4386} 4387 4388static void 4389urtwn_cam_init(struct urtwn_softc *sc) 4390{ 4391 /* Invalidate all CAM entries. */ 4392 urtwn_write_4(sc, R92C_CAMCMD, 4393 R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR); 4394} 4395 4396static int 4397urtwn_cam_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 4398{ 4399 usb_error_t error; 4400 4401 error = urtwn_write_4(sc, R92C_CAMWRITE, data); 4402 if (error != USB_ERR_NORMAL_COMPLETION) 4403 return (EIO); 4404 error = urtwn_write_4(sc, R92C_CAMCMD, 4405 R92C_CAMCMD_POLLING | R92C_CAMCMD_WRITE | 4406 SM(R92C_CAMCMD_ADDR, addr)); 4407 if (error != USB_ERR_NORMAL_COMPLETION) 4408 return (EIO); 4409 4410 return (0); 4411} 4412 4413static void 4414urtwn_pa_bias_init(struct urtwn_softc *sc) 4415{ 4416 uint8_t reg; 4417 int i; 4418 4419 for (i = 0; i < sc->nrxchains; i++) { 4420 if (sc->pa_setting & (1 << i)) 4421 continue; 4422 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406); 4423 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406); 4424 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406); 4425 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406); 4426 } 4427 if (!(sc->pa_setting & 0x10)) { 4428 reg = urtwn_read_1(sc, 0x16); 4429 reg = (reg & ~0xf0) | 0x90; 4430 urtwn_write_1(sc, 0x16, reg); 4431 } 4432} 4433 4434static void 4435urtwn_rxfilter_init(struct urtwn_softc *sc) 4436{ 4437 struct ieee80211com *ic = &sc->sc_ic; 4438 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4439 uint32_t rcr; 4440 uint16_t filter; 4441 4442 URTWN_ASSERT_LOCKED(sc); 4443 4444 /* Setup multicast filter. */ 4445 urtwn_set_multi(sc); 4446 4447 /* Filter for management frames. */ 4448 filter = 0x7f3f; 4449 switch (vap->iv_opmode) { 4450 case IEEE80211_M_STA: 4451 filter &= ~( 4452 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_REQ) | 4453 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_REQ) | 4454 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_PROBE_REQ)); 4455 break; 4456 case IEEE80211_M_HOSTAP: 4457 filter &= ~( 4458 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_RESP) | 4459 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_RESP)); 4460 break; 4461 case IEEE80211_M_MONITOR: 4462 case IEEE80211_M_IBSS: 4463 break; 4464 default: 4465 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 4466 __func__, vap->iv_opmode); 4467 break; 4468 } 4469 urtwn_write_2(sc, R92C_RXFLTMAP0, filter); 4470 4471 /* Reject all control frames. */ 4472 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000); 4473 4474 /* Reject all data frames. */ 4475 urtwn_write_2(sc, R92C_RXFLTMAP2, 0x0000); 4476 4477 rcr = R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_APM | 4478 R92C_RCR_HTC_LOC_CTRL | R92C_RCR_APP_PHYSTS | 4479 R92C_RCR_APP_ICV | R92C_RCR_APP_MIC; 4480 4481 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 4482 /* Accept all frames. */ 4483 rcr |= R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | 4484 R92C_RCR_AAP; 4485 } 4486 4487 /* Set Rx filter. */ 4488 urtwn_write_4(sc, R92C_RCR, rcr); 4489 4490 if (ic->ic_promisc != 0) { 4491 /* Update Rx filter. */ 4492 urtwn_set_promisc(sc); 4493 } 4494} 4495 4496static void 4497urtwn_edca_init(struct urtwn_softc *sc) 4498{ 4499 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a); 4500 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a); 4501 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a); 4502 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a); 4503 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b); 4504 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f); 4505 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324); 4506 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226); 4507} 4508 4509static void 4510urtwn_write_txpower(struct urtwn_softc *sc, int chain, 4511 uint16_t power[URTWN_RIDX_COUNT]) 4512{ 4513 uint32_t reg; 4514 4515 /* Write per-CCK rate Tx power. */ 4516 if (chain == 0) { 4517 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32); 4518 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]); 4519 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg); 4520 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 4521 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]); 4522 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]); 4523 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]); 4524 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 4525 } else { 4526 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32); 4527 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]); 4528 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]); 4529 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]); 4530 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg); 4531 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 4532 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]); 4533 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 4534 } 4535 /* Write per-OFDM rate Tx power. */ 4536 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain), 4537 SM(R92C_TXAGC_RATE06, power[ 4]) | 4538 SM(R92C_TXAGC_RATE09, power[ 5]) | 4539 SM(R92C_TXAGC_RATE12, power[ 6]) | 4540 SM(R92C_TXAGC_RATE18, power[ 7])); 4541 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain), 4542 SM(R92C_TXAGC_RATE24, power[ 8]) | 4543 SM(R92C_TXAGC_RATE36, power[ 9]) | 4544 SM(R92C_TXAGC_RATE48, power[10]) | 4545 SM(R92C_TXAGC_RATE54, power[11])); 4546 /* Write per-MCS Tx power. */ 4547 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain), 4548 SM(R92C_TXAGC_MCS00, power[12]) | 4549 SM(R92C_TXAGC_MCS01, power[13]) | 4550 SM(R92C_TXAGC_MCS02, power[14]) | 4551 SM(R92C_TXAGC_MCS03, power[15])); 4552 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain), 4553 SM(R92C_TXAGC_MCS04, power[16]) | 4554 SM(R92C_TXAGC_MCS05, power[17]) | 4555 SM(R92C_TXAGC_MCS06, power[18]) | 4556 SM(R92C_TXAGC_MCS07, power[19])); 4557 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain), 4558 SM(R92C_TXAGC_MCS08, power[20]) | 4559 SM(R92C_TXAGC_MCS09, power[21]) | 4560 SM(R92C_TXAGC_MCS10, power[22]) | 4561 SM(R92C_TXAGC_MCS11, power[23])); 4562 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain), 4563 SM(R92C_TXAGC_MCS12, power[24]) | 4564 SM(R92C_TXAGC_MCS13, power[25]) | 4565 SM(R92C_TXAGC_MCS14, power[26]) | 4566 SM(R92C_TXAGC_MCS15, power[27])); 4567} 4568 4569static void 4570urtwn_get_txpower(struct urtwn_softc *sc, int chain, 4571 struct ieee80211_channel *c, struct ieee80211_channel *extc, 4572 uint16_t power[URTWN_RIDX_COUNT]) 4573{ 4574 struct ieee80211com *ic = &sc->sc_ic; 4575 struct r92c_rom *rom = &sc->rom.r92c_rom; 4576 uint16_t cckpow, ofdmpow, htpow, diff, max; 4577 const struct urtwn_txpwr *base; 4578 int ridx, chan, group; 4579 4580 /* Determine channel group. */ 4581 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4582 if (chan <= 3) 4583 group = 0; 4584 else if (chan <= 9) 4585 group = 1; 4586 else 4587 group = 2; 4588 4589 /* Get original Tx power based on board type and RF chain. */ 4590 if (!(sc->chip & URTWN_CHIP_92C)) { 4591 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 4592 base = &rtl8188ru_txagc[chain]; 4593 else 4594 base = &rtl8192cu_txagc[chain]; 4595 } else 4596 base = &rtl8192cu_txagc[chain]; 4597 4598 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 4599 if (sc->regulatory == 0) { 4600 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 4601 power[ridx] = base->pwr[0][ridx]; 4602 } 4603 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 4604 if (sc->regulatory == 3) { 4605 power[ridx] = base->pwr[0][ridx]; 4606 /* Apply vendor limits. */ 4607 if (extc != NULL) 4608 max = rom->ht40_max_pwr[group]; 4609 else 4610 max = rom->ht20_max_pwr[group]; 4611 max = (max >> (chain * 4)) & 0xf; 4612 if (power[ridx] > max) 4613 power[ridx] = max; 4614 } else if (sc->regulatory == 1) { 4615 if (extc == NULL) 4616 power[ridx] = base->pwr[group][ridx]; 4617 } else if (sc->regulatory != 2) 4618 power[ridx] = base->pwr[0][ridx]; 4619 } 4620 4621 /* Compute per-CCK rate Tx power. */ 4622 cckpow = rom->cck_tx_pwr[chain][group]; 4623 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 4624 power[ridx] += cckpow; 4625 if (power[ridx] > R92C_MAX_TX_PWR) 4626 power[ridx] = R92C_MAX_TX_PWR; 4627 } 4628 4629 htpow = rom->ht40_1s_tx_pwr[chain][group]; 4630 if (sc->ntxchains > 1) { 4631 /* Apply reduction for 2 spatial streams. */ 4632 diff = rom->ht40_2s_tx_pwr_diff[group]; 4633 diff = (diff >> (chain * 4)) & 0xf; 4634 htpow = (htpow > diff) ? htpow - diff : 0; 4635 } 4636 4637 /* Compute per-OFDM rate Tx power. */ 4638 diff = rom->ofdm_tx_pwr_diff[group]; 4639 diff = (diff >> (chain * 4)) & 0xf; 4640 ofdmpow = htpow + diff; /* HT->OFDM correction. */ 4641 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 4642 power[ridx] += ofdmpow; 4643 if (power[ridx] > R92C_MAX_TX_PWR) 4644 power[ridx] = R92C_MAX_TX_PWR; 4645 } 4646 4647 /* Compute per-MCS Tx power. */ 4648 if (extc == NULL) { 4649 diff = rom->ht20_tx_pwr_diff[group]; 4650 diff = (diff >> (chain * 4)) & 0xf; 4651 htpow += diff; /* HT40->HT20 correction. */ 4652 } 4653 for (ridx = 12; ridx <= 27; ridx++) { 4654 power[ridx] += htpow; 4655 if (power[ridx] > R92C_MAX_TX_PWR) 4656 power[ridx] = R92C_MAX_TX_PWR; 4657 } 4658#ifdef USB_DEBUG 4659 if (sc->sc_debug & URTWN_DEBUG_TXPWR) { 4660 /* Dump per-rate Tx power values. */ 4661 printf("Tx power for chain %d:\n", chain); 4662 for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++) 4663 printf("Rate %d = %u\n", ridx, power[ridx]); 4664 } 4665#endif 4666} 4667 4668static void 4669urtwn_r88e_get_txpower(struct urtwn_softc *sc, int chain, 4670 struct ieee80211_channel *c, struct ieee80211_channel *extc, 4671 uint16_t power[URTWN_RIDX_COUNT]) 4672{ 4673 struct ieee80211com *ic = &sc->sc_ic; 4674 struct r88e_rom *rom = &sc->rom.r88e_rom; 4675 uint16_t cckpow, ofdmpow, bw20pow, htpow; 4676 const struct urtwn_r88e_txpwr *base; 4677 int ridx, chan, group; 4678 4679 /* Determine channel group. */ 4680 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4681 if (chan <= 2) 4682 group = 0; 4683 else if (chan <= 5) 4684 group = 1; 4685 else if (chan <= 8) 4686 group = 2; 4687 else if (chan <= 11) 4688 group = 3; 4689 else if (chan <= 13) 4690 group = 4; 4691 else 4692 group = 5; 4693 4694 /* Get original Tx power based on board type and RF chain. */ 4695 base = &rtl8188eu_txagc[chain]; 4696 4697 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 4698 if (sc->regulatory == 0) { 4699 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 4700 power[ridx] = base->pwr[0][ridx]; 4701 } 4702 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 4703 if (sc->regulatory == 3) 4704 power[ridx] = base->pwr[0][ridx]; 4705 else if (sc->regulatory == 1) { 4706 if (extc == NULL) 4707 power[ridx] = base->pwr[group][ridx]; 4708 } else if (sc->regulatory != 2) 4709 power[ridx] = base->pwr[0][ridx]; 4710 } 4711 4712 /* Compute per-CCK rate Tx power. */ 4713 cckpow = rom->cck_tx_pwr[group]; 4714 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 4715 power[ridx] += cckpow; 4716 if (power[ridx] > R92C_MAX_TX_PWR) 4717 power[ridx] = R92C_MAX_TX_PWR; 4718 } 4719 4720 htpow = rom->ht40_tx_pwr[group]; 4721 4722 /* Compute per-OFDM rate Tx power. */ 4723 ofdmpow = htpow + sc->ofdm_tx_pwr_diff; 4724 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 4725 power[ridx] += ofdmpow; 4726 if (power[ridx] > R92C_MAX_TX_PWR) 4727 power[ridx] = R92C_MAX_TX_PWR; 4728 } 4729 4730 bw20pow = htpow + sc->bw20_tx_pwr_diff; 4731 for (ridx = 12; ridx <= 27; ridx++) { 4732 power[ridx] += bw20pow; 4733 if (power[ridx] > R92C_MAX_TX_PWR) 4734 power[ridx] = R92C_MAX_TX_PWR; 4735 } 4736} 4737 4738static void 4739urtwn_set_txpower(struct urtwn_softc *sc, struct ieee80211_channel *c, 4740 struct ieee80211_channel *extc) 4741{ 4742 uint16_t power[URTWN_RIDX_COUNT]; 4743 int i; 4744 4745 for (i = 0; i < sc->ntxchains; i++) { 4746 /* Compute per-rate Tx power values. */ 4747 if (sc->chip & URTWN_CHIP_88E) 4748 urtwn_r88e_get_txpower(sc, i, c, extc, power); 4749 else 4750 urtwn_get_txpower(sc, i, c, extc, power); 4751 /* Write per-rate Tx power values to hardware. */ 4752 urtwn_write_txpower(sc, i, power); 4753 } 4754} 4755 4756static void 4757urtwn_set_rx_bssid_all(struct urtwn_softc *sc, int enable) 4758{ 4759 uint32_t reg; 4760 4761 reg = urtwn_read_4(sc, R92C_RCR); 4762 if (enable) 4763 reg &= ~R92C_RCR_CBSSID_BCN; 4764 else 4765 reg |= R92C_RCR_CBSSID_BCN; 4766 urtwn_write_4(sc, R92C_RCR, reg); 4767} 4768 4769static void 4770urtwn_set_gain(struct urtwn_softc *sc, uint8_t gain) 4771{ 4772 uint32_t reg; 4773 4774 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 4775 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 4776 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 4777 4778 if (!(sc->chip & URTWN_CHIP_88E)) { 4779 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 4780 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 4781 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 4782 } 4783} 4784 4785static void 4786urtwn_scan_start(struct ieee80211com *ic) 4787{ 4788 struct urtwn_softc *sc = ic->ic_softc; 4789 4790 URTWN_LOCK(sc); 4791 /* Receive beacons / probe responses from any BSSID. */ 4792 if (ic->ic_opmode != IEEE80211_M_IBSS && 4793 ic->ic_opmode != IEEE80211_M_HOSTAP) 4794 urtwn_set_rx_bssid_all(sc, 1); 4795 4796 /* Set gain for scanning. */ 4797 urtwn_set_gain(sc, 0x20); 4798 URTWN_UNLOCK(sc); 4799} 4800 4801static void 4802urtwn_scan_end(struct ieee80211com *ic) 4803{ 4804 struct urtwn_softc *sc = ic->ic_softc; 4805 4806 URTWN_LOCK(sc); 4807 /* Restore limitations. */ 4808 if (ic->ic_promisc == 0 && 4809 ic->ic_opmode != IEEE80211_M_IBSS && 4810 ic->ic_opmode != IEEE80211_M_HOSTAP) 4811 urtwn_set_rx_bssid_all(sc, 0); 4812 4813 /* Set gain under link. */ 4814 urtwn_set_gain(sc, 0x32); 4815 URTWN_UNLOCK(sc); 4816} 4817 4818static void 4819urtwn_getradiocaps(struct ieee80211com *ic, 4820 int maxchans, int *nchans, struct ieee80211_channel chans[]) 4821{ 4822 uint8_t bands[IEEE80211_MODE_BYTES]; 4823 4824 memset(bands, 0, sizeof(bands)); 4825 setbit(bands, IEEE80211_MODE_11B); 4826 setbit(bands, IEEE80211_MODE_11G); 4827 if (urtwn_enable_11n) 4828 setbit(bands, IEEE80211_MODE_11NG); 4829 ieee80211_add_channels_default_2ghz(chans, maxchans, nchans, bands, 0); 4830} 4831 4832static void 4833urtwn_set_channel(struct ieee80211com *ic) 4834{ 4835 struct urtwn_softc *sc = ic->ic_softc; 4836 struct ieee80211_channel *c = ic->ic_curchan; 4837 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4838 4839 URTWN_LOCK(sc); 4840 if (vap->iv_state == IEEE80211_S_SCAN) { 4841 /* Make link LED blink during scan. */ 4842 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink); 4843 } 4844 urtwn_set_chan(sc, c, NULL); 4845 URTWN_UNLOCK(sc); 4846} 4847 4848static int 4849urtwn_wme_update(struct ieee80211com *ic) 4850{ 4851 const struct wmeParams *wmep = 4852 ic->ic_wme.wme_chanParams.cap_wmeParams; 4853 struct urtwn_softc *sc = ic->ic_softc; 4854 uint8_t aifs, acm, slottime; 4855 int ac; 4856 4857 acm = 0; 4858 slottime = IEEE80211_GET_SLOTTIME(ic); 4859 4860 URTWN_LOCK(sc); 4861 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { 4862 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 4863 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; 4864 urtwn_write_4(sc, wme2queue[ac].reg, 4865 SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) | 4866 SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) | 4867 SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) | 4868 SM(R92C_EDCA_PARAM_AIFS, aifs)); 4869 if (ac != WME_AC_BE) 4870 acm |= wmep[ac].wmep_acm << ac; 4871 } 4872 4873 if (acm != 0) 4874 acm |= R92C_ACMHWCTRL_EN; 4875 urtwn_write_1(sc, R92C_ACMHWCTRL, 4876 (urtwn_read_1(sc, R92C_ACMHWCTRL) & ~R92C_ACMHWCTRL_ACM_MASK) | 4877 acm); 4878 4879 URTWN_UNLOCK(sc); 4880 4881 return 0; 4882} 4883 4884static void 4885urtwn_update_slot(struct ieee80211com *ic) 4886{ 4887 urtwn_cmd_sleepable(ic->ic_softc, NULL, 0, urtwn_update_slot_cb); 4888} 4889 4890static void 4891urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data) 4892{ 4893 struct ieee80211com *ic = &sc->sc_ic; 4894 uint8_t slottime; 4895 4896 slottime = IEEE80211_GET_SLOTTIME(ic); 4897 4898 URTWN_DPRINTF(sc, URTWN_DEBUG_ANY, "%s: setting slot time to %uus\n", 4899 __func__, slottime); 4900 4901 urtwn_write_1(sc, R92C_SLOT, slottime); 4902 urtwn_update_aifs(sc, slottime); 4903} 4904 4905static void 4906urtwn_update_aifs(struct urtwn_softc *sc, uint8_t slottime) 4907{ 4908 const struct wmeParams *wmep = 4909 sc->sc_ic.ic_wme.wme_chanParams.cap_wmeParams; 4910 uint8_t aifs, ac; 4911 4912 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { 4913 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 4914 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; 4915 urtwn_write_1(sc, wme2queue[ac].reg, aifs); 4916 } 4917} 4918 4919static uint8_t 4920urtwn_get_multi_pos(const uint8_t maddr[]) 4921{ 4922 uint64_t mask = 0x00004d101df481b4; 4923 uint8_t pos = 0x27; /* initial value */ 4924 int i, j; 4925 4926 for (i = 0; i < IEEE80211_ADDR_LEN; i++) 4927 for (j = (i == 0) ? 1 : 0; j < 8; j++) 4928 if ((maddr[i] >> j) & 1) 4929 pos ^= (mask >> (i * 8 + j - 1)); 4930 4931 pos &= 0x3f; 4932 4933 return (pos); 4934} 4935 4936static void 4937urtwn_set_multi(struct urtwn_softc *sc) 4938{ 4939 struct ieee80211com *ic = &sc->sc_ic; 4940 uint32_t mfilt[2]; 4941 4942 URTWN_ASSERT_LOCKED(sc); 4943 4944 /* general structure was copied from ath(4). */ 4945 if (ic->ic_allmulti == 0) { 4946 struct ieee80211vap *vap; 4947 struct ifnet *ifp; 4948 struct ifmultiaddr *ifma; 4949 4950 /* 4951 * Merge multicast addresses to form the hardware filter. 4952 */ 4953 mfilt[0] = mfilt[1] = 0; 4954 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 4955 ifp = vap->iv_ifp; 4956 if_maddr_rlock(ifp); 4957 TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) { 4958 caddr_t dl; 4959 uint8_t pos; 4960 4961 dl = LLADDR((struct sockaddr_dl *) 4962 ifma->ifma_addr); 4963 pos = urtwn_get_multi_pos(dl); 4964 4965 mfilt[pos / 32] |= (1 << (pos % 32)); 4966 } 4967 if_maddr_runlock(ifp); 4968 } 4969 } else 4970 mfilt[0] = mfilt[1] = ~0; 4971 4972 4973 urtwn_write_4(sc, R92C_MAR + 0, mfilt[0]); 4974 urtwn_write_4(sc, R92C_MAR + 4, mfilt[1]); 4975 4976 URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s: MC filter %08x:%08x\n", 4977 __func__, mfilt[0], mfilt[1]); 4978} 4979 4980static void 4981urtwn_set_promisc(struct urtwn_softc *sc) 4982{ 4983 struct ieee80211com *ic = &sc->sc_ic; 4984 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4985 uint32_t rcr, mask1, mask2; 4986 4987 URTWN_ASSERT_LOCKED(sc); 4988 4989 if (vap->iv_opmode == IEEE80211_M_MONITOR) 4990 return; 4991 4992 mask1 = R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | R92C_RCR_AAP; 4993 mask2 = R92C_RCR_APM; 4994 4995 if (vap->iv_state == IEEE80211_S_RUN) { 4996 switch (vap->iv_opmode) { 4997 case IEEE80211_M_STA: 4998 mask2 |= R92C_RCR_CBSSID_BCN; 4999 /* FALLTHROUGH */ 5000 case IEEE80211_M_IBSS: 5001 mask2 |= R92C_RCR_CBSSID_DATA; 5002 break; 5003 case IEEE80211_M_HOSTAP: 5004 break; 5005 default: 5006 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 5007 __func__, vap->iv_opmode); 5008 return; 5009 } 5010 } 5011 5012 rcr = urtwn_read_4(sc, R92C_RCR); 5013 if (ic->ic_promisc == 0) 5014 rcr = (rcr & ~mask1) | mask2; 5015 else 5016 rcr = (rcr & ~mask2) | mask1; 5017 urtwn_write_4(sc, R92C_RCR, rcr); 5018} 5019 5020static void 5021urtwn_update_promisc(struct ieee80211com *ic) 5022{ 5023 struct urtwn_softc *sc = ic->ic_softc; 5024 5025 URTWN_LOCK(sc); 5026 if (sc->sc_flags & URTWN_RUNNING) 5027 urtwn_set_promisc(sc); 5028 URTWN_UNLOCK(sc); 5029} 5030 5031static void 5032urtwn_update_mcast(struct ieee80211com *ic) 5033{ 5034 struct urtwn_softc *sc = ic->ic_softc; 5035 5036 URTWN_LOCK(sc); 5037 if (sc->sc_flags & URTWN_RUNNING) 5038 urtwn_set_multi(sc); 5039 URTWN_UNLOCK(sc); 5040} 5041 5042static struct ieee80211_node * 5043urtwn_node_alloc(struct ieee80211vap *vap, 5044 const uint8_t mac[IEEE80211_ADDR_LEN]) 5045{ 5046 struct urtwn_node *un; 5047 5048 un = malloc(sizeof (struct urtwn_node), M_80211_NODE, 5049 M_NOWAIT | M_ZERO); 5050 5051 if (un == NULL) 5052 return NULL; 5053 5054 un->id = URTWN_MACID_UNDEFINED; 5055 5056 return &un->ni; 5057} 5058 5059static void 5060urtwn_newassoc(struct ieee80211_node *ni, int isnew) 5061{ 5062 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 5063 struct urtwn_node *un = URTWN_NODE(ni); 5064 uint8_t id; 5065 5066 /* Only do this bit for R88E chips */ 5067 if (! (sc->chip & URTWN_CHIP_88E)) 5068 return; 5069 5070 if (!isnew) 5071 return; 5072 5073 URTWN_NT_LOCK(sc); 5074 for (id = 0; id <= URTWN_MACID_MAX(sc); id++) { 5075 if (id != URTWN_MACID_BC && sc->node_list[id] == NULL) { 5076 un->id = id; 5077 sc->node_list[id] = ni; 5078 break; 5079 } 5080 } 5081 URTWN_NT_UNLOCK(sc); 5082 5083 if (id > URTWN_MACID_MAX(sc)) { 5084 device_printf(sc->sc_dev, "%s: node table is full\n", 5085 __func__); 5086 } 5087} 5088 5089static void 5090urtwn_node_free(struct ieee80211_node *ni) 5091{ 5092 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 5093 struct urtwn_node *un = URTWN_NODE(ni); 5094 5095 URTWN_NT_LOCK(sc); 5096 if (un->id != URTWN_MACID_UNDEFINED) 5097 sc->node_list[un->id] = NULL; 5098 URTWN_NT_UNLOCK(sc); 5099 5100 sc->sc_node_free(ni); 5101} 5102 5103static void 5104urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c, 5105 struct ieee80211_channel *extc) 5106{ 5107 struct ieee80211com *ic = &sc->sc_ic; 5108 uint32_t reg; 5109 u_int chan; 5110 int i; 5111 5112 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 5113 if (chan == 0 || chan == IEEE80211_CHAN_ANY) { 5114 device_printf(sc->sc_dev, 5115 "%s: invalid channel %x\n", __func__, chan); 5116 return; 5117 } 5118 5119 /* Set Tx power for this new channel. */ 5120 urtwn_set_txpower(sc, c, extc); 5121 5122 for (i = 0; i < sc->nrxchains; i++) { 5123 urtwn_rf_write(sc, i, R92C_RF_CHNLBW, 5124 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan)); 5125 } 5126#ifndef IEEE80211_NO_HT 5127 if (extc != NULL) { 5128 /* Is secondary channel below or above primary? */ 5129 int prichlo = c->ic_freq < extc->ic_freq; 5130 5131 urtwn_write_1(sc, R92C_BWOPMODE, 5132 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ); 5133 5134 reg = urtwn_read_1(sc, R92C_RRSR + 2); 5135 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5; 5136 urtwn_write_1(sc, R92C_RRSR + 2, reg); 5137 5138 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 5139 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ); 5140 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 5141 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ); 5142 5143 /* Set CCK side band. */ 5144 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM); 5145 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4; 5146 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg); 5147 5148 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF); 5149 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10; 5150 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg); 5151 5152 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 5153 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) & 5154 ~R92C_FPGA0_ANAPARAM2_CBW20); 5155 5156 reg = urtwn_bb_read(sc, 0x818); 5157 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26; 5158 urtwn_bb_write(sc, 0x818, reg); 5159 5160 /* Select 40MHz bandwidth. */ 5161 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 5162 (sc->rf_chnlbw[0] & ~0xfff) | chan); 5163 } else 5164#endif 5165 { 5166 urtwn_write_1(sc, R92C_BWOPMODE, 5167 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ); 5168 5169 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 5170 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ); 5171 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 5172 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ); 5173 5174 if (!(sc->chip & URTWN_CHIP_88E)) { 5175 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 5176 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) | 5177 R92C_FPGA0_ANAPARAM2_CBW20); 5178 } 5179 5180 /* Select 20MHz bandwidth. */ 5181 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 5182 (sc->rf_chnlbw[0] & ~0xfff) | chan | 5183 ((sc->chip & URTWN_CHIP_88E) ? R88E_RF_CHNLBW_BW20 : 5184 R92C_RF_CHNLBW_BW20)); 5185 } 5186} 5187 5188static void 5189urtwn_iq_calib(struct urtwn_softc *sc) 5190{ 5191 /* TODO */ 5192} 5193 5194static void 5195urtwn_lc_calib(struct urtwn_softc *sc) 5196{ 5197 uint32_t rf_ac[2]; 5198 uint8_t txmode; 5199 int i; 5200 5201 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3); 5202 if ((txmode & 0x70) != 0) { 5203 /* Disable all continuous Tx. */ 5204 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70); 5205 5206 /* Set RF mode to standby mode. */ 5207 for (i = 0; i < sc->nrxchains; i++) { 5208 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC); 5209 urtwn_rf_write(sc, i, R92C_RF_AC, 5210 RW(rf_ac[i], R92C_RF_AC_MODE, 5211 R92C_RF_AC_MODE_STANDBY)); 5212 } 5213 } else { 5214 /* Block all Tx queues. */ 5215 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL); 5216 } 5217 /* Start calibration. */ 5218 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 5219 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART); 5220 5221 /* Give calibration the time to complete. */ 5222 usb_pause_mtx(&sc->sc_mtx, hz / 10); /* 100ms */ 5223 5224 /* Restore configuration. */ 5225 if ((txmode & 0x70) != 0) { 5226 /* Restore Tx mode. */ 5227 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode); 5228 /* Restore RF mode. */ 5229 for (i = 0; i < sc->nrxchains; i++) 5230 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]); 5231 } else { 5232 /* Unblock all Tx queues. */ 5233 urtwn_write_1(sc, R92C_TXPAUSE, 0x00); 5234 } 5235} 5236 5237static void 5238urtwn_temp_calib(struct urtwn_softc *sc) 5239{ 5240 uint8_t temp; 5241 5242 URTWN_ASSERT_LOCKED(sc); 5243 5244 if (!(sc->sc_flags & URTWN_TEMP_MEASURED)) { 5245 /* Start measuring temperature. */ 5246 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, 5247 "%s: start measuring temperature\n", __func__); 5248 if (sc->chip & URTWN_CHIP_88E) { 5249 urtwn_rf_write(sc, 0, R88E_RF_T_METER, 5250 R88E_RF_T_METER_START); 5251 } else { 5252 urtwn_rf_write(sc, 0, R92C_RF_T_METER, 5253 R92C_RF_T_METER_START); 5254 } 5255 sc->sc_flags |= URTWN_TEMP_MEASURED; 5256 return; 5257 } 5258 sc->sc_flags &= ~URTWN_TEMP_MEASURED; 5259 5260 /* Read measured temperature. */ 5261 if (sc->chip & URTWN_CHIP_88E) { 5262 temp = MS(urtwn_rf_read(sc, 0, R88E_RF_T_METER), 5263 R88E_RF_T_METER_VAL); 5264 } else { 5265 temp = MS(urtwn_rf_read(sc, 0, R92C_RF_T_METER), 5266 R92C_RF_T_METER_VAL); 5267 } 5268 if (temp == 0) { /* Read failed, skip. */ 5269 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, 5270 "%s: temperature read failed, skipping\n", __func__); 5271 return; 5272 } 5273 5274 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, 5275 "%s: temperature: previous %u, current %u\n", 5276 __func__, sc->thcal_lctemp, temp); 5277 5278 /* 5279 * Redo LC calibration if temperature changed significantly since 5280 * last calibration. 5281 */ 5282 if (sc->thcal_lctemp == 0) { 5283 /* First LC calibration is performed in urtwn_init(). */ 5284 sc->thcal_lctemp = temp; 5285 } else if (abs(temp - sc->thcal_lctemp) > 1) { 5286 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, 5287 "%s: LC calib triggered by temp: %u -> %u\n", 5288 __func__, sc->thcal_lctemp, temp); 5289 urtwn_lc_calib(sc); 5290 /* Record temperature of last LC calibration. */ 5291 sc->thcal_lctemp = temp; 5292 } 5293} 5294 5295static void 5296urtwn_setup_static_keys(struct urtwn_softc *sc, struct urtwn_vap *uvp) 5297{ 5298 int i; 5299 5300 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 5301 const struct ieee80211_key *k = uvp->keys[i]; 5302 if (k != NULL) { 5303 urtwn_cmd_sleepable(sc, k, sizeof(*k), 5304 urtwn_key_set_cb); 5305 } 5306 } 5307} 5308 5309static int 5310urtwn_init(struct urtwn_softc *sc) 5311{ 5312 struct ieee80211com *ic = &sc->sc_ic; 5313 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5314 uint8_t macaddr[IEEE80211_ADDR_LEN]; 5315 uint32_t reg; 5316 usb_error_t usb_err = USB_ERR_NORMAL_COMPLETION; 5317 int error; 5318 5319 URTWN_LOCK(sc); 5320 if (sc->sc_flags & URTWN_RUNNING) { 5321 URTWN_UNLOCK(sc); 5322 return (0); 5323 } 5324 5325 /* Init firmware commands ring. */ 5326 sc->fwcur = 0; 5327 5328 /* Allocate Tx/Rx buffers. */ 5329 error = urtwn_alloc_rx_list(sc); 5330 if (error != 0) 5331 goto fail; 5332 5333 error = urtwn_alloc_tx_list(sc); 5334 if (error != 0) 5335 goto fail; 5336 5337 /* Power on adapter. */ 5338 error = urtwn_power_on(sc); 5339 if (error != 0) 5340 goto fail; 5341 5342 /* Initialize DMA. */ 5343 error = urtwn_dma_init(sc); 5344 if (error != 0) 5345 goto fail; 5346 5347 /* Set info size in Rx descriptors (in 64-bit words). */ 5348 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4); 5349 5350 /* Init interrupts. */ 5351 if (sc->chip & URTWN_CHIP_88E) { 5352 usb_err = urtwn_write_4(sc, R88E_HISR, 0xffffffff); 5353 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5354 goto fail; 5355 usb_err = urtwn_write_4(sc, R88E_HIMR, R88E_HIMR_CPWM | R88E_HIMR_CPWM2 | 5356 R88E_HIMR_TBDER | R88E_HIMR_PSTIMEOUT); 5357 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5358 goto fail; 5359 usb_err = urtwn_write_4(sc, R88E_HIMRE, R88E_HIMRE_RXFOVW | 5360 R88E_HIMRE_TXFOVW | R88E_HIMRE_RXERR | R88E_HIMRE_TXERR); 5361 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5362 goto fail; 5363 usb_err = urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 5364 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 5365 R92C_USB_SPECIAL_OPTION_INT_BULK_SEL); 5366 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5367 goto fail; 5368 } else { 5369 usb_err = urtwn_write_4(sc, R92C_HISR, 0xffffffff); 5370 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5371 goto fail; 5372 usb_err = urtwn_write_4(sc, R92C_HIMR, 0xffffffff); 5373 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5374 goto fail; 5375 } 5376 5377 /* Set MAC address. */ 5378 IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr); 5379 usb_err = urtwn_write_region_1(sc, R92C_MACID, macaddr, IEEE80211_ADDR_LEN); 5380 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5381 goto fail; 5382 5383 /* Set initial network type. */ 5384 urtwn_set_mode(sc, R92C_MSR_INFRA); 5385 5386 /* Initialize Rx filter. */ 5387 urtwn_rxfilter_init(sc); 5388 5389 /* Set response rate. */ 5390 reg = urtwn_read_4(sc, R92C_RRSR); 5391 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M); 5392 urtwn_write_4(sc, R92C_RRSR, reg); 5393 5394 /* Set short/long retry limits. */ 5395 urtwn_write_2(sc, R92C_RL, 5396 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30)); 5397 5398 /* Initialize EDCA parameters. */ 5399 urtwn_edca_init(sc); 5400 5401 /* Setup rate fallback. */ 5402 if (!(sc->chip & URTWN_CHIP_88E)) { 5403 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000); 5404 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404); 5405 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201); 5406 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605); 5407 } 5408 5409 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL, 5410 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) | 5411 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW); 5412 /* Set ACK timeout. */ 5413 urtwn_write_1(sc, R92C_ACKTO, 0x40); 5414 5415 /* Setup USB aggregation. */ 5416 reg = urtwn_read_4(sc, R92C_TDECTRL); 5417 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6); 5418 urtwn_write_4(sc, R92C_TDECTRL, reg); 5419 urtwn_write_1(sc, R92C_TRXDMA_CTRL, 5420 urtwn_read_1(sc, R92C_TRXDMA_CTRL) | 5421 R92C_TRXDMA_CTRL_RXDMA_AGG_EN); 5422 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48); 5423 if (sc->chip & URTWN_CHIP_88E) 5424 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH + 1, 4); 5425 else { 5426 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4); 5427 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 5428 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 5429 R92C_USB_SPECIAL_OPTION_AGG_EN); 5430 urtwn_write_1(sc, R92C_USB_AGG_TH, 8); 5431 urtwn_write_1(sc, R92C_USB_AGG_TO, 6); 5432 } 5433 5434 /* Initialize beacon parameters. */ 5435 urtwn_write_2(sc, R92C_BCN_CTRL, 0x1010); 5436 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404); 5437 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05); 5438 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02); 5439 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f); 5440 5441 if (!(sc->chip & URTWN_CHIP_88E)) { 5442 /* Setup AMPDU aggregation. */ 5443 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */ 5444 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16); 5445 urtwn_write_2(sc, R92C_MAX_AGGR_NUM, 0x0708); 5446 5447 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff); 5448 } 5449 5450#ifndef URTWN_WITHOUT_UCODE 5451 /* Load 8051 microcode. */ 5452 error = urtwn_load_firmware(sc); 5453 if (error == 0) 5454 sc->sc_flags |= URTWN_FW_LOADED; 5455#endif 5456 5457 /* Initialize MAC/BB/RF blocks. */ 5458 error = urtwn_mac_init(sc); 5459 if (error != 0) { 5460 device_printf(sc->sc_dev, 5461 "%s: error while initializing MAC block\n", __func__); 5462 goto fail; 5463 } 5464 urtwn_bb_init(sc); 5465 urtwn_rf_init(sc); 5466 5467 /* Reinitialize Rx filter (D3845 is not committed yet). */ 5468 urtwn_rxfilter_init(sc); 5469 5470 if (sc->chip & URTWN_CHIP_88E) { 5471 urtwn_write_2(sc, R92C_CR, 5472 urtwn_read_2(sc, R92C_CR) | R92C_CR_MACTXEN | 5473 R92C_CR_MACRXEN); 5474 } 5475 5476 /* Turn CCK and OFDM blocks on. */ 5477 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 5478 reg |= R92C_RFMOD_CCK_EN; 5479 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 5480 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5481 goto fail; 5482 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 5483 reg |= R92C_RFMOD_OFDM_EN; 5484 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 5485 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5486 goto fail; 5487 5488 /* Clear per-station keys table. */ 5489 urtwn_cam_init(sc); 5490 5491 /* Enable decryption / encryption. */ 5492 urtwn_write_2(sc, R92C_SECCFG, 5493 R92C_SECCFG_TXUCKEY_DEF | R92C_SECCFG_RXUCKEY_DEF | 5494 R92C_SECCFG_TXENC_ENA | R92C_SECCFG_RXDEC_ENA | 5495 R92C_SECCFG_TXBCKEY_DEF | R92C_SECCFG_RXBCKEY_DEF); 5496 5497 /* Enable hardware sequence numbering. */ 5498 urtwn_write_1(sc, R92C_HWSEQ_CTRL, R92C_TX_QUEUE_ALL); 5499 5500 /* Enable per-packet TX report. */ 5501 if (sc->chip & URTWN_CHIP_88E) { 5502 urtwn_write_1(sc, R88E_TX_RPT_CTRL, 5503 urtwn_read_1(sc, R88E_TX_RPT_CTRL) | R88E_TX_RPT1_ENA); 5504 } 5505 5506 if (!(sc->chip & URTWN_CHIP_88E)) 5507 urtwn_write_4(sc, R92C_POWER_STATUS, 0x5); 5508 5509 /* Perform LO and IQ calibrations. */ 5510 urtwn_iq_calib(sc); 5511 /* Perform LC calibration. */ 5512 urtwn_lc_calib(sc); 5513 5514 /* Fix USB interference issue. */ 5515 if (!(sc->chip & URTWN_CHIP_88E)) { 5516 urtwn_write_1(sc, 0xfe40, 0xe0); 5517 urtwn_write_1(sc, 0xfe41, 0x8d); 5518 urtwn_write_1(sc, 0xfe42, 0x80); 5519 5520 urtwn_pa_bias_init(sc); 5521 } 5522 5523 /* Initialize GPIO setting. */ 5524 urtwn_write_1(sc, R92C_GPIO_MUXCFG, 5525 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT); 5526 5527 /* Fix for lower temperature. */ 5528 if (!(sc->chip & URTWN_CHIP_88E)) 5529 urtwn_write_1(sc, 0x15, 0xe9); 5530 5531 usbd_transfer_start(sc->sc_xfer[URTWN_BULK_RX]); 5532 5533 sc->sc_flags |= URTWN_RUNNING; 5534 5535 /* 5536 * Install static keys (if any). 5537 * Must be called after urtwn_cam_init(). 5538 */ 5539 if (vap != NULL) 5540 urtwn_setup_static_keys(sc, URTWN_VAP(vap)); 5541 5542 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 5543fail: 5544 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5545 error = EIO; 5546 5547 URTWN_UNLOCK(sc); 5548 5549 return (error); 5550} 5551 5552static void 5553urtwn_stop(struct urtwn_softc *sc) 5554{ 5555 5556 URTWN_LOCK(sc); 5557 if (!(sc->sc_flags & URTWN_RUNNING)) { 5558 URTWN_UNLOCK(sc); 5559 return; 5560 } 5561 5562 sc->sc_flags &= ~(URTWN_RUNNING | URTWN_FW_LOADED | 5563 URTWN_TEMP_MEASURED); 5564 sc->thcal_lctemp = 0; 5565 callout_stop(&sc->sc_watchdog_ch); 5566 5567 urtwn_abort_xfers(sc); 5568 urtwn_drain_mbufq(sc); 5569 urtwn_free_tx_list(sc); 5570 urtwn_free_rx_list(sc); 5571 urtwn_power_off(sc); 5572 URTWN_UNLOCK(sc); 5573} 5574 5575static void 5576urtwn_abort_xfers(struct urtwn_softc *sc) 5577{ 5578 int i; 5579 5580 URTWN_ASSERT_LOCKED(sc); 5581 5582 /* abort any pending transfers */ 5583 for (i = 0; i < URTWN_N_TRANSFER; i++) 5584 usbd_transfer_stop(sc->sc_xfer[i]); 5585} 5586 5587static int 5588urtwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 5589 const struct ieee80211_bpf_params *params) 5590{ 5591 struct ieee80211com *ic = ni->ni_ic; 5592 struct urtwn_softc *sc = ic->ic_softc; 5593 struct urtwn_data *bf; 5594 int error; 5595 5596 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n", 5597 __func__, 5598 m); 5599 5600 /* prevent management frames from being sent if we're not ready */ 5601 URTWN_LOCK(sc); 5602 if (!(sc->sc_flags & URTWN_RUNNING)) { 5603 error = ENETDOWN; 5604 goto end; 5605 } 5606 5607 bf = urtwn_getbuf(sc); 5608 if (bf == NULL) { 5609 error = ENOBUFS; 5610 goto end; 5611 } 5612 5613 if (params == NULL) { 5614 /* 5615 * Legacy path; interpret frame contents to decide 5616 * precisely how to send the frame. 5617 */ 5618 error = urtwn_tx_data(sc, ni, m, bf); 5619 } else { 5620 /* 5621 * Caller supplied explicit parameters to use in 5622 * sending the frame. 5623 */ 5624 error = urtwn_tx_raw(sc, ni, m, bf, params); 5625 } 5626 if (error != 0) { 5627 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 5628 goto end; 5629 } 5630 5631 sc->sc_txtimer = 5; 5632 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 5633 5634end: 5635 if (error != 0) 5636 m_freem(m); 5637 5638 URTWN_UNLOCK(sc); 5639 5640 return (error); 5641} 5642 5643static void 5644urtwn_ms_delay(struct urtwn_softc *sc) 5645{ 5646 usb_pause_mtx(&sc->sc_mtx, hz / 1000); 5647} 5648 5649static device_method_t urtwn_methods[] = { 5650 /* Device interface */ 5651 DEVMETHOD(device_probe, urtwn_match), 5652 DEVMETHOD(device_attach, urtwn_attach), 5653 DEVMETHOD(device_detach, urtwn_detach), 5654 5655 DEVMETHOD_END 5656}; 5657 5658static driver_t urtwn_driver = { 5659 "urtwn", 5660 urtwn_methods, 5661 sizeof(struct urtwn_softc) 5662}; 5663 5664static devclass_t urtwn_devclass; 5665 5666DRIVER_MODULE(urtwn, uhub, urtwn_driver, urtwn_devclass, NULL, NULL); 5667MODULE_DEPEND(urtwn, usb, 1, 1, 1); 5668MODULE_DEPEND(urtwn, wlan, 1, 1, 1); 5669#ifndef URTWN_WITHOUT_UCODE 5670MODULE_DEPEND(urtwn, firmware, 1, 1, 1); 5671#endif 5672MODULE_VERSION(urtwn, 1); 5673USB_PNP_HOST_INFO(urtwn_devs); 5674