if_urtwn.c revision 294471
1/* $OpenBSD: if_urtwn.c,v 1.16 2011/02/10 17:26:40 jakemsr Exp $ */ 2 3/*- 4 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2014 Kevin Lo <kevlo@FreeBSD.org> 6 * Copyright (c) 2015 Andriy Voskoboinyk <avos@FreeBSD.org> 7 * 8 * Permission to use, copy, modify, and distribute this software for any 9 * purpose with or without fee is hereby granted, provided that the above 10 * copyright notice and this permission notice appear in all copies. 11 * 12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 */ 20 21#include <sys/cdefs.h> 22__FBSDID("$FreeBSD: head/sys/dev/usb/wlan/if_urtwn.c 294471 2016-01-20 23:27:02Z avos $"); 23 24/* 25 * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188EU/RTL8188RU/RTL8192CU. 26 */ 27 28#include "opt_wlan.h" 29 30#include <sys/param.h> 31#include <sys/sockio.h> 32#include <sys/sysctl.h> 33#include <sys/lock.h> 34#include <sys/mutex.h> 35#include <sys/condvar.h> 36#include <sys/mbuf.h> 37#include <sys/kernel.h> 38#include <sys/socket.h> 39#include <sys/systm.h> 40#include <sys/malloc.h> 41#include <sys/module.h> 42#include <sys/bus.h> 43#include <sys/endian.h> 44#include <sys/linker.h> 45#include <sys/firmware.h> 46#include <sys/kdb.h> 47 48#include <machine/bus.h> 49#include <machine/resource.h> 50#include <sys/rman.h> 51 52#include <net/bpf.h> 53#include <net/if.h> 54#include <net/if_var.h> 55#include <net/if_arp.h> 56#include <net/ethernet.h> 57#include <net/if_dl.h> 58#include <net/if_media.h> 59#include <net/if_types.h> 60 61#include <netinet/in.h> 62#include <netinet/in_systm.h> 63#include <netinet/in_var.h> 64#include <netinet/if_ether.h> 65#include <netinet/ip.h> 66 67#include <net80211/ieee80211_var.h> 68#include <net80211/ieee80211_input.h> 69#include <net80211/ieee80211_regdomain.h> 70#include <net80211/ieee80211_radiotap.h> 71#include <net80211/ieee80211_ratectl.h> 72 73#include <dev/usb/usb.h> 74#include <dev/usb/usbdi.h> 75#include <dev/usb/usb_device.h> 76#include "usbdevs.h" 77 78#include <dev/usb/usb_debug.h> 79 80#include <dev/usb/wlan/if_urtwnreg.h> 81#include <dev/usb/wlan/if_urtwnvar.h> 82 83#ifdef USB_DEBUG 84enum { 85 URTWN_DEBUG_XMIT = 0x00000001, /* basic xmit operation */ 86 URTWN_DEBUG_RECV = 0x00000002, /* basic recv operation */ 87 URTWN_DEBUG_STATE = 0x00000004, /* 802.11 state transitions */ 88 URTWN_DEBUG_RA = 0x00000008, /* f/w rate adaptation setup */ 89 URTWN_DEBUG_USB = 0x00000010, /* usb requests */ 90 URTWN_DEBUG_FIRMWARE = 0x00000020, /* firmware(9) loading debug */ 91 URTWN_DEBUG_BEACON = 0x00000040, /* beacon handling */ 92 URTWN_DEBUG_INTR = 0x00000080, /* ISR */ 93 URTWN_DEBUG_TEMP = 0x00000100, /* temperature calibration */ 94 URTWN_DEBUG_ROM = 0x00000200, /* various ROM info */ 95 URTWN_DEBUG_KEY = 0x00000400, /* crypto keys management */ 96 URTWN_DEBUG_TXPWR = 0x00000800, /* dump Tx power values */ 97 URTWN_DEBUG_ANY = 0xffffffff 98}; 99 100#define URTWN_DPRINTF(_sc, _m, ...) do { \ 101 if ((_sc)->sc_debug & (_m)) \ 102 device_printf((_sc)->sc_dev, __VA_ARGS__); \ 103} while(0) 104 105#else 106#define URTWN_DPRINTF(_sc, _m, ...) do { (void) sc; } while (0) 107#endif 108 109#define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh) 110 111/* various supported device vendors/products */ 112static const STRUCT_USB_HOST_ID urtwn_devs[] = { 113#define URTWN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 114#define URTWN_RTL8188E_DEV(v,p) \ 115 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, URTWN_RTL8188E) } 116#define URTWN_RTL8188E 1 117 URTWN_DEV(ABOCOM, RTL8188CU_1), 118 URTWN_DEV(ABOCOM, RTL8188CU_2), 119 URTWN_DEV(ABOCOM, RTL8192CU), 120 URTWN_DEV(ASUS, RTL8192CU), 121 URTWN_DEV(ASUS, USBN10NANO), 122 URTWN_DEV(AZUREWAVE, RTL8188CE_1), 123 URTWN_DEV(AZUREWAVE, RTL8188CE_2), 124 URTWN_DEV(AZUREWAVE, RTL8188CU), 125 URTWN_DEV(BELKIN, F7D2102), 126 URTWN_DEV(BELKIN, RTL8188CU), 127 URTWN_DEV(BELKIN, RTL8192CU), 128 URTWN_DEV(CHICONY, RTL8188CUS_1), 129 URTWN_DEV(CHICONY, RTL8188CUS_2), 130 URTWN_DEV(CHICONY, RTL8188CUS_3), 131 URTWN_DEV(CHICONY, RTL8188CUS_4), 132 URTWN_DEV(CHICONY, RTL8188CUS_5), 133 URTWN_DEV(COREGA, RTL8192CU), 134 URTWN_DEV(DLINK, RTL8188CU), 135 URTWN_DEV(DLINK, RTL8192CU_1), 136 URTWN_DEV(DLINK, RTL8192CU_2), 137 URTWN_DEV(DLINK, RTL8192CU_3), 138 URTWN_DEV(DLINK, DWA131B), 139 URTWN_DEV(EDIMAX, EW7811UN), 140 URTWN_DEV(EDIMAX, RTL8192CU), 141 URTWN_DEV(FEIXUN, RTL8188CU), 142 URTWN_DEV(FEIXUN, RTL8192CU), 143 URTWN_DEV(GUILLEMOT, HWNUP150), 144 URTWN_DEV(HAWKING, RTL8192CU), 145 URTWN_DEV(HP3, RTL8188CU), 146 URTWN_DEV(NETGEAR, WNA1000M), 147 URTWN_DEV(NETGEAR, RTL8192CU), 148 URTWN_DEV(NETGEAR4, RTL8188CU), 149 URTWN_DEV(NOVATECH, RTL8188CU), 150 URTWN_DEV(PLANEX2, RTL8188CU_1), 151 URTWN_DEV(PLANEX2, RTL8188CU_2), 152 URTWN_DEV(PLANEX2, RTL8188CU_3), 153 URTWN_DEV(PLANEX2, RTL8188CU_4), 154 URTWN_DEV(PLANEX2, RTL8188CUS), 155 URTWN_DEV(PLANEX2, RTL8192CU), 156 URTWN_DEV(REALTEK, RTL8188CE_0), 157 URTWN_DEV(REALTEK, RTL8188CE_1), 158 URTWN_DEV(REALTEK, RTL8188CTV), 159 URTWN_DEV(REALTEK, RTL8188CU_0), 160 URTWN_DEV(REALTEK, RTL8188CU_1), 161 URTWN_DEV(REALTEK, RTL8188CU_2), 162 URTWN_DEV(REALTEK, RTL8188CU_3), 163 URTWN_DEV(REALTEK, RTL8188CU_COMBO), 164 URTWN_DEV(REALTEK, RTL8188CUS), 165 URTWN_DEV(REALTEK, RTL8188RU_1), 166 URTWN_DEV(REALTEK, RTL8188RU_2), 167 URTWN_DEV(REALTEK, RTL8188RU_3), 168 URTWN_DEV(REALTEK, RTL8191CU), 169 URTWN_DEV(REALTEK, RTL8192CE), 170 URTWN_DEV(REALTEK, RTL8192CU), 171 URTWN_DEV(SITECOMEU, RTL8188CU_1), 172 URTWN_DEV(SITECOMEU, RTL8188CU_2), 173 URTWN_DEV(SITECOMEU, RTL8192CU), 174 URTWN_DEV(TRENDNET, RTL8188CU), 175 URTWN_DEV(TRENDNET, RTL8192CU), 176 URTWN_DEV(ZYXEL, RTL8192CU), 177 /* URTWN_RTL8188E */ 178 URTWN_RTL8188E_DEV(DLINK, DWA123D1), 179 URTWN_RTL8188E_DEV(DLINK, DWA125D1), 180 URTWN_RTL8188E_DEV(ELECOM, WDC150SU2M), 181 URTWN_RTL8188E_DEV(REALTEK, RTL8188ETV), 182 URTWN_RTL8188E_DEV(REALTEK, RTL8188EU), 183#undef URTWN_RTL8188E_DEV 184#undef URTWN_DEV 185}; 186 187static device_probe_t urtwn_match; 188static device_attach_t urtwn_attach; 189static device_detach_t urtwn_detach; 190 191static usb_callback_t urtwn_bulk_tx_callback; 192static usb_callback_t urtwn_bulk_rx_callback; 193 194static void urtwn_sysctlattach(struct urtwn_softc *); 195static void urtwn_drain_mbufq(struct urtwn_softc *); 196static usb_error_t urtwn_do_request(struct urtwn_softc *, 197 struct usb_device_request *, void *); 198static struct ieee80211vap *urtwn_vap_create(struct ieee80211com *, 199 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 200 const uint8_t [IEEE80211_ADDR_LEN], 201 const uint8_t [IEEE80211_ADDR_LEN]); 202static void urtwn_vap_delete(struct ieee80211vap *); 203static struct mbuf * urtwn_rx_copy_to_mbuf(struct urtwn_softc *, 204 struct r92c_rx_stat *, int); 205static struct mbuf * urtwn_report_intr(struct usb_xfer *, 206 struct urtwn_data *); 207static struct mbuf * urtwn_rxeof(struct urtwn_softc *, uint8_t *, int); 208static void urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *, 209 void *); 210static struct ieee80211_node *urtwn_rx_frame(struct urtwn_softc *, 211 struct mbuf *, int8_t *); 212static void urtwn_txeof(struct urtwn_softc *, struct urtwn_data *, 213 int); 214static int urtwn_alloc_list(struct urtwn_softc *, 215 struct urtwn_data[], int, int); 216static int urtwn_alloc_rx_list(struct urtwn_softc *); 217static int urtwn_alloc_tx_list(struct urtwn_softc *); 218static void urtwn_free_list(struct urtwn_softc *, 219 struct urtwn_data data[], int); 220static void urtwn_free_rx_list(struct urtwn_softc *); 221static void urtwn_free_tx_list(struct urtwn_softc *); 222static struct urtwn_data * _urtwn_getbuf(struct urtwn_softc *); 223static struct urtwn_data * urtwn_getbuf(struct urtwn_softc *); 224static usb_error_t urtwn_write_region_1(struct urtwn_softc *, uint16_t, 225 uint8_t *, int); 226static usb_error_t urtwn_write_1(struct urtwn_softc *, uint16_t, uint8_t); 227static usb_error_t urtwn_write_2(struct urtwn_softc *, uint16_t, uint16_t); 228static usb_error_t urtwn_write_4(struct urtwn_softc *, uint16_t, uint32_t); 229static usb_error_t urtwn_read_region_1(struct urtwn_softc *, uint16_t, 230 uint8_t *, int); 231static uint8_t urtwn_read_1(struct urtwn_softc *, uint16_t); 232static uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t); 233static uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t); 234static int urtwn_fw_cmd(struct urtwn_softc *, uint8_t, 235 const void *, int); 236static void urtwn_cmdq_cb(void *, int); 237static int urtwn_cmd_sleepable(struct urtwn_softc *, const void *, 238 size_t, CMD_FUNC_PROTO); 239static void urtwn_r92c_rf_write(struct urtwn_softc *, int, 240 uint8_t, uint32_t); 241static void urtwn_r88e_rf_write(struct urtwn_softc *, int, 242 uint8_t, uint32_t); 243static uint32_t urtwn_rf_read(struct urtwn_softc *, int, uint8_t); 244static int urtwn_llt_write(struct urtwn_softc *, uint32_t, 245 uint32_t); 246static int urtwn_efuse_read_next(struct urtwn_softc *, uint8_t *); 247static int urtwn_efuse_read_data(struct urtwn_softc *, uint8_t *, 248 uint8_t, uint8_t); 249#ifdef USB_DEBUG 250static void urtwn_dump_rom_contents(struct urtwn_softc *, 251 uint8_t *, uint16_t); 252#endif 253static int urtwn_efuse_read(struct urtwn_softc *, uint8_t *, 254 uint16_t); 255static int urtwn_efuse_switch_power(struct urtwn_softc *); 256static int urtwn_read_chipid(struct urtwn_softc *); 257static int urtwn_read_rom(struct urtwn_softc *); 258static int urtwn_r88e_read_rom(struct urtwn_softc *); 259static int urtwn_ra_init(struct urtwn_softc *); 260static void urtwn_init_beacon(struct urtwn_softc *, 261 struct urtwn_vap *); 262static int urtwn_setup_beacon(struct urtwn_softc *, 263 struct ieee80211_node *); 264static void urtwn_update_beacon(struct ieee80211vap *, int); 265static int urtwn_tx_beacon(struct urtwn_softc *sc, 266 struct urtwn_vap *); 267static int urtwn_key_alloc(struct ieee80211vap *, 268 struct ieee80211_key *, ieee80211_keyix *, 269 ieee80211_keyix *); 270static void urtwn_key_set_cb(struct urtwn_softc *, 271 union sec_param *); 272static void urtwn_key_del_cb(struct urtwn_softc *, 273 union sec_param *); 274static int urtwn_key_set(struct ieee80211vap *, 275 const struct ieee80211_key *); 276static int urtwn_key_delete(struct ieee80211vap *, 277 const struct ieee80211_key *); 278static void urtwn_tsf_task_adhoc(void *, int); 279static void urtwn_tsf_sync_enable(struct urtwn_softc *, 280 struct ieee80211vap *); 281static void urtwn_get_tsf(struct urtwn_softc *, uint64_t *); 282static void urtwn_set_led(struct urtwn_softc *, int, int); 283static void urtwn_set_mode(struct urtwn_softc *, uint8_t); 284static void urtwn_ibss_recv_mgmt(struct ieee80211_node *, 285 struct mbuf *, int, 286 const struct ieee80211_rx_stats *, int, int); 287static int urtwn_newstate(struct ieee80211vap *, 288 enum ieee80211_state, int); 289static void urtwn_watchdog(void *); 290static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t); 291static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *); 292static int8_t urtwn_r88e_get_rssi(struct urtwn_softc *, int, void *); 293static int urtwn_tx_data(struct urtwn_softc *, 294 struct ieee80211_node *, struct mbuf *, 295 struct urtwn_data *); 296static int urtwn_tx_raw(struct urtwn_softc *, 297 struct ieee80211_node *, struct mbuf *, 298 struct urtwn_data *, 299 const struct ieee80211_bpf_params *); 300static void urtwn_tx_start(struct urtwn_softc *, struct mbuf *, 301 uint8_t, struct urtwn_data *); 302static int urtwn_transmit(struct ieee80211com *, struct mbuf *); 303static void urtwn_start(struct urtwn_softc *); 304static void urtwn_parent(struct ieee80211com *); 305static int urtwn_r92c_power_on(struct urtwn_softc *); 306static int urtwn_r88e_power_on(struct urtwn_softc *); 307static int urtwn_llt_init(struct urtwn_softc *); 308static void urtwn_fw_reset(struct urtwn_softc *); 309static void urtwn_r88e_fw_reset(struct urtwn_softc *); 310static int urtwn_fw_loadpage(struct urtwn_softc *, int, 311 const uint8_t *, int); 312static int urtwn_load_firmware(struct urtwn_softc *); 313static int urtwn_dma_init(struct urtwn_softc *); 314static int urtwn_mac_init(struct urtwn_softc *); 315static void urtwn_bb_init(struct urtwn_softc *); 316static void urtwn_rf_init(struct urtwn_softc *); 317static void urtwn_cam_init(struct urtwn_softc *); 318static int urtwn_cam_write(struct urtwn_softc *, uint32_t, 319 uint32_t); 320static void urtwn_pa_bias_init(struct urtwn_softc *); 321static void urtwn_rxfilter_init(struct urtwn_softc *); 322static void urtwn_edca_init(struct urtwn_softc *); 323static void urtwn_write_txpower(struct urtwn_softc *, int, 324 uint16_t[]); 325static void urtwn_get_txpower(struct urtwn_softc *, int, 326 struct ieee80211_channel *, 327 struct ieee80211_channel *, uint16_t[]); 328static void urtwn_r88e_get_txpower(struct urtwn_softc *, int, 329 struct ieee80211_channel *, 330 struct ieee80211_channel *, uint16_t[]); 331static void urtwn_set_txpower(struct urtwn_softc *, 332 struct ieee80211_channel *, 333 struct ieee80211_channel *); 334static void urtwn_set_rx_bssid_all(struct urtwn_softc *, int); 335static void urtwn_set_gain(struct urtwn_softc *, uint8_t); 336static void urtwn_scan_start(struct ieee80211com *); 337static void urtwn_scan_end(struct ieee80211com *); 338static void urtwn_set_channel(struct ieee80211com *); 339static int urtwn_wme_update(struct ieee80211com *); 340static void urtwn_update_slot(struct ieee80211com *); 341static void urtwn_update_slot_cb(struct urtwn_softc *, 342 union sec_param *); 343static void urtwn_update_aifs(struct urtwn_softc *, uint8_t); 344static void urtwn_set_promisc(struct urtwn_softc *); 345static void urtwn_update_promisc(struct ieee80211com *); 346static void urtwn_update_mcast(struct ieee80211com *); 347static struct ieee80211_node *urtwn_r88e_node_alloc(struct ieee80211vap *, 348 const uint8_t mac[IEEE80211_ADDR_LEN]); 349static void urtwn_r88e_newassoc(struct ieee80211_node *, int); 350static void urtwn_r88e_node_free(struct ieee80211_node *); 351static void urtwn_set_chan(struct urtwn_softc *, 352 struct ieee80211_channel *, 353 struct ieee80211_channel *); 354static void urtwn_iq_calib(struct urtwn_softc *); 355static void urtwn_lc_calib(struct urtwn_softc *); 356static int urtwn_init(struct urtwn_softc *); 357static void urtwn_stop(struct urtwn_softc *); 358static void urtwn_abort_xfers(struct urtwn_softc *); 359static int urtwn_raw_xmit(struct ieee80211_node *, struct mbuf *, 360 const struct ieee80211_bpf_params *); 361static void urtwn_ms_delay(struct urtwn_softc *); 362 363/* Aliases. */ 364#define urtwn_bb_write urtwn_write_4 365#define urtwn_bb_read urtwn_read_4 366 367static const struct usb_config urtwn_config[URTWN_N_TRANSFER] = { 368 [URTWN_BULK_RX] = { 369 .type = UE_BULK, 370 .endpoint = UE_ADDR_ANY, 371 .direction = UE_DIR_IN, 372 .bufsize = URTWN_RXBUFSZ, 373 .flags = { 374 .pipe_bof = 1, 375 .short_xfer_ok = 1 376 }, 377 .callback = urtwn_bulk_rx_callback, 378 }, 379 [URTWN_BULK_TX_BE] = { 380 .type = UE_BULK, 381 .endpoint = 0x03, 382 .direction = UE_DIR_OUT, 383 .bufsize = URTWN_TXBUFSZ, 384 .flags = { 385 .ext_buffer = 1, 386 .pipe_bof = 1, 387 .force_short_xfer = 1 388 }, 389 .callback = urtwn_bulk_tx_callback, 390 .timeout = URTWN_TX_TIMEOUT, /* ms */ 391 }, 392 [URTWN_BULK_TX_BK] = { 393 .type = UE_BULK, 394 .endpoint = 0x03, 395 .direction = UE_DIR_OUT, 396 .bufsize = URTWN_TXBUFSZ, 397 .flags = { 398 .ext_buffer = 1, 399 .pipe_bof = 1, 400 .force_short_xfer = 1, 401 }, 402 .callback = urtwn_bulk_tx_callback, 403 .timeout = URTWN_TX_TIMEOUT, /* ms */ 404 }, 405 [URTWN_BULK_TX_VI] = { 406 .type = UE_BULK, 407 .endpoint = 0x02, 408 .direction = UE_DIR_OUT, 409 .bufsize = URTWN_TXBUFSZ, 410 .flags = { 411 .ext_buffer = 1, 412 .pipe_bof = 1, 413 .force_short_xfer = 1 414 }, 415 .callback = urtwn_bulk_tx_callback, 416 .timeout = URTWN_TX_TIMEOUT, /* ms */ 417 }, 418 [URTWN_BULK_TX_VO] = { 419 .type = UE_BULK, 420 .endpoint = 0x02, 421 .direction = UE_DIR_OUT, 422 .bufsize = URTWN_TXBUFSZ, 423 .flags = { 424 .ext_buffer = 1, 425 .pipe_bof = 1, 426 .force_short_xfer = 1 427 }, 428 .callback = urtwn_bulk_tx_callback, 429 .timeout = URTWN_TX_TIMEOUT, /* ms */ 430 }, 431}; 432 433static const struct wme_to_queue { 434 uint16_t reg; 435 uint8_t qid; 436} wme2queue[WME_NUM_AC] = { 437 { R92C_EDCA_BE_PARAM, URTWN_BULK_TX_BE}, 438 { R92C_EDCA_BK_PARAM, URTWN_BULK_TX_BK}, 439 { R92C_EDCA_VI_PARAM, URTWN_BULK_TX_VI}, 440 { R92C_EDCA_VO_PARAM, URTWN_BULK_TX_VO} 441}; 442 443static int 444urtwn_match(device_t self) 445{ 446 struct usb_attach_arg *uaa = device_get_ivars(self); 447 448 if (uaa->usb_mode != USB_MODE_HOST) 449 return (ENXIO); 450 if (uaa->info.bConfigIndex != URTWN_CONFIG_INDEX) 451 return (ENXIO); 452 if (uaa->info.bIfaceIndex != URTWN_IFACE_INDEX) 453 return (ENXIO); 454 455 return (usbd_lookup_id_by_uaa(urtwn_devs, sizeof(urtwn_devs), uaa)); 456} 457 458static int 459urtwn_attach(device_t self) 460{ 461 struct usb_attach_arg *uaa = device_get_ivars(self); 462 struct urtwn_softc *sc = device_get_softc(self); 463 struct ieee80211com *ic = &sc->sc_ic; 464 uint8_t bands[howmany(IEEE80211_MODE_MAX, 8)]; 465 int error; 466 467 device_set_usb_desc(self); 468 sc->sc_udev = uaa->device; 469 sc->sc_dev = self; 470 if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E) 471 sc->chip |= URTWN_CHIP_88E; 472 473#ifdef USB_DEBUG 474 int debug; 475 if (resource_int_value(device_get_name(sc->sc_dev), 476 device_get_unit(sc->sc_dev), "debug", &debug) == 0) 477 sc->sc_debug = debug; 478#endif 479 480 mtx_init(&sc->sc_mtx, device_get_nameunit(self), 481 MTX_NETWORK_LOCK, MTX_DEF); 482 URTWN_CMDQ_LOCK_INIT(sc); 483 URTWN_NT_LOCK_INIT(sc); 484 callout_init(&sc->sc_watchdog_ch, 0); 485 mbufq_init(&sc->sc_snd, ifqmaxlen); 486 487 sc->sc_iface_index = URTWN_IFACE_INDEX; 488 error = usbd_transfer_setup(uaa->device, &sc->sc_iface_index, 489 sc->sc_xfer, urtwn_config, URTWN_N_TRANSFER, sc, &sc->sc_mtx); 490 if (error) { 491 device_printf(self, "could not allocate USB transfers, " 492 "err=%s\n", usbd_errstr(error)); 493 goto detach; 494 } 495 496 URTWN_LOCK(sc); 497 498 error = urtwn_read_chipid(sc); 499 if (error) { 500 device_printf(sc->sc_dev, "unsupported test chip\n"); 501 URTWN_UNLOCK(sc); 502 goto detach; 503 } 504 505 /* Determine number of Tx/Rx chains. */ 506 if (sc->chip & URTWN_CHIP_92C) { 507 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2; 508 sc->nrxchains = 2; 509 } else { 510 sc->ntxchains = 1; 511 sc->nrxchains = 1; 512 } 513 514 if (sc->chip & URTWN_CHIP_88E) 515 error = urtwn_r88e_read_rom(sc); 516 else 517 error = urtwn_read_rom(sc); 518 if (error != 0) { 519 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n", 520 __func__, error); 521 URTWN_UNLOCK(sc); 522 goto detach; 523 } 524 525 device_printf(sc->sc_dev, "MAC/BB RTL%s, RF 6052 %dT%dR\n", 526 (sc->chip & URTWN_CHIP_92C) ? "8192CU" : 527 (sc->chip & URTWN_CHIP_88E) ? "8188EU" : 528 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" : 529 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" : 530 "8188CUS", sc->ntxchains, sc->nrxchains); 531 532 URTWN_UNLOCK(sc); 533 534 ic->ic_softc = sc; 535 ic->ic_name = device_get_nameunit(self); 536 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 537 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 538 539 /* set device capabilities */ 540 ic->ic_caps = 541 IEEE80211_C_STA /* station mode */ 542 | IEEE80211_C_MONITOR /* monitor mode */ 543 | IEEE80211_C_IBSS /* adhoc mode */ 544 | IEEE80211_C_HOSTAP /* hostap mode */ 545 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 546 | IEEE80211_C_SHSLOT /* short slot time supported */ 547 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 548 | IEEE80211_C_WPA /* 802.11i */ 549 | IEEE80211_C_WME /* 802.11e */ 550 ; 551 552 ic->ic_cryptocaps = 553 IEEE80211_CRYPTO_WEP | 554 IEEE80211_CRYPTO_TKIP | 555 IEEE80211_CRYPTO_AES_CCM; 556 557 memset(bands, 0, sizeof(bands)); 558 setbit(bands, IEEE80211_MODE_11B); 559 setbit(bands, IEEE80211_MODE_11G); 560 ieee80211_init_channels(ic, NULL, bands); 561 562 ieee80211_ifattach(ic); 563 ic->ic_raw_xmit = urtwn_raw_xmit; 564 ic->ic_scan_start = urtwn_scan_start; 565 ic->ic_scan_end = urtwn_scan_end; 566 ic->ic_set_channel = urtwn_set_channel; 567 ic->ic_transmit = urtwn_transmit; 568 ic->ic_parent = urtwn_parent; 569 ic->ic_vap_create = urtwn_vap_create; 570 ic->ic_vap_delete = urtwn_vap_delete; 571 ic->ic_wme.wme_update = urtwn_wme_update; 572 ic->ic_updateslot = urtwn_update_slot; 573 ic->ic_update_promisc = urtwn_update_promisc; 574 ic->ic_update_mcast = urtwn_update_mcast; 575 if (sc->chip & URTWN_CHIP_88E) { 576 ic->ic_node_alloc = urtwn_r88e_node_alloc; 577 ic->ic_newassoc = urtwn_r88e_newassoc; 578 sc->sc_node_free = ic->ic_node_free; 579 ic->ic_node_free = urtwn_r88e_node_free; 580 } 581 582 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr, 583 sizeof(sc->sc_txtap), URTWN_TX_RADIOTAP_PRESENT, 584 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 585 URTWN_RX_RADIOTAP_PRESENT); 586 587 TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc); 588 589 urtwn_sysctlattach(sc); 590 591 if (bootverbose) 592 ieee80211_announce(ic); 593 594 return (0); 595 596detach: 597 urtwn_detach(self); 598 return (ENXIO); /* failure */ 599} 600 601static void 602urtwn_sysctlattach(struct urtwn_softc *sc) 603{ 604#ifdef USB_DEBUG 605 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 606 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 607 608 SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 609 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug, 610 "control debugging printfs"); 611#endif 612} 613 614static int 615urtwn_detach(device_t self) 616{ 617 struct urtwn_softc *sc = device_get_softc(self); 618 struct ieee80211com *ic = &sc->sc_ic; 619 unsigned int x; 620 621 /* Prevent further ioctls. */ 622 URTWN_LOCK(sc); 623 sc->sc_flags |= URTWN_DETACHED; 624 URTWN_UNLOCK(sc); 625 626 urtwn_stop(sc); 627 628 callout_drain(&sc->sc_watchdog_ch); 629 630 /* stop all USB transfers */ 631 usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER); 632 633 /* Prevent further allocations from RX/TX data lists. */ 634 URTWN_LOCK(sc); 635 STAILQ_INIT(&sc->sc_tx_active); 636 STAILQ_INIT(&sc->sc_tx_inactive); 637 STAILQ_INIT(&sc->sc_tx_pending); 638 639 STAILQ_INIT(&sc->sc_rx_active); 640 STAILQ_INIT(&sc->sc_rx_inactive); 641 URTWN_UNLOCK(sc); 642 643 /* drain USB transfers */ 644 for (x = 0; x != URTWN_N_TRANSFER; x++) 645 usbd_transfer_drain(sc->sc_xfer[x]); 646 647 /* Free data buffers. */ 648 URTWN_LOCK(sc); 649 urtwn_free_tx_list(sc); 650 urtwn_free_rx_list(sc); 651 URTWN_UNLOCK(sc); 652 653 if (ic->ic_softc == sc) { 654 ieee80211_draintask(ic, &sc->cmdq_task); 655 ieee80211_ifdetach(ic); 656 } 657 658 URTWN_NT_LOCK_DESTROY(sc); 659 URTWN_CMDQ_LOCK_DESTROY(sc); 660 mtx_destroy(&sc->sc_mtx); 661 662 return (0); 663} 664 665static void 666urtwn_drain_mbufq(struct urtwn_softc *sc) 667{ 668 struct mbuf *m; 669 struct ieee80211_node *ni; 670 URTWN_ASSERT_LOCKED(sc); 671 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 672 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 673 m->m_pkthdr.rcvif = NULL; 674 ieee80211_free_node(ni); 675 m_freem(m); 676 } 677} 678 679static usb_error_t 680urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req, 681 void *data) 682{ 683 usb_error_t err; 684 int ntries = 10; 685 686 URTWN_ASSERT_LOCKED(sc); 687 688 while (ntries--) { 689 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 690 req, data, 0, NULL, 250 /* ms */); 691 if (err == 0) 692 break; 693 694 URTWN_DPRINTF(sc, URTWN_DEBUG_USB, 695 "%s: control request failed, %s (retries left: %d)\n", 696 __func__, usbd_errstr(err), ntries); 697 usb_pause_mtx(&sc->sc_mtx, hz / 100); 698 } 699 return (err); 700} 701 702static struct ieee80211vap * 703urtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 704 enum ieee80211_opmode opmode, int flags, 705 const uint8_t bssid[IEEE80211_ADDR_LEN], 706 const uint8_t mac[IEEE80211_ADDR_LEN]) 707{ 708 struct urtwn_softc *sc = ic->ic_softc; 709 struct urtwn_vap *uvp; 710 struct ieee80211vap *vap; 711 712 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 713 return (NULL); 714 715 uvp = malloc(sizeof(struct urtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO); 716 vap = &uvp->vap; 717 /* enable s/w bmiss handling for sta mode */ 718 719 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 720 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) { 721 /* out of memory */ 722 free(uvp, M_80211_VAP); 723 return (NULL); 724 } 725 726 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS) 727 urtwn_init_beacon(sc, uvp); 728 729 /* override state transition machine */ 730 uvp->newstate = vap->iv_newstate; 731 vap->iv_newstate = urtwn_newstate; 732 vap->iv_update_beacon = urtwn_update_beacon; 733 vap->iv_key_alloc = urtwn_key_alloc; 734 vap->iv_key_set = urtwn_key_set; 735 vap->iv_key_delete = urtwn_key_delete; 736 if (opmode == IEEE80211_M_IBSS) { 737 uvp->recv_mgmt = vap->iv_recv_mgmt; 738 vap->iv_recv_mgmt = urtwn_ibss_recv_mgmt; 739 TASK_INIT(&uvp->tsf_task_adhoc, 0, urtwn_tsf_task_adhoc, vap); 740 } 741 742 if (URTWN_CHIP_HAS_RATECTL(sc)) 743 ieee80211_ratectl_init(vap); 744 /* complete setup */ 745 ieee80211_vap_attach(vap, ieee80211_media_change, 746 ieee80211_media_status, mac); 747 ic->ic_opmode = opmode; 748 return (vap); 749} 750 751static void 752urtwn_vap_delete(struct ieee80211vap *vap) 753{ 754 struct ieee80211com *ic = vap->iv_ic; 755 struct urtwn_softc *sc = ic->ic_softc; 756 struct urtwn_vap *uvp = URTWN_VAP(vap); 757 758 if (uvp->bcn_mbuf != NULL) 759 m_freem(uvp->bcn_mbuf); 760 if (vap->iv_opmode == IEEE80211_M_IBSS) 761 ieee80211_draintask(ic, &uvp->tsf_task_adhoc); 762 if (URTWN_CHIP_HAS_RATECTL(sc)) 763 ieee80211_ratectl_deinit(vap); 764 ieee80211_vap_detach(vap); 765 free(uvp, M_80211_VAP); 766} 767 768static struct mbuf * 769urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat, 770 int totlen) 771{ 772 struct ieee80211com *ic = &sc->sc_ic; 773 struct mbuf *m; 774 uint32_t rxdw0; 775 int pktlen; 776 777 /* 778 * don't pass packets to the ieee80211 framework if the driver isn't 779 * RUNNING. 780 */ 781 if (!(sc->sc_flags & URTWN_RUNNING)) 782 return (NULL); 783 784 rxdw0 = le32toh(stat->rxdw0); 785 if (rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR)) { 786 /* 787 * This should not happen since we setup our Rx filter 788 * to not receive these frames. 789 */ 790 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 791 "%s: RX flags error (%s)\n", __func__, 792 rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV"); 793 goto fail; 794 } 795 796 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 797 if (pktlen < sizeof(struct ieee80211_frame_ack)) { 798 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 799 "%s: frame is too short: %d\n", __func__, pktlen); 800 goto fail; 801 } 802 803 if (__predict_false(totlen > MCLBYTES)) { 804 /* convert to m_getjcl if this happens */ 805 device_printf(sc->sc_dev, "%s: frame too long: %d (%d)\n", 806 __func__, pktlen, totlen); 807 goto fail; 808 } 809 810 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 811 if (__predict_false(m == NULL)) { 812 device_printf(sc->sc_dev, "%s: could not allocate RX mbuf\n", 813 __func__); 814 goto fail; 815 } 816 817 /* Finalize mbuf. */ 818 memcpy(mtod(m, uint8_t *), (uint8_t *)stat, totlen); 819 m->m_pkthdr.len = m->m_len = totlen; 820 821 return (m); 822fail: 823 counter_u64_add(ic->ic_ierrors, 1); 824 return (NULL); 825} 826 827static struct mbuf * 828urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data) 829{ 830 struct urtwn_softc *sc = data->sc; 831 struct ieee80211com *ic = &sc->sc_ic; 832 struct r92c_rx_stat *stat; 833 uint8_t *buf; 834 int len; 835 836 usbd_xfer_status(xfer, &len, NULL, NULL, NULL); 837 838 if (len < sizeof(*stat)) { 839 counter_u64_add(ic->ic_ierrors, 1); 840 return (NULL); 841 } 842 843 buf = data->buf; 844 stat = (struct r92c_rx_stat *)buf; 845 846 if (sc->chip & URTWN_CHIP_88E) { 847 int report_sel = MS(le32toh(stat->rxdw3), R88E_RXDW3_RPT); 848 849 switch (report_sel) { 850 case R88E_RXDW3_RPT_RX: 851 return (urtwn_rxeof(sc, buf, len)); 852 case R88E_RXDW3_RPT_TX1: 853 urtwn_r88e_ratectl_tx_complete(sc, &stat[1]); 854 break; 855 default: 856 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, 857 "%s: case %d was not handled\n", __func__, 858 report_sel); 859 break; 860 } 861 } else 862 return (urtwn_rxeof(sc, buf, len)); 863 864 return (NULL); 865} 866 867static struct mbuf * 868urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len) 869{ 870 struct r92c_rx_stat *stat; 871 struct mbuf *m, *m0 = NULL, *prevm = NULL; 872 uint32_t rxdw0; 873 int totlen, pktlen, infosz, npkts; 874 875 /* Get the number of encapsulated frames. */ 876 stat = (struct r92c_rx_stat *)buf; 877 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT); 878 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 879 "%s: Rx %d frames in one chunk\n", __func__, npkts); 880 881 /* Process all of them. */ 882 while (npkts-- > 0) { 883 if (len < sizeof(*stat)) 884 break; 885 stat = (struct r92c_rx_stat *)buf; 886 rxdw0 = le32toh(stat->rxdw0); 887 888 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 889 if (pktlen == 0) 890 break; 891 892 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 893 894 /* Make sure everything fits in xfer. */ 895 totlen = sizeof(*stat) + infosz + pktlen; 896 if (totlen > len) 897 break; 898 899 m = urtwn_rx_copy_to_mbuf(sc, stat, totlen); 900 if (m0 == NULL) 901 m0 = m; 902 if (prevm == NULL) 903 prevm = m; 904 else { 905 prevm->m_next = m; 906 prevm = m; 907 } 908 909 /* Next chunk is 128-byte aligned. */ 910 totlen = (totlen + 127) & ~127; 911 buf += totlen; 912 len -= totlen; 913 } 914 915 return (m0); 916} 917 918static void 919urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg) 920{ 921 struct r88e_tx_rpt_ccx *rpt = arg; 922 struct ieee80211vap *vap; 923 struct ieee80211_node *ni; 924 uint8_t macid; 925 int ntries; 926 927 macid = MS(rpt->rptb1, R88E_RPTB1_MACID); 928 ntries = MS(rpt->rptb2, R88E_RPTB2_RETRY_CNT); 929 930 URTWN_NT_LOCK(sc); 931 ni = sc->node_list[macid]; 932 if (ni != NULL) { 933 vap = ni->ni_vap; 934 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: frame for macid %d was" 935 "%s sent (%d retries)\n", __func__, macid, 936 (rpt->rptb1 & R88E_RPTB1_PKT_OK) ? "" : " not", 937 ntries); 938 939 if (rpt->rptb1 & R88E_RPTB1_PKT_OK) { 940 ieee80211_ratectl_tx_complete(vap, ni, 941 IEEE80211_RATECTL_TX_SUCCESS, &ntries, NULL); 942 } else { 943 ieee80211_ratectl_tx_complete(vap, ni, 944 IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL); 945 } 946 } else { 947 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: macid %d, ni is NULL\n", 948 __func__, macid); 949 } 950 URTWN_NT_UNLOCK(sc); 951} 952 953static struct ieee80211_node * 954urtwn_rx_frame(struct urtwn_softc *sc, struct mbuf *m, int8_t *rssi_p) 955{ 956 struct ieee80211com *ic = &sc->sc_ic; 957 struct ieee80211_frame_min *wh; 958 struct r92c_rx_stat *stat; 959 uint32_t rxdw0, rxdw3; 960 uint8_t rate, cipher; 961 int8_t rssi = URTWN_NOISE_FLOOR + 1; 962 int infosz; 963 964 stat = mtod(m, struct r92c_rx_stat *); 965 rxdw0 = le32toh(stat->rxdw0); 966 rxdw3 = le32toh(stat->rxdw3); 967 968 rate = MS(rxdw3, R92C_RXDW3_RATE); 969 cipher = MS(rxdw0, R92C_RXDW0_CIPHER); 970 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 971 972 /* Get RSSI from PHY status descriptor if present. */ 973 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) { 974 if (sc->chip & URTWN_CHIP_88E) 975 rssi = urtwn_r88e_get_rssi(sc, rate, &stat[1]); 976 else 977 rssi = urtwn_get_rssi(sc, rate, &stat[1]); 978 /* Update our average RSSI. */ 979 urtwn_update_avgrssi(sc, rate, rssi); 980 } 981 982 if (ieee80211_radiotap_active(ic)) { 983 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap; 984 985 tap->wr_flags = 0; 986 987 urtwn_get_tsf(sc, &tap->wr_tsft); 988 if (__predict_false(le32toh((uint32_t)tap->wr_tsft) < 989 le32toh(stat->rxdw5))) { 990 tap->wr_tsft = le32toh(tap->wr_tsft >> 32) - 1; 991 tap->wr_tsft = (uint64_t)htole32(tap->wr_tsft) << 32; 992 } else 993 tap->wr_tsft &= 0xffffffff00000000; 994 tap->wr_tsft += stat->rxdw5; 995 996 /* Map HW rate index to 802.11 rate. */ 997 if (!(rxdw3 & R92C_RXDW3_HT)) { 998 tap->wr_rate = ridx2rate[rate]; 999 } else if (rate >= 12) { /* MCS0~15. */ 1000 /* Bit 7 set means HT MCS instead of rate. */ 1001 tap->wr_rate = 0x80 | (rate - 12); 1002 } 1003 tap->wr_dbm_antsignal = rssi; 1004 tap->wr_dbm_antnoise = URTWN_NOISE_FLOOR; 1005 } 1006 1007 *rssi_p = rssi; 1008 1009 /* Drop descriptor. */ 1010 m_adj(m, sizeof(*stat) + infosz); 1011 wh = mtod(m, struct ieee80211_frame_min *); 1012 1013 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) && 1014 cipher != R92C_CAM_ALGO_NONE) { 1015 m->m_flags |= M_WEP; 1016 } 1017 1018 if (m->m_len >= sizeof(*wh)) 1019 return (ieee80211_find_rxnode(ic, wh)); 1020 1021 return (NULL); 1022} 1023 1024static void 1025urtwn_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 1026{ 1027 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 1028 struct ieee80211com *ic = &sc->sc_ic; 1029 struct ieee80211_node *ni; 1030 struct mbuf *m = NULL, *next; 1031 struct urtwn_data *data; 1032 int8_t nf, rssi; 1033 1034 URTWN_ASSERT_LOCKED(sc); 1035 1036 switch (USB_GET_STATE(xfer)) { 1037 case USB_ST_TRANSFERRED: 1038 data = STAILQ_FIRST(&sc->sc_rx_active); 1039 if (data == NULL) 1040 goto tr_setup; 1041 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1042 m = urtwn_report_intr(xfer, data); 1043 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1044 /* FALLTHROUGH */ 1045 case USB_ST_SETUP: 1046tr_setup: 1047 data = STAILQ_FIRST(&sc->sc_rx_inactive); 1048 if (data == NULL) { 1049 KASSERT(m == NULL, ("mbuf isn't NULL")); 1050 return; 1051 } 1052 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 1053 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 1054 usbd_xfer_set_frame_data(xfer, 0, data->buf, 1055 usbd_xfer_max_len(xfer)); 1056 usbd_transfer_submit(xfer); 1057 1058 /* 1059 * To avoid LOR we should unlock our private mutex here to call 1060 * ieee80211_input() because here is at the end of a USB 1061 * callback and safe to unlock. 1062 */ 1063 while (m != NULL) { 1064 next = m->m_next; 1065 m->m_next = NULL; 1066 1067 ni = urtwn_rx_frame(sc, m, &rssi); 1068 URTWN_UNLOCK(sc); 1069 1070 nf = URTWN_NOISE_FLOOR; 1071 if (ni != NULL) { 1072 (void)ieee80211_input(ni, m, rssi - nf, nf); 1073 ieee80211_free_node(ni); 1074 } else { 1075 (void)ieee80211_input_all(ic, m, rssi - nf, 1076 nf); 1077 } 1078 1079 URTWN_LOCK(sc); 1080 m = next; 1081 } 1082 break; 1083 default: 1084 /* needs it to the inactive queue due to a error. */ 1085 data = STAILQ_FIRST(&sc->sc_rx_active); 1086 if (data != NULL) { 1087 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1088 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1089 } 1090 if (error != USB_ERR_CANCELLED) { 1091 usbd_xfer_set_stall(xfer); 1092 counter_u64_add(ic->ic_ierrors, 1); 1093 goto tr_setup; 1094 } 1095 break; 1096 } 1097} 1098 1099static void 1100urtwn_txeof(struct urtwn_softc *sc, struct urtwn_data *data, int status) 1101{ 1102 1103 URTWN_ASSERT_LOCKED(sc); 1104 1105 if (data->ni != NULL) /* not a beacon frame */ 1106 ieee80211_tx_complete(data->ni, data->m, status); 1107 1108 data->ni = NULL; 1109 data->m = NULL; 1110 1111 sc->sc_txtimer = 0; 1112 1113 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1114} 1115 1116static int 1117urtwn_alloc_list(struct urtwn_softc *sc, struct urtwn_data data[], 1118 int ndata, int maxsz) 1119{ 1120 int i, error; 1121 1122 for (i = 0; i < ndata; i++) { 1123 struct urtwn_data *dp = &data[i]; 1124 dp->sc = sc; 1125 dp->m = NULL; 1126 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT); 1127 if (dp->buf == NULL) { 1128 device_printf(sc->sc_dev, 1129 "could not allocate buffer\n"); 1130 error = ENOMEM; 1131 goto fail; 1132 } 1133 dp->ni = NULL; 1134 } 1135 1136 return (0); 1137fail: 1138 urtwn_free_list(sc, data, ndata); 1139 return (error); 1140} 1141 1142static int 1143urtwn_alloc_rx_list(struct urtwn_softc *sc) 1144{ 1145 int error, i; 1146 1147 error = urtwn_alloc_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT, 1148 URTWN_RXBUFSZ); 1149 if (error != 0) 1150 return (error); 1151 1152 STAILQ_INIT(&sc->sc_rx_active); 1153 STAILQ_INIT(&sc->sc_rx_inactive); 1154 1155 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) 1156 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next); 1157 1158 return (0); 1159} 1160 1161static int 1162urtwn_alloc_tx_list(struct urtwn_softc *sc) 1163{ 1164 int error, i; 1165 1166 error = urtwn_alloc_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT, 1167 URTWN_TXBUFSZ); 1168 if (error != 0) 1169 return (error); 1170 1171 STAILQ_INIT(&sc->sc_tx_active); 1172 STAILQ_INIT(&sc->sc_tx_inactive); 1173 STAILQ_INIT(&sc->sc_tx_pending); 1174 1175 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) 1176 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next); 1177 1178 return (0); 1179} 1180 1181static void 1182urtwn_free_list(struct urtwn_softc *sc, struct urtwn_data data[], int ndata) 1183{ 1184 int i; 1185 1186 for (i = 0; i < ndata; i++) { 1187 struct urtwn_data *dp = &data[i]; 1188 1189 if (dp->buf != NULL) { 1190 free(dp->buf, M_USBDEV); 1191 dp->buf = NULL; 1192 } 1193 if (dp->ni != NULL) { 1194 ieee80211_free_node(dp->ni); 1195 dp->ni = NULL; 1196 } 1197 } 1198} 1199 1200static void 1201urtwn_free_rx_list(struct urtwn_softc *sc) 1202{ 1203 urtwn_free_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT); 1204} 1205 1206static void 1207urtwn_free_tx_list(struct urtwn_softc *sc) 1208{ 1209 urtwn_free_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT); 1210} 1211 1212static void 1213urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) 1214{ 1215 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 1216 struct urtwn_data *data; 1217 1218 URTWN_ASSERT_LOCKED(sc); 1219 1220 switch (USB_GET_STATE(xfer)){ 1221 case USB_ST_TRANSFERRED: 1222 data = STAILQ_FIRST(&sc->sc_tx_active); 1223 if (data == NULL) 1224 goto tr_setup; 1225 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1226 urtwn_txeof(sc, data, 0); 1227 /* FALLTHROUGH */ 1228 case USB_ST_SETUP: 1229tr_setup: 1230 data = STAILQ_FIRST(&sc->sc_tx_pending); 1231 if (data == NULL) { 1232 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, 1233 "%s: empty pending queue\n", __func__); 1234 goto finish; 1235 } 1236 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); 1237 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next); 1238 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 1239 usbd_transfer_submit(xfer); 1240 break; 1241 default: 1242 data = STAILQ_FIRST(&sc->sc_tx_active); 1243 if (data == NULL) 1244 goto tr_setup; 1245 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1246 urtwn_txeof(sc, data, 1); 1247 if (error != USB_ERR_CANCELLED) { 1248 usbd_xfer_set_stall(xfer); 1249 goto tr_setup; 1250 } 1251 break; 1252 } 1253finish: 1254 /* Kick-start more transmit */ 1255 urtwn_start(sc); 1256} 1257 1258static struct urtwn_data * 1259_urtwn_getbuf(struct urtwn_softc *sc) 1260{ 1261 struct urtwn_data *bf; 1262 1263 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 1264 if (bf != NULL) 1265 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 1266 else { 1267 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, 1268 "%s: out of xmit buffers\n", __func__); 1269 } 1270 return (bf); 1271} 1272 1273static struct urtwn_data * 1274urtwn_getbuf(struct urtwn_softc *sc) 1275{ 1276 struct urtwn_data *bf; 1277 1278 URTWN_ASSERT_LOCKED(sc); 1279 1280 bf = _urtwn_getbuf(sc); 1281 if (bf == NULL) { 1282 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: stop queue\n", 1283 __func__); 1284 } 1285 return (bf); 1286} 1287 1288static usb_error_t 1289urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1290 int len) 1291{ 1292 usb_device_request_t req; 1293 1294 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1295 req.bRequest = R92C_REQ_REGS; 1296 USETW(req.wValue, addr); 1297 USETW(req.wIndex, 0); 1298 USETW(req.wLength, len); 1299 return (urtwn_do_request(sc, &req, buf)); 1300} 1301 1302static usb_error_t 1303urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val) 1304{ 1305 return (urtwn_write_region_1(sc, addr, &val, sizeof(val))); 1306} 1307 1308static usb_error_t 1309urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val) 1310{ 1311 val = htole16(val); 1312 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1313} 1314 1315static usb_error_t 1316urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val) 1317{ 1318 val = htole32(val); 1319 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1320} 1321 1322static usb_error_t 1323urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1324 int len) 1325{ 1326 usb_device_request_t req; 1327 1328 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1329 req.bRequest = R92C_REQ_REGS; 1330 USETW(req.wValue, addr); 1331 USETW(req.wIndex, 0); 1332 USETW(req.wLength, len); 1333 return (urtwn_do_request(sc, &req, buf)); 1334} 1335 1336static uint8_t 1337urtwn_read_1(struct urtwn_softc *sc, uint16_t addr) 1338{ 1339 uint8_t val; 1340 1341 if (urtwn_read_region_1(sc, addr, &val, 1) != 0) 1342 return (0xff); 1343 return (val); 1344} 1345 1346static uint16_t 1347urtwn_read_2(struct urtwn_softc *sc, uint16_t addr) 1348{ 1349 uint16_t val; 1350 1351 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 2) != 0) 1352 return (0xffff); 1353 return (le16toh(val)); 1354} 1355 1356static uint32_t 1357urtwn_read_4(struct urtwn_softc *sc, uint16_t addr) 1358{ 1359 uint32_t val; 1360 1361 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 4) != 0) 1362 return (0xffffffff); 1363 return (le32toh(val)); 1364} 1365 1366static int 1367urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len) 1368{ 1369 struct r92c_fw_cmd cmd; 1370 usb_error_t error; 1371 int ntries; 1372 1373 /* Wait for current FW box to be empty. */ 1374 for (ntries = 0; ntries < 100; ntries++) { 1375 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << sc->fwcur))) 1376 break; 1377 urtwn_ms_delay(sc); 1378 } 1379 if (ntries == 100) { 1380 device_printf(sc->sc_dev, 1381 "could not send firmware command\n"); 1382 return (ETIMEDOUT); 1383 } 1384 memset(&cmd, 0, sizeof(cmd)); 1385 cmd.id = id; 1386 if (len > 3) 1387 cmd.id |= R92C_CMD_FLAG_EXT; 1388 KASSERT(len <= sizeof(cmd.msg), ("urtwn_fw_cmd\n")); 1389 memcpy(cmd.msg, buf, len); 1390 1391 /* Write the first word last since that will trigger the FW. */ 1392 error = urtwn_write_region_1(sc, R92C_HMEBOX_EXT(sc->fwcur), 1393 (uint8_t *)&cmd + 4, 2); 1394 if (error != USB_ERR_NORMAL_COMPLETION) 1395 return (EIO); 1396 error = urtwn_write_region_1(sc, R92C_HMEBOX(sc->fwcur), 1397 (uint8_t *)&cmd + 0, 4); 1398 if (error != USB_ERR_NORMAL_COMPLETION) 1399 return (EIO); 1400 1401 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX; 1402 return (0); 1403} 1404 1405static void 1406urtwn_cmdq_cb(void *arg, int pending) 1407{ 1408 struct urtwn_softc *sc = arg; 1409 struct urtwn_cmdq *item; 1410 1411 /* 1412 * Device must be powered on (via urtwn_power_on()) 1413 * before any command may be sent. 1414 */ 1415 URTWN_LOCK(sc); 1416 if (!(sc->sc_flags & URTWN_RUNNING)) { 1417 URTWN_UNLOCK(sc); 1418 return; 1419 } 1420 1421 URTWN_CMDQ_LOCK(sc); 1422 while (sc->cmdq[sc->cmdq_first].func != NULL) { 1423 item = &sc->cmdq[sc->cmdq_first]; 1424 sc->cmdq_first = (sc->cmdq_first + 1) % URTWN_CMDQ_SIZE; 1425 URTWN_CMDQ_UNLOCK(sc); 1426 1427 item->func(sc, &item->data); 1428 1429 URTWN_CMDQ_LOCK(sc); 1430 memset(item, 0, sizeof (*item)); 1431 } 1432 URTWN_CMDQ_UNLOCK(sc); 1433 URTWN_UNLOCK(sc); 1434} 1435 1436static int 1437urtwn_cmd_sleepable(struct urtwn_softc *sc, const void *ptr, size_t len, 1438 CMD_FUNC_PROTO) 1439{ 1440 struct ieee80211com *ic = &sc->sc_ic; 1441 1442 KASSERT(len <= sizeof(union sec_param), ("buffer overflow")); 1443 1444 URTWN_CMDQ_LOCK(sc); 1445 if (sc->cmdq[sc->cmdq_last].func != NULL) { 1446 device_printf(sc->sc_dev, "%s: cmdq overflow\n", __func__); 1447 URTWN_CMDQ_UNLOCK(sc); 1448 1449 return (EAGAIN); 1450 } 1451 1452 if (ptr != NULL) 1453 memcpy(&sc->cmdq[sc->cmdq_last].data, ptr, len); 1454 sc->cmdq[sc->cmdq_last].func = func; 1455 sc->cmdq_last = (sc->cmdq_last + 1) % URTWN_CMDQ_SIZE; 1456 URTWN_CMDQ_UNLOCK(sc); 1457 1458 ieee80211_runtask(ic, &sc->cmdq_task); 1459 1460 return (0); 1461} 1462 1463static __inline void 1464urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val) 1465{ 1466 1467 sc->sc_rf_write(sc, chain, addr, val); 1468} 1469 1470static void 1471urtwn_r92c_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1472 uint32_t val) 1473{ 1474 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1475 SM(R92C_LSSI_PARAM_ADDR, addr) | 1476 SM(R92C_LSSI_PARAM_DATA, val)); 1477} 1478 1479static void 1480urtwn_r88e_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1481uint32_t val) 1482{ 1483 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1484 SM(R88E_LSSI_PARAM_ADDR, addr) | 1485 SM(R92C_LSSI_PARAM_DATA, val)); 1486} 1487 1488static uint32_t 1489urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr) 1490{ 1491 uint32_t reg[R92C_MAX_CHAINS], val; 1492 1493 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)); 1494 if (chain != 0) 1495 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain)); 1496 1497 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1498 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE); 1499 urtwn_ms_delay(sc); 1500 1501 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain), 1502 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) | 1503 R92C_HSSI_PARAM2_READ_EDGE); 1504 urtwn_ms_delay(sc); 1505 1506 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1507 reg[0] | R92C_HSSI_PARAM2_READ_EDGE); 1508 urtwn_ms_delay(sc); 1509 1510 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI) 1511 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain)); 1512 else 1513 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain)); 1514 return (MS(val, R92C_LSSI_READBACK_DATA)); 1515} 1516 1517static int 1518urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 1519{ 1520 usb_error_t error; 1521 int ntries; 1522 1523 error = urtwn_write_4(sc, R92C_LLT_INIT, 1524 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) | 1525 SM(R92C_LLT_INIT_ADDR, addr) | 1526 SM(R92C_LLT_INIT_DATA, data)); 1527 if (error != USB_ERR_NORMAL_COMPLETION) 1528 return (EIO); 1529 /* Wait for write operation to complete. */ 1530 for (ntries = 0; ntries < 20; ntries++) { 1531 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) == 1532 R92C_LLT_INIT_OP_NO_ACTIVE) 1533 return (0); 1534 urtwn_ms_delay(sc); 1535 } 1536 return (ETIMEDOUT); 1537} 1538 1539static int 1540urtwn_efuse_read_next(struct urtwn_softc *sc, uint8_t *val) 1541{ 1542 uint32_t reg; 1543 usb_error_t error; 1544 int ntries; 1545 1546 if (sc->last_rom_addr >= URTWN_EFUSE_MAX_LEN) 1547 return (EFAULT); 1548 1549 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1550 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, sc->last_rom_addr); 1551 reg &= ~R92C_EFUSE_CTRL_VALID; 1552 1553 error = urtwn_write_4(sc, R92C_EFUSE_CTRL, reg); 1554 if (error != USB_ERR_NORMAL_COMPLETION) 1555 return (EIO); 1556 /* Wait for read operation to complete. */ 1557 for (ntries = 0; ntries < 100; ntries++) { 1558 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1559 if (reg & R92C_EFUSE_CTRL_VALID) 1560 break; 1561 urtwn_ms_delay(sc); 1562 } 1563 if (ntries == 100) { 1564 device_printf(sc->sc_dev, 1565 "could not read efuse byte at address 0x%x\n", 1566 sc->last_rom_addr); 1567 return (ETIMEDOUT); 1568 } 1569 1570 *val = MS(reg, R92C_EFUSE_CTRL_DATA); 1571 sc->last_rom_addr++; 1572 1573 return (0); 1574} 1575 1576static int 1577urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off, 1578 uint8_t msk) 1579{ 1580 uint8_t reg; 1581 int i, error; 1582 1583 for (i = 0; i < 4; i++) { 1584 if (msk & (1 << i)) 1585 continue; 1586 error = urtwn_efuse_read_next(sc, ®); 1587 if (error != 0) 1588 return (error); 1589 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n", 1590 off * 8 + i * 2, reg); 1591 rom[off * 8 + i * 2 + 0] = reg; 1592 1593 error = urtwn_efuse_read_next(sc, ®); 1594 if (error != 0) 1595 return (error); 1596 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n", 1597 off * 8 + i * 2 + 1, reg); 1598 rom[off * 8 + i * 2 + 1] = reg; 1599 } 1600 1601 return (0); 1602} 1603 1604#ifdef USB_DEBUG 1605static void 1606urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1607{ 1608 int i; 1609 1610 /* Dump ROM contents. */ 1611 device_printf(sc->sc_dev, "%s:", __func__); 1612 for (i = 0; i < size; i++) { 1613 if (i % 32 == 0) 1614 printf("\n%03X: ", i); 1615 else if (i % 4 == 0) 1616 printf(" "); 1617 1618 printf("%02X", rom[i]); 1619 } 1620 printf("\n"); 1621} 1622#endif 1623 1624static int 1625urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1626{ 1627#define URTWN_CHK(res) do { \ 1628 if ((error = res) != 0) \ 1629 goto end; \ 1630} while(0) 1631 uint8_t msk, off, reg; 1632 int error; 1633 1634 URTWN_CHK(urtwn_efuse_switch_power(sc)); 1635 1636 /* Read full ROM image. */ 1637 sc->last_rom_addr = 0; 1638 memset(rom, 0xff, size); 1639 1640 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1641 while (reg != 0xff) { 1642 /* check for extended header */ 1643 if ((sc->chip & URTWN_CHIP_88E) && (reg & 0x1f) == 0x0f) { 1644 off = reg >> 5; 1645 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1646 1647 if ((reg & 0x0f) != 0x0f) 1648 off = ((reg & 0xf0) >> 1) | off; 1649 else 1650 continue; 1651 } else 1652 off = reg >> 4; 1653 msk = reg & 0xf; 1654 1655 URTWN_CHK(urtwn_efuse_read_data(sc, rom, off, msk)); 1656 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1657 } 1658 1659end: 1660 1661#ifdef USB_DEBUG 1662 if (sc->sc_debug & URTWN_DEBUG_ROM) 1663 urtwn_dump_rom_contents(sc, rom, size); 1664#endif 1665 1666 urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_OFF); 1667 1668 if (error != 0) { 1669 device_printf(sc->sc_dev, "%s: error while reading ROM\n", 1670 __func__); 1671 } 1672 1673 return (error); 1674#undef URTWN_CHK 1675} 1676 1677static int 1678urtwn_efuse_switch_power(struct urtwn_softc *sc) 1679{ 1680 usb_error_t error; 1681 uint32_t reg; 1682 1683 error = urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_ON); 1684 if (error != USB_ERR_NORMAL_COMPLETION) 1685 return (EIO); 1686 1687 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL); 1688 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) { 1689 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 1690 reg | R92C_SYS_ISO_CTRL_PWC_EV12V); 1691 if (error != USB_ERR_NORMAL_COMPLETION) 1692 return (EIO); 1693 } 1694 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 1695 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) { 1696 error = urtwn_write_2(sc, R92C_SYS_FUNC_EN, 1697 reg | R92C_SYS_FUNC_EN_ELDR); 1698 if (error != USB_ERR_NORMAL_COMPLETION) 1699 return (EIO); 1700 } 1701 reg = urtwn_read_2(sc, R92C_SYS_CLKR); 1702 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) != 1703 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) { 1704 error = urtwn_write_2(sc, R92C_SYS_CLKR, 1705 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M); 1706 if (error != USB_ERR_NORMAL_COMPLETION) 1707 return (EIO); 1708 } 1709 1710 return (0); 1711} 1712 1713static int 1714urtwn_read_chipid(struct urtwn_softc *sc) 1715{ 1716 uint32_t reg; 1717 1718 if (sc->chip & URTWN_CHIP_88E) 1719 return (0); 1720 1721 reg = urtwn_read_4(sc, R92C_SYS_CFG); 1722 if (reg & R92C_SYS_CFG_TRP_VAUX_EN) 1723 return (EIO); 1724 1725 if (reg & R92C_SYS_CFG_TYPE_92C) { 1726 sc->chip |= URTWN_CHIP_92C; 1727 /* Check if it is a castrated 8192C. */ 1728 if (MS(urtwn_read_4(sc, R92C_HPON_FSM), 1729 R92C_HPON_FSM_CHIP_BONDING_ID) == 1730 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R) 1731 sc->chip |= URTWN_CHIP_92C_1T2R; 1732 } 1733 if (reg & R92C_SYS_CFG_VENDOR_UMC) { 1734 sc->chip |= URTWN_CHIP_UMC; 1735 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0) 1736 sc->chip |= URTWN_CHIP_UMC_A_CUT; 1737 } 1738 return (0); 1739} 1740 1741static int 1742urtwn_read_rom(struct urtwn_softc *sc) 1743{ 1744 struct r92c_rom *rom = &sc->rom.r92c_rom; 1745 int error; 1746 1747 /* Read full ROM image. */ 1748 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(*rom)); 1749 if (error != 0) 1750 return (error); 1751 1752 /* XXX Weird but this is what the vendor driver does. */ 1753 sc->last_rom_addr = 0x1fa; 1754 error = urtwn_efuse_read_next(sc, &sc->pa_setting); 1755 if (error != 0) 1756 return (error); 1757 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: PA setting=0x%x\n", __func__, 1758 sc->pa_setting); 1759 1760 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE); 1761 1762 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY); 1763 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type=%d\n", 1764 __func__, sc->regulatory); 1765 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); 1766 1767 sc->sc_rf_write = urtwn_r92c_rf_write; 1768 sc->sc_power_on = urtwn_r92c_power_on; 1769 1770 return (0); 1771} 1772 1773static int 1774urtwn_r88e_read_rom(struct urtwn_softc *sc) 1775{ 1776 struct r88e_rom *rom = &sc->rom.r88e_rom; 1777 int error; 1778 1779 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(sc->rom.r88e_rom)); 1780 if (error != 0) 1781 return (error); 1782 1783 sc->bw20_tx_pwr_diff = (rom->tx_pwr_diff >> 4); 1784 if (sc->bw20_tx_pwr_diff & 0x08) 1785 sc->bw20_tx_pwr_diff |= 0xf0; 1786 sc->ofdm_tx_pwr_diff = (rom->tx_pwr_diff & 0xf); 1787 if (sc->ofdm_tx_pwr_diff & 0x08) 1788 sc->ofdm_tx_pwr_diff |= 0xf0; 1789 sc->regulatory = MS(rom->rf_board_opt, R92C_ROM_RF1_REGULATORY); 1790 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type %d\n", 1791 __func__,sc->regulatory); 1792 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); 1793 1794 sc->sc_rf_write = urtwn_r88e_rf_write; 1795 sc->sc_power_on = urtwn_r88e_power_on; 1796 1797 return (0); 1798} 1799 1800/* 1801 * Initialize rate adaptation in firmware. 1802 */ 1803static int 1804urtwn_ra_init(struct urtwn_softc *sc) 1805{ 1806 struct ieee80211com *ic = &sc->sc_ic; 1807 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1808 struct ieee80211_node *ni; 1809 struct ieee80211_rateset *rs; 1810 struct r92c_fw_cmd_macid_cfg cmd; 1811 uint32_t rates, basicrates; 1812 uint8_t mode; 1813 int maxrate, maxbasicrate, error, i, j; 1814 1815 ni = ieee80211_ref_node(vap->iv_bss); 1816 rs = &ni->ni_rates; 1817 1818 /* Get normal and basic rates mask. */ 1819 rates = basicrates = 0; 1820 maxrate = maxbasicrate = 0; 1821 for (i = 0; i < rs->rs_nrates; i++) { 1822 /* Convert 802.11 rate to HW rate index. */ 1823 for (j = 0; j < nitems(ridx2rate); j++) 1824 if ((rs->rs_rates[i] & IEEE80211_RATE_VAL) == 1825 ridx2rate[j]) 1826 break; 1827 if (j == nitems(ridx2rate)) /* Unknown rate, skip. */ 1828 continue; 1829 rates |= 1 << j; 1830 if (j > maxrate) 1831 maxrate = j; 1832 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) { 1833 basicrates |= 1 << j; 1834 if (j > maxbasicrate) 1835 maxbasicrate = j; 1836 } 1837 } 1838 if (ic->ic_curmode == IEEE80211_MODE_11B) 1839 mode = R92C_RAID_11B; 1840 else 1841 mode = R92C_RAID_11BG; 1842 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, 1843 "%s: mode 0x%x, rates 0x%08x, basicrates 0x%08x\n", __func__, 1844 mode, rates, basicrates); 1845 1846 /* Set rates mask for group addressed frames. */ 1847 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID; 1848 cmd.mask = htole32(mode << 28 | basicrates); 1849 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1850 if (error != 0) { 1851 ieee80211_free_node(ni); 1852 device_printf(sc->sc_dev, 1853 "could not add broadcast station\n"); 1854 return (error); 1855 } 1856 /* Set initial MRR rate. */ 1857 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxbasicrate %d\n", __func__, 1858 maxbasicrate); 1859 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC), 1860 maxbasicrate); 1861 1862 /* Set rates mask for unicast frames. */ 1863 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID; 1864 cmd.mask = htole32(mode << 28 | rates); 1865 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1866 if (error != 0) { 1867 ieee80211_free_node(ni); 1868 device_printf(sc->sc_dev, "could not add BSS station\n"); 1869 return (error); 1870 } 1871 /* Set initial MRR rate. */ 1872 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxrate %d\n", __func__, 1873 maxrate); 1874 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS), 1875 maxrate); 1876 1877 /* Indicate highest supported rate. */ 1878 ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1]; 1879 ieee80211_free_node(ni); 1880 1881 return (0); 1882} 1883 1884static void 1885urtwn_init_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 1886{ 1887 struct r92c_tx_desc *txd = &uvp->bcn_desc; 1888 1889 txd->txdw0 = htole32( 1890 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | R92C_TXDW0_BMCAST | 1891 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 1892 txd->txdw1 = htole32( 1893 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_BEACON) | 1894 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 1895 1896 if (sc->chip & URTWN_CHIP_88E) { 1897 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 1898 txd->txdseq |= htole16(R88E_TXDSEQ_HWSEQ_EN); 1899 } else { 1900 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 1901 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 1902 } 1903 1904 txd->txdw4 = htole32(R92C_TXDW4_DRVRATE); 1905 txd->txdw5 = htole32(SM(R92C_TXDW5_DATARATE, URTWN_RIDX_CCK1)); 1906} 1907 1908static int 1909urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni) 1910{ 1911 struct ieee80211vap *vap = ni->ni_vap; 1912 struct urtwn_vap *uvp = URTWN_VAP(vap); 1913 struct mbuf *m; 1914 int error; 1915 1916 URTWN_ASSERT_LOCKED(sc); 1917 1918 if (ni->ni_chan == IEEE80211_CHAN_ANYC) 1919 return (EINVAL); 1920 1921 m = ieee80211_beacon_alloc(ni); 1922 if (m == NULL) { 1923 device_printf(sc->sc_dev, 1924 "%s: could not allocate beacon frame\n", __func__); 1925 return (ENOMEM); 1926 } 1927 1928 if (uvp->bcn_mbuf != NULL) 1929 m_freem(uvp->bcn_mbuf); 1930 1931 uvp->bcn_mbuf = m; 1932 1933 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 1934 return (error); 1935 1936 /* XXX bcnq stuck workaround */ 1937 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 1938 return (error); 1939 1940 URTWN_DPRINTF(sc, URTWN_DEBUG_BEACON, "%s: beacon was %srecognized\n", 1941 __func__, urtwn_read_1(sc, R92C_TDECTRL + 2) & 1942 (R92C_TDECTRL_BCN_VALID >> 16) ? "" : "not "); 1943 1944 return (0); 1945} 1946 1947static void 1948urtwn_update_beacon(struct ieee80211vap *vap, int item) 1949{ 1950 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 1951 struct urtwn_vap *uvp = URTWN_VAP(vap); 1952 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off; 1953 struct ieee80211_node *ni = vap->iv_bss; 1954 int mcast = 0; 1955 1956 URTWN_LOCK(sc); 1957 if (uvp->bcn_mbuf == NULL) { 1958 uvp->bcn_mbuf = ieee80211_beacon_alloc(ni); 1959 if (uvp->bcn_mbuf == NULL) { 1960 device_printf(sc->sc_dev, 1961 "%s: could not allocate beacon frame\n", __func__); 1962 URTWN_UNLOCK(sc); 1963 return; 1964 } 1965 } 1966 URTWN_UNLOCK(sc); 1967 1968 if (item == IEEE80211_BEACON_TIM) 1969 mcast = 1; /* XXX */ 1970 1971 setbit(bo->bo_flags, item); 1972 ieee80211_beacon_update(ni, uvp->bcn_mbuf, mcast); 1973 1974 URTWN_LOCK(sc); 1975 urtwn_tx_beacon(sc, uvp); 1976 URTWN_UNLOCK(sc); 1977} 1978 1979/* 1980 * Push a beacon frame into the chip. Beacon will 1981 * be repeated by the chip every R92C_BCN_INTERVAL. 1982 */ 1983static int 1984urtwn_tx_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 1985{ 1986 struct r92c_tx_desc *desc = &uvp->bcn_desc; 1987 struct urtwn_data *bf; 1988 1989 URTWN_ASSERT_LOCKED(sc); 1990 1991 bf = urtwn_getbuf(sc); 1992 if (bf == NULL) 1993 return (ENOMEM); 1994 1995 memcpy(bf->buf, desc, sizeof(*desc)); 1996 urtwn_tx_start(sc, uvp->bcn_mbuf, IEEE80211_FC0_TYPE_MGT, bf); 1997 1998 sc->sc_txtimer = 5; 1999 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2000 2001 return (0); 2002} 2003 2004static int 2005urtwn_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k, 2006 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix) 2007{ 2008 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2009 uint8_t i; 2010 2011 if (!(&vap->iv_nw_keys[0] <= k && 2012 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) { 2013 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 2014 URTWN_LOCK(sc); 2015 /* 2016 * First 4 slots for group keys, 2017 * what is left - for pairwise. 2018 * XXX incompatible with IBSS RSN. 2019 */ 2020 for (i = IEEE80211_WEP_NKID; 2021 i < R92C_CAM_ENTRY_COUNT; i++) { 2022 if ((sc->keys_bmap & (1 << i)) == 0) { 2023 sc->keys_bmap |= 1 << i; 2024 *keyix = i; 2025 break; 2026 } 2027 } 2028 URTWN_UNLOCK(sc); 2029 if (i == R92C_CAM_ENTRY_COUNT) { 2030 device_printf(sc->sc_dev, 2031 "%s: no free space in the key table\n", 2032 __func__); 2033 return 0; 2034 } 2035 } else 2036 *keyix = 0; 2037 } else { 2038 *keyix = k - vap->iv_nw_keys; 2039 } 2040 *rxkeyix = *keyix; 2041 return 1; 2042} 2043 2044static void 2045urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data) 2046{ 2047 struct ieee80211_key *k = &data->key; 2048 uint8_t algo, keyid; 2049 int i, error; 2050 2051 if (k->wk_keyix < IEEE80211_WEP_NKID) 2052 keyid = k->wk_keyix; 2053 else 2054 keyid = 0; 2055 2056 /* Map net80211 cipher to HW crypto algorithm. */ 2057 switch (k->wk_cipher->ic_cipher) { 2058 case IEEE80211_CIPHER_WEP: 2059 if (k->wk_keylen < 8) 2060 algo = R92C_CAM_ALGO_WEP40; 2061 else 2062 algo = R92C_CAM_ALGO_WEP104; 2063 break; 2064 case IEEE80211_CIPHER_TKIP: 2065 algo = R92C_CAM_ALGO_TKIP; 2066 break; 2067 case IEEE80211_CIPHER_AES_CCM: 2068 algo = R92C_CAM_ALGO_AES; 2069 break; 2070 default: 2071 device_printf(sc->sc_dev, "%s: undefined cipher %d\n", 2072 __func__, k->wk_cipher->ic_cipher); 2073 return; 2074 } 2075 2076 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY, 2077 "%s: keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, " 2078 "macaddr %s\n", __func__, k->wk_keyix, keyid, 2079 k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen, 2080 ether_sprintf(k->wk_macaddr)); 2081 2082 /* Write key. */ 2083 for (i = 0; i < 4; i++) { 2084 error = urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 2085 LE_READ_4(&k->wk_key[i * 4])); 2086 if (error != 0) 2087 goto fail; 2088 } 2089 2090 /* Write CTL0 last since that will validate the CAM entry. */ 2091 error = urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 2092 LE_READ_4(&k->wk_macaddr[2])); 2093 if (error != 0) 2094 goto fail; 2095 error = urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 2096 SM(R92C_CAM_ALGO, algo) | 2097 SM(R92C_CAM_KEYID, keyid) | 2098 SM(R92C_CAM_MACLO, LE_READ_2(&k->wk_macaddr[0])) | 2099 R92C_CAM_VALID); 2100 if (error != 0) 2101 goto fail; 2102 2103 return; 2104 2105fail: 2106 device_printf(sc->sc_dev, "%s fails, error %d\n", __func__, error); 2107} 2108 2109static void 2110urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data) 2111{ 2112 struct ieee80211_key *k = &data->key; 2113 int i; 2114 2115 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY, 2116 "%s: keyix %d, flags %04X, macaddr %s\n", __func__, 2117 k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr)); 2118 2119 urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0); 2120 urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 0); 2121 2122 /* Clear key. */ 2123 for (i = 0; i < 4; i++) 2124 urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 0); 2125 sc->keys_bmap &= ~(1 << k->wk_keyix); 2126} 2127 2128static int 2129urtwn_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k) 2130{ 2131 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2132 2133 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 2134 /* Not for us. */ 2135 return (1); 2136 } 2137 2138 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_set_cb)); 2139} 2140 2141static int 2142urtwn_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 2143{ 2144 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2145 2146 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 2147 /* Not for us. */ 2148 return (1); 2149 } 2150 2151 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_del_cb)); 2152} 2153 2154static void 2155urtwn_tsf_task_adhoc(void *arg, int pending) 2156{ 2157 struct ieee80211vap *vap = arg; 2158 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2159 struct ieee80211_node *ni; 2160 uint32_t reg; 2161 2162 URTWN_LOCK(sc); 2163 ni = ieee80211_ref_node(vap->iv_bss); 2164 reg = urtwn_read_1(sc, R92C_BCN_CTRL); 2165 2166 /* Accept beacons with the same BSSID. */ 2167 urtwn_set_rx_bssid_all(sc, 0); 2168 2169 /* Enable synchronization. */ 2170 reg &= ~R92C_BCN_CTRL_DIS_TSF_UDT0; 2171 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2172 2173 /* Synchronize. */ 2174 usb_pause_mtx(&sc->sc_mtx, hz * ni->ni_intval * 5 / 1000); 2175 2176 /* Disable synchronization. */ 2177 reg |= R92C_BCN_CTRL_DIS_TSF_UDT0; 2178 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2179 2180 /* Remove beacon filter. */ 2181 urtwn_set_rx_bssid_all(sc, 1); 2182 2183 /* Enable beaconing. */ 2184 urtwn_write_1(sc, R92C_MBID_NUM, 2185 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 2186 reg |= R92C_BCN_CTRL_EN_BCN; 2187 2188 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2189 ieee80211_free_node(ni); 2190 URTWN_UNLOCK(sc); 2191} 2192 2193static void 2194urtwn_tsf_sync_enable(struct urtwn_softc *sc, struct ieee80211vap *vap) 2195{ 2196 struct ieee80211com *ic = &sc->sc_ic; 2197 struct urtwn_vap *uvp = URTWN_VAP(vap); 2198 2199 /* Reset TSF. */ 2200 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 2201 2202 switch (vap->iv_opmode) { 2203 case IEEE80211_M_STA: 2204 /* Enable TSF synchronization. */ 2205 urtwn_write_1(sc, R92C_BCN_CTRL, 2206 urtwn_read_1(sc, R92C_BCN_CTRL) & 2207 ~R92C_BCN_CTRL_DIS_TSF_UDT0); 2208 break; 2209 case IEEE80211_M_IBSS: 2210 ieee80211_runtask(ic, &uvp->tsf_task_adhoc); 2211 break; 2212 case IEEE80211_M_HOSTAP: 2213 /* Enable beaconing. */ 2214 urtwn_write_1(sc, R92C_MBID_NUM, 2215 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 2216 urtwn_write_1(sc, R92C_BCN_CTRL, 2217 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN); 2218 break; 2219 default: 2220 device_printf(sc->sc_dev, "undefined opmode %d\n", 2221 vap->iv_opmode); 2222 return; 2223 } 2224} 2225 2226static void 2227urtwn_get_tsf(struct urtwn_softc *sc, uint64_t *buf) 2228{ 2229 urtwn_read_region_1(sc, R92C_TSFTR, (uint8_t *)buf, sizeof(*buf)); 2230} 2231 2232static void 2233urtwn_set_led(struct urtwn_softc *sc, int led, int on) 2234{ 2235 uint8_t reg; 2236 2237 if (led == URTWN_LED_LINK) { 2238 if (sc->chip & URTWN_CHIP_88E) { 2239 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0xf0; 2240 urtwn_write_1(sc, R92C_LEDCFG2, reg | 0x60); 2241 if (!on) { 2242 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0x90; 2243 urtwn_write_1(sc, R92C_LEDCFG2, 2244 reg | R92C_LEDCFG0_DIS); 2245 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 2246 urtwn_read_1(sc, R92C_MAC_PINMUX_CFG) & 2247 0xfe); 2248 } 2249 } else { 2250 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70; 2251 if (!on) 2252 reg |= R92C_LEDCFG0_DIS; 2253 urtwn_write_1(sc, R92C_LEDCFG0, reg); 2254 } 2255 sc->ledlink = on; /* Save LED state. */ 2256 } 2257} 2258 2259static void 2260urtwn_set_mode(struct urtwn_softc *sc, uint8_t mode) 2261{ 2262 uint8_t reg; 2263 2264 reg = urtwn_read_1(sc, R92C_MSR); 2265 reg = (reg & ~R92C_MSR_MASK) | mode; 2266 urtwn_write_1(sc, R92C_MSR, reg); 2267} 2268 2269static void 2270urtwn_ibss_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype, 2271 const struct ieee80211_rx_stats *rxs, 2272 int rssi, int nf) 2273{ 2274 struct ieee80211vap *vap = ni->ni_vap; 2275 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2276 struct urtwn_vap *uvp = URTWN_VAP(vap); 2277 uint64_t ni_tstamp, curr_tstamp; 2278 2279 uvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf); 2280 2281 if (vap->iv_state == IEEE80211_S_RUN && 2282 (subtype == IEEE80211_FC0_SUBTYPE_BEACON || 2283 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) { 2284 ni_tstamp = le64toh(ni->ni_tstamp.tsf); 2285 URTWN_LOCK(sc); 2286 urtwn_get_tsf(sc, &curr_tstamp); 2287 URTWN_UNLOCK(sc); 2288 curr_tstamp = le64toh(curr_tstamp); 2289 2290 if (ni_tstamp >= curr_tstamp) 2291 (void) ieee80211_ibss_merge(ni); 2292 } 2293} 2294 2295static int 2296urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2297{ 2298 struct urtwn_vap *uvp = URTWN_VAP(vap); 2299 struct ieee80211com *ic = vap->iv_ic; 2300 struct urtwn_softc *sc = ic->ic_softc; 2301 struct ieee80211_node *ni; 2302 enum ieee80211_state ostate; 2303 uint32_t reg; 2304 uint8_t mode; 2305 int error = 0; 2306 2307 ostate = vap->iv_state; 2308 URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s -> %s\n", 2309 ieee80211_state_name[ostate], ieee80211_state_name[nstate]); 2310 2311 IEEE80211_UNLOCK(ic); 2312 URTWN_LOCK(sc); 2313 callout_stop(&sc->sc_watchdog_ch); 2314 2315 if (ostate == IEEE80211_S_RUN) { 2316 /* Turn link LED off. */ 2317 urtwn_set_led(sc, URTWN_LED_LINK, 0); 2318 2319 /* Set media status to 'No Link'. */ 2320 urtwn_set_mode(sc, R92C_MSR_NOLINK); 2321 2322 /* Stop Rx of data frames. */ 2323 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 2324 2325 /* Disable TSF synchronization. */ 2326 urtwn_write_1(sc, R92C_BCN_CTRL, 2327 (urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN) | 2328 R92C_BCN_CTRL_DIS_TSF_UDT0); 2329 2330 /* Disable beaconing. */ 2331 urtwn_write_1(sc, R92C_MBID_NUM, 2332 urtwn_read_1(sc, R92C_MBID_NUM) & ~R92C_MBID_TXBCN_RPT0); 2333 2334 /* Reset TSF. */ 2335 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 2336 2337 /* Reset EDCA parameters. */ 2338 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217); 2339 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317); 2340 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320); 2341 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444); 2342 } 2343 2344 switch (nstate) { 2345 case IEEE80211_S_INIT: 2346 /* Turn link LED off. */ 2347 urtwn_set_led(sc, URTWN_LED_LINK, 0); 2348 break; 2349 case IEEE80211_S_SCAN: 2350 /* Pause AC Tx queues. */ 2351 urtwn_write_1(sc, R92C_TXPAUSE, 2352 urtwn_read_1(sc, R92C_TXPAUSE) | R92C_TX_QUEUE_AC); 2353 break; 2354 case IEEE80211_S_AUTH: 2355 urtwn_set_chan(sc, ic->ic_curchan, NULL); 2356 break; 2357 case IEEE80211_S_RUN: 2358 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 2359 /* Turn link LED on. */ 2360 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2361 break; 2362 } 2363 2364 ni = ieee80211_ref_node(vap->iv_bss); 2365 2366 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC || 2367 ni->ni_chan == IEEE80211_CHAN_ANYC) { 2368 device_printf(sc->sc_dev, 2369 "%s: could not move to RUN state\n", __func__); 2370 error = EINVAL; 2371 goto end_run; 2372 } 2373 2374 switch (vap->iv_opmode) { 2375 case IEEE80211_M_STA: 2376 mode = R92C_MSR_INFRA; 2377 break; 2378 case IEEE80211_M_IBSS: 2379 mode = R92C_MSR_ADHOC; 2380 break; 2381 case IEEE80211_M_HOSTAP: 2382 mode = R92C_MSR_AP; 2383 break; 2384 default: 2385 device_printf(sc->sc_dev, "undefined opmode %d\n", 2386 vap->iv_opmode); 2387 error = EINVAL; 2388 goto end_run; 2389 } 2390 2391 /* Set media status to 'Associated'. */ 2392 urtwn_set_mode(sc, mode); 2393 2394 /* Set BSSID. */ 2395 urtwn_write_4(sc, R92C_BSSID + 0, LE_READ_4(&ni->ni_bssid[0])); 2396 urtwn_write_4(sc, R92C_BSSID + 4, LE_READ_2(&ni->ni_bssid[4])); 2397 2398 if (ic->ic_curmode == IEEE80211_MODE_11B) 2399 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0); 2400 else /* 802.11b/g */ 2401 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3); 2402 2403 /* Enable Rx of data frames. */ 2404 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 2405 2406 /* Flush all AC queues. */ 2407 urtwn_write_1(sc, R92C_TXPAUSE, 0); 2408 2409 /* Set beacon interval. */ 2410 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval); 2411 2412 /* Allow Rx from our BSSID only. */ 2413 if (ic->ic_promisc == 0) { 2414 reg = urtwn_read_4(sc, R92C_RCR); 2415 2416 if (vap->iv_opmode != IEEE80211_M_HOSTAP) 2417 reg |= R92C_RCR_CBSSID_DATA; 2418 if (vap->iv_opmode != IEEE80211_M_IBSS) 2419 reg |= R92C_RCR_CBSSID_BCN; 2420 2421 urtwn_write_4(sc, R92C_RCR, reg); 2422 } 2423 2424 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 2425 vap->iv_opmode == IEEE80211_M_IBSS) { 2426 error = urtwn_setup_beacon(sc, ni); 2427 if (error != 0) { 2428 device_printf(sc->sc_dev, 2429 "unable to push beacon into the chip, " 2430 "error %d\n", error); 2431 goto end_run; 2432 } 2433 } 2434 2435 /* Enable TSF synchronization. */ 2436 urtwn_tsf_sync_enable(sc, vap); 2437 2438 urtwn_write_1(sc, R92C_SIFS_CCK + 1, 10); 2439 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10); 2440 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10); 2441 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10); 2442 urtwn_write_1(sc, R92C_R2T_SIFS + 1, 10); 2443 urtwn_write_1(sc, R92C_T2T_SIFS + 1, 10); 2444 2445 /* Intialize rate adaptation. */ 2446 if (!(sc->chip & URTWN_CHIP_88E)) 2447 urtwn_ra_init(sc); 2448 /* Turn link LED on. */ 2449 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2450 2451 sc->avg_pwdb = -1; /* Reset average RSSI. */ 2452 /* Reset temperature calibration state machine. */ 2453 sc->thcal_state = 0; 2454 sc->thcal_lctemp = 0; 2455 2456end_run: 2457 ieee80211_free_node(ni); 2458 break; 2459 default: 2460 break; 2461 } 2462 2463 URTWN_UNLOCK(sc); 2464 IEEE80211_LOCK(ic); 2465 return (error != 0 ? error : uvp->newstate(vap, nstate, arg)); 2466} 2467 2468static void 2469urtwn_watchdog(void *arg) 2470{ 2471 struct urtwn_softc *sc = arg; 2472 2473 if (sc->sc_txtimer > 0) { 2474 if (--sc->sc_txtimer == 0) { 2475 device_printf(sc->sc_dev, "device timeout\n"); 2476 counter_u64_add(sc->sc_ic.ic_oerrors, 1); 2477 return; 2478 } 2479 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2480 } 2481} 2482 2483static void 2484urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi) 2485{ 2486 int pwdb; 2487 2488 /* Convert antenna signal to percentage. */ 2489 if (rssi <= -100 || rssi >= 20) 2490 pwdb = 0; 2491 else if (rssi >= 0) 2492 pwdb = 100; 2493 else 2494 pwdb = 100 + rssi; 2495 if (!(sc->chip & URTWN_CHIP_88E)) { 2496 if (rate <= URTWN_RIDX_CCK11) { 2497 /* CCK gain is smaller than OFDM/MCS gain. */ 2498 pwdb += 6; 2499 if (pwdb > 100) 2500 pwdb = 100; 2501 if (pwdb <= 14) 2502 pwdb -= 4; 2503 else if (pwdb <= 26) 2504 pwdb -= 8; 2505 else if (pwdb <= 34) 2506 pwdb -= 6; 2507 else if (pwdb <= 42) 2508 pwdb -= 2; 2509 } 2510 } 2511 if (sc->avg_pwdb == -1) /* Init. */ 2512 sc->avg_pwdb = pwdb; 2513 else if (sc->avg_pwdb < pwdb) 2514 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1; 2515 else 2516 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20); 2517 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: PWDB %d, EMA %d\n", __func__, 2518 pwdb, sc->avg_pwdb); 2519} 2520 2521static int8_t 2522urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2523{ 2524 static const int8_t cckoff[] = { 16, -12, -26, -46 }; 2525 struct r92c_rx_phystat *phy; 2526 struct r92c_rx_cck *cck; 2527 uint8_t rpt; 2528 int8_t rssi; 2529 2530 if (rate <= URTWN_RIDX_CCK11) { 2531 cck = (struct r92c_rx_cck *)physt; 2532 if (sc->sc_flags & URTWN_FLAG_CCK_HIPWR) { 2533 rpt = (cck->agc_rpt >> 5) & 0x3; 2534 rssi = (cck->agc_rpt & 0x1f) << 1; 2535 } else { 2536 rpt = (cck->agc_rpt >> 6) & 0x3; 2537 rssi = cck->agc_rpt & 0x3e; 2538 } 2539 rssi = cckoff[rpt] - rssi; 2540 } else { /* OFDM/HT. */ 2541 phy = (struct r92c_rx_phystat *)physt; 2542 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2543 } 2544 return (rssi); 2545} 2546 2547static int8_t 2548urtwn_r88e_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2549{ 2550 struct r92c_rx_phystat *phy; 2551 struct r88e_rx_cck *cck; 2552 uint8_t cck_agc_rpt, lna_idx, vga_idx; 2553 int8_t rssi; 2554 2555 rssi = 0; 2556 if (rate <= URTWN_RIDX_CCK11) { 2557 cck = (struct r88e_rx_cck *)physt; 2558 cck_agc_rpt = cck->agc_rpt; 2559 lna_idx = (cck_agc_rpt & 0xe0) >> 5; 2560 vga_idx = cck_agc_rpt & 0x1f; 2561 switch (lna_idx) { 2562 case 7: 2563 if (vga_idx <= 27) 2564 rssi = -100 + 2* (27 - vga_idx); 2565 else 2566 rssi = -100; 2567 break; 2568 case 6: 2569 rssi = -48 + 2 * (2 - vga_idx); 2570 break; 2571 case 5: 2572 rssi = -42 + 2 * (7 - vga_idx); 2573 break; 2574 case 4: 2575 rssi = -36 + 2 * (7 - vga_idx); 2576 break; 2577 case 3: 2578 rssi = -24 + 2 * (7 - vga_idx); 2579 break; 2580 case 2: 2581 rssi = -12 + 2 * (5 - vga_idx); 2582 break; 2583 case 1: 2584 rssi = 8 - (2 * vga_idx); 2585 break; 2586 case 0: 2587 rssi = 14 - (2 * vga_idx); 2588 break; 2589 } 2590 rssi += 6; 2591 } else { /* OFDM/HT. */ 2592 phy = (struct r92c_rx_phystat *)physt; 2593 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2594 } 2595 return (rssi); 2596} 2597 2598static __inline uint8_t 2599rate2ridx(uint8_t rate) 2600{ 2601 switch (rate) { 2602 case 12: return 4; 2603 case 18: return 5; 2604 case 24: return 6; 2605 case 36: return 7; 2606 case 48: return 8; 2607 case 72: return 9; 2608 case 96: return 10; 2609 case 108: return 11; 2610 case 2: return 0; 2611 case 4: return 1; 2612 case 11: return 2; 2613 case 22: return 3; 2614 default: return 0; 2615 } 2616} 2617 2618static int 2619urtwn_tx_data(struct urtwn_softc *sc, struct ieee80211_node *ni, 2620 struct mbuf *m, struct urtwn_data *data) 2621{ 2622 const struct ieee80211_txparam *tp; 2623 struct ieee80211com *ic = &sc->sc_ic; 2624 struct ieee80211vap *vap = ni->ni_vap; 2625 struct ieee80211_key *k = NULL; 2626 struct ieee80211_channel *chan; 2627 struct ieee80211_frame *wh; 2628 struct r92c_tx_desc *txd; 2629 uint8_t macid, raid, rate, ridx, subtype, type, tid, qsel; 2630 int hasqos, ismcast; 2631 2632 URTWN_ASSERT_LOCKED(sc); 2633 2634 /* 2635 * Software crypto. 2636 */ 2637 wh = mtod(m, struct ieee80211_frame *); 2638 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2639 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2640 hasqos = IEEE80211_QOS_HAS_SEQ(wh); 2641 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 2642 2643 /* Select TX ring for this frame. */ 2644 if (hasqos) { 2645 tid = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 2646 tid &= IEEE80211_QOS_TID; 2647 } else 2648 tid = 0; 2649 2650 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ? 2651 ni->ni_chan : ic->ic_curchan; 2652 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 2653 2654 /* Choose a TX rate index. */ 2655 if (type == IEEE80211_FC0_TYPE_MGT) 2656 rate = tp->mgmtrate; 2657 else if (ismcast) 2658 rate = tp->mcastrate; 2659 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 2660 rate = tp->ucastrate; 2661 else if (m->m_flags & M_EAPOL) 2662 rate = tp->mgmtrate; 2663 else { 2664 if (URTWN_CHIP_HAS_RATECTL(sc)) { 2665 /* XXX pass pktlen */ 2666 (void) ieee80211_ratectl_rate(ni, NULL, 0); 2667 rate = ni->ni_txrate; 2668 } else { 2669 if (ic->ic_curmode != IEEE80211_MODE_11B) 2670 rate = 108; 2671 else 2672 rate = 22; 2673 } 2674 } 2675 2676 ridx = rate2ridx(rate); 2677 if (ic->ic_curmode != IEEE80211_MODE_11B) 2678 raid = R92C_RAID_11BG; 2679 else 2680 raid = R92C_RAID_11B; 2681 2682 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2683 k = ieee80211_crypto_encap(ni, m); 2684 if (k == NULL) { 2685 device_printf(sc->sc_dev, 2686 "ieee80211_crypto_encap returns NULL.\n"); 2687 return (ENOBUFS); 2688 } 2689 2690 /* in case packet header moved, reset pointer */ 2691 wh = mtod(m, struct ieee80211_frame *); 2692 } 2693 2694 /* Fill Tx descriptor. */ 2695 txd = (struct r92c_tx_desc *)data->buf; 2696 memset(txd, 0, sizeof(*txd)); 2697 2698 txd->txdw0 |= htole32( 2699 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2700 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2701 if (ismcast) 2702 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2703 2704 if (!ismcast) { 2705 if (sc->chip & URTWN_CHIP_88E) { 2706 struct urtwn_node *un = URTWN_NODE(ni); 2707 macid = un->id; 2708 } else 2709 macid = URTWN_MACID_BSS; 2710 2711 if (type == IEEE80211_FC0_TYPE_DATA) { 2712 qsel = tid % URTWN_MAX_TID; 2713 2714 if (sc->chip & URTWN_CHIP_88E) { 2715 txd->txdw2 |= htole32( 2716 R88E_TXDW2_AGGBK | 2717 R88E_TXDW2_CCX_RPT); 2718 } else 2719 txd->txdw1 |= htole32(R92C_TXDW1_AGGBK); 2720 2721 if (ic->ic_flags & IEEE80211_F_USEPROT) { 2722 switch (ic->ic_protmode) { 2723 case IEEE80211_PROT_CTSONLY: 2724 txd->txdw4 |= htole32( 2725 R92C_TXDW4_CTS2SELF | 2726 R92C_TXDW4_HWRTSEN); 2727 break; 2728 case IEEE80211_PROT_RTSCTS: 2729 txd->txdw4 |= htole32( 2730 R92C_TXDW4_RTSEN | 2731 R92C_TXDW4_HWRTSEN); 2732 break; 2733 default: 2734 break; 2735 } 2736 } 2737 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 2738 URTWN_RIDX_OFDM24)); 2739 txd->txdw5 |= htole32(0x0001ff00); 2740 } else /* IEEE80211_FC0_TYPE_MGT */ 2741 qsel = R92C_TXDW1_QSEL_MGNT; 2742 } else { 2743 macid = URTWN_MACID_BC; 2744 qsel = R92C_TXDW1_QSEL_MGNT; 2745 } 2746 2747 txd->txdw1 |= htole32( 2748 SM(R92C_TXDW1_QSEL, qsel) | 2749 SM(R92C_TXDW1_RAID, raid)); 2750 2751 if (sc->chip & URTWN_CHIP_88E) 2752 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, macid)); 2753 else 2754 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, macid)); 2755 2756 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 2757 /* Force this rate if needed. */ 2758 if (URTWN_CHIP_HAS_RATECTL(sc) || ismcast || 2759 (m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA) 2760 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2761 2762 if (!hasqos) { 2763 /* Use HW sequence numbering for non-QoS frames. */ 2764 if (sc->chip & URTWN_CHIP_88E) 2765 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 2766 else 2767 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 2768 } else { 2769 /* Set sequence number. */ 2770 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 2771 } 2772 2773 if (k != NULL && !(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 2774 uint8_t cipher; 2775 2776 switch (k->wk_cipher->ic_cipher) { 2777 case IEEE80211_CIPHER_WEP: 2778 case IEEE80211_CIPHER_TKIP: 2779 cipher = R92C_TXDW1_CIPHER_RC4; 2780 break; 2781 case IEEE80211_CIPHER_AES_CCM: 2782 cipher = R92C_TXDW1_CIPHER_AES; 2783 break; 2784 default: 2785 device_printf(sc->sc_dev, "%s: unknown cipher %d\n", 2786 __func__, k->wk_cipher->ic_cipher); 2787 return (EINVAL); 2788 } 2789 2790 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher)); 2791 } 2792 2793 if (ieee80211_radiotap_active_vap(vap)) { 2794 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 2795 2796 tap->wt_flags = 0; 2797 if (k != NULL) 2798 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2799 ieee80211_radiotap_tx(vap, m); 2800 } 2801 2802 data->ni = ni; 2803 2804 urtwn_tx_start(sc, m, type, data); 2805 2806 return (0); 2807} 2808 2809static int 2810urtwn_tx_raw(struct urtwn_softc *sc, struct ieee80211_node *ni, 2811 struct mbuf *m, struct urtwn_data *data, 2812 const struct ieee80211_bpf_params *params) 2813{ 2814 struct ieee80211vap *vap = ni->ni_vap; 2815 struct ieee80211_key *k = NULL; 2816 struct ieee80211_frame *wh; 2817 struct r92c_tx_desc *txd; 2818 uint8_t cipher, ridx, type; 2819 2820 /* Encrypt the frame if need be. */ 2821 cipher = R92C_TXDW1_CIPHER_NONE; 2822 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) { 2823 /* Retrieve key for TX. */ 2824 k = ieee80211_crypto_encap(ni, m); 2825 if (k == NULL) 2826 return (ENOBUFS); 2827 2828 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 2829 switch (k->wk_cipher->ic_cipher) { 2830 case IEEE80211_CIPHER_WEP: 2831 case IEEE80211_CIPHER_TKIP: 2832 cipher = R92C_TXDW1_CIPHER_RC4; 2833 break; 2834 case IEEE80211_CIPHER_AES_CCM: 2835 cipher = R92C_TXDW1_CIPHER_AES; 2836 break; 2837 default: 2838 device_printf(sc->sc_dev, 2839 "%s: unknown cipher %d\n", 2840 __func__, k->wk_cipher->ic_cipher); 2841 return (EINVAL); 2842 } 2843 } 2844 } 2845 2846 wh = mtod(m, struct ieee80211_frame *); 2847 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2848 2849 /* Fill Tx descriptor. */ 2850 txd = (struct r92c_tx_desc *)data->buf; 2851 memset(txd, 0, sizeof(*txd)); 2852 2853 txd->txdw0 |= htole32( 2854 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2855 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2856 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 2857 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2858 2859 if (params->ibp_flags & IEEE80211_BPF_RTS) 2860 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN); 2861 if (params->ibp_flags & IEEE80211_BPF_CTS) 2862 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF); 2863 if (txd->txdw4 & htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_CTS2SELF)) { 2864 txd->txdw4 |= htole32(R92C_TXDW4_HWRTSEN); 2865 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 2866 URTWN_RIDX_OFDM24)); 2867 } 2868 2869 if (sc->chip & URTWN_CHIP_88E) 2870 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 2871 else 2872 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 2873 2874 txd->txdw1 |= htole32(SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT)); 2875 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher)); 2876 2877 /* Choose a TX rate index. */ 2878 ridx = rate2ridx(params->ibp_rate0); 2879 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 2880 txd->txdw5 |= htole32(0x0001ff00); 2881 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2882 2883 if (!IEEE80211_QOS_HAS_SEQ(wh)) { 2884 /* Use HW sequence numbering for non-QoS frames. */ 2885 if (sc->chip & URTWN_CHIP_88E) 2886 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 2887 else 2888 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 2889 } else { 2890 /* Set sequence number. */ 2891 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 2892 } 2893 2894 if (ieee80211_radiotap_active_vap(vap)) { 2895 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 2896 2897 tap->wt_flags = 0; 2898 if (k != NULL) 2899 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2900 ieee80211_radiotap_tx(vap, m); 2901 } 2902 2903 data->ni = ni; 2904 2905 urtwn_tx_start(sc, m, type, data); 2906 2907 return (0); 2908} 2909 2910static void 2911urtwn_tx_start(struct urtwn_softc *sc, struct mbuf *m, uint8_t type, 2912 struct urtwn_data *data) 2913{ 2914 struct usb_xfer *xfer; 2915 struct r92c_tx_desc *txd; 2916 uint16_t ac, sum; 2917 int i, xferlen; 2918 2919 URTWN_ASSERT_LOCKED(sc); 2920 2921 ac = M_WME_GETAC(m); 2922 2923 switch (type) { 2924 case IEEE80211_FC0_TYPE_CTL: 2925 case IEEE80211_FC0_TYPE_MGT: 2926 xfer = sc->sc_xfer[URTWN_BULK_TX_VO]; 2927 break; 2928 default: 2929 xfer = sc->sc_xfer[wme2queue[ac].qid]; 2930 break; 2931 } 2932 2933 txd = (struct r92c_tx_desc *)data->buf; 2934 txd->txdw0 |= htole32(SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len)); 2935 2936 /* Compute Tx descriptor checksum. */ 2937 sum = 0; 2938 for (i = 0; i < sizeof(*txd) / 2; i++) 2939 sum ^= ((uint16_t *)txd)[i]; 2940 txd->txdsum = sum; /* NB: already little endian. */ 2941 2942 xferlen = sizeof(*txd) + m->m_pkthdr.len; 2943 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&txd[1]); 2944 2945 data->buflen = xferlen; 2946 data->m = m; 2947 2948 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 2949 usbd_transfer_start(xfer); 2950} 2951 2952static int 2953urtwn_transmit(struct ieee80211com *ic, struct mbuf *m) 2954{ 2955 struct urtwn_softc *sc = ic->ic_softc; 2956 int error; 2957 2958 URTWN_LOCK(sc); 2959 if ((sc->sc_flags & URTWN_RUNNING) == 0) { 2960 URTWN_UNLOCK(sc); 2961 return (ENXIO); 2962 } 2963 error = mbufq_enqueue(&sc->sc_snd, m); 2964 if (error) { 2965 URTWN_UNLOCK(sc); 2966 return (error); 2967 } 2968 urtwn_start(sc); 2969 URTWN_UNLOCK(sc); 2970 2971 return (0); 2972} 2973 2974static void 2975urtwn_start(struct urtwn_softc *sc) 2976{ 2977 struct ieee80211_node *ni; 2978 struct mbuf *m; 2979 struct urtwn_data *bf; 2980 2981 URTWN_ASSERT_LOCKED(sc); 2982 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 2983 bf = urtwn_getbuf(sc); 2984 if (bf == NULL) { 2985 mbufq_prepend(&sc->sc_snd, m); 2986 break; 2987 } 2988 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 2989 m->m_pkthdr.rcvif = NULL; 2990 if (urtwn_tx_data(sc, ni, m, bf) != 0) { 2991 if_inc_counter(ni->ni_vap->iv_ifp, 2992 IFCOUNTER_OERRORS, 1); 2993 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 2994 m_freem(m); 2995 ieee80211_free_node(ni); 2996 break; 2997 } 2998 sc->sc_txtimer = 5; 2999 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 3000 } 3001} 3002 3003static void 3004urtwn_parent(struct ieee80211com *ic) 3005{ 3006 struct urtwn_softc *sc = ic->ic_softc; 3007 3008 URTWN_LOCK(sc); 3009 if (sc->sc_flags & URTWN_DETACHED) { 3010 URTWN_UNLOCK(sc); 3011 return; 3012 } 3013 URTWN_UNLOCK(sc); 3014 3015 if (ic->ic_nrunning > 0) { 3016 if (urtwn_init(sc) != 0) { 3017 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3018 if (vap != NULL) 3019 ieee80211_stop(vap); 3020 } else 3021 ieee80211_start_all(ic); 3022 } else 3023 urtwn_stop(sc); 3024} 3025 3026static __inline int 3027urtwn_power_on(struct urtwn_softc *sc) 3028{ 3029 3030 return sc->sc_power_on(sc); 3031} 3032 3033static int 3034urtwn_r92c_power_on(struct urtwn_softc *sc) 3035{ 3036 uint32_t reg; 3037 usb_error_t error; 3038 int ntries; 3039 3040 /* Wait for autoload done bit. */ 3041 for (ntries = 0; ntries < 1000; ntries++) { 3042 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN) 3043 break; 3044 urtwn_ms_delay(sc); 3045 } 3046 if (ntries == 1000) { 3047 device_printf(sc->sc_dev, 3048 "timeout waiting for chip autoload\n"); 3049 return (ETIMEDOUT); 3050 } 3051 3052 /* Unlock ISO/CLK/Power control register. */ 3053 error = urtwn_write_1(sc, R92C_RSV_CTRL, 0); 3054 if (error != USB_ERR_NORMAL_COMPLETION) 3055 return (EIO); 3056 /* Move SPS into PWM mode. */ 3057 error = urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b); 3058 if (error != USB_ERR_NORMAL_COMPLETION) 3059 return (EIO); 3060 urtwn_ms_delay(sc); 3061 3062 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL); 3063 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) { 3064 error = urtwn_write_1(sc, R92C_LDOV12D_CTRL, 3065 reg | R92C_LDOV12D_CTRL_LDV12_EN); 3066 if (error != USB_ERR_NORMAL_COMPLETION) 3067 return (EIO); 3068 urtwn_ms_delay(sc); 3069 error = urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 3070 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) & 3071 ~R92C_SYS_ISO_CTRL_MD2PP); 3072 if (error != USB_ERR_NORMAL_COMPLETION) 3073 return (EIO); 3074 } 3075 3076 /* Auto enable WLAN. */ 3077 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3078 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 3079 if (error != USB_ERR_NORMAL_COMPLETION) 3080 return (EIO); 3081 for (ntries = 0; ntries < 1000; ntries++) { 3082 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 3083 R92C_APS_FSMCO_APFM_ONMAC)) 3084 break; 3085 urtwn_ms_delay(sc); 3086 } 3087 if (ntries == 1000) { 3088 device_printf(sc->sc_dev, 3089 "timeout waiting for MAC auto ON\n"); 3090 return (ETIMEDOUT); 3091 } 3092 3093 /* Enable radio, GPIO and LED functions. */ 3094 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3095 R92C_APS_FSMCO_AFSM_HSUS | 3096 R92C_APS_FSMCO_PDN_EN | 3097 R92C_APS_FSMCO_PFM_ALDN); 3098 if (error != USB_ERR_NORMAL_COMPLETION) 3099 return (EIO); 3100 /* Release RF digital isolation. */ 3101 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 3102 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR); 3103 if (error != USB_ERR_NORMAL_COMPLETION) 3104 return (EIO); 3105 3106 /* Initialize MAC. */ 3107 error = urtwn_write_1(sc, R92C_APSD_CTRL, 3108 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF); 3109 if (error != USB_ERR_NORMAL_COMPLETION) 3110 return (EIO); 3111 for (ntries = 0; ntries < 200; ntries++) { 3112 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) & 3113 R92C_APSD_CTRL_OFF_STATUS)) 3114 break; 3115 urtwn_ms_delay(sc); 3116 } 3117 if (ntries == 200) { 3118 device_printf(sc->sc_dev, 3119 "timeout waiting for MAC initialization\n"); 3120 return (ETIMEDOUT); 3121 } 3122 3123 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 3124 reg = urtwn_read_2(sc, R92C_CR); 3125 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3126 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 3127 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN | 3128 R92C_CR_ENSEC; 3129 error = urtwn_write_2(sc, R92C_CR, reg); 3130 if (error != USB_ERR_NORMAL_COMPLETION) 3131 return (EIO); 3132 3133 error = urtwn_write_1(sc, 0xfe10, 0x19); 3134 if (error != USB_ERR_NORMAL_COMPLETION) 3135 return (EIO); 3136 return (0); 3137} 3138 3139static int 3140urtwn_r88e_power_on(struct urtwn_softc *sc) 3141{ 3142 uint32_t reg; 3143 usb_error_t error; 3144 int ntries; 3145 3146 /* Wait for power ready bit. */ 3147 for (ntries = 0; ntries < 5000; ntries++) { 3148 if (urtwn_read_4(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_SUS_HOST) 3149 break; 3150 urtwn_ms_delay(sc); 3151 } 3152 if (ntries == 5000) { 3153 device_printf(sc->sc_dev, 3154 "timeout waiting for chip power up\n"); 3155 return (ETIMEDOUT); 3156 } 3157 3158 /* Reset BB. */ 3159 error = urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3160 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~(R92C_SYS_FUNC_EN_BBRSTB | 3161 R92C_SYS_FUNC_EN_BB_GLB_RST)); 3162 if (error != USB_ERR_NORMAL_COMPLETION) 3163 return (EIO); 3164 3165 error = urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2, 3166 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80); 3167 if (error != USB_ERR_NORMAL_COMPLETION) 3168 return (EIO); 3169 3170 /* Disable HWPDN. */ 3171 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3172 urtwn_read_2(sc, R92C_APS_FSMCO) & ~R92C_APS_FSMCO_APDM_HPDN); 3173 if (error != USB_ERR_NORMAL_COMPLETION) 3174 return (EIO); 3175 3176 /* Disable WL suspend. */ 3177 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3178 urtwn_read_2(sc, R92C_APS_FSMCO) & 3179 ~(R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_AFSM_PCIE)); 3180 if (error != USB_ERR_NORMAL_COMPLETION) 3181 return (EIO); 3182 3183 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3184 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 3185 if (error != USB_ERR_NORMAL_COMPLETION) 3186 return (EIO); 3187 for (ntries = 0; ntries < 5000; ntries++) { 3188 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 3189 R92C_APS_FSMCO_APFM_ONMAC)) 3190 break; 3191 urtwn_ms_delay(sc); 3192 } 3193 if (ntries == 5000) 3194 return (ETIMEDOUT); 3195 3196 /* Enable LDO normal mode. */ 3197 error = urtwn_write_1(sc, R92C_LPLDO_CTRL, 3198 urtwn_read_1(sc, R92C_LPLDO_CTRL) & ~0x10); 3199 if (error != USB_ERR_NORMAL_COMPLETION) 3200 return (EIO); 3201 3202 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 3203 error = urtwn_write_2(sc, R92C_CR, 0); 3204 if (error != USB_ERR_NORMAL_COMPLETION) 3205 return (EIO); 3206 reg = urtwn_read_2(sc, R92C_CR); 3207 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3208 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 3209 R92C_CR_SCHEDULE_EN | R92C_CR_ENSEC | R92C_CR_CALTMR_EN; 3210 error = urtwn_write_2(sc, R92C_CR, reg); 3211 if (error != USB_ERR_NORMAL_COMPLETION) 3212 return (EIO); 3213 3214 return (0); 3215} 3216 3217static int 3218urtwn_llt_init(struct urtwn_softc *sc) 3219{ 3220 int i, error, page_count, pktbuf_count; 3221 3222 page_count = (sc->chip & URTWN_CHIP_88E) ? 3223 R88E_TX_PAGE_COUNT : R92C_TX_PAGE_COUNT; 3224 pktbuf_count = (sc->chip & URTWN_CHIP_88E) ? 3225 R88E_TXPKTBUF_COUNT : R92C_TXPKTBUF_COUNT; 3226 3227 /* Reserve pages [0; page_count]. */ 3228 for (i = 0; i < page_count; i++) { 3229 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 3230 return (error); 3231 } 3232 /* NB: 0xff indicates end-of-list. */ 3233 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0) 3234 return (error); 3235 /* 3236 * Use pages [page_count + 1; pktbuf_count - 1] 3237 * as ring buffer. 3238 */ 3239 for (++i; i < pktbuf_count - 1; i++) { 3240 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 3241 return (error); 3242 } 3243 /* Make the last page point to the beginning of the ring buffer. */ 3244 error = urtwn_llt_write(sc, i, page_count + 1); 3245 return (error); 3246} 3247 3248static void 3249urtwn_fw_reset(struct urtwn_softc *sc) 3250{ 3251 uint16_t reg; 3252 int ntries; 3253 3254 /* Tell 8051 to reset itself. */ 3255 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20); 3256 3257 /* Wait until 8051 resets by itself. */ 3258 for (ntries = 0; ntries < 100; ntries++) { 3259 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 3260 if (!(reg & R92C_SYS_FUNC_EN_CPUEN)) 3261 return; 3262 urtwn_ms_delay(sc); 3263 } 3264 /* Force 8051 reset. */ 3265 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 3266} 3267 3268static void 3269urtwn_r88e_fw_reset(struct urtwn_softc *sc) 3270{ 3271 uint16_t reg; 3272 3273 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 3274 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 3275 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg | R92C_SYS_FUNC_EN_CPUEN); 3276} 3277 3278static int 3279urtwn_fw_loadpage(struct urtwn_softc *sc, int page, const uint8_t *buf, int len) 3280{ 3281 uint32_t reg; 3282 usb_error_t error = USB_ERR_NORMAL_COMPLETION; 3283 int off, mlen; 3284 3285 reg = urtwn_read_4(sc, R92C_MCUFWDL); 3286 reg = RW(reg, R92C_MCUFWDL_PAGE, page); 3287 urtwn_write_4(sc, R92C_MCUFWDL, reg); 3288 3289 off = R92C_FW_START_ADDR; 3290 while (len > 0) { 3291 if (len > 196) 3292 mlen = 196; 3293 else if (len > 4) 3294 mlen = 4; 3295 else 3296 mlen = 1; 3297 /* XXX fix this deconst */ 3298 error = urtwn_write_region_1(sc, off, 3299 __DECONST(uint8_t *, buf), mlen); 3300 if (error != USB_ERR_NORMAL_COMPLETION) 3301 break; 3302 off += mlen; 3303 buf += mlen; 3304 len -= mlen; 3305 } 3306 return (error); 3307} 3308 3309static int 3310urtwn_load_firmware(struct urtwn_softc *sc) 3311{ 3312 const struct firmware *fw; 3313 const struct r92c_fw_hdr *hdr; 3314 const char *imagename; 3315 const u_char *ptr; 3316 size_t len; 3317 uint32_t reg; 3318 int mlen, ntries, page, error; 3319 3320 URTWN_UNLOCK(sc); 3321 /* Read firmware image from the filesystem. */ 3322 if (sc->chip & URTWN_CHIP_88E) 3323 imagename = "urtwn-rtl8188eufw"; 3324 else if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3325 URTWN_CHIP_UMC_A_CUT) 3326 imagename = "urtwn-rtl8192cfwU"; 3327 else 3328 imagename = "urtwn-rtl8192cfwT"; 3329 3330 fw = firmware_get(imagename); 3331 URTWN_LOCK(sc); 3332 if (fw == NULL) { 3333 device_printf(sc->sc_dev, 3334 "failed loadfirmware of file %s\n", imagename); 3335 return (ENOENT); 3336 } 3337 3338 len = fw->datasize; 3339 3340 if (len < sizeof(*hdr)) { 3341 device_printf(sc->sc_dev, "firmware too short\n"); 3342 error = EINVAL; 3343 goto fail; 3344 } 3345 ptr = fw->data; 3346 hdr = (const struct r92c_fw_hdr *)ptr; 3347 /* Check if there is a valid FW header and skip it. */ 3348 if ((le16toh(hdr->signature) >> 4) == 0x88c || 3349 (le16toh(hdr->signature) >> 4) == 0x88e || 3350 (le16toh(hdr->signature) >> 4) == 0x92c) { 3351 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, 3352 "FW V%d.%d %02d-%02d %02d:%02d\n", 3353 le16toh(hdr->version), le16toh(hdr->subversion), 3354 hdr->month, hdr->date, hdr->hour, hdr->minute); 3355 ptr += sizeof(*hdr); 3356 len -= sizeof(*hdr); 3357 } 3358 3359 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RAM_DL_SEL) { 3360 if (sc->chip & URTWN_CHIP_88E) 3361 urtwn_r88e_fw_reset(sc); 3362 else 3363 urtwn_fw_reset(sc); 3364 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3365 } 3366 3367 if (!(sc->chip & URTWN_CHIP_88E)) { 3368 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 3369 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 3370 R92C_SYS_FUNC_EN_CPUEN); 3371 } 3372 urtwn_write_1(sc, R92C_MCUFWDL, 3373 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN); 3374 urtwn_write_1(sc, R92C_MCUFWDL + 2, 3375 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08); 3376 3377 /* Reset the FWDL checksum. */ 3378 urtwn_write_1(sc, R92C_MCUFWDL, 3379 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_CHKSUM_RPT); 3380 3381 for (page = 0; len > 0; page++) { 3382 mlen = min(len, R92C_FW_PAGE_SIZE); 3383 error = urtwn_fw_loadpage(sc, page, ptr, mlen); 3384 if (error != 0) { 3385 device_printf(sc->sc_dev, 3386 "could not load firmware page\n"); 3387 goto fail; 3388 } 3389 ptr += mlen; 3390 len -= mlen; 3391 } 3392 urtwn_write_1(sc, R92C_MCUFWDL, 3393 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN); 3394 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0); 3395 3396 /* Wait for checksum report. */ 3397 for (ntries = 0; ntries < 1000; ntries++) { 3398 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT) 3399 break; 3400 urtwn_ms_delay(sc); 3401 } 3402 if (ntries == 1000) { 3403 device_printf(sc->sc_dev, 3404 "timeout waiting for checksum report\n"); 3405 error = ETIMEDOUT; 3406 goto fail; 3407 } 3408 3409 reg = urtwn_read_4(sc, R92C_MCUFWDL); 3410 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY; 3411 urtwn_write_4(sc, R92C_MCUFWDL, reg); 3412 if (sc->chip & URTWN_CHIP_88E) 3413 urtwn_r88e_fw_reset(sc); 3414 /* Wait for firmware readiness. */ 3415 for (ntries = 0; ntries < 1000; ntries++) { 3416 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY) 3417 break; 3418 urtwn_ms_delay(sc); 3419 } 3420 if (ntries == 1000) { 3421 device_printf(sc->sc_dev, 3422 "timeout waiting for firmware readiness\n"); 3423 error = ETIMEDOUT; 3424 goto fail; 3425 } 3426fail: 3427 firmware_put(fw, FIRMWARE_UNLOAD); 3428 return (error); 3429} 3430 3431static int 3432urtwn_dma_init(struct urtwn_softc *sc) 3433{ 3434 struct usb_endpoint *ep, *ep_end; 3435 usb_error_t usb_err; 3436 uint32_t reg; 3437 int hashq, hasnq, haslq, nqueues, ntx; 3438 int error, pagecount, npubqpages, nqpages, nrempages, tx_boundary; 3439 3440 /* Initialize LLT table. */ 3441 error = urtwn_llt_init(sc); 3442 if (error != 0) 3443 return (error); 3444 3445 /* Determine the number of bulk-out pipes. */ 3446 ntx = 0; 3447 ep = sc->sc_udev->endpoints; 3448 ep_end = sc->sc_udev->endpoints + sc->sc_udev->endpoints_max; 3449 for (; ep != ep_end; ep++) { 3450 if ((ep->edesc == NULL) || 3451 (ep->iface_index != sc->sc_iface_index)) 3452 continue; 3453 if (UE_GET_DIR(ep->edesc->bEndpointAddress) == UE_DIR_OUT) 3454 ntx++; 3455 } 3456 if (ntx == 0) { 3457 device_printf(sc->sc_dev, 3458 "%d: invalid number of Tx bulk pipes\n", ntx); 3459 return (EIO); 3460 } 3461 3462 /* Get Tx queues to USB endpoints mapping. */ 3463 hashq = hasnq = haslq = nqueues = 0; 3464 switch (ntx) { 3465 case 1: hashq = 1; break; 3466 case 2: hashq = hasnq = 1; break; 3467 case 3: case 4: hashq = hasnq = haslq = 1; break; 3468 } 3469 nqueues = hashq + hasnq + haslq; 3470 if (nqueues == 0) 3471 return (EIO); 3472 3473 npubqpages = nqpages = nrempages = pagecount = 0; 3474 if (sc->chip & URTWN_CHIP_88E) 3475 tx_boundary = R88E_TX_PAGE_BOUNDARY; 3476 else { 3477 pagecount = R92C_TX_PAGE_COUNT; 3478 npubqpages = R92C_PUBQ_NPAGES; 3479 tx_boundary = R92C_TX_PAGE_BOUNDARY; 3480 } 3481 3482 /* Set number of pages for normal priority queue. */ 3483 if (sc->chip & URTWN_CHIP_88E) { 3484 usb_err = urtwn_write_2(sc, R92C_RQPN_NPQ, 0xd); 3485 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3486 return (EIO); 3487 usb_err = urtwn_write_4(sc, R92C_RQPN, 0x808e000d); 3488 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3489 return (EIO); 3490 } else { 3491 /* Get the number of pages for each queue. */ 3492 nqpages = (pagecount - npubqpages) / nqueues; 3493 /* 3494 * The remaining pages are assigned to the high priority 3495 * queue. 3496 */ 3497 nrempages = (pagecount - npubqpages) % nqueues; 3498 usb_err = urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0); 3499 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3500 return (EIO); 3501 usb_err = urtwn_write_4(sc, R92C_RQPN, 3502 /* Set number of pages for public queue. */ 3503 SM(R92C_RQPN_PUBQ, npubqpages) | 3504 /* Set number of pages for high priority queue. */ 3505 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) | 3506 /* Set number of pages for low priority queue. */ 3507 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) | 3508 /* Load values. */ 3509 R92C_RQPN_LD); 3510 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3511 return (EIO); 3512 } 3513 3514 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary); 3515 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3516 return (EIO); 3517 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary); 3518 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3519 return (EIO); 3520 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary); 3521 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3522 return (EIO); 3523 usb_err = urtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary); 3524 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3525 return (EIO); 3526 usb_err = urtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary); 3527 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3528 return (EIO); 3529 3530 /* Set queue to USB pipe mapping. */ 3531 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL); 3532 reg &= ~R92C_TRXDMA_CTRL_QMAP_M; 3533 if (nqueues == 1) { 3534 if (hashq) 3535 reg |= R92C_TRXDMA_CTRL_QMAP_HQ; 3536 else if (hasnq) 3537 reg |= R92C_TRXDMA_CTRL_QMAP_NQ; 3538 else 3539 reg |= R92C_TRXDMA_CTRL_QMAP_LQ; 3540 } else if (nqueues == 2) { 3541 /* 3542 * All 2-endpoints configs have high and normal 3543 * priority queues. 3544 */ 3545 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ; 3546 } else 3547 reg |= R92C_TRXDMA_CTRL_QMAP_3EP; 3548 usb_err = urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg); 3549 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3550 return (EIO); 3551 3552 /* Set Tx/Rx transfer page boundary. */ 3553 usb_err = urtwn_write_2(sc, R92C_TRXFF_BNDY + 2, 3554 (sc->chip & URTWN_CHIP_88E) ? 0x23ff : 0x27ff); 3555 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3556 return (EIO); 3557 3558 /* Set Tx/Rx transfer page size. */ 3559 usb_err = urtwn_write_1(sc, R92C_PBP, 3560 SM(R92C_PBP_PSRX, R92C_PBP_128) | 3561 SM(R92C_PBP_PSTX, R92C_PBP_128)); 3562 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3563 return (EIO); 3564 3565 return (0); 3566} 3567 3568static int 3569urtwn_mac_init(struct urtwn_softc *sc) 3570{ 3571 usb_error_t error; 3572 int i; 3573 3574 /* Write MAC initialization values. */ 3575 if (sc->chip & URTWN_CHIP_88E) { 3576 for (i = 0; i < nitems(rtl8188eu_mac); i++) { 3577 error = urtwn_write_1(sc, rtl8188eu_mac[i].reg, 3578 rtl8188eu_mac[i].val); 3579 if (error != USB_ERR_NORMAL_COMPLETION) 3580 return (EIO); 3581 } 3582 urtwn_write_1(sc, R92C_MAX_AGGR_NUM, 0x07); 3583 } else { 3584 for (i = 0; i < nitems(rtl8192cu_mac); i++) 3585 error = urtwn_write_1(sc, rtl8192cu_mac[i].reg, 3586 rtl8192cu_mac[i].val); 3587 if (error != USB_ERR_NORMAL_COMPLETION) 3588 return (EIO); 3589 } 3590 3591 return (0); 3592} 3593 3594static void 3595urtwn_bb_init(struct urtwn_softc *sc) 3596{ 3597 const struct urtwn_bb_prog *prog; 3598 uint32_t reg; 3599 uint8_t crystalcap; 3600 int i; 3601 3602 /* Enable BB and RF. */ 3603 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 3604 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 3605 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST | 3606 R92C_SYS_FUNC_EN_DIO_RF); 3607 3608 if (!(sc->chip & URTWN_CHIP_88E)) 3609 urtwn_write_2(sc, R92C_AFE_PLL_CTRL, 0xdb83); 3610 3611 urtwn_write_1(sc, R92C_RF_CTRL, 3612 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB); 3613 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3614 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD | 3615 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB); 3616 3617 if (!(sc->chip & URTWN_CHIP_88E)) { 3618 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f); 3619 urtwn_write_1(sc, 0x15, 0xe9); 3620 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80); 3621 } 3622 3623 /* Select BB programming based on board type. */ 3624 if (sc->chip & URTWN_CHIP_88E) 3625 prog = &rtl8188eu_bb_prog; 3626 else if (!(sc->chip & URTWN_CHIP_92C)) { 3627 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3628 prog = &rtl8188ce_bb_prog; 3629 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3630 prog = &rtl8188ru_bb_prog; 3631 else 3632 prog = &rtl8188cu_bb_prog; 3633 } else { 3634 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3635 prog = &rtl8192ce_bb_prog; 3636 else 3637 prog = &rtl8192cu_bb_prog; 3638 } 3639 /* Write BB initialization values. */ 3640 for (i = 0; i < prog->count; i++) { 3641 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]); 3642 urtwn_ms_delay(sc); 3643 } 3644 3645 if (sc->chip & URTWN_CHIP_92C_1T2R) { 3646 /* 8192C 1T only configuration. */ 3647 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO); 3648 reg = (reg & ~0x00000003) | 0x2; 3649 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg); 3650 3651 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO); 3652 reg = (reg & ~0x00300033) | 0x00200022; 3653 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg); 3654 3655 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING); 3656 reg = (reg & ~0xff000000) | 0x45 << 24; 3657 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg); 3658 3659 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA); 3660 reg = (reg & ~0x000000ff) | 0x23; 3661 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg); 3662 3663 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1); 3664 reg = (reg & ~0x00000030) | 1 << 4; 3665 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg); 3666 3667 reg = urtwn_bb_read(sc, 0xe74); 3668 reg = (reg & ~0x0c000000) | 2 << 26; 3669 urtwn_bb_write(sc, 0xe74, reg); 3670 reg = urtwn_bb_read(sc, 0xe78); 3671 reg = (reg & ~0x0c000000) | 2 << 26; 3672 urtwn_bb_write(sc, 0xe78, reg); 3673 reg = urtwn_bb_read(sc, 0xe7c); 3674 reg = (reg & ~0x0c000000) | 2 << 26; 3675 urtwn_bb_write(sc, 0xe7c, reg); 3676 reg = urtwn_bb_read(sc, 0xe80); 3677 reg = (reg & ~0x0c000000) | 2 << 26; 3678 urtwn_bb_write(sc, 0xe80, reg); 3679 reg = urtwn_bb_read(sc, 0xe88); 3680 reg = (reg & ~0x0c000000) | 2 << 26; 3681 urtwn_bb_write(sc, 0xe88, reg); 3682 } 3683 3684 /* Write AGC values. */ 3685 for (i = 0; i < prog->agccount; i++) { 3686 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE, 3687 prog->agcvals[i]); 3688 urtwn_ms_delay(sc); 3689 } 3690 3691 if (sc->chip & URTWN_CHIP_88E) { 3692 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553422); 3693 urtwn_ms_delay(sc); 3694 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553420); 3695 urtwn_ms_delay(sc); 3696 3697 crystalcap = sc->rom.r88e_rom.crystalcap; 3698 if (crystalcap == 0xff) 3699 crystalcap = 0x20; 3700 crystalcap &= 0x3f; 3701 reg = urtwn_bb_read(sc, R92C_AFE_XTAL_CTRL); 3702 urtwn_bb_write(sc, R92C_AFE_XTAL_CTRL, 3703 RW(reg, R92C_AFE_XTAL_CTRL_ADDR, 3704 crystalcap | crystalcap << 6)); 3705 } else { 3706 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) & 3707 R92C_HSSI_PARAM2_CCK_HIPWR) 3708 sc->sc_flags |= URTWN_FLAG_CCK_HIPWR; 3709 } 3710} 3711 3712static void 3713urtwn_rf_init(struct urtwn_softc *sc) 3714{ 3715 const struct urtwn_rf_prog *prog; 3716 uint32_t reg, type; 3717 int i, j, idx, off; 3718 3719 /* Select RF programming based on board type. */ 3720 if (sc->chip & URTWN_CHIP_88E) 3721 prog = rtl8188eu_rf_prog; 3722 else if (!(sc->chip & URTWN_CHIP_92C)) { 3723 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3724 prog = rtl8188ce_rf_prog; 3725 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3726 prog = rtl8188ru_rf_prog; 3727 else 3728 prog = rtl8188cu_rf_prog; 3729 } else 3730 prog = rtl8192ce_rf_prog; 3731 3732 for (i = 0; i < sc->nrxchains; i++) { 3733 /* Save RF_ENV control type. */ 3734 idx = i / 2; 3735 off = (i % 2) * 16; 3736 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 3737 type = (reg >> off) & 0x10; 3738 3739 /* Set RF_ENV enable. */ 3740 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3741 reg |= 0x100000; 3742 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3743 urtwn_ms_delay(sc); 3744 /* Set RF_ENV output high. */ 3745 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3746 reg |= 0x10; 3747 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3748 urtwn_ms_delay(sc); 3749 /* Set address and data lengths of RF registers. */ 3750 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3751 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH; 3752 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3753 urtwn_ms_delay(sc); 3754 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3755 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH; 3756 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3757 urtwn_ms_delay(sc); 3758 3759 /* Write RF initialization values for this chain. */ 3760 for (j = 0; j < prog[i].count; j++) { 3761 if (prog[i].regs[j] >= 0xf9 && 3762 prog[i].regs[j] <= 0xfe) { 3763 /* 3764 * These are fake RF registers offsets that 3765 * indicate a delay is required. 3766 */ 3767 usb_pause_mtx(&sc->sc_mtx, hz / 20); /* 50ms */ 3768 continue; 3769 } 3770 urtwn_rf_write(sc, i, prog[i].regs[j], 3771 prog[i].vals[j]); 3772 urtwn_ms_delay(sc); 3773 } 3774 3775 /* Restore RF_ENV control type. */ 3776 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 3777 reg &= ~(0x10 << off) | (type << off); 3778 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg); 3779 3780 /* Cache RF register CHNLBW. */ 3781 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW); 3782 } 3783 3784 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3785 URTWN_CHIP_UMC_A_CUT) { 3786 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255); 3787 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00); 3788 } 3789} 3790 3791static void 3792urtwn_cam_init(struct urtwn_softc *sc) 3793{ 3794 /* Invalidate all CAM entries. */ 3795 urtwn_write_4(sc, R92C_CAMCMD, 3796 R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR); 3797} 3798 3799static int 3800urtwn_cam_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 3801{ 3802 usb_error_t error; 3803 3804 error = urtwn_write_4(sc, R92C_CAMWRITE, data); 3805 if (error != USB_ERR_NORMAL_COMPLETION) 3806 return (EIO); 3807 error = urtwn_write_4(sc, R92C_CAMCMD, 3808 R92C_CAMCMD_POLLING | R92C_CAMCMD_WRITE | 3809 SM(R92C_CAMCMD_ADDR, addr)); 3810 if (error != USB_ERR_NORMAL_COMPLETION) 3811 return (EIO); 3812 3813 return (0); 3814} 3815 3816static void 3817urtwn_pa_bias_init(struct urtwn_softc *sc) 3818{ 3819 uint8_t reg; 3820 int i; 3821 3822 for (i = 0; i < sc->nrxchains; i++) { 3823 if (sc->pa_setting & (1 << i)) 3824 continue; 3825 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406); 3826 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406); 3827 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406); 3828 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406); 3829 } 3830 if (!(sc->pa_setting & 0x10)) { 3831 reg = urtwn_read_1(sc, 0x16); 3832 reg = (reg & ~0xf0) | 0x90; 3833 urtwn_write_1(sc, 0x16, reg); 3834 } 3835} 3836 3837static void 3838urtwn_rxfilter_init(struct urtwn_softc *sc) 3839{ 3840 struct ieee80211com *ic = &sc->sc_ic; 3841 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3842 uint32_t rcr; 3843 uint16_t filter; 3844 3845 URTWN_ASSERT_LOCKED(sc); 3846 3847 /* Accept all multicast frames. */ 3848 urtwn_write_4(sc, R92C_MAR + 0, 0xffffffff); 3849 urtwn_write_4(sc, R92C_MAR + 4, 0xffffffff); 3850 3851 /* Filter for management frames. */ 3852 filter = 0x7f3f; 3853 switch (vap->iv_opmode) { 3854 case IEEE80211_M_STA: 3855 filter &= ~( 3856 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_REQ) | 3857 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_REQ) | 3858 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_PROBE_REQ)); 3859 break; 3860 case IEEE80211_M_HOSTAP: 3861 filter &= ~( 3862 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_RESP) | 3863 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_RESP) | 3864 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_BEACON)); 3865 break; 3866 case IEEE80211_M_MONITOR: 3867 case IEEE80211_M_IBSS: 3868 break; 3869 default: 3870 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 3871 __func__, vap->iv_opmode); 3872 break; 3873 } 3874 urtwn_write_2(sc, R92C_RXFLTMAP0, filter); 3875 3876 /* Reject all control frames. */ 3877 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000); 3878 3879 /* Reject all data frames. */ 3880 urtwn_write_2(sc, R92C_RXFLTMAP2, 0x0000); 3881 3882 rcr = R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_APM | 3883 R92C_RCR_HTC_LOC_CTRL | R92C_RCR_APP_PHYSTS | 3884 R92C_RCR_APP_ICV | R92C_RCR_APP_MIC; 3885 3886 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 3887 /* Accept all frames. */ 3888 rcr |= R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | 3889 R92C_RCR_AAP; 3890 } 3891 3892 /* Set Rx filter. */ 3893 urtwn_write_4(sc, R92C_RCR, rcr); 3894 3895 if (ic->ic_promisc != 0) { 3896 /* Update Rx filter. */ 3897 urtwn_set_promisc(sc); 3898 } 3899} 3900 3901static void 3902urtwn_edca_init(struct urtwn_softc *sc) 3903{ 3904 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a); 3905 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a); 3906 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a); 3907 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a); 3908 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b); 3909 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f); 3910 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324); 3911 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226); 3912} 3913 3914static void 3915urtwn_write_txpower(struct urtwn_softc *sc, int chain, 3916 uint16_t power[URTWN_RIDX_COUNT]) 3917{ 3918 uint32_t reg; 3919 3920 /* Write per-CCK rate Tx power. */ 3921 if (chain == 0) { 3922 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32); 3923 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]); 3924 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg); 3925 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3926 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]); 3927 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]); 3928 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]); 3929 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3930 } else { 3931 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32); 3932 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]); 3933 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]); 3934 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]); 3935 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg); 3936 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3937 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]); 3938 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3939 } 3940 /* Write per-OFDM rate Tx power. */ 3941 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain), 3942 SM(R92C_TXAGC_RATE06, power[ 4]) | 3943 SM(R92C_TXAGC_RATE09, power[ 5]) | 3944 SM(R92C_TXAGC_RATE12, power[ 6]) | 3945 SM(R92C_TXAGC_RATE18, power[ 7])); 3946 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain), 3947 SM(R92C_TXAGC_RATE24, power[ 8]) | 3948 SM(R92C_TXAGC_RATE36, power[ 9]) | 3949 SM(R92C_TXAGC_RATE48, power[10]) | 3950 SM(R92C_TXAGC_RATE54, power[11])); 3951 /* Write per-MCS Tx power. */ 3952 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain), 3953 SM(R92C_TXAGC_MCS00, power[12]) | 3954 SM(R92C_TXAGC_MCS01, power[13]) | 3955 SM(R92C_TXAGC_MCS02, power[14]) | 3956 SM(R92C_TXAGC_MCS03, power[15])); 3957 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain), 3958 SM(R92C_TXAGC_MCS04, power[16]) | 3959 SM(R92C_TXAGC_MCS05, power[17]) | 3960 SM(R92C_TXAGC_MCS06, power[18]) | 3961 SM(R92C_TXAGC_MCS07, power[19])); 3962 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain), 3963 SM(R92C_TXAGC_MCS08, power[20]) | 3964 SM(R92C_TXAGC_MCS09, power[21]) | 3965 SM(R92C_TXAGC_MCS10, power[22]) | 3966 SM(R92C_TXAGC_MCS11, power[23])); 3967 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain), 3968 SM(R92C_TXAGC_MCS12, power[24]) | 3969 SM(R92C_TXAGC_MCS13, power[25]) | 3970 SM(R92C_TXAGC_MCS14, power[26]) | 3971 SM(R92C_TXAGC_MCS15, power[27])); 3972} 3973 3974static void 3975urtwn_get_txpower(struct urtwn_softc *sc, int chain, 3976 struct ieee80211_channel *c, struct ieee80211_channel *extc, 3977 uint16_t power[URTWN_RIDX_COUNT]) 3978{ 3979 struct ieee80211com *ic = &sc->sc_ic; 3980 struct r92c_rom *rom = &sc->rom.r92c_rom; 3981 uint16_t cckpow, ofdmpow, htpow, diff, max; 3982 const struct urtwn_txpwr *base; 3983 int ridx, chan, group; 3984 3985 /* Determine channel group. */ 3986 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 3987 if (chan <= 3) 3988 group = 0; 3989 else if (chan <= 9) 3990 group = 1; 3991 else 3992 group = 2; 3993 3994 /* Get original Tx power based on board type and RF chain. */ 3995 if (!(sc->chip & URTWN_CHIP_92C)) { 3996 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3997 base = &rtl8188ru_txagc[chain]; 3998 else 3999 base = &rtl8192cu_txagc[chain]; 4000 } else 4001 base = &rtl8192cu_txagc[chain]; 4002 4003 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 4004 if (sc->regulatory == 0) { 4005 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 4006 power[ridx] = base->pwr[0][ridx]; 4007 } 4008 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 4009 if (sc->regulatory == 3) { 4010 power[ridx] = base->pwr[0][ridx]; 4011 /* Apply vendor limits. */ 4012 if (extc != NULL) 4013 max = rom->ht40_max_pwr[group]; 4014 else 4015 max = rom->ht20_max_pwr[group]; 4016 max = (max >> (chain * 4)) & 0xf; 4017 if (power[ridx] > max) 4018 power[ridx] = max; 4019 } else if (sc->regulatory == 1) { 4020 if (extc == NULL) 4021 power[ridx] = base->pwr[group][ridx]; 4022 } else if (sc->regulatory != 2) 4023 power[ridx] = base->pwr[0][ridx]; 4024 } 4025 4026 /* Compute per-CCK rate Tx power. */ 4027 cckpow = rom->cck_tx_pwr[chain][group]; 4028 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 4029 power[ridx] += cckpow; 4030 if (power[ridx] > R92C_MAX_TX_PWR) 4031 power[ridx] = R92C_MAX_TX_PWR; 4032 } 4033 4034 htpow = rom->ht40_1s_tx_pwr[chain][group]; 4035 if (sc->ntxchains > 1) { 4036 /* Apply reduction for 2 spatial streams. */ 4037 diff = rom->ht40_2s_tx_pwr_diff[group]; 4038 diff = (diff >> (chain * 4)) & 0xf; 4039 htpow = (htpow > diff) ? htpow - diff : 0; 4040 } 4041 4042 /* Compute per-OFDM rate Tx power. */ 4043 diff = rom->ofdm_tx_pwr_diff[group]; 4044 diff = (diff >> (chain * 4)) & 0xf; 4045 ofdmpow = htpow + diff; /* HT->OFDM correction. */ 4046 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 4047 power[ridx] += ofdmpow; 4048 if (power[ridx] > R92C_MAX_TX_PWR) 4049 power[ridx] = R92C_MAX_TX_PWR; 4050 } 4051 4052 /* Compute per-MCS Tx power. */ 4053 if (extc == NULL) { 4054 diff = rom->ht20_tx_pwr_diff[group]; 4055 diff = (diff >> (chain * 4)) & 0xf; 4056 htpow += diff; /* HT40->HT20 correction. */ 4057 } 4058 for (ridx = 12; ridx <= 27; ridx++) { 4059 power[ridx] += htpow; 4060 if (power[ridx] > R92C_MAX_TX_PWR) 4061 power[ridx] = R92C_MAX_TX_PWR; 4062 } 4063#ifdef USB_DEBUG 4064 if (sc->sc_debug & URTWN_DEBUG_TXPWR) { 4065 /* Dump per-rate Tx power values. */ 4066 printf("Tx power for chain %d:\n", chain); 4067 for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++) 4068 printf("Rate %d = %u\n", ridx, power[ridx]); 4069 } 4070#endif 4071} 4072 4073static void 4074urtwn_r88e_get_txpower(struct urtwn_softc *sc, int chain, 4075 struct ieee80211_channel *c, struct ieee80211_channel *extc, 4076 uint16_t power[URTWN_RIDX_COUNT]) 4077{ 4078 struct ieee80211com *ic = &sc->sc_ic; 4079 struct r88e_rom *rom = &sc->rom.r88e_rom; 4080 uint16_t cckpow, ofdmpow, bw20pow, htpow; 4081 const struct urtwn_r88e_txpwr *base; 4082 int ridx, chan, group; 4083 4084 /* Determine channel group. */ 4085 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4086 if (chan <= 2) 4087 group = 0; 4088 else if (chan <= 5) 4089 group = 1; 4090 else if (chan <= 8) 4091 group = 2; 4092 else if (chan <= 11) 4093 group = 3; 4094 else if (chan <= 13) 4095 group = 4; 4096 else 4097 group = 5; 4098 4099 /* Get original Tx power based on board type and RF chain. */ 4100 base = &rtl8188eu_txagc[chain]; 4101 4102 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 4103 if (sc->regulatory == 0) { 4104 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 4105 power[ridx] = base->pwr[0][ridx]; 4106 } 4107 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 4108 if (sc->regulatory == 3) 4109 power[ridx] = base->pwr[0][ridx]; 4110 else if (sc->regulatory == 1) { 4111 if (extc == NULL) 4112 power[ridx] = base->pwr[group][ridx]; 4113 } else if (sc->regulatory != 2) 4114 power[ridx] = base->pwr[0][ridx]; 4115 } 4116 4117 /* Compute per-CCK rate Tx power. */ 4118 cckpow = rom->cck_tx_pwr[group]; 4119 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 4120 power[ridx] += cckpow; 4121 if (power[ridx] > R92C_MAX_TX_PWR) 4122 power[ridx] = R92C_MAX_TX_PWR; 4123 } 4124 4125 htpow = rom->ht40_tx_pwr[group]; 4126 4127 /* Compute per-OFDM rate Tx power. */ 4128 ofdmpow = htpow + sc->ofdm_tx_pwr_diff; 4129 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 4130 power[ridx] += ofdmpow; 4131 if (power[ridx] > R92C_MAX_TX_PWR) 4132 power[ridx] = R92C_MAX_TX_PWR; 4133 } 4134 4135 bw20pow = htpow + sc->bw20_tx_pwr_diff; 4136 for (ridx = 12; ridx <= 27; ridx++) { 4137 power[ridx] += bw20pow; 4138 if (power[ridx] > R92C_MAX_TX_PWR) 4139 power[ridx] = R92C_MAX_TX_PWR; 4140 } 4141} 4142 4143static void 4144urtwn_set_txpower(struct urtwn_softc *sc, struct ieee80211_channel *c, 4145 struct ieee80211_channel *extc) 4146{ 4147 uint16_t power[URTWN_RIDX_COUNT]; 4148 int i; 4149 4150 for (i = 0; i < sc->ntxchains; i++) { 4151 /* Compute per-rate Tx power values. */ 4152 if (sc->chip & URTWN_CHIP_88E) 4153 urtwn_r88e_get_txpower(sc, i, c, extc, power); 4154 else 4155 urtwn_get_txpower(sc, i, c, extc, power); 4156 /* Write per-rate Tx power values to hardware. */ 4157 urtwn_write_txpower(sc, i, power); 4158 } 4159} 4160 4161static void 4162urtwn_set_rx_bssid_all(struct urtwn_softc *sc, int enable) 4163{ 4164 uint32_t reg; 4165 4166 reg = urtwn_read_4(sc, R92C_RCR); 4167 if (enable) 4168 reg &= ~R92C_RCR_CBSSID_BCN; 4169 else 4170 reg |= R92C_RCR_CBSSID_BCN; 4171 urtwn_write_4(sc, R92C_RCR, reg); 4172} 4173 4174static void 4175urtwn_set_gain(struct urtwn_softc *sc, uint8_t gain) 4176{ 4177 uint32_t reg; 4178 4179 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 4180 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 4181 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 4182 4183 if (!(sc->chip & URTWN_CHIP_88E)) { 4184 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 4185 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 4186 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 4187 } 4188} 4189 4190static void 4191urtwn_scan_start(struct ieee80211com *ic) 4192{ 4193 struct urtwn_softc *sc = ic->ic_softc; 4194 4195 URTWN_LOCK(sc); 4196 /* Receive beacons / probe responses from any BSSID. */ 4197 if (ic->ic_opmode != IEEE80211_M_IBSS) 4198 urtwn_set_rx_bssid_all(sc, 1); 4199 4200 /* Set gain for scanning. */ 4201 urtwn_set_gain(sc, 0x20); 4202 URTWN_UNLOCK(sc); 4203} 4204 4205static void 4206urtwn_scan_end(struct ieee80211com *ic) 4207{ 4208 struct urtwn_softc *sc = ic->ic_softc; 4209 4210 URTWN_LOCK(sc); 4211 /* Restore limitations. */ 4212 if (ic->ic_promisc == 0 && ic->ic_opmode != IEEE80211_M_IBSS) 4213 urtwn_set_rx_bssid_all(sc, 0); 4214 4215 /* Set gain under link. */ 4216 urtwn_set_gain(sc, 0x32); 4217 URTWN_UNLOCK(sc); 4218} 4219 4220static void 4221urtwn_set_channel(struct ieee80211com *ic) 4222{ 4223 struct urtwn_softc *sc = ic->ic_softc; 4224 struct ieee80211_channel *c = ic->ic_curchan; 4225 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4226 4227 URTWN_LOCK(sc); 4228 if (vap->iv_state == IEEE80211_S_SCAN) { 4229 /* Make link LED blink during scan. */ 4230 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink); 4231 } 4232 urtwn_set_chan(sc, c, NULL); 4233 sc->sc_rxtap.wr_chan_freq = htole16(c->ic_freq); 4234 sc->sc_rxtap.wr_chan_flags = htole16(c->ic_flags); 4235 sc->sc_txtap.wt_chan_freq = htole16(c->ic_freq); 4236 sc->sc_txtap.wt_chan_flags = htole16(c->ic_flags); 4237 URTWN_UNLOCK(sc); 4238} 4239 4240static int 4241urtwn_wme_update(struct ieee80211com *ic) 4242{ 4243 const struct wmeParams *wmep = 4244 ic->ic_wme.wme_chanParams.cap_wmeParams; 4245 struct urtwn_softc *sc = ic->ic_softc; 4246 uint8_t aifs, acm, slottime; 4247 int ac; 4248 4249 acm = 0; 4250 slottime = IEEE80211_GET_SLOTTIME(ic); 4251 4252 URTWN_LOCK(sc); 4253 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { 4254 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 4255 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; 4256 urtwn_write_4(sc, wme2queue[ac].reg, 4257 SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) | 4258 SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) | 4259 SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) | 4260 SM(R92C_EDCA_PARAM_AIFS, aifs)); 4261 if (ac != WME_AC_BE) 4262 acm |= wmep[ac].wmep_acm << ac; 4263 } 4264 4265 if (acm != 0) 4266 acm |= R92C_ACMHWCTRL_EN; 4267 urtwn_write_1(sc, R92C_ACMHWCTRL, 4268 (urtwn_read_1(sc, R92C_ACMHWCTRL) & ~R92C_ACMHWCTRL_ACM_MASK) | 4269 acm); 4270 4271 URTWN_UNLOCK(sc); 4272 4273 return 0; 4274} 4275 4276static void 4277urtwn_update_slot(struct ieee80211com *ic) 4278{ 4279 urtwn_cmd_sleepable(ic->ic_softc, NULL, 0, urtwn_update_slot_cb); 4280} 4281 4282static void 4283urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data) 4284{ 4285 struct ieee80211com *ic = &sc->sc_ic; 4286 uint8_t slottime; 4287 4288 slottime = IEEE80211_GET_SLOTTIME(ic); 4289 4290 URTWN_DPRINTF(sc, URTWN_DEBUG_ANY, "%s: setting slot time to %uus\n", 4291 __func__, slottime); 4292 4293 urtwn_write_1(sc, R92C_SLOT, slottime); 4294 urtwn_update_aifs(sc, slottime); 4295} 4296 4297static void 4298urtwn_update_aifs(struct urtwn_softc *sc, uint8_t slottime) 4299{ 4300 const struct wmeParams *wmep = 4301 sc->sc_ic.ic_wme.wme_chanParams.cap_wmeParams; 4302 uint8_t aifs, ac; 4303 4304 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { 4305 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 4306 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; 4307 urtwn_write_1(sc, wme2queue[ac].reg, aifs); 4308 } 4309} 4310 4311static void 4312urtwn_set_promisc(struct urtwn_softc *sc) 4313{ 4314 struct ieee80211com *ic = &sc->sc_ic; 4315 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4316 uint32_t rcr, mask1, mask2; 4317 4318 URTWN_ASSERT_LOCKED(sc); 4319 4320 if (vap->iv_opmode == IEEE80211_M_MONITOR) 4321 return; 4322 4323 mask1 = R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | R92C_RCR_AAP; 4324 mask2 = R92C_RCR_APM; 4325 4326 if (vap->iv_state == IEEE80211_S_RUN) { 4327 switch (vap->iv_opmode) { 4328 case IEEE80211_M_STA: 4329 mask2 |= R92C_RCR_CBSSID_DATA; 4330 /* FALLTHROUGH */ 4331 case IEEE80211_M_HOSTAP: 4332 mask2 |= R92C_RCR_CBSSID_BCN; 4333 break; 4334 case IEEE80211_M_IBSS: 4335 mask2 |= R92C_RCR_CBSSID_DATA; 4336 break; 4337 default: 4338 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 4339 __func__, vap->iv_opmode); 4340 return; 4341 } 4342 } 4343 4344 rcr = urtwn_read_4(sc, R92C_RCR); 4345 if (ic->ic_promisc == 0) 4346 rcr = (rcr & ~mask1) | mask2; 4347 else 4348 rcr = (rcr & ~mask2) | mask1; 4349 urtwn_write_4(sc, R92C_RCR, rcr); 4350} 4351 4352static void 4353urtwn_update_promisc(struct ieee80211com *ic) 4354{ 4355 struct urtwn_softc *sc = ic->ic_softc; 4356 4357 URTWN_LOCK(sc); 4358 if (sc->sc_flags & URTWN_RUNNING) 4359 urtwn_set_promisc(sc); 4360 URTWN_UNLOCK(sc); 4361} 4362 4363static void 4364urtwn_update_mcast(struct ieee80211com *ic) 4365{ 4366 /* XXX do nothing? */ 4367} 4368 4369static struct ieee80211_node * 4370urtwn_r88e_node_alloc(struct ieee80211vap *vap, 4371 const uint8_t mac[IEEE80211_ADDR_LEN]) 4372{ 4373 struct urtwn_node *un; 4374 4375 un = malloc(sizeof (struct urtwn_node), M_80211_NODE, 4376 M_NOWAIT | M_ZERO); 4377 4378 if (un == NULL) 4379 return NULL; 4380 4381 un->id = URTWN_MACID_UNDEFINED; 4382 4383 return &un->ni; 4384} 4385 4386static void 4387urtwn_r88e_newassoc(struct ieee80211_node *ni, int isnew) 4388{ 4389 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 4390 struct urtwn_node *un = URTWN_NODE(ni); 4391 uint8_t id; 4392 4393 if (!isnew) 4394 return; 4395 4396 URTWN_NT_LOCK(sc); 4397 for (id = 0; id <= URTWN_MACID_MAX(sc); id++) { 4398 if (id != URTWN_MACID_BC && sc->node_list[id] == NULL) { 4399 un->id = id; 4400 sc->node_list[id] = ni; 4401 break; 4402 } 4403 } 4404 URTWN_NT_UNLOCK(sc); 4405 4406 if (id > URTWN_MACID_MAX(sc)) { 4407 device_printf(sc->sc_dev, "%s: node table is full\n", 4408 __func__); 4409 } 4410} 4411 4412static void 4413urtwn_r88e_node_free(struct ieee80211_node *ni) 4414{ 4415 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 4416 struct urtwn_node *un = URTWN_NODE(ni); 4417 4418 URTWN_NT_LOCK(sc); 4419 if (un->id != URTWN_MACID_UNDEFINED) 4420 sc->node_list[un->id] = NULL; 4421 URTWN_NT_UNLOCK(sc); 4422 4423 sc->sc_node_free(ni); 4424} 4425 4426static void 4427urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c, 4428 struct ieee80211_channel *extc) 4429{ 4430 struct ieee80211com *ic = &sc->sc_ic; 4431 uint32_t reg; 4432 u_int chan; 4433 int i; 4434 4435 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4436 if (chan == 0 || chan == IEEE80211_CHAN_ANY) { 4437 device_printf(sc->sc_dev, 4438 "%s: invalid channel %x\n", __func__, chan); 4439 return; 4440 } 4441 4442 /* Set Tx power for this new channel. */ 4443 urtwn_set_txpower(sc, c, extc); 4444 4445 for (i = 0; i < sc->nrxchains; i++) { 4446 urtwn_rf_write(sc, i, R92C_RF_CHNLBW, 4447 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan)); 4448 } 4449#ifndef IEEE80211_NO_HT 4450 if (extc != NULL) { 4451 /* Is secondary channel below or above primary? */ 4452 int prichlo = c->ic_freq < extc->ic_freq; 4453 4454 urtwn_write_1(sc, R92C_BWOPMODE, 4455 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ); 4456 4457 reg = urtwn_read_1(sc, R92C_RRSR + 2); 4458 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5; 4459 urtwn_write_1(sc, R92C_RRSR + 2, reg); 4460 4461 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 4462 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ); 4463 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 4464 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ); 4465 4466 /* Set CCK side band. */ 4467 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM); 4468 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4; 4469 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg); 4470 4471 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF); 4472 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10; 4473 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg); 4474 4475 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 4476 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) & 4477 ~R92C_FPGA0_ANAPARAM2_CBW20); 4478 4479 reg = urtwn_bb_read(sc, 0x818); 4480 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26; 4481 urtwn_bb_write(sc, 0x818, reg); 4482 4483 /* Select 40MHz bandwidth. */ 4484 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 4485 (sc->rf_chnlbw[0] & ~0xfff) | chan); 4486 } else 4487#endif 4488 { 4489 urtwn_write_1(sc, R92C_BWOPMODE, 4490 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ); 4491 4492 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 4493 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ); 4494 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 4495 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ); 4496 4497 if (!(sc->chip & URTWN_CHIP_88E)) { 4498 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 4499 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) | 4500 R92C_FPGA0_ANAPARAM2_CBW20); 4501 } 4502 4503 /* Select 20MHz bandwidth. */ 4504 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 4505 (sc->rf_chnlbw[0] & ~0xfff) | chan | 4506 ((sc->chip & URTWN_CHIP_88E) ? R88E_RF_CHNLBW_BW20 : 4507 R92C_RF_CHNLBW_BW20)); 4508 } 4509} 4510 4511static void 4512urtwn_iq_calib(struct urtwn_softc *sc) 4513{ 4514 /* TODO */ 4515} 4516 4517static void 4518urtwn_lc_calib(struct urtwn_softc *sc) 4519{ 4520 uint32_t rf_ac[2]; 4521 uint8_t txmode; 4522 int i; 4523 4524 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3); 4525 if ((txmode & 0x70) != 0) { 4526 /* Disable all continuous Tx. */ 4527 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70); 4528 4529 /* Set RF mode to standby mode. */ 4530 for (i = 0; i < sc->nrxchains; i++) { 4531 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC); 4532 urtwn_rf_write(sc, i, R92C_RF_AC, 4533 RW(rf_ac[i], R92C_RF_AC_MODE, 4534 R92C_RF_AC_MODE_STANDBY)); 4535 } 4536 } else { 4537 /* Block all Tx queues. */ 4538 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL); 4539 } 4540 /* Start calibration. */ 4541 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 4542 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART); 4543 4544 /* Give calibration the time to complete. */ 4545 usb_pause_mtx(&sc->sc_mtx, hz / 10); /* 100ms */ 4546 4547 /* Restore configuration. */ 4548 if ((txmode & 0x70) != 0) { 4549 /* Restore Tx mode. */ 4550 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode); 4551 /* Restore RF mode. */ 4552 for (i = 0; i < sc->nrxchains; i++) 4553 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]); 4554 } else { 4555 /* Unblock all Tx queues. */ 4556 urtwn_write_1(sc, R92C_TXPAUSE, 0x00); 4557 } 4558} 4559 4560static int 4561urtwn_init(struct urtwn_softc *sc) 4562{ 4563 struct ieee80211com *ic = &sc->sc_ic; 4564 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4565 uint8_t macaddr[IEEE80211_ADDR_LEN]; 4566 uint32_t reg; 4567 usb_error_t usb_err = USB_ERR_NORMAL_COMPLETION; 4568 int error; 4569 4570 URTWN_LOCK(sc); 4571 if (sc->sc_flags & URTWN_RUNNING) { 4572 URTWN_UNLOCK(sc); 4573 return (0); 4574 } 4575 4576 /* Init firmware commands ring. */ 4577 sc->fwcur = 0; 4578 4579 /* Allocate Tx/Rx buffers. */ 4580 error = urtwn_alloc_rx_list(sc); 4581 if (error != 0) 4582 goto fail; 4583 4584 error = urtwn_alloc_tx_list(sc); 4585 if (error != 0) 4586 goto fail; 4587 4588 /* Power on adapter. */ 4589 error = urtwn_power_on(sc); 4590 if (error != 0) 4591 goto fail; 4592 4593 /* Initialize DMA. */ 4594 error = urtwn_dma_init(sc); 4595 if (error != 0) 4596 goto fail; 4597 4598 /* Set info size in Rx descriptors (in 64-bit words). */ 4599 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4); 4600 4601 /* Init interrupts. */ 4602 if (sc->chip & URTWN_CHIP_88E) { 4603 usb_err = urtwn_write_4(sc, R88E_HISR, 0xffffffff); 4604 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4605 goto fail; 4606 usb_err = urtwn_write_4(sc, R88E_HIMR, R88E_HIMR_CPWM | R88E_HIMR_CPWM2 | 4607 R88E_HIMR_TBDER | R88E_HIMR_PSTIMEOUT); 4608 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4609 goto fail; 4610 usb_err = urtwn_write_4(sc, R88E_HIMRE, R88E_HIMRE_RXFOVW | 4611 R88E_HIMRE_TXFOVW | R88E_HIMRE_RXERR | R88E_HIMRE_TXERR); 4612 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4613 goto fail; 4614 usb_err = urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 4615 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 4616 R92C_USB_SPECIAL_OPTION_INT_BULK_SEL); 4617 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4618 goto fail; 4619 } else { 4620 usb_err = urtwn_write_4(sc, R92C_HISR, 0xffffffff); 4621 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4622 goto fail; 4623 usb_err = urtwn_write_4(sc, R92C_HIMR, 0xffffffff); 4624 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4625 goto fail; 4626 } 4627 4628 /* Set MAC address. */ 4629 IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr); 4630 usb_err = urtwn_write_region_1(sc, R92C_MACID, macaddr, IEEE80211_ADDR_LEN); 4631 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4632 goto fail; 4633 4634 /* Set initial network type. */ 4635 urtwn_set_mode(sc, R92C_MSR_INFRA); 4636 4637 /* Initialize Rx filter. */ 4638 urtwn_rxfilter_init(sc); 4639 4640 /* Set response rate. */ 4641 reg = urtwn_read_4(sc, R92C_RRSR); 4642 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M); 4643 urtwn_write_4(sc, R92C_RRSR, reg); 4644 4645 /* Set short/long retry limits. */ 4646 urtwn_write_2(sc, R92C_RL, 4647 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30)); 4648 4649 /* Initialize EDCA parameters. */ 4650 urtwn_edca_init(sc); 4651 4652 /* Setup rate fallback. */ 4653 if (!(sc->chip & URTWN_CHIP_88E)) { 4654 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000); 4655 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404); 4656 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201); 4657 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605); 4658 } 4659 4660 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL, 4661 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) | 4662 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW); 4663 /* Set ACK timeout. */ 4664 urtwn_write_1(sc, R92C_ACKTO, 0x40); 4665 4666 /* Setup USB aggregation. */ 4667 reg = urtwn_read_4(sc, R92C_TDECTRL); 4668 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6); 4669 urtwn_write_4(sc, R92C_TDECTRL, reg); 4670 urtwn_write_1(sc, R92C_TRXDMA_CTRL, 4671 urtwn_read_1(sc, R92C_TRXDMA_CTRL) | 4672 R92C_TRXDMA_CTRL_RXDMA_AGG_EN); 4673 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48); 4674 if (sc->chip & URTWN_CHIP_88E) 4675 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH + 1, 4); 4676 else { 4677 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4); 4678 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 4679 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 4680 R92C_USB_SPECIAL_OPTION_AGG_EN); 4681 urtwn_write_1(sc, R92C_USB_AGG_TH, 8); 4682 urtwn_write_1(sc, R92C_USB_AGG_TO, 6); 4683 } 4684 4685 /* Initialize beacon parameters. */ 4686 urtwn_write_2(sc, R92C_BCN_CTRL, 0x1010); 4687 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404); 4688 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05); 4689 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02); 4690 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f); 4691 4692 if (!(sc->chip & URTWN_CHIP_88E)) { 4693 /* Setup AMPDU aggregation. */ 4694 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */ 4695 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16); 4696 urtwn_write_2(sc, R92C_MAX_AGGR_NUM, 0x0708); 4697 4698 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff); 4699 } 4700 4701 /* Load 8051 microcode. */ 4702 error = urtwn_load_firmware(sc); 4703 if (error != 0) 4704 goto fail; 4705 4706 /* Initialize MAC/BB/RF blocks. */ 4707 error = urtwn_mac_init(sc); 4708 if (error != 0) { 4709 device_printf(sc->sc_dev, 4710 "%s: error while initializing MAC block\n", __func__); 4711 goto fail; 4712 } 4713 urtwn_bb_init(sc); 4714 urtwn_rf_init(sc); 4715 4716 /* Reinitialize Rx filter (D3845 is not committed yet). */ 4717 urtwn_rxfilter_init(sc); 4718 4719 if (sc->chip & URTWN_CHIP_88E) { 4720 urtwn_write_2(sc, R92C_CR, 4721 urtwn_read_2(sc, R92C_CR) | R92C_CR_MACTXEN | 4722 R92C_CR_MACRXEN); 4723 } 4724 4725 /* Turn CCK and OFDM blocks on. */ 4726 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 4727 reg |= R92C_RFMOD_CCK_EN; 4728 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 4729 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4730 goto fail; 4731 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 4732 reg |= R92C_RFMOD_OFDM_EN; 4733 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 4734 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4735 goto fail; 4736 4737 /* Clear per-station keys table. */ 4738 urtwn_cam_init(sc); 4739 4740 /* Enable decryption / encryption. */ 4741 urtwn_write_2(sc, R92C_SECCFG, 4742 R92C_SECCFG_TXUCKEY_DEF | R92C_SECCFG_RXUCKEY_DEF | 4743 R92C_SECCFG_TXENC_ENA | R92C_SECCFG_RXDEC_ENA | 4744 R92C_SECCFG_TXBCKEY_DEF | R92C_SECCFG_RXBCKEY_DEF); 4745 4746 /* 4747 * Install static keys (if any). 4748 * Must be called after urtwn_cam_init(). 4749 */ 4750 ieee80211_runtask(ic, &sc->cmdq_task); 4751 4752 /* Enable hardware sequence numbering. */ 4753 urtwn_write_1(sc, R92C_HWSEQ_CTRL, R92C_TX_QUEUE_ALL); 4754 4755 /* Enable per-packet TX report. */ 4756 if (sc->chip & URTWN_CHIP_88E) { 4757 urtwn_write_1(sc, R88E_TX_RPT_CTRL, 4758 urtwn_read_1(sc, R88E_TX_RPT_CTRL) | R88E_TX_RPT1_ENA); 4759 } 4760 4761 /* Perform LO and IQ calibrations. */ 4762 urtwn_iq_calib(sc); 4763 /* Perform LC calibration. */ 4764 urtwn_lc_calib(sc); 4765 4766 /* Fix USB interference issue. */ 4767 if (!(sc->chip & URTWN_CHIP_88E)) { 4768 urtwn_write_1(sc, 0xfe40, 0xe0); 4769 urtwn_write_1(sc, 0xfe41, 0x8d); 4770 urtwn_write_1(sc, 0xfe42, 0x80); 4771 4772 urtwn_pa_bias_init(sc); 4773 } 4774 4775 /* Initialize GPIO setting. */ 4776 urtwn_write_1(sc, R92C_GPIO_MUXCFG, 4777 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT); 4778 4779 /* Fix for lower temperature. */ 4780 if (!(sc->chip & URTWN_CHIP_88E)) 4781 urtwn_write_1(sc, 0x15, 0xe9); 4782 4783 usbd_transfer_start(sc->sc_xfer[URTWN_BULK_RX]); 4784 4785 sc->sc_flags |= URTWN_RUNNING; 4786 4787 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 4788fail: 4789 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4790 error = EIO; 4791 4792 URTWN_UNLOCK(sc); 4793 4794 return (error); 4795} 4796 4797static void 4798urtwn_stop(struct urtwn_softc *sc) 4799{ 4800 4801 URTWN_LOCK(sc); 4802 if (!(sc->sc_flags & URTWN_RUNNING)) { 4803 URTWN_UNLOCK(sc); 4804 return; 4805 } 4806 4807 sc->sc_flags &= ~URTWN_RUNNING; 4808 callout_stop(&sc->sc_watchdog_ch); 4809 urtwn_abort_xfers(sc); 4810 4811 urtwn_drain_mbufq(sc); 4812 URTWN_UNLOCK(sc); 4813} 4814 4815static void 4816urtwn_abort_xfers(struct urtwn_softc *sc) 4817{ 4818 int i; 4819 4820 URTWN_ASSERT_LOCKED(sc); 4821 4822 /* abort any pending transfers */ 4823 for (i = 0; i < URTWN_N_TRANSFER; i++) 4824 usbd_transfer_stop(sc->sc_xfer[i]); 4825} 4826 4827static int 4828urtwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 4829 const struct ieee80211_bpf_params *params) 4830{ 4831 struct ieee80211com *ic = ni->ni_ic; 4832 struct urtwn_softc *sc = ic->ic_softc; 4833 struct urtwn_data *bf; 4834 int error; 4835 4836 /* prevent management frames from being sent if we're not ready */ 4837 URTWN_LOCK(sc); 4838 if (!(sc->sc_flags & URTWN_RUNNING)) { 4839 error = ENETDOWN; 4840 goto end; 4841 } 4842 4843 bf = urtwn_getbuf(sc); 4844 if (bf == NULL) { 4845 error = ENOBUFS; 4846 goto end; 4847 } 4848 4849 if (params == NULL) { 4850 /* 4851 * Legacy path; interpret frame contents to decide 4852 * precisely how to send the frame. 4853 */ 4854 error = urtwn_tx_data(sc, ni, m, bf); 4855 } else { 4856 /* 4857 * Caller supplied explicit parameters to use in 4858 * sending the frame. 4859 */ 4860 error = urtwn_tx_raw(sc, ni, m, bf, params); 4861 } 4862 if (error != 0) { 4863 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 4864 goto end; 4865 } 4866 4867 sc->sc_txtimer = 5; 4868 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 4869 4870end: 4871 if (error != 0) 4872 m_freem(m); 4873 4874 URTWN_UNLOCK(sc); 4875 4876 return (error); 4877} 4878 4879static void 4880urtwn_ms_delay(struct urtwn_softc *sc) 4881{ 4882 usb_pause_mtx(&sc->sc_mtx, hz / 1000); 4883} 4884 4885static device_method_t urtwn_methods[] = { 4886 /* Device interface */ 4887 DEVMETHOD(device_probe, urtwn_match), 4888 DEVMETHOD(device_attach, urtwn_attach), 4889 DEVMETHOD(device_detach, urtwn_detach), 4890 4891 DEVMETHOD_END 4892}; 4893 4894static driver_t urtwn_driver = { 4895 "urtwn", 4896 urtwn_methods, 4897 sizeof(struct urtwn_softc) 4898}; 4899 4900static devclass_t urtwn_devclass; 4901 4902DRIVER_MODULE(urtwn, uhub, urtwn_driver, urtwn_devclass, NULL, NULL); 4903MODULE_DEPEND(urtwn, usb, 1, 1, 1); 4904MODULE_DEPEND(urtwn, wlan, 1, 1, 1); 4905MODULE_DEPEND(urtwn, firmware, 1, 1, 1); 4906MODULE_VERSION(urtwn, 1); 4907USB_PNP_HOST_INFO(urtwn_devs); 4908