if_urtwn.c revision 297596
1/* $OpenBSD: if_urtwn.c,v 1.16 2011/02/10 17:26:40 jakemsr Exp $ */ 2 3/*- 4 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2014 Kevin Lo <kevlo@FreeBSD.org> 6 * Copyright (c) 2015 Andriy Voskoboinyk <avos@FreeBSD.org> 7 * 8 * Permission to use, copy, modify, and distribute this software for any 9 * purpose with or without fee is hereby granted, provided that the above 10 * copyright notice and this permission notice appear in all copies. 11 * 12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 */ 20 21#include <sys/cdefs.h> 22__FBSDID("$FreeBSD: head/sys/dev/urtwn/if_urtwn.c 297596 2016-04-05 22:14:21Z adrian $"); 23 24/* 25 * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188EU/RTL8188RU/RTL8192CU. 26 */ 27 28#include "opt_wlan.h" 29#include "opt_urtwn.h" 30 31#include <sys/param.h> 32#include <sys/sockio.h> 33#include <sys/sysctl.h> 34#include <sys/lock.h> 35#include <sys/mutex.h> 36#include <sys/condvar.h> 37#include <sys/mbuf.h> 38#include <sys/kernel.h> 39#include <sys/socket.h> 40#include <sys/systm.h> 41#include <sys/malloc.h> 42#include <sys/module.h> 43#include <sys/bus.h> 44#include <sys/endian.h> 45#include <sys/linker.h> 46#include <sys/firmware.h> 47#include <sys/kdb.h> 48 49#include <machine/bus.h> 50#include <machine/resource.h> 51#include <sys/rman.h> 52 53#include <net/bpf.h> 54#include <net/if.h> 55#include <net/if_var.h> 56#include <net/if_arp.h> 57#include <net/ethernet.h> 58#include <net/if_dl.h> 59#include <net/if_media.h> 60#include <net/if_types.h> 61 62#include <netinet/in.h> 63#include <netinet/in_systm.h> 64#include <netinet/in_var.h> 65#include <netinet/if_ether.h> 66#include <netinet/ip.h> 67 68#include <net80211/ieee80211_var.h> 69#include <net80211/ieee80211_input.h> 70#include <net80211/ieee80211_regdomain.h> 71#include <net80211/ieee80211_radiotap.h> 72#include <net80211/ieee80211_ratectl.h> 73#ifdef IEEE80211_SUPPORT_SUPERG 74#include <net80211/ieee80211_superg.h> 75#endif 76 77#include <dev/usb/usb.h> 78#include <dev/usb/usbdi.h> 79#include <dev/usb/usb_device.h> 80#include "usbdevs.h" 81 82#include <dev/usb/usb_debug.h> 83 84#include <dev/urtwn/if_urtwnreg.h> 85#include <dev/urtwn/if_urtwnvar.h> 86 87#ifdef USB_DEBUG 88enum { 89 URTWN_DEBUG_XMIT = 0x00000001, /* basic xmit operation */ 90 URTWN_DEBUG_RECV = 0x00000002, /* basic recv operation */ 91 URTWN_DEBUG_STATE = 0x00000004, /* 802.11 state transitions */ 92 URTWN_DEBUG_RA = 0x00000008, /* f/w rate adaptation setup */ 93 URTWN_DEBUG_USB = 0x00000010, /* usb requests */ 94 URTWN_DEBUG_FIRMWARE = 0x00000020, /* firmware(9) loading debug */ 95 URTWN_DEBUG_BEACON = 0x00000040, /* beacon handling */ 96 URTWN_DEBUG_INTR = 0x00000080, /* ISR */ 97 URTWN_DEBUG_TEMP = 0x00000100, /* temperature calibration */ 98 URTWN_DEBUG_ROM = 0x00000200, /* various ROM info */ 99 URTWN_DEBUG_KEY = 0x00000400, /* crypto keys management */ 100 URTWN_DEBUG_TXPWR = 0x00000800, /* dump Tx power values */ 101 URTWN_DEBUG_RSSI = 0x00001000, /* dump RSSI lookups */ 102 URTWN_DEBUG_ANY = 0xffffffff 103}; 104 105#define URTWN_DPRINTF(_sc, _m, ...) do { \ 106 if ((_sc)->sc_debug & (_m)) \ 107 device_printf((_sc)->sc_dev, __VA_ARGS__); \ 108} while(0) 109 110#else 111#define URTWN_DPRINTF(_sc, _m, ...) do { (void) sc; } while (0) 112#endif 113 114#define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh) 115 116static int urtwn_enable_11n = 1; 117TUNABLE_INT("hw.usb.urtwn.enable_11n", &urtwn_enable_11n); 118 119/* various supported device vendors/products */ 120static const STRUCT_USB_HOST_ID urtwn_devs[] = { 121#define URTWN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 122#define URTWN_RTL8188E_DEV(v,p) \ 123 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, URTWN_RTL8188E) } 124#define URTWN_RTL8188E 1 125 URTWN_DEV(ABOCOM, RTL8188CU_1), 126 URTWN_DEV(ABOCOM, RTL8188CU_2), 127 URTWN_DEV(ABOCOM, RTL8192CU), 128 URTWN_DEV(ASUS, RTL8192CU), 129 URTWN_DEV(ASUS, USBN10NANO), 130 URTWN_DEV(AZUREWAVE, RTL8188CE_1), 131 URTWN_DEV(AZUREWAVE, RTL8188CE_2), 132 URTWN_DEV(AZUREWAVE, RTL8188CU), 133 URTWN_DEV(BELKIN, F7D2102), 134 URTWN_DEV(BELKIN, RTL8188CU), 135 URTWN_DEV(BELKIN, RTL8192CU), 136 URTWN_DEV(CHICONY, RTL8188CUS_1), 137 URTWN_DEV(CHICONY, RTL8188CUS_2), 138 URTWN_DEV(CHICONY, RTL8188CUS_3), 139 URTWN_DEV(CHICONY, RTL8188CUS_4), 140 URTWN_DEV(CHICONY, RTL8188CUS_5), 141 URTWN_DEV(COREGA, RTL8192CU), 142 URTWN_DEV(DLINK, RTL8188CU), 143 URTWN_DEV(DLINK, RTL8192CU_1), 144 URTWN_DEV(DLINK, RTL8192CU_2), 145 URTWN_DEV(DLINK, RTL8192CU_3), 146 URTWN_DEV(DLINK, DWA131B), 147 URTWN_DEV(EDIMAX, EW7811UN), 148 URTWN_DEV(EDIMAX, RTL8192CU), 149 URTWN_DEV(FEIXUN, RTL8188CU), 150 URTWN_DEV(FEIXUN, RTL8192CU), 151 URTWN_DEV(GUILLEMOT, HWNUP150), 152 URTWN_DEV(HAWKING, RTL8192CU), 153 URTWN_DEV(HP3, RTL8188CU), 154 URTWN_DEV(NETGEAR, WNA1000M), 155 URTWN_DEV(NETGEAR, RTL8192CU), 156 URTWN_DEV(NETGEAR4, RTL8188CU), 157 URTWN_DEV(NOVATECH, RTL8188CU), 158 URTWN_DEV(PLANEX2, RTL8188CU_1), 159 URTWN_DEV(PLANEX2, RTL8188CU_2), 160 URTWN_DEV(PLANEX2, RTL8188CU_3), 161 URTWN_DEV(PLANEX2, RTL8188CU_4), 162 URTWN_DEV(PLANEX2, RTL8188CUS), 163 URTWN_DEV(PLANEX2, RTL8192CU), 164 URTWN_DEV(REALTEK, RTL8188CE_0), 165 URTWN_DEV(REALTEK, RTL8188CE_1), 166 URTWN_DEV(REALTEK, RTL8188CTV), 167 URTWN_DEV(REALTEK, RTL8188CU_0), 168 URTWN_DEV(REALTEK, RTL8188CU_1), 169 URTWN_DEV(REALTEK, RTL8188CU_2), 170 URTWN_DEV(REALTEK, RTL8188CU_3), 171 URTWN_DEV(REALTEK, RTL8188CU_COMBO), 172 URTWN_DEV(REALTEK, RTL8188CUS), 173 URTWN_DEV(REALTEK, RTL8188RU_1), 174 URTWN_DEV(REALTEK, RTL8188RU_2), 175 URTWN_DEV(REALTEK, RTL8188RU_3), 176 URTWN_DEV(REALTEK, RTL8191CU), 177 URTWN_DEV(REALTEK, RTL8192CE), 178 URTWN_DEV(REALTEK, RTL8192CU), 179 URTWN_DEV(SITECOMEU, RTL8188CU_1), 180 URTWN_DEV(SITECOMEU, RTL8188CU_2), 181 URTWN_DEV(SITECOMEU, RTL8192CU), 182 URTWN_DEV(TRENDNET, RTL8188CU), 183 URTWN_DEV(TRENDNET, RTL8192CU), 184 URTWN_DEV(ZYXEL, RTL8192CU), 185 /* URTWN_RTL8188E */ 186 URTWN_RTL8188E_DEV(ABOCOM, RTL8188EU), 187 URTWN_RTL8188E_DEV(DLINK, DWA123D1), 188 URTWN_RTL8188E_DEV(DLINK, DWA125D1), 189 URTWN_RTL8188E_DEV(ELECOM, WDC150SU2M), 190 URTWN_RTL8188E_DEV(REALTEK, RTL8188ETV), 191 URTWN_RTL8188E_DEV(REALTEK, RTL8188EU), 192#undef URTWN_RTL8188E_DEV 193#undef URTWN_DEV 194}; 195 196static device_probe_t urtwn_match; 197static device_attach_t urtwn_attach; 198static device_detach_t urtwn_detach; 199 200static usb_callback_t urtwn_bulk_tx_callback; 201static usb_callback_t urtwn_bulk_rx_callback; 202 203static void urtwn_sysctlattach(struct urtwn_softc *); 204static void urtwn_drain_mbufq(struct urtwn_softc *); 205static usb_error_t urtwn_do_request(struct urtwn_softc *, 206 struct usb_device_request *, void *); 207static struct ieee80211vap *urtwn_vap_create(struct ieee80211com *, 208 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 209 const uint8_t [IEEE80211_ADDR_LEN], 210 const uint8_t [IEEE80211_ADDR_LEN]); 211static void urtwn_vap_delete(struct ieee80211vap *); 212static struct mbuf * urtwn_rx_copy_to_mbuf(struct urtwn_softc *, 213 struct r92c_rx_stat *, int); 214static struct mbuf * urtwn_report_intr(struct usb_xfer *, 215 struct urtwn_data *); 216static struct mbuf * urtwn_rxeof(struct urtwn_softc *, uint8_t *, int); 217static void urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *, 218 void *); 219static struct ieee80211_node *urtwn_rx_frame(struct urtwn_softc *, 220 struct mbuf *, int8_t *); 221static void urtwn_txeof(struct urtwn_softc *, struct urtwn_data *, 222 int); 223static int urtwn_alloc_list(struct urtwn_softc *, 224 struct urtwn_data[], int, int); 225static int urtwn_alloc_rx_list(struct urtwn_softc *); 226static int urtwn_alloc_tx_list(struct urtwn_softc *); 227static void urtwn_free_list(struct urtwn_softc *, 228 struct urtwn_data data[], int); 229static void urtwn_free_rx_list(struct urtwn_softc *); 230static void urtwn_free_tx_list(struct urtwn_softc *); 231static struct urtwn_data * _urtwn_getbuf(struct urtwn_softc *); 232static struct urtwn_data * urtwn_getbuf(struct urtwn_softc *); 233static usb_error_t urtwn_write_region_1(struct urtwn_softc *, uint16_t, 234 uint8_t *, int); 235static usb_error_t urtwn_write_1(struct urtwn_softc *, uint16_t, uint8_t); 236static usb_error_t urtwn_write_2(struct urtwn_softc *, uint16_t, uint16_t); 237static usb_error_t urtwn_write_4(struct urtwn_softc *, uint16_t, uint32_t); 238static usb_error_t urtwn_read_region_1(struct urtwn_softc *, uint16_t, 239 uint8_t *, int); 240static uint8_t urtwn_read_1(struct urtwn_softc *, uint16_t); 241static uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t); 242static uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t); 243static int urtwn_fw_cmd(struct urtwn_softc *, uint8_t, 244 const void *, int); 245static void urtwn_cmdq_cb(void *, int); 246static int urtwn_cmd_sleepable(struct urtwn_softc *, const void *, 247 size_t, CMD_FUNC_PROTO); 248static void urtwn_r92c_rf_write(struct urtwn_softc *, int, 249 uint8_t, uint32_t); 250static void urtwn_r88e_rf_write(struct urtwn_softc *, int, 251 uint8_t, uint32_t); 252static uint32_t urtwn_rf_read(struct urtwn_softc *, int, uint8_t); 253static int urtwn_llt_write(struct urtwn_softc *, uint32_t, 254 uint32_t); 255static int urtwn_efuse_read_next(struct urtwn_softc *, uint8_t *); 256static int urtwn_efuse_read_data(struct urtwn_softc *, uint8_t *, 257 uint8_t, uint8_t); 258#ifdef USB_DEBUG 259static void urtwn_dump_rom_contents(struct urtwn_softc *, 260 uint8_t *, uint16_t); 261#endif 262static int urtwn_efuse_read(struct urtwn_softc *, uint8_t *, 263 uint16_t); 264static int urtwn_efuse_switch_power(struct urtwn_softc *); 265static int urtwn_read_chipid(struct urtwn_softc *); 266static int urtwn_read_rom(struct urtwn_softc *); 267static int urtwn_r88e_read_rom(struct urtwn_softc *); 268static int urtwn_ra_init(struct urtwn_softc *); 269static void urtwn_init_beacon(struct urtwn_softc *, 270 struct urtwn_vap *); 271static int urtwn_setup_beacon(struct urtwn_softc *, 272 struct ieee80211_node *); 273static void urtwn_update_beacon(struct ieee80211vap *, int); 274static int urtwn_tx_beacon(struct urtwn_softc *sc, 275 struct urtwn_vap *); 276static int urtwn_key_alloc(struct ieee80211vap *, 277 struct ieee80211_key *, ieee80211_keyix *, 278 ieee80211_keyix *); 279static void urtwn_key_set_cb(struct urtwn_softc *, 280 union sec_param *); 281static void urtwn_key_del_cb(struct urtwn_softc *, 282 union sec_param *); 283static int urtwn_key_set(struct ieee80211vap *, 284 const struct ieee80211_key *); 285static int urtwn_key_delete(struct ieee80211vap *, 286 const struct ieee80211_key *); 287static void urtwn_tsf_task_adhoc(void *, int); 288static void urtwn_tsf_sync_enable(struct urtwn_softc *, 289 struct ieee80211vap *); 290static void urtwn_get_tsf(struct urtwn_softc *, uint64_t *); 291static void urtwn_set_led(struct urtwn_softc *, int, int); 292static void urtwn_set_mode(struct urtwn_softc *, uint8_t); 293static void urtwn_ibss_recv_mgmt(struct ieee80211_node *, 294 struct mbuf *, int, 295 const struct ieee80211_rx_stats *, int, int); 296static int urtwn_newstate(struct ieee80211vap *, 297 enum ieee80211_state, int); 298static void urtwn_calib_to(void *); 299static void urtwn_calib_cb(struct urtwn_softc *, 300 union sec_param *); 301static void urtwn_watchdog(void *); 302static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t); 303static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *); 304static int8_t urtwn_r88e_get_rssi(struct urtwn_softc *, int, void *); 305static int urtwn_tx_data(struct urtwn_softc *, 306 struct ieee80211_node *, struct mbuf *, 307 struct urtwn_data *); 308static int urtwn_tx_raw(struct urtwn_softc *, 309 struct ieee80211_node *, struct mbuf *, 310 struct urtwn_data *, 311 const struct ieee80211_bpf_params *); 312static void urtwn_tx_start(struct urtwn_softc *, struct mbuf *, 313 uint8_t, struct urtwn_data *); 314static int urtwn_transmit(struct ieee80211com *, struct mbuf *); 315static void urtwn_start(struct urtwn_softc *); 316static void urtwn_parent(struct ieee80211com *); 317static int urtwn_r92c_power_on(struct urtwn_softc *); 318static int urtwn_r88e_power_on(struct urtwn_softc *); 319static void urtwn_r92c_power_off(struct urtwn_softc *); 320static void urtwn_r88e_power_off(struct urtwn_softc *); 321static int urtwn_llt_init(struct urtwn_softc *); 322#ifndef URTWN_WITHOUT_UCODE 323static void urtwn_fw_reset(struct urtwn_softc *); 324static void urtwn_r88e_fw_reset(struct urtwn_softc *); 325static int urtwn_fw_loadpage(struct urtwn_softc *, int, 326 const uint8_t *, int); 327static int urtwn_load_firmware(struct urtwn_softc *); 328#endif 329static int urtwn_dma_init(struct urtwn_softc *); 330static int urtwn_mac_init(struct urtwn_softc *); 331static void urtwn_bb_init(struct urtwn_softc *); 332static void urtwn_rf_init(struct urtwn_softc *); 333static void urtwn_cam_init(struct urtwn_softc *); 334static int urtwn_cam_write(struct urtwn_softc *, uint32_t, 335 uint32_t); 336static void urtwn_pa_bias_init(struct urtwn_softc *); 337static void urtwn_rxfilter_init(struct urtwn_softc *); 338static void urtwn_edca_init(struct urtwn_softc *); 339static void urtwn_write_txpower(struct urtwn_softc *, int, 340 uint16_t[]); 341static void urtwn_get_txpower(struct urtwn_softc *, int, 342 struct ieee80211_channel *, 343 struct ieee80211_channel *, uint16_t[]); 344static void urtwn_r88e_get_txpower(struct urtwn_softc *, int, 345 struct ieee80211_channel *, 346 struct ieee80211_channel *, uint16_t[]); 347static void urtwn_set_txpower(struct urtwn_softc *, 348 struct ieee80211_channel *, 349 struct ieee80211_channel *); 350static void urtwn_set_rx_bssid_all(struct urtwn_softc *, int); 351static void urtwn_set_gain(struct urtwn_softc *, uint8_t); 352static void urtwn_scan_start(struct ieee80211com *); 353static void urtwn_scan_end(struct ieee80211com *); 354static void urtwn_set_channel(struct ieee80211com *); 355static int urtwn_wme_update(struct ieee80211com *); 356static void urtwn_update_slot(struct ieee80211com *); 357static void urtwn_update_slot_cb(struct urtwn_softc *, 358 union sec_param *); 359static void urtwn_update_aifs(struct urtwn_softc *, uint8_t); 360static void urtwn_set_promisc(struct urtwn_softc *); 361static void urtwn_update_promisc(struct ieee80211com *); 362static void urtwn_update_mcast(struct ieee80211com *); 363static struct ieee80211_node *urtwn_r88e_node_alloc(struct ieee80211vap *, 364 const uint8_t mac[IEEE80211_ADDR_LEN]); 365static void urtwn_r88e_newassoc(struct ieee80211_node *, int); 366static void urtwn_r88e_node_free(struct ieee80211_node *); 367static void urtwn_set_chan(struct urtwn_softc *, 368 struct ieee80211_channel *, 369 struct ieee80211_channel *); 370static void urtwn_iq_calib(struct urtwn_softc *); 371static void urtwn_lc_calib(struct urtwn_softc *); 372static void urtwn_temp_calib(struct urtwn_softc *); 373static int urtwn_init(struct urtwn_softc *); 374static void urtwn_stop(struct urtwn_softc *); 375static void urtwn_abort_xfers(struct urtwn_softc *); 376static int urtwn_raw_xmit(struct ieee80211_node *, struct mbuf *, 377 const struct ieee80211_bpf_params *); 378static void urtwn_ms_delay(struct urtwn_softc *); 379 380/* Aliases. */ 381#define urtwn_bb_write urtwn_write_4 382#define urtwn_bb_read urtwn_read_4 383 384static const struct usb_config urtwn_config[URTWN_N_TRANSFER] = { 385 [URTWN_BULK_RX] = { 386 .type = UE_BULK, 387 .endpoint = UE_ADDR_ANY, 388 .direction = UE_DIR_IN, 389 .bufsize = URTWN_RXBUFSZ, 390 .flags = { 391 .pipe_bof = 1, 392 .short_xfer_ok = 1 393 }, 394 .callback = urtwn_bulk_rx_callback, 395 }, 396 [URTWN_BULK_TX_BE] = { 397 .type = UE_BULK, 398 .endpoint = 0x03, 399 .direction = UE_DIR_OUT, 400 .bufsize = URTWN_TXBUFSZ, 401 .flags = { 402 .ext_buffer = 1, 403 .pipe_bof = 1, 404 .force_short_xfer = 1 405 }, 406 .callback = urtwn_bulk_tx_callback, 407 .timeout = URTWN_TX_TIMEOUT, /* ms */ 408 }, 409 [URTWN_BULK_TX_BK] = { 410 .type = UE_BULK, 411 .endpoint = 0x03, 412 .direction = UE_DIR_OUT, 413 .bufsize = URTWN_TXBUFSZ, 414 .flags = { 415 .ext_buffer = 1, 416 .pipe_bof = 1, 417 .force_short_xfer = 1, 418 }, 419 .callback = urtwn_bulk_tx_callback, 420 .timeout = URTWN_TX_TIMEOUT, /* ms */ 421 }, 422 [URTWN_BULK_TX_VI] = { 423 .type = UE_BULK, 424 .endpoint = 0x02, 425 .direction = UE_DIR_OUT, 426 .bufsize = URTWN_TXBUFSZ, 427 .flags = { 428 .ext_buffer = 1, 429 .pipe_bof = 1, 430 .force_short_xfer = 1 431 }, 432 .callback = urtwn_bulk_tx_callback, 433 .timeout = URTWN_TX_TIMEOUT, /* ms */ 434 }, 435 [URTWN_BULK_TX_VO] = { 436 .type = UE_BULK, 437 .endpoint = 0x02, 438 .direction = UE_DIR_OUT, 439 .bufsize = URTWN_TXBUFSZ, 440 .flags = { 441 .ext_buffer = 1, 442 .pipe_bof = 1, 443 .force_short_xfer = 1 444 }, 445 .callback = urtwn_bulk_tx_callback, 446 .timeout = URTWN_TX_TIMEOUT, /* ms */ 447 }, 448}; 449 450static const struct wme_to_queue { 451 uint16_t reg; 452 uint8_t qid; 453} wme2queue[WME_NUM_AC] = { 454 { R92C_EDCA_BE_PARAM, URTWN_BULK_TX_BE}, 455 { R92C_EDCA_BK_PARAM, URTWN_BULK_TX_BK}, 456 { R92C_EDCA_VI_PARAM, URTWN_BULK_TX_VI}, 457 { R92C_EDCA_VO_PARAM, URTWN_BULK_TX_VO} 458}; 459 460static int 461urtwn_match(device_t self) 462{ 463 struct usb_attach_arg *uaa = device_get_ivars(self); 464 465 if (uaa->usb_mode != USB_MODE_HOST) 466 return (ENXIO); 467 if (uaa->info.bConfigIndex != URTWN_CONFIG_INDEX) 468 return (ENXIO); 469 if (uaa->info.bIfaceIndex != URTWN_IFACE_INDEX) 470 return (ENXIO); 471 472 return (usbd_lookup_id_by_uaa(urtwn_devs, sizeof(urtwn_devs), uaa)); 473} 474 475static void 476urtwn_update_chw(struct ieee80211com *ic) 477{ 478} 479 480static int 481urtwn_ampdu_enable(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 482{ 483 484 /* We're driving this ourselves (eventually); don't involve net80211 */ 485 return (0); 486} 487 488static int 489urtwn_attach(device_t self) 490{ 491 struct usb_attach_arg *uaa = device_get_ivars(self); 492 struct urtwn_softc *sc = device_get_softc(self); 493 struct ieee80211com *ic = &sc->sc_ic; 494 uint8_t bands[howmany(IEEE80211_MODE_MAX, 8)]; 495 int error; 496 497 device_set_usb_desc(self); 498 sc->sc_udev = uaa->device; 499 sc->sc_dev = self; 500 if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E) 501 sc->chip |= URTWN_CHIP_88E; 502 503#ifdef USB_DEBUG 504 int debug; 505 if (resource_int_value(device_get_name(sc->sc_dev), 506 device_get_unit(sc->sc_dev), "debug", &debug) == 0) 507 sc->sc_debug = debug; 508#endif 509 510 mtx_init(&sc->sc_mtx, device_get_nameunit(self), 511 MTX_NETWORK_LOCK, MTX_DEF); 512 URTWN_CMDQ_LOCK_INIT(sc); 513 URTWN_NT_LOCK_INIT(sc); 514 callout_init(&sc->sc_calib_to, 0); 515 callout_init(&sc->sc_watchdog_ch, 0); 516 mbufq_init(&sc->sc_snd, ifqmaxlen); 517 518 sc->sc_iface_index = URTWN_IFACE_INDEX; 519 error = usbd_transfer_setup(uaa->device, &sc->sc_iface_index, 520 sc->sc_xfer, urtwn_config, URTWN_N_TRANSFER, sc, &sc->sc_mtx); 521 if (error) { 522 device_printf(self, "could not allocate USB transfers, " 523 "err=%s\n", usbd_errstr(error)); 524 goto detach; 525 } 526 527 URTWN_LOCK(sc); 528 529 error = urtwn_read_chipid(sc); 530 if (error) { 531 device_printf(sc->sc_dev, "unsupported test chip\n"); 532 URTWN_UNLOCK(sc); 533 goto detach; 534 } 535 536 /* Determine number of Tx/Rx chains. */ 537 if (sc->chip & URTWN_CHIP_92C) { 538 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2; 539 sc->nrxchains = 2; 540 } else { 541 sc->ntxchains = 1; 542 sc->nrxchains = 1; 543 } 544 545 if (sc->chip & URTWN_CHIP_88E) 546 error = urtwn_r88e_read_rom(sc); 547 else 548 error = urtwn_read_rom(sc); 549 if (error != 0) { 550 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n", 551 __func__, error); 552 URTWN_UNLOCK(sc); 553 goto detach; 554 } 555 556 device_printf(sc->sc_dev, "MAC/BB RTL%s, RF 6052 %dT%dR\n", 557 (sc->chip & URTWN_CHIP_92C) ? "8192CU" : 558 (sc->chip & URTWN_CHIP_88E) ? "8188EU" : 559 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" : 560 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" : 561 "8188CUS", sc->ntxchains, sc->nrxchains); 562 563 URTWN_UNLOCK(sc); 564 565 ic->ic_softc = sc; 566 ic->ic_name = device_get_nameunit(self); 567 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 568 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 569 570 /* set device capabilities */ 571 ic->ic_caps = 572 IEEE80211_C_STA /* station mode */ 573 | IEEE80211_C_MONITOR /* monitor mode */ 574 | IEEE80211_C_IBSS /* adhoc mode */ 575 | IEEE80211_C_HOSTAP /* hostap mode */ 576 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 577 | IEEE80211_C_SHSLOT /* short slot time supported */ 578#if 0 579 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 580#endif 581 | IEEE80211_C_WPA /* 802.11i */ 582 | IEEE80211_C_WME /* 802.11e */ 583 | IEEE80211_C_SWAMSDUTX /* Do software A-MSDU TX */ 584 | IEEE80211_C_FF /* Atheros fast-frames */ 585 ; 586 587 ic->ic_cryptocaps = 588 IEEE80211_CRYPTO_WEP | 589 IEEE80211_CRYPTO_TKIP | 590 IEEE80211_CRYPTO_AES_CCM; 591 592 /* Assume they're all 11n capable for now */ 593 if (urtwn_enable_11n) { 594 device_printf(self, "enabling 11n\n"); 595 ic->ic_htcaps = IEEE80211_HTC_HT | 596 IEEE80211_HTC_AMPDU | 597 IEEE80211_HTC_AMSDU | 598 IEEE80211_HTCAP_MAXAMSDU_3839 | 599 IEEE80211_HTCAP_SMPS_OFF; 600 /* no HT40 just yet */ 601 // ic->ic_htcaps |= IEEE80211_HTCAP_CHWIDTH40; 602 603 /* XXX TODO: verify chains versus streams for urtwn */ 604 ic->ic_txstream = sc->ntxchains; 605 ic->ic_rxstream = sc->nrxchains; 606 } 607 608 memset(bands, 0, sizeof(bands)); 609 setbit(bands, IEEE80211_MODE_11B); 610 setbit(bands, IEEE80211_MODE_11G); 611 if (urtwn_enable_11n) 612 setbit(bands, IEEE80211_MODE_11NG); 613 ieee80211_init_channels(ic, NULL, bands); 614 615 ieee80211_ifattach(ic); 616 ic->ic_raw_xmit = urtwn_raw_xmit; 617 ic->ic_scan_start = urtwn_scan_start; 618 ic->ic_scan_end = urtwn_scan_end; 619 ic->ic_set_channel = urtwn_set_channel; 620 ic->ic_transmit = urtwn_transmit; 621 ic->ic_parent = urtwn_parent; 622 ic->ic_vap_create = urtwn_vap_create; 623 ic->ic_vap_delete = urtwn_vap_delete; 624 ic->ic_wme.wme_update = urtwn_wme_update; 625 ic->ic_updateslot = urtwn_update_slot; 626 ic->ic_update_promisc = urtwn_update_promisc; 627 ic->ic_update_mcast = urtwn_update_mcast; 628 if (sc->chip & URTWN_CHIP_88E) { 629 ic->ic_node_alloc = urtwn_r88e_node_alloc; 630 ic->ic_newassoc = urtwn_r88e_newassoc; 631 sc->sc_node_free = ic->ic_node_free; 632 ic->ic_node_free = urtwn_r88e_node_free; 633 } 634 ic->ic_update_chw = urtwn_update_chw; 635 ic->ic_ampdu_enable = urtwn_ampdu_enable; 636 637 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr, 638 sizeof(sc->sc_txtap), URTWN_TX_RADIOTAP_PRESENT, 639 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 640 URTWN_RX_RADIOTAP_PRESENT); 641 642 TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc); 643 644 urtwn_sysctlattach(sc); 645 646 if (bootverbose) 647 ieee80211_announce(ic); 648 649 return (0); 650 651detach: 652 urtwn_detach(self); 653 return (ENXIO); /* failure */ 654} 655 656static void 657urtwn_sysctlattach(struct urtwn_softc *sc) 658{ 659#ifdef USB_DEBUG 660 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 661 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 662 663 SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 664 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug, 665 "control debugging printfs"); 666#endif 667} 668 669static int 670urtwn_detach(device_t self) 671{ 672 struct urtwn_softc *sc = device_get_softc(self); 673 struct ieee80211com *ic = &sc->sc_ic; 674 unsigned int x; 675 676 /* Prevent further ioctls. */ 677 URTWN_LOCK(sc); 678 sc->sc_flags |= URTWN_DETACHED; 679 URTWN_UNLOCK(sc); 680 681 urtwn_stop(sc); 682 683 callout_drain(&sc->sc_watchdog_ch); 684 callout_drain(&sc->sc_calib_to); 685 686 /* stop all USB transfers */ 687 usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER); 688 689 /* Prevent further allocations from RX/TX data lists. */ 690 URTWN_LOCK(sc); 691 STAILQ_INIT(&sc->sc_tx_active); 692 STAILQ_INIT(&sc->sc_tx_inactive); 693 STAILQ_INIT(&sc->sc_tx_pending); 694 695 STAILQ_INIT(&sc->sc_rx_active); 696 STAILQ_INIT(&sc->sc_rx_inactive); 697 URTWN_UNLOCK(sc); 698 699 /* drain USB transfers */ 700 for (x = 0; x != URTWN_N_TRANSFER; x++) 701 usbd_transfer_drain(sc->sc_xfer[x]); 702 703 /* Free data buffers. */ 704 URTWN_LOCK(sc); 705 urtwn_free_tx_list(sc); 706 urtwn_free_rx_list(sc); 707 URTWN_UNLOCK(sc); 708 709 if (ic->ic_softc == sc) { 710 ieee80211_draintask(ic, &sc->cmdq_task); 711 ieee80211_ifdetach(ic); 712 } 713 714 URTWN_NT_LOCK_DESTROY(sc); 715 URTWN_CMDQ_LOCK_DESTROY(sc); 716 mtx_destroy(&sc->sc_mtx); 717 718 return (0); 719} 720 721static void 722urtwn_drain_mbufq(struct urtwn_softc *sc) 723{ 724 struct mbuf *m; 725 struct ieee80211_node *ni; 726 URTWN_ASSERT_LOCKED(sc); 727 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 728 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 729 m->m_pkthdr.rcvif = NULL; 730 ieee80211_free_node(ni); 731 m_freem(m); 732 } 733} 734 735static usb_error_t 736urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req, 737 void *data) 738{ 739 usb_error_t err; 740 int ntries = 10; 741 742 URTWN_ASSERT_LOCKED(sc); 743 744 while (ntries--) { 745 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 746 req, data, 0, NULL, 250 /* ms */); 747 if (err == 0) 748 break; 749 750 URTWN_DPRINTF(sc, URTWN_DEBUG_USB, 751 "%s: control request failed, %s (retries left: %d)\n", 752 __func__, usbd_errstr(err), ntries); 753 usb_pause_mtx(&sc->sc_mtx, hz / 100); 754 } 755 return (err); 756} 757 758static struct ieee80211vap * 759urtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 760 enum ieee80211_opmode opmode, int flags, 761 const uint8_t bssid[IEEE80211_ADDR_LEN], 762 const uint8_t mac[IEEE80211_ADDR_LEN]) 763{ 764 struct urtwn_softc *sc = ic->ic_softc; 765 struct urtwn_vap *uvp; 766 struct ieee80211vap *vap; 767 768 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 769 return (NULL); 770 771 uvp = malloc(sizeof(struct urtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO); 772 vap = &uvp->vap; 773 /* enable s/w bmiss handling for sta mode */ 774 775 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 776 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) { 777 /* out of memory */ 778 free(uvp, M_80211_VAP); 779 return (NULL); 780 } 781 782 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS) 783 urtwn_init_beacon(sc, uvp); 784 785 /* override state transition machine */ 786 uvp->newstate = vap->iv_newstate; 787 vap->iv_newstate = urtwn_newstate; 788 vap->iv_update_beacon = urtwn_update_beacon; 789 vap->iv_key_alloc = urtwn_key_alloc; 790 vap->iv_key_set = urtwn_key_set; 791 vap->iv_key_delete = urtwn_key_delete; 792 if (opmode == IEEE80211_M_IBSS) { 793 uvp->recv_mgmt = vap->iv_recv_mgmt; 794 vap->iv_recv_mgmt = urtwn_ibss_recv_mgmt; 795 TASK_INIT(&uvp->tsf_task_adhoc, 0, urtwn_tsf_task_adhoc, vap); 796 } 797 798 if (URTWN_CHIP_HAS_RATECTL(sc)) 799 ieee80211_ratectl_init(vap); 800 /* complete setup */ 801 ieee80211_vap_attach(vap, ieee80211_media_change, 802 ieee80211_media_status, mac); 803 ic->ic_opmode = opmode; 804 return (vap); 805} 806 807static void 808urtwn_vap_delete(struct ieee80211vap *vap) 809{ 810 struct ieee80211com *ic = vap->iv_ic; 811 struct urtwn_softc *sc = ic->ic_softc; 812 struct urtwn_vap *uvp = URTWN_VAP(vap); 813 814 if (uvp->bcn_mbuf != NULL) 815 m_freem(uvp->bcn_mbuf); 816 if (vap->iv_opmode == IEEE80211_M_IBSS) 817 ieee80211_draintask(ic, &uvp->tsf_task_adhoc); 818 if (URTWN_CHIP_HAS_RATECTL(sc)) 819 ieee80211_ratectl_deinit(vap); 820 ieee80211_vap_detach(vap); 821 free(uvp, M_80211_VAP); 822} 823 824static struct mbuf * 825urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat, 826 int totlen) 827{ 828 struct ieee80211com *ic = &sc->sc_ic; 829 struct mbuf *m; 830 uint32_t rxdw0; 831 int pktlen; 832 833 /* 834 * don't pass packets to the ieee80211 framework if the driver isn't 835 * RUNNING. 836 */ 837 if (!(sc->sc_flags & URTWN_RUNNING)) 838 return (NULL); 839 840 rxdw0 = le32toh(stat->rxdw0); 841 if (rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR)) { 842 /* 843 * This should not happen since we setup our Rx filter 844 * to not receive these frames. 845 */ 846 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 847 "%s: RX flags error (%s)\n", __func__, 848 rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV"); 849 goto fail; 850 } 851 852 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 853 if (pktlen < sizeof(struct ieee80211_frame_ack)) { 854 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 855 "%s: frame is too short: %d\n", __func__, pktlen); 856 goto fail; 857 } 858 859 if (__predict_false(totlen > MCLBYTES)) { 860 /* convert to m_getjcl if this happens */ 861 device_printf(sc->sc_dev, "%s: frame too long: %d (%d)\n", 862 __func__, pktlen, totlen); 863 goto fail; 864 } 865 866 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 867 if (__predict_false(m == NULL)) { 868 device_printf(sc->sc_dev, "%s: could not allocate RX mbuf\n", 869 __func__); 870 goto fail; 871 } 872 873 /* Finalize mbuf. */ 874 memcpy(mtod(m, uint8_t *), (uint8_t *)stat, totlen); 875 m->m_pkthdr.len = m->m_len = totlen; 876 877 return (m); 878fail: 879 counter_u64_add(ic->ic_ierrors, 1); 880 return (NULL); 881} 882 883static struct mbuf * 884urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data) 885{ 886 struct urtwn_softc *sc = data->sc; 887 struct ieee80211com *ic = &sc->sc_ic; 888 struct r92c_rx_stat *stat; 889 uint8_t *buf; 890 int len; 891 892 usbd_xfer_status(xfer, &len, NULL, NULL, NULL); 893 894 if (len < sizeof(*stat)) { 895 counter_u64_add(ic->ic_ierrors, 1); 896 return (NULL); 897 } 898 899 buf = data->buf; 900 stat = (struct r92c_rx_stat *)buf; 901 902 /* 903 * For 88E chips we can tie the FF flushing here; 904 * this is where we do know exactly how deep the 905 * transmit queue is. 906 * 907 * But it won't work for R92 chips, so we can't 908 * take the easy way out. 909 */ 910 911 if (sc->chip & URTWN_CHIP_88E) { 912 int report_sel = MS(le32toh(stat->rxdw3), R88E_RXDW3_RPT); 913 914 switch (report_sel) { 915 case R88E_RXDW3_RPT_RX: 916 return (urtwn_rxeof(sc, buf, len)); 917 case R88E_RXDW3_RPT_TX1: 918 urtwn_r88e_ratectl_tx_complete(sc, &stat[1]); 919 break; 920 default: 921 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, 922 "%s: case %d was not handled\n", __func__, 923 report_sel); 924 break; 925 } 926 } else 927 return (urtwn_rxeof(sc, buf, len)); 928 929 return (NULL); 930} 931 932static struct mbuf * 933urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len) 934{ 935 struct r92c_rx_stat *stat; 936 struct mbuf *m, *m0 = NULL, *prevm = NULL; 937 uint32_t rxdw0; 938 int totlen, pktlen, infosz, npkts; 939 940 /* Get the number of encapsulated frames. */ 941 stat = (struct r92c_rx_stat *)buf; 942 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT); 943 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV, 944 "%s: Rx %d frames in one chunk\n", __func__, npkts); 945 946 /* Process all of them. */ 947 while (npkts-- > 0) { 948 if (len < sizeof(*stat)) 949 break; 950 stat = (struct r92c_rx_stat *)buf; 951 rxdw0 = le32toh(stat->rxdw0); 952 953 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 954 if (pktlen == 0) 955 break; 956 957 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 958 959 /* Make sure everything fits in xfer. */ 960 totlen = sizeof(*stat) + infosz + pktlen; 961 if (totlen > len) 962 break; 963 964 m = urtwn_rx_copy_to_mbuf(sc, stat, totlen); 965 if (m0 == NULL) 966 m0 = m; 967 if (prevm == NULL) 968 prevm = m; 969 else { 970 prevm->m_next = m; 971 prevm = m; 972 } 973 974 /* Next chunk is 128-byte aligned. */ 975 totlen = (totlen + 127) & ~127; 976 buf += totlen; 977 len -= totlen; 978 } 979 980 return (m0); 981} 982 983static void 984urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg) 985{ 986 struct r88e_tx_rpt_ccx *rpt = arg; 987 struct ieee80211vap *vap; 988 struct ieee80211_node *ni; 989 uint8_t macid; 990 int ntries; 991 992 macid = MS(rpt->rptb1, R88E_RPTB1_MACID); 993 ntries = MS(rpt->rptb2, R88E_RPTB2_RETRY_CNT); 994 995 URTWN_NT_LOCK(sc); 996 ni = sc->node_list[macid]; 997 if (ni != NULL) { 998 vap = ni->ni_vap; 999 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: frame for macid %d was" 1000 "%s sent (%d retries)\n", __func__, macid, 1001 (rpt->rptb1 & R88E_RPTB1_PKT_OK) ? "" : " not", 1002 ntries); 1003 1004 if (rpt->rptb1 & R88E_RPTB1_PKT_OK) { 1005 ieee80211_ratectl_tx_complete(vap, ni, 1006 IEEE80211_RATECTL_TX_SUCCESS, &ntries, NULL); 1007 } else { 1008 ieee80211_ratectl_tx_complete(vap, ni, 1009 IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL); 1010 } 1011 } else { 1012 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: macid %d, ni is NULL\n", 1013 __func__, macid); 1014 } 1015 URTWN_NT_UNLOCK(sc); 1016} 1017 1018static struct ieee80211_node * 1019urtwn_rx_frame(struct urtwn_softc *sc, struct mbuf *m, int8_t *rssi_p) 1020{ 1021 struct ieee80211com *ic = &sc->sc_ic; 1022 struct ieee80211_frame_min *wh; 1023 struct r92c_rx_stat *stat; 1024 uint32_t rxdw0, rxdw3; 1025 uint8_t rate, cipher; 1026 int8_t rssi = URTWN_NOISE_FLOOR + 1; 1027 int infosz; 1028 1029 stat = mtod(m, struct r92c_rx_stat *); 1030 rxdw0 = le32toh(stat->rxdw0); 1031 rxdw3 = le32toh(stat->rxdw3); 1032 1033 rate = MS(rxdw3, R92C_RXDW3_RATE); 1034 cipher = MS(rxdw0, R92C_RXDW0_CIPHER); 1035 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 1036 1037 /* Get RSSI from PHY status descriptor if present. */ 1038 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) { 1039 if (sc->chip & URTWN_CHIP_88E) 1040 rssi = urtwn_r88e_get_rssi(sc, rate, &stat[1]); 1041 else 1042 rssi = urtwn_get_rssi(sc, rate, &stat[1]); 1043 /* Update our average RSSI. */ 1044 urtwn_update_avgrssi(sc, rate, rssi); 1045 } 1046 1047 if (ieee80211_radiotap_active(ic)) { 1048 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap; 1049 1050 tap->wr_flags = 0; 1051 1052 urtwn_get_tsf(sc, &tap->wr_tsft); 1053 if (__predict_false(le32toh((uint32_t)tap->wr_tsft) < 1054 le32toh(stat->rxdw5))) { 1055 tap->wr_tsft = le32toh(tap->wr_tsft >> 32) - 1; 1056 tap->wr_tsft = (uint64_t)htole32(tap->wr_tsft) << 32; 1057 } else 1058 tap->wr_tsft &= 0xffffffff00000000; 1059 tap->wr_tsft += stat->rxdw5; 1060 1061 /* XXX 20/40? */ 1062 /* XXX shortgi? */ 1063 1064 /* Map HW rate index to 802.11 rate. */ 1065 if (!(rxdw3 & R92C_RXDW3_HT)) { 1066 tap->wr_rate = ridx2rate[rate]; 1067 } else if (rate >= 12) { /* MCS0~15. */ 1068 /* Bit 7 set means HT MCS instead of rate. */ 1069 tap->wr_rate = 0x80 | (rate - 12); 1070 } 1071 tap->wr_dbm_antsignal = rssi; 1072 tap->wr_dbm_antnoise = URTWN_NOISE_FLOOR; 1073 } 1074 1075 *rssi_p = rssi; 1076 1077 /* Drop descriptor. */ 1078 m_adj(m, sizeof(*stat) + infosz); 1079 wh = mtod(m, struct ieee80211_frame_min *); 1080 1081 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) && 1082 cipher != R92C_CAM_ALGO_NONE) { 1083 m->m_flags |= M_WEP; 1084 } 1085 1086 if (m->m_len >= sizeof(*wh)) 1087 return (ieee80211_find_rxnode(ic, wh)); 1088 1089 return (NULL); 1090} 1091 1092static void 1093urtwn_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 1094{ 1095 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 1096 struct ieee80211com *ic = &sc->sc_ic; 1097 struct ieee80211_node *ni; 1098 struct mbuf *m = NULL, *next; 1099 struct urtwn_data *data; 1100 int8_t nf, rssi; 1101 1102 URTWN_ASSERT_LOCKED(sc); 1103 1104 switch (USB_GET_STATE(xfer)) { 1105 case USB_ST_TRANSFERRED: 1106 data = STAILQ_FIRST(&sc->sc_rx_active); 1107 if (data == NULL) 1108 goto tr_setup; 1109 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1110 m = urtwn_report_intr(xfer, data); 1111 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1112 /* FALLTHROUGH */ 1113 case USB_ST_SETUP: 1114tr_setup: 1115 data = STAILQ_FIRST(&sc->sc_rx_inactive); 1116 if (data == NULL) { 1117 KASSERT(m == NULL, ("mbuf isn't NULL")); 1118 goto finish; 1119 } 1120 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 1121 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 1122 usbd_xfer_set_frame_data(xfer, 0, data->buf, 1123 usbd_xfer_max_len(xfer)); 1124 usbd_transfer_submit(xfer); 1125 1126 /* 1127 * To avoid LOR we should unlock our private mutex here to call 1128 * ieee80211_input() because here is at the end of a USB 1129 * callback and safe to unlock. 1130 */ 1131 while (m != NULL) { 1132 next = m->m_next; 1133 m->m_next = NULL; 1134 1135 ni = urtwn_rx_frame(sc, m, &rssi); 1136 URTWN_UNLOCK(sc); 1137 1138 nf = URTWN_NOISE_FLOOR; 1139 if (ni != NULL) { 1140 if (ni->ni_flags & IEEE80211_NODE_HT) 1141 m->m_flags |= M_AMPDU; 1142 (void)ieee80211_input(ni, m, rssi - nf, nf); 1143 ieee80211_free_node(ni); 1144 } else { 1145 (void)ieee80211_input_all(ic, m, rssi - nf, 1146 nf); 1147 } 1148 URTWN_LOCK(sc); 1149 m = next; 1150 } 1151 break; 1152 default: 1153 /* needs it to the inactive queue due to a error. */ 1154 data = STAILQ_FIRST(&sc->sc_rx_active); 1155 if (data != NULL) { 1156 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1157 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1158 } 1159 if (error != USB_ERR_CANCELLED) { 1160 usbd_xfer_set_stall(xfer); 1161 counter_u64_add(ic->ic_ierrors, 1); 1162 goto tr_setup; 1163 } 1164 break; 1165 } 1166finish: 1167 /* Finished receive; age anything left on the FF queue by a little bump */ 1168 /* 1169 * XXX TODO: just make this a callout timer schedule so we can 1170 * flush the FF staging queue if we're approaching idle. 1171 */ 1172#ifdef IEEE80211_SUPPORT_SUPERG 1173 URTWN_UNLOCK(sc); 1174 ieee80211_ff_age_all(ic, 1); 1175 URTWN_LOCK(sc); 1176#endif 1177 1178 /* Kick-start more transmit in case we stalled */ 1179 urtwn_start(sc); 1180} 1181 1182static void 1183urtwn_txeof(struct urtwn_softc *sc, struct urtwn_data *data, int status) 1184{ 1185 1186 URTWN_ASSERT_LOCKED(sc); 1187 1188 if (data->ni != NULL) /* not a beacon frame */ 1189 ieee80211_tx_complete(data->ni, data->m, status); 1190 1191 if (sc->sc_tx_n_active > 0) 1192 sc->sc_tx_n_active--; 1193 1194 data->ni = NULL; 1195 data->m = NULL; 1196 1197 sc->sc_txtimer = 0; 1198 1199 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1200} 1201 1202static int 1203urtwn_alloc_list(struct urtwn_softc *sc, struct urtwn_data data[], 1204 int ndata, int maxsz) 1205{ 1206 int i, error; 1207 1208 for (i = 0; i < ndata; i++) { 1209 struct urtwn_data *dp = &data[i]; 1210 dp->sc = sc; 1211 dp->m = NULL; 1212 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT); 1213 if (dp->buf == NULL) { 1214 device_printf(sc->sc_dev, 1215 "could not allocate buffer\n"); 1216 error = ENOMEM; 1217 goto fail; 1218 } 1219 dp->ni = NULL; 1220 } 1221 1222 return (0); 1223fail: 1224 urtwn_free_list(sc, data, ndata); 1225 return (error); 1226} 1227 1228static int 1229urtwn_alloc_rx_list(struct urtwn_softc *sc) 1230{ 1231 int error, i; 1232 1233 error = urtwn_alloc_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT, 1234 URTWN_RXBUFSZ); 1235 if (error != 0) 1236 return (error); 1237 1238 STAILQ_INIT(&sc->sc_rx_active); 1239 STAILQ_INIT(&sc->sc_rx_inactive); 1240 1241 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) 1242 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next); 1243 1244 return (0); 1245} 1246 1247static int 1248urtwn_alloc_tx_list(struct urtwn_softc *sc) 1249{ 1250 int error, i; 1251 1252 error = urtwn_alloc_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT, 1253 URTWN_TXBUFSZ); 1254 if (error != 0) 1255 return (error); 1256 1257 STAILQ_INIT(&sc->sc_tx_active); 1258 STAILQ_INIT(&sc->sc_tx_inactive); 1259 STAILQ_INIT(&sc->sc_tx_pending); 1260 1261 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) 1262 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next); 1263 1264 return (0); 1265} 1266 1267static void 1268urtwn_free_list(struct urtwn_softc *sc, struct urtwn_data data[], int ndata) 1269{ 1270 int i; 1271 1272 for (i = 0; i < ndata; i++) { 1273 struct urtwn_data *dp = &data[i]; 1274 1275 if (dp->buf != NULL) { 1276 free(dp->buf, M_USBDEV); 1277 dp->buf = NULL; 1278 } 1279 if (dp->ni != NULL) { 1280 ieee80211_free_node(dp->ni); 1281 dp->ni = NULL; 1282 } 1283 } 1284} 1285 1286static void 1287urtwn_free_rx_list(struct urtwn_softc *sc) 1288{ 1289 urtwn_free_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT); 1290} 1291 1292static void 1293urtwn_free_tx_list(struct urtwn_softc *sc) 1294{ 1295 urtwn_free_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT); 1296} 1297 1298static void 1299urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) 1300{ 1301 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 1302#ifdef IEEE80211_SUPPORT_SUPERG 1303 struct ieee80211com *ic = &sc->sc_ic; 1304#endif 1305 struct urtwn_data *data; 1306 1307 URTWN_ASSERT_LOCKED(sc); 1308 1309 switch (USB_GET_STATE(xfer)){ 1310 case USB_ST_TRANSFERRED: 1311 data = STAILQ_FIRST(&sc->sc_tx_active); 1312 if (data == NULL) 1313 goto tr_setup; 1314 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1315 urtwn_txeof(sc, data, 0); 1316 /* FALLTHROUGH */ 1317 case USB_ST_SETUP: 1318tr_setup: 1319 data = STAILQ_FIRST(&sc->sc_tx_pending); 1320 if (data == NULL) { 1321 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, 1322 "%s: empty pending queue\n", __func__); 1323 sc->sc_tx_n_active = 0; 1324 goto finish; 1325 } 1326 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); 1327 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next); 1328 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 1329 usbd_transfer_submit(xfer); 1330 sc->sc_tx_n_active++; 1331 break; 1332 default: 1333 data = STAILQ_FIRST(&sc->sc_tx_active); 1334 if (data == NULL) 1335 goto tr_setup; 1336 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1337 urtwn_txeof(sc, data, 1); 1338 if (error != USB_ERR_CANCELLED) { 1339 usbd_xfer_set_stall(xfer); 1340 goto tr_setup; 1341 } 1342 break; 1343 } 1344finish: 1345#ifdef IEEE80211_SUPPORT_SUPERG 1346 /* 1347 * If the TX active queue drops below a certain 1348 * threshold, ensure we age fast-frames out so they're 1349 * transmitted. 1350 */ 1351 if (sc->sc_tx_n_active <= 1) { 1352 /* XXX ew - net80211 should defer this for us! */ 1353 1354 /* 1355 * Note: this sc_tx_n_active currently tracks 1356 * the number of pending transmit submissions 1357 * and not the actual depth of the TX frames 1358 * pending to the hardware. That means that 1359 * we're going to end up with some sub-optimal 1360 * aggregation behaviour. 1361 */ 1362 /* 1363 * XXX TODO: just make this a callout timer schedule so we can 1364 * flush the FF staging queue if we're approaching idle. 1365 */ 1366 URTWN_UNLOCK(sc); 1367 ieee80211_ff_flush(ic, WME_AC_VO); 1368 ieee80211_ff_flush(ic, WME_AC_VI); 1369 ieee80211_ff_flush(ic, WME_AC_BE); 1370 ieee80211_ff_flush(ic, WME_AC_BK); 1371 URTWN_LOCK(sc); 1372 } 1373#endif 1374 /* Kick-start more transmit */ 1375 urtwn_start(sc); 1376} 1377 1378static struct urtwn_data * 1379_urtwn_getbuf(struct urtwn_softc *sc) 1380{ 1381 struct urtwn_data *bf; 1382 1383 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 1384 if (bf != NULL) 1385 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 1386 else { 1387 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, 1388 "%s: out of xmit buffers\n", __func__); 1389 } 1390 return (bf); 1391} 1392 1393static struct urtwn_data * 1394urtwn_getbuf(struct urtwn_softc *sc) 1395{ 1396 struct urtwn_data *bf; 1397 1398 URTWN_ASSERT_LOCKED(sc); 1399 1400 bf = _urtwn_getbuf(sc); 1401 if (bf == NULL) { 1402 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: stop queue\n", 1403 __func__); 1404 } 1405 return (bf); 1406} 1407 1408static usb_error_t 1409urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1410 int len) 1411{ 1412 usb_device_request_t req; 1413 1414 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1415 req.bRequest = R92C_REQ_REGS; 1416 USETW(req.wValue, addr); 1417 USETW(req.wIndex, 0); 1418 USETW(req.wLength, len); 1419 return (urtwn_do_request(sc, &req, buf)); 1420} 1421 1422static usb_error_t 1423urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val) 1424{ 1425 return (urtwn_write_region_1(sc, addr, &val, sizeof(val))); 1426} 1427 1428static usb_error_t 1429urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val) 1430{ 1431 val = htole16(val); 1432 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1433} 1434 1435static usb_error_t 1436urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val) 1437{ 1438 val = htole32(val); 1439 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1440} 1441 1442static usb_error_t 1443urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1444 int len) 1445{ 1446 usb_device_request_t req; 1447 1448 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1449 req.bRequest = R92C_REQ_REGS; 1450 USETW(req.wValue, addr); 1451 USETW(req.wIndex, 0); 1452 USETW(req.wLength, len); 1453 return (urtwn_do_request(sc, &req, buf)); 1454} 1455 1456static uint8_t 1457urtwn_read_1(struct urtwn_softc *sc, uint16_t addr) 1458{ 1459 uint8_t val; 1460 1461 if (urtwn_read_region_1(sc, addr, &val, 1) != 0) 1462 return (0xff); 1463 return (val); 1464} 1465 1466static uint16_t 1467urtwn_read_2(struct urtwn_softc *sc, uint16_t addr) 1468{ 1469 uint16_t val; 1470 1471 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 2) != 0) 1472 return (0xffff); 1473 return (le16toh(val)); 1474} 1475 1476static uint32_t 1477urtwn_read_4(struct urtwn_softc *sc, uint16_t addr) 1478{ 1479 uint32_t val; 1480 1481 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 4) != 0) 1482 return (0xffffffff); 1483 return (le32toh(val)); 1484} 1485 1486static int 1487urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len) 1488{ 1489 struct r92c_fw_cmd cmd; 1490 usb_error_t error; 1491 int ntries; 1492 1493 if (!(sc->sc_flags & URTWN_FW_LOADED)) { 1494 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, "%s: firmware " 1495 "was not loaded; command (id %d) will be discarded\n", 1496 __func__, id); 1497 return (0); 1498 } 1499 1500 /* Wait for current FW box to be empty. */ 1501 for (ntries = 0; ntries < 100; ntries++) { 1502 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << sc->fwcur))) 1503 break; 1504 urtwn_ms_delay(sc); 1505 } 1506 if (ntries == 100) { 1507 device_printf(sc->sc_dev, 1508 "could not send firmware command\n"); 1509 return (ETIMEDOUT); 1510 } 1511 memset(&cmd, 0, sizeof(cmd)); 1512 cmd.id = id; 1513 if (len > 3) 1514 cmd.id |= R92C_CMD_FLAG_EXT; 1515 KASSERT(len <= sizeof(cmd.msg), ("urtwn_fw_cmd\n")); 1516 memcpy(cmd.msg, buf, len); 1517 1518 /* Write the first word last since that will trigger the FW. */ 1519 error = urtwn_write_region_1(sc, R92C_HMEBOX_EXT(sc->fwcur), 1520 (uint8_t *)&cmd + 4, 2); 1521 if (error != USB_ERR_NORMAL_COMPLETION) 1522 return (EIO); 1523 error = urtwn_write_region_1(sc, R92C_HMEBOX(sc->fwcur), 1524 (uint8_t *)&cmd + 0, 4); 1525 if (error != USB_ERR_NORMAL_COMPLETION) 1526 return (EIO); 1527 1528 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX; 1529 return (0); 1530} 1531 1532static void 1533urtwn_cmdq_cb(void *arg, int pending) 1534{ 1535 struct urtwn_softc *sc = arg; 1536 struct urtwn_cmdq *item; 1537 1538 /* 1539 * Device must be powered on (via urtwn_power_on()) 1540 * before any command may be sent. 1541 */ 1542 URTWN_LOCK(sc); 1543 if (!(sc->sc_flags & URTWN_RUNNING)) { 1544 URTWN_UNLOCK(sc); 1545 return; 1546 } 1547 1548 URTWN_CMDQ_LOCK(sc); 1549 while (sc->cmdq[sc->cmdq_first].func != NULL) { 1550 item = &sc->cmdq[sc->cmdq_first]; 1551 sc->cmdq_first = (sc->cmdq_first + 1) % URTWN_CMDQ_SIZE; 1552 URTWN_CMDQ_UNLOCK(sc); 1553 1554 item->func(sc, &item->data); 1555 1556 URTWN_CMDQ_LOCK(sc); 1557 memset(item, 0, sizeof (*item)); 1558 } 1559 URTWN_CMDQ_UNLOCK(sc); 1560 URTWN_UNLOCK(sc); 1561} 1562 1563static int 1564urtwn_cmd_sleepable(struct urtwn_softc *sc, const void *ptr, size_t len, 1565 CMD_FUNC_PROTO) 1566{ 1567 struct ieee80211com *ic = &sc->sc_ic; 1568 1569 KASSERT(len <= sizeof(union sec_param), ("buffer overflow")); 1570 1571 URTWN_CMDQ_LOCK(sc); 1572 if (sc->cmdq[sc->cmdq_last].func != NULL) { 1573 device_printf(sc->sc_dev, "%s: cmdq overflow\n", __func__); 1574 URTWN_CMDQ_UNLOCK(sc); 1575 1576 return (EAGAIN); 1577 } 1578 1579 if (ptr != NULL) 1580 memcpy(&sc->cmdq[sc->cmdq_last].data, ptr, len); 1581 sc->cmdq[sc->cmdq_last].func = func; 1582 sc->cmdq_last = (sc->cmdq_last + 1) % URTWN_CMDQ_SIZE; 1583 URTWN_CMDQ_UNLOCK(sc); 1584 1585 ieee80211_runtask(ic, &sc->cmdq_task); 1586 1587 return (0); 1588} 1589 1590static __inline void 1591urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val) 1592{ 1593 1594 sc->sc_rf_write(sc, chain, addr, val); 1595} 1596 1597static void 1598urtwn_r92c_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1599 uint32_t val) 1600{ 1601 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1602 SM(R92C_LSSI_PARAM_ADDR, addr) | 1603 SM(R92C_LSSI_PARAM_DATA, val)); 1604} 1605 1606static void 1607urtwn_r88e_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1608uint32_t val) 1609{ 1610 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1611 SM(R88E_LSSI_PARAM_ADDR, addr) | 1612 SM(R92C_LSSI_PARAM_DATA, val)); 1613} 1614 1615static uint32_t 1616urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr) 1617{ 1618 uint32_t reg[R92C_MAX_CHAINS], val; 1619 1620 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)); 1621 if (chain != 0) 1622 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain)); 1623 1624 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1625 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE); 1626 urtwn_ms_delay(sc); 1627 1628 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain), 1629 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) | 1630 R92C_HSSI_PARAM2_READ_EDGE); 1631 urtwn_ms_delay(sc); 1632 1633 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1634 reg[0] | R92C_HSSI_PARAM2_READ_EDGE); 1635 urtwn_ms_delay(sc); 1636 1637 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI) 1638 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain)); 1639 else 1640 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain)); 1641 return (MS(val, R92C_LSSI_READBACK_DATA)); 1642} 1643 1644static int 1645urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 1646{ 1647 usb_error_t error; 1648 int ntries; 1649 1650 error = urtwn_write_4(sc, R92C_LLT_INIT, 1651 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) | 1652 SM(R92C_LLT_INIT_ADDR, addr) | 1653 SM(R92C_LLT_INIT_DATA, data)); 1654 if (error != USB_ERR_NORMAL_COMPLETION) 1655 return (EIO); 1656 /* Wait for write operation to complete. */ 1657 for (ntries = 0; ntries < 20; ntries++) { 1658 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) == 1659 R92C_LLT_INIT_OP_NO_ACTIVE) 1660 return (0); 1661 urtwn_ms_delay(sc); 1662 } 1663 return (ETIMEDOUT); 1664} 1665 1666static int 1667urtwn_efuse_read_next(struct urtwn_softc *sc, uint8_t *val) 1668{ 1669 uint32_t reg; 1670 usb_error_t error; 1671 int ntries; 1672 1673 if (sc->last_rom_addr >= URTWN_EFUSE_MAX_LEN) 1674 return (EFAULT); 1675 1676 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1677 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, sc->last_rom_addr); 1678 reg &= ~R92C_EFUSE_CTRL_VALID; 1679 1680 error = urtwn_write_4(sc, R92C_EFUSE_CTRL, reg); 1681 if (error != USB_ERR_NORMAL_COMPLETION) 1682 return (EIO); 1683 /* Wait for read operation to complete. */ 1684 for (ntries = 0; ntries < 100; ntries++) { 1685 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1686 if (reg & R92C_EFUSE_CTRL_VALID) 1687 break; 1688 urtwn_ms_delay(sc); 1689 } 1690 if (ntries == 100) { 1691 device_printf(sc->sc_dev, 1692 "could not read efuse byte at address 0x%x\n", 1693 sc->last_rom_addr); 1694 return (ETIMEDOUT); 1695 } 1696 1697 *val = MS(reg, R92C_EFUSE_CTRL_DATA); 1698 sc->last_rom_addr++; 1699 1700 return (0); 1701} 1702 1703static int 1704urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off, 1705 uint8_t msk) 1706{ 1707 uint8_t reg; 1708 int i, error; 1709 1710 for (i = 0; i < 4; i++) { 1711 if (msk & (1 << i)) 1712 continue; 1713 error = urtwn_efuse_read_next(sc, ®); 1714 if (error != 0) 1715 return (error); 1716 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n", 1717 off * 8 + i * 2, reg); 1718 rom[off * 8 + i * 2 + 0] = reg; 1719 1720 error = urtwn_efuse_read_next(sc, ®); 1721 if (error != 0) 1722 return (error); 1723 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n", 1724 off * 8 + i * 2 + 1, reg); 1725 rom[off * 8 + i * 2 + 1] = reg; 1726 } 1727 1728 return (0); 1729} 1730 1731#ifdef USB_DEBUG 1732static void 1733urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1734{ 1735 int i; 1736 1737 /* Dump ROM contents. */ 1738 device_printf(sc->sc_dev, "%s:", __func__); 1739 for (i = 0; i < size; i++) { 1740 if (i % 32 == 0) 1741 printf("\n%03X: ", i); 1742 else if (i % 4 == 0) 1743 printf(" "); 1744 1745 printf("%02X", rom[i]); 1746 } 1747 printf("\n"); 1748} 1749#endif 1750 1751static int 1752urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1753{ 1754#define URTWN_CHK(res) do { \ 1755 if ((error = res) != 0) \ 1756 goto end; \ 1757} while(0) 1758 uint8_t msk, off, reg; 1759 int error; 1760 1761 URTWN_CHK(urtwn_efuse_switch_power(sc)); 1762 1763 /* Read full ROM image. */ 1764 sc->last_rom_addr = 0; 1765 memset(rom, 0xff, size); 1766 1767 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1768 while (reg != 0xff) { 1769 /* check for extended header */ 1770 if ((sc->chip & URTWN_CHIP_88E) && (reg & 0x1f) == 0x0f) { 1771 off = reg >> 5; 1772 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1773 1774 if ((reg & 0x0f) != 0x0f) 1775 off = ((reg & 0xf0) >> 1) | off; 1776 else 1777 continue; 1778 } else 1779 off = reg >> 4; 1780 msk = reg & 0xf; 1781 1782 URTWN_CHK(urtwn_efuse_read_data(sc, rom, off, msk)); 1783 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1784 } 1785 1786end: 1787 1788#ifdef USB_DEBUG 1789 if (sc->sc_debug & URTWN_DEBUG_ROM) 1790 urtwn_dump_rom_contents(sc, rom, size); 1791#endif 1792 1793 urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_OFF); 1794 1795 if (error != 0) { 1796 device_printf(sc->sc_dev, "%s: error while reading ROM\n", 1797 __func__); 1798 } 1799 1800 return (error); 1801#undef URTWN_CHK 1802} 1803 1804static int 1805urtwn_efuse_switch_power(struct urtwn_softc *sc) 1806{ 1807 usb_error_t error; 1808 uint32_t reg; 1809 1810 error = urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_ON); 1811 if (error != USB_ERR_NORMAL_COMPLETION) 1812 return (EIO); 1813 1814 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL); 1815 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) { 1816 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 1817 reg | R92C_SYS_ISO_CTRL_PWC_EV12V); 1818 if (error != USB_ERR_NORMAL_COMPLETION) 1819 return (EIO); 1820 } 1821 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 1822 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) { 1823 error = urtwn_write_2(sc, R92C_SYS_FUNC_EN, 1824 reg | R92C_SYS_FUNC_EN_ELDR); 1825 if (error != USB_ERR_NORMAL_COMPLETION) 1826 return (EIO); 1827 } 1828 reg = urtwn_read_2(sc, R92C_SYS_CLKR); 1829 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) != 1830 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) { 1831 error = urtwn_write_2(sc, R92C_SYS_CLKR, 1832 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M); 1833 if (error != USB_ERR_NORMAL_COMPLETION) 1834 return (EIO); 1835 } 1836 1837 return (0); 1838} 1839 1840static int 1841urtwn_read_chipid(struct urtwn_softc *sc) 1842{ 1843 uint32_t reg; 1844 1845 if (sc->chip & URTWN_CHIP_88E) 1846 return (0); 1847 1848 reg = urtwn_read_4(sc, R92C_SYS_CFG); 1849 if (reg & R92C_SYS_CFG_TRP_VAUX_EN) 1850 return (EIO); 1851 1852 if (reg & R92C_SYS_CFG_TYPE_92C) { 1853 sc->chip |= URTWN_CHIP_92C; 1854 /* Check if it is a castrated 8192C. */ 1855 if (MS(urtwn_read_4(sc, R92C_HPON_FSM), 1856 R92C_HPON_FSM_CHIP_BONDING_ID) == 1857 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R) 1858 sc->chip |= URTWN_CHIP_92C_1T2R; 1859 } 1860 if (reg & R92C_SYS_CFG_VENDOR_UMC) { 1861 sc->chip |= URTWN_CHIP_UMC; 1862 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0) 1863 sc->chip |= URTWN_CHIP_UMC_A_CUT; 1864 } 1865 return (0); 1866} 1867 1868static int 1869urtwn_read_rom(struct urtwn_softc *sc) 1870{ 1871 struct r92c_rom *rom = &sc->rom.r92c_rom; 1872 int error; 1873 1874 /* Read full ROM image. */ 1875 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(*rom)); 1876 if (error != 0) 1877 return (error); 1878 1879 /* XXX Weird but this is what the vendor driver does. */ 1880 sc->last_rom_addr = 0x1fa; 1881 error = urtwn_efuse_read_next(sc, &sc->pa_setting); 1882 if (error != 0) 1883 return (error); 1884 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: PA setting=0x%x\n", __func__, 1885 sc->pa_setting); 1886 1887 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE); 1888 1889 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY); 1890 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type=%d\n", 1891 __func__, sc->regulatory); 1892 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); 1893 1894 sc->sc_rf_write = urtwn_r92c_rf_write; 1895 sc->sc_power_on = urtwn_r92c_power_on; 1896 sc->sc_power_off = urtwn_r92c_power_off; 1897 1898 return (0); 1899} 1900 1901static int 1902urtwn_r88e_read_rom(struct urtwn_softc *sc) 1903{ 1904 struct r88e_rom *rom = &sc->rom.r88e_rom; 1905 int error; 1906 1907 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(sc->rom.r88e_rom)); 1908 if (error != 0) 1909 return (error); 1910 1911 sc->bw20_tx_pwr_diff = (rom->tx_pwr_diff >> 4); 1912 if (sc->bw20_tx_pwr_diff & 0x08) 1913 sc->bw20_tx_pwr_diff |= 0xf0; 1914 sc->ofdm_tx_pwr_diff = (rom->tx_pwr_diff & 0xf); 1915 if (sc->ofdm_tx_pwr_diff & 0x08) 1916 sc->ofdm_tx_pwr_diff |= 0xf0; 1917 sc->regulatory = MS(rom->rf_board_opt, R92C_ROM_RF1_REGULATORY); 1918 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type %d\n", 1919 __func__,sc->regulatory); 1920 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); 1921 1922 sc->sc_rf_write = urtwn_r88e_rf_write; 1923 sc->sc_power_on = urtwn_r88e_power_on; 1924 sc->sc_power_off = urtwn_r88e_power_off; 1925 1926 return (0); 1927} 1928 1929/* 1930 * Initialize rate adaptation in firmware. 1931 */ 1932static int 1933urtwn_ra_init(struct urtwn_softc *sc) 1934{ 1935 struct ieee80211com *ic = &sc->sc_ic; 1936 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1937 struct ieee80211_node *ni; 1938 struct ieee80211_rateset *rs, *rs_ht; 1939 struct r92c_fw_cmd_macid_cfg cmd; 1940 uint32_t rates, basicrates; 1941 uint8_t mode; 1942 int maxrate, maxbasicrate, error, i, j; 1943 1944 ni = ieee80211_ref_node(vap->iv_bss); 1945 rs = &ni->ni_rates; 1946 rs_ht = (struct ieee80211_rateset *) &ni->ni_htrates; 1947 1948 /* Get normal and basic rates mask. */ 1949 rates = basicrates = 0; 1950 maxrate = maxbasicrate = 0; 1951 1952 /* This is for 11bg */ 1953 for (i = 0; i < rs->rs_nrates; i++) { 1954 /* Convert 802.11 rate to HW rate index. */ 1955 for (j = 0; j < nitems(ridx2rate); j++) 1956 if ((rs->rs_rates[i] & IEEE80211_RATE_VAL) == 1957 ridx2rate[j]) 1958 break; 1959 if (j == nitems(ridx2rate)) /* Unknown rate, skip. */ 1960 continue; 1961 rates |= 1 << j; 1962 if (j > maxrate) 1963 maxrate = j; 1964 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) { 1965 basicrates |= 1 << j; 1966 if (j > maxbasicrate) 1967 maxbasicrate = j; 1968 } 1969 } 1970 1971 /* If we're doing 11n, enable 11n rates */ 1972 if (ni->ni_flags & IEEE80211_NODE_HT) { 1973 for (i = 0; i < rs_ht->rs_nrates; i++) { 1974 if ((rs_ht->rs_rates[i] & 0x7f) > 0xf) 1975 continue; 1976 /* 11n rates start at index 12 */ 1977 j = ((rs_ht->rs_rates[i]) & 0xf) + 12; 1978 rates |= (1 << j); 1979 1980 /* Guard against the rate table being oddly ordered */ 1981 if (j > maxrate) 1982 maxrate = j; 1983 } 1984 } 1985 1986#if 0 1987 if (ic->ic_curmode == IEEE80211_MODE_11NG) 1988 raid = R92C_RAID_11GN; 1989#endif 1990 /* NB: group addressed frames are done at 11bg rates for now */ 1991 if (ic->ic_curmode == IEEE80211_MODE_11B) 1992 mode = R92C_RAID_11B; 1993 else 1994 mode = R92C_RAID_11BG; 1995 /* XXX misleading 'mode' value here for unicast frames */ 1996 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, 1997 "%s: mode 0x%x, rates 0x%08x, basicrates 0x%08x\n", __func__, 1998 mode, rates, basicrates); 1999 2000 /* Set rates mask for group addressed frames. */ 2001 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID; 2002 cmd.mask = htole32(mode << 28 | basicrates); 2003 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 2004 if (error != 0) { 2005 ieee80211_free_node(ni); 2006 device_printf(sc->sc_dev, 2007 "could not add broadcast station\n"); 2008 return (error); 2009 } 2010 2011 /* Set initial MRR rate. */ 2012 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxbasicrate %d\n", __func__, 2013 maxbasicrate); 2014 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC), 2015 maxbasicrate); 2016 2017 /* Set rates mask for unicast frames. */ 2018 if (ni->ni_flags & IEEE80211_NODE_HT) 2019 mode = R92C_RAID_11GN; 2020 else if (ic->ic_curmode == IEEE80211_MODE_11B) 2021 mode = R92C_RAID_11B; 2022 else 2023 mode = R92C_RAID_11BG; 2024 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID; 2025 cmd.mask = htole32(mode << 28 | rates); 2026 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 2027 if (error != 0) { 2028 ieee80211_free_node(ni); 2029 device_printf(sc->sc_dev, "could not add BSS station\n"); 2030 return (error); 2031 } 2032 /* Set initial MRR rate. */ 2033 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxrate %d\n", __func__, 2034 maxrate); 2035 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS), 2036 maxrate); 2037 2038 /* Indicate highest supported rate. */ 2039 if (ni->ni_flags & IEEE80211_NODE_HT) 2040 ni->ni_txrate = rs_ht->rs_rates[rs_ht->rs_nrates - 1] 2041 | IEEE80211_RATE_MCS; 2042 else 2043 ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1]; 2044 ieee80211_free_node(ni); 2045 2046 return (0); 2047} 2048 2049static void 2050urtwn_init_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 2051{ 2052 struct r92c_tx_desc *txd = &uvp->bcn_desc; 2053 2054 txd->txdw0 = htole32( 2055 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | R92C_TXDW0_BMCAST | 2056 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2057 txd->txdw1 = htole32( 2058 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_BEACON) | 2059 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 2060 2061 if (sc->chip & URTWN_CHIP_88E) { 2062 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 2063 txd->txdseq |= htole16(R88E_TXDSEQ_HWSEQ_EN); 2064 } else { 2065 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 2066 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 2067 } 2068 2069 txd->txdw4 = htole32(R92C_TXDW4_DRVRATE); 2070 txd->txdw5 = htole32(SM(R92C_TXDW5_DATARATE, URTWN_RIDX_CCK1)); 2071} 2072 2073static int 2074urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni) 2075{ 2076 struct ieee80211vap *vap = ni->ni_vap; 2077 struct urtwn_vap *uvp = URTWN_VAP(vap); 2078 struct mbuf *m; 2079 int error; 2080 2081 URTWN_ASSERT_LOCKED(sc); 2082 2083 if (ni->ni_chan == IEEE80211_CHAN_ANYC) 2084 return (EINVAL); 2085 2086 m = ieee80211_beacon_alloc(ni); 2087 if (m == NULL) { 2088 device_printf(sc->sc_dev, 2089 "%s: could not allocate beacon frame\n", __func__); 2090 return (ENOMEM); 2091 } 2092 2093 if (uvp->bcn_mbuf != NULL) 2094 m_freem(uvp->bcn_mbuf); 2095 2096 uvp->bcn_mbuf = m; 2097 2098 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 2099 return (error); 2100 2101 /* XXX bcnq stuck workaround */ 2102 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 2103 return (error); 2104 2105 URTWN_DPRINTF(sc, URTWN_DEBUG_BEACON, "%s: beacon was %srecognized\n", 2106 __func__, urtwn_read_1(sc, R92C_TDECTRL + 2) & 2107 (R92C_TDECTRL_BCN_VALID >> 16) ? "" : "not "); 2108 2109 return (0); 2110} 2111 2112static void 2113urtwn_update_beacon(struct ieee80211vap *vap, int item) 2114{ 2115 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2116 struct urtwn_vap *uvp = URTWN_VAP(vap); 2117 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off; 2118 struct ieee80211_node *ni = vap->iv_bss; 2119 int mcast = 0; 2120 2121 URTWN_LOCK(sc); 2122 if (uvp->bcn_mbuf == NULL) { 2123 uvp->bcn_mbuf = ieee80211_beacon_alloc(ni); 2124 if (uvp->bcn_mbuf == NULL) { 2125 device_printf(sc->sc_dev, 2126 "%s: could not allocate beacon frame\n", __func__); 2127 URTWN_UNLOCK(sc); 2128 return; 2129 } 2130 } 2131 URTWN_UNLOCK(sc); 2132 2133 if (item == IEEE80211_BEACON_TIM) 2134 mcast = 1; /* XXX */ 2135 2136 setbit(bo->bo_flags, item); 2137 ieee80211_beacon_update(ni, uvp->bcn_mbuf, mcast); 2138 2139 URTWN_LOCK(sc); 2140 urtwn_tx_beacon(sc, uvp); 2141 URTWN_UNLOCK(sc); 2142} 2143 2144/* 2145 * Push a beacon frame into the chip. Beacon will 2146 * be repeated by the chip every R92C_BCN_INTERVAL. 2147 */ 2148static int 2149urtwn_tx_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 2150{ 2151 struct r92c_tx_desc *desc = &uvp->bcn_desc; 2152 struct urtwn_data *bf; 2153 2154 URTWN_ASSERT_LOCKED(sc); 2155 2156 bf = urtwn_getbuf(sc); 2157 if (bf == NULL) 2158 return (ENOMEM); 2159 2160 memcpy(bf->buf, desc, sizeof(*desc)); 2161 urtwn_tx_start(sc, uvp->bcn_mbuf, IEEE80211_FC0_TYPE_MGT, bf); 2162 2163 sc->sc_txtimer = 5; 2164 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2165 2166 return (0); 2167} 2168 2169static int 2170urtwn_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k, 2171 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix) 2172{ 2173 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2174 uint8_t i; 2175 2176 if (!(&vap->iv_nw_keys[0] <= k && 2177 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) { 2178 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 2179 URTWN_LOCK(sc); 2180 /* 2181 * First 4 slots for group keys, 2182 * what is left - for pairwise. 2183 * XXX incompatible with IBSS RSN. 2184 */ 2185 for (i = IEEE80211_WEP_NKID; 2186 i < R92C_CAM_ENTRY_COUNT; i++) { 2187 if ((sc->keys_bmap & (1 << i)) == 0) { 2188 sc->keys_bmap |= 1 << i; 2189 *keyix = i; 2190 break; 2191 } 2192 } 2193 URTWN_UNLOCK(sc); 2194 if (i == R92C_CAM_ENTRY_COUNT) { 2195 device_printf(sc->sc_dev, 2196 "%s: no free space in the key table\n", 2197 __func__); 2198 return 0; 2199 } 2200 } else 2201 *keyix = 0; 2202 } else { 2203 *keyix = k - vap->iv_nw_keys; 2204 } 2205 *rxkeyix = *keyix; 2206 return 1; 2207} 2208 2209static void 2210urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data) 2211{ 2212 struct ieee80211_key *k = &data->key; 2213 uint8_t algo, keyid; 2214 int i, error; 2215 2216 if (k->wk_keyix < IEEE80211_WEP_NKID) 2217 keyid = k->wk_keyix; 2218 else 2219 keyid = 0; 2220 2221 /* Map net80211 cipher to HW crypto algorithm. */ 2222 switch (k->wk_cipher->ic_cipher) { 2223 case IEEE80211_CIPHER_WEP: 2224 if (k->wk_keylen < 8) 2225 algo = R92C_CAM_ALGO_WEP40; 2226 else 2227 algo = R92C_CAM_ALGO_WEP104; 2228 break; 2229 case IEEE80211_CIPHER_TKIP: 2230 algo = R92C_CAM_ALGO_TKIP; 2231 break; 2232 case IEEE80211_CIPHER_AES_CCM: 2233 algo = R92C_CAM_ALGO_AES; 2234 break; 2235 default: 2236 device_printf(sc->sc_dev, "%s: undefined cipher %d\n", 2237 __func__, k->wk_cipher->ic_cipher); 2238 return; 2239 } 2240 2241 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY, 2242 "%s: keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, " 2243 "macaddr %s\n", __func__, k->wk_keyix, keyid, 2244 k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen, 2245 ether_sprintf(k->wk_macaddr)); 2246 2247 /* Write key. */ 2248 for (i = 0; i < 4; i++) { 2249 error = urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 2250 LE_READ_4(&k->wk_key[i * 4])); 2251 if (error != 0) 2252 goto fail; 2253 } 2254 2255 /* Write CTL0 last since that will validate the CAM entry. */ 2256 error = urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 2257 LE_READ_4(&k->wk_macaddr[2])); 2258 if (error != 0) 2259 goto fail; 2260 error = urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 2261 SM(R92C_CAM_ALGO, algo) | 2262 SM(R92C_CAM_KEYID, keyid) | 2263 SM(R92C_CAM_MACLO, LE_READ_2(&k->wk_macaddr[0])) | 2264 R92C_CAM_VALID); 2265 if (error != 0) 2266 goto fail; 2267 2268 return; 2269 2270fail: 2271 device_printf(sc->sc_dev, "%s fails, error %d\n", __func__, error); 2272} 2273 2274static void 2275urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data) 2276{ 2277 struct ieee80211_key *k = &data->key; 2278 int i; 2279 2280 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY, 2281 "%s: keyix %d, flags %04X, macaddr %s\n", __func__, 2282 k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr)); 2283 2284 urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0); 2285 urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 0); 2286 2287 /* Clear key. */ 2288 for (i = 0; i < 4; i++) 2289 urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 0); 2290 sc->keys_bmap &= ~(1 << k->wk_keyix); 2291} 2292 2293static int 2294urtwn_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k) 2295{ 2296 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2297 2298 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 2299 /* Not for us. */ 2300 return (1); 2301 } 2302 2303 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_set_cb)); 2304} 2305 2306static int 2307urtwn_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 2308{ 2309 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2310 2311 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 2312 /* Not for us. */ 2313 return (1); 2314 } 2315 2316 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_del_cb)); 2317} 2318 2319static void 2320urtwn_tsf_task_adhoc(void *arg, int pending) 2321{ 2322 struct ieee80211vap *vap = arg; 2323 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2324 struct ieee80211_node *ni; 2325 uint32_t reg; 2326 2327 URTWN_LOCK(sc); 2328 ni = ieee80211_ref_node(vap->iv_bss); 2329 reg = urtwn_read_1(sc, R92C_BCN_CTRL); 2330 2331 /* Accept beacons with the same BSSID. */ 2332 urtwn_set_rx_bssid_all(sc, 0); 2333 2334 /* Enable synchronization. */ 2335 reg &= ~R92C_BCN_CTRL_DIS_TSF_UDT0; 2336 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2337 2338 /* Synchronize. */ 2339 usb_pause_mtx(&sc->sc_mtx, hz * ni->ni_intval * 5 / 1000); 2340 2341 /* Disable synchronization. */ 2342 reg |= R92C_BCN_CTRL_DIS_TSF_UDT0; 2343 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2344 2345 /* Remove beacon filter. */ 2346 urtwn_set_rx_bssid_all(sc, 1); 2347 2348 /* Enable beaconing. */ 2349 urtwn_write_1(sc, R92C_MBID_NUM, 2350 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 2351 reg |= R92C_BCN_CTRL_EN_BCN; 2352 2353 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2354 ieee80211_free_node(ni); 2355 URTWN_UNLOCK(sc); 2356} 2357 2358static void 2359urtwn_tsf_sync_enable(struct urtwn_softc *sc, struct ieee80211vap *vap) 2360{ 2361 struct ieee80211com *ic = &sc->sc_ic; 2362 struct urtwn_vap *uvp = URTWN_VAP(vap); 2363 2364 /* Reset TSF. */ 2365 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 2366 2367 switch (vap->iv_opmode) { 2368 case IEEE80211_M_STA: 2369 /* Enable TSF synchronization. */ 2370 urtwn_write_1(sc, R92C_BCN_CTRL, 2371 urtwn_read_1(sc, R92C_BCN_CTRL) & 2372 ~R92C_BCN_CTRL_DIS_TSF_UDT0); 2373 break; 2374 case IEEE80211_M_IBSS: 2375 ieee80211_runtask(ic, &uvp->tsf_task_adhoc); 2376 break; 2377 case IEEE80211_M_HOSTAP: 2378 /* Enable beaconing. */ 2379 urtwn_write_1(sc, R92C_MBID_NUM, 2380 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 2381 urtwn_write_1(sc, R92C_BCN_CTRL, 2382 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN); 2383 break; 2384 default: 2385 device_printf(sc->sc_dev, "undefined opmode %d\n", 2386 vap->iv_opmode); 2387 return; 2388 } 2389} 2390 2391static void 2392urtwn_get_tsf(struct urtwn_softc *sc, uint64_t *buf) 2393{ 2394 urtwn_read_region_1(sc, R92C_TSFTR, (uint8_t *)buf, sizeof(*buf)); 2395} 2396 2397static void 2398urtwn_set_led(struct urtwn_softc *sc, int led, int on) 2399{ 2400 uint8_t reg; 2401 2402 if (led == URTWN_LED_LINK) { 2403 if (sc->chip & URTWN_CHIP_88E) { 2404 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0xf0; 2405 urtwn_write_1(sc, R92C_LEDCFG2, reg | 0x60); 2406 if (!on) { 2407 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0x90; 2408 urtwn_write_1(sc, R92C_LEDCFG2, 2409 reg | R92C_LEDCFG0_DIS); 2410 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 2411 urtwn_read_1(sc, R92C_MAC_PINMUX_CFG) & 2412 0xfe); 2413 } 2414 } else { 2415 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70; 2416 if (!on) 2417 reg |= R92C_LEDCFG0_DIS; 2418 urtwn_write_1(sc, R92C_LEDCFG0, reg); 2419 } 2420 sc->ledlink = on; /* Save LED state. */ 2421 } 2422} 2423 2424static void 2425urtwn_set_mode(struct urtwn_softc *sc, uint8_t mode) 2426{ 2427 uint8_t reg; 2428 2429 reg = urtwn_read_1(sc, R92C_MSR); 2430 reg = (reg & ~R92C_MSR_MASK) | mode; 2431 urtwn_write_1(sc, R92C_MSR, reg); 2432} 2433 2434static void 2435urtwn_ibss_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype, 2436 const struct ieee80211_rx_stats *rxs, 2437 int rssi, int nf) 2438{ 2439 struct ieee80211vap *vap = ni->ni_vap; 2440 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2441 struct urtwn_vap *uvp = URTWN_VAP(vap); 2442 uint64_t ni_tstamp, curr_tstamp; 2443 2444 uvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf); 2445 2446 if (vap->iv_state == IEEE80211_S_RUN && 2447 (subtype == IEEE80211_FC0_SUBTYPE_BEACON || 2448 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) { 2449 ni_tstamp = le64toh(ni->ni_tstamp.tsf); 2450 URTWN_LOCK(sc); 2451 urtwn_get_tsf(sc, &curr_tstamp); 2452 URTWN_UNLOCK(sc); 2453 curr_tstamp = le64toh(curr_tstamp); 2454 2455 if (ni_tstamp >= curr_tstamp) 2456 (void) ieee80211_ibss_merge(ni); 2457 } 2458} 2459 2460static int 2461urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2462{ 2463 struct urtwn_vap *uvp = URTWN_VAP(vap); 2464 struct ieee80211com *ic = vap->iv_ic; 2465 struct urtwn_softc *sc = ic->ic_softc; 2466 struct ieee80211_node *ni; 2467 enum ieee80211_state ostate; 2468 uint32_t reg; 2469 uint8_t mode; 2470 int error = 0; 2471 2472 ostate = vap->iv_state; 2473 URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s -> %s\n", 2474 ieee80211_state_name[ostate], ieee80211_state_name[nstate]); 2475 2476 IEEE80211_UNLOCK(ic); 2477 URTWN_LOCK(sc); 2478 callout_stop(&sc->sc_watchdog_ch); 2479 2480 if (ostate == IEEE80211_S_RUN) { 2481 /* Stop calibration. */ 2482 callout_stop(&sc->sc_calib_to); 2483 2484 /* Turn link LED off. */ 2485 urtwn_set_led(sc, URTWN_LED_LINK, 0); 2486 2487 /* Set media status to 'No Link'. */ 2488 urtwn_set_mode(sc, R92C_MSR_NOLINK); 2489 2490 /* Stop Rx of data frames. */ 2491 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 2492 2493 /* Disable TSF synchronization. */ 2494 urtwn_write_1(sc, R92C_BCN_CTRL, 2495 (urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN) | 2496 R92C_BCN_CTRL_DIS_TSF_UDT0); 2497 2498 /* Disable beaconing. */ 2499 urtwn_write_1(sc, R92C_MBID_NUM, 2500 urtwn_read_1(sc, R92C_MBID_NUM) & ~R92C_MBID_TXBCN_RPT0); 2501 2502 /* Reset TSF. */ 2503 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 2504 2505 /* Reset EDCA parameters. */ 2506 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217); 2507 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317); 2508 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320); 2509 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444); 2510 } 2511 2512 switch (nstate) { 2513 case IEEE80211_S_INIT: 2514 /* Turn link LED off. */ 2515 urtwn_set_led(sc, URTWN_LED_LINK, 0); 2516 break; 2517 case IEEE80211_S_SCAN: 2518 /* Pause AC Tx queues. */ 2519 urtwn_write_1(sc, R92C_TXPAUSE, 2520 urtwn_read_1(sc, R92C_TXPAUSE) | R92C_TX_QUEUE_AC); 2521 break; 2522 case IEEE80211_S_AUTH: 2523 urtwn_set_chan(sc, ic->ic_curchan, NULL); 2524 break; 2525 case IEEE80211_S_RUN: 2526 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 2527 /* Turn link LED on. */ 2528 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2529 break; 2530 } 2531 2532 ni = ieee80211_ref_node(vap->iv_bss); 2533 2534 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC || 2535 ni->ni_chan == IEEE80211_CHAN_ANYC) { 2536 device_printf(sc->sc_dev, 2537 "%s: could not move to RUN state\n", __func__); 2538 error = EINVAL; 2539 goto end_run; 2540 } 2541 2542 switch (vap->iv_opmode) { 2543 case IEEE80211_M_STA: 2544 mode = R92C_MSR_INFRA; 2545 break; 2546 case IEEE80211_M_IBSS: 2547 mode = R92C_MSR_ADHOC; 2548 break; 2549 case IEEE80211_M_HOSTAP: 2550 mode = R92C_MSR_AP; 2551 break; 2552 default: 2553 device_printf(sc->sc_dev, "undefined opmode %d\n", 2554 vap->iv_opmode); 2555 error = EINVAL; 2556 goto end_run; 2557 } 2558 2559 /* Set media status to 'Associated'. */ 2560 urtwn_set_mode(sc, mode); 2561 2562 /* Set BSSID. */ 2563 urtwn_write_4(sc, R92C_BSSID + 0, LE_READ_4(&ni->ni_bssid[0])); 2564 urtwn_write_4(sc, R92C_BSSID + 4, LE_READ_2(&ni->ni_bssid[4])); 2565 2566 if (ic->ic_curmode == IEEE80211_MODE_11B) 2567 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0); 2568 else /* 802.11b/g */ 2569 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3); 2570 2571 /* Enable Rx of data frames. */ 2572 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 2573 2574 /* Flush all AC queues. */ 2575 urtwn_write_1(sc, R92C_TXPAUSE, 0); 2576 2577 /* Set beacon interval. */ 2578 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval); 2579 2580 /* Allow Rx from our BSSID only. */ 2581 if (ic->ic_promisc == 0) { 2582 reg = urtwn_read_4(sc, R92C_RCR); 2583 2584 if (vap->iv_opmode != IEEE80211_M_HOSTAP) 2585 reg |= R92C_RCR_CBSSID_DATA; 2586 if (vap->iv_opmode != IEEE80211_M_IBSS) 2587 reg |= R92C_RCR_CBSSID_BCN; 2588 2589 urtwn_write_4(sc, R92C_RCR, reg); 2590 } 2591 2592 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 2593 vap->iv_opmode == IEEE80211_M_IBSS) { 2594 error = urtwn_setup_beacon(sc, ni); 2595 if (error != 0) { 2596 device_printf(sc->sc_dev, 2597 "unable to push beacon into the chip, " 2598 "error %d\n", error); 2599 goto end_run; 2600 } 2601 } 2602 2603 /* Enable TSF synchronization. */ 2604 urtwn_tsf_sync_enable(sc, vap); 2605 2606 urtwn_write_1(sc, R92C_SIFS_CCK + 1, 10); 2607 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10); 2608 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10); 2609 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10); 2610 urtwn_write_1(sc, R92C_R2T_SIFS + 1, 10); 2611 urtwn_write_1(sc, R92C_T2T_SIFS + 1, 10); 2612 2613 /* Intialize rate adaptation. */ 2614 if (!(sc->chip & URTWN_CHIP_88E)) 2615 urtwn_ra_init(sc); 2616 /* Turn link LED on. */ 2617 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2618 2619 sc->avg_pwdb = -1; /* Reset average RSSI. */ 2620 /* Reset temperature calibration state machine. */ 2621 sc->sc_flags &= ~URTWN_TEMP_MEASURED; 2622 sc->thcal_lctemp = 0; 2623 /* Start periodic calibration. */ 2624 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc); 2625 2626end_run: 2627 ieee80211_free_node(ni); 2628 break; 2629 default: 2630 break; 2631 } 2632 2633 URTWN_UNLOCK(sc); 2634 IEEE80211_LOCK(ic); 2635 return (error != 0 ? error : uvp->newstate(vap, nstate, arg)); 2636} 2637 2638static void 2639urtwn_calib_to(void *arg) 2640{ 2641 struct urtwn_softc *sc = arg; 2642 2643 /* Do it in a process context. */ 2644 urtwn_cmd_sleepable(sc, NULL, 0, urtwn_calib_cb); 2645} 2646 2647static void 2648urtwn_calib_cb(struct urtwn_softc *sc, union sec_param *data) 2649{ 2650 /* Do temperature compensation. */ 2651 urtwn_temp_calib(sc); 2652 2653 if ((urtwn_read_1(sc, R92C_MSR) & R92C_MSR_MASK) != R92C_MSR_NOLINK) 2654 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc); 2655} 2656 2657static void 2658urtwn_watchdog(void *arg) 2659{ 2660 struct urtwn_softc *sc = arg; 2661 2662 if (sc->sc_txtimer > 0) { 2663 if (--sc->sc_txtimer == 0) { 2664 device_printf(sc->sc_dev, "device timeout\n"); 2665 counter_u64_add(sc->sc_ic.ic_oerrors, 1); 2666 return; 2667 } 2668 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2669 } 2670} 2671 2672static void 2673urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi) 2674{ 2675 int pwdb; 2676 2677 /* Convert antenna signal to percentage. */ 2678 if (rssi <= -100 || rssi >= 20) 2679 pwdb = 0; 2680 else if (rssi >= 0) 2681 pwdb = 100; 2682 else 2683 pwdb = 100 + rssi; 2684 if (!(sc->chip & URTWN_CHIP_88E)) { 2685 if (rate <= URTWN_RIDX_CCK11) { 2686 /* CCK gain is smaller than OFDM/MCS gain. */ 2687 pwdb += 6; 2688 if (pwdb > 100) 2689 pwdb = 100; 2690 if (pwdb <= 14) 2691 pwdb -= 4; 2692 else if (pwdb <= 26) 2693 pwdb -= 8; 2694 else if (pwdb <= 34) 2695 pwdb -= 6; 2696 else if (pwdb <= 42) 2697 pwdb -= 2; 2698 } 2699 } 2700 if (sc->avg_pwdb == -1) /* Init. */ 2701 sc->avg_pwdb = pwdb; 2702 else if (sc->avg_pwdb < pwdb) 2703 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1; 2704 else 2705 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20); 2706 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: PWDB %d, EMA %d\n", __func__, 2707 pwdb, sc->avg_pwdb); 2708} 2709 2710static int8_t 2711urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2712{ 2713 static const int8_t cckoff[] = { 16, -12, -26, -46 }; 2714 struct r92c_rx_phystat *phy; 2715 struct r92c_rx_cck *cck; 2716 uint8_t rpt; 2717 int8_t rssi; 2718 2719 if (rate <= URTWN_RIDX_CCK11) { 2720 cck = (struct r92c_rx_cck *)physt; 2721 if (sc->sc_flags & URTWN_FLAG_CCK_HIPWR) { 2722 rpt = (cck->agc_rpt >> 5) & 0x3; 2723 rssi = (cck->agc_rpt & 0x1f) << 1; 2724 } else { 2725 rpt = (cck->agc_rpt >> 6) & 0x3; 2726 rssi = cck->agc_rpt & 0x3e; 2727 } 2728 rssi = cckoff[rpt] - rssi; 2729 } else { /* OFDM/HT. */ 2730 phy = (struct r92c_rx_phystat *)physt; 2731 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2732 } 2733 return (rssi); 2734} 2735 2736static int8_t 2737urtwn_r88e_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2738{ 2739 struct r92c_rx_phystat *phy; 2740 struct r88e_rx_cck *cck; 2741 uint8_t cck_agc_rpt, lna_idx, vga_idx; 2742 int8_t rssi; 2743 2744 rssi = 0; 2745 if (rate <= URTWN_RIDX_CCK11) { 2746 cck = (struct r88e_rx_cck *)physt; 2747 cck_agc_rpt = cck->agc_rpt; 2748 lna_idx = (cck_agc_rpt & 0xe0) >> 5; 2749 vga_idx = cck_agc_rpt & 0x1f; 2750 switch (lna_idx) { 2751 case 7: 2752 if (vga_idx <= 27) 2753 rssi = -100 + 2* (27 - vga_idx); 2754 else 2755 rssi = -100; 2756 break; 2757 case 6: 2758 rssi = -48 + 2 * (2 - vga_idx); 2759 break; 2760 case 5: 2761 rssi = -42 + 2 * (7 - vga_idx); 2762 break; 2763 case 4: 2764 rssi = -36 + 2 * (7 - vga_idx); 2765 break; 2766 case 3: 2767 rssi = -24 + 2 * (7 - vga_idx); 2768 break; 2769 case 2: 2770 rssi = -12 + 2 * (5 - vga_idx); 2771 break; 2772 case 1: 2773 rssi = 8 - (2 * vga_idx); 2774 break; 2775 case 0: 2776 rssi = 14 - (2 * vga_idx); 2777 break; 2778 } 2779 rssi += 6; 2780 } else { /* OFDM/HT. */ 2781 phy = (struct r92c_rx_phystat *)physt; 2782 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2783 } 2784 return (rssi); 2785} 2786 2787static __inline uint8_t 2788rate2ridx(uint8_t rate) 2789{ 2790 if (rate & IEEE80211_RATE_MCS) { 2791 /* 11n rates start at idx 12 */ 2792 return ((rate & 0xf) + 12); 2793 } 2794 switch (rate) { 2795 /* 11g */ 2796 case 12: return 4; 2797 case 18: return 5; 2798 case 24: return 6; 2799 case 36: return 7; 2800 case 48: return 8; 2801 case 72: return 9; 2802 case 96: return 10; 2803 case 108: return 11; 2804 /* 11b */ 2805 case 2: return 0; 2806 case 4: return 1; 2807 case 11: return 2; 2808 case 22: return 3; 2809 default: return 0; 2810 } 2811} 2812 2813static int 2814urtwn_tx_data(struct urtwn_softc *sc, struct ieee80211_node *ni, 2815 struct mbuf *m, struct urtwn_data *data) 2816{ 2817 const struct ieee80211_txparam *tp; 2818 struct ieee80211com *ic = &sc->sc_ic; 2819 struct ieee80211vap *vap = ni->ni_vap; 2820 struct ieee80211_key *k = NULL; 2821 struct ieee80211_channel *chan; 2822 struct ieee80211_frame *wh; 2823 struct r92c_tx_desc *txd; 2824 uint8_t macid, raid, rate, ridx, subtype, type, tid, qsel; 2825 int hasqos, ismcast; 2826 2827 URTWN_ASSERT_LOCKED(sc); 2828 2829 /* 2830 * Software crypto. 2831 */ 2832 wh = mtod(m, struct ieee80211_frame *); 2833 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2834 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2835 hasqos = IEEE80211_QOS_HAS_SEQ(wh); 2836 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 2837 2838 /* Select TX ring for this frame. */ 2839 if (hasqos) { 2840 tid = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 2841 tid &= IEEE80211_QOS_TID; 2842 } else 2843 tid = 0; 2844 2845 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ? 2846 ni->ni_chan : ic->ic_curchan; 2847 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 2848 2849 /* Choose a TX rate index. */ 2850 if (type == IEEE80211_FC0_TYPE_MGT) 2851 rate = tp->mgmtrate; 2852 else if (ismcast) 2853 rate = tp->mcastrate; 2854 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 2855 rate = tp->ucastrate; 2856 else if (m->m_flags & M_EAPOL) 2857 rate = tp->mgmtrate; 2858 else { 2859 if (URTWN_CHIP_HAS_RATECTL(sc)) { 2860 /* XXX pass pktlen */ 2861 (void) ieee80211_ratectl_rate(ni, NULL, 0); 2862 rate = ni->ni_txrate; 2863 } else { 2864 /* XXX TODO: drop the default rate for 11b/11g? */ 2865 if (ni->ni_flags & IEEE80211_NODE_HT) 2866 rate = IEEE80211_RATE_MCS | 0x4; /* MCS4 */ 2867 else if (ic->ic_curmode != IEEE80211_MODE_11B) 2868 rate = 108; 2869 else 2870 rate = 22; 2871 } 2872 } 2873 2874 /* 2875 * XXX TODO: this should be per-node, for 11b versus 11bg 2876 * nodes in hostap mode 2877 */ 2878 ridx = rate2ridx(rate); 2879 if (ni->ni_flags & IEEE80211_NODE_HT) 2880 raid = R92C_RAID_11GN; 2881 else if (ic->ic_curmode != IEEE80211_MODE_11B) 2882 raid = R92C_RAID_11BG; 2883 else 2884 raid = R92C_RAID_11B; 2885 2886 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2887 k = ieee80211_crypto_encap(ni, m); 2888 if (k == NULL) { 2889 device_printf(sc->sc_dev, 2890 "ieee80211_crypto_encap returns NULL.\n"); 2891 return (ENOBUFS); 2892 } 2893 2894 /* in case packet header moved, reset pointer */ 2895 wh = mtod(m, struct ieee80211_frame *); 2896 } 2897 2898 /* Fill Tx descriptor. */ 2899 txd = (struct r92c_tx_desc *)data->buf; 2900 memset(txd, 0, sizeof(*txd)); 2901 2902 txd->txdw0 |= htole32( 2903 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2904 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2905 if (ismcast) 2906 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2907 2908 if (!ismcast) { 2909 if (sc->chip & URTWN_CHIP_88E) { 2910 struct urtwn_node *un = URTWN_NODE(ni); 2911 macid = un->id; 2912 } else 2913 macid = URTWN_MACID_BSS; 2914 2915 if (type == IEEE80211_FC0_TYPE_DATA) { 2916 qsel = tid % URTWN_MAX_TID; 2917 2918 if (sc->chip & URTWN_CHIP_88E) { 2919 txd->txdw2 |= htole32( 2920 R88E_TXDW2_AGGBK | 2921 R88E_TXDW2_CCX_RPT); 2922 } else 2923 txd->txdw1 |= htole32(R92C_TXDW1_AGGBK); 2924 2925 /* protmode, non-HT */ 2926 /* XXX TODO: noack frames? */ 2927 if ((rate & 0x80) == 0 && 2928 (ic->ic_flags & IEEE80211_F_USEPROT)) { 2929 switch (ic->ic_protmode) { 2930 case IEEE80211_PROT_CTSONLY: 2931 txd->txdw4 |= htole32( 2932 R92C_TXDW4_CTS2SELF | 2933 R92C_TXDW4_HWRTSEN); 2934 break; 2935 case IEEE80211_PROT_RTSCTS: 2936 txd->txdw4 |= htole32( 2937 R92C_TXDW4_RTSEN | 2938 R92C_TXDW4_HWRTSEN); 2939 break; 2940 default: 2941 break; 2942 } 2943 } 2944 2945 /* protmode, HT */ 2946 /* XXX TODO: noack frames? */ 2947 if ((rate & 0x80) && 2948 (ic->ic_htprotmode == IEEE80211_PROT_RTSCTS)) { 2949 txd->txdw4 |= htole32( 2950 R92C_TXDW4_RTSEN | 2951 R92C_TXDW4_HWRTSEN); 2952 } 2953 2954 /* XXX TODO: rtsrate is configurable? 24mbit may 2955 * be a bit high for RTS rate? */ 2956 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 2957 URTWN_RIDX_OFDM24)); 2958 2959 txd->txdw5 |= htole32(0x0001ff00); 2960 } else /* IEEE80211_FC0_TYPE_MGT */ 2961 qsel = R92C_TXDW1_QSEL_MGNT; 2962 } else { 2963 macid = URTWN_MACID_BC; 2964 qsel = R92C_TXDW1_QSEL_MGNT; 2965 } 2966 2967 txd->txdw1 |= htole32( 2968 SM(R92C_TXDW1_QSEL, qsel) | 2969 SM(R92C_TXDW1_RAID, raid)); 2970 2971 /* XXX TODO: 40MHZ flag? */ 2972 /* XXX TODO: AMPDU flag? (AGG_ENABLE or AGG_BREAK?) Density shift? */ 2973 /* XXX Short preamble? */ 2974 /* XXX Short-GI? */ 2975 2976 if (sc->chip & URTWN_CHIP_88E) 2977 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, macid)); 2978 else 2979 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, macid)); 2980 2981 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 2982 2983 /* Force this rate if needed. */ 2984 if (URTWN_CHIP_HAS_RATECTL(sc) || ismcast || 2985 (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) || 2986 (m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA) 2987 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2988 2989 if (!hasqos) { 2990 /* Use HW sequence numbering for non-QoS frames. */ 2991 if (sc->chip & URTWN_CHIP_88E) 2992 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 2993 else 2994 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 2995 } else { 2996 /* Set sequence number. */ 2997 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 2998 } 2999 3000 if (k != NULL && !(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 3001 uint8_t cipher; 3002 3003 switch (k->wk_cipher->ic_cipher) { 3004 case IEEE80211_CIPHER_WEP: 3005 case IEEE80211_CIPHER_TKIP: 3006 cipher = R92C_TXDW1_CIPHER_RC4; 3007 break; 3008 case IEEE80211_CIPHER_AES_CCM: 3009 cipher = R92C_TXDW1_CIPHER_AES; 3010 break; 3011 default: 3012 device_printf(sc->sc_dev, "%s: unknown cipher %d\n", 3013 __func__, k->wk_cipher->ic_cipher); 3014 return (EINVAL); 3015 } 3016 3017 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher)); 3018 } 3019 3020 if (ieee80211_radiotap_active_vap(vap)) { 3021 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 3022 3023 tap->wt_flags = 0; 3024 if (k != NULL) 3025 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 3026 ieee80211_radiotap_tx(vap, m); 3027 } 3028 3029 data->ni = ni; 3030 3031 urtwn_tx_start(sc, m, type, data); 3032 3033 return (0); 3034} 3035 3036static int 3037urtwn_tx_raw(struct urtwn_softc *sc, struct ieee80211_node *ni, 3038 struct mbuf *m, struct urtwn_data *data, 3039 const struct ieee80211_bpf_params *params) 3040{ 3041 struct ieee80211vap *vap = ni->ni_vap; 3042 struct ieee80211_key *k = NULL; 3043 struct ieee80211_frame *wh; 3044 struct r92c_tx_desc *txd; 3045 uint8_t cipher, ridx, type; 3046 3047 /* Encrypt the frame if need be. */ 3048 cipher = R92C_TXDW1_CIPHER_NONE; 3049 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) { 3050 /* Retrieve key for TX. */ 3051 k = ieee80211_crypto_encap(ni, m); 3052 if (k == NULL) 3053 return (ENOBUFS); 3054 3055 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 3056 switch (k->wk_cipher->ic_cipher) { 3057 case IEEE80211_CIPHER_WEP: 3058 case IEEE80211_CIPHER_TKIP: 3059 cipher = R92C_TXDW1_CIPHER_RC4; 3060 break; 3061 case IEEE80211_CIPHER_AES_CCM: 3062 cipher = R92C_TXDW1_CIPHER_AES; 3063 break; 3064 default: 3065 device_printf(sc->sc_dev, 3066 "%s: unknown cipher %d\n", 3067 __func__, k->wk_cipher->ic_cipher); 3068 return (EINVAL); 3069 } 3070 } 3071 } 3072 3073 /* XXX TODO: 11n checks, matching urtwn_tx_data() */ 3074 3075 wh = mtod(m, struct ieee80211_frame *); 3076 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3077 3078 /* Fill Tx descriptor. */ 3079 txd = (struct r92c_tx_desc *)data->buf; 3080 memset(txd, 0, sizeof(*txd)); 3081 3082 txd->txdw0 |= htole32( 3083 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 3084 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 3085 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3086 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 3087 3088 if (params->ibp_flags & IEEE80211_BPF_RTS) 3089 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN); 3090 if (params->ibp_flags & IEEE80211_BPF_CTS) 3091 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF); 3092 if (txd->txdw4 & htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_CTS2SELF)) { 3093 txd->txdw4 |= htole32(R92C_TXDW4_HWRTSEN); 3094 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 3095 URTWN_RIDX_OFDM24)); 3096 } 3097 3098 if (sc->chip & URTWN_CHIP_88E) 3099 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 3100 else 3101 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 3102 3103 /* XXX TODO: rate index/config (RAID) for 11n? */ 3104 txd->txdw1 |= htole32(SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT)); 3105 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher)); 3106 3107 /* Choose a TX rate index. */ 3108 ridx = rate2ridx(params->ibp_rate0); 3109 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 3110 txd->txdw5 |= htole32(0x0001ff00); 3111 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 3112 3113 if (!IEEE80211_QOS_HAS_SEQ(wh)) { 3114 /* Use HW sequence numbering for non-QoS frames. */ 3115 if (sc->chip & URTWN_CHIP_88E) 3116 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 3117 else 3118 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 3119 } else { 3120 /* Set sequence number. */ 3121 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 3122 } 3123 3124 if (ieee80211_radiotap_active_vap(vap)) { 3125 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 3126 3127 tap->wt_flags = 0; 3128 if (k != NULL) 3129 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 3130 ieee80211_radiotap_tx(vap, m); 3131 } 3132 3133 data->ni = ni; 3134 3135 urtwn_tx_start(sc, m, type, data); 3136 3137 return (0); 3138} 3139 3140static void 3141urtwn_tx_start(struct urtwn_softc *sc, struct mbuf *m, uint8_t type, 3142 struct urtwn_data *data) 3143{ 3144 struct usb_xfer *xfer; 3145 struct r92c_tx_desc *txd; 3146 uint16_t ac, sum; 3147 int i, xferlen; 3148 3149 URTWN_ASSERT_LOCKED(sc); 3150 3151 ac = M_WME_GETAC(m); 3152 3153 switch (type) { 3154 case IEEE80211_FC0_TYPE_CTL: 3155 case IEEE80211_FC0_TYPE_MGT: 3156 xfer = sc->sc_xfer[URTWN_BULK_TX_VO]; 3157 break; 3158 default: 3159 xfer = sc->sc_xfer[wme2queue[ac].qid]; 3160 break; 3161 } 3162 3163 txd = (struct r92c_tx_desc *)data->buf; 3164 txd->txdw0 |= htole32(SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len)); 3165 3166 /* Compute Tx descriptor checksum. */ 3167 sum = 0; 3168 for (i = 0; i < sizeof(*txd) / 2; i++) 3169 sum ^= ((uint16_t *)txd)[i]; 3170 txd->txdsum = sum; /* NB: already little endian. */ 3171 3172 xferlen = sizeof(*txd) + m->m_pkthdr.len; 3173 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&txd[1]); 3174 3175 data->buflen = xferlen; 3176 data->m = m; 3177 3178 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 3179 usbd_transfer_start(xfer); 3180} 3181 3182static int 3183urtwn_transmit(struct ieee80211com *ic, struct mbuf *m) 3184{ 3185 struct urtwn_softc *sc = ic->ic_softc; 3186 int error; 3187 3188 URTWN_LOCK(sc); 3189 if ((sc->sc_flags & URTWN_RUNNING) == 0) { 3190 URTWN_UNLOCK(sc); 3191 return (ENXIO); 3192 } 3193 error = mbufq_enqueue(&sc->sc_snd, m); 3194 if (error) { 3195 URTWN_UNLOCK(sc); 3196 return (error); 3197 } 3198 urtwn_start(sc); 3199 URTWN_UNLOCK(sc); 3200 3201 return (0); 3202} 3203 3204static void 3205urtwn_start(struct urtwn_softc *sc) 3206{ 3207 struct ieee80211_node *ni; 3208 struct mbuf *m; 3209 struct urtwn_data *bf; 3210 3211 URTWN_ASSERT_LOCKED(sc); 3212 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 3213 bf = urtwn_getbuf(sc); 3214 if (bf == NULL) { 3215 mbufq_prepend(&sc->sc_snd, m); 3216 break; 3217 } 3218 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3219 m->m_pkthdr.rcvif = NULL; 3220 3221 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n", 3222 __func__, 3223 m); 3224 3225 if (urtwn_tx_data(sc, ni, m, bf) != 0) { 3226 if_inc_counter(ni->ni_vap->iv_ifp, 3227 IFCOUNTER_OERRORS, 1); 3228 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 3229 m_freem(m); 3230 ieee80211_free_node(ni); 3231 break; 3232 } 3233 sc->sc_txtimer = 5; 3234 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 3235 } 3236} 3237 3238static void 3239urtwn_parent(struct ieee80211com *ic) 3240{ 3241 struct urtwn_softc *sc = ic->ic_softc; 3242 3243 URTWN_LOCK(sc); 3244 if (sc->sc_flags & URTWN_DETACHED) { 3245 URTWN_UNLOCK(sc); 3246 return; 3247 } 3248 URTWN_UNLOCK(sc); 3249 3250 if (ic->ic_nrunning > 0) { 3251 if (urtwn_init(sc) != 0) { 3252 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3253 if (vap != NULL) 3254 ieee80211_stop(vap); 3255 } else 3256 ieee80211_start_all(ic); 3257 } else 3258 urtwn_stop(sc); 3259} 3260 3261static __inline int 3262urtwn_power_on(struct urtwn_softc *sc) 3263{ 3264 3265 return sc->sc_power_on(sc); 3266} 3267 3268static int 3269urtwn_r92c_power_on(struct urtwn_softc *sc) 3270{ 3271 uint32_t reg; 3272 usb_error_t error; 3273 int ntries; 3274 3275 /* Wait for autoload done bit. */ 3276 for (ntries = 0; ntries < 1000; ntries++) { 3277 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN) 3278 break; 3279 urtwn_ms_delay(sc); 3280 } 3281 if (ntries == 1000) { 3282 device_printf(sc->sc_dev, 3283 "timeout waiting for chip autoload\n"); 3284 return (ETIMEDOUT); 3285 } 3286 3287 /* Unlock ISO/CLK/Power control register. */ 3288 error = urtwn_write_1(sc, R92C_RSV_CTRL, 0); 3289 if (error != USB_ERR_NORMAL_COMPLETION) 3290 return (EIO); 3291 /* Move SPS into PWM mode. */ 3292 error = urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b); 3293 if (error != USB_ERR_NORMAL_COMPLETION) 3294 return (EIO); 3295 urtwn_ms_delay(sc); 3296 3297 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL); 3298 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) { 3299 error = urtwn_write_1(sc, R92C_LDOV12D_CTRL, 3300 reg | R92C_LDOV12D_CTRL_LDV12_EN); 3301 if (error != USB_ERR_NORMAL_COMPLETION) 3302 return (EIO); 3303 urtwn_ms_delay(sc); 3304 error = urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 3305 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) & 3306 ~R92C_SYS_ISO_CTRL_MD2PP); 3307 if (error != USB_ERR_NORMAL_COMPLETION) 3308 return (EIO); 3309 } 3310 3311 /* Auto enable WLAN. */ 3312 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3313 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 3314 if (error != USB_ERR_NORMAL_COMPLETION) 3315 return (EIO); 3316 for (ntries = 0; ntries < 1000; ntries++) { 3317 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 3318 R92C_APS_FSMCO_APFM_ONMAC)) 3319 break; 3320 urtwn_ms_delay(sc); 3321 } 3322 if (ntries == 1000) { 3323 device_printf(sc->sc_dev, 3324 "timeout waiting for MAC auto ON\n"); 3325 return (ETIMEDOUT); 3326 } 3327 3328 /* Enable radio, GPIO and LED functions. */ 3329 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3330 R92C_APS_FSMCO_AFSM_HSUS | 3331 R92C_APS_FSMCO_PDN_EN | 3332 R92C_APS_FSMCO_PFM_ALDN); 3333 if (error != USB_ERR_NORMAL_COMPLETION) 3334 return (EIO); 3335 /* Release RF digital isolation. */ 3336 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 3337 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR); 3338 if (error != USB_ERR_NORMAL_COMPLETION) 3339 return (EIO); 3340 3341 /* Initialize MAC. */ 3342 error = urtwn_write_1(sc, R92C_APSD_CTRL, 3343 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF); 3344 if (error != USB_ERR_NORMAL_COMPLETION) 3345 return (EIO); 3346 for (ntries = 0; ntries < 200; ntries++) { 3347 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) & 3348 R92C_APSD_CTRL_OFF_STATUS)) 3349 break; 3350 urtwn_ms_delay(sc); 3351 } 3352 if (ntries == 200) { 3353 device_printf(sc->sc_dev, 3354 "timeout waiting for MAC initialization\n"); 3355 return (ETIMEDOUT); 3356 } 3357 3358 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 3359 reg = urtwn_read_2(sc, R92C_CR); 3360 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3361 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 3362 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN | 3363 R92C_CR_ENSEC; 3364 error = urtwn_write_2(sc, R92C_CR, reg); 3365 if (error != USB_ERR_NORMAL_COMPLETION) 3366 return (EIO); 3367 3368 error = urtwn_write_1(sc, 0xfe10, 0x19); 3369 if (error != USB_ERR_NORMAL_COMPLETION) 3370 return (EIO); 3371 return (0); 3372} 3373 3374static int 3375urtwn_r88e_power_on(struct urtwn_softc *sc) 3376{ 3377 uint32_t reg; 3378 usb_error_t error; 3379 int ntries; 3380 3381 /* Wait for power ready bit. */ 3382 for (ntries = 0; ntries < 5000; ntries++) { 3383 if (urtwn_read_4(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_SUS_HOST) 3384 break; 3385 urtwn_ms_delay(sc); 3386 } 3387 if (ntries == 5000) { 3388 device_printf(sc->sc_dev, 3389 "timeout waiting for chip power up\n"); 3390 return (ETIMEDOUT); 3391 } 3392 3393 /* Reset BB. */ 3394 error = urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3395 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~(R92C_SYS_FUNC_EN_BBRSTB | 3396 R92C_SYS_FUNC_EN_BB_GLB_RST)); 3397 if (error != USB_ERR_NORMAL_COMPLETION) 3398 return (EIO); 3399 3400 error = urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2, 3401 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80); 3402 if (error != USB_ERR_NORMAL_COMPLETION) 3403 return (EIO); 3404 3405 /* Disable HWPDN. */ 3406 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3407 urtwn_read_2(sc, R92C_APS_FSMCO) & ~R92C_APS_FSMCO_APDM_HPDN); 3408 if (error != USB_ERR_NORMAL_COMPLETION) 3409 return (EIO); 3410 3411 /* Disable WL suspend. */ 3412 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3413 urtwn_read_2(sc, R92C_APS_FSMCO) & 3414 ~(R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_AFSM_PCIE)); 3415 if (error != USB_ERR_NORMAL_COMPLETION) 3416 return (EIO); 3417 3418 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3419 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 3420 if (error != USB_ERR_NORMAL_COMPLETION) 3421 return (EIO); 3422 for (ntries = 0; ntries < 5000; ntries++) { 3423 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 3424 R92C_APS_FSMCO_APFM_ONMAC)) 3425 break; 3426 urtwn_ms_delay(sc); 3427 } 3428 if (ntries == 5000) 3429 return (ETIMEDOUT); 3430 3431 /* Enable LDO normal mode. */ 3432 error = urtwn_write_1(sc, R92C_LPLDO_CTRL, 3433 urtwn_read_1(sc, R92C_LPLDO_CTRL) & ~R92C_LPLDO_CTRL_SLEEP); 3434 if (error != USB_ERR_NORMAL_COMPLETION) 3435 return (EIO); 3436 3437 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 3438 error = urtwn_write_2(sc, R92C_CR, 0); 3439 if (error != USB_ERR_NORMAL_COMPLETION) 3440 return (EIO); 3441 reg = urtwn_read_2(sc, R92C_CR); 3442 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3443 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 3444 R92C_CR_SCHEDULE_EN | R92C_CR_ENSEC | R92C_CR_CALTMR_EN; 3445 error = urtwn_write_2(sc, R92C_CR, reg); 3446 if (error != USB_ERR_NORMAL_COMPLETION) 3447 return (EIO); 3448 3449 return (0); 3450} 3451 3452static __inline void 3453urtwn_power_off(struct urtwn_softc *sc) 3454{ 3455 3456 return sc->sc_power_off(sc); 3457} 3458 3459static void 3460urtwn_r92c_power_off(struct urtwn_softc *sc) 3461{ 3462 uint32_t reg; 3463 3464 /* Block all Tx queues. */ 3465 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL); 3466 3467 /* Disable RF */ 3468 urtwn_rf_write(sc, 0, 0, 0); 3469 3470 urtwn_write_1(sc, R92C_APSD_CTRL, R92C_APSD_CTRL_OFF); 3471 3472 /* Reset BB state machine */ 3473 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3474 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA | 3475 R92C_SYS_FUNC_EN_BB_GLB_RST); 3476 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3477 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA); 3478 3479 /* 3480 * Reset digital sequence 3481 */ 3482#ifndef URTWN_WITHOUT_UCODE 3483 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) { 3484 /* Reset MCU ready status */ 3485 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3486 3487 /* If firmware in ram code, do reset */ 3488 urtwn_fw_reset(sc); 3489 } 3490#endif 3491 3492 /* Reset MAC and Enable 8051 */ 3493 urtwn_write_1(sc, R92C_SYS_FUNC_EN + 1, 3494 (R92C_SYS_FUNC_EN_CPUEN | 3495 R92C_SYS_FUNC_EN_ELDR | 3496 R92C_SYS_FUNC_EN_HWPDN) >> 8); 3497 3498 /* Reset MCU ready status */ 3499 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3500 3501 /* Disable MAC clock */ 3502 urtwn_write_2(sc, R92C_SYS_CLKR, 3503 R92C_SYS_CLKR_ANAD16V_EN | 3504 R92C_SYS_CLKR_ANA8M | 3505 R92C_SYS_CLKR_LOADER_EN | 3506 R92C_SYS_CLKR_80M_SSC_DIS | 3507 R92C_SYS_CLKR_SYS_EN | 3508 R92C_SYS_CLKR_RING_EN | 3509 0x4000); 3510 3511 /* Disable AFE PLL */ 3512 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x80); 3513 3514 /* Gated AFE DIG_CLOCK */ 3515 urtwn_write_2(sc, R92C_AFE_XTAL_CTRL, 0x880F); 3516 3517 /* Isolated digital to PON */ 3518 urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 3519 R92C_SYS_ISO_CTRL_MD2PP | 3520 R92C_SYS_ISO_CTRL_PA2PCIE | 3521 R92C_SYS_ISO_CTRL_PD2CORE | 3522 R92C_SYS_ISO_CTRL_IP2MAC | 3523 R92C_SYS_ISO_CTRL_DIOP | 3524 R92C_SYS_ISO_CTRL_DIOE); 3525 3526 /* 3527 * Pull GPIO PIN to balance level and LED control 3528 */ 3529 /* 1. Disable GPIO[7:0] */ 3530 urtwn_write_2(sc, R92C_GPIO_IOSEL, 0x0000); 3531 3532 reg = urtwn_read_4(sc, R92C_GPIO_PIN_CTRL) & ~0x0000ff00; 3533 reg |= ((reg << 8) & 0x0000ff00) | 0x00ff0000; 3534 urtwn_write_4(sc, R92C_GPIO_PIN_CTRL, reg); 3535 3536 /* Disable GPIO[10:8] */ 3537 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 0x00); 3538 3539 reg = urtwn_read_2(sc, R92C_GPIO_IO_SEL) & ~0x00f0; 3540 reg |= (((reg & 0x000f) << 4) | 0x0780); 3541 urtwn_write_2(sc, R92C_GPIO_IO_SEL, reg); 3542 3543 /* Disable LED0 & 1 */ 3544 urtwn_write_2(sc, R92C_LEDCFG0, 0x8080); 3545 3546 /* 3547 * Reset digital sequence 3548 */ 3549 /* Disable ELDR clock */ 3550 urtwn_write_2(sc, R92C_SYS_CLKR, 3551 R92C_SYS_CLKR_ANAD16V_EN | 3552 R92C_SYS_CLKR_ANA8M | 3553 R92C_SYS_CLKR_LOADER_EN | 3554 R92C_SYS_CLKR_80M_SSC_DIS | 3555 R92C_SYS_CLKR_SYS_EN | 3556 R92C_SYS_CLKR_RING_EN | 3557 0x4000); 3558 3559 /* Isolated ELDR to PON */ 3560 urtwn_write_1(sc, R92C_SYS_ISO_CTRL + 1, 3561 (R92C_SYS_ISO_CTRL_DIOR | 3562 R92C_SYS_ISO_CTRL_PWC_EV12V) >> 8); 3563 3564 /* 3565 * Disable analog sequence 3566 */ 3567 /* Disable A15 power */ 3568 urtwn_write_1(sc, R92C_LDOA15_CTRL, R92C_LDOA15_CTRL_OBUF); 3569 /* Disable digital core power */ 3570 urtwn_write_1(sc, R92C_LDOV12D_CTRL, 3571 urtwn_read_1(sc, R92C_LDOV12D_CTRL) & 3572 ~R92C_LDOV12D_CTRL_LDV12_EN); 3573 3574 /* Enter PFM mode */ 3575 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x23); 3576 3577 /* Set USB suspend */ 3578 urtwn_write_2(sc, R92C_APS_FSMCO, 3579 R92C_APS_FSMCO_APDM_HOST | 3580 R92C_APS_FSMCO_AFSM_HSUS | 3581 R92C_APS_FSMCO_PFM_ALDN); 3582 3583 /* Lock ISO/CLK/Power control register. */ 3584 urtwn_write_1(sc, R92C_RSV_CTRL, 0x0E); 3585} 3586 3587static void 3588urtwn_r88e_power_off(struct urtwn_softc *sc) 3589{ 3590 uint8_t reg; 3591 int ntries; 3592 3593 /* Disable any kind of TX reports. */ 3594 urtwn_write_1(sc, R88E_TX_RPT_CTRL, 3595 urtwn_read_1(sc, R88E_TX_RPT_CTRL) & 3596 ~(R88E_TX_RPT1_ENA | R88E_TX_RPT2_ENA)); 3597 3598 /* Stop Rx. */ 3599 urtwn_write_1(sc, R92C_CR, 0); 3600 3601 /* Move card to Low Power State. */ 3602 /* Block all Tx queues. */ 3603 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL); 3604 3605 for (ntries = 0; ntries < 20; ntries++) { 3606 /* Should be zero if no packet is transmitting. */ 3607 if (urtwn_read_4(sc, R88E_SCH_TXCMD) == 0) 3608 break; 3609 3610 urtwn_ms_delay(sc); 3611 } 3612 if (ntries == 20) { 3613 device_printf(sc->sc_dev, "%s: failed to block Tx queues\n", 3614 __func__); 3615 return; 3616 } 3617 3618 /* CCK and OFDM are disabled, and clock are gated. */ 3619 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3620 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~R92C_SYS_FUNC_EN_BBRSTB); 3621 3622 urtwn_ms_delay(sc); 3623 3624 /* Reset MAC TRX */ 3625 urtwn_write_1(sc, R92C_CR, 3626 R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3627 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | 3628 R92C_CR_PROTOCOL_EN | R92C_CR_SCHEDULE_EN); 3629 3630 /* check if removed later */ 3631 urtwn_write_1(sc, R92C_CR + 1, 3632 urtwn_read_1(sc, R92C_CR + 1) & ~(R92C_CR_ENSEC >> 8)); 3633 3634 /* Respond TxOK to scheduler */ 3635 urtwn_write_1(sc, R92C_DUAL_TSF_RST, 3636 urtwn_read_1(sc, R92C_DUAL_TSF_RST) | 0x20); 3637 3638 /* If firmware in ram code, do reset. */ 3639#ifndef URTWN_WITHOUT_UCODE 3640 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) 3641 urtwn_r88e_fw_reset(sc); 3642#endif 3643 3644 /* Reset MCU ready status. */ 3645 urtwn_write_1(sc, R92C_MCUFWDL, 0x00); 3646 3647 /* Disable 32k. */ 3648 urtwn_write_1(sc, R88E_32K_CTRL, 3649 urtwn_read_1(sc, R88E_32K_CTRL) & ~0x01); 3650 3651 /* Move card to Disabled state. */ 3652 /* Turn off RF. */ 3653 urtwn_write_1(sc, R92C_RF_CTRL, 0); 3654 3655 /* LDO Sleep mode. */ 3656 urtwn_write_1(sc, R92C_LPLDO_CTRL, 3657 urtwn_read_1(sc, R92C_LPLDO_CTRL) | R92C_LPLDO_CTRL_SLEEP); 3658 3659 /* Turn off MAC by HW state machine */ 3660 urtwn_write_1(sc, R92C_APS_FSMCO + 1, 3661 urtwn_read_1(sc, R92C_APS_FSMCO + 1) | 3662 (R92C_APS_FSMCO_APFM_OFF >> 8)); 3663 3664 for (ntries = 0; ntries < 20; ntries++) { 3665 /* Wait until it will be disabled. */ 3666 if ((urtwn_read_1(sc, R92C_APS_FSMCO + 1) & 3667 (R92C_APS_FSMCO_APFM_OFF >> 8)) == 0) 3668 break; 3669 3670 urtwn_ms_delay(sc); 3671 } 3672 if (ntries == 20) { 3673 device_printf(sc->sc_dev, "%s: could not turn off MAC\n", 3674 __func__); 3675 return; 3676 } 3677 3678 /* schmit trigger */ 3679 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2, 3680 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80); 3681 3682 /* Enable WL suspend. */ 3683 urtwn_write_1(sc, R92C_APS_FSMCO + 1, 3684 (urtwn_read_1(sc, R92C_APS_FSMCO + 1) & ~0x10) | 0x08); 3685 3686 /* Enable bandgap mbias in suspend. */ 3687 urtwn_write_1(sc, R92C_APS_FSMCO + 3, 0); 3688 3689 /* Clear SIC_EN register. */ 3690 urtwn_write_1(sc, R92C_GPIO_MUXCFG + 1, 3691 urtwn_read_1(sc, R92C_GPIO_MUXCFG + 1) & ~0x10); 3692 3693 /* Set USB suspend enable local register */ 3694 urtwn_write_1(sc, R92C_USB_SUSPEND, 3695 urtwn_read_1(sc, R92C_USB_SUSPEND) | 0x10); 3696 3697 /* Reset MCU IO Wrapper. */ 3698 reg = urtwn_read_1(sc, R92C_RSV_CTRL + 1); 3699 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg & ~0x08); 3700 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg | 0x08); 3701 3702 /* marked as 'For Power Consumption' code. */ 3703 urtwn_write_1(sc, R92C_GPIO_OUT, urtwn_read_1(sc, R92C_GPIO_IN)); 3704 urtwn_write_1(sc, R92C_GPIO_IOSEL, 0xff); 3705 3706 urtwn_write_1(sc, R92C_GPIO_IO_SEL, 3707 urtwn_read_1(sc, R92C_GPIO_IO_SEL) << 4); 3708 urtwn_write_1(sc, R92C_GPIO_MOD, 3709 urtwn_read_1(sc, R92C_GPIO_MOD) | 0x0f); 3710 3711 /* Set LNA, TRSW, EX_PA Pin to output mode. */ 3712 urtwn_write_4(sc, R88E_BB_PAD_CTRL, 0x00080808); 3713} 3714 3715static int 3716urtwn_llt_init(struct urtwn_softc *sc) 3717{ 3718 int i, error, page_count, pktbuf_count; 3719 3720 page_count = (sc->chip & URTWN_CHIP_88E) ? 3721 R88E_TX_PAGE_COUNT : R92C_TX_PAGE_COUNT; 3722 pktbuf_count = (sc->chip & URTWN_CHIP_88E) ? 3723 R88E_TXPKTBUF_COUNT : R92C_TXPKTBUF_COUNT; 3724 3725 /* Reserve pages [0; page_count]. */ 3726 for (i = 0; i < page_count; i++) { 3727 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 3728 return (error); 3729 } 3730 /* NB: 0xff indicates end-of-list. */ 3731 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0) 3732 return (error); 3733 /* 3734 * Use pages [page_count + 1; pktbuf_count - 1] 3735 * as ring buffer. 3736 */ 3737 for (++i; i < pktbuf_count - 1; i++) { 3738 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 3739 return (error); 3740 } 3741 /* Make the last page point to the beginning of the ring buffer. */ 3742 error = urtwn_llt_write(sc, i, page_count + 1); 3743 return (error); 3744} 3745 3746#ifndef URTWN_WITHOUT_UCODE 3747static void 3748urtwn_fw_reset(struct urtwn_softc *sc) 3749{ 3750 uint16_t reg; 3751 int ntries; 3752 3753 /* Tell 8051 to reset itself. */ 3754 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20); 3755 3756 /* Wait until 8051 resets by itself. */ 3757 for (ntries = 0; ntries < 100; ntries++) { 3758 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 3759 if (!(reg & R92C_SYS_FUNC_EN_CPUEN)) 3760 return; 3761 urtwn_ms_delay(sc); 3762 } 3763 /* Force 8051 reset. */ 3764 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 3765} 3766 3767static void 3768urtwn_r88e_fw_reset(struct urtwn_softc *sc) 3769{ 3770 uint16_t reg; 3771 3772 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 3773 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 3774 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg | R92C_SYS_FUNC_EN_CPUEN); 3775} 3776 3777static int 3778urtwn_fw_loadpage(struct urtwn_softc *sc, int page, const uint8_t *buf, int len) 3779{ 3780 uint32_t reg; 3781 usb_error_t error = USB_ERR_NORMAL_COMPLETION; 3782 int off, mlen; 3783 3784 reg = urtwn_read_4(sc, R92C_MCUFWDL); 3785 reg = RW(reg, R92C_MCUFWDL_PAGE, page); 3786 urtwn_write_4(sc, R92C_MCUFWDL, reg); 3787 3788 off = R92C_FW_START_ADDR; 3789 while (len > 0) { 3790 if (len > 196) 3791 mlen = 196; 3792 else if (len > 4) 3793 mlen = 4; 3794 else 3795 mlen = 1; 3796 /* XXX fix this deconst */ 3797 error = urtwn_write_region_1(sc, off, 3798 __DECONST(uint8_t *, buf), mlen); 3799 if (error != USB_ERR_NORMAL_COMPLETION) 3800 break; 3801 off += mlen; 3802 buf += mlen; 3803 len -= mlen; 3804 } 3805 return (error); 3806} 3807 3808static int 3809urtwn_load_firmware(struct urtwn_softc *sc) 3810{ 3811 const struct firmware *fw; 3812 const struct r92c_fw_hdr *hdr; 3813 const char *imagename; 3814 const u_char *ptr; 3815 size_t len; 3816 uint32_t reg; 3817 int mlen, ntries, page, error; 3818 3819 URTWN_UNLOCK(sc); 3820 /* Read firmware image from the filesystem. */ 3821 if (sc->chip & URTWN_CHIP_88E) 3822 imagename = "urtwn-rtl8188eufw"; 3823 else if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3824 URTWN_CHIP_UMC_A_CUT) 3825 imagename = "urtwn-rtl8192cfwU"; 3826 else 3827 imagename = "urtwn-rtl8192cfwT"; 3828 3829 fw = firmware_get(imagename); 3830 URTWN_LOCK(sc); 3831 if (fw == NULL) { 3832 device_printf(sc->sc_dev, 3833 "failed loadfirmware of file %s\n", imagename); 3834 return (ENOENT); 3835 } 3836 3837 len = fw->datasize; 3838 3839 if (len < sizeof(*hdr)) { 3840 device_printf(sc->sc_dev, "firmware too short\n"); 3841 error = EINVAL; 3842 goto fail; 3843 } 3844 ptr = fw->data; 3845 hdr = (const struct r92c_fw_hdr *)ptr; 3846 /* Check if there is a valid FW header and skip it. */ 3847 if ((le16toh(hdr->signature) >> 4) == 0x88c || 3848 (le16toh(hdr->signature) >> 4) == 0x88e || 3849 (le16toh(hdr->signature) >> 4) == 0x92c) { 3850 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, 3851 "FW V%d.%d %02d-%02d %02d:%02d\n", 3852 le16toh(hdr->version), le16toh(hdr->subversion), 3853 hdr->month, hdr->date, hdr->hour, hdr->minute); 3854 ptr += sizeof(*hdr); 3855 len -= sizeof(*hdr); 3856 } 3857 3858 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RAM_DL_SEL) { 3859 if (sc->chip & URTWN_CHIP_88E) 3860 urtwn_r88e_fw_reset(sc); 3861 else 3862 urtwn_fw_reset(sc); 3863 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3864 } 3865 3866 if (!(sc->chip & URTWN_CHIP_88E)) { 3867 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 3868 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 3869 R92C_SYS_FUNC_EN_CPUEN); 3870 } 3871 urtwn_write_1(sc, R92C_MCUFWDL, 3872 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN); 3873 urtwn_write_1(sc, R92C_MCUFWDL + 2, 3874 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08); 3875 3876 /* Reset the FWDL checksum. */ 3877 urtwn_write_1(sc, R92C_MCUFWDL, 3878 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_CHKSUM_RPT); 3879 3880 for (page = 0; len > 0; page++) { 3881 mlen = min(len, R92C_FW_PAGE_SIZE); 3882 error = urtwn_fw_loadpage(sc, page, ptr, mlen); 3883 if (error != 0) { 3884 device_printf(sc->sc_dev, 3885 "could not load firmware page\n"); 3886 goto fail; 3887 } 3888 ptr += mlen; 3889 len -= mlen; 3890 } 3891 urtwn_write_1(sc, R92C_MCUFWDL, 3892 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN); 3893 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0); 3894 3895 /* Wait for checksum report. */ 3896 for (ntries = 0; ntries < 1000; ntries++) { 3897 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT) 3898 break; 3899 urtwn_ms_delay(sc); 3900 } 3901 if (ntries == 1000) { 3902 device_printf(sc->sc_dev, 3903 "timeout waiting for checksum report\n"); 3904 error = ETIMEDOUT; 3905 goto fail; 3906 } 3907 3908 reg = urtwn_read_4(sc, R92C_MCUFWDL); 3909 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY; 3910 urtwn_write_4(sc, R92C_MCUFWDL, reg); 3911 if (sc->chip & URTWN_CHIP_88E) 3912 urtwn_r88e_fw_reset(sc); 3913 /* Wait for firmware readiness. */ 3914 for (ntries = 0; ntries < 1000; ntries++) { 3915 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY) 3916 break; 3917 urtwn_ms_delay(sc); 3918 } 3919 if (ntries == 1000) { 3920 device_printf(sc->sc_dev, 3921 "timeout waiting for firmware readiness\n"); 3922 error = ETIMEDOUT; 3923 goto fail; 3924 } 3925fail: 3926 firmware_put(fw, FIRMWARE_UNLOAD); 3927 return (error); 3928} 3929#endif 3930 3931static int 3932urtwn_dma_init(struct urtwn_softc *sc) 3933{ 3934 struct usb_endpoint *ep, *ep_end; 3935 usb_error_t usb_err; 3936 uint32_t reg; 3937 int hashq, hasnq, haslq, nqueues, ntx; 3938 int error, pagecount, npubqpages, nqpages, nrempages, tx_boundary; 3939 3940 /* Initialize LLT table. */ 3941 error = urtwn_llt_init(sc); 3942 if (error != 0) 3943 return (error); 3944 3945 /* Determine the number of bulk-out pipes. */ 3946 ntx = 0; 3947 ep = sc->sc_udev->endpoints; 3948 ep_end = sc->sc_udev->endpoints + sc->sc_udev->endpoints_max; 3949 for (; ep != ep_end; ep++) { 3950 if ((ep->edesc == NULL) || 3951 (ep->iface_index != sc->sc_iface_index)) 3952 continue; 3953 if (UE_GET_DIR(ep->edesc->bEndpointAddress) == UE_DIR_OUT) 3954 ntx++; 3955 } 3956 if (ntx == 0) { 3957 device_printf(sc->sc_dev, 3958 "%d: invalid number of Tx bulk pipes\n", ntx); 3959 return (EIO); 3960 } 3961 3962 /* Get Tx queues to USB endpoints mapping. */ 3963 hashq = hasnq = haslq = nqueues = 0; 3964 switch (ntx) { 3965 case 1: hashq = 1; break; 3966 case 2: hashq = hasnq = 1; break; 3967 case 3: case 4: hashq = hasnq = haslq = 1; break; 3968 } 3969 nqueues = hashq + hasnq + haslq; 3970 if (nqueues == 0) 3971 return (EIO); 3972 3973 npubqpages = nqpages = nrempages = pagecount = 0; 3974 if (sc->chip & URTWN_CHIP_88E) 3975 tx_boundary = R88E_TX_PAGE_BOUNDARY; 3976 else { 3977 pagecount = R92C_TX_PAGE_COUNT; 3978 npubqpages = R92C_PUBQ_NPAGES; 3979 tx_boundary = R92C_TX_PAGE_BOUNDARY; 3980 } 3981 3982 /* Set number of pages for normal priority queue. */ 3983 if (sc->chip & URTWN_CHIP_88E) { 3984 usb_err = urtwn_write_2(sc, R92C_RQPN_NPQ, 0xd); 3985 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3986 return (EIO); 3987 usb_err = urtwn_write_4(sc, R92C_RQPN, 0x808e000d); 3988 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3989 return (EIO); 3990 } else { 3991 /* Get the number of pages for each queue. */ 3992 nqpages = (pagecount - npubqpages) / nqueues; 3993 /* 3994 * The remaining pages are assigned to the high priority 3995 * queue. 3996 */ 3997 nrempages = (pagecount - npubqpages) % nqueues; 3998 usb_err = urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0); 3999 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4000 return (EIO); 4001 usb_err = urtwn_write_4(sc, R92C_RQPN, 4002 /* Set number of pages for public queue. */ 4003 SM(R92C_RQPN_PUBQ, npubqpages) | 4004 /* Set number of pages for high priority queue. */ 4005 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) | 4006 /* Set number of pages for low priority queue. */ 4007 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) | 4008 /* Load values. */ 4009 R92C_RQPN_LD); 4010 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4011 return (EIO); 4012 } 4013 4014 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary); 4015 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4016 return (EIO); 4017 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary); 4018 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4019 return (EIO); 4020 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary); 4021 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4022 return (EIO); 4023 usb_err = urtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary); 4024 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4025 return (EIO); 4026 usb_err = urtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary); 4027 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4028 return (EIO); 4029 4030 /* Set queue to USB pipe mapping. */ 4031 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL); 4032 reg &= ~R92C_TRXDMA_CTRL_QMAP_M; 4033 if (nqueues == 1) { 4034 if (hashq) 4035 reg |= R92C_TRXDMA_CTRL_QMAP_HQ; 4036 else if (hasnq) 4037 reg |= R92C_TRXDMA_CTRL_QMAP_NQ; 4038 else 4039 reg |= R92C_TRXDMA_CTRL_QMAP_LQ; 4040 } else if (nqueues == 2) { 4041 /* 4042 * All 2-endpoints configs have high and normal 4043 * priority queues. 4044 */ 4045 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ; 4046 } else 4047 reg |= R92C_TRXDMA_CTRL_QMAP_3EP; 4048 usb_err = urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg); 4049 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4050 return (EIO); 4051 4052 /* Set Tx/Rx transfer page boundary. */ 4053 usb_err = urtwn_write_2(sc, R92C_TRXFF_BNDY + 2, 4054 (sc->chip & URTWN_CHIP_88E) ? 0x23ff : 0x27ff); 4055 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4056 return (EIO); 4057 4058 /* Set Tx/Rx transfer page size. */ 4059 usb_err = urtwn_write_1(sc, R92C_PBP, 4060 SM(R92C_PBP_PSRX, R92C_PBP_128) | 4061 SM(R92C_PBP_PSTX, R92C_PBP_128)); 4062 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4063 return (EIO); 4064 4065 return (0); 4066} 4067 4068static int 4069urtwn_mac_init(struct urtwn_softc *sc) 4070{ 4071 usb_error_t error; 4072 int i; 4073 4074 /* Write MAC initialization values. */ 4075 if (sc->chip & URTWN_CHIP_88E) { 4076 for (i = 0; i < nitems(rtl8188eu_mac); i++) { 4077 error = urtwn_write_1(sc, rtl8188eu_mac[i].reg, 4078 rtl8188eu_mac[i].val); 4079 if (error != USB_ERR_NORMAL_COMPLETION) 4080 return (EIO); 4081 } 4082 urtwn_write_1(sc, R92C_MAX_AGGR_NUM, 0x07); 4083 } else { 4084 for (i = 0; i < nitems(rtl8192cu_mac); i++) 4085 error = urtwn_write_1(sc, rtl8192cu_mac[i].reg, 4086 rtl8192cu_mac[i].val); 4087 if (error != USB_ERR_NORMAL_COMPLETION) 4088 return (EIO); 4089 } 4090 4091 return (0); 4092} 4093 4094static void 4095urtwn_bb_init(struct urtwn_softc *sc) 4096{ 4097 const struct urtwn_bb_prog *prog; 4098 uint32_t reg; 4099 uint8_t crystalcap; 4100 int i; 4101 4102 /* Enable BB and RF. */ 4103 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 4104 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 4105 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST | 4106 R92C_SYS_FUNC_EN_DIO_RF); 4107 4108 if (!(sc->chip & URTWN_CHIP_88E)) 4109 urtwn_write_2(sc, R92C_AFE_PLL_CTRL, 0xdb83); 4110 4111 urtwn_write_1(sc, R92C_RF_CTRL, 4112 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB); 4113 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 4114 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD | 4115 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB); 4116 4117 if (!(sc->chip & URTWN_CHIP_88E)) { 4118 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f); 4119 urtwn_write_1(sc, 0x15, 0xe9); 4120 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80); 4121 } 4122 4123 /* Select BB programming based on board type. */ 4124 if (sc->chip & URTWN_CHIP_88E) 4125 prog = &rtl8188eu_bb_prog; 4126 else if (!(sc->chip & URTWN_CHIP_92C)) { 4127 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 4128 prog = &rtl8188ce_bb_prog; 4129 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 4130 prog = &rtl8188ru_bb_prog; 4131 else 4132 prog = &rtl8188cu_bb_prog; 4133 } else { 4134 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 4135 prog = &rtl8192ce_bb_prog; 4136 else 4137 prog = &rtl8192cu_bb_prog; 4138 } 4139 /* Write BB initialization values. */ 4140 for (i = 0; i < prog->count; i++) { 4141 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]); 4142 urtwn_ms_delay(sc); 4143 } 4144 4145 if (sc->chip & URTWN_CHIP_92C_1T2R) { 4146 /* 8192C 1T only configuration. */ 4147 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO); 4148 reg = (reg & ~0x00000003) | 0x2; 4149 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg); 4150 4151 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO); 4152 reg = (reg & ~0x00300033) | 0x00200022; 4153 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg); 4154 4155 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING); 4156 reg = (reg & ~0xff000000) | 0x45 << 24; 4157 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg); 4158 4159 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA); 4160 reg = (reg & ~0x000000ff) | 0x23; 4161 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg); 4162 4163 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1); 4164 reg = (reg & ~0x00000030) | 1 << 4; 4165 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg); 4166 4167 reg = urtwn_bb_read(sc, 0xe74); 4168 reg = (reg & ~0x0c000000) | 2 << 26; 4169 urtwn_bb_write(sc, 0xe74, reg); 4170 reg = urtwn_bb_read(sc, 0xe78); 4171 reg = (reg & ~0x0c000000) | 2 << 26; 4172 urtwn_bb_write(sc, 0xe78, reg); 4173 reg = urtwn_bb_read(sc, 0xe7c); 4174 reg = (reg & ~0x0c000000) | 2 << 26; 4175 urtwn_bb_write(sc, 0xe7c, reg); 4176 reg = urtwn_bb_read(sc, 0xe80); 4177 reg = (reg & ~0x0c000000) | 2 << 26; 4178 urtwn_bb_write(sc, 0xe80, reg); 4179 reg = urtwn_bb_read(sc, 0xe88); 4180 reg = (reg & ~0x0c000000) | 2 << 26; 4181 urtwn_bb_write(sc, 0xe88, reg); 4182 } 4183 4184 /* Write AGC values. */ 4185 for (i = 0; i < prog->agccount; i++) { 4186 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE, 4187 prog->agcvals[i]); 4188 urtwn_ms_delay(sc); 4189 } 4190 4191 if (sc->chip & URTWN_CHIP_88E) { 4192 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553422); 4193 urtwn_ms_delay(sc); 4194 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553420); 4195 urtwn_ms_delay(sc); 4196 4197 crystalcap = sc->rom.r88e_rom.crystalcap; 4198 if (crystalcap == 0xff) 4199 crystalcap = 0x20; 4200 crystalcap &= 0x3f; 4201 reg = urtwn_bb_read(sc, R92C_AFE_XTAL_CTRL); 4202 urtwn_bb_write(sc, R92C_AFE_XTAL_CTRL, 4203 RW(reg, R92C_AFE_XTAL_CTRL_ADDR, 4204 crystalcap | crystalcap << 6)); 4205 } else { 4206 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) & 4207 R92C_HSSI_PARAM2_CCK_HIPWR) 4208 sc->sc_flags |= URTWN_FLAG_CCK_HIPWR; 4209 } 4210} 4211 4212static void 4213urtwn_rf_init(struct urtwn_softc *sc) 4214{ 4215 const struct urtwn_rf_prog *prog; 4216 uint32_t reg, type; 4217 int i, j, idx, off; 4218 4219 /* Select RF programming based on board type. */ 4220 if (sc->chip & URTWN_CHIP_88E) 4221 prog = rtl8188eu_rf_prog; 4222 else if (!(sc->chip & URTWN_CHIP_92C)) { 4223 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 4224 prog = rtl8188ce_rf_prog; 4225 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 4226 prog = rtl8188ru_rf_prog; 4227 else 4228 prog = rtl8188cu_rf_prog; 4229 } else 4230 prog = rtl8192ce_rf_prog; 4231 4232 for (i = 0; i < sc->nrxchains; i++) { 4233 /* Save RF_ENV control type. */ 4234 idx = i / 2; 4235 off = (i % 2) * 16; 4236 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 4237 type = (reg >> off) & 0x10; 4238 4239 /* Set RF_ENV enable. */ 4240 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 4241 reg |= 0x100000; 4242 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 4243 urtwn_ms_delay(sc); 4244 /* Set RF_ENV output high. */ 4245 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 4246 reg |= 0x10; 4247 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 4248 urtwn_ms_delay(sc); 4249 /* Set address and data lengths of RF registers. */ 4250 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 4251 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH; 4252 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 4253 urtwn_ms_delay(sc); 4254 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 4255 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH; 4256 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 4257 urtwn_ms_delay(sc); 4258 4259 /* Write RF initialization values for this chain. */ 4260 for (j = 0; j < prog[i].count; j++) { 4261 if (prog[i].regs[j] >= 0xf9 && 4262 prog[i].regs[j] <= 0xfe) { 4263 /* 4264 * These are fake RF registers offsets that 4265 * indicate a delay is required. 4266 */ 4267 usb_pause_mtx(&sc->sc_mtx, hz / 20); /* 50ms */ 4268 continue; 4269 } 4270 urtwn_rf_write(sc, i, prog[i].regs[j], 4271 prog[i].vals[j]); 4272 urtwn_ms_delay(sc); 4273 } 4274 4275 /* Restore RF_ENV control type. */ 4276 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 4277 reg &= ~(0x10 << off) | (type << off); 4278 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg); 4279 4280 /* Cache RF register CHNLBW. */ 4281 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW); 4282 } 4283 4284 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 4285 URTWN_CHIP_UMC_A_CUT) { 4286 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255); 4287 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00); 4288 } 4289} 4290 4291static void 4292urtwn_cam_init(struct urtwn_softc *sc) 4293{ 4294 /* Invalidate all CAM entries. */ 4295 urtwn_write_4(sc, R92C_CAMCMD, 4296 R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR); 4297} 4298 4299static int 4300urtwn_cam_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 4301{ 4302 usb_error_t error; 4303 4304 error = urtwn_write_4(sc, R92C_CAMWRITE, data); 4305 if (error != USB_ERR_NORMAL_COMPLETION) 4306 return (EIO); 4307 error = urtwn_write_4(sc, R92C_CAMCMD, 4308 R92C_CAMCMD_POLLING | R92C_CAMCMD_WRITE | 4309 SM(R92C_CAMCMD_ADDR, addr)); 4310 if (error != USB_ERR_NORMAL_COMPLETION) 4311 return (EIO); 4312 4313 return (0); 4314} 4315 4316static void 4317urtwn_pa_bias_init(struct urtwn_softc *sc) 4318{ 4319 uint8_t reg; 4320 int i; 4321 4322 for (i = 0; i < sc->nrxchains; i++) { 4323 if (sc->pa_setting & (1 << i)) 4324 continue; 4325 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406); 4326 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406); 4327 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406); 4328 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406); 4329 } 4330 if (!(sc->pa_setting & 0x10)) { 4331 reg = urtwn_read_1(sc, 0x16); 4332 reg = (reg & ~0xf0) | 0x90; 4333 urtwn_write_1(sc, 0x16, reg); 4334 } 4335} 4336 4337static void 4338urtwn_rxfilter_init(struct urtwn_softc *sc) 4339{ 4340 struct ieee80211com *ic = &sc->sc_ic; 4341 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4342 uint32_t rcr; 4343 uint16_t filter; 4344 4345 URTWN_ASSERT_LOCKED(sc); 4346 4347 /* Accept all multicast frames. */ 4348 urtwn_write_4(sc, R92C_MAR + 0, 0xffffffff); 4349 urtwn_write_4(sc, R92C_MAR + 4, 0xffffffff); 4350 4351 /* Filter for management frames. */ 4352 filter = 0x7f3f; 4353 switch (vap->iv_opmode) { 4354 case IEEE80211_M_STA: 4355 filter &= ~( 4356 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_REQ) | 4357 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_REQ) | 4358 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_PROBE_REQ)); 4359 break; 4360 case IEEE80211_M_HOSTAP: 4361 filter &= ~( 4362 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_RESP) | 4363 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_RESP)); 4364 break; 4365 case IEEE80211_M_MONITOR: 4366 case IEEE80211_M_IBSS: 4367 break; 4368 default: 4369 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 4370 __func__, vap->iv_opmode); 4371 break; 4372 } 4373 urtwn_write_2(sc, R92C_RXFLTMAP0, filter); 4374 4375 /* Reject all control frames. */ 4376 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000); 4377 4378 /* Reject all data frames. */ 4379 urtwn_write_2(sc, R92C_RXFLTMAP2, 0x0000); 4380 4381 rcr = R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_APM | 4382 R92C_RCR_HTC_LOC_CTRL | R92C_RCR_APP_PHYSTS | 4383 R92C_RCR_APP_ICV | R92C_RCR_APP_MIC; 4384 4385 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 4386 /* Accept all frames. */ 4387 rcr |= R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | 4388 R92C_RCR_AAP; 4389 } 4390 4391 /* Set Rx filter. */ 4392 urtwn_write_4(sc, R92C_RCR, rcr); 4393 4394 if (ic->ic_promisc != 0) { 4395 /* Update Rx filter. */ 4396 urtwn_set_promisc(sc); 4397 } 4398} 4399 4400static void 4401urtwn_edca_init(struct urtwn_softc *sc) 4402{ 4403 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a); 4404 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a); 4405 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a); 4406 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a); 4407 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b); 4408 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f); 4409 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324); 4410 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226); 4411} 4412 4413static void 4414urtwn_write_txpower(struct urtwn_softc *sc, int chain, 4415 uint16_t power[URTWN_RIDX_COUNT]) 4416{ 4417 uint32_t reg; 4418 4419 /* Write per-CCK rate Tx power. */ 4420 if (chain == 0) { 4421 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32); 4422 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]); 4423 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg); 4424 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 4425 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]); 4426 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]); 4427 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]); 4428 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 4429 } else { 4430 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32); 4431 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]); 4432 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]); 4433 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]); 4434 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg); 4435 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 4436 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]); 4437 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 4438 } 4439 /* Write per-OFDM rate Tx power. */ 4440 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain), 4441 SM(R92C_TXAGC_RATE06, power[ 4]) | 4442 SM(R92C_TXAGC_RATE09, power[ 5]) | 4443 SM(R92C_TXAGC_RATE12, power[ 6]) | 4444 SM(R92C_TXAGC_RATE18, power[ 7])); 4445 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain), 4446 SM(R92C_TXAGC_RATE24, power[ 8]) | 4447 SM(R92C_TXAGC_RATE36, power[ 9]) | 4448 SM(R92C_TXAGC_RATE48, power[10]) | 4449 SM(R92C_TXAGC_RATE54, power[11])); 4450 /* Write per-MCS Tx power. */ 4451 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain), 4452 SM(R92C_TXAGC_MCS00, power[12]) | 4453 SM(R92C_TXAGC_MCS01, power[13]) | 4454 SM(R92C_TXAGC_MCS02, power[14]) | 4455 SM(R92C_TXAGC_MCS03, power[15])); 4456 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain), 4457 SM(R92C_TXAGC_MCS04, power[16]) | 4458 SM(R92C_TXAGC_MCS05, power[17]) | 4459 SM(R92C_TXAGC_MCS06, power[18]) | 4460 SM(R92C_TXAGC_MCS07, power[19])); 4461 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain), 4462 SM(R92C_TXAGC_MCS08, power[20]) | 4463 SM(R92C_TXAGC_MCS09, power[21]) | 4464 SM(R92C_TXAGC_MCS10, power[22]) | 4465 SM(R92C_TXAGC_MCS11, power[23])); 4466 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain), 4467 SM(R92C_TXAGC_MCS12, power[24]) | 4468 SM(R92C_TXAGC_MCS13, power[25]) | 4469 SM(R92C_TXAGC_MCS14, power[26]) | 4470 SM(R92C_TXAGC_MCS15, power[27])); 4471} 4472 4473static void 4474urtwn_get_txpower(struct urtwn_softc *sc, int chain, 4475 struct ieee80211_channel *c, struct ieee80211_channel *extc, 4476 uint16_t power[URTWN_RIDX_COUNT]) 4477{ 4478 struct ieee80211com *ic = &sc->sc_ic; 4479 struct r92c_rom *rom = &sc->rom.r92c_rom; 4480 uint16_t cckpow, ofdmpow, htpow, diff, max; 4481 const struct urtwn_txpwr *base; 4482 int ridx, chan, group; 4483 4484 /* Determine channel group. */ 4485 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4486 if (chan <= 3) 4487 group = 0; 4488 else if (chan <= 9) 4489 group = 1; 4490 else 4491 group = 2; 4492 4493 /* Get original Tx power based on board type and RF chain. */ 4494 if (!(sc->chip & URTWN_CHIP_92C)) { 4495 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 4496 base = &rtl8188ru_txagc[chain]; 4497 else 4498 base = &rtl8192cu_txagc[chain]; 4499 } else 4500 base = &rtl8192cu_txagc[chain]; 4501 4502 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 4503 if (sc->regulatory == 0) { 4504 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 4505 power[ridx] = base->pwr[0][ridx]; 4506 } 4507 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 4508 if (sc->regulatory == 3) { 4509 power[ridx] = base->pwr[0][ridx]; 4510 /* Apply vendor limits. */ 4511 if (extc != NULL) 4512 max = rom->ht40_max_pwr[group]; 4513 else 4514 max = rom->ht20_max_pwr[group]; 4515 max = (max >> (chain * 4)) & 0xf; 4516 if (power[ridx] > max) 4517 power[ridx] = max; 4518 } else if (sc->regulatory == 1) { 4519 if (extc == NULL) 4520 power[ridx] = base->pwr[group][ridx]; 4521 } else if (sc->regulatory != 2) 4522 power[ridx] = base->pwr[0][ridx]; 4523 } 4524 4525 /* Compute per-CCK rate Tx power. */ 4526 cckpow = rom->cck_tx_pwr[chain][group]; 4527 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 4528 power[ridx] += cckpow; 4529 if (power[ridx] > R92C_MAX_TX_PWR) 4530 power[ridx] = R92C_MAX_TX_PWR; 4531 } 4532 4533 htpow = rom->ht40_1s_tx_pwr[chain][group]; 4534 if (sc->ntxchains > 1) { 4535 /* Apply reduction for 2 spatial streams. */ 4536 diff = rom->ht40_2s_tx_pwr_diff[group]; 4537 diff = (diff >> (chain * 4)) & 0xf; 4538 htpow = (htpow > diff) ? htpow - diff : 0; 4539 } 4540 4541 /* Compute per-OFDM rate Tx power. */ 4542 diff = rom->ofdm_tx_pwr_diff[group]; 4543 diff = (diff >> (chain * 4)) & 0xf; 4544 ofdmpow = htpow + diff; /* HT->OFDM correction. */ 4545 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 4546 power[ridx] += ofdmpow; 4547 if (power[ridx] > R92C_MAX_TX_PWR) 4548 power[ridx] = R92C_MAX_TX_PWR; 4549 } 4550 4551 /* Compute per-MCS Tx power. */ 4552 if (extc == NULL) { 4553 diff = rom->ht20_tx_pwr_diff[group]; 4554 diff = (diff >> (chain * 4)) & 0xf; 4555 htpow += diff; /* HT40->HT20 correction. */ 4556 } 4557 for (ridx = 12; ridx <= 27; ridx++) { 4558 power[ridx] += htpow; 4559 if (power[ridx] > R92C_MAX_TX_PWR) 4560 power[ridx] = R92C_MAX_TX_PWR; 4561 } 4562#ifdef USB_DEBUG 4563 if (sc->sc_debug & URTWN_DEBUG_TXPWR) { 4564 /* Dump per-rate Tx power values. */ 4565 printf("Tx power for chain %d:\n", chain); 4566 for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++) 4567 printf("Rate %d = %u\n", ridx, power[ridx]); 4568 } 4569#endif 4570} 4571 4572static void 4573urtwn_r88e_get_txpower(struct urtwn_softc *sc, int chain, 4574 struct ieee80211_channel *c, struct ieee80211_channel *extc, 4575 uint16_t power[URTWN_RIDX_COUNT]) 4576{ 4577 struct ieee80211com *ic = &sc->sc_ic; 4578 struct r88e_rom *rom = &sc->rom.r88e_rom; 4579 uint16_t cckpow, ofdmpow, bw20pow, htpow; 4580 const struct urtwn_r88e_txpwr *base; 4581 int ridx, chan, group; 4582 4583 /* Determine channel group. */ 4584 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4585 if (chan <= 2) 4586 group = 0; 4587 else if (chan <= 5) 4588 group = 1; 4589 else if (chan <= 8) 4590 group = 2; 4591 else if (chan <= 11) 4592 group = 3; 4593 else if (chan <= 13) 4594 group = 4; 4595 else 4596 group = 5; 4597 4598 /* Get original Tx power based on board type and RF chain. */ 4599 base = &rtl8188eu_txagc[chain]; 4600 4601 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 4602 if (sc->regulatory == 0) { 4603 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 4604 power[ridx] = base->pwr[0][ridx]; 4605 } 4606 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 4607 if (sc->regulatory == 3) 4608 power[ridx] = base->pwr[0][ridx]; 4609 else if (sc->regulatory == 1) { 4610 if (extc == NULL) 4611 power[ridx] = base->pwr[group][ridx]; 4612 } else if (sc->regulatory != 2) 4613 power[ridx] = base->pwr[0][ridx]; 4614 } 4615 4616 /* Compute per-CCK rate Tx power. */ 4617 cckpow = rom->cck_tx_pwr[group]; 4618 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 4619 power[ridx] += cckpow; 4620 if (power[ridx] > R92C_MAX_TX_PWR) 4621 power[ridx] = R92C_MAX_TX_PWR; 4622 } 4623 4624 htpow = rom->ht40_tx_pwr[group]; 4625 4626 /* Compute per-OFDM rate Tx power. */ 4627 ofdmpow = htpow + sc->ofdm_tx_pwr_diff; 4628 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 4629 power[ridx] += ofdmpow; 4630 if (power[ridx] > R92C_MAX_TX_PWR) 4631 power[ridx] = R92C_MAX_TX_PWR; 4632 } 4633 4634 bw20pow = htpow + sc->bw20_tx_pwr_diff; 4635 for (ridx = 12; ridx <= 27; ridx++) { 4636 power[ridx] += bw20pow; 4637 if (power[ridx] > R92C_MAX_TX_PWR) 4638 power[ridx] = R92C_MAX_TX_PWR; 4639 } 4640} 4641 4642static void 4643urtwn_set_txpower(struct urtwn_softc *sc, struct ieee80211_channel *c, 4644 struct ieee80211_channel *extc) 4645{ 4646 uint16_t power[URTWN_RIDX_COUNT]; 4647 int i; 4648 4649 for (i = 0; i < sc->ntxchains; i++) { 4650 /* Compute per-rate Tx power values. */ 4651 if (sc->chip & URTWN_CHIP_88E) 4652 urtwn_r88e_get_txpower(sc, i, c, extc, power); 4653 else 4654 urtwn_get_txpower(sc, i, c, extc, power); 4655 /* Write per-rate Tx power values to hardware. */ 4656 urtwn_write_txpower(sc, i, power); 4657 } 4658} 4659 4660static void 4661urtwn_set_rx_bssid_all(struct urtwn_softc *sc, int enable) 4662{ 4663 uint32_t reg; 4664 4665 reg = urtwn_read_4(sc, R92C_RCR); 4666 if (enable) 4667 reg &= ~R92C_RCR_CBSSID_BCN; 4668 else 4669 reg |= R92C_RCR_CBSSID_BCN; 4670 urtwn_write_4(sc, R92C_RCR, reg); 4671} 4672 4673static void 4674urtwn_set_gain(struct urtwn_softc *sc, uint8_t gain) 4675{ 4676 uint32_t reg; 4677 4678 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 4679 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 4680 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 4681 4682 if (!(sc->chip & URTWN_CHIP_88E)) { 4683 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 4684 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 4685 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 4686 } 4687} 4688 4689static void 4690urtwn_scan_start(struct ieee80211com *ic) 4691{ 4692 struct urtwn_softc *sc = ic->ic_softc; 4693 4694 URTWN_LOCK(sc); 4695 /* Receive beacons / probe responses from any BSSID. */ 4696 if (ic->ic_opmode != IEEE80211_M_IBSS) 4697 urtwn_set_rx_bssid_all(sc, 1); 4698 4699 /* Set gain for scanning. */ 4700 urtwn_set_gain(sc, 0x20); 4701 URTWN_UNLOCK(sc); 4702} 4703 4704static void 4705urtwn_scan_end(struct ieee80211com *ic) 4706{ 4707 struct urtwn_softc *sc = ic->ic_softc; 4708 4709 URTWN_LOCK(sc); 4710 /* Restore limitations. */ 4711 if (ic->ic_promisc == 0 && ic->ic_opmode != IEEE80211_M_IBSS) 4712 urtwn_set_rx_bssid_all(sc, 0); 4713 4714 /* Set gain under link. */ 4715 urtwn_set_gain(sc, 0x32); 4716 URTWN_UNLOCK(sc); 4717} 4718 4719static void 4720urtwn_set_channel(struct ieee80211com *ic) 4721{ 4722 struct urtwn_softc *sc = ic->ic_softc; 4723 struct ieee80211_channel *c = ic->ic_curchan; 4724 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4725 4726 URTWN_LOCK(sc); 4727 if (vap->iv_state == IEEE80211_S_SCAN) { 4728 /* Make link LED blink during scan. */ 4729 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink); 4730 } 4731 urtwn_set_chan(sc, c, NULL); 4732 sc->sc_rxtap.wr_chan_freq = htole16(c->ic_freq); 4733 sc->sc_rxtap.wr_chan_flags = htole16(c->ic_flags); 4734 sc->sc_txtap.wt_chan_freq = htole16(c->ic_freq); 4735 sc->sc_txtap.wt_chan_flags = htole16(c->ic_flags); 4736 URTWN_UNLOCK(sc); 4737} 4738 4739static int 4740urtwn_wme_update(struct ieee80211com *ic) 4741{ 4742 const struct wmeParams *wmep = 4743 ic->ic_wme.wme_chanParams.cap_wmeParams; 4744 struct urtwn_softc *sc = ic->ic_softc; 4745 uint8_t aifs, acm, slottime; 4746 int ac; 4747 4748 acm = 0; 4749 slottime = IEEE80211_GET_SLOTTIME(ic); 4750 4751 URTWN_LOCK(sc); 4752 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { 4753 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 4754 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; 4755 urtwn_write_4(sc, wme2queue[ac].reg, 4756 SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) | 4757 SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) | 4758 SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) | 4759 SM(R92C_EDCA_PARAM_AIFS, aifs)); 4760 if (ac != WME_AC_BE) 4761 acm |= wmep[ac].wmep_acm << ac; 4762 } 4763 4764 if (acm != 0) 4765 acm |= R92C_ACMHWCTRL_EN; 4766 urtwn_write_1(sc, R92C_ACMHWCTRL, 4767 (urtwn_read_1(sc, R92C_ACMHWCTRL) & ~R92C_ACMHWCTRL_ACM_MASK) | 4768 acm); 4769 4770 URTWN_UNLOCK(sc); 4771 4772 return 0; 4773} 4774 4775static void 4776urtwn_update_slot(struct ieee80211com *ic) 4777{ 4778 urtwn_cmd_sleepable(ic->ic_softc, NULL, 0, urtwn_update_slot_cb); 4779} 4780 4781static void 4782urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data) 4783{ 4784 struct ieee80211com *ic = &sc->sc_ic; 4785 uint8_t slottime; 4786 4787 slottime = IEEE80211_GET_SLOTTIME(ic); 4788 4789 URTWN_DPRINTF(sc, URTWN_DEBUG_ANY, "%s: setting slot time to %uus\n", 4790 __func__, slottime); 4791 4792 urtwn_write_1(sc, R92C_SLOT, slottime); 4793 urtwn_update_aifs(sc, slottime); 4794} 4795 4796static void 4797urtwn_update_aifs(struct urtwn_softc *sc, uint8_t slottime) 4798{ 4799 const struct wmeParams *wmep = 4800 sc->sc_ic.ic_wme.wme_chanParams.cap_wmeParams; 4801 uint8_t aifs, ac; 4802 4803 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { 4804 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 4805 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; 4806 urtwn_write_1(sc, wme2queue[ac].reg, aifs); 4807 } 4808} 4809 4810static void 4811urtwn_set_promisc(struct urtwn_softc *sc) 4812{ 4813 struct ieee80211com *ic = &sc->sc_ic; 4814 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4815 uint32_t rcr, mask1, mask2; 4816 4817 URTWN_ASSERT_LOCKED(sc); 4818 4819 if (vap->iv_opmode == IEEE80211_M_MONITOR) 4820 return; 4821 4822 mask1 = R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | R92C_RCR_AAP; 4823 mask2 = R92C_RCR_APM; 4824 4825 if (vap->iv_state == IEEE80211_S_RUN) { 4826 switch (vap->iv_opmode) { 4827 case IEEE80211_M_STA: 4828 mask2 |= R92C_RCR_CBSSID_DATA; 4829 /* FALLTHROUGH */ 4830 case IEEE80211_M_HOSTAP: 4831 mask2 |= R92C_RCR_CBSSID_BCN; 4832 break; 4833 case IEEE80211_M_IBSS: 4834 mask2 |= R92C_RCR_CBSSID_DATA; 4835 break; 4836 default: 4837 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 4838 __func__, vap->iv_opmode); 4839 return; 4840 } 4841 } 4842 4843 rcr = urtwn_read_4(sc, R92C_RCR); 4844 if (ic->ic_promisc == 0) 4845 rcr = (rcr & ~mask1) | mask2; 4846 else 4847 rcr = (rcr & ~mask2) | mask1; 4848 urtwn_write_4(sc, R92C_RCR, rcr); 4849} 4850 4851static void 4852urtwn_update_promisc(struct ieee80211com *ic) 4853{ 4854 struct urtwn_softc *sc = ic->ic_softc; 4855 4856 URTWN_LOCK(sc); 4857 if (sc->sc_flags & URTWN_RUNNING) 4858 urtwn_set_promisc(sc); 4859 URTWN_UNLOCK(sc); 4860} 4861 4862static void 4863urtwn_update_mcast(struct ieee80211com *ic) 4864{ 4865 /* XXX do nothing? */ 4866} 4867 4868static struct ieee80211_node * 4869urtwn_r88e_node_alloc(struct ieee80211vap *vap, 4870 const uint8_t mac[IEEE80211_ADDR_LEN]) 4871{ 4872 struct urtwn_node *un; 4873 4874 un = malloc(sizeof (struct urtwn_node), M_80211_NODE, 4875 M_NOWAIT | M_ZERO); 4876 4877 if (un == NULL) 4878 return NULL; 4879 4880 un->id = URTWN_MACID_UNDEFINED; 4881 4882 return &un->ni; 4883} 4884 4885static void 4886urtwn_r88e_newassoc(struct ieee80211_node *ni, int isnew) 4887{ 4888 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 4889 struct urtwn_node *un = URTWN_NODE(ni); 4890 uint8_t id; 4891 4892 if (!isnew) 4893 return; 4894 4895 URTWN_NT_LOCK(sc); 4896 for (id = 0; id <= URTWN_MACID_MAX(sc); id++) { 4897 if (id != URTWN_MACID_BC && sc->node_list[id] == NULL) { 4898 un->id = id; 4899 sc->node_list[id] = ni; 4900 break; 4901 } 4902 } 4903 URTWN_NT_UNLOCK(sc); 4904 4905 if (id > URTWN_MACID_MAX(sc)) { 4906 device_printf(sc->sc_dev, "%s: node table is full\n", 4907 __func__); 4908 } 4909} 4910 4911static void 4912urtwn_r88e_node_free(struct ieee80211_node *ni) 4913{ 4914 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 4915 struct urtwn_node *un = URTWN_NODE(ni); 4916 4917 URTWN_NT_LOCK(sc); 4918 if (un->id != URTWN_MACID_UNDEFINED) 4919 sc->node_list[un->id] = NULL; 4920 URTWN_NT_UNLOCK(sc); 4921 4922 sc->sc_node_free(ni); 4923} 4924 4925static void 4926urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c, 4927 struct ieee80211_channel *extc) 4928{ 4929 struct ieee80211com *ic = &sc->sc_ic; 4930 uint32_t reg; 4931 u_int chan; 4932 int i; 4933 4934 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4935 if (chan == 0 || chan == IEEE80211_CHAN_ANY) { 4936 device_printf(sc->sc_dev, 4937 "%s: invalid channel %x\n", __func__, chan); 4938 return; 4939 } 4940 4941 /* Set Tx power for this new channel. */ 4942 urtwn_set_txpower(sc, c, extc); 4943 4944 for (i = 0; i < sc->nrxchains; i++) { 4945 urtwn_rf_write(sc, i, R92C_RF_CHNLBW, 4946 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan)); 4947 } 4948#ifndef IEEE80211_NO_HT 4949 if (extc != NULL) { 4950 /* Is secondary channel below or above primary? */ 4951 int prichlo = c->ic_freq < extc->ic_freq; 4952 4953 urtwn_write_1(sc, R92C_BWOPMODE, 4954 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ); 4955 4956 reg = urtwn_read_1(sc, R92C_RRSR + 2); 4957 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5; 4958 urtwn_write_1(sc, R92C_RRSR + 2, reg); 4959 4960 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 4961 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ); 4962 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 4963 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ); 4964 4965 /* Set CCK side band. */ 4966 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM); 4967 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4; 4968 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg); 4969 4970 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF); 4971 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10; 4972 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg); 4973 4974 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 4975 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) & 4976 ~R92C_FPGA0_ANAPARAM2_CBW20); 4977 4978 reg = urtwn_bb_read(sc, 0x818); 4979 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26; 4980 urtwn_bb_write(sc, 0x818, reg); 4981 4982 /* Select 40MHz bandwidth. */ 4983 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 4984 (sc->rf_chnlbw[0] & ~0xfff) | chan); 4985 } else 4986#endif 4987 { 4988 urtwn_write_1(sc, R92C_BWOPMODE, 4989 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ); 4990 4991 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 4992 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ); 4993 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 4994 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ); 4995 4996 if (!(sc->chip & URTWN_CHIP_88E)) { 4997 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 4998 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) | 4999 R92C_FPGA0_ANAPARAM2_CBW20); 5000 } 5001 5002 /* Select 20MHz bandwidth. */ 5003 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 5004 (sc->rf_chnlbw[0] & ~0xfff) | chan | 5005 ((sc->chip & URTWN_CHIP_88E) ? R88E_RF_CHNLBW_BW20 : 5006 R92C_RF_CHNLBW_BW20)); 5007 } 5008} 5009 5010static void 5011urtwn_iq_calib(struct urtwn_softc *sc) 5012{ 5013 /* TODO */ 5014} 5015 5016static void 5017urtwn_lc_calib(struct urtwn_softc *sc) 5018{ 5019 uint32_t rf_ac[2]; 5020 uint8_t txmode; 5021 int i; 5022 5023 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3); 5024 if ((txmode & 0x70) != 0) { 5025 /* Disable all continuous Tx. */ 5026 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70); 5027 5028 /* Set RF mode to standby mode. */ 5029 for (i = 0; i < sc->nrxchains; i++) { 5030 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC); 5031 urtwn_rf_write(sc, i, R92C_RF_AC, 5032 RW(rf_ac[i], R92C_RF_AC_MODE, 5033 R92C_RF_AC_MODE_STANDBY)); 5034 } 5035 } else { 5036 /* Block all Tx queues. */ 5037 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL); 5038 } 5039 /* Start calibration. */ 5040 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 5041 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART); 5042 5043 /* Give calibration the time to complete. */ 5044 usb_pause_mtx(&sc->sc_mtx, hz / 10); /* 100ms */ 5045 5046 /* Restore configuration. */ 5047 if ((txmode & 0x70) != 0) { 5048 /* Restore Tx mode. */ 5049 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode); 5050 /* Restore RF mode. */ 5051 for (i = 0; i < sc->nrxchains; i++) 5052 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]); 5053 } else { 5054 /* Unblock all Tx queues. */ 5055 urtwn_write_1(sc, R92C_TXPAUSE, 0x00); 5056 } 5057} 5058 5059static void 5060urtwn_temp_calib(struct urtwn_softc *sc) 5061{ 5062 uint8_t temp; 5063 5064 URTWN_ASSERT_LOCKED(sc); 5065 5066 if (!(sc->sc_flags & URTWN_TEMP_MEASURED)) { 5067 /* Start measuring temperature. */ 5068 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, 5069 "%s: start measuring temperature\n", __func__); 5070 if (sc->chip & URTWN_CHIP_88E) { 5071 urtwn_rf_write(sc, 0, R88E_RF_T_METER, 5072 R88E_RF_T_METER_START); 5073 } else { 5074 urtwn_rf_write(sc, 0, R92C_RF_T_METER, 5075 R92C_RF_T_METER_START); 5076 } 5077 sc->sc_flags |= URTWN_TEMP_MEASURED; 5078 return; 5079 } 5080 sc->sc_flags &= ~URTWN_TEMP_MEASURED; 5081 5082 /* Read measured temperature. */ 5083 if (sc->chip & URTWN_CHIP_88E) { 5084 temp = MS(urtwn_rf_read(sc, 0, R88E_RF_T_METER), 5085 R88E_RF_T_METER_VAL); 5086 } else { 5087 temp = MS(urtwn_rf_read(sc, 0, R92C_RF_T_METER), 5088 R92C_RF_T_METER_VAL); 5089 } 5090 if (temp == 0) { /* Read failed, skip. */ 5091 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, 5092 "%s: temperature read failed, skipping\n", __func__); 5093 return; 5094 } 5095 5096 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, 5097 "%s: temperature: previous %u, current %u\n", 5098 __func__, sc->thcal_lctemp, temp); 5099 5100 /* 5101 * Redo LC calibration if temperature changed significantly since 5102 * last calibration. 5103 */ 5104 if (sc->thcal_lctemp == 0) { 5105 /* First LC calibration is performed in urtwn_init(). */ 5106 sc->thcal_lctemp = temp; 5107 } else if (abs(temp - sc->thcal_lctemp) > 1) { 5108 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP, 5109 "%s: LC calib triggered by temp: %u -> %u\n", 5110 __func__, sc->thcal_lctemp, temp); 5111 urtwn_lc_calib(sc); 5112 /* Record temperature of last LC calibration. */ 5113 sc->thcal_lctemp = temp; 5114 } 5115} 5116 5117static int 5118urtwn_init(struct urtwn_softc *sc) 5119{ 5120 struct ieee80211com *ic = &sc->sc_ic; 5121 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5122 uint8_t macaddr[IEEE80211_ADDR_LEN]; 5123 uint32_t reg; 5124 usb_error_t usb_err = USB_ERR_NORMAL_COMPLETION; 5125 int error; 5126 5127 URTWN_LOCK(sc); 5128 if (sc->sc_flags & URTWN_RUNNING) { 5129 URTWN_UNLOCK(sc); 5130 return (0); 5131 } 5132 5133 /* Init firmware commands ring. */ 5134 sc->fwcur = 0; 5135 5136 /* Allocate Tx/Rx buffers. */ 5137 error = urtwn_alloc_rx_list(sc); 5138 if (error != 0) 5139 goto fail; 5140 5141 error = urtwn_alloc_tx_list(sc); 5142 if (error != 0) 5143 goto fail; 5144 5145 /* Power on adapter. */ 5146 error = urtwn_power_on(sc); 5147 if (error != 0) 5148 goto fail; 5149 5150 /* Initialize DMA. */ 5151 error = urtwn_dma_init(sc); 5152 if (error != 0) 5153 goto fail; 5154 5155 /* Set info size in Rx descriptors (in 64-bit words). */ 5156 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4); 5157 5158 /* Init interrupts. */ 5159 if (sc->chip & URTWN_CHIP_88E) { 5160 usb_err = urtwn_write_4(sc, R88E_HISR, 0xffffffff); 5161 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5162 goto fail; 5163 usb_err = urtwn_write_4(sc, R88E_HIMR, R88E_HIMR_CPWM | R88E_HIMR_CPWM2 | 5164 R88E_HIMR_TBDER | R88E_HIMR_PSTIMEOUT); 5165 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5166 goto fail; 5167 usb_err = urtwn_write_4(sc, R88E_HIMRE, R88E_HIMRE_RXFOVW | 5168 R88E_HIMRE_TXFOVW | R88E_HIMRE_RXERR | R88E_HIMRE_TXERR); 5169 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5170 goto fail; 5171 usb_err = urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 5172 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 5173 R92C_USB_SPECIAL_OPTION_INT_BULK_SEL); 5174 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5175 goto fail; 5176 } else { 5177 usb_err = urtwn_write_4(sc, R92C_HISR, 0xffffffff); 5178 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5179 goto fail; 5180 usb_err = urtwn_write_4(sc, R92C_HIMR, 0xffffffff); 5181 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5182 goto fail; 5183 } 5184 5185 /* Set MAC address. */ 5186 IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr); 5187 usb_err = urtwn_write_region_1(sc, R92C_MACID, macaddr, IEEE80211_ADDR_LEN); 5188 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5189 goto fail; 5190 5191 /* Set initial network type. */ 5192 urtwn_set_mode(sc, R92C_MSR_INFRA); 5193 5194 /* Initialize Rx filter. */ 5195 urtwn_rxfilter_init(sc); 5196 5197 /* Set response rate. */ 5198 reg = urtwn_read_4(sc, R92C_RRSR); 5199 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M); 5200 urtwn_write_4(sc, R92C_RRSR, reg); 5201 5202 /* Set short/long retry limits. */ 5203 urtwn_write_2(sc, R92C_RL, 5204 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30)); 5205 5206 /* Initialize EDCA parameters. */ 5207 urtwn_edca_init(sc); 5208 5209 /* Setup rate fallback. */ 5210 if (!(sc->chip & URTWN_CHIP_88E)) { 5211 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000); 5212 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404); 5213 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201); 5214 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605); 5215 } 5216 5217 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL, 5218 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) | 5219 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW); 5220 /* Set ACK timeout. */ 5221 urtwn_write_1(sc, R92C_ACKTO, 0x40); 5222 5223 /* Setup USB aggregation. */ 5224 reg = urtwn_read_4(sc, R92C_TDECTRL); 5225 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6); 5226 urtwn_write_4(sc, R92C_TDECTRL, reg); 5227 urtwn_write_1(sc, R92C_TRXDMA_CTRL, 5228 urtwn_read_1(sc, R92C_TRXDMA_CTRL) | 5229 R92C_TRXDMA_CTRL_RXDMA_AGG_EN); 5230 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48); 5231 if (sc->chip & URTWN_CHIP_88E) 5232 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH + 1, 4); 5233 else { 5234 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4); 5235 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 5236 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 5237 R92C_USB_SPECIAL_OPTION_AGG_EN); 5238 urtwn_write_1(sc, R92C_USB_AGG_TH, 8); 5239 urtwn_write_1(sc, R92C_USB_AGG_TO, 6); 5240 } 5241 5242 /* Initialize beacon parameters. */ 5243 urtwn_write_2(sc, R92C_BCN_CTRL, 0x1010); 5244 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404); 5245 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05); 5246 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02); 5247 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f); 5248 5249 if (!(sc->chip & URTWN_CHIP_88E)) { 5250 /* Setup AMPDU aggregation. */ 5251 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */ 5252 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16); 5253 urtwn_write_2(sc, R92C_MAX_AGGR_NUM, 0x0708); 5254 5255 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff); 5256 } 5257 5258#ifndef URTWN_WITHOUT_UCODE 5259 /* Load 8051 microcode. */ 5260 error = urtwn_load_firmware(sc); 5261 if (error == 0) 5262 sc->sc_flags |= URTWN_FW_LOADED; 5263#endif 5264 5265 /* Initialize MAC/BB/RF blocks. */ 5266 error = urtwn_mac_init(sc); 5267 if (error != 0) { 5268 device_printf(sc->sc_dev, 5269 "%s: error while initializing MAC block\n", __func__); 5270 goto fail; 5271 } 5272 urtwn_bb_init(sc); 5273 urtwn_rf_init(sc); 5274 5275 /* Reinitialize Rx filter (D3845 is not committed yet). */ 5276 urtwn_rxfilter_init(sc); 5277 5278 if (sc->chip & URTWN_CHIP_88E) { 5279 urtwn_write_2(sc, R92C_CR, 5280 urtwn_read_2(sc, R92C_CR) | R92C_CR_MACTXEN | 5281 R92C_CR_MACRXEN); 5282 } 5283 5284 /* Turn CCK and OFDM blocks on. */ 5285 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 5286 reg |= R92C_RFMOD_CCK_EN; 5287 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 5288 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5289 goto fail; 5290 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 5291 reg |= R92C_RFMOD_OFDM_EN; 5292 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 5293 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5294 goto fail; 5295 5296 /* Clear per-station keys table. */ 5297 urtwn_cam_init(sc); 5298 5299 /* Enable decryption / encryption. */ 5300 urtwn_write_2(sc, R92C_SECCFG, 5301 R92C_SECCFG_TXUCKEY_DEF | R92C_SECCFG_RXUCKEY_DEF | 5302 R92C_SECCFG_TXENC_ENA | R92C_SECCFG_RXDEC_ENA | 5303 R92C_SECCFG_TXBCKEY_DEF | R92C_SECCFG_RXBCKEY_DEF); 5304 5305 /* 5306 * Install static keys (if any). 5307 * Must be called after urtwn_cam_init(). 5308 */ 5309 ieee80211_runtask(ic, &sc->cmdq_task); 5310 5311 /* Enable hardware sequence numbering. */ 5312 urtwn_write_1(sc, R92C_HWSEQ_CTRL, R92C_TX_QUEUE_ALL); 5313 5314 /* Enable per-packet TX report. */ 5315 if (sc->chip & URTWN_CHIP_88E) { 5316 urtwn_write_1(sc, R88E_TX_RPT_CTRL, 5317 urtwn_read_1(sc, R88E_TX_RPT_CTRL) | R88E_TX_RPT1_ENA); 5318 } 5319 5320 /* Perform LO and IQ calibrations. */ 5321 urtwn_iq_calib(sc); 5322 /* Perform LC calibration. */ 5323 urtwn_lc_calib(sc); 5324 5325 /* Fix USB interference issue. */ 5326 if (!(sc->chip & URTWN_CHIP_88E)) { 5327 urtwn_write_1(sc, 0xfe40, 0xe0); 5328 urtwn_write_1(sc, 0xfe41, 0x8d); 5329 urtwn_write_1(sc, 0xfe42, 0x80); 5330 5331 urtwn_pa_bias_init(sc); 5332 } 5333 5334 /* Initialize GPIO setting. */ 5335 urtwn_write_1(sc, R92C_GPIO_MUXCFG, 5336 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT); 5337 5338 /* Fix for lower temperature. */ 5339 if (!(sc->chip & URTWN_CHIP_88E)) 5340 urtwn_write_1(sc, 0x15, 0xe9); 5341 5342 usbd_transfer_start(sc->sc_xfer[URTWN_BULK_RX]); 5343 5344 sc->sc_flags |= URTWN_RUNNING; 5345 5346 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 5347fail: 5348 if (usb_err != USB_ERR_NORMAL_COMPLETION) 5349 error = EIO; 5350 5351 URTWN_UNLOCK(sc); 5352 5353 return (error); 5354} 5355 5356static void 5357urtwn_stop(struct urtwn_softc *sc) 5358{ 5359 5360 URTWN_LOCK(sc); 5361 if (!(sc->sc_flags & URTWN_RUNNING)) { 5362 URTWN_UNLOCK(sc); 5363 return; 5364 } 5365 5366 sc->sc_flags &= ~(URTWN_RUNNING | URTWN_FW_LOADED | 5367 URTWN_TEMP_MEASURED); 5368 sc->thcal_lctemp = 0; 5369 callout_stop(&sc->sc_watchdog_ch); 5370 5371 urtwn_abort_xfers(sc); 5372 urtwn_drain_mbufq(sc); 5373 urtwn_power_off(sc); 5374 URTWN_UNLOCK(sc); 5375} 5376 5377static void 5378urtwn_abort_xfers(struct urtwn_softc *sc) 5379{ 5380 int i; 5381 5382 URTWN_ASSERT_LOCKED(sc); 5383 5384 /* abort any pending transfers */ 5385 for (i = 0; i < URTWN_N_TRANSFER; i++) 5386 usbd_transfer_stop(sc->sc_xfer[i]); 5387} 5388 5389static int 5390urtwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 5391 const struct ieee80211_bpf_params *params) 5392{ 5393 struct ieee80211com *ic = ni->ni_ic; 5394 struct urtwn_softc *sc = ic->ic_softc; 5395 struct urtwn_data *bf; 5396 int error; 5397 5398 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n", 5399 __func__, 5400 m); 5401 5402 /* prevent management frames from being sent if we're not ready */ 5403 URTWN_LOCK(sc); 5404 if (!(sc->sc_flags & URTWN_RUNNING)) { 5405 error = ENETDOWN; 5406 goto end; 5407 } 5408 5409 bf = urtwn_getbuf(sc); 5410 if (bf == NULL) { 5411 error = ENOBUFS; 5412 goto end; 5413 } 5414 5415 if (params == NULL) { 5416 /* 5417 * Legacy path; interpret frame contents to decide 5418 * precisely how to send the frame. 5419 */ 5420 error = urtwn_tx_data(sc, ni, m, bf); 5421 } else { 5422 /* 5423 * Caller supplied explicit parameters to use in 5424 * sending the frame. 5425 */ 5426 error = urtwn_tx_raw(sc, ni, m, bf, params); 5427 } 5428 if (error != 0) { 5429 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 5430 goto end; 5431 } 5432 5433 sc->sc_txtimer = 5; 5434 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 5435 5436end: 5437 if (error != 0) 5438 m_freem(m); 5439 5440 URTWN_UNLOCK(sc); 5441 5442 return (error); 5443} 5444 5445static void 5446urtwn_ms_delay(struct urtwn_softc *sc) 5447{ 5448 usb_pause_mtx(&sc->sc_mtx, hz / 1000); 5449} 5450 5451static device_method_t urtwn_methods[] = { 5452 /* Device interface */ 5453 DEVMETHOD(device_probe, urtwn_match), 5454 DEVMETHOD(device_attach, urtwn_attach), 5455 DEVMETHOD(device_detach, urtwn_detach), 5456 5457 DEVMETHOD_END 5458}; 5459 5460static driver_t urtwn_driver = { 5461 "urtwn", 5462 urtwn_methods, 5463 sizeof(struct urtwn_softc) 5464}; 5465 5466static devclass_t urtwn_devclass; 5467 5468DRIVER_MODULE(urtwn, uhub, urtwn_driver, urtwn_devclass, NULL, NULL); 5469MODULE_DEPEND(urtwn, usb, 1, 1, 1); 5470MODULE_DEPEND(urtwn, wlan, 1, 1, 1); 5471#ifndef URTWN_WITHOUT_UCODE 5472MODULE_DEPEND(urtwn, firmware, 1, 1, 1); 5473#endif 5474MODULE_VERSION(urtwn, 1); 5475USB_PNP_HOST_INFO(urtwn_devs); 5476