if_urtwn.c revision 292173
1/* $OpenBSD: if_urtwn.c,v 1.16 2011/02/10 17:26:40 jakemsr Exp $ */ 2 3/*- 4 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2014 Kevin Lo <kevlo@FreeBSD.org> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/cdefs.h> 21__FBSDID("$FreeBSD: head/sys/dev/usb/wlan/if_urtwn.c 292173 2015-12-13 21:43:54Z avos $"); 22 23/* 24 * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188EU/RTL8188RU/RTL8192CU. 25 */ 26 27#include "opt_wlan.h" 28 29#include <sys/param.h> 30#include <sys/sockio.h> 31#include <sys/sysctl.h> 32#include <sys/lock.h> 33#include <sys/mutex.h> 34#include <sys/condvar.h> 35#include <sys/mbuf.h> 36#include <sys/kernel.h> 37#include <sys/socket.h> 38#include <sys/systm.h> 39#include <sys/malloc.h> 40#include <sys/module.h> 41#include <sys/bus.h> 42#include <sys/endian.h> 43#include <sys/linker.h> 44#include <sys/firmware.h> 45#include <sys/kdb.h> 46 47#include <machine/bus.h> 48#include <machine/resource.h> 49#include <sys/rman.h> 50 51#include <net/bpf.h> 52#include <net/if.h> 53#include <net/if_var.h> 54#include <net/if_arp.h> 55#include <net/ethernet.h> 56#include <net/if_dl.h> 57#include <net/if_media.h> 58#include <net/if_types.h> 59 60#include <netinet/in.h> 61#include <netinet/in_systm.h> 62#include <netinet/in_var.h> 63#include <netinet/if_ether.h> 64#include <netinet/ip.h> 65 66#include <net80211/ieee80211_var.h> 67#include <net80211/ieee80211_input.h> 68#include <net80211/ieee80211_regdomain.h> 69#include <net80211/ieee80211_radiotap.h> 70#include <net80211/ieee80211_ratectl.h> 71 72#include <dev/usb/usb.h> 73#include <dev/usb/usbdi.h> 74#include <dev/usb/usb_device.h> 75#include "usbdevs.h" 76 77#define USB_DEBUG_VAR urtwn_debug 78#include <dev/usb/usb_debug.h> 79 80#include <dev/usb/wlan/if_urtwnreg.h> 81#include <dev/usb/wlan/if_urtwnvar.h> 82 83#ifdef USB_DEBUG 84static int urtwn_debug = 0; 85 86SYSCTL_NODE(_hw_usb, OID_AUTO, urtwn, CTLFLAG_RW, 0, "USB urtwn"); 87SYSCTL_INT(_hw_usb_urtwn, OID_AUTO, debug, CTLFLAG_RWTUN, &urtwn_debug, 0, 88 "Debug level"); 89#endif 90 91#define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh) 92 93/* various supported device vendors/products */ 94static const STRUCT_USB_HOST_ID urtwn_devs[] = { 95#define URTWN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 96#define URTWN_RTL8188E_DEV(v,p) \ 97 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, URTWN_RTL8188E) } 98#define URTWN_RTL8188E 1 99 URTWN_DEV(ABOCOM, RTL8188CU_1), 100 URTWN_DEV(ABOCOM, RTL8188CU_2), 101 URTWN_DEV(ABOCOM, RTL8192CU), 102 URTWN_DEV(ASUS, RTL8192CU), 103 URTWN_DEV(ASUS, USBN10NANO), 104 URTWN_DEV(AZUREWAVE, RTL8188CE_1), 105 URTWN_DEV(AZUREWAVE, RTL8188CE_2), 106 URTWN_DEV(AZUREWAVE, RTL8188CU), 107 URTWN_DEV(BELKIN, F7D2102), 108 URTWN_DEV(BELKIN, RTL8188CU), 109 URTWN_DEV(BELKIN, RTL8192CU), 110 URTWN_DEV(CHICONY, RTL8188CUS_1), 111 URTWN_DEV(CHICONY, RTL8188CUS_2), 112 URTWN_DEV(CHICONY, RTL8188CUS_3), 113 URTWN_DEV(CHICONY, RTL8188CUS_4), 114 URTWN_DEV(CHICONY, RTL8188CUS_5), 115 URTWN_DEV(COREGA, RTL8192CU), 116 URTWN_DEV(DLINK, RTL8188CU), 117 URTWN_DEV(DLINK, RTL8192CU_1), 118 URTWN_DEV(DLINK, RTL8192CU_2), 119 URTWN_DEV(DLINK, RTL8192CU_3), 120 URTWN_DEV(DLINK, DWA131B), 121 URTWN_DEV(EDIMAX, EW7811UN), 122 URTWN_DEV(EDIMAX, RTL8192CU), 123 URTWN_DEV(FEIXUN, RTL8188CU), 124 URTWN_DEV(FEIXUN, RTL8192CU), 125 URTWN_DEV(GUILLEMOT, HWNUP150), 126 URTWN_DEV(HAWKING, RTL8192CU), 127 URTWN_DEV(HP3, RTL8188CU), 128 URTWN_DEV(NETGEAR, WNA1000M), 129 URTWN_DEV(NETGEAR, RTL8192CU), 130 URTWN_DEV(NETGEAR4, RTL8188CU), 131 URTWN_DEV(NOVATECH, RTL8188CU), 132 URTWN_DEV(PLANEX2, RTL8188CU_1), 133 URTWN_DEV(PLANEX2, RTL8188CU_2), 134 URTWN_DEV(PLANEX2, RTL8188CU_3), 135 URTWN_DEV(PLANEX2, RTL8188CU_4), 136 URTWN_DEV(PLANEX2, RTL8188CUS), 137 URTWN_DEV(PLANEX2, RTL8192CU), 138 URTWN_DEV(REALTEK, RTL8188CE_0), 139 URTWN_DEV(REALTEK, RTL8188CE_1), 140 URTWN_DEV(REALTEK, RTL8188CTV), 141 URTWN_DEV(REALTEK, RTL8188CU_0), 142 URTWN_DEV(REALTEK, RTL8188CU_1), 143 URTWN_DEV(REALTEK, RTL8188CU_2), 144 URTWN_DEV(REALTEK, RTL8188CU_3), 145 URTWN_DEV(REALTEK, RTL8188CU_COMBO), 146 URTWN_DEV(REALTEK, RTL8188CUS), 147 URTWN_DEV(REALTEK, RTL8188RU_1), 148 URTWN_DEV(REALTEK, RTL8188RU_2), 149 URTWN_DEV(REALTEK, RTL8188RU_3), 150 URTWN_DEV(REALTEK, RTL8191CU), 151 URTWN_DEV(REALTEK, RTL8192CE), 152 URTWN_DEV(REALTEK, RTL8192CU), 153 URTWN_DEV(SITECOMEU, RTL8188CU_1), 154 URTWN_DEV(SITECOMEU, RTL8188CU_2), 155 URTWN_DEV(SITECOMEU, RTL8192CU), 156 URTWN_DEV(TRENDNET, RTL8188CU), 157 URTWN_DEV(TRENDNET, RTL8192CU), 158 URTWN_DEV(ZYXEL, RTL8192CU), 159 /* URTWN_RTL8188E */ 160 URTWN_RTL8188E_DEV(DLINK, DWA123D1), 161 URTWN_RTL8188E_DEV(DLINK, DWA125D1), 162 URTWN_RTL8188E_DEV(ELECOM, WDC150SU2M), 163 URTWN_RTL8188E_DEV(REALTEK, RTL8188ETV), 164 URTWN_RTL8188E_DEV(REALTEK, RTL8188EU), 165#undef URTWN_RTL8188E_DEV 166#undef URTWN_DEV 167}; 168 169static device_probe_t urtwn_match; 170static device_attach_t urtwn_attach; 171static device_detach_t urtwn_detach; 172 173static usb_callback_t urtwn_bulk_tx_callback; 174static usb_callback_t urtwn_bulk_rx_callback; 175 176static void urtwn_drain_mbufq(struct urtwn_softc *sc); 177static usb_error_t urtwn_do_request(struct urtwn_softc *, 178 struct usb_device_request *, void *); 179static struct ieee80211vap *urtwn_vap_create(struct ieee80211com *, 180 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 181 const uint8_t [IEEE80211_ADDR_LEN], 182 const uint8_t [IEEE80211_ADDR_LEN]); 183static void urtwn_vap_delete(struct ieee80211vap *); 184static struct mbuf * urtwn_rx_frame(struct urtwn_softc *, uint8_t *, int, 185 int *); 186static struct mbuf * urtwn_report_intr(struct usb_xfer *, struct urtwn_data *, 187 int *, int8_t *); 188static struct mbuf * urtwn_rxeof(struct urtwn_softc *, uint8_t *, int, 189 int *, int8_t *); 190static void urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *, 191 void *); 192static void urtwn_txeof(struct urtwn_softc *, struct urtwn_data *, 193 int); 194static int urtwn_alloc_list(struct urtwn_softc *, 195 struct urtwn_data[], int, int); 196static int urtwn_alloc_rx_list(struct urtwn_softc *); 197static int urtwn_alloc_tx_list(struct urtwn_softc *); 198static void urtwn_free_list(struct urtwn_softc *, 199 struct urtwn_data data[], int); 200static void urtwn_free_rx_list(struct urtwn_softc *); 201static void urtwn_free_tx_list(struct urtwn_softc *); 202static struct urtwn_data * _urtwn_getbuf(struct urtwn_softc *); 203static struct urtwn_data * urtwn_getbuf(struct urtwn_softc *); 204static usb_error_t urtwn_write_region_1(struct urtwn_softc *, uint16_t, 205 uint8_t *, int); 206static usb_error_t urtwn_write_1(struct urtwn_softc *, uint16_t, uint8_t); 207static usb_error_t urtwn_write_2(struct urtwn_softc *, uint16_t, uint16_t); 208static usb_error_t urtwn_write_4(struct urtwn_softc *, uint16_t, uint32_t); 209static usb_error_t urtwn_read_region_1(struct urtwn_softc *, uint16_t, 210 uint8_t *, int); 211static uint8_t urtwn_read_1(struct urtwn_softc *, uint16_t); 212static uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t); 213static uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t); 214static int urtwn_fw_cmd(struct urtwn_softc *, uint8_t, 215 const void *, int); 216static void urtwn_r92c_rf_write(struct urtwn_softc *, int, 217 uint8_t, uint32_t); 218static void urtwn_r88e_rf_write(struct urtwn_softc *, int, 219 uint8_t, uint32_t); 220static uint32_t urtwn_rf_read(struct urtwn_softc *, int, uint8_t); 221static int urtwn_llt_write(struct urtwn_softc *, uint32_t, 222 uint32_t); 223static int urtwn_efuse_read_next(struct urtwn_softc *, uint8_t *); 224static int urtwn_efuse_read_data(struct urtwn_softc *, uint8_t *, 225 uint8_t, uint8_t); 226#ifdef URTWN_DEBUG 227static void urtwn_dump_rom_contents(struct urtwn_softc *, 228 uint8_t *, uint16_t); 229#endif 230static int urtwn_efuse_read(struct urtwn_softc *, uint8_t *, 231 uint16_t); 232static int urtwn_efuse_switch_power(struct urtwn_softc *); 233static int urtwn_read_chipid(struct urtwn_softc *); 234static int urtwn_read_rom(struct urtwn_softc *); 235static int urtwn_r88e_read_rom(struct urtwn_softc *); 236static int urtwn_ra_init(struct urtwn_softc *); 237static void urtwn_init_beacon(struct urtwn_softc *, 238 struct urtwn_vap *); 239static int urtwn_setup_beacon(struct urtwn_softc *, 240 struct ieee80211_node *); 241static void urtwn_update_beacon(struct ieee80211vap *, int); 242static int urtwn_tx_beacon(struct urtwn_softc *sc, 243 struct urtwn_vap *); 244static void urtwn_tsf_task_adhoc(void *, int); 245static void urtwn_tsf_sync_enable(struct urtwn_softc *, 246 struct ieee80211vap *); 247static void urtwn_set_led(struct urtwn_softc *, int, int); 248static void urtwn_set_mode(struct urtwn_softc *, uint8_t); 249static void urtwn_ibss_recv_mgmt(struct ieee80211_node *, 250 struct mbuf *, int, 251 const struct ieee80211_rx_stats *, int, int); 252static int urtwn_newstate(struct ieee80211vap *, 253 enum ieee80211_state, int); 254static void urtwn_watchdog(void *); 255static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t); 256static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *); 257static int8_t urtwn_r88e_get_rssi(struct urtwn_softc *, int, void *); 258static int urtwn_tx_data(struct urtwn_softc *, 259 struct ieee80211_node *, struct mbuf *, 260 struct urtwn_data *); 261static void urtwn_tx_start(struct urtwn_softc *, struct mbuf *, 262 uint8_t, struct urtwn_data *); 263static int urtwn_transmit(struct ieee80211com *, struct mbuf *); 264static void urtwn_start(struct urtwn_softc *); 265static void urtwn_parent(struct ieee80211com *); 266static int urtwn_r92c_power_on(struct urtwn_softc *); 267static int urtwn_r88e_power_on(struct urtwn_softc *); 268static int urtwn_llt_init(struct urtwn_softc *); 269static void urtwn_fw_reset(struct urtwn_softc *); 270static void urtwn_r88e_fw_reset(struct urtwn_softc *); 271static int urtwn_fw_loadpage(struct urtwn_softc *, int, 272 const uint8_t *, int); 273static int urtwn_load_firmware(struct urtwn_softc *); 274static int urtwn_dma_init(struct urtwn_softc *); 275static int urtwn_mac_init(struct urtwn_softc *); 276static void urtwn_bb_init(struct urtwn_softc *); 277static void urtwn_rf_init(struct urtwn_softc *); 278static void urtwn_cam_init(struct urtwn_softc *); 279static void urtwn_pa_bias_init(struct urtwn_softc *); 280static void urtwn_rxfilter_init(struct urtwn_softc *); 281static void urtwn_edca_init(struct urtwn_softc *); 282static void urtwn_write_txpower(struct urtwn_softc *, int, 283 uint16_t[]); 284static void urtwn_get_txpower(struct urtwn_softc *, int, 285 struct ieee80211_channel *, 286 struct ieee80211_channel *, uint16_t[]); 287static void urtwn_r88e_get_txpower(struct urtwn_softc *, int, 288 struct ieee80211_channel *, 289 struct ieee80211_channel *, uint16_t[]); 290static void urtwn_set_txpower(struct urtwn_softc *, 291 struct ieee80211_channel *, 292 struct ieee80211_channel *); 293static void urtwn_set_rx_bssid_all(struct urtwn_softc *, int); 294static void urtwn_set_gain(struct urtwn_softc *, uint8_t); 295static void urtwn_scan_start(struct ieee80211com *); 296static void urtwn_scan_end(struct ieee80211com *); 297static void urtwn_set_channel(struct ieee80211com *); 298static int urtwn_wme_update(struct ieee80211com *); 299static void urtwn_set_promisc(struct urtwn_softc *); 300static void urtwn_update_promisc(struct ieee80211com *); 301static void urtwn_update_mcast(struct ieee80211com *); 302static struct ieee80211_node *urtwn_r88e_node_alloc(struct ieee80211vap *, 303 const uint8_t mac[IEEE80211_ADDR_LEN]); 304static void urtwn_r88e_newassoc(struct ieee80211_node *, int); 305static void urtwn_r88e_node_free(struct ieee80211_node *); 306static void urtwn_set_chan(struct urtwn_softc *, 307 struct ieee80211_channel *, 308 struct ieee80211_channel *); 309static void urtwn_iq_calib(struct urtwn_softc *); 310static void urtwn_lc_calib(struct urtwn_softc *); 311static int urtwn_init(struct urtwn_softc *); 312static void urtwn_stop(struct urtwn_softc *); 313static void urtwn_abort_xfers(struct urtwn_softc *); 314static int urtwn_raw_xmit(struct ieee80211_node *, struct mbuf *, 315 const struct ieee80211_bpf_params *); 316static void urtwn_ms_delay(struct urtwn_softc *); 317 318/* Aliases. */ 319#define urtwn_bb_write urtwn_write_4 320#define urtwn_bb_read urtwn_read_4 321 322static const struct usb_config urtwn_config[URTWN_N_TRANSFER] = { 323 [URTWN_BULK_RX] = { 324 .type = UE_BULK, 325 .endpoint = UE_ADDR_ANY, 326 .direction = UE_DIR_IN, 327 .bufsize = URTWN_RXBUFSZ, 328 .flags = { 329 .pipe_bof = 1, 330 .short_xfer_ok = 1 331 }, 332 .callback = urtwn_bulk_rx_callback, 333 }, 334 [URTWN_BULK_TX_BE] = { 335 .type = UE_BULK, 336 .endpoint = 0x03, 337 .direction = UE_DIR_OUT, 338 .bufsize = URTWN_TXBUFSZ, 339 .flags = { 340 .ext_buffer = 1, 341 .pipe_bof = 1, 342 .force_short_xfer = 1 343 }, 344 .callback = urtwn_bulk_tx_callback, 345 .timeout = URTWN_TX_TIMEOUT, /* ms */ 346 }, 347 [URTWN_BULK_TX_BK] = { 348 .type = UE_BULK, 349 .endpoint = 0x03, 350 .direction = UE_DIR_OUT, 351 .bufsize = URTWN_TXBUFSZ, 352 .flags = { 353 .ext_buffer = 1, 354 .pipe_bof = 1, 355 .force_short_xfer = 1, 356 }, 357 .callback = urtwn_bulk_tx_callback, 358 .timeout = URTWN_TX_TIMEOUT, /* ms */ 359 }, 360 [URTWN_BULK_TX_VI] = { 361 .type = UE_BULK, 362 .endpoint = 0x02, 363 .direction = UE_DIR_OUT, 364 .bufsize = URTWN_TXBUFSZ, 365 .flags = { 366 .ext_buffer = 1, 367 .pipe_bof = 1, 368 .force_short_xfer = 1 369 }, 370 .callback = urtwn_bulk_tx_callback, 371 .timeout = URTWN_TX_TIMEOUT, /* ms */ 372 }, 373 [URTWN_BULK_TX_VO] = { 374 .type = UE_BULK, 375 .endpoint = 0x02, 376 .direction = UE_DIR_OUT, 377 .bufsize = URTWN_TXBUFSZ, 378 .flags = { 379 .ext_buffer = 1, 380 .pipe_bof = 1, 381 .force_short_xfer = 1 382 }, 383 .callback = urtwn_bulk_tx_callback, 384 .timeout = URTWN_TX_TIMEOUT, /* ms */ 385 }, 386}; 387 388static const struct wme_to_queue { 389 uint16_t reg; 390 uint8_t qid; 391} wme2queue[WME_NUM_AC] = { 392 { R92C_EDCA_BE_PARAM, URTWN_BULK_TX_BE}, 393 { R92C_EDCA_BK_PARAM, URTWN_BULK_TX_BK}, 394 { R92C_EDCA_VI_PARAM, URTWN_BULK_TX_VI}, 395 { R92C_EDCA_VO_PARAM, URTWN_BULK_TX_VO} 396}; 397 398static int 399urtwn_match(device_t self) 400{ 401 struct usb_attach_arg *uaa = device_get_ivars(self); 402 403 if (uaa->usb_mode != USB_MODE_HOST) 404 return (ENXIO); 405 if (uaa->info.bConfigIndex != URTWN_CONFIG_INDEX) 406 return (ENXIO); 407 if (uaa->info.bIfaceIndex != URTWN_IFACE_INDEX) 408 return (ENXIO); 409 410 return (usbd_lookup_id_by_uaa(urtwn_devs, sizeof(urtwn_devs), uaa)); 411} 412 413static int 414urtwn_attach(device_t self) 415{ 416 struct usb_attach_arg *uaa = device_get_ivars(self); 417 struct urtwn_softc *sc = device_get_softc(self); 418 struct ieee80211com *ic = &sc->sc_ic; 419 uint8_t bands; 420 int error; 421 422 device_set_usb_desc(self); 423 sc->sc_udev = uaa->device; 424 sc->sc_dev = self; 425 if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E) 426 sc->chip |= URTWN_CHIP_88E; 427 428 mtx_init(&sc->sc_mtx, device_get_nameunit(self), 429 MTX_NETWORK_LOCK, MTX_DEF); 430 URTWN_NT_LOCK_INIT(sc); 431 callout_init(&sc->sc_watchdog_ch, 0); 432 mbufq_init(&sc->sc_snd, ifqmaxlen); 433 434 sc->sc_iface_index = URTWN_IFACE_INDEX; 435 error = usbd_transfer_setup(uaa->device, &sc->sc_iface_index, 436 sc->sc_xfer, urtwn_config, URTWN_N_TRANSFER, sc, &sc->sc_mtx); 437 if (error) { 438 device_printf(self, "could not allocate USB transfers, " 439 "err=%s\n", usbd_errstr(error)); 440 goto detach; 441 } 442 443 URTWN_LOCK(sc); 444 445 error = urtwn_read_chipid(sc); 446 if (error) { 447 device_printf(sc->sc_dev, "unsupported test chip\n"); 448 URTWN_UNLOCK(sc); 449 goto detach; 450 } 451 452 /* Determine number of Tx/Rx chains. */ 453 if (sc->chip & URTWN_CHIP_92C) { 454 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2; 455 sc->nrxchains = 2; 456 } else { 457 sc->ntxchains = 1; 458 sc->nrxchains = 1; 459 } 460 461 if (sc->chip & URTWN_CHIP_88E) 462 error = urtwn_r88e_read_rom(sc); 463 else 464 error = urtwn_read_rom(sc); 465 if (error != 0) { 466 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n", 467 __func__, error); 468 URTWN_UNLOCK(sc); 469 goto detach; 470 } 471 472 device_printf(sc->sc_dev, "MAC/BB RTL%s, RF 6052 %dT%dR\n", 473 (sc->chip & URTWN_CHIP_92C) ? "8192CU" : 474 (sc->chip & URTWN_CHIP_88E) ? "8188EU" : 475 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" : 476 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" : 477 "8188CUS", sc->ntxchains, sc->nrxchains); 478 479 URTWN_UNLOCK(sc); 480 481 ic->ic_softc = sc; 482 ic->ic_name = device_get_nameunit(self); 483 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 484 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 485 486 /* set device capabilities */ 487 ic->ic_caps = 488 IEEE80211_C_STA /* station mode */ 489 | IEEE80211_C_MONITOR /* monitor mode */ 490 | IEEE80211_C_IBSS /* adhoc mode */ 491 | IEEE80211_C_HOSTAP /* hostap mode */ 492 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 493 | IEEE80211_C_SHSLOT /* short slot time supported */ 494 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 495 | IEEE80211_C_WPA /* 802.11i */ 496 | IEEE80211_C_WME /* 802.11e */ 497 ; 498 499 bands = 0; 500 setbit(&bands, IEEE80211_MODE_11B); 501 setbit(&bands, IEEE80211_MODE_11G); 502 ieee80211_init_channels(ic, NULL, &bands); 503 504 ieee80211_ifattach(ic); 505 ic->ic_raw_xmit = urtwn_raw_xmit; 506 ic->ic_scan_start = urtwn_scan_start; 507 ic->ic_scan_end = urtwn_scan_end; 508 ic->ic_set_channel = urtwn_set_channel; 509 ic->ic_transmit = urtwn_transmit; 510 ic->ic_parent = urtwn_parent; 511 ic->ic_vap_create = urtwn_vap_create; 512 ic->ic_vap_delete = urtwn_vap_delete; 513 ic->ic_wme.wme_update = urtwn_wme_update; 514 ic->ic_update_promisc = urtwn_update_promisc; 515 ic->ic_update_mcast = urtwn_update_mcast; 516 if (sc->chip & URTWN_CHIP_88E) { 517 ic->ic_node_alloc = urtwn_r88e_node_alloc; 518 ic->ic_newassoc = urtwn_r88e_newassoc; 519 sc->sc_node_free = ic->ic_node_free; 520 ic->ic_node_free = urtwn_r88e_node_free; 521 } 522 523 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr, 524 sizeof(sc->sc_txtap), URTWN_TX_RADIOTAP_PRESENT, 525 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 526 URTWN_RX_RADIOTAP_PRESENT); 527 528 if (bootverbose) 529 ieee80211_announce(ic); 530 531 return (0); 532 533detach: 534 urtwn_detach(self); 535 return (ENXIO); /* failure */ 536} 537 538static int 539urtwn_detach(device_t self) 540{ 541 struct urtwn_softc *sc = device_get_softc(self); 542 struct ieee80211com *ic = &sc->sc_ic; 543 unsigned int x; 544 545 /* Prevent further ioctls. */ 546 URTWN_LOCK(sc); 547 sc->sc_flags |= URTWN_DETACHED; 548 URTWN_UNLOCK(sc); 549 550 urtwn_stop(sc); 551 552 callout_drain(&sc->sc_watchdog_ch); 553 554 /* stop all USB transfers */ 555 usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER); 556 557 /* Prevent further allocations from RX/TX data lists. */ 558 URTWN_LOCK(sc); 559 STAILQ_INIT(&sc->sc_tx_active); 560 STAILQ_INIT(&sc->sc_tx_inactive); 561 STAILQ_INIT(&sc->sc_tx_pending); 562 563 STAILQ_INIT(&sc->sc_rx_active); 564 STAILQ_INIT(&sc->sc_rx_inactive); 565 URTWN_UNLOCK(sc); 566 567 /* drain USB transfers */ 568 for (x = 0; x != URTWN_N_TRANSFER; x++) 569 usbd_transfer_drain(sc->sc_xfer[x]); 570 571 /* Free data buffers. */ 572 URTWN_LOCK(sc); 573 urtwn_free_tx_list(sc); 574 urtwn_free_rx_list(sc); 575 URTWN_UNLOCK(sc); 576 577 ieee80211_ifdetach(ic); 578 URTWN_NT_LOCK_DESTROY(sc); 579 mtx_destroy(&sc->sc_mtx); 580 581 return (0); 582} 583 584static void 585urtwn_drain_mbufq(struct urtwn_softc *sc) 586{ 587 struct mbuf *m; 588 struct ieee80211_node *ni; 589 URTWN_ASSERT_LOCKED(sc); 590 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 591 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 592 m->m_pkthdr.rcvif = NULL; 593 ieee80211_free_node(ni); 594 m_freem(m); 595 } 596} 597 598static usb_error_t 599urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req, 600 void *data) 601{ 602 usb_error_t err; 603 int ntries = 10; 604 605 URTWN_ASSERT_LOCKED(sc); 606 607 while (ntries--) { 608 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 609 req, data, 0, NULL, 250 /* ms */); 610 if (err == 0) 611 break; 612 613 DPRINTFN(1, "Control request failed, %s (retrying)\n", 614 usbd_errstr(err)); 615 usb_pause_mtx(&sc->sc_mtx, hz / 100); 616 } 617 return (err); 618} 619 620static struct ieee80211vap * 621urtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 622 enum ieee80211_opmode opmode, int flags, 623 const uint8_t bssid[IEEE80211_ADDR_LEN], 624 const uint8_t mac[IEEE80211_ADDR_LEN]) 625{ 626 struct urtwn_softc *sc = ic->ic_softc; 627 struct urtwn_vap *uvp; 628 struct ieee80211vap *vap; 629 630 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 631 return (NULL); 632 633 uvp = malloc(sizeof(struct urtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO); 634 vap = &uvp->vap; 635 /* enable s/w bmiss handling for sta mode */ 636 637 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 638 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) { 639 /* out of memory */ 640 free(uvp, M_80211_VAP); 641 return (NULL); 642 } 643 644 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS) 645 urtwn_init_beacon(sc, uvp); 646 647 /* override state transition machine */ 648 uvp->newstate = vap->iv_newstate; 649 vap->iv_newstate = urtwn_newstate; 650 vap->iv_update_beacon = urtwn_update_beacon; 651 if (opmode == IEEE80211_M_IBSS) { 652 uvp->recv_mgmt = vap->iv_recv_mgmt; 653 vap->iv_recv_mgmt = urtwn_ibss_recv_mgmt; 654 TASK_INIT(&uvp->tsf_task_adhoc, 0, urtwn_tsf_task_adhoc, vap); 655 } 656 657 if (URTWN_CHIP_HAS_RATECTL(sc)) 658 ieee80211_ratectl_init(vap); 659 /* complete setup */ 660 ieee80211_vap_attach(vap, ieee80211_media_change, 661 ieee80211_media_status, mac); 662 ic->ic_opmode = opmode; 663 return (vap); 664} 665 666static void 667urtwn_vap_delete(struct ieee80211vap *vap) 668{ 669 struct ieee80211com *ic = vap->iv_ic; 670 struct urtwn_softc *sc = ic->ic_softc; 671 struct urtwn_vap *uvp = URTWN_VAP(vap); 672 673 if (uvp->bcn_mbuf != NULL) 674 m_freem(uvp->bcn_mbuf); 675 if (vap->iv_opmode == IEEE80211_M_IBSS) 676 ieee80211_draintask(ic, &uvp->tsf_task_adhoc); 677 if (URTWN_CHIP_HAS_RATECTL(sc)) 678 ieee80211_ratectl_deinit(vap); 679 ieee80211_vap_detach(vap); 680 free(uvp, M_80211_VAP); 681} 682 683static struct mbuf * 684urtwn_rx_frame(struct urtwn_softc *sc, uint8_t *buf, int pktlen, int *rssi_p) 685{ 686 struct ieee80211com *ic = &sc->sc_ic; 687 struct ieee80211_frame *wh; 688 struct mbuf *m; 689 struct r92c_rx_stat *stat; 690 uint32_t rxdw0, rxdw3; 691 uint8_t rate; 692 int8_t rssi = 0; 693 int infosz; 694 695 /* 696 * don't pass packets to the ieee80211 framework if the driver isn't 697 * RUNNING. 698 */ 699 if (!(sc->sc_flags & URTWN_RUNNING)) 700 return (NULL); 701 702 stat = (struct r92c_rx_stat *)buf; 703 rxdw0 = le32toh(stat->rxdw0); 704 rxdw3 = le32toh(stat->rxdw3); 705 706 if (rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR)) { 707 /* 708 * This should not happen since we setup our Rx filter 709 * to not receive these frames. 710 */ 711 counter_u64_add(ic->ic_ierrors, 1); 712 return (NULL); 713 } 714 if (pktlen < sizeof(struct ieee80211_frame_ack) || 715 pktlen > MCLBYTES) { 716 counter_u64_add(ic->ic_ierrors, 1); 717 return (NULL); 718 } 719 720 rate = MS(rxdw3, R92C_RXDW3_RATE); 721 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 722 723 /* Get RSSI from PHY status descriptor if present. */ 724 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) { 725 if (sc->chip & URTWN_CHIP_88E) 726 rssi = urtwn_r88e_get_rssi(sc, rate, &stat[1]); 727 else 728 rssi = urtwn_get_rssi(sc, rate, &stat[1]); 729 /* Update our average RSSI. */ 730 urtwn_update_avgrssi(sc, rate, rssi); 731 } 732 733 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 734 if (m == NULL) { 735 device_printf(sc->sc_dev, "could not create RX mbuf\n"); 736 return (NULL); 737 } 738 739 /* Finalize mbuf. */ 740 wh = (struct ieee80211_frame *)((uint8_t *)&stat[1] + infosz); 741 memcpy(mtod(m, uint8_t *), wh, pktlen); 742 m->m_pkthdr.len = m->m_len = pktlen; 743 744 if (ieee80211_radiotap_active(ic)) { 745 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap; 746 747 tap->wr_flags = 0; 748 /* Map HW rate index to 802.11 rate. */ 749 if (!(rxdw3 & R92C_RXDW3_HT)) { 750 tap->wr_rate = ridx2rate[rate]; 751 } else if (rate >= 12) { /* MCS0~15. */ 752 /* Bit 7 set means HT MCS instead of rate. */ 753 tap->wr_rate = 0x80 | (rate - 12); 754 } 755 tap->wr_dbm_antsignal = rssi; 756 tap->wr_dbm_antnoise = URTWN_NOISE_FLOOR; 757 } 758 759 *rssi_p = rssi; 760 761 return (m); 762} 763 764static struct mbuf * 765urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data, int *rssi, 766 int8_t *nf) 767{ 768 struct urtwn_softc *sc = data->sc; 769 struct ieee80211com *ic = &sc->sc_ic; 770 struct r92c_rx_stat *stat; 771 uint8_t *buf; 772 int len; 773 774 usbd_xfer_status(xfer, &len, NULL, NULL, NULL); 775 776 if (len < sizeof(*stat)) { 777 counter_u64_add(ic->ic_ierrors, 1); 778 return (NULL); 779 } 780 781 buf = data->buf; 782 stat = (struct r92c_rx_stat *)buf; 783 784 if (sc->chip & URTWN_CHIP_88E) { 785 int report_sel = MS(le32toh(stat->rxdw3), R88E_RXDW3_RPT); 786 787 switch (report_sel) { 788 case R88E_RXDW3_RPT_RX: 789 return (urtwn_rxeof(sc, buf, len, rssi, nf)); 790 case R88E_RXDW3_RPT_TX1: 791 urtwn_r88e_ratectl_tx_complete(sc, &stat[1]); 792 break; 793 default: 794 DPRINTFN(7, "case %d was not handled\n", report_sel); 795 break; 796 } 797 } else 798 return (urtwn_rxeof(sc, buf, len, rssi, nf)); 799 800 return (NULL); 801} 802 803static struct mbuf * 804urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len, int *rssi, 805 int8_t *nf) 806{ 807 struct r92c_rx_stat *stat; 808 struct mbuf *m, *m0 = NULL, *prevm = NULL; 809 uint32_t rxdw0; 810 int totlen, pktlen, infosz, npkts; 811 812 /* Get the number of encapsulated frames. */ 813 stat = (struct r92c_rx_stat *)buf; 814 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT); 815 DPRINTFN(6, "Rx %d frames in one chunk\n", npkts); 816 817 /* Process all of them. */ 818 while (npkts-- > 0) { 819 if (len < sizeof(*stat)) 820 break; 821 stat = (struct r92c_rx_stat *)buf; 822 rxdw0 = le32toh(stat->rxdw0); 823 824 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 825 if (pktlen == 0) 826 break; 827 828 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 829 830 /* Make sure everything fits in xfer. */ 831 totlen = sizeof(*stat) + infosz + pktlen; 832 if (totlen > len) 833 break; 834 835 m = urtwn_rx_frame(sc, buf, pktlen, rssi); 836 if (m0 == NULL) 837 m0 = m; 838 if (prevm == NULL) 839 prevm = m; 840 else { 841 prevm->m_next = m; 842 prevm = m; 843 } 844 845 /* Next chunk is 128-byte aligned. */ 846 totlen = (totlen + 127) & ~127; 847 buf += totlen; 848 len -= totlen; 849 } 850 851 return (m0); 852} 853 854static void 855urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg) 856{ 857 struct r88e_tx_rpt_ccx *rpt = arg; 858 struct ieee80211vap *vap; 859 struct ieee80211_node *ni; 860 uint8_t macid; 861 int ntries; 862 863 macid = MS(rpt->rptb1, R88E_RPTB1_MACID); 864 ntries = MS(rpt->rptb2, R88E_RPTB2_RETRY_CNT); 865 866 URTWN_NT_LOCK(sc); 867 ni = sc->node_list[macid]; 868 if (ni != NULL) { 869 vap = ni->ni_vap; 870 871 if (rpt->rptb1 & R88E_RPTB1_PKT_OK) { 872 ieee80211_ratectl_tx_complete(vap, ni, 873 IEEE80211_RATECTL_TX_SUCCESS, &ntries, NULL); 874 } else { 875 ieee80211_ratectl_tx_complete(vap, ni, 876 IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL); 877 } 878 } else 879 DPRINTFN(8, "macid %d, ni is NULL\n", macid); 880 URTWN_NT_UNLOCK(sc); 881} 882 883static void 884urtwn_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 885{ 886 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 887 struct ieee80211com *ic = &sc->sc_ic; 888 struct ieee80211_frame_min *wh; 889 struct ieee80211_node *ni; 890 struct mbuf *m = NULL, *next; 891 struct urtwn_data *data; 892 int8_t nf; 893 int rssi = 1; 894 895 URTWN_ASSERT_LOCKED(sc); 896 897 switch (USB_GET_STATE(xfer)) { 898 case USB_ST_TRANSFERRED: 899 data = STAILQ_FIRST(&sc->sc_rx_active); 900 if (data == NULL) 901 goto tr_setup; 902 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 903 m = urtwn_report_intr(xfer, data, &rssi, &nf); 904 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 905 /* FALLTHROUGH */ 906 case USB_ST_SETUP: 907tr_setup: 908 data = STAILQ_FIRST(&sc->sc_rx_inactive); 909 if (data == NULL) { 910 KASSERT(m == NULL, ("mbuf isn't NULL")); 911 return; 912 } 913 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 914 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 915 usbd_xfer_set_frame_data(xfer, 0, data->buf, 916 usbd_xfer_max_len(xfer)); 917 usbd_transfer_submit(xfer); 918 919 /* 920 * To avoid LOR we should unlock our private mutex here to call 921 * ieee80211_input() because here is at the end of a USB 922 * callback and safe to unlock. 923 */ 924 URTWN_UNLOCK(sc); 925 while (m != NULL) { 926 next = m->m_next; 927 m->m_next = NULL; 928 wh = mtod(m, struct ieee80211_frame_min *); 929 if (m->m_len >= sizeof(*wh)) 930 ni = ieee80211_find_rxnode(ic, wh); 931 else 932 ni = NULL; 933 nf = URTWN_NOISE_FLOOR; 934 if (ni != NULL) { 935 (void)ieee80211_input(ni, m, rssi - nf, nf); 936 ieee80211_free_node(ni); 937 } else { 938 (void)ieee80211_input_all(ic, m, rssi - nf, 939 nf); 940 } 941 m = next; 942 } 943 URTWN_LOCK(sc); 944 break; 945 default: 946 /* needs it to the inactive queue due to a error. */ 947 data = STAILQ_FIRST(&sc->sc_rx_active); 948 if (data != NULL) { 949 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 950 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 951 } 952 if (error != USB_ERR_CANCELLED) { 953 usbd_xfer_set_stall(xfer); 954 counter_u64_add(ic->ic_ierrors, 1); 955 goto tr_setup; 956 } 957 break; 958 } 959} 960 961static void 962urtwn_txeof(struct urtwn_softc *sc, struct urtwn_data *data, int status) 963{ 964 965 URTWN_ASSERT_LOCKED(sc); 966 967 if (data->ni != NULL) /* not a beacon frame */ 968 ieee80211_tx_complete(data->ni, data->m, status); 969 970 data->ni = NULL; 971 data->m = NULL; 972 973 sc->sc_txtimer = 0; 974 975 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 976} 977 978static int 979urtwn_alloc_list(struct urtwn_softc *sc, struct urtwn_data data[], 980 int ndata, int maxsz) 981{ 982 int i, error; 983 984 for (i = 0; i < ndata; i++) { 985 struct urtwn_data *dp = &data[i]; 986 dp->sc = sc; 987 dp->m = NULL; 988 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT); 989 if (dp->buf == NULL) { 990 device_printf(sc->sc_dev, 991 "could not allocate buffer\n"); 992 error = ENOMEM; 993 goto fail; 994 } 995 dp->ni = NULL; 996 } 997 998 return (0); 999fail: 1000 urtwn_free_list(sc, data, ndata); 1001 return (error); 1002} 1003 1004static int 1005urtwn_alloc_rx_list(struct urtwn_softc *sc) 1006{ 1007 int error, i; 1008 1009 error = urtwn_alloc_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT, 1010 URTWN_RXBUFSZ); 1011 if (error != 0) 1012 return (error); 1013 1014 STAILQ_INIT(&sc->sc_rx_active); 1015 STAILQ_INIT(&sc->sc_rx_inactive); 1016 1017 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) 1018 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next); 1019 1020 return (0); 1021} 1022 1023static int 1024urtwn_alloc_tx_list(struct urtwn_softc *sc) 1025{ 1026 int error, i; 1027 1028 error = urtwn_alloc_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT, 1029 URTWN_TXBUFSZ); 1030 if (error != 0) 1031 return (error); 1032 1033 STAILQ_INIT(&sc->sc_tx_active); 1034 STAILQ_INIT(&sc->sc_tx_inactive); 1035 STAILQ_INIT(&sc->sc_tx_pending); 1036 1037 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) 1038 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next); 1039 1040 return (0); 1041} 1042 1043static void 1044urtwn_free_list(struct urtwn_softc *sc, struct urtwn_data data[], int ndata) 1045{ 1046 int i; 1047 1048 for (i = 0; i < ndata; i++) { 1049 struct urtwn_data *dp = &data[i]; 1050 1051 if (dp->buf != NULL) { 1052 free(dp->buf, M_USBDEV); 1053 dp->buf = NULL; 1054 } 1055 if (dp->ni != NULL) { 1056 ieee80211_free_node(dp->ni); 1057 dp->ni = NULL; 1058 } 1059 } 1060} 1061 1062static void 1063urtwn_free_rx_list(struct urtwn_softc *sc) 1064{ 1065 urtwn_free_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT); 1066} 1067 1068static void 1069urtwn_free_tx_list(struct urtwn_softc *sc) 1070{ 1071 urtwn_free_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT); 1072} 1073 1074static void 1075urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) 1076{ 1077 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 1078 struct urtwn_data *data; 1079 1080 URTWN_ASSERT_LOCKED(sc); 1081 1082 switch (USB_GET_STATE(xfer)){ 1083 case USB_ST_TRANSFERRED: 1084 data = STAILQ_FIRST(&sc->sc_tx_active); 1085 if (data == NULL) 1086 goto tr_setup; 1087 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1088 urtwn_txeof(sc, data, 0); 1089 /* FALLTHROUGH */ 1090 case USB_ST_SETUP: 1091tr_setup: 1092 data = STAILQ_FIRST(&sc->sc_tx_pending); 1093 if (data == NULL) { 1094 DPRINTF("%s: empty pending queue\n", __func__); 1095 goto finish; 1096 } 1097 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); 1098 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next); 1099 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 1100 usbd_transfer_submit(xfer); 1101 break; 1102 default: 1103 data = STAILQ_FIRST(&sc->sc_tx_active); 1104 if (data == NULL) 1105 goto tr_setup; 1106 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1107 urtwn_txeof(sc, data, 1); 1108 if (error != USB_ERR_CANCELLED) { 1109 usbd_xfer_set_stall(xfer); 1110 goto tr_setup; 1111 } 1112 break; 1113 } 1114finish: 1115 /* Kick-start more transmit */ 1116 urtwn_start(sc); 1117} 1118 1119static struct urtwn_data * 1120_urtwn_getbuf(struct urtwn_softc *sc) 1121{ 1122 struct urtwn_data *bf; 1123 1124 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 1125 if (bf != NULL) 1126 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 1127 else 1128 DPRINTF("%s: %s\n", __func__, "out of xmit buffers"); 1129 return (bf); 1130} 1131 1132static struct urtwn_data * 1133urtwn_getbuf(struct urtwn_softc *sc) 1134{ 1135 struct urtwn_data *bf; 1136 1137 URTWN_ASSERT_LOCKED(sc); 1138 1139 bf = _urtwn_getbuf(sc); 1140 if (bf == NULL) 1141 DPRINTF("%s: stop queue\n", __func__); 1142 return (bf); 1143} 1144 1145static usb_error_t 1146urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1147 int len) 1148{ 1149 usb_device_request_t req; 1150 1151 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1152 req.bRequest = R92C_REQ_REGS; 1153 USETW(req.wValue, addr); 1154 USETW(req.wIndex, 0); 1155 USETW(req.wLength, len); 1156 return (urtwn_do_request(sc, &req, buf)); 1157} 1158 1159static usb_error_t 1160urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val) 1161{ 1162 return (urtwn_write_region_1(sc, addr, &val, sizeof(val))); 1163} 1164 1165static usb_error_t 1166urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val) 1167{ 1168 val = htole16(val); 1169 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1170} 1171 1172static usb_error_t 1173urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val) 1174{ 1175 val = htole32(val); 1176 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1177} 1178 1179static usb_error_t 1180urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1181 int len) 1182{ 1183 usb_device_request_t req; 1184 1185 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1186 req.bRequest = R92C_REQ_REGS; 1187 USETW(req.wValue, addr); 1188 USETW(req.wIndex, 0); 1189 USETW(req.wLength, len); 1190 return (urtwn_do_request(sc, &req, buf)); 1191} 1192 1193static uint8_t 1194urtwn_read_1(struct urtwn_softc *sc, uint16_t addr) 1195{ 1196 uint8_t val; 1197 1198 if (urtwn_read_region_1(sc, addr, &val, 1) != 0) 1199 return (0xff); 1200 return (val); 1201} 1202 1203static uint16_t 1204urtwn_read_2(struct urtwn_softc *sc, uint16_t addr) 1205{ 1206 uint16_t val; 1207 1208 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 2) != 0) 1209 return (0xffff); 1210 return (le16toh(val)); 1211} 1212 1213static uint32_t 1214urtwn_read_4(struct urtwn_softc *sc, uint16_t addr) 1215{ 1216 uint32_t val; 1217 1218 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 4) != 0) 1219 return (0xffffffff); 1220 return (le32toh(val)); 1221} 1222 1223static int 1224urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len) 1225{ 1226 struct r92c_fw_cmd cmd; 1227 usb_error_t error; 1228 int ntries; 1229 1230 /* Wait for current FW box to be empty. */ 1231 for (ntries = 0; ntries < 100; ntries++) { 1232 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << sc->fwcur))) 1233 break; 1234 urtwn_ms_delay(sc); 1235 } 1236 if (ntries == 100) { 1237 device_printf(sc->sc_dev, 1238 "could not send firmware command\n"); 1239 return (ETIMEDOUT); 1240 } 1241 memset(&cmd, 0, sizeof(cmd)); 1242 cmd.id = id; 1243 if (len > 3) 1244 cmd.id |= R92C_CMD_FLAG_EXT; 1245 KASSERT(len <= sizeof(cmd.msg), ("urtwn_fw_cmd\n")); 1246 memcpy(cmd.msg, buf, len); 1247 1248 /* Write the first word last since that will trigger the FW. */ 1249 error = urtwn_write_region_1(sc, R92C_HMEBOX_EXT(sc->fwcur), 1250 (uint8_t *)&cmd + 4, 2); 1251 if (error != USB_ERR_NORMAL_COMPLETION) 1252 return (EIO); 1253 error = urtwn_write_region_1(sc, R92C_HMEBOX(sc->fwcur), 1254 (uint8_t *)&cmd + 0, 4); 1255 if (error != USB_ERR_NORMAL_COMPLETION) 1256 return (EIO); 1257 1258 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX; 1259 return (0); 1260} 1261 1262static __inline void 1263urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val) 1264{ 1265 1266 sc->sc_rf_write(sc, chain, addr, val); 1267} 1268 1269static void 1270urtwn_r92c_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1271 uint32_t val) 1272{ 1273 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1274 SM(R92C_LSSI_PARAM_ADDR, addr) | 1275 SM(R92C_LSSI_PARAM_DATA, val)); 1276} 1277 1278static void 1279urtwn_r88e_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1280uint32_t val) 1281{ 1282 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1283 SM(R88E_LSSI_PARAM_ADDR, addr) | 1284 SM(R92C_LSSI_PARAM_DATA, val)); 1285} 1286 1287static uint32_t 1288urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr) 1289{ 1290 uint32_t reg[R92C_MAX_CHAINS], val; 1291 1292 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)); 1293 if (chain != 0) 1294 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain)); 1295 1296 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1297 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE); 1298 urtwn_ms_delay(sc); 1299 1300 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain), 1301 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) | 1302 R92C_HSSI_PARAM2_READ_EDGE); 1303 urtwn_ms_delay(sc); 1304 1305 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1306 reg[0] | R92C_HSSI_PARAM2_READ_EDGE); 1307 urtwn_ms_delay(sc); 1308 1309 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI) 1310 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain)); 1311 else 1312 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain)); 1313 return (MS(val, R92C_LSSI_READBACK_DATA)); 1314} 1315 1316static int 1317urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 1318{ 1319 usb_error_t error; 1320 int ntries; 1321 1322 error = urtwn_write_4(sc, R92C_LLT_INIT, 1323 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) | 1324 SM(R92C_LLT_INIT_ADDR, addr) | 1325 SM(R92C_LLT_INIT_DATA, data)); 1326 if (error != USB_ERR_NORMAL_COMPLETION) 1327 return (EIO); 1328 /* Wait for write operation to complete. */ 1329 for (ntries = 0; ntries < 20; ntries++) { 1330 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) == 1331 R92C_LLT_INIT_OP_NO_ACTIVE) 1332 return (0); 1333 urtwn_ms_delay(sc); 1334 } 1335 return (ETIMEDOUT); 1336} 1337 1338static int 1339urtwn_efuse_read_next(struct urtwn_softc *sc, uint8_t *val) 1340{ 1341 uint32_t reg; 1342 usb_error_t error; 1343 int ntries; 1344 1345 if (sc->last_rom_addr >= URTWN_EFUSE_MAX_LEN) 1346 return (EFAULT); 1347 1348 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1349 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, sc->last_rom_addr); 1350 reg &= ~R92C_EFUSE_CTRL_VALID; 1351 1352 error = urtwn_write_4(sc, R92C_EFUSE_CTRL, reg); 1353 if (error != USB_ERR_NORMAL_COMPLETION) 1354 return (EIO); 1355 /* Wait for read operation to complete. */ 1356 for (ntries = 0; ntries < 100; ntries++) { 1357 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1358 if (reg & R92C_EFUSE_CTRL_VALID) 1359 break; 1360 urtwn_ms_delay(sc); 1361 } 1362 if (ntries == 100) { 1363 device_printf(sc->sc_dev, 1364 "could not read efuse byte at address 0x%x\n", 1365 sc->last_rom_addr); 1366 return (ETIMEDOUT); 1367 } 1368 1369 *val = MS(reg, R92C_EFUSE_CTRL_DATA); 1370 sc->last_rom_addr++; 1371 1372 return (0); 1373} 1374 1375static int 1376urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off, 1377 uint8_t msk) 1378{ 1379 uint8_t reg; 1380 int i, error; 1381 1382 for (i = 0; i < 4; i++) { 1383 if (msk & (1 << i)) 1384 continue; 1385 error = urtwn_efuse_read_next(sc, ®); 1386 if (error != 0) 1387 return (error); 1388 DPRINTF("rom[0x%03X] == 0x%02X\n", off * 8 + i * 2, reg); 1389 rom[off * 8 + i * 2 + 0] = reg; 1390 1391 error = urtwn_efuse_read_next(sc, ®); 1392 if (error != 0) 1393 return (error); 1394 DPRINTF("rom[0x%03X] == 0x%02X\n", off * 8 + i * 2 + 1, reg); 1395 rom[off * 8 + i * 2 + 1] = reg; 1396 } 1397 1398 return (0); 1399} 1400 1401#ifdef URTWN_DEBUG 1402static void 1403urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1404{ 1405 int i; 1406 1407 /* Dump ROM contents. */ 1408 device_printf(sc->sc_dev, "%s:", __func__); 1409 for (i = 0; i < size; i++) { 1410 if (i % 32 == 0) 1411 printf("\n%03X: ", i); 1412 else if (i % 4 == 0) 1413 printf(" "); 1414 1415 printf("%02X", rom[i]); 1416 } 1417 printf("\n"); 1418} 1419#endif 1420 1421static int 1422urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1423{ 1424#define URTWN_CHK(res) do { \ 1425 if ((error = res) != 0) \ 1426 goto end; \ 1427} while(0) 1428 uint8_t msk, off, reg; 1429 int error; 1430 1431 URTWN_CHK(urtwn_efuse_switch_power(sc)); 1432 1433 /* Read full ROM image. */ 1434 sc->last_rom_addr = 0; 1435 memset(rom, 0xff, size); 1436 1437 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1438 while (reg != 0xff) { 1439 /* check for extended header */ 1440 if ((sc->chip & URTWN_CHIP_88E) && (reg & 0x1f) == 0x0f) { 1441 off = reg >> 5; 1442 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1443 1444 if ((reg & 0x0f) != 0x0f) 1445 off = ((reg & 0xf0) >> 1) | off; 1446 else 1447 continue; 1448 } else 1449 off = reg >> 4; 1450 msk = reg & 0xf; 1451 1452 URTWN_CHK(urtwn_efuse_read_data(sc, rom, off, msk)); 1453 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1454 } 1455 1456end: 1457 1458#ifdef URTWN_DEBUG 1459 if (urtwn_debug >= 2) 1460 urtwn_dump_rom_contents(sc, rom, size); 1461#endif 1462 1463 urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_OFF); 1464 1465 if (error != 0) { 1466 device_printf(sc->sc_dev, "%s: error while reading ROM\n", 1467 __func__); 1468 } 1469 1470 return (error); 1471#undef URTWN_CHK 1472} 1473 1474static int 1475urtwn_efuse_switch_power(struct urtwn_softc *sc) 1476{ 1477 usb_error_t error; 1478 uint32_t reg; 1479 1480 error = urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_ON); 1481 if (error != USB_ERR_NORMAL_COMPLETION) 1482 return (EIO); 1483 1484 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL); 1485 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) { 1486 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 1487 reg | R92C_SYS_ISO_CTRL_PWC_EV12V); 1488 if (error != USB_ERR_NORMAL_COMPLETION) 1489 return (EIO); 1490 } 1491 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 1492 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) { 1493 error = urtwn_write_2(sc, R92C_SYS_FUNC_EN, 1494 reg | R92C_SYS_FUNC_EN_ELDR); 1495 if (error != USB_ERR_NORMAL_COMPLETION) 1496 return (EIO); 1497 } 1498 reg = urtwn_read_2(sc, R92C_SYS_CLKR); 1499 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) != 1500 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) { 1501 error = urtwn_write_2(sc, R92C_SYS_CLKR, 1502 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M); 1503 if (error != USB_ERR_NORMAL_COMPLETION) 1504 return (EIO); 1505 } 1506 1507 return (0); 1508} 1509 1510static int 1511urtwn_read_chipid(struct urtwn_softc *sc) 1512{ 1513 uint32_t reg; 1514 1515 if (sc->chip & URTWN_CHIP_88E) 1516 return (0); 1517 1518 reg = urtwn_read_4(sc, R92C_SYS_CFG); 1519 if (reg & R92C_SYS_CFG_TRP_VAUX_EN) 1520 return (EIO); 1521 1522 if (reg & R92C_SYS_CFG_TYPE_92C) { 1523 sc->chip |= URTWN_CHIP_92C; 1524 /* Check if it is a castrated 8192C. */ 1525 if (MS(urtwn_read_4(sc, R92C_HPON_FSM), 1526 R92C_HPON_FSM_CHIP_BONDING_ID) == 1527 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R) 1528 sc->chip |= URTWN_CHIP_92C_1T2R; 1529 } 1530 if (reg & R92C_SYS_CFG_VENDOR_UMC) { 1531 sc->chip |= URTWN_CHIP_UMC; 1532 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0) 1533 sc->chip |= URTWN_CHIP_UMC_A_CUT; 1534 } 1535 return (0); 1536} 1537 1538static int 1539urtwn_read_rom(struct urtwn_softc *sc) 1540{ 1541 struct r92c_rom *rom = &sc->rom.r92c_rom; 1542 int error; 1543 1544 /* Read full ROM image. */ 1545 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(*rom)); 1546 if (error != 0) 1547 return (error); 1548 1549 /* XXX Weird but this is what the vendor driver does. */ 1550 sc->last_rom_addr = 0x1fa; 1551 error = urtwn_efuse_read_next(sc, &sc->pa_setting); 1552 if (error != 0) 1553 return (error); 1554 DPRINTF("PA setting=0x%x\n", sc->pa_setting); 1555 1556 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE); 1557 1558 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY); 1559 DPRINTF("regulatory type=%d\n", sc->regulatory); 1560 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); 1561 1562 sc->sc_rf_write = urtwn_r92c_rf_write; 1563 sc->sc_power_on = urtwn_r92c_power_on; 1564 1565 return (0); 1566} 1567 1568static int 1569urtwn_r88e_read_rom(struct urtwn_softc *sc) 1570{ 1571 uint8_t *rom = sc->rom.r88e_rom; 1572 uint16_t addr; 1573 int error, i; 1574 1575 error = urtwn_efuse_read(sc, rom, sizeof(sc->rom.r88e_rom)); 1576 if (error != 0) 1577 return (error); 1578 1579 addr = 0x10; 1580 for (i = 0; i < 6; i++) 1581 sc->cck_tx_pwr[i] = rom[addr++]; 1582 for (i = 0; i < 5; i++) 1583 sc->ht40_tx_pwr[i] = rom[addr++]; 1584 sc->bw20_tx_pwr_diff = (rom[addr] & 0xf0) >> 4; 1585 if (sc->bw20_tx_pwr_diff & 0x08) 1586 sc->bw20_tx_pwr_diff |= 0xf0; 1587 sc->ofdm_tx_pwr_diff = (rom[addr] & 0xf); 1588 if (sc->ofdm_tx_pwr_diff & 0x08) 1589 sc->ofdm_tx_pwr_diff |= 0xf0; 1590 sc->regulatory = MS(rom[0xc1], R92C_ROM_RF1_REGULATORY); 1591 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, &rom[0xd7]); 1592 1593 sc->sc_rf_write = urtwn_r88e_rf_write; 1594 sc->sc_power_on = urtwn_r88e_power_on; 1595 1596 return (0); 1597} 1598 1599/* 1600 * Initialize rate adaptation in firmware. 1601 */ 1602static int 1603urtwn_ra_init(struct urtwn_softc *sc) 1604{ 1605 struct ieee80211com *ic = &sc->sc_ic; 1606 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1607 struct ieee80211_node *ni; 1608 struct ieee80211_rateset *rs; 1609 struct r92c_fw_cmd_macid_cfg cmd; 1610 uint32_t rates, basicrates; 1611 uint8_t mode; 1612 int maxrate, maxbasicrate, error, i, j; 1613 1614 ni = ieee80211_ref_node(vap->iv_bss); 1615 rs = &ni->ni_rates; 1616 1617 /* Get normal and basic rates mask. */ 1618 rates = basicrates = 0; 1619 maxrate = maxbasicrate = 0; 1620 for (i = 0; i < rs->rs_nrates; i++) { 1621 /* Convert 802.11 rate to HW rate index. */ 1622 for (j = 0; j < nitems(ridx2rate); j++) 1623 if ((rs->rs_rates[i] & IEEE80211_RATE_VAL) == 1624 ridx2rate[j]) 1625 break; 1626 if (j == nitems(ridx2rate)) /* Unknown rate, skip. */ 1627 continue; 1628 rates |= 1 << j; 1629 if (j > maxrate) 1630 maxrate = j; 1631 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) { 1632 basicrates |= 1 << j; 1633 if (j > maxbasicrate) 1634 maxbasicrate = j; 1635 } 1636 } 1637 if (ic->ic_curmode == IEEE80211_MODE_11B) 1638 mode = R92C_RAID_11B; 1639 else 1640 mode = R92C_RAID_11BG; 1641 DPRINTF("mode=0x%x rates=0x%08x, basicrates=0x%08x\n", 1642 mode, rates, basicrates); 1643 1644 /* Set rates mask for group addressed frames. */ 1645 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID; 1646 cmd.mask = htole32(mode << 28 | basicrates); 1647 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1648 if (error != 0) { 1649 ieee80211_free_node(ni); 1650 device_printf(sc->sc_dev, 1651 "could not add broadcast station\n"); 1652 return (error); 1653 } 1654 /* Set initial MRR rate. */ 1655 DPRINTF("maxbasicrate=%d\n", maxbasicrate); 1656 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC), 1657 maxbasicrate); 1658 1659 /* Set rates mask for unicast frames. */ 1660 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID; 1661 cmd.mask = htole32(mode << 28 | rates); 1662 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1663 if (error != 0) { 1664 ieee80211_free_node(ni); 1665 device_printf(sc->sc_dev, "could not add BSS station\n"); 1666 return (error); 1667 } 1668 /* Set initial MRR rate. */ 1669 DPRINTF("maxrate=%d\n", maxrate); 1670 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS), 1671 maxrate); 1672 1673 /* Indicate highest supported rate. */ 1674 ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1]; 1675 ieee80211_free_node(ni); 1676 1677 return (0); 1678} 1679 1680static void 1681urtwn_init_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 1682{ 1683 struct r92c_tx_desc *txd = &uvp->bcn_desc; 1684 1685 txd->txdw0 = htole32( 1686 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | R92C_TXDW0_BMCAST | 1687 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 1688 txd->txdw1 = htole32( 1689 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_BEACON) | 1690 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 1691 1692 if (sc->chip & URTWN_CHIP_88E) { 1693 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 1694 txd->txdseq |= htole16(R88E_TXDSEQ_HWSEQ_EN); 1695 } else { 1696 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 1697 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 1698 } 1699 1700 txd->txdw4 = htole32(R92C_TXDW4_DRVRATE); 1701 txd->txdw5 = htole32(SM(R92C_TXDW5_DATARATE, URTWN_RIDX_CCK1)); 1702} 1703 1704static int 1705urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni) 1706{ 1707 struct ieee80211vap *vap = ni->ni_vap; 1708 struct urtwn_vap *uvp = URTWN_VAP(vap); 1709 struct mbuf *m; 1710 int error; 1711 1712 URTWN_ASSERT_LOCKED(sc); 1713 1714 if (ni->ni_chan == IEEE80211_CHAN_ANYC) 1715 return (EINVAL); 1716 1717 m = ieee80211_beacon_alloc(ni); 1718 if (m == NULL) { 1719 device_printf(sc->sc_dev, 1720 "%s: could not allocate beacon frame\n", __func__); 1721 return (ENOMEM); 1722 } 1723 1724 if (uvp->bcn_mbuf != NULL) 1725 m_freem(uvp->bcn_mbuf); 1726 1727 uvp->bcn_mbuf = m; 1728 1729 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 1730 return (error); 1731 1732 /* XXX bcnq stuck workaround */ 1733 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 1734 return (error); 1735 1736 return (0); 1737} 1738 1739static void 1740urtwn_update_beacon(struct ieee80211vap *vap, int item) 1741{ 1742 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 1743 struct urtwn_vap *uvp = URTWN_VAP(vap); 1744 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off; 1745 struct ieee80211_node *ni = vap->iv_bss; 1746 int mcast = 0; 1747 1748 URTWN_LOCK(sc); 1749 if (uvp->bcn_mbuf == NULL) { 1750 uvp->bcn_mbuf = ieee80211_beacon_alloc(ni); 1751 if (uvp->bcn_mbuf == NULL) { 1752 device_printf(sc->sc_dev, 1753 "%s: could not allocate beacon frame\n", __func__); 1754 URTWN_UNLOCK(sc); 1755 return; 1756 } 1757 } 1758 URTWN_UNLOCK(sc); 1759 1760 if (item == IEEE80211_BEACON_TIM) 1761 mcast = 1; /* XXX */ 1762 1763 setbit(bo->bo_flags, item); 1764 ieee80211_beacon_update(ni, uvp->bcn_mbuf, mcast); 1765 1766 URTWN_LOCK(sc); 1767 urtwn_tx_beacon(sc, uvp); 1768 URTWN_UNLOCK(sc); 1769} 1770 1771/* 1772 * Push a beacon frame into the chip. Beacon will 1773 * be repeated by the chip every R92C_BCN_INTERVAL. 1774 */ 1775static int 1776urtwn_tx_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 1777{ 1778 struct r92c_tx_desc *desc = &uvp->bcn_desc; 1779 struct urtwn_data *bf; 1780 1781 URTWN_ASSERT_LOCKED(sc); 1782 1783 bf = urtwn_getbuf(sc); 1784 if (bf == NULL) 1785 return (ENOMEM); 1786 1787 memcpy(bf->buf, desc, sizeof(*desc)); 1788 urtwn_tx_start(sc, uvp->bcn_mbuf, IEEE80211_FC0_TYPE_MGT, bf); 1789 1790 sc->sc_txtimer = 5; 1791 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 1792 1793 return (0); 1794} 1795 1796static void 1797urtwn_tsf_task_adhoc(void *arg, int pending) 1798{ 1799 struct ieee80211vap *vap = arg; 1800 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 1801 struct ieee80211_node *ni; 1802 uint32_t reg; 1803 1804 URTWN_LOCK(sc); 1805 ni = ieee80211_ref_node(vap->iv_bss); 1806 reg = urtwn_read_1(sc, R92C_BCN_CTRL); 1807 1808 /* Accept beacons with the same BSSID. */ 1809 urtwn_set_rx_bssid_all(sc, 0); 1810 1811 /* Enable synchronization. */ 1812 reg &= ~R92C_BCN_CTRL_DIS_TSF_UDT0; 1813 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 1814 1815 /* Synchronize. */ 1816 usb_pause_mtx(&sc->sc_mtx, hz * ni->ni_intval * 5 / 1000); 1817 1818 /* Disable synchronization. */ 1819 reg |= R92C_BCN_CTRL_DIS_TSF_UDT0; 1820 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 1821 1822 /* Remove beacon filter. */ 1823 urtwn_set_rx_bssid_all(sc, 1); 1824 1825 /* Enable beaconing. */ 1826 urtwn_write_1(sc, R92C_MBID_NUM, 1827 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 1828 reg |= R92C_BCN_CTRL_EN_BCN; 1829 1830 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 1831 ieee80211_free_node(ni); 1832 URTWN_UNLOCK(sc); 1833} 1834 1835static void 1836urtwn_tsf_sync_enable(struct urtwn_softc *sc, struct ieee80211vap *vap) 1837{ 1838 struct ieee80211com *ic = &sc->sc_ic; 1839 struct urtwn_vap *uvp = URTWN_VAP(vap); 1840 1841 /* Reset TSF. */ 1842 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 1843 1844 switch (vap->iv_opmode) { 1845 case IEEE80211_M_STA: 1846 /* Enable TSF synchronization. */ 1847 urtwn_write_1(sc, R92C_BCN_CTRL, 1848 urtwn_read_1(sc, R92C_BCN_CTRL) & 1849 ~R92C_BCN_CTRL_DIS_TSF_UDT0); 1850 break; 1851 case IEEE80211_M_IBSS: 1852 ieee80211_runtask(ic, &uvp->tsf_task_adhoc); 1853 break; 1854 case IEEE80211_M_HOSTAP: 1855 /* Enable beaconing. */ 1856 urtwn_write_1(sc, R92C_MBID_NUM, 1857 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 1858 urtwn_write_1(sc, R92C_BCN_CTRL, 1859 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN); 1860 break; 1861 default: 1862 device_printf(sc->sc_dev, "undefined opmode %d\n", 1863 vap->iv_opmode); 1864 return; 1865 } 1866} 1867 1868static void 1869urtwn_set_led(struct urtwn_softc *sc, int led, int on) 1870{ 1871 uint8_t reg; 1872 1873 if (led == URTWN_LED_LINK) { 1874 if (sc->chip & URTWN_CHIP_88E) { 1875 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0xf0; 1876 urtwn_write_1(sc, R92C_LEDCFG2, reg | 0x60); 1877 if (!on) { 1878 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0x90; 1879 urtwn_write_1(sc, R92C_LEDCFG2, 1880 reg | R92C_LEDCFG0_DIS); 1881 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 1882 urtwn_read_1(sc, R92C_MAC_PINMUX_CFG) & 1883 0xfe); 1884 } 1885 } else { 1886 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70; 1887 if (!on) 1888 reg |= R92C_LEDCFG0_DIS; 1889 urtwn_write_1(sc, R92C_LEDCFG0, reg); 1890 } 1891 sc->ledlink = on; /* Save LED state. */ 1892 } 1893} 1894 1895static void 1896urtwn_set_mode(struct urtwn_softc *sc, uint8_t mode) 1897{ 1898 uint8_t reg; 1899 1900 reg = urtwn_read_1(sc, R92C_MSR); 1901 reg = (reg & ~R92C_MSR_MASK) | mode; 1902 urtwn_write_1(sc, R92C_MSR, reg); 1903} 1904 1905static void 1906urtwn_ibss_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype, 1907 const struct ieee80211_rx_stats *rxs, 1908 int rssi, int nf) 1909{ 1910 struct ieee80211vap *vap = ni->ni_vap; 1911 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 1912 struct urtwn_vap *uvp = URTWN_VAP(vap); 1913 uint64_t ni_tstamp, curr_tstamp; 1914 1915 uvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf); 1916 1917 if (vap->iv_state == IEEE80211_S_RUN && 1918 (subtype == IEEE80211_FC0_SUBTYPE_BEACON || 1919 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) { 1920 ni_tstamp = le64toh(ni->ni_tstamp.tsf); 1921#ifdef D3831 1922 URTWN_LOCK(sc); 1923 urtwn_get_tsf(sc, &curr_tstamp); 1924 URTWN_UNLOCK(sc); 1925 curr_tstamp = le64toh(curr_tstamp); 1926 1927 if (ni_tstamp >= curr_tstamp) 1928 (void) ieee80211_ibss_merge(ni); 1929#else 1930 (void) sc; 1931 (void) curr_tstamp; 1932#endif 1933 } 1934} 1935 1936static int 1937urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 1938{ 1939 struct urtwn_vap *uvp = URTWN_VAP(vap); 1940 struct ieee80211com *ic = vap->iv_ic; 1941 struct urtwn_softc *sc = ic->ic_softc; 1942 struct ieee80211_node *ni; 1943 enum ieee80211_state ostate; 1944 uint32_t reg; 1945 uint8_t mode; 1946 int error = 0; 1947 1948 ostate = vap->iv_state; 1949 DPRINTF("%s -> %s\n", ieee80211_state_name[ostate], 1950 ieee80211_state_name[nstate]); 1951 1952 IEEE80211_UNLOCK(ic); 1953 URTWN_LOCK(sc); 1954 callout_stop(&sc->sc_watchdog_ch); 1955 1956 if (ostate == IEEE80211_S_RUN) { 1957 /* Turn link LED off. */ 1958 urtwn_set_led(sc, URTWN_LED_LINK, 0); 1959 1960 /* Set media status to 'No Link'. */ 1961 urtwn_set_mode(sc, R92C_MSR_NOLINK); 1962 1963 /* Stop Rx of data frames. */ 1964 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 1965 1966 /* Disable TSF synchronization. */ 1967 urtwn_write_1(sc, R92C_BCN_CTRL, 1968 (urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN) | 1969 R92C_BCN_CTRL_DIS_TSF_UDT0); 1970 1971 /* Disable beaconing. */ 1972 urtwn_write_1(sc, R92C_MBID_NUM, 1973 urtwn_read_1(sc, R92C_MBID_NUM) & ~R92C_MBID_TXBCN_RPT0); 1974 1975 /* Reset TSF. */ 1976 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 1977 1978 /* Reset EDCA parameters. */ 1979 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217); 1980 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317); 1981 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320); 1982 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444); 1983 } 1984 1985 switch (nstate) { 1986 case IEEE80211_S_INIT: 1987 /* Turn link LED off. */ 1988 urtwn_set_led(sc, URTWN_LED_LINK, 0); 1989 break; 1990 case IEEE80211_S_SCAN: 1991 /* Pause AC Tx queues. */ 1992 urtwn_write_1(sc, R92C_TXPAUSE, 1993 urtwn_read_1(sc, R92C_TXPAUSE) | 0x0f); 1994 break; 1995 case IEEE80211_S_AUTH: 1996 urtwn_set_chan(sc, ic->ic_curchan, NULL); 1997 break; 1998 case IEEE80211_S_RUN: 1999 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 2000 /* Turn link LED on. */ 2001 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2002 break; 2003 } 2004 2005 ni = ieee80211_ref_node(vap->iv_bss); 2006 2007 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC || 2008 ni->ni_chan == IEEE80211_CHAN_ANYC) { 2009 device_printf(sc->sc_dev, 2010 "%s: could not move to RUN state\n", __func__); 2011 error = EINVAL; 2012 goto end_run; 2013 } 2014 2015 switch (vap->iv_opmode) { 2016 case IEEE80211_M_STA: 2017 mode = R92C_MSR_INFRA; 2018 break; 2019 case IEEE80211_M_IBSS: 2020 mode = R92C_MSR_ADHOC; 2021 break; 2022 case IEEE80211_M_HOSTAP: 2023 mode = R92C_MSR_AP; 2024 break; 2025 default: 2026 device_printf(sc->sc_dev, "undefined opmode %d\n", 2027 vap->iv_opmode); 2028 error = EINVAL; 2029 goto end_run; 2030 } 2031 2032 /* Set media status to 'Associated'. */ 2033 urtwn_set_mode(sc, mode); 2034 2035 /* Set BSSID. */ 2036 urtwn_write_4(sc, R92C_BSSID + 0, LE_READ_4(&ni->ni_bssid[0])); 2037 urtwn_write_4(sc, R92C_BSSID + 4, LE_READ_2(&ni->ni_bssid[4])); 2038 2039 if (ic->ic_curmode == IEEE80211_MODE_11B) 2040 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0); 2041 else /* 802.11b/g */ 2042 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3); 2043 2044 /* Enable Rx of data frames. */ 2045 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 2046 2047 /* Flush all AC queues. */ 2048 urtwn_write_1(sc, R92C_TXPAUSE, 0); 2049 2050 /* Set beacon interval. */ 2051 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval); 2052 2053 /* Allow Rx from our BSSID only. */ 2054 if (ic->ic_promisc == 0) { 2055 reg = urtwn_read_4(sc, R92C_RCR); 2056 2057 if (vap->iv_opmode != IEEE80211_M_HOSTAP) 2058 reg |= R92C_RCR_CBSSID_DATA; 2059 if (vap->iv_opmode != IEEE80211_M_IBSS) 2060 reg |= R92C_RCR_CBSSID_BCN; 2061 2062 urtwn_write_4(sc, R92C_RCR, reg); 2063 } 2064 2065 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 2066 vap->iv_opmode == IEEE80211_M_IBSS) { 2067 error = urtwn_setup_beacon(sc, ni); 2068 if (error != 0) { 2069 device_printf(sc->sc_dev, 2070 "unable to push beacon into the chip, " 2071 "error %d\n", error); 2072 goto end_run; 2073 } 2074 } 2075 2076 /* Enable TSF synchronization. */ 2077 urtwn_tsf_sync_enable(sc, vap); 2078 2079 urtwn_write_1(sc, R92C_SIFS_CCK + 1, 10); 2080 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10); 2081 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10); 2082 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10); 2083 urtwn_write_1(sc, R92C_R2T_SIFS + 1, 10); 2084 urtwn_write_1(sc, R92C_T2T_SIFS + 1, 10); 2085 2086 /* Intialize rate adaptation. */ 2087 if (!(sc->chip & URTWN_CHIP_88E)) 2088 urtwn_ra_init(sc); 2089 /* Turn link LED on. */ 2090 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2091 2092 sc->avg_pwdb = -1; /* Reset average RSSI. */ 2093 /* Reset temperature calibration state machine. */ 2094 sc->thcal_state = 0; 2095 sc->thcal_lctemp = 0; 2096 2097end_run: 2098 ieee80211_free_node(ni); 2099 break; 2100 default: 2101 break; 2102 } 2103 2104 URTWN_UNLOCK(sc); 2105 IEEE80211_LOCK(ic); 2106 return (error != 0 ? error : uvp->newstate(vap, nstate, arg)); 2107} 2108 2109static void 2110urtwn_watchdog(void *arg) 2111{ 2112 struct urtwn_softc *sc = arg; 2113 2114 if (sc->sc_txtimer > 0) { 2115 if (--sc->sc_txtimer == 0) { 2116 device_printf(sc->sc_dev, "device timeout\n"); 2117 counter_u64_add(sc->sc_ic.ic_oerrors, 1); 2118 return; 2119 } 2120 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2121 } 2122} 2123 2124static void 2125urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi) 2126{ 2127 int pwdb; 2128 2129 /* Convert antenna signal to percentage. */ 2130 if (rssi <= -100 || rssi >= 20) 2131 pwdb = 0; 2132 else if (rssi >= 0) 2133 pwdb = 100; 2134 else 2135 pwdb = 100 + rssi; 2136 if (!(sc->chip & URTWN_CHIP_88E)) { 2137 if (rate <= URTWN_RIDX_CCK11) { 2138 /* CCK gain is smaller than OFDM/MCS gain. */ 2139 pwdb += 6; 2140 if (pwdb > 100) 2141 pwdb = 100; 2142 if (pwdb <= 14) 2143 pwdb -= 4; 2144 else if (pwdb <= 26) 2145 pwdb -= 8; 2146 else if (pwdb <= 34) 2147 pwdb -= 6; 2148 else if (pwdb <= 42) 2149 pwdb -= 2; 2150 } 2151 } 2152 if (sc->avg_pwdb == -1) /* Init. */ 2153 sc->avg_pwdb = pwdb; 2154 else if (sc->avg_pwdb < pwdb) 2155 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1; 2156 else 2157 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20); 2158 DPRINTFN(4, "PWDB=%d EMA=%d\n", pwdb, sc->avg_pwdb); 2159} 2160 2161static int8_t 2162urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2163{ 2164 static const int8_t cckoff[] = { 16, -12, -26, -46 }; 2165 struct r92c_rx_phystat *phy; 2166 struct r92c_rx_cck *cck; 2167 uint8_t rpt; 2168 int8_t rssi; 2169 2170 if (rate <= URTWN_RIDX_CCK11) { 2171 cck = (struct r92c_rx_cck *)physt; 2172 if (sc->sc_flags & URTWN_FLAG_CCK_HIPWR) { 2173 rpt = (cck->agc_rpt >> 5) & 0x3; 2174 rssi = (cck->agc_rpt & 0x1f) << 1; 2175 } else { 2176 rpt = (cck->agc_rpt >> 6) & 0x3; 2177 rssi = cck->agc_rpt & 0x3e; 2178 } 2179 rssi = cckoff[rpt] - rssi; 2180 } else { /* OFDM/HT. */ 2181 phy = (struct r92c_rx_phystat *)physt; 2182 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2183 } 2184 return (rssi); 2185} 2186 2187static int8_t 2188urtwn_r88e_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2189{ 2190 struct r92c_rx_phystat *phy; 2191 struct r88e_rx_cck *cck; 2192 uint8_t cck_agc_rpt, lna_idx, vga_idx; 2193 int8_t rssi; 2194 2195 rssi = 0; 2196 if (rate <= URTWN_RIDX_CCK11) { 2197 cck = (struct r88e_rx_cck *)physt; 2198 cck_agc_rpt = cck->agc_rpt; 2199 lna_idx = (cck_agc_rpt & 0xe0) >> 5; 2200 vga_idx = cck_agc_rpt & 0x1f; 2201 switch (lna_idx) { 2202 case 7: 2203 if (vga_idx <= 27) 2204 rssi = -100 + 2* (27 - vga_idx); 2205 else 2206 rssi = -100; 2207 break; 2208 case 6: 2209 rssi = -48 + 2 * (2 - vga_idx); 2210 break; 2211 case 5: 2212 rssi = -42 + 2 * (7 - vga_idx); 2213 break; 2214 case 4: 2215 rssi = -36 + 2 * (7 - vga_idx); 2216 break; 2217 case 3: 2218 rssi = -24 + 2 * (7 - vga_idx); 2219 break; 2220 case 2: 2221 rssi = -12 + 2 * (5 - vga_idx); 2222 break; 2223 case 1: 2224 rssi = 8 - (2 * vga_idx); 2225 break; 2226 case 0: 2227 rssi = 14 - (2 * vga_idx); 2228 break; 2229 } 2230 rssi += 6; 2231 } else { /* OFDM/HT. */ 2232 phy = (struct r92c_rx_phystat *)physt; 2233 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2234 } 2235 return (rssi); 2236} 2237 2238static __inline uint8_t 2239rate2ridx(uint8_t rate) 2240{ 2241 switch (rate) { 2242 case 12: return 4; 2243 case 18: return 5; 2244 case 24: return 6; 2245 case 36: return 7; 2246 case 48: return 8; 2247 case 72: return 9; 2248 case 96: return 10; 2249 case 108: return 11; 2250 case 2: return 0; 2251 case 4: return 1; 2252 case 11: return 2; 2253 case 22: return 3; 2254 default: return 0; 2255 } 2256} 2257 2258static int 2259urtwn_tx_data(struct urtwn_softc *sc, struct ieee80211_node *ni, 2260 struct mbuf *m, struct urtwn_data *data) 2261{ 2262 const struct ieee80211_txparam *tp; 2263 struct ieee80211com *ic = &sc->sc_ic; 2264 struct ieee80211vap *vap = ni->ni_vap; 2265 struct ieee80211_key *k = NULL; 2266 struct ieee80211_channel *chan; 2267 struct ieee80211_frame *wh; 2268 struct r92c_tx_desc *txd; 2269 uint8_t macid, raid, rate, ridx, subtype, type, tid, qsel; 2270 int hasqos, ismcast; 2271 2272 URTWN_ASSERT_LOCKED(sc); 2273 2274 /* 2275 * Software crypto. 2276 */ 2277 wh = mtod(m, struct ieee80211_frame *); 2278 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2279 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2280 hasqos = IEEE80211_QOS_HAS_SEQ(wh); 2281 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 2282 2283 /* Select TX ring for this frame. */ 2284 if (hasqos) { 2285 tid = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 2286 tid &= IEEE80211_QOS_TID; 2287 } else 2288 tid = 0; 2289 2290 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ? 2291 ni->ni_chan : ic->ic_curchan; 2292 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 2293 2294 /* Choose a TX rate index. */ 2295 if (type == IEEE80211_FC0_TYPE_MGT) 2296 rate = tp->mgmtrate; 2297 else if (ismcast) 2298 rate = tp->mcastrate; 2299 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 2300 rate = tp->ucastrate; 2301 else if (m->m_flags & M_EAPOL) 2302 rate = tp->mgmtrate; 2303 else { 2304 if (URTWN_CHIP_HAS_RATECTL(sc)) { 2305 /* XXX pass pktlen */ 2306 (void) ieee80211_ratectl_rate(ni, NULL, 0); 2307 rate = ni->ni_txrate; 2308 } else { 2309 if (ic->ic_curmode != IEEE80211_MODE_11B) 2310 rate = 108; 2311 else 2312 rate = 22; 2313 } 2314 } 2315 2316 ridx = rate2ridx(rate); 2317 if (ic->ic_curmode != IEEE80211_MODE_11B) 2318 raid = R92C_RAID_11BG; 2319 else 2320 raid = R92C_RAID_11B; 2321 2322 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2323 k = ieee80211_crypto_encap(ni, m); 2324 if (k == NULL) { 2325 device_printf(sc->sc_dev, 2326 "ieee80211_crypto_encap returns NULL.\n"); 2327 return (ENOBUFS); 2328 } 2329 2330 /* in case packet header moved, reset pointer */ 2331 wh = mtod(m, struct ieee80211_frame *); 2332 } 2333 2334 /* Fill Tx descriptor. */ 2335 txd = (struct r92c_tx_desc *)data->buf; 2336 memset(txd, 0, sizeof(*txd)); 2337 2338 txd->txdw0 |= htole32( 2339 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2340 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2341 if (ismcast) 2342 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2343 2344 if (!ismcast) { 2345 if (sc->chip & URTWN_CHIP_88E) { 2346 struct urtwn_node *un = URTWN_NODE(ni); 2347 macid = un->id; 2348 } else 2349 macid = URTWN_MACID_BSS; 2350 2351 if (type == IEEE80211_FC0_TYPE_DATA) { 2352 qsel = tid % URTWN_MAX_TID; 2353 2354 if (sc->chip & URTWN_CHIP_88E) { 2355 txd->txdw2 |= htole32( 2356 R88E_TXDW2_AGGBK | 2357 R88E_TXDW2_CCX_RPT); 2358 } else 2359 txd->txdw1 |= htole32(R92C_TXDW1_AGGBK); 2360 2361 if (ic->ic_flags & IEEE80211_F_USEPROT) { 2362 switch (ic->ic_protmode) { 2363 case IEEE80211_PROT_CTSONLY: 2364 txd->txdw4 |= htole32( 2365 R92C_TXDW4_CTS2SELF | 2366 R92C_TXDW4_HWRTSEN); 2367 break; 2368 case IEEE80211_PROT_RTSCTS: 2369 txd->txdw4 |= htole32( 2370 R92C_TXDW4_RTSEN | 2371 R92C_TXDW4_HWRTSEN); 2372 break; 2373 default: 2374 break; 2375 } 2376 } 2377 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 2378 URTWN_RIDX_OFDM24)); 2379 txd->txdw5 |= htole32(0x0001ff00); 2380 } else /* IEEE80211_FC0_TYPE_MGT */ 2381 qsel = R92C_TXDW1_QSEL_MGNT; 2382 } else { 2383 macid = URTWN_MACID_BC; 2384 qsel = R92C_TXDW1_QSEL_MGNT; 2385 } 2386 2387 txd->txdw1 |= htole32( 2388 SM(R92C_TXDW1_QSEL, qsel) | 2389 SM(R92C_TXDW1_RAID, raid)); 2390 2391 if (sc->chip & URTWN_CHIP_88E) 2392 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, macid)); 2393 else 2394 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, macid)); 2395 2396 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 2397 /* Force this rate if needed. */ 2398 if (URTWN_CHIP_HAS_RATECTL(sc) || ismcast || 2399 (m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA) 2400 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2401 2402 if (!hasqos) { 2403 /* Use HW sequence numbering for non-QoS frames. */ 2404 if (sc->chip & URTWN_CHIP_88E) 2405 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 2406 else 2407 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 2408 } else { 2409 /* Set sequence number. */ 2410 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 2411 } 2412 2413 if (ieee80211_radiotap_active_vap(vap)) { 2414 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 2415 2416 tap->wt_flags = 0; 2417 if (k != NULL) 2418 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2419 ieee80211_radiotap_tx(vap, m); 2420 } 2421 2422 data->ni = ni; 2423 2424 urtwn_tx_start(sc, m, type, data); 2425 2426 return (0); 2427} 2428 2429static void 2430urtwn_tx_start(struct urtwn_softc *sc, struct mbuf *m, uint8_t type, 2431 struct urtwn_data *data) 2432{ 2433 struct usb_xfer *xfer; 2434 struct r92c_tx_desc *txd; 2435 uint16_t ac, sum; 2436 int i, xferlen; 2437 2438 URTWN_ASSERT_LOCKED(sc); 2439 2440 ac = M_WME_GETAC(m); 2441 2442 switch (type) { 2443 case IEEE80211_FC0_TYPE_CTL: 2444 case IEEE80211_FC0_TYPE_MGT: 2445 xfer = sc->sc_xfer[URTWN_BULK_TX_VO]; 2446 break; 2447 default: 2448 xfer = sc->sc_xfer[wme2queue[ac].qid]; 2449 break; 2450 } 2451 2452 txd = (struct r92c_tx_desc *)data->buf; 2453 txd->txdw0 |= htole32(SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len)); 2454 2455 /* Compute Tx descriptor checksum. */ 2456 sum = 0; 2457 for (i = 0; i < sizeof(*txd) / 2; i++) 2458 sum ^= ((uint16_t *)txd)[i]; 2459 txd->txdsum = sum; /* NB: already little endian. */ 2460 2461 xferlen = sizeof(*txd) + m->m_pkthdr.len; 2462 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&txd[1]); 2463 2464 data->buflen = xferlen; 2465 data->m = m; 2466 2467 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 2468 usbd_transfer_start(xfer); 2469} 2470 2471static int 2472urtwn_transmit(struct ieee80211com *ic, struct mbuf *m) 2473{ 2474 struct urtwn_softc *sc = ic->ic_softc; 2475 int error; 2476 2477 URTWN_LOCK(sc); 2478 if ((sc->sc_flags & URTWN_RUNNING) == 0) { 2479 URTWN_UNLOCK(sc); 2480 return (ENXIO); 2481 } 2482 error = mbufq_enqueue(&sc->sc_snd, m); 2483 if (error) { 2484 URTWN_UNLOCK(sc); 2485 return (error); 2486 } 2487 urtwn_start(sc); 2488 URTWN_UNLOCK(sc); 2489 2490 return (0); 2491} 2492 2493static void 2494urtwn_start(struct urtwn_softc *sc) 2495{ 2496 struct ieee80211_node *ni; 2497 struct mbuf *m; 2498 struct urtwn_data *bf; 2499 2500 URTWN_ASSERT_LOCKED(sc); 2501 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 2502 bf = urtwn_getbuf(sc); 2503 if (bf == NULL) { 2504 mbufq_prepend(&sc->sc_snd, m); 2505 break; 2506 } 2507 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 2508 m->m_pkthdr.rcvif = NULL; 2509 if (urtwn_tx_data(sc, ni, m, bf) != 0) { 2510 if_inc_counter(ni->ni_vap->iv_ifp, 2511 IFCOUNTER_OERRORS, 1); 2512 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 2513 m_freem(m); 2514 ieee80211_free_node(ni); 2515 break; 2516 } 2517 sc->sc_txtimer = 5; 2518 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2519 } 2520} 2521 2522static void 2523urtwn_parent(struct ieee80211com *ic) 2524{ 2525 struct urtwn_softc *sc = ic->ic_softc; 2526 2527 URTWN_LOCK(sc); 2528 if (sc->sc_flags & URTWN_DETACHED) { 2529 URTWN_UNLOCK(sc); 2530 return; 2531 } 2532 URTWN_UNLOCK(sc); 2533 2534 if (ic->ic_nrunning > 0) { 2535 if (urtwn_init(sc) != 0) { 2536 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2537 if (vap != NULL) 2538 ieee80211_stop(vap); 2539 } else 2540 ieee80211_start_all(ic); 2541 } else 2542 urtwn_stop(sc); 2543} 2544 2545static __inline int 2546urtwn_power_on(struct urtwn_softc *sc) 2547{ 2548 2549 return sc->sc_power_on(sc); 2550} 2551 2552static int 2553urtwn_r92c_power_on(struct urtwn_softc *sc) 2554{ 2555 uint32_t reg; 2556 usb_error_t error; 2557 int ntries; 2558 2559 /* Wait for autoload done bit. */ 2560 for (ntries = 0; ntries < 1000; ntries++) { 2561 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN) 2562 break; 2563 urtwn_ms_delay(sc); 2564 } 2565 if (ntries == 1000) { 2566 device_printf(sc->sc_dev, 2567 "timeout waiting for chip autoload\n"); 2568 return (ETIMEDOUT); 2569 } 2570 2571 /* Unlock ISO/CLK/Power control register. */ 2572 error = urtwn_write_1(sc, R92C_RSV_CTRL, 0); 2573 if (error != USB_ERR_NORMAL_COMPLETION) 2574 return (EIO); 2575 /* Move SPS into PWM mode. */ 2576 error = urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b); 2577 if (error != USB_ERR_NORMAL_COMPLETION) 2578 return (EIO); 2579 urtwn_ms_delay(sc); 2580 2581 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL); 2582 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) { 2583 error = urtwn_write_1(sc, R92C_LDOV12D_CTRL, 2584 reg | R92C_LDOV12D_CTRL_LDV12_EN); 2585 if (error != USB_ERR_NORMAL_COMPLETION) 2586 return (EIO); 2587 urtwn_ms_delay(sc); 2588 error = urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 2589 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) & 2590 ~R92C_SYS_ISO_CTRL_MD2PP); 2591 if (error != USB_ERR_NORMAL_COMPLETION) 2592 return (EIO); 2593 } 2594 2595 /* Auto enable WLAN. */ 2596 error = urtwn_write_2(sc, R92C_APS_FSMCO, 2597 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 2598 if (error != USB_ERR_NORMAL_COMPLETION) 2599 return (EIO); 2600 for (ntries = 0; ntries < 1000; ntries++) { 2601 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 2602 R92C_APS_FSMCO_APFM_ONMAC)) 2603 break; 2604 urtwn_ms_delay(sc); 2605 } 2606 if (ntries == 1000) { 2607 device_printf(sc->sc_dev, 2608 "timeout waiting for MAC auto ON\n"); 2609 return (ETIMEDOUT); 2610 } 2611 2612 /* Enable radio, GPIO and LED functions. */ 2613 error = urtwn_write_2(sc, R92C_APS_FSMCO, 2614 R92C_APS_FSMCO_AFSM_HSUS | 2615 R92C_APS_FSMCO_PDN_EN | 2616 R92C_APS_FSMCO_PFM_ALDN); 2617 if (error != USB_ERR_NORMAL_COMPLETION) 2618 return (EIO); 2619 /* Release RF digital isolation. */ 2620 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 2621 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR); 2622 if (error != USB_ERR_NORMAL_COMPLETION) 2623 return (EIO); 2624 2625 /* Initialize MAC. */ 2626 error = urtwn_write_1(sc, R92C_APSD_CTRL, 2627 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF); 2628 if (error != USB_ERR_NORMAL_COMPLETION) 2629 return (EIO); 2630 for (ntries = 0; ntries < 200; ntries++) { 2631 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) & 2632 R92C_APSD_CTRL_OFF_STATUS)) 2633 break; 2634 urtwn_ms_delay(sc); 2635 } 2636 if (ntries == 200) { 2637 device_printf(sc->sc_dev, 2638 "timeout waiting for MAC initialization\n"); 2639 return (ETIMEDOUT); 2640 } 2641 2642 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 2643 reg = urtwn_read_2(sc, R92C_CR); 2644 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 2645 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 2646 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN | 2647 R92C_CR_ENSEC; 2648 error = urtwn_write_2(sc, R92C_CR, reg); 2649 if (error != USB_ERR_NORMAL_COMPLETION) 2650 return (EIO); 2651 2652 error = urtwn_write_1(sc, 0xfe10, 0x19); 2653 if (error != USB_ERR_NORMAL_COMPLETION) 2654 return (EIO); 2655 return (0); 2656} 2657 2658static int 2659urtwn_r88e_power_on(struct urtwn_softc *sc) 2660{ 2661 uint32_t reg; 2662 usb_error_t error; 2663 int ntries; 2664 2665 /* Wait for power ready bit. */ 2666 for (ntries = 0; ntries < 5000; ntries++) { 2667 if (urtwn_read_4(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_SUS_HOST) 2668 break; 2669 urtwn_ms_delay(sc); 2670 } 2671 if (ntries == 5000) { 2672 device_printf(sc->sc_dev, 2673 "timeout waiting for chip power up\n"); 2674 return (ETIMEDOUT); 2675 } 2676 2677 /* Reset BB. */ 2678 error = urtwn_write_1(sc, R92C_SYS_FUNC_EN, 2679 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~(R92C_SYS_FUNC_EN_BBRSTB | 2680 R92C_SYS_FUNC_EN_BB_GLB_RST)); 2681 if (error != USB_ERR_NORMAL_COMPLETION) 2682 return (EIO); 2683 2684 error = urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2, 2685 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80); 2686 if (error != USB_ERR_NORMAL_COMPLETION) 2687 return (EIO); 2688 2689 /* Disable HWPDN. */ 2690 error = urtwn_write_2(sc, R92C_APS_FSMCO, 2691 urtwn_read_2(sc, R92C_APS_FSMCO) & ~R92C_APS_FSMCO_APDM_HPDN); 2692 if (error != USB_ERR_NORMAL_COMPLETION) 2693 return (EIO); 2694 2695 /* Disable WL suspend. */ 2696 error = urtwn_write_2(sc, R92C_APS_FSMCO, 2697 urtwn_read_2(sc, R92C_APS_FSMCO) & 2698 ~(R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_AFSM_PCIE)); 2699 if (error != USB_ERR_NORMAL_COMPLETION) 2700 return (EIO); 2701 2702 error = urtwn_write_2(sc, R92C_APS_FSMCO, 2703 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 2704 if (error != USB_ERR_NORMAL_COMPLETION) 2705 return (EIO); 2706 for (ntries = 0; ntries < 5000; ntries++) { 2707 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 2708 R92C_APS_FSMCO_APFM_ONMAC)) 2709 break; 2710 urtwn_ms_delay(sc); 2711 } 2712 if (ntries == 5000) 2713 return (ETIMEDOUT); 2714 2715 /* Enable LDO normal mode. */ 2716 error = urtwn_write_1(sc, R92C_LPLDO_CTRL, 2717 urtwn_read_1(sc, R92C_LPLDO_CTRL) & ~0x10); 2718 if (error != USB_ERR_NORMAL_COMPLETION) 2719 return (EIO); 2720 2721 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 2722 error = urtwn_write_2(sc, R92C_CR, 0); 2723 if (error != USB_ERR_NORMAL_COMPLETION) 2724 return (EIO); 2725 reg = urtwn_read_2(sc, R92C_CR); 2726 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 2727 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 2728 R92C_CR_SCHEDULE_EN | R92C_CR_ENSEC | R92C_CR_CALTMR_EN; 2729 error = urtwn_write_2(sc, R92C_CR, reg); 2730 if (error != USB_ERR_NORMAL_COMPLETION) 2731 return (EIO); 2732 2733 return (0); 2734} 2735 2736static int 2737urtwn_llt_init(struct urtwn_softc *sc) 2738{ 2739 int i, error, page_count, pktbuf_count; 2740 2741 page_count = (sc->chip & URTWN_CHIP_88E) ? 2742 R88E_TX_PAGE_COUNT : R92C_TX_PAGE_COUNT; 2743 pktbuf_count = (sc->chip & URTWN_CHIP_88E) ? 2744 R88E_TXPKTBUF_COUNT : R92C_TXPKTBUF_COUNT; 2745 2746 /* Reserve pages [0; page_count]. */ 2747 for (i = 0; i < page_count; i++) { 2748 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 2749 return (error); 2750 } 2751 /* NB: 0xff indicates end-of-list. */ 2752 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0) 2753 return (error); 2754 /* 2755 * Use pages [page_count + 1; pktbuf_count - 1] 2756 * as ring buffer. 2757 */ 2758 for (++i; i < pktbuf_count - 1; i++) { 2759 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 2760 return (error); 2761 } 2762 /* Make the last page point to the beginning of the ring buffer. */ 2763 error = urtwn_llt_write(sc, i, page_count + 1); 2764 return (error); 2765} 2766 2767static void 2768urtwn_fw_reset(struct urtwn_softc *sc) 2769{ 2770 uint16_t reg; 2771 int ntries; 2772 2773 /* Tell 8051 to reset itself. */ 2774 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20); 2775 2776 /* Wait until 8051 resets by itself. */ 2777 for (ntries = 0; ntries < 100; ntries++) { 2778 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 2779 if (!(reg & R92C_SYS_FUNC_EN_CPUEN)) 2780 return; 2781 urtwn_ms_delay(sc); 2782 } 2783 /* Force 8051 reset. */ 2784 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 2785} 2786 2787static void 2788urtwn_r88e_fw_reset(struct urtwn_softc *sc) 2789{ 2790 uint16_t reg; 2791 2792 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 2793 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 2794 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg | R92C_SYS_FUNC_EN_CPUEN); 2795} 2796 2797static int 2798urtwn_fw_loadpage(struct urtwn_softc *sc, int page, const uint8_t *buf, int len) 2799{ 2800 uint32_t reg; 2801 usb_error_t error = USB_ERR_NORMAL_COMPLETION; 2802 int off, mlen; 2803 2804 reg = urtwn_read_4(sc, R92C_MCUFWDL); 2805 reg = RW(reg, R92C_MCUFWDL_PAGE, page); 2806 urtwn_write_4(sc, R92C_MCUFWDL, reg); 2807 2808 off = R92C_FW_START_ADDR; 2809 while (len > 0) { 2810 if (len > 196) 2811 mlen = 196; 2812 else if (len > 4) 2813 mlen = 4; 2814 else 2815 mlen = 1; 2816 /* XXX fix this deconst */ 2817 error = urtwn_write_region_1(sc, off, 2818 __DECONST(uint8_t *, buf), mlen); 2819 if (error != USB_ERR_NORMAL_COMPLETION) 2820 break; 2821 off += mlen; 2822 buf += mlen; 2823 len -= mlen; 2824 } 2825 return (error); 2826} 2827 2828static int 2829urtwn_load_firmware(struct urtwn_softc *sc) 2830{ 2831 const struct firmware *fw; 2832 const struct r92c_fw_hdr *hdr; 2833 const char *imagename; 2834 const u_char *ptr; 2835 size_t len; 2836 uint32_t reg; 2837 int mlen, ntries, page, error; 2838 2839 URTWN_UNLOCK(sc); 2840 /* Read firmware image from the filesystem. */ 2841 if (sc->chip & URTWN_CHIP_88E) 2842 imagename = "urtwn-rtl8188eufw"; 2843 else if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 2844 URTWN_CHIP_UMC_A_CUT) 2845 imagename = "urtwn-rtl8192cfwU"; 2846 else 2847 imagename = "urtwn-rtl8192cfwT"; 2848 2849 fw = firmware_get(imagename); 2850 URTWN_LOCK(sc); 2851 if (fw == NULL) { 2852 device_printf(sc->sc_dev, 2853 "failed loadfirmware of file %s\n", imagename); 2854 return (ENOENT); 2855 } 2856 2857 len = fw->datasize; 2858 2859 if (len < sizeof(*hdr)) { 2860 device_printf(sc->sc_dev, "firmware too short\n"); 2861 error = EINVAL; 2862 goto fail; 2863 } 2864 ptr = fw->data; 2865 hdr = (const struct r92c_fw_hdr *)ptr; 2866 /* Check if there is a valid FW header and skip it. */ 2867 if ((le16toh(hdr->signature) >> 4) == 0x88c || 2868 (le16toh(hdr->signature) >> 4) == 0x88e || 2869 (le16toh(hdr->signature) >> 4) == 0x92c) { 2870 DPRINTF("FW V%d.%d %02d-%02d %02d:%02d\n", 2871 le16toh(hdr->version), le16toh(hdr->subversion), 2872 hdr->month, hdr->date, hdr->hour, hdr->minute); 2873 ptr += sizeof(*hdr); 2874 len -= sizeof(*hdr); 2875 } 2876 2877 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RAM_DL_SEL) { 2878 if (sc->chip & URTWN_CHIP_88E) 2879 urtwn_r88e_fw_reset(sc); 2880 else 2881 urtwn_fw_reset(sc); 2882 urtwn_write_1(sc, R92C_MCUFWDL, 0); 2883 } 2884 2885 if (!(sc->chip & URTWN_CHIP_88E)) { 2886 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 2887 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 2888 R92C_SYS_FUNC_EN_CPUEN); 2889 } 2890 urtwn_write_1(sc, R92C_MCUFWDL, 2891 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN); 2892 urtwn_write_1(sc, R92C_MCUFWDL + 2, 2893 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08); 2894 2895 /* Reset the FWDL checksum. */ 2896 urtwn_write_1(sc, R92C_MCUFWDL, 2897 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_CHKSUM_RPT); 2898 2899 for (page = 0; len > 0; page++) { 2900 mlen = min(len, R92C_FW_PAGE_SIZE); 2901 error = urtwn_fw_loadpage(sc, page, ptr, mlen); 2902 if (error != 0) { 2903 device_printf(sc->sc_dev, 2904 "could not load firmware page\n"); 2905 goto fail; 2906 } 2907 ptr += mlen; 2908 len -= mlen; 2909 } 2910 urtwn_write_1(sc, R92C_MCUFWDL, 2911 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN); 2912 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0); 2913 2914 /* Wait for checksum report. */ 2915 for (ntries = 0; ntries < 1000; ntries++) { 2916 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT) 2917 break; 2918 urtwn_ms_delay(sc); 2919 } 2920 if (ntries == 1000) { 2921 device_printf(sc->sc_dev, 2922 "timeout waiting for checksum report\n"); 2923 error = ETIMEDOUT; 2924 goto fail; 2925 } 2926 2927 reg = urtwn_read_4(sc, R92C_MCUFWDL); 2928 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY; 2929 urtwn_write_4(sc, R92C_MCUFWDL, reg); 2930 if (sc->chip & URTWN_CHIP_88E) 2931 urtwn_r88e_fw_reset(sc); 2932 /* Wait for firmware readiness. */ 2933 for (ntries = 0; ntries < 1000; ntries++) { 2934 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY) 2935 break; 2936 urtwn_ms_delay(sc); 2937 } 2938 if (ntries == 1000) { 2939 device_printf(sc->sc_dev, 2940 "timeout waiting for firmware readiness\n"); 2941 error = ETIMEDOUT; 2942 goto fail; 2943 } 2944fail: 2945 firmware_put(fw, FIRMWARE_UNLOAD); 2946 return (error); 2947} 2948 2949static int 2950urtwn_dma_init(struct urtwn_softc *sc) 2951{ 2952 struct usb_endpoint *ep, *ep_end; 2953 usb_error_t usb_err; 2954 uint32_t reg; 2955 int hashq, hasnq, haslq, nqueues, ntx; 2956 int error, pagecount, npubqpages, nqpages, nrempages, tx_boundary; 2957 2958 /* Initialize LLT table. */ 2959 error = urtwn_llt_init(sc); 2960 if (error != 0) 2961 return (error); 2962 2963 /* Determine the number of bulk-out pipes. */ 2964 ntx = 0; 2965 ep = sc->sc_udev->endpoints; 2966 ep_end = sc->sc_udev->endpoints + sc->sc_udev->endpoints_max; 2967 for (; ep != ep_end; ep++) { 2968 if ((ep->edesc == NULL) || 2969 (ep->iface_index != sc->sc_iface_index)) 2970 continue; 2971 if (UE_GET_DIR(ep->edesc->bEndpointAddress) == UE_DIR_OUT) 2972 ntx++; 2973 } 2974 if (ntx == 0) { 2975 device_printf(sc->sc_dev, 2976 "%d: invalid number of Tx bulk pipes\n", ntx); 2977 return (EIO); 2978 } 2979 2980 /* Get Tx queues to USB endpoints mapping. */ 2981 hashq = hasnq = haslq = nqueues = 0; 2982 switch (ntx) { 2983 case 1: hashq = 1; break; 2984 case 2: hashq = hasnq = 1; break; 2985 case 3: case 4: hashq = hasnq = haslq = 1; break; 2986 } 2987 nqueues = hashq + hasnq + haslq; 2988 if (nqueues == 0) 2989 return (EIO); 2990 2991 npubqpages = nqpages = nrempages = pagecount = 0; 2992 if (sc->chip & URTWN_CHIP_88E) 2993 tx_boundary = R88E_TX_PAGE_BOUNDARY; 2994 else { 2995 pagecount = R92C_TX_PAGE_COUNT; 2996 npubqpages = R92C_PUBQ_NPAGES; 2997 tx_boundary = R92C_TX_PAGE_BOUNDARY; 2998 } 2999 3000 /* Set number of pages for normal priority queue. */ 3001 if (sc->chip & URTWN_CHIP_88E) { 3002 usb_err = urtwn_write_2(sc, R92C_RQPN_NPQ, 0xd); 3003 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3004 return (EIO); 3005 usb_err = urtwn_write_4(sc, R92C_RQPN, 0x808e000d); 3006 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3007 return (EIO); 3008 } else { 3009 /* Get the number of pages for each queue. */ 3010 nqpages = (pagecount - npubqpages) / nqueues; 3011 /* 3012 * The remaining pages are assigned to the high priority 3013 * queue. 3014 */ 3015 nrempages = (pagecount - npubqpages) % nqueues; 3016 usb_err = urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0); 3017 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3018 return (EIO); 3019 usb_err = urtwn_write_4(sc, R92C_RQPN, 3020 /* Set number of pages for public queue. */ 3021 SM(R92C_RQPN_PUBQ, npubqpages) | 3022 /* Set number of pages for high priority queue. */ 3023 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) | 3024 /* Set number of pages for low priority queue. */ 3025 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) | 3026 /* Load values. */ 3027 R92C_RQPN_LD); 3028 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3029 return (EIO); 3030 } 3031 3032 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary); 3033 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3034 return (EIO); 3035 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary); 3036 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3037 return (EIO); 3038 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary); 3039 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3040 return (EIO); 3041 usb_err = urtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary); 3042 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3043 return (EIO); 3044 usb_err = urtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary); 3045 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3046 return (EIO); 3047 3048 /* Set queue to USB pipe mapping. */ 3049 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL); 3050 reg &= ~R92C_TRXDMA_CTRL_QMAP_M; 3051 if (nqueues == 1) { 3052 if (hashq) 3053 reg |= R92C_TRXDMA_CTRL_QMAP_HQ; 3054 else if (hasnq) 3055 reg |= R92C_TRXDMA_CTRL_QMAP_NQ; 3056 else 3057 reg |= R92C_TRXDMA_CTRL_QMAP_LQ; 3058 } else if (nqueues == 2) { 3059 /* 3060 * All 2-endpoints configs have high and normal 3061 * priority queues. 3062 */ 3063 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ; 3064 } else 3065 reg |= R92C_TRXDMA_CTRL_QMAP_3EP; 3066 usb_err = urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg); 3067 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3068 return (EIO); 3069 3070 /* Set Tx/Rx transfer page boundary. */ 3071 usb_err = urtwn_write_2(sc, R92C_TRXFF_BNDY + 2, 3072 (sc->chip & URTWN_CHIP_88E) ? 0x23ff : 0x27ff); 3073 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3074 return (EIO); 3075 3076 /* Set Tx/Rx transfer page size. */ 3077 usb_err = urtwn_write_1(sc, R92C_PBP, 3078 SM(R92C_PBP_PSRX, R92C_PBP_128) | 3079 SM(R92C_PBP_PSTX, R92C_PBP_128)); 3080 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3081 return (EIO); 3082 3083 return (0); 3084} 3085 3086static int 3087urtwn_mac_init(struct urtwn_softc *sc) 3088{ 3089 usb_error_t error; 3090 int i; 3091 3092 /* Write MAC initialization values. */ 3093 if (sc->chip & URTWN_CHIP_88E) { 3094 for (i = 0; i < nitems(rtl8188eu_mac); i++) { 3095 error = urtwn_write_1(sc, rtl8188eu_mac[i].reg, 3096 rtl8188eu_mac[i].val); 3097 if (error != USB_ERR_NORMAL_COMPLETION) 3098 return (EIO); 3099 } 3100 urtwn_write_1(sc, R92C_MAX_AGGR_NUM, 0x07); 3101 } else { 3102 for (i = 0; i < nitems(rtl8192cu_mac); i++) 3103 error = urtwn_write_1(sc, rtl8192cu_mac[i].reg, 3104 rtl8192cu_mac[i].val); 3105 if (error != USB_ERR_NORMAL_COMPLETION) 3106 return (EIO); 3107 } 3108 3109 return (0); 3110} 3111 3112static void 3113urtwn_bb_init(struct urtwn_softc *sc) 3114{ 3115 const struct urtwn_bb_prog *prog; 3116 uint32_t reg; 3117 uint8_t crystalcap; 3118 int i; 3119 3120 /* Enable BB and RF. */ 3121 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 3122 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 3123 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST | 3124 R92C_SYS_FUNC_EN_DIO_RF); 3125 3126 if (!(sc->chip & URTWN_CHIP_88E)) 3127 urtwn_write_2(sc, R92C_AFE_PLL_CTRL, 0xdb83); 3128 3129 urtwn_write_1(sc, R92C_RF_CTRL, 3130 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB); 3131 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3132 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD | 3133 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB); 3134 3135 if (!(sc->chip & URTWN_CHIP_88E)) { 3136 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f); 3137 urtwn_write_1(sc, 0x15, 0xe9); 3138 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80); 3139 } 3140 3141 /* Select BB programming based on board type. */ 3142 if (sc->chip & URTWN_CHIP_88E) 3143 prog = &rtl8188eu_bb_prog; 3144 else if (!(sc->chip & URTWN_CHIP_92C)) { 3145 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3146 prog = &rtl8188ce_bb_prog; 3147 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3148 prog = &rtl8188ru_bb_prog; 3149 else 3150 prog = &rtl8188cu_bb_prog; 3151 } else { 3152 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3153 prog = &rtl8192ce_bb_prog; 3154 else 3155 prog = &rtl8192cu_bb_prog; 3156 } 3157 /* Write BB initialization values. */ 3158 for (i = 0; i < prog->count; i++) { 3159 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]); 3160 urtwn_ms_delay(sc); 3161 } 3162 3163 if (sc->chip & URTWN_CHIP_92C_1T2R) { 3164 /* 8192C 1T only configuration. */ 3165 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO); 3166 reg = (reg & ~0x00000003) | 0x2; 3167 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg); 3168 3169 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO); 3170 reg = (reg & ~0x00300033) | 0x00200022; 3171 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg); 3172 3173 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING); 3174 reg = (reg & ~0xff000000) | 0x45 << 24; 3175 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg); 3176 3177 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA); 3178 reg = (reg & ~0x000000ff) | 0x23; 3179 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg); 3180 3181 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1); 3182 reg = (reg & ~0x00000030) | 1 << 4; 3183 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg); 3184 3185 reg = urtwn_bb_read(sc, 0xe74); 3186 reg = (reg & ~0x0c000000) | 2 << 26; 3187 urtwn_bb_write(sc, 0xe74, reg); 3188 reg = urtwn_bb_read(sc, 0xe78); 3189 reg = (reg & ~0x0c000000) | 2 << 26; 3190 urtwn_bb_write(sc, 0xe78, reg); 3191 reg = urtwn_bb_read(sc, 0xe7c); 3192 reg = (reg & ~0x0c000000) | 2 << 26; 3193 urtwn_bb_write(sc, 0xe7c, reg); 3194 reg = urtwn_bb_read(sc, 0xe80); 3195 reg = (reg & ~0x0c000000) | 2 << 26; 3196 urtwn_bb_write(sc, 0xe80, reg); 3197 reg = urtwn_bb_read(sc, 0xe88); 3198 reg = (reg & ~0x0c000000) | 2 << 26; 3199 urtwn_bb_write(sc, 0xe88, reg); 3200 } 3201 3202 /* Write AGC values. */ 3203 for (i = 0; i < prog->agccount; i++) { 3204 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE, 3205 prog->agcvals[i]); 3206 urtwn_ms_delay(sc); 3207 } 3208 3209 if (sc->chip & URTWN_CHIP_88E) { 3210 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553422); 3211 urtwn_ms_delay(sc); 3212 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553420); 3213 urtwn_ms_delay(sc); 3214 3215 crystalcap = sc->rom.r88e_rom[0xb9]; 3216 if (crystalcap == 0xff) 3217 crystalcap = 0x20; 3218 crystalcap &= 0x3f; 3219 reg = urtwn_bb_read(sc, R92C_AFE_XTAL_CTRL); 3220 urtwn_bb_write(sc, R92C_AFE_XTAL_CTRL, 3221 RW(reg, R92C_AFE_XTAL_CTRL_ADDR, 3222 crystalcap | crystalcap << 6)); 3223 } else { 3224 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) & 3225 R92C_HSSI_PARAM2_CCK_HIPWR) 3226 sc->sc_flags |= URTWN_FLAG_CCK_HIPWR; 3227 } 3228} 3229 3230static void 3231urtwn_rf_init(struct urtwn_softc *sc) 3232{ 3233 const struct urtwn_rf_prog *prog; 3234 uint32_t reg, type; 3235 int i, j, idx, off; 3236 3237 /* Select RF programming based on board type. */ 3238 if (sc->chip & URTWN_CHIP_88E) 3239 prog = rtl8188eu_rf_prog; 3240 else if (!(sc->chip & URTWN_CHIP_92C)) { 3241 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3242 prog = rtl8188ce_rf_prog; 3243 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3244 prog = rtl8188ru_rf_prog; 3245 else 3246 prog = rtl8188cu_rf_prog; 3247 } else 3248 prog = rtl8192ce_rf_prog; 3249 3250 for (i = 0; i < sc->nrxchains; i++) { 3251 /* Save RF_ENV control type. */ 3252 idx = i / 2; 3253 off = (i % 2) * 16; 3254 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 3255 type = (reg >> off) & 0x10; 3256 3257 /* Set RF_ENV enable. */ 3258 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3259 reg |= 0x100000; 3260 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3261 urtwn_ms_delay(sc); 3262 /* Set RF_ENV output high. */ 3263 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3264 reg |= 0x10; 3265 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3266 urtwn_ms_delay(sc); 3267 /* Set address and data lengths of RF registers. */ 3268 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3269 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH; 3270 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3271 urtwn_ms_delay(sc); 3272 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3273 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH; 3274 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3275 urtwn_ms_delay(sc); 3276 3277 /* Write RF initialization values for this chain. */ 3278 for (j = 0; j < prog[i].count; j++) { 3279 if (prog[i].regs[j] >= 0xf9 && 3280 prog[i].regs[j] <= 0xfe) { 3281 /* 3282 * These are fake RF registers offsets that 3283 * indicate a delay is required. 3284 */ 3285 usb_pause_mtx(&sc->sc_mtx, hz / 20); /* 50ms */ 3286 continue; 3287 } 3288 urtwn_rf_write(sc, i, prog[i].regs[j], 3289 prog[i].vals[j]); 3290 urtwn_ms_delay(sc); 3291 } 3292 3293 /* Restore RF_ENV control type. */ 3294 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 3295 reg &= ~(0x10 << off) | (type << off); 3296 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg); 3297 3298 /* Cache RF register CHNLBW. */ 3299 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW); 3300 } 3301 3302 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3303 URTWN_CHIP_UMC_A_CUT) { 3304 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255); 3305 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00); 3306 } 3307} 3308 3309static void 3310urtwn_cam_init(struct urtwn_softc *sc) 3311{ 3312 /* Invalidate all CAM entries. */ 3313 urtwn_write_4(sc, R92C_CAMCMD, 3314 R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR); 3315} 3316 3317static void 3318urtwn_pa_bias_init(struct urtwn_softc *sc) 3319{ 3320 uint8_t reg; 3321 int i; 3322 3323 for (i = 0; i < sc->nrxchains; i++) { 3324 if (sc->pa_setting & (1 << i)) 3325 continue; 3326 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406); 3327 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406); 3328 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406); 3329 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406); 3330 } 3331 if (!(sc->pa_setting & 0x10)) { 3332 reg = urtwn_read_1(sc, 0x16); 3333 reg = (reg & ~0xf0) | 0x90; 3334 urtwn_write_1(sc, 0x16, reg); 3335 } 3336} 3337 3338static void 3339urtwn_rxfilter_init(struct urtwn_softc *sc) 3340{ 3341 struct ieee80211com *ic = &sc->sc_ic; 3342 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3343 uint32_t rcr; 3344 uint16_t filter; 3345 3346 URTWN_ASSERT_LOCKED(sc); 3347 3348 /* Accept all multicast frames. */ 3349 urtwn_write_4(sc, R92C_MAR + 0, 0xffffffff); 3350 urtwn_write_4(sc, R92C_MAR + 4, 0xffffffff); 3351 3352 /* Filter for management frames. */ 3353 filter = 0x7f3f; 3354 switch (vap->iv_opmode) { 3355 case IEEE80211_M_STA: 3356 filter &= ~( 3357 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_REQ) | 3358 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_REQ) | 3359 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_PROBE_REQ)); 3360 break; 3361 case IEEE80211_M_HOSTAP: 3362 filter &= ~( 3363 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_RESP) | 3364 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_RESP) | 3365 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_BEACON)); 3366 break; 3367 case IEEE80211_M_MONITOR: 3368 case IEEE80211_M_IBSS: 3369 break; 3370 default: 3371 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 3372 __func__, vap->iv_opmode); 3373 break; 3374 } 3375 urtwn_write_2(sc, R92C_RXFLTMAP0, filter); 3376 3377 /* Reject all control frames. */ 3378 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000); 3379 3380 /* Reject all data frames. */ 3381 urtwn_write_2(sc, R92C_RXFLTMAP2, 0x0000); 3382 3383 rcr = R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_APM | 3384 R92C_RCR_HTC_LOC_CTRL | R92C_RCR_APP_PHYSTS | 3385 R92C_RCR_APP_ICV | R92C_RCR_APP_MIC; 3386 3387 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 3388 /* Accept all frames. */ 3389 rcr |= R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | 3390 R92C_RCR_AAP; 3391 } 3392 3393 /* Set Rx filter. */ 3394 urtwn_write_4(sc, R92C_RCR, rcr); 3395 3396 if (ic->ic_promisc != 0) { 3397 /* Update Rx filter. */ 3398 urtwn_set_promisc(sc); 3399 } 3400} 3401 3402static void 3403urtwn_edca_init(struct urtwn_softc *sc) 3404{ 3405 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a); 3406 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a); 3407 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a); 3408 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a); 3409 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b); 3410 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f); 3411 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324); 3412 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226); 3413} 3414 3415static void 3416urtwn_write_txpower(struct urtwn_softc *sc, int chain, 3417 uint16_t power[URTWN_RIDX_COUNT]) 3418{ 3419 uint32_t reg; 3420 3421 /* Write per-CCK rate Tx power. */ 3422 if (chain == 0) { 3423 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32); 3424 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]); 3425 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg); 3426 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3427 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]); 3428 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]); 3429 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]); 3430 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3431 } else { 3432 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32); 3433 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]); 3434 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]); 3435 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]); 3436 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg); 3437 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3438 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]); 3439 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3440 } 3441 /* Write per-OFDM rate Tx power. */ 3442 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain), 3443 SM(R92C_TXAGC_RATE06, power[ 4]) | 3444 SM(R92C_TXAGC_RATE09, power[ 5]) | 3445 SM(R92C_TXAGC_RATE12, power[ 6]) | 3446 SM(R92C_TXAGC_RATE18, power[ 7])); 3447 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain), 3448 SM(R92C_TXAGC_RATE24, power[ 8]) | 3449 SM(R92C_TXAGC_RATE36, power[ 9]) | 3450 SM(R92C_TXAGC_RATE48, power[10]) | 3451 SM(R92C_TXAGC_RATE54, power[11])); 3452 /* Write per-MCS Tx power. */ 3453 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain), 3454 SM(R92C_TXAGC_MCS00, power[12]) | 3455 SM(R92C_TXAGC_MCS01, power[13]) | 3456 SM(R92C_TXAGC_MCS02, power[14]) | 3457 SM(R92C_TXAGC_MCS03, power[15])); 3458 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain), 3459 SM(R92C_TXAGC_MCS04, power[16]) | 3460 SM(R92C_TXAGC_MCS05, power[17]) | 3461 SM(R92C_TXAGC_MCS06, power[18]) | 3462 SM(R92C_TXAGC_MCS07, power[19])); 3463 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain), 3464 SM(R92C_TXAGC_MCS08, power[20]) | 3465 SM(R92C_TXAGC_MCS09, power[21]) | 3466 SM(R92C_TXAGC_MCS10, power[22]) | 3467 SM(R92C_TXAGC_MCS11, power[23])); 3468 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain), 3469 SM(R92C_TXAGC_MCS12, power[24]) | 3470 SM(R92C_TXAGC_MCS13, power[25]) | 3471 SM(R92C_TXAGC_MCS14, power[26]) | 3472 SM(R92C_TXAGC_MCS15, power[27])); 3473} 3474 3475static void 3476urtwn_get_txpower(struct urtwn_softc *sc, int chain, 3477 struct ieee80211_channel *c, struct ieee80211_channel *extc, 3478 uint16_t power[URTWN_RIDX_COUNT]) 3479{ 3480 struct ieee80211com *ic = &sc->sc_ic; 3481 struct r92c_rom *rom = &sc->rom.r92c_rom; 3482 uint16_t cckpow, ofdmpow, htpow, diff, max; 3483 const struct urtwn_txpwr *base; 3484 int ridx, chan, group; 3485 3486 /* Determine channel group. */ 3487 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 3488 if (chan <= 3) 3489 group = 0; 3490 else if (chan <= 9) 3491 group = 1; 3492 else 3493 group = 2; 3494 3495 /* Get original Tx power based on board type and RF chain. */ 3496 if (!(sc->chip & URTWN_CHIP_92C)) { 3497 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3498 base = &rtl8188ru_txagc[chain]; 3499 else 3500 base = &rtl8192cu_txagc[chain]; 3501 } else 3502 base = &rtl8192cu_txagc[chain]; 3503 3504 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 3505 if (sc->regulatory == 0) { 3506 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 3507 power[ridx] = base->pwr[0][ridx]; 3508 } 3509 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 3510 if (sc->regulatory == 3) { 3511 power[ridx] = base->pwr[0][ridx]; 3512 /* Apply vendor limits. */ 3513 if (extc != NULL) 3514 max = rom->ht40_max_pwr[group]; 3515 else 3516 max = rom->ht20_max_pwr[group]; 3517 max = (max >> (chain * 4)) & 0xf; 3518 if (power[ridx] > max) 3519 power[ridx] = max; 3520 } else if (sc->regulatory == 1) { 3521 if (extc == NULL) 3522 power[ridx] = base->pwr[group][ridx]; 3523 } else if (sc->regulatory != 2) 3524 power[ridx] = base->pwr[0][ridx]; 3525 } 3526 3527 /* Compute per-CCK rate Tx power. */ 3528 cckpow = rom->cck_tx_pwr[chain][group]; 3529 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 3530 power[ridx] += cckpow; 3531 if (power[ridx] > R92C_MAX_TX_PWR) 3532 power[ridx] = R92C_MAX_TX_PWR; 3533 } 3534 3535 htpow = rom->ht40_1s_tx_pwr[chain][group]; 3536 if (sc->ntxchains > 1) { 3537 /* Apply reduction for 2 spatial streams. */ 3538 diff = rom->ht40_2s_tx_pwr_diff[group]; 3539 diff = (diff >> (chain * 4)) & 0xf; 3540 htpow = (htpow > diff) ? htpow - diff : 0; 3541 } 3542 3543 /* Compute per-OFDM rate Tx power. */ 3544 diff = rom->ofdm_tx_pwr_diff[group]; 3545 diff = (diff >> (chain * 4)) & 0xf; 3546 ofdmpow = htpow + diff; /* HT->OFDM correction. */ 3547 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 3548 power[ridx] += ofdmpow; 3549 if (power[ridx] > R92C_MAX_TX_PWR) 3550 power[ridx] = R92C_MAX_TX_PWR; 3551 } 3552 3553 /* Compute per-MCS Tx power. */ 3554 if (extc == NULL) { 3555 diff = rom->ht20_tx_pwr_diff[group]; 3556 diff = (diff >> (chain * 4)) & 0xf; 3557 htpow += diff; /* HT40->HT20 correction. */ 3558 } 3559 for (ridx = 12; ridx <= 27; ridx++) { 3560 power[ridx] += htpow; 3561 if (power[ridx] > R92C_MAX_TX_PWR) 3562 power[ridx] = R92C_MAX_TX_PWR; 3563 } 3564#ifdef URTWN_DEBUG 3565 if (urtwn_debug >= 4) { 3566 /* Dump per-rate Tx power values. */ 3567 printf("Tx power for chain %d:\n", chain); 3568 for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++) 3569 printf("Rate %d = %u\n", ridx, power[ridx]); 3570 } 3571#endif 3572} 3573 3574static void 3575urtwn_r88e_get_txpower(struct urtwn_softc *sc, int chain, 3576 struct ieee80211_channel *c, struct ieee80211_channel *extc, 3577 uint16_t power[URTWN_RIDX_COUNT]) 3578{ 3579 struct ieee80211com *ic = &sc->sc_ic; 3580 uint16_t cckpow, ofdmpow, bw20pow, htpow; 3581 const struct urtwn_r88e_txpwr *base; 3582 int ridx, chan, group; 3583 3584 /* Determine channel group. */ 3585 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 3586 if (chan <= 2) 3587 group = 0; 3588 else if (chan <= 5) 3589 group = 1; 3590 else if (chan <= 8) 3591 group = 2; 3592 else if (chan <= 11) 3593 group = 3; 3594 else if (chan <= 13) 3595 group = 4; 3596 else 3597 group = 5; 3598 3599 /* Get original Tx power based on board type and RF chain. */ 3600 base = &rtl8188eu_txagc[chain]; 3601 3602 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 3603 if (sc->regulatory == 0) { 3604 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 3605 power[ridx] = base->pwr[0][ridx]; 3606 } 3607 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 3608 if (sc->regulatory == 3) 3609 power[ridx] = base->pwr[0][ridx]; 3610 else if (sc->regulatory == 1) { 3611 if (extc == NULL) 3612 power[ridx] = base->pwr[group][ridx]; 3613 } else if (sc->regulatory != 2) 3614 power[ridx] = base->pwr[0][ridx]; 3615 } 3616 3617 /* Compute per-CCK rate Tx power. */ 3618 cckpow = sc->cck_tx_pwr[group]; 3619 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 3620 power[ridx] += cckpow; 3621 if (power[ridx] > R92C_MAX_TX_PWR) 3622 power[ridx] = R92C_MAX_TX_PWR; 3623 } 3624 3625 htpow = sc->ht40_tx_pwr[group]; 3626 3627 /* Compute per-OFDM rate Tx power. */ 3628 ofdmpow = htpow + sc->ofdm_tx_pwr_diff; 3629 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 3630 power[ridx] += ofdmpow; 3631 if (power[ridx] > R92C_MAX_TX_PWR) 3632 power[ridx] = R92C_MAX_TX_PWR; 3633 } 3634 3635 bw20pow = htpow + sc->bw20_tx_pwr_diff; 3636 for (ridx = 12; ridx <= 27; ridx++) { 3637 power[ridx] += bw20pow; 3638 if (power[ridx] > R92C_MAX_TX_PWR) 3639 power[ridx] = R92C_MAX_TX_PWR; 3640 } 3641} 3642 3643static void 3644urtwn_set_txpower(struct urtwn_softc *sc, struct ieee80211_channel *c, 3645 struct ieee80211_channel *extc) 3646{ 3647 uint16_t power[URTWN_RIDX_COUNT]; 3648 int i; 3649 3650 for (i = 0; i < sc->ntxchains; i++) { 3651 /* Compute per-rate Tx power values. */ 3652 if (sc->chip & URTWN_CHIP_88E) 3653 urtwn_r88e_get_txpower(sc, i, c, extc, power); 3654 else 3655 urtwn_get_txpower(sc, i, c, extc, power); 3656 /* Write per-rate Tx power values to hardware. */ 3657 urtwn_write_txpower(sc, i, power); 3658 } 3659} 3660 3661static void 3662urtwn_set_rx_bssid_all(struct urtwn_softc *sc, int enable) 3663{ 3664 uint32_t reg; 3665 3666 reg = urtwn_read_4(sc, R92C_RCR); 3667 if (enable) 3668 reg &= ~R92C_RCR_CBSSID_BCN; 3669 else 3670 reg |= R92C_RCR_CBSSID_BCN; 3671 urtwn_write_4(sc, R92C_RCR, reg); 3672} 3673 3674static void 3675urtwn_set_gain(struct urtwn_softc *sc, uint8_t gain) 3676{ 3677 uint32_t reg; 3678 3679 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 3680 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 3681 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 3682 3683 if (!(sc->chip & URTWN_CHIP_88E)) { 3684 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 3685 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 3686 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 3687 } 3688} 3689 3690static void 3691urtwn_scan_start(struct ieee80211com *ic) 3692{ 3693 struct urtwn_softc *sc = ic->ic_softc; 3694 3695 URTWN_LOCK(sc); 3696 /* Receive beacons / probe responses from any BSSID. */ 3697 if (ic->ic_opmode != IEEE80211_M_IBSS) 3698 urtwn_set_rx_bssid_all(sc, 1); 3699 3700 /* Set gain for scanning. */ 3701 urtwn_set_gain(sc, 0x20); 3702 URTWN_UNLOCK(sc); 3703} 3704 3705static void 3706urtwn_scan_end(struct ieee80211com *ic) 3707{ 3708 struct urtwn_softc *sc = ic->ic_softc; 3709 3710 URTWN_LOCK(sc); 3711 /* Restore limitations. */ 3712 if (ic->ic_promisc == 0 && ic->ic_opmode != IEEE80211_M_IBSS) 3713 urtwn_set_rx_bssid_all(sc, 0); 3714 3715 /* Set gain under link. */ 3716 urtwn_set_gain(sc, 0x32); 3717 URTWN_UNLOCK(sc); 3718} 3719 3720static void 3721urtwn_set_channel(struct ieee80211com *ic) 3722{ 3723 struct urtwn_softc *sc = ic->ic_softc; 3724 struct ieee80211_channel *c = ic->ic_curchan; 3725 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3726 3727 URTWN_LOCK(sc); 3728 if (vap->iv_state == IEEE80211_S_SCAN) { 3729 /* Make link LED blink during scan. */ 3730 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink); 3731 } 3732 urtwn_set_chan(sc, c, NULL); 3733 sc->sc_rxtap.wr_chan_freq = htole16(c->ic_freq); 3734 sc->sc_rxtap.wr_chan_flags = htole16(c->ic_flags); 3735 sc->sc_txtap.wt_chan_freq = htole16(c->ic_freq); 3736 sc->sc_txtap.wt_chan_flags = htole16(c->ic_flags); 3737 URTWN_UNLOCK(sc); 3738} 3739 3740static int 3741urtwn_wme_update(struct ieee80211com *ic) 3742{ 3743 const struct wmeParams *wmep = 3744 ic->ic_wme.wme_chanParams.cap_wmeParams; 3745 struct urtwn_softc *sc = ic->ic_softc; 3746 uint8_t aifs, acm, slottime; 3747 int ac; 3748 3749 acm = 0; 3750 slottime = IEEE80211_GET_SLOTTIME(ic); 3751 3752 URTWN_LOCK(sc); 3753 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { 3754 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 3755 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; 3756 urtwn_write_4(sc, wme2queue[ac].reg, 3757 SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) | 3758 SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) | 3759 SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) | 3760 SM(R92C_EDCA_PARAM_AIFS, aifs)); 3761 if (ac != WME_AC_BE) 3762 acm |= wmep[ac].wmep_acm << ac; 3763 } 3764 3765 if (acm != 0) 3766 acm |= R92C_ACMHWCTRL_EN; 3767 urtwn_write_1(sc, R92C_ACMHWCTRL, 3768 (urtwn_read_1(sc, R92C_ACMHWCTRL) & ~R92C_ACMHWCTRL_ACM_MASK) | 3769 acm); 3770 3771 URTWN_UNLOCK(sc); 3772 3773 return 0; 3774} 3775 3776static void 3777urtwn_set_promisc(struct urtwn_softc *sc) 3778{ 3779 struct ieee80211com *ic = &sc->sc_ic; 3780 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3781 uint32_t rcr, mask1, mask2; 3782 3783 URTWN_ASSERT_LOCKED(sc); 3784 3785 if (vap->iv_opmode == IEEE80211_M_MONITOR) 3786 return; 3787 3788 mask1 = R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | R92C_RCR_AAP; 3789 mask2 = R92C_RCR_APM; 3790 3791 if (vap->iv_state == IEEE80211_S_RUN) { 3792 switch (vap->iv_opmode) { 3793 case IEEE80211_M_STA: 3794 mask2 |= R92C_RCR_CBSSID_DATA; 3795 /* FALLTHROUGH */ 3796 case IEEE80211_M_HOSTAP: 3797 mask2 |= R92C_RCR_CBSSID_BCN; 3798 break; 3799 case IEEE80211_M_IBSS: 3800 mask2 |= R92C_RCR_CBSSID_DATA; 3801 break; 3802 default: 3803 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 3804 __func__, vap->iv_opmode); 3805 return; 3806 } 3807 } 3808 3809 rcr = urtwn_read_4(sc, R92C_RCR); 3810 if (ic->ic_promisc == 0) 3811 rcr = (rcr & ~mask1) | mask2; 3812 else 3813 rcr = (rcr & ~mask2) | mask1; 3814 urtwn_write_4(sc, R92C_RCR, rcr); 3815} 3816 3817static void 3818urtwn_update_promisc(struct ieee80211com *ic) 3819{ 3820 struct urtwn_softc *sc = ic->ic_softc; 3821 3822 URTWN_LOCK(sc); 3823 if (sc->sc_flags & URTWN_RUNNING) 3824 urtwn_set_promisc(sc); 3825 URTWN_UNLOCK(sc); 3826} 3827 3828static void 3829urtwn_update_mcast(struct ieee80211com *ic) 3830{ 3831 /* XXX do nothing? */ 3832} 3833 3834static struct ieee80211_node * 3835urtwn_r88e_node_alloc(struct ieee80211vap *vap, 3836 const uint8_t mac[IEEE80211_ADDR_LEN]) 3837{ 3838 struct urtwn_node *un; 3839 3840 un = malloc(sizeof (struct urtwn_node), M_80211_NODE, 3841 M_NOWAIT | M_ZERO); 3842 3843 if (un == NULL) 3844 return NULL; 3845 3846 un->id = URTWN_MACID_UNDEFINED; 3847 3848 return &un->ni; 3849} 3850 3851static void 3852urtwn_r88e_newassoc(struct ieee80211_node *ni, int isnew) 3853{ 3854 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 3855 struct urtwn_node *un = URTWN_NODE(ni); 3856 uint8_t id; 3857 3858 if (!isnew) 3859 return; 3860 3861 URTWN_NT_LOCK(sc); 3862 for (id = 0; id <= URTWN_MACID_MAX(sc); id++) { 3863 if (id != URTWN_MACID_BC && sc->node_list[id] == NULL) { 3864 un->id = id; 3865 sc->node_list[id] = ni; 3866 break; 3867 } 3868 } 3869 URTWN_NT_UNLOCK(sc); 3870 3871 if (id > URTWN_MACID_MAX(sc)) { 3872 device_printf(sc->sc_dev, "%s: node table is full\n", 3873 __func__); 3874 } 3875} 3876 3877static void 3878urtwn_r88e_node_free(struct ieee80211_node *ni) 3879{ 3880 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 3881 struct urtwn_node *un = URTWN_NODE(ni); 3882 3883 URTWN_NT_LOCK(sc); 3884 if (un->id != URTWN_MACID_UNDEFINED) 3885 sc->node_list[un->id] = NULL; 3886 URTWN_NT_UNLOCK(sc); 3887 3888 sc->sc_node_free(ni); 3889} 3890 3891static void 3892urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c, 3893 struct ieee80211_channel *extc) 3894{ 3895 struct ieee80211com *ic = &sc->sc_ic; 3896 uint32_t reg; 3897 u_int chan; 3898 int i; 3899 3900 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 3901 if (chan == 0 || chan == IEEE80211_CHAN_ANY) { 3902 device_printf(sc->sc_dev, 3903 "%s: invalid channel %x\n", __func__, chan); 3904 return; 3905 } 3906 3907 /* Set Tx power for this new channel. */ 3908 urtwn_set_txpower(sc, c, extc); 3909 3910 for (i = 0; i < sc->nrxchains; i++) { 3911 urtwn_rf_write(sc, i, R92C_RF_CHNLBW, 3912 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan)); 3913 } 3914#ifndef IEEE80211_NO_HT 3915 if (extc != NULL) { 3916 /* Is secondary channel below or above primary? */ 3917 int prichlo = c->ic_freq < extc->ic_freq; 3918 3919 urtwn_write_1(sc, R92C_BWOPMODE, 3920 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ); 3921 3922 reg = urtwn_read_1(sc, R92C_RRSR + 2); 3923 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5; 3924 urtwn_write_1(sc, R92C_RRSR + 2, reg); 3925 3926 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 3927 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ); 3928 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 3929 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ); 3930 3931 /* Set CCK side band. */ 3932 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM); 3933 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4; 3934 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg); 3935 3936 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF); 3937 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10; 3938 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg); 3939 3940 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 3941 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) & 3942 ~R92C_FPGA0_ANAPARAM2_CBW20); 3943 3944 reg = urtwn_bb_read(sc, 0x818); 3945 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26; 3946 urtwn_bb_write(sc, 0x818, reg); 3947 3948 /* Select 40MHz bandwidth. */ 3949 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 3950 (sc->rf_chnlbw[0] & ~0xfff) | chan); 3951 } else 3952#endif 3953 { 3954 urtwn_write_1(sc, R92C_BWOPMODE, 3955 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ); 3956 3957 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 3958 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ); 3959 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 3960 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ); 3961 3962 if (!(sc->chip & URTWN_CHIP_88E)) { 3963 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 3964 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) | 3965 R92C_FPGA0_ANAPARAM2_CBW20); 3966 } 3967 3968 /* Select 20MHz bandwidth. */ 3969 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 3970 (sc->rf_chnlbw[0] & ~0xfff) | chan | 3971 ((sc->chip & URTWN_CHIP_88E) ? R88E_RF_CHNLBW_BW20 : 3972 R92C_RF_CHNLBW_BW20)); 3973 } 3974} 3975 3976static void 3977urtwn_iq_calib(struct urtwn_softc *sc) 3978{ 3979 /* TODO */ 3980} 3981 3982static void 3983urtwn_lc_calib(struct urtwn_softc *sc) 3984{ 3985 uint32_t rf_ac[2]; 3986 uint8_t txmode; 3987 int i; 3988 3989 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3); 3990 if ((txmode & 0x70) != 0) { 3991 /* Disable all continuous Tx. */ 3992 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70); 3993 3994 /* Set RF mode to standby mode. */ 3995 for (i = 0; i < sc->nrxchains; i++) { 3996 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC); 3997 urtwn_rf_write(sc, i, R92C_RF_AC, 3998 RW(rf_ac[i], R92C_RF_AC_MODE, 3999 R92C_RF_AC_MODE_STANDBY)); 4000 } 4001 } else { 4002 /* Block all Tx queues. */ 4003 urtwn_write_1(sc, R92C_TXPAUSE, 0xff); 4004 } 4005 /* Start calibration. */ 4006 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 4007 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART); 4008 4009 /* Give calibration the time to complete. */ 4010 usb_pause_mtx(&sc->sc_mtx, hz / 10); /* 100ms */ 4011 4012 /* Restore configuration. */ 4013 if ((txmode & 0x70) != 0) { 4014 /* Restore Tx mode. */ 4015 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode); 4016 /* Restore RF mode. */ 4017 for (i = 0; i < sc->nrxchains; i++) 4018 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]); 4019 } else { 4020 /* Unblock all Tx queues. */ 4021 urtwn_write_1(sc, R92C_TXPAUSE, 0x00); 4022 } 4023} 4024 4025static int 4026urtwn_init(struct urtwn_softc *sc) 4027{ 4028 struct ieee80211com *ic = &sc->sc_ic; 4029 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4030 uint8_t macaddr[IEEE80211_ADDR_LEN]; 4031 uint32_t reg; 4032 usb_error_t usb_err = USB_ERR_NORMAL_COMPLETION; 4033 int error; 4034 4035 URTWN_LOCK(sc); 4036 if (sc->sc_flags & URTWN_RUNNING) { 4037 URTWN_UNLOCK(sc); 4038 return (0); 4039 } 4040 4041 /* Init firmware commands ring. */ 4042 sc->fwcur = 0; 4043 4044 /* Allocate Tx/Rx buffers. */ 4045 error = urtwn_alloc_rx_list(sc); 4046 if (error != 0) 4047 goto fail; 4048 4049 error = urtwn_alloc_tx_list(sc); 4050 if (error != 0) 4051 goto fail; 4052 4053 /* Power on adapter. */ 4054 error = urtwn_power_on(sc); 4055 if (error != 0) 4056 goto fail; 4057 4058 /* Initialize DMA. */ 4059 error = urtwn_dma_init(sc); 4060 if (error != 0) 4061 goto fail; 4062 4063 /* Set info size in Rx descriptors (in 64-bit words). */ 4064 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4); 4065 4066 /* Init interrupts. */ 4067 if (sc->chip & URTWN_CHIP_88E) { 4068 usb_err = urtwn_write_4(sc, R88E_HISR, 0xffffffff); 4069 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4070 goto fail; 4071 usb_err = urtwn_write_4(sc, R88E_HIMR, R88E_HIMR_CPWM | R88E_HIMR_CPWM2 | 4072 R88E_HIMR_TBDER | R88E_HIMR_PSTIMEOUT); 4073 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4074 goto fail; 4075 usb_err = urtwn_write_4(sc, R88E_HIMRE, R88E_HIMRE_RXFOVW | 4076 R88E_HIMRE_TXFOVW | R88E_HIMRE_RXERR | R88E_HIMRE_TXERR); 4077 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4078 goto fail; 4079 usb_err = urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 4080 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 4081 R92C_USB_SPECIAL_OPTION_INT_BULK_SEL); 4082 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4083 goto fail; 4084 } else { 4085 usb_err = urtwn_write_4(sc, R92C_HISR, 0xffffffff); 4086 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4087 goto fail; 4088 usb_err = urtwn_write_4(sc, R92C_HIMR, 0xffffffff); 4089 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4090 goto fail; 4091 } 4092 4093 /* Set MAC address. */ 4094 IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr); 4095 usb_err = urtwn_write_region_1(sc, R92C_MACID, macaddr, IEEE80211_ADDR_LEN); 4096 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4097 goto fail; 4098 4099 /* Set initial network type. */ 4100 urtwn_set_mode(sc, R92C_MSR_INFRA); 4101 4102 /* Initialize Rx filter. */ 4103 urtwn_rxfilter_init(sc); 4104 4105 /* Set response rate. */ 4106 reg = urtwn_read_4(sc, R92C_RRSR); 4107 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M); 4108 urtwn_write_4(sc, R92C_RRSR, reg); 4109 4110 /* Set short/long retry limits. */ 4111 urtwn_write_2(sc, R92C_RL, 4112 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30)); 4113 4114 /* Initialize EDCA parameters. */ 4115 urtwn_edca_init(sc); 4116 4117 /* Setup rate fallback. */ 4118 if (!(sc->chip & URTWN_CHIP_88E)) { 4119 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000); 4120 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404); 4121 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201); 4122 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605); 4123 } 4124 4125 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL, 4126 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) | 4127 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW); 4128 /* Set ACK timeout. */ 4129 urtwn_write_1(sc, R92C_ACKTO, 0x40); 4130 4131 /* Setup USB aggregation. */ 4132 reg = urtwn_read_4(sc, R92C_TDECTRL); 4133 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6); 4134 urtwn_write_4(sc, R92C_TDECTRL, reg); 4135 urtwn_write_1(sc, R92C_TRXDMA_CTRL, 4136 urtwn_read_1(sc, R92C_TRXDMA_CTRL) | 4137 R92C_TRXDMA_CTRL_RXDMA_AGG_EN); 4138 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48); 4139 if (sc->chip & URTWN_CHIP_88E) 4140 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH + 1, 4); 4141 else { 4142 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4); 4143 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 4144 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 4145 R92C_USB_SPECIAL_OPTION_AGG_EN); 4146 urtwn_write_1(sc, R92C_USB_AGG_TH, 8); 4147 urtwn_write_1(sc, R92C_USB_AGG_TO, 6); 4148 } 4149 4150 /* Initialize beacon parameters. */ 4151 urtwn_write_2(sc, R92C_BCN_CTRL, 0x1010); 4152 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404); 4153 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05); 4154 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02); 4155 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f); 4156 4157 if (!(sc->chip & URTWN_CHIP_88E)) { 4158 /* Setup AMPDU aggregation. */ 4159 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */ 4160 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16); 4161 urtwn_write_2(sc, R92C_MAX_AGGR_NUM, 0x0708); 4162 4163 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff); 4164 } 4165 4166 /* Load 8051 microcode. */ 4167 error = urtwn_load_firmware(sc); 4168 if (error != 0) 4169 goto fail; 4170 4171 /* Initialize MAC/BB/RF blocks. */ 4172 error = urtwn_mac_init(sc); 4173 if (error != 0) { 4174 device_printf(sc->sc_dev, 4175 "%s: error while initializing MAC block\n", __func__); 4176 goto fail; 4177 } 4178 urtwn_bb_init(sc); 4179 urtwn_rf_init(sc); 4180 4181 /* Reinitialize Rx filter (D3845 is not committed yet). */ 4182 urtwn_rxfilter_init(sc); 4183 4184 if (sc->chip & URTWN_CHIP_88E) { 4185 urtwn_write_2(sc, R92C_CR, 4186 urtwn_read_2(sc, R92C_CR) | R92C_CR_MACTXEN | 4187 R92C_CR_MACRXEN); 4188 } 4189 4190 /* Turn CCK and OFDM blocks on. */ 4191 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 4192 reg |= R92C_RFMOD_CCK_EN; 4193 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 4194 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4195 goto fail; 4196 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 4197 reg |= R92C_RFMOD_OFDM_EN; 4198 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 4199 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4200 goto fail; 4201 4202 /* Clear per-station keys table. */ 4203 urtwn_cam_init(sc); 4204 4205 /* Enable hardware sequence numbering. */ 4206 urtwn_write_1(sc, R92C_HWSEQ_CTRL, 0xff); 4207 4208 /* Enable per-packet TX report. */ 4209 if (sc->chip & URTWN_CHIP_88E) { 4210 urtwn_write_1(sc, R88E_TX_RPT_CTRL, 4211 urtwn_read_1(sc, R88E_TX_RPT_CTRL) | R88E_TX_RPT1_ENA); 4212 } 4213 4214 /* Perform LO and IQ calibrations. */ 4215 urtwn_iq_calib(sc); 4216 /* Perform LC calibration. */ 4217 urtwn_lc_calib(sc); 4218 4219 /* Fix USB interference issue. */ 4220 if (!(sc->chip & URTWN_CHIP_88E)) { 4221 urtwn_write_1(sc, 0xfe40, 0xe0); 4222 urtwn_write_1(sc, 0xfe41, 0x8d); 4223 urtwn_write_1(sc, 0xfe42, 0x80); 4224 4225 urtwn_pa_bias_init(sc); 4226 } 4227 4228 /* Initialize GPIO setting. */ 4229 urtwn_write_1(sc, R92C_GPIO_MUXCFG, 4230 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT); 4231 4232 /* Fix for lower temperature. */ 4233 if (!(sc->chip & URTWN_CHIP_88E)) 4234 urtwn_write_1(sc, 0x15, 0xe9); 4235 4236 usbd_transfer_start(sc->sc_xfer[URTWN_BULK_RX]); 4237 4238 sc->sc_flags |= URTWN_RUNNING; 4239 4240 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 4241fail: 4242 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4243 error = EIO; 4244 4245 URTWN_UNLOCK(sc); 4246 4247 return (error); 4248} 4249 4250static void 4251urtwn_stop(struct urtwn_softc *sc) 4252{ 4253 4254 URTWN_LOCK(sc); 4255 if (!(sc->sc_flags & URTWN_RUNNING)) { 4256 URTWN_UNLOCK(sc); 4257 return; 4258 } 4259 4260 sc->sc_flags &= ~URTWN_RUNNING; 4261 callout_stop(&sc->sc_watchdog_ch); 4262 urtwn_abort_xfers(sc); 4263 4264 urtwn_drain_mbufq(sc); 4265 URTWN_UNLOCK(sc); 4266} 4267 4268static void 4269urtwn_abort_xfers(struct urtwn_softc *sc) 4270{ 4271 int i; 4272 4273 URTWN_ASSERT_LOCKED(sc); 4274 4275 /* abort any pending transfers */ 4276 for (i = 0; i < URTWN_N_TRANSFER; i++) 4277 usbd_transfer_stop(sc->sc_xfer[i]); 4278} 4279 4280static int 4281urtwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 4282 const struct ieee80211_bpf_params *params) 4283{ 4284 struct ieee80211com *ic = ni->ni_ic; 4285 struct urtwn_softc *sc = ic->ic_softc; 4286 struct urtwn_data *bf; 4287 int error; 4288 4289 /* prevent management frames from being sent if we're not ready */ 4290 URTWN_LOCK(sc); 4291 if (!(sc->sc_flags & URTWN_RUNNING)) { 4292 error = ENETDOWN; 4293 goto end; 4294 } 4295 4296 bf = urtwn_getbuf(sc); 4297 if (bf == NULL) { 4298 error = ENOBUFS; 4299 goto end; 4300 } 4301 4302 if ((error = urtwn_tx_data(sc, ni, m, bf)) != 0) { 4303 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 4304 goto end; 4305 } 4306 4307 sc->sc_txtimer = 5; 4308 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 4309 4310end: 4311 if (error != 0) 4312 m_freem(m); 4313 4314 URTWN_UNLOCK(sc); 4315 4316 return (error); 4317} 4318 4319static void 4320urtwn_ms_delay(struct urtwn_softc *sc) 4321{ 4322 usb_pause_mtx(&sc->sc_mtx, hz / 1000); 4323} 4324 4325static device_method_t urtwn_methods[] = { 4326 /* Device interface */ 4327 DEVMETHOD(device_probe, urtwn_match), 4328 DEVMETHOD(device_attach, urtwn_attach), 4329 DEVMETHOD(device_detach, urtwn_detach), 4330 4331 DEVMETHOD_END 4332}; 4333 4334static driver_t urtwn_driver = { 4335 "urtwn", 4336 urtwn_methods, 4337 sizeof(struct urtwn_softc) 4338}; 4339 4340static devclass_t urtwn_devclass; 4341 4342DRIVER_MODULE(urtwn, uhub, urtwn_driver, urtwn_devclass, NULL, NULL); 4343MODULE_DEPEND(urtwn, usb, 1, 1, 1); 4344MODULE_DEPEND(urtwn, wlan, 1, 1, 1); 4345MODULE_DEPEND(urtwn, firmware, 1, 1, 1); 4346MODULE_VERSION(urtwn, 1); 4347USB_PNP_HOST_INFO(urtwn_devs); 4348