if_urtwn.c revision 292221
1/* $OpenBSD: if_urtwn.c,v 1.16 2011/02/10 17:26:40 jakemsr Exp $ */ 2 3/*- 4 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2014 Kevin Lo <kevlo@FreeBSD.org> 6 * Copyright (c) 2015 Andriy Voskoboinyk <avos@FreeBSD.org> 7 * 8 * Permission to use, copy, modify, and distribute this software for any 9 * purpose with or without fee is hereby granted, provided that the above 10 * copyright notice and this permission notice appear in all copies. 11 * 12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 */ 20 21#include <sys/cdefs.h> 22__FBSDID("$FreeBSD: head/sys/dev/usb/wlan/if_urtwn.c 292221 2015-12-14 20:39:38Z avos $"); 23 24/* 25 * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188EU/RTL8188RU/RTL8192CU. 26 */ 27 28#include "opt_wlan.h" 29 30#include <sys/param.h> 31#include <sys/sockio.h> 32#include <sys/sysctl.h> 33#include <sys/lock.h> 34#include <sys/mutex.h> 35#include <sys/condvar.h> 36#include <sys/mbuf.h> 37#include <sys/kernel.h> 38#include <sys/socket.h> 39#include <sys/systm.h> 40#include <sys/malloc.h> 41#include <sys/module.h> 42#include <sys/bus.h> 43#include <sys/endian.h> 44#include <sys/linker.h> 45#include <sys/firmware.h> 46#include <sys/kdb.h> 47 48#include <machine/bus.h> 49#include <machine/resource.h> 50#include <sys/rman.h> 51 52#include <net/bpf.h> 53#include <net/if.h> 54#include <net/if_var.h> 55#include <net/if_arp.h> 56#include <net/ethernet.h> 57#include <net/if_dl.h> 58#include <net/if_media.h> 59#include <net/if_types.h> 60 61#include <netinet/in.h> 62#include <netinet/in_systm.h> 63#include <netinet/in_var.h> 64#include <netinet/if_ether.h> 65#include <netinet/ip.h> 66 67#include <net80211/ieee80211_var.h> 68#include <net80211/ieee80211_input.h> 69#include <net80211/ieee80211_regdomain.h> 70#include <net80211/ieee80211_radiotap.h> 71#include <net80211/ieee80211_ratectl.h> 72 73#include <dev/usb/usb.h> 74#include <dev/usb/usbdi.h> 75#include <dev/usb/usb_device.h> 76#include "usbdevs.h" 77 78#define USB_DEBUG_VAR urtwn_debug 79#include <dev/usb/usb_debug.h> 80 81#include <dev/usb/wlan/if_urtwnreg.h> 82#include <dev/usb/wlan/if_urtwnvar.h> 83 84#ifdef USB_DEBUG 85static int urtwn_debug = 0; 86 87SYSCTL_NODE(_hw_usb, OID_AUTO, urtwn, CTLFLAG_RW, 0, "USB urtwn"); 88SYSCTL_INT(_hw_usb_urtwn, OID_AUTO, debug, CTLFLAG_RWTUN, &urtwn_debug, 0, 89 "Debug level"); 90#endif 91 92#define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh) 93 94/* various supported device vendors/products */ 95static const STRUCT_USB_HOST_ID urtwn_devs[] = { 96#define URTWN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 97#define URTWN_RTL8188E_DEV(v,p) \ 98 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, URTWN_RTL8188E) } 99#define URTWN_RTL8188E 1 100 URTWN_DEV(ABOCOM, RTL8188CU_1), 101 URTWN_DEV(ABOCOM, RTL8188CU_2), 102 URTWN_DEV(ABOCOM, RTL8192CU), 103 URTWN_DEV(ASUS, RTL8192CU), 104 URTWN_DEV(ASUS, USBN10NANO), 105 URTWN_DEV(AZUREWAVE, RTL8188CE_1), 106 URTWN_DEV(AZUREWAVE, RTL8188CE_2), 107 URTWN_DEV(AZUREWAVE, RTL8188CU), 108 URTWN_DEV(BELKIN, F7D2102), 109 URTWN_DEV(BELKIN, RTL8188CU), 110 URTWN_DEV(BELKIN, RTL8192CU), 111 URTWN_DEV(CHICONY, RTL8188CUS_1), 112 URTWN_DEV(CHICONY, RTL8188CUS_2), 113 URTWN_DEV(CHICONY, RTL8188CUS_3), 114 URTWN_DEV(CHICONY, RTL8188CUS_4), 115 URTWN_DEV(CHICONY, RTL8188CUS_5), 116 URTWN_DEV(COREGA, RTL8192CU), 117 URTWN_DEV(DLINK, RTL8188CU), 118 URTWN_DEV(DLINK, RTL8192CU_1), 119 URTWN_DEV(DLINK, RTL8192CU_2), 120 URTWN_DEV(DLINK, RTL8192CU_3), 121 URTWN_DEV(DLINK, DWA131B), 122 URTWN_DEV(EDIMAX, EW7811UN), 123 URTWN_DEV(EDIMAX, RTL8192CU), 124 URTWN_DEV(FEIXUN, RTL8188CU), 125 URTWN_DEV(FEIXUN, RTL8192CU), 126 URTWN_DEV(GUILLEMOT, HWNUP150), 127 URTWN_DEV(HAWKING, RTL8192CU), 128 URTWN_DEV(HP3, RTL8188CU), 129 URTWN_DEV(NETGEAR, WNA1000M), 130 URTWN_DEV(NETGEAR, RTL8192CU), 131 URTWN_DEV(NETGEAR4, RTL8188CU), 132 URTWN_DEV(NOVATECH, RTL8188CU), 133 URTWN_DEV(PLANEX2, RTL8188CU_1), 134 URTWN_DEV(PLANEX2, RTL8188CU_2), 135 URTWN_DEV(PLANEX2, RTL8188CU_3), 136 URTWN_DEV(PLANEX2, RTL8188CU_4), 137 URTWN_DEV(PLANEX2, RTL8188CUS), 138 URTWN_DEV(PLANEX2, RTL8192CU), 139 URTWN_DEV(REALTEK, RTL8188CE_0), 140 URTWN_DEV(REALTEK, RTL8188CE_1), 141 URTWN_DEV(REALTEK, RTL8188CTV), 142 URTWN_DEV(REALTEK, RTL8188CU_0), 143 URTWN_DEV(REALTEK, RTL8188CU_1), 144 URTWN_DEV(REALTEK, RTL8188CU_2), 145 URTWN_DEV(REALTEK, RTL8188CU_3), 146 URTWN_DEV(REALTEK, RTL8188CU_COMBO), 147 URTWN_DEV(REALTEK, RTL8188CUS), 148 URTWN_DEV(REALTEK, RTL8188RU_1), 149 URTWN_DEV(REALTEK, RTL8188RU_2), 150 URTWN_DEV(REALTEK, RTL8188RU_3), 151 URTWN_DEV(REALTEK, RTL8191CU), 152 URTWN_DEV(REALTEK, RTL8192CE), 153 URTWN_DEV(REALTEK, RTL8192CU), 154 URTWN_DEV(SITECOMEU, RTL8188CU_1), 155 URTWN_DEV(SITECOMEU, RTL8188CU_2), 156 URTWN_DEV(SITECOMEU, RTL8192CU), 157 URTWN_DEV(TRENDNET, RTL8188CU), 158 URTWN_DEV(TRENDNET, RTL8192CU), 159 URTWN_DEV(ZYXEL, RTL8192CU), 160 /* URTWN_RTL8188E */ 161 URTWN_RTL8188E_DEV(DLINK, DWA123D1), 162 URTWN_RTL8188E_DEV(DLINK, DWA125D1), 163 URTWN_RTL8188E_DEV(ELECOM, WDC150SU2M), 164 URTWN_RTL8188E_DEV(REALTEK, RTL8188ETV), 165 URTWN_RTL8188E_DEV(REALTEK, RTL8188EU), 166#undef URTWN_RTL8188E_DEV 167#undef URTWN_DEV 168}; 169 170static device_probe_t urtwn_match; 171static device_attach_t urtwn_attach; 172static device_detach_t urtwn_detach; 173 174static usb_callback_t urtwn_bulk_tx_callback; 175static usb_callback_t urtwn_bulk_rx_callback; 176 177static void urtwn_drain_mbufq(struct urtwn_softc *sc); 178static usb_error_t urtwn_do_request(struct urtwn_softc *, 179 struct usb_device_request *, void *); 180static struct ieee80211vap *urtwn_vap_create(struct ieee80211com *, 181 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 182 const uint8_t [IEEE80211_ADDR_LEN], 183 const uint8_t [IEEE80211_ADDR_LEN]); 184static void urtwn_vap_delete(struct ieee80211vap *); 185static struct mbuf * urtwn_rx_copy_to_mbuf(struct urtwn_softc *, 186 struct r92c_rx_stat *, int); 187static struct mbuf * urtwn_report_intr(struct usb_xfer *, 188 struct urtwn_data *); 189static struct mbuf * urtwn_rxeof(struct urtwn_softc *, uint8_t *, int); 190static void urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *, 191 void *); 192static struct ieee80211_node *urtwn_rx_frame(struct urtwn_softc *, 193 struct mbuf *, int8_t *); 194static void urtwn_txeof(struct urtwn_softc *, struct urtwn_data *, 195 int); 196static int urtwn_alloc_list(struct urtwn_softc *, 197 struct urtwn_data[], int, int); 198static int urtwn_alloc_rx_list(struct urtwn_softc *); 199static int urtwn_alloc_tx_list(struct urtwn_softc *); 200static void urtwn_free_list(struct urtwn_softc *, 201 struct urtwn_data data[], int); 202static void urtwn_free_rx_list(struct urtwn_softc *); 203static void urtwn_free_tx_list(struct urtwn_softc *); 204static struct urtwn_data * _urtwn_getbuf(struct urtwn_softc *); 205static struct urtwn_data * urtwn_getbuf(struct urtwn_softc *); 206static usb_error_t urtwn_write_region_1(struct urtwn_softc *, uint16_t, 207 uint8_t *, int); 208static usb_error_t urtwn_write_1(struct urtwn_softc *, uint16_t, uint8_t); 209static usb_error_t urtwn_write_2(struct urtwn_softc *, uint16_t, uint16_t); 210static usb_error_t urtwn_write_4(struct urtwn_softc *, uint16_t, uint32_t); 211static usb_error_t urtwn_read_region_1(struct urtwn_softc *, uint16_t, 212 uint8_t *, int); 213static uint8_t urtwn_read_1(struct urtwn_softc *, uint16_t); 214static uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t); 215static uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t); 216static int urtwn_fw_cmd(struct urtwn_softc *, uint8_t, 217 const void *, int); 218static void urtwn_cmdq_cb(void *, int); 219static int urtwn_cmd_sleepable(struct urtwn_softc *, const void *, 220 size_t, CMD_FUNC_PROTO); 221static void urtwn_r92c_rf_write(struct urtwn_softc *, int, 222 uint8_t, uint32_t); 223static void urtwn_r88e_rf_write(struct urtwn_softc *, int, 224 uint8_t, uint32_t); 225static uint32_t urtwn_rf_read(struct urtwn_softc *, int, uint8_t); 226static int urtwn_llt_write(struct urtwn_softc *, uint32_t, 227 uint32_t); 228static int urtwn_efuse_read_next(struct urtwn_softc *, uint8_t *); 229static int urtwn_efuse_read_data(struct urtwn_softc *, uint8_t *, 230 uint8_t, uint8_t); 231#ifdef URTWN_DEBUG 232static void urtwn_dump_rom_contents(struct urtwn_softc *, 233 uint8_t *, uint16_t); 234#endif 235static int urtwn_efuse_read(struct urtwn_softc *, uint8_t *, 236 uint16_t); 237static int urtwn_efuse_switch_power(struct urtwn_softc *); 238static int urtwn_read_chipid(struct urtwn_softc *); 239static int urtwn_read_rom(struct urtwn_softc *); 240static int urtwn_r88e_read_rom(struct urtwn_softc *); 241static int urtwn_ra_init(struct urtwn_softc *); 242static void urtwn_init_beacon(struct urtwn_softc *, 243 struct urtwn_vap *); 244static int urtwn_setup_beacon(struct urtwn_softc *, 245 struct ieee80211_node *); 246static void urtwn_update_beacon(struct ieee80211vap *, int); 247static int urtwn_tx_beacon(struct urtwn_softc *sc, 248 struct urtwn_vap *); 249static int urtwn_key_alloc(struct ieee80211vap *, 250 struct ieee80211_key *, ieee80211_keyix *, 251 ieee80211_keyix *); 252static void urtwn_key_set_cb(struct urtwn_softc *, 253 union sec_param *); 254static void urtwn_key_del_cb(struct urtwn_softc *, 255 union sec_param *); 256static int urtwn_key_set(struct ieee80211vap *, 257 const struct ieee80211_key *); 258static int urtwn_key_delete(struct ieee80211vap *, 259 const struct ieee80211_key *); 260static void urtwn_tsf_task_adhoc(void *, int); 261static void urtwn_tsf_sync_enable(struct urtwn_softc *, 262 struct ieee80211vap *); 263static void urtwn_get_tsf(struct urtwn_softc *, uint64_t *); 264static void urtwn_set_led(struct urtwn_softc *, int, int); 265static void urtwn_set_mode(struct urtwn_softc *, uint8_t); 266static void urtwn_ibss_recv_mgmt(struct ieee80211_node *, 267 struct mbuf *, int, 268 const struct ieee80211_rx_stats *, int, int); 269static int urtwn_newstate(struct ieee80211vap *, 270 enum ieee80211_state, int); 271static void urtwn_watchdog(void *); 272static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t); 273static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *); 274static int8_t urtwn_r88e_get_rssi(struct urtwn_softc *, int, void *); 275static int urtwn_tx_data(struct urtwn_softc *, 276 struct ieee80211_node *, struct mbuf *, 277 struct urtwn_data *); 278static int urtwn_tx_raw(struct urtwn_softc *, 279 struct ieee80211_node *, struct mbuf *, 280 struct urtwn_data *, 281 const struct ieee80211_bpf_params *); 282static void urtwn_tx_start(struct urtwn_softc *, struct mbuf *, 283 uint8_t, struct urtwn_data *); 284static int urtwn_transmit(struct ieee80211com *, struct mbuf *); 285static void urtwn_start(struct urtwn_softc *); 286static void urtwn_parent(struct ieee80211com *); 287static int urtwn_r92c_power_on(struct urtwn_softc *); 288static int urtwn_r88e_power_on(struct urtwn_softc *); 289static int urtwn_llt_init(struct urtwn_softc *); 290static void urtwn_fw_reset(struct urtwn_softc *); 291static void urtwn_r88e_fw_reset(struct urtwn_softc *); 292static int urtwn_fw_loadpage(struct urtwn_softc *, int, 293 const uint8_t *, int); 294static int urtwn_load_firmware(struct urtwn_softc *); 295static int urtwn_dma_init(struct urtwn_softc *); 296static int urtwn_mac_init(struct urtwn_softc *); 297static void urtwn_bb_init(struct urtwn_softc *); 298static void urtwn_rf_init(struct urtwn_softc *); 299static void urtwn_cam_init(struct urtwn_softc *); 300static int urtwn_cam_write(struct urtwn_softc *, uint32_t, 301 uint32_t); 302static void urtwn_pa_bias_init(struct urtwn_softc *); 303static void urtwn_rxfilter_init(struct urtwn_softc *); 304static void urtwn_edca_init(struct urtwn_softc *); 305static void urtwn_write_txpower(struct urtwn_softc *, int, 306 uint16_t[]); 307static void urtwn_get_txpower(struct urtwn_softc *, int, 308 struct ieee80211_channel *, 309 struct ieee80211_channel *, uint16_t[]); 310static void urtwn_r88e_get_txpower(struct urtwn_softc *, int, 311 struct ieee80211_channel *, 312 struct ieee80211_channel *, uint16_t[]); 313static void urtwn_set_txpower(struct urtwn_softc *, 314 struct ieee80211_channel *, 315 struct ieee80211_channel *); 316static void urtwn_set_rx_bssid_all(struct urtwn_softc *, int); 317static void urtwn_set_gain(struct urtwn_softc *, uint8_t); 318static void urtwn_scan_start(struct ieee80211com *); 319static void urtwn_scan_end(struct ieee80211com *); 320static void urtwn_set_channel(struct ieee80211com *); 321static int urtwn_wme_update(struct ieee80211com *); 322static void urtwn_set_promisc(struct urtwn_softc *); 323static void urtwn_update_promisc(struct ieee80211com *); 324static void urtwn_update_mcast(struct ieee80211com *); 325static struct ieee80211_node *urtwn_r88e_node_alloc(struct ieee80211vap *, 326 const uint8_t mac[IEEE80211_ADDR_LEN]); 327static void urtwn_r88e_newassoc(struct ieee80211_node *, int); 328static void urtwn_r88e_node_free(struct ieee80211_node *); 329static void urtwn_set_chan(struct urtwn_softc *, 330 struct ieee80211_channel *, 331 struct ieee80211_channel *); 332static void urtwn_iq_calib(struct urtwn_softc *); 333static void urtwn_lc_calib(struct urtwn_softc *); 334static int urtwn_init(struct urtwn_softc *); 335static void urtwn_stop(struct urtwn_softc *); 336static void urtwn_abort_xfers(struct urtwn_softc *); 337static int urtwn_raw_xmit(struct ieee80211_node *, struct mbuf *, 338 const struct ieee80211_bpf_params *); 339static void urtwn_ms_delay(struct urtwn_softc *); 340 341/* Aliases. */ 342#define urtwn_bb_write urtwn_write_4 343#define urtwn_bb_read urtwn_read_4 344 345static const struct usb_config urtwn_config[URTWN_N_TRANSFER] = { 346 [URTWN_BULK_RX] = { 347 .type = UE_BULK, 348 .endpoint = UE_ADDR_ANY, 349 .direction = UE_DIR_IN, 350 .bufsize = URTWN_RXBUFSZ, 351 .flags = { 352 .pipe_bof = 1, 353 .short_xfer_ok = 1 354 }, 355 .callback = urtwn_bulk_rx_callback, 356 }, 357 [URTWN_BULK_TX_BE] = { 358 .type = UE_BULK, 359 .endpoint = 0x03, 360 .direction = UE_DIR_OUT, 361 .bufsize = URTWN_TXBUFSZ, 362 .flags = { 363 .ext_buffer = 1, 364 .pipe_bof = 1, 365 .force_short_xfer = 1 366 }, 367 .callback = urtwn_bulk_tx_callback, 368 .timeout = URTWN_TX_TIMEOUT, /* ms */ 369 }, 370 [URTWN_BULK_TX_BK] = { 371 .type = UE_BULK, 372 .endpoint = 0x03, 373 .direction = UE_DIR_OUT, 374 .bufsize = URTWN_TXBUFSZ, 375 .flags = { 376 .ext_buffer = 1, 377 .pipe_bof = 1, 378 .force_short_xfer = 1, 379 }, 380 .callback = urtwn_bulk_tx_callback, 381 .timeout = URTWN_TX_TIMEOUT, /* ms */ 382 }, 383 [URTWN_BULK_TX_VI] = { 384 .type = UE_BULK, 385 .endpoint = 0x02, 386 .direction = UE_DIR_OUT, 387 .bufsize = URTWN_TXBUFSZ, 388 .flags = { 389 .ext_buffer = 1, 390 .pipe_bof = 1, 391 .force_short_xfer = 1 392 }, 393 .callback = urtwn_bulk_tx_callback, 394 .timeout = URTWN_TX_TIMEOUT, /* ms */ 395 }, 396 [URTWN_BULK_TX_VO] = { 397 .type = UE_BULK, 398 .endpoint = 0x02, 399 .direction = UE_DIR_OUT, 400 .bufsize = URTWN_TXBUFSZ, 401 .flags = { 402 .ext_buffer = 1, 403 .pipe_bof = 1, 404 .force_short_xfer = 1 405 }, 406 .callback = urtwn_bulk_tx_callback, 407 .timeout = URTWN_TX_TIMEOUT, /* ms */ 408 }, 409}; 410 411static const struct wme_to_queue { 412 uint16_t reg; 413 uint8_t qid; 414} wme2queue[WME_NUM_AC] = { 415 { R92C_EDCA_BE_PARAM, URTWN_BULK_TX_BE}, 416 { R92C_EDCA_BK_PARAM, URTWN_BULK_TX_BK}, 417 { R92C_EDCA_VI_PARAM, URTWN_BULK_TX_VI}, 418 { R92C_EDCA_VO_PARAM, URTWN_BULK_TX_VO} 419}; 420 421static int 422urtwn_match(device_t self) 423{ 424 struct usb_attach_arg *uaa = device_get_ivars(self); 425 426 if (uaa->usb_mode != USB_MODE_HOST) 427 return (ENXIO); 428 if (uaa->info.bConfigIndex != URTWN_CONFIG_INDEX) 429 return (ENXIO); 430 if (uaa->info.bIfaceIndex != URTWN_IFACE_INDEX) 431 return (ENXIO); 432 433 return (usbd_lookup_id_by_uaa(urtwn_devs, sizeof(urtwn_devs), uaa)); 434} 435 436static int 437urtwn_attach(device_t self) 438{ 439 struct usb_attach_arg *uaa = device_get_ivars(self); 440 struct urtwn_softc *sc = device_get_softc(self); 441 struct ieee80211com *ic = &sc->sc_ic; 442 uint8_t bands; 443 int error; 444 445 device_set_usb_desc(self); 446 sc->sc_udev = uaa->device; 447 sc->sc_dev = self; 448 if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E) 449 sc->chip |= URTWN_CHIP_88E; 450 451 mtx_init(&sc->sc_mtx, device_get_nameunit(self), 452 MTX_NETWORK_LOCK, MTX_DEF); 453 URTWN_CMDQ_LOCK_INIT(sc); 454 URTWN_NT_LOCK_INIT(sc); 455 callout_init(&sc->sc_watchdog_ch, 0); 456 mbufq_init(&sc->sc_snd, ifqmaxlen); 457 458 sc->sc_iface_index = URTWN_IFACE_INDEX; 459 error = usbd_transfer_setup(uaa->device, &sc->sc_iface_index, 460 sc->sc_xfer, urtwn_config, URTWN_N_TRANSFER, sc, &sc->sc_mtx); 461 if (error) { 462 device_printf(self, "could not allocate USB transfers, " 463 "err=%s\n", usbd_errstr(error)); 464 goto detach; 465 } 466 467 URTWN_LOCK(sc); 468 469 error = urtwn_read_chipid(sc); 470 if (error) { 471 device_printf(sc->sc_dev, "unsupported test chip\n"); 472 URTWN_UNLOCK(sc); 473 goto detach; 474 } 475 476 /* Determine number of Tx/Rx chains. */ 477 if (sc->chip & URTWN_CHIP_92C) { 478 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2; 479 sc->nrxchains = 2; 480 } else { 481 sc->ntxchains = 1; 482 sc->nrxchains = 1; 483 } 484 485 if (sc->chip & URTWN_CHIP_88E) 486 error = urtwn_r88e_read_rom(sc); 487 else 488 error = urtwn_read_rom(sc); 489 if (error != 0) { 490 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n", 491 __func__, error); 492 URTWN_UNLOCK(sc); 493 goto detach; 494 } 495 496 device_printf(sc->sc_dev, "MAC/BB RTL%s, RF 6052 %dT%dR\n", 497 (sc->chip & URTWN_CHIP_92C) ? "8192CU" : 498 (sc->chip & URTWN_CHIP_88E) ? "8188EU" : 499 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" : 500 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" : 501 "8188CUS", sc->ntxchains, sc->nrxchains); 502 503 URTWN_UNLOCK(sc); 504 505 ic->ic_softc = sc; 506 ic->ic_name = device_get_nameunit(self); 507 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 508 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 509 510 /* set device capabilities */ 511 ic->ic_caps = 512 IEEE80211_C_STA /* station mode */ 513 | IEEE80211_C_MONITOR /* monitor mode */ 514 | IEEE80211_C_IBSS /* adhoc mode */ 515 | IEEE80211_C_HOSTAP /* hostap mode */ 516 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 517 | IEEE80211_C_SHSLOT /* short slot time supported */ 518 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 519 | IEEE80211_C_WPA /* 802.11i */ 520 | IEEE80211_C_WME /* 802.11e */ 521 ; 522 523 ic->ic_cryptocaps = 524 IEEE80211_CRYPTO_WEP | 525 IEEE80211_CRYPTO_TKIP | 526 IEEE80211_CRYPTO_AES_CCM; 527 528 bands = 0; 529 setbit(&bands, IEEE80211_MODE_11B); 530 setbit(&bands, IEEE80211_MODE_11G); 531 ieee80211_init_channels(ic, NULL, &bands); 532 533 ieee80211_ifattach(ic); 534 ic->ic_raw_xmit = urtwn_raw_xmit; 535 ic->ic_scan_start = urtwn_scan_start; 536 ic->ic_scan_end = urtwn_scan_end; 537 ic->ic_set_channel = urtwn_set_channel; 538 ic->ic_transmit = urtwn_transmit; 539 ic->ic_parent = urtwn_parent; 540 ic->ic_vap_create = urtwn_vap_create; 541 ic->ic_vap_delete = urtwn_vap_delete; 542 ic->ic_wme.wme_update = urtwn_wme_update; 543 ic->ic_update_promisc = urtwn_update_promisc; 544 ic->ic_update_mcast = urtwn_update_mcast; 545 if (sc->chip & URTWN_CHIP_88E) { 546 ic->ic_node_alloc = urtwn_r88e_node_alloc; 547 ic->ic_newassoc = urtwn_r88e_newassoc; 548 sc->sc_node_free = ic->ic_node_free; 549 ic->ic_node_free = urtwn_r88e_node_free; 550 } 551 552 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr, 553 sizeof(sc->sc_txtap), URTWN_TX_RADIOTAP_PRESENT, 554 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 555 URTWN_RX_RADIOTAP_PRESENT); 556 557 TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc); 558 559 if (bootverbose) 560 ieee80211_announce(ic); 561 562 return (0); 563 564detach: 565 urtwn_detach(self); 566 return (ENXIO); /* failure */ 567} 568 569static int 570urtwn_detach(device_t self) 571{ 572 struct urtwn_softc *sc = device_get_softc(self); 573 struct ieee80211com *ic = &sc->sc_ic; 574 unsigned int x; 575 576 /* Prevent further ioctls. */ 577 URTWN_LOCK(sc); 578 sc->sc_flags |= URTWN_DETACHED; 579 URTWN_UNLOCK(sc); 580 581 urtwn_stop(sc); 582 583 callout_drain(&sc->sc_watchdog_ch); 584 585 /* stop all USB transfers */ 586 usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER); 587 588 /* Prevent further allocations from RX/TX data lists. */ 589 URTWN_LOCK(sc); 590 STAILQ_INIT(&sc->sc_tx_active); 591 STAILQ_INIT(&sc->sc_tx_inactive); 592 STAILQ_INIT(&sc->sc_tx_pending); 593 594 STAILQ_INIT(&sc->sc_rx_active); 595 STAILQ_INIT(&sc->sc_rx_inactive); 596 URTWN_UNLOCK(sc); 597 598 /* drain USB transfers */ 599 for (x = 0; x != URTWN_N_TRANSFER; x++) 600 usbd_transfer_drain(sc->sc_xfer[x]); 601 602 /* Free data buffers. */ 603 URTWN_LOCK(sc); 604 urtwn_free_tx_list(sc); 605 urtwn_free_rx_list(sc); 606 URTWN_UNLOCK(sc); 607 608 if (ic->ic_softc == sc) { 609 ieee80211_draintask(ic, &sc->cmdq_task); 610 ieee80211_ifdetach(ic); 611 } 612 613 URTWN_NT_LOCK_DESTROY(sc); 614 URTWN_CMDQ_LOCK_DESTROY(sc); 615 mtx_destroy(&sc->sc_mtx); 616 617 return (0); 618} 619 620static void 621urtwn_drain_mbufq(struct urtwn_softc *sc) 622{ 623 struct mbuf *m; 624 struct ieee80211_node *ni; 625 URTWN_ASSERT_LOCKED(sc); 626 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 627 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 628 m->m_pkthdr.rcvif = NULL; 629 ieee80211_free_node(ni); 630 m_freem(m); 631 } 632} 633 634static usb_error_t 635urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req, 636 void *data) 637{ 638 usb_error_t err; 639 int ntries = 10; 640 641 URTWN_ASSERT_LOCKED(sc); 642 643 while (ntries--) { 644 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 645 req, data, 0, NULL, 250 /* ms */); 646 if (err == 0) 647 break; 648 649 DPRINTFN(1, "Control request failed, %s (retrying)\n", 650 usbd_errstr(err)); 651 usb_pause_mtx(&sc->sc_mtx, hz / 100); 652 } 653 return (err); 654} 655 656static struct ieee80211vap * 657urtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 658 enum ieee80211_opmode opmode, int flags, 659 const uint8_t bssid[IEEE80211_ADDR_LEN], 660 const uint8_t mac[IEEE80211_ADDR_LEN]) 661{ 662 struct urtwn_softc *sc = ic->ic_softc; 663 struct urtwn_vap *uvp; 664 struct ieee80211vap *vap; 665 666 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 667 return (NULL); 668 669 uvp = malloc(sizeof(struct urtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO); 670 vap = &uvp->vap; 671 /* enable s/w bmiss handling for sta mode */ 672 673 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, 674 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) { 675 /* out of memory */ 676 free(uvp, M_80211_VAP); 677 return (NULL); 678 } 679 680 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS) 681 urtwn_init_beacon(sc, uvp); 682 683 /* override state transition machine */ 684 uvp->newstate = vap->iv_newstate; 685 vap->iv_newstate = urtwn_newstate; 686 vap->iv_update_beacon = urtwn_update_beacon; 687 vap->iv_key_alloc = urtwn_key_alloc; 688 vap->iv_key_set = urtwn_key_set; 689 vap->iv_key_delete = urtwn_key_delete; 690 if (opmode == IEEE80211_M_IBSS) { 691 uvp->recv_mgmt = vap->iv_recv_mgmt; 692 vap->iv_recv_mgmt = urtwn_ibss_recv_mgmt; 693 TASK_INIT(&uvp->tsf_task_adhoc, 0, urtwn_tsf_task_adhoc, vap); 694 } 695 696 if (URTWN_CHIP_HAS_RATECTL(sc)) 697 ieee80211_ratectl_init(vap); 698 /* complete setup */ 699 ieee80211_vap_attach(vap, ieee80211_media_change, 700 ieee80211_media_status, mac); 701 ic->ic_opmode = opmode; 702 return (vap); 703} 704 705static void 706urtwn_vap_delete(struct ieee80211vap *vap) 707{ 708 struct ieee80211com *ic = vap->iv_ic; 709 struct urtwn_softc *sc = ic->ic_softc; 710 struct urtwn_vap *uvp = URTWN_VAP(vap); 711 712 if (uvp->bcn_mbuf != NULL) 713 m_freem(uvp->bcn_mbuf); 714 if (vap->iv_opmode == IEEE80211_M_IBSS) 715 ieee80211_draintask(ic, &uvp->tsf_task_adhoc); 716 if (URTWN_CHIP_HAS_RATECTL(sc)) 717 ieee80211_ratectl_deinit(vap); 718 ieee80211_vap_detach(vap); 719 free(uvp, M_80211_VAP); 720} 721 722static struct mbuf * 723urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat, 724 int totlen) 725{ 726 struct ieee80211com *ic = &sc->sc_ic; 727 struct mbuf *m; 728 uint32_t rxdw0; 729 int pktlen; 730 731 /* 732 * don't pass packets to the ieee80211 framework if the driver isn't 733 * RUNNING. 734 */ 735 if (!(sc->sc_flags & URTWN_RUNNING)) 736 return (NULL); 737 738 rxdw0 = le32toh(stat->rxdw0); 739 if (rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR)) { 740 /* 741 * This should not happen since we setup our Rx filter 742 * to not receive these frames. 743 */ 744 DPRINTFN(6, "RX flags error (%s)\n", 745 rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV"); 746 goto fail; 747 } 748 749 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 750 if (pktlen < sizeof(struct ieee80211_frame_ack)) { 751 DPRINTFN(6, "frame too short: %d\n", pktlen); 752 goto fail; 753 } 754 755 if (__predict_false(totlen > MCLBYTES)) { 756 /* convert to m_getjcl if this happens */ 757 device_printf(sc->sc_dev, "%s: frame too long: %d (%d)\n", 758 __func__, pktlen, totlen); 759 goto fail; 760 } 761 762 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 763 if (__predict_false(m == NULL)) { 764 device_printf(sc->sc_dev, "%s: could not allocate RX mbuf\n", 765 __func__); 766 goto fail; 767 } 768 769 /* Finalize mbuf. */ 770 memcpy(mtod(m, uint8_t *), (uint8_t *)stat, totlen); 771 m->m_pkthdr.len = m->m_len = totlen; 772 773 return (m); 774fail: 775 counter_u64_add(ic->ic_ierrors, 1); 776 return (NULL); 777} 778 779static struct mbuf * 780urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data) 781{ 782 struct urtwn_softc *sc = data->sc; 783 struct ieee80211com *ic = &sc->sc_ic; 784 struct r92c_rx_stat *stat; 785 uint8_t *buf; 786 int len; 787 788 usbd_xfer_status(xfer, &len, NULL, NULL, NULL); 789 790 if (len < sizeof(*stat)) { 791 counter_u64_add(ic->ic_ierrors, 1); 792 return (NULL); 793 } 794 795 buf = data->buf; 796 stat = (struct r92c_rx_stat *)buf; 797 798 if (sc->chip & URTWN_CHIP_88E) { 799 int report_sel = MS(le32toh(stat->rxdw3), R88E_RXDW3_RPT); 800 801 switch (report_sel) { 802 case R88E_RXDW3_RPT_RX: 803 return (urtwn_rxeof(sc, buf, len)); 804 case R88E_RXDW3_RPT_TX1: 805 urtwn_r88e_ratectl_tx_complete(sc, &stat[1]); 806 break; 807 default: 808 DPRINTFN(7, "case %d was not handled\n", report_sel); 809 break; 810 } 811 } else 812 return (urtwn_rxeof(sc, buf, len)); 813 814 return (NULL); 815} 816 817static struct mbuf * 818urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len) 819{ 820 struct r92c_rx_stat *stat; 821 struct mbuf *m, *m0 = NULL, *prevm = NULL; 822 uint32_t rxdw0; 823 int totlen, pktlen, infosz, npkts; 824 825 /* Get the number of encapsulated frames. */ 826 stat = (struct r92c_rx_stat *)buf; 827 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT); 828 DPRINTFN(6, "Rx %d frames in one chunk\n", npkts); 829 830 /* Process all of them. */ 831 while (npkts-- > 0) { 832 if (len < sizeof(*stat)) 833 break; 834 stat = (struct r92c_rx_stat *)buf; 835 rxdw0 = le32toh(stat->rxdw0); 836 837 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 838 if (pktlen == 0) 839 break; 840 841 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 842 843 /* Make sure everything fits in xfer. */ 844 totlen = sizeof(*stat) + infosz + pktlen; 845 if (totlen > len) 846 break; 847 848 m = urtwn_rx_copy_to_mbuf(sc, stat, totlen); 849 if (m0 == NULL) 850 m0 = m; 851 if (prevm == NULL) 852 prevm = m; 853 else { 854 prevm->m_next = m; 855 prevm = m; 856 } 857 858 /* Next chunk is 128-byte aligned. */ 859 totlen = (totlen + 127) & ~127; 860 buf += totlen; 861 len -= totlen; 862 } 863 864 return (m0); 865} 866 867static void 868urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg) 869{ 870 struct r88e_tx_rpt_ccx *rpt = arg; 871 struct ieee80211vap *vap; 872 struct ieee80211_node *ni; 873 uint8_t macid; 874 int ntries; 875 876 macid = MS(rpt->rptb1, R88E_RPTB1_MACID); 877 ntries = MS(rpt->rptb2, R88E_RPTB2_RETRY_CNT); 878 879 URTWN_NT_LOCK(sc); 880 ni = sc->node_list[macid]; 881 if (ni != NULL) { 882 vap = ni->ni_vap; 883 884 if (rpt->rptb1 & R88E_RPTB1_PKT_OK) { 885 ieee80211_ratectl_tx_complete(vap, ni, 886 IEEE80211_RATECTL_TX_SUCCESS, &ntries, NULL); 887 } else { 888 ieee80211_ratectl_tx_complete(vap, ni, 889 IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL); 890 } 891 } else 892 DPRINTFN(8, "macid %d, ni is NULL\n", macid); 893 URTWN_NT_UNLOCK(sc); 894} 895 896static struct ieee80211_node * 897urtwn_rx_frame(struct urtwn_softc *sc, struct mbuf *m, int8_t *rssi_p) 898{ 899 struct ieee80211com *ic = &sc->sc_ic; 900 struct ieee80211_frame_min *wh; 901 struct r92c_rx_stat *stat; 902 uint32_t rxdw0, rxdw3; 903 uint8_t rate, cipher; 904 int8_t rssi = URTWN_NOISE_FLOOR + 1; 905 int infosz; 906 907 stat = mtod(m, struct r92c_rx_stat *); 908 rxdw0 = le32toh(stat->rxdw0); 909 rxdw3 = le32toh(stat->rxdw3); 910 911 rate = MS(rxdw3, R92C_RXDW3_RATE); 912 cipher = MS(rxdw0, R92C_RXDW0_CIPHER); 913 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 914 915 /* Get RSSI from PHY status descriptor if present. */ 916 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) { 917 if (sc->chip & URTWN_CHIP_88E) 918 rssi = urtwn_r88e_get_rssi(sc, rate, &stat[1]); 919 else 920 rssi = urtwn_get_rssi(sc, rate, &stat[1]); 921 /* Update our average RSSI. */ 922 urtwn_update_avgrssi(sc, rate, rssi); 923 } 924 925 if (ieee80211_radiotap_active(ic)) { 926 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap; 927 928 tap->wr_flags = 0; 929 930 urtwn_get_tsf(sc, &tap->wr_tsft); 931 if (__predict_false(le32toh((uint32_t)tap->wr_tsft) < 932 le32toh(stat->rxdw5))) { 933 tap->wr_tsft = le32toh(tap->wr_tsft >> 32) - 1; 934 tap->wr_tsft = (uint64_t)htole32(tap->wr_tsft) << 32; 935 } else 936 tap->wr_tsft &= 0xffffffff00000000; 937 tap->wr_tsft += stat->rxdw5; 938 939 /* Map HW rate index to 802.11 rate. */ 940 if (!(rxdw3 & R92C_RXDW3_HT)) { 941 tap->wr_rate = ridx2rate[rate]; 942 } else if (rate >= 12) { /* MCS0~15. */ 943 /* Bit 7 set means HT MCS instead of rate. */ 944 tap->wr_rate = 0x80 | (rate - 12); 945 } 946 tap->wr_dbm_antsignal = rssi; 947 tap->wr_dbm_antnoise = URTWN_NOISE_FLOOR; 948 } 949 950 *rssi_p = rssi; 951 952 /* Drop descriptor. */ 953 m_adj(m, sizeof(*stat) + infosz); 954 wh = mtod(m, struct ieee80211_frame_min *); 955 956 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) && 957 cipher != R92C_CAM_ALGO_NONE) { 958 m->m_flags |= M_WEP; 959 } 960 961 if (m->m_len >= sizeof(*wh)) 962 return (ieee80211_find_rxnode(ic, wh)); 963 964 return (NULL); 965} 966 967static void 968urtwn_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 969{ 970 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 971 struct ieee80211com *ic = &sc->sc_ic; 972 struct ieee80211_node *ni; 973 struct mbuf *m = NULL, *next; 974 struct urtwn_data *data; 975 int8_t nf, rssi; 976 977 URTWN_ASSERT_LOCKED(sc); 978 979 switch (USB_GET_STATE(xfer)) { 980 case USB_ST_TRANSFERRED: 981 data = STAILQ_FIRST(&sc->sc_rx_active); 982 if (data == NULL) 983 goto tr_setup; 984 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 985 m = urtwn_report_intr(xfer, data); 986 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 987 /* FALLTHROUGH */ 988 case USB_ST_SETUP: 989tr_setup: 990 data = STAILQ_FIRST(&sc->sc_rx_inactive); 991 if (data == NULL) { 992 KASSERT(m == NULL, ("mbuf isn't NULL")); 993 return; 994 } 995 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next); 996 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next); 997 usbd_xfer_set_frame_data(xfer, 0, data->buf, 998 usbd_xfer_max_len(xfer)); 999 usbd_transfer_submit(xfer); 1000 1001 /* 1002 * To avoid LOR we should unlock our private mutex here to call 1003 * ieee80211_input() because here is at the end of a USB 1004 * callback and safe to unlock. 1005 */ 1006 while (m != NULL) { 1007 next = m->m_next; 1008 m->m_next = NULL; 1009 1010 ni = urtwn_rx_frame(sc, m, &rssi); 1011 URTWN_UNLOCK(sc); 1012 1013 nf = URTWN_NOISE_FLOOR; 1014 if (ni != NULL) { 1015 (void)ieee80211_input(ni, m, rssi - nf, nf); 1016 ieee80211_free_node(ni); 1017 } else { 1018 (void)ieee80211_input_all(ic, m, rssi - nf, 1019 nf); 1020 } 1021 1022 URTWN_LOCK(sc); 1023 m = next; 1024 } 1025 break; 1026 default: 1027 /* needs it to the inactive queue due to a error. */ 1028 data = STAILQ_FIRST(&sc->sc_rx_active); 1029 if (data != NULL) { 1030 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next); 1031 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next); 1032 } 1033 if (error != USB_ERR_CANCELLED) { 1034 usbd_xfer_set_stall(xfer); 1035 counter_u64_add(ic->ic_ierrors, 1); 1036 goto tr_setup; 1037 } 1038 break; 1039 } 1040} 1041 1042static void 1043urtwn_txeof(struct urtwn_softc *sc, struct urtwn_data *data, int status) 1044{ 1045 1046 URTWN_ASSERT_LOCKED(sc); 1047 1048 if (data->ni != NULL) /* not a beacon frame */ 1049 ieee80211_tx_complete(data->ni, data->m, status); 1050 1051 data->ni = NULL; 1052 data->m = NULL; 1053 1054 sc->sc_txtimer = 0; 1055 1056 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next); 1057} 1058 1059static int 1060urtwn_alloc_list(struct urtwn_softc *sc, struct urtwn_data data[], 1061 int ndata, int maxsz) 1062{ 1063 int i, error; 1064 1065 for (i = 0; i < ndata; i++) { 1066 struct urtwn_data *dp = &data[i]; 1067 dp->sc = sc; 1068 dp->m = NULL; 1069 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT); 1070 if (dp->buf == NULL) { 1071 device_printf(sc->sc_dev, 1072 "could not allocate buffer\n"); 1073 error = ENOMEM; 1074 goto fail; 1075 } 1076 dp->ni = NULL; 1077 } 1078 1079 return (0); 1080fail: 1081 urtwn_free_list(sc, data, ndata); 1082 return (error); 1083} 1084 1085static int 1086urtwn_alloc_rx_list(struct urtwn_softc *sc) 1087{ 1088 int error, i; 1089 1090 error = urtwn_alloc_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT, 1091 URTWN_RXBUFSZ); 1092 if (error != 0) 1093 return (error); 1094 1095 STAILQ_INIT(&sc->sc_rx_active); 1096 STAILQ_INIT(&sc->sc_rx_inactive); 1097 1098 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) 1099 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next); 1100 1101 return (0); 1102} 1103 1104static int 1105urtwn_alloc_tx_list(struct urtwn_softc *sc) 1106{ 1107 int error, i; 1108 1109 error = urtwn_alloc_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT, 1110 URTWN_TXBUFSZ); 1111 if (error != 0) 1112 return (error); 1113 1114 STAILQ_INIT(&sc->sc_tx_active); 1115 STAILQ_INIT(&sc->sc_tx_inactive); 1116 STAILQ_INIT(&sc->sc_tx_pending); 1117 1118 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) 1119 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next); 1120 1121 return (0); 1122} 1123 1124static void 1125urtwn_free_list(struct urtwn_softc *sc, struct urtwn_data data[], int ndata) 1126{ 1127 int i; 1128 1129 for (i = 0; i < ndata; i++) { 1130 struct urtwn_data *dp = &data[i]; 1131 1132 if (dp->buf != NULL) { 1133 free(dp->buf, M_USBDEV); 1134 dp->buf = NULL; 1135 } 1136 if (dp->ni != NULL) { 1137 ieee80211_free_node(dp->ni); 1138 dp->ni = NULL; 1139 } 1140 } 1141} 1142 1143static void 1144urtwn_free_rx_list(struct urtwn_softc *sc) 1145{ 1146 urtwn_free_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT); 1147} 1148 1149static void 1150urtwn_free_tx_list(struct urtwn_softc *sc) 1151{ 1152 urtwn_free_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT); 1153} 1154 1155static void 1156urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error) 1157{ 1158 struct urtwn_softc *sc = usbd_xfer_softc(xfer); 1159 struct urtwn_data *data; 1160 1161 URTWN_ASSERT_LOCKED(sc); 1162 1163 switch (USB_GET_STATE(xfer)){ 1164 case USB_ST_TRANSFERRED: 1165 data = STAILQ_FIRST(&sc->sc_tx_active); 1166 if (data == NULL) 1167 goto tr_setup; 1168 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1169 urtwn_txeof(sc, data, 0); 1170 /* FALLTHROUGH */ 1171 case USB_ST_SETUP: 1172tr_setup: 1173 data = STAILQ_FIRST(&sc->sc_tx_pending); 1174 if (data == NULL) { 1175 DPRINTF("%s: empty pending queue\n", __func__); 1176 goto finish; 1177 } 1178 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next); 1179 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next); 1180 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen); 1181 usbd_transfer_submit(xfer); 1182 break; 1183 default: 1184 data = STAILQ_FIRST(&sc->sc_tx_active); 1185 if (data == NULL) 1186 goto tr_setup; 1187 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next); 1188 urtwn_txeof(sc, data, 1); 1189 if (error != USB_ERR_CANCELLED) { 1190 usbd_xfer_set_stall(xfer); 1191 goto tr_setup; 1192 } 1193 break; 1194 } 1195finish: 1196 /* Kick-start more transmit */ 1197 urtwn_start(sc); 1198} 1199 1200static struct urtwn_data * 1201_urtwn_getbuf(struct urtwn_softc *sc) 1202{ 1203 struct urtwn_data *bf; 1204 1205 bf = STAILQ_FIRST(&sc->sc_tx_inactive); 1206 if (bf != NULL) 1207 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next); 1208 else 1209 DPRINTF("%s: %s\n", __func__, "out of xmit buffers"); 1210 return (bf); 1211} 1212 1213static struct urtwn_data * 1214urtwn_getbuf(struct urtwn_softc *sc) 1215{ 1216 struct urtwn_data *bf; 1217 1218 URTWN_ASSERT_LOCKED(sc); 1219 1220 bf = _urtwn_getbuf(sc); 1221 if (bf == NULL) 1222 DPRINTF("%s: stop queue\n", __func__); 1223 return (bf); 1224} 1225 1226static usb_error_t 1227urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1228 int len) 1229{ 1230 usb_device_request_t req; 1231 1232 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1233 req.bRequest = R92C_REQ_REGS; 1234 USETW(req.wValue, addr); 1235 USETW(req.wIndex, 0); 1236 USETW(req.wLength, len); 1237 return (urtwn_do_request(sc, &req, buf)); 1238} 1239 1240static usb_error_t 1241urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val) 1242{ 1243 return (urtwn_write_region_1(sc, addr, &val, sizeof(val))); 1244} 1245 1246static usb_error_t 1247urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val) 1248{ 1249 val = htole16(val); 1250 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1251} 1252 1253static usb_error_t 1254urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val) 1255{ 1256 val = htole32(val); 1257 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val))); 1258} 1259 1260static usb_error_t 1261urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 1262 int len) 1263{ 1264 usb_device_request_t req; 1265 1266 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1267 req.bRequest = R92C_REQ_REGS; 1268 USETW(req.wValue, addr); 1269 USETW(req.wIndex, 0); 1270 USETW(req.wLength, len); 1271 return (urtwn_do_request(sc, &req, buf)); 1272} 1273 1274static uint8_t 1275urtwn_read_1(struct urtwn_softc *sc, uint16_t addr) 1276{ 1277 uint8_t val; 1278 1279 if (urtwn_read_region_1(sc, addr, &val, 1) != 0) 1280 return (0xff); 1281 return (val); 1282} 1283 1284static uint16_t 1285urtwn_read_2(struct urtwn_softc *sc, uint16_t addr) 1286{ 1287 uint16_t val; 1288 1289 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 2) != 0) 1290 return (0xffff); 1291 return (le16toh(val)); 1292} 1293 1294static uint32_t 1295urtwn_read_4(struct urtwn_softc *sc, uint16_t addr) 1296{ 1297 uint32_t val; 1298 1299 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 4) != 0) 1300 return (0xffffffff); 1301 return (le32toh(val)); 1302} 1303 1304static int 1305urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len) 1306{ 1307 struct r92c_fw_cmd cmd; 1308 usb_error_t error; 1309 int ntries; 1310 1311 /* Wait for current FW box to be empty. */ 1312 for (ntries = 0; ntries < 100; ntries++) { 1313 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << sc->fwcur))) 1314 break; 1315 urtwn_ms_delay(sc); 1316 } 1317 if (ntries == 100) { 1318 device_printf(sc->sc_dev, 1319 "could not send firmware command\n"); 1320 return (ETIMEDOUT); 1321 } 1322 memset(&cmd, 0, sizeof(cmd)); 1323 cmd.id = id; 1324 if (len > 3) 1325 cmd.id |= R92C_CMD_FLAG_EXT; 1326 KASSERT(len <= sizeof(cmd.msg), ("urtwn_fw_cmd\n")); 1327 memcpy(cmd.msg, buf, len); 1328 1329 /* Write the first word last since that will trigger the FW. */ 1330 error = urtwn_write_region_1(sc, R92C_HMEBOX_EXT(sc->fwcur), 1331 (uint8_t *)&cmd + 4, 2); 1332 if (error != USB_ERR_NORMAL_COMPLETION) 1333 return (EIO); 1334 error = urtwn_write_region_1(sc, R92C_HMEBOX(sc->fwcur), 1335 (uint8_t *)&cmd + 0, 4); 1336 if (error != USB_ERR_NORMAL_COMPLETION) 1337 return (EIO); 1338 1339 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX; 1340 return (0); 1341} 1342 1343static void 1344urtwn_cmdq_cb(void *arg, int pending) 1345{ 1346 struct urtwn_softc *sc = arg; 1347 struct urtwn_cmdq *item; 1348 1349 /* 1350 * Device must be powered on (via urtwn_power_on()) 1351 * before any command may be sent. 1352 */ 1353 URTWN_LOCK(sc); 1354 if (!(sc->sc_flags & URTWN_RUNNING)) { 1355 URTWN_UNLOCK(sc); 1356 return; 1357 } 1358 1359 URTWN_CMDQ_LOCK(sc); 1360 while (sc->cmdq[sc->cmdq_first].func != NULL) { 1361 item = &sc->cmdq[sc->cmdq_first]; 1362 sc->cmdq_first = (sc->cmdq_first + 1) % URTWN_CMDQ_SIZE; 1363 URTWN_CMDQ_UNLOCK(sc); 1364 1365 item->func(sc, &item->data); 1366 1367 URTWN_CMDQ_LOCK(sc); 1368 memset(item, 0, sizeof (*item)); 1369 } 1370 URTWN_CMDQ_UNLOCK(sc); 1371 URTWN_UNLOCK(sc); 1372} 1373 1374static int 1375urtwn_cmd_sleepable(struct urtwn_softc *sc, const void *ptr, size_t len, 1376 CMD_FUNC_PROTO) 1377{ 1378 struct ieee80211com *ic = &sc->sc_ic; 1379 1380 KASSERT(len <= sizeof(union sec_param), ("buffer overflow")); 1381 1382 URTWN_CMDQ_LOCK(sc); 1383 if (sc->cmdq[sc->cmdq_last].func != NULL) { 1384 device_printf(sc->sc_dev, "%s: cmdq overflow\n", __func__); 1385 URTWN_CMDQ_UNLOCK(sc); 1386 1387 return (EAGAIN); 1388 } 1389 1390 if (ptr != NULL) 1391 memcpy(&sc->cmdq[sc->cmdq_last].data, ptr, len); 1392 sc->cmdq[sc->cmdq_last].func = func; 1393 sc->cmdq_last = (sc->cmdq_last + 1) % URTWN_CMDQ_SIZE; 1394 URTWN_CMDQ_UNLOCK(sc); 1395 1396 ieee80211_runtask(ic, &sc->cmdq_task); 1397 1398 return (0); 1399} 1400 1401static __inline void 1402urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val) 1403{ 1404 1405 sc->sc_rf_write(sc, chain, addr, val); 1406} 1407 1408static void 1409urtwn_r92c_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1410 uint32_t val) 1411{ 1412 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1413 SM(R92C_LSSI_PARAM_ADDR, addr) | 1414 SM(R92C_LSSI_PARAM_DATA, val)); 1415} 1416 1417static void 1418urtwn_r88e_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, 1419uint32_t val) 1420{ 1421 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 1422 SM(R88E_LSSI_PARAM_ADDR, addr) | 1423 SM(R92C_LSSI_PARAM_DATA, val)); 1424} 1425 1426static uint32_t 1427urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr) 1428{ 1429 uint32_t reg[R92C_MAX_CHAINS], val; 1430 1431 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)); 1432 if (chain != 0) 1433 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain)); 1434 1435 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1436 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE); 1437 urtwn_ms_delay(sc); 1438 1439 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain), 1440 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) | 1441 R92C_HSSI_PARAM2_READ_EDGE); 1442 urtwn_ms_delay(sc); 1443 1444 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 1445 reg[0] | R92C_HSSI_PARAM2_READ_EDGE); 1446 urtwn_ms_delay(sc); 1447 1448 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI) 1449 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain)); 1450 else 1451 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain)); 1452 return (MS(val, R92C_LSSI_READBACK_DATA)); 1453} 1454 1455static int 1456urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 1457{ 1458 usb_error_t error; 1459 int ntries; 1460 1461 error = urtwn_write_4(sc, R92C_LLT_INIT, 1462 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) | 1463 SM(R92C_LLT_INIT_ADDR, addr) | 1464 SM(R92C_LLT_INIT_DATA, data)); 1465 if (error != USB_ERR_NORMAL_COMPLETION) 1466 return (EIO); 1467 /* Wait for write operation to complete. */ 1468 for (ntries = 0; ntries < 20; ntries++) { 1469 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) == 1470 R92C_LLT_INIT_OP_NO_ACTIVE) 1471 return (0); 1472 urtwn_ms_delay(sc); 1473 } 1474 return (ETIMEDOUT); 1475} 1476 1477static int 1478urtwn_efuse_read_next(struct urtwn_softc *sc, uint8_t *val) 1479{ 1480 uint32_t reg; 1481 usb_error_t error; 1482 int ntries; 1483 1484 if (sc->last_rom_addr >= URTWN_EFUSE_MAX_LEN) 1485 return (EFAULT); 1486 1487 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1488 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, sc->last_rom_addr); 1489 reg &= ~R92C_EFUSE_CTRL_VALID; 1490 1491 error = urtwn_write_4(sc, R92C_EFUSE_CTRL, reg); 1492 if (error != USB_ERR_NORMAL_COMPLETION) 1493 return (EIO); 1494 /* Wait for read operation to complete. */ 1495 for (ntries = 0; ntries < 100; ntries++) { 1496 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1497 if (reg & R92C_EFUSE_CTRL_VALID) 1498 break; 1499 urtwn_ms_delay(sc); 1500 } 1501 if (ntries == 100) { 1502 device_printf(sc->sc_dev, 1503 "could not read efuse byte at address 0x%x\n", 1504 sc->last_rom_addr); 1505 return (ETIMEDOUT); 1506 } 1507 1508 *val = MS(reg, R92C_EFUSE_CTRL_DATA); 1509 sc->last_rom_addr++; 1510 1511 return (0); 1512} 1513 1514static int 1515urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off, 1516 uint8_t msk) 1517{ 1518 uint8_t reg; 1519 int i, error; 1520 1521 for (i = 0; i < 4; i++) { 1522 if (msk & (1 << i)) 1523 continue; 1524 error = urtwn_efuse_read_next(sc, ®); 1525 if (error != 0) 1526 return (error); 1527 DPRINTF("rom[0x%03X] == 0x%02X\n", off * 8 + i * 2, reg); 1528 rom[off * 8 + i * 2 + 0] = reg; 1529 1530 error = urtwn_efuse_read_next(sc, ®); 1531 if (error != 0) 1532 return (error); 1533 DPRINTF("rom[0x%03X] == 0x%02X\n", off * 8 + i * 2 + 1, reg); 1534 rom[off * 8 + i * 2 + 1] = reg; 1535 } 1536 1537 return (0); 1538} 1539 1540#ifdef URTWN_DEBUG 1541static void 1542urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1543{ 1544 int i; 1545 1546 /* Dump ROM contents. */ 1547 device_printf(sc->sc_dev, "%s:", __func__); 1548 for (i = 0; i < size; i++) { 1549 if (i % 32 == 0) 1550 printf("\n%03X: ", i); 1551 else if (i % 4 == 0) 1552 printf(" "); 1553 1554 printf("%02X", rom[i]); 1555 } 1556 printf("\n"); 1557} 1558#endif 1559 1560static int 1561urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size) 1562{ 1563#define URTWN_CHK(res) do { \ 1564 if ((error = res) != 0) \ 1565 goto end; \ 1566} while(0) 1567 uint8_t msk, off, reg; 1568 int error; 1569 1570 URTWN_CHK(urtwn_efuse_switch_power(sc)); 1571 1572 /* Read full ROM image. */ 1573 sc->last_rom_addr = 0; 1574 memset(rom, 0xff, size); 1575 1576 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1577 while (reg != 0xff) { 1578 /* check for extended header */ 1579 if ((sc->chip & URTWN_CHIP_88E) && (reg & 0x1f) == 0x0f) { 1580 off = reg >> 5; 1581 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1582 1583 if ((reg & 0x0f) != 0x0f) 1584 off = ((reg & 0xf0) >> 1) | off; 1585 else 1586 continue; 1587 } else 1588 off = reg >> 4; 1589 msk = reg & 0xf; 1590 1591 URTWN_CHK(urtwn_efuse_read_data(sc, rom, off, msk)); 1592 URTWN_CHK(urtwn_efuse_read_next(sc, ®)); 1593 } 1594 1595end: 1596 1597#ifdef URTWN_DEBUG 1598 if (urtwn_debug >= 2) 1599 urtwn_dump_rom_contents(sc, rom, size); 1600#endif 1601 1602 urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_OFF); 1603 1604 if (error != 0) { 1605 device_printf(sc->sc_dev, "%s: error while reading ROM\n", 1606 __func__); 1607 } 1608 1609 return (error); 1610#undef URTWN_CHK 1611} 1612 1613static int 1614urtwn_efuse_switch_power(struct urtwn_softc *sc) 1615{ 1616 usb_error_t error; 1617 uint32_t reg; 1618 1619 error = urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_ON); 1620 if (error != USB_ERR_NORMAL_COMPLETION) 1621 return (EIO); 1622 1623 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL); 1624 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) { 1625 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 1626 reg | R92C_SYS_ISO_CTRL_PWC_EV12V); 1627 if (error != USB_ERR_NORMAL_COMPLETION) 1628 return (EIO); 1629 } 1630 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 1631 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) { 1632 error = urtwn_write_2(sc, R92C_SYS_FUNC_EN, 1633 reg | R92C_SYS_FUNC_EN_ELDR); 1634 if (error != USB_ERR_NORMAL_COMPLETION) 1635 return (EIO); 1636 } 1637 reg = urtwn_read_2(sc, R92C_SYS_CLKR); 1638 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) != 1639 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) { 1640 error = urtwn_write_2(sc, R92C_SYS_CLKR, 1641 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M); 1642 if (error != USB_ERR_NORMAL_COMPLETION) 1643 return (EIO); 1644 } 1645 1646 return (0); 1647} 1648 1649static int 1650urtwn_read_chipid(struct urtwn_softc *sc) 1651{ 1652 uint32_t reg; 1653 1654 if (sc->chip & URTWN_CHIP_88E) 1655 return (0); 1656 1657 reg = urtwn_read_4(sc, R92C_SYS_CFG); 1658 if (reg & R92C_SYS_CFG_TRP_VAUX_EN) 1659 return (EIO); 1660 1661 if (reg & R92C_SYS_CFG_TYPE_92C) { 1662 sc->chip |= URTWN_CHIP_92C; 1663 /* Check if it is a castrated 8192C. */ 1664 if (MS(urtwn_read_4(sc, R92C_HPON_FSM), 1665 R92C_HPON_FSM_CHIP_BONDING_ID) == 1666 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R) 1667 sc->chip |= URTWN_CHIP_92C_1T2R; 1668 } 1669 if (reg & R92C_SYS_CFG_VENDOR_UMC) { 1670 sc->chip |= URTWN_CHIP_UMC; 1671 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0) 1672 sc->chip |= URTWN_CHIP_UMC_A_CUT; 1673 } 1674 return (0); 1675} 1676 1677static int 1678urtwn_read_rom(struct urtwn_softc *sc) 1679{ 1680 struct r92c_rom *rom = &sc->rom.r92c_rom; 1681 int error; 1682 1683 /* Read full ROM image. */ 1684 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(*rom)); 1685 if (error != 0) 1686 return (error); 1687 1688 /* XXX Weird but this is what the vendor driver does. */ 1689 sc->last_rom_addr = 0x1fa; 1690 error = urtwn_efuse_read_next(sc, &sc->pa_setting); 1691 if (error != 0) 1692 return (error); 1693 DPRINTF("PA setting=0x%x\n", sc->pa_setting); 1694 1695 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE); 1696 1697 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY); 1698 DPRINTF("regulatory type=%d\n", sc->regulatory); 1699 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr); 1700 1701 sc->sc_rf_write = urtwn_r92c_rf_write; 1702 sc->sc_power_on = urtwn_r92c_power_on; 1703 1704 return (0); 1705} 1706 1707static int 1708urtwn_r88e_read_rom(struct urtwn_softc *sc) 1709{ 1710 uint8_t *rom = sc->rom.r88e_rom; 1711 uint16_t addr; 1712 int error, i; 1713 1714 error = urtwn_efuse_read(sc, rom, sizeof(sc->rom.r88e_rom)); 1715 if (error != 0) 1716 return (error); 1717 1718 addr = 0x10; 1719 for (i = 0; i < 6; i++) 1720 sc->cck_tx_pwr[i] = rom[addr++]; 1721 for (i = 0; i < 5; i++) 1722 sc->ht40_tx_pwr[i] = rom[addr++]; 1723 sc->bw20_tx_pwr_diff = (rom[addr] & 0xf0) >> 4; 1724 if (sc->bw20_tx_pwr_diff & 0x08) 1725 sc->bw20_tx_pwr_diff |= 0xf0; 1726 sc->ofdm_tx_pwr_diff = (rom[addr] & 0xf); 1727 if (sc->ofdm_tx_pwr_diff & 0x08) 1728 sc->ofdm_tx_pwr_diff |= 0xf0; 1729 sc->regulatory = MS(rom[0xc1], R92C_ROM_RF1_REGULATORY); 1730 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, &rom[0xd7]); 1731 1732 sc->sc_rf_write = urtwn_r88e_rf_write; 1733 sc->sc_power_on = urtwn_r88e_power_on; 1734 1735 return (0); 1736} 1737 1738/* 1739 * Initialize rate adaptation in firmware. 1740 */ 1741static int 1742urtwn_ra_init(struct urtwn_softc *sc) 1743{ 1744 struct ieee80211com *ic = &sc->sc_ic; 1745 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 1746 struct ieee80211_node *ni; 1747 struct ieee80211_rateset *rs; 1748 struct r92c_fw_cmd_macid_cfg cmd; 1749 uint32_t rates, basicrates; 1750 uint8_t mode; 1751 int maxrate, maxbasicrate, error, i, j; 1752 1753 ni = ieee80211_ref_node(vap->iv_bss); 1754 rs = &ni->ni_rates; 1755 1756 /* Get normal and basic rates mask. */ 1757 rates = basicrates = 0; 1758 maxrate = maxbasicrate = 0; 1759 for (i = 0; i < rs->rs_nrates; i++) { 1760 /* Convert 802.11 rate to HW rate index. */ 1761 for (j = 0; j < nitems(ridx2rate); j++) 1762 if ((rs->rs_rates[i] & IEEE80211_RATE_VAL) == 1763 ridx2rate[j]) 1764 break; 1765 if (j == nitems(ridx2rate)) /* Unknown rate, skip. */ 1766 continue; 1767 rates |= 1 << j; 1768 if (j > maxrate) 1769 maxrate = j; 1770 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) { 1771 basicrates |= 1 << j; 1772 if (j > maxbasicrate) 1773 maxbasicrate = j; 1774 } 1775 } 1776 if (ic->ic_curmode == IEEE80211_MODE_11B) 1777 mode = R92C_RAID_11B; 1778 else 1779 mode = R92C_RAID_11BG; 1780 DPRINTF("mode=0x%x rates=0x%08x, basicrates=0x%08x\n", 1781 mode, rates, basicrates); 1782 1783 /* Set rates mask for group addressed frames. */ 1784 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID; 1785 cmd.mask = htole32(mode << 28 | basicrates); 1786 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1787 if (error != 0) { 1788 ieee80211_free_node(ni); 1789 device_printf(sc->sc_dev, 1790 "could not add broadcast station\n"); 1791 return (error); 1792 } 1793 /* Set initial MRR rate. */ 1794 DPRINTF("maxbasicrate=%d\n", maxbasicrate); 1795 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC), 1796 maxbasicrate); 1797 1798 /* Set rates mask for unicast frames. */ 1799 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID; 1800 cmd.mask = htole32(mode << 28 | rates); 1801 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1802 if (error != 0) { 1803 ieee80211_free_node(ni); 1804 device_printf(sc->sc_dev, "could not add BSS station\n"); 1805 return (error); 1806 } 1807 /* Set initial MRR rate. */ 1808 DPRINTF("maxrate=%d\n", maxrate); 1809 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS), 1810 maxrate); 1811 1812 /* Indicate highest supported rate. */ 1813 ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1]; 1814 ieee80211_free_node(ni); 1815 1816 return (0); 1817} 1818 1819static void 1820urtwn_init_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 1821{ 1822 struct r92c_tx_desc *txd = &uvp->bcn_desc; 1823 1824 txd->txdw0 = htole32( 1825 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | R92C_TXDW0_BMCAST | 1826 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 1827 txd->txdw1 = htole32( 1828 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_BEACON) | 1829 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 1830 1831 if (sc->chip & URTWN_CHIP_88E) { 1832 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 1833 txd->txdseq |= htole16(R88E_TXDSEQ_HWSEQ_EN); 1834 } else { 1835 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 1836 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 1837 } 1838 1839 txd->txdw4 = htole32(R92C_TXDW4_DRVRATE); 1840 txd->txdw5 = htole32(SM(R92C_TXDW5_DATARATE, URTWN_RIDX_CCK1)); 1841} 1842 1843static int 1844urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni) 1845{ 1846 struct ieee80211vap *vap = ni->ni_vap; 1847 struct urtwn_vap *uvp = URTWN_VAP(vap); 1848 struct mbuf *m; 1849 int error; 1850 1851 URTWN_ASSERT_LOCKED(sc); 1852 1853 if (ni->ni_chan == IEEE80211_CHAN_ANYC) 1854 return (EINVAL); 1855 1856 m = ieee80211_beacon_alloc(ni); 1857 if (m == NULL) { 1858 device_printf(sc->sc_dev, 1859 "%s: could not allocate beacon frame\n", __func__); 1860 return (ENOMEM); 1861 } 1862 1863 if (uvp->bcn_mbuf != NULL) 1864 m_freem(uvp->bcn_mbuf); 1865 1866 uvp->bcn_mbuf = m; 1867 1868 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 1869 return (error); 1870 1871 /* XXX bcnq stuck workaround */ 1872 if ((error = urtwn_tx_beacon(sc, uvp)) != 0) 1873 return (error); 1874 1875 return (0); 1876} 1877 1878static void 1879urtwn_update_beacon(struct ieee80211vap *vap, int item) 1880{ 1881 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 1882 struct urtwn_vap *uvp = URTWN_VAP(vap); 1883 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off; 1884 struct ieee80211_node *ni = vap->iv_bss; 1885 int mcast = 0; 1886 1887 URTWN_LOCK(sc); 1888 if (uvp->bcn_mbuf == NULL) { 1889 uvp->bcn_mbuf = ieee80211_beacon_alloc(ni); 1890 if (uvp->bcn_mbuf == NULL) { 1891 device_printf(sc->sc_dev, 1892 "%s: could not allocate beacon frame\n", __func__); 1893 URTWN_UNLOCK(sc); 1894 return; 1895 } 1896 } 1897 URTWN_UNLOCK(sc); 1898 1899 if (item == IEEE80211_BEACON_TIM) 1900 mcast = 1; /* XXX */ 1901 1902 setbit(bo->bo_flags, item); 1903 ieee80211_beacon_update(ni, uvp->bcn_mbuf, mcast); 1904 1905 URTWN_LOCK(sc); 1906 urtwn_tx_beacon(sc, uvp); 1907 URTWN_UNLOCK(sc); 1908} 1909 1910/* 1911 * Push a beacon frame into the chip. Beacon will 1912 * be repeated by the chip every R92C_BCN_INTERVAL. 1913 */ 1914static int 1915urtwn_tx_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp) 1916{ 1917 struct r92c_tx_desc *desc = &uvp->bcn_desc; 1918 struct urtwn_data *bf; 1919 1920 URTWN_ASSERT_LOCKED(sc); 1921 1922 bf = urtwn_getbuf(sc); 1923 if (bf == NULL) 1924 return (ENOMEM); 1925 1926 memcpy(bf->buf, desc, sizeof(*desc)); 1927 urtwn_tx_start(sc, uvp->bcn_mbuf, IEEE80211_FC0_TYPE_MGT, bf); 1928 1929 sc->sc_txtimer = 5; 1930 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 1931 1932 return (0); 1933} 1934 1935static int 1936urtwn_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k, 1937 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix) 1938{ 1939 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 1940 uint8_t i; 1941 1942 if (!(&vap->iv_nw_keys[0] <= k && 1943 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) { 1944 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 1945 URTWN_LOCK(sc); 1946 /* 1947 * First 4 slots for group keys, 1948 * what is left - for pairwise. 1949 * XXX incompatible with IBSS RSN. 1950 */ 1951 for (i = IEEE80211_WEP_NKID; 1952 i < R92C_CAM_ENTRY_COUNT; i++) { 1953 if ((sc->keys_bmap & (1 << i)) == 0) { 1954 sc->keys_bmap |= 1 << i; 1955 *keyix = i; 1956 break; 1957 } 1958 } 1959 URTWN_UNLOCK(sc); 1960 if (i == R92C_CAM_ENTRY_COUNT) { 1961 device_printf(sc->sc_dev, 1962 "%s: no free space in the key table\n", 1963 __func__); 1964 return 0; 1965 } 1966 } else 1967 *keyix = 0; 1968 } else { 1969 *keyix = k - vap->iv_nw_keys; 1970 } 1971 *rxkeyix = *keyix; 1972 return 1; 1973} 1974 1975static void 1976urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data) 1977{ 1978 struct ieee80211_key *k = &data->key; 1979 uint8_t algo, keyid; 1980 int i, error; 1981 1982 if (k->wk_keyix < IEEE80211_WEP_NKID) 1983 keyid = k->wk_keyix; 1984 else 1985 keyid = 0; 1986 1987 /* Map net80211 cipher to HW crypto algorithm. */ 1988 switch (k->wk_cipher->ic_cipher) { 1989 case IEEE80211_CIPHER_WEP: 1990 if (k->wk_keylen < 8) 1991 algo = R92C_CAM_ALGO_WEP40; 1992 else 1993 algo = R92C_CAM_ALGO_WEP104; 1994 break; 1995 case IEEE80211_CIPHER_TKIP: 1996 algo = R92C_CAM_ALGO_TKIP; 1997 break; 1998 case IEEE80211_CIPHER_AES_CCM: 1999 algo = R92C_CAM_ALGO_AES; 2000 break; 2001 default: 2002 device_printf(sc->sc_dev, "%s: undefined cipher %d\n", 2003 __func__, k->wk_cipher->ic_cipher); 2004 return; 2005 } 2006 2007 DPRINTFN(9, "keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, " 2008 "macaddr %s\n", k->wk_keyix, keyid, k->wk_cipher->ic_cipher, algo, 2009 k->wk_flags, k->wk_keylen, ether_sprintf(k->wk_macaddr)); 2010 2011 /* Write key. */ 2012 for (i = 0; i < 4; i++) { 2013 error = urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 2014 LE_READ_4(&k->wk_key[i * 4])); 2015 if (error != 0) 2016 goto fail; 2017 } 2018 2019 /* Write CTL0 last since that will validate the CAM entry. */ 2020 error = urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 2021 LE_READ_4(&k->wk_macaddr[2])); 2022 if (error != 0) 2023 goto fail; 2024 error = urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 2025 SM(R92C_CAM_ALGO, algo) | 2026 SM(R92C_CAM_KEYID, keyid) | 2027 SM(R92C_CAM_MACLO, LE_READ_2(&k->wk_macaddr[0])) | 2028 R92C_CAM_VALID); 2029 if (error != 0) 2030 goto fail; 2031 2032 return; 2033 2034fail: 2035 device_printf(sc->sc_dev, "%s fails, error %d\n", __func__, error); 2036} 2037 2038static void 2039urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data) 2040{ 2041 struct ieee80211_key *k = &data->key; 2042 int i; 2043 2044 DPRINTFN(9, "keyix %d, flags %04X, macaddr %s\n", 2045 k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr)); 2046 2047 urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0); 2048 urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 0); 2049 2050 /* Clear key. */ 2051 for (i = 0; i < 4; i++) 2052 urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 0); 2053 sc->keys_bmap &= ~(1 << k->wk_keyix); 2054} 2055 2056static int 2057urtwn_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k) 2058{ 2059 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2060 2061 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 2062 /* Not for us. */ 2063 return (1); 2064 } 2065 2066 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_set_cb)); 2067} 2068 2069static int 2070urtwn_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 2071{ 2072 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2073 2074 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 2075 /* Not for us. */ 2076 return (1); 2077 } 2078 2079 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_del_cb)); 2080} 2081 2082static void 2083urtwn_tsf_task_adhoc(void *arg, int pending) 2084{ 2085 struct ieee80211vap *vap = arg; 2086 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2087 struct ieee80211_node *ni; 2088 uint32_t reg; 2089 2090 URTWN_LOCK(sc); 2091 ni = ieee80211_ref_node(vap->iv_bss); 2092 reg = urtwn_read_1(sc, R92C_BCN_CTRL); 2093 2094 /* Accept beacons with the same BSSID. */ 2095 urtwn_set_rx_bssid_all(sc, 0); 2096 2097 /* Enable synchronization. */ 2098 reg &= ~R92C_BCN_CTRL_DIS_TSF_UDT0; 2099 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2100 2101 /* Synchronize. */ 2102 usb_pause_mtx(&sc->sc_mtx, hz * ni->ni_intval * 5 / 1000); 2103 2104 /* Disable synchronization. */ 2105 reg |= R92C_BCN_CTRL_DIS_TSF_UDT0; 2106 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2107 2108 /* Remove beacon filter. */ 2109 urtwn_set_rx_bssid_all(sc, 1); 2110 2111 /* Enable beaconing. */ 2112 urtwn_write_1(sc, R92C_MBID_NUM, 2113 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 2114 reg |= R92C_BCN_CTRL_EN_BCN; 2115 2116 urtwn_write_1(sc, R92C_BCN_CTRL, reg); 2117 ieee80211_free_node(ni); 2118 URTWN_UNLOCK(sc); 2119} 2120 2121static void 2122urtwn_tsf_sync_enable(struct urtwn_softc *sc, struct ieee80211vap *vap) 2123{ 2124 struct ieee80211com *ic = &sc->sc_ic; 2125 struct urtwn_vap *uvp = URTWN_VAP(vap); 2126 2127 /* Reset TSF. */ 2128 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 2129 2130 switch (vap->iv_opmode) { 2131 case IEEE80211_M_STA: 2132 /* Enable TSF synchronization. */ 2133 urtwn_write_1(sc, R92C_BCN_CTRL, 2134 urtwn_read_1(sc, R92C_BCN_CTRL) & 2135 ~R92C_BCN_CTRL_DIS_TSF_UDT0); 2136 break; 2137 case IEEE80211_M_IBSS: 2138 ieee80211_runtask(ic, &uvp->tsf_task_adhoc); 2139 break; 2140 case IEEE80211_M_HOSTAP: 2141 /* Enable beaconing. */ 2142 urtwn_write_1(sc, R92C_MBID_NUM, 2143 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0); 2144 urtwn_write_1(sc, R92C_BCN_CTRL, 2145 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN); 2146 break; 2147 default: 2148 device_printf(sc->sc_dev, "undefined opmode %d\n", 2149 vap->iv_opmode); 2150 return; 2151 } 2152} 2153 2154static void 2155urtwn_get_tsf(struct urtwn_softc *sc, uint64_t *buf) 2156{ 2157 urtwn_read_region_1(sc, R92C_TSFTR, (uint8_t *)buf, sizeof(*buf)); 2158} 2159 2160static void 2161urtwn_set_led(struct urtwn_softc *sc, int led, int on) 2162{ 2163 uint8_t reg; 2164 2165 if (led == URTWN_LED_LINK) { 2166 if (sc->chip & URTWN_CHIP_88E) { 2167 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0xf0; 2168 urtwn_write_1(sc, R92C_LEDCFG2, reg | 0x60); 2169 if (!on) { 2170 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0x90; 2171 urtwn_write_1(sc, R92C_LEDCFG2, 2172 reg | R92C_LEDCFG0_DIS); 2173 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 2174 urtwn_read_1(sc, R92C_MAC_PINMUX_CFG) & 2175 0xfe); 2176 } 2177 } else { 2178 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70; 2179 if (!on) 2180 reg |= R92C_LEDCFG0_DIS; 2181 urtwn_write_1(sc, R92C_LEDCFG0, reg); 2182 } 2183 sc->ledlink = on; /* Save LED state. */ 2184 } 2185} 2186 2187static void 2188urtwn_set_mode(struct urtwn_softc *sc, uint8_t mode) 2189{ 2190 uint8_t reg; 2191 2192 reg = urtwn_read_1(sc, R92C_MSR); 2193 reg = (reg & ~R92C_MSR_MASK) | mode; 2194 urtwn_write_1(sc, R92C_MSR, reg); 2195} 2196 2197static void 2198urtwn_ibss_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype, 2199 const struct ieee80211_rx_stats *rxs, 2200 int rssi, int nf) 2201{ 2202 struct ieee80211vap *vap = ni->ni_vap; 2203 struct urtwn_softc *sc = vap->iv_ic->ic_softc; 2204 struct urtwn_vap *uvp = URTWN_VAP(vap); 2205 uint64_t ni_tstamp, curr_tstamp; 2206 2207 uvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf); 2208 2209 if (vap->iv_state == IEEE80211_S_RUN && 2210 (subtype == IEEE80211_FC0_SUBTYPE_BEACON || 2211 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) { 2212 ni_tstamp = le64toh(ni->ni_tstamp.tsf); 2213 URTWN_LOCK(sc); 2214 urtwn_get_tsf(sc, &curr_tstamp); 2215 URTWN_UNLOCK(sc); 2216 curr_tstamp = le64toh(curr_tstamp); 2217 2218 if (ni_tstamp >= curr_tstamp) 2219 (void) ieee80211_ibss_merge(ni); 2220 } 2221} 2222 2223static int 2224urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2225{ 2226 struct urtwn_vap *uvp = URTWN_VAP(vap); 2227 struct ieee80211com *ic = vap->iv_ic; 2228 struct urtwn_softc *sc = ic->ic_softc; 2229 struct ieee80211_node *ni; 2230 enum ieee80211_state ostate; 2231 uint32_t reg; 2232 uint8_t mode; 2233 int error = 0; 2234 2235 ostate = vap->iv_state; 2236 DPRINTF("%s -> %s\n", ieee80211_state_name[ostate], 2237 ieee80211_state_name[nstate]); 2238 2239 IEEE80211_UNLOCK(ic); 2240 URTWN_LOCK(sc); 2241 callout_stop(&sc->sc_watchdog_ch); 2242 2243 if (ostate == IEEE80211_S_RUN) { 2244 /* Turn link LED off. */ 2245 urtwn_set_led(sc, URTWN_LED_LINK, 0); 2246 2247 /* Set media status to 'No Link'. */ 2248 urtwn_set_mode(sc, R92C_MSR_NOLINK); 2249 2250 /* Stop Rx of data frames. */ 2251 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 2252 2253 /* Disable TSF synchronization. */ 2254 urtwn_write_1(sc, R92C_BCN_CTRL, 2255 (urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN) | 2256 R92C_BCN_CTRL_DIS_TSF_UDT0); 2257 2258 /* Disable beaconing. */ 2259 urtwn_write_1(sc, R92C_MBID_NUM, 2260 urtwn_read_1(sc, R92C_MBID_NUM) & ~R92C_MBID_TXBCN_RPT0); 2261 2262 /* Reset TSF. */ 2263 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0); 2264 2265 /* Reset EDCA parameters. */ 2266 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217); 2267 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317); 2268 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320); 2269 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444); 2270 } 2271 2272 switch (nstate) { 2273 case IEEE80211_S_INIT: 2274 /* Turn link LED off. */ 2275 urtwn_set_led(sc, URTWN_LED_LINK, 0); 2276 break; 2277 case IEEE80211_S_SCAN: 2278 /* Pause AC Tx queues. */ 2279 urtwn_write_1(sc, R92C_TXPAUSE, 2280 urtwn_read_1(sc, R92C_TXPAUSE) | 0x0f); 2281 break; 2282 case IEEE80211_S_AUTH: 2283 urtwn_set_chan(sc, ic->ic_curchan, NULL); 2284 break; 2285 case IEEE80211_S_RUN: 2286 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 2287 /* Turn link LED on. */ 2288 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2289 break; 2290 } 2291 2292 ni = ieee80211_ref_node(vap->iv_bss); 2293 2294 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC || 2295 ni->ni_chan == IEEE80211_CHAN_ANYC) { 2296 device_printf(sc->sc_dev, 2297 "%s: could not move to RUN state\n", __func__); 2298 error = EINVAL; 2299 goto end_run; 2300 } 2301 2302 switch (vap->iv_opmode) { 2303 case IEEE80211_M_STA: 2304 mode = R92C_MSR_INFRA; 2305 break; 2306 case IEEE80211_M_IBSS: 2307 mode = R92C_MSR_ADHOC; 2308 break; 2309 case IEEE80211_M_HOSTAP: 2310 mode = R92C_MSR_AP; 2311 break; 2312 default: 2313 device_printf(sc->sc_dev, "undefined opmode %d\n", 2314 vap->iv_opmode); 2315 error = EINVAL; 2316 goto end_run; 2317 } 2318 2319 /* Set media status to 'Associated'. */ 2320 urtwn_set_mode(sc, mode); 2321 2322 /* Set BSSID. */ 2323 urtwn_write_4(sc, R92C_BSSID + 0, LE_READ_4(&ni->ni_bssid[0])); 2324 urtwn_write_4(sc, R92C_BSSID + 4, LE_READ_2(&ni->ni_bssid[4])); 2325 2326 if (ic->ic_curmode == IEEE80211_MODE_11B) 2327 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0); 2328 else /* 802.11b/g */ 2329 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3); 2330 2331 /* Enable Rx of data frames. */ 2332 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 2333 2334 /* Flush all AC queues. */ 2335 urtwn_write_1(sc, R92C_TXPAUSE, 0); 2336 2337 /* Set beacon interval. */ 2338 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval); 2339 2340 /* Allow Rx from our BSSID only. */ 2341 if (ic->ic_promisc == 0) { 2342 reg = urtwn_read_4(sc, R92C_RCR); 2343 2344 if (vap->iv_opmode != IEEE80211_M_HOSTAP) 2345 reg |= R92C_RCR_CBSSID_DATA; 2346 if (vap->iv_opmode != IEEE80211_M_IBSS) 2347 reg |= R92C_RCR_CBSSID_BCN; 2348 2349 urtwn_write_4(sc, R92C_RCR, reg); 2350 } 2351 2352 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 2353 vap->iv_opmode == IEEE80211_M_IBSS) { 2354 error = urtwn_setup_beacon(sc, ni); 2355 if (error != 0) { 2356 device_printf(sc->sc_dev, 2357 "unable to push beacon into the chip, " 2358 "error %d\n", error); 2359 goto end_run; 2360 } 2361 } 2362 2363 /* Enable TSF synchronization. */ 2364 urtwn_tsf_sync_enable(sc, vap); 2365 2366 urtwn_write_1(sc, R92C_SIFS_CCK + 1, 10); 2367 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10); 2368 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10); 2369 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10); 2370 urtwn_write_1(sc, R92C_R2T_SIFS + 1, 10); 2371 urtwn_write_1(sc, R92C_T2T_SIFS + 1, 10); 2372 2373 /* Intialize rate adaptation. */ 2374 if (!(sc->chip & URTWN_CHIP_88E)) 2375 urtwn_ra_init(sc); 2376 /* Turn link LED on. */ 2377 urtwn_set_led(sc, URTWN_LED_LINK, 1); 2378 2379 sc->avg_pwdb = -1; /* Reset average RSSI. */ 2380 /* Reset temperature calibration state machine. */ 2381 sc->thcal_state = 0; 2382 sc->thcal_lctemp = 0; 2383 2384end_run: 2385 ieee80211_free_node(ni); 2386 break; 2387 default: 2388 break; 2389 } 2390 2391 URTWN_UNLOCK(sc); 2392 IEEE80211_LOCK(ic); 2393 return (error != 0 ? error : uvp->newstate(vap, nstate, arg)); 2394} 2395 2396static void 2397urtwn_watchdog(void *arg) 2398{ 2399 struct urtwn_softc *sc = arg; 2400 2401 if (sc->sc_txtimer > 0) { 2402 if (--sc->sc_txtimer == 0) { 2403 device_printf(sc->sc_dev, "device timeout\n"); 2404 counter_u64_add(sc->sc_ic.ic_oerrors, 1); 2405 return; 2406 } 2407 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2408 } 2409} 2410 2411static void 2412urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi) 2413{ 2414 int pwdb; 2415 2416 /* Convert antenna signal to percentage. */ 2417 if (rssi <= -100 || rssi >= 20) 2418 pwdb = 0; 2419 else if (rssi >= 0) 2420 pwdb = 100; 2421 else 2422 pwdb = 100 + rssi; 2423 if (!(sc->chip & URTWN_CHIP_88E)) { 2424 if (rate <= URTWN_RIDX_CCK11) { 2425 /* CCK gain is smaller than OFDM/MCS gain. */ 2426 pwdb += 6; 2427 if (pwdb > 100) 2428 pwdb = 100; 2429 if (pwdb <= 14) 2430 pwdb -= 4; 2431 else if (pwdb <= 26) 2432 pwdb -= 8; 2433 else if (pwdb <= 34) 2434 pwdb -= 6; 2435 else if (pwdb <= 42) 2436 pwdb -= 2; 2437 } 2438 } 2439 if (sc->avg_pwdb == -1) /* Init. */ 2440 sc->avg_pwdb = pwdb; 2441 else if (sc->avg_pwdb < pwdb) 2442 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1; 2443 else 2444 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20); 2445 DPRINTFN(4, "PWDB=%d EMA=%d\n", pwdb, sc->avg_pwdb); 2446} 2447 2448static int8_t 2449urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2450{ 2451 static const int8_t cckoff[] = { 16, -12, -26, -46 }; 2452 struct r92c_rx_phystat *phy; 2453 struct r92c_rx_cck *cck; 2454 uint8_t rpt; 2455 int8_t rssi; 2456 2457 if (rate <= URTWN_RIDX_CCK11) { 2458 cck = (struct r92c_rx_cck *)physt; 2459 if (sc->sc_flags & URTWN_FLAG_CCK_HIPWR) { 2460 rpt = (cck->agc_rpt >> 5) & 0x3; 2461 rssi = (cck->agc_rpt & 0x1f) << 1; 2462 } else { 2463 rpt = (cck->agc_rpt >> 6) & 0x3; 2464 rssi = cck->agc_rpt & 0x3e; 2465 } 2466 rssi = cckoff[rpt] - rssi; 2467 } else { /* OFDM/HT. */ 2468 phy = (struct r92c_rx_phystat *)physt; 2469 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2470 } 2471 return (rssi); 2472} 2473 2474static int8_t 2475urtwn_r88e_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 2476{ 2477 struct r92c_rx_phystat *phy; 2478 struct r88e_rx_cck *cck; 2479 uint8_t cck_agc_rpt, lna_idx, vga_idx; 2480 int8_t rssi; 2481 2482 rssi = 0; 2483 if (rate <= URTWN_RIDX_CCK11) { 2484 cck = (struct r88e_rx_cck *)physt; 2485 cck_agc_rpt = cck->agc_rpt; 2486 lna_idx = (cck_agc_rpt & 0xe0) >> 5; 2487 vga_idx = cck_agc_rpt & 0x1f; 2488 switch (lna_idx) { 2489 case 7: 2490 if (vga_idx <= 27) 2491 rssi = -100 + 2* (27 - vga_idx); 2492 else 2493 rssi = -100; 2494 break; 2495 case 6: 2496 rssi = -48 + 2 * (2 - vga_idx); 2497 break; 2498 case 5: 2499 rssi = -42 + 2 * (7 - vga_idx); 2500 break; 2501 case 4: 2502 rssi = -36 + 2 * (7 - vga_idx); 2503 break; 2504 case 3: 2505 rssi = -24 + 2 * (7 - vga_idx); 2506 break; 2507 case 2: 2508 rssi = -12 + 2 * (5 - vga_idx); 2509 break; 2510 case 1: 2511 rssi = 8 - (2 * vga_idx); 2512 break; 2513 case 0: 2514 rssi = 14 - (2 * vga_idx); 2515 break; 2516 } 2517 rssi += 6; 2518 } else { /* OFDM/HT. */ 2519 phy = (struct r92c_rx_phystat *)physt; 2520 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 2521 } 2522 return (rssi); 2523} 2524 2525static __inline uint8_t 2526rate2ridx(uint8_t rate) 2527{ 2528 switch (rate) { 2529 case 12: return 4; 2530 case 18: return 5; 2531 case 24: return 6; 2532 case 36: return 7; 2533 case 48: return 8; 2534 case 72: return 9; 2535 case 96: return 10; 2536 case 108: return 11; 2537 case 2: return 0; 2538 case 4: return 1; 2539 case 11: return 2; 2540 case 22: return 3; 2541 default: return 0; 2542 } 2543} 2544 2545static int 2546urtwn_tx_data(struct urtwn_softc *sc, struct ieee80211_node *ni, 2547 struct mbuf *m, struct urtwn_data *data) 2548{ 2549 const struct ieee80211_txparam *tp; 2550 struct ieee80211com *ic = &sc->sc_ic; 2551 struct ieee80211vap *vap = ni->ni_vap; 2552 struct ieee80211_key *k = NULL; 2553 struct ieee80211_channel *chan; 2554 struct ieee80211_frame *wh; 2555 struct r92c_tx_desc *txd; 2556 uint8_t macid, raid, rate, ridx, subtype, type, tid, qsel; 2557 int hasqos, ismcast; 2558 2559 URTWN_ASSERT_LOCKED(sc); 2560 2561 /* 2562 * Software crypto. 2563 */ 2564 wh = mtod(m, struct ieee80211_frame *); 2565 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2566 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2567 hasqos = IEEE80211_QOS_HAS_SEQ(wh); 2568 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 2569 2570 /* Select TX ring for this frame. */ 2571 if (hasqos) { 2572 tid = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 2573 tid &= IEEE80211_QOS_TID; 2574 } else 2575 tid = 0; 2576 2577 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ? 2578 ni->ni_chan : ic->ic_curchan; 2579 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 2580 2581 /* Choose a TX rate index. */ 2582 if (type == IEEE80211_FC0_TYPE_MGT) 2583 rate = tp->mgmtrate; 2584 else if (ismcast) 2585 rate = tp->mcastrate; 2586 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 2587 rate = tp->ucastrate; 2588 else if (m->m_flags & M_EAPOL) 2589 rate = tp->mgmtrate; 2590 else { 2591 if (URTWN_CHIP_HAS_RATECTL(sc)) { 2592 /* XXX pass pktlen */ 2593 (void) ieee80211_ratectl_rate(ni, NULL, 0); 2594 rate = ni->ni_txrate; 2595 } else { 2596 if (ic->ic_curmode != IEEE80211_MODE_11B) 2597 rate = 108; 2598 else 2599 rate = 22; 2600 } 2601 } 2602 2603 ridx = rate2ridx(rate); 2604 if (ic->ic_curmode != IEEE80211_MODE_11B) 2605 raid = R92C_RAID_11BG; 2606 else 2607 raid = R92C_RAID_11B; 2608 2609 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2610 k = ieee80211_crypto_encap(ni, m); 2611 if (k == NULL) { 2612 device_printf(sc->sc_dev, 2613 "ieee80211_crypto_encap returns NULL.\n"); 2614 return (ENOBUFS); 2615 } 2616 2617 /* in case packet header moved, reset pointer */ 2618 wh = mtod(m, struct ieee80211_frame *); 2619 } 2620 2621 /* Fill Tx descriptor. */ 2622 txd = (struct r92c_tx_desc *)data->buf; 2623 memset(txd, 0, sizeof(*txd)); 2624 2625 txd->txdw0 |= htole32( 2626 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2627 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2628 if (ismcast) 2629 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2630 2631 if (!ismcast) { 2632 if (sc->chip & URTWN_CHIP_88E) { 2633 struct urtwn_node *un = URTWN_NODE(ni); 2634 macid = un->id; 2635 } else 2636 macid = URTWN_MACID_BSS; 2637 2638 if (type == IEEE80211_FC0_TYPE_DATA) { 2639 qsel = tid % URTWN_MAX_TID; 2640 2641 if (sc->chip & URTWN_CHIP_88E) { 2642 txd->txdw2 |= htole32( 2643 R88E_TXDW2_AGGBK | 2644 R88E_TXDW2_CCX_RPT); 2645 } else 2646 txd->txdw1 |= htole32(R92C_TXDW1_AGGBK); 2647 2648 if (ic->ic_flags & IEEE80211_F_USEPROT) { 2649 switch (ic->ic_protmode) { 2650 case IEEE80211_PROT_CTSONLY: 2651 txd->txdw4 |= htole32( 2652 R92C_TXDW4_CTS2SELF | 2653 R92C_TXDW4_HWRTSEN); 2654 break; 2655 case IEEE80211_PROT_RTSCTS: 2656 txd->txdw4 |= htole32( 2657 R92C_TXDW4_RTSEN | 2658 R92C_TXDW4_HWRTSEN); 2659 break; 2660 default: 2661 break; 2662 } 2663 } 2664 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 2665 URTWN_RIDX_OFDM24)); 2666 txd->txdw5 |= htole32(0x0001ff00); 2667 } else /* IEEE80211_FC0_TYPE_MGT */ 2668 qsel = R92C_TXDW1_QSEL_MGNT; 2669 } else { 2670 macid = URTWN_MACID_BC; 2671 qsel = R92C_TXDW1_QSEL_MGNT; 2672 } 2673 2674 txd->txdw1 |= htole32( 2675 SM(R92C_TXDW1_QSEL, qsel) | 2676 SM(R92C_TXDW1_RAID, raid)); 2677 2678 if (sc->chip & URTWN_CHIP_88E) 2679 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, macid)); 2680 else 2681 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, macid)); 2682 2683 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 2684 /* Force this rate if needed. */ 2685 if (URTWN_CHIP_HAS_RATECTL(sc) || ismcast || 2686 (m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA) 2687 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2688 2689 if (!hasqos) { 2690 /* Use HW sequence numbering for non-QoS frames. */ 2691 if (sc->chip & URTWN_CHIP_88E) 2692 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 2693 else 2694 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 2695 } else { 2696 /* Set sequence number. */ 2697 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 2698 } 2699 2700 if (k != NULL && !(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 2701 uint8_t cipher; 2702 2703 switch (k->wk_cipher->ic_cipher) { 2704 case IEEE80211_CIPHER_WEP: 2705 case IEEE80211_CIPHER_TKIP: 2706 cipher = R92C_TXDW1_CIPHER_RC4; 2707 break; 2708 case IEEE80211_CIPHER_AES_CCM: 2709 cipher = R92C_TXDW1_CIPHER_AES; 2710 break; 2711 default: 2712 device_printf(sc->sc_dev, "%s: unknown cipher %d\n", 2713 __func__, k->wk_cipher->ic_cipher); 2714 return (EINVAL); 2715 } 2716 2717 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher)); 2718 } 2719 2720 if (ieee80211_radiotap_active_vap(vap)) { 2721 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 2722 2723 tap->wt_flags = 0; 2724 if (k != NULL) 2725 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2726 ieee80211_radiotap_tx(vap, m); 2727 } 2728 2729 data->ni = ni; 2730 2731 urtwn_tx_start(sc, m, type, data); 2732 2733 return (0); 2734} 2735 2736static int 2737urtwn_tx_raw(struct urtwn_softc *sc, struct ieee80211_node *ni, 2738 struct mbuf *m, struct urtwn_data *data, 2739 const struct ieee80211_bpf_params *params) 2740{ 2741 struct ieee80211vap *vap = ni->ni_vap; 2742 struct ieee80211_key *k = NULL; 2743 struct ieee80211_frame *wh; 2744 struct r92c_tx_desc *txd; 2745 uint8_t cipher, ridx, type; 2746 2747 /* Encrypt the frame if need be. */ 2748 cipher = R92C_TXDW1_CIPHER_NONE; 2749 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) { 2750 /* Retrieve key for TX. */ 2751 k = ieee80211_crypto_encap(ni, m); 2752 if (k == NULL) 2753 return (ENOBUFS); 2754 2755 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) { 2756 switch (k->wk_cipher->ic_cipher) { 2757 case IEEE80211_CIPHER_WEP: 2758 case IEEE80211_CIPHER_TKIP: 2759 cipher = R92C_TXDW1_CIPHER_RC4; 2760 break; 2761 case IEEE80211_CIPHER_AES_CCM: 2762 cipher = R92C_TXDW1_CIPHER_AES; 2763 break; 2764 default: 2765 device_printf(sc->sc_dev, 2766 "%s: unknown cipher %d\n", 2767 __func__, k->wk_cipher->ic_cipher); 2768 return (EINVAL); 2769 } 2770 } 2771 } 2772 2773 wh = mtod(m, struct ieee80211_frame *); 2774 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2775 2776 /* Fill Tx descriptor. */ 2777 txd = (struct r92c_tx_desc *)data->buf; 2778 memset(txd, 0, sizeof(*txd)); 2779 2780 txd->txdw0 |= htole32( 2781 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2782 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2783 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 2784 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2785 2786 if (params->ibp_flags & IEEE80211_BPF_RTS) 2787 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN); 2788 if (params->ibp_flags & IEEE80211_BPF_CTS) 2789 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF); 2790 if (txd->txdw4 & htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_CTS2SELF)) { 2791 txd->txdw4 |= htole32(R92C_TXDW4_HWRTSEN); 2792 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 2793 URTWN_RIDX_OFDM24)); 2794 } 2795 2796 if (sc->chip & URTWN_CHIP_88E) 2797 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC)); 2798 else 2799 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC)); 2800 2801 txd->txdw1 |= htole32(SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT)); 2802 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher)); 2803 2804 /* Choose a TX rate index. */ 2805 ridx = rate2ridx(params->ibp_rate0); 2806 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx)); 2807 txd->txdw5 |= htole32(0x0001ff00); 2808 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2809 2810 if (!IEEE80211_QOS_HAS_SEQ(wh)) { 2811 /* Use HW sequence numbering for non-QoS frames. */ 2812 if (sc->chip & URTWN_CHIP_88E) 2813 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN); 2814 else 2815 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN); 2816 } else { 2817 /* Set sequence number. */ 2818 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE); 2819 } 2820 2821 if (ieee80211_radiotap_active_vap(vap)) { 2822 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 2823 2824 tap->wt_flags = 0; 2825 if (k != NULL) 2826 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2827 ieee80211_radiotap_tx(vap, m); 2828 } 2829 2830 data->ni = ni; 2831 2832 urtwn_tx_start(sc, m, type, data); 2833 2834 return (0); 2835} 2836 2837static void 2838urtwn_tx_start(struct urtwn_softc *sc, struct mbuf *m, uint8_t type, 2839 struct urtwn_data *data) 2840{ 2841 struct usb_xfer *xfer; 2842 struct r92c_tx_desc *txd; 2843 uint16_t ac, sum; 2844 int i, xferlen; 2845 2846 URTWN_ASSERT_LOCKED(sc); 2847 2848 ac = M_WME_GETAC(m); 2849 2850 switch (type) { 2851 case IEEE80211_FC0_TYPE_CTL: 2852 case IEEE80211_FC0_TYPE_MGT: 2853 xfer = sc->sc_xfer[URTWN_BULK_TX_VO]; 2854 break; 2855 default: 2856 xfer = sc->sc_xfer[wme2queue[ac].qid]; 2857 break; 2858 } 2859 2860 txd = (struct r92c_tx_desc *)data->buf; 2861 txd->txdw0 |= htole32(SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len)); 2862 2863 /* Compute Tx descriptor checksum. */ 2864 sum = 0; 2865 for (i = 0; i < sizeof(*txd) / 2; i++) 2866 sum ^= ((uint16_t *)txd)[i]; 2867 txd->txdsum = sum; /* NB: already little endian. */ 2868 2869 xferlen = sizeof(*txd) + m->m_pkthdr.len; 2870 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&txd[1]); 2871 2872 data->buflen = xferlen; 2873 data->m = m; 2874 2875 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next); 2876 usbd_transfer_start(xfer); 2877} 2878 2879static int 2880urtwn_transmit(struct ieee80211com *ic, struct mbuf *m) 2881{ 2882 struct urtwn_softc *sc = ic->ic_softc; 2883 int error; 2884 2885 URTWN_LOCK(sc); 2886 if ((sc->sc_flags & URTWN_RUNNING) == 0) { 2887 URTWN_UNLOCK(sc); 2888 return (ENXIO); 2889 } 2890 error = mbufq_enqueue(&sc->sc_snd, m); 2891 if (error) { 2892 URTWN_UNLOCK(sc); 2893 return (error); 2894 } 2895 urtwn_start(sc); 2896 URTWN_UNLOCK(sc); 2897 2898 return (0); 2899} 2900 2901static void 2902urtwn_start(struct urtwn_softc *sc) 2903{ 2904 struct ieee80211_node *ni; 2905 struct mbuf *m; 2906 struct urtwn_data *bf; 2907 2908 URTWN_ASSERT_LOCKED(sc); 2909 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) { 2910 bf = urtwn_getbuf(sc); 2911 if (bf == NULL) { 2912 mbufq_prepend(&sc->sc_snd, m); 2913 break; 2914 } 2915 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 2916 m->m_pkthdr.rcvif = NULL; 2917 if (urtwn_tx_data(sc, ni, m, bf) != 0) { 2918 if_inc_counter(ni->ni_vap->iv_ifp, 2919 IFCOUNTER_OERRORS, 1); 2920 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 2921 m_freem(m); 2922 ieee80211_free_node(ni); 2923 break; 2924 } 2925 sc->sc_txtimer = 5; 2926 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 2927 } 2928} 2929 2930static void 2931urtwn_parent(struct ieee80211com *ic) 2932{ 2933 struct urtwn_softc *sc = ic->ic_softc; 2934 2935 URTWN_LOCK(sc); 2936 if (sc->sc_flags & URTWN_DETACHED) { 2937 URTWN_UNLOCK(sc); 2938 return; 2939 } 2940 URTWN_UNLOCK(sc); 2941 2942 if (ic->ic_nrunning > 0) { 2943 if (urtwn_init(sc) != 0) { 2944 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2945 if (vap != NULL) 2946 ieee80211_stop(vap); 2947 } else 2948 ieee80211_start_all(ic); 2949 } else 2950 urtwn_stop(sc); 2951} 2952 2953static __inline int 2954urtwn_power_on(struct urtwn_softc *sc) 2955{ 2956 2957 return sc->sc_power_on(sc); 2958} 2959 2960static int 2961urtwn_r92c_power_on(struct urtwn_softc *sc) 2962{ 2963 uint32_t reg; 2964 usb_error_t error; 2965 int ntries; 2966 2967 /* Wait for autoload done bit. */ 2968 for (ntries = 0; ntries < 1000; ntries++) { 2969 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN) 2970 break; 2971 urtwn_ms_delay(sc); 2972 } 2973 if (ntries == 1000) { 2974 device_printf(sc->sc_dev, 2975 "timeout waiting for chip autoload\n"); 2976 return (ETIMEDOUT); 2977 } 2978 2979 /* Unlock ISO/CLK/Power control register. */ 2980 error = urtwn_write_1(sc, R92C_RSV_CTRL, 0); 2981 if (error != USB_ERR_NORMAL_COMPLETION) 2982 return (EIO); 2983 /* Move SPS into PWM mode. */ 2984 error = urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b); 2985 if (error != USB_ERR_NORMAL_COMPLETION) 2986 return (EIO); 2987 urtwn_ms_delay(sc); 2988 2989 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL); 2990 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) { 2991 error = urtwn_write_1(sc, R92C_LDOV12D_CTRL, 2992 reg | R92C_LDOV12D_CTRL_LDV12_EN); 2993 if (error != USB_ERR_NORMAL_COMPLETION) 2994 return (EIO); 2995 urtwn_ms_delay(sc); 2996 error = urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 2997 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) & 2998 ~R92C_SYS_ISO_CTRL_MD2PP); 2999 if (error != USB_ERR_NORMAL_COMPLETION) 3000 return (EIO); 3001 } 3002 3003 /* Auto enable WLAN. */ 3004 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3005 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 3006 if (error != USB_ERR_NORMAL_COMPLETION) 3007 return (EIO); 3008 for (ntries = 0; ntries < 1000; ntries++) { 3009 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 3010 R92C_APS_FSMCO_APFM_ONMAC)) 3011 break; 3012 urtwn_ms_delay(sc); 3013 } 3014 if (ntries == 1000) { 3015 device_printf(sc->sc_dev, 3016 "timeout waiting for MAC auto ON\n"); 3017 return (ETIMEDOUT); 3018 } 3019 3020 /* Enable radio, GPIO and LED functions. */ 3021 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3022 R92C_APS_FSMCO_AFSM_HSUS | 3023 R92C_APS_FSMCO_PDN_EN | 3024 R92C_APS_FSMCO_PFM_ALDN); 3025 if (error != USB_ERR_NORMAL_COMPLETION) 3026 return (EIO); 3027 /* Release RF digital isolation. */ 3028 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 3029 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR); 3030 if (error != USB_ERR_NORMAL_COMPLETION) 3031 return (EIO); 3032 3033 /* Initialize MAC. */ 3034 error = urtwn_write_1(sc, R92C_APSD_CTRL, 3035 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF); 3036 if (error != USB_ERR_NORMAL_COMPLETION) 3037 return (EIO); 3038 for (ntries = 0; ntries < 200; ntries++) { 3039 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) & 3040 R92C_APSD_CTRL_OFF_STATUS)) 3041 break; 3042 urtwn_ms_delay(sc); 3043 } 3044 if (ntries == 200) { 3045 device_printf(sc->sc_dev, 3046 "timeout waiting for MAC initialization\n"); 3047 return (ETIMEDOUT); 3048 } 3049 3050 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 3051 reg = urtwn_read_2(sc, R92C_CR); 3052 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3053 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 3054 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN | 3055 R92C_CR_ENSEC; 3056 error = urtwn_write_2(sc, R92C_CR, reg); 3057 if (error != USB_ERR_NORMAL_COMPLETION) 3058 return (EIO); 3059 3060 error = urtwn_write_1(sc, 0xfe10, 0x19); 3061 if (error != USB_ERR_NORMAL_COMPLETION) 3062 return (EIO); 3063 return (0); 3064} 3065 3066static int 3067urtwn_r88e_power_on(struct urtwn_softc *sc) 3068{ 3069 uint32_t reg; 3070 usb_error_t error; 3071 int ntries; 3072 3073 /* Wait for power ready bit. */ 3074 for (ntries = 0; ntries < 5000; ntries++) { 3075 if (urtwn_read_4(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_SUS_HOST) 3076 break; 3077 urtwn_ms_delay(sc); 3078 } 3079 if (ntries == 5000) { 3080 device_printf(sc->sc_dev, 3081 "timeout waiting for chip power up\n"); 3082 return (ETIMEDOUT); 3083 } 3084 3085 /* Reset BB. */ 3086 error = urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3087 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~(R92C_SYS_FUNC_EN_BBRSTB | 3088 R92C_SYS_FUNC_EN_BB_GLB_RST)); 3089 if (error != USB_ERR_NORMAL_COMPLETION) 3090 return (EIO); 3091 3092 error = urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2, 3093 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80); 3094 if (error != USB_ERR_NORMAL_COMPLETION) 3095 return (EIO); 3096 3097 /* Disable HWPDN. */ 3098 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3099 urtwn_read_2(sc, R92C_APS_FSMCO) & ~R92C_APS_FSMCO_APDM_HPDN); 3100 if (error != USB_ERR_NORMAL_COMPLETION) 3101 return (EIO); 3102 3103 /* Disable WL suspend. */ 3104 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3105 urtwn_read_2(sc, R92C_APS_FSMCO) & 3106 ~(R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_AFSM_PCIE)); 3107 if (error != USB_ERR_NORMAL_COMPLETION) 3108 return (EIO); 3109 3110 error = urtwn_write_2(sc, R92C_APS_FSMCO, 3111 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 3112 if (error != USB_ERR_NORMAL_COMPLETION) 3113 return (EIO); 3114 for (ntries = 0; ntries < 5000; ntries++) { 3115 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 3116 R92C_APS_FSMCO_APFM_ONMAC)) 3117 break; 3118 urtwn_ms_delay(sc); 3119 } 3120 if (ntries == 5000) 3121 return (ETIMEDOUT); 3122 3123 /* Enable LDO normal mode. */ 3124 error = urtwn_write_1(sc, R92C_LPLDO_CTRL, 3125 urtwn_read_1(sc, R92C_LPLDO_CTRL) & ~0x10); 3126 if (error != USB_ERR_NORMAL_COMPLETION) 3127 return (EIO); 3128 3129 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 3130 error = urtwn_write_2(sc, R92C_CR, 0); 3131 if (error != USB_ERR_NORMAL_COMPLETION) 3132 return (EIO); 3133 reg = urtwn_read_2(sc, R92C_CR); 3134 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 3135 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 3136 R92C_CR_SCHEDULE_EN | R92C_CR_ENSEC | R92C_CR_CALTMR_EN; 3137 error = urtwn_write_2(sc, R92C_CR, reg); 3138 if (error != USB_ERR_NORMAL_COMPLETION) 3139 return (EIO); 3140 3141 return (0); 3142} 3143 3144static int 3145urtwn_llt_init(struct urtwn_softc *sc) 3146{ 3147 int i, error, page_count, pktbuf_count; 3148 3149 page_count = (sc->chip & URTWN_CHIP_88E) ? 3150 R88E_TX_PAGE_COUNT : R92C_TX_PAGE_COUNT; 3151 pktbuf_count = (sc->chip & URTWN_CHIP_88E) ? 3152 R88E_TXPKTBUF_COUNT : R92C_TXPKTBUF_COUNT; 3153 3154 /* Reserve pages [0; page_count]. */ 3155 for (i = 0; i < page_count; i++) { 3156 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 3157 return (error); 3158 } 3159 /* NB: 0xff indicates end-of-list. */ 3160 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0) 3161 return (error); 3162 /* 3163 * Use pages [page_count + 1; pktbuf_count - 1] 3164 * as ring buffer. 3165 */ 3166 for (++i; i < pktbuf_count - 1; i++) { 3167 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 3168 return (error); 3169 } 3170 /* Make the last page point to the beginning of the ring buffer. */ 3171 error = urtwn_llt_write(sc, i, page_count + 1); 3172 return (error); 3173} 3174 3175static void 3176urtwn_fw_reset(struct urtwn_softc *sc) 3177{ 3178 uint16_t reg; 3179 int ntries; 3180 3181 /* Tell 8051 to reset itself. */ 3182 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20); 3183 3184 /* Wait until 8051 resets by itself. */ 3185 for (ntries = 0; ntries < 100; ntries++) { 3186 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 3187 if (!(reg & R92C_SYS_FUNC_EN_CPUEN)) 3188 return; 3189 urtwn_ms_delay(sc); 3190 } 3191 /* Force 8051 reset. */ 3192 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 3193} 3194 3195static void 3196urtwn_r88e_fw_reset(struct urtwn_softc *sc) 3197{ 3198 uint16_t reg; 3199 3200 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 3201 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 3202 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg | R92C_SYS_FUNC_EN_CPUEN); 3203} 3204 3205static int 3206urtwn_fw_loadpage(struct urtwn_softc *sc, int page, const uint8_t *buf, int len) 3207{ 3208 uint32_t reg; 3209 usb_error_t error = USB_ERR_NORMAL_COMPLETION; 3210 int off, mlen; 3211 3212 reg = urtwn_read_4(sc, R92C_MCUFWDL); 3213 reg = RW(reg, R92C_MCUFWDL_PAGE, page); 3214 urtwn_write_4(sc, R92C_MCUFWDL, reg); 3215 3216 off = R92C_FW_START_ADDR; 3217 while (len > 0) { 3218 if (len > 196) 3219 mlen = 196; 3220 else if (len > 4) 3221 mlen = 4; 3222 else 3223 mlen = 1; 3224 /* XXX fix this deconst */ 3225 error = urtwn_write_region_1(sc, off, 3226 __DECONST(uint8_t *, buf), mlen); 3227 if (error != USB_ERR_NORMAL_COMPLETION) 3228 break; 3229 off += mlen; 3230 buf += mlen; 3231 len -= mlen; 3232 } 3233 return (error); 3234} 3235 3236static int 3237urtwn_load_firmware(struct urtwn_softc *sc) 3238{ 3239 const struct firmware *fw; 3240 const struct r92c_fw_hdr *hdr; 3241 const char *imagename; 3242 const u_char *ptr; 3243 size_t len; 3244 uint32_t reg; 3245 int mlen, ntries, page, error; 3246 3247 URTWN_UNLOCK(sc); 3248 /* Read firmware image from the filesystem. */ 3249 if (sc->chip & URTWN_CHIP_88E) 3250 imagename = "urtwn-rtl8188eufw"; 3251 else if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3252 URTWN_CHIP_UMC_A_CUT) 3253 imagename = "urtwn-rtl8192cfwU"; 3254 else 3255 imagename = "urtwn-rtl8192cfwT"; 3256 3257 fw = firmware_get(imagename); 3258 URTWN_LOCK(sc); 3259 if (fw == NULL) { 3260 device_printf(sc->sc_dev, 3261 "failed loadfirmware of file %s\n", imagename); 3262 return (ENOENT); 3263 } 3264 3265 len = fw->datasize; 3266 3267 if (len < sizeof(*hdr)) { 3268 device_printf(sc->sc_dev, "firmware too short\n"); 3269 error = EINVAL; 3270 goto fail; 3271 } 3272 ptr = fw->data; 3273 hdr = (const struct r92c_fw_hdr *)ptr; 3274 /* Check if there is a valid FW header and skip it. */ 3275 if ((le16toh(hdr->signature) >> 4) == 0x88c || 3276 (le16toh(hdr->signature) >> 4) == 0x88e || 3277 (le16toh(hdr->signature) >> 4) == 0x92c) { 3278 DPRINTF("FW V%d.%d %02d-%02d %02d:%02d\n", 3279 le16toh(hdr->version), le16toh(hdr->subversion), 3280 hdr->month, hdr->date, hdr->hour, hdr->minute); 3281 ptr += sizeof(*hdr); 3282 len -= sizeof(*hdr); 3283 } 3284 3285 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RAM_DL_SEL) { 3286 if (sc->chip & URTWN_CHIP_88E) 3287 urtwn_r88e_fw_reset(sc); 3288 else 3289 urtwn_fw_reset(sc); 3290 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3291 } 3292 3293 if (!(sc->chip & URTWN_CHIP_88E)) { 3294 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 3295 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 3296 R92C_SYS_FUNC_EN_CPUEN); 3297 } 3298 urtwn_write_1(sc, R92C_MCUFWDL, 3299 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN); 3300 urtwn_write_1(sc, R92C_MCUFWDL + 2, 3301 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08); 3302 3303 /* Reset the FWDL checksum. */ 3304 urtwn_write_1(sc, R92C_MCUFWDL, 3305 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_CHKSUM_RPT); 3306 3307 for (page = 0; len > 0; page++) { 3308 mlen = min(len, R92C_FW_PAGE_SIZE); 3309 error = urtwn_fw_loadpage(sc, page, ptr, mlen); 3310 if (error != 0) { 3311 device_printf(sc->sc_dev, 3312 "could not load firmware page\n"); 3313 goto fail; 3314 } 3315 ptr += mlen; 3316 len -= mlen; 3317 } 3318 urtwn_write_1(sc, R92C_MCUFWDL, 3319 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN); 3320 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0); 3321 3322 /* Wait for checksum report. */ 3323 for (ntries = 0; ntries < 1000; ntries++) { 3324 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT) 3325 break; 3326 urtwn_ms_delay(sc); 3327 } 3328 if (ntries == 1000) { 3329 device_printf(sc->sc_dev, 3330 "timeout waiting for checksum report\n"); 3331 error = ETIMEDOUT; 3332 goto fail; 3333 } 3334 3335 reg = urtwn_read_4(sc, R92C_MCUFWDL); 3336 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY; 3337 urtwn_write_4(sc, R92C_MCUFWDL, reg); 3338 if (sc->chip & URTWN_CHIP_88E) 3339 urtwn_r88e_fw_reset(sc); 3340 /* Wait for firmware readiness. */ 3341 for (ntries = 0; ntries < 1000; ntries++) { 3342 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY) 3343 break; 3344 urtwn_ms_delay(sc); 3345 } 3346 if (ntries == 1000) { 3347 device_printf(sc->sc_dev, 3348 "timeout waiting for firmware readiness\n"); 3349 error = ETIMEDOUT; 3350 goto fail; 3351 } 3352fail: 3353 firmware_put(fw, FIRMWARE_UNLOAD); 3354 return (error); 3355} 3356 3357static int 3358urtwn_dma_init(struct urtwn_softc *sc) 3359{ 3360 struct usb_endpoint *ep, *ep_end; 3361 usb_error_t usb_err; 3362 uint32_t reg; 3363 int hashq, hasnq, haslq, nqueues, ntx; 3364 int error, pagecount, npubqpages, nqpages, nrempages, tx_boundary; 3365 3366 /* Initialize LLT table. */ 3367 error = urtwn_llt_init(sc); 3368 if (error != 0) 3369 return (error); 3370 3371 /* Determine the number of bulk-out pipes. */ 3372 ntx = 0; 3373 ep = sc->sc_udev->endpoints; 3374 ep_end = sc->sc_udev->endpoints + sc->sc_udev->endpoints_max; 3375 for (; ep != ep_end; ep++) { 3376 if ((ep->edesc == NULL) || 3377 (ep->iface_index != sc->sc_iface_index)) 3378 continue; 3379 if (UE_GET_DIR(ep->edesc->bEndpointAddress) == UE_DIR_OUT) 3380 ntx++; 3381 } 3382 if (ntx == 0) { 3383 device_printf(sc->sc_dev, 3384 "%d: invalid number of Tx bulk pipes\n", ntx); 3385 return (EIO); 3386 } 3387 3388 /* Get Tx queues to USB endpoints mapping. */ 3389 hashq = hasnq = haslq = nqueues = 0; 3390 switch (ntx) { 3391 case 1: hashq = 1; break; 3392 case 2: hashq = hasnq = 1; break; 3393 case 3: case 4: hashq = hasnq = haslq = 1; break; 3394 } 3395 nqueues = hashq + hasnq + haslq; 3396 if (nqueues == 0) 3397 return (EIO); 3398 3399 npubqpages = nqpages = nrempages = pagecount = 0; 3400 if (sc->chip & URTWN_CHIP_88E) 3401 tx_boundary = R88E_TX_PAGE_BOUNDARY; 3402 else { 3403 pagecount = R92C_TX_PAGE_COUNT; 3404 npubqpages = R92C_PUBQ_NPAGES; 3405 tx_boundary = R92C_TX_PAGE_BOUNDARY; 3406 } 3407 3408 /* Set number of pages for normal priority queue. */ 3409 if (sc->chip & URTWN_CHIP_88E) { 3410 usb_err = urtwn_write_2(sc, R92C_RQPN_NPQ, 0xd); 3411 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3412 return (EIO); 3413 usb_err = urtwn_write_4(sc, R92C_RQPN, 0x808e000d); 3414 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3415 return (EIO); 3416 } else { 3417 /* Get the number of pages for each queue. */ 3418 nqpages = (pagecount - npubqpages) / nqueues; 3419 /* 3420 * The remaining pages are assigned to the high priority 3421 * queue. 3422 */ 3423 nrempages = (pagecount - npubqpages) % nqueues; 3424 usb_err = urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0); 3425 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3426 return (EIO); 3427 usb_err = urtwn_write_4(sc, R92C_RQPN, 3428 /* Set number of pages for public queue. */ 3429 SM(R92C_RQPN_PUBQ, npubqpages) | 3430 /* Set number of pages for high priority queue. */ 3431 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) | 3432 /* Set number of pages for low priority queue. */ 3433 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) | 3434 /* Load values. */ 3435 R92C_RQPN_LD); 3436 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3437 return (EIO); 3438 } 3439 3440 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary); 3441 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3442 return (EIO); 3443 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary); 3444 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3445 return (EIO); 3446 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary); 3447 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3448 return (EIO); 3449 usb_err = urtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary); 3450 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3451 return (EIO); 3452 usb_err = urtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary); 3453 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3454 return (EIO); 3455 3456 /* Set queue to USB pipe mapping. */ 3457 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL); 3458 reg &= ~R92C_TRXDMA_CTRL_QMAP_M; 3459 if (nqueues == 1) { 3460 if (hashq) 3461 reg |= R92C_TRXDMA_CTRL_QMAP_HQ; 3462 else if (hasnq) 3463 reg |= R92C_TRXDMA_CTRL_QMAP_NQ; 3464 else 3465 reg |= R92C_TRXDMA_CTRL_QMAP_LQ; 3466 } else if (nqueues == 2) { 3467 /* 3468 * All 2-endpoints configs have high and normal 3469 * priority queues. 3470 */ 3471 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ; 3472 } else 3473 reg |= R92C_TRXDMA_CTRL_QMAP_3EP; 3474 usb_err = urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg); 3475 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3476 return (EIO); 3477 3478 /* Set Tx/Rx transfer page boundary. */ 3479 usb_err = urtwn_write_2(sc, R92C_TRXFF_BNDY + 2, 3480 (sc->chip & URTWN_CHIP_88E) ? 0x23ff : 0x27ff); 3481 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3482 return (EIO); 3483 3484 /* Set Tx/Rx transfer page size. */ 3485 usb_err = urtwn_write_1(sc, R92C_PBP, 3486 SM(R92C_PBP_PSRX, R92C_PBP_128) | 3487 SM(R92C_PBP_PSTX, R92C_PBP_128)); 3488 if (usb_err != USB_ERR_NORMAL_COMPLETION) 3489 return (EIO); 3490 3491 return (0); 3492} 3493 3494static int 3495urtwn_mac_init(struct urtwn_softc *sc) 3496{ 3497 usb_error_t error; 3498 int i; 3499 3500 /* Write MAC initialization values. */ 3501 if (sc->chip & URTWN_CHIP_88E) { 3502 for (i = 0; i < nitems(rtl8188eu_mac); i++) { 3503 error = urtwn_write_1(sc, rtl8188eu_mac[i].reg, 3504 rtl8188eu_mac[i].val); 3505 if (error != USB_ERR_NORMAL_COMPLETION) 3506 return (EIO); 3507 } 3508 urtwn_write_1(sc, R92C_MAX_AGGR_NUM, 0x07); 3509 } else { 3510 for (i = 0; i < nitems(rtl8192cu_mac); i++) 3511 error = urtwn_write_1(sc, rtl8192cu_mac[i].reg, 3512 rtl8192cu_mac[i].val); 3513 if (error != USB_ERR_NORMAL_COMPLETION) 3514 return (EIO); 3515 } 3516 3517 return (0); 3518} 3519 3520static void 3521urtwn_bb_init(struct urtwn_softc *sc) 3522{ 3523 const struct urtwn_bb_prog *prog; 3524 uint32_t reg; 3525 uint8_t crystalcap; 3526 int i; 3527 3528 /* Enable BB and RF. */ 3529 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 3530 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 3531 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST | 3532 R92C_SYS_FUNC_EN_DIO_RF); 3533 3534 if (!(sc->chip & URTWN_CHIP_88E)) 3535 urtwn_write_2(sc, R92C_AFE_PLL_CTRL, 0xdb83); 3536 3537 urtwn_write_1(sc, R92C_RF_CTRL, 3538 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB); 3539 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3540 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD | 3541 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB); 3542 3543 if (!(sc->chip & URTWN_CHIP_88E)) { 3544 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f); 3545 urtwn_write_1(sc, 0x15, 0xe9); 3546 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80); 3547 } 3548 3549 /* Select BB programming based on board type. */ 3550 if (sc->chip & URTWN_CHIP_88E) 3551 prog = &rtl8188eu_bb_prog; 3552 else if (!(sc->chip & URTWN_CHIP_92C)) { 3553 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3554 prog = &rtl8188ce_bb_prog; 3555 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3556 prog = &rtl8188ru_bb_prog; 3557 else 3558 prog = &rtl8188cu_bb_prog; 3559 } else { 3560 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3561 prog = &rtl8192ce_bb_prog; 3562 else 3563 prog = &rtl8192cu_bb_prog; 3564 } 3565 /* Write BB initialization values. */ 3566 for (i = 0; i < prog->count; i++) { 3567 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]); 3568 urtwn_ms_delay(sc); 3569 } 3570 3571 if (sc->chip & URTWN_CHIP_92C_1T2R) { 3572 /* 8192C 1T only configuration. */ 3573 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO); 3574 reg = (reg & ~0x00000003) | 0x2; 3575 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg); 3576 3577 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO); 3578 reg = (reg & ~0x00300033) | 0x00200022; 3579 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg); 3580 3581 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING); 3582 reg = (reg & ~0xff000000) | 0x45 << 24; 3583 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg); 3584 3585 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA); 3586 reg = (reg & ~0x000000ff) | 0x23; 3587 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg); 3588 3589 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1); 3590 reg = (reg & ~0x00000030) | 1 << 4; 3591 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg); 3592 3593 reg = urtwn_bb_read(sc, 0xe74); 3594 reg = (reg & ~0x0c000000) | 2 << 26; 3595 urtwn_bb_write(sc, 0xe74, reg); 3596 reg = urtwn_bb_read(sc, 0xe78); 3597 reg = (reg & ~0x0c000000) | 2 << 26; 3598 urtwn_bb_write(sc, 0xe78, reg); 3599 reg = urtwn_bb_read(sc, 0xe7c); 3600 reg = (reg & ~0x0c000000) | 2 << 26; 3601 urtwn_bb_write(sc, 0xe7c, reg); 3602 reg = urtwn_bb_read(sc, 0xe80); 3603 reg = (reg & ~0x0c000000) | 2 << 26; 3604 urtwn_bb_write(sc, 0xe80, reg); 3605 reg = urtwn_bb_read(sc, 0xe88); 3606 reg = (reg & ~0x0c000000) | 2 << 26; 3607 urtwn_bb_write(sc, 0xe88, reg); 3608 } 3609 3610 /* Write AGC values. */ 3611 for (i = 0; i < prog->agccount; i++) { 3612 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE, 3613 prog->agcvals[i]); 3614 urtwn_ms_delay(sc); 3615 } 3616 3617 if (sc->chip & URTWN_CHIP_88E) { 3618 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553422); 3619 urtwn_ms_delay(sc); 3620 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553420); 3621 urtwn_ms_delay(sc); 3622 3623 crystalcap = sc->rom.r88e_rom[0xb9]; 3624 if (crystalcap == 0xff) 3625 crystalcap = 0x20; 3626 crystalcap &= 0x3f; 3627 reg = urtwn_bb_read(sc, R92C_AFE_XTAL_CTRL); 3628 urtwn_bb_write(sc, R92C_AFE_XTAL_CTRL, 3629 RW(reg, R92C_AFE_XTAL_CTRL_ADDR, 3630 crystalcap | crystalcap << 6)); 3631 } else { 3632 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) & 3633 R92C_HSSI_PARAM2_CCK_HIPWR) 3634 sc->sc_flags |= URTWN_FLAG_CCK_HIPWR; 3635 } 3636} 3637 3638static void 3639urtwn_rf_init(struct urtwn_softc *sc) 3640{ 3641 const struct urtwn_rf_prog *prog; 3642 uint32_t reg, type; 3643 int i, j, idx, off; 3644 3645 /* Select RF programming based on board type. */ 3646 if (sc->chip & URTWN_CHIP_88E) 3647 prog = rtl8188eu_rf_prog; 3648 else if (!(sc->chip & URTWN_CHIP_92C)) { 3649 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) 3650 prog = rtl8188ce_rf_prog; 3651 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3652 prog = rtl8188ru_rf_prog; 3653 else 3654 prog = rtl8188cu_rf_prog; 3655 } else 3656 prog = rtl8192ce_rf_prog; 3657 3658 for (i = 0; i < sc->nrxchains; i++) { 3659 /* Save RF_ENV control type. */ 3660 idx = i / 2; 3661 off = (i % 2) * 16; 3662 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 3663 type = (reg >> off) & 0x10; 3664 3665 /* Set RF_ENV enable. */ 3666 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3667 reg |= 0x100000; 3668 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3669 urtwn_ms_delay(sc); 3670 /* Set RF_ENV output high. */ 3671 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3672 reg |= 0x10; 3673 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3674 urtwn_ms_delay(sc); 3675 /* Set address and data lengths of RF registers. */ 3676 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3677 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH; 3678 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3679 urtwn_ms_delay(sc); 3680 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3681 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH; 3682 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3683 urtwn_ms_delay(sc); 3684 3685 /* Write RF initialization values for this chain. */ 3686 for (j = 0; j < prog[i].count; j++) { 3687 if (prog[i].regs[j] >= 0xf9 && 3688 prog[i].regs[j] <= 0xfe) { 3689 /* 3690 * These are fake RF registers offsets that 3691 * indicate a delay is required. 3692 */ 3693 usb_pause_mtx(&sc->sc_mtx, hz / 20); /* 50ms */ 3694 continue; 3695 } 3696 urtwn_rf_write(sc, i, prog[i].regs[j], 3697 prog[i].vals[j]); 3698 urtwn_ms_delay(sc); 3699 } 3700 3701 /* Restore RF_ENV control type. */ 3702 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)); 3703 reg &= ~(0x10 << off) | (type << off); 3704 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg); 3705 3706 /* Cache RF register CHNLBW. */ 3707 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW); 3708 } 3709 3710 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3711 URTWN_CHIP_UMC_A_CUT) { 3712 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255); 3713 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00); 3714 } 3715} 3716 3717static void 3718urtwn_cam_init(struct urtwn_softc *sc) 3719{ 3720 /* Invalidate all CAM entries. */ 3721 urtwn_write_4(sc, R92C_CAMCMD, 3722 R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR); 3723} 3724 3725static int 3726urtwn_cam_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 3727{ 3728 usb_error_t error; 3729 3730 error = urtwn_write_4(sc, R92C_CAMWRITE, data); 3731 if (error != USB_ERR_NORMAL_COMPLETION) 3732 return (EIO); 3733 error = urtwn_write_4(sc, R92C_CAMCMD, 3734 R92C_CAMCMD_POLLING | R92C_CAMCMD_WRITE | 3735 SM(R92C_CAMCMD_ADDR, addr)); 3736 if (error != USB_ERR_NORMAL_COMPLETION) 3737 return (EIO); 3738 3739 return (0); 3740} 3741 3742static void 3743urtwn_pa_bias_init(struct urtwn_softc *sc) 3744{ 3745 uint8_t reg; 3746 int i; 3747 3748 for (i = 0; i < sc->nrxchains; i++) { 3749 if (sc->pa_setting & (1 << i)) 3750 continue; 3751 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406); 3752 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406); 3753 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406); 3754 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406); 3755 } 3756 if (!(sc->pa_setting & 0x10)) { 3757 reg = urtwn_read_1(sc, 0x16); 3758 reg = (reg & ~0xf0) | 0x90; 3759 urtwn_write_1(sc, 0x16, reg); 3760 } 3761} 3762 3763static void 3764urtwn_rxfilter_init(struct urtwn_softc *sc) 3765{ 3766 struct ieee80211com *ic = &sc->sc_ic; 3767 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3768 uint32_t rcr; 3769 uint16_t filter; 3770 3771 URTWN_ASSERT_LOCKED(sc); 3772 3773 /* Accept all multicast frames. */ 3774 urtwn_write_4(sc, R92C_MAR + 0, 0xffffffff); 3775 urtwn_write_4(sc, R92C_MAR + 4, 0xffffffff); 3776 3777 /* Filter for management frames. */ 3778 filter = 0x7f3f; 3779 switch (vap->iv_opmode) { 3780 case IEEE80211_M_STA: 3781 filter &= ~( 3782 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_REQ) | 3783 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_REQ) | 3784 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_PROBE_REQ)); 3785 break; 3786 case IEEE80211_M_HOSTAP: 3787 filter &= ~( 3788 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_RESP) | 3789 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_RESP) | 3790 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_BEACON)); 3791 break; 3792 case IEEE80211_M_MONITOR: 3793 case IEEE80211_M_IBSS: 3794 break; 3795 default: 3796 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 3797 __func__, vap->iv_opmode); 3798 break; 3799 } 3800 urtwn_write_2(sc, R92C_RXFLTMAP0, filter); 3801 3802 /* Reject all control frames. */ 3803 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000); 3804 3805 /* Reject all data frames. */ 3806 urtwn_write_2(sc, R92C_RXFLTMAP2, 0x0000); 3807 3808 rcr = R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_APM | 3809 R92C_RCR_HTC_LOC_CTRL | R92C_RCR_APP_PHYSTS | 3810 R92C_RCR_APP_ICV | R92C_RCR_APP_MIC; 3811 3812 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 3813 /* Accept all frames. */ 3814 rcr |= R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | 3815 R92C_RCR_AAP; 3816 } 3817 3818 /* Set Rx filter. */ 3819 urtwn_write_4(sc, R92C_RCR, rcr); 3820 3821 if (ic->ic_promisc != 0) { 3822 /* Update Rx filter. */ 3823 urtwn_set_promisc(sc); 3824 } 3825} 3826 3827static void 3828urtwn_edca_init(struct urtwn_softc *sc) 3829{ 3830 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a); 3831 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a); 3832 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a); 3833 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a); 3834 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b); 3835 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f); 3836 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324); 3837 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226); 3838} 3839 3840static void 3841urtwn_write_txpower(struct urtwn_softc *sc, int chain, 3842 uint16_t power[URTWN_RIDX_COUNT]) 3843{ 3844 uint32_t reg; 3845 3846 /* Write per-CCK rate Tx power. */ 3847 if (chain == 0) { 3848 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32); 3849 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]); 3850 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg); 3851 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3852 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]); 3853 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]); 3854 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]); 3855 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3856 } else { 3857 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32); 3858 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]); 3859 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]); 3860 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]); 3861 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg); 3862 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3863 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]); 3864 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3865 } 3866 /* Write per-OFDM rate Tx power. */ 3867 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain), 3868 SM(R92C_TXAGC_RATE06, power[ 4]) | 3869 SM(R92C_TXAGC_RATE09, power[ 5]) | 3870 SM(R92C_TXAGC_RATE12, power[ 6]) | 3871 SM(R92C_TXAGC_RATE18, power[ 7])); 3872 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain), 3873 SM(R92C_TXAGC_RATE24, power[ 8]) | 3874 SM(R92C_TXAGC_RATE36, power[ 9]) | 3875 SM(R92C_TXAGC_RATE48, power[10]) | 3876 SM(R92C_TXAGC_RATE54, power[11])); 3877 /* Write per-MCS Tx power. */ 3878 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain), 3879 SM(R92C_TXAGC_MCS00, power[12]) | 3880 SM(R92C_TXAGC_MCS01, power[13]) | 3881 SM(R92C_TXAGC_MCS02, power[14]) | 3882 SM(R92C_TXAGC_MCS03, power[15])); 3883 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain), 3884 SM(R92C_TXAGC_MCS04, power[16]) | 3885 SM(R92C_TXAGC_MCS05, power[17]) | 3886 SM(R92C_TXAGC_MCS06, power[18]) | 3887 SM(R92C_TXAGC_MCS07, power[19])); 3888 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain), 3889 SM(R92C_TXAGC_MCS08, power[20]) | 3890 SM(R92C_TXAGC_MCS09, power[21]) | 3891 SM(R92C_TXAGC_MCS10, power[22]) | 3892 SM(R92C_TXAGC_MCS11, power[23])); 3893 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain), 3894 SM(R92C_TXAGC_MCS12, power[24]) | 3895 SM(R92C_TXAGC_MCS13, power[25]) | 3896 SM(R92C_TXAGC_MCS14, power[26]) | 3897 SM(R92C_TXAGC_MCS15, power[27])); 3898} 3899 3900static void 3901urtwn_get_txpower(struct urtwn_softc *sc, int chain, 3902 struct ieee80211_channel *c, struct ieee80211_channel *extc, 3903 uint16_t power[URTWN_RIDX_COUNT]) 3904{ 3905 struct ieee80211com *ic = &sc->sc_ic; 3906 struct r92c_rom *rom = &sc->rom.r92c_rom; 3907 uint16_t cckpow, ofdmpow, htpow, diff, max; 3908 const struct urtwn_txpwr *base; 3909 int ridx, chan, group; 3910 3911 /* Determine channel group. */ 3912 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 3913 if (chan <= 3) 3914 group = 0; 3915 else if (chan <= 9) 3916 group = 1; 3917 else 3918 group = 2; 3919 3920 /* Get original Tx power based on board type and RF chain. */ 3921 if (!(sc->chip & URTWN_CHIP_92C)) { 3922 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) 3923 base = &rtl8188ru_txagc[chain]; 3924 else 3925 base = &rtl8192cu_txagc[chain]; 3926 } else 3927 base = &rtl8192cu_txagc[chain]; 3928 3929 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 3930 if (sc->regulatory == 0) { 3931 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 3932 power[ridx] = base->pwr[0][ridx]; 3933 } 3934 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 3935 if (sc->regulatory == 3) { 3936 power[ridx] = base->pwr[0][ridx]; 3937 /* Apply vendor limits. */ 3938 if (extc != NULL) 3939 max = rom->ht40_max_pwr[group]; 3940 else 3941 max = rom->ht20_max_pwr[group]; 3942 max = (max >> (chain * 4)) & 0xf; 3943 if (power[ridx] > max) 3944 power[ridx] = max; 3945 } else if (sc->regulatory == 1) { 3946 if (extc == NULL) 3947 power[ridx] = base->pwr[group][ridx]; 3948 } else if (sc->regulatory != 2) 3949 power[ridx] = base->pwr[0][ridx]; 3950 } 3951 3952 /* Compute per-CCK rate Tx power. */ 3953 cckpow = rom->cck_tx_pwr[chain][group]; 3954 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 3955 power[ridx] += cckpow; 3956 if (power[ridx] > R92C_MAX_TX_PWR) 3957 power[ridx] = R92C_MAX_TX_PWR; 3958 } 3959 3960 htpow = rom->ht40_1s_tx_pwr[chain][group]; 3961 if (sc->ntxchains > 1) { 3962 /* Apply reduction for 2 spatial streams. */ 3963 diff = rom->ht40_2s_tx_pwr_diff[group]; 3964 diff = (diff >> (chain * 4)) & 0xf; 3965 htpow = (htpow > diff) ? htpow - diff : 0; 3966 } 3967 3968 /* Compute per-OFDM rate Tx power. */ 3969 diff = rom->ofdm_tx_pwr_diff[group]; 3970 diff = (diff >> (chain * 4)) & 0xf; 3971 ofdmpow = htpow + diff; /* HT->OFDM correction. */ 3972 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 3973 power[ridx] += ofdmpow; 3974 if (power[ridx] > R92C_MAX_TX_PWR) 3975 power[ridx] = R92C_MAX_TX_PWR; 3976 } 3977 3978 /* Compute per-MCS Tx power. */ 3979 if (extc == NULL) { 3980 diff = rom->ht20_tx_pwr_diff[group]; 3981 diff = (diff >> (chain * 4)) & 0xf; 3982 htpow += diff; /* HT40->HT20 correction. */ 3983 } 3984 for (ridx = 12; ridx <= 27; ridx++) { 3985 power[ridx] += htpow; 3986 if (power[ridx] > R92C_MAX_TX_PWR) 3987 power[ridx] = R92C_MAX_TX_PWR; 3988 } 3989#ifdef URTWN_DEBUG 3990 if (urtwn_debug >= 4) { 3991 /* Dump per-rate Tx power values. */ 3992 printf("Tx power for chain %d:\n", chain); 3993 for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++) 3994 printf("Rate %d = %u\n", ridx, power[ridx]); 3995 } 3996#endif 3997} 3998 3999static void 4000urtwn_r88e_get_txpower(struct urtwn_softc *sc, int chain, 4001 struct ieee80211_channel *c, struct ieee80211_channel *extc, 4002 uint16_t power[URTWN_RIDX_COUNT]) 4003{ 4004 struct ieee80211com *ic = &sc->sc_ic; 4005 uint16_t cckpow, ofdmpow, bw20pow, htpow; 4006 const struct urtwn_r88e_txpwr *base; 4007 int ridx, chan, group; 4008 4009 /* Determine channel group. */ 4010 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4011 if (chan <= 2) 4012 group = 0; 4013 else if (chan <= 5) 4014 group = 1; 4015 else if (chan <= 8) 4016 group = 2; 4017 else if (chan <= 11) 4018 group = 3; 4019 else if (chan <= 13) 4020 group = 4; 4021 else 4022 group = 5; 4023 4024 /* Get original Tx power based on board type and RF chain. */ 4025 base = &rtl8188eu_txagc[chain]; 4026 4027 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 4028 if (sc->regulatory == 0) { 4029 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) 4030 power[ridx] = base->pwr[0][ridx]; 4031 } 4032 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) { 4033 if (sc->regulatory == 3) 4034 power[ridx] = base->pwr[0][ridx]; 4035 else if (sc->regulatory == 1) { 4036 if (extc == NULL) 4037 power[ridx] = base->pwr[group][ridx]; 4038 } else if (sc->regulatory != 2) 4039 power[ridx] = base->pwr[0][ridx]; 4040 } 4041 4042 /* Compute per-CCK rate Tx power. */ 4043 cckpow = sc->cck_tx_pwr[group]; 4044 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) { 4045 power[ridx] += cckpow; 4046 if (power[ridx] > R92C_MAX_TX_PWR) 4047 power[ridx] = R92C_MAX_TX_PWR; 4048 } 4049 4050 htpow = sc->ht40_tx_pwr[group]; 4051 4052 /* Compute per-OFDM rate Tx power. */ 4053 ofdmpow = htpow + sc->ofdm_tx_pwr_diff; 4054 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) { 4055 power[ridx] += ofdmpow; 4056 if (power[ridx] > R92C_MAX_TX_PWR) 4057 power[ridx] = R92C_MAX_TX_PWR; 4058 } 4059 4060 bw20pow = htpow + sc->bw20_tx_pwr_diff; 4061 for (ridx = 12; ridx <= 27; ridx++) { 4062 power[ridx] += bw20pow; 4063 if (power[ridx] > R92C_MAX_TX_PWR) 4064 power[ridx] = R92C_MAX_TX_PWR; 4065 } 4066} 4067 4068static void 4069urtwn_set_txpower(struct urtwn_softc *sc, struct ieee80211_channel *c, 4070 struct ieee80211_channel *extc) 4071{ 4072 uint16_t power[URTWN_RIDX_COUNT]; 4073 int i; 4074 4075 for (i = 0; i < sc->ntxchains; i++) { 4076 /* Compute per-rate Tx power values. */ 4077 if (sc->chip & URTWN_CHIP_88E) 4078 urtwn_r88e_get_txpower(sc, i, c, extc, power); 4079 else 4080 urtwn_get_txpower(sc, i, c, extc, power); 4081 /* Write per-rate Tx power values to hardware. */ 4082 urtwn_write_txpower(sc, i, power); 4083 } 4084} 4085 4086static void 4087urtwn_set_rx_bssid_all(struct urtwn_softc *sc, int enable) 4088{ 4089 uint32_t reg; 4090 4091 reg = urtwn_read_4(sc, R92C_RCR); 4092 if (enable) 4093 reg &= ~R92C_RCR_CBSSID_BCN; 4094 else 4095 reg |= R92C_RCR_CBSSID_BCN; 4096 urtwn_write_4(sc, R92C_RCR, reg); 4097} 4098 4099static void 4100urtwn_set_gain(struct urtwn_softc *sc, uint8_t gain) 4101{ 4102 uint32_t reg; 4103 4104 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 4105 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 4106 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 4107 4108 if (!(sc->chip & URTWN_CHIP_88E)) { 4109 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 4110 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain); 4111 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 4112 } 4113} 4114 4115static void 4116urtwn_scan_start(struct ieee80211com *ic) 4117{ 4118 struct urtwn_softc *sc = ic->ic_softc; 4119 4120 URTWN_LOCK(sc); 4121 /* Receive beacons / probe responses from any BSSID. */ 4122 if (ic->ic_opmode != IEEE80211_M_IBSS) 4123 urtwn_set_rx_bssid_all(sc, 1); 4124 4125 /* Set gain for scanning. */ 4126 urtwn_set_gain(sc, 0x20); 4127 URTWN_UNLOCK(sc); 4128} 4129 4130static void 4131urtwn_scan_end(struct ieee80211com *ic) 4132{ 4133 struct urtwn_softc *sc = ic->ic_softc; 4134 4135 URTWN_LOCK(sc); 4136 /* Restore limitations. */ 4137 if (ic->ic_promisc == 0 && ic->ic_opmode != IEEE80211_M_IBSS) 4138 urtwn_set_rx_bssid_all(sc, 0); 4139 4140 /* Set gain under link. */ 4141 urtwn_set_gain(sc, 0x32); 4142 URTWN_UNLOCK(sc); 4143} 4144 4145static void 4146urtwn_set_channel(struct ieee80211com *ic) 4147{ 4148 struct urtwn_softc *sc = ic->ic_softc; 4149 struct ieee80211_channel *c = ic->ic_curchan; 4150 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4151 4152 URTWN_LOCK(sc); 4153 if (vap->iv_state == IEEE80211_S_SCAN) { 4154 /* Make link LED blink during scan. */ 4155 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink); 4156 } 4157 urtwn_set_chan(sc, c, NULL); 4158 sc->sc_rxtap.wr_chan_freq = htole16(c->ic_freq); 4159 sc->sc_rxtap.wr_chan_flags = htole16(c->ic_flags); 4160 sc->sc_txtap.wt_chan_freq = htole16(c->ic_freq); 4161 sc->sc_txtap.wt_chan_flags = htole16(c->ic_flags); 4162 URTWN_UNLOCK(sc); 4163} 4164 4165static int 4166urtwn_wme_update(struct ieee80211com *ic) 4167{ 4168 const struct wmeParams *wmep = 4169 ic->ic_wme.wme_chanParams.cap_wmeParams; 4170 struct urtwn_softc *sc = ic->ic_softc; 4171 uint8_t aifs, acm, slottime; 4172 int ac; 4173 4174 acm = 0; 4175 slottime = IEEE80211_GET_SLOTTIME(ic); 4176 4177 URTWN_LOCK(sc); 4178 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) { 4179 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 4180 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS; 4181 urtwn_write_4(sc, wme2queue[ac].reg, 4182 SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) | 4183 SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) | 4184 SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) | 4185 SM(R92C_EDCA_PARAM_AIFS, aifs)); 4186 if (ac != WME_AC_BE) 4187 acm |= wmep[ac].wmep_acm << ac; 4188 } 4189 4190 if (acm != 0) 4191 acm |= R92C_ACMHWCTRL_EN; 4192 urtwn_write_1(sc, R92C_ACMHWCTRL, 4193 (urtwn_read_1(sc, R92C_ACMHWCTRL) & ~R92C_ACMHWCTRL_ACM_MASK) | 4194 acm); 4195 4196 URTWN_UNLOCK(sc); 4197 4198 return 0; 4199} 4200 4201static void 4202urtwn_set_promisc(struct urtwn_softc *sc) 4203{ 4204 struct ieee80211com *ic = &sc->sc_ic; 4205 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4206 uint32_t rcr, mask1, mask2; 4207 4208 URTWN_ASSERT_LOCKED(sc); 4209 4210 if (vap->iv_opmode == IEEE80211_M_MONITOR) 4211 return; 4212 4213 mask1 = R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | R92C_RCR_AAP; 4214 mask2 = R92C_RCR_APM; 4215 4216 if (vap->iv_state == IEEE80211_S_RUN) { 4217 switch (vap->iv_opmode) { 4218 case IEEE80211_M_STA: 4219 mask2 |= R92C_RCR_CBSSID_DATA; 4220 /* FALLTHROUGH */ 4221 case IEEE80211_M_HOSTAP: 4222 mask2 |= R92C_RCR_CBSSID_BCN; 4223 break; 4224 case IEEE80211_M_IBSS: 4225 mask2 |= R92C_RCR_CBSSID_DATA; 4226 break; 4227 default: 4228 device_printf(sc->sc_dev, "%s: undefined opmode %d\n", 4229 __func__, vap->iv_opmode); 4230 return; 4231 } 4232 } 4233 4234 rcr = urtwn_read_4(sc, R92C_RCR); 4235 if (ic->ic_promisc == 0) 4236 rcr = (rcr & ~mask1) | mask2; 4237 else 4238 rcr = (rcr & ~mask2) | mask1; 4239 urtwn_write_4(sc, R92C_RCR, rcr); 4240} 4241 4242static void 4243urtwn_update_promisc(struct ieee80211com *ic) 4244{ 4245 struct urtwn_softc *sc = ic->ic_softc; 4246 4247 URTWN_LOCK(sc); 4248 if (sc->sc_flags & URTWN_RUNNING) 4249 urtwn_set_promisc(sc); 4250 URTWN_UNLOCK(sc); 4251} 4252 4253static void 4254urtwn_update_mcast(struct ieee80211com *ic) 4255{ 4256 /* XXX do nothing? */ 4257} 4258 4259static struct ieee80211_node * 4260urtwn_r88e_node_alloc(struct ieee80211vap *vap, 4261 const uint8_t mac[IEEE80211_ADDR_LEN]) 4262{ 4263 struct urtwn_node *un; 4264 4265 un = malloc(sizeof (struct urtwn_node), M_80211_NODE, 4266 M_NOWAIT | M_ZERO); 4267 4268 if (un == NULL) 4269 return NULL; 4270 4271 un->id = URTWN_MACID_UNDEFINED; 4272 4273 return &un->ni; 4274} 4275 4276static void 4277urtwn_r88e_newassoc(struct ieee80211_node *ni, int isnew) 4278{ 4279 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 4280 struct urtwn_node *un = URTWN_NODE(ni); 4281 uint8_t id; 4282 4283 if (!isnew) 4284 return; 4285 4286 URTWN_NT_LOCK(sc); 4287 for (id = 0; id <= URTWN_MACID_MAX(sc); id++) { 4288 if (id != URTWN_MACID_BC && sc->node_list[id] == NULL) { 4289 un->id = id; 4290 sc->node_list[id] = ni; 4291 break; 4292 } 4293 } 4294 URTWN_NT_UNLOCK(sc); 4295 4296 if (id > URTWN_MACID_MAX(sc)) { 4297 device_printf(sc->sc_dev, "%s: node table is full\n", 4298 __func__); 4299 } 4300} 4301 4302static void 4303urtwn_r88e_node_free(struct ieee80211_node *ni) 4304{ 4305 struct urtwn_softc *sc = ni->ni_ic->ic_softc; 4306 struct urtwn_node *un = URTWN_NODE(ni); 4307 4308 URTWN_NT_LOCK(sc); 4309 if (un->id != URTWN_MACID_UNDEFINED) 4310 sc->node_list[un->id] = NULL; 4311 URTWN_NT_UNLOCK(sc); 4312 4313 sc->sc_node_free(ni); 4314} 4315 4316static void 4317urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c, 4318 struct ieee80211_channel *extc) 4319{ 4320 struct ieee80211com *ic = &sc->sc_ic; 4321 uint32_t reg; 4322 u_int chan; 4323 int i; 4324 4325 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 4326 if (chan == 0 || chan == IEEE80211_CHAN_ANY) { 4327 device_printf(sc->sc_dev, 4328 "%s: invalid channel %x\n", __func__, chan); 4329 return; 4330 } 4331 4332 /* Set Tx power for this new channel. */ 4333 urtwn_set_txpower(sc, c, extc); 4334 4335 for (i = 0; i < sc->nrxchains; i++) { 4336 urtwn_rf_write(sc, i, R92C_RF_CHNLBW, 4337 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan)); 4338 } 4339#ifndef IEEE80211_NO_HT 4340 if (extc != NULL) { 4341 /* Is secondary channel below or above primary? */ 4342 int prichlo = c->ic_freq < extc->ic_freq; 4343 4344 urtwn_write_1(sc, R92C_BWOPMODE, 4345 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ); 4346 4347 reg = urtwn_read_1(sc, R92C_RRSR + 2); 4348 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5; 4349 urtwn_write_1(sc, R92C_RRSR + 2, reg); 4350 4351 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 4352 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ); 4353 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 4354 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ); 4355 4356 /* Set CCK side band. */ 4357 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM); 4358 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4; 4359 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg); 4360 4361 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF); 4362 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10; 4363 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg); 4364 4365 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 4366 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) & 4367 ~R92C_FPGA0_ANAPARAM2_CBW20); 4368 4369 reg = urtwn_bb_read(sc, 0x818); 4370 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26; 4371 urtwn_bb_write(sc, 0x818, reg); 4372 4373 /* Select 40MHz bandwidth. */ 4374 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 4375 (sc->rf_chnlbw[0] & ~0xfff) | chan); 4376 } else 4377#endif 4378 { 4379 urtwn_write_1(sc, R92C_BWOPMODE, 4380 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ); 4381 4382 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 4383 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ); 4384 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 4385 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ); 4386 4387 if (!(sc->chip & URTWN_CHIP_88E)) { 4388 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 4389 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) | 4390 R92C_FPGA0_ANAPARAM2_CBW20); 4391 } 4392 4393 /* Select 20MHz bandwidth. */ 4394 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 4395 (sc->rf_chnlbw[0] & ~0xfff) | chan | 4396 ((sc->chip & URTWN_CHIP_88E) ? R88E_RF_CHNLBW_BW20 : 4397 R92C_RF_CHNLBW_BW20)); 4398 } 4399} 4400 4401static void 4402urtwn_iq_calib(struct urtwn_softc *sc) 4403{ 4404 /* TODO */ 4405} 4406 4407static void 4408urtwn_lc_calib(struct urtwn_softc *sc) 4409{ 4410 uint32_t rf_ac[2]; 4411 uint8_t txmode; 4412 int i; 4413 4414 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3); 4415 if ((txmode & 0x70) != 0) { 4416 /* Disable all continuous Tx. */ 4417 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70); 4418 4419 /* Set RF mode to standby mode. */ 4420 for (i = 0; i < sc->nrxchains; i++) { 4421 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC); 4422 urtwn_rf_write(sc, i, R92C_RF_AC, 4423 RW(rf_ac[i], R92C_RF_AC_MODE, 4424 R92C_RF_AC_MODE_STANDBY)); 4425 } 4426 } else { 4427 /* Block all Tx queues. */ 4428 urtwn_write_1(sc, R92C_TXPAUSE, 0xff); 4429 } 4430 /* Start calibration. */ 4431 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 4432 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART); 4433 4434 /* Give calibration the time to complete. */ 4435 usb_pause_mtx(&sc->sc_mtx, hz / 10); /* 100ms */ 4436 4437 /* Restore configuration. */ 4438 if ((txmode & 0x70) != 0) { 4439 /* Restore Tx mode. */ 4440 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode); 4441 /* Restore RF mode. */ 4442 for (i = 0; i < sc->nrxchains; i++) 4443 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]); 4444 } else { 4445 /* Unblock all Tx queues. */ 4446 urtwn_write_1(sc, R92C_TXPAUSE, 0x00); 4447 } 4448} 4449 4450static int 4451urtwn_init(struct urtwn_softc *sc) 4452{ 4453 struct ieee80211com *ic = &sc->sc_ic; 4454 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 4455 uint8_t macaddr[IEEE80211_ADDR_LEN]; 4456 uint32_t reg; 4457 usb_error_t usb_err = USB_ERR_NORMAL_COMPLETION; 4458 int error; 4459 4460 URTWN_LOCK(sc); 4461 if (sc->sc_flags & URTWN_RUNNING) { 4462 URTWN_UNLOCK(sc); 4463 return (0); 4464 } 4465 4466 /* Init firmware commands ring. */ 4467 sc->fwcur = 0; 4468 4469 /* Allocate Tx/Rx buffers. */ 4470 error = urtwn_alloc_rx_list(sc); 4471 if (error != 0) 4472 goto fail; 4473 4474 error = urtwn_alloc_tx_list(sc); 4475 if (error != 0) 4476 goto fail; 4477 4478 /* Power on adapter. */ 4479 error = urtwn_power_on(sc); 4480 if (error != 0) 4481 goto fail; 4482 4483 /* Initialize DMA. */ 4484 error = urtwn_dma_init(sc); 4485 if (error != 0) 4486 goto fail; 4487 4488 /* Set info size in Rx descriptors (in 64-bit words). */ 4489 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4); 4490 4491 /* Init interrupts. */ 4492 if (sc->chip & URTWN_CHIP_88E) { 4493 usb_err = urtwn_write_4(sc, R88E_HISR, 0xffffffff); 4494 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4495 goto fail; 4496 usb_err = urtwn_write_4(sc, R88E_HIMR, R88E_HIMR_CPWM | R88E_HIMR_CPWM2 | 4497 R88E_HIMR_TBDER | R88E_HIMR_PSTIMEOUT); 4498 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4499 goto fail; 4500 usb_err = urtwn_write_4(sc, R88E_HIMRE, R88E_HIMRE_RXFOVW | 4501 R88E_HIMRE_TXFOVW | R88E_HIMRE_RXERR | R88E_HIMRE_TXERR); 4502 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4503 goto fail; 4504 usb_err = urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 4505 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 4506 R92C_USB_SPECIAL_OPTION_INT_BULK_SEL); 4507 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4508 goto fail; 4509 } else { 4510 usb_err = urtwn_write_4(sc, R92C_HISR, 0xffffffff); 4511 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4512 goto fail; 4513 usb_err = urtwn_write_4(sc, R92C_HIMR, 0xffffffff); 4514 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4515 goto fail; 4516 } 4517 4518 /* Set MAC address. */ 4519 IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr); 4520 usb_err = urtwn_write_region_1(sc, R92C_MACID, macaddr, IEEE80211_ADDR_LEN); 4521 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4522 goto fail; 4523 4524 /* Set initial network type. */ 4525 urtwn_set_mode(sc, R92C_MSR_INFRA); 4526 4527 /* Initialize Rx filter. */ 4528 urtwn_rxfilter_init(sc); 4529 4530 /* Set response rate. */ 4531 reg = urtwn_read_4(sc, R92C_RRSR); 4532 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M); 4533 urtwn_write_4(sc, R92C_RRSR, reg); 4534 4535 /* Set short/long retry limits. */ 4536 urtwn_write_2(sc, R92C_RL, 4537 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30)); 4538 4539 /* Initialize EDCA parameters. */ 4540 urtwn_edca_init(sc); 4541 4542 /* Setup rate fallback. */ 4543 if (!(sc->chip & URTWN_CHIP_88E)) { 4544 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000); 4545 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404); 4546 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201); 4547 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605); 4548 } 4549 4550 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL, 4551 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) | 4552 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW); 4553 /* Set ACK timeout. */ 4554 urtwn_write_1(sc, R92C_ACKTO, 0x40); 4555 4556 /* Setup USB aggregation. */ 4557 reg = urtwn_read_4(sc, R92C_TDECTRL); 4558 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6); 4559 urtwn_write_4(sc, R92C_TDECTRL, reg); 4560 urtwn_write_1(sc, R92C_TRXDMA_CTRL, 4561 urtwn_read_1(sc, R92C_TRXDMA_CTRL) | 4562 R92C_TRXDMA_CTRL_RXDMA_AGG_EN); 4563 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48); 4564 if (sc->chip & URTWN_CHIP_88E) 4565 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH + 1, 4); 4566 else { 4567 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4); 4568 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 4569 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) | 4570 R92C_USB_SPECIAL_OPTION_AGG_EN); 4571 urtwn_write_1(sc, R92C_USB_AGG_TH, 8); 4572 urtwn_write_1(sc, R92C_USB_AGG_TO, 6); 4573 } 4574 4575 /* Initialize beacon parameters. */ 4576 urtwn_write_2(sc, R92C_BCN_CTRL, 0x1010); 4577 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404); 4578 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05); 4579 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02); 4580 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f); 4581 4582 if (!(sc->chip & URTWN_CHIP_88E)) { 4583 /* Setup AMPDU aggregation. */ 4584 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */ 4585 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16); 4586 urtwn_write_2(sc, R92C_MAX_AGGR_NUM, 0x0708); 4587 4588 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff); 4589 } 4590 4591 /* Load 8051 microcode. */ 4592 error = urtwn_load_firmware(sc); 4593 if (error != 0) 4594 goto fail; 4595 4596 /* Initialize MAC/BB/RF blocks. */ 4597 error = urtwn_mac_init(sc); 4598 if (error != 0) { 4599 device_printf(sc->sc_dev, 4600 "%s: error while initializing MAC block\n", __func__); 4601 goto fail; 4602 } 4603 urtwn_bb_init(sc); 4604 urtwn_rf_init(sc); 4605 4606 /* Reinitialize Rx filter (D3845 is not committed yet). */ 4607 urtwn_rxfilter_init(sc); 4608 4609 if (sc->chip & URTWN_CHIP_88E) { 4610 urtwn_write_2(sc, R92C_CR, 4611 urtwn_read_2(sc, R92C_CR) | R92C_CR_MACTXEN | 4612 R92C_CR_MACRXEN); 4613 } 4614 4615 /* Turn CCK and OFDM blocks on. */ 4616 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 4617 reg |= R92C_RFMOD_CCK_EN; 4618 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 4619 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4620 goto fail; 4621 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 4622 reg |= R92C_RFMOD_OFDM_EN; 4623 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 4624 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4625 goto fail; 4626 4627 /* Clear per-station keys table. */ 4628 urtwn_cam_init(sc); 4629 4630 /* Enable decryption / encryption. */ 4631 urtwn_write_2(sc, R92C_SECCFG, 4632 R92C_SECCFG_TXUCKEY_DEF | R92C_SECCFG_RXUCKEY_DEF | 4633 R92C_SECCFG_TXENC_ENA | R92C_SECCFG_RXDEC_ENA | 4634 R92C_SECCFG_TXBCKEY_DEF | R92C_SECCFG_RXBCKEY_DEF); 4635 4636 /* 4637 * Install static keys (if any). 4638 * Must be called after urtwn_cam_init(). 4639 */ 4640 ieee80211_runtask(ic, &sc->cmdq_task); 4641 4642 /* Enable hardware sequence numbering. */ 4643 urtwn_write_1(sc, R92C_HWSEQ_CTRL, 0xff); 4644 4645 /* Enable per-packet TX report. */ 4646 if (sc->chip & URTWN_CHIP_88E) { 4647 urtwn_write_1(sc, R88E_TX_RPT_CTRL, 4648 urtwn_read_1(sc, R88E_TX_RPT_CTRL) | R88E_TX_RPT1_ENA); 4649 } 4650 4651 /* Perform LO and IQ calibrations. */ 4652 urtwn_iq_calib(sc); 4653 /* Perform LC calibration. */ 4654 urtwn_lc_calib(sc); 4655 4656 /* Fix USB interference issue. */ 4657 if (!(sc->chip & URTWN_CHIP_88E)) { 4658 urtwn_write_1(sc, 0xfe40, 0xe0); 4659 urtwn_write_1(sc, 0xfe41, 0x8d); 4660 urtwn_write_1(sc, 0xfe42, 0x80); 4661 4662 urtwn_pa_bias_init(sc); 4663 } 4664 4665 /* Initialize GPIO setting. */ 4666 urtwn_write_1(sc, R92C_GPIO_MUXCFG, 4667 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT); 4668 4669 /* Fix for lower temperature. */ 4670 if (!(sc->chip & URTWN_CHIP_88E)) 4671 urtwn_write_1(sc, 0x15, 0xe9); 4672 4673 usbd_transfer_start(sc->sc_xfer[URTWN_BULK_RX]); 4674 4675 sc->sc_flags |= URTWN_RUNNING; 4676 4677 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 4678fail: 4679 if (usb_err != USB_ERR_NORMAL_COMPLETION) 4680 error = EIO; 4681 4682 URTWN_UNLOCK(sc); 4683 4684 return (error); 4685} 4686 4687static void 4688urtwn_stop(struct urtwn_softc *sc) 4689{ 4690 4691 URTWN_LOCK(sc); 4692 if (!(sc->sc_flags & URTWN_RUNNING)) { 4693 URTWN_UNLOCK(sc); 4694 return; 4695 } 4696 4697 sc->sc_flags &= ~URTWN_RUNNING; 4698 callout_stop(&sc->sc_watchdog_ch); 4699 urtwn_abort_xfers(sc); 4700 4701 urtwn_drain_mbufq(sc); 4702 URTWN_UNLOCK(sc); 4703} 4704 4705static void 4706urtwn_abort_xfers(struct urtwn_softc *sc) 4707{ 4708 int i; 4709 4710 URTWN_ASSERT_LOCKED(sc); 4711 4712 /* abort any pending transfers */ 4713 for (i = 0; i < URTWN_N_TRANSFER; i++) 4714 usbd_transfer_stop(sc->sc_xfer[i]); 4715} 4716 4717static int 4718urtwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 4719 const struct ieee80211_bpf_params *params) 4720{ 4721 struct ieee80211com *ic = ni->ni_ic; 4722 struct urtwn_softc *sc = ic->ic_softc; 4723 struct urtwn_data *bf; 4724 int error; 4725 4726 /* prevent management frames from being sent if we're not ready */ 4727 URTWN_LOCK(sc); 4728 if (!(sc->sc_flags & URTWN_RUNNING)) { 4729 error = ENETDOWN; 4730 goto end; 4731 } 4732 4733 bf = urtwn_getbuf(sc); 4734 if (bf == NULL) { 4735 error = ENOBUFS; 4736 goto end; 4737 } 4738 4739 if (params == NULL) { 4740 /* 4741 * Legacy path; interpret frame contents to decide 4742 * precisely how to send the frame. 4743 */ 4744 error = urtwn_tx_data(sc, ni, m, bf); 4745 } else { 4746 /* 4747 * Caller supplied explicit parameters to use in 4748 * sending the frame. 4749 */ 4750 error = urtwn_tx_raw(sc, ni, m, bf, params); 4751 } 4752 if (error != 0) { 4753 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next); 4754 goto end; 4755 } 4756 4757 sc->sc_txtimer = 5; 4758 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc); 4759 4760end: 4761 if (error != 0) 4762 m_freem(m); 4763 4764 URTWN_UNLOCK(sc); 4765 4766 return (error); 4767} 4768 4769static void 4770urtwn_ms_delay(struct urtwn_softc *sc) 4771{ 4772 usb_pause_mtx(&sc->sc_mtx, hz / 1000); 4773} 4774 4775static device_method_t urtwn_methods[] = { 4776 /* Device interface */ 4777 DEVMETHOD(device_probe, urtwn_match), 4778 DEVMETHOD(device_attach, urtwn_attach), 4779 DEVMETHOD(device_detach, urtwn_detach), 4780 4781 DEVMETHOD_END 4782}; 4783 4784static driver_t urtwn_driver = { 4785 "urtwn", 4786 urtwn_methods, 4787 sizeof(struct urtwn_softc) 4788}; 4789 4790static devclass_t urtwn_devclass; 4791 4792DRIVER_MODULE(urtwn, uhub, urtwn_driver, urtwn_devclass, NULL, NULL); 4793MODULE_DEPEND(urtwn, usb, 1, 1, 1); 4794MODULE_DEPEND(urtwn, wlan, 1, 1, 1); 4795MODULE_DEPEND(urtwn, firmware, 1, 1, 1); 4796MODULE_VERSION(urtwn, 1); 4797USB_PNP_HOST_INFO(urtwn_devs); 4798