if_run.c revision 267655
1/*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/cdefs.h> 21__FBSDID("$FreeBSD: releng/9.3/sys/dev/usb/wlan/if_run.c 267655 2014-06-20 00:13:56Z gjb $"); 22 23/*- 24 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 25 * http://www.ralinktech.com/ 26 */ 27 28#include <sys/param.h> 29#include <sys/sockio.h> 30#include <sys/sysctl.h> 31#include <sys/lock.h> 32#include <sys/mutex.h> 33#include <sys/mbuf.h> 34#include <sys/kernel.h> 35#include <sys/socket.h> 36#include <sys/systm.h> 37#include <sys/malloc.h> 38#include <sys/module.h> 39#include <sys/bus.h> 40#include <sys/endian.h> 41#include <sys/linker.h> 42#include <sys/firmware.h> 43#include <sys/kdb.h> 44 45#include <machine/bus.h> 46#include <machine/resource.h> 47#include <sys/rman.h> 48 49#include <net/bpf.h> 50#include <net/if.h> 51#include <net/if_arp.h> 52#include <net/ethernet.h> 53#include <net/if_dl.h> 54#include <net/if_media.h> 55#include <net/if_types.h> 56 57#include <netinet/in.h> 58#include <netinet/in_systm.h> 59#include <netinet/in_var.h> 60#include <netinet/if_ether.h> 61#include <netinet/ip.h> 62 63#include <net80211/ieee80211_var.h> 64#include <net80211/ieee80211_regdomain.h> 65#include <net80211/ieee80211_radiotap.h> 66#include <net80211/ieee80211_ratectl.h> 67 68#include <dev/usb/usb.h> 69#include <dev/usb/usbdi.h> 70#include "usbdevs.h" 71 72#define USB_DEBUG_VAR run_debug 73#include <dev/usb/usb_debug.h> 74#include <dev/usb/usb_msctest.h> 75 76#include <dev/usb/wlan/if_runreg.h> 77#include <dev/usb/wlan/if_runvar.h> 78 79#ifdef USB_DEBUG 80#define RUN_DEBUG 81#endif 82 83#ifdef RUN_DEBUG 84int run_debug = 0; 85static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 86SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 87 "run debug level"); 88#endif 89 90#define IEEE80211_HAS_ADDR4(wh) \ 91 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 92 93/* 94 * Because of LOR in run_key_delete(), use atomic instead. 95 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 96 */ 97#define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 98 99static const STRUCT_USB_HOST_ID run_devs[] = { 100#define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 101#define RUN_DEV_EJECT(v,p) \ 102 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, RUN_EJECT) } 103#define RUN_EJECT 1 104 RUN_DEV(ABOCOM, RT2770), 105 RUN_DEV(ABOCOM, RT2870), 106 RUN_DEV(ABOCOM, RT3070), 107 RUN_DEV(ABOCOM, RT3071), 108 RUN_DEV(ABOCOM, RT3072), 109 RUN_DEV(ABOCOM2, RT2870_1), 110 RUN_DEV(ACCTON, RT2770), 111 RUN_DEV(ACCTON, RT2870_1), 112 RUN_DEV(ACCTON, RT2870_2), 113 RUN_DEV(ACCTON, RT2870_3), 114 RUN_DEV(ACCTON, RT2870_4), 115 RUN_DEV(ACCTON, RT2870_5), 116 RUN_DEV(ACCTON, RT3070), 117 RUN_DEV(ACCTON, RT3070_1), 118 RUN_DEV(ACCTON, RT3070_2), 119 RUN_DEV(ACCTON, RT3070_3), 120 RUN_DEV(ACCTON, RT3070_4), 121 RUN_DEV(ACCTON, RT3070_5), 122 RUN_DEV(AIRTIES, RT3070), 123 RUN_DEV(ALLWIN, RT2070), 124 RUN_DEV(ALLWIN, RT2770), 125 RUN_DEV(ALLWIN, RT2870), 126 RUN_DEV(ALLWIN, RT3070), 127 RUN_DEV(ALLWIN, RT3071), 128 RUN_DEV(ALLWIN, RT3072), 129 RUN_DEV(ALLWIN, RT3572), 130 RUN_DEV(AMIGO, RT2870_1), 131 RUN_DEV(AMIGO, RT2870_2), 132 RUN_DEV(AMIT, CGWLUSB2GNR), 133 RUN_DEV(AMIT, RT2870_1), 134 RUN_DEV(AMIT2, RT2870), 135 RUN_DEV(ASUS, RT2870_1), 136 RUN_DEV(ASUS, RT2870_2), 137 RUN_DEV(ASUS, RT2870_3), 138 RUN_DEV(ASUS, RT2870_4), 139 RUN_DEV(ASUS, RT2870_5), 140 RUN_DEV(ASUS, USBN13), 141 RUN_DEV(ASUS, RT3070_1), 142 RUN_DEV(ASUS, USBN66), 143 RUN_DEV(ASUS, USB_N53), 144 RUN_DEV(ASUS2, USBN11), 145 RUN_DEV(AZUREWAVE, RT2870_1), 146 RUN_DEV(AZUREWAVE, RT2870_2), 147 RUN_DEV(AZUREWAVE, RT3070_1), 148 RUN_DEV(AZUREWAVE, RT3070_2), 149 RUN_DEV(AZUREWAVE, RT3070_3), 150 RUN_DEV(BELKIN, F9L1103), 151 RUN_DEV(BELKIN, F5D8053V3), 152 RUN_DEV(BELKIN, F5D8055), 153 RUN_DEV(BELKIN, F5D8055V2), 154 RUN_DEV(BELKIN, F6D4050V1), 155 RUN_DEV(BELKIN, F6D4050V2), 156 RUN_DEV(BELKIN, RT2870_1), 157 RUN_DEV(BELKIN, RT2870_2), 158 RUN_DEV(CISCOLINKSYS, AE1000), 159 RUN_DEV(CISCOLINKSYS2, RT3070), 160 RUN_DEV(CISCOLINKSYS3, RT3070), 161 RUN_DEV(CONCEPTRONIC2, RT2870_1), 162 RUN_DEV(CONCEPTRONIC2, RT2870_2), 163 RUN_DEV(CONCEPTRONIC2, RT2870_3), 164 RUN_DEV(CONCEPTRONIC2, RT2870_4), 165 RUN_DEV(CONCEPTRONIC2, RT2870_5), 166 RUN_DEV(CONCEPTRONIC2, RT2870_6), 167 RUN_DEV(CONCEPTRONIC2, RT2870_7), 168 RUN_DEV(CONCEPTRONIC2, RT2870_8), 169 RUN_DEV(CONCEPTRONIC2, RT3070_1), 170 RUN_DEV(CONCEPTRONIC2, RT3070_2), 171 RUN_DEV(CONCEPTRONIC2, VIGORN61), 172 RUN_DEV(COREGA, CGWLUSB300GNM), 173 RUN_DEV(COREGA, RT2870_1), 174 RUN_DEV(COREGA, RT2870_2), 175 RUN_DEV(COREGA, RT2870_3), 176 RUN_DEV(COREGA, RT3070), 177 RUN_DEV(CYBERTAN, RT2870), 178 RUN_DEV(DLINK, RT2870), 179 RUN_DEV(DLINK, RT3072), 180 RUN_DEV(DLINK, DWA127), 181 RUN_DEV(DLINK, DWA140B3), 182 RUN_DEV(DLINK, DWA160B2), 183 RUN_DEV(DLINK, DWA162), 184 RUN_DEV(DLINK2, DWA130), 185 RUN_DEV(DLINK2, RT2870_1), 186 RUN_DEV(DLINK2, RT2870_2), 187 RUN_DEV(DLINK2, RT3070_1), 188 RUN_DEV(DLINK2, RT3070_2), 189 RUN_DEV(DLINK2, RT3070_3), 190 RUN_DEV(DLINK2, RT3070_4), 191 RUN_DEV(DLINK2, RT3070_5), 192 RUN_DEV(DLINK2, RT3072), 193 RUN_DEV(DLINK2, RT3072_1), 194 RUN_DEV(EDIMAX, EW7717), 195 RUN_DEV(EDIMAX, EW7718), 196 RUN_DEV(EDIMAX, EW7733UND), 197 RUN_DEV(EDIMAX, RT2870_1), 198 RUN_DEV(ENCORE, RT3070_1), 199 RUN_DEV(ENCORE, RT3070_2), 200 RUN_DEV(ENCORE, RT3070_3), 201 RUN_DEV(GIGABYTE, GNWB31N), 202 RUN_DEV(GIGABYTE, GNWB32L), 203 RUN_DEV(GIGABYTE, RT2870_1), 204 RUN_DEV(GIGASET, RT3070_1), 205 RUN_DEV(GIGASET, RT3070_2), 206 RUN_DEV(GUILLEMOT, HWNU300), 207 RUN_DEV(HAWKING, HWUN2), 208 RUN_DEV(HAWKING, RT2870_1), 209 RUN_DEV(HAWKING, RT2870_2), 210 RUN_DEV(HAWKING, RT3070), 211 RUN_DEV(IODATA, RT3072_1), 212 RUN_DEV(IODATA, RT3072_2), 213 RUN_DEV(IODATA, RT3072_3), 214 RUN_DEV(IODATA, RT3072_4), 215 RUN_DEV(LINKSYS4, RT3070), 216 RUN_DEV(LINKSYS4, WUSB100), 217 RUN_DEV(LINKSYS4, WUSB54GCV3), 218 RUN_DEV(LINKSYS4, WUSB600N), 219 RUN_DEV(LINKSYS4, WUSB600NV2), 220 RUN_DEV(LOGITEC, RT2870_1), 221 RUN_DEV(LOGITEC, RT2870_2), 222 RUN_DEV(LOGITEC, RT2870_3), 223 RUN_DEV(LOGITEC, LANW300NU2), 224 RUN_DEV(LOGITEC, LANW150NU2), 225 RUN_DEV(LOGITEC, LANW300NU2S), 226 RUN_DEV(MELCO, RT2870_1), 227 RUN_DEV(MELCO, RT2870_2), 228 RUN_DEV(MELCO, WLIUCAG300N), 229 RUN_DEV(MELCO, WLIUCG300N), 230 RUN_DEV(MELCO, WLIUCG301N), 231 RUN_DEV(MELCO, WLIUCGN), 232 RUN_DEV(MELCO, WLIUCGNM), 233 RUN_DEV(MELCO, WLIUCGNM2), 234 RUN_DEV(MOTOROLA4, RT2770), 235 RUN_DEV(MOTOROLA4, RT3070), 236 RUN_DEV(MSI, RT3070_1), 237 RUN_DEV(MSI, RT3070_2), 238 RUN_DEV(MSI, RT3070_3), 239 RUN_DEV(MSI, RT3070_4), 240 RUN_DEV(MSI, RT3070_5), 241 RUN_DEV(MSI, RT3070_6), 242 RUN_DEV(MSI, RT3070_7), 243 RUN_DEV(MSI, RT3070_8), 244 RUN_DEV(MSI, RT3070_9), 245 RUN_DEV(MSI, RT3070_10), 246 RUN_DEV(MSI, RT3070_11), 247 RUN_DEV(OVISLINK, RT3072), 248 RUN_DEV(PARA, RT3070), 249 RUN_DEV(PEGATRON, RT2870), 250 RUN_DEV(PEGATRON, RT3070), 251 RUN_DEV(PEGATRON, RT3070_2), 252 RUN_DEV(PEGATRON, RT3070_3), 253 RUN_DEV(PHILIPS, RT2870), 254 RUN_DEV(PLANEX2, GWUS300MINIS), 255 RUN_DEV(PLANEX2, GWUSMICRON), 256 RUN_DEV(PLANEX2, RT2870), 257 RUN_DEV(PLANEX2, RT3070), 258 RUN_DEV(QCOM, RT2870), 259 RUN_DEV(QUANTA, RT3070), 260 RUN_DEV(RALINK, RT2070), 261 RUN_DEV(RALINK, RT2770), 262 RUN_DEV(RALINK, RT2870), 263 RUN_DEV(RALINK, RT3070), 264 RUN_DEV(RALINK, RT3071), 265 RUN_DEV(RALINK, RT3072), 266 RUN_DEV(RALINK, RT3370), 267 RUN_DEV(RALINK, RT3572), 268 RUN_DEV(RALINK, RT3573), 269 RUN_DEV(RALINK, RT5370), 270 RUN_DEV(RALINK, RT5572), 271 RUN_DEV(RALINK, RT8070), 272 RUN_DEV(SAMSUNG, WIS09ABGN), 273 RUN_DEV(SAMSUNG2, RT2870_1), 274 RUN_DEV(SENAO, RT2870_1), 275 RUN_DEV(SENAO, RT2870_2), 276 RUN_DEV(SENAO, RT2870_3), 277 RUN_DEV(SENAO, RT2870_4), 278 RUN_DEV(SENAO, RT3070), 279 RUN_DEV(SENAO, RT3071), 280 RUN_DEV(SENAO, RT3072_1), 281 RUN_DEV(SENAO, RT3072_2), 282 RUN_DEV(SENAO, RT3072_3), 283 RUN_DEV(SENAO, RT3072_4), 284 RUN_DEV(SENAO, RT3072_5), 285 RUN_DEV(SITECOMEU, RT2770), 286 RUN_DEV(SITECOMEU, RT2870_1), 287 RUN_DEV(SITECOMEU, RT2870_2), 288 RUN_DEV(SITECOMEU, RT2870_3), 289 RUN_DEV(SITECOMEU, RT2870_4), 290 RUN_DEV(SITECOMEU, RT3070), 291 RUN_DEV(SITECOMEU, RT3070_2), 292 RUN_DEV(SITECOMEU, RT3070_3), 293 RUN_DEV(SITECOMEU, RT3070_4), 294 RUN_DEV(SITECOMEU, RT3071), 295 RUN_DEV(SITECOMEU, RT3072_1), 296 RUN_DEV(SITECOMEU, RT3072_2), 297 RUN_DEV(SITECOMEU, RT3072_3), 298 RUN_DEV(SITECOMEU, RT3072_4), 299 RUN_DEV(SITECOMEU, RT3072_5), 300 RUN_DEV(SITECOMEU, RT3072_6), 301 RUN_DEV(SITECOMEU, WL608), 302 RUN_DEV(SPARKLAN, RT2870_1), 303 RUN_DEV(SPARKLAN, RT3070), 304 RUN_DEV(SWEEX2, LW153), 305 RUN_DEV(SWEEX2, LW303), 306 RUN_DEV(SWEEX2, LW313), 307 RUN_DEV(TOSHIBA, RT3070), 308 RUN_DEV(UMEDIA, RT2870_1), 309 RUN_DEV(ZCOM, RT2870_1), 310 RUN_DEV(ZCOM, RT2870_2), 311 RUN_DEV(ZINWELL, RT2870_1), 312 RUN_DEV(ZINWELL, RT2870_2), 313 RUN_DEV(ZINWELL, RT3070), 314 RUN_DEV(ZINWELL, RT3072_1), 315 RUN_DEV(ZINWELL, RT3072_2), 316 RUN_DEV(ZYXEL, RT2870_1), 317 RUN_DEV(ZYXEL, RT2870_2), 318 RUN_DEV_EJECT(ZYXEL, NWD2705), 319 RUN_DEV_EJECT(RALINK, RT_STOR), 320#undef RUN_DEV_EJECT 321#undef RUN_DEV 322}; 323 324static device_probe_t run_match; 325static device_attach_t run_attach; 326static device_detach_t run_detach; 327 328static usb_callback_t run_bulk_rx_callback; 329static usb_callback_t run_bulk_tx_callback0; 330static usb_callback_t run_bulk_tx_callback1; 331static usb_callback_t run_bulk_tx_callback2; 332static usb_callback_t run_bulk_tx_callback3; 333static usb_callback_t run_bulk_tx_callback4; 334static usb_callback_t run_bulk_tx_callback5; 335 336static void run_autoinst(void *, struct usb_device *, 337 struct usb_attach_arg *); 338static int run_driver_loaded(struct module *, int, void *); 339static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 340 usb_error_t error, u_int index); 341static struct ieee80211vap *run_vap_create(struct ieee80211com *, 342 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 343 const uint8_t [IEEE80211_ADDR_LEN], 344 const uint8_t [IEEE80211_ADDR_LEN]); 345static void run_vap_delete(struct ieee80211vap *); 346static void run_cmdq_cb(void *, int); 347static void run_setup_tx_list(struct run_softc *, 348 struct run_endpoint_queue *); 349static void run_unsetup_tx_list(struct run_softc *, 350 struct run_endpoint_queue *); 351static int run_load_microcode(struct run_softc *); 352static int run_reset(struct run_softc *); 353static usb_error_t run_do_request(struct run_softc *, 354 struct usb_device_request *, void *); 355static int run_read(struct run_softc *, uint16_t, uint32_t *); 356static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 357static int run_write_2(struct run_softc *, uint16_t, uint16_t); 358static int run_write(struct run_softc *, uint16_t, uint32_t); 359static int run_write_region_1(struct run_softc *, uint16_t, 360 const uint8_t *, int); 361static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 362static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 363static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 364static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 365static int run_rt2870_rf_write(struct run_softc *, uint32_t); 366static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 367static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 368static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 369static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 370static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 371static const char *run_get_rf(uint16_t); 372static void run_rt3593_get_txpower(struct run_softc *); 373static void run_get_txpower(struct run_softc *); 374static int run_read_eeprom(struct run_softc *); 375static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 376 const uint8_t mac[IEEE80211_ADDR_LEN]); 377static int run_media_change(struct ifnet *); 378static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 379static int run_wme_update(struct ieee80211com *); 380static void run_wme_update_cb(void *); 381static void run_key_update_begin(struct ieee80211vap *); 382static void run_key_update_end(struct ieee80211vap *); 383static void run_key_set_cb(void *); 384static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 385 const uint8_t mac[IEEE80211_ADDR_LEN]); 386static void run_key_delete_cb(void *); 387static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 388static void run_ratectl_to(void *); 389static void run_ratectl_cb(void *, int); 390static void run_drain_fifo(void *); 391static void run_iter_func(void *, struct ieee80211_node *); 392static void run_newassoc_cb(void *); 393static void run_newassoc(struct ieee80211_node *, int); 394static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 395static void run_tx_free(struct run_endpoint_queue *pq, 396 struct run_tx_data *, int); 397static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 398static int run_tx(struct run_softc *, struct mbuf *, 399 struct ieee80211_node *); 400static int run_tx_mgt(struct run_softc *, struct mbuf *, 401 struct ieee80211_node *); 402static int run_sendprot(struct run_softc *, const struct mbuf *, 403 struct ieee80211_node *, int, int); 404static int run_tx_param(struct run_softc *, struct mbuf *, 405 struct ieee80211_node *, 406 const struct ieee80211_bpf_params *); 407static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 408 const struct ieee80211_bpf_params *); 409static void run_start(struct ifnet *); 410static int run_ioctl(struct ifnet *, u_long, caddr_t); 411static void run_iq_calib(struct run_softc *, u_int); 412static void run_set_agc(struct run_softc *, uint8_t); 413static void run_select_chan_group(struct run_softc *, int); 414static void run_set_rx_antenna(struct run_softc *, int); 415static void run_rt2870_set_chan(struct run_softc *, u_int); 416static void run_rt3070_set_chan(struct run_softc *, u_int); 417static void run_rt3572_set_chan(struct run_softc *, u_int); 418static void run_rt3593_set_chan(struct run_softc *, u_int); 419static void run_rt5390_set_chan(struct run_softc *, u_int); 420static void run_rt5592_set_chan(struct run_softc *, u_int); 421static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 422static void run_set_channel(struct ieee80211com *); 423static void run_scan_start(struct ieee80211com *); 424static void run_scan_end(struct ieee80211com *); 425static void run_update_beacon(struct ieee80211vap *, int); 426static void run_update_beacon_cb(void *); 427static void run_updateprot(struct ieee80211com *); 428static void run_updateprot_cb(void *); 429static void run_usb_timeout_cb(void *); 430static void run_reset_livelock(struct run_softc *); 431static void run_enable_tsf_sync(struct run_softc *); 432static void run_enable_mrr(struct run_softc *); 433static void run_set_txpreamble(struct run_softc *); 434static void run_set_basicrates(struct run_softc *); 435static void run_set_leds(struct run_softc *, uint16_t); 436static void run_set_bssid(struct run_softc *, const uint8_t *); 437static void run_set_macaddr(struct run_softc *, const uint8_t *); 438static void run_updateslot(struct ifnet *); 439static void run_updateslot_cb(void *); 440static void run_update_mcast(struct ifnet *); 441static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 442static void run_update_promisc_locked(struct ifnet *); 443static void run_update_promisc(struct ifnet *); 444static void run_rt5390_bbp_init(struct run_softc *); 445static int run_bbp_init(struct run_softc *); 446static int run_rt3070_rf_init(struct run_softc *); 447static void run_rt3593_rf_init(struct run_softc *); 448static void run_rt5390_rf_init(struct run_softc *); 449static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 450 uint8_t *); 451static void run_rt3070_rf_setup(struct run_softc *); 452static void run_rt3593_rf_setup(struct run_softc *); 453static void run_rt5390_rf_setup(struct run_softc *); 454static int run_txrx_enable(struct run_softc *); 455static void run_adjust_freq_offset(struct run_softc *); 456static void run_init(void *); 457static void run_init_locked(struct run_softc *); 458static void run_stop(void *); 459static void run_delay(struct run_softc *, u_int); 460 461static eventhandler_tag run_etag; 462 463static const struct rt2860_rate { 464 uint8_t rate; 465 uint8_t mcs; 466 enum ieee80211_phytype phy; 467 uint8_t ctl_ridx; 468 uint16_t sp_ack_dur; 469 uint16_t lp_ack_dur; 470} rt2860_rates[] = { 471 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 472 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 473 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 474 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 475 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 476 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 477 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 478 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 479 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 480 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 481 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 482 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 483}; 484 485static const struct { 486 uint16_t reg; 487 uint32_t val; 488} rt2870_def_mac[] = { 489 RT2870_DEF_MAC 490}; 491 492static const struct { 493 uint8_t reg; 494 uint8_t val; 495} rt2860_def_bbp[] = { 496 RT2860_DEF_BBP 497},rt5390_def_bbp[] = { 498 RT5390_DEF_BBP 499},rt5592_def_bbp[] = { 500 RT5592_DEF_BBP 501}; 502 503/* 504 * Default values for BBP register R196 for RT5592. 505 */ 506static const uint8_t rt5592_bbp_r196[] = { 507 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 508 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 509 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 510 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 511 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 512 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 513 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 514 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 515 0x2e, 0x36, 0x30, 0x6e 516}; 517 518static const struct rfprog { 519 uint8_t chan; 520 uint32_t r1, r2, r3, r4; 521} rt2860_rf2850[] = { 522 RT2860_RF2850 523}; 524 525struct { 526 uint8_t n, r, k; 527} rt3070_freqs[] = { 528 RT3070_RF3052 529}; 530 531static const struct rt5592_freqs { 532 uint16_t n; 533 uint8_t k, m, r; 534} rt5592_freqs_20mhz[] = { 535 RT5592_RF5592_20MHZ 536},rt5592_freqs_40mhz[] = { 537 RT5592_RF5592_40MHZ 538}; 539 540static const struct { 541 uint8_t reg; 542 uint8_t val; 543} rt3070_def_rf[] = { 544 RT3070_DEF_RF 545},rt3572_def_rf[] = { 546 RT3572_DEF_RF 547},rt3593_def_rf[] = { 548 RT3593_DEF_RF 549},rt5390_def_rf[] = { 550 RT5390_DEF_RF 551},rt5392_def_rf[] = { 552 RT5392_DEF_RF 553},rt5592_def_rf[] = { 554 RT5592_DEF_RF 555},rt5592_2ghz_def_rf[] = { 556 RT5592_2GHZ_DEF_RF 557},rt5592_5ghz_def_rf[] = { 558 RT5592_5GHZ_DEF_RF 559}; 560 561static const struct { 562 u_int firstchan; 563 u_int lastchan; 564 uint8_t reg; 565 uint8_t val; 566} rt5592_chan_5ghz[] = { 567 RT5592_CHAN_5GHZ 568}; 569 570static const struct usb_config run_config[RUN_N_XFER] = { 571 [RUN_BULK_TX_BE] = { 572 .type = UE_BULK, 573 .endpoint = UE_ADDR_ANY, 574 .ep_index = 0, 575 .direction = UE_DIR_OUT, 576 .bufsize = RUN_MAX_TXSZ, 577 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 578 .callback = run_bulk_tx_callback0, 579 .timeout = 5000, /* ms */ 580 }, 581 [RUN_BULK_TX_BK] = { 582 .type = UE_BULK, 583 .endpoint = UE_ADDR_ANY, 584 .direction = UE_DIR_OUT, 585 .ep_index = 1, 586 .bufsize = RUN_MAX_TXSZ, 587 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 588 .callback = run_bulk_tx_callback1, 589 .timeout = 5000, /* ms */ 590 }, 591 [RUN_BULK_TX_VI] = { 592 .type = UE_BULK, 593 .endpoint = UE_ADDR_ANY, 594 .direction = UE_DIR_OUT, 595 .ep_index = 2, 596 .bufsize = RUN_MAX_TXSZ, 597 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 598 .callback = run_bulk_tx_callback2, 599 .timeout = 5000, /* ms */ 600 }, 601 [RUN_BULK_TX_VO] = { 602 .type = UE_BULK, 603 .endpoint = UE_ADDR_ANY, 604 .direction = UE_DIR_OUT, 605 .ep_index = 3, 606 .bufsize = RUN_MAX_TXSZ, 607 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 608 .callback = run_bulk_tx_callback3, 609 .timeout = 5000, /* ms */ 610 }, 611 [RUN_BULK_TX_HCCA] = { 612 .type = UE_BULK, 613 .endpoint = UE_ADDR_ANY, 614 .direction = UE_DIR_OUT, 615 .ep_index = 4, 616 .bufsize = RUN_MAX_TXSZ, 617 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 618 .callback = run_bulk_tx_callback4, 619 .timeout = 5000, /* ms */ 620 }, 621 [RUN_BULK_TX_PRIO] = { 622 .type = UE_BULK, 623 .endpoint = UE_ADDR_ANY, 624 .direction = UE_DIR_OUT, 625 .ep_index = 5, 626 .bufsize = RUN_MAX_TXSZ, 627 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 628 .callback = run_bulk_tx_callback5, 629 .timeout = 5000, /* ms */ 630 }, 631 [RUN_BULK_RX] = { 632 .type = UE_BULK, 633 .endpoint = UE_ADDR_ANY, 634 .direction = UE_DIR_IN, 635 .bufsize = RUN_MAX_RXSZ, 636 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 637 .callback = run_bulk_rx_callback, 638 } 639}; 640 641static void 642run_autoinst(void *arg, struct usb_device *udev, 643 struct usb_attach_arg *uaa) 644{ 645 struct usb_interface *iface; 646 struct usb_interface_descriptor *id; 647 648 if (uaa->dev_state != UAA_DEV_READY) 649 return; 650 651 iface = usbd_get_iface(udev, 0); 652 if (iface == NULL) 653 return; 654 id = iface->idesc; 655 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 656 return; 657 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 658 return; 659 660 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 661 uaa->dev_state = UAA_DEV_EJECTING; 662} 663 664static int 665run_driver_loaded(struct module *mod, int what, void *arg) 666{ 667 switch (what) { 668 case MOD_LOAD: 669 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 670 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 671 break; 672 case MOD_UNLOAD: 673 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 674 break; 675 default: 676 return (EOPNOTSUPP); 677 } 678 return (0); 679} 680 681static int 682run_match(device_t self) 683{ 684 struct usb_attach_arg *uaa = device_get_ivars(self); 685 686 if (uaa->usb_mode != USB_MODE_HOST) 687 return (ENXIO); 688 if (uaa->info.bConfigIndex != 0) 689 return (ENXIO); 690 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 691 return (ENXIO); 692 693 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 694} 695 696static int 697run_attach(device_t self) 698{ 699 struct run_softc *sc = device_get_softc(self); 700 struct usb_attach_arg *uaa = device_get_ivars(self); 701 struct ieee80211com *ic; 702 struct ifnet *ifp; 703 uint32_t ver; 704 int ntries, error; 705 uint8_t iface_index, bands; 706 707 device_set_usb_desc(self); 708 sc->sc_udev = uaa->device; 709 sc->sc_dev = self; 710 if (USB_GET_DRIVER_INFO(uaa) != RUN_EJECT) 711 sc->sc_flags |= RUN_FLAG_FWLOAD_NEEDED; 712 713 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), 714 MTX_NETWORK_LOCK, MTX_DEF); 715 716 iface_index = RT2860_IFACE_INDEX; 717 718 error = usbd_transfer_setup(uaa->device, &iface_index, 719 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx); 720 if (error) { 721 device_printf(self, "could not allocate USB transfers, " 722 "err=%s\n", usbd_errstr(error)); 723 goto detach; 724 } 725 726 RUN_LOCK(sc); 727 728 /* wait for the chip to settle */ 729 for (ntries = 0; ntries < 100; ntries++) { 730 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 731 RUN_UNLOCK(sc); 732 goto detach; 733 } 734 if (ver != 0 && ver != 0xffffffff) 735 break; 736 run_delay(sc, 10); 737 } 738 if (ntries == 100) { 739 device_printf(sc->sc_dev, 740 "timeout waiting for NIC to initialize\n"); 741 RUN_UNLOCK(sc); 742 goto detach; 743 } 744 sc->mac_ver = ver >> 16; 745 sc->mac_rev = ver & 0xffff; 746 747 /* retrieve RF rev. no and various other things from EEPROM */ 748 run_read_eeprom(sc); 749 750 device_printf(sc->sc_dev, 751 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 752 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 753 sc->ntxchains, sc->nrxchains, ether_sprintf(sc->sc_bssid)); 754 755 RUN_UNLOCK(sc); 756 757 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 758 if (ifp == NULL) { 759 device_printf(sc->sc_dev, "can not if_alloc()\n"); 760 goto detach; 761 } 762 ic = ifp->if_l2com; 763 764 ifp->if_softc = sc; 765 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 766 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 767 ifp->if_init = run_init; 768 ifp->if_ioctl = run_ioctl; 769 ifp->if_start = run_start; 770 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 771 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 772 IFQ_SET_READY(&ifp->if_snd); 773 774 ic->ic_ifp = ifp; 775 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 776 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 777 778 /* set device capabilities */ 779 ic->ic_caps = 780 IEEE80211_C_STA | /* station mode supported */ 781 IEEE80211_C_MONITOR | /* monitor mode supported */ 782 IEEE80211_C_IBSS | 783 IEEE80211_C_HOSTAP | 784 IEEE80211_C_WDS | /* 4-address traffic works */ 785 IEEE80211_C_MBSS | 786 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 787 IEEE80211_C_SHSLOT | /* short slot time supported */ 788 IEEE80211_C_WME | /* WME */ 789 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 790 791 ic->ic_cryptocaps = 792 IEEE80211_CRYPTO_WEP | 793 IEEE80211_CRYPTO_AES_CCM | 794 IEEE80211_CRYPTO_TKIPMIC | 795 IEEE80211_CRYPTO_TKIP; 796 797 ic->ic_flags |= IEEE80211_F_DATAPAD; 798 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 799 800 bands = 0; 801 setbit(&bands, IEEE80211_MODE_11B); 802 setbit(&bands, IEEE80211_MODE_11G); 803 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 804 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 805 sc->rf_rev == RT5592_RF_5592) 806 setbit(&bands, IEEE80211_MODE_11A); 807 ieee80211_init_channels(ic, NULL, &bands); 808 809 ieee80211_ifattach(ic, sc->sc_bssid); 810 811 ic->ic_scan_start = run_scan_start; 812 ic->ic_scan_end = run_scan_end; 813 ic->ic_set_channel = run_set_channel; 814 ic->ic_node_alloc = run_node_alloc; 815 ic->ic_newassoc = run_newassoc; 816 ic->ic_updateslot = run_updateslot; 817 ic->ic_update_mcast = run_update_mcast; 818 ic->ic_wme.wme_update = run_wme_update; 819 ic->ic_raw_xmit = run_raw_xmit; 820 ic->ic_update_promisc = run_update_promisc; 821 822 ic->ic_vap_create = run_vap_create; 823 ic->ic_vap_delete = run_vap_delete; 824 825 ieee80211_radiotap_attach(ic, 826 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 827 RUN_TX_RADIOTAP_PRESENT, 828 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 829 RUN_RX_RADIOTAP_PRESENT); 830 831 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 832 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 833 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0); 834 835 if (bootverbose) 836 ieee80211_announce(ic); 837 838 return (0); 839 840detach: 841 run_detach(self); 842 return (ENXIO); 843} 844 845static int 846run_detach(device_t self) 847{ 848 struct run_softc *sc = device_get_softc(self); 849 struct ifnet *ifp = sc->sc_ifp; 850 struct ieee80211com *ic; 851 int i; 852 853 RUN_LOCK(sc); 854 sc->sc_detached = 1; 855 RUN_UNLOCK(sc); 856 857 /* stop all USB transfers */ 858 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 859 860 RUN_LOCK(sc); 861 sc->ratectl_run = RUN_RATECTL_OFF; 862 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 863 864 /* free TX list, if any */ 865 for (i = 0; i != RUN_EP_QUEUES; i++) 866 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 867 RUN_UNLOCK(sc); 868 869 if (ifp) { 870 ic = ifp->if_l2com; 871 /* drain tasks */ 872 usb_callout_drain(&sc->ratectl_ch); 873 ieee80211_draintask(ic, &sc->cmdq_task); 874 ieee80211_draintask(ic, &sc->ratectl_task); 875 ieee80211_ifdetach(ic); 876 if_free(ifp); 877 } 878 879 mtx_destroy(&sc->sc_mtx); 880 881 return (0); 882} 883 884static struct ieee80211vap * 885run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 886 enum ieee80211_opmode opmode, int flags, 887 const uint8_t bssid[IEEE80211_ADDR_LEN], 888 const uint8_t mac[IEEE80211_ADDR_LEN]) 889{ 890 struct ifnet *ifp = ic->ic_ifp; 891 struct run_softc *sc = ifp->if_softc; 892 struct run_vap *rvp; 893 struct ieee80211vap *vap; 894 int i; 895 896 if (sc->rvp_cnt >= RUN_VAP_MAX) { 897 if_printf(ifp, "number of VAPs maxed out\n"); 898 return (NULL); 899 } 900 901 switch (opmode) { 902 case IEEE80211_M_STA: 903 /* enable s/w bmiss handling for sta mode */ 904 flags |= IEEE80211_CLONE_NOBEACONS; 905 /* fall though */ 906 case IEEE80211_M_IBSS: 907 case IEEE80211_M_MONITOR: 908 case IEEE80211_M_HOSTAP: 909 case IEEE80211_M_MBSS: 910 /* other than WDS vaps, only one at a time */ 911 if (!TAILQ_EMPTY(&ic->ic_vaps)) 912 return (NULL); 913 break; 914 case IEEE80211_M_WDS: 915 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 916 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 917 continue; 918 /* WDS vap's always share the local mac address. */ 919 flags &= ~IEEE80211_CLONE_BSSID; 920 break; 921 } 922 if (vap == NULL) { 923 if_printf(ifp, "wds only supported in ap mode\n"); 924 return (NULL); 925 } 926 break; 927 default: 928 if_printf(ifp, "unknown opmode %d\n", opmode); 929 return (NULL); 930 } 931 932 rvp = (struct run_vap *) malloc(sizeof(struct run_vap), 933 M_80211_VAP, M_NOWAIT | M_ZERO); 934 if (rvp == NULL) 935 return (NULL); 936 vap = &rvp->vap; 937 938 if (ieee80211_vap_setup(ic, vap, name, unit, 939 opmode, flags, bssid, mac) != 0) { 940 /* out of memory */ 941 free(rvp, M_80211_VAP); 942 return (NULL); 943 } 944 945 vap->iv_key_update_begin = run_key_update_begin; 946 vap->iv_key_update_end = run_key_update_end; 947 vap->iv_update_beacon = run_update_beacon; 948 vap->iv_max_aid = RT2870_WCID_MAX; 949 /* 950 * To delete the right key from h/w, we need wcid. 951 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 952 * and matching wcid will be written into there. So, cast 953 * some spells to remove 'const' from ieee80211_key{} 954 */ 955 vap->iv_key_delete = (void *)run_key_delete; 956 vap->iv_key_set = (void *)run_key_set; 957 958 /* override state transition machine */ 959 rvp->newstate = vap->iv_newstate; 960 vap->iv_newstate = run_newstate; 961 962 ieee80211_ratectl_init(vap); 963 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 964 965 /* complete setup */ 966 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 967 968 /* make sure id is always unique */ 969 for (i = 0; i < RUN_VAP_MAX; i++) { 970 if((sc->rvp_bmap & 1 << i) == 0){ 971 sc->rvp_bmap |= 1 << i; 972 rvp->rvp_id = i; 973 break; 974 } 975 } 976 if (sc->rvp_cnt++ == 0) 977 ic->ic_opmode = opmode; 978 979 if (opmode == IEEE80211_M_HOSTAP) 980 sc->cmdq_run = RUN_CMDQ_GO; 981 982 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 983 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 984 985 return (vap); 986} 987 988static void 989run_vap_delete(struct ieee80211vap *vap) 990{ 991 struct run_vap *rvp = RUN_VAP(vap); 992 struct ifnet *ifp; 993 struct ieee80211com *ic; 994 struct run_softc *sc; 995 uint8_t rvp_id; 996 997 if (vap == NULL) 998 return; 999 1000 ic = vap->iv_ic; 1001 ifp = ic->ic_ifp; 1002 1003 sc = ifp->if_softc; 1004 1005 RUN_LOCK(sc); 1006 1007 m_freem(rvp->beacon_mbuf); 1008 rvp->beacon_mbuf = NULL; 1009 1010 rvp_id = rvp->rvp_id; 1011 sc->ratectl_run &= ~(1 << rvp_id); 1012 sc->rvp_bmap &= ~(1 << rvp_id); 1013 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1014 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1015 --sc->rvp_cnt; 1016 1017 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1018 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1019 1020 RUN_UNLOCK(sc); 1021 1022 ieee80211_ratectl_deinit(vap); 1023 ieee80211_vap_detach(vap); 1024 free(rvp, M_80211_VAP); 1025} 1026 1027/* 1028 * There are numbers of functions need to be called in context thread. 1029 * Rather than creating taskqueue event for each of those functions, 1030 * here is all-for-one taskqueue callback function. This function 1031 * gurantees deferred functions are executed in the same order they 1032 * were enqueued. 1033 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1034 */ 1035static void 1036run_cmdq_cb(void *arg, int pending) 1037{ 1038 struct run_softc *sc = arg; 1039 uint8_t i; 1040 1041 /* call cmdq[].func locked */ 1042 RUN_LOCK(sc); 1043 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1044 i = sc->cmdq_exec, pending--) { 1045 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1046 if (sc->cmdq_run == RUN_CMDQ_GO) { 1047 /* 1048 * If arg0 is NULL, callback func needs more 1049 * than one arg. So, pass ptr to cmdq struct. 1050 */ 1051 if (sc->cmdq[i].arg0) 1052 sc->cmdq[i].func(sc->cmdq[i].arg0); 1053 else 1054 sc->cmdq[i].func(&sc->cmdq[i]); 1055 } 1056 sc->cmdq[i].arg0 = NULL; 1057 sc->cmdq[i].func = NULL; 1058 sc->cmdq_exec++; 1059 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1060 } 1061 RUN_UNLOCK(sc); 1062} 1063 1064static void 1065run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1066{ 1067 struct run_tx_data *data; 1068 1069 memset(pq, 0, sizeof(*pq)); 1070 1071 STAILQ_INIT(&pq->tx_qh); 1072 STAILQ_INIT(&pq->tx_fh); 1073 1074 for (data = &pq->tx_data[0]; 1075 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1076 data->sc = sc; 1077 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1078 } 1079 pq->tx_nfree = RUN_TX_RING_COUNT; 1080} 1081 1082static void 1083run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1084{ 1085 struct run_tx_data *data; 1086 1087 /* make sure any subsequent use of the queues will fail */ 1088 pq->tx_nfree = 0; 1089 STAILQ_INIT(&pq->tx_fh); 1090 STAILQ_INIT(&pq->tx_qh); 1091 1092 /* free up all node references and mbufs */ 1093 for (data = &pq->tx_data[0]; 1094 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1095 if (data->m != NULL) { 1096 m_freem(data->m); 1097 data->m = NULL; 1098 } 1099 if (data->ni != NULL) { 1100 ieee80211_free_node(data->ni); 1101 data->ni = NULL; 1102 } 1103 } 1104} 1105 1106static int 1107run_load_microcode(struct run_softc *sc) 1108{ 1109 usb_device_request_t req; 1110 const struct firmware *fw; 1111 const u_char *base; 1112 uint32_t tmp; 1113 int ntries, error; 1114 const uint64_t *temp; 1115 uint64_t bytes; 1116 1117 RUN_UNLOCK(sc); 1118 fw = firmware_get("runfw"); 1119 RUN_LOCK(sc); 1120 if (fw == NULL) { 1121 device_printf(sc->sc_dev, 1122 "failed loadfirmware of file %s\n", "runfw"); 1123 return ENOENT; 1124 } 1125 1126 if (fw->datasize != 8192) { 1127 device_printf(sc->sc_dev, 1128 "invalid firmware size (should be 8KB)\n"); 1129 error = EINVAL; 1130 goto fail; 1131 } 1132 1133 /* 1134 * RT3071/RT3072 use a different firmware 1135 * run-rt2870 (8KB) contains both, 1136 * first half (4KB) is for rt2870, 1137 * last half is for rt3071. 1138 */ 1139 base = fw->data; 1140 if ((sc->mac_ver) != 0x2860 && 1141 (sc->mac_ver) != 0x2872 && 1142 (sc->mac_ver) != 0x3070) { 1143 base += 4096; 1144 } 1145 1146 /* cheap sanity check */ 1147 temp = fw->data; 1148 bytes = *temp; 1149 if (bytes != be64toh(0xffffff0210280210ULL)) { 1150 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1151 error = EINVAL; 1152 goto fail; 1153 } 1154 1155 /* write microcode image */ 1156 if (sc->sc_flags & RUN_FLAG_FWLOAD_NEEDED) { 1157 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1158 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1159 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1160 } 1161 1162 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1163 req.bRequest = RT2870_RESET; 1164 USETW(req.wValue, 8); 1165 USETW(req.wIndex, 0); 1166 USETW(req.wLength, 0); 1167 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) 1168 != 0) { 1169 device_printf(sc->sc_dev, "firmware reset failed\n"); 1170 goto fail; 1171 } 1172 1173 run_delay(sc, 10); 1174 1175 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1176 run_write(sc, RT2860_H2M_MAILBOX, 0); 1177 run_write(sc, RT2860_H2M_INTSRC, 0); 1178 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1179 goto fail; 1180 1181 /* wait until microcontroller is ready */ 1182 for (ntries = 0; ntries < 1000; ntries++) { 1183 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1184 goto fail; 1185 if (tmp & RT2860_MCU_READY) 1186 break; 1187 run_delay(sc, 10); 1188 } 1189 if (ntries == 1000) { 1190 device_printf(sc->sc_dev, 1191 "timeout waiting for MCU to initialize\n"); 1192 error = ETIMEDOUT; 1193 goto fail; 1194 } 1195 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1196 (base == fw->data) ? "RT2870" : "RT3071", 1197 *(base + 4092), *(base + 4093)); 1198 1199fail: 1200 firmware_put(fw, FIRMWARE_UNLOAD); 1201 return (error); 1202} 1203 1204static int 1205run_reset(struct run_softc *sc) 1206{ 1207 usb_device_request_t req; 1208 1209 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1210 req.bRequest = RT2870_RESET; 1211 USETW(req.wValue, 1); 1212 USETW(req.wIndex, 0); 1213 USETW(req.wLength, 0); 1214 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)); 1215} 1216 1217static usb_error_t 1218run_do_request(struct run_softc *sc, 1219 struct usb_device_request *req, void *data) 1220{ 1221 usb_error_t err; 1222 int ntries = 10; 1223 1224 RUN_LOCK_ASSERT(sc, MA_OWNED); 1225 1226 while (ntries--) { 1227 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 1228 req, data, 0, NULL, 250 /* ms */); 1229 if (err == 0) 1230 break; 1231 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1232 usbd_errstr(err)); 1233 run_delay(sc, 10); 1234 } 1235 return (err); 1236} 1237 1238static int 1239run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1240{ 1241 uint32_t tmp; 1242 int error; 1243 1244 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1245 if (error == 0) 1246 *val = le32toh(tmp); 1247 else 1248 *val = 0xffffffff; 1249 return (error); 1250} 1251 1252static int 1253run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1254{ 1255 usb_device_request_t req; 1256 1257 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1258 req.bRequest = RT2870_READ_REGION_1; 1259 USETW(req.wValue, 0); 1260 USETW(req.wIndex, reg); 1261 USETW(req.wLength, len); 1262 1263 return (run_do_request(sc, &req, buf)); 1264} 1265 1266static int 1267run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1268{ 1269 usb_device_request_t req; 1270 1271 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1272 req.bRequest = RT2870_WRITE_2; 1273 USETW(req.wValue, val); 1274 USETW(req.wIndex, reg); 1275 USETW(req.wLength, 0); 1276 1277 return (run_do_request(sc, &req, NULL)); 1278} 1279 1280static int 1281run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1282{ 1283 int error; 1284 1285 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1286 error = run_write_2(sc, reg + 2, val >> 16); 1287 return (error); 1288} 1289 1290static int 1291run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1292 int len) 1293{ 1294#if 1 1295 int i, error = 0; 1296 /* 1297 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1298 * We thus issue multiple WRITE_2 commands instead. 1299 */ 1300 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1301 for (i = 0; i < len && error == 0; i += 2) 1302 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1303 return (error); 1304#else 1305 usb_device_request_t req; 1306 int error = 0; 1307 1308 /* 1309 * NOTE: It appears the WRITE_REGION_1 command cannot be 1310 * passed a huge amount of data, which will crash the 1311 * firmware. Limit amount of data passed to 64-bytes at a 1312 * time. 1313 */ 1314 while (len > 0) { 1315 int delta = 64; 1316 if (delta > len) 1317 delta = len; 1318 1319 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1320 req.bRequest = RT2870_WRITE_REGION_1; 1321 USETW(req.wValue, 0); 1322 USETW(req.wIndex, reg); 1323 USETW(req.wLength, delta); 1324 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1325 if (error != 0) 1326 break; 1327 reg += delta; 1328 buf += delta; 1329 len -= delta; 1330 } 1331 return (error); 1332#endif 1333} 1334 1335static int 1336run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1337{ 1338 int i, error = 0; 1339 1340 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1341 for (i = 0; i < len && error == 0; i += 4) 1342 error = run_write(sc, reg + i, val); 1343 return (error); 1344} 1345 1346static int 1347run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1348{ 1349 uint32_t tmp; 1350 uint16_t reg; 1351 int error, ntries; 1352 1353 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1354 return (error); 1355 1356 if (count == 2) 1357 addr *= 2; 1358 /*- 1359 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1360 * DATA0: F E D C 1361 * DATA1: B A 9 8 1362 * DATA2: 7 6 5 4 1363 * DATA3: 3 2 1 0 1364 */ 1365 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1366 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1367 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1368 for (ntries = 0; ntries < 100; ntries++) { 1369 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1370 return (error); 1371 if (!(tmp & RT3070_EFSROM_KICK)) 1372 break; 1373 run_delay(sc, 2); 1374 } 1375 if (ntries == 100) 1376 return (ETIMEDOUT); 1377 1378 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1379 *val = 0xffff; /* address not found */ 1380 return (0); 1381 } 1382 /* determine to which 32-bit register our 16-bit word belongs */ 1383 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1384 if ((error = run_read(sc, reg, &tmp)) != 0) 1385 return (error); 1386 1387 tmp >>= (8 * (addr & 0x3)); 1388 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1389 1390 return (0); 1391} 1392 1393/* Read 16-bit from eFUSE ROM for RT3xxx. */ 1394static int 1395run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1396{ 1397 return (run_efuse_read(sc, addr, val, 2)); 1398} 1399 1400static int 1401run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1402{ 1403 usb_device_request_t req; 1404 uint16_t tmp; 1405 int error; 1406 1407 addr *= 2; 1408 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1409 req.bRequest = RT2870_EEPROM_READ; 1410 USETW(req.wValue, 0); 1411 USETW(req.wIndex, addr); 1412 USETW(req.wLength, sizeof(tmp)); 1413 1414 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp); 1415 if (error == 0) 1416 *val = le16toh(tmp); 1417 else 1418 *val = 0xffff; 1419 return (error); 1420} 1421 1422static __inline int 1423run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1424{ 1425 /* either eFUSE ROM or EEPROM */ 1426 return sc->sc_srom_read(sc, addr, val); 1427} 1428 1429static int 1430run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1431{ 1432 uint32_t tmp; 1433 int error, ntries; 1434 1435 for (ntries = 0; ntries < 10; ntries++) { 1436 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1437 return (error); 1438 if (!(tmp & RT2860_RF_REG_CTRL)) 1439 break; 1440 } 1441 if (ntries == 10) 1442 return (ETIMEDOUT); 1443 1444 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1445} 1446 1447static int 1448run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1449{ 1450 uint32_t tmp; 1451 int error, ntries; 1452 1453 for (ntries = 0; ntries < 100; ntries++) { 1454 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1455 return (error); 1456 if (!(tmp & RT3070_RF_KICK)) 1457 break; 1458 } 1459 if (ntries == 100) 1460 return (ETIMEDOUT); 1461 1462 tmp = RT3070_RF_KICK | reg << 8; 1463 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1464 return (error); 1465 1466 for (ntries = 0; ntries < 100; ntries++) { 1467 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1468 return (error); 1469 if (!(tmp & RT3070_RF_KICK)) 1470 break; 1471 } 1472 if (ntries == 100) 1473 return (ETIMEDOUT); 1474 1475 *val = tmp & 0xff; 1476 return (0); 1477} 1478 1479static int 1480run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1481{ 1482 uint32_t tmp; 1483 int error, ntries; 1484 1485 for (ntries = 0; ntries < 10; ntries++) { 1486 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1487 return (error); 1488 if (!(tmp & RT3070_RF_KICK)) 1489 break; 1490 } 1491 if (ntries == 10) 1492 return (ETIMEDOUT); 1493 1494 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1495 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1496} 1497 1498static int 1499run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1500{ 1501 uint32_t tmp; 1502 int ntries, error; 1503 1504 for (ntries = 0; ntries < 10; ntries++) { 1505 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1506 return (error); 1507 if (!(tmp & RT2860_BBP_CSR_KICK)) 1508 break; 1509 } 1510 if (ntries == 10) 1511 return (ETIMEDOUT); 1512 1513 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1514 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1515 return (error); 1516 1517 for (ntries = 0; ntries < 10; ntries++) { 1518 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1519 return (error); 1520 if (!(tmp & RT2860_BBP_CSR_KICK)) 1521 break; 1522 } 1523 if (ntries == 10) 1524 return (ETIMEDOUT); 1525 1526 *val = tmp & 0xff; 1527 return (0); 1528} 1529 1530static int 1531run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1532{ 1533 uint32_t tmp; 1534 int ntries, error; 1535 1536 for (ntries = 0; ntries < 10; ntries++) { 1537 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1538 return (error); 1539 if (!(tmp & RT2860_BBP_CSR_KICK)) 1540 break; 1541 } 1542 if (ntries == 10) 1543 return (ETIMEDOUT); 1544 1545 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1546 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1547} 1548 1549/* 1550 * Send a command to the 8051 microcontroller unit. 1551 */ 1552static int 1553run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1554{ 1555 uint32_t tmp; 1556 int error, ntries; 1557 1558 for (ntries = 0; ntries < 100; ntries++) { 1559 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1560 return error; 1561 if (!(tmp & RT2860_H2M_BUSY)) 1562 break; 1563 } 1564 if (ntries == 100) 1565 return ETIMEDOUT; 1566 1567 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1568 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1569 error = run_write(sc, RT2860_HOST_CMD, cmd); 1570 return (error); 1571} 1572 1573/* 1574 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1575 * Used to adjust per-rate Tx power registers. 1576 */ 1577static __inline uint32_t 1578b4inc(uint32_t b32, int8_t delta) 1579{ 1580 int8_t i, b4; 1581 1582 for (i = 0; i < 8; i++) { 1583 b4 = b32 & 0xf; 1584 b4 += delta; 1585 if (b4 < 0) 1586 b4 = 0; 1587 else if (b4 > 0xf) 1588 b4 = 0xf; 1589 b32 = b32 >> 4 | b4 << 28; 1590 } 1591 return (b32); 1592} 1593 1594static const char * 1595run_get_rf(uint16_t rev) 1596{ 1597 switch (rev) { 1598 case RT2860_RF_2820: return "RT2820"; 1599 case RT2860_RF_2850: return "RT2850"; 1600 case RT2860_RF_2720: return "RT2720"; 1601 case RT2860_RF_2750: return "RT2750"; 1602 case RT3070_RF_3020: return "RT3020"; 1603 case RT3070_RF_2020: return "RT2020"; 1604 case RT3070_RF_3021: return "RT3021"; 1605 case RT3070_RF_3022: return "RT3022"; 1606 case RT3070_RF_3052: return "RT3052"; 1607 case RT3593_RF_3053: return "RT3053"; 1608 case RT5592_RF_5592: return "RT5592"; 1609 case RT5390_RF_5370: return "RT5370"; 1610 case RT5390_RF_5372: return "RT5372"; 1611 } 1612 return ("unknown"); 1613} 1614 1615static void 1616run_rt3593_get_txpower(struct run_softc *sc) 1617{ 1618 uint16_t addr, val; 1619 int i; 1620 1621 /* Read power settings for 2GHz channels. */ 1622 for (i = 0; i < 14; i += 2) { 1623 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1624 RT2860_EEPROM_PWR2GHZ_BASE1; 1625 run_srom_read(sc, addr + i / 2, &val); 1626 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1627 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1628 1629 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1630 RT2860_EEPROM_PWR2GHZ_BASE2; 1631 run_srom_read(sc, addr + i / 2, &val); 1632 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1633 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1634 1635 if (sc->ntxchains == 3) { 1636 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1637 &val); 1638 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1639 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1640 } 1641 } 1642 /* Fix broken Tx power entries. */ 1643 for (i = 0; i < 14; i++) { 1644 if (sc->txpow1[i] > 31) 1645 sc->txpow1[i] = 5; 1646 if (sc->txpow2[i] > 31) 1647 sc->txpow2[i] = 5; 1648 if (sc->ntxchains == 3) { 1649 if (sc->txpow3[i] > 31) 1650 sc->txpow3[i] = 5; 1651 } 1652 } 1653 /* Read power settings for 5GHz channels. */ 1654 for (i = 0; i < 40; i += 2) { 1655 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1656 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1657 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1658 1659 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1660 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1661 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1662 1663 if (sc->ntxchains == 3) { 1664 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1665 &val); 1666 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1667 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1668 } 1669 } 1670} 1671 1672static void 1673run_get_txpower(struct run_softc *sc) 1674{ 1675 uint16_t val; 1676 int i; 1677 1678 /* Read power settings for 2GHz channels. */ 1679 for (i = 0; i < 14; i += 2) { 1680 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1681 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1682 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1683 1684 if (sc->mac_ver != 0x5390) { 1685 run_srom_read(sc, 1686 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1687 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1688 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1689 } 1690 } 1691 /* Fix broken Tx power entries. */ 1692 for (i = 0; i < 14; i++) { 1693 if (sc->mac_ver >= 0x5390) { 1694 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1695 sc->txpow1[i] = 5; 1696 } else { 1697 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1698 sc->txpow1[i] = 5; 1699 } 1700 if (sc->mac_ver > 0x5390) { 1701 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1702 sc->txpow2[i] = 5; 1703 } else if (sc->mac_ver < 0x5390) { 1704 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1705 sc->txpow2[i] = 5; 1706 } 1707 DPRINTF("chan %d: power1=%d, power2=%d\n", 1708 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1709 } 1710 /* Read power settings for 5GHz channels. */ 1711 for (i = 0; i < 40; i += 2) { 1712 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1713 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1714 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1715 1716 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1717 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1718 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1719 } 1720 /* Fix broken Tx power entries. */ 1721 for (i = 0; i < 40; i++ ) { 1722 if (sc->mac_ver != 0x5592) { 1723 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1724 sc->txpow1[14 + i] = 5; 1725 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1726 sc->txpow2[14 + i] = 5; 1727 } 1728 DPRINTF("chan %d: power1=%d, power2=%d\n", 1729 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1730 sc->txpow2[14 + i]); 1731 } 1732} 1733 1734static int 1735run_read_eeprom(struct run_softc *sc) 1736{ 1737 int8_t delta_2ghz, delta_5ghz; 1738 uint32_t tmp; 1739 uint16_t val; 1740 int ridx, ant, i; 1741 1742 /* check whether the ROM is eFUSE ROM or EEPROM */ 1743 sc->sc_srom_read = run_eeprom_read_2; 1744 if (sc->mac_ver >= 0x3070) { 1745 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1746 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1747 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593) 1748 sc->sc_srom_read = run_efuse_read_2; 1749 } 1750 1751 /* read ROM version */ 1752 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1753 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1754 1755 /* read MAC address */ 1756 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1757 sc->sc_bssid[0] = val & 0xff; 1758 sc->sc_bssid[1] = val >> 8; 1759 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1760 sc->sc_bssid[2] = val & 0xff; 1761 sc->sc_bssid[3] = val >> 8; 1762 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1763 sc->sc_bssid[4] = val & 0xff; 1764 sc->sc_bssid[5] = val >> 8; 1765 1766 if (sc->mac_ver < 0x3593) { 1767 /* read vender BBP settings */ 1768 for (i = 0; i < 10; i++) { 1769 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1770 sc->bbp[i].val = val & 0xff; 1771 sc->bbp[i].reg = val >> 8; 1772 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1773 sc->bbp[i].val); 1774 } 1775 if (sc->mac_ver >= 0x3071) { 1776 /* read vendor RF settings */ 1777 for (i = 0; i < 10; i++) { 1778 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1779 &val); 1780 sc->rf[i].val = val & 0xff; 1781 sc->rf[i].reg = val >> 8; 1782 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1783 sc->rf[i].val); 1784 } 1785 } 1786 } 1787 1788 /* read RF frequency offset from EEPROM */ 1789 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1790 RT3593_EEPROM_FREQ, &val); 1791 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1792 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1793 1794 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1795 RT3593_EEPROM_FREQ_LEDS, &val); 1796 if (val >> 8 != 0xff) { 1797 /* read LEDs operating mode */ 1798 sc->leds = val >> 8; 1799 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1800 RT3593_EEPROM_LED1, &sc->led[0]); 1801 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1802 RT3593_EEPROM_LED2, &sc->led[1]); 1803 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1804 RT3593_EEPROM_LED3, &sc->led[2]); 1805 } else { 1806 /* broken EEPROM, use default settings */ 1807 sc->leds = 0x01; 1808 sc->led[0] = 0x5555; 1809 sc->led[1] = 0x2221; 1810 sc->led[2] = 0x5627; /* differs from RT2860 */ 1811 } 1812 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1813 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1814 1815 /* read RF information */ 1816 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1817 run_srom_read(sc, 0x00, &val); 1818 else 1819 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1820 1821 if (val == 0xffff) { 1822 device_printf(sc->sc_dev, 1823 "invalid EEPROM antenna info, using default\n"); 1824 DPRINTF("invalid EEPROM antenna info, using default\n"); 1825 if (sc->mac_ver == 0x3572) { 1826 /* default to RF3052 2T2R */ 1827 sc->rf_rev = RT3070_RF_3052; 1828 sc->ntxchains = 2; 1829 sc->nrxchains = 2; 1830 } else if (sc->mac_ver >= 0x3070) { 1831 /* default to RF3020 1T1R */ 1832 sc->rf_rev = RT3070_RF_3020; 1833 sc->ntxchains = 1; 1834 sc->nrxchains = 1; 1835 } else { 1836 /* default to RF2820 1T2R */ 1837 sc->rf_rev = RT2860_RF_2820; 1838 sc->ntxchains = 1; 1839 sc->nrxchains = 2; 1840 } 1841 } else { 1842 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1843 sc->rf_rev = val; 1844 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1845 } else 1846 sc->rf_rev = (val >> 8) & 0xf; 1847 sc->ntxchains = (val >> 4) & 0xf; 1848 sc->nrxchains = val & 0xf; 1849 } 1850 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1851 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1852 1853 /* check if RF supports automatic Tx access gain control */ 1854 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1855 DPRINTF("EEPROM CFG 0x%04x\n", val); 1856 /* check if driver should patch the DAC issue */ 1857 if ((val >> 8) != 0xff) 1858 sc->patch_dac = (val >> 15) & 1; 1859 if ((val & 0xff) != 0xff) { 1860 sc->ext_5ghz_lna = (val >> 3) & 1; 1861 sc->ext_2ghz_lna = (val >> 2) & 1; 1862 /* check if RF supports automatic Tx access gain control */ 1863 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1864 /* check if we have a hardware radio switch */ 1865 sc->rfswitch = val & 1; 1866 } 1867 1868 /* Read Tx power settings. */ 1869 if (sc->mac_ver == 0x3593) 1870 run_rt3593_get_txpower(sc); 1871 else 1872 run_get_txpower(sc); 1873 1874 /* read Tx power compensation for each Tx rate */ 1875 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1876 delta_2ghz = delta_5ghz = 0; 1877 if ((val & 0xff) != 0xff && (val & 0x80)) { 1878 delta_2ghz = val & 0xf; 1879 if (!(val & 0x40)) /* negative number */ 1880 delta_2ghz = -delta_2ghz; 1881 } 1882 val >>= 8; 1883 if ((val & 0xff) != 0xff && (val & 0x80)) { 1884 delta_5ghz = val & 0xf; 1885 if (!(val & 0x40)) /* negative number */ 1886 delta_5ghz = -delta_5ghz; 1887 } 1888 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1889 delta_2ghz, delta_5ghz); 1890 1891 for (ridx = 0; ridx < 5; ridx++) { 1892 uint32_t reg; 1893 1894 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1895 reg = val; 1896 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1897 reg |= (uint32_t)val << 16; 1898 1899 sc->txpow20mhz[ridx] = reg; 1900 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1901 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1902 1903 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1904 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1905 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1906 } 1907 1908 /* Read RSSI offsets and LNA gains from EEPROM. */ 1909 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1910 RT3593_EEPROM_RSSI1_2GHZ, &val); 1911 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1912 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1913 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1914 RT3593_EEPROM_RSSI2_2GHZ, &val); 1915 if (sc->mac_ver >= 0x3070) { 1916 if (sc->mac_ver == 0x3593) { 1917 sc->txmixgain_2ghz = 0; 1918 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1919 } else { 1920 /* 1921 * On RT3070 chips (limited to 2 Rx chains), this ROM 1922 * field contains the Tx mixer gain for the 2GHz band. 1923 */ 1924 if ((val & 0xff) != 0xff) 1925 sc->txmixgain_2ghz = val & 0x7; 1926 } 1927 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1928 } else 1929 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1930 if (sc->mac_ver == 0x3593) 1931 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1932 sc->lna[2] = val >> 8; /* channel group 2 */ 1933 1934 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1935 RT3593_EEPROM_RSSI1_5GHZ, &val); 1936 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1937 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1938 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1939 RT3593_EEPROM_RSSI2_5GHZ, &val); 1940 if (sc->mac_ver == 0x3572) { 1941 /* 1942 * On RT3572 chips (limited to 2 Rx chains), this ROM 1943 * field contains the Tx mixer gain for the 5GHz band. 1944 */ 1945 if ((val & 0xff) != 0xff) 1946 sc->txmixgain_5ghz = val & 0x7; 1947 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1948 } else 1949 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1950 if (sc->mac_ver == 0x3593) { 1951 sc->txmixgain_5ghz = 0; 1952 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1953 } 1954 sc->lna[3] = val >> 8; /* channel group 3 */ 1955 1956 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1957 RT3593_EEPROM_LNA, &val); 1958 sc->lna[0] = val & 0xff; /* channel group 0 */ 1959 sc->lna[1] = val >> 8; /* channel group 1 */ 1960 1961 /* fix broken 5GHz LNA entries */ 1962 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1963 DPRINTF("invalid LNA for channel group %d\n", 2); 1964 sc->lna[2] = sc->lna[1]; 1965 } 1966 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1967 DPRINTF("invalid LNA for channel group %d\n", 3); 1968 sc->lna[3] = sc->lna[1]; 1969 } 1970 1971 /* fix broken RSSI offset entries */ 1972 for (ant = 0; ant < 3; ant++) { 1973 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1974 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1975 ant + 1, sc->rssi_2ghz[ant]); 1976 sc->rssi_2ghz[ant] = 0; 1977 } 1978 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1979 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1980 ant + 1, sc->rssi_5ghz[ant]); 1981 sc->rssi_5ghz[ant] = 0; 1982 } 1983 } 1984 return (0); 1985} 1986 1987static struct ieee80211_node * 1988run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1989{ 1990 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1991} 1992 1993static int 1994run_media_change(struct ifnet *ifp) 1995{ 1996 struct ieee80211vap *vap = ifp->if_softc; 1997 struct ieee80211com *ic = vap->iv_ic; 1998 const struct ieee80211_txparam *tp; 1999 struct run_softc *sc = ic->ic_ifp->if_softc; 2000 uint8_t rate, ridx; 2001 int error; 2002 2003 RUN_LOCK(sc); 2004 2005 error = ieee80211_media_change(ifp); 2006 if (error != ENETRESET) { 2007 RUN_UNLOCK(sc); 2008 return (error); 2009 } 2010 2011 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2012 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2013 struct ieee80211_node *ni; 2014 struct run_node *rn; 2015 2016 rate = ic->ic_sup_rates[ic->ic_curmode]. 2017 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2018 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2019 if (rt2860_rates[ridx].rate == rate) 2020 break; 2021 ni = ieee80211_ref_node(vap->iv_bss); 2022 rn = (struct run_node *)ni; 2023 rn->fix_ridx = ridx; 2024 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2025 ieee80211_free_node(ni); 2026 } 2027 2028#if 0 2029 if ((ifp->if_flags & IFF_UP) && 2030 (ifp->if_drv_flags & IFF_DRV_RUNNING)){ 2031 run_init_locked(sc); 2032 } 2033#endif 2034 2035 RUN_UNLOCK(sc); 2036 2037 return (0); 2038} 2039 2040static int 2041run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2042{ 2043 const struct ieee80211_txparam *tp; 2044 struct ieee80211com *ic = vap->iv_ic; 2045 struct run_softc *sc = ic->ic_ifp->if_softc; 2046 struct run_vap *rvp = RUN_VAP(vap); 2047 enum ieee80211_state ostate; 2048 uint32_t sta[3]; 2049 uint32_t tmp; 2050 uint8_t ratectl; 2051 uint8_t restart_ratectl = 0; 2052 uint8_t bid = 1 << rvp->rvp_id; 2053 2054 ostate = vap->iv_state; 2055 DPRINTF("%s -> %s\n", 2056 ieee80211_state_name[ostate], 2057 ieee80211_state_name[nstate]); 2058 2059 IEEE80211_UNLOCK(ic); 2060 RUN_LOCK(sc); 2061 2062 ratectl = sc->ratectl_run; /* remember current state */ 2063 sc->ratectl_run = RUN_RATECTL_OFF; 2064 usb_callout_stop(&sc->ratectl_ch); 2065 2066 if (ostate == IEEE80211_S_RUN) { 2067 /* turn link LED off */ 2068 run_set_leds(sc, RT2860_LED_RADIO); 2069 } 2070 2071 switch (nstate) { 2072 case IEEE80211_S_INIT: 2073 restart_ratectl = 1; 2074 2075 if (ostate != IEEE80211_S_RUN) 2076 break; 2077 2078 ratectl &= ~bid; 2079 sc->runbmap &= ~bid; 2080 2081 /* abort TSF synchronization if there is no vap running */ 2082 if (--sc->running == 0) { 2083 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2084 run_write(sc, RT2860_BCN_TIME_CFG, 2085 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2086 RT2860_TBTT_TIMER_EN)); 2087 } 2088 break; 2089 2090 case IEEE80211_S_RUN: 2091 if (!(sc->runbmap & bid)) { 2092 if(sc->running++) 2093 restart_ratectl = 1; 2094 sc->runbmap |= bid; 2095 } 2096 2097 m_freem(rvp->beacon_mbuf); 2098 rvp->beacon_mbuf = NULL; 2099 2100 switch (vap->iv_opmode) { 2101 case IEEE80211_M_HOSTAP: 2102 case IEEE80211_M_MBSS: 2103 sc->ap_running |= bid; 2104 ic->ic_opmode = vap->iv_opmode; 2105 run_update_beacon_cb(vap); 2106 break; 2107 case IEEE80211_M_IBSS: 2108 sc->adhoc_running |= bid; 2109 if (!sc->ap_running) 2110 ic->ic_opmode = vap->iv_opmode; 2111 run_update_beacon_cb(vap); 2112 break; 2113 case IEEE80211_M_STA: 2114 sc->sta_running |= bid; 2115 if (!sc->ap_running && !sc->adhoc_running) 2116 ic->ic_opmode = vap->iv_opmode; 2117 2118 /* read statistic counters (clear on read) */ 2119 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2120 (uint8_t *)sta, sizeof sta); 2121 2122 break; 2123 default: 2124 ic->ic_opmode = vap->iv_opmode; 2125 break; 2126 } 2127 2128 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2129 struct ieee80211_node *ni; 2130 2131 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2132 RUN_UNLOCK(sc); 2133 IEEE80211_LOCK(ic); 2134 return (-1); 2135 } 2136 run_updateslot(ic->ic_ifp); 2137 run_enable_mrr(sc); 2138 run_set_txpreamble(sc); 2139 run_set_basicrates(sc); 2140 ni = ieee80211_ref_node(vap->iv_bss); 2141 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2142 run_set_bssid(sc, ni->ni_bssid); 2143 ieee80211_free_node(ni); 2144 run_enable_tsf_sync(sc); 2145 2146 /* enable automatic rate adaptation */ 2147 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2148 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2149 ratectl |= bid; 2150 } 2151 2152 /* turn link LED on */ 2153 run_set_leds(sc, RT2860_LED_RADIO | 2154 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2155 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2156 2157 break; 2158 default: 2159 DPRINTFN(6, "undefined case\n"); 2160 break; 2161 } 2162 2163 /* restart amrr for running VAPs */ 2164 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2165 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2166 2167 RUN_UNLOCK(sc); 2168 IEEE80211_LOCK(ic); 2169 2170 return(rvp->newstate(vap, nstate, arg)); 2171} 2172 2173/* ARGSUSED */ 2174static void 2175run_wme_update_cb(void *arg) 2176{ 2177 struct ieee80211com *ic = arg; 2178 struct run_softc *sc = ic->ic_ifp->if_softc; 2179 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2180 int aci, error = 0; 2181 2182 RUN_LOCK_ASSERT(sc, MA_OWNED); 2183 2184 /* update MAC TX configuration registers */ 2185 for (aci = 0; aci < WME_NUM_AC; aci++) { 2186 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2187 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2188 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2189 wmesp->wme_params[aci].wmep_aifsn << 8 | 2190 wmesp->wme_params[aci].wmep_txopLimit); 2191 if (error) goto err; 2192 } 2193 2194 /* update SCH/DMA registers too */ 2195 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2196 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2197 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2198 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2199 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2200 if (error) goto err; 2201 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2202 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2203 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2204 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2205 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2206 if (error) goto err; 2207 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2208 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2209 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2210 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2211 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2212 if (error) goto err; 2213 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2214 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2215 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2216 if (error) goto err; 2217 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2218 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2219 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2220 2221err: 2222 if (error) 2223 DPRINTF("WME update failed\n"); 2224 2225 return; 2226} 2227 2228static int 2229run_wme_update(struct ieee80211com *ic) 2230{ 2231 struct run_softc *sc = ic->ic_ifp->if_softc; 2232 2233 /* sometime called wothout lock */ 2234 if (mtx_owned(&ic->ic_comlock.mtx)) { 2235 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2236 DPRINTF("cmdq_store=%d\n", i); 2237 sc->cmdq[i].func = run_wme_update_cb; 2238 sc->cmdq[i].arg0 = ic; 2239 ieee80211_runtask(ic, &sc->cmdq_task); 2240 return (0); 2241 } 2242 2243 RUN_LOCK(sc); 2244 run_wme_update_cb(ic); 2245 RUN_UNLOCK(sc); 2246 2247 /* return whatever, upper layer desn't care anyway */ 2248 return (0); 2249} 2250 2251static void 2252run_key_update_begin(struct ieee80211vap *vap) 2253{ 2254 /* 2255 * To avoid out-of-order events, both run_key_set() and 2256 * _delete() are deferred and handled by run_cmdq_cb(). 2257 * So, there is nothing we need to do here. 2258 */ 2259} 2260 2261static void 2262run_key_update_end(struct ieee80211vap *vap) 2263{ 2264 /* null */ 2265} 2266 2267static void 2268run_key_set_cb(void *arg) 2269{ 2270 struct run_cmdq *cmdq = arg; 2271 struct ieee80211vap *vap = cmdq->arg1; 2272 struct ieee80211_key *k = cmdq->k; 2273 struct ieee80211com *ic = vap->iv_ic; 2274 struct run_softc *sc = ic->ic_ifp->if_softc; 2275 struct ieee80211_node *ni; 2276 uint32_t attr; 2277 uint16_t base, associd; 2278 uint8_t mode, wcid, iv[8]; 2279 2280 RUN_LOCK_ASSERT(sc, MA_OWNED); 2281 2282 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2283 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2284 else 2285 ni = vap->iv_bss; 2286 associd = (ni != NULL) ? ni->ni_associd : 0; 2287 2288 /* map net80211 cipher to RT2860 security mode */ 2289 switch (k->wk_cipher->ic_cipher) { 2290 case IEEE80211_CIPHER_WEP: 2291 if(k->wk_keylen < 8) 2292 mode = RT2860_MODE_WEP40; 2293 else 2294 mode = RT2860_MODE_WEP104; 2295 break; 2296 case IEEE80211_CIPHER_TKIP: 2297 mode = RT2860_MODE_TKIP; 2298 break; 2299 case IEEE80211_CIPHER_AES_CCM: 2300 mode = RT2860_MODE_AES_CCMP; 2301 break; 2302 default: 2303 DPRINTF("undefined case\n"); 2304 return; 2305 } 2306 2307 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2308 associd, k->wk_keyix, mode, 2309 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2310 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2311 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2312 2313 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2314 wcid = 0; /* NB: update WCID0 for group keys */ 2315 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2316 } else { 2317 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2318 1 : RUN_AID2WCID(associd); 2319 base = RT2860_PKEY(wcid); 2320 } 2321 2322 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2323 if(run_write_region_1(sc, base, k->wk_key, 16)) 2324 return; 2325 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2326 return; 2327 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2328 return; 2329 } else { 2330 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2331 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2332 return; 2333 } 2334 2335 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2336 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2337 /* set initial packet number in IV+EIV */ 2338 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2339 memset(iv, 0, sizeof iv); 2340 iv[3] = vap->iv_def_txkey << 6; 2341 } else { 2342 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2343 iv[0] = k->wk_keytsc >> 8; 2344 iv[1] = (iv[0] | 0x20) & 0x7f; 2345 iv[2] = k->wk_keytsc; 2346 } else /* CCMP */ { 2347 iv[0] = k->wk_keytsc; 2348 iv[1] = k->wk_keytsc >> 8; 2349 iv[2] = 0; 2350 } 2351 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2352 iv[4] = k->wk_keytsc >> 16; 2353 iv[5] = k->wk_keytsc >> 24; 2354 iv[6] = k->wk_keytsc >> 32; 2355 iv[7] = k->wk_keytsc >> 40; 2356 } 2357 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2358 return; 2359 } 2360 2361 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2362 /* install group key */ 2363 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2364 return; 2365 attr &= ~(0xf << (k->wk_keyix * 4)); 2366 attr |= mode << (k->wk_keyix * 4); 2367 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2368 return; 2369 } else { 2370 /* install pairwise key */ 2371 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2372 return; 2373 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2374 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2375 return; 2376 } 2377 2378 /* TODO create a pass-thru key entry? */ 2379 2380 /* need wcid to delete the right key later */ 2381 k->wk_pad = wcid; 2382} 2383 2384/* 2385 * Don't have to be deferred, but in order to keep order of 2386 * execution, i.e. with run_key_delete(), defer this and let 2387 * run_cmdq_cb() maintain the order. 2388 * 2389 * return 0 on error 2390 */ 2391static int 2392run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2393 const uint8_t mac[IEEE80211_ADDR_LEN]) 2394{ 2395 struct ieee80211com *ic = vap->iv_ic; 2396 struct run_softc *sc = ic->ic_ifp->if_softc; 2397 uint32_t i; 2398 2399 i = RUN_CMDQ_GET(&sc->cmdq_store); 2400 DPRINTF("cmdq_store=%d\n", i); 2401 sc->cmdq[i].func = run_key_set_cb; 2402 sc->cmdq[i].arg0 = NULL; 2403 sc->cmdq[i].arg1 = vap; 2404 sc->cmdq[i].k = k; 2405 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2406 ieee80211_runtask(ic, &sc->cmdq_task); 2407 2408 /* 2409 * To make sure key will be set when hostapd 2410 * calls iv_key_set() before if_init(). 2411 */ 2412 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2413 RUN_LOCK(sc); 2414 sc->cmdq_key_set = RUN_CMDQ_GO; 2415 RUN_UNLOCK(sc); 2416 } 2417 2418 return (1); 2419} 2420 2421/* 2422 * If wlan is destroyed without being brought down i.e. without 2423 * wlan down or wpa_cli terminate, this function is called after 2424 * vap is gone. Don't refer it. 2425 */ 2426static void 2427run_key_delete_cb(void *arg) 2428{ 2429 struct run_cmdq *cmdq = arg; 2430 struct run_softc *sc = cmdq->arg1; 2431 struct ieee80211_key *k = &cmdq->key; 2432 uint32_t attr; 2433 uint8_t wcid; 2434 2435 RUN_LOCK_ASSERT(sc, MA_OWNED); 2436 2437 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2438 /* remove group key */ 2439 DPRINTF("removing group key\n"); 2440 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2441 attr &= ~(0xf << (k->wk_keyix * 4)); 2442 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2443 } else { 2444 /* remove pairwise key */ 2445 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2446 /* matching wcid was written to wk_pad in run_key_set() */ 2447 wcid = k->wk_pad; 2448 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2449 attr &= ~0xf; 2450 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2451 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2452 } 2453 2454 k->wk_pad = 0; 2455} 2456 2457/* 2458 * return 0 on error 2459 */ 2460static int 2461run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2462{ 2463 struct ieee80211com *ic = vap->iv_ic; 2464 struct run_softc *sc = ic->ic_ifp->if_softc; 2465 struct ieee80211_key *k0; 2466 uint32_t i; 2467 2468 /* 2469 * When called back, key might be gone. So, make a copy 2470 * of some values need to delete keys before deferring. 2471 * But, because of LOR with node lock, cannot use lock here. 2472 * So, use atomic instead. 2473 */ 2474 i = RUN_CMDQ_GET(&sc->cmdq_store); 2475 DPRINTF("cmdq_store=%d\n", i); 2476 sc->cmdq[i].func = run_key_delete_cb; 2477 sc->cmdq[i].arg0 = NULL; 2478 sc->cmdq[i].arg1 = sc; 2479 k0 = &sc->cmdq[i].key; 2480 k0->wk_flags = k->wk_flags; 2481 k0->wk_keyix = k->wk_keyix; 2482 /* matching wcid was written to wk_pad in run_key_set() */ 2483 k0->wk_pad = k->wk_pad; 2484 ieee80211_runtask(ic, &sc->cmdq_task); 2485 return (1); /* return fake success */ 2486 2487} 2488 2489static void 2490run_ratectl_to(void *arg) 2491{ 2492 struct run_softc *sc = arg; 2493 2494 /* do it in a process context, so it can go sleep */ 2495 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2496 /* next timeout will be rescheduled in the callback task */ 2497} 2498 2499/* ARGSUSED */ 2500static void 2501run_ratectl_cb(void *arg, int pending) 2502{ 2503 struct run_softc *sc = arg; 2504 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2505 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2506 2507 if (vap == NULL) 2508 return; 2509 2510 if (sc->rvp_cnt > 1 || vap->iv_opmode != IEEE80211_M_STA) { 2511 /* 2512 * run_reset_livelock() doesn't do anything with AMRR, 2513 * but Ralink wants us to call it every 1 sec. So, we 2514 * piggyback here rather than creating another callout. 2515 * Livelock may occur only in HOSTAP or IBSS mode 2516 * (when h/w is sending beacons). 2517 */ 2518 RUN_LOCK(sc); 2519 run_reset_livelock(sc); 2520 /* just in case, there are some stats to drain */ 2521 run_drain_fifo(sc); 2522 RUN_UNLOCK(sc); 2523 } 2524 2525 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2526 2527 RUN_LOCK(sc); 2528 if(sc->ratectl_run != RUN_RATECTL_OFF) 2529 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2530 RUN_UNLOCK(sc); 2531} 2532 2533static void 2534run_drain_fifo(void *arg) 2535{ 2536 struct run_softc *sc = arg; 2537 struct ifnet *ifp = sc->sc_ifp; 2538 uint32_t stat; 2539 uint16_t (*wstat)[3]; 2540 uint8_t wcid, mcs, pid; 2541 int8_t retry; 2542 2543 RUN_LOCK_ASSERT(sc, MA_OWNED); 2544 2545 for (;;) { 2546 /* drain Tx status FIFO (maxsize = 16) */ 2547 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2548 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2549 if (!(stat & RT2860_TXQ_VLD)) 2550 break; 2551 2552 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2553 2554 /* if no ACK was requested, no feedback is available */ 2555 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2556 wcid == 0) 2557 continue; 2558 2559 /* 2560 * Even though each stat is Tx-complete-status like format, 2561 * the device can poll stats. Because there is no guarantee 2562 * that the referring node is still around when read the stats. 2563 * So that, if we use ieee80211_ratectl_tx_update(), we will 2564 * have hard time not to refer already freed node. 2565 * 2566 * To eliminate such page faults, we poll stats in softc. 2567 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2568 */ 2569 wstat = &(sc->wcid_stats[wcid]); 2570 (*wstat)[RUN_TXCNT]++; 2571 if (stat & RT2860_TXQ_OK) 2572 (*wstat)[RUN_SUCCESS]++; 2573 else 2574 ifp->if_oerrors++; 2575 /* 2576 * Check if there were retries, ie if the Tx success rate is 2577 * different from the requested rate. Note that it works only 2578 * because we do not allow rate fallback from OFDM to CCK. 2579 */ 2580 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2581 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2582 if ((retry = pid -1 - mcs) > 0) { 2583 (*wstat)[RUN_TXCNT] += retry; 2584 (*wstat)[RUN_RETRY] += retry; 2585 } 2586 } 2587 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2588 2589 sc->fifo_cnt = 0; 2590} 2591 2592static void 2593run_iter_func(void *arg, struct ieee80211_node *ni) 2594{ 2595 struct run_softc *sc = arg; 2596 struct ieee80211vap *vap = ni->ni_vap; 2597 struct ieee80211com *ic = ni->ni_ic; 2598 struct ifnet *ifp = ic->ic_ifp; 2599 struct run_node *rn = (void *)ni; 2600 union run_stats sta[2]; 2601 uint16_t (*wstat)[3]; 2602 int txcnt, success, retrycnt, error; 2603 2604 RUN_LOCK(sc); 2605 2606 /* Check for special case */ 2607 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA && 2608 ni != vap->iv_bss) 2609 goto fail; 2610 2611 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2612 vap->iv_opmode == IEEE80211_M_STA)) { 2613 /* read statistic counters (clear on read) and update AMRR state */ 2614 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2615 sizeof sta); 2616 if (error != 0) 2617 goto fail; 2618 2619 /* count failed TX as errors */ 2620 ifp->if_oerrors += le16toh(sta[0].error.fail); 2621 2622 retrycnt = le16toh(sta[1].tx.retry); 2623 success = le16toh(sta[1].tx.success); 2624 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2625 2626 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2627 retrycnt, success, le16toh(sta[0].error.fail)); 2628 } else { 2629 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2630 2631 if (wstat == &(sc->wcid_stats[0]) || 2632 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2633 goto fail; 2634 2635 txcnt = (*wstat)[RUN_TXCNT]; 2636 success = (*wstat)[RUN_SUCCESS]; 2637 retrycnt = (*wstat)[RUN_RETRY]; 2638 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2639 retrycnt, txcnt, success); 2640 2641 memset(wstat, 0, sizeof(*wstat)); 2642 } 2643 2644 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2645 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2646 2647fail: 2648 RUN_UNLOCK(sc); 2649 2650 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2651} 2652 2653static void 2654run_newassoc_cb(void *arg) 2655{ 2656 struct run_cmdq *cmdq = arg; 2657 struct ieee80211_node *ni = cmdq->arg1; 2658 struct run_softc *sc = ni->ni_vap->iv_ic->ic_ifp->if_softc; 2659 uint8_t wcid = cmdq->wcid; 2660 2661 RUN_LOCK_ASSERT(sc, MA_OWNED); 2662 2663 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2664 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2665 2666 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2667} 2668 2669static void 2670run_newassoc(struct ieee80211_node *ni, int isnew) 2671{ 2672 struct run_node *rn = (void *)ni; 2673 struct ieee80211_rateset *rs = &ni->ni_rates; 2674 struct ieee80211vap *vap = ni->ni_vap; 2675 struct ieee80211com *ic = vap->iv_ic; 2676 struct run_softc *sc = ic->ic_ifp->if_softc; 2677 uint8_t rate; 2678 uint8_t ridx; 2679 uint8_t wcid; 2680 int i, j; 2681 2682 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2683 1 : RUN_AID2WCID(ni->ni_associd); 2684 2685 if (wcid > RT2870_WCID_MAX) { 2686 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2687 return; 2688 } 2689 2690 /* only interested in true associations */ 2691 if (isnew && ni->ni_associd != 0) { 2692 2693 /* 2694 * This function could is called though timeout function. 2695 * Need to defer. 2696 */ 2697 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2698 DPRINTF("cmdq_store=%d\n", cnt); 2699 sc->cmdq[cnt].func = run_newassoc_cb; 2700 sc->cmdq[cnt].arg0 = NULL; 2701 sc->cmdq[cnt].arg1 = ni; 2702 sc->cmdq[cnt].wcid = wcid; 2703 ieee80211_runtask(ic, &sc->cmdq_task); 2704 } 2705 2706 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2707 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr)); 2708 2709 for (i = 0; i < rs->rs_nrates; i++) { 2710 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2711 /* convert 802.11 rate to hardware rate index */ 2712 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2713 if (rt2860_rates[ridx].rate == rate) 2714 break; 2715 rn->ridx[i] = ridx; 2716 /* determine rate of control response frames */ 2717 for (j = i; j >= 0; j--) { 2718 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2719 rt2860_rates[rn->ridx[i]].phy == 2720 rt2860_rates[rn->ridx[j]].phy) 2721 break; 2722 } 2723 if (j >= 0) { 2724 rn->ctl_ridx[i] = rn->ridx[j]; 2725 } else { 2726 /* no basic rate found, use mandatory one */ 2727 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2728 } 2729 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2730 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2731 } 2732 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2733 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2734 if (rt2860_rates[ridx].rate == rate) 2735 break; 2736 rn->mgt_ridx = ridx; 2737 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2738 2739 RUN_LOCK(sc); 2740 if(sc->ratectl_run != RUN_RATECTL_OFF) 2741 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2742 RUN_UNLOCK(sc); 2743} 2744 2745/* 2746 * Return the Rx chain with the highest RSSI for a given frame. 2747 */ 2748static __inline uint8_t 2749run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2750{ 2751 uint8_t rxchain = 0; 2752 2753 if (sc->nrxchains > 1) { 2754 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2755 rxchain = 1; 2756 if (sc->nrxchains > 2) 2757 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2758 rxchain = 2; 2759 } 2760 return (rxchain); 2761} 2762 2763static void 2764run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2765{ 2766 struct ifnet *ifp = sc->sc_ifp; 2767 struct ieee80211com *ic = ifp->if_l2com; 2768 struct ieee80211_frame *wh; 2769 struct ieee80211_node *ni; 2770 struct rt2870_rxd *rxd; 2771 struct rt2860_rxwi *rxwi; 2772 uint32_t flags; 2773 uint16_t len, rxwisize; 2774 uint8_t ant, rssi; 2775 int8_t nf; 2776 2777 rxwi = mtod(m, struct rt2860_rxwi *); 2778 len = le16toh(rxwi->len) & 0xfff; 2779 rxwisize = sizeof(struct rt2860_rxwi); 2780 if (sc->mac_ver == 0x5592) 2781 rxwisize += sizeof(uint64_t); 2782 else if (sc->mac_ver == 0x3593) 2783 rxwisize += sizeof(uint32_t); 2784 if (__predict_false(len > dmalen)) { 2785 m_freem(m); 2786 ifp->if_ierrors++; 2787 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2788 return; 2789 } 2790 /* Rx descriptor is located at the end */ 2791 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2792 flags = le32toh(rxd->flags); 2793 2794 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2795 m_freem(m); 2796 ifp->if_ierrors++; 2797 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2798 return; 2799 } 2800 2801 m->m_data += rxwisize; 2802 m->m_pkthdr.len = m->m_len -= rxwisize; 2803 2804 wh = mtod(m, struct ieee80211_frame *); 2805 2806 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2807 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 2808 m->m_flags |= M_WEP; 2809 } 2810 2811 if (flags & RT2860_RX_L2PAD) { 2812 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2813 len += 2; 2814 } 2815 2816 ni = ieee80211_find_rxnode(ic, 2817 mtod(m, struct ieee80211_frame_min *)); 2818 2819 if (__predict_false(flags & RT2860_RX_MICERR)) { 2820 /* report MIC failures to net80211 for TKIP */ 2821 if (ni != NULL) 2822 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2823 rxwi->keyidx); 2824 m_freem(m); 2825 ifp->if_ierrors++; 2826 DPRINTF("MIC error. Someone is lying.\n"); 2827 return; 2828 } 2829 2830 ant = run_maxrssi_chain(sc, rxwi); 2831 rssi = rxwi->rssi[ant]; 2832 nf = run_rssi2dbm(sc, rssi, ant); 2833 2834 m->m_pkthdr.rcvif = ifp; 2835 m->m_pkthdr.len = m->m_len = len; 2836 2837 if (ni != NULL) { 2838 (void)ieee80211_input(ni, m, rssi, nf); 2839 ieee80211_free_node(ni); 2840 } else { 2841 (void)ieee80211_input_all(ic, m, rssi, nf); 2842 } 2843 2844 if (__predict_false(ieee80211_radiotap_active(ic))) { 2845 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2846 uint16_t phy; 2847 2848 tap->wr_flags = 0; 2849 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2850 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2851 tap->wr_antsignal = rssi; 2852 tap->wr_antenna = ant; 2853 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2854 tap->wr_rate = 2; /* in case it can't be found below */ 2855 phy = le16toh(rxwi->phy); 2856 switch (phy & RT2860_PHY_MODE) { 2857 case RT2860_PHY_CCK: 2858 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2859 case 0: tap->wr_rate = 2; break; 2860 case 1: tap->wr_rate = 4; break; 2861 case 2: tap->wr_rate = 11; break; 2862 case 3: tap->wr_rate = 22; break; 2863 } 2864 if (phy & RT2860_PHY_SHPRE) 2865 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2866 break; 2867 case RT2860_PHY_OFDM: 2868 switch (phy & RT2860_PHY_MCS) { 2869 case 0: tap->wr_rate = 12; break; 2870 case 1: tap->wr_rate = 18; break; 2871 case 2: tap->wr_rate = 24; break; 2872 case 3: tap->wr_rate = 36; break; 2873 case 4: tap->wr_rate = 48; break; 2874 case 5: tap->wr_rate = 72; break; 2875 case 6: tap->wr_rate = 96; break; 2876 case 7: tap->wr_rate = 108; break; 2877 } 2878 break; 2879 } 2880 } 2881} 2882 2883static void 2884run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2885{ 2886 struct run_softc *sc = usbd_xfer_softc(xfer); 2887 struct ifnet *ifp = sc->sc_ifp; 2888 struct mbuf *m = NULL; 2889 struct mbuf *m0; 2890 uint32_t dmalen; 2891 uint16_t rxwisize; 2892 int xferlen; 2893 2894 rxwisize = sizeof(struct rt2860_rxwi); 2895 if (sc->mac_ver == 0x5592) 2896 rxwisize += sizeof(uint64_t); 2897 else if (sc->mac_ver == 0x3593) 2898 rxwisize += sizeof(uint32_t); 2899 2900 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2901 2902 switch (USB_GET_STATE(xfer)) { 2903 case USB_ST_TRANSFERRED: 2904 2905 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2906 2907 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2908 sizeof(struct rt2870_rxd))) { 2909 DPRINTF("xfer too short %d\n", xferlen); 2910 goto tr_setup; 2911 } 2912 2913 m = sc->rx_m; 2914 sc->rx_m = NULL; 2915 2916 /* FALLTHROUGH */ 2917 case USB_ST_SETUP: 2918tr_setup: 2919 if (sc->rx_m == NULL) { 2920 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2921 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2922 } 2923 if (sc->rx_m == NULL) { 2924 DPRINTF("could not allocate mbuf - idle with stall\n"); 2925 ifp->if_ierrors++; 2926 usbd_xfer_set_stall(xfer); 2927 usbd_xfer_set_frames(xfer, 0); 2928 } else { 2929 /* 2930 * Directly loading a mbuf cluster into DMA to 2931 * save some data copying. This works because 2932 * there is only one cluster. 2933 */ 2934 usbd_xfer_set_frame_data(xfer, 0, 2935 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2936 usbd_xfer_set_frames(xfer, 1); 2937 } 2938 usbd_transfer_submit(xfer); 2939 break; 2940 2941 default: /* Error */ 2942 if (error != USB_ERR_CANCELLED) { 2943 /* try to clear stall first */ 2944 usbd_xfer_set_stall(xfer); 2945 2946 if (error == USB_ERR_TIMEOUT) 2947 device_printf(sc->sc_dev, "device timeout\n"); 2948 2949 ifp->if_ierrors++; 2950 2951 goto tr_setup; 2952 } 2953 if (sc->rx_m != NULL) { 2954 m_freem(sc->rx_m); 2955 sc->rx_m = NULL; 2956 } 2957 break; 2958 } 2959 2960 if (m == NULL) 2961 return; 2962 2963 /* inputting all the frames must be last */ 2964 2965 RUN_UNLOCK(sc); 2966 2967 m->m_pkthdr.len = m->m_len = xferlen; 2968 2969 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2970 for(;;) { 2971 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2972 2973 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2974 ((dmalen & 3) != 0)) { 2975 DPRINTF("bad DMA length %u\n", dmalen); 2976 break; 2977 } 2978 if ((dmalen + 8) > (uint32_t)xferlen) { 2979 DPRINTF("bad DMA length %u > %d\n", 2980 dmalen + 8, xferlen); 2981 break; 2982 } 2983 2984 /* If it is the last one or a single frame, we won't copy. */ 2985 if ((xferlen -= dmalen + 8) <= 8) { 2986 /* trim 32-bit DMA-len header */ 2987 m->m_data += 4; 2988 m->m_pkthdr.len = m->m_len -= 4; 2989 run_rx_frame(sc, m, dmalen); 2990 m = NULL; /* don't free source buffer */ 2991 break; 2992 } 2993 2994 /* copy aggregated frames to another mbuf */ 2995 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 2996 if (__predict_false(m0 == NULL)) { 2997 DPRINTF("could not allocate mbuf\n"); 2998 ifp->if_ierrors++; 2999 break; 3000 } 3001 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 3002 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 3003 m0->m_pkthdr.len = m0->m_len = 3004 dmalen + sizeof(struct rt2870_rxd); 3005 run_rx_frame(sc, m0, dmalen); 3006 3007 /* update data ptr */ 3008 m->m_data += dmalen + 8; 3009 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3010 } 3011 3012 /* make sure we free the source buffer, if any */ 3013 m_freem(m); 3014 3015 RUN_LOCK(sc); 3016} 3017 3018static void 3019run_tx_free(struct run_endpoint_queue *pq, 3020 struct run_tx_data *data, int txerr) 3021{ 3022 if (data->m != NULL) { 3023 if (data->m->m_flags & M_TXCB) 3024 ieee80211_process_callback(data->ni, data->m, 3025 txerr ? ETIMEDOUT : 0); 3026 m_freem(data->m); 3027 data->m = NULL; 3028 3029 if (data->ni == NULL) { 3030 DPRINTF("no node\n"); 3031 } else { 3032 ieee80211_free_node(data->ni); 3033 data->ni = NULL; 3034 } 3035 } 3036 3037 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3038 pq->tx_nfree++; 3039} 3040 3041static void 3042run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3043{ 3044 struct run_softc *sc = usbd_xfer_softc(xfer); 3045 struct ifnet *ifp = sc->sc_ifp; 3046 struct ieee80211com *ic = ifp->if_l2com; 3047 struct run_tx_data *data; 3048 struct ieee80211vap *vap = NULL; 3049 struct usb_page_cache *pc; 3050 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3051 struct mbuf *m; 3052 usb_frlength_t size; 3053 int actlen; 3054 int sumlen; 3055 3056 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3057 3058 switch (USB_GET_STATE(xfer)) { 3059 case USB_ST_TRANSFERRED: 3060 DPRINTFN(11, "transfer complete: %d " 3061 "bytes @ index %d\n", actlen, index); 3062 3063 data = usbd_xfer_get_priv(xfer); 3064 3065 run_tx_free(pq, data, 0); 3066 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3067 3068 usbd_xfer_set_priv(xfer, NULL); 3069 3070 ifp->if_opackets++; 3071 3072 /* FALLTHROUGH */ 3073 case USB_ST_SETUP: 3074tr_setup: 3075 data = STAILQ_FIRST(&pq->tx_qh); 3076 if (data == NULL) 3077 break; 3078 3079 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3080 3081 m = data->m; 3082 size = (sc->mac_ver == 0x5592) ? 3083 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3084 if ((m->m_pkthdr.len + 3085 size + 3 + 8) > RUN_MAX_TXSZ) { 3086 DPRINTF("data overflow, %u bytes\n", 3087 m->m_pkthdr.len); 3088 3089 ifp->if_oerrors++; 3090 3091 run_tx_free(pq, data, 1); 3092 3093 goto tr_setup; 3094 } 3095 3096 pc = usbd_xfer_get_frame(xfer, 0); 3097 usbd_copy_in(pc, 0, &data->desc, size); 3098 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3099 size += m->m_pkthdr.len; 3100 /* 3101 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3102 * 4-byte padding), and be sure to zero those trailing 3103 * bytes: 3104 */ 3105 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3106 size += ((-size) & 3) + 8; 3107 3108 vap = data->ni->ni_vap; 3109 if (ieee80211_radiotap_active_vap(vap)) { 3110 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3111 struct rt2860_txwi *txwi = 3112 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3113 tap->wt_flags = 0; 3114 tap->wt_rate = rt2860_rates[data->ridx].rate; 3115 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3116 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3117 tap->wt_hwqueue = index; 3118 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3119 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3120 3121 ieee80211_radiotap_tx(vap, m); 3122 } 3123 3124 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3125 m->m_pkthdr.len, size, index); 3126 3127 usbd_xfer_set_frame_len(xfer, 0, size); 3128 usbd_xfer_set_priv(xfer, data); 3129 3130 usbd_transfer_submit(xfer); 3131 3132 RUN_UNLOCK(sc); 3133 run_start(ifp); 3134 RUN_LOCK(sc); 3135 3136 break; 3137 3138 default: 3139 DPRINTF("USB transfer error, %s\n", 3140 usbd_errstr(error)); 3141 3142 data = usbd_xfer_get_priv(xfer); 3143 3144 ifp->if_oerrors++; 3145 3146 if (data != NULL) { 3147 if(data->ni != NULL) 3148 vap = data->ni->ni_vap; 3149 run_tx_free(pq, data, error); 3150 usbd_xfer_set_priv(xfer, NULL); 3151 } 3152 if (vap == NULL) 3153 vap = TAILQ_FIRST(&ic->ic_vaps); 3154 3155 if (error != USB_ERR_CANCELLED) { 3156 if (error == USB_ERR_TIMEOUT) { 3157 device_printf(sc->sc_dev, "device timeout\n"); 3158 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3159 DPRINTF("cmdq_store=%d\n", i); 3160 sc->cmdq[i].func = run_usb_timeout_cb; 3161 sc->cmdq[i].arg0 = vap; 3162 ieee80211_runtask(ic, &sc->cmdq_task); 3163 } 3164 3165 /* 3166 * Try to clear stall first, also if other 3167 * errors occur, hence clearing stall 3168 * introduces a 50 ms delay: 3169 */ 3170 usbd_xfer_set_stall(xfer); 3171 goto tr_setup; 3172 } 3173 break; 3174 } 3175} 3176 3177static void 3178run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3179{ 3180 run_bulk_tx_callbackN(xfer, error, 0); 3181} 3182 3183static void 3184run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3185{ 3186 run_bulk_tx_callbackN(xfer, error, 1); 3187} 3188 3189static void 3190run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3191{ 3192 run_bulk_tx_callbackN(xfer, error, 2); 3193} 3194 3195static void 3196run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3197{ 3198 run_bulk_tx_callbackN(xfer, error, 3); 3199} 3200 3201static void 3202run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3203{ 3204 run_bulk_tx_callbackN(xfer, error, 4); 3205} 3206 3207static void 3208run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3209{ 3210 run_bulk_tx_callbackN(xfer, error, 5); 3211} 3212 3213static void 3214run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3215{ 3216 struct mbuf *m = data->m; 3217 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3218 struct ieee80211vap *vap = data->ni->ni_vap; 3219 struct ieee80211_frame *wh; 3220 struct rt2870_txd *txd; 3221 struct rt2860_txwi *txwi; 3222 uint16_t xferlen, txwisize; 3223 uint16_t mcs; 3224 uint8_t ridx = data->ridx; 3225 uint8_t pad; 3226 3227 /* get MCS code from rate index */ 3228 mcs = rt2860_rates[ridx].mcs; 3229 3230 txwisize = (sc->mac_ver == 0x5592) ? 3231 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3232 xferlen = txwisize + m->m_pkthdr.len; 3233 3234 /* roundup to 32-bit alignment */ 3235 xferlen = (xferlen + 3) & ~3; 3236 3237 txd = (struct rt2870_txd *)&data->desc; 3238 txd->len = htole16(xferlen); 3239 3240 wh = mtod(m, struct ieee80211_frame *); 3241 3242 /* 3243 * Ether both are true or both are false, the header 3244 * are nicely aligned to 32-bit. So, no L2 padding. 3245 */ 3246 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3247 pad = 0; 3248 else 3249 pad = 2; 3250 3251 /* setup TX Wireless Information */ 3252 txwi = (struct rt2860_txwi *)(txd + 1); 3253 txwi->len = htole16(m->m_pkthdr.len - pad); 3254 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3255 txwi->phy = htole16(RT2860_PHY_CCK); 3256 if (ridx != RT2860_RIDX_CCK1 && 3257 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3258 mcs |= RT2860_PHY_SHPRE; 3259 } else 3260 txwi->phy = htole16(RT2860_PHY_OFDM); 3261 txwi->phy |= htole16(mcs); 3262 3263 /* check if RTS/CTS or CTS-to-self protection is required */ 3264 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3265 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3266 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3267 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3268 txwi->txop |= RT2860_TX_TXOP_HT; 3269 else 3270 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3271 3272 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3273 txwi->xflags |= RT2860_TX_NSEQ; 3274} 3275 3276/* This function must be called locked */ 3277static int 3278run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3279{ 3280 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3281 struct ieee80211vap *vap = ni->ni_vap; 3282 struct ieee80211_frame *wh; 3283 struct ieee80211_channel *chan; 3284 const struct ieee80211_txparam *tp; 3285 struct run_node *rn = (void *)ni; 3286 struct run_tx_data *data; 3287 struct rt2870_txd *txd; 3288 struct rt2860_txwi *txwi; 3289 uint16_t qos; 3290 uint16_t dur; 3291 uint16_t qid; 3292 uint8_t type; 3293 uint8_t tid; 3294 uint8_t ridx; 3295 uint8_t ctl_ridx; 3296 uint8_t qflags; 3297 uint8_t xflags = 0; 3298 int hasqos; 3299 3300 RUN_LOCK_ASSERT(sc, MA_OWNED); 3301 3302 wh = mtod(m, struct ieee80211_frame *); 3303 3304 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3305 3306 /* 3307 * There are 7 bulk endpoints: 1 for RX 3308 * and 6 for TX (4 EDCAs + HCCA + Prio). 3309 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3310 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3311 */ 3312 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3313 uint8_t *frm; 3314 3315 if(IEEE80211_HAS_ADDR4(wh)) 3316 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3317 else 3318 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3319 3320 qos = le16toh(*(const uint16_t *)frm); 3321 tid = qos & IEEE80211_QOS_TID; 3322 qid = TID_TO_WME_AC(tid); 3323 } else { 3324 qos = 0; 3325 tid = 0; 3326 qid = WME_AC_BE; 3327 } 3328 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3329 3330 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3331 qos, qid, tid, qflags); 3332 3333 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3334 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3335 3336 /* pickup a rate index */ 3337 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3338 type != IEEE80211_FC0_TYPE_DATA) { 3339 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3340 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3341 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3342 } else { 3343 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3344 ridx = rn->fix_ridx; 3345 else 3346 ridx = rn->amrr_ridx; 3347 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3348 } 3349 3350 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3351 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3352 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3353 xflags |= RT2860_TX_ACK; 3354 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3355 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3356 else 3357 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3358 USETW(wh->i_dur, dur); 3359 } 3360 3361 /* reserve slots for mgmt packets, just in case */ 3362 if (sc->sc_epq[qid].tx_nfree < 3) { 3363 DPRINTFN(10, "tx ring %d is full\n", qid); 3364 return (-1); 3365 } 3366 3367 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3368 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3369 sc->sc_epq[qid].tx_nfree--; 3370 3371 txd = (struct rt2870_txd *)&data->desc; 3372 txd->flags = qflags; 3373 txwi = (struct rt2860_txwi *)(txd + 1); 3374 txwi->xflags = xflags; 3375 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3376 txwi->wcid = 0; 3377 else 3378 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3379 1 : RUN_AID2WCID(ni->ni_associd); 3380 3381 /* clear leftover garbage bits */ 3382 txwi->flags = 0; 3383 txwi->txop = 0; 3384 3385 data->m = m; 3386 data->ni = ni; 3387 data->ridx = ridx; 3388 3389 run_set_tx_desc(sc, data); 3390 3391 /* 3392 * The chip keeps track of 2 kind of Tx stats, 3393 * * TX_STAT_FIFO, for per WCID stats, and 3394 * * TX_STA_CNT0 for all-TX-in-one stats. 3395 * 3396 * To use FIFO stats, we need to store MCS into the driver-private 3397 * PacketID field. So that, we can tell whose stats when we read them. 3398 * We add 1 to the MCS because setting the PacketID field to 0 means 3399 * that we don't want feedback in TX_STAT_FIFO. 3400 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3401 * 3402 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3403 */ 3404 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3405 vap->iv_opmode == IEEE80211_M_MBSS) { 3406 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3407 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3408 3409 /* 3410 * Unlike PCI based devices, we don't get any interrupt from 3411 * USB devices, so we simulate FIFO-is-full interrupt here. 3412 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3413 * quickly get fulled. To prevent overflow, increment a counter on 3414 * every FIFO stat request, so we know how many slots are left. 3415 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3416 * are used only in those modes. 3417 * We just drain stats. AMRR gets updated every 1 sec by 3418 * run_ratectl_cb() via callout. 3419 * Call it early. Otherwise overflow. 3420 */ 3421 if (sc->fifo_cnt++ == 10) { 3422 /* 3423 * With multiple vaps or if_bridge, if_start() is called 3424 * with a non-sleepable lock, tcpinp. So, need to defer. 3425 */ 3426 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3427 DPRINTFN(6, "cmdq_store=%d\n", i); 3428 sc->cmdq[i].func = run_drain_fifo; 3429 sc->cmdq[i].arg0 = sc; 3430 ieee80211_runtask(ic, &sc->cmdq_task); 3431 } 3432 } 3433 3434 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3435 3436 usbd_transfer_start(sc->sc_xfer[qid]); 3437 3438 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3439 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3440 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3441 3442 return (0); 3443} 3444 3445static int 3446run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3447{ 3448 struct ifnet *ifp = sc->sc_ifp; 3449 struct ieee80211com *ic = ifp->if_l2com; 3450 struct run_node *rn = (void *)ni; 3451 struct run_tx_data *data; 3452 struct ieee80211_frame *wh; 3453 struct rt2870_txd *txd; 3454 struct rt2860_txwi *txwi; 3455 uint16_t dur; 3456 uint8_t ridx = rn->mgt_ridx; 3457 uint8_t type; 3458 uint8_t xflags = 0; 3459 uint8_t wflags = 0; 3460 3461 RUN_LOCK_ASSERT(sc, MA_OWNED); 3462 3463 wh = mtod(m, struct ieee80211_frame *); 3464 3465 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3466 3467 /* tell hardware to add timestamp for probe responses */ 3468 if ((wh->i_fc[0] & 3469 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3470 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3471 wflags |= RT2860_TX_TS; 3472 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3473 xflags |= RT2860_TX_ACK; 3474 3475 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3476 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3477 USETW(wh->i_dur, dur); 3478 } 3479 3480 if (sc->sc_epq[0].tx_nfree == 0) { 3481 /* let caller free mbuf */ 3482 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3483 return (EIO); 3484 } 3485 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3486 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3487 sc->sc_epq[0].tx_nfree--; 3488 3489 txd = (struct rt2870_txd *)&data->desc; 3490 txd->flags = RT2860_TX_QSEL_EDCA; 3491 txwi = (struct rt2860_txwi *)(txd + 1); 3492 txwi->wcid = 0xff; 3493 txwi->flags = wflags; 3494 txwi->xflags = xflags; 3495 txwi->txop = 0; /* clear leftover garbage bits */ 3496 3497 data->m = m; 3498 data->ni = ni; 3499 data->ridx = ridx; 3500 3501 run_set_tx_desc(sc, data); 3502 3503 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3504 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3505 rt2860_rates[ridx].rate); 3506 3507 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3508 3509 usbd_transfer_start(sc->sc_xfer[0]); 3510 3511 return (0); 3512} 3513 3514static int 3515run_sendprot(struct run_softc *sc, 3516 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3517{ 3518 struct ieee80211com *ic = ni->ni_ic; 3519 struct ieee80211_frame *wh; 3520 struct run_tx_data *data; 3521 struct rt2870_txd *txd; 3522 struct rt2860_txwi *txwi; 3523 struct mbuf *mprot; 3524 int ridx; 3525 int protrate; 3526 int ackrate; 3527 int pktlen; 3528 int isshort; 3529 uint16_t dur; 3530 uint8_t type; 3531 uint8_t wflags = 0; 3532 uint8_t xflags = 0; 3533 3534 RUN_LOCK_ASSERT(sc, MA_OWNED); 3535 3536 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3537 ("protection %d", prot)); 3538 3539 wh = mtod(m, struct ieee80211_frame *); 3540 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3541 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3542 3543 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3544 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3545 3546 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3547 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3548 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3549 wflags = RT2860_TX_FRAG; 3550 3551 /* check that there are free slots before allocating the mbuf */ 3552 if (sc->sc_epq[0].tx_nfree == 0) { 3553 /* let caller free mbuf */ 3554 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3555 return (ENOBUFS); 3556 } 3557 3558 if (prot == IEEE80211_PROT_RTSCTS) { 3559 /* NB: CTS is the same size as an ACK */ 3560 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3561 xflags |= RT2860_TX_ACK; 3562 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3563 } else { 3564 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3565 } 3566 if (mprot == NULL) { 3567 sc->sc_ifp->if_oerrors++; 3568 DPRINTF("could not allocate mbuf\n"); 3569 return (ENOBUFS); 3570 } 3571 3572 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3573 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3574 sc->sc_epq[0].tx_nfree--; 3575 3576 txd = (struct rt2870_txd *)&data->desc; 3577 txd->flags = RT2860_TX_QSEL_EDCA; 3578 txwi = (struct rt2860_txwi *)(txd + 1); 3579 txwi->wcid = 0xff; 3580 txwi->flags = wflags; 3581 txwi->xflags = xflags; 3582 txwi->txop = 0; /* clear leftover garbage bits */ 3583 3584 data->m = mprot; 3585 data->ni = ieee80211_ref_node(ni); 3586 3587 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3588 if (rt2860_rates[ridx].rate == protrate) 3589 break; 3590 data->ridx = ridx; 3591 3592 run_set_tx_desc(sc, data); 3593 3594 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3595 m->m_pkthdr.len, rate); 3596 3597 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3598 3599 usbd_transfer_start(sc->sc_xfer[0]); 3600 3601 return (0); 3602} 3603 3604static int 3605run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3606 const struct ieee80211_bpf_params *params) 3607{ 3608 struct ieee80211com *ic = ni->ni_ic; 3609 struct ieee80211_frame *wh; 3610 struct run_tx_data *data; 3611 struct rt2870_txd *txd; 3612 struct rt2860_txwi *txwi; 3613 uint8_t type; 3614 uint8_t ridx; 3615 uint8_t rate; 3616 uint8_t opflags = 0; 3617 uint8_t xflags = 0; 3618 int error; 3619 3620 RUN_LOCK_ASSERT(sc, MA_OWNED); 3621 3622 KASSERT(params != NULL, ("no raw xmit params")); 3623 3624 wh = mtod(m, struct ieee80211_frame *); 3625 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3626 3627 rate = params->ibp_rate0; 3628 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3629 /* let caller free mbuf */ 3630 return (EINVAL); 3631 } 3632 3633 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3634 xflags |= RT2860_TX_ACK; 3635 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3636 error = run_sendprot(sc, m, ni, 3637 params->ibp_flags & IEEE80211_BPF_RTS ? 3638 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3639 rate); 3640 if (error) { 3641 /* let caller free mbuf */ 3642 return error; 3643 } 3644 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3645 } 3646 3647 if (sc->sc_epq[0].tx_nfree == 0) { 3648 /* let caller free mbuf */ 3649 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3650 DPRINTF("sending raw frame, but tx ring is full\n"); 3651 return (EIO); 3652 } 3653 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3654 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3655 sc->sc_epq[0].tx_nfree--; 3656 3657 txd = (struct rt2870_txd *)&data->desc; 3658 txd->flags = RT2860_TX_QSEL_EDCA; 3659 txwi = (struct rt2860_txwi *)(txd + 1); 3660 txwi->wcid = 0xff; 3661 txwi->xflags = xflags; 3662 txwi->txop = opflags; 3663 txwi->flags = 0; /* clear leftover garbage bits */ 3664 3665 data->m = m; 3666 data->ni = ni; 3667 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3668 if (rt2860_rates[ridx].rate == rate) 3669 break; 3670 data->ridx = ridx; 3671 3672 run_set_tx_desc(sc, data); 3673 3674 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3675 m->m_pkthdr.len, rate); 3676 3677 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3678 3679 usbd_transfer_start(sc->sc_xfer[0]); 3680 3681 return (0); 3682} 3683 3684static int 3685run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3686 const struct ieee80211_bpf_params *params) 3687{ 3688 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3689 struct run_softc *sc = ifp->if_softc; 3690 int error = 0; 3691 3692 RUN_LOCK(sc); 3693 3694 /* prevent management frames from being sent if we're not ready */ 3695 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3696 error = ENETDOWN; 3697 goto done; 3698 } 3699 3700 if (params == NULL) { 3701 /* tx mgt packet */ 3702 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3703 ifp->if_oerrors++; 3704 DPRINTF("mgt tx failed\n"); 3705 goto done; 3706 } 3707 } else { 3708 /* tx raw packet with param */ 3709 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3710 ifp->if_oerrors++; 3711 DPRINTF("tx with param failed\n"); 3712 goto done; 3713 } 3714 } 3715 3716 ifp->if_opackets++; 3717 3718done: 3719 RUN_UNLOCK(sc); 3720 3721 if (error != 0) { 3722 if(m != NULL) 3723 m_freem(m); 3724 ieee80211_free_node(ni); 3725 } 3726 3727 return (error); 3728} 3729 3730static void 3731run_start(struct ifnet *ifp) 3732{ 3733 struct run_softc *sc = ifp->if_softc; 3734 struct ieee80211_node *ni; 3735 struct mbuf *m; 3736 3737 RUN_LOCK(sc); 3738 3739 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 3740 RUN_UNLOCK(sc); 3741 return; 3742 } 3743 3744 for (;;) { 3745 /* send data frames */ 3746 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 3747 if (m == NULL) 3748 break; 3749 3750 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3751 if (run_tx(sc, m, ni) != 0) { 3752 IFQ_DRV_PREPEND(&ifp->if_snd, m); 3753 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3754 break; 3755 } 3756 } 3757 3758 RUN_UNLOCK(sc); 3759} 3760 3761static int 3762run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3763{ 3764 struct run_softc *sc = ifp->if_softc; 3765 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3766 struct ifreq *ifr = (struct ifreq *) data; 3767 int startall = 0; 3768 int error; 3769 3770 RUN_LOCK(sc); 3771 error = sc->sc_detached ? ENXIO : 0; 3772 RUN_UNLOCK(sc); 3773 if (error) 3774 return (error); 3775 3776 switch (cmd) { 3777 case SIOCSIFFLAGS: 3778 RUN_LOCK(sc); 3779 if (ifp->if_flags & IFF_UP) { 3780 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){ 3781 startall = 1; 3782 run_init_locked(sc); 3783 } else 3784 run_update_promisc_locked(ifp); 3785 } else { 3786 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 3787 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3788 run_stop(sc); 3789 } 3790 } 3791 RUN_UNLOCK(sc); 3792 if (startall) 3793 ieee80211_start_all(ic); 3794 break; 3795 case SIOCGIFMEDIA: 3796 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3797 break; 3798 case SIOCGIFADDR: 3799 error = ether_ioctl(ifp, cmd, data); 3800 break; 3801 default: 3802 error = EINVAL; 3803 break; 3804 } 3805 3806 return (error); 3807} 3808 3809static void 3810run_iq_calib(struct run_softc *sc, u_int chan) 3811{ 3812 uint16_t val; 3813 3814 /* Tx0 IQ gain. */ 3815 run_bbp_write(sc, 158, 0x2c); 3816 if (chan <= 14) 3817 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3818 else if (chan <= 64) { 3819 run_efuse_read(sc, 3820 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3821 &val, 1); 3822 } else if (chan <= 138) { 3823 run_efuse_read(sc, 3824 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3825 &val, 1); 3826 } else if (chan <= 165) { 3827 run_efuse_read(sc, 3828 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3829 &val, 1); 3830 } else 3831 val = 0; 3832 run_bbp_write(sc, 159, val); 3833 3834 /* Tx0 IQ phase. */ 3835 run_bbp_write(sc, 158, 0x2d); 3836 if (chan <= 14) { 3837 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3838 &val, 1); 3839 } else if (chan <= 64) { 3840 run_efuse_read(sc, 3841 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3842 &val, 1); 3843 } else if (chan <= 138) { 3844 run_efuse_read(sc, 3845 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3846 &val, 1); 3847 } else if (chan <= 165) { 3848 run_efuse_read(sc, 3849 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3850 &val, 1); 3851 } else 3852 val = 0; 3853 run_bbp_write(sc, 159, val); 3854 3855 /* Tx1 IQ gain. */ 3856 run_bbp_write(sc, 158, 0x4a); 3857 if (chan <= 14) { 3858 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3859 &val, 1); 3860 } else if (chan <= 64) { 3861 run_efuse_read(sc, 3862 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3863 &val, 1); 3864 } else if (chan <= 138) { 3865 run_efuse_read(sc, 3866 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3867 &val, 1); 3868 } else if (chan <= 165) { 3869 run_efuse_read(sc, 3870 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3871 &val, 1); 3872 } else 3873 val = 0; 3874 run_bbp_write(sc, 159, val); 3875 3876 /* Tx1 IQ phase. */ 3877 run_bbp_write(sc, 158, 0x4b); 3878 if (chan <= 14) { 3879 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3880 &val, 1); 3881 } else if (chan <= 64) { 3882 run_efuse_read(sc, 3883 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3884 &val, 1); 3885 } else if (chan <= 138) { 3886 run_efuse_read(sc, 3887 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3888 &val, 1); 3889 } else if (chan <= 165) { 3890 run_efuse_read(sc, 3891 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3892 &val, 1); 3893 } else 3894 val = 0; 3895 run_bbp_write(sc, 159, val); 3896 3897 /* RF IQ compensation control. */ 3898 run_bbp_write(sc, 158, 0x04); 3899 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3900 &val, 1); 3901 run_bbp_write(sc, 159, val); 3902 3903 /* RF IQ imbalance compensation control. */ 3904 run_bbp_write(sc, 158, 0x03); 3905 run_efuse_read(sc, 3906 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3907 run_bbp_write(sc, 159, val); 3908} 3909 3910static void 3911run_set_agc(struct run_softc *sc, uint8_t agc) 3912{ 3913 uint8_t bbp; 3914 3915 if (sc->mac_ver == 0x3572) { 3916 run_bbp_read(sc, 27, &bbp); 3917 bbp &= ~(0x3 << 5); 3918 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3919 run_bbp_write(sc, 66, agc); 3920 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3921 run_bbp_write(sc, 66, agc); 3922 } else 3923 run_bbp_write(sc, 66, agc); 3924} 3925 3926static void 3927run_select_chan_group(struct run_softc *sc, int group) 3928{ 3929 uint32_t tmp; 3930 uint8_t agc; 3931 3932 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3933 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3934 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3935 if (sc->mac_ver < 0x3572) 3936 run_bbp_write(sc, 86, 0x00); 3937 3938 if (sc->mac_ver == 0x3593) { 3939 run_bbp_write(sc, 77, 0x98); 3940 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3941 } 3942 3943 if (group == 0) { 3944 if (sc->ext_2ghz_lna) { 3945 if (sc->mac_ver >= 0x5390) 3946 run_bbp_write(sc, 75, 0x52); 3947 else { 3948 run_bbp_write(sc, 82, 0x62); 3949 run_bbp_write(sc, 75, 0x46); 3950 } 3951 } else { 3952 if (sc->mac_ver == 0x5592) { 3953 run_bbp_write(sc, 79, 0x1c); 3954 run_bbp_write(sc, 80, 0x0e); 3955 run_bbp_write(sc, 81, 0x3a); 3956 run_bbp_write(sc, 82, 0x62); 3957 3958 run_bbp_write(sc, 195, 0x80); 3959 run_bbp_write(sc, 196, 0xe0); 3960 run_bbp_write(sc, 195, 0x81); 3961 run_bbp_write(sc, 196, 0x1f); 3962 run_bbp_write(sc, 195, 0x82); 3963 run_bbp_write(sc, 196, 0x38); 3964 run_bbp_write(sc, 195, 0x83); 3965 run_bbp_write(sc, 196, 0x32); 3966 run_bbp_write(sc, 195, 0x85); 3967 run_bbp_write(sc, 196, 0x28); 3968 run_bbp_write(sc, 195, 0x86); 3969 run_bbp_write(sc, 196, 0x19); 3970 } else if (sc->mac_ver >= 0x5390) 3971 run_bbp_write(sc, 75, 0x50); 3972 else { 3973 run_bbp_write(sc, 82, 3974 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3975 run_bbp_write(sc, 75, 0x50); 3976 } 3977 } 3978 } else { 3979 if (sc->mac_ver == 0x5592) { 3980 run_bbp_write(sc, 79, 0x18); 3981 run_bbp_write(sc, 80, 0x08); 3982 run_bbp_write(sc, 81, 0x38); 3983 run_bbp_write(sc, 82, 0x92); 3984 3985 run_bbp_write(sc, 195, 0x80); 3986 run_bbp_write(sc, 196, 0xf0); 3987 run_bbp_write(sc, 195, 0x81); 3988 run_bbp_write(sc, 196, 0x1e); 3989 run_bbp_write(sc, 195, 0x82); 3990 run_bbp_write(sc, 196, 0x28); 3991 run_bbp_write(sc, 195, 0x83); 3992 run_bbp_write(sc, 196, 0x20); 3993 run_bbp_write(sc, 195, 0x85); 3994 run_bbp_write(sc, 196, 0x7f); 3995 run_bbp_write(sc, 195, 0x86); 3996 run_bbp_write(sc, 196, 0x7f); 3997 } else if (sc->mac_ver == 0x3572) 3998 run_bbp_write(sc, 82, 0x94); 3999 else 4000 run_bbp_write(sc, 82, 4001 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 4002 if (sc->ext_5ghz_lna) 4003 run_bbp_write(sc, 75, 0x46); 4004 else 4005 run_bbp_write(sc, 75, 0x50); 4006 } 4007 4008 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 4009 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4010 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4011 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4012 4013 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4014 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4015 if (sc->mac_ver == 0x3593) 4016 tmp |= 1 << 29 | 1 << 28; 4017 if (sc->nrxchains > 1) 4018 tmp |= RT2860_LNA_PE1_EN; 4019 if (group == 0) { /* 2GHz */ 4020 tmp |= RT2860_PA_PE_G0_EN; 4021 if (sc->ntxchains > 1) 4022 tmp |= RT2860_PA_PE_G1_EN; 4023 if (sc->mac_ver == 0x3593) { 4024 if (sc->ntxchains > 2) 4025 tmp |= 1 << 25; 4026 } 4027 } else { /* 5GHz */ 4028 tmp |= RT2860_PA_PE_A0_EN; 4029 if (sc->ntxchains > 1) 4030 tmp |= RT2860_PA_PE_A1_EN; 4031 } 4032 if (sc->mac_ver == 0x3572) { 4033 run_rt3070_rf_write(sc, 8, 0x00); 4034 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4035 run_rt3070_rf_write(sc, 8, 0x80); 4036 } else 4037 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4038 4039 if (sc->mac_ver == 0x5592) { 4040 run_bbp_write(sc, 195, 0x8d); 4041 run_bbp_write(sc, 196, 0x1a); 4042 } 4043 4044 if (sc->mac_ver == 0x3593) { 4045 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4046 tmp &= ~0x01010000; 4047 if (group == 0) 4048 tmp |= 0x00010000; 4049 tmp = (tmp & ~0x00009090) | 0x00000090; 4050 run_write(sc, RT2860_GPIO_CTRL, tmp); 4051 } 4052 4053 /* set initial AGC value */ 4054 if (group == 0) { /* 2GHz band */ 4055 if (sc->mac_ver >= 0x3070) 4056 agc = 0x1c + sc->lna[0] * 2; 4057 else 4058 agc = 0x2e + sc->lna[0]; 4059 } else { /* 5GHz band */ 4060 if (sc->mac_ver == 0x5592) 4061 agc = 0x24 + sc->lna[group] * 2; 4062 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4063 agc = 0x22 + (sc->lna[group] * 5) / 3; 4064 else 4065 agc = 0x32 + (sc->lna[group] * 5) / 3; 4066 } 4067 run_set_agc(sc, agc); 4068} 4069 4070static void 4071run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4072{ 4073 const struct rfprog *rfprog = rt2860_rf2850; 4074 uint32_t r2, r3, r4; 4075 int8_t txpow1, txpow2; 4076 int i; 4077 4078 /* find the settings for this channel (we know it exists) */ 4079 for (i = 0; rfprog[i].chan != chan; i++); 4080 4081 r2 = rfprog[i].r2; 4082 if (sc->ntxchains == 1) 4083 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4084 if (sc->nrxchains == 1) 4085 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4086 else if (sc->nrxchains == 2) 4087 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4088 4089 /* use Tx power values from EEPROM */ 4090 txpow1 = sc->txpow1[i]; 4091 txpow2 = sc->txpow2[i]; 4092 4093 /* Initialize RF R3 and R4. */ 4094 r3 = rfprog[i].r3 & 0xffffc1ff; 4095 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4096 if (chan > 14) { 4097 if (txpow1 >= 0) { 4098 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4099 r3 |= (txpow1 << 10) | (1 << 9); 4100 } else { 4101 txpow1 += 7; 4102 4103 /* txpow1 is not possible larger than 15. */ 4104 r3 |= (txpow1 << 10); 4105 } 4106 if (txpow2 >= 0) { 4107 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4108 r4 |= (txpow2 << 7) | (1 << 6); 4109 } else { 4110 txpow2 += 7; 4111 r4 |= (txpow2 << 7); 4112 } 4113 } else { 4114 /* Set Tx0 power. */ 4115 r3 |= (txpow1 << 9); 4116 4117 /* Set frequency offset and Tx1 power. */ 4118 r4 |= (txpow2 << 6); 4119 } 4120 4121 run_rt2870_rf_write(sc, rfprog[i].r1); 4122 run_rt2870_rf_write(sc, r2); 4123 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4124 run_rt2870_rf_write(sc, r4); 4125 4126 run_delay(sc, 10); 4127 4128 run_rt2870_rf_write(sc, rfprog[i].r1); 4129 run_rt2870_rf_write(sc, r2); 4130 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4131 run_rt2870_rf_write(sc, r4); 4132 4133 run_delay(sc, 10); 4134 4135 run_rt2870_rf_write(sc, rfprog[i].r1); 4136 run_rt2870_rf_write(sc, r2); 4137 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4138 run_rt2870_rf_write(sc, r4); 4139} 4140 4141static void 4142run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4143{ 4144 int8_t txpow1, txpow2; 4145 uint8_t rf; 4146 int i; 4147 4148 /* find the settings for this channel (we know it exists) */ 4149 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4150 4151 /* use Tx power values from EEPROM */ 4152 txpow1 = sc->txpow1[i]; 4153 txpow2 = sc->txpow2[i]; 4154 4155 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4156 4157 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4158 run_rt3070_rf_read(sc, 3, &rf); 4159 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4160 run_rt3070_rf_write(sc, 3, rf); 4161 4162 run_rt3070_rf_read(sc, 6, &rf); 4163 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4164 run_rt3070_rf_write(sc, 6, rf); 4165 4166 /* set Tx0 power */ 4167 run_rt3070_rf_read(sc, 12, &rf); 4168 rf = (rf & ~0x1f) | txpow1; 4169 run_rt3070_rf_write(sc, 12, rf); 4170 4171 /* set Tx1 power */ 4172 run_rt3070_rf_read(sc, 13, &rf); 4173 rf = (rf & ~0x1f) | txpow2; 4174 run_rt3070_rf_write(sc, 13, rf); 4175 4176 run_rt3070_rf_read(sc, 1, &rf); 4177 rf &= ~0xfc; 4178 if (sc->ntxchains == 1) 4179 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4180 else if (sc->ntxchains == 2) 4181 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4182 if (sc->nrxchains == 1) 4183 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4184 else if (sc->nrxchains == 2) 4185 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4186 run_rt3070_rf_write(sc, 1, rf); 4187 4188 /* set RF offset */ 4189 run_rt3070_rf_read(sc, 23, &rf); 4190 rf = (rf & ~0x7f) | sc->freq; 4191 run_rt3070_rf_write(sc, 23, rf); 4192 4193 /* program RF filter */ 4194 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4195 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4196 run_rt3070_rf_write(sc, 24, rf); 4197 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4198 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4199 run_rt3070_rf_write(sc, 31, rf); 4200 4201 /* enable RF tuning */ 4202 run_rt3070_rf_read(sc, 7, &rf); 4203 run_rt3070_rf_write(sc, 7, rf | 0x01); 4204} 4205 4206static void 4207run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4208{ 4209 int8_t txpow1, txpow2; 4210 uint32_t tmp; 4211 uint8_t rf; 4212 int i; 4213 4214 /* find the settings for this channel (we know it exists) */ 4215 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4216 4217 /* use Tx power values from EEPROM */ 4218 txpow1 = sc->txpow1[i]; 4219 txpow2 = sc->txpow2[i]; 4220 4221 if (chan <= 14) { 4222 run_bbp_write(sc, 25, sc->bbp25); 4223 run_bbp_write(sc, 26, sc->bbp26); 4224 } else { 4225 /* enable IQ phase correction */ 4226 run_bbp_write(sc, 25, 0x09); 4227 run_bbp_write(sc, 26, 0xff); 4228 } 4229 4230 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4231 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4232 run_rt3070_rf_read(sc, 6, &rf); 4233 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4234 rf |= (chan <= 14) ? 0x08 : 0x04; 4235 run_rt3070_rf_write(sc, 6, rf); 4236 4237 /* set PLL mode */ 4238 run_rt3070_rf_read(sc, 5, &rf); 4239 rf &= ~(0x08 | 0x04); 4240 rf |= (chan <= 14) ? 0x04 : 0x08; 4241 run_rt3070_rf_write(sc, 5, rf); 4242 4243 /* set Tx power for chain 0 */ 4244 if (chan <= 14) 4245 rf = 0x60 | txpow1; 4246 else 4247 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4248 run_rt3070_rf_write(sc, 12, rf); 4249 4250 /* set Tx power for chain 1 */ 4251 if (chan <= 14) 4252 rf = 0x60 | txpow2; 4253 else 4254 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4255 run_rt3070_rf_write(sc, 13, rf); 4256 4257 /* set Tx/Rx streams */ 4258 run_rt3070_rf_read(sc, 1, &rf); 4259 rf &= ~0xfc; 4260 if (sc->ntxchains == 1) 4261 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4262 else if (sc->ntxchains == 2) 4263 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4264 if (sc->nrxchains == 1) 4265 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4266 else if (sc->nrxchains == 2) 4267 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4268 run_rt3070_rf_write(sc, 1, rf); 4269 4270 /* set RF offset */ 4271 run_rt3070_rf_read(sc, 23, &rf); 4272 rf = (rf & ~0x7f) | sc->freq; 4273 run_rt3070_rf_write(sc, 23, rf); 4274 4275 /* program RF filter */ 4276 rf = sc->rf24_20mhz; 4277 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4278 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4279 4280 /* enable RF tuning */ 4281 run_rt3070_rf_read(sc, 7, &rf); 4282 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4283 run_rt3070_rf_write(sc, 7, rf); 4284 4285 /* TSSI */ 4286 rf = (chan <= 14) ? 0xc3 : 0xc0; 4287 run_rt3070_rf_write(sc, 9, rf); 4288 4289 /* set loop filter 1 */ 4290 run_rt3070_rf_write(sc, 10, 0xf1); 4291 /* set loop filter 2 */ 4292 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4293 4294 /* set tx_mx2_ic */ 4295 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4296 /* set tx_mx1_ic */ 4297 if (chan <= 14) 4298 rf = 0x48 | sc->txmixgain_2ghz; 4299 else 4300 rf = 0x78 | sc->txmixgain_5ghz; 4301 run_rt3070_rf_write(sc, 16, rf); 4302 4303 /* set tx_lo1 */ 4304 run_rt3070_rf_write(sc, 17, 0x23); 4305 /* set tx_lo2 */ 4306 if (chan <= 14) 4307 rf = 0x93; 4308 else if (chan <= 64) 4309 rf = 0xb7; 4310 else if (chan <= 128) 4311 rf = 0x74; 4312 else 4313 rf = 0x72; 4314 run_rt3070_rf_write(sc, 19, rf); 4315 4316 /* set rx_lo1 */ 4317 if (chan <= 14) 4318 rf = 0xb3; 4319 else if (chan <= 64) 4320 rf = 0xf6; 4321 else if (chan <= 128) 4322 rf = 0xf4; 4323 else 4324 rf = 0xf3; 4325 run_rt3070_rf_write(sc, 20, rf); 4326 4327 /* set pfd_delay */ 4328 if (chan <= 14) 4329 rf = 0x15; 4330 else if (chan <= 64) 4331 rf = 0x3d; 4332 else 4333 rf = 0x01; 4334 run_rt3070_rf_write(sc, 25, rf); 4335 4336 /* set rx_lo2 */ 4337 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4338 /* set ldo_rf_vc */ 4339 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4340 /* set drv_cc */ 4341 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4342 4343 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4344 tmp &= ~0x8080; 4345 if (chan <= 14) 4346 tmp |= 0x80; 4347 run_write(sc, RT2860_GPIO_CTRL, tmp); 4348 4349 /* enable RF tuning */ 4350 run_rt3070_rf_read(sc, 7, &rf); 4351 run_rt3070_rf_write(sc, 7, rf | 0x01); 4352 4353 run_delay(sc, 2); 4354} 4355 4356static void 4357run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4358{ 4359 int8_t txpow1, txpow2, txpow3; 4360 uint8_t h20mhz, rf; 4361 int i; 4362 4363 /* find the settings for this channel (we know it exists) */ 4364 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4365 4366 /* use Tx power values from EEPROM */ 4367 txpow1 = sc->txpow1[i]; 4368 txpow2 = sc->txpow2[i]; 4369 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4370 4371 if (chan <= 14) { 4372 run_bbp_write(sc, 25, sc->bbp25); 4373 run_bbp_write(sc, 26, sc->bbp26); 4374 } else { 4375 /* Enable IQ phase correction. */ 4376 run_bbp_write(sc, 25, 0x09); 4377 run_bbp_write(sc, 26, 0xff); 4378 } 4379 4380 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4381 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4382 run_rt3070_rf_read(sc, 11, &rf); 4383 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4384 run_rt3070_rf_write(sc, 11, rf); 4385 4386 /* Set pll_idoh. */ 4387 run_rt3070_rf_read(sc, 11, &rf); 4388 rf &= ~0x4c; 4389 rf |= (chan <= 14) ? 0x44 : 0x48; 4390 run_rt3070_rf_write(sc, 11, rf); 4391 4392 if (chan <= 14) 4393 rf = txpow1 & 0x1f; 4394 else 4395 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4396 run_rt3070_rf_write(sc, 53, rf); 4397 4398 if (chan <= 14) 4399 rf = txpow2 & 0x1f; 4400 else 4401 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4402 run_rt3070_rf_write(sc, 55, rf); 4403 4404 if (chan <= 14) 4405 rf = txpow3 & 0x1f; 4406 else 4407 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4408 run_rt3070_rf_write(sc, 54, rf); 4409 4410 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4411 if (sc->ntxchains == 3) 4412 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4413 else 4414 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4415 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4416 run_rt3070_rf_write(sc, 1, rf); 4417 4418 run_adjust_freq_offset(sc); 4419 4420 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4421 4422 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4423 run_rt3070_rf_read(sc, 30, &rf); 4424 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4425 run_rt3070_rf_write(sc, 30, rf); 4426 4427 run_rt3070_rf_read(sc, 36, &rf); 4428 if (chan <= 14) 4429 rf |= 0x80; 4430 else 4431 rf &= ~0x80; 4432 run_rt3070_rf_write(sc, 36, rf); 4433 4434 /* Set vcolo_bs. */ 4435 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4436 /* Set pfd_delay. */ 4437 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4438 4439 /* Set vco bias current control. */ 4440 run_rt3070_rf_read(sc, 6, &rf); 4441 rf &= ~0xc0; 4442 if (chan <= 14) 4443 rf |= 0x40; 4444 else if (chan <= 128) 4445 rf |= 0x80; 4446 else 4447 rf |= 0x40; 4448 run_rt3070_rf_write(sc, 6, rf); 4449 4450 run_rt3070_rf_read(sc, 30, &rf); 4451 rf = (rf & ~0x18) | 0x10; 4452 run_rt3070_rf_write(sc, 30, rf); 4453 4454 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4455 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4456 4457 run_rt3070_rf_read(sc, 51, &rf); 4458 rf = (rf & ~0x03) | 0x01; 4459 run_rt3070_rf_write(sc, 51, rf); 4460 /* Set tx_mx1_cc. */ 4461 run_rt3070_rf_read(sc, 51, &rf); 4462 rf &= ~0x1c; 4463 rf |= (chan <= 14) ? 0x14 : 0x10; 4464 run_rt3070_rf_write(sc, 51, rf); 4465 /* Set tx_mx1_ic. */ 4466 run_rt3070_rf_read(sc, 51, &rf); 4467 rf &= ~0xe0; 4468 rf |= (chan <= 14) ? 0x60 : 0x40; 4469 run_rt3070_rf_write(sc, 51, rf); 4470 /* Set tx_lo1_ic. */ 4471 run_rt3070_rf_read(sc, 49, &rf); 4472 rf &= ~0x1c; 4473 rf |= (chan <= 14) ? 0x0c : 0x08; 4474 run_rt3070_rf_write(sc, 49, rf); 4475 /* Set tx_lo1_en. */ 4476 run_rt3070_rf_read(sc, 50, &rf); 4477 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4478 /* Set drv_cc. */ 4479 run_rt3070_rf_read(sc, 57, &rf); 4480 rf &= ~0xfc; 4481 rf |= (chan <= 14) ? 0x6c : 0x3c; 4482 run_rt3070_rf_write(sc, 57, rf); 4483 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4484 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4485 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4486 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4487 /* Enable VCO calibration. */ 4488 run_rt3070_rf_read(sc, 3, &rf); 4489 rf &= ~RT5390_VCOCAL; 4490 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4491 run_rt3070_rf_write(sc, 3, rf); 4492 4493 if (chan <= 14) 4494 rf = 0x23; 4495 else if (chan <= 64) 4496 rf = 0x36; 4497 else if (chan <= 128) 4498 rf = 0x32; 4499 else 4500 rf = 0x30; 4501 run_rt3070_rf_write(sc, 39, rf); 4502 if (chan <= 14) 4503 rf = 0xbb; 4504 else if (chan <= 64) 4505 rf = 0xeb; 4506 else if (chan <= 128) 4507 rf = 0xb3; 4508 else 4509 rf = 0x9b; 4510 run_rt3070_rf_write(sc, 45, rf); 4511 4512 /* Set FEQ/AEQ control. */ 4513 run_bbp_write(sc, 105, 0x34); 4514} 4515 4516static void 4517run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4518{ 4519 int8_t txpow1, txpow2; 4520 uint8_t rf; 4521 int i; 4522 4523 /* find the settings for this channel (we know it exists) */ 4524 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4525 4526 /* use Tx power values from EEPROM */ 4527 txpow1 = sc->txpow1[i]; 4528 txpow2 = sc->txpow2[i]; 4529 4530 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4531 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4532 run_rt3070_rf_read(sc, 11, &rf); 4533 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4534 run_rt3070_rf_write(sc, 11, rf); 4535 4536 run_rt3070_rf_read(sc, 49, &rf); 4537 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4538 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4539 if ((rf & 0x3f) > 0x27) 4540 rf = (rf & ~0x3f) | 0x27; 4541 run_rt3070_rf_write(sc, 49, rf); 4542 4543 if (sc->mac_ver == 0x5392) { 4544 run_rt3070_rf_read(sc, 50, &rf); 4545 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4546 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4547 if ((rf & 0x3f) > 0x27) 4548 rf = (rf & ~0x3f) | 0x27; 4549 run_rt3070_rf_write(sc, 50, rf); 4550 } 4551 4552 run_rt3070_rf_read(sc, 1, &rf); 4553 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4554 if (sc->mac_ver == 0x5392) 4555 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4556 run_rt3070_rf_write(sc, 1, rf); 4557 4558 if (sc->mac_ver != 0x5392) { 4559 run_rt3070_rf_read(sc, 2, &rf); 4560 rf |= 0x80; 4561 run_rt3070_rf_write(sc, 2, rf); 4562 run_delay(sc, 10); 4563 rf &= 0x7f; 4564 run_rt3070_rf_write(sc, 2, rf); 4565 } 4566 4567 run_adjust_freq_offset(sc); 4568 4569 if (sc->mac_ver == 0x5392) { 4570 /* Fix for RT5392C. */ 4571 if (sc->mac_rev >= 0x0223) { 4572 if (chan <= 4) 4573 rf = 0x0f; 4574 else if (chan >= 5 && chan <= 7) 4575 rf = 0x0e; 4576 else 4577 rf = 0x0d; 4578 run_rt3070_rf_write(sc, 23, rf); 4579 4580 if (chan <= 4) 4581 rf = 0x0c; 4582 else if (chan == 5) 4583 rf = 0x0b; 4584 else if (chan >= 6 && chan <= 7) 4585 rf = 0x0a; 4586 else if (chan >= 8 && chan <= 10) 4587 rf = 0x09; 4588 else 4589 rf = 0x08; 4590 run_rt3070_rf_write(sc, 59, rf); 4591 } else { 4592 if (chan <= 11) 4593 rf = 0x0f; 4594 else 4595 rf = 0x0b; 4596 run_rt3070_rf_write(sc, 59, rf); 4597 } 4598 } else { 4599 /* Fix for RT5390F. */ 4600 if (sc->mac_rev >= 0x0502) { 4601 if (chan <= 11) 4602 rf = 0x43; 4603 else 4604 rf = 0x23; 4605 run_rt3070_rf_write(sc, 55, rf); 4606 4607 if (chan <= 11) 4608 rf = 0x0f; 4609 else if (chan == 12) 4610 rf = 0x0d; 4611 else 4612 rf = 0x0b; 4613 run_rt3070_rf_write(sc, 59, rf); 4614 } else { 4615 run_rt3070_rf_write(sc, 55, 0x44); 4616 run_rt3070_rf_write(sc, 59, 0x8f); 4617 } 4618 } 4619 4620 /* Enable VCO calibration. */ 4621 run_rt3070_rf_read(sc, 3, &rf); 4622 rf |= RT5390_VCOCAL; 4623 run_rt3070_rf_write(sc, 3, rf); 4624} 4625 4626static void 4627run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4628{ 4629 const struct rt5592_freqs *freqs; 4630 uint32_t tmp; 4631 uint8_t reg, rf, txpow_bound; 4632 int8_t txpow1, txpow2; 4633 int i; 4634 4635 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4636 freqs = (tmp & RT5592_SEL_XTAL) ? 4637 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4638 4639 /* find the settings for this channel (we know it exists) */ 4640 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4641 4642 /* use Tx power values from EEPROM */ 4643 txpow1 = sc->txpow1[i]; 4644 txpow2 = sc->txpow2[i]; 4645 4646 run_read(sc, RT3070_LDO_CFG0, &tmp); 4647 tmp &= ~0x1c000000; 4648 if (chan > 14) 4649 tmp |= 0x14000000; 4650 run_write(sc, RT3070_LDO_CFG0, tmp); 4651 4652 /* N setting. */ 4653 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4654 run_rt3070_rf_read(sc, 9, &rf); 4655 rf &= ~(1 << 4); 4656 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4657 run_rt3070_rf_write(sc, 9, rf); 4658 4659 /* K setting. */ 4660 run_rt3070_rf_read(sc, 9, &rf); 4661 rf &= ~0x0f; 4662 rf |= (freqs->k & 0x0f); 4663 run_rt3070_rf_write(sc, 9, rf); 4664 4665 /* Mode setting. */ 4666 run_rt3070_rf_read(sc, 11, &rf); 4667 rf &= ~0x0c; 4668 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4669 run_rt3070_rf_write(sc, 11, rf); 4670 run_rt3070_rf_read(sc, 9, &rf); 4671 rf &= ~(1 << 7); 4672 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4673 run_rt3070_rf_write(sc, 9, rf); 4674 4675 /* R setting. */ 4676 run_rt3070_rf_read(sc, 11, &rf); 4677 rf &= ~0x03; 4678 rf |= (freqs->r - 0x1); 4679 run_rt3070_rf_write(sc, 11, rf); 4680 4681 if (chan <= 14) { 4682 /* Initialize RF registers for 2GHZ. */ 4683 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 4684 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4685 rt5592_2ghz_def_rf[i].val); 4686 } 4687 4688 rf = (chan <= 10) ? 0x07 : 0x06; 4689 run_rt3070_rf_write(sc, 23, rf); 4690 run_rt3070_rf_write(sc, 59, rf); 4691 4692 run_rt3070_rf_write(sc, 55, 0x43); 4693 4694 /* 4695 * RF R49/R50 Tx power ALC code. 4696 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4697 */ 4698 reg = 2; 4699 txpow_bound = 0x27; 4700 } else { 4701 /* Initialize RF registers for 5GHZ. */ 4702 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 4703 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4704 rt5592_5ghz_def_rf[i].val); 4705 } 4706 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 4707 if (chan >= rt5592_chan_5ghz[i].firstchan && 4708 chan <= rt5592_chan_5ghz[i].lastchan) { 4709 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4710 rt5592_chan_5ghz[i].val); 4711 } 4712 } 4713 4714 /* 4715 * RF R49/R50 Tx power ALC code. 4716 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4717 */ 4718 reg = 3; 4719 txpow_bound = 0x2b; 4720 } 4721 4722 /* RF R49 ch0 Tx power ALC code. */ 4723 run_rt3070_rf_read(sc, 49, &rf); 4724 rf &= ~0xc0; 4725 rf |= (reg << 6); 4726 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4727 if ((rf & 0x3f) > txpow_bound) 4728 rf = (rf & ~0x3f) | txpow_bound; 4729 run_rt3070_rf_write(sc, 49, rf); 4730 4731 /* RF R50 ch1 Tx power ALC code. */ 4732 run_rt3070_rf_read(sc, 50, &rf); 4733 rf &= ~(1 << 7 | 1 << 6); 4734 rf |= (reg << 6); 4735 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4736 if ((rf & 0x3f) > txpow_bound) 4737 rf = (rf & ~0x3f) | txpow_bound; 4738 run_rt3070_rf_write(sc, 50, rf); 4739 4740 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4741 run_rt3070_rf_read(sc, 1, &rf); 4742 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4743 if (sc->ntxchains > 1) 4744 rf |= RT3070_TX1_PD; 4745 if (sc->nrxchains > 1) 4746 rf |= RT3070_RX1_PD; 4747 run_rt3070_rf_write(sc, 1, rf); 4748 4749 run_rt3070_rf_write(sc, 6, 0xe4); 4750 4751 run_rt3070_rf_write(sc, 30, 0x10); 4752 run_rt3070_rf_write(sc, 31, 0x80); 4753 run_rt3070_rf_write(sc, 32, 0x80); 4754 4755 run_adjust_freq_offset(sc); 4756 4757 /* Enable VCO calibration. */ 4758 run_rt3070_rf_read(sc, 3, &rf); 4759 rf |= RT5390_VCOCAL; 4760 run_rt3070_rf_write(sc, 3, rf); 4761} 4762 4763static void 4764run_set_rx_antenna(struct run_softc *sc, int aux) 4765{ 4766 uint32_t tmp; 4767 uint8_t bbp152; 4768 4769 if (aux) { 4770 if (sc->rf_rev == RT5390_RF_5370) { 4771 run_bbp_read(sc, 152, &bbp152); 4772 run_bbp_write(sc, 152, bbp152 & ~0x80); 4773 } else { 4774 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4775 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4776 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4777 } 4778 } else { 4779 if (sc->rf_rev == RT5390_RF_5370) { 4780 run_bbp_read(sc, 152, &bbp152); 4781 run_bbp_write(sc, 152, bbp152 | 0x80); 4782 } else { 4783 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4784 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4785 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4786 } 4787 } 4788} 4789 4790static int 4791run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4792{ 4793 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4794 u_int chan, group; 4795 4796 chan = ieee80211_chan2ieee(ic, c); 4797 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4798 return (EINVAL); 4799 4800 if (sc->mac_ver == 0x5592) 4801 run_rt5592_set_chan(sc, chan); 4802 else if (sc->mac_ver >= 0x5390) 4803 run_rt5390_set_chan(sc, chan); 4804 else if (sc->mac_ver == 0x3593) 4805 run_rt3593_set_chan(sc, chan); 4806 else if (sc->mac_ver == 0x3572) 4807 run_rt3572_set_chan(sc, chan); 4808 else if (sc->mac_ver >= 0x3070) 4809 run_rt3070_set_chan(sc, chan); 4810 else 4811 run_rt2870_set_chan(sc, chan); 4812 4813 /* determine channel group */ 4814 if (chan <= 14) 4815 group = 0; 4816 else if (chan <= 64) 4817 group = 1; 4818 else if (chan <= 128) 4819 group = 2; 4820 else 4821 group = 3; 4822 4823 /* XXX necessary only when group has changed! */ 4824 run_select_chan_group(sc, group); 4825 4826 run_delay(sc, 10); 4827 4828 /* Perform IQ calibration. */ 4829 if (sc->mac_ver >= 0x5392) 4830 run_iq_calib(sc, chan); 4831 4832 return (0); 4833} 4834 4835static void 4836run_set_channel(struct ieee80211com *ic) 4837{ 4838 struct run_softc *sc = ic->ic_ifp->if_softc; 4839 4840 RUN_LOCK(sc); 4841 run_set_chan(sc, ic->ic_curchan); 4842 RUN_UNLOCK(sc); 4843 4844 return; 4845} 4846 4847static void 4848run_scan_start(struct ieee80211com *ic) 4849{ 4850 struct run_softc *sc = ic->ic_ifp->if_softc; 4851 uint32_t tmp; 4852 4853 RUN_LOCK(sc); 4854 4855 /* abort TSF synchronization */ 4856 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4857 run_write(sc, RT2860_BCN_TIME_CFG, 4858 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4859 RT2860_TBTT_TIMER_EN)); 4860 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4861 4862 RUN_UNLOCK(sc); 4863 4864 return; 4865} 4866 4867static void 4868run_scan_end(struct ieee80211com *ic) 4869{ 4870 struct run_softc *sc = ic->ic_ifp->if_softc; 4871 4872 RUN_LOCK(sc); 4873 4874 run_enable_tsf_sync(sc); 4875 /* XXX keep local copy */ 4876 run_set_bssid(sc, sc->sc_bssid); 4877 4878 RUN_UNLOCK(sc); 4879 4880 return; 4881} 4882 4883/* 4884 * Could be called from ieee80211_node_timeout() 4885 * (non-sleepable thread) 4886 */ 4887static void 4888run_update_beacon(struct ieee80211vap *vap, int item) 4889{ 4890 struct ieee80211com *ic = vap->iv_ic; 4891 struct run_softc *sc = ic->ic_ifp->if_softc; 4892 struct run_vap *rvp = RUN_VAP(vap); 4893 int mcast = 0; 4894 uint32_t i; 4895 4896 KASSERT(vap != NULL, ("no beacon")); 4897 4898 switch (item) { 4899 case IEEE80211_BEACON_ERP: 4900 run_updateslot(ic->ic_ifp); 4901 break; 4902 case IEEE80211_BEACON_HTINFO: 4903 run_updateprot(ic); 4904 break; 4905 case IEEE80211_BEACON_TIM: 4906 mcast = 1; /*TODO*/ 4907 break; 4908 default: 4909 break; 4910 } 4911 4912 setbit(rvp->bo.bo_flags, item); 4913 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4914 4915 i = RUN_CMDQ_GET(&sc->cmdq_store); 4916 DPRINTF("cmdq_store=%d\n", i); 4917 sc->cmdq[i].func = run_update_beacon_cb; 4918 sc->cmdq[i].arg0 = vap; 4919 ieee80211_runtask(ic, &sc->cmdq_task); 4920 4921 return; 4922} 4923 4924static void 4925run_update_beacon_cb(void *arg) 4926{ 4927 struct ieee80211vap *vap = arg; 4928 struct run_vap *rvp = RUN_VAP(vap); 4929 struct ieee80211com *ic = vap->iv_ic; 4930 struct run_softc *sc = ic->ic_ifp->if_softc; 4931 struct rt2860_txwi txwi; 4932 struct mbuf *m; 4933 uint16_t txwisize; 4934 uint8_t ridx; 4935 4936 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4937 return; 4938 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4939 return; 4940 4941 /* 4942 * No need to call ieee80211_beacon_update(), run_update_beacon() 4943 * is taking care of apropriate calls. 4944 */ 4945 if (rvp->beacon_mbuf == NULL) { 4946 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4947 &rvp->bo); 4948 if (rvp->beacon_mbuf == NULL) 4949 return; 4950 } 4951 m = rvp->beacon_mbuf; 4952 4953 memset(&txwi, 0, sizeof(txwi)); 4954 txwi.wcid = 0xff; 4955 txwi.len = htole16(m->m_pkthdr.len); 4956 4957 /* send beacons at the lowest available rate */ 4958 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4959 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4960 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4961 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4962 txwi.phy |= htole16(RT2860_PHY_OFDM); 4963 txwi.txop = RT2860_TX_TXOP_HT; 4964 txwi.flags = RT2860_TX_TS; 4965 txwi.xflags = RT2860_TX_NSEQ; 4966 4967 txwisize = (sc->mac_ver == 0x5592) ? 4968 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4969 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4970 txwisize); 4971 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4972 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4973} 4974 4975static void 4976run_updateprot(struct ieee80211com *ic) 4977{ 4978 struct run_softc *sc = ic->ic_ifp->if_softc; 4979 uint32_t i; 4980 4981 i = RUN_CMDQ_GET(&sc->cmdq_store); 4982 DPRINTF("cmdq_store=%d\n", i); 4983 sc->cmdq[i].func = run_updateprot_cb; 4984 sc->cmdq[i].arg0 = ic; 4985 ieee80211_runtask(ic, &sc->cmdq_task); 4986} 4987 4988static void 4989run_updateprot_cb(void *arg) 4990{ 4991 struct ieee80211com *ic = arg; 4992 struct run_softc *sc = ic->ic_ifp->if_softc; 4993 uint32_t tmp; 4994 4995 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 4996 /* setup protection frame rate (MCS code) */ 4997 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 4998 rt2860_rates[RT2860_RIDX_OFDM6].mcs : 4999 rt2860_rates[RT2860_RIDX_CCK11].mcs; 5000 5001 /* CCK frames don't require protection */ 5002 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 5003 if (ic->ic_flags & IEEE80211_F_USEPROT) { 5004 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 5005 tmp |= RT2860_PROT_CTRL_RTS_CTS; 5006 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 5007 tmp |= RT2860_PROT_CTRL_CTS; 5008 } 5009 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5010} 5011 5012static void 5013run_usb_timeout_cb(void *arg) 5014{ 5015 struct ieee80211vap *vap = arg; 5016 struct run_softc *sc = vap->iv_ic->ic_ifp->if_softc; 5017 5018 RUN_LOCK_ASSERT(sc, MA_OWNED); 5019 5020 if(vap->iv_state == IEEE80211_S_RUN && 5021 vap->iv_opmode != IEEE80211_M_STA) 5022 run_reset_livelock(sc); 5023 else if (vap->iv_state == IEEE80211_S_SCAN) { 5024 DPRINTF("timeout caused by scan\n"); 5025 /* cancel bgscan */ 5026 ieee80211_cancel_scan(vap); 5027 } else 5028 DPRINTF("timeout by unknown cause\n"); 5029} 5030 5031static void 5032run_reset_livelock(struct run_softc *sc) 5033{ 5034 uint32_t tmp; 5035 5036 RUN_LOCK_ASSERT(sc, MA_OWNED); 5037 5038 /* 5039 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5040 * can run into a livelock and start sending CTS-to-self frames like 5041 * crazy if protection is enabled. Reset MAC/BBP for a while 5042 */ 5043 run_read(sc, RT2860_DEBUG, &tmp); 5044 DPRINTFN(3, "debug reg %08x\n", tmp); 5045 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5046 DPRINTF("CTS-to-self livelock detected\n"); 5047 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5048 run_delay(sc, 1); 5049 run_write(sc, RT2860_MAC_SYS_CTRL, 5050 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5051 } 5052} 5053 5054static void 5055run_update_promisc_locked(struct ifnet *ifp) 5056{ 5057 struct run_softc *sc = ifp->if_softc; 5058 uint32_t tmp; 5059 5060 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5061 5062 tmp |= RT2860_DROP_UC_NOME; 5063 if (ifp->if_flags & IFF_PROMISC) 5064 tmp &= ~RT2860_DROP_UC_NOME; 5065 5066 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5067 5068 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 5069 "entering" : "leaving"); 5070} 5071 5072static void 5073run_update_promisc(struct ifnet *ifp) 5074{ 5075 struct run_softc *sc = ifp->if_softc; 5076 5077 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 5078 return; 5079 5080 RUN_LOCK(sc); 5081 run_update_promisc_locked(ifp); 5082 RUN_UNLOCK(sc); 5083} 5084 5085static void 5086run_enable_tsf_sync(struct run_softc *sc) 5087{ 5088 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5089 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5090 uint32_t tmp; 5091 5092 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5093 ic->ic_opmode); 5094 5095 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5096 tmp &= ~0x1fffff; 5097 tmp |= vap->iv_bss->ni_intval * 16; 5098 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5099 5100 if (ic->ic_opmode == IEEE80211_M_STA) { 5101 /* 5102 * Local TSF is always updated with remote TSF on beacon 5103 * reception. 5104 */ 5105 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5106 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5107 tmp |= RT2860_BCN_TX_EN; 5108 /* 5109 * Local TSF is updated with remote TSF on beacon reception 5110 * only if the remote TSF is greater than local TSF. 5111 */ 5112 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5113 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5114 ic->ic_opmode == IEEE80211_M_MBSS) { 5115 tmp |= RT2860_BCN_TX_EN; 5116 /* SYNC with nobody */ 5117 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5118 } else { 5119 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5120 return; 5121 } 5122 5123 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5124} 5125 5126static void 5127run_enable_mrr(struct run_softc *sc) 5128{ 5129#define CCK(mcs) (mcs) 5130#define OFDM(mcs) (1 << 3 | (mcs)) 5131 run_write(sc, RT2860_LG_FBK_CFG0, 5132 OFDM(6) << 28 | /* 54->48 */ 5133 OFDM(5) << 24 | /* 48->36 */ 5134 OFDM(4) << 20 | /* 36->24 */ 5135 OFDM(3) << 16 | /* 24->18 */ 5136 OFDM(2) << 12 | /* 18->12 */ 5137 OFDM(1) << 8 | /* 12-> 9 */ 5138 OFDM(0) << 4 | /* 9-> 6 */ 5139 OFDM(0)); /* 6-> 6 */ 5140 5141 run_write(sc, RT2860_LG_FBK_CFG1, 5142 CCK(2) << 12 | /* 11->5.5 */ 5143 CCK(1) << 8 | /* 5.5-> 2 */ 5144 CCK(0) << 4 | /* 2-> 1 */ 5145 CCK(0)); /* 1-> 1 */ 5146#undef OFDM 5147#undef CCK 5148} 5149 5150static void 5151run_set_txpreamble(struct run_softc *sc) 5152{ 5153 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5154 uint32_t tmp; 5155 5156 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5157 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5158 tmp |= RT2860_CCK_SHORT_EN; 5159 else 5160 tmp &= ~RT2860_CCK_SHORT_EN; 5161 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5162} 5163 5164static void 5165run_set_basicrates(struct run_softc *sc) 5166{ 5167 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5168 5169 /* set basic rates mask */ 5170 if (ic->ic_curmode == IEEE80211_MODE_11B) 5171 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5172 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5173 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5174 else /* 11g */ 5175 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5176} 5177 5178static void 5179run_set_leds(struct run_softc *sc, uint16_t which) 5180{ 5181 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5182 which | (sc->leds & 0x7f)); 5183} 5184 5185static void 5186run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5187{ 5188 run_write(sc, RT2860_MAC_BSSID_DW0, 5189 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5190 run_write(sc, RT2860_MAC_BSSID_DW1, 5191 bssid[4] | bssid[5] << 8); 5192} 5193 5194static void 5195run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5196{ 5197 run_write(sc, RT2860_MAC_ADDR_DW0, 5198 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5199 run_write(sc, RT2860_MAC_ADDR_DW1, 5200 addr[4] | addr[5] << 8 | 0xff << 16); 5201} 5202 5203static void 5204run_updateslot(struct ifnet *ifp) 5205{ 5206 struct run_softc *sc = ifp->if_softc; 5207 struct ieee80211com *ic = ifp->if_l2com; 5208 uint32_t i; 5209 5210 i = RUN_CMDQ_GET(&sc->cmdq_store); 5211 DPRINTF("cmdq_store=%d\n", i); 5212 sc->cmdq[i].func = run_updateslot_cb; 5213 sc->cmdq[i].arg0 = ifp; 5214 ieee80211_runtask(ic, &sc->cmdq_task); 5215 5216 return; 5217} 5218 5219/* ARGSUSED */ 5220static void 5221run_updateslot_cb(void *arg) 5222{ 5223 struct ifnet *ifp = arg; 5224 struct run_softc *sc = ifp->if_softc; 5225 struct ieee80211com *ic = ifp->if_l2com; 5226 uint32_t tmp; 5227 5228 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5229 tmp &= ~0xff; 5230 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5231 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5232} 5233 5234static void 5235run_update_mcast(struct ifnet *ifp) 5236{ 5237 /* h/w filter supports getting everything or nothing */ 5238 ifp->if_flags |= IFF_ALLMULTI; 5239} 5240 5241static int8_t 5242run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5243{ 5244 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5245 struct ieee80211_channel *c = ic->ic_curchan; 5246 int delta; 5247 5248 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5249 u_int chan = ieee80211_chan2ieee(ic, c); 5250 delta = sc->rssi_5ghz[rxchain]; 5251 5252 /* determine channel group */ 5253 if (chan <= 64) 5254 delta -= sc->lna[1]; 5255 else if (chan <= 128) 5256 delta -= sc->lna[2]; 5257 else 5258 delta -= sc->lna[3]; 5259 } else 5260 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5261 5262 return (-12 - delta - rssi); 5263} 5264 5265static void 5266run_rt5390_bbp_init(struct run_softc *sc) 5267{ 5268 int i; 5269 uint8_t bbp; 5270 5271 /* Apply maximum likelihood detection for 2 stream case. */ 5272 run_bbp_read(sc, 105, &bbp); 5273 if (sc->nrxchains > 1) 5274 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5275 5276 /* Avoid data lost and CRC error. */ 5277 run_bbp_read(sc, 4, &bbp); 5278 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5279 5280 if (sc->mac_ver == 0x5592) { 5281 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 5282 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5283 rt5592_def_bbp[i].val); 5284 } 5285 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 5286 run_bbp_write(sc, 195, i + 0x80); 5287 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5288 } 5289 } else { 5290 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 5291 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5292 rt5390_def_bbp[i].val); 5293 } 5294 } 5295 if (sc->mac_ver == 0x5392) { 5296 run_bbp_write(sc, 88, 0x90); 5297 run_bbp_write(sc, 95, 0x9a); 5298 run_bbp_write(sc, 98, 0x12); 5299 run_bbp_write(sc, 106, 0x12); 5300 run_bbp_write(sc, 134, 0xd0); 5301 run_bbp_write(sc, 135, 0xf6); 5302 run_bbp_write(sc, 148, 0x84); 5303 } 5304 5305 run_bbp_read(sc, 152, &bbp); 5306 run_bbp_write(sc, 152, bbp | 0x80); 5307 5308 /* Fix BBP254 for RT5592C. */ 5309 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5310 run_bbp_read(sc, 254, &bbp); 5311 run_bbp_write(sc, 254, bbp | 0x80); 5312 } 5313 5314 /* Disable hardware antenna diversity. */ 5315 if (sc->mac_ver == 0x5390) 5316 run_bbp_write(sc, 154, 0); 5317 5318 /* Initialize Rx CCK/OFDM frequency offset report. */ 5319 run_bbp_write(sc, 142, 1); 5320 run_bbp_write(sc, 143, 57); 5321} 5322 5323static int 5324run_bbp_init(struct run_softc *sc) 5325{ 5326 int i, error, ntries; 5327 uint8_t bbp0; 5328 5329 /* wait for BBP to wake up */ 5330 for (ntries = 0; ntries < 20; ntries++) { 5331 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5332 return error; 5333 if (bbp0 != 0 && bbp0 != 0xff) 5334 break; 5335 } 5336 if (ntries == 20) 5337 return (ETIMEDOUT); 5338 5339 /* initialize BBP registers to default values */ 5340 if (sc->mac_ver >= 0x5390) 5341 run_rt5390_bbp_init(sc); 5342 else { 5343 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 5344 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5345 rt2860_def_bbp[i].val); 5346 } 5347 } 5348 5349 if (sc->mac_ver == 0x3593) { 5350 run_bbp_write(sc, 79, 0x13); 5351 run_bbp_write(sc, 80, 0x05); 5352 run_bbp_write(sc, 81, 0x33); 5353 run_bbp_write(sc, 86, 0x46); 5354 run_bbp_write(sc, 137, 0x0f); 5355 } 5356 5357 /* fix BBP84 for RT2860E */ 5358 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5359 run_bbp_write(sc, 84, 0x19); 5360 5361 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5362 sc->mac_ver != 0x5592)) { 5363 run_bbp_write(sc, 79, 0x13); 5364 run_bbp_write(sc, 80, 0x05); 5365 run_bbp_write(sc, 81, 0x33); 5366 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5367 run_bbp_write(sc, 69, 0x16); 5368 run_bbp_write(sc, 73, 0x12); 5369 } 5370 return (0); 5371} 5372 5373static int 5374run_rt3070_rf_init(struct run_softc *sc) 5375{ 5376 uint32_t tmp; 5377 uint8_t bbp4, mingain, rf, target; 5378 int i; 5379 5380 run_rt3070_rf_read(sc, 30, &rf); 5381 /* toggle RF R30 bit 7 */ 5382 run_rt3070_rf_write(sc, 30, rf | 0x80); 5383 run_delay(sc, 10); 5384 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5385 5386 /* initialize RF registers to default value */ 5387 if (sc->mac_ver == 0x3572) { 5388 for (i = 0; i < nitems(rt3572_def_rf); i++) { 5389 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5390 rt3572_def_rf[i].val); 5391 } 5392 } else { 5393 for (i = 0; i < nitems(rt3070_def_rf); i++) { 5394 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5395 rt3070_def_rf[i].val); 5396 } 5397 } 5398 5399 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5400 /* 5401 * Change voltage from 1.2V to 1.35V for RT3070. 5402 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5403 * in RT3070(F). 5404 */ 5405 run_read(sc, RT3070_LDO_CFG0, &tmp); 5406 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5407 run_write(sc, RT3070_LDO_CFG0, tmp); 5408 5409 } else if (sc->mac_ver == 0x3071) { 5410 run_rt3070_rf_read(sc, 6, &rf); 5411 run_rt3070_rf_write(sc, 6, rf | 0x40); 5412 run_rt3070_rf_write(sc, 31, 0x14); 5413 5414 run_read(sc, RT3070_LDO_CFG0, &tmp); 5415 tmp &= ~0x1f000000; 5416 if (sc->mac_rev < 0x0211) 5417 tmp |= 0x0d000000; /* 1.3V */ 5418 else 5419 tmp |= 0x01000000; /* 1.2V */ 5420 run_write(sc, RT3070_LDO_CFG0, tmp); 5421 5422 /* patch LNA_PE_G1 */ 5423 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5424 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5425 5426 } else if (sc->mac_ver == 0x3572) { 5427 run_rt3070_rf_read(sc, 6, &rf); 5428 run_rt3070_rf_write(sc, 6, rf | 0x40); 5429 5430 /* increase voltage from 1.2V to 1.35V */ 5431 run_read(sc, RT3070_LDO_CFG0, &tmp); 5432 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5433 run_write(sc, RT3070_LDO_CFG0, tmp); 5434 5435 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5436 run_delay(sc, 1); /* wait for 1msec */ 5437 /* decrease voltage back to 1.2V */ 5438 tmp = (tmp & ~0x1f000000) | 0x01000000; 5439 run_write(sc, RT3070_LDO_CFG0, tmp); 5440 } 5441 } 5442 5443 /* select 20MHz bandwidth */ 5444 run_rt3070_rf_read(sc, 31, &rf); 5445 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5446 5447 /* calibrate filter for 20MHz bandwidth */ 5448 sc->rf24_20mhz = 0x1f; /* default value */ 5449 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5450 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5451 5452 /* select 40MHz bandwidth */ 5453 run_bbp_read(sc, 4, &bbp4); 5454 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5455 run_rt3070_rf_read(sc, 31, &rf); 5456 run_rt3070_rf_write(sc, 31, rf | 0x20); 5457 5458 /* calibrate filter for 40MHz bandwidth */ 5459 sc->rf24_40mhz = 0x2f; /* default value */ 5460 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5461 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5462 5463 /* go back to 20MHz bandwidth */ 5464 run_bbp_read(sc, 4, &bbp4); 5465 run_bbp_write(sc, 4, bbp4 & ~0x18); 5466 5467 if (sc->mac_ver == 0x3572) { 5468 /* save default BBP registers 25 and 26 values */ 5469 run_bbp_read(sc, 25, &sc->bbp25); 5470 run_bbp_read(sc, 26, &sc->bbp26); 5471 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5472 run_rt3070_rf_write(sc, 27, 0x03); 5473 5474 run_read(sc, RT3070_OPT_14, &tmp); 5475 run_write(sc, RT3070_OPT_14, tmp | 1); 5476 5477 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5478 run_rt3070_rf_read(sc, 17, &rf); 5479 rf &= ~RT3070_TX_LO1; 5480 if ((sc->mac_ver == 0x3070 || 5481 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5482 !sc->ext_2ghz_lna) 5483 rf |= 0x20; /* fix for long range Rx issue */ 5484 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5485 if (sc->txmixgain_2ghz >= mingain) 5486 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5487 run_rt3070_rf_write(sc, 17, rf); 5488 } 5489 5490 if (sc->mac_rev == 0x3071) { 5491 run_rt3070_rf_read(sc, 1, &rf); 5492 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5493 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5494 run_rt3070_rf_write(sc, 1, rf); 5495 5496 run_rt3070_rf_read(sc, 15, &rf); 5497 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5498 5499 run_rt3070_rf_read(sc, 20, &rf); 5500 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5501 5502 run_rt3070_rf_read(sc, 21, &rf); 5503 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5504 } 5505 5506 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5507 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5508 run_rt3070_rf_read(sc, 27, &rf); 5509 rf &= ~0x77; 5510 if (sc->mac_rev < 0x0211) 5511 rf |= 0x03; 5512 run_rt3070_rf_write(sc, 27, rf); 5513 } 5514 return (0); 5515} 5516 5517static void 5518run_rt3593_rf_init(struct run_softc *sc) 5519{ 5520 uint32_t tmp; 5521 uint8_t rf; 5522 int i; 5523 5524 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5525 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5526 tmp &= ~(1 << 4 | 1 << 7); 5527 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5528 5529 /* Initialize RF registers to default value. */ 5530 for (i = 0; i < nitems(rt3593_def_rf); i++) { 5531 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5532 rt3593_def_rf[i].val); 5533 } 5534 5535 /* Toggle RF R2 to initiate calibration. */ 5536 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5537 5538 /* Initialize RF frequency offset. */ 5539 run_adjust_freq_offset(sc); 5540 5541 run_rt3070_rf_read(sc, 18, &rf); 5542 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5543 5544 /* 5545 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5546 * decrease voltage back to 1.2V. 5547 */ 5548 run_read(sc, RT3070_LDO_CFG0, &tmp); 5549 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5550 run_write(sc, RT3070_LDO_CFG0, tmp); 5551 run_delay(sc, 1); 5552 tmp = (tmp & ~0x1f000000) | 0x01000000; 5553 run_write(sc, RT3070_LDO_CFG0, tmp); 5554 5555 sc->rf24_20mhz = 0x1f; 5556 sc->rf24_40mhz = 0x2f; 5557 5558 /* Save default BBP registers 25 and 26 values. */ 5559 run_bbp_read(sc, 25, &sc->bbp25); 5560 run_bbp_read(sc, 26, &sc->bbp26); 5561 5562 run_read(sc, RT3070_OPT_14, &tmp); 5563 run_write(sc, RT3070_OPT_14, tmp | 1); 5564} 5565 5566static void 5567run_rt5390_rf_init(struct run_softc *sc) 5568{ 5569 uint32_t tmp; 5570 uint8_t rf; 5571 int i; 5572 5573 /* Toggle RF R2 to initiate calibration. */ 5574 if (sc->mac_ver == 0x5390) { 5575 run_rt3070_rf_read(sc, 2, &rf); 5576 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5577 run_delay(sc, 10); 5578 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5579 } else { 5580 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5581 run_delay(sc, 10); 5582 } 5583 5584 /* Initialize RF registers to default value. */ 5585 if (sc->mac_ver == 0x5592) { 5586 for (i = 0; i < nitems(rt5592_def_rf); i++) { 5587 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5588 rt5592_def_rf[i].val); 5589 } 5590 /* Initialize RF frequency offset. */ 5591 run_adjust_freq_offset(sc); 5592 } else if (sc->mac_ver == 0x5392) { 5593 for (i = 0; i < nitems(rt5392_def_rf); i++) { 5594 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5595 rt5392_def_rf[i].val); 5596 } 5597 if (sc->mac_rev >= 0x0223) { 5598 run_rt3070_rf_write(sc, 23, 0x0f); 5599 run_rt3070_rf_write(sc, 24, 0x3e); 5600 run_rt3070_rf_write(sc, 51, 0x32); 5601 run_rt3070_rf_write(sc, 53, 0x22); 5602 run_rt3070_rf_write(sc, 56, 0xc1); 5603 run_rt3070_rf_write(sc, 59, 0x0f); 5604 } 5605 } else { 5606 for (i = 0; i < nitems(rt5390_def_rf); i++) { 5607 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5608 rt5390_def_rf[i].val); 5609 } 5610 if (sc->mac_rev >= 0x0502) { 5611 run_rt3070_rf_write(sc, 6, 0xe0); 5612 run_rt3070_rf_write(sc, 25, 0x80); 5613 run_rt3070_rf_write(sc, 46, 0x73); 5614 run_rt3070_rf_write(sc, 53, 0x00); 5615 run_rt3070_rf_write(sc, 56, 0x42); 5616 run_rt3070_rf_write(sc, 61, 0xd1); 5617 } 5618 } 5619 5620 sc->rf24_20mhz = 0x1f; /* default value */ 5621 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5622 5623 if (sc->mac_rev < 0x0211) 5624 run_rt3070_rf_write(sc, 27, 0x3); 5625 5626 run_read(sc, RT3070_OPT_14, &tmp); 5627 run_write(sc, RT3070_OPT_14, tmp | 1); 5628} 5629 5630static int 5631run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5632 uint8_t *val) 5633{ 5634 uint8_t rf22, rf24; 5635 uint8_t bbp55_pb, bbp55_sb, delta; 5636 int ntries; 5637 5638 /* program filter */ 5639 run_rt3070_rf_read(sc, 24, &rf24); 5640 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5641 run_rt3070_rf_write(sc, 24, rf24); 5642 5643 /* enable baseband loopback mode */ 5644 run_rt3070_rf_read(sc, 22, &rf22); 5645 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5646 5647 /* set power and frequency of passband test tone */ 5648 run_bbp_write(sc, 24, 0x00); 5649 for (ntries = 0; ntries < 100; ntries++) { 5650 /* transmit test tone */ 5651 run_bbp_write(sc, 25, 0x90); 5652 run_delay(sc, 10); 5653 /* read received power */ 5654 run_bbp_read(sc, 55, &bbp55_pb); 5655 if (bbp55_pb != 0) 5656 break; 5657 } 5658 if (ntries == 100) 5659 return (ETIMEDOUT); 5660 5661 /* set power and frequency of stopband test tone */ 5662 run_bbp_write(sc, 24, 0x06); 5663 for (ntries = 0; ntries < 100; ntries++) { 5664 /* transmit test tone */ 5665 run_bbp_write(sc, 25, 0x90); 5666 run_delay(sc, 10); 5667 /* read received power */ 5668 run_bbp_read(sc, 55, &bbp55_sb); 5669 5670 delta = bbp55_pb - bbp55_sb; 5671 if (delta > target) 5672 break; 5673 5674 /* reprogram filter */ 5675 rf24++; 5676 run_rt3070_rf_write(sc, 24, rf24); 5677 } 5678 if (ntries < 100) { 5679 if (rf24 != init) 5680 rf24--; /* backtrack */ 5681 *val = rf24; 5682 run_rt3070_rf_write(sc, 24, rf24); 5683 } 5684 5685 /* restore initial state */ 5686 run_bbp_write(sc, 24, 0x00); 5687 5688 /* disable baseband loopback mode */ 5689 run_rt3070_rf_read(sc, 22, &rf22); 5690 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5691 5692 return (0); 5693} 5694 5695static void 5696run_rt3070_rf_setup(struct run_softc *sc) 5697{ 5698 uint8_t bbp, rf; 5699 int i; 5700 5701 if (sc->mac_ver == 0x3572) { 5702 /* enable DC filter */ 5703 if (sc->mac_rev >= 0x0201) 5704 run_bbp_write(sc, 103, 0xc0); 5705 5706 run_bbp_read(sc, 138, &bbp); 5707 if (sc->ntxchains == 1) 5708 bbp |= 0x20; /* turn off DAC1 */ 5709 if (sc->nrxchains == 1) 5710 bbp &= ~0x02; /* turn off ADC1 */ 5711 run_bbp_write(sc, 138, bbp); 5712 5713 if (sc->mac_rev >= 0x0211) { 5714 /* improve power consumption */ 5715 run_bbp_read(sc, 31, &bbp); 5716 run_bbp_write(sc, 31, bbp & ~0x03); 5717 } 5718 5719 run_rt3070_rf_read(sc, 16, &rf); 5720 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5721 run_rt3070_rf_write(sc, 16, rf); 5722 5723 } else if (sc->mac_ver == 0x3071) { 5724 if (sc->mac_rev >= 0x0211) { 5725 /* enable DC filter */ 5726 run_bbp_write(sc, 103, 0xc0); 5727 5728 /* improve power consumption */ 5729 run_bbp_read(sc, 31, &bbp); 5730 run_bbp_write(sc, 31, bbp & ~0x03); 5731 } 5732 5733 run_bbp_read(sc, 138, &bbp); 5734 if (sc->ntxchains == 1) 5735 bbp |= 0x20; /* turn off DAC1 */ 5736 if (sc->nrxchains == 1) 5737 bbp &= ~0x02; /* turn off ADC1 */ 5738 run_bbp_write(sc, 138, bbp); 5739 5740 run_write(sc, RT2860_TX_SW_CFG1, 0); 5741 if (sc->mac_rev < 0x0211) { 5742 run_write(sc, RT2860_TX_SW_CFG2, 5743 sc->patch_dac ? 0x2c : 0x0f); 5744 } else 5745 run_write(sc, RT2860_TX_SW_CFG2, 0); 5746 5747 } else if (sc->mac_ver == 0x3070) { 5748 if (sc->mac_rev >= 0x0201) { 5749 /* enable DC filter */ 5750 run_bbp_write(sc, 103, 0xc0); 5751 5752 /* improve power consumption */ 5753 run_bbp_read(sc, 31, &bbp); 5754 run_bbp_write(sc, 31, bbp & ~0x03); 5755 } 5756 5757 if (sc->mac_rev < 0x0201) { 5758 run_write(sc, RT2860_TX_SW_CFG1, 0); 5759 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5760 } else 5761 run_write(sc, RT2860_TX_SW_CFG2, 0); 5762 } 5763 5764 /* initialize RF registers from ROM for >=RT3071*/ 5765 if (sc->mac_ver >= 0x3071) { 5766 for (i = 0; i < 10; i++) { 5767 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5768 continue; 5769 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5770 } 5771 } 5772} 5773 5774static void 5775run_rt3593_rf_setup(struct run_softc *sc) 5776{ 5777 uint8_t bbp, rf; 5778 5779 if (sc->mac_rev >= 0x0211) { 5780 /* Enable DC filter. */ 5781 run_bbp_write(sc, 103, 0xc0); 5782 } 5783 run_write(sc, RT2860_TX_SW_CFG1, 0); 5784 if (sc->mac_rev < 0x0211) { 5785 run_write(sc, RT2860_TX_SW_CFG2, 5786 sc->patch_dac ? 0x2c : 0x0f); 5787 } else 5788 run_write(sc, RT2860_TX_SW_CFG2, 0); 5789 5790 run_rt3070_rf_read(sc, 50, &rf); 5791 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5792 5793 run_rt3070_rf_read(sc, 51, &rf); 5794 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5795 ((sc->txmixgain_2ghz & 0x07) << 2); 5796 run_rt3070_rf_write(sc, 51, rf); 5797 5798 run_rt3070_rf_read(sc, 38, &rf); 5799 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5800 5801 run_rt3070_rf_read(sc, 39, &rf); 5802 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5803 5804 run_rt3070_rf_read(sc, 1, &rf); 5805 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5806 5807 run_rt3070_rf_read(sc, 30, &rf); 5808 rf = (rf & ~0x18) | 0x10; 5809 run_rt3070_rf_write(sc, 30, rf); 5810 5811 /* Apply maximum likelihood detection for 2 stream case. */ 5812 run_bbp_read(sc, 105, &bbp); 5813 if (sc->nrxchains > 1) 5814 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5815 5816 /* Avoid data lost and CRC error. */ 5817 run_bbp_read(sc, 4, &bbp); 5818 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5819 5820 run_bbp_write(sc, 92, 0x02); 5821 run_bbp_write(sc, 82, 0x82); 5822 run_bbp_write(sc, 106, 0x05); 5823 run_bbp_write(sc, 104, 0x92); 5824 run_bbp_write(sc, 88, 0x90); 5825 run_bbp_write(sc, 148, 0xc8); 5826 run_bbp_write(sc, 47, 0x48); 5827 run_bbp_write(sc, 120, 0x50); 5828 5829 run_bbp_write(sc, 163, 0x9d); 5830 5831 /* SNR mapping. */ 5832 run_bbp_write(sc, 142, 0x06); 5833 run_bbp_write(sc, 143, 0xa0); 5834 run_bbp_write(sc, 142, 0x07); 5835 run_bbp_write(sc, 143, 0xa1); 5836 run_bbp_write(sc, 142, 0x08); 5837 run_bbp_write(sc, 143, 0xa2); 5838 5839 run_bbp_write(sc, 31, 0x08); 5840 run_bbp_write(sc, 68, 0x0b); 5841 run_bbp_write(sc, 105, 0x04); 5842} 5843 5844static void 5845run_rt5390_rf_setup(struct run_softc *sc) 5846{ 5847 uint8_t bbp, rf; 5848 5849 if (sc->mac_rev >= 0x0211) { 5850 /* Enable DC filter. */ 5851 run_bbp_write(sc, 103, 0xc0); 5852 5853 if (sc->mac_ver != 0x5592) { 5854 /* Improve power consumption. */ 5855 run_bbp_read(sc, 31, &bbp); 5856 run_bbp_write(sc, 31, bbp & ~0x03); 5857 } 5858 } 5859 5860 run_bbp_read(sc, 138, &bbp); 5861 if (sc->ntxchains == 1) 5862 bbp |= 0x20; /* turn off DAC1 */ 5863 if (sc->nrxchains == 1) 5864 bbp &= ~0x02; /* turn off ADC1 */ 5865 run_bbp_write(sc, 138, bbp); 5866 5867 run_rt3070_rf_read(sc, 38, &rf); 5868 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5869 5870 run_rt3070_rf_read(sc, 39, &rf); 5871 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5872 5873 /* Avoid data lost and CRC error. */ 5874 run_bbp_read(sc, 4, &bbp); 5875 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5876 5877 run_rt3070_rf_read(sc, 30, &rf); 5878 rf = (rf & ~0x18) | 0x10; 5879 run_rt3070_rf_write(sc, 30, rf); 5880 5881 if (sc->mac_ver != 0x5592) { 5882 run_write(sc, RT2860_TX_SW_CFG1, 0); 5883 if (sc->mac_rev < 0x0211) { 5884 run_write(sc, RT2860_TX_SW_CFG2, 5885 sc->patch_dac ? 0x2c : 0x0f); 5886 } else 5887 run_write(sc, RT2860_TX_SW_CFG2, 0); 5888 } 5889} 5890 5891static int 5892run_txrx_enable(struct run_softc *sc) 5893{ 5894 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5895 uint32_t tmp; 5896 int error, ntries; 5897 5898 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5899 for (ntries = 0; ntries < 200; ntries++) { 5900 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5901 return (error); 5902 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5903 break; 5904 run_delay(sc, 50); 5905 } 5906 if (ntries == 200) 5907 return (ETIMEDOUT); 5908 5909 run_delay(sc, 50); 5910 5911 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5912 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5913 5914 /* enable Rx bulk aggregation (set timeout and limit) */ 5915 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5916 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5917 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5918 5919 /* set Rx filter */ 5920 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5921 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5922 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5923 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5924 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5925 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5926 if (ic->ic_opmode == IEEE80211_M_STA) 5927 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5928 } 5929 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5930 5931 run_write(sc, RT2860_MAC_SYS_CTRL, 5932 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5933 5934 return (0); 5935} 5936 5937static void 5938run_adjust_freq_offset(struct run_softc *sc) 5939{ 5940 uint8_t rf, tmp; 5941 5942 run_rt3070_rf_read(sc, 17, &rf); 5943 tmp = rf; 5944 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5945 rf = MIN(rf, 0x5f); 5946 5947 if (tmp != rf) 5948 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5949} 5950 5951static void 5952run_init_locked(struct run_softc *sc) 5953{ 5954 struct ifnet *ifp = sc->sc_ifp; 5955 struct ieee80211com *ic = ifp->if_l2com; 5956 uint32_t tmp; 5957 uint8_t bbp1, bbp3; 5958 int i; 5959 int ridx; 5960 int ntries; 5961 5962 if (ic->ic_nrunning > 1) 5963 return; 5964 5965 run_stop(sc); 5966 5967 if (run_load_microcode(sc) != 0) { 5968 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5969 goto fail; 5970 } 5971 5972 for (ntries = 0; ntries < 100; ntries++) { 5973 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5974 goto fail; 5975 if (tmp != 0 && tmp != 0xffffffff) 5976 break; 5977 run_delay(sc, 10); 5978 } 5979 if (ntries == 100) 5980 goto fail; 5981 5982 for (i = 0; i != RUN_EP_QUEUES; i++) 5983 run_setup_tx_list(sc, &sc->sc_epq[i]); 5984 5985 run_set_macaddr(sc, IF_LLADDR(ifp)); 5986 5987 for (ntries = 0; ntries < 100; ntries++) { 5988 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 5989 goto fail; 5990 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5991 break; 5992 run_delay(sc, 10); 5993 } 5994 if (ntries == 100) { 5995 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 5996 goto fail; 5997 } 5998 tmp &= 0xff0; 5999 tmp |= RT2860_TX_WB_DDONE; 6000 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6001 6002 /* turn off PME_OEN to solve high-current issue */ 6003 run_read(sc, RT2860_SYS_CTRL, &tmp); 6004 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 6005 6006 run_write(sc, RT2860_MAC_SYS_CTRL, 6007 RT2860_BBP_HRST | RT2860_MAC_SRST); 6008 run_write(sc, RT2860_USB_DMA_CFG, 0); 6009 6010 if (run_reset(sc) != 0) { 6011 device_printf(sc->sc_dev, "could not reset chipset\n"); 6012 goto fail; 6013 } 6014 6015 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6016 6017 /* init Tx power for all Tx rates (from EEPROM) */ 6018 for (ridx = 0; ridx < 5; ridx++) { 6019 if (sc->txpow20mhz[ridx] == 0xffffffff) 6020 continue; 6021 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6022 } 6023 6024 for (i = 0; i < nitems(rt2870_def_mac); i++) 6025 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6026 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6027 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6028 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6029 6030 if (sc->mac_ver >= 0x5390) { 6031 run_write(sc, RT2860_TX_SW_CFG0, 6032 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6033 if (sc->mac_ver >= 0x5392) { 6034 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6035 if (sc->mac_ver == 0x5592) { 6036 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6037 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6038 } else { 6039 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6040 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6041 } 6042 } 6043 } else if (sc->mac_ver == 0x3593) { 6044 run_write(sc, RT2860_TX_SW_CFG0, 6045 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6046 } else if (sc->mac_ver >= 0x3070) { 6047 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6048 run_write(sc, RT2860_TX_SW_CFG0, 6049 4 << RT2860_DLY_PAPE_EN_SHIFT); 6050 } 6051 6052 /* wait while MAC is busy */ 6053 for (ntries = 0; ntries < 100; ntries++) { 6054 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6055 goto fail; 6056 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6057 break; 6058 run_delay(sc, 10); 6059 } 6060 if (ntries == 100) 6061 goto fail; 6062 6063 /* clear Host to MCU mailbox */ 6064 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6065 run_write(sc, RT2860_H2M_MAILBOX, 0); 6066 run_delay(sc, 10); 6067 6068 if (run_bbp_init(sc) != 0) { 6069 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6070 goto fail; 6071 } 6072 6073 /* abort TSF synchronization */ 6074 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6075 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6076 RT2860_TBTT_TIMER_EN); 6077 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6078 6079 /* clear RX WCID search table */ 6080 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6081 /* clear WCID attribute table */ 6082 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6083 6084 /* hostapd sets a key before init. So, don't clear it. */ 6085 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6086 /* clear shared key table */ 6087 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6088 /* clear shared key mode */ 6089 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6090 } 6091 6092 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6093 tmp = (tmp & ~0xff) | 0x1e; 6094 run_write(sc, RT2860_US_CYC_CNT, tmp); 6095 6096 if (sc->mac_rev != 0x0101) 6097 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6098 6099 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6100 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6101 6102 /* write vendor-specific BBP values (from EEPROM) */ 6103 if (sc->mac_ver < 0x3593) { 6104 for (i = 0; i < 10; i++) { 6105 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6106 continue; 6107 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6108 } 6109 } 6110 6111 /* select Main antenna for 1T1R devices */ 6112 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6113 run_set_rx_antenna(sc, 0); 6114 6115 /* send LEDs operating mode to microcontroller */ 6116 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6117 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6118 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6119 6120 if (sc->mac_ver >= 0x5390) 6121 run_rt5390_rf_init(sc); 6122 else if (sc->mac_ver == 0x3593) 6123 run_rt3593_rf_init(sc); 6124 else if (sc->mac_ver >= 0x3070) 6125 run_rt3070_rf_init(sc); 6126 6127 /* disable non-existing Rx chains */ 6128 run_bbp_read(sc, 3, &bbp3); 6129 bbp3 &= ~(1 << 3 | 1 << 4); 6130 if (sc->nrxchains == 2) 6131 bbp3 |= 1 << 3; 6132 else if (sc->nrxchains == 3) 6133 bbp3 |= 1 << 4; 6134 run_bbp_write(sc, 3, bbp3); 6135 6136 /* disable non-existing Tx chains */ 6137 run_bbp_read(sc, 1, &bbp1); 6138 if (sc->ntxchains == 1) 6139 bbp1 &= ~(1 << 3 | 1 << 4); 6140 run_bbp_write(sc, 1, bbp1); 6141 6142 if (sc->mac_ver >= 0x5390) 6143 run_rt5390_rf_setup(sc); 6144 else if (sc->mac_ver == 0x3593) 6145 run_rt3593_rf_setup(sc); 6146 else if (sc->mac_ver >= 0x3070) 6147 run_rt3070_rf_setup(sc); 6148 6149 /* select default channel */ 6150 run_set_chan(sc, ic->ic_curchan); 6151 6152 /* setup initial protection mode */ 6153 run_updateprot_cb(ic); 6154 6155 /* turn radio LED on */ 6156 run_set_leds(sc, RT2860_LED_RADIO); 6157 6158 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 6159 ifp->if_drv_flags |= IFF_DRV_RUNNING; 6160 sc->cmdq_run = RUN_CMDQ_GO; 6161 6162 for (i = 0; i != RUN_N_XFER; i++) 6163 usbd_xfer_set_stall(sc->sc_xfer[i]); 6164 6165 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6166 6167 if (run_txrx_enable(sc) != 0) 6168 goto fail; 6169 6170 return; 6171 6172fail: 6173 run_stop(sc); 6174} 6175 6176static void 6177run_init(void *arg) 6178{ 6179 struct run_softc *sc = arg; 6180 struct ifnet *ifp = sc->sc_ifp; 6181 struct ieee80211com *ic = ifp->if_l2com; 6182 6183 RUN_LOCK(sc); 6184 run_init_locked(sc); 6185 RUN_UNLOCK(sc); 6186 6187 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6188 ieee80211_start_all(ic); 6189} 6190 6191static void 6192run_stop(void *arg) 6193{ 6194 struct run_softc *sc = (struct run_softc *)arg; 6195 struct ifnet *ifp = sc->sc_ifp; 6196 uint32_t tmp; 6197 int i; 6198 int ntries; 6199 6200 RUN_LOCK_ASSERT(sc, MA_OWNED); 6201 6202 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6203 run_set_leds(sc, 0); /* turn all LEDs off */ 6204 6205 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 6206 6207 sc->ratectl_run = RUN_RATECTL_OFF; 6208 sc->cmdq_run = sc->cmdq_key_set; 6209 6210 RUN_UNLOCK(sc); 6211 6212 for(i = 0; i < RUN_N_XFER; i++) 6213 usbd_transfer_drain(sc->sc_xfer[i]); 6214 6215 RUN_LOCK(sc); 6216 6217 if (sc->rx_m != NULL) { 6218 m_free(sc->rx_m); 6219 sc->rx_m = NULL; 6220 } 6221 6222 /* Disable Tx/Rx DMA. */ 6223 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6224 return; 6225 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6226 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6227 6228 for (ntries = 0; ntries < 100; ntries++) { 6229 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6230 return; 6231 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6232 break; 6233 run_delay(sc, 10); 6234 } 6235 if (ntries == 100) { 6236 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6237 return; 6238 } 6239 6240 /* disable Tx/Rx */ 6241 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6242 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6243 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6244 6245 /* wait for pending Tx to complete */ 6246 for (ntries = 0; ntries < 100; ntries++) { 6247 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6248 DPRINTF("Cannot read Tx queue count\n"); 6249 break; 6250 } 6251 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6252 DPRINTF("All Tx cleared\n"); 6253 break; 6254 } 6255 run_delay(sc, 10); 6256 } 6257 if (ntries >= 100) 6258 DPRINTF("There are still pending Tx\n"); 6259 run_delay(sc, 10); 6260 run_write(sc, RT2860_USB_DMA_CFG, 0); 6261 6262 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6263 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6264 6265 for (i = 0; i != RUN_EP_QUEUES; i++) 6266 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6267} 6268 6269static void 6270run_delay(struct run_softc *sc, u_int ms) 6271{ 6272 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ? 6273 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms)); 6274} 6275 6276static device_method_t run_methods[] = { 6277 /* Device interface */ 6278 DEVMETHOD(device_probe, run_match), 6279 DEVMETHOD(device_attach, run_attach), 6280 DEVMETHOD(device_detach, run_detach), 6281 DEVMETHOD_END 6282}; 6283 6284static driver_t run_driver = { 6285 .name = "run", 6286 .methods = run_methods, 6287 .size = sizeof(struct run_softc) 6288}; 6289 6290static devclass_t run_devclass; 6291 6292DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6293MODULE_DEPEND(run, wlan, 1, 1, 1); 6294MODULE_DEPEND(run, usb, 1, 1, 1); 6295MODULE_DEPEND(run, firmware, 1, 1, 1); 6296MODULE_VERSION(run, 1); 6297