1 /*-
2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr>
3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca>
4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org>
5 * Copyright (c) 2013-2014 Kevin Lo
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 /*-
21 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver.
22 * http://www.ralinktech.com/
23 */
24
25 #include "opt_wlan.h"
26
27 #include <sys/param.h>
28 #include <sys/eventhandler.h>
29 #include <sys/sockio.h>
30 #include <sys/sysctl.h>
31 #include <sys/lock.h>
32 #include <sys/mutex.h>
33 #include <sys/mbuf.h>
34 #include <sys/kernel.h>
35 #include <sys/socket.h>
36 #include <sys/systm.h>
37 #include <sys/malloc.h>
38 #include <sys/module.h>
39 #include <sys/bus.h>
40 #include <sys/endian.h>
41 #include <sys/linker.h>
42 #include <sys/firmware.h>
43 #include <sys/kdb.h>
44
45 #include <net/bpf.h>
46 #include <net/if.h>
47 #include <net/if_var.h>
48 #include <net/if_arp.h>
49 #include <net/ethernet.h>
50 #include <net/if_dl.h>
51 #include <net/if_media.h>
52 #include <net/if_types.h>
53
54 #include <netinet/in.h>
55 #include <netinet/in_systm.h>
56 #include <netinet/in_var.h>
57 #include <netinet/if_ether.h>
58 #include <netinet/ip.h>
59
60 #include <net80211/ieee80211_var.h>
61 #include <net80211/ieee80211_regdomain.h>
62 #include <net80211/ieee80211_radiotap.h>
63 #include <net80211/ieee80211_ratectl.h>
64 #ifdef IEEE80211_SUPPORT_SUPERG
65 #include <net80211/ieee80211_superg.h>
66 #endif
67
68 #include <dev/usb/usb.h>
69 #include <dev/usb/usbdi.h>
70 #include "usbdevs.h"
71
72 #define USB_DEBUG_VAR run_debug
73 #include <dev/usb/usb_debug.h>
74 #include <dev/usb/usb_msctest.h>
75
76 #include <dev/usb/wlan/if_runreg.h>
77 #include <dev/usb/wlan/if_runvar.h>
78
79 #ifdef USB_DEBUG
80 #define RUN_DEBUG
81 #endif
82
83 #ifdef RUN_DEBUG
84 int run_debug = 0;
85 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
86 "USB run");
87 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RWTUN, &run_debug, 0,
88 "run debug level");
89
90 enum {
91 RUN_DEBUG_XMIT = 0x00000001, /* basic xmit operation */
92 RUN_DEBUG_XMIT_DESC = 0x00000002, /* xmit descriptors */
93 RUN_DEBUG_RECV = 0x00000004, /* basic recv operation */
94 RUN_DEBUG_RECV_DESC = 0x00000008, /* recv descriptors */
95 RUN_DEBUG_STATE = 0x00000010, /* 802.11 state transitions */
96 RUN_DEBUG_RATE = 0x00000020, /* rate adaptation */
97 RUN_DEBUG_USB = 0x00000040, /* usb requests */
98 RUN_DEBUG_FIRMWARE = 0x00000080, /* firmware(9) loading debug */
99 RUN_DEBUG_BEACON = 0x00000100, /* beacon handling */
100 RUN_DEBUG_INTR = 0x00000200, /* ISR */
101 RUN_DEBUG_TEMP = 0x00000400, /* temperature calibration */
102 RUN_DEBUG_ROM = 0x00000800, /* various ROM info */
103 RUN_DEBUG_KEY = 0x00001000, /* crypto keys management */
104 RUN_DEBUG_TXPWR = 0x00002000, /* dump Tx power values */
105 RUN_DEBUG_RSSI = 0x00004000, /* dump RSSI lookups */
106 RUN_DEBUG_RESET = 0x00008000, /* initialization progress */
107 RUN_DEBUG_CALIB = 0x00010000, /* calibration progress */
108 RUN_DEBUG_CMD = 0x00020000, /* command queue */
109 RUN_DEBUG_ANY = 0xffffffff
110 };
111
112 #define RUN_DPRINTF(_sc, _m, ...) do { \
113 if (run_debug & (_m)) \
114 device_printf((_sc)->sc_dev, __VA_ARGS__); \
115 } while(0)
116 #else
117 #define RUN_DPRINTF(_sc, _m, ...) do { (void) _sc; } while (0)
118 #endif
119
120 #define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh)
121
122 /*
123 * Because of LOR in run_key_delete(), use atomic instead.
124 * '& RUN_CMDQ_MASQ' is to loop cmdq[].
125 */
126 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ)
127
128 static const STRUCT_USB_HOST_ID run_devs[] = {
129 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) }
130 #define RUN_DEV_EJECT(v,p) \
131 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, RUN_EJECT) }
132 #define RUN_EJECT 1
133 RUN_DEV(ABOCOM, RT2770),
134 RUN_DEV(ABOCOM, RT2870),
135 RUN_DEV(ABOCOM, RT3070),
136 RUN_DEV(ABOCOM, RT3071),
137 RUN_DEV(ABOCOM, RT3072),
138 RUN_DEV(ABOCOM2, RT2870_1),
139 RUN_DEV(ACCTON, RT2770),
140 RUN_DEV(ACCTON, RT2870_1),
141 RUN_DEV(ACCTON, RT2870_2),
142 RUN_DEV(ACCTON, RT2870_3),
143 RUN_DEV(ACCTON, RT2870_4),
144 RUN_DEV(ACCTON, RT2870_5),
145 RUN_DEV(ACCTON, RT3070),
146 RUN_DEV(ACCTON, RT3070_1),
147 RUN_DEV(ACCTON, RT3070_2),
148 RUN_DEV(ACCTON, RT3070_3),
149 RUN_DEV(ACCTON, RT3070_4),
150 RUN_DEV(ACCTON, RT3070_5),
151 RUN_DEV(AIRTIES, RT3070),
152 RUN_DEV(ALLWIN, RT2070),
153 RUN_DEV(ALLWIN, RT2770),
154 RUN_DEV(ALLWIN, RT2870),
155 RUN_DEV(ALLWIN, RT3070),
156 RUN_DEV(ALLWIN, RT3071),
157 RUN_DEV(ALLWIN, RT3072),
158 RUN_DEV(ALLWIN, RT3572),
159 RUN_DEV(AMIGO, RT2870_1),
160 RUN_DEV(AMIGO, RT2870_2),
161 RUN_DEV(AMIT, CGWLUSB2GNR),
162 RUN_DEV(AMIT, RT2870_1),
163 RUN_DEV(AMIT2, RT2870),
164 RUN_DEV(ASUS, RT2870_1),
165 RUN_DEV(ASUS, RT2870_2),
166 RUN_DEV(ASUS, RT2870_3),
167 RUN_DEV(ASUS, RT2870_4),
168 RUN_DEV(ASUS, RT2870_5),
169 RUN_DEV(ASUS, USBN13),
170 RUN_DEV(ASUS, RT3070_1),
171 RUN_DEV(ASUS, USBN66),
172 RUN_DEV(ASUS, USB_N53),
173 RUN_DEV(ASUS, USBN14),
174 RUN_DEV(ASUS2, USBN11),
175 RUN_DEV(AZUREWAVE, RT2870_1),
176 RUN_DEV(AZUREWAVE, RT2870_2),
177 RUN_DEV(AZUREWAVE, RT3070_1),
178 RUN_DEV(AZUREWAVE, RT3070_2),
179 RUN_DEV(AZUREWAVE, RT3070_3),
180 RUN_DEV(BELKIN, F9L1103),
181 RUN_DEV(BELKIN, F5D8053V3),
182 RUN_DEV(BELKIN, F5D8055),
183 RUN_DEV(BELKIN, F5D8055V2),
184 RUN_DEV(BELKIN, F6D4050V1),
185 RUN_DEV(BELKIN, F6D4050V2),
186 RUN_DEV(BELKIN, RT2870_1),
187 RUN_DEV(BELKIN, RT2870_2),
188 RUN_DEV(CISCOLINKSYS, AE1000),
189 RUN_DEV(CISCOLINKSYS2, RT3070),
190 RUN_DEV(CISCOLINKSYS3, RT3070),
191 RUN_DEV(CONCEPTRONIC2, RT2870_1),
192 RUN_DEV(CONCEPTRONIC2, RT2870_2),
193 RUN_DEV(CONCEPTRONIC2, RT2870_3),
194 RUN_DEV(CONCEPTRONIC2, RT2870_4),
195 RUN_DEV(CONCEPTRONIC2, RT2870_5),
196 RUN_DEV(CONCEPTRONIC2, RT2870_6),
197 RUN_DEV(CONCEPTRONIC2, RT2870_7),
198 RUN_DEV(CONCEPTRONIC2, RT2870_8),
199 RUN_DEV(CONCEPTRONIC2, RT3070_1),
200 RUN_DEV(CONCEPTRONIC2, RT3070_2),
201 RUN_DEV(CONCEPTRONIC2, VIGORN61),
202 RUN_DEV(COREGA, CGWLUSB300GNM),
203 RUN_DEV(COREGA, RT2870_1),
204 RUN_DEV(COREGA, RT2870_2),
205 RUN_DEV(COREGA, RT2870_3),
206 RUN_DEV(COREGA, RT3070),
207 RUN_DEV(CYBERTAN, RT2870),
208 RUN_DEV(DLINK, RT2870),
209 RUN_DEV(DLINK, RT3072),
210 RUN_DEV(DLINK, DWA125A3),
211 RUN_DEV(DLINK, DWA127),
212 RUN_DEV(DLINK, DWA140B3),
213 RUN_DEV(DLINK, DWA160B2),
214 RUN_DEV(DLINK, DWA140D1),
215 RUN_DEV(DLINK, DWA130F1),
216 RUN_DEV(DLINK, DWA162),
217 RUN_DEV(DLINK2, DWA130),
218 RUN_DEV(DLINK2, RT2870_1),
219 RUN_DEV(DLINK2, RT2870_2),
220 RUN_DEV(DLINK2, RT3070_1),
221 RUN_DEV(DLINK2, RT3070_2),
222 RUN_DEV(DLINK2, RT3070_3),
223 RUN_DEV(DLINK2, RT3070_4),
224 RUN_DEV(DLINK2, RT3070_5),
225 RUN_DEV(DLINK2, RT3072),
226 RUN_DEV(DLINK2, RT3072_1),
227 RUN_DEV(EDIMAX, EW7717),
228 RUN_DEV(EDIMAX, EW7718),
229 RUN_DEV(EDIMAX, EW7733UND),
230 RUN_DEV(EDIMAX, RT2870_1),
231 RUN_DEV(ENCORE, RT3070_1),
232 RUN_DEV(ENCORE, RT3070_2),
233 RUN_DEV(ENCORE, RT3070_3),
234 RUN_DEV(GIGABYTE, GNWB31N),
235 RUN_DEV(GIGABYTE, GNWB32L),
236 RUN_DEV(GIGABYTE, RT2870_1),
237 RUN_DEV(GIGASET, RT3070_1),
238 RUN_DEV(GIGASET, RT3070_2),
239 RUN_DEV(GUILLEMOT, HWNU300),
240 RUN_DEV(HAWKING, HWUN2),
241 RUN_DEV(HAWKING, RT2870_1),
242 RUN_DEV(HAWKING, RT2870_2),
243 RUN_DEV(HAWKING, RT3070),
244 RUN_DEV(IODATA, RT3072_1),
245 RUN_DEV(IODATA, RT3072_2),
246 RUN_DEV(IODATA, RT3072_3),
247 RUN_DEV(IODATA, RT3072_4),
248 RUN_DEV(LINKSYS4, RT3070),
249 RUN_DEV(LINKSYS4, WUSB100),
250 RUN_DEV(LINKSYS4, WUSB54GCV3),
251 RUN_DEV(LINKSYS4, WUSB600N),
252 RUN_DEV(LINKSYS4, WUSB600NV2),
253 RUN_DEV(LOGITEC, RT2870_1),
254 RUN_DEV(LOGITEC, RT2870_2),
255 RUN_DEV(LOGITEC, RT2870_3),
256 RUN_DEV(LOGITEC, LANW300NU2),
257 RUN_DEV(LOGITEC, LANW150NU2),
258 RUN_DEV(LOGITEC, LANW300NU2S),
259 RUN_DEV(MELCO, WLIUCG300HP),
260 RUN_DEV(MELCO, RT2870_2),
261 RUN_DEV(MELCO, WLIUCAG300N),
262 RUN_DEV(MELCO, WLIUCG300N),
263 RUN_DEV(MELCO, WLIUCG301N),
264 RUN_DEV(MELCO, WLIUCGN),
265 RUN_DEV(MELCO, WLIUCGNM),
266 RUN_DEV(MELCO, WLIUCG300HPV1),
267 RUN_DEV(MELCO, WLIUCGNM2),
268 RUN_DEV(MOTOROLA4, RT2770),
269 RUN_DEV(MOTOROLA4, RT3070),
270 RUN_DEV(MSI, RT3070_1),
271 RUN_DEV(MSI, RT3070_2),
272 RUN_DEV(MSI, RT3070_3),
273 RUN_DEV(MSI, RT3070_4),
274 RUN_DEV(MSI, RT3070_5),
275 RUN_DEV(MSI, RT3070_6),
276 RUN_DEV(MSI, RT3070_7),
277 RUN_DEV(MSI, RT3070_8),
278 RUN_DEV(MSI, RT3070_9),
279 RUN_DEV(MSI, RT3070_10),
280 RUN_DEV(MSI, RT3070_11),
281 RUN_DEV(NETGEAR, WNDA4100),
282 RUN_DEV(OVISLINK, RT3072),
283 RUN_DEV(PARA, RT3070),
284 RUN_DEV(PEGATRON, RT2870),
285 RUN_DEV(PEGATRON, RT3070),
286 RUN_DEV(PEGATRON, RT3070_2),
287 RUN_DEV(PEGATRON, RT3070_3),
288 RUN_DEV(PHILIPS, RT2870),
289 RUN_DEV(PLANEX2, GWUS300MINIS),
290 RUN_DEV(PLANEX2, GWUSMICRON),
291 RUN_DEV(PLANEX2, RT2870),
292 RUN_DEV(PLANEX2, RT3070),
293 RUN_DEV(QCOM, RT2870),
294 RUN_DEV(QUANTA, RT3070),
295 RUN_DEV(RALINK, RT2070),
296 RUN_DEV(RALINK, RT2770),
297 RUN_DEV(RALINK, RT2870),
298 RUN_DEV(RALINK, RT3070),
299 RUN_DEV(RALINK, RT3071),
300 RUN_DEV(RALINK, RT3072),
301 RUN_DEV(RALINK, RT3370),
302 RUN_DEV(RALINK, RT3572),
303 RUN_DEV(RALINK, RT3573),
304 RUN_DEV(RALINK, RT5370),
305 RUN_DEV(RALINK, RT5372),
306 RUN_DEV(RALINK, RT5572),
307 RUN_DEV(RALINK, RT8070),
308 RUN_DEV(SAMSUNG, WIS09ABGN),
309 RUN_DEV(SAMSUNG2, RT2870_1),
310 RUN_DEV(SENAO, RT2870_1),
311 RUN_DEV(SENAO, RT2870_2),
312 RUN_DEV(SENAO, RT2870_3),
313 RUN_DEV(SENAO, RT2870_4),
314 RUN_DEV(SENAO, RT3070),
315 RUN_DEV(SENAO, RT3071),
316 RUN_DEV(SENAO, RT3072_1),
317 RUN_DEV(SENAO, RT3072_2),
318 RUN_DEV(SENAO, RT3072_3),
319 RUN_DEV(SENAO, RT3072_4),
320 RUN_DEV(SENAO, RT3072_5),
321 RUN_DEV(SITECOMEU, RT2770),
322 RUN_DEV(SITECOMEU, RT2870_1),
323 RUN_DEV(SITECOMEU, RT2870_2),
324 RUN_DEV(SITECOMEU, RT2870_3),
325 RUN_DEV(SITECOMEU, RT2870_4),
326 RUN_DEV(SITECOMEU, RT3070),
327 RUN_DEV(SITECOMEU, RT3070_1),
328 RUN_DEV(SITECOMEU, RT3070_2),
329 RUN_DEV(SITECOMEU, RT3070_3),
330 RUN_DEV(SITECOMEU, RT3070_4),
331 RUN_DEV(SITECOMEU, RT3071),
332 RUN_DEV(SITECOMEU, RT3072_1),
333 RUN_DEV(SITECOMEU, RT3072_2),
334 RUN_DEV(SITECOMEU, RT3072_3),
335 RUN_DEV(SITECOMEU, RT3072_4),
336 RUN_DEV(SITECOMEU, RT3072_5),
337 RUN_DEV(SITECOMEU, RT3072_6),
338 RUN_DEV(SITECOMEU, WL608),
339 RUN_DEV(SPARKLAN, RT2870_1),
340 RUN_DEV(SPARKLAN, RT3070),
341 RUN_DEV(SWEEX2, LW153),
342 RUN_DEV(SWEEX2, LW303),
343 RUN_DEV(SWEEX2, LW313),
344 RUN_DEV(TOSHIBA, RT3070),
345 RUN_DEV(UMEDIA, RT2870_1),
346 RUN_DEV(ZCOM, RT2870_1),
347 RUN_DEV(ZCOM, RT2870_2),
348 RUN_DEV(ZINWELL, RT2870_1),
349 RUN_DEV(ZINWELL, RT2870_2),
350 RUN_DEV(ZINWELL, RT3070),
351 RUN_DEV(ZINWELL, RT3072_1),
352 RUN_DEV(ZINWELL, RT3072_2),
353 RUN_DEV(ZYXEL, RT2870_1),
354 RUN_DEV(ZYXEL, RT2870_2),
355 RUN_DEV(ZYXEL, RT3070),
356 RUN_DEV_EJECT(ZYXEL, NWD2705),
357 RUN_DEV_EJECT(RALINK, RT_STOR),
358 #undef RUN_DEV_EJECT
359 #undef RUN_DEV
360 };
361
362 static device_probe_t run_match;
363 static device_attach_t run_attach;
364 static device_detach_t run_detach;
365
366 static usb_callback_t run_bulk_rx_callback;
367 static usb_callback_t run_bulk_tx_callback0;
368 static usb_callback_t run_bulk_tx_callback1;
369 static usb_callback_t run_bulk_tx_callback2;
370 static usb_callback_t run_bulk_tx_callback3;
371 static usb_callback_t run_bulk_tx_callback4;
372 static usb_callback_t run_bulk_tx_callback5;
373
374 static void run_autoinst(void *, struct usb_device *,
375 struct usb_attach_arg *);
376 static int run_driver_loaded(struct module *, int, void *);
377 static void run_bulk_tx_callbackN(struct usb_xfer *xfer,
378 usb_error_t error, u_int index);
379 static struct ieee80211vap *run_vap_create(struct ieee80211com *,
380 const char [IFNAMSIZ], int, enum ieee80211_opmode, int,
381 const uint8_t [IEEE80211_ADDR_LEN],
382 const uint8_t [IEEE80211_ADDR_LEN]);
383 static void run_vap_delete(struct ieee80211vap *);
384 static void run_cmdq_cb(void *, int);
385 static void run_setup_tx_list(struct run_softc *,
386 struct run_endpoint_queue *);
387 static void run_unsetup_tx_list(struct run_softc *,
388 struct run_endpoint_queue *);
389 static int run_load_microcode(struct run_softc *);
390 static int run_reset(struct run_softc *);
391 static usb_error_t run_do_request(struct run_softc *,
392 struct usb_device_request *, void *);
393 static int run_read(struct run_softc *, uint16_t, uint32_t *);
394 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int);
395 static int run_write_2(struct run_softc *, uint16_t, uint16_t);
396 static int run_write(struct run_softc *, uint16_t, uint32_t);
397 static int run_write_region_1(struct run_softc *, uint16_t,
398 const uint8_t *, int);
399 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int);
400 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int);
401 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *);
402 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *);
403 static int run_rt2870_rf_write(struct run_softc *, uint32_t);
404 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *);
405 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t);
406 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *);
407 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t);
408 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t);
409 static const char *run_get_rf(uint16_t);
410 static void run_rt3593_get_txpower(struct run_softc *);
411 static void run_get_txpower(struct run_softc *);
412 static int run_read_eeprom(struct run_softc *);
413 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *,
414 const uint8_t mac[IEEE80211_ADDR_LEN]);
415 static int run_media_change(if_t);
416 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int);
417 static int run_wme_update(struct ieee80211com *);
418 static void run_key_set_cb(void *);
419 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *);
420 static void run_key_delete_cb(void *);
421 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *);
422 static void run_ratectl_to(void *);
423 static void run_ratectl_cb(void *, int);
424 static void run_drain_fifo(void *);
425 static void run_iter_func(void *, struct ieee80211_node *);
426 static void run_newassoc_cb(void *);
427 static void run_newassoc(struct ieee80211_node *, int);
428 static void run_recv_mgmt(struct ieee80211_node *, struct mbuf *, int,
429 const struct ieee80211_rx_stats *, int, int);
430 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t);
431 static void run_tx_free(struct run_endpoint_queue *pq,
432 struct run_tx_data *, int);
433 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *);
434 static int run_tx(struct run_softc *, struct mbuf *,
435 struct ieee80211_node *);
436 static int run_tx_mgt(struct run_softc *, struct mbuf *,
437 struct ieee80211_node *);
438 static int run_sendprot(struct run_softc *, const struct mbuf *,
439 struct ieee80211_node *, int, int);
440 static int run_tx_param(struct run_softc *, struct mbuf *,
441 struct ieee80211_node *,
442 const struct ieee80211_bpf_params *);
443 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *,
444 const struct ieee80211_bpf_params *);
445 static int run_transmit(struct ieee80211com *, struct mbuf *);
446 static void run_start(struct run_softc *);
447 static void run_parent(struct ieee80211com *);
448 static void run_iq_calib(struct run_softc *, u_int);
449 static void run_set_agc(struct run_softc *, uint8_t);
450 static void run_select_chan_group(struct run_softc *, int);
451 static void run_set_rx_antenna(struct run_softc *, int);
452 static void run_rt2870_set_chan(struct run_softc *, u_int);
453 static void run_rt3070_set_chan(struct run_softc *, u_int);
454 static void run_rt3572_set_chan(struct run_softc *, u_int);
455 static void run_rt3593_set_chan(struct run_softc *, u_int);
456 static void run_rt5390_set_chan(struct run_softc *, u_int);
457 static void run_rt5592_set_chan(struct run_softc *, u_int);
458 static int run_set_chan(struct run_softc *, struct ieee80211_channel *);
459 static void run_set_channel(struct ieee80211com *);
460 static void run_getradiocaps(struct ieee80211com *, int, int *,
461 struct ieee80211_channel[]);
462 static void run_scan_start(struct ieee80211com *);
463 static void run_scan_end(struct ieee80211com *);
464 static void run_update_beacon(struct ieee80211vap *, int);
465 static void run_update_beacon_cb(void *);
466 static void run_updateprot(struct ieee80211com *);
467 static void run_updateprot_cb(void *);
468 static void run_usb_timeout_cb(void *);
469 static void run_reset_livelock(struct run_softc *);
470 static void run_enable_tsf_sync(struct run_softc *);
471 static void run_enable_tsf(struct run_softc *);
472 static void run_disable_tsf(struct run_softc *);
473 static void run_get_tsf(struct run_softc *, uint64_t *);
474 static void run_enable_mrr(struct run_softc *);
475 static void run_set_txpreamble(struct run_softc *);
476 static void run_set_basicrates(struct run_softc *);
477 static void run_set_leds(struct run_softc *, uint16_t);
478 static void run_set_bssid(struct run_softc *, const uint8_t *);
479 static void run_set_macaddr(struct run_softc *, const uint8_t *);
480 static void run_updateslot(struct ieee80211com *);
481 static void run_updateslot_cb(void *);
482 static void run_update_mcast(struct ieee80211com *);
483 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t);
484 static void run_update_promisc_locked(struct run_softc *);
485 static void run_update_promisc(struct ieee80211com *);
486 static void run_rt5390_bbp_init(struct run_softc *);
487 static int run_bbp_init(struct run_softc *);
488 static int run_rt3070_rf_init(struct run_softc *);
489 static void run_rt3593_rf_init(struct run_softc *);
490 static void run_rt5390_rf_init(struct run_softc *);
491 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t,
492 uint8_t *);
493 static void run_rt3070_rf_setup(struct run_softc *);
494 static void run_rt3593_rf_setup(struct run_softc *);
495 static void run_rt5390_rf_setup(struct run_softc *);
496 static int run_txrx_enable(struct run_softc *);
497 static void run_adjust_freq_offset(struct run_softc *);
498 static void run_init_locked(struct run_softc *);
499 static void run_stop(void *);
500 static void run_delay(struct run_softc *, u_int);
501 static void run_update_chw(struct ieee80211com *ic);
502 static int run_ampdu_enable(struct ieee80211_node *ni,
503 struct ieee80211_tx_ampdu *tap);
504
505 static eventhandler_tag run_etag;
506
507 static const struct rt2860_rate {
508 uint8_t rate;
509 uint8_t mcs;
510 enum ieee80211_phytype phy;
511 uint8_t ctl_ridx;
512 uint16_t sp_ack_dur;
513 uint16_t lp_ack_dur;
514 } rt2860_rates[] = {
515 /* CCK rates (11b) */
516 { 2, 0, IEEE80211_T_DS, 0, 314, 314 },
517 { 4, 1, IEEE80211_T_DS, 1, 258, 162 },
518 { 11, 2, IEEE80211_T_DS, 2, 223, 127 },
519 { 22, 3, IEEE80211_T_DS, 3, 213, 117 },
520
521 /* OFDM rates (11a / 11g) */
522 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 },
523 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 },
524 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 },
525 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 },
526 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 },
527 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 },
528 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 },
529 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 },
530
531 /* MCS - single stream */
532 { 0x80, 0, IEEE80211_T_HT, 4, 60, 60 },
533 { 0x81, 1, IEEE80211_T_HT, 4, 60, 60 },
534 { 0x82, 2, IEEE80211_T_HT, 4, 60, 60 },
535 { 0x83, 3, IEEE80211_T_HT, 4, 60, 60 },
536 { 0x84, 4, IEEE80211_T_HT, 4, 60, 60 },
537 { 0x85, 5, IEEE80211_T_HT, 4, 60, 60 },
538 { 0x86, 6, IEEE80211_T_HT, 4, 60, 60 },
539 { 0x87, 7, IEEE80211_T_HT, 4, 60, 60 },
540
541 /* MCS - 2 streams */
542 { 0x88, 8, IEEE80211_T_HT, 4, 60, 60 },
543 { 0x89, 9, IEEE80211_T_HT, 4, 60, 60 },
544 { 0x8a, 10, IEEE80211_T_HT, 4, 60, 60 },
545 { 0x8b, 11, IEEE80211_T_HT, 4, 60, 60 },
546 { 0x8c, 12, IEEE80211_T_HT, 4, 60, 60 },
547 { 0x8d, 13, IEEE80211_T_HT, 4, 60, 60 },
548 { 0x8e, 14, IEEE80211_T_HT, 4, 60, 60 },
549 { 0x8f, 15, IEEE80211_T_HT, 4, 60, 60 },
550
551 /* MCS - 3 streams */
552 { 0x90, 16, IEEE80211_T_HT, 4, 60, 60 },
553 { 0x91, 17, IEEE80211_T_HT, 4, 60, 60 },
554 { 0x92, 18, IEEE80211_T_HT, 4, 60, 60 },
555 { 0x93, 19, IEEE80211_T_HT, 4, 60, 60 },
556 { 0x94, 20, IEEE80211_T_HT, 4, 60, 60 },
557 { 0x95, 21, IEEE80211_T_HT, 4, 60, 60 },
558 { 0x96, 22, IEEE80211_T_HT, 4, 60, 60 },
559 { 0x97, 23, IEEE80211_T_HT, 4, 60, 60 },
560 };
561
562 /* These are indexes into the above rt2860_rates[] array */
563 #define RT2860_RIDX_CCK1 0
564 #define RT2860_RIDX_CCK11 3
565 #define RT2860_RIDX_OFDM6 4
566 #define RT2860_RIDX_MCS0 12
567 #define RT2860_RIDX_MAX 36
568
569 static const struct {
570 uint16_t reg;
571 uint32_t val;
572 } rt2870_def_mac[] = {
573 RT2870_DEF_MAC
574 };
575
576 static const struct {
577 uint8_t reg;
578 uint8_t val;
579 } rt2860_def_bbp[] = {
580 RT2860_DEF_BBP
581 },rt5390_def_bbp[] = {
582 RT5390_DEF_BBP
583 },rt5592_def_bbp[] = {
584 RT5592_DEF_BBP
585 };
586
587 /*
588 * Default values for BBP register R196 for RT5592.
589 */
590 static const uint8_t rt5592_bbp_r196[] = {
591 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00,
592 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36,
593 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40,
594 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41,
595 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16,
596 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00,
597 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
598 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c,
599 0x2e, 0x36, 0x30, 0x6e
600 };
601
602 static const struct rfprog {
603 uint8_t chan;
604 uint32_t r1, r2, r3, r4;
605 } rt2860_rf2850[] = {
606 RT2860_RF2850
607 };
608
609 struct {
610 uint8_t n, r, k;
611 } rt3070_freqs[] = {
612 RT3070_RF3052
613 };
614
615 static const struct rt5592_freqs {
616 uint16_t n;
617 uint8_t k, m, r;
618 } rt5592_freqs_20mhz[] = {
619 RT5592_RF5592_20MHZ
620 },rt5592_freqs_40mhz[] = {
621 RT5592_RF5592_40MHZ
622 };
623
624 static const struct {
625 uint8_t reg;
626 uint8_t val;
627 } rt3070_def_rf[] = {
628 RT3070_DEF_RF
629 },rt3572_def_rf[] = {
630 RT3572_DEF_RF
631 },rt3593_def_rf[] = {
632 RT3593_DEF_RF
633 },rt5390_def_rf[] = {
634 RT5390_DEF_RF
635 },rt5392_def_rf[] = {
636 RT5392_DEF_RF
637 },rt5592_def_rf[] = {
638 RT5592_DEF_RF
639 },rt5592_2ghz_def_rf[] = {
640 RT5592_2GHZ_DEF_RF
641 },rt5592_5ghz_def_rf[] = {
642 RT5592_5GHZ_DEF_RF
643 };
644
645 static const struct {
646 u_int firstchan;
647 u_int lastchan;
648 uint8_t reg;
649 uint8_t val;
650 } rt5592_chan_5ghz[] = {
651 RT5592_CHAN_5GHZ
652 };
653
654 static const struct usb_config run_config[RUN_N_XFER] = {
655 [RUN_BULK_TX_BE] = {
656 .type = UE_BULK,
657 .endpoint = UE_ADDR_ANY,
658 .ep_index = 0,
659 .direction = UE_DIR_OUT,
660 .bufsize = RUN_MAX_TXSZ,
661 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
662 .callback = run_bulk_tx_callback0,
663 .timeout = 5000, /* ms */
664 },
665 [RUN_BULK_TX_BK] = {
666 .type = UE_BULK,
667 .endpoint = UE_ADDR_ANY,
668 .direction = UE_DIR_OUT,
669 .ep_index = 1,
670 .bufsize = RUN_MAX_TXSZ,
671 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
672 .callback = run_bulk_tx_callback1,
673 .timeout = 5000, /* ms */
674 },
675 [RUN_BULK_TX_VI] = {
676 .type = UE_BULK,
677 .endpoint = UE_ADDR_ANY,
678 .direction = UE_DIR_OUT,
679 .ep_index = 2,
680 .bufsize = RUN_MAX_TXSZ,
681 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
682 .callback = run_bulk_tx_callback2,
683 .timeout = 5000, /* ms */
684 },
685 [RUN_BULK_TX_VO] = {
686 .type = UE_BULK,
687 .endpoint = UE_ADDR_ANY,
688 .direction = UE_DIR_OUT,
689 .ep_index = 3,
690 .bufsize = RUN_MAX_TXSZ,
691 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
692 .callback = run_bulk_tx_callback3,
693 .timeout = 5000, /* ms */
694 },
695 [RUN_BULK_TX_HCCA] = {
696 .type = UE_BULK,
697 .endpoint = UE_ADDR_ANY,
698 .direction = UE_DIR_OUT,
699 .ep_index = 4,
700 .bufsize = RUN_MAX_TXSZ,
701 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,},
702 .callback = run_bulk_tx_callback4,
703 .timeout = 5000, /* ms */
704 },
705 [RUN_BULK_TX_PRIO] = {
706 .type = UE_BULK,
707 .endpoint = UE_ADDR_ANY,
708 .direction = UE_DIR_OUT,
709 .ep_index = 5,
710 .bufsize = RUN_MAX_TXSZ,
711 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,},
712 .callback = run_bulk_tx_callback5,
713 .timeout = 5000, /* ms */
714 },
715 [RUN_BULK_RX] = {
716 .type = UE_BULK,
717 .endpoint = UE_ADDR_ANY,
718 .direction = UE_DIR_IN,
719 .bufsize = RUN_MAX_RXSZ,
720 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,},
721 .callback = run_bulk_rx_callback,
722 }
723 };
724
725 static void
run_autoinst(void * arg,struct usb_device * udev,struct usb_attach_arg * uaa)726 run_autoinst(void *arg, struct usb_device *udev,
727 struct usb_attach_arg *uaa)
728 {
729 struct usb_interface *iface;
730 struct usb_interface_descriptor *id;
731
732 if (uaa->dev_state != UAA_DEV_READY)
733 return;
734
735 iface = usbd_get_iface(udev, 0);
736 if (iface == NULL)
737 return;
738 id = iface->idesc;
739 if (id == NULL || id->bInterfaceClass != UICLASS_MASS)
740 return;
741 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa))
742 return;
743
744 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0)
745 uaa->dev_state = UAA_DEV_EJECTING;
746 }
747
748 static int
run_driver_loaded(struct module * mod,int what,void * arg)749 run_driver_loaded(struct module *mod, int what, void *arg)
750 {
751 switch (what) {
752 case MOD_LOAD:
753 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured,
754 run_autoinst, NULL, EVENTHANDLER_PRI_ANY);
755 break;
756 case MOD_UNLOAD:
757 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag);
758 break;
759 default:
760 return (EOPNOTSUPP);
761 }
762 return (0);
763 }
764
765 static int
run_match(device_t self)766 run_match(device_t self)
767 {
768 struct usb_attach_arg *uaa = device_get_ivars(self);
769
770 if (uaa->usb_mode != USB_MODE_HOST)
771 return (ENXIO);
772 if (uaa->info.bConfigIndex != 0)
773 return (ENXIO);
774 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX)
775 return (ENXIO);
776
777 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa));
778 }
779
780 static int
run_attach(device_t self)781 run_attach(device_t self)
782 {
783 struct run_softc *sc = device_get_softc(self);
784 struct usb_attach_arg *uaa = device_get_ivars(self);
785 struct ieee80211com *ic = &sc->sc_ic;
786 uint32_t ver;
787 uint8_t iface_index;
788 int ntries, error;
789
790 device_set_usb_desc(self);
791 sc->sc_udev = uaa->device;
792 sc->sc_dev = self;
793 if (USB_GET_DRIVER_INFO(uaa) != RUN_EJECT)
794 sc->sc_flags |= RUN_FLAG_FWLOAD_NEEDED;
795
796 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev),
797 MTX_NETWORK_LOCK, MTX_DEF);
798 mbufq_init(&sc->sc_snd, ifqmaxlen);
799
800 iface_index = RT2860_IFACE_INDEX;
801
802 error = usbd_transfer_setup(uaa->device, &iface_index,
803 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx);
804 if (error) {
805 device_printf(self, "could not allocate USB transfers, "
806 "err=%s\n", usbd_errstr(error));
807 goto detach;
808 }
809
810 RUN_LOCK(sc);
811
812 /* wait for the chip to settle */
813 for (ntries = 0; ntries < 100; ntries++) {
814 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) {
815 RUN_UNLOCK(sc);
816 goto detach;
817 }
818 if (ver != 0 && ver != 0xffffffff)
819 break;
820 run_delay(sc, 10);
821 }
822 if (ntries == 100) {
823 device_printf(sc->sc_dev,
824 "timeout waiting for NIC to initialize\n");
825 RUN_UNLOCK(sc);
826 goto detach;
827 }
828 sc->mac_ver = ver >> 16;
829 sc->mac_rev = ver & 0xffff;
830
831 /* retrieve RF rev. no and various other things from EEPROM */
832 run_read_eeprom(sc);
833
834 device_printf(sc->sc_dev,
835 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n",
836 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev),
837 sc->ntxchains, sc->nrxchains, ether_sprintf(ic->ic_macaddr));
838
839 RUN_UNLOCK(sc);
840
841 ic->ic_softc = sc;
842 ic->ic_name = device_get_nameunit(self);
843 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
844 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
845
846 /* set device capabilities */
847 ic->ic_caps =
848 IEEE80211_C_STA | /* station mode supported */
849 IEEE80211_C_MONITOR | /* monitor mode supported */
850 IEEE80211_C_IBSS |
851 IEEE80211_C_HOSTAP |
852 IEEE80211_C_WDS | /* 4-address traffic works */
853 IEEE80211_C_MBSS |
854 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
855 IEEE80211_C_SHSLOT | /* short slot time supported */
856 IEEE80211_C_SWAMSDUTX | /* Do software A-MSDU TX */
857 IEEE80211_C_FF | /* Atheros fast-frames */
858 IEEE80211_C_WME | /* WME */
859 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */
860
861 /*
862 * RF2020 is not an 11n device.
863 */
864 if (sc->rf_rev != RT3070_RF_2020) {
865 device_printf(sc->sc_dev, "[HT] Enabling 802.11n\n");
866 ic->ic_htcaps =
867 IEEE80211_HTC_HT |
868 IEEE80211_HTC_AMPDU |
869 IEEE80211_HTC_AMSDU |
870 IEEE80211_HTCAP_MAXAMSDU_3839 |
871 IEEE80211_HTCAP_SMPS_OFF;
872
873 ic->ic_rxstream = sc->nrxchains;
874 ic->ic_txstream = sc->ntxchains;
875 }
876
877 ic->ic_cryptocaps =
878 IEEE80211_CRYPTO_WEP |
879 IEEE80211_CRYPTO_AES_CCM |
880 IEEE80211_CRYPTO_TKIPMIC |
881 IEEE80211_CRYPTO_TKIP;
882
883 ic->ic_flags |= IEEE80211_F_DATAPAD;
884 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
885 ic->ic_flags_ext |= IEEE80211_FEXT_SEQNO_OFFLOAD;
886
887 run_getradiocaps(ic, IEEE80211_CHAN_MAX, &ic->ic_nchans,
888 ic->ic_channels);
889
890 ieee80211_ifattach(ic);
891
892 ic->ic_scan_start = run_scan_start;
893 ic->ic_scan_end = run_scan_end;
894 ic->ic_set_channel = run_set_channel;
895 ic->ic_getradiocaps = run_getradiocaps;
896 ic->ic_node_alloc = run_node_alloc;
897 ic->ic_newassoc = run_newassoc;
898 ic->ic_updateslot = run_updateslot;
899 ic->ic_update_mcast = run_update_mcast;
900 ic->ic_wme.wme_update = run_wme_update;
901 ic->ic_raw_xmit = run_raw_xmit;
902 ic->ic_update_promisc = run_update_promisc;
903 ic->ic_vap_create = run_vap_create;
904 ic->ic_vap_delete = run_vap_delete;
905 ic->ic_transmit = run_transmit;
906 ic->ic_parent = run_parent;
907 ic->ic_update_chw = run_update_chw;
908 ic->ic_ampdu_enable = run_ampdu_enable;
909
910 ieee80211_radiotap_attach(ic,
911 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap),
912 RUN_TX_RADIOTAP_PRESENT,
913 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap),
914 RUN_RX_RADIOTAP_PRESENT);
915
916 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc);
917 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc);
918 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0);
919
920 if (bootverbose)
921 ieee80211_announce(ic);
922
923 return (0);
924
925 detach:
926 run_detach(self);
927 return (ENXIO);
928 }
929
930 static void
run_drain_mbufq(struct run_softc * sc)931 run_drain_mbufq(struct run_softc *sc)
932 {
933 struct mbuf *m;
934 struct ieee80211_node *ni;
935
936 RUN_LOCK_ASSERT(sc, MA_OWNED);
937 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
938 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
939 m->m_pkthdr.rcvif = NULL;
940 ieee80211_free_node(ni);
941 m_freem(m);
942 }
943 }
944
945 static int
run_detach(device_t self)946 run_detach(device_t self)
947 {
948 struct run_softc *sc = device_get_softc(self);
949 struct ieee80211com *ic = &sc->sc_ic;
950 int i;
951
952 RUN_LOCK(sc);
953 sc->sc_detached = 1;
954 RUN_UNLOCK(sc);
955
956 /* stop all USB transfers */
957 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER);
958
959 RUN_LOCK(sc);
960 sc->ratectl_run = RUN_RATECTL_OFF;
961 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT;
962
963 /* free TX list, if any */
964 for (i = 0; i != RUN_EP_QUEUES; i++)
965 run_unsetup_tx_list(sc, &sc->sc_epq[i]);
966
967 /* Free TX queue */
968 run_drain_mbufq(sc);
969 RUN_UNLOCK(sc);
970
971 if (sc->sc_ic.ic_softc == sc) {
972 /* drain tasks */
973 usb_callout_drain(&sc->ratectl_ch);
974 ieee80211_draintask(ic, &sc->cmdq_task);
975 ieee80211_draintask(ic, &sc->ratectl_task);
976 ieee80211_ifdetach(ic);
977 }
978
979 mtx_destroy(&sc->sc_mtx);
980
981 return (0);
982 }
983
984 static struct ieee80211vap *
run_vap_create(struct ieee80211com * ic,const char name[IFNAMSIZ],int unit,enum ieee80211_opmode opmode,int flags,const uint8_t bssid[IEEE80211_ADDR_LEN],const uint8_t mac[IEEE80211_ADDR_LEN])985 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit,
986 enum ieee80211_opmode opmode, int flags,
987 const uint8_t bssid[IEEE80211_ADDR_LEN],
988 const uint8_t mac[IEEE80211_ADDR_LEN])
989 {
990 struct run_softc *sc = ic->ic_softc;
991 struct run_vap *rvp;
992 struct ieee80211vap *vap;
993 int i;
994
995 if (sc->rvp_cnt >= RUN_VAP_MAX) {
996 device_printf(sc->sc_dev, "number of VAPs maxed out\n");
997 return (NULL);
998 }
999
1000 switch (opmode) {
1001 case IEEE80211_M_STA:
1002 /* enable s/w bmiss handling for sta mode */
1003 flags |= IEEE80211_CLONE_NOBEACONS;
1004 /* fall though */
1005 case IEEE80211_M_IBSS:
1006 case IEEE80211_M_MONITOR:
1007 case IEEE80211_M_HOSTAP:
1008 case IEEE80211_M_MBSS:
1009 /* other than WDS vaps, only one at a time */
1010 if (!TAILQ_EMPTY(&ic->ic_vaps))
1011 return (NULL);
1012 break;
1013 case IEEE80211_M_WDS:
1014 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){
1015 if(vap->iv_opmode != IEEE80211_M_HOSTAP)
1016 continue;
1017 /* WDS vap's always share the local mac address. */
1018 flags &= ~IEEE80211_CLONE_BSSID;
1019 break;
1020 }
1021 if (vap == NULL) {
1022 device_printf(sc->sc_dev,
1023 "wds only supported in ap mode\n");
1024 return (NULL);
1025 }
1026 break;
1027 default:
1028 device_printf(sc->sc_dev, "unknown opmode %d\n", opmode);
1029 return (NULL);
1030 }
1031
1032 rvp = malloc(sizeof(struct run_vap), M_80211_VAP, M_WAITOK | M_ZERO);
1033 vap = &rvp->vap;
1034
1035 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, flags,
1036 bssid) != 0) {
1037 /* out of memory */
1038 free(rvp, M_80211_VAP);
1039 return (NULL);
1040 }
1041
1042 vap->iv_update_beacon = run_update_beacon;
1043 vap->iv_max_aid = RT2870_WCID_MAX;
1044
1045 /*
1046 * The linux rt2800 driver limits 1 stream devices to a 32KB
1047 * RX AMPDU.
1048 */
1049 if (ic->ic_rxstream > 1)
1050 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K;
1051 else
1052 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_32K;
1053 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_2; /* 2uS */
1054
1055 /*
1056 * To delete the right key from h/w, we need wcid.
1057 * Luckily, there is unused space in ieee80211_key{}, wk_pad,
1058 * and matching wcid will be written into there. So, cast
1059 * some spells to remove 'const' from ieee80211_key{}
1060 */
1061 vap->iv_key_delete = (void *)run_key_delete;
1062 vap->iv_key_set = (void *)run_key_set;
1063
1064 /* override state transition machine */
1065 rvp->newstate = vap->iv_newstate;
1066 vap->iv_newstate = run_newstate;
1067 if (opmode == IEEE80211_M_IBSS) {
1068 rvp->recv_mgmt = vap->iv_recv_mgmt;
1069 vap->iv_recv_mgmt = run_recv_mgmt;
1070 }
1071
1072 ieee80211_ratectl_init(vap);
1073 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */);
1074
1075 /* complete setup */
1076 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status,
1077 mac);
1078
1079 /* make sure id is always unique */
1080 for (i = 0; i < RUN_VAP_MAX; i++) {
1081 if((sc->rvp_bmap & 1 << i) == 0){
1082 sc->rvp_bmap |= 1 << i;
1083 rvp->rvp_id = i;
1084 break;
1085 }
1086 }
1087 if (sc->rvp_cnt++ == 0)
1088 ic->ic_opmode = opmode;
1089
1090 if (opmode == IEEE80211_M_HOSTAP)
1091 sc->cmdq_run = RUN_CMDQ_GO;
1092
1093 RUN_DPRINTF(sc, RUN_DEBUG_STATE, "rvp_id=%d bmap=%x rvp_cnt=%d\n",
1094 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt);
1095
1096 return (vap);
1097 }
1098
1099 static void
run_vap_delete(struct ieee80211vap * vap)1100 run_vap_delete(struct ieee80211vap *vap)
1101 {
1102 struct run_vap *rvp = RUN_VAP(vap);
1103 struct ieee80211com *ic;
1104 struct run_softc *sc;
1105 uint8_t rvp_id;
1106
1107 if (vap == NULL)
1108 return;
1109
1110 ic = vap->iv_ic;
1111 sc = ic->ic_softc;
1112
1113 RUN_LOCK(sc);
1114
1115 m_freem(rvp->beacon_mbuf);
1116 rvp->beacon_mbuf = NULL;
1117
1118 rvp_id = rvp->rvp_id;
1119 sc->ratectl_run &= ~(1 << rvp_id);
1120 sc->rvp_bmap &= ~(1 << rvp_id);
1121 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128);
1122 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512);
1123 --sc->rvp_cnt;
1124
1125 RUN_DPRINTF(sc, RUN_DEBUG_STATE,
1126 "vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n",
1127 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt);
1128
1129 RUN_UNLOCK(sc);
1130
1131 ieee80211_ratectl_deinit(vap);
1132 ieee80211_vap_detach(vap);
1133 free(rvp, M_80211_VAP);
1134 }
1135
1136 /*
1137 * There are numbers of functions need to be called in context thread.
1138 * Rather than creating taskqueue event for each of those functions,
1139 * here is all-for-one taskqueue callback function. This function
1140 * guarantees deferred functions are executed in the same order they
1141 * were enqueued.
1142 * '& RUN_CMDQ_MASQ' is to loop cmdq[].
1143 */
1144 static void
run_cmdq_cb(void * arg,int pending)1145 run_cmdq_cb(void *arg, int pending)
1146 {
1147 struct run_softc *sc = arg;
1148 uint8_t i;
1149
1150 /* call cmdq[].func locked */
1151 RUN_LOCK(sc);
1152 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending;
1153 i = sc->cmdq_exec, pending--) {
1154 RUN_DPRINTF(sc, RUN_DEBUG_CMD, "cmdq_exec=%d pending=%d\n",
1155 i, pending);
1156 if (sc->cmdq_run == RUN_CMDQ_GO) {
1157 /*
1158 * If arg0 is NULL, callback func needs more
1159 * than one arg. So, pass ptr to cmdq struct.
1160 */
1161 if (sc->cmdq[i].arg0)
1162 sc->cmdq[i].func(sc->cmdq[i].arg0);
1163 else
1164 sc->cmdq[i].func(&sc->cmdq[i]);
1165 }
1166 sc->cmdq[i].arg0 = NULL;
1167 sc->cmdq[i].func = NULL;
1168 sc->cmdq_exec++;
1169 sc->cmdq_exec &= RUN_CMDQ_MASQ;
1170 }
1171 RUN_UNLOCK(sc);
1172 }
1173
1174 static void
run_setup_tx_list(struct run_softc * sc,struct run_endpoint_queue * pq)1175 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq)
1176 {
1177 struct run_tx_data *data;
1178
1179 memset(pq, 0, sizeof(*pq));
1180
1181 STAILQ_INIT(&pq->tx_qh);
1182 STAILQ_INIT(&pq->tx_fh);
1183
1184 for (data = &pq->tx_data[0];
1185 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) {
1186 data->sc = sc;
1187 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next);
1188 }
1189 pq->tx_nfree = RUN_TX_RING_COUNT;
1190 }
1191
1192 static void
run_unsetup_tx_list(struct run_softc * sc,struct run_endpoint_queue * pq)1193 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq)
1194 {
1195 struct run_tx_data *data;
1196
1197 /* make sure any subsequent use of the queues will fail */
1198 pq->tx_nfree = 0;
1199 STAILQ_INIT(&pq->tx_fh);
1200 STAILQ_INIT(&pq->tx_qh);
1201
1202 /* free up all node references and mbufs */
1203 for (data = &pq->tx_data[0];
1204 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) {
1205 if (data->m != NULL) {
1206 m_freem(data->m);
1207 data->m = NULL;
1208 }
1209 if (data->ni != NULL) {
1210 ieee80211_free_node(data->ni);
1211 data->ni = NULL;
1212 }
1213 }
1214 }
1215
1216 static int
run_load_microcode(struct run_softc * sc)1217 run_load_microcode(struct run_softc *sc)
1218 {
1219 usb_device_request_t req;
1220 const struct firmware *fw;
1221 const u_char *base;
1222 uint32_t tmp;
1223 int ntries, error;
1224 const uint64_t *temp;
1225 uint64_t bytes;
1226
1227 RUN_UNLOCK(sc);
1228 fw = firmware_get("runfw");
1229 RUN_LOCK(sc);
1230 if (fw == NULL) {
1231 device_printf(sc->sc_dev,
1232 "failed loadfirmware of file %s\n", "runfw");
1233 return ENOENT;
1234 }
1235
1236 if (fw->datasize != 8192) {
1237 device_printf(sc->sc_dev,
1238 "invalid firmware size (should be 8KB)\n");
1239 error = EINVAL;
1240 goto fail;
1241 }
1242
1243 /*
1244 * RT3071/RT3072 use a different firmware
1245 * run-rt2870 (8KB) contains both,
1246 * first half (4KB) is for rt2870,
1247 * last half is for rt3071.
1248 */
1249 base = fw->data;
1250 if ((sc->mac_ver) != 0x2860 &&
1251 (sc->mac_ver) != 0x2872 &&
1252 (sc->mac_ver) != 0x3070) {
1253 base += 4096;
1254 }
1255
1256 /* cheap sanity check */
1257 temp = fw->data;
1258 bytes = *temp;
1259 if (bytes != be64toh(0xffffff0210280210ULL)) {
1260 device_printf(sc->sc_dev, "firmware checksum failed\n");
1261 error = EINVAL;
1262 goto fail;
1263 }
1264
1265 /* write microcode image */
1266 if (sc->sc_flags & RUN_FLAG_FWLOAD_NEEDED) {
1267 run_write_region_1(sc, RT2870_FW_BASE, base, 4096);
1268 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff);
1269 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff);
1270 }
1271
1272 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1273 req.bRequest = RT2870_RESET;
1274 USETW(req.wValue, 8);
1275 USETW(req.wIndex, 0);
1276 USETW(req.wLength, 0);
1277 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL))
1278 != 0) {
1279 device_printf(sc->sc_dev, "firmware reset failed\n");
1280 goto fail;
1281 }
1282
1283 run_delay(sc, 10);
1284
1285 run_write(sc, RT2860_H2M_BBPAGENT, 0);
1286 run_write(sc, RT2860_H2M_MAILBOX, 0);
1287 run_write(sc, RT2860_H2M_INTSRC, 0);
1288 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0)
1289 goto fail;
1290
1291 /* wait until microcontroller is ready */
1292 for (ntries = 0; ntries < 1000; ntries++) {
1293 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0)
1294 goto fail;
1295 if (tmp & RT2860_MCU_READY)
1296 break;
1297 run_delay(sc, 10);
1298 }
1299 if (ntries == 1000) {
1300 device_printf(sc->sc_dev,
1301 "timeout waiting for MCU to initialize\n");
1302 error = ETIMEDOUT;
1303 goto fail;
1304 }
1305 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n",
1306 (base == fw->data) ? "RT2870" : "RT3071",
1307 *(base + 4092), *(base + 4093));
1308
1309 fail:
1310 firmware_put(fw, FIRMWARE_UNLOAD);
1311 return (error);
1312 }
1313
1314 static int
run_reset(struct run_softc * sc)1315 run_reset(struct run_softc *sc)
1316 {
1317 usb_device_request_t req;
1318
1319 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1320 req.bRequest = RT2870_RESET;
1321 USETW(req.wValue, 1);
1322 USETW(req.wIndex, 0);
1323 USETW(req.wLength, 0);
1324 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL));
1325 }
1326
1327 static usb_error_t
run_do_request(struct run_softc * sc,struct usb_device_request * req,void * data)1328 run_do_request(struct run_softc *sc,
1329 struct usb_device_request *req, void *data)
1330 {
1331 usb_error_t err;
1332 int ntries = 10;
1333
1334 RUN_LOCK_ASSERT(sc, MA_OWNED);
1335
1336 while (ntries--) {
1337 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx,
1338 req, data, 0, NULL, 250 /* ms */);
1339 if (err == 0)
1340 break;
1341 RUN_DPRINTF(sc, RUN_DEBUG_USB,
1342 "Control request failed, %s (retrying)\n",
1343 usbd_errstr(err));
1344 run_delay(sc, 10);
1345 }
1346 return (err);
1347 }
1348
1349 static int
run_read(struct run_softc * sc,uint16_t reg,uint32_t * val)1350 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val)
1351 {
1352 uint32_t tmp;
1353 int error;
1354
1355 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp);
1356 if (error == 0)
1357 *val = le32toh(tmp);
1358 else
1359 *val = 0xffffffff;
1360 return (error);
1361 }
1362
1363 static int
run_read_region_1(struct run_softc * sc,uint16_t reg,uint8_t * buf,int len)1364 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len)
1365 {
1366 usb_device_request_t req;
1367
1368 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1369 req.bRequest = RT2870_READ_REGION_1;
1370 USETW(req.wValue, 0);
1371 USETW(req.wIndex, reg);
1372 USETW(req.wLength, len);
1373
1374 return (run_do_request(sc, &req, buf));
1375 }
1376
1377 static int
run_write_2(struct run_softc * sc,uint16_t reg,uint16_t val)1378 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val)
1379 {
1380 usb_device_request_t req;
1381
1382 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1383 req.bRequest = RT2870_WRITE_2;
1384 USETW(req.wValue, val);
1385 USETW(req.wIndex, reg);
1386 USETW(req.wLength, 0);
1387
1388 return (run_do_request(sc, &req, NULL));
1389 }
1390
1391 static int
run_write(struct run_softc * sc,uint16_t reg,uint32_t val)1392 run_write(struct run_softc *sc, uint16_t reg, uint32_t val)
1393 {
1394 int error;
1395
1396 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0)
1397 error = run_write_2(sc, reg + 2, val >> 16);
1398 return (error);
1399 }
1400
1401 static int
run_write_region_1(struct run_softc * sc,uint16_t reg,const uint8_t * buf,int len)1402 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf,
1403 int len)
1404 {
1405 #if 1
1406 int i, error = 0;
1407 /*
1408 * NB: the WRITE_REGION_1 command is not stable on RT2860.
1409 * We thus issue multiple WRITE_2 commands instead.
1410 */
1411 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n"));
1412 for (i = 0; i < len && error == 0; i += 2)
1413 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8);
1414 return (error);
1415 #else
1416 usb_device_request_t req;
1417 int error = 0;
1418
1419 /*
1420 * NOTE: It appears the WRITE_REGION_1 command cannot be
1421 * passed a huge amount of data, which will crash the
1422 * firmware. Limit amount of data passed to 64-bytes at a
1423 * time.
1424 */
1425 while (len > 0) {
1426 int delta = 64;
1427 if (delta > len)
1428 delta = len;
1429
1430 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1431 req.bRequest = RT2870_WRITE_REGION_1;
1432 USETW(req.wValue, 0);
1433 USETW(req.wIndex, reg);
1434 USETW(req.wLength, delta);
1435 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf));
1436 if (error != 0)
1437 break;
1438 reg += delta;
1439 buf += delta;
1440 len -= delta;
1441 }
1442 return (error);
1443 #endif
1444 }
1445
1446 static int
run_set_region_4(struct run_softc * sc,uint16_t reg,uint32_t val,int len)1447 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len)
1448 {
1449 int i, error = 0;
1450
1451 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n"));
1452 for (i = 0; i < len && error == 0; i += 4)
1453 error = run_write(sc, reg + i, val);
1454 return (error);
1455 }
1456
1457 static int
run_efuse_read(struct run_softc * sc,uint16_t addr,uint16_t * val,int count)1458 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count)
1459 {
1460 uint32_t tmp;
1461 uint16_t reg;
1462 int error, ntries;
1463
1464 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1465 return (error);
1466
1467 if (count == 2)
1468 addr *= 2;
1469 /*-
1470 * Read one 16-byte block into registers EFUSE_DATA[0-3]:
1471 * DATA0: F E D C
1472 * DATA1: B A 9 8
1473 * DATA2: 7 6 5 4
1474 * DATA3: 3 2 1 0
1475 */
1476 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK);
1477 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK;
1478 run_write(sc, RT3070_EFUSE_CTRL, tmp);
1479 for (ntries = 0; ntries < 100; ntries++) {
1480 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1481 return (error);
1482 if (!(tmp & RT3070_EFSROM_KICK))
1483 break;
1484 run_delay(sc, 2);
1485 }
1486 if (ntries == 100)
1487 return (ETIMEDOUT);
1488
1489 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) {
1490 *val = 0xffff; /* address not found */
1491 return (0);
1492 }
1493 /* determine to which 32-bit register our 16-bit word belongs */
1494 reg = RT3070_EFUSE_DATA3 - (addr & 0xc);
1495 if ((error = run_read(sc, reg, &tmp)) != 0)
1496 return (error);
1497
1498 tmp >>= (8 * (addr & 0x3));
1499 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff;
1500
1501 return (0);
1502 }
1503
1504 /* Read 16-bit from eFUSE ROM for RT3xxx. */
1505 static int
run_efuse_read_2(struct run_softc * sc,uint16_t addr,uint16_t * val)1506 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val)
1507 {
1508 return (run_efuse_read(sc, addr, val, 2));
1509 }
1510
1511 static int
run_eeprom_read_2(struct run_softc * sc,uint16_t addr,uint16_t * val)1512 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val)
1513 {
1514 usb_device_request_t req;
1515 uint16_t tmp;
1516 int error;
1517
1518 addr *= 2;
1519 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1520 req.bRequest = RT2870_EEPROM_READ;
1521 USETW(req.wValue, 0);
1522 USETW(req.wIndex, addr);
1523 USETW(req.wLength, sizeof(tmp));
1524
1525 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp);
1526 if (error == 0)
1527 *val = le16toh(tmp);
1528 else
1529 *val = 0xffff;
1530 return (error);
1531 }
1532
1533 static __inline int
run_srom_read(struct run_softc * sc,uint16_t addr,uint16_t * val)1534 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val)
1535 {
1536 /* either eFUSE ROM or EEPROM */
1537 return sc->sc_srom_read(sc, addr, val);
1538 }
1539
1540 static int
run_rt2870_rf_write(struct run_softc * sc,uint32_t val)1541 run_rt2870_rf_write(struct run_softc *sc, uint32_t val)
1542 {
1543 uint32_t tmp;
1544 int error, ntries;
1545
1546 for (ntries = 0; ntries < 10; ntries++) {
1547 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0)
1548 return (error);
1549 if (!(tmp & RT2860_RF_REG_CTRL))
1550 break;
1551 }
1552 if (ntries == 10)
1553 return (ETIMEDOUT);
1554
1555 return (run_write(sc, RT2860_RF_CSR_CFG0, val));
1556 }
1557
1558 static int
run_rt3070_rf_read(struct run_softc * sc,uint8_t reg,uint8_t * val)1559 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val)
1560 {
1561 uint32_t tmp;
1562 int error, ntries;
1563
1564 for (ntries = 0; ntries < 100; ntries++) {
1565 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1566 return (error);
1567 if (!(tmp & RT3070_RF_KICK))
1568 break;
1569 }
1570 if (ntries == 100)
1571 return (ETIMEDOUT);
1572
1573 tmp = RT3070_RF_KICK | reg << 8;
1574 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0)
1575 return (error);
1576
1577 for (ntries = 0; ntries < 100; ntries++) {
1578 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1579 return (error);
1580 if (!(tmp & RT3070_RF_KICK))
1581 break;
1582 }
1583 if (ntries == 100)
1584 return (ETIMEDOUT);
1585
1586 *val = tmp & 0xff;
1587 return (0);
1588 }
1589
1590 static int
run_rt3070_rf_write(struct run_softc * sc,uint8_t reg,uint8_t val)1591 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val)
1592 {
1593 uint32_t tmp;
1594 int error, ntries;
1595
1596 for (ntries = 0; ntries < 10; ntries++) {
1597 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1598 return (error);
1599 if (!(tmp & RT3070_RF_KICK))
1600 break;
1601 }
1602 if (ntries == 10)
1603 return (ETIMEDOUT);
1604
1605 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val;
1606 return (run_write(sc, RT3070_RF_CSR_CFG, tmp));
1607 }
1608
1609 static int
run_bbp_read(struct run_softc * sc,uint8_t reg,uint8_t * val)1610 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val)
1611 {
1612 uint32_t tmp;
1613 int ntries, error;
1614
1615 for (ntries = 0; ntries < 10; ntries++) {
1616 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1617 return (error);
1618 if (!(tmp & RT2860_BBP_CSR_KICK))
1619 break;
1620 }
1621 if (ntries == 10)
1622 return (ETIMEDOUT);
1623
1624 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8;
1625 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0)
1626 return (error);
1627
1628 for (ntries = 0; ntries < 10; ntries++) {
1629 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1630 return (error);
1631 if (!(tmp & RT2860_BBP_CSR_KICK))
1632 break;
1633 }
1634 if (ntries == 10)
1635 return (ETIMEDOUT);
1636
1637 *val = tmp & 0xff;
1638 return (0);
1639 }
1640
1641 static int
run_bbp_write(struct run_softc * sc,uint8_t reg,uint8_t val)1642 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val)
1643 {
1644 uint32_t tmp;
1645 int ntries, error;
1646
1647 for (ntries = 0; ntries < 10; ntries++) {
1648 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1649 return (error);
1650 if (!(tmp & RT2860_BBP_CSR_KICK))
1651 break;
1652 }
1653 if (ntries == 10)
1654 return (ETIMEDOUT);
1655
1656 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val;
1657 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp));
1658 }
1659
1660 /*
1661 * Send a command to the 8051 microcontroller unit.
1662 */
1663 static int
run_mcu_cmd(struct run_softc * sc,uint8_t cmd,uint16_t arg)1664 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg)
1665 {
1666 uint32_t tmp;
1667 int error, ntries;
1668
1669 for (ntries = 0; ntries < 100; ntries++) {
1670 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0)
1671 return error;
1672 if (!(tmp & RT2860_H2M_BUSY))
1673 break;
1674 }
1675 if (ntries == 100)
1676 return ETIMEDOUT;
1677
1678 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg;
1679 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0)
1680 error = run_write(sc, RT2860_HOST_CMD, cmd);
1681 return (error);
1682 }
1683
1684 /*
1685 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word.
1686 * Used to adjust per-rate Tx power registers.
1687 */
1688 static __inline uint32_t
b4inc(uint32_t b32,int8_t delta)1689 b4inc(uint32_t b32, int8_t delta)
1690 {
1691 int8_t i, b4;
1692
1693 for (i = 0; i < 8; i++) {
1694 b4 = b32 & 0xf;
1695 b4 += delta;
1696 if (b4 < 0)
1697 b4 = 0;
1698 else if (b4 > 0xf)
1699 b4 = 0xf;
1700 b32 = b32 >> 4 | b4 << 28;
1701 }
1702 return (b32);
1703 }
1704
1705 static const char *
run_get_rf(uint16_t rev)1706 run_get_rf(uint16_t rev)
1707 {
1708 switch (rev) {
1709 case RT2860_RF_2820: return "RT2820";
1710 case RT2860_RF_2850: return "RT2850";
1711 case RT2860_RF_2720: return "RT2720";
1712 case RT2860_RF_2750: return "RT2750";
1713 case RT3070_RF_3020: return "RT3020";
1714 case RT3070_RF_2020: return "RT2020";
1715 case RT3070_RF_3021: return "RT3021";
1716 case RT3070_RF_3022: return "RT3022";
1717 case RT3070_RF_3052: return "RT3052";
1718 case RT3593_RF_3053: return "RT3053";
1719 case RT5592_RF_5592: return "RT5592";
1720 case RT5390_RF_5370: return "RT5370";
1721 case RT5390_RF_5372: return "RT5372";
1722 }
1723 return ("unknown");
1724 }
1725
1726 static void
run_rt3593_get_txpower(struct run_softc * sc)1727 run_rt3593_get_txpower(struct run_softc *sc)
1728 {
1729 uint16_t addr, val;
1730 int i;
1731
1732 /* Read power settings for 2GHz channels. */
1733 for (i = 0; i < 14; i += 2) {
1734 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 :
1735 RT2860_EEPROM_PWR2GHZ_BASE1;
1736 run_srom_read(sc, addr + i / 2, &val);
1737 sc->txpow1[i + 0] = (int8_t)(val & 0xff);
1738 sc->txpow1[i + 1] = (int8_t)(val >> 8);
1739
1740 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 :
1741 RT2860_EEPROM_PWR2GHZ_BASE2;
1742 run_srom_read(sc, addr + i / 2, &val);
1743 sc->txpow2[i + 0] = (int8_t)(val & 0xff);
1744 sc->txpow2[i + 1] = (int8_t)(val >> 8);
1745
1746 if (sc->ntxchains == 3) {
1747 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2,
1748 &val);
1749 sc->txpow3[i + 0] = (int8_t)(val & 0xff);
1750 sc->txpow3[i + 1] = (int8_t)(val >> 8);
1751 }
1752 }
1753 /* Fix broken Tx power entries. */
1754 for (i = 0; i < 14; i++) {
1755 if (sc->txpow1[i] > 31)
1756 sc->txpow1[i] = 5;
1757 if (sc->txpow2[i] > 31)
1758 sc->txpow2[i] = 5;
1759 if (sc->ntxchains == 3) {
1760 if (sc->txpow3[i] > 31)
1761 sc->txpow3[i] = 5;
1762 }
1763 }
1764 /* Read power settings for 5GHz channels. */
1765 for (i = 0; i < 40; i += 2) {
1766 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val);
1767 sc->txpow1[i + 14] = (int8_t)(val & 0xff);
1768 sc->txpow1[i + 15] = (int8_t)(val >> 8);
1769
1770 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val);
1771 sc->txpow2[i + 14] = (int8_t)(val & 0xff);
1772 sc->txpow2[i + 15] = (int8_t)(val >> 8);
1773
1774 if (sc->ntxchains == 3) {
1775 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2,
1776 &val);
1777 sc->txpow3[i + 14] = (int8_t)(val & 0xff);
1778 sc->txpow3[i + 15] = (int8_t)(val >> 8);
1779 }
1780 }
1781 }
1782
1783 static void
run_get_txpower(struct run_softc * sc)1784 run_get_txpower(struct run_softc *sc)
1785 {
1786 uint16_t val;
1787 int i;
1788
1789 /* Read power settings for 2GHz channels. */
1790 for (i = 0; i < 14; i += 2) {
1791 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val);
1792 sc->txpow1[i + 0] = (int8_t)(val & 0xff);
1793 sc->txpow1[i + 1] = (int8_t)(val >> 8);
1794
1795 if (sc->mac_ver != 0x5390) {
1796 run_srom_read(sc,
1797 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val);
1798 sc->txpow2[i + 0] = (int8_t)(val & 0xff);
1799 sc->txpow2[i + 1] = (int8_t)(val >> 8);
1800 }
1801 }
1802 /* Fix broken Tx power entries. */
1803 for (i = 0; i < 14; i++) {
1804 if (sc->mac_ver >= 0x5390) {
1805 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 39)
1806 sc->txpow1[i] = 5;
1807 } else {
1808 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31)
1809 sc->txpow1[i] = 5;
1810 }
1811 if (sc->mac_ver > 0x5390) {
1812 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 39)
1813 sc->txpow2[i] = 5;
1814 } else if (sc->mac_ver < 0x5390) {
1815 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31)
1816 sc->txpow2[i] = 5;
1817 }
1818 RUN_DPRINTF(sc, RUN_DEBUG_TXPWR,
1819 "chan %d: power1=%d, power2=%d\n",
1820 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]);
1821 }
1822 /* Read power settings for 5GHz channels. */
1823 for (i = 0; i < 40; i += 2) {
1824 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val);
1825 sc->txpow1[i + 14] = (int8_t)(val & 0xff);
1826 sc->txpow1[i + 15] = (int8_t)(val >> 8);
1827
1828 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val);
1829 sc->txpow2[i + 14] = (int8_t)(val & 0xff);
1830 sc->txpow2[i + 15] = (int8_t)(val >> 8);
1831 }
1832 /* Fix broken Tx power entries. */
1833 for (i = 0; i < 40; i++ ) {
1834 if (sc->mac_ver != 0x5592) {
1835 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15)
1836 sc->txpow1[14 + i] = 5;
1837 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15)
1838 sc->txpow2[14 + i] = 5;
1839 }
1840 RUN_DPRINTF(sc, RUN_DEBUG_TXPWR,
1841 "chan %d: power1=%d, power2=%d\n",
1842 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i],
1843 sc->txpow2[14 + i]);
1844 }
1845 }
1846
1847 static int
run_read_eeprom(struct run_softc * sc)1848 run_read_eeprom(struct run_softc *sc)
1849 {
1850 struct ieee80211com *ic = &sc->sc_ic;
1851 int8_t delta_2ghz, delta_5ghz;
1852 uint32_t tmp;
1853 uint16_t val;
1854 int ridx, ant, i;
1855
1856 /* check whether the ROM is eFUSE ROM or EEPROM */
1857 sc->sc_srom_read = run_eeprom_read_2;
1858 if (sc->mac_ver >= 0x3070) {
1859 run_read(sc, RT3070_EFUSE_CTRL, &tmp);
1860 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "EFUSE_CTRL=0x%08x\n", tmp);
1861 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593)
1862 sc->sc_srom_read = run_efuse_read_2;
1863 }
1864
1865 /* read ROM version */
1866 run_srom_read(sc, RT2860_EEPROM_VERSION, &val);
1867 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
1868 "EEPROM rev=%d, FAE=%d\n", val >> 8, val & 0xff);
1869
1870 /* read MAC address */
1871 run_srom_read(sc, RT2860_EEPROM_MAC01, &val);
1872 ic->ic_macaddr[0] = val & 0xff;
1873 ic->ic_macaddr[1] = val >> 8;
1874 run_srom_read(sc, RT2860_EEPROM_MAC23, &val);
1875 ic->ic_macaddr[2] = val & 0xff;
1876 ic->ic_macaddr[3] = val >> 8;
1877 run_srom_read(sc, RT2860_EEPROM_MAC45, &val);
1878 ic->ic_macaddr[4] = val & 0xff;
1879 ic->ic_macaddr[5] = val >> 8;
1880
1881 if (sc->mac_ver < 0x3593) {
1882 /* read vender BBP settings */
1883 for (i = 0; i < 10; i++) {
1884 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val);
1885 sc->bbp[i].val = val & 0xff;
1886 sc->bbp[i].reg = val >> 8;
1887 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
1888 "BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val);
1889 }
1890 if (sc->mac_ver >= 0x3071) {
1891 /* read vendor RF settings */
1892 for (i = 0; i < 10; i++) {
1893 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i,
1894 &val);
1895 sc->rf[i].val = val & 0xff;
1896 sc->rf[i].reg = val >> 8;
1897 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "RF%d=0x%02x\n",
1898 sc->rf[i].reg, sc->rf[i].val);
1899 }
1900 }
1901 }
1902
1903 /* read RF frequency offset from EEPROM */
1904 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS :
1905 RT3593_EEPROM_FREQ, &val);
1906 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0;
1907 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "EEPROM freq offset %d\n",
1908 sc->freq & 0xff);
1909
1910 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS :
1911 RT3593_EEPROM_FREQ_LEDS, &val);
1912 if (val >> 8 != 0xff) {
1913 /* read LEDs operating mode */
1914 sc->leds = val >> 8;
1915 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 :
1916 RT3593_EEPROM_LED1, &sc->led[0]);
1917 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 :
1918 RT3593_EEPROM_LED2, &sc->led[1]);
1919 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 :
1920 RT3593_EEPROM_LED3, &sc->led[2]);
1921 } else {
1922 /* broken EEPROM, use default settings */
1923 sc->leds = 0x01;
1924 sc->led[0] = 0x5555;
1925 sc->led[1] = 0x2221;
1926 sc->led[2] = 0x5627; /* differs from RT2860 */
1927 }
1928 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
1929 "EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n",
1930 sc->leds, sc->led[0], sc->led[1], sc->led[2]);
1931
1932 /* read RF information */
1933 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392)
1934 run_srom_read(sc, 0x00, &val);
1935 else
1936 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val);
1937
1938 if (val == 0xffff) {
1939 device_printf(sc->sc_dev,
1940 "invalid EEPROM antenna info, using default\n");
1941 if (sc->mac_ver == 0x3572) {
1942 /* default to RF3052 2T2R */
1943 sc->rf_rev = RT3070_RF_3052;
1944 sc->ntxchains = 2;
1945 sc->nrxchains = 2;
1946 } else if (sc->mac_ver >= 0x3070) {
1947 /* default to RF3020 1T1R */
1948 sc->rf_rev = RT3070_RF_3020;
1949 sc->ntxchains = 1;
1950 sc->nrxchains = 1;
1951 } else {
1952 /* default to RF2820 1T2R */
1953 sc->rf_rev = RT2860_RF_2820;
1954 sc->ntxchains = 1;
1955 sc->nrxchains = 2;
1956 }
1957 } else {
1958 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) {
1959 sc->rf_rev = val;
1960 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val);
1961 } else
1962 sc->rf_rev = (val >> 8) & 0xf;
1963 sc->ntxchains = (val >> 4) & 0xf;
1964 sc->nrxchains = val & 0xf;
1965 }
1966 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "EEPROM RF rev=0x%04x chains=%dT%dR\n",
1967 sc->rf_rev, sc->ntxchains, sc->nrxchains);
1968
1969 /* check if RF supports automatic Tx access gain control */
1970 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val);
1971 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "EEPROM CFG 0x%04x\n", val);
1972 /* check if driver should patch the DAC issue */
1973 if ((val >> 8) != 0xff)
1974 sc->patch_dac = (val >> 15) & 1;
1975 if ((val & 0xff) != 0xff) {
1976 sc->ext_5ghz_lna = (val >> 3) & 1;
1977 sc->ext_2ghz_lna = (val >> 2) & 1;
1978 /* check if RF supports automatic Tx access gain control */
1979 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1;
1980 /* check if we have a hardware radio switch */
1981 sc->rfswitch = val & 1;
1982 }
1983
1984 /* Read Tx power settings. */
1985 if (sc->mac_ver == 0x3593)
1986 run_rt3593_get_txpower(sc);
1987 else
1988 run_get_txpower(sc);
1989
1990 /* read Tx power compensation for each Tx rate */
1991 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val);
1992 delta_2ghz = delta_5ghz = 0;
1993 if ((val & 0xff) != 0xff && (val & 0x80)) {
1994 delta_2ghz = val & 0xf;
1995 if (!(val & 0x40)) /* negative number */
1996 delta_2ghz = -delta_2ghz;
1997 }
1998 val >>= 8;
1999 if ((val & 0xff) != 0xff && (val & 0x80)) {
2000 delta_5ghz = val & 0xf;
2001 if (!(val & 0x40)) /* negative number */
2002 delta_5ghz = -delta_5ghz;
2003 }
2004 RUN_DPRINTF(sc, RUN_DEBUG_ROM | RUN_DEBUG_TXPWR,
2005 "power compensation=%d (2GHz), %d (5GHz)\n", delta_2ghz, delta_5ghz);
2006
2007 for (ridx = 0; ridx < 5; ridx++) {
2008 uint32_t reg;
2009
2010 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val);
2011 reg = val;
2012 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val);
2013 reg |= (uint32_t)val << 16;
2014
2015 sc->txpow20mhz[ridx] = reg;
2016 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz);
2017 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz);
2018
2019 RUN_DPRINTF(sc, RUN_DEBUG_ROM | RUN_DEBUG_TXPWR,
2020 "ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, "
2021 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx],
2022 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]);
2023 }
2024
2025 /* Read RSSI offsets and LNA gains from EEPROM. */
2026 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ :
2027 RT3593_EEPROM_RSSI1_2GHZ, &val);
2028 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */
2029 sc->rssi_2ghz[1] = val >> 8; /* Ant B */
2030 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ :
2031 RT3593_EEPROM_RSSI2_2GHZ, &val);
2032 if (sc->mac_ver >= 0x3070) {
2033 if (sc->mac_ver == 0x3593) {
2034 sc->txmixgain_2ghz = 0;
2035 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */
2036 } else {
2037 /*
2038 * On RT3070 chips (limited to 2 Rx chains), this ROM
2039 * field contains the Tx mixer gain for the 2GHz band.
2040 */
2041 if ((val & 0xff) != 0xff)
2042 sc->txmixgain_2ghz = val & 0x7;
2043 }
2044 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "tx mixer gain=%u (2GHz)\n",
2045 sc->txmixgain_2ghz);
2046 } else
2047 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */
2048 if (sc->mac_ver == 0x3593)
2049 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val);
2050 sc->lna[2] = val >> 8; /* channel group 2 */
2051
2052 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ :
2053 RT3593_EEPROM_RSSI1_5GHZ, &val);
2054 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */
2055 sc->rssi_5ghz[1] = val >> 8; /* Ant B */
2056 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ :
2057 RT3593_EEPROM_RSSI2_5GHZ, &val);
2058 if (sc->mac_ver == 0x3572) {
2059 /*
2060 * On RT3572 chips (limited to 2 Rx chains), this ROM
2061 * field contains the Tx mixer gain for the 5GHz band.
2062 */
2063 if ((val & 0xff) != 0xff)
2064 sc->txmixgain_5ghz = val & 0x7;
2065 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "tx mixer gain=%u (5GHz)\n",
2066 sc->txmixgain_5ghz);
2067 } else
2068 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */
2069 if (sc->mac_ver == 0x3593) {
2070 sc->txmixgain_5ghz = 0;
2071 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val);
2072 }
2073 sc->lna[3] = val >> 8; /* channel group 3 */
2074
2075 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA :
2076 RT3593_EEPROM_LNA, &val);
2077 sc->lna[0] = val & 0xff; /* channel group 0 */
2078 sc->lna[1] = val >> 8; /* channel group 1 */
2079
2080 /* fix broken 5GHz LNA entries */
2081 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) {
2082 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
2083 "invalid LNA for channel group %d\n", 2);
2084 sc->lna[2] = sc->lna[1];
2085 }
2086 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) {
2087 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
2088 "invalid LNA for channel group %d\n", 3);
2089 sc->lna[3] = sc->lna[1];
2090 }
2091
2092 /* fix broken RSSI offset entries */
2093 for (ant = 0; ant < 3; ant++) {
2094 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) {
2095 RUN_DPRINTF(sc, RUN_DEBUG_ROM | RUN_DEBUG_RSSI,
2096 "invalid RSSI%d offset: %d (2GHz)\n",
2097 ant + 1, sc->rssi_2ghz[ant]);
2098 sc->rssi_2ghz[ant] = 0;
2099 }
2100 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) {
2101 RUN_DPRINTF(sc, RUN_DEBUG_ROM | RUN_DEBUG_RSSI,
2102 "invalid RSSI%d offset: %d (5GHz)\n",
2103 ant + 1, sc->rssi_5ghz[ant]);
2104 sc->rssi_5ghz[ant] = 0;
2105 }
2106 }
2107 return (0);
2108 }
2109
2110 static struct ieee80211_node *
run_node_alloc(struct ieee80211vap * vap,const uint8_t mac[IEEE80211_ADDR_LEN])2111 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN])
2112 {
2113 return malloc(sizeof (struct run_node), M_80211_NODE,
2114 M_NOWAIT | M_ZERO);
2115 }
2116
2117 static int
run_media_change(if_t ifp)2118 run_media_change(if_t ifp)
2119 {
2120 struct ieee80211vap *vap = if_getsoftc(ifp);
2121 struct ieee80211com *ic = vap->iv_ic;
2122 const struct ieee80211_txparam *tp;
2123 struct run_softc *sc = ic->ic_softc;
2124 uint8_t rate, ridx;
2125 int error;
2126
2127 RUN_LOCK(sc);
2128
2129 error = ieee80211_media_change(ifp);
2130 if (error != 0) {
2131 RUN_UNLOCK(sc);
2132 return (error);
2133 }
2134
2135 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)];
2136 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) {
2137 struct ieee80211_node *ni;
2138 struct run_node *rn;
2139
2140 /* XXX TODO: methodize with MCS rates */
2141 rate = ic->ic_sup_rates[ic->ic_curmode].
2142 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL;
2143 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2144 if (rt2860_rates[ridx].rate == rate)
2145 break;
2146
2147 ni = ieee80211_ref_node(vap->iv_bss);
2148 rn = RUN_NODE(ni);
2149 rn->fix_ridx = ridx;
2150 RUN_DPRINTF(sc, RUN_DEBUG_RATE, "rate=%d, fix_ridx=%d\n",
2151 rate, rn->fix_ridx);
2152 ieee80211_free_node(ni);
2153 }
2154
2155 #if 0
2156 if ((if_getflags(ifp) & IFF_UP) &&
2157 (if_getdrvflags(ifp) & RUN_RUNNING)){
2158 run_init_locked(sc);
2159 }
2160 #endif
2161
2162 RUN_UNLOCK(sc);
2163
2164 return (0);
2165 }
2166
2167 static int
run_newstate(struct ieee80211vap * vap,enum ieee80211_state nstate,int arg)2168 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
2169 {
2170 const struct ieee80211_txparam *tp;
2171 struct ieee80211com *ic = vap->iv_ic;
2172 struct run_softc *sc = ic->ic_softc;
2173 struct run_vap *rvp = RUN_VAP(vap);
2174 enum ieee80211_state ostate;
2175 uint32_t sta[3];
2176 uint8_t ratectl;
2177 uint8_t restart_ratectl = 0;
2178 uint8_t bid = 1 << rvp->rvp_id;
2179
2180 ostate = vap->iv_state;
2181 RUN_DPRINTF(sc, RUN_DEBUG_STATE, "%s -> %s\n",
2182 ieee80211_state_name[ostate],
2183 ieee80211_state_name[nstate]);
2184
2185 IEEE80211_UNLOCK(ic);
2186 RUN_LOCK(sc);
2187
2188 ratectl = sc->ratectl_run; /* remember current state */
2189 sc->ratectl_run = RUN_RATECTL_OFF;
2190 usb_callout_stop(&sc->ratectl_ch);
2191
2192 if (ostate == IEEE80211_S_RUN) {
2193 /* turn link LED off */
2194 run_set_leds(sc, RT2860_LED_RADIO);
2195 }
2196
2197 switch (nstate) {
2198 case IEEE80211_S_INIT:
2199 restart_ratectl = 1;
2200
2201 if (ostate != IEEE80211_S_RUN)
2202 break;
2203
2204 ratectl &= ~bid;
2205 sc->runbmap &= ~bid;
2206
2207 /* abort TSF synchronization if there is no vap running */
2208 if (--sc->running == 0)
2209 run_disable_tsf(sc);
2210 break;
2211
2212 case IEEE80211_S_RUN:
2213 if (!(sc->runbmap & bid)) {
2214 if(sc->running++)
2215 restart_ratectl = 1;
2216 sc->runbmap |= bid;
2217 }
2218
2219 m_freem(rvp->beacon_mbuf);
2220 rvp->beacon_mbuf = NULL;
2221
2222 switch (vap->iv_opmode) {
2223 case IEEE80211_M_HOSTAP:
2224 case IEEE80211_M_MBSS:
2225 sc->ap_running |= bid;
2226 ic->ic_opmode = vap->iv_opmode;
2227 run_update_beacon_cb(vap);
2228 break;
2229 case IEEE80211_M_IBSS:
2230 sc->adhoc_running |= bid;
2231 if (!sc->ap_running)
2232 ic->ic_opmode = vap->iv_opmode;
2233 run_update_beacon_cb(vap);
2234 break;
2235 case IEEE80211_M_STA:
2236 sc->sta_running |= bid;
2237 if (!sc->ap_running && !sc->adhoc_running)
2238 ic->ic_opmode = vap->iv_opmode;
2239
2240 /* read statistic counters (clear on read) */
2241 run_read_region_1(sc, RT2860_TX_STA_CNT0,
2242 (uint8_t *)sta, sizeof sta);
2243
2244 break;
2245 default:
2246 ic->ic_opmode = vap->iv_opmode;
2247 break;
2248 }
2249
2250 if (vap->iv_opmode != IEEE80211_M_MONITOR) {
2251 struct ieee80211_node *ni;
2252
2253 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) {
2254 RUN_UNLOCK(sc);
2255 IEEE80211_LOCK(ic);
2256 return (-1);
2257 }
2258 run_updateslot(ic);
2259 run_enable_mrr(sc);
2260 run_set_txpreamble(sc);
2261 run_set_basicrates(sc);
2262 ni = ieee80211_ref_node(vap->iv_bss);
2263 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid);
2264 run_set_bssid(sc, sc->sc_bssid);
2265 ieee80211_free_node(ni);
2266 run_enable_tsf_sync(sc);
2267
2268 /* enable automatic rate adaptation */
2269 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)];
2270 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE)
2271 ratectl |= bid;
2272 } else
2273 run_enable_tsf(sc);
2274
2275 /* turn link LED on */
2276 run_set_leds(sc, RT2860_LED_RADIO |
2277 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ?
2278 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ));
2279
2280 break;
2281 default:
2282 RUN_DPRINTF(sc, RUN_DEBUG_STATE, "undefined state\n");
2283 break;
2284 }
2285
2286 /* restart amrr for running VAPs */
2287 if ((sc->ratectl_run = ratectl) && restart_ratectl)
2288 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc);
2289
2290 RUN_UNLOCK(sc);
2291 IEEE80211_LOCK(ic);
2292
2293 return(rvp->newstate(vap, nstate, arg));
2294 }
2295
2296 static int
run_wme_update(struct ieee80211com * ic)2297 run_wme_update(struct ieee80211com *ic)
2298 {
2299 struct chanAccParams chp;
2300 struct run_softc *sc = ic->ic_softc;
2301 const struct wmeParams *ac;
2302 int aci, error = 0;
2303
2304 ieee80211_wme_ic_getparams(ic, &chp);
2305 ac = chp.cap_wmeParams;
2306
2307 /* update MAC TX configuration registers */
2308 RUN_LOCK(sc);
2309 for (aci = 0; aci < WME_NUM_AC; aci++) {
2310 error = run_write(sc, RT2860_EDCA_AC_CFG(aci),
2311 ac[aci].wmep_logcwmax << 16 |
2312 ac[aci].wmep_logcwmin << 12 |
2313 ac[aci].wmep_aifsn << 8 |
2314 ac[aci].wmep_txopLimit);
2315 if (error) goto err;
2316 }
2317
2318 /* update SCH/DMA registers too */
2319 error = run_write(sc, RT2860_WMM_AIFSN_CFG,
2320 ac[WME_AC_VO].wmep_aifsn << 12 |
2321 ac[WME_AC_VI].wmep_aifsn << 8 |
2322 ac[WME_AC_BK].wmep_aifsn << 4 |
2323 ac[WME_AC_BE].wmep_aifsn);
2324 if (error) goto err;
2325 error = run_write(sc, RT2860_WMM_CWMIN_CFG,
2326 ac[WME_AC_VO].wmep_logcwmin << 12 |
2327 ac[WME_AC_VI].wmep_logcwmin << 8 |
2328 ac[WME_AC_BK].wmep_logcwmin << 4 |
2329 ac[WME_AC_BE].wmep_logcwmin);
2330 if (error) goto err;
2331 error = run_write(sc, RT2860_WMM_CWMAX_CFG,
2332 ac[WME_AC_VO].wmep_logcwmax << 12 |
2333 ac[WME_AC_VI].wmep_logcwmax << 8 |
2334 ac[WME_AC_BK].wmep_logcwmax << 4 |
2335 ac[WME_AC_BE].wmep_logcwmax);
2336 if (error) goto err;
2337 error = run_write(sc, RT2860_WMM_TXOP0_CFG,
2338 ac[WME_AC_BK].wmep_txopLimit << 16 |
2339 ac[WME_AC_BE].wmep_txopLimit);
2340 if (error) goto err;
2341 error = run_write(sc, RT2860_WMM_TXOP1_CFG,
2342 ac[WME_AC_VO].wmep_txopLimit << 16 |
2343 ac[WME_AC_VI].wmep_txopLimit);
2344
2345 err:
2346 RUN_UNLOCK(sc);
2347 if (error)
2348 RUN_DPRINTF(sc, RUN_DEBUG_USB, "WME update failed\n");
2349
2350 return (error);
2351 }
2352
2353 static void
run_key_set_cb(void * arg)2354 run_key_set_cb(void *arg)
2355 {
2356 struct run_cmdq *cmdq = arg;
2357 struct ieee80211vap *vap = cmdq->arg1;
2358 struct ieee80211_key *k = cmdq->k;
2359 struct ieee80211com *ic = vap->iv_ic;
2360 struct run_softc *sc = ic->ic_softc;
2361 struct ieee80211_node *ni;
2362 u_int cipher = k->wk_cipher->ic_cipher;
2363 uint32_t attr;
2364 uint16_t base, associd;
2365 uint8_t mode, wcid, iv[8];
2366
2367 RUN_LOCK_ASSERT(sc, MA_OWNED);
2368
2369 if (vap->iv_opmode == IEEE80211_M_HOSTAP)
2370 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac);
2371 else
2372 ni = vap->iv_bss;
2373 associd = (ni != NULL) ? ni->ni_associd : 0;
2374
2375 /* map net80211 cipher to RT2860 security mode */
2376 switch (cipher) {
2377 case IEEE80211_CIPHER_WEP:
2378 if(k->wk_keylen < 8)
2379 mode = RT2860_MODE_WEP40;
2380 else
2381 mode = RT2860_MODE_WEP104;
2382 break;
2383 case IEEE80211_CIPHER_TKIP:
2384 mode = RT2860_MODE_TKIP;
2385 break;
2386 case IEEE80211_CIPHER_AES_CCM:
2387 mode = RT2860_MODE_AES_CCMP;
2388 break;
2389 default:
2390 RUN_DPRINTF(sc, RUN_DEBUG_KEY, "undefined case\n");
2391 return;
2392 }
2393
2394 RUN_DPRINTF(sc, RUN_DEBUG_KEY,
2395 "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n",
2396 associd, k->wk_keyix, mode,
2397 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise",
2398 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off",
2399 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off");
2400
2401 if (k->wk_flags & IEEE80211_KEY_GROUP) {
2402 wcid = 0; /* NB: update WCID0 for group keys */
2403 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix);
2404 } else {
2405 wcid = (vap->iv_opmode == IEEE80211_M_STA) ?
2406 1 : RUN_AID2WCID(associd);
2407 base = RT2860_PKEY(wcid);
2408 }
2409
2410 if (cipher == IEEE80211_CIPHER_TKIP) {
2411 if(run_write_region_1(sc, base, k->wk_key, 16))
2412 return;
2413 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */
2414 return;
2415 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */
2416 return;
2417 } else {
2418 /* roundup len to 16-bit: XXX fix write_region_1() instead */
2419 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1))
2420 return;
2421 }
2422
2423 if (!(k->wk_flags & IEEE80211_KEY_GROUP) ||
2424 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) {
2425 /* set initial packet number in IV+EIV */
2426 if (cipher == IEEE80211_CIPHER_WEP) {
2427 memset(iv, 0, sizeof iv);
2428 iv[3] = vap->iv_def_txkey << 6;
2429 } else {
2430 if (cipher == IEEE80211_CIPHER_TKIP) {
2431 iv[0] = k->wk_keytsc >> 8;
2432 iv[1] = (iv[0] | 0x20) & 0x7f;
2433 iv[2] = k->wk_keytsc;
2434 } else /* CCMP */ {
2435 iv[0] = k->wk_keytsc;
2436 iv[1] = k->wk_keytsc >> 8;
2437 iv[2] = 0;
2438 }
2439 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV;
2440 iv[4] = k->wk_keytsc >> 16;
2441 iv[5] = k->wk_keytsc >> 24;
2442 iv[6] = k->wk_keytsc >> 32;
2443 iv[7] = k->wk_keytsc >> 40;
2444 }
2445 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8))
2446 return;
2447 }
2448
2449 if (k->wk_flags & IEEE80211_KEY_GROUP) {
2450 /* install group key */
2451 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr))
2452 return;
2453 attr &= ~(0xf << (k->wk_keyix * 4));
2454 attr |= mode << (k->wk_keyix * 4);
2455 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr))
2456 return;
2457 } else {
2458 /* install pairwise key */
2459 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr))
2460 return;
2461 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN;
2462 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr))
2463 return;
2464 }
2465
2466 /* TODO create a pass-thru key entry? */
2467
2468 /* need wcid to delete the right key later */
2469 k->wk_pad = wcid;
2470 }
2471
2472 /*
2473 * Don't have to be deferred, but in order to keep order of
2474 * execution, i.e. with run_key_delete(), defer this and let
2475 * run_cmdq_cb() maintain the order.
2476 *
2477 * return 0 on error
2478 */
2479 static int
run_key_set(struct ieee80211vap * vap,struct ieee80211_key * k)2480 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k)
2481 {
2482 struct ieee80211com *ic = vap->iv_ic;
2483 struct run_softc *sc = ic->ic_softc;
2484 uint32_t i;
2485
2486 i = RUN_CMDQ_GET(&sc->cmdq_store);
2487 RUN_DPRINTF(sc, RUN_DEBUG_KEY, "cmdq_store=%d\n", i);
2488 sc->cmdq[i].func = run_key_set_cb;
2489 sc->cmdq[i].arg0 = NULL;
2490 sc->cmdq[i].arg1 = vap;
2491 sc->cmdq[i].k = k;
2492 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, k->wk_macaddr);
2493 ieee80211_runtask(ic, &sc->cmdq_task);
2494
2495 /*
2496 * To make sure key will be set when hostapd
2497 * calls iv_key_set() before if_init().
2498 */
2499 if (vap->iv_opmode == IEEE80211_M_HOSTAP) {
2500 RUN_LOCK(sc);
2501 sc->cmdq_key_set = RUN_CMDQ_GO;
2502 RUN_UNLOCK(sc);
2503 }
2504
2505 return (1);
2506 }
2507
2508 /*
2509 * If wlan is destroyed without being brought down i.e. without
2510 * wlan down or wpa_cli terminate, this function is called after
2511 * vap is gone. Don't refer it.
2512 */
2513 static void
run_key_delete_cb(void * arg)2514 run_key_delete_cb(void *arg)
2515 {
2516 struct run_cmdq *cmdq = arg;
2517 struct run_softc *sc = cmdq->arg1;
2518 struct ieee80211_key *k = &cmdq->key;
2519 uint32_t attr;
2520 uint8_t wcid;
2521
2522 RUN_LOCK_ASSERT(sc, MA_OWNED);
2523
2524 if (k->wk_flags & IEEE80211_KEY_GROUP) {
2525 /* remove group key */
2526 RUN_DPRINTF(sc, RUN_DEBUG_KEY, "removing group key\n");
2527 run_read(sc, RT2860_SKEY_MODE_0_7, &attr);
2528 attr &= ~(0xf << (k->wk_keyix * 4));
2529 run_write(sc, RT2860_SKEY_MODE_0_7, attr);
2530 } else {
2531 /* remove pairwise key */
2532 RUN_DPRINTF(sc, RUN_DEBUG_KEY,
2533 "removing key for wcid %x\n", k->wk_pad);
2534 /* matching wcid was written to wk_pad in run_key_set() */
2535 wcid = k->wk_pad;
2536 run_read(sc, RT2860_WCID_ATTR(wcid), &attr);
2537 attr &= ~0xf;
2538 run_write(sc, RT2860_WCID_ATTR(wcid), attr);
2539 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8);
2540 }
2541
2542 k->wk_pad = 0;
2543 }
2544
2545 /*
2546 * return 0 on error
2547 */
2548 static int
run_key_delete(struct ieee80211vap * vap,struct ieee80211_key * k)2549 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k)
2550 {
2551 struct ieee80211com *ic = vap->iv_ic;
2552 struct run_softc *sc = ic->ic_softc;
2553 struct ieee80211_key *k0;
2554 uint32_t i;
2555
2556 /*
2557 * When called back, key might be gone. So, make a copy
2558 * of some values need to delete keys before deferring.
2559 * But, because of LOR with node lock, cannot use lock here.
2560 * So, use atomic instead.
2561 */
2562 i = RUN_CMDQ_GET(&sc->cmdq_store);
2563 RUN_DPRINTF(sc, RUN_DEBUG_KEY, "cmdq_store=%d\n", i);
2564 sc->cmdq[i].func = run_key_delete_cb;
2565 sc->cmdq[i].arg0 = NULL;
2566 sc->cmdq[i].arg1 = sc;
2567 k0 = &sc->cmdq[i].key;
2568 k0->wk_flags = k->wk_flags;
2569 k0->wk_keyix = k->wk_keyix;
2570 /* matching wcid was written to wk_pad in run_key_set() */
2571 k0->wk_pad = k->wk_pad;
2572 ieee80211_runtask(ic, &sc->cmdq_task);
2573 return (1); /* return fake success */
2574
2575 }
2576
2577 static void
run_ratectl_to(void * arg)2578 run_ratectl_to(void *arg)
2579 {
2580 struct run_softc *sc = arg;
2581
2582 /* do it in a process context, so it can go sleep */
2583 ieee80211_runtask(&sc->sc_ic, &sc->ratectl_task);
2584 /* next timeout will be rescheduled in the callback task */
2585 }
2586
2587 /* ARGSUSED */
2588 static void
run_ratectl_cb(void * arg,int pending)2589 run_ratectl_cb(void *arg, int pending)
2590 {
2591 struct run_softc *sc = arg;
2592 struct ieee80211com *ic = &sc->sc_ic;
2593 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
2594
2595 if (vap == NULL)
2596 return;
2597
2598 if (sc->rvp_cnt > 1 || vap->iv_opmode != IEEE80211_M_STA) {
2599 /*
2600 * run_reset_livelock() doesn't do anything with AMRR,
2601 * but Ralink wants us to call it every 1 sec. So, we
2602 * piggyback here rather than creating another callout.
2603 * Livelock may occur only in HOSTAP or IBSS mode
2604 * (when h/w is sending beacons).
2605 */
2606 RUN_LOCK(sc);
2607 run_reset_livelock(sc);
2608 /* just in case, there are some stats to drain */
2609 run_drain_fifo(sc);
2610 RUN_UNLOCK(sc);
2611 }
2612
2613 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc);
2614
2615 RUN_LOCK(sc);
2616 if(sc->ratectl_run != RUN_RATECTL_OFF)
2617 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc);
2618 RUN_UNLOCK(sc);
2619 }
2620
2621 static void
run_drain_fifo(void * arg)2622 run_drain_fifo(void *arg)
2623 {
2624 struct run_softc *sc = arg;
2625 uint32_t stat;
2626 uint16_t (*wstat)[3];
2627 uint8_t wcid, mcs, pid;
2628 int8_t retry;
2629
2630 RUN_LOCK_ASSERT(sc, MA_OWNED);
2631
2632 for (;;) {
2633 /* drain Tx status FIFO (maxsize = 16) */
2634 run_read(sc, RT2860_TX_STAT_FIFO, &stat);
2635 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "tx stat 0x%08x\n", stat);
2636 if (!(stat & RT2860_TXQ_VLD))
2637 break;
2638
2639 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff;
2640
2641 /* if no ACK was requested, no feedback is available */
2642 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX ||
2643 wcid == 0)
2644 continue;
2645
2646 /*
2647 * Even though each stat is Tx-complete-status like format,
2648 * the device can poll stats. Because there is no guarantee
2649 * that the referring node is still around when read the stats.
2650 * So that, if we use ieee80211_ratectl_tx_update(), we will
2651 * have hard time not to refer already freed node.
2652 *
2653 * To eliminate such page faults, we poll stats in softc.
2654 * Then, update the rates later with ieee80211_ratectl_tx_update().
2655 */
2656 wstat = &(sc->wcid_stats[wcid]);
2657 (*wstat)[RUN_TXCNT]++;
2658 if (stat & RT2860_TXQ_OK)
2659 (*wstat)[RUN_SUCCESS]++;
2660 else
2661 counter_u64_add(sc->sc_ic.ic_oerrors, 1);
2662 /*
2663 * Check if there were retries, ie if the Tx success rate is
2664 * different from the requested rate. Note that it works only
2665 * because we do not allow rate fallback from OFDM to CCK.
2666 */
2667 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f;
2668 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf;
2669 if ((retry = pid -1 - mcs) > 0) {
2670 (*wstat)[RUN_TXCNT] += retry;
2671 (*wstat)[RUN_RETRY] += retry;
2672 }
2673 }
2674 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "count=%d\n", sc->fifo_cnt);
2675
2676 sc->fifo_cnt = 0;
2677 }
2678
2679 static void
run_iter_func(void * arg,struct ieee80211_node * ni)2680 run_iter_func(void *arg, struct ieee80211_node *ni)
2681 {
2682 struct run_softc *sc = arg;
2683 struct ieee80211_ratectl_tx_stats *txs = &sc->sc_txs;
2684 struct ieee80211vap *vap = ni->ni_vap;
2685 struct run_node *rn = RUN_NODE(ni);
2686 union run_stats sta[2];
2687 uint16_t (*wstat)[3];
2688 int error, ridx;
2689 uint8_t dot11rate;
2690
2691 RUN_LOCK(sc);
2692
2693 /* Check for special case */
2694 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA &&
2695 ni != vap->iv_bss)
2696 goto fail;
2697
2698 txs->flags = IEEE80211_RATECTL_TX_STATS_NODE |
2699 IEEE80211_RATECTL_TX_STATS_RETRIES;
2700 txs->ni = ni;
2701 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS ||
2702 vap->iv_opmode == IEEE80211_M_STA)) {
2703 /* read statistic counters (clear on read) and update AMRR state */
2704 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta,
2705 sizeof sta);
2706 if (error != 0)
2707 goto fail;
2708
2709 /* count failed TX as errors */
2710 if_inc_counter(vap->iv_ifp, IFCOUNTER_OERRORS,
2711 le16toh(sta[0].error.fail));
2712
2713 txs->nretries = le16toh(sta[1].tx.retry);
2714 txs->nsuccess = le16toh(sta[1].tx.success);
2715 /* nretries??? */
2716 txs->nframes = txs->nretries + txs->nsuccess +
2717 le16toh(sta[0].error.fail);
2718
2719 RUN_DPRINTF(sc, RUN_DEBUG_RATE,
2720 "retrycnt=%d success=%d failcnt=%d\n",
2721 txs->nretries, txs->nsuccess, le16toh(sta[0].error.fail));
2722 } else {
2723 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]);
2724
2725 if (wstat == &(sc->wcid_stats[0]) ||
2726 wstat > &(sc->wcid_stats[RT2870_WCID_MAX]))
2727 goto fail;
2728
2729 txs->nretries = (*wstat)[RUN_RETRY];
2730 txs->nsuccess = (*wstat)[RUN_SUCCESS];
2731 txs->nframes = (*wstat)[RUN_TXCNT];
2732 RUN_DPRINTF(sc, RUN_DEBUG_RATE,
2733 "retrycnt=%d txcnt=%d success=%d\n",
2734 txs->nretries, txs->nframes, txs->nsuccess);
2735
2736 memset(wstat, 0, sizeof(*wstat));
2737 }
2738
2739 ieee80211_ratectl_tx_update(vap, txs);
2740 ieee80211_ratectl_rate(ni, NULL, 0);
2741 /* XXX TODO: methodize with MCS rates */
2742 dot11rate = ieee80211_node_get_txrate_dot11rate(ni);
2743 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2744 if (rt2860_rates[ridx].rate == dot11rate)
2745 break;
2746 rn->amrr_ridx = ridx;
2747
2748 fail:
2749 RUN_UNLOCK(sc);
2750
2751 RUN_DPRINTF(sc, RUN_DEBUG_RATE, "rate=0x%02x, ridx=%d\n",
2752 ieee80211_node_get_txrate_dot11rate(ni), rn->amrr_ridx);
2753 }
2754
2755 static void
run_newassoc_cb(void * arg)2756 run_newassoc_cb(void *arg)
2757 {
2758 struct run_cmdq *cmdq = arg;
2759 struct ieee80211_node *ni = cmdq->arg1;
2760 struct run_softc *sc = ni->ni_vap->iv_ic->ic_softc;
2761 uint8_t wcid = cmdq->wcid;
2762
2763 RUN_LOCK_ASSERT(sc, MA_OWNED);
2764
2765 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid),
2766 ni->ni_macaddr, IEEE80211_ADDR_LEN);
2767
2768 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid]));
2769 }
2770
2771 static void
run_newassoc(struct ieee80211_node * ni,int isnew)2772 run_newassoc(struct ieee80211_node *ni, int isnew)
2773 {
2774 struct run_node *rn = RUN_NODE(ni);
2775 struct ieee80211vap *vap = ni->ni_vap;
2776 struct ieee80211com *ic = vap->iv_ic;
2777 struct run_softc *sc = ic->ic_softc;
2778 uint8_t rate;
2779 uint8_t ridx;
2780 uint8_t wcid;
2781
2782 wcid = (vap->iv_opmode == IEEE80211_M_STA) ?
2783 1 : RUN_AID2WCID(ni->ni_associd);
2784
2785 if (wcid > RT2870_WCID_MAX) {
2786 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid);
2787 return;
2788 }
2789
2790 /* only interested in true associations */
2791 if (isnew && ni->ni_associd != 0) {
2792 /*
2793 * This function could is called though timeout function.
2794 * Need to defer.
2795 */
2796 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store);
2797 RUN_DPRINTF(sc, RUN_DEBUG_STATE, "cmdq_store=%d\n", cnt);
2798 sc->cmdq[cnt].func = run_newassoc_cb;
2799 sc->cmdq[cnt].arg0 = NULL;
2800 sc->cmdq[cnt].arg1 = ni;
2801 sc->cmdq[cnt].wcid = wcid;
2802 ieee80211_runtask(ic, &sc->cmdq_task);
2803 }
2804
2805 RUN_DPRINTF(sc, RUN_DEBUG_STATE,
2806 "new assoc isnew=%d associd=%x addr=%s\n",
2807 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr));
2808
2809 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate;
2810 /* XXX TODO: methodize with MCS rates */
2811 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2812 if (rt2860_rates[ridx].rate == rate)
2813 break;
2814 rn->mgt_ridx = ridx;
2815 RUN_DPRINTF(sc, RUN_DEBUG_STATE | RUN_DEBUG_RATE,
2816 "rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx);
2817
2818 RUN_LOCK(sc);
2819 if(sc->ratectl_run != RUN_RATECTL_OFF)
2820 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc);
2821 RUN_UNLOCK(sc);
2822 }
2823
2824 /*
2825 * Return the Rx chain with the highest RSSI for a given frame.
2826 */
2827 static __inline uint8_t
run_maxrssi_chain(struct run_softc * sc,const struct rt2860_rxwi * rxwi)2828 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi)
2829 {
2830 uint8_t rxchain = 0;
2831
2832 if (sc->nrxchains > 1) {
2833 if (rxwi->rssi[1] > rxwi->rssi[rxchain])
2834 rxchain = 1;
2835 if (sc->nrxchains > 2)
2836 if (rxwi->rssi[2] > rxwi->rssi[rxchain])
2837 rxchain = 2;
2838 }
2839 return (rxchain);
2840 }
2841
2842 static void
run_recv_mgmt(struct ieee80211_node * ni,struct mbuf * m,int subtype,const struct ieee80211_rx_stats * rxs,int rssi,int nf)2843 run_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype,
2844 const struct ieee80211_rx_stats *rxs, int rssi, int nf)
2845 {
2846 struct ieee80211vap *vap = ni->ni_vap;
2847 struct run_softc *sc = vap->iv_ic->ic_softc;
2848 struct run_vap *rvp = RUN_VAP(vap);
2849 uint64_t ni_tstamp, rx_tstamp;
2850
2851 rvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf);
2852
2853 if (vap->iv_state == IEEE80211_S_RUN &&
2854 (subtype == IEEE80211_FC0_SUBTYPE_BEACON ||
2855 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) {
2856 ni_tstamp = le64toh(ni->ni_tstamp.tsf);
2857 RUN_LOCK(sc);
2858 run_get_tsf(sc, &rx_tstamp);
2859 RUN_UNLOCK(sc);
2860 rx_tstamp = le64toh(rx_tstamp);
2861
2862 if (ni_tstamp >= rx_tstamp) {
2863 RUN_DPRINTF(sc, RUN_DEBUG_RECV | RUN_DEBUG_BEACON,
2864 "ibss merge, tsf %ju tstamp %ju\n",
2865 (uintmax_t)rx_tstamp, (uintmax_t)ni_tstamp);
2866 (void) ieee80211_ibss_merge(ni);
2867 }
2868 }
2869 }
2870
2871 static void
run_rx_frame(struct run_softc * sc,struct mbuf * m,uint32_t dmalen)2872 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen)
2873 {
2874 struct ieee80211com *ic = &sc->sc_ic;
2875 struct ieee80211_frame *wh;
2876 struct ieee80211_node *ni;
2877 struct rt2870_rxd *rxd;
2878 struct rt2860_rxwi *rxwi;
2879 uint32_t flags;
2880 uint16_t len, rxwisize;
2881 uint8_t ant, rssi;
2882 int8_t nf;
2883
2884 rxwisize = sizeof(struct rt2860_rxwi);
2885 if (sc->mac_ver == 0x5592)
2886 rxwisize += sizeof(uint64_t);
2887 else if (sc->mac_ver == 0x3593)
2888 rxwisize += sizeof(uint32_t);
2889
2890 if (__predict_false(dmalen <
2891 rxwisize + sizeof(struct ieee80211_frame_ack))) {
2892 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
2893 "payload is too short: dma length %u < %zu\n",
2894 dmalen, rxwisize + sizeof(struct ieee80211_frame_ack));
2895 goto fail;
2896 }
2897
2898 rxwi = mtod(m, struct rt2860_rxwi *);
2899 len = le16toh(rxwi->len) & 0xfff;
2900
2901 if (__predict_false(len > dmalen - rxwisize)) {
2902 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
2903 "bad RXWI length %u > %u\n", len, dmalen);
2904 goto fail;
2905 }
2906
2907 /* Rx descriptor is located at the end */
2908 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen);
2909 flags = le32toh(rxd->flags);
2910
2911 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) {
2912 RUN_DPRINTF(sc, RUN_DEBUG_RECV, "%s error.\n",
2913 (flags & RT2860_RX_CRCERR)?"CRC":"ICV");
2914 goto fail;
2915 }
2916
2917 if (flags & RT2860_RX_L2PAD) {
2918 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
2919 "received RT2860_RX_L2PAD frame\n");
2920 len += 2;
2921 }
2922
2923 m->m_data += rxwisize;
2924 m->m_pkthdr.len = m->m_len = len;
2925
2926 wh = mtod(m, struct ieee80211_frame *);
2927
2928 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) != 0 &&
2929 (flags & RT2860_RX_DEC) != 0) {
2930 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED;
2931 m->m_flags |= M_WEP;
2932 }
2933
2934 if (len >= sizeof(struct ieee80211_frame_min)) {
2935 ni = ieee80211_find_rxnode(ic,
2936 mtod(m, struct ieee80211_frame_min *));
2937 } else
2938 ni = NULL;
2939
2940 if(ni && ni->ni_flags & IEEE80211_NODE_HT) {
2941 m->m_flags |= M_AMPDU;
2942 }
2943
2944 if (__predict_false(flags & RT2860_RX_MICERR)) {
2945 /* report MIC failures to net80211 for TKIP */
2946 if (ni != NULL)
2947 ieee80211_notify_michael_failure(ni->ni_vap, wh,
2948 rxwi->keyidx);
2949 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
2950 "MIC error. Someone is lying.\n");
2951 goto fail;
2952 }
2953
2954 ant = run_maxrssi_chain(sc, rxwi);
2955 rssi = rxwi->rssi[ant];
2956 nf = run_rssi2dbm(sc, rssi, ant);
2957
2958 if (__predict_false(ieee80211_radiotap_active(ic))) {
2959 struct run_rx_radiotap_header *tap = &sc->sc_rxtap;
2960 uint16_t phy;
2961
2962 tap->wr_flags = 0;
2963 if (flags & RT2860_RX_L2PAD)
2964 tap->wr_flags |= IEEE80211_RADIOTAP_F_DATAPAD;
2965 tap->wr_antsignal = rssi;
2966 tap->wr_antenna = ant;
2967 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant);
2968 tap->wr_rate = 2; /* in case it can't be found below */
2969 RUN_LOCK(sc);
2970 run_get_tsf(sc, &tap->wr_tsf);
2971 RUN_UNLOCK(sc);
2972 phy = le16toh(rxwi->phy);
2973 switch (phy & RT2860_PHY_MODE) {
2974 case RT2860_PHY_CCK:
2975 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) {
2976 case 0: tap->wr_rate = 2; break;
2977 case 1: tap->wr_rate = 4; break;
2978 case 2: tap->wr_rate = 11; break;
2979 case 3: tap->wr_rate = 22; break;
2980 }
2981 if (phy & RT2860_PHY_SHPRE)
2982 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
2983 break;
2984 case RT2860_PHY_OFDM:
2985 switch (phy & RT2860_PHY_MCS) {
2986 case 0: tap->wr_rate = 12; break;
2987 case 1: tap->wr_rate = 18; break;
2988 case 2: tap->wr_rate = 24; break;
2989 case 3: tap->wr_rate = 36; break;
2990 case 4: tap->wr_rate = 48; break;
2991 case 5: tap->wr_rate = 72; break;
2992 case 6: tap->wr_rate = 96; break;
2993 case 7: tap->wr_rate = 108; break;
2994 }
2995 break;
2996 }
2997 }
2998
2999 if (ni != NULL) {
3000 (void)ieee80211_input(ni, m, rssi, nf);
3001 ieee80211_free_node(ni);
3002 } else {
3003 (void)ieee80211_input_all(ic, m, rssi, nf);
3004 }
3005
3006 return;
3007
3008 fail:
3009 m_freem(m);
3010 counter_u64_add(ic->ic_ierrors, 1);
3011 }
3012
3013 static void
run_bulk_rx_callback(struct usb_xfer * xfer,usb_error_t error)3014 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error)
3015 {
3016 struct run_softc *sc = usbd_xfer_softc(xfer);
3017 struct ieee80211com *ic = &sc->sc_ic;
3018 struct mbuf *m = NULL;
3019 struct mbuf *m0;
3020 uint32_t dmalen, mbuf_len;
3021 uint16_t rxwisize;
3022 int xferlen;
3023
3024 rxwisize = sizeof(struct rt2860_rxwi);
3025 if (sc->mac_ver == 0x5592)
3026 rxwisize += sizeof(uint64_t);
3027 else if (sc->mac_ver == 0x3593)
3028 rxwisize += sizeof(uint32_t);
3029
3030 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL);
3031
3032 switch (USB_GET_STATE(xfer)) {
3033 case USB_ST_TRANSFERRED:
3034
3035 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
3036 "rx done, actlen=%d\n", xferlen);
3037
3038 if (xferlen < (int)(sizeof(uint32_t) + rxwisize +
3039 sizeof(struct rt2870_rxd))) {
3040 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3041 "xfer too short %d\n", xferlen);
3042 goto tr_setup;
3043 }
3044
3045 m = sc->rx_m;
3046 sc->rx_m = NULL;
3047
3048 /* FALLTHROUGH */
3049 case USB_ST_SETUP:
3050 tr_setup:
3051 if (sc->rx_m == NULL) {
3052 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR,
3053 RUN_MAX_RXSZ);
3054 }
3055 if (sc->rx_m == NULL) {
3056 RUN_DPRINTF(sc, RUN_DEBUG_RECV |
3057 RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3058 "could not allocate mbuf - idle with stall\n");
3059 counter_u64_add(ic->ic_ierrors, 1);
3060 usbd_xfer_set_stall(xfer);
3061 usbd_xfer_set_frames(xfer, 0);
3062 } else {
3063 /*
3064 * Directly loading a mbuf cluster into DMA to
3065 * save some data copying. This works because
3066 * there is only one cluster.
3067 */
3068 usbd_xfer_set_frame_data(xfer, 0,
3069 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ);
3070 usbd_xfer_set_frames(xfer, 1);
3071 }
3072 usbd_transfer_submit(xfer);
3073 break;
3074
3075 default: /* Error */
3076 if (error != USB_ERR_CANCELLED) {
3077 /* try to clear stall first */
3078 usbd_xfer_set_stall(xfer);
3079 if (error == USB_ERR_TIMEOUT)
3080 device_printf(sc->sc_dev, "device timeout\n");
3081 counter_u64_add(ic->ic_ierrors, 1);
3082 goto tr_setup;
3083 }
3084 if (sc->rx_m != NULL) {
3085 m_freem(sc->rx_m);
3086 sc->rx_m = NULL;
3087 }
3088 break;
3089 }
3090
3091 if (m == NULL)
3092 return;
3093
3094 /* inputting all the frames must be last */
3095
3096 RUN_UNLOCK(sc);
3097
3098 m->m_pkthdr.len = m->m_len = xferlen;
3099
3100 /* HW can aggregate multiple 802.11 frames in a single USB xfer */
3101 for(;;) {
3102 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff;
3103
3104 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) ||
3105 ((dmalen & 3) != 0)) {
3106 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3107 "bad DMA length %u\n", dmalen);
3108 break;
3109 }
3110 if ((dmalen + 8) > (uint32_t)xferlen) {
3111 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3112 "bad DMA length %u > %d\n",
3113 dmalen + 8, xferlen);
3114 break;
3115 }
3116
3117 /* If it is the last one or a single frame, we won't copy. */
3118 if ((xferlen -= dmalen + 8) <= 8) {
3119 /* trim 32-bit DMA-len header */
3120 m->m_data += 4;
3121 m->m_pkthdr.len = m->m_len -= 4;
3122 run_rx_frame(sc, m, dmalen);
3123 m = NULL; /* don't free source buffer */
3124 break;
3125 }
3126
3127 mbuf_len = dmalen + sizeof(struct rt2870_rxd);
3128 if (__predict_false(mbuf_len > MCLBYTES)) {
3129 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3130 "payload is too big: mbuf_len %u\n", mbuf_len);
3131 counter_u64_add(ic->ic_ierrors, 1);
3132 break;
3133 }
3134
3135 /* copy aggregated frames to another mbuf */
3136 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
3137 if (__predict_false(m0 == NULL)) {
3138 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC,
3139 "could not allocate mbuf\n");
3140 counter_u64_add(ic->ic_ierrors, 1);
3141 break;
3142 }
3143 m_copydata(m, 4 /* skip 32-bit DMA-len header */,
3144 mbuf_len, mtod(m0, caddr_t));
3145 m0->m_pkthdr.len = m0->m_len = mbuf_len;
3146 run_rx_frame(sc, m0, dmalen);
3147
3148 /* update data ptr */
3149 m->m_data += mbuf_len + 4;
3150 m->m_pkthdr.len = m->m_len -= mbuf_len + 4;
3151 }
3152
3153 /* make sure we free the source buffer, if any */
3154 m_freem(m);
3155
3156 #ifdef IEEE80211_SUPPORT_SUPERG
3157 ieee80211_ff_age_all(ic, 100);
3158 #endif
3159 RUN_LOCK(sc);
3160 }
3161
3162 static void
run_tx_free(struct run_endpoint_queue * pq,struct run_tx_data * data,int txerr)3163 run_tx_free(struct run_endpoint_queue *pq,
3164 struct run_tx_data *data, int txerr)
3165 {
3166
3167 ieee80211_tx_complete(data->ni, data->m, txerr);
3168
3169 data->m = NULL;
3170 data->ni = NULL;
3171
3172 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next);
3173 pq->tx_nfree++;
3174 }
3175
3176 static void
run_bulk_tx_callbackN(struct usb_xfer * xfer,usb_error_t error,u_int index)3177 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index)
3178 {
3179 struct run_softc *sc = usbd_xfer_softc(xfer);
3180 struct ieee80211com *ic = &sc->sc_ic;
3181 struct run_tx_data *data;
3182 struct ieee80211vap *vap = NULL;
3183 struct usb_page_cache *pc;
3184 struct run_endpoint_queue *pq = &sc->sc_epq[index];
3185 struct mbuf *m;
3186 usb_frlength_t size;
3187 int actlen;
3188 int sumlen;
3189
3190 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
3191
3192 switch (USB_GET_STATE(xfer)) {
3193 case USB_ST_TRANSFERRED:
3194 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_USB,
3195 "transfer complete: %d bytes @ index %d\n", actlen, index);
3196
3197 data = usbd_xfer_get_priv(xfer);
3198 run_tx_free(pq, data, 0);
3199 usbd_xfer_set_priv(xfer, NULL);
3200
3201 /* FALLTHROUGH */
3202 case USB_ST_SETUP:
3203 tr_setup:
3204 data = STAILQ_FIRST(&pq->tx_qh);
3205 if (data == NULL)
3206 break;
3207
3208 STAILQ_REMOVE_HEAD(&pq->tx_qh, next);
3209
3210 m = data->m;
3211 size = (sc->mac_ver == 0x5592) ?
3212 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc);
3213 if ((m->m_pkthdr.len +
3214 size + 3 + 8) > RUN_MAX_TXSZ) {
3215 RUN_DPRINTF(sc, RUN_DEBUG_XMIT_DESC | RUN_DEBUG_USB,
3216 "data overflow, %u bytes\n", m->m_pkthdr.len);
3217 run_tx_free(pq, data, 1);
3218 goto tr_setup;
3219 }
3220
3221 pc = usbd_xfer_get_frame(xfer, 0);
3222 usbd_copy_in(pc, 0, &data->desc, size);
3223 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len);
3224 size += m->m_pkthdr.len;
3225 /*
3226 * Align end on a 4-byte boundary, pad 8 bytes (CRC +
3227 * 4-byte padding), and be sure to zero those trailing
3228 * bytes:
3229 */
3230 usbd_frame_zero(pc, size, ((-size) & 3) + 8);
3231 size += ((-size) & 3) + 8;
3232
3233 vap = data->ni->ni_vap;
3234 if (ieee80211_radiotap_active_vap(vap)) {
3235 const struct ieee80211_frame *wh;
3236 struct run_tx_radiotap_header *tap = &sc->sc_txtap;
3237 struct rt2860_txwi *txwi =
3238 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd));
3239 int has_l2pad;
3240
3241 wh = mtod(m, struct ieee80211_frame *);
3242 has_l2pad = IEEE80211_HAS_ADDR4(wh) !=
3243 IEEE80211_QOS_HAS_SEQ(wh);
3244
3245 tap->wt_flags = 0;
3246 tap->wt_rate = rt2860_rates[data->ridx].rate;
3247 tap->wt_hwqueue = index;
3248 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE)
3249 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
3250 if (has_l2pad)
3251 tap->wt_flags |= IEEE80211_RADIOTAP_F_DATAPAD;
3252
3253 ieee80211_radiotap_tx(vap, m);
3254 }
3255
3256 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_USB,
3257 "sending frame len=%u/%u @ index %d\n",
3258 m->m_pkthdr.len, size, index);
3259
3260 usbd_xfer_set_frame_len(xfer, 0, size);
3261 usbd_xfer_set_priv(xfer, data);
3262 usbd_transfer_submit(xfer);
3263 run_start(sc);
3264
3265 break;
3266
3267 default:
3268 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_USB,
3269 "USB transfer error, %s\n", usbd_errstr(error));
3270
3271 data = usbd_xfer_get_priv(xfer);
3272
3273 if (data != NULL) {
3274 if(data->ni != NULL)
3275 vap = data->ni->ni_vap;
3276 run_tx_free(pq, data, error);
3277 usbd_xfer_set_priv(xfer, NULL);
3278 }
3279
3280 if (vap == NULL)
3281 vap = TAILQ_FIRST(&ic->ic_vaps);
3282
3283 if (error != USB_ERR_CANCELLED) {
3284 if (error == USB_ERR_TIMEOUT) {
3285 device_printf(sc->sc_dev, "device timeout\n");
3286 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store);
3287 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_USB,
3288 "cmdq_store=%d\n", i);
3289 sc->cmdq[i].func = run_usb_timeout_cb;
3290 sc->cmdq[i].arg0 = vap;
3291 ieee80211_runtask(ic, &sc->cmdq_task);
3292 }
3293
3294 /*
3295 * Try to clear stall first, also if other
3296 * errors occur, hence clearing stall
3297 * introduces a 50 ms delay:
3298 */
3299 usbd_xfer_set_stall(xfer);
3300 goto tr_setup;
3301 }
3302 break;
3303 }
3304 #ifdef IEEE80211_SUPPORT_SUPERG
3305 /* XXX TODO: make this deferred rather than unlock/relock */
3306 /* XXX TODO: should only do the QoS AC this belongs to */
3307 if (pq->tx_nfree >= RUN_TX_RING_COUNT) {
3308 RUN_UNLOCK(sc);
3309 ieee80211_ff_flush_all(ic);
3310 RUN_LOCK(sc);
3311 }
3312 #endif
3313 }
3314
3315 static void
run_bulk_tx_callback0(struct usb_xfer * xfer,usb_error_t error)3316 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error)
3317 {
3318 run_bulk_tx_callbackN(xfer, error, 0);
3319 }
3320
3321 static void
run_bulk_tx_callback1(struct usb_xfer * xfer,usb_error_t error)3322 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error)
3323 {
3324 run_bulk_tx_callbackN(xfer, error, 1);
3325 }
3326
3327 static void
run_bulk_tx_callback2(struct usb_xfer * xfer,usb_error_t error)3328 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error)
3329 {
3330 run_bulk_tx_callbackN(xfer, error, 2);
3331 }
3332
3333 static void
run_bulk_tx_callback3(struct usb_xfer * xfer,usb_error_t error)3334 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error)
3335 {
3336 run_bulk_tx_callbackN(xfer, error, 3);
3337 }
3338
3339 static void
run_bulk_tx_callback4(struct usb_xfer * xfer,usb_error_t error)3340 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error)
3341 {
3342 run_bulk_tx_callbackN(xfer, error, 4);
3343 }
3344
3345 static void
run_bulk_tx_callback5(struct usb_xfer * xfer,usb_error_t error)3346 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error)
3347 {
3348 run_bulk_tx_callbackN(xfer, error, 5);
3349 }
3350
3351 static void
run_set_tx_desc(struct run_softc * sc,struct run_tx_data * data)3352 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data)
3353 {
3354 struct mbuf *m = data->m;
3355 struct ieee80211com *ic = &sc->sc_ic;
3356 struct ieee80211vap *vap = data->ni->ni_vap;
3357 struct ieee80211_frame *wh;
3358 struct rt2870_txd *txd;
3359 struct rt2860_txwi *txwi;
3360 uint16_t xferlen, txwisize;
3361 uint16_t mcs;
3362 uint8_t ridx = data->ridx;
3363 uint8_t pad;
3364
3365 /* get MCS code from rate index */
3366 mcs = rt2860_rates[ridx].mcs;
3367
3368 txwisize = (sc->mac_ver == 0x5592) ?
3369 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi);
3370 xferlen = txwisize + m->m_pkthdr.len;
3371
3372 /* roundup to 32-bit alignment */
3373 xferlen = (xferlen + 3) & ~3;
3374
3375 txd = (struct rt2870_txd *)&data->desc;
3376 txd->len = htole16(xferlen);
3377
3378 wh = mtod(m, struct ieee80211_frame *);
3379
3380 /*
3381 * Ether both are true or both are false, the header
3382 * are nicely aligned to 32-bit. So, no L2 padding.
3383 */
3384 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh))
3385 pad = 0;
3386 else
3387 pad = 2;
3388
3389 /* setup TX Wireless Information */
3390 txwi = (struct rt2860_txwi *)(txd + 1);
3391 txwi->len = htole16(m->m_pkthdr.len - pad);
3392 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) {
3393 mcs |= RT2860_PHY_CCK;
3394 if (ridx != RT2860_RIDX_CCK1 &&
3395 (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
3396 mcs |= RT2860_PHY_SHPRE;
3397 } else if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) {
3398 mcs |= RT2860_PHY_OFDM;
3399 } else if (rt2860_rates[ridx].phy == IEEE80211_T_HT) {
3400 /* XXX TODO: [adrian] set short preamble for MCS? */
3401 mcs |= RT2860_PHY_HT_MIX; /* Mixed, not greenfield */
3402 }
3403 txwi->phy = htole16(mcs);
3404
3405 /* check if RTS/CTS or CTS-to-self protection is required */
3406 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
3407 ((m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold) ||
3408 ((ic->ic_flags & IEEE80211_F_USEPROT) &&
3409 rt2860_rates[ridx].phy == IEEE80211_T_OFDM) ||
3410 ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) &&
3411 rt2860_rates[ridx].phy == IEEE80211_T_HT)))
3412 txwi->txop |= RT2860_TX_TXOP_HT;
3413 else
3414 txwi->txop |= RT2860_TX_TXOP_BACKOFF;
3415
3416 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh))
3417 txwi->xflags |= RT2860_TX_NSEQ;
3418 }
3419
3420 /* This function must be called locked */
3421 static int
run_tx(struct run_softc * sc,struct mbuf * m,struct ieee80211_node * ni)3422 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni)
3423 {
3424 struct ieee80211com *ic = &sc->sc_ic;
3425 struct ieee80211vap *vap = ni->ni_vap;
3426 struct ieee80211_frame *wh;
3427 const struct ieee80211_txparam *tp = ni->ni_txparms;
3428 struct run_node *rn = RUN_NODE(ni);
3429 struct run_tx_data *data;
3430 struct rt2870_txd *txd;
3431 struct rt2860_txwi *txwi;
3432 uint16_t qos;
3433 uint16_t dur;
3434 uint16_t qid;
3435 uint8_t type;
3436 uint8_t tid;
3437 uint8_t ridx;
3438 uint8_t ctl_ridx;
3439 uint8_t qflags;
3440 uint8_t xflags = 0;
3441 int hasqos;
3442
3443 RUN_LOCK_ASSERT(sc, MA_OWNED);
3444
3445 wh = mtod(m, struct ieee80211_frame *);
3446
3447 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
3448
3449 /*
3450 * There are 7 bulk endpoints: 1 for RX
3451 * and 6 for TX (4 EDCAs + HCCA + Prio).
3452 * Update 03-14-2009: some devices like the Planex GW-US300MiniS
3453 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki).
3454 */
3455 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) {
3456 uint8_t *frm;
3457
3458 frm = ieee80211_getqos(wh);
3459 qos = le16toh(*(const uint16_t *)frm);
3460 tid = qos & IEEE80211_QOS_TID;
3461 qid = TID_TO_WME_AC(tid);
3462 } else {
3463 qos = 0;
3464 tid = 0;
3465 qid = WME_AC_BE;
3466 }
3467 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA;
3468
3469 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "qos %d\tqid %d\ttid %d\tqflags %x\n",
3470 qos, qid, tid, qflags);
3471
3472 /* pickup a rate index */
3473 if (IEEE80211_IS_MULTICAST(wh->i_addr1) ||
3474 type != IEEE80211_FC0_TYPE_DATA || m->m_flags & M_EAPOL) {
3475 /* XXX TODO: methodize for 11n; use MCS0 for 11NA/11NG */
3476 ridx = (ic->ic_curmode == IEEE80211_MODE_11A || ic->ic_curmode == IEEE80211_MODE_11NA) ?
3477 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1;
3478 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
3479 } else {
3480 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE)
3481 ridx = rn->fix_ridx;
3482 else
3483 ridx = rn->amrr_ridx;
3484 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
3485 }
3486
3487 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
3488 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) !=
3489 IEEE80211_QOS_ACKPOLICY_NOACK)) {
3490 xflags |= RT2860_TX_ACK;
3491 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
3492 dur = rt2860_rates[ctl_ridx].sp_ack_dur;
3493 else
3494 dur = rt2860_rates[ctl_ridx].lp_ack_dur;
3495 USETW(wh->i_dur, dur);
3496 }
3497
3498 /* reserve slots for mgmt packets, just in case */
3499 if (sc->sc_epq[qid].tx_nfree < 3) {
3500 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "tx ring %d is full\n", qid);
3501 return (-1);
3502 }
3503
3504 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh);
3505 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next);
3506 sc->sc_epq[qid].tx_nfree--;
3507
3508 txd = (struct rt2870_txd *)&data->desc;
3509 txd->flags = qflags;
3510 txwi = (struct rt2860_txwi *)(txd + 1);
3511 txwi->xflags = xflags;
3512 if (IEEE80211_IS_MULTICAST(wh->i_addr1))
3513 txwi->wcid = 0;
3514 else
3515 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ?
3516 1 : RUN_AID2WCID(ni->ni_associd);
3517
3518 /* clear leftover garbage bits */
3519 txwi->flags = 0;
3520 txwi->txop = 0;
3521
3522 data->m = m;
3523 data->ni = ni;
3524 data->ridx = ridx;
3525
3526 /* Assign sequence number now, regardless of A-MPDU TX or otherwise (for now) */
3527 ieee80211_output_seqno_assign(ni, -1, m);
3528
3529 run_set_tx_desc(sc, data);
3530
3531 /*
3532 * The chip keeps track of 2 kind of Tx stats,
3533 * * TX_STAT_FIFO, for per WCID stats, and
3534 * * TX_STA_CNT0 for all-TX-in-one stats.
3535 *
3536 * To use FIFO stats, we need to store MCS into the driver-private
3537 * PacketID field. So that, we can tell whose stats when we read them.
3538 * We add 1 to the MCS because setting the PacketID field to 0 means
3539 * that we don't want feedback in TX_STAT_FIFO.
3540 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job.
3541 *
3542 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx().
3543 */
3544 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP ||
3545 vap->iv_opmode == IEEE80211_M_MBSS) {
3546 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf;
3547 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT);
3548
3549 /*
3550 * Unlike PCI based devices, we don't get any interrupt from
3551 * USB devices, so we simulate FIFO-is-full interrupt here.
3552 * Ralink recommends to drain FIFO stats every 100 ms, but 16 slots
3553 * quickly get fulled. To prevent overflow, increment a counter on
3554 * every FIFO stat request, so we know how many slots are left.
3555 * We do this only in HOSTAP or multiple vap mode since FIFO stats
3556 * are used only in those modes.
3557 * We just drain stats. AMRR gets updated every 1 sec by
3558 * run_ratectl_cb() via callout.
3559 * Call it early. Otherwise overflow.
3560 */
3561 if (sc->fifo_cnt++ == 10) {
3562 /*
3563 * With multiple vaps or if_bridge, if_start() is called
3564 * with a non-sleepable lock, tcpinp. So, need to defer.
3565 */
3566 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store);
3567 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "cmdq_store=%d\n", i);
3568 sc->cmdq[i].func = run_drain_fifo;
3569 sc->cmdq[i].arg0 = sc;
3570 ieee80211_runtask(ic, &sc->cmdq_task);
3571 }
3572 }
3573
3574 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next);
3575
3576 usbd_transfer_start(sc->sc_xfer[qid]);
3577
3578 RUN_DPRINTF(sc, RUN_DEBUG_XMIT,
3579 "sending data frame len=%d rate=%d qid=%d\n",
3580 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) +
3581 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid);
3582
3583 return (0);
3584 }
3585
3586 static int
run_tx_mgt(struct run_softc * sc,struct mbuf * m,struct ieee80211_node * ni)3587 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni)
3588 {
3589 struct ieee80211com *ic = &sc->sc_ic;
3590 struct run_node *rn = RUN_NODE(ni);
3591 struct run_tx_data *data;
3592 struct ieee80211_frame *wh;
3593 struct rt2870_txd *txd;
3594 struct rt2860_txwi *txwi;
3595 uint16_t dur;
3596 uint8_t ridx = rn->mgt_ridx;
3597 uint8_t xflags = 0;
3598 uint8_t wflags = 0;
3599
3600 RUN_LOCK_ASSERT(sc, MA_OWNED);
3601
3602 wh = mtod(m, struct ieee80211_frame *);
3603
3604 /* tell hardware to add timestamp for probe responses */
3605 if (IEEE80211_IS_MGMT_PROBE_RESP(wh))
3606 wflags |= RT2860_TX_TS;
3607 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
3608 xflags |= RT2860_TX_ACK;
3609
3610 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate,
3611 ic->ic_flags & IEEE80211_F_SHPREAMBLE);
3612 USETW(wh->i_dur, dur);
3613 }
3614
3615 if (sc->sc_epq[0].tx_nfree == 0)
3616 /* let caller free mbuf */
3617 return (EIO);
3618 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
3619 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
3620 sc->sc_epq[0].tx_nfree--;
3621
3622 txd = (struct rt2870_txd *)&data->desc;
3623 txd->flags = RT2860_TX_QSEL_EDCA;
3624 txwi = (struct rt2860_txwi *)(txd + 1);
3625 txwi->wcid = 0xff;
3626 txwi->flags = wflags;
3627 txwi->xflags = xflags;
3628 txwi->txop = 0; /* clear leftover garbage bits */
3629
3630 data->m = m;
3631 data->ni = ni;
3632 data->ridx = ridx;
3633
3634 /* Assign sequence number now, regardless of A-MPDU TX or otherwise (for now) */
3635 ieee80211_output_seqno_assign(ni, -1, m);
3636
3637 run_set_tx_desc(sc, data);
3638
3639 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "sending mgt frame len=%d rate=%d\n",
3640 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) +
3641 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate);
3642
3643 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
3644
3645 usbd_transfer_start(sc->sc_xfer[0]);
3646
3647 return (0);
3648 }
3649
3650 static int
run_sendprot(struct run_softc * sc,const struct mbuf * m,struct ieee80211_node * ni,int prot,int rate)3651 run_sendprot(struct run_softc *sc,
3652 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate)
3653 {
3654 struct ieee80211com *ic = ni->ni_ic;
3655 struct run_tx_data *data;
3656 struct rt2870_txd *txd;
3657 struct rt2860_txwi *txwi;
3658 struct mbuf *mprot;
3659 int ridx;
3660 int protrate;
3661 uint8_t wflags = 0;
3662 uint8_t xflags = 0;
3663
3664 RUN_LOCK_ASSERT(sc, MA_OWNED);
3665
3666 /* check that there are free slots before allocating the mbuf */
3667 if (sc->sc_epq[0].tx_nfree == 0)
3668 /* let caller free mbuf */
3669 return (ENOBUFS);
3670
3671 mprot = ieee80211_alloc_prot(ni, m, rate, prot);
3672 if (mprot == NULL) {
3673 if_inc_counter(ni->ni_vap->iv_ifp, IFCOUNTER_OERRORS, 1);
3674 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "could not allocate mbuf\n");
3675 return (ENOBUFS);
3676 }
3677
3678 protrate = ieee80211_ctl_rate(ic->ic_rt, rate);
3679 wflags = RT2860_TX_FRAG;
3680 xflags = 0;
3681 if (prot == IEEE80211_PROT_RTSCTS)
3682 xflags |= RT2860_TX_ACK;
3683
3684 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
3685 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
3686 sc->sc_epq[0].tx_nfree--;
3687
3688 txd = (struct rt2870_txd *)&data->desc;
3689 txd->flags = RT2860_TX_QSEL_EDCA;
3690 txwi = (struct rt2860_txwi *)(txd + 1);
3691 txwi->wcid = 0xff;
3692 txwi->flags = wflags;
3693 txwi->xflags = xflags;
3694 txwi->txop = 0; /* clear leftover garbage bits */
3695
3696 data->m = mprot;
3697 data->ni = ieee80211_ref_node(ni);
3698
3699 /* XXX TODO: methodize with MCS rates */
3700 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
3701 if (rt2860_rates[ridx].rate == protrate)
3702 break;
3703 data->ridx = ridx;
3704
3705 run_set_tx_desc(sc, data);
3706
3707 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "sending prot len=%u rate=%u\n",
3708 m->m_pkthdr.len, rate);
3709
3710 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
3711
3712 usbd_transfer_start(sc->sc_xfer[0]);
3713
3714 return (0);
3715 }
3716
3717 static int
run_tx_param(struct run_softc * sc,struct mbuf * m,struct ieee80211_node * ni,const struct ieee80211_bpf_params * params)3718 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni,
3719 const struct ieee80211_bpf_params *params)
3720 {
3721 struct ieee80211com *ic = ni->ni_ic;
3722 struct run_tx_data *data;
3723 struct rt2870_txd *txd;
3724 struct rt2860_txwi *txwi;
3725 uint8_t ridx;
3726 uint8_t rate;
3727 uint8_t opflags = 0;
3728 uint8_t xflags = 0;
3729 int error;
3730
3731 RUN_LOCK_ASSERT(sc, MA_OWNED);
3732
3733 KASSERT(params != NULL, ("no raw xmit params"));
3734
3735 rate = params->ibp_rate0;
3736 if (!ieee80211_isratevalid(ic->ic_rt, rate)) {
3737 /* let caller free mbuf */
3738 return (EINVAL);
3739 }
3740
3741 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0)
3742 xflags |= RT2860_TX_ACK;
3743 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) {
3744 error = run_sendprot(sc, m, ni,
3745 params->ibp_flags & IEEE80211_BPF_RTS ?
3746 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY,
3747 rate);
3748 if (error) {
3749 /* let caller free mbuf */
3750 return error;
3751 }
3752 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS;
3753 }
3754
3755 if (sc->sc_epq[0].tx_nfree == 0) {
3756 /* let caller free mbuf */
3757 RUN_DPRINTF(sc, RUN_DEBUG_XMIT,
3758 "sending raw frame, but tx ring is full\n");
3759 return (EIO);
3760 }
3761 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
3762 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
3763 sc->sc_epq[0].tx_nfree--;
3764
3765 txd = (struct rt2870_txd *)&data->desc;
3766 txd->flags = RT2860_TX_QSEL_EDCA;
3767 txwi = (struct rt2860_txwi *)(txd + 1);
3768 txwi->wcid = 0xff;
3769 txwi->xflags = xflags;
3770 txwi->txop = opflags;
3771 txwi->flags = 0; /* clear leftover garbage bits */
3772
3773 data->m = m;
3774 data->ni = ni;
3775 /* XXX TODO: methodize with MCS rates */
3776 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
3777 if (rt2860_rates[ridx].rate == rate)
3778 break;
3779 data->ridx = ridx;
3780
3781 /* Assign sequence number now, regardless of A-MPDU TX or otherwise (for now) */
3782 ieee80211_output_seqno_assign(ni, -1, m);
3783
3784 run_set_tx_desc(sc, data);
3785
3786 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "sending raw frame len=%u rate=%u\n",
3787 m->m_pkthdr.len, rate);
3788
3789 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
3790
3791 usbd_transfer_start(sc->sc_xfer[0]);
3792
3793 return (0);
3794 }
3795
3796 static int
run_raw_xmit(struct ieee80211_node * ni,struct mbuf * m,const struct ieee80211_bpf_params * params)3797 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
3798 const struct ieee80211_bpf_params *params)
3799 {
3800 struct run_softc *sc = ni->ni_ic->ic_softc;
3801 int error = 0;
3802
3803 RUN_LOCK(sc);
3804
3805 /* prevent management frames from being sent if we're not ready */
3806 if (!(sc->sc_flags & RUN_RUNNING)) {
3807 error = ENETDOWN;
3808 goto done;
3809 }
3810
3811 if (params == NULL) {
3812 /* tx mgt packet */
3813 if ((error = run_tx_mgt(sc, m, ni)) != 0) {
3814 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "mgt tx failed\n");
3815 goto done;
3816 }
3817 } else {
3818 /* tx raw packet with param */
3819 if ((error = run_tx_param(sc, m, ni, params)) != 0) {
3820 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "tx with param failed\n");
3821 goto done;
3822 }
3823 }
3824
3825 done:
3826 RUN_UNLOCK(sc);
3827
3828 if (error != 0) {
3829 if(m != NULL)
3830 m_freem(m);
3831 }
3832
3833 return (error);
3834 }
3835
3836 static int
run_transmit(struct ieee80211com * ic,struct mbuf * m)3837 run_transmit(struct ieee80211com *ic, struct mbuf *m)
3838 {
3839 struct run_softc *sc = ic->ic_softc;
3840 int error;
3841
3842 RUN_LOCK(sc);
3843 if ((sc->sc_flags & RUN_RUNNING) == 0) {
3844 RUN_UNLOCK(sc);
3845 return (ENXIO);
3846 }
3847 error = mbufq_enqueue(&sc->sc_snd, m);
3848 if (error) {
3849 RUN_UNLOCK(sc);
3850 return (error);
3851 }
3852 run_start(sc);
3853 RUN_UNLOCK(sc);
3854
3855 return (0);
3856 }
3857
3858 static void
run_start(struct run_softc * sc)3859 run_start(struct run_softc *sc)
3860 {
3861 struct ieee80211_node *ni;
3862 struct mbuf *m;
3863
3864 RUN_LOCK_ASSERT(sc, MA_OWNED);
3865
3866 if ((sc->sc_flags & RUN_RUNNING) == 0)
3867 return;
3868
3869 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
3870 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
3871 if (run_tx(sc, m, ni) != 0) {
3872 mbufq_prepend(&sc->sc_snd, m);
3873 break;
3874 }
3875 }
3876 }
3877
3878 static void
run_parent(struct ieee80211com * ic)3879 run_parent(struct ieee80211com *ic)
3880 {
3881 struct run_softc *sc = ic->ic_softc;
3882 int startall = 0;
3883
3884 RUN_LOCK(sc);
3885 if (sc->sc_detached) {
3886 RUN_UNLOCK(sc);
3887 return;
3888 }
3889
3890 if (ic->ic_nrunning > 0) {
3891 if (!(sc->sc_flags & RUN_RUNNING)) {
3892 startall = 1;
3893 run_init_locked(sc);
3894 } else
3895 run_update_promisc_locked(sc);
3896 } else if ((sc->sc_flags & RUN_RUNNING) && sc->rvp_cnt <= 1)
3897 run_stop(sc);
3898 RUN_UNLOCK(sc);
3899 if (startall)
3900 ieee80211_start_all(ic);
3901 }
3902
3903 static void
run_iq_calib(struct run_softc * sc,u_int chan)3904 run_iq_calib(struct run_softc *sc, u_int chan)
3905 {
3906 uint16_t val;
3907
3908 /* Tx0 IQ gain. */
3909 run_bbp_write(sc, 158, 0x2c);
3910 if (chan <= 14)
3911 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1);
3912 else if (chan <= 64) {
3913 run_efuse_read(sc,
3914 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ,
3915 &val, 1);
3916 } else if (chan <= 138) {
3917 run_efuse_read(sc,
3918 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ,
3919 &val, 1);
3920 } else if (chan <= 165) {
3921 run_efuse_read(sc,
3922 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ,
3923 &val, 1);
3924 } else
3925 val = 0;
3926 run_bbp_write(sc, 159, val);
3927
3928 /* Tx0 IQ phase. */
3929 run_bbp_write(sc, 158, 0x2d);
3930 if (chan <= 14) {
3931 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ,
3932 &val, 1);
3933 } else if (chan <= 64) {
3934 run_efuse_read(sc,
3935 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ,
3936 &val, 1);
3937 } else if (chan <= 138) {
3938 run_efuse_read(sc,
3939 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ,
3940 &val, 1);
3941 } else if (chan <= 165) {
3942 run_efuse_read(sc,
3943 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ,
3944 &val, 1);
3945 } else
3946 val = 0;
3947 run_bbp_write(sc, 159, val);
3948
3949 /* Tx1 IQ gain. */
3950 run_bbp_write(sc, 158, 0x4a);
3951 if (chan <= 14) {
3952 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ,
3953 &val, 1);
3954 } else if (chan <= 64) {
3955 run_efuse_read(sc,
3956 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ,
3957 &val, 1);
3958 } else if (chan <= 138) {
3959 run_efuse_read(sc,
3960 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ,
3961 &val, 1);
3962 } else if (chan <= 165) {
3963 run_efuse_read(sc,
3964 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ,
3965 &val, 1);
3966 } else
3967 val = 0;
3968 run_bbp_write(sc, 159, val);
3969
3970 /* Tx1 IQ phase. */
3971 run_bbp_write(sc, 158, 0x4b);
3972 if (chan <= 14) {
3973 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ,
3974 &val, 1);
3975 } else if (chan <= 64) {
3976 run_efuse_read(sc,
3977 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ,
3978 &val, 1);
3979 } else if (chan <= 138) {
3980 run_efuse_read(sc,
3981 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ,
3982 &val, 1);
3983 } else if (chan <= 165) {
3984 run_efuse_read(sc,
3985 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ,
3986 &val, 1);
3987 } else
3988 val = 0;
3989 run_bbp_write(sc, 159, val);
3990
3991 /* RF IQ compensation control. */
3992 run_bbp_write(sc, 158, 0x04);
3993 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL,
3994 &val, 1);
3995 run_bbp_write(sc, 159, val);
3996
3997 /* RF IQ imbalance compensation control. */
3998 run_bbp_write(sc, 158, 0x03);
3999 run_efuse_read(sc,
4000 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1);
4001 run_bbp_write(sc, 159, val);
4002 }
4003
4004 static void
run_set_agc(struct run_softc * sc,uint8_t agc)4005 run_set_agc(struct run_softc *sc, uint8_t agc)
4006 {
4007 uint8_t bbp;
4008
4009 if (sc->mac_ver == 0x3572) {
4010 run_bbp_read(sc, 27, &bbp);
4011 bbp &= ~(0x3 << 5);
4012 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */
4013 run_bbp_write(sc, 66, agc);
4014 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */
4015 run_bbp_write(sc, 66, agc);
4016 } else
4017 run_bbp_write(sc, 66, agc);
4018 }
4019
4020 static void
run_select_chan_group(struct run_softc * sc,int group)4021 run_select_chan_group(struct run_softc *sc, int group)
4022 {
4023 uint32_t tmp;
4024 uint8_t agc;
4025
4026 run_bbp_write(sc, 62, 0x37 - sc->lna[group]);
4027 run_bbp_write(sc, 63, 0x37 - sc->lna[group]);
4028 run_bbp_write(sc, 64, 0x37 - sc->lna[group]);
4029 if (sc->mac_ver < 0x3572)
4030 run_bbp_write(sc, 86, 0x00);
4031
4032 if (sc->mac_ver == 0x3593) {
4033 run_bbp_write(sc, 77, 0x98);
4034 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a);
4035 }
4036
4037 if (group == 0) {
4038 if (sc->ext_2ghz_lna) {
4039 if (sc->mac_ver >= 0x5390)
4040 run_bbp_write(sc, 75, 0x52);
4041 else {
4042 run_bbp_write(sc, 82, 0x62);
4043 run_bbp_write(sc, 75, 0x46);
4044 }
4045 } else {
4046 if (sc->mac_ver == 0x5592) {
4047 run_bbp_write(sc, 79, 0x1c);
4048 run_bbp_write(sc, 80, 0x0e);
4049 run_bbp_write(sc, 81, 0x3a);
4050 run_bbp_write(sc, 82, 0x62);
4051
4052 run_bbp_write(sc, 195, 0x80);
4053 run_bbp_write(sc, 196, 0xe0);
4054 run_bbp_write(sc, 195, 0x81);
4055 run_bbp_write(sc, 196, 0x1f);
4056 run_bbp_write(sc, 195, 0x82);
4057 run_bbp_write(sc, 196, 0x38);
4058 run_bbp_write(sc, 195, 0x83);
4059 run_bbp_write(sc, 196, 0x32);
4060 run_bbp_write(sc, 195, 0x85);
4061 run_bbp_write(sc, 196, 0x28);
4062 run_bbp_write(sc, 195, 0x86);
4063 run_bbp_write(sc, 196, 0x19);
4064 } else if (sc->mac_ver >= 0x5390)
4065 run_bbp_write(sc, 75, 0x50);
4066 else {
4067 run_bbp_write(sc, 82,
4068 (sc->mac_ver == 0x3593) ? 0x62 : 0x84);
4069 run_bbp_write(sc, 75, 0x50);
4070 }
4071 }
4072 } else {
4073 if (sc->mac_ver == 0x5592) {
4074 run_bbp_write(sc, 79, 0x18);
4075 run_bbp_write(sc, 80, 0x08);
4076 run_bbp_write(sc, 81, 0x38);
4077 run_bbp_write(sc, 82, 0x92);
4078
4079 run_bbp_write(sc, 195, 0x80);
4080 run_bbp_write(sc, 196, 0xf0);
4081 run_bbp_write(sc, 195, 0x81);
4082 run_bbp_write(sc, 196, 0x1e);
4083 run_bbp_write(sc, 195, 0x82);
4084 run_bbp_write(sc, 196, 0x28);
4085 run_bbp_write(sc, 195, 0x83);
4086 run_bbp_write(sc, 196, 0x20);
4087 run_bbp_write(sc, 195, 0x85);
4088 run_bbp_write(sc, 196, 0x7f);
4089 run_bbp_write(sc, 195, 0x86);
4090 run_bbp_write(sc, 196, 0x7f);
4091 } else if (sc->mac_ver == 0x3572)
4092 run_bbp_write(sc, 82, 0x94);
4093 else
4094 run_bbp_write(sc, 82,
4095 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2);
4096 if (sc->ext_5ghz_lna)
4097 run_bbp_write(sc, 75, 0x46);
4098 else
4099 run_bbp_write(sc, 75, 0x50);
4100 }
4101
4102 run_read(sc, RT2860_TX_BAND_CFG, &tmp);
4103 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P);
4104 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P;
4105 run_write(sc, RT2860_TX_BAND_CFG, tmp);
4106
4107 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */
4108 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN;
4109 if (sc->mac_ver == 0x3593)
4110 tmp |= 1 << 29 | 1 << 28;
4111 if (sc->nrxchains > 1)
4112 tmp |= RT2860_LNA_PE1_EN;
4113 if (group == 0) { /* 2GHz */
4114 tmp |= RT2860_PA_PE_G0_EN;
4115 if (sc->ntxchains > 1)
4116 tmp |= RT2860_PA_PE_G1_EN;
4117 if (sc->mac_ver == 0x3593) {
4118 if (sc->ntxchains > 2)
4119 tmp |= 1 << 25;
4120 }
4121 } else { /* 5GHz */
4122 tmp |= RT2860_PA_PE_A0_EN;
4123 if (sc->ntxchains > 1)
4124 tmp |= RT2860_PA_PE_A1_EN;
4125 }
4126 if (sc->mac_ver == 0x3572) {
4127 run_rt3070_rf_write(sc, 8, 0x00);
4128 run_write(sc, RT2860_TX_PIN_CFG, tmp);
4129 run_rt3070_rf_write(sc, 8, 0x80);
4130 } else
4131 run_write(sc, RT2860_TX_PIN_CFG, tmp);
4132
4133 if (sc->mac_ver == 0x5592) {
4134 run_bbp_write(sc, 195, 0x8d);
4135 run_bbp_write(sc, 196, 0x1a);
4136 }
4137
4138 if (sc->mac_ver == 0x3593) {
4139 run_read(sc, RT2860_GPIO_CTRL, &tmp);
4140 tmp &= ~0x01010000;
4141 if (group == 0)
4142 tmp |= 0x00010000;
4143 tmp = (tmp & ~0x00009090) | 0x00000090;
4144 run_write(sc, RT2860_GPIO_CTRL, tmp);
4145 }
4146
4147 /* set initial AGC value */
4148 if (group == 0) { /* 2GHz band */
4149 if (sc->mac_ver >= 0x3070)
4150 agc = 0x1c + sc->lna[0] * 2;
4151 else
4152 agc = 0x2e + sc->lna[0];
4153 } else { /* 5GHz band */
4154 if (sc->mac_ver == 0x5592)
4155 agc = 0x24 + sc->lna[group] * 2;
4156 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593)
4157 agc = 0x22 + (sc->lna[group] * 5) / 3;
4158 else
4159 agc = 0x32 + (sc->lna[group] * 5) / 3;
4160 }
4161 run_set_agc(sc, agc);
4162 }
4163
4164 static void
run_rt2870_set_chan(struct run_softc * sc,u_int chan)4165 run_rt2870_set_chan(struct run_softc *sc, u_int chan)
4166 {
4167 const struct rfprog *rfprog = rt2860_rf2850;
4168 uint32_t r2, r3, r4;
4169 int8_t txpow1, txpow2;
4170 int i;
4171
4172 /* find the settings for this channel (we know it exists) */
4173 for (i = 0; rfprog[i].chan != chan; i++);
4174
4175 r2 = rfprog[i].r2;
4176 if (sc->ntxchains == 1)
4177 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */
4178 if (sc->nrxchains == 1)
4179 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */
4180 else if (sc->nrxchains == 2)
4181 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */
4182
4183 /* use Tx power values from EEPROM */
4184 txpow1 = sc->txpow1[i];
4185 txpow2 = sc->txpow2[i];
4186
4187 /* Initialize RF R3 and R4. */
4188 r3 = rfprog[i].r3 & 0xffffc1ff;
4189 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15);
4190 if (chan > 14) {
4191 if (txpow1 >= 0) {
4192 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1);
4193 r3 |= (txpow1 << 10) | (1 << 9);
4194 } else {
4195 txpow1 += 7;
4196
4197 /* txpow1 is not possible larger than 15. */
4198 r3 |= (txpow1 << 10);
4199 }
4200 if (txpow2 >= 0) {
4201 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2);
4202 r4 |= (txpow2 << 7) | (1 << 6);
4203 } else {
4204 txpow2 += 7;
4205 r4 |= (txpow2 << 7);
4206 }
4207 } else {
4208 /* Set Tx0 power. */
4209 r3 |= (txpow1 << 9);
4210
4211 /* Set frequency offset and Tx1 power. */
4212 r4 |= (txpow2 << 6);
4213 }
4214
4215 run_rt2870_rf_write(sc, rfprog[i].r1);
4216 run_rt2870_rf_write(sc, r2);
4217 run_rt2870_rf_write(sc, r3 & ~(1 << 2));
4218 run_rt2870_rf_write(sc, r4);
4219
4220 run_delay(sc, 10);
4221
4222 run_rt2870_rf_write(sc, rfprog[i].r1);
4223 run_rt2870_rf_write(sc, r2);
4224 run_rt2870_rf_write(sc, r3 | (1 << 2));
4225 run_rt2870_rf_write(sc, r4);
4226
4227 run_delay(sc, 10);
4228
4229 run_rt2870_rf_write(sc, rfprog[i].r1);
4230 run_rt2870_rf_write(sc, r2);
4231 run_rt2870_rf_write(sc, r3 & ~(1 << 2));
4232 run_rt2870_rf_write(sc, r4);
4233 }
4234
4235 static void
run_rt3070_set_chan(struct run_softc * sc,u_int chan)4236 run_rt3070_set_chan(struct run_softc *sc, u_int chan)
4237 {
4238 int8_t txpow1, txpow2;
4239 uint8_t rf;
4240 int i;
4241
4242 /* find the settings for this channel (we know it exists) */
4243 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
4244
4245 /* use Tx power values from EEPROM */
4246 txpow1 = sc->txpow1[i];
4247 txpow2 = sc->txpow2[i];
4248
4249 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n);
4250
4251 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */
4252 run_rt3070_rf_read(sc, 3, &rf);
4253 rf = (rf & ~0x0f) | rt3070_freqs[i].k;
4254 run_rt3070_rf_write(sc, 3, rf);
4255
4256 run_rt3070_rf_read(sc, 6, &rf);
4257 rf = (rf & ~0x03) | rt3070_freqs[i].r;
4258 run_rt3070_rf_write(sc, 6, rf);
4259
4260 /* set Tx0 power */
4261 run_rt3070_rf_read(sc, 12, &rf);
4262 rf = (rf & ~0x1f) | txpow1;
4263 run_rt3070_rf_write(sc, 12, rf);
4264
4265 /* set Tx1 power */
4266 run_rt3070_rf_read(sc, 13, &rf);
4267 rf = (rf & ~0x1f) | txpow2;
4268 run_rt3070_rf_write(sc, 13, rf);
4269
4270 run_rt3070_rf_read(sc, 1, &rf);
4271 rf &= ~0xfc;
4272 if (sc->ntxchains == 1)
4273 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */
4274 else if (sc->ntxchains == 2)
4275 rf |= 1 << 7; /* 2T: disable Tx chain 3 */
4276 if (sc->nrxchains == 1)
4277 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
4278 else if (sc->nrxchains == 2)
4279 rf |= 1 << 6; /* 2R: disable Rx chain 3 */
4280 run_rt3070_rf_write(sc, 1, rf);
4281
4282 /* set RF offset */
4283 run_rt3070_rf_read(sc, 23, &rf);
4284 rf = (rf & ~0x7f) | sc->freq;
4285 run_rt3070_rf_write(sc, 23, rf);
4286
4287 /* program RF filter */
4288 run_rt3070_rf_read(sc, 24, &rf); /* Tx */
4289 rf = (rf & ~0x3f) | sc->rf24_20mhz;
4290 run_rt3070_rf_write(sc, 24, rf);
4291 run_rt3070_rf_read(sc, 31, &rf); /* Rx */
4292 rf = (rf & ~0x3f) | sc->rf24_20mhz;
4293 run_rt3070_rf_write(sc, 31, rf);
4294
4295 /* enable RF tuning */
4296 run_rt3070_rf_read(sc, 7, &rf);
4297 run_rt3070_rf_write(sc, 7, rf | 0x01);
4298 }
4299
4300 static void
run_rt3572_set_chan(struct run_softc * sc,u_int chan)4301 run_rt3572_set_chan(struct run_softc *sc, u_int chan)
4302 {
4303 int8_t txpow1, txpow2;
4304 uint32_t tmp;
4305 uint8_t rf;
4306 int i;
4307
4308 /* find the settings for this channel (we know it exists) */
4309 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
4310
4311 /* use Tx power values from EEPROM */
4312 txpow1 = sc->txpow1[i];
4313 txpow2 = sc->txpow2[i];
4314
4315 if (chan <= 14) {
4316 run_bbp_write(sc, 25, sc->bbp25);
4317 run_bbp_write(sc, 26, sc->bbp26);
4318 } else {
4319 /* enable IQ phase correction */
4320 run_bbp_write(sc, 25, 0x09);
4321 run_bbp_write(sc, 26, 0xff);
4322 }
4323
4324 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n);
4325 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k);
4326 run_rt3070_rf_read(sc, 6, &rf);
4327 rf = (rf & ~0x0f) | rt3070_freqs[i].r;
4328 rf |= (chan <= 14) ? 0x08 : 0x04;
4329 run_rt3070_rf_write(sc, 6, rf);
4330
4331 /* set PLL mode */
4332 run_rt3070_rf_read(sc, 5, &rf);
4333 rf &= ~(0x08 | 0x04);
4334 rf |= (chan <= 14) ? 0x04 : 0x08;
4335 run_rt3070_rf_write(sc, 5, rf);
4336
4337 /* set Tx power for chain 0 */
4338 if (chan <= 14)
4339 rf = 0x60 | txpow1;
4340 else
4341 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3);
4342 run_rt3070_rf_write(sc, 12, rf);
4343
4344 /* set Tx power for chain 1 */
4345 if (chan <= 14)
4346 rf = 0x60 | txpow2;
4347 else
4348 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3);
4349 run_rt3070_rf_write(sc, 13, rf);
4350
4351 /* set Tx/Rx streams */
4352 run_rt3070_rf_read(sc, 1, &rf);
4353 rf &= ~0xfc;
4354 if (sc->ntxchains == 1)
4355 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */
4356 else if (sc->ntxchains == 2)
4357 rf |= 1 << 7; /* 2T: disable Tx chain 3 */
4358 if (sc->nrxchains == 1)
4359 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
4360 else if (sc->nrxchains == 2)
4361 rf |= 1 << 6; /* 2R: disable Rx chain 3 */
4362 run_rt3070_rf_write(sc, 1, rf);
4363
4364 /* set RF offset */
4365 run_rt3070_rf_read(sc, 23, &rf);
4366 rf = (rf & ~0x7f) | sc->freq;
4367 run_rt3070_rf_write(sc, 23, rf);
4368
4369 /* program RF filter */
4370 rf = sc->rf24_20mhz;
4371 run_rt3070_rf_write(sc, 24, rf); /* Tx */
4372 run_rt3070_rf_write(sc, 31, rf); /* Rx */
4373
4374 /* enable RF tuning */
4375 run_rt3070_rf_read(sc, 7, &rf);
4376 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14);
4377 run_rt3070_rf_write(sc, 7, rf);
4378
4379 /* TSSI */
4380 rf = (chan <= 14) ? 0xc3 : 0xc0;
4381 run_rt3070_rf_write(sc, 9, rf);
4382
4383 /* set loop filter 1 */
4384 run_rt3070_rf_write(sc, 10, 0xf1);
4385 /* set loop filter 2 */
4386 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00);
4387
4388 /* set tx_mx2_ic */
4389 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43);
4390 /* set tx_mx1_ic */
4391 if (chan <= 14)
4392 rf = 0x48 | sc->txmixgain_2ghz;
4393 else
4394 rf = 0x78 | sc->txmixgain_5ghz;
4395 run_rt3070_rf_write(sc, 16, rf);
4396
4397 /* set tx_lo1 */
4398 run_rt3070_rf_write(sc, 17, 0x23);
4399 /* set tx_lo2 */
4400 if (chan <= 14)
4401 rf = 0x93;
4402 else if (chan <= 64)
4403 rf = 0xb7;
4404 else if (chan <= 128)
4405 rf = 0x74;
4406 else
4407 rf = 0x72;
4408 run_rt3070_rf_write(sc, 19, rf);
4409
4410 /* set rx_lo1 */
4411 if (chan <= 14)
4412 rf = 0xb3;
4413 else if (chan <= 64)
4414 rf = 0xf6;
4415 else if (chan <= 128)
4416 rf = 0xf4;
4417 else
4418 rf = 0xf3;
4419 run_rt3070_rf_write(sc, 20, rf);
4420
4421 /* set pfd_delay */
4422 if (chan <= 14)
4423 rf = 0x15;
4424 else if (chan <= 64)
4425 rf = 0x3d;
4426 else
4427 rf = 0x01;
4428 run_rt3070_rf_write(sc, 25, rf);
4429
4430 /* set rx_lo2 */
4431 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87);
4432 /* set ldo_rf_vc */
4433 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01);
4434 /* set drv_cc */
4435 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f);
4436
4437 run_read(sc, RT2860_GPIO_CTRL, &tmp);
4438 tmp &= ~0x8080;
4439 if (chan <= 14)
4440 tmp |= 0x80;
4441 run_write(sc, RT2860_GPIO_CTRL, tmp);
4442
4443 /* enable RF tuning */
4444 run_rt3070_rf_read(sc, 7, &rf);
4445 run_rt3070_rf_write(sc, 7, rf | 0x01);
4446
4447 run_delay(sc, 2);
4448 }
4449
4450 static void
run_rt3593_set_chan(struct run_softc * sc,u_int chan)4451 run_rt3593_set_chan(struct run_softc *sc, u_int chan)
4452 {
4453 int8_t txpow1, txpow2, txpow3;
4454 uint8_t h20mhz, rf;
4455 int i;
4456
4457 /* find the settings for this channel (we know it exists) */
4458 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
4459
4460 /* use Tx power values from EEPROM */
4461 txpow1 = sc->txpow1[i];
4462 txpow2 = sc->txpow2[i];
4463 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0;
4464
4465 if (chan <= 14) {
4466 run_bbp_write(sc, 25, sc->bbp25);
4467 run_bbp_write(sc, 26, sc->bbp26);
4468 } else {
4469 /* Enable IQ phase correction. */
4470 run_bbp_write(sc, 25, 0x09);
4471 run_bbp_write(sc, 26, 0xff);
4472 }
4473
4474 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n);
4475 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f);
4476 run_rt3070_rf_read(sc, 11, &rf);
4477 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03);
4478 run_rt3070_rf_write(sc, 11, rf);
4479
4480 /* Set pll_idoh. */
4481 run_rt3070_rf_read(sc, 11, &rf);
4482 rf &= ~0x4c;
4483 rf |= (chan <= 14) ? 0x44 : 0x48;
4484 run_rt3070_rf_write(sc, 11, rf);
4485
4486 if (chan <= 14)
4487 rf = txpow1 & 0x1f;
4488 else
4489 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07);
4490 run_rt3070_rf_write(sc, 53, rf);
4491
4492 if (chan <= 14)
4493 rf = txpow2 & 0x1f;
4494 else
4495 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07);
4496 run_rt3070_rf_write(sc, 55, rf);
4497
4498 if (chan <= 14)
4499 rf = txpow3 & 0x1f;
4500 else
4501 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07);
4502 run_rt3070_rf_write(sc, 54, rf);
4503
4504 rf = RT3070_RF_BLOCK | RT3070_PLL_PD;
4505 if (sc->ntxchains == 3)
4506 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD;
4507 else
4508 rf |= RT3070_TX0_PD | RT3070_TX1_PD;
4509 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD;
4510 run_rt3070_rf_write(sc, 1, rf);
4511
4512 run_adjust_freq_offset(sc);
4513
4514 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80);
4515
4516 h20mhz = (sc->rf24_20mhz & 0x20) >> 5;
4517 run_rt3070_rf_read(sc, 30, &rf);
4518 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2);
4519 run_rt3070_rf_write(sc, 30, rf);
4520
4521 run_rt3070_rf_read(sc, 36, &rf);
4522 if (chan <= 14)
4523 rf |= 0x80;
4524 else
4525 rf &= ~0x80;
4526 run_rt3070_rf_write(sc, 36, rf);
4527
4528 /* Set vcolo_bs. */
4529 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20);
4530 /* Set pfd_delay. */
4531 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12);
4532
4533 /* Set vco bias current control. */
4534 run_rt3070_rf_read(sc, 6, &rf);
4535 rf &= ~0xc0;
4536 if (chan <= 14)
4537 rf |= 0x40;
4538 else if (chan <= 128)
4539 rf |= 0x80;
4540 else
4541 rf |= 0x40;
4542 run_rt3070_rf_write(sc, 6, rf);
4543
4544 run_rt3070_rf_read(sc, 30, &rf);
4545 rf = (rf & ~0x18) | 0x10;
4546 run_rt3070_rf_write(sc, 30, rf);
4547
4548 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8);
4549 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23);
4550
4551 run_rt3070_rf_read(sc, 51, &rf);
4552 rf = (rf & ~0x03) | 0x01;
4553 run_rt3070_rf_write(sc, 51, rf);
4554 /* Set tx_mx1_cc. */
4555 run_rt3070_rf_read(sc, 51, &rf);
4556 rf &= ~0x1c;
4557 rf |= (chan <= 14) ? 0x14 : 0x10;
4558 run_rt3070_rf_write(sc, 51, rf);
4559 /* Set tx_mx1_ic. */
4560 run_rt3070_rf_read(sc, 51, &rf);
4561 rf &= ~0xe0;
4562 rf |= (chan <= 14) ? 0x60 : 0x40;
4563 run_rt3070_rf_write(sc, 51, rf);
4564 /* Set tx_lo1_ic. */
4565 run_rt3070_rf_read(sc, 49, &rf);
4566 rf &= ~0x1c;
4567 rf |= (chan <= 14) ? 0x0c : 0x08;
4568 run_rt3070_rf_write(sc, 49, rf);
4569 /* Set tx_lo1_en. */
4570 run_rt3070_rf_read(sc, 50, &rf);
4571 run_rt3070_rf_write(sc, 50, rf & ~0x20);
4572 /* Set drv_cc. */
4573 run_rt3070_rf_read(sc, 57, &rf);
4574 rf &= ~0xfc;
4575 rf |= (chan <= 14) ? 0x6c : 0x3c;
4576 run_rt3070_rf_write(sc, 57, rf);
4577 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */
4578 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b);
4579 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */
4580 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05);
4581 /* Enable VCO calibration. */
4582 run_rt3070_rf_read(sc, 3, &rf);
4583 rf &= ~RT5390_VCOCAL;
4584 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe;
4585 run_rt3070_rf_write(sc, 3, rf);
4586
4587 if (chan <= 14)
4588 rf = 0x23;
4589 else if (chan <= 64)
4590 rf = 0x36;
4591 else if (chan <= 128)
4592 rf = 0x32;
4593 else
4594 rf = 0x30;
4595 run_rt3070_rf_write(sc, 39, rf);
4596 if (chan <= 14)
4597 rf = 0xbb;
4598 else if (chan <= 64)
4599 rf = 0xeb;
4600 else if (chan <= 128)
4601 rf = 0xb3;
4602 else
4603 rf = 0x9b;
4604 run_rt3070_rf_write(sc, 45, rf);
4605
4606 /* Set FEQ/AEQ control. */
4607 run_bbp_write(sc, 105, 0x34);
4608 }
4609
4610 static void
run_rt5390_set_chan(struct run_softc * sc,u_int chan)4611 run_rt5390_set_chan(struct run_softc *sc, u_int chan)
4612 {
4613 int8_t txpow1, txpow2;
4614 uint8_t rf;
4615 int i;
4616
4617 /* find the settings for this channel (we know it exists) */
4618 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
4619
4620 /* use Tx power values from EEPROM */
4621 txpow1 = sc->txpow1[i];
4622 txpow2 = sc->txpow2[i];
4623
4624 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n);
4625 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f);
4626 run_rt3070_rf_read(sc, 11, &rf);
4627 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03);
4628 run_rt3070_rf_write(sc, 11, rf);
4629
4630 run_rt3070_rf_read(sc, 49, &rf);
4631 rf = (rf & ~0x3f) | (txpow1 & 0x3f);
4632 /* The valid range of the RF R49 is 0x00 to 0x27. */
4633 if ((rf & 0x3f) > 0x27)
4634 rf = (rf & ~0x3f) | 0x27;
4635 run_rt3070_rf_write(sc, 49, rf);
4636
4637 if (sc->mac_ver == 0x5392) {
4638 run_rt3070_rf_read(sc, 50, &rf);
4639 rf = (rf & ~0x3f) | (txpow2 & 0x3f);
4640 /* The valid range of the RF R50 is 0x00 to 0x27. */
4641 if ((rf & 0x3f) > 0x27)
4642 rf = (rf & ~0x3f) | 0x27;
4643 run_rt3070_rf_write(sc, 50, rf);
4644 }
4645
4646 run_rt3070_rf_read(sc, 1, &rf);
4647 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD;
4648 if (sc->mac_ver == 0x5392)
4649 rf |= RT3070_RX1_PD | RT3070_TX1_PD;
4650 run_rt3070_rf_write(sc, 1, rf);
4651
4652 if (sc->mac_ver != 0x5392) {
4653 run_rt3070_rf_read(sc, 2, &rf);
4654 rf |= 0x80;
4655 run_rt3070_rf_write(sc, 2, rf);
4656 run_delay(sc, 10);
4657 rf &= 0x7f;
4658 run_rt3070_rf_write(sc, 2, rf);
4659 }
4660
4661 run_adjust_freq_offset(sc);
4662
4663 if (sc->mac_ver == 0x5392) {
4664 /* Fix for RT5392C. */
4665 if (sc->mac_rev >= 0x0223) {
4666 if (chan <= 4)
4667 rf = 0x0f;
4668 else if (chan >= 5 && chan <= 7)
4669 rf = 0x0e;
4670 else
4671 rf = 0x0d;
4672 run_rt3070_rf_write(sc, 23, rf);
4673
4674 if (chan <= 4)
4675 rf = 0x0c;
4676 else if (chan == 5)
4677 rf = 0x0b;
4678 else if (chan >= 6 && chan <= 7)
4679 rf = 0x0a;
4680 else if (chan >= 8 && chan <= 10)
4681 rf = 0x09;
4682 else
4683 rf = 0x08;
4684 run_rt3070_rf_write(sc, 59, rf);
4685 } else {
4686 if (chan <= 11)
4687 rf = 0x0f;
4688 else
4689 rf = 0x0b;
4690 run_rt3070_rf_write(sc, 59, rf);
4691 }
4692 } else {
4693 /* Fix for RT5390F. */
4694 if (sc->mac_rev >= 0x0502) {
4695 if (chan <= 11)
4696 rf = 0x43;
4697 else
4698 rf = 0x23;
4699 run_rt3070_rf_write(sc, 55, rf);
4700
4701 if (chan <= 11)
4702 rf = 0x0f;
4703 else if (chan == 12)
4704 rf = 0x0d;
4705 else
4706 rf = 0x0b;
4707 run_rt3070_rf_write(sc, 59, rf);
4708 } else {
4709 run_rt3070_rf_write(sc, 55, 0x44);
4710 run_rt3070_rf_write(sc, 59, 0x8f);
4711 }
4712 }
4713
4714 /* Enable VCO calibration. */
4715 run_rt3070_rf_read(sc, 3, &rf);
4716 rf |= RT5390_VCOCAL;
4717 run_rt3070_rf_write(sc, 3, rf);
4718 }
4719
4720 static void
run_rt5592_set_chan(struct run_softc * sc,u_int chan)4721 run_rt5592_set_chan(struct run_softc *sc, u_int chan)
4722 {
4723 const struct rt5592_freqs *freqs;
4724 uint32_t tmp;
4725 uint8_t reg, rf, txpow_bound;
4726 int8_t txpow1, txpow2;
4727 int i;
4728
4729 run_read(sc, RT5592_DEBUG_INDEX, &tmp);
4730 freqs = (tmp & RT5592_SEL_XTAL) ?
4731 rt5592_freqs_40mhz : rt5592_freqs_20mhz;
4732
4733 /* find the settings for this channel (we know it exists) */
4734 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++);
4735
4736 /* use Tx power values from EEPROM */
4737 txpow1 = sc->txpow1[i];
4738 txpow2 = sc->txpow2[i];
4739
4740 run_read(sc, RT3070_LDO_CFG0, &tmp);
4741 tmp &= ~0x1c000000;
4742 if (chan > 14)
4743 tmp |= 0x14000000;
4744 run_write(sc, RT3070_LDO_CFG0, tmp);
4745
4746 /* N setting. */
4747 run_rt3070_rf_write(sc, 8, freqs->n & 0xff);
4748 run_rt3070_rf_read(sc, 9, &rf);
4749 rf &= ~(1 << 4);
4750 rf |= ((freqs->n & 0x0100) >> 8) << 4;
4751 run_rt3070_rf_write(sc, 9, rf);
4752
4753 /* K setting. */
4754 run_rt3070_rf_read(sc, 9, &rf);
4755 rf &= ~0x0f;
4756 rf |= (freqs->k & 0x0f);
4757 run_rt3070_rf_write(sc, 9, rf);
4758
4759 /* Mode setting. */
4760 run_rt3070_rf_read(sc, 11, &rf);
4761 rf &= ~0x0c;
4762 rf |= ((freqs->m - 0x8) & 0x3) << 2;
4763 run_rt3070_rf_write(sc, 11, rf);
4764 run_rt3070_rf_read(sc, 9, &rf);
4765 rf &= ~(1 << 7);
4766 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7;
4767 run_rt3070_rf_write(sc, 9, rf);
4768
4769 /* R setting. */
4770 run_rt3070_rf_read(sc, 11, &rf);
4771 rf &= ~0x03;
4772 rf |= (freqs->r - 0x1);
4773 run_rt3070_rf_write(sc, 11, rf);
4774
4775 if (chan <= 14) {
4776 /* Initialize RF registers for 2GHZ. */
4777 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) {
4778 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg,
4779 rt5592_2ghz_def_rf[i].val);
4780 }
4781
4782 rf = (chan <= 10) ? 0x07 : 0x06;
4783 run_rt3070_rf_write(sc, 23, rf);
4784 run_rt3070_rf_write(sc, 59, rf);
4785
4786 run_rt3070_rf_write(sc, 55, 0x43);
4787
4788 /*
4789 * RF R49/R50 Tx power ALC code.
4790 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27.
4791 */
4792 reg = 2;
4793 txpow_bound = 0x27;
4794 } else {
4795 /* Initialize RF registers for 5GHZ. */
4796 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) {
4797 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg,
4798 rt5592_5ghz_def_rf[i].val);
4799 }
4800 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) {
4801 if (chan >= rt5592_chan_5ghz[i].firstchan &&
4802 chan <= rt5592_chan_5ghz[i].lastchan) {
4803 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg,
4804 rt5592_chan_5ghz[i].val);
4805 }
4806 }
4807
4808 /*
4809 * RF R49/R50 Tx power ALC code.
4810 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b.
4811 */
4812 reg = 3;
4813 txpow_bound = 0x2b;
4814 }
4815
4816 /* RF R49 ch0 Tx power ALC code. */
4817 run_rt3070_rf_read(sc, 49, &rf);
4818 rf &= ~0xc0;
4819 rf |= (reg << 6);
4820 rf = (rf & ~0x3f) | (txpow1 & 0x3f);
4821 if ((rf & 0x3f) > txpow_bound)
4822 rf = (rf & ~0x3f) | txpow_bound;
4823 run_rt3070_rf_write(sc, 49, rf);
4824
4825 /* RF R50 ch1 Tx power ALC code. */
4826 run_rt3070_rf_read(sc, 50, &rf);
4827 rf &= ~(1 << 7 | 1 << 6);
4828 rf |= (reg << 6);
4829 rf = (rf & ~0x3f) | (txpow2 & 0x3f);
4830 if ((rf & 0x3f) > txpow_bound)
4831 rf = (rf & ~0x3f) | txpow_bound;
4832 run_rt3070_rf_write(sc, 50, rf);
4833
4834 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */
4835 run_rt3070_rf_read(sc, 1, &rf);
4836 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD);
4837 if (sc->ntxchains > 1)
4838 rf |= RT3070_TX1_PD;
4839 if (sc->nrxchains > 1)
4840 rf |= RT3070_RX1_PD;
4841 run_rt3070_rf_write(sc, 1, rf);
4842
4843 run_rt3070_rf_write(sc, 6, 0xe4);
4844
4845 run_rt3070_rf_write(sc, 30, 0x10);
4846 run_rt3070_rf_write(sc, 31, 0x80);
4847 run_rt3070_rf_write(sc, 32, 0x80);
4848
4849 run_adjust_freq_offset(sc);
4850
4851 /* Enable VCO calibration. */
4852 run_rt3070_rf_read(sc, 3, &rf);
4853 rf |= RT5390_VCOCAL;
4854 run_rt3070_rf_write(sc, 3, rf);
4855 }
4856
4857 static void
run_set_rx_antenna(struct run_softc * sc,int aux)4858 run_set_rx_antenna(struct run_softc *sc, int aux)
4859 {
4860 uint32_t tmp;
4861 uint8_t bbp152;
4862
4863 if (aux) {
4864 if (sc->rf_rev == RT5390_RF_5370) {
4865 run_bbp_read(sc, 152, &bbp152);
4866 run_bbp_write(sc, 152, bbp152 & ~0x80);
4867 } else {
4868 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0);
4869 run_read(sc, RT2860_GPIO_CTRL, &tmp);
4870 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08);
4871 }
4872 } else {
4873 if (sc->rf_rev == RT5390_RF_5370) {
4874 run_bbp_read(sc, 152, &bbp152);
4875 run_bbp_write(sc, 152, bbp152 | 0x80);
4876 } else {
4877 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1);
4878 run_read(sc, RT2860_GPIO_CTRL, &tmp);
4879 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808);
4880 }
4881 }
4882 }
4883
4884 static int
run_set_chan(struct run_softc * sc,struct ieee80211_channel * c)4885 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c)
4886 {
4887 struct ieee80211com *ic = &sc->sc_ic;
4888 u_int chan, group;
4889
4890 chan = ieee80211_chan2ieee(ic, c);
4891 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
4892 return (EINVAL);
4893
4894 if (sc->mac_ver == 0x5592)
4895 run_rt5592_set_chan(sc, chan);
4896 else if (sc->mac_ver >= 0x5390)
4897 run_rt5390_set_chan(sc, chan);
4898 else if (sc->mac_ver == 0x3593)
4899 run_rt3593_set_chan(sc, chan);
4900 else if (sc->mac_ver == 0x3572)
4901 run_rt3572_set_chan(sc, chan);
4902 else if (sc->mac_ver >= 0x3070)
4903 run_rt3070_set_chan(sc, chan);
4904 else
4905 run_rt2870_set_chan(sc, chan);
4906
4907 /* determine channel group */
4908 if (chan <= 14)
4909 group = 0;
4910 else if (chan <= 64)
4911 group = 1;
4912 else if (chan <= 128)
4913 group = 2;
4914 else
4915 group = 3;
4916
4917 /* XXX necessary only when group has changed! */
4918 run_select_chan_group(sc, group);
4919
4920 run_delay(sc, 10);
4921
4922 /* Perform IQ calibration. */
4923 if (sc->mac_ver >= 0x5392)
4924 run_iq_calib(sc, chan);
4925
4926 return (0);
4927 }
4928
4929 static void
run_set_channel(struct ieee80211com * ic)4930 run_set_channel(struct ieee80211com *ic)
4931 {
4932 struct run_softc *sc = ic->ic_softc;
4933
4934 RUN_LOCK(sc);
4935 run_set_chan(sc, ic->ic_curchan);
4936 RUN_UNLOCK(sc);
4937
4938 return;
4939 }
4940
4941 static void
run_getradiocaps(struct ieee80211com * ic,int maxchans,int * nchans,struct ieee80211_channel chans[])4942 run_getradiocaps(struct ieee80211com *ic,
4943 int maxchans, int *nchans, struct ieee80211_channel chans[])
4944 {
4945 struct run_softc *sc = ic->ic_softc;
4946 uint8_t bands[IEEE80211_MODE_BYTES];
4947
4948 memset(bands, 0, sizeof(bands));
4949 setbit(bands, IEEE80211_MODE_11B);
4950 setbit(bands, IEEE80211_MODE_11G);
4951 if (sc->rf_rev != RT3070_RF_2020)
4952 setbit(bands, IEEE80211_MODE_11NG);
4953
4954 /* Note: for now, only support HT20 channels */
4955 ieee80211_add_channels_default_2ghz(chans, maxchans, nchans, bands, 0);
4956
4957 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 ||
4958 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 ||
4959 sc->rf_rev == RT5592_RF_5592) {
4960 setbit(bands, IEEE80211_MODE_11A);
4961 if (sc->rf_rev != RT3070_RF_2020)
4962 setbit(bands, IEEE80211_MODE_11NA);
4963 /* Note: for now, only support HT20 channels */
4964 ieee80211_add_channel_list_5ghz(chans, maxchans, nchans,
4965 run_chan_5ghz, nitems(run_chan_5ghz), bands, 0);
4966 }
4967 }
4968
4969 static void
run_scan_start(struct ieee80211com * ic)4970 run_scan_start(struct ieee80211com *ic)
4971 {
4972 struct run_softc *sc = ic->ic_softc;
4973
4974 RUN_LOCK(sc);
4975
4976 /* abort TSF synchronization */
4977 run_disable_tsf(sc);
4978 run_set_bssid(sc, ieee80211broadcastaddr);
4979
4980 RUN_UNLOCK(sc);
4981
4982 return;
4983 }
4984
4985 static void
run_scan_end(struct ieee80211com * ic)4986 run_scan_end(struct ieee80211com *ic)
4987 {
4988 struct run_softc *sc = ic->ic_softc;
4989
4990 RUN_LOCK(sc);
4991
4992 run_enable_tsf_sync(sc);
4993 run_set_bssid(sc, sc->sc_bssid);
4994
4995 RUN_UNLOCK(sc);
4996
4997 return;
4998 }
4999
5000 /*
5001 * Could be called from ieee80211_node_timeout()
5002 * (non-sleepable thread)
5003 */
5004 static void
run_update_beacon(struct ieee80211vap * vap,int item)5005 run_update_beacon(struct ieee80211vap *vap, int item)
5006 {
5007 struct ieee80211com *ic = vap->iv_ic;
5008 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off;
5009 struct ieee80211_node *ni = vap->iv_bss;
5010 struct run_softc *sc = ic->ic_softc;
5011 struct run_vap *rvp = RUN_VAP(vap);
5012 int mcast = 0;
5013 uint32_t i;
5014
5015 switch (item) {
5016 case IEEE80211_BEACON_ERP:
5017 run_updateslot(ic);
5018 break;
5019 case IEEE80211_BEACON_HTINFO:
5020 run_updateprot(ic);
5021 break;
5022 case IEEE80211_BEACON_TIM:
5023 mcast = 1; /*TODO*/
5024 break;
5025 default:
5026 break;
5027 }
5028
5029 setbit(bo->bo_flags, item);
5030 if (rvp->beacon_mbuf == NULL) {
5031 rvp->beacon_mbuf = ieee80211_beacon_alloc(ni);
5032 if (rvp->beacon_mbuf == NULL)
5033 return;
5034 }
5035 ieee80211_beacon_update(ni, rvp->beacon_mbuf, mcast);
5036
5037 i = RUN_CMDQ_GET(&sc->cmdq_store);
5038 RUN_DPRINTF(sc, RUN_DEBUG_BEACON, "cmdq_store=%d\n", i);
5039 sc->cmdq[i].func = run_update_beacon_cb;
5040 sc->cmdq[i].arg0 = vap;
5041 ieee80211_runtask(ic, &sc->cmdq_task);
5042
5043 return;
5044 }
5045
5046 static void
run_update_beacon_cb(void * arg)5047 run_update_beacon_cb(void *arg)
5048 {
5049 struct ieee80211vap *vap = arg;
5050 struct ieee80211_node *ni = vap->iv_bss;
5051 struct run_vap *rvp = RUN_VAP(vap);
5052 struct ieee80211com *ic = vap->iv_ic;
5053 struct run_softc *sc = ic->ic_softc;
5054 struct rt2860_txwi txwi;
5055 struct mbuf *m;
5056 uint16_t txwisize;
5057 uint8_t ridx;
5058
5059 if (ni->ni_chan == IEEE80211_CHAN_ANYC)
5060 return;
5061 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC)
5062 return;
5063
5064 /*
5065 * No need to call ieee80211_beacon_update(), run_update_beacon()
5066 * is taking care of appropriate calls.
5067 */
5068 if (rvp->beacon_mbuf == NULL) {
5069 rvp->beacon_mbuf = ieee80211_beacon_alloc(ni);
5070 if (rvp->beacon_mbuf == NULL)
5071 return;
5072 }
5073 m = rvp->beacon_mbuf;
5074
5075 memset(&txwi, 0, sizeof(txwi));
5076 txwi.wcid = 0xff;
5077 txwi.len = htole16(m->m_pkthdr.len);
5078
5079 /* send beacons at the lowest available rate */
5080 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ?
5081 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1;
5082 txwi.phy = htole16(rt2860_rates[ridx].mcs);
5083 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM)
5084 txwi.phy |= htole16(RT2860_PHY_OFDM);
5085 txwi.txop = RT2860_TX_TXOP_HT;
5086 txwi.flags = RT2860_TX_TS;
5087 txwi.xflags = RT2860_TX_NSEQ;
5088
5089 txwisize = (sc->mac_ver == 0x5592) ?
5090 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi);
5091 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi,
5092 txwisize);
5093 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize,
5094 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1);
5095 }
5096
5097 static void
run_updateprot(struct ieee80211com * ic)5098 run_updateprot(struct ieee80211com *ic)
5099 {
5100 struct run_softc *sc = ic->ic_softc;
5101 uint32_t i;
5102
5103 i = RUN_CMDQ_GET(&sc->cmdq_store);
5104 RUN_DPRINTF(sc, RUN_DEBUG_BEACON, "cmdq_store=%d\n", i);
5105 sc->cmdq[i].func = run_updateprot_cb;
5106 sc->cmdq[i].arg0 = ic;
5107 ieee80211_runtask(ic, &sc->cmdq_task);
5108 }
5109
5110 static void
run_updateprot_cb(void * arg)5111 run_updateprot_cb(void *arg)
5112 {
5113 struct ieee80211com *ic = arg;
5114 struct run_softc *sc = ic->ic_softc;
5115 uint32_t tmp;
5116
5117 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL;
5118 /* setup protection frame rate (MCS code) */
5119 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ?
5120 rt2860_rates[RT2860_RIDX_OFDM6].mcs | RT2860_PHY_OFDM :
5121 rt2860_rates[RT2860_RIDX_CCK11].mcs;
5122
5123 /* CCK frames don't require protection */
5124 run_write(sc, RT2860_CCK_PROT_CFG, tmp);
5125 if (ic->ic_flags & IEEE80211_F_USEPROT) {
5126 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS)
5127 tmp |= RT2860_PROT_CTRL_RTS_CTS;
5128 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY)
5129 tmp |= RT2860_PROT_CTRL_CTS;
5130 }
5131 run_write(sc, RT2860_OFDM_PROT_CFG, tmp);
5132 }
5133
5134 static void
run_usb_timeout_cb(void * arg)5135 run_usb_timeout_cb(void *arg)
5136 {
5137 struct ieee80211vap *vap = arg;
5138 struct run_softc *sc = vap->iv_ic->ic_softc;
5139
5140 RUN_LOCK_ASSERT(sc, MA_OWNED);
5141
5142 if(vap->iv_state == IEEE80211_S_RUN &&
5143 vap->iv_opmode != IEEE80211_M_STA)
5144 run_reset_livelock(sc);
5145 else if (vap->iv_state == IEEE80211_S_SCAN) {
5146 RUN_DPRINTF(sc, RUN_DEBUG_USB | RUN_DEBUG_STATE,
5147 "timeout caused by scan\n");
5148 /* cancel bgscan */
5149 ieee80211_cancel_scan(vap);
5150 } else
5151 RUN_DPRINTF(sc, RUN_DEBUG_USB | RUN_DEBUG_STATE,
5152 "timeout by unknown cause\n");
5153 }
5154
5155 static void
run_reset_livelock(struct run_softc * sc)5156 run_reset_livelock(struct run_softc *sc)
5157 {
5158 uint32_t tmp;
5159
5160 RUN_LOCK_ASSERT(sc, MA_OWNED);
5161
5162 /*
5163 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC
5164 * can run into a livelock and start sending CTS-to-self frames like
5165 * crazy if protection is enabled. Reset MAC/BBP for a while
5166 */
5167 run_read(sc, RT2860_DEBUG, &tmp);
5168 RUN_DPRINTF(sc, RUN_DEBUG_RESET, "debug reg %08x\n", tmp);
5169 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) {
5170 RUN_DPRINTF(sc, RUN_DEBUG_RESET,
5171 "CTS-to-self livelock detected\n");
5172 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST);
5173 run_delay(sc, 1);
5174 run_write(sc, RT2860_MAC_SYS_CTRL,
5175 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
5176 }
5177 }
5178
5179 static void
run_update_promisc_locked(struct run_softc * sc)5180 run_update_promisc_locked(struct run_softc *sc)
5181 {
5182 uint32_t tmp;
5183
5184 run_read(sc, RT2860_RX_FILTR_CFG, &tmp);
5185
5186 tmp |= RT2860_DROP_UC_NOME;
5187 if (sc->sc_ic.ic_promisc > 0)
5188 tmp &= ~RT2860_DROP_UC_NOME;
5189
5190 run_write(sc, RT2860_RX_FILTR_CFG, tmp);
5191
5192 RUN_DPRINTF(sc, RUN_DEBUG_RECV, "%s promiscuous mode\n",
5193 (sc->sc_ic.ic_promisc > 0) ? "entering" : "leaving");
5194 }
5195
5196 static void
run_update_promisc(struct ieee80211com * ic)5197 run_update_promisc(struct ieee80211com *ic)
5198 {
5199 struct run_softc *sc = ic->ic_softc;
5200
5201 if ((sc->sc_flags & RUN_RUNNING) == 0)
5202 return;
5203
5204 RUN_LOCK(sc);
5205 run_update_promisc_locked(sc);
5206 RUN_UNLOCK(sc);
5207 }
5208
5209 static void
run_enable_tsf_sync(struct run_softc * sc)5210 run_enable_tsf_sync(struct run_softc *sc)
5211 {
5212 struct ieee80211com *ic = &sc->sc_ic;
5213 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
5214 uint32_t tmp;
5215
5216 RUN_DPRINTF(sc, RUN_DEBUG_BEACON, "rvp_id=%d ic_opmode=%d\n",
5217 RUN_VAP(vap)->rvp_id, ic->ic_opmode);
5218
5219 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
5220 tmp &= ~0x1fffff;
5221 tmp |= vap->iv_bss->ni_intval * 16;
5222 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN;
5223
5224 if (ic->ic_opmode == IEEE80211_M_STA) {
5225 /*
5226 * Local TSF is always updated with remote TSF on beacon
5227 * reception.
5228 */
5229 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT;
5230 } else if (ic->ic_opmode == IEEE80211_M_IBSS) {
5231 tmp |= RT2860_BCN_TX_EN;
5232 /*
5233 * Local TSF is updated with remote TSF on beacon reception
5234 * only if the remote TSF is greater than local TSF.
5235 */
5236 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT;
5237 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
5238 ic->ic_opmode == IEEE80211_M_MBSS) {
5239 tmp |= RT2860_BCN_TX_EN;
5240 /* SYNC with nobody */
5241 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT;
5242 } else {
5243 RUN_DPRINTF(sc, RUN_DEBUG_BEACON,
5244 "Enabling TSF failed. undefined opmode\n");
5245 return;
5246 }
5247
5248 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
5249 }
5250
5251 static void
run_enable_tsf(struct run_softc * sc)5252 run_enable_tsf(struct run_softc *sc)
5253 {
5254 uint32_t tmp;
5255
5256 if (run_read(sc, RT2860_BCN_TIME_CFG, &tmp) == 0) {
5257 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TBTT_TIMER_EN);
5258 tmp |= RT2860_TSF_TIMER_EN;
5259 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
5260 }
5261 }
5262
5263 static void
run_disable_tsf(struct run_softc * sc)5264 run_disable_tsf(struct run_softc *sc)
5265 {
5266 uint32_t tmp;
5267
5268 if (run_read(sc, RT2860_BCN_TIME_CFG, &tmp) == 0) {
5269 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
5270 RT2860_TBTT_TIMER_EN);
5271 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
5272 }
5273 }
5274
5275 static void
run_get_tsf(struct run_softc * sc,uint64_t * buf)5276 run_get_tsf(struct run_softc *sc, uint64_t *buf)
5277 {
5278 run_read_region_1(sc, RT2860_TSF_TIMER_DW0, (uint8_t *)buf,
5279 sizeof(*buf));
5280 }
5281
5282 static void
run_enable_mrr(struct run_softc * sc)5283 run_enable_mrr(struct run_softc *sc)
5284 {
5285 #define CCK(mcs) (mcs)
5286 #define OFDM(mcs) (1 << 3 | (mcs))
5287 run_write(sc, RT2860_LG_FBK_CFG0,
5288 OFDM(6) << 28 | /* 54->48 */
5289 OFDM(5) << 24 | /* 48->36 */
5290 OFDM(4) << 20 | /* 36->24 */
5291 OFDM(3) << 16 | /* 24->18 */
5292 OFDM(2) << 12 | /* 18->12 */
5293 OFDM(1) << 8 | /* 12-> 9 */
5294 OFDM(0) << 4 | /* 9-> 6 */
5295 OFDM(0)); /* 6-> 6 */
5296
5297 run_write(sc, RT2860_LG_FBK_CFG1,
5298 CCK(2) << 12 | /* 11->5.5 */
5299 CCK(1) << 8 | /* 5.5-> 2 */
5300 CCK(0) << 4 | /* 2-> 1 */
5301 CCK(0)); /* 1-> 1 */
5302 #undef OFDM
5303 #undef CCK
5304 }
5305
5306 static void
run_set_txpreamble(struct run_softc * sc)5307 run_set_txpreamble(struct run_softc *sc)
5308 {
5309 struct ieee80211com *ic = &sc->sc_ic;
5310 uint32_t tmp;
5311
5312 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp);
5313 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
5314 tmp |= RT2860_CCK_SHORT_EN;
5315 else
5316 tmp &= ~RT2860_CCK_SHORT_EN;
5317 run_write(sc, RT2860_AUTO_RSP_CFG, tmp);
5318 }
5319
5320 static void
run_set_basicrates(struct run_softc * sc)5321 run_set_basicrates(struct run_softc *sc)
5322 {
5323 struct ieee80211com *ic = &sc->sc_ic;
5324
5325 /* set basic rates mask */
5326 if (ic->ic_curmode == IEEE80211_MODE_11B)
5327 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003);
5328 else if (ic->ic_curmode == IEEE80211_MODE_11A)
5329 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150);
5330 else /* 11g */
5331 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f);
5332 }
5333
5334 static void
run_set_leds(struct run_softc * sc,uint16_t which)5335 run_set_leds(struct run_softc *sc, uint16_t which)
5336 {
5337 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS,
5338 which | (sc->leds & 0x7f));
5339 }
5340
5341 static void
run_set_bssid(struct run_softc * sc,const uint8_t * bssid)5342 run_set_bssid(struct run_softc *sc, const uint8_t *bssid)
5343 {
5344 run_write(sc, RT2860_MAC_BSSID_DW0,
5345 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24);
5346 run_write(sc, RT2860_MAC_BSSID_DW1,
5347 bssid[4] | bssid[5] << 8);
5348 }
5349
5350 static void
run_set_macaddr(struct run_softc * sc,const uint8_t * addr)5351 run_set_macaddr(struct run_softc *sc, const uint8_t *addr)
5352 {
5353 run_write(sc, RT2860_MAC_ADDR_DW0,
5354 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24);
5355 run_write(sc, RT2860_MAC_ADDR_DW1,
5356 addr[4] | addr[5] << 8 | 0xff << 16);
5357 }
5358
5359 static void
run_updateslot(struct ieee80211com * ic)5360 run_updateslot(struct ieee80211com *ic)
5361 {
5362 struct run_softc *sc = ic->ic_softc;
5363 uint32_t i;
5364
5365 i = RUN_CMDQ_GET(&sc->cmdq_store);
5366 RUN_DPRINTF(sc, RUN_DEBUG_BEACON, "cmdq_store=%d\n", i);
5367 sc->cmdq[i].func = run_updateslot_cb;
5368 sc->cmdq[i].arg0 = ic;
5369 ieee80211_runtask(ic, &sc->cmdq_task);
5370
5371 return;
5372 }
5373
5374 /* ARGSUSED */
5375 static void
run_updateslot_cb(void * arg)5376 run_updateslot_cb(void *arg)
5377 {
5378 struct ieee80211com *ic = arg;
5379 struct run_softc *sc = ic->ic_softc;
5380 uint32_t tmp;
5381
5382 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp);
5383 tmp &= ~0xff;
5384 tmp |= IEEE80211_GET_SLOTTIME(ic);
5385 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp);
5386 }
5387
5388 static void
run_update_mcast(struct ieee80211com * ic)5389 run_update_mcast(struct ieee80211com *ic)
5390 {
5391 }
5392
5393 static int8_t
run_rssi2dbm(struct run_softc * sc,uint8_t rssi,uint8_t rxchain)5394 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain)
5395 {
5396 struct ieee80211com *ic = &sc->sc_ic;
5397 struct ieee80211_channel *c = ic->ic_curchan;
5398 int delta;
5399
5400 if (IEEE80211_IS_CHAN_5GHZ(c)) {
5401 u_int chan = ieee80211_chan2ieee(ic, c);
5402 delta = sc->rssi_5ghz[rxchain];
5403
5404 /* determine channel group */
5405 if (chan <= 64)
5406 delta -= sc->lna[1];
5407 else if (chan <= 128)
5408 delta -= sc->lna[2];
5409 else
5410 delta -= sc->lna[3];
5411 } else
5412 delta = sc->rssi_2ghz[rxchain] - sc->lna[0];
5413
5414 return (-12 - delta - rssi);
5415 }
5416
5417 static void
run_rt5390_bbp_init(struct run_softc * sc)5418 run_rt5390_bbp_init(struct run_softc *sc)
5419 {
5420 u_int i;
5421 uint8_t bbp;
5422
5423 /* Apply maximum likelihood detection for 2 stream case. */
5424 run_bbp_read(sc, 105, &bbp);
5425 if (sc->nrxchains > 1)
5426 run_bbp_write(sc, 105, bbp | RT5390_MLD);
5427
5428 /* Avoid data lost and CRC error. */
5429 run_bbp_read(sc, 4, &bbp);
5430 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
5431
5432 if (sc->mac_ver == 0x5592) {
5433 for (i = 0; i < nitems(rt5592_def_bbp); i++) {
5434 run_bbp_write(sc, rt5592_def_bbp[i].reg,
5435 rt5592_def_bbp[i].val);
5436 }
5437 for (i = 0; i < nitems(rt5592_bbp_r196); i++) {
5438 run_bbp_write(sc, 195, i + 0x80);
5439 run_bbp_write(sc, 196, rt5592_bbp_r196[i]);
5440 }
5441 } else {
5442 for (i = 0; i < nitems(rt5390_def_bbp); i++) {
5443 run_bbp_write(sc, rt5390_def_bbp[i].reg,
5444 rt5390_def_bbp[i].val);
5445 }
5446 }
5447 if (sc->mac_ver == 0x5392) {
5448 run_bbp_write(sc, 88, 0x90);
5449 run_bbp_write(sc, 95, 0x9a);
5450 run_bbp_write(sc, 98, 0x12);
5451 run_bbp_write(sc, 106, 0x12);
5452 run_bbp_write(sc, 134, 0xd0);
5453 run_bbp_write(sc, 135, 0xf6);
5454 run_bbp_write(sc, 148, 0x84);
5455 }
5456
5457 run_bbp_read(sc, 152, &bbp);
5458 run_bbp_write(sc, 152, bbp | 0x80);
5459
5460 /* Fix BBP254 for RT5592C. */
5461 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) {
5462 run_bbp_read(sc, 254, &bbp);
5463 run_bbp_write(sc, 254, bbp | 0x80);
5464 }
5465
5466 /* Disable hardware antenna diversity. */
5467 if (sc->mac_ver == 0x5390)
5468 run_bbp_write(sc, 154, 0);
5469
5470 /* Initialize Rx CCK/OFDM frequency offset report. */
5471 run_bbp_write(sc, 142, 1);
5472 run_bbp_write(sc, 143, 57);
5473 }
5474
5475 static int
run_bbp_init(struct run_softc * sc)5476 run_bbp_init(struct run_softc *sc)
5477 {
5478 int i, error, ntries;
5479 uint8_t bbp0;
5480
5481 /* wait for BBP to wake up */
5482 for (ntries = 0; ntries < 20; ntries++) {
5483 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0)
5484 return error;
5485 if (bbp0 != 0 && bbp0 != 0xff)
5486 break;
5487 }
5488 if (ntries == 20)
5489 return (ETIMEDOUT);
5490
5491 /* initialize BBP registers to default values */
5492 if (sc->mac_ver >= 0x5390)
5493 run_rt5390_bbp_init(sc);
5494 else {
5495 for (i = 0; i < nitems(rt2860_def_bbp); i++) {
5496 run_bbp_write(sc, rt2860_def_bbp[i].reg,
5497 rt2860_def_bbp[i].val);
5498 }
5499 }
5500
5501 if (sc->mac_ver == 0x3593) {
5502 run_bbp_write(sc, 79, 0x13);
5503 run_bbp_write(sc, 80, 0x05);
5504 run_bbp_write(sc, 81, 0x33);
5505 run_bbp_write(sc, 86, 0x46);
5506 run_bbp_write(sc, 137, 0x0f);
5507 }
5508
5509 /* fix BBP84 for RT2860E */
5510 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101)
5511 run_bbp_write(sc, 84, 0x19);
5512
5513 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 &&
5514 sc->mac_ver != 0x5592)) {
5515 run_bbp_write(sc, 79, 0x13);
5516 run_bbp_write(sc, 80, 0x05);
5517 run_bbp_write(sc, 81, 0x33);
5518 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) {
5519 run_bbp_write(sc, 69, 0x16);
5520 run_bbp_write(sc, 73, 0x12);
5521 }
5522 return (0);
5523 }
5524
5525 static int
run_rt3070_rf_init(struct run_softc * sc)5526 run_rt3070_rf_init(struct run_softc *sc)
5527 {
5528 uint32_t tmp;
5529 uint8_t bbp4, mingain, rf, target;
5530 u_int i;
5531
5532 run_rt3070_rf_read(sc, 30, &rf);
5533 /* toggle RF R30 bit 7 */
5534 run_rt3070_rf_write(sc, 30, rf | 0x80);
5535 run_delay(sc, 10);
5536 run_rt3070_rf_write(sc, 30, rf & ~0x80);
5537
5538 /* initialize RF registers to default value */
5539 if (sc->mac_ver == 0x3572) {
5540 for (i = 0; i < nitems(rt3572_def_rf); i++) {
5541 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg,
5542 rt3572_def_rf[i].val);
5543 }
5544 } else {
5545 for (i = 0; i < nitems(rt3070_def_rf); i++) {
5546 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg,
5547 rt3070_def_rf[i].val);
5548 }
5549 }
5550
5551 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) {
5552 /*
5553 * Change voltage from 1.2V to 1.35V for RT3070.
5554 * The DAC issue (RT3070_LDO_CFG0) has been fixed
5555 * in RT3070(F).
5556 */
5557 run_read(sc, RT3070_LDO_CFG0, &tmp);
5558 tmp = (tmp & ~0x0f000000) | 0x0d000000;
5559 run_write(sc, RT3070_LDO_CFG0, tmp);
5560
5561 } else if (sc->mac_ver == 0x3071) {
5562 run_rt3070_rf_read(sc, 6, &rf);
5563 run_rt3070_rf_write(sc, 6, rf | 0x40);
5564 run_rt3070_rf_write(sc, 31, 0x14);
5565
5566 run_read(sc, RT3070_LDO_CFG0, &tmp);
5567 tmp &= ~0x1f000000;
5568 if (sc->mac_rev < 0x0211)
5569 tmp |= 0x0d000000; /* 1.3V */
5570 else
5571 tmp |= 0x01000000; /* 1.2V */
5572 run_write(sc, RT3070_LDO_CFG0, tmp);
5573
5574 /* patch LNA_PE_G1 */
5575 run_read(sc, RT3070_GPIO_SWITCH, &tmp);
5576 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20);
5577
5578 } else if (sc->mac_ver == 0x3572) {
5579 run_rt3070_rf_read(sc, 6, &rf);
5580 run_rt3070_rf_write(sc, 6, rf | 0x40);
5581
5582 /* increase voltage from 1.2V to 1.35V */
5583 run_read(sc, RT3070_LDO_CFG0, &tmp);
5584 tmp = (tmp & ~0x1f000000) | 0x0d000000;
5585 run_write(sc, RT3070_LDO_CFG0, tmp);
5586
5587 if (sc->mac_rev < 0x0211 || !sc->patch_dac) {
5588 run_delay(sc, 1); /* wait for 1msec */
5589 /* decrease voltage back to 1.2V */
5590 tmp = (tmp & ~0x1f000000) | 0x01000000;
5591 run_write(sc, RT3070_LDO_CFG0, tmp);
5592 }
5593 }
5594
5595 /* select 20MHz bandwidth */
5596 run_rt3070_rf_read(sc, 31, &rf);
5597 run_rt3070_rf_write(sc, 31, rf & ~0x20);
5598
5599 /* calibrate filter for 20MHz bandwidth */
5600 sc->rf24_20mhz = 0x1f; /* default value */
5601 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13;
5602 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz);
5603
5604 /* select 40MHz bandwidth */
5605 run_bbp_read(sc, 4, &bbp4);
5606 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10);
5607 run_rt3070_rf_read(sc, 31, &rf);
5608 run_rt3070_rf_write(sc, 31, rf | 0x20);
5609
5610 /* calibrate filter for 40MHz bandwidth */
5611 sc->rf24_40mhz = 0x2f; /* default value */
5612 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15;
5613 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz);
5614
5615 /* go back to 20MHz bandwidth */
5616 run_bbp_read(sc, 4, &bbp4);
5617 run_bbp_write(sc, 4, bbp4 & ~0x18);
5618
5619 if (sc->mac_ver == 0x3572) {
5620 /* save default BBP registers 25 and 26 values */
5621 run_bbp_read(sc, 25, &sc->bbp25);
5622 run_bbp_read(sc, 26, &sc->bbp26);
5623 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211)
5624 run_rt3070_rf_write(sc, 27, 0x03);
5625
5626 run_read(sc, RT3070_OPT_14, &tmp);
5627 run_write(sc, RT3070_OPT_14, tmp | 1);
5628
5629 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) {
5630 run_rt3070_rf_read(sc, 17, &rf);
5631 rf &= ~RT3070_TX_LO1;
5632 if ((sc->mac_ver == 0x3070 ||
5633 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) &&
5634 !sc->ext_2ghz_lna)
5635 rf |= 0x20; /* fix for long range Rx issue */
5636 mingain = (sc->mac_ver == 0x3070) ? 1 : 2;
5637 if (sc->txmixgain_2ghz >= mingain)
5638 rf = (rf & ~0x7) | sc->txmixgain_2ghz;
5639 run_rt3070_rf_write(sc, 17, rf);
5640 }
5641
5642 if (sc->mac_ver == 0x3071) {
5643 run_rt3070_rf_read(sc, 1, &rf);
5644 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD);
5645 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD;
5646 run_rt3070_rf_write(sc, 1, rf);
5647
5648 run_rt3070_rf_read(sc, 15, &rf);
5649 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2);
5650
5651 run_rt3070_rf_read(sc, 20, &rf);
5652 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1);
5653
5654 run_rt3070_rf_read(sc, 21, &rf);
5655 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2);
5656 }
5657
5658 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) {
5659 /* fix Tx to Rx IQ glitch by raising RF voltage */
5660 run_rt3070_rf_read(sc, 27, &rf);
5661 rf &= ~0x77;
5662 if (sc->mac_rev < 0x0211)
5663 rf |= 0x03;
5664 run_rt3070_rf_write(sc, 27, rf);
5665 }
5666 return (0);
5667 }
5668
5669 static void
run_rt3593_rf_init(struct run_softc * sc)5670 run_rt3593_rf_init(struct run_softc *sc)
5671 {
5672 uint32_t tmp;
5673 uint8_t rf;
5674 u_int i;
5675
5676 /* Disable the GPIO bits 4 and 7 for LNA PE control. */
5677 run_read(sc, RT3070_GPIO_SWITCH, &tmp);
5678 tmp &= ~(1 << 4 | 1 << 7);
5679 run_write(sc, RT3070_GPIO_SWITCH, tmp);
5680
5681 /* Initialize RF registers to default value. */
5682 for (i = 0; i < nitems(rt3593_def_rf); i++) {
5683 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg,
5684 rt3593_def_rf[i].val);
5685 }
5686
5687 /* Toggle RF R2 to initiate calibration. */
5688 run_rt3070_rf_write(sc, 2, RT5390_RESCAL);
5689
5690 /* Initialize RF frequency offset. */
5691 run_adjust_freq_offset(sc);
5692
5693 run_rt3070_rf_read(sc, 18, &rf);
5694 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS);
5695
5696 /*
5697 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to
5698 * decrease voltage back to 1.2V.
5699 */
5700 run_read(sc, RT3070_LDO_CFG0, &tmp);
5701 tmp = (tmp & ~0x1f000000) | 0x0d000000;
5702 run_write(sc, RT3070_LDO_CFG0, tmp);
5703 run_delay(sc, 1);
5704 tmp = (tmp & ~0x1f000000) | 0x01000000;
5705 run_write(sc, RT3070_LDO_CFG0, tmp);
5706
5707 sc->rf24_20mhz = 0x1f;
5708 sc->rf24_40mhz = 0x2f;
5709
5710 /* Save default BBP registers 25 and 26 values. */
5711 run_bbp_read(sc, 25, &sc->bbp25);
5712 run_bbp_read(sc, 26, &sc->bbp26);
5713
5714 run_read(sc, RT3070_OPT_14, &tmp);
5715 run_write(sc, RT3070_OPT_14, tmp | 1);
5716 }
5717
5718 static void
run_rt5390_rf_init(struct run_softc * sc)5719 run_rt5390_rf_init(struct run_softc *sc)
5720 {
5721 uint32_t tmp;
5722 uint8_t rf;
5723 u_int i;
5724
5725 /* Toggle RF R2 to initiate calibration. */
5726 if (sc->mac_ver == 0x5390) {
5727 run_rt3070_rf_read(sc, 2, &rf);
5728 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL);
5729 run_delay(sc, 10);
5730 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL);
5731 } else {
5732 run_rt3070_rf_write(sc, 2, RT5390_RESCAL);
5733 run_delay(sc, 10);
5734 }
5735
5736 /* Initialize RF registers to default value. */
5737 if (sc->mac_ver == 0x5592) {
5738 for (i = 0; i < nitems(rt5592_def_rf); i++) {
5739 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg,
5740 rt5592_def_rf[i].val);
5741 }
5742 /* Initialize RF frequency offset. */
5743 run_adjust_freq_offset(sc);
5744 } else if (sc->mac_ver == 0x5392) {
5745 for (i = 0; i < nitems(rt5392_def_rf); i++) {
5746 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg,
5747 rt5392_def_rf[i].val);
5748 }
5749 if (sc->mac_rev >= 0x0223) {
5750 run_rt3070_rf_write(sc, 23, 0x0f);
5751 run_rt3070_rf_write(sc, 24, 0x3e);
5752 run_rt3070_rf_write(sc, 51, 0x32);
5753 run_rt3070_rf_write(sc, 53, 0x22);
5754 run_rt3070_rf_write(sc, 56, 0xc1);
5755 run_rt3070_rf_write(sc, 59, 0x0f);
5756 }
5757 } else {
5758 for (i = 0; i < nitems(rt5390_def_rf); i++) {
5759 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg,
5760 rt5390_def_rf[i].val);
5761 }
5762 if (sc->mac_rev >= 0x0502) {
5763 run_rt3070_rf_write(sc, 6, 0xe0);
5764 run_rt3070_rf_write(sc, 25, 0x80);
5765 run_rt3070_rf_write(sc, 46, 0x73);
5766 run_rt3070_rf_write(sc, 53, 0x00);
5767 run_rt3070_rf_write(sc, 56, 0x42);
5768 run_rt3070_rf_write(sc, 61, 0xd1);
5769 }
5770 }
5771
5772 sc->rf24_20mhz = 0x1f; /* default value */
5773 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f;
5774
5775 if (sc->mac_rev < 0x0211)
5776 run_rt3070_rf_write(sc, 27, 0x3);
5777
5778 run_read(sc, RT3070_OPT_14, &tmp);
5779 run_write(sc, RT3070_OPT_14, tmp | 1);
5780 }
5781
5782 static int
run_rt3070_filter_calib(struct run_softc * sc,uint8_t init,uint8_t target,uint8_t * val)5783 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target,
5784 uint8_t *val)
5785 {
5786 uint8_t rf22, rf24;
5787 uint8_t bbp55_pb, bbp55_sb, delta;
5788 int ntries;
5789
5790 /* program filter */
5791 run_rt3070_rf_read(sc, 24, &rf24);
5792 rf24 = (rf24 & 0xc0) | init; /* initial filter value */
5793 run_rt3070_rf_write(sc, 24, rf24);
5794
5795 /* enable baseband loopback mode */
5796 run_rt3070_rf_read(sc, 22, &rf22);
5797 run_rt3070_rf_write(sc, 22, rf22 | 0x01);
5798
5799 /* set power and frequency of passband test tone */
5800 run_bbp_write(sc, 24, 0x00);
5801 for (ntries = 0; ntries < 100; ntries++) {
5802 /* transmit test tone */
5803 run_bbp_write(sc, 25, 0x90);
5804 run_delay(sc, 10);
5805 /* read received power */
5806 run_bbp_read(sc, 55, &bbp55_pb);
5807 if (bbp55_pb != 0)
5808 break;
5809 }
5810 if (ntries == 100)
5811 return (ETIMEDOUT);
5812
5813 /* set power and frequency of stopband test tone */
5814 run_bbp_write(sc, 24, 0x06);
5815 for (ntries = 0; ntries < 100; ntries++) {
5816 /* transmit test tone */
5817 run_bbp_write(sc, 25, 0x90);
5818 run_delay(sc, 10);
5819 /* read received power */
5820 run_bbp_read(sc, 55, &bbp55_sb);
5821
5822 delta = bbp55_pb - bbp55_sb;
5823 if (delta > target)
5824 break;
5825
5826 /* reprogram filter */
5827 rf24++;
5828 run_rt3070_rf_write(sc, 24, rf24);
5829 }
5830 if (ntries < 100) {
5831 if (rf24 != init)
5832 rf24--; /* backtrack */
5833 *val = rf24;
5834 run_rt3070_rf_write(sc, 24, rf24);
5835 }
5836
5837 /* restore initial state */
5838 run_bbp_write(sc, 24, 0x00);
5839
5840 /* disable baseband loopback mode */
5841 run_rt3070_rf_read(sc, 22, &rf22);
5842 run_rt3070_rf_write(sc, 22, rf22 & ~0x01);
5843
5844 return (0);
5845 }
5846
5847 static void
run_rt3070_rf_setup(struct run_softc * sc)5848 run_rt3070_rf_setup(struct run_softc *sc)
5849 {
5850 uint8_t bbp, rf;
5851 int i;
5852
5853 if (sc->mac_ver == 0x3572) {
5854 /* enable DC filter */
5855 if (sc->mac_rev >= 0x0201)
5856 run_bbp_write(sc, 103, 0xc0);
5857
5858 run_bbp_read(sc, 138, &bbp);
5859 if (sc->ntxchains == 1)
5860 bbp |= 0x20; /* turn off DAC1 */
5861 if (sc->nrxchains == 1)
5862 bbp &= ~0x02; /* turn off ADC1 */
5863 run_bbp_write(sc, 138, bbp);
5864
5865 if (sc->mac_rev >= 0x0211) {
5866 /* improve power consumption */
5867 run_bbp_read(sc, 31, &bbp);
5868 run_bbp_write(sc, 31, bbp & ~0x03);
5869 }
5870
5871 run_rt3070_rf_read(sc, 16, &rf);
5872 rf = (rf & ~0x07) | sc->txmixgain_2ghz;
5873 run_rt3070_rf_write(sc, 16, rf);
5874
5875 } else if (sc->mac_ver == 0x3071) {
5876 if (sc->mac_rev >= 0x0211) {
5877 /* enable DC filter */
5878 run_bbp_write(sc, 103, 0xc0);
5879
5880 /* improve power consumption */
5881 run_bbp_read(sc, 31, &bbp);
5882 run_bbp_write(sc, 31, bbp & ~0x03);
5883 }
5884
5885 run_bbp_read(sc, 138, &bbp);
5886 if (sc->ntxchains == 1)
5887 bbp |= 0x20; /* turn off DAC1 */
5888 if (sc->nrxchains == 1)
5889 bbp &= ~0x02; /* turn off ADC1 */
5890 run_bbp_write(sc, 138, bbp);
5891
5892 run_write(sc, RT2860_TX_SW_CFG1, 0);
5893 if (sc->mac_rev < 0x0211) {
5894 run_write(sc, RT2860_TX_SW_CFG2,
5895 sc->patch_dac ? 0x2c : 0x0f);
5896 } else
5897 run_write(sc, RT2860_TX_SW_CFG2, 0);
5898
5899 } else if (sc->mac_ver == 0x3070) {
5900 if (sc->mac_rev >= 0x0201) {
5901 /* enable DC filter */
5902 run_bbp_write(sc, 103, 0xc0);
5903
5904 /* improve power consumption */
5905 run_bbp_read(sc, 31, &bbp);
5906 run_bbp_write(sc, 31, bbp & ~0x03);
5907 }
5908
5909 if (sc->mac_rev < 0x0201) {
5910 run_write(sc, RT2860_TX_SW_CFG1, 0);
5911 run_write(sc, RT2860_TX_SW_CFG2, 0x2c);
5912 } else
5913 run_write(sc, RT2860_TX_SW_CFG2, 0);
5914 }
5915
5916 /* initialize RF registers from ROM for >=RT3071*/
5917 if (sc->mac_ver >= 0x3071) {
5918 for (i = 0; i < 10; i++) {
5919 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff)
5920 continue;
5921 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val);
5922 }
5923 }
5924 }
5925
5926 static void
run_rt3593_rf_setup(struct run_softc * sc)5927 run_rt3593_rf_setup(struct run_softc *sc)
5928 {
5929 uint8_t bbp, rf;
5930
5931 if (sc->mac_rev >= 0x0211) {
5932 /* Enable DC filter. */
5933 run_bbp_write(sc, 103, 0xc0);
5934 }
5935 run_write(sc, RT2860_TX_SW_CFG1, 0);
5936 if (sc->mac_rev < 0x0211) {
5937 run_write(sc, RT2860_TX_SW_CFG2,
5938 sc->patch_dac ? 0x2c : 0x0f);
5939 } else
5940 run_write(sc, RT2860_TX_SW_CFG2, 0);
5941
5942 run_rt3070_rf_read(sc, 50, &rf);
5943 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2);
5944
5945 run_rt3070_rf_read(sc, 51, &rf);
5946 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) |
5947 ((sc->txmixgain_2ghz & 0x07) << 2);
5948 run_rt3070_rf_write(sc, 51, rf);
5949
5950 run_rt3070_rf_read(sc, 38, &rf);
5951 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1);
5952
5953 run_rt3070_rf_read(sc, 39, &rf);
5954 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2);
5955
5956 run_rt3070_rf_read(sc, 1, &rf);
5957 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD));
5958
5959 run_rt3070_rf_read(sc, 30, &rf);
5960 rf = (rf & ~0x18) | 0x10;
5961 run_rt3070_rf_write(sc, 30, rf);
5962
5963 /* Apply maximum likelihood detection for 2 stream case. */
5964 run_bbp_read(sc, 105, &bbp);
5965 if (sc->nrxchains > 1)
5966 run_bbp_write(sc, 105, bbp | RT5390_MLD);
5967
5968 /* Avoid data lost and CRC error. */
5969 run_bbp_read(sc, 4, &bbp);
5970 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
5971
5972 run_bbp_write(sc, 92, 0x02);
5973 run_bbp_write(sc, 82, 0x82);
5974 run_bbp_write(sc, 106, 0x05);
5975 run_bbp_write(sc, 104, 0x92);
5976 run_bbp_write(sc, 88, 0x90);
5977 run_bbp_write(sc, 148, 0xc8);
5978 run_bbp_write(sc, 47, 0x48);
5979 run_bbp_write(sc, 120, 0x50);
5980
5981 run_bbp_write(sc, 163, 0x9d);
5982
5983 /* SNR mapping. */
5984 run_bbp_write(sc, 142, 0x06);
5985 run_bbp_write(sc, 143, 0xa0);
5986 run_bbp_write(sc, 142, 0x07);
5987 run_bbp_write(sc, 143, 0xa1);
5988 run_bbp_write(sc, 142, 0x08);
5989 run_bbp_write(sc, 143, 0xa2);
5990
5991 run_bbp_write(sc, 31, 0x08);
5992 run_bbp_write(sc, 68, 0x0b);
5993 run_bbp_write(sc, 105, 0x04);
5994 }
5995
5996 static void
run_rt5390_rf_setup(struct run_softc * sc)5997 run_rt5390_rf_setup(struct run_softc *sc)
5998 {
5999 uint8_t bbp, rf;
6000
6001 if (sc->mac_rev >= 0x0211) {
6002 /* Enable DC filter. */
6003 run_bbp_write(sc, 103, 0xc0);
6004
6005 if (sc->mac_ver != 0x5592) {
6006 /* Improve power consumption. */
6007 run_bbp_read(sc, 31, &bbp);
6008 run_bbp_write(sc, 31, bbp & ~0x03);
6009 }
6010 }
6011
6012 run_bbp_read(sc, 138, &bbp);
6013 if (sc->ntxchains == 1)
6014 bbp |= 0x20; /* turn off DAC1 */
6015 if (sc->nrxchains == 1)
6016 bbp &= ~0x02; /* turn off ADC1 */
6017 run_bbp_write(sc, 138, bbp);
6018
6019 run_rt3070_rf_read(sc, 38, &rf);
6020 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1);
6021
6022 run_rt3070_rf_read(sc, 39, &rf);
6023 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2);
6024
6025 /* Avoid data lost and CRC error. */
6026 run_bbp_read(sc, 4, &bbp);
6027 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
6028
6029 run_rt3070_rf_read(sc, 30, &rf);
6030 rf = (rf & ~0x18) | 0x10;
6031 run_rt3070_rf_write(sc, 30, rf);
6032
6033 if (sc->mac_ver != 0x5592) {
6034 run_write(sc, RT2860_TX_SW_CFG1, 0);
6035 if (sc->mac_rev < 0x0211) {
6036 run_write(sc, RT2860_TX_SW_CFG2,
6037 sc->patch_dac ? 0x2c : 0x0f);
6038 } else
6039 run_write(sc, RT2860_TX_SW_CFG2, 0);
6040 }
6041 }
6042
6043 static int
run_txrx_enable(struct run_softc * sc)6044 run_txrx_enable(struct run_softc *sc)
6045 {
6046 struct ieee80211com *ic = &sc->sc_ic;
6047 uint32_t tmp;
6048 int error, ntries;
6049
6050 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN);
6051 for (ntries = 0; ntries < 200; ntries++) {
6052 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0)
6053 return (error);
6054 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
6055 break;
6056 run_delay(sc, 50);
6057 }
6058 if (ntries == 200)
6059 return (ETIMEDOUT);
6060
6061 run_delay(sc, 50);
6062
6063 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE;
6064 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
6065
6066 /* enable Rx bulk aggregation (set timeout and limit) */
6067 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN |
6068 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2);
6069 run_write(sc, RT2860_USB_DMA_CFG, tmp);
6070
6071 /* set Rx filter */
6072 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR;
6073 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
6074 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL |
6075 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK |
6076 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV |
6077 RT2860_DROP_CFACK | RT2860_DROP_CFEND;
6078 if (ic->ic_opmode == IEEE80211_M_STA)
6079 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL;
6080 }
6081 run_write(sc, RT2860_RX_FILTR_CFG, tmp);
6082
6083 run_write(sc, RT2860_MAC_SYS_CTRL,
6084 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
6085
6086 return (0);
6087 }
6088
6089 static void
run_adjust_freq_offset(struct run_softc * sc)6090 run_adjust_freq_offset(struct run_softc *sc)
6091 {
6092 uint8_t rf, tmp;
6093
6094 run_rt3070_rf_read(sc, 17, &rf);
6095 tmp = rf;
6096 rf = (rf & ~0x7f) | (sc->freq & 0x7f);
6097 rf = MIN(rf, 0x5f);
6098
6099 if (tmp != rf)
6100 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf);
6101 }
6102
6103 static void
run_init_locked(struct run_softc * sc)6104 run_init_locked(struct run_softc *sc)
6105 {
6106 struct ieee80211com *ic = &sc->sc_ic;
6107 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
6108 uint32_t tmp;
6109 uint8_t bbp1, bbp3;
6110 int i;
6111 int ridx;
6112 int ntries;
6113
6114 if (ic->ic_nrunning > 1)
6115 return;
6116
6117 run_stop(sc);
6118
6119 if (run_load_microcode(sc) != 0) {
6120 device_printf(sc->sc_dev, "could not load 8051 microcode\n");
6121 goto fail;
6122 }
6123
6124 for (ntries = 0; ntries < 100; ntries++) {
6125 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0)
6126 goto fail;
6127 if (tmp != 0 && tmp != 0xffffffff)
6128 break;
6129 run_delay(sc, 10);
6130 }
6131 if (ntries == 100)
6132 goto fail;
6133
6134 for (i = 0; i != RUN_EP_QUEUES; i++)
6135 run_setup_tx_list(sc, &sc->sc_epq[i]);
6136
6137 run_set_macaddr(sc, vap ? vap->iv_myaddr : ic->ic_macaddr);
6138
6139 for (ntries = 0; ntries < 100; ntries++) {
6140 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0)
6141 goto fail;
6142 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
6143 break;
6144 run_delay(sc, 10);
6145 }
6146 if (ntries == 100) {
6147 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n");
6148 goto fail;
6149 }
6150 tmp &= 0xff0;
6151 tmp |= RT2860_TX_WB_DDONE;
6152 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
6153
6154 /* turn off PME_OEN to solve high-current issue */
6155 run_read(sc, RT2860_SYS_CTRL, &tmp);
6156 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN);
6157
6158 run_write(sc, RT2860_MAC_SYS_CTRL,
6159 RT2860_BBP_HRST | RT2860_MAC_SRST);
6160 run_write(sc, RT2860_USB_DMA_CFG, 0);
6161
6162 if (run_reset(sc) != 0) {
6163 device_printf(sc->sc_dev, "could not reset chipset\n");
6164 goto fail;
6165 }
6166
6167 run_write(sc, RT2860_MAC_SYS_CTRL, 0);
6168
6169 /* init Tx power for all Tx rates (from EEPROM) */
6170 for (ridx = 0; ridx < 5; ridx++) {
6171 if (sc->txpow20mhz[ridx] == 0xffffffff)
6172 continue;
6173 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]);
6174 }
6175
6176 for (i = 0; i < nitems(rt2870_def_mac); i++)
6177 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val);
6178 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273);
6179 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344);
6180 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa);
6181
6182 if (sc->mac_ver >= 0x5390) {
6183 run_write(sc, RT2860_TX_SW_CFG0,
6184 4 << RT2860_DLY_PAPE_EN_SHIFT | 4);
6185 if (sc->mac_ver >= 0x5392) {
6186 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff);
6187 if (sc->mac_ver == 0x5592) {
6188 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980);
6189 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082);
6190 } else {
6191 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980);
6192 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322);
6193 }
6194 }
6195 } else if (sc->mac_ver == 0x3593) {
6196 run_write(sc, RT2860_TX_SW_CFG0,
6197 4 << RT2860_DLY_PAPE_EN_SHIFT | 2);
6198 } else if (sc->mac_ver >= 0x3070) {
6199 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */
6200 run_write(sc, RT2860_TX_SW_CFG0,
6201 4 << RT2860_DLY_PAPE_EN_SHIFT);
6202 }
6203
6204 /* wait while MAC is busy */
6205 for (ntries = 0; ntries < 100; ntries++) {
6206 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0)
6207 goto fail;
6208 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY)))
6209 break;
6210 run_delay(sc, 10);
6211 }
6212 if (ntries == 100)
6213 goto fail;
6214
6215 /* clear Host to MCU mailbox */
6216 run_write(sc, RT2860_H2M_BBPAGENT, 0);
6217 run_write(sc, RT2860_H2M_MAILBOX, 0);
6218 run_delay(sc, 10);
6219
6220 if (run_bbp_init(sc) != 0) {
6221 device_printf(sc->sc_dev, "could not initialize BBP\n");
6222 goto fail;
6223 }
6224
6225 /* abort TSF synchronization */
6226 run_disable_tsf(sc);
6227
6228 /* clear RX WCID search table */
6229 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512);
6230 /* clear WCID attribute table */
6231 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32);
6232
6233 /* hostapd sets a key before init. So, don't clear it. */
6234 if (sc->cmdq_key_set != RUN_CMDQ_GO) {
6235 /* clear shared key table */
6236 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32);
6237 /* clear shared key mode */
6238 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4);
6239 }
6240
6241 run_read(sc, RT2860_US_CYC_CNT, &tmp);
6242 tmp = (tmp & ~0xff) | 0x1e;
6243 run_write(sc, RT2860_US_CYC_CNT, tmp);
6244
6245 if (sc->mac_rev != 0x0101)
6246 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f);
6247
6248 run_write(sc, RT2860_WMM_TXOP0_CFG, 0);
6249 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96);
6250
6251 /* write vendor-specific BBP values (from EEPROM) */
6252 if (sc->mac_ver < 0x3593) {
6253 for (i = 0; i < 10; i++) {
6254 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff)
6255 continue;
6256 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val);
6257 }
6258 }
6259
6260 /* select Main antenna for 1T1R devices */
6261 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370)
6262 run_set_rx_antenna(sc, 0);
6263
6264 /* send LEDs operating mode to microcontroller */
6265 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]);
6266 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]);
6267 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]);
6268
6269 if (sc->mac_ver >= 0x5390)
6270 run_rt5390_rf_init(sc);
6271 else if (sc->mac_ver == 0x3593)
6272 run_rt3593_rf_init(sc);
6273 else if (sc->mac_ver >= 0x3070)
6274 run_rt3070_rf_init(sc);
6275
6276 /* disable non-existing Rx chains */
6277 run_bbp_read(sc, 3, &bbp3);
6278 bbp3 &= ~(1 << 3 | 1 << 4);
6279 if (sc->nrxchains == 2)
6280 bbp3 |= 1 << 3;
6281 else if (sc->nrxchains == 3)
6282 bbp3 |= 1 << 4;
6283 run_bbp_write(sc, 3, bbp3);
6284
6285 /* disable non-existing Tx chains */
6286 run_bbp_read(sc, 1, &bbp1);
6287 if (sc->ntxchains == 1)
6288 bbp1 &= ~(1 << 3 | 1 << 4);
6289 run_bbp_write(sc, 1, bbp1);
6290
6291 if (sc->mac_ver >= 0x5390)
6292 run_rt5390_rf_setup(sc);
6293 else if (sc->mac_ver == 0x3593)
6294 run_rt3593_rf_setup(sc);
6295 else if (sc->mac_ver >= 0x3070)
6296 run_rt3070_rf_setup(sc);
6297
6298 /* select default channel */
6299 run_set_chan(sc, ic->ic_curchan);
6300
6301 /* setup initial protection mode */
6302 run_updateprot_cb(ic);
6303
6304 /* turn radio LED on */
6305 run_set_leds(sc, RT2860_LED_RADIO);
6306
6307 /* Set up AUTO_RSP_CFG register for auto response */
6308 run_write(sc, RT2860_AUTO_RSP_CFG, RT2860_AUTO_RSP_EN |
6309 RT2860_BAC_ACKPOLICY_EN | RT2860_CTS_40M_MODE_EN);
6310
6311 sc->sc_flags |= RUN_RUNNING;
6312 sc->cmdq_run = RUN_CMDQ_GO;
6313
6314 for (i = 0; i != RUN_N_XFER; i++)
6315 usbd_xfer_set_stall(sc->sc_xfer[i]);
6316
6317 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]);
6318
6319 if (run_txrx_enable(sc) != 0)
6320 goto fail;
6321
6322 return;
6323
6324 fail:
6325 run_stop(sc);
6326 }
6327
6328 static void
run_stop(void * arg)6329 run_stop(void *arg)
6330 {
6331 struct run_softc *sc = (struct run_softc *)arg;
6332 uint32_t tmp;
6333 int i;
6334 int ntries;
6335
6336 RUN_LOCK_ASSERT(sc, MA_OWNED);
6337
6338 if (sc->sc_flags & RUN_RUNNING)
6339 run_set_leds(sc, 0); /* turn all LEDs off */
6340
6341 sc->sc_flags &= ~RUN_RUNNING;
6342
6343 sc->ratectl_run = RUN_RATECTL_OFF;
6344 sc->cmdq_run = sc->cmdq_key_set;
6345
6346 RUN_UNLOCK(sc);
6347
6348 for(i = 0; i < RUN_N_XFER; i++)
6349 usbd_transfer_drain(sc->sc_xfer[i]);
6350
6351 RUN_LOCK(sc);
6352
6353 run_drain_mbufq(sc);
6354
6355 if (sc->rx_m != NULL) {
6356 m_free(sc->rx_m);
6357 sc->rx_m = NULL;
6358 }
6359
6360 /* Disable Tx/Rx DMA. */
6361 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0)
6362 return;
6363 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN);
6364 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
6365
6366 for (ntries = 0; ntries < 100; ntries++) {
6367 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0)
6368 return;
6369 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
6370 break;
6371 run_delay(sc, 10);
6372 }
6373 if (ntries == 100) {
6374 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n");
6375 return;
6376 }
6377
6378 /* disable Tx/Rx */
6379 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp);
6380 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
6381 run_write(sc, RT2860_MAC_SYS_CTRL, tmp);
6382
6383 /* wait for pending Tx to complete */
6384 for (ntries = 0; ntries < 100; ntries++) {
6385 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) {
6386 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_RESET,
6387 "Cannot read Tx queue count\n");
6388 break;
6389 }
6390 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) {
6391 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_RESET,
6392 "All Tx cleared\n");
6393 break;
6394 }
6395 run_delay(sc, 10);
6396 }
6397 if (ntries >= 100)
6398 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_RESET,
6399 "There are still pending Tx\n");
6400 run_delay(sc, 10);
6401 run_write(sc, RT2860_USB_DMA_CFG, 0);
6402
6403 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST);
6404 run_write(sc, RT2860_MAC_SYS_CTRL, 0);
6405
6406 for (i = 0; i != RUN_EP_QUEUES; i++)
6407 run_unsetup_tx_list(sc, &sc->sc_epq[i]);
6408 }
6409
6410 static void
run_delay(struct run_softc * sc,u_int ms)6411 run_delay(struct run_softc *sc, u_int ms)
6412 {
6413 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ?
6414 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms));
6415 }
6416
6417 static void
run_update_chw(struct ieee80211com * ic)6418 run_update_chw(struct ieee80211com *ic)
6419 {
6420
6421 printf("%s: TODO\n", __func__);
6422 }
6423
6424 static int
run_ampdu_enable(struct ieee80211_node * ni,struct ieee80211_tx_ampdu * tap)6425 run_ampdu_enable(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap)
6426 {
6427
6428 /* For now, no A-MPDU TX support in the driver */
6429 /*
6430 * TODO: maybe we needed to enable seqno generation too?
6431 * What other TX desc bits are missing/needed?
6432 */
6433 return (0);
6434 }
6435
6436 static device_method_t run_methods[] = {
6437 /* Device interface */
6438 DEVMETHOD(device_probe, run_match),
6439 DEVMETHOD(device_attach, run_attach),
6440 DEVMETHOD(device_detach, run_detach),
6441 DEVMETHOD_END
6442 };
6443
6444 static driver_t run_driver = {
6445 .name = "run",
6446 .methods = run_methods,
6447 .size = sizeof(struct run_softc)
6448 };
6449
6450 DRIVER_MODULE(run, uhub, run_driver, run_driver_loaded, NULL);
6451 MODULE_DEPEND(run, wlan, 1, 1, 1);
6452 MODULE_DEPEND(run, usb, 1, 1, 1);
6453 MODULE_DEPEND(run, firmware, 1, 1, 1);
6454 MODULE_VERSION(run, 1);
6455 USB_PNP_HOST_INFO(run_devs);
6456