1 /*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD$"); 22 23 /*- 24 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sockio.h> 30 #include <sys/sysctl.h> 31 #include <sys/lock.h> 32 #include <sys/mutex.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 #include <sys/linker.h> 42 #include <sys/firmware.h> 43 #include <sys/kdb.h> 44 45 #include <machine/bus.h> 46 #include <machine/resource.h> 47 #include <sys/rman.h> 48 49 #include <net/bpf.h> 50 #include <net/if.h> 51 #include <net/if_var.h> 52 #include <net/if_arp.h> 53 #include <net/ethernet.h> 54 #include <net/if_dl.h> 55 #include <net/if_media.h> 56 #include <net/if_types.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #include <netinet/ip.h> 63 64 #include <net80211/ieee80211_var.h> 65 #include <net80211/ieee80211_regdomain.h> 66 #include <net80211/ieee80211_radiotap.h> 67 #include <net80211/ieee80211_ratectl.h> 68 69 #include <dev/usb/usb.h> 70 #include <dev/usb/usbdi.h> 71 #include "usbdevs.h" 72 73 #define USB_DEBUG_VAR run_debug 74 #include <dev/usb/usb_debug.h> 75 #include <dev/usb/usb_msctest.h> 76 77 #include <dev/usb/wlan/if_runreg.h> 78 #include <dev/usb/wlan/if_runvar.h> 79 80 #ifdef USB_DEBUG 81 #define RUN_DEBUG 82 #endif 83 84 #ifdef RUN_DEBUG 85 int run_debug = 0; 86 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 87 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 88 "run debug level"); 89 #endif 90 91 #define IEEE80211_HAS_ADDR4(wh) \ 92 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 93 94 /* 95 * Because of LOR in run_key_delete(), use atomic instead. 96 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 97 */ 98 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 99 100 static const STRUCT_USB_HOST_ID run_devs[] = { 101 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 102 #define RUN_DEV_EJECT(v,p) \ 103 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, 0) } 104 RUN_DEV(ABOCOM, RT2770), 105 RUN_DEV(ABOCOM, RT2870), 106 RUN_DEV(ABOCOM, RT3070), 107 RUN_DEV(ABOCOM, RT3071), 108 RUN_DEV(ABOCOM, RT3072), 109 RUN_DEV(ABOCOM2, RT2870_1), 110 RUN_DEV(ACCTON, RT2770), 111 RUN_DEV(ACCTON, RT2870_1), 112 RUN_DEV(ACCTON, RT2870_2), 113 RUN_DEV(ACCTON, RT2870_3), 114 RUN_DEV(ACCTON, RT2870_4), 115 RUN_DEV(ACCTON, RT2870_5), 116 RUN_DEV(ACCTON, RT3070), 117 RUN_DEV(ACCTON, RT3070_1), 118 RUN_DEV(ACCTON, RT3070_2), 119 RUN_DEV(ACCTON, RT3070_3), 120 RUN_DEV(ACCTON, RT3070_4), 121 RUN_DEV(ACCTON, RT3070_5), 122 RUN_DEV(AIRTIES, RT3070), 123 RUN_DEV(ALLWIN, RT2070), 124 RUN_DEV(ALLWIN, RT2770), 125 RUN_DEV(ALLWIN, RT2870), 126 RUN_DEV(ALLWIN, RT3070), 127 RUN_DEV(ALLWIN, RT3071), 128 RUN_DEV(ALLWIN, RT3072), 129 RUN_DEV(ALLWIN, RT3572), 130 RUN_DEV(AMIGO, RT2870_1), 131 RUN_DEV(AMIGO, RT2870_2), 132 RUN_DEV(AMIT, CGWLUSB2GNR), 133 RUN_DEV(AMIT, RT2870_1), 134 RUN_DEV(AMIT2, RT2870), 135 RUN_DEV(ASUS, RT2870_1), 136 RUN_DEV(ASUS, RT2870_2), 137 RUN_DEV(ASUS, RT2870_3), 138 RUN_DEV(ASUS, RT2870_4), 139 RUN_DEV(ASUS, RT2870_5), 140 RUN_DEV(ASUS, USBN13), 141 RUN_DEV(ASUS, RT3070_1), 142 RUN_DEV(ASUS, USBN66), 143 RUN_DEV(ASUS, USB_N53), 144 RUN_DEV(ASUS2, USBN11), 145 RUN_DEV(AZUREWAVE, RT2870_1), 146 RUN_DEV(AZUREWAVE, RT2870_2), 147 RUN_DEV(AZUREWAVE, RT3070_1), 148 RUN_DEV(AZUREWAVE, RT3070_2), 149 RUN_DEV(AZUREWAVE, RT3070_3), 150 RUN_DEV(BELKIN, F9L1103), 151 RUN_DEV(BELKIN, F5D8053V3), 152 RUN_DEV(BELKIN, F5D8055), 153 RUN_DEV(BELKIN, F5D8055V2), 154 RUN_DEV(BELKIN, F6D4050V1), 155 RUN_DEV(BELKIN, F6D4050V2), 156 RUN_DEV(BELKIN, RT2870_1), 157 RUN_DEV(BELKIN, RT2870_2), 158 RUN_DEV(CISCOLINKSYS, AE1000), 159 RUN_DEV(CISCOLINKSYS2, RT3070), 160 RUN_DEV(CISCOLINKSYS3, RT3070), 161 RUN_DEV(CONCEPTRONIC2, RT2870_1), 162 RUN_DEV(CONCEPTRONIC2, RT2870_2), 163 RUN_DEV(CONCEPTRONIC2, RT2870_3), 164 RUN_DEV(CONCEPTRONIC2, RT2870_4), 165 RUN_DEV(CONCEPTRONIC2, RT2870_5), 166 RUN_DEV(CONCEPTRONIC2, RT2870_6), 167 RUN_DEV(CONCEPTRONIC2, RT2870_7), 168 RUN_DEV(CONCEPTRONIC2, RT2870_8), 169 RUN_DEV(CONCEPTRONIC2, RT3070_1), 170 RUN_DEV(CONCEPTRONIC2, RT3070_2), 171 RUN_DEV(CONCEPTRONIC2, VIGORN61), 172 RUN_DEV(COREGA, CGWLUSB300GNM), 173 RUN_DEV(COREGA, RT2870_1), 174 RUN_DEV(COREGA, RT2870_2), 175 RUN_DEV(COREGA, RT2870_3), 176 RUN_DEV(COREGA, RT3070), 177 RUN_DEV(CYBERTAN, RT2870), 178 RUN_DEV(DLINK, RT2870), 179 RUN_DEV(DLINK, RT3072), 180 RUN_DEV(DLINK, DWA127), 181 RUN_DEV(DLINK, DWA140B3), 182 RUN_DEV(DLINK, DWA160B2), 183 RUN_DEV(DLINK, DWA162), 184 RUN_DEV(DLINK2, DWA130), 185 RUN_DEV(DLINK2, RT2870_1), 186 RUN_DEV(DLINK2, RT2870_2), 187 RUN_DEV(DLINK2, RT3070_1), 188 RUN_DEV(DLINK2, RT3070_2), 189 RUN_DEV(DLINK2, RT3070_3), 190 RUN_DEV(DLINK2, RT3070_4), 191 RUN_DEV(DLINK2, RT3070_5), 192 RUN_DEV(DLINK2, RT3072), 193 RUN_DEV(DLINK2, RT3072_1), 194 RUN_DEV(EDIMAX, EW7717), 195 RUN_DEV(EDIMAX, EW7718), 196 RUN_DEV(EDIMAX, EW7733UND), 197 RUN_DEV(EDIMAX, RT2870_1), 198 RUN_DEV(ENCORE, RT3070_1), 199 RUN_DEV(ENCORE, RT3070_2), 200 RUN_DEV(ENCORE, RT3070_3), 201 RUN_DEV(GIGABYTE, GNWB31N), 202 RUN_DEV(GIGABYTE, GNWB32L), 203 RUN_DEV(GIGABYTE, RT2870_1), 204 RUN_DEV(GIGASET, RT3070_1), 205 RUN_DEV(GIGASET, RT3070_2), 206 RUN_DEV(GUILLEMOT, HWNU300), 207 RUN_DEV(HAWKING, HWUN2), 208 RUN_DEV(HAWKING, RT2870_1), 209 RUN_DEV(HAWKING, RT2870_2), 210 RUN_DEV(HAWKING, RT3070), 211 RUN_DEV(IODATA, RT3072_1), 212 RUN_DEV(IODATA, RT3072_2), 213 RUN_DEV(IODATA, RT3072_3), 214 RUN_DEV(IODATA, RT3072_4), 215 RUN_DEV(LINKSYS4, RT3070), 216 RUN_DEV(LINKSYS4, WUSB100), 217 RUN_DEV(LINKSYS4, WUSB54GCV3), 218 RUN_DEV(LINKSYS4, WUSB600N), 219 RUN_DEV(LINKSYS4, WUSB600NV2), 220 RUN_DEV(LOGITEC, RT2870_1), 221 RUN_DEV(LOGITEC, RT2870_2), 222 RUN_DEV(LOGITEC, RT2870_3), 223 RUN_DEV(LOGITEC, LANW300NU2), 224 RUN_DEV(LOGITEC, LANW150NU2), 225 RUN_DEV(LOGITEC, LANW300NU2S), 226 RUN_DEV(MELCO, RT2870_1), 227 RUN_DEV(MELCO, RT2870_2), 228 RUN_DEV(MELCO, WLIUCAG300N), 229 RUN_DEV(MELCO, WLIUCG300N), 230 RUN_DEV(MELCO, WLIUCG301N), 231 RUN_DEV(MELCO, WLIUCGN), 232 RUN_DEV(MELCO, WLIUCGNM), 233 RUN_DEV(MELCO, WLIUCGNM2), 234 RUN_DEV(MOTOROLA4, RT2770), 235 RUN_DEV(MOTOROLA4, RT3070), 236 RUN_DEV(MSI, RT3070_1), 237 RUN_DEV(MSI, RT3070_2), 238 RUN_DEV(MSI, RT3070_3), 239 RUN_DEV(MSI, RT3070_4), 240 RUN_DEV(MSI, RT3070_5), 241 RUN_DEV(MSI, RT3070_6), 242 RUN_DEV(MSI, RT3070_7), 243 RUN_DEV(MSI, RT3070_8), 244 RUN_DEV(MSI, RT3070_9), 245 RUN_DEV(MSI, RT3070_10), 246 RUN_DEV(MSI, RT3070_11), 247 RUN_DEV(OVISLINK, RT3072), 248 RUN_DEV(PARA, RT3070), 249 RUN_DEV(PEGATRON, RT2870), 250 RUN_DEV(PEGATRON, RT3070), 251 RUN_DEV(PEGATRON, RT3070_2), 252 RUN_DEV(PEGATRON, RT3070_3), 253 RUN_DEV(PHILIPS, RT2870), 254 RUN_DEV(PLANEX2, GWUS300MINIS), 255 RUN_DEV(PLANEX2, GWUSMICRON), 256 RUN_DEV(PLANEX2, RT2870), 257 RUN_DEV(PLANEX2, RT3070), 258 RUN_DEV(QCOM, RT2870), 259 RUN_DEV(QUANTA, RT3070), 260 RUN_DEV(RALINK, RT2070), 261 RUN_DEV(RALINK, RT2770), 262 RUN_DEV(RALINK, RT2870), 263 RUN_DEV(RALINK, RT3070), 264 RUN_DEV(RALINK, RT3071), 265 RUN_DEV(RALINK, RT3072), 266 RUN_DEV(RALINK, RT3370), 267 RUN_DEV(RALINK, RT3572), 268 RUN_DEV(RALINK, RT3573), 269 RUN_DEV(RALINK, RT5370), 270 RUN_DEV(RALINK, RT5572), 271 RUN_DEV(RALINK, RT8070), 272 RUN_DEV(SAMSUNG, WIS09ABGN), 273 RUN_DEV(SAMSUNG2, RT2870_1), 274 RUN_DEV(SENAO, RT2870_1), 275 RUN_DEV(SENAO, RT2870_2), 276 RUN_DEV(SENAO, RT2870_3), 277 RUN_DEV(SENAO, RT2870_4), 278 RUN_DEV(SENAO, RT3070), 279 RUN_DEV(SENAO, RT3071), 280 RUN_DEV(SENAO, RT3072_1), 281 RUN_DEV(SENAO, RT3072_2), 282 RUN_DEV(SENAO, RT3072_3), 283 RUN_DEV(SENAO, RT3072_4), 284 RUN_DEV(SENAO, RT3072_5), 285 RUN_DEV(SITECOMEU, RT2770), 286 RUN_DEV(SITECOMEU, RT2870_1), 287 RUN_DEV(SITECOMEU, RT2870_2), 288 RUN_DEV(SITECOMEU, RT2870_3), 289 RUN_DEV(SITECOMEU, RT2870_4), 290 RUN_DEV(SITECOMEU, RT3070), 291 RUN_DEV(SITECOMEU, RT3070_2), 292 RUN_DEV(SITECOMEU, RT3070_3), 293 RUN_DEV(SITECOMEU, RT3070_4), 294 RUN_DEV(SITECOMEU, RT3071), 295 RUN_DEV(SITECOMEU, RT3072_1), 296 RUN_DEV(SITECOMEU, RT3072_2), 297 RUN_DEV(SITECOMEU, RT3072_3), 298 RUN_DEV(SITECOMEU, RT3072_4), 299 RUN_DEV(SITECOMEU, RT3072_5), 300 RUN_DEV(SITECOMEU, RT3072_6), 301 RUN_DEV(SITECOMEU, WL608), 302 RUN_DEV(SPARKLAN, RT2870_1), 303 RUN_DEV(SPARKLAN, RT3070), 304 RUN_DEV(SWEEX2, LW153), 305 RUN_DEV(SWEEX2, LW303), 306 RUN_DEV(SWEEX2, LW313), 307 RUN_DEV(TOSHIBA, RT3070), 308 RUN_DEV(UMEDIA, RT2870_1), 309 RUN_DEV(ZCOM, RT2870_1), 310 RUN_DEV(ZCOM, RT2870_2), 311 RUN_DEV(ZINWELL, RT2870_1), 312 RUN_DEV(ZINWELL, RT2870_2), 313 RUN_DEV(ZINWELL, RT3070), 314 RUN_DEV(ZINWELL, RT3072_1), 315 RUN_DEV(ZINWELL, RT3072_2), 316 RUN_DEV(ZYXEL, RT2870_1), 317 RUN_DEV(ZYXEL, RT2870_2), 318 RUN_DEV(ZYXEL, NWD2705), 319 RUN_DEV_EJECT(RALINK, RT_STOR), 320 #undef RUN_DEV_EJECT 321 #undef RUN_DEV 322 }; 323 324 static device_probe_t run_match; 325 static device_attach_t run_attach; 326 static device_detach_t run_detach; 327 328 static usb_callback_t run_bulk_rx_callback; 329 static usb_callback_t run_bulk_tx_callback0; 330 static usb_callback_t run_bulk_tx_callback1; 331 static usb_callback_t run_bulk_tx_callback2; 332 static usb_callback_t run_bulk_tx_callback3; 333 static usb_callback_t run_bulk_tx_callback4; 334 static usb_callback_t run_bulk_tx_callback5; 335 336 static void run_autoinst(void *, struct usb_device *, 337 struct usb_attach_arg *); 338 static int run_driver_loaded(struct module *, int, void *); 339 static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 340 usb_error_t error, u_int index); 341 static struct ieee80211vap *run_vap_create(struct ieee80211com *, 342 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 343 const uint8_t [IEEE80211_ADDR_LEN], 344 const uint8_t [IEEE80211_ADDR_LEN]); 345 static void run_vap_delete(struct ieee80211vap *); 346 static void run_cmdq_cb(void *, int); 347 static void run_setup_tx_list(struct run_softc *, 348 struct run_endpoint_queue *); 349 static void run_unsetup_tx_list(struct run_softc *, 350 struct run_endpoint_queue *); 351 static int run_load_microcode(struct run_softc *); 352 static int run_reset(struct run_softc *); 353 static usb_error_t run_do_request(struct run_softc *, 354 struct usb_device_request *, void *); 355 static int run_read(struct run_softc *, uint16_t, uint32_t *); 356 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 357 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 358 static int run_write(struct run_softc *, uint16_t, uint32_t); 359 static int run_write_region_1(struct run_softc *, uint16_t, 360 const uint8_t *, int); 361 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 362 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 363 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 364 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 365 static int run_rt2870_rf_write(struct run_softc *, uint32_t); 366 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 367 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 368 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 369 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 370 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 371 static const char *run_get_rf(uint16_t); 372 static void run_rt3593_get_txpower(struct run_softc *); 373 static void run_get_txpower(struct run_softc *); 374 static int run_read_eeprom(struct run_softc *); 375 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 376 const uint8_t mac[IEEE80211_ADDR_LEN]); 377 static int run_media_change(struct ifnet *); 378 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 379 static int run_wme_update(struct ieee80211com *); 380 static void run_wme_update_cb(void *); 381 static void run_key_update_begin(struct ieee80211vap *); 382 static void run_key_update_end(struct ieee80211vap *); 383 static void run_key_set_cb(void *); 384 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 385 const uint8_t mac[IEEE80211_ADDR_LEN]); 386 static void run_key_delete_cb(void *); 387 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 388 static void run_ratectl_to(void *); 389 static void run_ratectl_cb(void *, int); 390 static void run_drain_fifo(void *); 391 static void run_iter_func(void *, struct ieee80211_node *); 392 static void run_newassoc_cb(void *); 393 static void run_newassoc(struct ieee80211_node *, int); 394 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 395 static void run_tx_free(struct run_endpoint_queue *pq, 396 struct run_tx_data *, int); 397 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 398 static int run_tx(struct run_softc *, struct mbuf *, 399 struct ieee80211_node *); 400 static int run_tx_mgt(struct run_softc *, struct mbuf *, 401 struct ieee80211_node *); 402 static int run_sendprot(struct run_softc *, const struct mbuf *, 403 struct ieee80211_node *, int, int); 404 static int run_tx_param(struct run_softc *, struct mbuf *, 405 struct ieee80211_node *, 406 const struct ieee80211_bpf_params *); 407 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 408 const struct ieee80211_bpf_params *); 409 static void run_start(struct ifnet *); 410 static int run_ioctl(struct ifnet *, u_long, caddr_t); 411 static void run_iq_calib(struct run_softc *, u_int); 412 static void run_set_agc(struct run_softc *, uint8_t); 413 static void run_select_chan_group(struct run_softc *, int); 414 static void run_set_rx_antenna(struct run_softc *, int); 415 static void run_rt2870_set_chan(struct run_softc *, u_int); 416 static void run_rt3070_set_chan(struct run_softc *, u_int); 417 static void run_rt3572_set_chan(struct run_softc *, u_int); 418 static void run_rt3593_set_chan(struct run_softc *, u_int); 419 static void run_rt5390_set_chan(struct run_softc *, u_int); 420 static void run_rt5592_set_chan(struct run_softc *, u_int); 421 static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 422 static void run_set_channel(struct ieee80211com *); 423 static void run_scan_start(struct ieee80211com *); 424 static void run_scan_end(struct ieee80211com *); 425 static void run_update_beacon(struct ieee80211vap *, int); 426 static void run_update_beacon_cb(void *); 427 static void run_updateprot(struct ieee80211com *); 428 static void run_updateprot_cb(void *); 429 static void run_usb_timeout_cb(void *); 430 static void run_reset_livelock(struct run_softc *); 431 static void run_enable_tsf_sync(struct run_softc *); 432 static void run_enable_mrr(struct run_softc *); 433 static void run_set_txpreamble(struct run_softc *); 434 static void run_set_basicrates(struct run_softc *); 435 static void run_set_leds(struct run_softc *, uint16_t); 436 static void run_set_bssid(struct run_softc *, const uint8_t *); 437 static void run_set_macaddr(struct run_softc *, const uint8_t *); 438 static void run_updateslot(struct ifnet *); 439 static void run_updateslot_cb(void *); 440 static void run_update_mcast(struct ifnet *); 441 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 442 static void run_update_promisc_locked(struct ifnet *); 443 static void run_update_promisc(struct ifnet *); 444 static void run_rt5390_bbp_init(struct run_softc *); 445 static int run_bbp_init(struct run_softc *); 446 static int run_rt3070_rf_init(struct run_softc *); 447 static void run_rt3593_rf_init(struct run_softc *); 448 static void run_rt5390_rf_init(struct run_softc *); 449 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 450 uint8_t *); 451 static void run_rt3070_rf_setup(struct run_softc *); 452 static void run_rt3593_rf_setup(struct run_softc *); 453 static void run_rt5390_rf_setup(struct run_softc *); 454 static int run_txrx_enable(struct run_softc *); 455 static void run_adjust_freq_offset(struct run_softc *); 456 static void run_init(void *); 457 static void run_init_locked(struct run_softc *); 458 static void run_stop(void *); 459 static void run_delay(struct run_softc *, u_int); 460 461 static eventhandler_tag run_etag; 462 463 static const struct rt2860_rate { 464 uint8_t rate; 465 uint8_t mcs; 466 enum ieee80211_phytype phy; 467 uint8_t ctl_ridx; 468 uint16_t sp_ack_dur; 469 uint16_t lp_ack_dur; 470 } rt2860_rates[] = { 471 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 472 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 473 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 474 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 475 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 476 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 477 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 478 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 479 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 480 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 481 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 482 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 483 }; 484 485 static const struct { 486 uint16_t reg; 487 uint32_t val; 488 } rt2870_def_mac[] = { 489 RT2870_DEF_MAC 490 }; 491 492 static const struct { 493 uint8_t reg; 494 uint8_t val; 495 } rt2860_def_bbp[] = { 496 RT2860_DEF_BBP 497 },rt5390_def_bbp[] = { 498 RT5390_DEF_BBP 499 },rt5592_def_bbp[] = { 500 RT5592_DEF_BBP 501 }; 502 503 /* 504 * Default values for BBP register R196 for RT5592. 505 */ 506 static const uint8_t rt5592_bbp_r196[] = { 507 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 508 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 509 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 510 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 511 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 512 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 513 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 514 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 515 0x2e, 0x36, 0x30, 0x6e 516 }; 517 518 static const struct rfprog { 519 uint8_t chan; 520 uint32_t r1, r2, r3, r4; 521 } rt2860_rf2850[] = { 522 RT2860_RF2850 523 }; 524 525 struct { 526 uint8_t n, r, k; 527 } rt3070_freqs[] = { 528 RT3070_RF3052 529 }; 530 531 static const struct rt5592_freqs { 532 uint16_t n; 533 uint8_t k, m, r; 534 } rt5592_freqs_20mhz[] = { 535 RT5592_RF5592_20MHZ 536 },rt5592_freqs_40mhz[] = { 537 RT5592_RF5592_40MHZ 538 }; 539 540 static const struct { 541 uint8_t reg; 542 uint8_t val; 543 } rt3070_def_rf[] = { 544 RT3070_DEF_RF 545 },rt3572_def_rf[] = { 546 RT3572_DEF_RF 547 },rt3593_def_rf[] = { 548 RT3593_DEF_RF 549 },rt5390_def_rf[] = { 550 RT5390_DEF_RF 551 },rt5392_def_rf[] = { 552 RT5392_DEF_RF 553 },rt5592_def_rf[] = { 554 RT5592_DEF_RF 555 },rt5592_2ghz_def_rf[] = { 556 RT5592_2GHZ_DEF_RF 557 },rt5592_5ghz_def_rf[] = { 558 RT5592_5GHZ_DEF_RF 559 }; 560 561 static const struct { 562 u_int firstchan; 563 u_int lastchan; 564 uint8_t reg; 565 uint8_t val; 566 } rt5592_chan_5ghz[] = { 567 RT5592_CHAN_5GHZ 568 }; 569 570 static const struct usb_config run_config[RUN_N_XFER] = { 571 [RUN_BULK_TX_BE] = { 572 .type = UE_BULK, 573 .endpoint = UE_ADDR_ANY, 574 .ep_index = 0, 575 .direction = UE_DIR_OUT, 576 .bufsize = RUN_MAX_TXSZ, 577 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 578 .callback = run_bulk_tx_callback0, 579 .timeout = 5000, /* ms */ 580 }, 581 [RUN_BULK_TX_BK] = { 582 .type = UE_BULK, 583 .endpoint = UE_ADDR_ANY, 584 .direction = UE_DIR_OUT, 585 .ep_index = 1, 586 .bufsize = RUN_MAX_TXSZ, 587 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 588 .callback = run_bulk_tx_callback1, 589 .timeout = 5000, /* ms */ 590 }, 591 [RUN_BULK_TX_VI] = { 592 .type = UE_BULK, 593 .endpoint = UE_ADDR_ANY, 594 .direction = UE_DIR_OUT, 595 .ep_index = 2, 596 .bufsize = RUN_MAX_TXSZ, 597 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 598 .callback = run_bulk_tx_callback2, 599 .timeout = 5000, /* ms */ 600 }, 601 [RUN_BULK_TX_VO] = { 602 .type = UE_BULK, 603 .endpoint = UE_ADDR_ANY, 604 .direction = UE_DIR_OUT, 605 .ep_index = 3, 606 .bufsize = RUN_MAX_TXSZ, 607 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 608 .callback = run_bulk_tx_callback3, 609 .timeout = 5000, /* ms */ 610 }, 611 [RUN_BULK_TX_HCCA] = { 612 .type = UE_BULK, 613 .endpoint = UE_ADDR_ANY, 614 .direction = UE_DIR_OUT, 615 .ep_index = 4, 616 .bufsize = RUN_MAX_TXSZ, 617 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 618 .callback = run_bulk_tx_callback4, 619 .timeout = 5000, /* ms */ 620 }, 621 [RUN_BULK_TX_PRIO] = { 622 .type = UE_BULK, 623 .endpoint = UE_ADDR_ANY, 624 .direction = UE_DIR_OUT, 625 .ep_index = 5, 626 .bufsize = RUN_MAX_TXSZ, 627 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 628 .callback = run_bulk_tx_callback5, 629 .timeout = 5000, /* ms */ 630 }, 631 [RUN_BULK_RX] = { 632 .type = UE_BULK, 633 .endpoint = UE_ADDR_ANY, 634 .direction = UE_DIR_IN, 635 .bufsize = RUN_MAX_RXSZ, 636 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 637 .callback = run_bulk_rx_callback, 638 } 639 }; 640 641 static void 642 run_autoinst(void *arg, struct usb_device *udev, 643 struct usb_attach_arg *uaa) 644 { 645 struct usb_interface *iface; 646 struct usb_interface_descriptor *id; 647 648 if (uaa->dev_state != UAA_DEV_READY) 649 return; 650 651 iface = usbd_get_iface(udev, 0); 652 if (iface == NULL) 653 return; 654 id = iface->idesc; 655 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 656 return; 657 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 658 return; 659 660 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 661 uaa->dev_state = UAA_DEV_EJECTING; 662 } 663 664 static int 665 run_driver_loaded(struct module *mod, int what, void *arg) 666 { 667 switch (what) { 668 case MOD_LOAD: 669 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 670 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 671 break; 672 case MOD_UNLOAD: 673 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 674 break; 675 default: 676 return (EOPNOTSUPP); 677 } 678 return (0); 679 } 680 681 static int 682 run_match(device_t self) 683 { 684 struct usb_attach_arg *uaa = device_get_ivars(self); 685 686 if (uaa->usb_mode != USB_MODE_HOST) 687 return (ENXIO); 688 if (uaa->info.bConfigIndex != 0) 689 return (ENXIO); 690 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 691 return (ENXIO); 692 693 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 694 } 695 696 static int 697 run_attach(device_t self) 698 { 699 struct run_softc *sc = device_get_softc(self); 700 struct usb_attach_arg *uaa = device_get_ivars(self); 701 struct ieee80211com *ic; 702 struct ifnet *ifp; 703 uint32_t ver; 704 int ntries, error; 705 uint8_t iface_index, bands; 706 707 device_set_usb_desc(self); 708 sc->sc_udev = uaa->device; 709 sc->sc_dev = self; 710 711 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), 712 MTX_NETWORK_LOCK, MTX_DEF); 713 714 iface_index = RT2860_IFACE_INDEX; 715 716 error = usbd_transfer_setup(uaa->device, &iface_index, 717 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx); 718 if (error) { 719 device_printf(self, "could not allocate USB transfers, " 720 "err=%s\n", usbd_errstr(error)); 721 goto detach; 722 } 723 724 RUN_LOCK(sc); 725 726 /* wait for the chip to settle */ 727 for (ntries = 0; ntries < 100; ntries++) { 728 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 729 RUN_UNLOCK(sc); 730 goto detach; 731 } 732 if (ver != 0 && ver != 0xffffffff) 733 break; 734 run_delay(sc, 10); 735 } 736 if (ntries == 100) { 737 device_printf(sc->sc_dev, 738 "timeout waiting for NIC to initialize\n"); 739 RUN_UNLOCK(sc); 740 goto detach; 741 } 742 sc->mac_ver = ver >> 16; 743 sc->mac_rev = ver & 0xffff; 744 745 /* retrieve RF rev. no and various other things from EEPROM */ 746 run_read_eeprom(sc); 747 748 device_printf(sc->sc_dev, 749 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 750 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 751 sc->ntxchains, sc->nrxchains, ether_sprintf(sc->sc_bssid)); 752 753 RUN_UNLOCK(sc); 754 755 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 756 if (ifp == NULL) { 757 device_printf(sc->sc_dev, "can not if_alloc()\n"); 758 goto detach; 759 } 760 ic = ifp->if_l2com; 761 762 ifp->if_softc = sc; 763 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 764 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 765 ifp->if_init = run_init; 766 ifp->if_ioctl = run_ioctl; 767 ifp->if_start = run_start; 768 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 769 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 770 IFQ_SET_READY(&ifp->if_snd); 771 772 ic->ic_ifp = ifp; 773 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 774 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 775 776 /* set device capabilities */ 777 ic->ic_caps = 778 IEEE80211_C_STA | /* station mode supported */ 779 IEEE80211_C_MONITOR | /* monitor mode supported */ 780 IEEE80211_C_IBSS | 781 IEEE80211_C_HOSTAP | 782 IEEE80211_C_WDS | /* 4-address traffic works */ 783 IEEE80211_C_MBSS | 784 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 785 IEEE80211_C_SHSLOT | /* short slot time supported */ 786 IEEE80211_C_WME | /* WME */ 787 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 788 789 ic->ic_cryptocaps = 790 IEEE80211_CRYPTO_WEP | 791 IEEE80211_CRYPTO_AES_CCM | 792 IEEE80211_CRYPTO_TKIPMIC | 793 IEEE80211_CRYPTO_TKIP; 794 795 ic->ic_flags |= IEEE80211_F_DATAPAD; 796 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 797 798 bands = 0; 799 setbit(&bands, IEEE80211_MODE_11B); 800 setbit(&bands, IEEE80211_MODE_11G); 801 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 802 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 803 sc->rf_rev == RT5592_RF_5592) 804 setbit(&bands, IEEE80211_MODE_11A); 805 ieee80211_init_channels(ic, NULL, &bands); 806 807 ieee80211_ifattach(ic, sc->sc_bssid); 808 809 ic->ic_scan_start = run_scan_start; 810 ic->ic_scan_end = run_scan_end; 811 ic->ic_set_channel = run_set_channel; 812 ic->ic_node_alloc = run_node_alloc; 813 ic->ic_newassoc = run_newassoc; 814 ic->ic_updateslot = run_updateslot; 815 ic->ic_update_mcast = run_update_mcast; 816 ic->ic_wme.wme_update = run_wme_update; 817 ic->ic_raw_xmit = run_raw_xmit; 818 ic->ic_update_promisc = run_update_promisc; 819 820 ic->ic_vap_create = run_vap_create; 821 ic->ic_vap_delete = run_vap_delete; 822 823 ieee80211_radiotap_attach(ic, 824 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 825 RUN_TX_RADIOTAP_PRESENT, 826 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 827 RUN_RX_RADIOTAP_PRESENT); 828 829 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 830 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 831 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0); 832 833 if (bootverbose) 834 ieee80211_announce(ic); 835 836 return (0); 837 838 detach: 839 run_detach(self); 840 return (ENXIO); 841 } 842 843 static int 844 run_detach(device_t self) 845 { 846 struct run_softc *sc = device_get_softc(self); 847 struct ifnet *ifp = sc->sc_ifp; 848 struct ieee80211com *ic; 849 int i; 850 851 RUN_LOCK(sc); 852 sc->sc_detached = 1; 853 RUN_UNLOCK(sc); 854 855 /* stop all USB transfers */ 856 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 857 858 RUN_LOCK(sc); 859 sc->ratectl_run = RUN_RATECTL_OFF; 860 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 861 862 /* free TX list, if any */ 863 for (i = 0; i != RUN_EP_QUEUES; i++) 864 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 865 RUN_UNLOCK(sc); 866 867 if (ifp) { 868 ic = ifp->if_l2com; 869 /* drain tasks */ 870 usb_callout_drain(&sc->ratectl_ch); 871 ieee80211_draintask(ic, &sc->cmdq_task); 872 ieee80211_draintask(ic, &sc->ratectl_task); 873 ieee80211_ifdetach(ic); 874 if_free(ifp); 875 } 876 877 mtx_destroy(&sc->sc_mtx); 878 879 return (0); 880 } 881 882 static struct ieee80211vap * 883 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 884 enum ieee80211_opmode opmode, int flags, 885 const uint8_t bssid[IEEE80211_ADDR_LEN], 886 const uint8_t mac[IEEE80211_ADDR_LEN]) 887 { 888 struct ifnet *ifp = ic->ic_ifp; 889 struct run_softc *sc = ifp->if_softc; 890 struct run_vap *rvp; 891 struct ieee80211vap *vap; 892 int i; 893 894 if (sc->rvp_cnt >= RUN_VAP_MAX) { 895 if_printf(ifp, "number of VAPs maxed out\n"); 896 return (NULL); 897 } 898 899 switch (opmode) { 900 case IEEE80211_M_STA: 901 /* enable s/w bmiss handling for sta mode */ 902 flags |= IEEE80211_CLONE_NOBEACONS; 903 /* fall though */ 904 case IEEE80211_M_IBSS: 905 case IEEE80211_M_MONITOR: 906 case IEEE80211_M_HOSTAP: 907 case IEEE80211_M_MBSS: 908 /* other than WDS vaps, only one at a time */ 909 if (!TAILQ_EMPTY(&ic->ic_vaps)) 910 return (NULL); 911 break; 912 case IEEE80211_M_WDS: 913 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 914 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 915 continue; 916 /* WDS vap's always share the local mac address. */ 917 flags &= ~IEEE80211_CLONE_BSSID; 918 break; 919 } 920 if (vap == NULL) { 921 if_printf(ifp, "wds only supported in ap mode\n"); 922 return (NULL); 923 } 924 break; 925 default: 926 if_printf(ifp, "unknown opmode %d\n", opmode); 927 return (NULL); 928 } 929 930 rvp = (struct run_vap *) malloc(sizeof(struct run_vap), 931 M_80211_VAP, M_NOWAIT | M_ZERO); 932 if (rvp == NULL) 933 return (NULL); 934 vap = &rvp->vap; 935 936 if (ieee80211_vap_setup(ic, vap, name, unit, 937 opmode, flags, bssid, mac) != 0) { 938 /* out of memory */ 939 free(rvp, M_80211_VAP); 940 return (NULL); 941 } 942 943 vap->iv_key_update_begin = run_key_update_begin; 944 vap->iv_key_update_end = run_key_update_end; 945 vap->iv_update_beacon = run_update_beacon; 946 vap->iv_max_aid = RT2870_WCID_MAX; 947 /* 948 * To delete the right key from h/w, we need wcid. 949 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 950 * and matching wcid will be written into there. So, cast 951 * some spells to remove 'const' from ieee80211_key{} 952 */ 953 vap->iv_key_delete = (void *)run_key_delete; 954 vap->iv_key_set = (void *)run_key_set; 955 956 /* override state transition machine */ 957 rvp->newstate = vap->iv_newstate; 958 vap->iv_newstate = run_newstate; 959 960 ieee80211_ratectl_init(vap); 961 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 962 963 /* complete setup */ 964 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 965 966 /* make sure id is always unique */ 967 for (i = 0; i < RUN_VAP_MAX; i++) { 968 if((sc->rvp_bmap & 1 << i) == 0){ 969 sc->rvp_bmap |= 1 << i; 970 rvp->rvp_id = i; 971 break; 972 } 973 } 974 if (sc->rvp_cnt++ == 0) 975 ic->ic_opmode = opmode; 976 977 if (opmode == IEEE80211_M_HOSTAP) 978 sc->cmdq_run = RUN_CMDQ_GO; 979 980 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 981 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 982 983 return (vap); 984 } 985 986 static void 987 run_vap_delete(struct ieee80211vap *vap) 988 { 989 struct run_vap *rvp = RUN_VAP(vap); 990 struct ifnet *ifp; 991 struct ieee80211com *ic; 992 struct run_softc *sc; 993 uint8_t rvp_id; 994 995 if (vap == NULL) 996 return; 997 998 ic = vap->iv_ic; 999 ifp = ic->ic_ifp; 1000 1001 sc = ifp->if_softc; 1002 1003 RUN_LOCK(sc); 1004 1005 m_freem(rvp->beacon_mbuf); 1006 rvp->beacon_mbuf = NULL; 1007 1008 rvp_id = rvp->rvp_id; 1009 sc->ratectl_run &= ~(1 << rvp_id); 1010 sc->rvp_bmap &= ~(1 << rvp_id); 1011 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1012 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1013 --sc->rvp_cnt; 1014 1015 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1016 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1017 1018 RUN_UNLOCK(sc); 1019 1020 ieee80211_ratectl_deinit(vap); 1021 ieee80211_vap_detach(vap); 1022 free(rvp, M_80211_VAP); 1023 } 1024 1025 /* 1026 * There are numbers of functions need to be called in context thread. 1027 * Rather than creating taskqueue event for each of those functions, 1028 * here is all-for-one taskqueue callback function. This function 1029 * gurantees deferred functions are executed in the same order they 1030 * were enqueued. 1031 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1032 */ 1033 static void 1034 run_cmdq_cb(void *arg, int pending) 1035 { 1036 struct run_softc *sc = arg; 1037 uint8_t i; 1038 1039 /* call cmdq[].func locked */ 1040 RUN_LOCK(sc); 1041 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1042 i = sc->cmdq_exec, pending--) { 1043 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1044 if (sc->cmdq_run == RUN_CMDQ_GO) { 1045 /* 1046 * If arg0 is NULL, callback func needs more 1047 * than one arg. So, pass ptr to cmdq struct. 1048 */ 1049 if (sc->cmdq[i].arg0) 1050 sc->cmdq[i].func(sc->cmdq[i].arg0); 1051 else 1052 sc->cmdq[i].func(&sc->cmdq[i]); 1053 } 1054 sc->cmdq[i].arg0 = NULL; 1055 sc->cmdq[i].func = NULL; 1056 sc->cmdq_exec++; 1057 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1058 } 1059 RUN_UNLOCK(sc); 1060 } 1061 1062 static void 1063 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1064 { 1065 struct run_tx_data *data; 1066 1067 memset(pq, 0, sizeof(*pq)); 1068 1069 STAILQ_INIT(&pq->tx_qh); 1070 STAILQ_INIT(&pq->tx_fh); 1071 1072 for (data = &pq->tx_data[0]; 1073 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1074 data->sc = sc; 1075 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1076 } 1077 pq->tx_nfree = RUN_TX_RING_COUNT; 1078 } 1079 1080 static void 1081 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1082 { 1083 struct run_tx_data *data; 1084 1085 /* make sure any subsequent use of the queues will fail */ 1086 pq->tx_nfree = 0; 1087 STAILQ_INIT(&pq->tx_fh); 1088 STAILQ_INIT(&pq->tx_qh); 1089 1090 /* free up all node references and mbufs */ 1091 for (data = &pq->tx_data[0]; 1092 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1093 if (data->m != NULL) { 1094 m_freem(data->m); 1095 data->m = NULL; 1096 } 1097 if (data->ni != NULL) { 1098 ieee80211_free_node(data->ni); 1099 data->ni = NULL; 1100 } 1101 } 1102 } 1103 1104 static int 1105 run_load_microcode(struct run_softc *sc) 1106 { 1107 usb_device_request_t req; 1108 const struct firmware *fw; 1109 const u_char *base; 1110 uint32_t tmp; 1111 int ntries, error; 1112 const uint64_t *temp; 1113 uint64_t bytes; 1114 1115 RUN_UNLOCK(sc); 1116 fw = firmware_get("runfw"); 1117 RUN_LOCK(sc); 1118 if (fw == NULL) { 1119 device_printf(sc->sc_dev, 1120 "failed loadfirmware of file %s\n", "runfw"); 1121 return ENOENT; 1122 } 1123 1124 if (fw->datasize != 8192) { 1125 device_printf(sc->sc_dev, 1126 "invalid firmware size (should be 8KB)\n"); 1127 error = EINVAL; 1128 goto fail; 1129 } 1130 1131 /* 1132 * RT3071/RT3072 use a different firmware 1133 * run-rt2870 (8KB) contains both, 1134 * first half (4KB) is for rt2870, 1135 * last half is for rt3071. 1136 */ 1137 base = fw->data; 1138 if ((sc->mac_ver) != 0x2860 && 1139 (sc->mac_ver) != 0x2872 && 1140 (sc->mac_ver) != 0x3070) { 1141 base += 4096; 1142 } 1143 1144 /* cheap sanity check */ 1145 temp = fw->data; 1146 bytes = *temp; 1147 if (bytes != be64toh(0xffffff0210280210ULL)) { 1148 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1149 error = EINVAL; 1150 goto fail; 1151 } 1152 1153 /* write microcode image */ 1154 if (sc->mac_ver != 0x3593) { 1155 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1156 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1157 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1158 } 1159 1160 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1161 req.bRequest = RT2870_RESET; 1162 USETW(req.wValue, 8); 1163 USETW(req.wIndex, 0); 1164 USETW(req.wLength, 0); 1165 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) 1166 != 0) { 1167 device_printf(sc->sc_dev, "firmware reset failed\n"); 1168 goto fail; 1169 } 1170 1171 run_delay(sc, 10); 1172 1173 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1174 run_write(sc, RT2860_H2M_MAILBOX, 0); 1175 run_write(sc, RT2860_H2M_INTSRC, 0); 1176 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1177 goto fail; 1178 1179 /* wait until microcontroller is ready */ 1180 for (ntries = 0; ntries < 1000; ntries++) { 1181 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1182 goto fail; 1183 if (tmp & RT2860_MCU_READY) 1184 break; 1185 run_delay(sc, 10); 1186 } 1187 if (ntries == 1000) { 1188 device_printf(sc->sc_dev, 1189 "timeout waiting for MCU to initialize\n"); 1190 error = ETIMEDOUT; 1191 goto fail; 1192 } 1193 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1194 (base == fw->data) ? "RT2870" : "RT3071", 1195 *(base + 4092), *(base + 4093)); 1196 1197 fail: 1198 firmware_put(fw, FIRMWARE_UNLOAD); 1199 return (error); 1200 } 1201 1202 static int 1203 run_reset(struct run_softc *sc) 1204 { 1205 usb_device_request_t req; 1206 1207 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1208 req.bRequest = RT2870_RESET; 1209 USETW(req.wValue, 1); 1210 USETW(req.wIndex, 0); 1211 USETW(req.wLength, 0); 1212 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)); 1213 } 1214 1215 static usb_error_t 1216 run_do_request(struct run_softc *sc, 1217 struct usb_device_request *req, void *data) 1218 { 1219 usb_error_t err; 1220 int ntries = 10; 1221 1222 RUN_LOCK_ASSERT(sc, MA_OWNED); 1223 1224 while (ntries--) { 1225 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 1226 req, data, 0, NULL, 250 /* ms */); 1227 if (err == 0) 1228 break; 1229 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1230 usbd_errstr(err)); 1231 run_delay(sc, 10); 1232 } 1233 return (err); 1234 } 1235 1236 static int 1237 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1238 { 1239 uint32_t tmp; 1240 int error; 1241 1242 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1243 if (error == 0) 1244 *val = le32toh(tmp); 1245 else 1246 *val = 0xffffffff; 1247 return (error); 1248 } 1249 1250 static int 1251 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1252 { 1253 usb_device_request_t req; 1254 1255 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1256 req.bRequest = RT2870_READ_REGION_1; 1257 USETW(req.wValue, 0); 1258 USETW(req.wIndex, reg); 1259 USETW(req.wLength, len); 1260 1261 return (run_do_request(sc, &req, buf)); 1262 } 1263 1264 static int 1265 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1266 { 1267 usb_device_request_t req; 1268 1269 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1270 req.bRequest = RT2870_WRITE_2; 1271 USETW(req.wValue, val); 1272 USETW(req.wIndex, reg); 1273 USETW(req.wLength, 0); 1274 1275 return (run_do_request(sc, &req, NULL)); 1276 } 1277 1278 static int 1279 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1280 { 1281 int error; 1282 1283 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1284 error = run_write_2(sc, reg + 2, val >> 16); 1285 return (error); 1286 } 1287 1288 static int 1289 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1290 int len) 1291 { 1292 #if 1 1293 int i, error = 0; 1294 /* 1295 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1296 * We thus issue multiple WRITE_2 commands instead. 1297 */ 1298 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1299 for (i = 0; i < len && error == 0; i += 2) 1300 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1301 return (error); 1302 #else 1303 usb_device_request_t req; 1304 int error = 0; 1305 1306 /* 1307 * NOTE: It appears the WRITE_REGION_1 command cannot be 1308 * passed a huge amount of data, which will crash the 1309 * firmware. Limit amount of data passed to 64-bytes at a 1310 * time. 1311 */ 1312 while (len > 0) { 1313 int delta = 64; 1314 if (delta > len) 1315 delta = len; 1316 1317 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1318 req.bRequest = RT2870_WRITE_REGION_1; 1319 USETW(req.wValue, 0); 1320 USETW(req.wIndex, reg); 1321 USETW(req.wLength, delta); 1322 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1323 if (error != 0) 1324 break; 1325 reg += delta; 1326 buf += delta; 1327 len -= delta; 1328 } 1329 return (error); 1330 #endif 1331 } 1332 1333 static int 1334 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1335 { 1336 int i, error = 0; 1337 1338 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1339 for (i = 0; i < len && error == 0; i += 4) 1340 error = run_write(sc, reg + i, val); 1341 return (error); 1342 } 1343 1344 static int 1345 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1346 { 1347 uint32_t tmp; 1348 uint16_t reg; 1349 int error, ntries; 1350 1351 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1352 return (error); 1353 1354 if (count == 2) 1355 addr *= 2; 1356 /*- 1357 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1358 * DATA0: F E D C 1359 * DATA1: B A 9 8 1360 * DATA2: 7 6 5 4 1361 * DATA3: 3 2 1 0 1362 */ 1363 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1364 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1365 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1366 for (ntries = 0; ntries < 100; ntries++) { 1367 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1368 return (error); 1369 if (!(tmp & RT3070_EFSROM_KICK)) 1370 break; 1371 run_delay(sc, 2); 1372 } 1373 if (ntries == 100) 1374 return (ETIMEDOUT); 1375 1376 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1377 *val = 0xffff; /* address not found */ 1378 return (0); 1379 } 1380 /* determine to which 32-bit register our 16-bit word belongs */ 1381 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1382 if ((error = run_read(sc, reg, &tmp)) != 0) 1383 return (error); 1384 1385 tmp >>= (8 * (addr & 0x3)); 1386 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1387 1388 return (0); 1389 } 1390 1391 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1392 static int 1393 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1394 { 1395 return (run_efuse_read(sc, addr, val, 2)); 1396 } 1397 1398 static int 1399 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1400 { 1401 usb_device_request_t req; 1402 uint16_t tmp; 1403 int error; 1404 1405 addr *= 2; 1406 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1407 req.bRequest = RT2870_EEPROM_READ; 1408 USETW(req.wValue, 0); 1409 USETW(req.wIndex, addr); 1410 USETW(req.wLength, sizeof(tmp)); 1411 1412 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp); 1413 if (error == 0) 1414 *val = le16toh(tmp); 1415 else 1416 *val = 0xffff; 1417 return (error); 1418 } 1419 1420 static __inline int 1421 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1422 { 1423 /* either eFUSE ROM or EEPROM */ 1424 return sc->sc_srom_read(sc, addr, val); 1425 } 1426 1427 static int 1428 run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1429 { 1430 uint32_t tmp; 1431 int error, ntries; 1432 1433 for (ntries = 0; ntries < 10; ntries++) { 1434 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1435 return (error); 1436 if (!(tmp & RT2860_RF_REG_CTRL)) 1437 break; 1438 } 1439 if (ntries == 10) 1440 return (ETIMEDOUT); 1441 1442 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1443 } 1444 1445 static int 1446 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1447 { 1448 uint32_t tmp; 1449 int error, ntries; 1450 1451 for (ntries = 0; ntries < 100; ntries++) { 1452 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1453 return (error); 1454 if (!(tmp & RT3070_RF_KICK)) 1455 break; 1456 } 1457 if (ntries == 100) 1458 return (ETIMEDOUT); 1459 1460 tmp = RT3070_RF_KICK | reg << 8; 1461 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1462 return (error); 1463 1464 for (ntries = 0; ntries < 100; ntries++) { 1465 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1466 return (error); 1467 if (!(tmp & RT3070_RF_KICK)) 1468 break; 1469 } 1470 if (ntries == 100) 1471 return (ETIMEDOUT); 1472 1473 *val = tmp & 0xff; 1474 return (0); 1475 } 1476 1477 static int 1478 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1479 { 1480 uint32_t tmp; 1481 int error, ntries; 1482 1483 for (ntries = 0; ntries < 10; ntries++) { 1484 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1485 return (error); 1486 if (!(tmp & RT3070_RF_KICK)) 1487 break; 1488 } 1489 if (ntries == 10) 1490 return (ETIMEDOUT); 1491 1492 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1493 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1494 } 1495 1496 static int 1497 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1498 { 1499 uint32_t tmp; 1500 int ntries, error; 1501 1502 for (ntries = 0; ntries < 10; ntries++) { 1503 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1504 return (error); 1505 if (!(tmp & RT2860_BBP_CSR_KICK)) 1506 break; 1507 } 1508 if (ntries == 10) 1509 return (ETIMEDOUT); 1510 1511 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1512 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1513 return (error); 1514 1515 for (ntries = 0; ntries < 10; ntries++) { 1516 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1517 return (error); 1518 if (!(tmp & RT2860_BBP_CSR_KICK)) 1519 break; 1520 } 1521 if (ntries == 10) 1522 return (ETIMEDOUT); 1523 1524 *val = tmp & 0xff; 1525 return (0); 1526 } 1527 1528 static int 1529 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1530 { 1531 uint32_t tmp; 1532 int ntries, error; 1533 1534 for (ntries = 0; ntries < 10; ntries++) { 1535 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1536 return (error); 1537 if (!(tmp & RT2860_BBP_CSR_KICK)) 1538 break; 1539 } 1540 if (ntries == 10) 1541 return (ETIMEDOUT); 1542 1543 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1544 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1545 } 1546 1547 /* 1548 * Send a command to the 8051 microcontroller unit. 1549 */ 1550 static int 1551 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1552 { 1553 uint32_t tmp; 1554 int error, ntries; 1555 1556 for (ntries = 0; ntries < 100; ntries++) { 1557 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1558 return error; 1559 if (!(tmp & RT2860_H2M_BUSY)) 1560 break; 1561 } 1562 if (ntries == 100) 1563 return ETIMEDOUT; 1564 1565 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1566 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1567 error = run_write(sc, RT2860_HOST_CMD, cmd); 1568 return (error); 1569 } 1570 1571 /* 1572 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1573 * Used to adjust per-rate Tx power registers. 1574 */ 1575 static __inline uint32_t 1576 b4inc(uint32_t b32, int8_t delta) 1577 { 1578 int8_t i, b4; 1579 1580 for (i = 0; i < 8; i++) { 1581 b4 = b32 & 0xf; 1582 b4 += delta; 1583 if (b4 < 0) 1584 b4 = 0; 1585 else if (b4 > 0xf) 1586 b4 = 0xf; 1587 b32 = b32 >> 4 | b4 << 28; 1588 } 1589 return (b32); 1590 } 1591 1592 static const char * 1593 run_get_rf(uint16_t rev) 1594 { 1595 switch (rev) { 1596 case RT2860_RF_2820: return "RT2820"; 1597 case RT2860_RF_2850: return "RT2850"; 1598 case RT2860_RF_2720: return "RT2720"; 1599 case RT2860_RF_2750: return "RT2750"; 1600 case RT3070_RF_3020: return "RT3020"; 1601 case RT3070_RF_2020: return "RT2020"; 1602 case RT3070_RF_3021: return "RT3021"; 1603 case RT3070_RF_3022: return "RT3022"; 1604 case RT3070_RF_3052: return "RT3052"; 1605 case RT3593_RF_3053: return "RT3053"; 1606 case RT5592_RF_5592: return "RT5592"; 1607 case RT5390_RF_5370: return "RT5370"; 1608 case RT5390_RF_5372: return "RT5372"; 1609 } 1610 return ("unknown"); 1611 } 1612 1613 static void 1614 run_rt3593_get_txpower(struct run_softc *sc) 1615 { 1616 uint16_t addr, val; 1617 int i; 1618 1619 /* Read power settings for 2GHz channels. */ 1620 for (i = 0; i < 14; i += 2) { 1621 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1622 RT2860_EEPROM_PWR2GHZ_BASE1; 1623 run_srom_read(sc, addr + i / 2, &val); 1624 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1625 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1626 1627 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1628 RT2860_EEPROM_PWR2GHZ_BASE2; 1629 run_srom_read(sc, addr + i / 2, &val); 1630 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1631 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1632 1633 if (sc->ntxchains == 3) { 1634 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1635 &val); 1636 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1637 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1638 } 1639 } 1640 /* Fix broken Tx power entries. */ 1641 for (i = 0; i < 14; i++) { 1642 if (sc->txpow1[i] > 31) 1643 sc->txpow1[i] = 5; 1644 if (sc->txpow2[i] > 31) 1645 sc->txpow2[i] = 5; 1646 if (sc->ntxchains == 3) { 1647 if (sc->txpow3[i] > 31) 1648 sc->txpow3[i] = 5; 1649 } 1650 } 1651 /* Read power settings for 5GHz channels. */ 1652 for (i = 0; i < 40; i += 2) { 1653 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1654 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1655 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1656 1657 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1658 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1659 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1660 1661 if (sc->ntxchains == 3) { 1662 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1663 &val); 1664 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1665 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1666 } 1667 } 1668 } 1669 1670 static void 1671 run_get_txpower(struct run_softc *sc) 1672 { 1673 uint16_t val; 1674 int i; 1675 1676 /* Read power settings for 2GHz channels. */ 1677 for (i = 0; i < 14; i += 2) { 1678 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1679 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1680 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1681 1682 if (sc->mac_ver != 0x5390) { 1683 run_srom_read(sc, 1684 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1685 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1686 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1687 } 1688 } 1689 /* Fix broken Tx power entries. */ 1690 for (i = 0; i < 14; i++) { 1691 if (sc->mac_ver >= 0x5390) { 1692 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1693 sc->txpow1[i] = 5; 1694 } else { 1695 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1696 sc->txpow1[i] = 5; 1697 } 1698 if (sc->mac_ver > 0x5390) { 1699 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1700 sc->txpow2[i] = 5; 1701 } else if (sc->mac_ver < 0x5390) { 1702 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1703 sc->txpow2[i] = 5; 1704 } 1705 DPRINTF("chan %d: power1=%d, power2=%d\n", 1706 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1707 } 1708 /* Read power settings for 5GHz channels. */ 1709 for (i = 0; i < 40; i += 2) { 1710 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1711 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1712 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1713 1714 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1715 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1716 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1717 } 1718 /* Fix broken Tx power entries. */ 1719 for (i = 0; i < 40; i++ ) { 1720 if (sc->mac_ver != 0x5592) { 1721 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1722 sc->txpow1[14 + i] = 5; 1723 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1724 sc->txpow2[14 + i] = 5; 1725 } 1726 DPRINTF("chan %d: power1=%d, power2=%d\n", 1727 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1728 sc->txpow2[14 + i]); 1729 } 1730 } 1731 1732 static int 1733 run_read_eeprom(struct run_softc *sc) 1734 { 1735 int8_t delta_2ghz, delta_5ghz; 1736 uint32_t tmp; 1737 uint16_t val; 1738 int ridx, ant, i; 1739 1740 /* check whether the ROM is eFUSE ROM or EEPROM */ 1741 sc->sc_srom_read = run_eeprom_read_2; 1742 if (sc->mac_ver >= 0x3070) { 1743 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1744 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1745 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593) 1746 sc->sc_srom_read = run_efuse_read_2; 1747 } 1748 1749 /* read ROM version */ 1750 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1751 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1752 1753 /* read MAC address */ 1754 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1755 sc->sc_bssid[0] = val & 0xff; 1756 sc->sc_bssid[1] = val >> 8; 1757 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1758 sc->sc_bssid[2] = val & 0xff; 1759 sc->sc_bssid[3] = val >> 8; 1760 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1761 sc->sc_bssid[4] = val & 0xff; 1762 sc->sc_bssid[5] = val >> 8; 1763 1764 if (sc->mac_ver < 0x3593) { 1765 /* read vender BBP settings */ 1766 for (i = 0; i < 10; i++) { 1767 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1768 sc->bbp[i].val = val & 0xff; 1769 sc->bbp[i].reg = val >> 8; 1770 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1771 sc->bbp[i].val); 1772 } 1773 if (sc->mac_ver >= 0x3071) { 1774 /* read vendor RF settings */ 1775 for (i = 0; i < 10; i++) { 1776 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1777 &val); 1778 sc->rf[i].val = val & 0xff; 1779 sc->rf[i].reg = val >> 8; 1780 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1781 sc->rf[i].val); 1782 } 1783 } 1784 } 1785 1786 /* read RF frequency offset from EEPROM */ 1787 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1788 RT3593_EEPROM_FREQ, &val); 1789 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1790 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1791 1792 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1793 RT3593_EEPROM_FREQ_LEDS, &val); 1794 if (val >> 8 != 0xff) { 1795 /* read LEDs operating mode */ 1796 sc->leds = val >> 8; 1797 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1798 RT3593_EEPROM_LED1, &sc->led[0]); 1799 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1800 RT3593_EEPROM_LED2, &sc->led[1]); 1801 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1802 RT3593_EEPROM_LED3, &sc->led[2]); 1803 } else { 1804 /* broken EEPROM, use default settings */ 1805 sc->leds = 0x01; 1806 sc->led[0] = 0x5555; 1807 sc->led[1] = 0x2221; 1808 sc->led[2] = 0x5627; /* differs from RT2860 */ 1809 } 1810 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1811 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1812 1813 /* read RF information */ 1814 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1815 run_srom_read(sc, 0x00, &val); 1816 else 1817 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1818 1819 if (val == 0xffff) { 1820 device_printf(sc->sc_dev, 1821 "invalid EEPROM antenna info, using default\n"); 1822 DPRINTF("invalid EEPROM antenna info, using default\n"); 1823 if (sc->mac_ver == 0x3572) { 1824 /* default to RF3052 2T2R */ 1825 sc->rf_rev = RT3070_RF_3052; 1826 sc->ntxchains = 2; 1827 sc->nrxchains = 2; 1828 } else if (sc->mac_ver >= 0x3070) { 1829 /* default to RF3020 1T1R */ 1830 sc->rf_rev = RT3070_RF_3020; 1831 sc->ntxchains = 1; 1832 sc->nrxchains = 1; 1833 } else { 1834 /* default to RF2820 1T2R */ 1835 sc->rf_rev = RT2860_RF_2820; 1836 sc->ntxchains = 1; 1837 sc->nrxchains = 2; 1838 } 1839 } else { 1840 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1841 sc->rf_rev = val; 1842 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1843 } else 1844 sc->rf_rev = (val >> 8) & 0xf; 1845 sc->ntxchains = (val >> 4) & 0xf; 1846 sc->nrxchains = val & 0xf; 1847 } 1848 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1849 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1850 1851 /* check if RF supports automatic Tx access gain control */ 1852 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1853 DPRINTF("EEPROM CFG 0x%04x\n", val); 1854 /* check if driver should patch the DAC issue */ 1855 if ((val >> 8) != 0xff) 1856 sc->patch_dac = (val >> 15) & 1; 1857 if ((val & 0xff) != 0xff) { 1858 sc->ext_5ghz_lna = (val >> 3) & 1; 1859 sc->ext_2ghz_lna = (val >> 2) & 1; 1860 /* check if RF supports automatic Tx access gain control */ 1861 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1862 /* check if we have a hardware radio switch */ 1863 sc->rfswitch = val & 1; 1864 } 1865 1866 /* Read Tx power settings. */ 1867 if (sc->mac_ver == 0x3593) 1868 run_rt3593_get_txpower(sc); 1869 else 1870 run_get_txpower(sc); 1871 1872 /* read Tx power compensation for each Tx rate */ 1873 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1874 delta_2ghz = delta_5ghz = 0; 1875 if ((val & 0xff) != 0xff && (val & 0x80)) { 1876 delta_2ghz = val & 0xf; 1877 if (!(val & 0x40)) /* negative number */ 1878 delta_2ghz = -delta_2ghz; 1879 } 1880 val >>= 8; 1881 if ((val & 0xff) != 0xff && (val & 0x80)) { 1882 delta_5ghz = val & 0xf; 1883 if (!(val & 0x40)) /* negative number */ 1884 delta_5ghz = -delta_5ghz; 1885 } 1886 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1887 delta_2ghz, delta_5ghz); 1888 1889 for (ridx = 0; ridx < 5; ridx++) { 1890 uint32_t reg; 1891 1892 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1893 reg = val; 1894 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1895 reg |= (uint32_t)val << 16; 1896 1897 sc->txpow20mhz[ridx] = reg; 1898 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1899 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1900 1901 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1902 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1903 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1904 } 1905 1906 /* Read RSSI offsets and LNA gains from EEPROM. */ 1907 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1908 RT3593_EEPROM_RSSI1_2GHZ, &val); 1909 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1910 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1911 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1912 RT3593_EEPROM_RSSI2_2GHZ, &val); 1913 if (sc->mac_ver >= 0x3070) { 1914 if (sc->mac_ver == 0x3593) { 1915 sc->txmixgain_2ghz = 0; 1916 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1917 } else { 1918 /* 1919 * On RT3070 chips (limited to 2 Rx chains), this ROM 1920 * field contains the Tx mixer gain for the 2GHz band. 1921 */ 1922 if ((val & 0xff) != 0xff) 1923 sc->txmixgain_2ghz = val & 0x7; 1924 } 1925 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1926 } else 1927 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1928 if (sc->mac_ver == 0x3593) 1929 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1930 sc->lna[2] = val >> 8; /* channel group 2 */ 1931 1932 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1933 RT3593_EEPROM_RSSI1_5GHZ, &val); 1934 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1935 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1936 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1937 RT3593_EEPROM_RSSI2_5GHZ, &val); 1938 if (sc->mac_ver == 0x3572) { 1939 /* 1940 * On RT3572 chips (limited to 2 Rx chains), this ROM 1941 * field contains the Tx mixer gain for the 5GHz band. 1942 */ 1943 if ((val & 0xff) != 0xff) 1944 sc->txmixgain_5ghz = val & 0x7; 1945 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1946 } else 1947 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1948 if (sc->mac_ver == 0x3593) { 1949 sc->txmixgain_5ghz = 0; 1950 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1951 } 1952 sc->lna[3] = val >> 8; /* channel group 3 */ 1953 1954 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1955 RT3593_EEPROM_LNA, &val); 1956 sc->lna[0] = val & 0xff; /* channel group 0 */ 1957 sc->lna[1] = val >> 8; /* channel group 1 */ 1958 1959 /* fix broken 5GHz LNA entries */ 1960 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1961 DPRINTF("invalid LNA for channel group %d\n", 2); 1962 sc->lna[2] = sc->lna[1]; 1963 } 1964 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1965 DPRINTF("invalid LNA for channel group %d\n", 3); 1966 sc->lna[3] = sc->lna[1]; 1967 } 1968 1969 /* fix broken RSSI offset entries */ 1970 for (ant = 0; ant < 3; ant++) { 1971 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1972 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1973 ant + 1, sc->rssi_2ghz[ant]); 1974 sc->rssi_2ghz[ant] = 0; 1975 } 1976 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1977 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1978 ant + 1, sc->rssi_5ghz[ant]); 1979 sc->rssi_5ghz[ant] = 0; 1980 } 1981 } 1982 return (0); 1983 } 1984 1985 static struct ieee80211_node * 1986 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1987 { 1988 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1989 } 1990 1991 static int 1992 run_media_change(struct ifnet *ifp) 1993 { 1994 struct ieee80211vap *vap = ifp->if_softc; 1995 struct ieee80211com *ic = vap->iv_ic; 1996 const struct ieee80211_txparam *tp; 1997 struct run_softc *sc = ic->ic_ifp->if_softc; 1998 uint8_t rate, ridx; 1999 int error; 2000 2001 RUN_LOCK(sc); 2002 2003 error = ieee80211_media_change(ifp); 2004 if (error != ENETRESET) { 2005 RUN_UNLOCK(sc); 2006 return (error); 2007 } 2008 2009 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2010 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2011 struct ieee80211_node *ni; 2012 struct run_node *rn; 2013 2014 rate = ic->ic_sup_rates[ic->ic_curmode]. 2015 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2016 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2017 if (rt2860_rates[ridx].rate == rate) 2018 break; 2019 ni = ieee80211_ref_node(vap->iv_bss); 2020 rn = (struct run_node *)ni; 2021 rn->fix_ridx = ridx; 2022 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2023 ieee80211_free_node(ni); 2024 } 2025 2026 #if 0 2027 if ((ifp->if_flags & IFF_UP) && 2028 (ifp->if_drv_flags & IFF_DRV_RUNNING)){ 2029 run_init_locked(sc); 2030 } 2031 #endif 2032 2033 RUN_UNLOCK(sc); 2034 2035 return (0); 2036 } 2037 2038 static int 2039 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2040 { 2041 const struct ieee80211_txparam *tp; 2042 struct ieee80211com *ic = vap->iv_ic; 2043 struct run_softc *sc = ic->ic_ifp->if_softc; 2044 struct run_vap *rvp = RUN_VAP(vap); 2045 enum ieee80211_state ostate; 2046 uint32_t sta[3]; 2047 uint32_t tmp; 2048 uint8_t ratectl; 2049 uint8_t restart_ratectl = 0; 2050 uint8_t bid = 1 << rvp->rvp_id; 2051 2052 ostate = vap->iv_state; 2053 DPRINTF("%s -> %s\n", 2054 ieee80211_state_name[ostate], 2055 ieee80211_state_name[nstate]); 2056 2057 IEEE80211_UNLOCK(ic); 2058 RUN_LOCK(sc); 2059 2060 ratectl = sc->ratectl_run; /* remember current state */ 2061 sc->ratectl_run = RUN_RATECTL_OFF; 2062 usb_callout_stop(&sc->ratectl_ch); 2063 2064 if (ostate == IEEE80211_S_RUN) { 2065 /* turn link LED off */ 2066 run_set_leds(sc, RT2860_LED_RADIO); 2067 } 2068 2069 switch (nstate) { 2070 case IEEE80211_S_INIT: 2071 restart_ratectl = 1; 2072 2073 if (ostate != IEEE80211_S_RUN) 2074 break; 2075 2076 ratectl &= ~bid; 2077 sc->runbmap &= ~bid; 2078 2079 /* abort TSF synchronization if there is no vap running */ 2080 if (--sc->running == 0) { 2081 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2082 run_write(sc, RT2860_BCN_TIME_CFG, 2083 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2084 RT2860_TBTT_TIMER_EN)); 2085 } 2086 break; 2087 2088 case IEEE80211_S_RUN: 2089 if (!(sc->runbmap & bid)) { 2090 if(sc->running++) 2091 restart_ratectl = 1; 2092 sc->runbmap |= bid; 2093 } 2094 2095 m_freem(rvp->beacon_mbuf); 2096 rvp->beacon_mbuf = NULL; 2097 2098 switch (vap->iv_opmode) { 2099 case IEEE80211_M_HOSTAP: 2100 case IEEE80211_M_MBSS: 2101 sc->ap_running |= bid; 2102 ic->ic_opmode = vap->iv_opmode; 2103 run_update_beacon_cb(vap); 2104 break; 2105 case IEEE80211_M_IBSS: 2106 sc->adhoc_running |= bid; 2107 if (!sc->ap_running) 2108 ic->ic_opmode = vap->iv_opmode; 2109 run_update_beacon_cb(vap); 2110 break; 2111 case IEEE80211_M_STA: 2112 sc->sta_running |= bid; 2113 if (!sc->ap_running && !sc->adhoc_running) 2114 ic->ic_opmode = vap->iv_opmode; 2115 2116 /* read statistic counters (clear on read) */ 2117 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2118 (uint8_t *)sta, sizeof sta); 2119 2120 break; 2121 default: 2122 ic->ic_opmode = vap->iv_opmode; 2123 break; 2124 } 2125 2126 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2127 struct ieee80211_node *ni; 2128 2129 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2130 RUN_UNLOCK(sc); 2131 IEEE80211_LOCK(ic); 2132 return (-1); 2133 } 2134 run_updateslot(ic->ic_ifp); 2135 run_enable_mrr(sc); 2136 run_set_txpreamble(sc); 2137 run_set_basicrates(sc); 2138 ni = ieee80211_ref_node(vap->iv_bss); 2139 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2140 run_set_bssid(sc, ni->ni_bssid); 2141 ieee80211_free_node(ni); 2142 run_enable_tsf_sync(sc); 2143 2144 /* enable automatic rate adaptation */ 2145 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2146 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2147 ratectl |= bid; 2148 } 2149 2150 /* turn link LED on */ 2151 run_set_leds(sc, RT2860_LED_RADIO | 2152 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2153 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2154 2155 break; 2156 default: 2157 DPRINTFN(6, "undefined case\n"); 2158 break; 2159 } 2160 2161 /* restart amrr for running VAPs */ 2162 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2163 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2164 2165 RUN_UNLOCK(sc); 2166 IEEE80211_LOCK(ic); 2167 2168 return(rvp->newstate(vap, nstate, arg)); 2169 } 2170 2171 /* ARGSUSED */ 2172 static void 2173 run_wme_update_cb(void *arg) 2174 { 2175 struct ieee80211com *ic = arg; 2176 struct run_softc *sc = ic->ic_ifp->if_softc; 2177 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2178 int aci, error = 0; 2179 2180 RUN_LOCK_ASSERT(sc, MA_OWNED); 2181 2182 /* update MAC TX configuration registers */ 2183 for (aci = 0; aci < WME_NUM_AC; aci++) { 2184 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2185 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2186 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2187 wmesp->wme_params[aci].wmep_aifsn << 8 | 2188 wmesp->wme_params[aci].wmep_txopLimit); 2189 if (error) goto err; 2190 } 2191 2192 /* update SCH/DMA registers too */ 2193 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2194 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2195 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2196 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2197 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2198 if (error) goto err; 2199 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2200 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2201 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2202 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2203 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2204 if (error) goto err; 2205 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2206 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2207 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2208 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2209 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2210 if (error) goto err; 2211 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2212 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2213 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2214 if (error) goto err; 2215 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2216 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2217 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2218 2219 err: 2220 if (error) 2221 DPRINTF("WME update failed\n"); 2222 2223 return; 2224 } 2225 2226 static int 2227 run_wme_update(struct ieee80211com *ic) 2228 { 2229 struct run_softc *sc = ic->ic_ifp->if_softc; 2230 2231 /* sometime called wothout lock */ 2232 if (mtx_owned(&ic->ic_comlock.mtx)) { 2233 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2234 DPRINTF("cmdq_store=%d\n", i); 2235 sc->cmdq[i].func = run_wme_update_cb; 2236 sc->cmdq[i].arg0 = ic; 2237 ieee80211_runtask(ic, &sc->cmdq_task); 2238 return (0); 2239 } 2240 2241 RUN_LOCK(sc); 2242 run_wme_update_cb(ic); 2243 RUN_UNLOCK(sc); 2244 2245 /* return whatever, upper layer desn't care anyway */ 2246 return (0); 2247 } 2248 2249 static void 2250 run_key_update_begin(struct ieee80211vap *vap) 2251 { 2252 /* 2253 * To avoid out-of-order events, both run_key_set() and 2254 * _delete() are deferred and handled by run_cmdq_cb(). 2255 * So, there is nothing we need to do here. 2256 */ 2257 } 2258 2259 static void 2260 run_key_update_end(struct ieee80211vap *vap) 2261 { 2262 /* null */ 2263 } 2264 2265 static void 2266 run_key_set_cb(void *arg) 2267 { 2268 struct run_cmdq *cmdq = arg; 2269 struct ieee80211vap *vap = cmdq->arg1; 2270 struct ieee80211_key *k = cmdq->k; 2271 struct ieee80211com *ic = vap->iv_ic; 2272 struct run_softc *sc = ic->ic_ifp->if_softc; 2273 struct ieee80211_node *ni; 2274 uint32_t attr; 2275 uint16_t base, associd; 2276 uint8_t mode, wcid, iv[8]; 2277 2278 RUN_LOCK_ASSERT(sc, MA_OWNED); 2279 2280 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2281 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2282 else 2283 ni = vap->iv_bss; 2284 associd = (ni != NULL) ? ni->ni_associd : 0; 2285 2286 /* map net80211 cipher to RT2860 security mode */ 2287 switch (k->wk_cipher->ic_cipher) { 2288 case IEEE80211_CIPHER_WEP: 2289 if(k->wk_keylen < 8) 2290 mode = RT2860_MODE_WEP40; 2291 else 2292 mode = RT2860_MODE_WEP104; 2293 break; 2294 case IEEE80211_CIPHER_TKIP: 2295 mode = RT2860_MODE_TKIP; 2296 break; 2297 case IEEE80211_CIPHER_AES_CCM: 2298 mode = RT2860_MODE_AES_CCMP; 2299 break; 2300 default: 2301 DPRINTF("undefined case\n"); 2302 return; 2303 } 2304 2305 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2306 associd, k->wk_keyix, mode, 2307 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2308 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2309 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2310 2311 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2312 wcid = 0; /* NB: update WCID0 for group keys */ 2313 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2314 } else { 2315 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2316 1 : RUN_AID2WCID(associd); 2317 base = RT2860_PKEY(wcid); 2318 } 2319 2320 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2321 if(run_write_region_1(sc, base, k->wk_key, 16)) 2322 return; 2323 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2324 return; 2325 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2326 return; 2327 } else { 2328 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2329 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2330 return; 2331 } 2332 2333 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2334 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2335 /* set initial packet number in IV+EIV */ 2336 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2337 memset(iv, 0, sizeof iv); 2338 iv[3] = vap->iv_def_txkey << 6; 2339 } else { 2340 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2341 iv[0] = k->wk_keytsc >> 8; 2342 iv[1] = (iv[0] | 0x20) & 0x7f; 2343 iv[2] = k->wk_keytsc; 2344 } else /* CCMP */ { 2345 iv[0] = k->wk_keytsc; 2346 iv[1] = k->wk_keytsc >> 8; 2347 iv[2] = 0; 2348 } 2349 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2350 iv[4] = k->wk_keytsc >> 16; 2351 iv[5] = k->wk_keytsc >> 24; 2352 iv[6] = k->wk_keytsc >> 32; 2353 iv[7] = k->wk_keytsc >> 40; 2354 } 2355 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2356 return; 2357 } 2358 2359 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2360 /* install group key */ 2361 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2362 return; 2363 attr &= ~(0xf << (k->wk_keyix * 4)); 2364 attr |= mode << (k->wk_keyix * 4); 2365 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2366 return; 2367 } else { 2368 /* install pairwise key */ 2369 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2370 return; 2371 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2372 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2373 return; 2374 } 2375 2376 /* TODO create a pass-thru key entry? */ 2377 2378 /* need wcid to delete the right key later */ 2379 k->wk_pad = wcid; 2380 } 2381 2382 /* 2383 * Don't have to be deferred, but in order to keep order of 2384 * execution, i.e. with run_key_delete(), defer this and let 2385 * run_cmdq_cb() maintain the order. 2386 * 2387 * return 0 on error 2388 */ 2389 static int 2390 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2391 const uint8_t mac[IEEE80211_ADDR_LEN]) 2392 { 2393 struct ieee80211com *ic = vap->iv_ic; 2394 struct run_softc *sc = ic->ic_ifp->if_softc; 2395 uint32_t i; 2396 2397 i = RUN_CMDQ_GET(&sc->cmdq_store); 2398 DPRINTF("cmdq_store=%d\n", i); 2399 sc->cmdq[i].func = run_key_set_cb; 2400 sc->cmdq[i].arg0 = NULL; 2401 sc->cmdq[i].arg1 = vap; 2402 sc->cmdq[i].k = k; 2403 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2404 ieee80211_runtask(ic, &sc->cmdq_task); 2405 2406 /* 2407 * To make sure key will be set when hostapd 2408 * calls iv_key_set() before if_init(). 2409 */ 2410 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2411 RUN_LOCK(sc); 2412 sc->cmdq_key_set = RUN_CMDQ_GO; 2413 RUN_UNLOCK(sc); 2414 } 2415 2416 return (1); 2417 } 2418 2419 /* 2420 * If wlan is destroyed without being brought down i.e. without 2421 * wlan down or wpa_cli terminate, this function is called after 2422 * vap is gone. Don't refer it. 2423 */ 2424 static void 2425 run_key_delete_cb(void *arg) 2426 { 2427 struct run_cmdq *cmdq = arg; 2428 struct run_softc *sc = cmdq->arg1; 2429 struct ieee80211_key *k = &cmdq->key; 2430 uint32_t attr; 2431 uint8_t wcid; 2432 2433 RUN_LOCK_ASSERT(sc, MA_OWNED); 2434 2435 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2436 /* remove group key */ 2437 DPRINTF("removing group key\n"); 2438 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2439 attr &= ~(0xf << (k->wk_keyix * 4)); 2440 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2441 } else { 2442 /* remove pairwise key */ 2443 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2444 /* matching wcid was written to wk_pad in run_key_set() */ 2445 wcid = k->wk_pad; 2446 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2447 attr &= ~0xf; 2448 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2449 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2450 } 2451 2452 k->wk_pad = 0; 2453 } 2454 2455 /* 2456 * return 0 on error 2457 */ 2458 static int 2459 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2460 { 2461 struct ieee80211com *ic = vap->iv_ic; 2462 struct run_softc *sc = ic->ic_ifp->if_softc; 2463 struct ieee80211_key *k0; 2464 uint32_t i; 2465 2466 /* 2467 * When called back, key might be gone. So, make a copy 2468 * of some values need to delete keys before deferring. 2469 * But, because of LOR with node lock, cannot use lock here. 2470 * So, use atomic instead. 2471 */ 2472 i = RUN_CMDQ_GET(&sc->cmdq_store); 2473 DPRINTF("cmdq_store=%d\n", i); 2474 sc->cmdq[i].func = run_key_delete_cb; 2475 sc->cmdq[i].arg0 = NULL; 2476 sc->cmdq[i].arg1 = sc; 2477 k0 = &sc->cmdq[i].key; 2478 k0->wk_flags = k->wk_flags; 2479 k0->wk_keyix = k->wk_keyix; 2480 /* matching wcid was written to wk_pad in run_key_set() */ 2481 k0->wk_pad = k->wk_pad; 2482 ieee80211_runtask(ic, &sc->cmdq_task); 2483 return (1); /* return fake success */ 2484 2485 } 2486 2487 static void 2488 run_ratectl_to(void *arg) 2489 { 2490 struct run_softc *sc = arg; 2491 2492 /* do it in a process context, so it can go sleep */ 2493 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2494 /* next timeout will be rescheduled in the callback task */ 2495 } 2496 2497 /* ARGSUSED */ 2498 static void 2499 run_ratectl_cb(void *arg, int pending) 2500 { 2501 struct run_softc *sc = arg; 2502 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2503 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2504 2505 if (vap == NULL) 2506 return; 2507 2508 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA) 2509 run_iter_func(sc, vap->iv_bss); 2510 else { 2511 /* 2512 * run_reset_livelock() doesn't do anything with AMRR, 2513 * but Ralink wants us to call it every 1 sec. So, we 2514 * piggyback here rather than creating another callout. 2515 * Livelock may occur only in HOSTAP or IBSS mode 2516 * (when h/w is sending beacons). 2517 */ 2518 RUN_LOCK(sc); 2519 run_reset_livelock(sc); 2520 /* just in case, there are some stats to drain */ 2521 run_drain_fifo(sc); 2522 RUN_UNLOCK(sc); 2523 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2524 } 2525 2526 RUN_LOCK(sc); 2527 if(sc->ratectl_run != RUN_RATECTL_OFF) 2528 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2529 RUN_UNLOCK(sc); 2530 } 2531 2532 static void 2533 run_drain_fifo(void *arg) 2534 { 2535 struct run_softc *sc = arg; 2536 struct ifnet *ifp = sc->sc_ifp; 2537 uint32_t stat; 2538 uint16_t (*wstat)[3]; 2539 uint8_t wcid, mcs, pid; 2540 int8_t retry; 2541 2542 RUN_LOCK_ASSERT(sc, MA_OWNED); 2543 2544 for (;;) { 2545 /* drain Tx status FIFO (maxsize = 16) */ 2546 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2547 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2548 if (!(stat & RT2860_TXQ_VLD)) 2549 break; 2550 2551 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2552 2553 /* if no ACK was requested, no feedback is available */ 2554 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2555 wcid == 0) 2556 continue; 2557 2558 /* 2559 * Even though each stat is Tx-complete-status like format, 2560 * the device can poll stats. Because there is no guarantee 2561 * that the referring node is still around when read the stats. 2562 * So that, if we use ieee80211_ratectl_tx_update(), we will 2563 * have hard time not to refer already freed node. 2564 * 2565 * To eliminate such page faults, we poll stats in softc. 2566 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2567 */ 2568 wstat = &(sc->wcid_stats[wcid]); 2569 (*wstat)[RUN_TXCNT]++; 2570 if (stat & RT2860_TXQ_OK) 2571 (*wstat)[RUN_SUCCESS]++; 2572 else 2573 ifp->if_oerrors++; 2574 /* 2575 * Check if there were retries, ie if the Tx success rate is 2576 * different from the requested rate. Note that it works only 2577 * because we do not allow rate fallback from OFDM to CCK. 2578 */ 2579 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2580 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2581 if ((retry = pid -1 - mcs) > 0) { 2582 (*wstat)[RUN_TXCNT] += retry; 2583 (*wstat)[RUN_RETRY] += retry; 2584 } 2585 } 2586 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2587 2588 sc->fifo_cnt = 0; 2589 } 2590 2591 static void 2592 run_iter_func(void *arg, struct ieee80211_node *ni) 2593 { 2594 struct run_softc *sc = arg; 2595 struct ieee80211vap *vap = ni->ni_vap; 2596 struct ieee80211com *ic = ni->ni_ic; 2597 struct ifnet *ifp = ic->ic_ifp; 2598 struct run_node *rn = (void *)ni; 2599 union run_stats sta[2]; 2600 uint16_t (*wstat)[3]; 2601 int txcnt, success, retrycnt, error; 2602 2603 RUN_LOCK(sc); 2604 2605 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2606 vap->iv_opmode == IEEE80211_M_STA)) { 2607 /* read statistic counters (clear on read) and update AMRR state */ 2608 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2609 sizeof sta); 2610 if (error != 0) 2611 goto fail; 2612 2613 /* count failed TX as errors */ 2614 ifp->if_oerrors += le16toh(sta[0].error.fail); 2615 2616 retrycnt = le16toh(sta[1].tx.retry); 2617 success = le16toh(sta[1].tx.success); 2618 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2619 2620 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2621 retrycnt, success, le16toh(sta[0].error.fail)); 2622 } else { 2623 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2624 2625 if (wstat == &(sc->wcid_stats[0]) || 2626 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2627 goto fail; 2628 2629 txcnt = (*wstat)[RUN_TXCNT]; 2630 success = (*wstat)[RUN_SUCCESS]; 2631 retrycnt = (*wstat)[RUN_RETRY]; 2632 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2633 retrycnt, txcnt, success); 2634 2635 memset(wstat, 0, sizeof(*wstat)); 2636 } 2637 2638 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2639 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2640 2641 fail: 2642 RUN_UNLOCK(sc); 2643 2644 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2645 } 2646 2647 static void 2648 run_newassoc_cb(void *arg) 2649 { 2650 struct run_cmdq *cmdq = arg; 2651 struct ieee80211_node *ni = cmdq->arg1; 2652 struct run_softc *sc = ni->ni_vap->iv_ic->ic_ifp->if_softc; 2653 uint8_t wcid = cmdq->wcid; 2654 2655 RUN_LOCK_ASSERT(sc, MA_OWNED); 2656 2657 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2658 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2659 2660 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2661 } 2662 2663 static void 2664 run_newassoc(struct ieee80211_node *ni, int isnew) 2665 { 2666 struct run_node *rn = (void *)ni; 2667 struct ieee80211_rateset *rs = &ni->ni_rates; 2668 struct ieee80211vap *vap = ni->ni_vap; 2669 struct ieee80211com *ic = vap->iv_ic; 2670 struct run_softc *sc = ic->ic_ifp->if_softc; 2671 uint8_t rate; 2672 uint8_t ridx; 2673 uint8_t wcid; 2674 int i, j; 2675 2676 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2677 1 : RUN_AID2WCID(ni->ni_associd); 2678 2679 if (wcid > RT2870_WCID_MAX) { 2680 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2681 return; 2682 } 2683 2684 /* only interested in true associations */ 2685 if (isnew && ni->ni_associd != 0) { 2686 2687 /* 2688 * This function could is called though timeout function. 2689 * Need to defer. 2690 */ 2691 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2692 DPRINTF("cmdq_store=%d\n", cnt); 2693 sc->cmdq[cnt].func = run_newassoc_cb; 2694 sc->cmdq[cnt].arg0 = NULL; 2695 sc->cmdq[cnt].arg1 = ni; 2696 sc->cmdq[cnt].wcid = wcid; 2697 ieee80211_runtask(ic, &sc->cmdq_task); 2698 } 2699 2700 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2701 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr)); 2702 2703 for (i = 0; i < rs->rs_nrates; i++) { 2704 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2705 /* convert 802.11 rate to hardware rate index */ 2706 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2707 if (rt2860_rates[ridx].rate == rate) 2708 break; 2709 rn->ridx[i] = ridx; 2710 /* determine rate of control response frames */ 2711 for (j = i; j >= 0; j--) { 2712 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2713 rt2860_rates[rn->ridx[i]].phy == 2714 rt2860_rates[rn->ridx[j]].phy) 2715 break; 2716 } 2717 if (j >= 0) { 2718 rn->ctl_ridx[i] = rn->ridx[j]; 2719 } else { 2720 /* no basic rate found, use mandatory one */ 2721 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2722 } 2723 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2724 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2725 } 2726 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2727 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2728 if (rt2860_rates[ridx].rate == rate) 2729 break; 2730 rn->mgt_ridx = ridx; 2731 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2732 2733 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2734 } 2735 2736 /* 2737 * Return the Rx chain with the highest RSSI for a given frame. 2738 */ 2739 static __inline uint8_t 2740 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2741 { 2742 uint8_t rxchain = 0; 2743 2744 if (sc->nrxchains > 1) { 2745 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2746 rxchain = 1; 2747 if (sc->nrxchains > 2) 2748 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2749 rxchain = 2; 2750 } 2751 return (rxchain); 2752 } 2753 2754 static void 2755 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2756 { 2757 struct ifnet *ifp = sc->sc_ifp; 2758 struct ieee80211com *ic = ifp->if_l2com; 2759 struct ieee80211_frame *wh; 2760 struct ieee80211_node *ni; 2761 struct rt2870_rxd *rxd; 2762 struct rt2860_rxwi *rxwi; 2763 uint32_t flags; 2764 uint16_t len, rxwisize; 2765 uint8_t ant, rssi; 2766 int8_t nf; 2767 2768 rxwi = mtod(m, struct rt2860_rxwi *); 2769 len = le16toh(rxwi->len) & 0xfff; 2770 rxwisize = sizeof(struct rt2860_rxwi); 2771 if (sc->mac_ver == 0x5592) 2772 rxwisize += sizeof(uint64_t); 2773 else if (sc->mac_ver == 0x3593) 2774 rxwisize += sizeof(uint32_t); 2775 if (__predict_false(len > dmalen)) { 2776 m_freem(m); 2777 ifp->if_ierrors++; 2778 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2779 return; 2780 } 2781 /* Rx descriptor is located at the end */ 2782 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2783 flags = le32toh(rxd->flags); 2784 2785 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2786 m_freem(m); 2787 ifp->if_ierrors++; 2788 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2789 return; 2790 } 2791 2792 m->m_data += rxwisize; 2793 m->m_pkthdr.len = m->m_len -= rxwisize; 2794 2795 wh = mtod(m, struct ieee80211_frame *); 2796 2797 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2798 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2799 m->m_flags |= M_WEP; 2800 } 2801 2802 if (flags & RT2860_RX_L2PAD) { 2803 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2804 len += 2; 2805 } 2806 2807 ni = ieee80211_find_rxnode(ic, 2808 mtod(m, struct ieee80211_frame_min *)); 2809 2810 if (__predict_false(flags & RT2860_RX_MICERR)) { 2811 /* report MIC failures to net80211 for TKIP */ 2812 if (ni != NULL) 2813 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2814 rxwi->keyidx); 2815 m_freem(m); 2816 ifp->if_ierrors++; 2817 DPRINTF("MIC error. Someone is lying.\n"); 2818 return; 2819 } 2820 2821 ant = run_maxrssi_chain(sc, rxwi); 2822 rssi = rxwi->rssi[ant]; 2823 nf = run_rssi2dbm(sc, rssi, ant); 2824 2825 m->m_pkthdr.rcvif = ifp; 2826 m->m_pkthdr.len = m->m_len = len; 2827 2828 if (ni != NULL) { 2829 (void)ieee80211_input(ni, m, rssi, nf); 2830 ieee80211_free_node(ni); 2831 } else { 2832 (void)ieee80211_input_all(ic, m, rssi, nf); 2833 } 2834 2835 if (__predict_false(ieee80211_radiotap_active(ic))) { 2836 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2837 uint16_t phy; 2838 2839 tap->wr_flags = 0; 2840 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2841 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2842 tap->wr_antsignal = rssi; 2843 tap->wr_antenna = ant; 2844 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2845 tap->wr_rate = 2; /* in case it can't be found below */ 2846 phy = le16toh(rxwi->phy); 2847 switch (phy & RT2860_PHY_MODE) { 2848 case RT2860_PHY_CCK: 2849 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2850 case 0: tap->wr_rate = 2; break; 2851 case 1: tap->wr_rate = 4; break; 2852 case 2: tap->wr_rate = 11; break; 2853 case 3: tap->wr_rate = 22; break; 2854 } 2855 if (phy & RT2860_PHY_SHPRE) 2856 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2857 break; 2858 case RT2860_PHY_OFDM: 2859 switch (phy & RT2860_PHY_MCS) { 2860 case 0: tap->wr_rate = 12; break; 2861 case 1: tap->wr_rate = 18; break; 2862 case 2: tap->wr_rate = 24; break; 2863 case 3: tap->wr_rate = 36; break; 2864 case 4: tap->wr_rate = 48; break; 2865 case 5: tap->wr_rate = 72; break; 2866 case 6: tap->wr_rate = 96; break; 2867 case 7: tap->wr_rate = 108; break; 2868 } 2869 break; 2870 } 2871 } 2872 } 2873 2874 static void 2875 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2876 { 2877 struct run_softc *sc = usbd_xfer_softc(xfer); 2878 struct ifnet *ifp = sc->sc_ifp; 2879 struct mbuf *m = NULL; 2880 struct mbuf *m0; 2881 uint32_t dmalen; 2882 uint16_t rxwisize; 2883 int xferlen; 2884 2885 rxwisize = sizeof(struct rt2860_rxwi); 2886 if (sc->mac_ver == 0x5592) 2887 rxwisize += sizeof(uint64_t); 2888 else if (sc->mac_ver == 0x3593) 2889 rxwisize += sizeof(uint32_t); 2890 2891 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2892 2893 switch (USB_GET_STATE(xfer)) { 2894 case USB_ST_TRANSFERRED: 2895 2896 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2897 2898 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2899 sizeof(struct rt2870_rxd))) { 2900 DPRINTF("xfer too short %d\n", xferlen); 2901 goto tr_setup; 2902 } 2903 2904 m = sc->rx_m; 2905 sc->rx_m = NULL; 2906 2907 /* FALLTHROUGH */ 2908 case USB_ST_SETUP: 2909 tr_setup: 2910 if (sc->rx_m == NULL) { 2911 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2912 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2913 } 2914 if (sc->rx_m == NULL) { 2915 DPRINTF("could not allocate mbuf - idle with stall\n"); 2916 ifp->if_ierrors++; 2917 usbd_xfer_set_stall(xfer); 2918 usbd_xfer_set_frames(xfer, 0); 2919 } else { 2920 /* 2921 * Directly loading a mbuf cluster into DMA to 2922 * save some data copying. This works because 2923 * there is only one cluster. 2924 */ 2925 usbd_xfer_set_frame_data(xfer, 0, 2926 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2927 usbd_xfer_set_frames(xfer, 1); 2928 } 2929 usbd_transfer_submit(xfer); 2930 break; 2931 2932 default: /* Error */ 2933 if (error != USB_ERR_CANCELLED) { 2934 /* try to clear stall first */ 2935 usbd_xfer_set_stall(xfer); 2936 2937 if (error == USB_ERR_TIMEOUT) 2938 device_printf(sc->sc_dev, "device timeout\n"); 2939 2940 ifp->if_ierrors++; 2941 2942 goto tr_setup; 2943 } 2944 if (sc->rx_m != NULL) { 2945 m_freem(sc->rx_m); 2946 sc->rx_m = NULL; 2947 } 2948 break; 2949 } 2950 2951 if (m == NULL) 2952 return; 2953 2954 /* inputting all the frames must be last */ 2955 2956 RUN_UNLOCK(sc); 2957 2958 m->m_pkthdr.len = m->m_len = xferlen; 2959 2960 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2961 for(;;) { 2962 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2963 2964 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2965 ((dmalen & 3) != 0)) { 2966 DPRINTF("bad DMA length %u\n", dmalen); 2967 break; 2968 } 2969 if ((dmalen + 8) > (uint32_t)xferlen) { 2970 DPRINTF("bad DMA length %u > %d\n", 2971 dmalen + 8, xferlen); 2972 break; 2973 } 2974 2975 /* If it is the last one or a single frame, we won't copy. */ 2976 if ((xferlen -= dmalen + 8) <= 8) { 2977 /* trim 32-bit DMA-len header */ 2978 m->m_data += 4; 2979 m->m_pkthdr.len = m->m_len -= 4; 2980 run_rx_frame(sc, m, dmalen); 2981 m = NULL; /* don't free source buffer */ 2982 break; 2983 } 2984 2985 /* copy aggregated frames to another mbuf */ 2986 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 2987 if (__predict_false(m0 == NULL)) { 2988 DPRINTF("could not allocate mbuf\n"); 2989 ifp->if_ierrors++; 2990 break; 2991 } 2992 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 2993 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 2994 m0->m_pkthdr.len = m0->m_len = 2995 dmalen + sizeof(struct rt2870_rxd); 2996 run_rx_frame(sc, m0, dmalen); 2997 2998 /* update data ptr */ 2999 m->m_data += dmalen + 8; 3000 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3001 } 3002 3003 /* make sure we free the source buffer, if any */ 3004 m_freem(m); 3005 3006 RUN_LOCK(sc); 3007 } 3008 3009 static void 3010 run_tx_free(struct run_endpoint_queue *pq, 3011 struct run_tx_data *data, int txerr) 3012 { 3013 if (data->m != NULL) { 3014 if (data->m->m_flags & M_TXCB) 3015 ieee80211_process_callback(data->ni, data->m, 3016 txerr ? ETIMEDOUT : 0); 3017 m_freem(data->m); 3018 data->m = NULL; 3019 3020 if (data->ni == NULL) { 3021 DPRINTF("no node\n"); 3022 } else { 3023 ieee80211_free_node(data->ni); 3024 data->ni = NULL; 3025 } 3026 } 3027 3028 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3029 pq->tx_nfree++; 3030 } 3031 3032 static void 3033 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3034 { 3035 struct run_softc *sc = usbd_xfer_softc(xfer); 3036 struct ifnet *ifp = sc->sc_ifp; 3037 struct ieee80211com *ic = ifp->if_l2com; 3038 struct run_tx_data *data; 3039 struct ieee80211vap *vap = NULL; 3040 struct usb_page_cache *pc; 3041 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3042 struct mbuf *m; 3043 usb_frlength_t size; 3044 int actlen; 3045 int sumlen; 3046 3047 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3048 3049 switch (USB_GET_STATE(xfer)) { 3050 case USB_ST_TRANSFERRED: 3051 DPRINTFN(11, "transfer complete: %d " 3052 "bytes @ index %d\n", actlen, index); 3053 3054 data = usbd_xfer_get_priv(xfer); 3055 3056 run_tx_free(pq, data, 0); 3057 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3058 3059 usbd_xfer_set_priv(xfer, NULL); 3060 3061 ifp->if_opackets++; 3062 3063 /* FALLTHROUGH */ 3064 case USB_ST_SETUP: 3065 tr_setup: 3066 data = STAILQ_FIRST(&pq->tx_qh); 3067 if (data == NULL) 3068 break; 3069 3070 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3071 3072 m = data->m; 3073 size = (sc->mac_ver == 0x5592) ? 3074 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3075 if ((m->m_pkthdr.len + 3076 size + 3 + 8) > RUN_MAX_TXSZ) { 3077 DPRINTF("data overflow, %u bytes\n", 3078 m->m_pkthdr.len); 3079 3080 ifp->if_oerrors++; 3081 3082 run_tx_free(pq, data, 1); 3083 3084 goto tr_setup; 3085 } 3086 3087 pc = usbd_xfer_get_frame(xfer, 0); 3088 usbd_copy_in(pc, 0, &data->desc, size); 3089 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3090 size += m->m_pkthdr.len; 3091 /* 3092 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3093 * 4-byte padding), and be sure to zero those trailing 3094 * bytes: 3095 */ 3096 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3097 size += ((-size) & 3) + 8; 3098 3099 vap = data->ni->ni_vap; 3100 if (ieee80211_radiotap_active_vap(vap)) { 3101 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3102 struct rt2860_txwi *txwi = 3103 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3104 tap->wt_flags = 0; 3105 tap->wt_rate = rt2860_rates[data->ridx].rate; 3106 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3107 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3108 tap->wt_hwqueue = index; 3109 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3110 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3111 3112 ieee80211_radiotap_tx(vap, m); 3113 } 3114 3115 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3116 m->m_pkthdr.len, size, index); 3117 3118 usbd_xfer_set_frame_len(xfer, 0, size); 3119 usbd_xfer_set_priv(xfer, data); 3120 3121 usbd_transfer_submit(xfer); 3122 3123 RUN_UNLOCK(sc); 3124 run_start(ifp); 3125 RUN_LOCK(sc); 3126 3127 break; 3128 3129 default: 3130 DPRINTF("USB transfer error, %s\n", 3131 usbd_errstr(error)); 3132 3133 data = usbd_xfer_get_priv(xfer); 3134 3135 ifp->if_oerrors++; 3136 3137 if (data != NULL) { 3138 if(data->ni != NULL) 3139 vap = data->ni->ni_vap; 3140 run_tx_free(pq, data, error); 3141 usbd_xfer_set_priv(xfer, NULL); 3142 } 3143 if (vap == NULL) 3144 vap = TAILQ_FIRST(&ic->ic_vaps); 3145 3146 if (error != USB_ERR_CANCELLED) { 3147 if (error == USB_ERR_TIMEOUT) { 3148 device_printf(sc->sc_dev, "device timeout\n"); 3149 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3150 DPRINTF("cmdq_store=%d\n", i); 3151 sc->cmdq[i].func = run_usb_timeout_cb; 3152 sc->cmdq[i].arg0 = vap; 3153 ieee80211_runtask(ic, &sc->cmdq_task); 3154 } 3155 3156 /* 3157 * Try to clear stall first, also if other 3158 * errors occur, hence clearing stall 3159 * introduces a 50 ms delay: 3160 */ 3161 usbd_xfer_set_stall(xfer); 3162 goto tr_setup; 3163 } 3164 break; 3165 } 3166 } 3167 3168 static void 3169 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3170 { 3171 run_bulk_tx_callbackN(xfer, error, 0); 3172 } 3173 3174 static void 3175 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3176 { 3177 run_bulk_tx_callbackN(xfer, error, 1); 3178 } 3179 3180 static void 3181 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3182 { 3183 run_bulk_tx_callbackN(xfer, error, 2); 3184 } 3185 3186 static void 3187 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3188 { 3189 run_bulk_tx_callbackN(xfer, error, 3); 3190 } 3191 3192 static void 3193 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3194 { 3195 run_bulk_tx_callbackN(xfer, error, 4); 3196 } 3197 3198 static void 3199 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3200 { 3201 run_bulk_tx_callbackN(xfer, error, 5); 3202 } 3203 3204 static void 3205 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3206 { 3207 struct mbuf *m = data->m; 3208 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3209 struct ieee80211vap *vap = data->ni->ni_vap; 3210 struct ieee80211_frame *wh; 3211 struct rt2870_txd *txd; 3212 struct rt2860_txwi *txwi; 3213 uint16_t xferlen, txwisize; 3214 uint16_t mcs; 3215 uint8_t ridx = data->ridx; 3216 uint8_t pad; 3217 3218 /* get MCS code from rate index */ 3219 mcs = rt2860_rates[ridx].mcs; 3220 3221 txwisize = (sc->mac_ver == 0x5592) ? 3222 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3223 xferlen = txwisize + m->m_pkthdr.len; 3224 3225 /* roundup to 32-bit alignment */ 3226 xferlen = (xferlen + 3) & ~3; 3227 3228 txd = (struct rt2870_txd *)&data->desc; 3229 txd->len = htole16(xferlen); 3230 3231 wh = mtod(m, struct ieee80211_frame *); 3232 3233 /* 3234 * Ether both are true or both are false, the header 3235 * are nicely aligned to 32-bit. So, no L2 padding. 3236 */ 3237 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3238 pad = 0; 3239 else 3240 pad = 2; 3241 3242 /* setup TX Wireless Information */ 3243 txwi = (struct rt2860_txwi *)(txd + 1); 3244 txwi->len = htole16(m->m_pkthdr.len - pad); 3245 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3246 txwi->phy = htole16(RT2860_PHY_CCK); 3247 if (ridx != RT2860_RIDX_CCK1 && 3248 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3249 mcs |= RT2860_PHY_SHPRE; 3250 } else 3251 txwi->phy = htole16(RT2860_PHY_OFDM); 3252 txwi->phy |= htole16(mcs); 3253 3254 /* check if RTS/CTS or CTS-to-self protection is required */ 3255 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3256 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3257 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3258 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3259 txwi->txop |= RT2860_TX_TXOP_HT; 3260 else 3261 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3262 3263 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3264 txwi->xflags |= RT2860_TX_NSEQ; 3265 } 3266 3267 /* This function must be called locked */ 3268 static int 3269 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3270 { 3271 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3272 struct ieee80211vap *vap = ni->ni_vap; 3273 struct ieee80211_frame *wh; 3274 struct ieee80211_channel *chan; 3275 const struct ieee80211_txparam *tp; 3276 struct run_node *rn = (void *)ni; 3277 struct run_tx_data *data; 3278 struct rt2870_txd *txd; 3279 struct rt2860_txwi *txwi; 3280 uint16_t qos; 3281 uint16_t dur; 3282 uint16_t qid; 3283 uint8_t type; 3284 uint8_t tid; 3285 uint8_t ridx; 3286 uint8_t ctl_ridx; 3287 uint8_t qflags; 3288 uint8_t xflags = 0; 3289 int hasqos; 3290 3291 RUN_LOCK_ASSERT(sc, MA_OWNED); 3292 3293 wh = mtod(m, struct ieee80211_frame *); 3294 3295 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3296 3297 /* 3298 * There are 7 bulk endpoints: 1 for RX 3299 * and 6 for TX (4 EDCAs + HCCA + Prio). 3300 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3301 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3302 */ 3303 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3304 uint8_t *frm; 3305 3306 if(IEEE80211_HAS_ADDR4(wh)) 3307 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3308 else 3309 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3310 3311 qos = le16toh(*(const uint16_t *)frm); 3312 tid = qos & IEEE80211_QOS_TID; 3313 qid = TID_TO_WME_AC(tid); 3314 } else { 3315 qos = 0; 3316 tid = 0; 3317 qid = WME_AC_BE; 3318 } 3319 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3320 3321 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3322 qos, qid, tid, qflags); 3323 3324 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3325 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3326 3327 /* pickup a rate index */ 3328 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3329 type != IEEE80211_FC0_TYPE_DATA) { 3330 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3331 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3332 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3333 } else { 3334 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3335 ridx = rn->fix_ridx; 3336 else 3337 ridx = rn->amrr_ridx; 3338 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3339 } 3340 3341 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3342 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3343 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3344 xflags |= RT2860_TX_ACK; 3345 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3346 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3347 else 3348 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3349 USETW(wh->i_dur, dur); 3350 } 3351 3352 /* reserve slots for mgmt packets, just in case */ 3353 if (sc->sc_epq[qid].tx_nfree < 3) { 3354 DPRINTFN(10, "tx ring %d is full\n", qid); 3355 return (-1); 3356 } 3357 3358 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3359 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3360 sc->sc_epq[qid].tx_nfree--; 3361 3362 txd = (struct rt2870_txd *)&data->desc; 3363 txd->flags = qflags; 3364 txwi = (struct rt2860_txwi *)(txd + 1); 3365 txwi->xflags = xflags; 3366 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3367 txwi->wcid = 0; 3368 else 3369 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3370 1 : RUN_AID2WCID(ni->ni_associd); 3371 3372 /* clear leftover garbage bits */ 3373 txwi->flags = 0; 3374 txwi->txop = 0; 3375 3376 data->m = m; 3377 data->ni = ni; 3378 data->ridx = ridx; 3379 3380 run_set_tx_desc(sc, data); 3381 3382 /* 3383 * The chip keeps track of 2 kind of Tx stats, 3384 * * TX_STAT_FIFO, for per WCID stats, and 3385 * * TX_STA_CNT0 for all-TX-in-one stats. 3386 * 3387 * To use FIFO stats, we need to store MCS into the driver-private 3388 * PacketID field. So that, we can tell whose stats when we read them. 3389 * We add 1 to the MCS because setting the PacketID field to 0 means 3390 * that we don't want feedback in TX_STAT_FIFO. 3391 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3392 * 3393 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3394 */ 3395 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3396 vap->iv_opmode == IEEE80211_M_MBSS) { 3397 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3398 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3399 3400 /* 3401 * Unlike PCI based devices, we don't get any interrupt from 3402 * USB devices, so we simulate FIFO-is-full interrupt here. 3403 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3404 * quickly get fulled. To prevent overflow, increment a counter on 3405 * every FIFO stat request, so we know how many slots are left. 3406 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3407 * are used only in those modes. 3408 * We just drain stats. AMRR gets updated every 1 sec by 3409 * run_ratectl_cb() via callout. 3410 * Call it early. Otherwise overflow. 3411 */ 3412 if (sc->fifo_cnt++ == 10) { 3413 /* 3414 * With multiple vaps or if_bridge, if_start() is called 3415 * with a non-sleepable lock, tcpinp. So, need to defer. 3416 */ 3417 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3418 DPRINTFN(6, "cmdq_store=%d\n", i); 3419 sc->cmdq[i].func = run_drain_fifo; 3420 sc->cmdq[i].arg0 = sc; 3421 ieee80211_runtask(ic, &sc->cmdq_task); 3422 } 3423 } 3424 3425 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3426 3427 usbd_transfer_start(sc->sc_xfer[qid]); 3428 3429 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3430 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3431 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3432 3433 return (0); 3434 } 3435 3436 static int 3437 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3438 { 3439 struct ifnet *ifp = sc->sc_ifp; 3440 struct ieee80211com *ic = ifp->if_l2com; 3441 struct run_node *rn = (void *)ni; 3442 struct run_tx_data *data; 3443 struct ieee80211_frame *wh; 3444 struct rt2870_txd *txd; 3445 struct rt2860_txwi *txwi; 3446 uint16_t dur; 3447 uint8_t ridx = rn->mgt_ridx; 3448 uint8_t type; 3449 uint8_t xflags = 0; 3450 uint8_t wflags = 0; 3451 3452 RUN_LOCK_ASSERT(sc, MA_OWNED); 3453 3454 wh = mtod(m, struct ieee80211_frame *); 3455 3456 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3457 3458 /* tell hardware to add timestamp for probe responses */ 3459 if ((wh->i_fc[0] & 3460 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3461 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3462 wflags |= RT2860_TX_TS; 3463 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3464 xflags |= RT2860_TX_ACK; 3465 3466 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3467 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3468 USETW(wh->i_dur, dur); 3469 } 3470 3471 if (sc->sc_epq[0].tx_nfree == 0) { 3472 /* let caller free mbuf */ 3473 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3474 return (EIO); 3475 } 3476 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3477 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3478 sc->sc_epq[0].tx_nfree--; 3479 3480 txd = (struct rt2870_txd *)&data->desc; 3481 txd->flags = RT2860_TX_QSEL_EDCA; 3482 txwi = (struct rt2860_txwi *)(txd + 1); 3483 txwi->wcid = 0xff; 3484 txwi->flags = wflags; 3485 txwi->xflags = xflags; 3486 txwi->txop = 0; /* clear leftover garbage bits */ 3487 3488 data->m = m; 3489 data->ni = ni; 3490 data->ridx = ridx; 3491 3492 run_set_tx_desc(sc, data); 3493 3494 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3495 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3496 rt2860_rates[ridx].rate); 3497 3498 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3499 3500 usbd_transfer_start(sc->sc_xfer[0]); 3501 3502 return (0); 3503 } 3504 3505 static int 3506 run_sendprot(struct run_softc *sc, 3507 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3508 { 3509 struct ieee80211com *ic = ni->ni_ic; 3510 struct ieee80211_frame *wh; 3511 struct run_tx_data *data; 3512 struct rt2870_txd *txd; 3513 struct rt2860_txwi *txwi; 3514 struct mbuf *mprot; 3515 int ridx; 3516 int protrate; 3517 int ackrate; 3518 int pktlen; 3519 int isshort; 3520 uint16_t dur; 3521 uint8_t type; 3522 uint8_t wflags = 0; 3523 uint8_t xflags = 0; 3524 3525 RUN_LOCK_ASSERT(sc, MA_OWNED); 3526 3527 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3528 ("protection %d", prot)); 3529 3530 wh = mtod(m, struct ieee80211_frame *); 3531 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3532 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3533 3534 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3535 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3536 3537 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3538 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3539 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3540 wflags = RT2860_TX_FRAG; 3541 3542 /* check that there are free slots before allocating the mbuf */ 3543 if (sc->sc_epq[0].tx_nfree == 0) { 3544 /* let caller free mbuf */ 3545 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3546 return (ENOBUFS); 3547 } 3548 3549 if (prot == IEEE80211_PROT_RTSCTS) { 3550 /* NB: CTS is the same size as an ACK */ 3551 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3552 xflags |= RT2860_TX_ACK; 3553 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3554 } else { 3555 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3556 } 3557 if (mprot == NULL) { 3558 sc->sc_ifp->if_oerrors++; 3559 DPRINTF("could not allocate mbuf\n"); 3560 return (ENOBUFS); 3561 } 3562 3563 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3564 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3565 sc->sc_epq[0].tx_nfree--; 3566 3567 txd = (struct rt2870_txd *)&data->desc; 3568 txd->flags = RT2860_TX_QSEL_EDCA; 3569 txwi = (struct rt2860_txwi *)(txd + 1); 3570 txwi->wcid = 0xff; 3571 txwi->flags = wflags; 3572 txwi->xflags = xflags; 3573 txwi->txop = 0; /* clear leftover garbage bits */ 3574 3575 data->m = mprot; 3576 data->ni = ieee80211_ref_node(ni); 3577 3578 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3579 if (rt2860_rates[ridx].rate == protrate) 3580 break; 3581 data->ridx = ridx; 3582 3583 run_set_tx_desc(sc, data); 3584 3585 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3586 m->m_pkthdr.len, rate); 3587 3588 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3589 3590 usbd_transfer_start(sc->sc_xfer[0]); 3591 3592 return (0); 3593 } 3594 3595 static int 3596 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3597 const struct ieee80211_bpf_params *params) 3598 { 3599 struct ieee80211com *ic = ni->ni_ic; 3600 struct ieee80211_frame *wh; 3601 struct run_tx_data *data; 3602 struct rt2870_txd *txd; 3603 struct rt2860_txwi *txwi; 3604 uint8_t type; 3605 uint8_t ridx; 3606 uint8_t rate; 3607 uint8_t opflags = 0; 3608 uint8_t xflags = 0; 3609 int error; 3610 3611 RUN_LOCK_ASSERT(sc, MA_OWNED); 3612 3613 KASSERT(params != NULL, ("no raw xmit params")); 3614 3615 wh = mtod(m, struct ieee80211_frame *); 3616 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3617 3618 rate = params->ibp_rate0; 3619 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3620 /* let caller free mbuf */ 3621 return (EINVAL); 3622 } 3623 3624 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3625 xflags |= RT2860_TX_ACK; 3626 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3627 error = run_sendprot(sc, m, ni, 3628 params->ibp_flags & IEEE80211_BPF_RTS ? 3629 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3630 rate); 3631 if (error) { 3632 /* let caller free mbuf */ 3633 return error; 3634 } 3635 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3636 } 3637 3638 if (sc->sc_epq[0].tx_nfree == 0) { 3639 /* let caller free mbuf */ 3640 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3641 DPRINTF("sending raw frame, but tx ring is full\n"); 3642 return (EIO); 3643 } 3644 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3645 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3646 sc->sc_epq[0].tx_nfree--; 3647 3648 txd = (struct rt2870_txd *)&data->desc; 3649 txd->flags = RT2860_TX_QSEL_EDCA; 3650 txwi = (struct rt2860_txwi *)(txd + 1); 3651 txwi->wcid = 0xff; 3652 txwi->xflags = xflags; 3653 txwi->txop = opflags; 3654 txwi->flags = 0; /* clear leftover garbage bits */ 3655 3656 data->m = m; 3657 data->ni = ni; 3658 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3659 if (rt2860_rates[ridx].rate == rate) 3660 break; 3661 data->ridx = ridx; 3662 3663 run_set_tx_desc(sc, data); 3664 3665 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3666 m->m_pkthdr.len, rate); 3667 3668 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3669 3670 usbd_transfer_start(sc->sc_xfer[0]); 3671 3672 return (0); 3673 } 3674 3675 static int 3676 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3677 const struct ieee80211_bpf_params *params) 3678 { 3679 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3680 struct run_softc *sc = ifp->if_softc; 3681 int error = 0; 3682 3683 RUN_LOCK(sc); 3684 3685 /* prevent management frames from being sent if we're not ready */ 3686 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3687 error = ENETDOWN; 3688 goto done; 3689 } 3690 3691 if (params == NULL) { 3692 /* tx mgt packet */ 3693 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3694 ifp->if_oerrors++; 3695 DPRINTF("mgt tx failed\n"); 3696 goto done; 3697 } 3698 } else { 3699 /* tx raw packet with param */ 3700 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3701 ifp->if_oerrors++; 3702 DPRINTF("tx with param failed\n"); 3703 goto done; 3704 } 3705 } 3706 3707 ifp->if_opackets++; 3708 3709 done: 3710 RUN_UNLOCK(sc); 3711 3712 if (error != 0) { 3713 if(m != NULL) 3714 m_freem(m); 3715 ieee80211_free_node(ni); 3716 } 3717 3718 return (error); 3719 } 3720 3721 static void 3722 run_start(struct ifnet *ifp) 3723 { 3724 struct run_softc *sc = ifp->if_softc; 3725 struct ieee80211_node *ni; 3726 struct mbuf *m; 3727 3728 RUN_LOCK(sc); 3729 3730 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 3731 RUN_UNLOCK(sc); 3732 return; 3733 } 3734 3735 for (;;) { 3736 /* send data frames */ 3737 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 3738 if (m == NULL) 3739 break; 3740 3741 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3742 if (run_tx(sc, m, ni) != 0) { 3743 IFQ_DRV_PREPEND(&ifp->if_snd, m); 3744 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3745 break; 3746 } 3747 } 3748 3749 RUN_UNLOCK(sc); 3750 } 3751 3752 static int 3753 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3754 { 3755 struct run_softc *sc = ifp->if_softc; 3756 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3757 struct ifreq *ifr = (struct ifreq *) data; 3758 int startall = 0; 3759 int error; 3760 3761 RUN_LOCK(sc); 3762 error = sc->sc_detached ? ENXIO : 0; 3763 RUN_UNLOCK(sc); 3764 if (error) 3765 return (error); 3766 3767 switch (cmd) { 3768 case SIOCSIFFLAGS: 3769 RUN_LOCK(sc); 3770 if (ifp->if_flags & IFF_UP) { 3771 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){ 3772 startall = 1; 3773 run_init_locked(sc); 3774 } else 3775 run_update_promisc_locked(ifp); 3776 } else { 3777 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 3778 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3779 run_stop(sc); 3780 } 3781 } 3782 RUN_UNLOCK(sc); 3783 if (startall) 3784 ieee80211_start_all(ic); 3785 break; 3786 case SIOCGIFMEDIA: 3787 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3788 break; 3789 case SIOCGIFADDR: 3790 error = ether_ioctl(ifp, cmd, data); 3791 break; 3792 default: 3793 error = EINVAL; 3794 break; 3795 } 3796 3797 return (error); 3798 } 3799 3800 static void 3801 run_iq_calib(struct run_softc *sc, u_int chan) 3802 { 3803 uint16_t val; 3804 3805 /* Tx0 IQ gain. */ 3806 run_bbp_write(sc, 158, 0x2c); 3807 if (chan <= 14) 3808 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3809 else if (chan <= 64) { 3810 run_efuse_read(sc, 3811 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3812 &val, 1); 3813 } else if (chan <= 138) { 3814 run_efuse_read(sc, 3815 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3816 &val, 1); 3817 } else if (chan <= 165) { 3818 run_efuse_read(sc, 3819 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3820 &val, 1); 3821 } else 3822 val = 0; 3823 run_bbp_write(sc, 159, val); 3824 3825 /* Tx0 IQ phase. */ 3826 run_bbp_write(sc, 158, 0x2d); 3827 if (chan <= 14) { 3828 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3829 &val, 1); 3830 } else if (chan <= 64) { 3831 run_efuse_read(sc, 3832 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3833 &val, 1); 3834 } else if (chan <= 138) { 3835 run_efuse_read(sc, 3836 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3837 &val, 1); 3838 } else if (chan <= 165) { 3839 run_efuse_read(sc, 3840 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3841 &val, 1); 3842 } else 3843 val = 0; 3844 run_bbp_write(sc, 159, val); 3845 3846 /* Tx1 IQ gain. */ 3847 run_bbp_write(sc, 158, 0x4a); 3848 if (chan <= 14) { 3849 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3850 &val, 1); 3851 } else if (chan <= 64) { 3852 run_efuse_read(sc, 3853 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3854 &val, 1); 3855 } else if (chan <= 138) { 3856 run_efuse_read(sc, 3857 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3858 &val, 1); 3859 } else if (chan <= 165) { 3860 run_efuse_read(sc, 3861 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3862 &val, 1); 3863 } else 3864 val = 0; 3865 run_bbp_write(sc, 159, val); 3866 3867 /* Tx1 IQ phase. */ 3868 run_bbp_write(sc, 158, 0x4b); 3869 if (chan <= 14) { 3870 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3871 &val, 1); 3872 } else if (chan <= 64) { 3873 run_efuse_read(sc, 3874 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3875 &val, 1); 3876 } else if (chan <= 138) { 3877 run_efuse_read(sc, 3878 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3879 &val, 1); 3880 } else if (chan <= 165) { 3881 run_efuse_read(sc, 3882 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3883 &val, 1); 3884 } else 3885 val = 0; 3886 run_bbp_write(sc, 159, val); 3887 3888 /* RF IQ compensation control. */ 3889 run_bbp_write(sc, 158, 0x04); 3890 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3891 &val, 1); 3892 run_bbp_write(sc, 159, val); 3893 3894 /* RF IQ imbalance compensation control. */ 3895 run_bbp_write(sc, 158, 0x03); 3896 run_efuse_read(sc, 3897 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3898 run_bbp_write(sc, 159, val); 3899 } 3900 3901 static void 3902 run_set_agc(struct run_softc *sc, uint8_t agc) 3903 { 3904 uint8_t bbp; 3905 3906 if (sc->mac_ver == 0x3572) { 3907 run_bbp_read(sc, 27, &bbp); 3908 bbp &= ~(0x3 << 5); 3909 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3910 run_bbp_write(sc, 66, agc); 3911 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3912 run_bbp_write(sc, 66, agc); 3913 } else 3914 run_bbp_write(sc, 66, agc); 3915 } 3916 3917 static void 3918 run_select_chan_group(struct run_softc *sc, int group) 3919 { 3920 uint32_t tmp; 3921 uint8_t agc; 3922 3923 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3924 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3925 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3926 if (sc->mac_ver < 0x3572) 3927 run_bbp_write(sc, 86, 0x00); 3928 3929 if (sc->mac_ver == 0x3593) { 3930 run_bbp_write(sc, 77, 0x98); 3931 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3932 } 3933 3934 if (group == 0) { 3935 if (sc->ext_2ghz_lna) { 3936 if (sc->mac_ver >= 0x5390) 3937 run_bbp_write(sc, 75, 0x52); 3938 else { 3939 run_bbp_write(sc, 82, 0x62); 3940 run_bbp_write(sc, 75, 0x46); 3941 } 3942 } else { 3943 if (sc->mac_ver == 0x5592) { 3944 run_bbp_write(sc, 79, 0x1c); 3945 run_bbp_write(sc, 80, 0x0e); 3946 run_bbp_write(sc, 81, 0x3a); 3947 run_bbp_write(sc, 82, 0x62); 3948 3949 run_bbp_write(sc, 195, 0x80); 3950 run_bbp_write(sc, 196, 0xe0); 3951 run_bbp_write(sc, 195, 0x81); 3952 run_bbp_write(sc, 196, 0x1f); 3953 run_bbp_write(sc, 195, 0x82); 3954 run_bbp_write(sc, 196, 0x38); 3955 run_bbp_write(sc, 195, 0x83); 3956 run_bbp_write(sc, 196, 0x32); 3957 run_bbp_write(sc, 195, 0x85); 3958 run_bbp_write(sc, 196, 0x28); 3959 run_bbp_write(sc, 195, 0x86); 3960 run_bbp_write(sc, 196, 0x19); 3961 } else if (sc->mac_ver >= 0x5390) 3962 run_bbp_write(sc, 75, 0x50); 3963 else { 3964 run_bbp_write(sc, 82, 3965 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3966 run_bbp_write(sc, 75, 0x50); 3967 } 3968 } 3969 } else { 3970 if (sc->mac_ver == 0x5592) { 3971 run_bbp_write(sc, 79, 0x18); 3972 run_bbp_write(sc, 80, 0x08); 3973 run_bbp_write(sc, 81, 0x38); 3974 run_bbp_write(sc, 82, 0x92); 3975 3976 run_bbp_write(sc, 195, 0x80); 3977 run_bbp_write(sc, 196, 0xf0); 3978 run_bbp_write(sc, 195, 0x81); 3979 run_bbp_write(sc, 196, 0x1e); 3980 run_bbp_write(sc, 195, 0x82); 3981 run_bbp_write(sc, 196, 0x28); 3982 run_bbp_write(sc, 195, 0x83); 3983 run_bbp_write(sc, 196, 0x20); 3984 run_bbp_write(sc, 195, 0x85); 3985 run_bbp_write(sc, 196, 0x7f); 3986 run_bbp_write(sc, 195, 0x86); 3987 run_bbp_write(sc, 196, 0x7f); 3988 } else if (sc->mac_ver == 0x3572) 3989 run_bbp_write(sc, 82, 0x94); 3990 else 3991 run_bbp_write(sc, 82, 3992 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 3993 if (sc->ext_5ghz_lna) 3994 run_bbp_write(sc, 75, 0x46); 3995 else 3996 run_bbp_write(sc, 75, 0x50); 3997 } 3998 3999 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 4000 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4001 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4002 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4003 4004 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4005 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4006 if (sc->mac_ver == 0x3593) 4007 tmp |= 1 << 29 | 1 << 28; 4008 if (sc->nrxchains > 1) 4009 tmp |= RT2860_LNA_PE1_EN; 4010 if (group == 0) { /* 2GHz */ 4011 tmp |= RT2860_PA_PE_G0_EN; 4012 if (sc->ntxchains > 1) 4013 tmp |= RT2860_PA_PE_G1_EN; 4014 if (sc->mac_ver == 0x3593) { 4015 if (sc->ntxchains > 2) 4016 tmp |= 1 << 25; 4017 } 4018 } else { /* 5GHz */ 4019 tmp |= RT2860_PA_PE_A0_EN; 4020 if (sc->ntxchains > 1) 4021 tmp |= RT2860_PA_PE_A1_EN; 4022 } 4023 if (sc->mac_ver == 0x3572) { 4024 run_rt3070_rf_write(sc, 8, 0x00); 4025 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4026 run_rt3070_rf_write(sc, 8, 0x80); 4027 } else 4028 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4029 4030 if (sc->mac_ver == 0x5592) { 4031 run_bbp_write(sc, 195, 0x8d); 4032 run_bbp_write(sc, 196, 0x1a); 4033 } 4034 4035 if (sc->mac_ver == 0x3593) { 4036 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4037 tmp &= ~0x01010000; 4038 if (group == 0) 4039 tmp |= 0x00010000; 4040 tmp = (tmp & ~0x00009090) | 0x00000090; 4041 run_write(sc, RT2860_GPIO_CTRL, tmp); 4042 } 4043 4044 /* set initial AGC value */ 4045 if (group == 0) { /* 2GHz band */ 4046 if (sc->mac_ver >= 0x3070) 4047 agc = 0x1c + sc->lna[0] * 2; 4048 else 4049 agc = 0x2e + sc->lna[0]; 4050 } else { /* 5GHz band */ 4051 if (sc->mac_ver == 0x5592) 4052 agc = 0x24 + sc->lna[group] * 2; 4053 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4054 agc = 0x22 + (sc->lna[group] * 5) / 3; 4055 else 4056 agc = 0x32 + (sc->lna[group] * 5) / 3; 4057 } 4058 run_set_agc(sc, agc); 4059 } 4060 4061 static void 4062 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4063 { 4064 const struct rfprog *rfprog = rt2860_rf2850; 4065 uint32_t r2, r3, r4; 4066 int8_t txpow1, txpow2; 4067 int i; 4068 4069 /* find the settings for this channel (we know it exists) */ 4070 for (i = 0; rfprog[i].chan != chan; i++); 4071 4072 r2 = rfprog[i].r2; 4073 if (sc->ntxchains == 1) 4074 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4075 if (sc->nrxchains == 1) 4076 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4077 else if (sc->nrxchains == 2) 4078 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4079 4080 /* use Tx power values from EEPROM */ 4081 txpow1 = sc->txpow1[i]; 4082 txpow2 = sc->txpow2[i]; 4083 4084 /* Initialize RF R3 and R4. */ 4085 r3 = rfprog[i].r3 & 0xffffc1ff; 4086 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4087 if (chan > 14) { 4088 if (txpow1 >= 0) { 4089 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4090 r3 |= (txpow1 << 10) | (1 << 9); 4091 } else { 4092 txpow1 += 7; 4093 4094 /* txpow1 is not possible larger than 15. */ 4095 r3 |= (txpow1 << 10); 4096 } 4097 if (txpow2 >= 0) { 4098 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4099 r4 |= (txpow2 << 7) | (1 << 6); 4100 } else { 4101 txpow2 += 7; 4102 r4 |= (txpow2 << 7); 4103 } 4104 } else { 4105 /* Set Tx0 power. */ 4106 r3 |= (txpow1 << 9); 4107 4108 /* Set frequency offset and Tx1 power. */ 4109 r4 |= (txpow2 << 6); 4110 } 4111 4112 run_rt2870_rf_write(sc, rfprog[i].r1); 4113 run_rt2870_rf_write(sc, r2); 4114 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4115 run_rt2870_rf_write(sc, r4); 4116 4117 run_delay(sc, 10); 4118 4119 run_rt2870_rf_write(sc, rfprog[i].r1); 4120 run_rt2870_rf_write(sc, r2); 4121 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4122 run_rt2870_rf_write(sc, r4); 4123 4124 run_delay(sc, 10); 4125 4126 run_rt2870_rf_write(sc, rfprog[i].r1); 4127 run_rt2870_rf_write(sc, r2); 4128 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4129 run_rt2870_rf_write(sc, r4); 4130 } 4131 4132 static void 4133 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4134 { 4135 int8_t txpow1, txpow2; 4136 uint8_t rf; 4137 int i; 4138 4139 /* find the settings for this channel (we know it exists) */ 4140 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4141 4142 /* use Tx power values from EEPROM */ 4143 txpow1 = sc->txpow1[i]; 4144 txpow2 = sc->txpow2[i]; 4145 4146 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4147 4148 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4149 run_rt3070_rf_read(sc, 3, &rf); 4150 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4151 run_rt3070_rf_write(sc, 3, rf); 4152 4153 run_rt3070_rf_read(sc, 6, &rf); 4154 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4155 run_rt3070_rf_write(sc, 6, rf); 4156 4157 /* set Tx0 power */ 4158 run_rt3070_rf_read(sc, 12, &rf); 4159 rf = (rf & ~0x1f) | txpow1; 4160 run_rt3070_rf_write(sc, 12, rf); 4161 4162 /* set Tx1 power */ 4163 run_rt3070_rf_read(sc, 13, &rf); 4164 rf = (rf & ~0x1f) | txpow2; 4165 run_rt3070_rf_write(sc, 13, rf); 4166 4167 run_rt3070_rf_read(sc, 1, &rf); 4168 rf &= ~0xfc; 4169 if (sc->ntxchains == 1) 4170 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4171 else if (sc->ntxchains == 2) 4172 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4173 if (sc->nrxchains == 1) 4174 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4175 else if (sc->nrxchains == 2) 4176 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4177 run_rt3070_rf_write(sc, 1, rf); 4178 4179 /* set RF offset */ 4180 run_rt3070_rf_read(sc, 23, &rf); 4181 rf = (rf & ~0x7f) | sc->freq; 4182 run_rt3070_rf_write(sc, 23, rf); 4183 4184 /* program RF filter */ 4185 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4186 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4187 run_rt3070_rf_write(sc, 24, rf); 4188 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4189 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4190 run_rt3070_rf_write(sc, 31, rf); 4191 4192 /* enable RF tuning */ 4193 run_rt3070_rf_read(sc, 7, &rf); 4194 run_rt3070_rf_write(sc, 7, rf | 0x01); 4195 } 4196 4197 static void 4198 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4199 { 4200 int8_t txpow1, txpow2; 4201 uint32_t tmp; 4202 uint8_t rf; 4203 int i; 4204 4205 /* find the settings for this channel (we know it exists) */ 4206 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4207 4208 /* use Tx power values from EEPROM */ 4209 txpow1 = sc->txpow1[i]; 4210 txpow2 = sc->txpow2[i]; 4211 4212 if (chan <= 14) { 4213 run_bbp_write(sc, 25, sc->bbp25); 4214 run_bbp_write(sc, 26, sc->bbp26); 4215 } else { 4216 /* enable IQ phase correction */ 4217 run_bbp_write(sc, 25, 0x09); 4218 run_bbp_write(sc, 26, 0xff); 4219 } 4220 4221 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4222 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4223 run_rt3070_rf_read(sc, 6, &rf); 4224 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4225 rf |= (chan <= 14) ? 0x08 : 0x04; 4226 run_rt3070_rf_write(sc, 6, rf); 4227 4228 /* set PLL mode */ 4229 run_rt3070_rf_read(sc, 5, &rf); 4230 rf &= ~(0x08 | 0x04); 4231 rf |= (chan <= 14) ? 0x04 : 0x08; 4232 run_rt3070_rf_write(sc, 5, rf); 4233 4234 /* set Tx power for chain 0 */ 4235 if (chan <= 14) 4236 rf = 0x60 | txpow1; 4237 else 4238 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4239 run_rt3070_rf_write(sc, 12, rf); 4240 4241 /* set Tx power for chain 1 */ 4242 if (chan <= 14) 4243 rf = 0x60 | txpow2; 4244 else 4245 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4246 run_rt3070_rf_write(sc, 13, rf); 4247 4248 /* set Tx/Rx streams */ 4249 run_rt3070_rf_read(sc, 1, &rf); 4250 rf &= ~0xfc; 4251 if (sc->ntxchains == 1) 4252 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4253 else if (sc->ntxchains == 2) 4254 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4255 if (sc->nrxchains == 1) 4256 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4257 else if (sc->nrxchains == 2) 4258 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4259 run_rt3070_rf_write(sc, 1, rf); 4260 4261 /* set RF offset */ 4262 run_rt3070_rf_read(sc, 23, &rf); 4263 rf = (rf & ~0x7f) | sc->freq; 4264 run_rt3070_rf_write(sc, 23, rf); 4265 4266 /* program RF filter */ 4267 rf = sc->rf24_20mhz; 4268 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4269 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4270 4271 /* enable RF tuning */ 4272 run_rt3070_rf_read(sc, 7, &rf); 4273 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4274 run_rt3070_rf_write(sc, 7, rf); 4275 4276 /* TSSI */ 4277 rf = (chan <= 14) ? 0xc3 : 0xc0; 4278 run_rt3070_rf_write(sc, 9, rf); 4279 4280 /* set loop filter 1 */ 4281 run_rt3070_rf_write(sc, 10, 0xf1); 4282 /* set loop filter 2 */ 4283 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4284 4285 /* set tx_mx2_ic */ 4286 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4287 /* set tx_mx1_ic */ 4288 if (chan <= 14) 4289 rf = 0x48 | sc->txmixgain_2ghz; 4290 else 4291 rf = 0x78 | sc->txmixgain_5ghz; 4292 run_rt3070_rf_write(sc, 16, rf); 4293 4294 /* set tx_lo1 */ 4295 run_rt3070_rf_write(sc, 17, 0x23); 4296 /* set tx_lo2 */ 4297 if (chan <= 14) 4298 rf = 0x93; 4299 else if (chan <= 64) 4300 rf = 0xb7; 4301 else if (chan <= 128) 4302 rf = 0x74; 4303 else 4304 rf = 0x72; 4305 run_rt3070_rf_write(sc, 19, rf); 4306 4307 /* set rx_lo1 */ 4308 if (chan <= 14) 4309 rf = 0xb3; 4310 else if (chan <= 64) 4311 rf = 0xf6; 4312 else if (chan <= 128) 4313 rf = 0xf4; 4314 else 4315 rf = 0xf3; 4316 run_rt3070_rf_write(sc, 20, rf); 4317 4318 /* set pfd_delay */ 4319 if (chan <= 14) 4320 rf = 0x15; 4321 else if (chan <= 64) 4322 rf = 0x3d; 4323 else 4324 rf = 0x01; 4325 run_rt3070_rf_write(sc, 25, rf); 4326 4327 /* set rx_lo2 */ 4328 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4329 /* set ldo_rf_vc */ 4330 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4331 /* set drv_cc */ 4332 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4333 4334 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4335 tmp &= ~0x8080; 4336 if (chan <= 14) 4337 tmp |= 0x80; 4338 run_write(sc, RT2860_GPIO_CTRL, tmp); 4339 4340 /* enable RF tuning */ 4341 run_rt3070_rf_read(sc, 7, &rf); 4342 run_rt3070_rf_write(sc, 7, rf | 0x01); 4343 4344 run_delay(sc, 2); 4345 } 4346 4347 static void 4348 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4349 { 4350 int8_t txpow1, txpow2, txpow3; 4351 uint8_t h20mhz, rf; 4352 int i; 4353 4354 /* find the settings for this channel (we know it exists) */ 4355 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4356 4357 /* use Tx power values from EEPROM */ 4358 txpow1 = sc->txpow1[i]; 4359 txpow2 = sc->txpow2[i]; 4360 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4361 4362 if (chan <= 14) { 4363 run_bbp_write(sc, 25, sc->bbp25); 4364 run_bbp_write(sc, 26, sc->bbp26); 4365 } else { 4366 /* Enable IQ phase correction. */ 4367 run_bbp_write(sc, 25, 0x09); 4368 run_bbp_write(sc, 26, 0xff); 4369 } 4370 4371 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4372 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4373 run_rt3070_rf_read(sc, 11, &rf); 4374 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4375 run_rt3070_rf_write(sc, 11, rf); 4376 4377 /* Set pll_idoh. */ 4378 run_rt3070_rf_read(sc, 11, &rf); 4379 rf &= ~0x4c; 4380 rf |= (chan <= 14) ? 0x44 : 0x48; 4381 run_rt3070_rf_write(sc, 11, rf); 4382 4383 if (chan <= 14) 4384 rf = txpow1 & 0x1f; 4385 else 4386 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4387 run_rt3070_rf_write(sc, 53, rf); 4388 4389 if (chan <= 14) 4390 rf = txpow2 & 0x1f; 4391 else 4392 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4393 run_rt3070_rf_write(sc, 55, rf); 4394 4395 if (chan <= 14) 4396 rf = txpow3 & 0x1f; 4397 else 4398 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4399 run_rt3070_rf_write(sc, 54, rf); 4400 4401 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4402 if (sc->ntxchains == 3) 4403 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4404 else 4405 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4406 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4407 run_rt3070_rf_write(sc, 1, rf); 4408 4409 run_adjust_freq_offset(sc); 4410 4411 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4412 4413 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4414 run_rt3070_rf_read(sc, 30, &rf); 4415 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4416 run_rt3070_rf_write(sc, 30, rf); 4417 4418 run_rt3070_rf_read(sc, 36, &rf); 4419 if (chan <= 14) 4420 rf |= 0x80; 4421 else 4422 rf &= ~0x80; 4423 run_rt3070_rf_write(sc, 36, rf); 4424 4425 /* Set vcolo_bs. */ 4426 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4427 /* Set pfd_delay. */ 4428 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4429 4430 /* Set vco bias current control. */ 4431 run_rt3070_rf_read(sc, 6, &rf); 4432 rf &= ~0xc0; 4433 if (chan <= 14) 4434 rf |= 0x40; 4435 else if (chan <= 128) 4436 rf |= 0x80; 4437 else 4438 rf |= 0x40; 4439 run_rt3070_rf_write(sc, 6, rf); 4440 4441 run_rt3070_rf_read(sc, 30, &rf); 4442 rf = (rf & ~0x18) | 0x10; 4443 run_rt3070_rf_write(sc, 30, rf); 4444 4445 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4446 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4447 4448 run_rt3070_rf_read(sc, 51, &rf); 4449 rf = (rf & ~0x03) | 0x01; 4450 run_rt3070_rf_write(sc, 51, rf); 4451 /* Set tx_mx1_cc. */ 4452 run_rt3070_rf_read(sc, 51, &rf); 4453 rf &= ~0x1c; 4454 rf |= (chan <= 14) ? 0x14 : 0x10; 4455 run_rt3070_rf_write(sc, 51, rf); 4456 /* Set tx_mx1_ic. */ 4457 run_rt3070_rf_read(sc, 51, &rf); 4458 rf &= ~0xe0; 4459 rf |= (chan <= 14) ? 0x60 : 0x40; 4460 run_rt3070_rf_write(sc, 51, rf); 4461 /* Set tx_lo1_ic. */ 4462 run_rt3070_rf_read(sc, 49, &rf); 4463 rf &= ~0x1c; 4464 rf |= (chan <= 14) ? 0x0c : 0x08; 4465 run_rt3070_rf_write(sc, 49, rf); 4466 /* Set tx_lo1_en. */ 4467 run_rt3070_rf_read(sc, 50, &rf); 4468 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4469 /* Set drv_cc. */ 4470 run_rt3070_rf_read(sc, 57, &rf); 4471 rf &= ~0xfc; 4472 rf |= (chan <= 14) ? 0x6c : 0x3c; 4473 run_rt3070_rf_write(sc, 57, rf); 4474 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4475 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4476 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4477 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4478 /* Enable VCO calibration. */ 4479 run_rt3070_rf_read(sc, 3, &rf); 4480 rf &= ~RT5390_VCOCAL; 4481 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4482 run_rt3070_rf_write(sc, 3, rf); 4483 4484 if (chan <= 14) 4485 rf = 0x23; 4486 else if (chan <= 64) 4487 rf = 0x36; 4488 else if (chan <= 128) 4489 rf = 0x32; 4490 else 4491 rf = 0x30; 4492 run_rt3070_rf_write(sc, 39, rf); 4493 if (chan <= 14) 4494 rf = 0xbb; 4495 else if (chan <= 64) 4496 rf = 0xeb; 4497 else if (chan <= 128) 4498 rf = 0xb3; 4499 else 4500 rf = 0x9b; 4501 run_rt3070_rf_write(sc, 45, rf); 4502 4503 /* Set FEQ/AEQ control. */ 4504 run_bbp_write(sc, 105, 0x34); 4505 } 4506 4507 static void 4508 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4509 { 4510 int8_t txpow1, txpow2; 4511 uint8_t rf; 4512 int i; 4513 4514 /* find the settings for this channel (we know it exists) */ 4515 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4516 4517 /* use Tx power values from EEPROM */ 4518 txpow1 = sc->txpow1[i]; 4519 txpow2 = sc->txpow2[i]; 4520 4521 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4522 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4523 run_rt3070_rf_read(sc, 11, &rf); 4524 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4525 run_rt3070_rf_write(sc, 11, rf); 4526 4527 run_rt3070_rf_read(sc, 49, &rf); 4528 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4529 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4530 if ((rf & 0x3f) > 0x27) 4531 rf = (rf & ~0x3f) | 0x27; 4532 run_rt3070_rf_write(sc, 49, rf); 4533 4534 if (sc->mac_ver == 0x5392) { 4535 run_rt3070_rf_read(sc, 50, &rf); 4536 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4537 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4538 if ((rf & 0x3f) > 0x27) 4539 rf = (rf & ~0x3f) | 0x27; 4540 run_rt3070_rf_write(sc, 50, rf); 4541 } 4542 4543 run_rt3070_rf_read(sc, 1, &rf); 4544 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4545 if (sc->mac_ver == 0x5392) 4546 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4547 run_rt3070_rf_write(sc, 1, rf); 4548 4549 if (sc->mac_ver != 0x5392) { 4550 run_rt3070_rf_read(sc, 2, &rf); 4551 rf |= 0x80; 4552 run_rt3070_rf_write(sc, 2, rf); 4553 run_delay(sc, 10); 4554 rf &= 0x7f; 4555 run_rt3070_rf_write(sc, 2, rf); 4556 } 4557 4558 run_adjust_freq_offset(sc); 4559 4560 if (sc->mac_ver == 0x5392) { 4561 /* Fix for RT5392C. */ 4562 if (sc->mac_rev >= 0x0223) { 4563 if (chan <= 4) 4564 rf = 0x0f; 4565 else if (chan >= 5 && chan <= 7) 4566 rf = 0x0e; 4567 else 4568 rf = 0x0d; 4569 run_rt3070_rf_write(sc, 23, rf); 4570 4571 if (chan <= 4) 4572 rf = 0x0c; 4573 else if (chan == 5) 4574 rf = 0x0b; 4575 else if (chan >= 6 && chan <= 7) 4576 rf = 0x0a; 4577 else if (chan >= 8 && chan <= 10) 4578 rf = 0x09; 4579 else 4580 rf = 0x08; 4581 run_rt3070_rf_write(sc, 59, rf); 4582 } else { 4583 if (chan <= 11) 4584 rf = 0x0f; 4585 else 4586 rf = 0x0b; 4587 run_rt3070_rf_write(sc, 59, rf); 4588 } 4589 } else { 4590 /* Fix for RT5390F. */ 4591 if (sc->mac_rev >= 0x0502) { 4592 if (chan <= 11) 4593 rf = 0x43; 4594 else 4595 rf = 0x23; 4596 run_rt3070_rf_write(sc, 55, rf); 4597 4598 if (chan <= 11) 4599 rf = 0x0f; 4600 else if (chan == 12) 4601 rf = 0x0d; 4602 else 4603 rf = 0x0b; 4604 run_rt3070_rf_write(sc, 59, rf); 4605 } else { 4606 run_rt3070_rf_write(sc, 55, 0x44); 4607 run_rt3070_rf_write(sc, 59, 0x8f); 4608 } 4609 } 4610 4611 /* Enable VCO calibration. */ 4612 run_rt3070_rf_read(sc, 3, &rf); 4613 rf |= RT5390_VCOCAL; 4614 run_rt3070_rf_write(sc, 3, rf); 4615 } 4616 4617 static void 4618 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4619 { 4620 const struct rt5592_freqs *freqs; 4621 uint32_t tmp; 4622 uint8_t reg, rf, txpow_bound; 4623 int8_t txpow1, txpow2; 4624 int i; 4625 4626 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4627 freqs = (tmp & RT5592_SEL_XTAL) ? 4628 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4629 4630 /* find the settings for this channel (we know it exists) */ 4631 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4632 4633 /* use Tx power values from EEPROM */ 4634 txpow1 = sc->txpow1[i]; 4635 txpow2 = sc->txpow2[i]; 4636 4637 run_read(sc, RT3070_LDO_CFG0, &tmp); 4638 tmp &= ~0x1c000000; 4639 if (chan > 14) 4640 tmp |= 0x14000000; 4641 run_write(sc, RT3070_LDO_CFG0, tmp); 4642 4643 /* N setting. */ 4644 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4645 run_rt3070_rf_read(sc, 9, &rf); 4646 rf &= ~(1 << 4); 4647 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4648 run_rt3070_rf_write(sc, 9, rf); 4649 4650 /* K setting. */ 4651 run_rt3070_rf_read(sc, 9, &rf); 4652 rf &= ~0x0f; 4653 rf |= (freqs->k & 0x0f); 4654 run_rt3070_rf_write(sc, 9, rf); 4655 4656 /* Mode setting. */ 4657 run_rt3070_rf_read(sc, 11, &rf); 4658 rf &= ~0x0c; 4659 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4660 run_rt3070_rf_write(sc, 11, rf); 4661 run_rt3070_rf_read(sc, 9, &rf); 4662 rf &= ~(1 << 7); 4663 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4664 run_rt3070_rf_write(sc, 9, rf); 4665 4666 /* R setting. */ 4667 run_rt3070_rf_read(sc, 11, &rf); 4668 rf &= ~0x03; 4669 rf |= (freqs->r - 0x1); 4670 run_rt3070_rf_write(sc, 11, rf); 4671 4672 if (chan <= 14) { 4673 /* Initialize RF registers for 2GHZ. */ 4674 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 4675 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4676 rt5592_2ghz_def_rf[i].val); 4677 } 4678 4679 rf = (chan <= 10) ? 0x07 : 0x06; 4680 run_rt3070_rf_write(sc, 23, rf); 4681 run_rt3070_rf_write(sc, 59, rf); 4682 4683 run_rt3070_rf_write(sc, 55, 0x43); 4684 4685 /* 4686 * RF R49/R50 Tx power ALC code. 4687 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4688 */ 4689 reg = 2; 4690 txpow_bound = 0x27; 4691 } else { 4692 /* Initialize RF registers for 5GHZ. */ 4693 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 4694 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4695 rt5592_5ghz_def_rf[i].val); 4696 } 4697 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 4698 if (chan >= rt5592_chan_5ghz[i].firstchan && 4699 chan <= rt5592_chan_5ghz[i].lastchan) { 4700 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4701 rt5592_chan_5ghz[i].val); 4702 } 4703 } 4704 4705 /* 4706 * RF R49/R50 Tx power ALC code. 4707 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4708 */ 4709 reg = 3; 4710 txpow_bound = 0x2b; 4711 } 4712 4713 /* RF R49 ch0 Tx power ALC code. */ 4714 run_rt3070_rf_read(sc, 49, &rf); 4715 rf &= ~0xc0; 4716 rf |= (reg << 6); 4717 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4718 if ((rf & 0x3f) > txpow_bound) 4719 rf = (rf & ~0x3f) | txpow_bound; 4720 run_rt3070_rf_write(sc, 49, rf); 4721 4722 /* RF R50 ch1 Tx power ALC code. */ 4723 run_rt3070_rf_read(sc, 50, &rf); 4724 rf &= ~(1 << 7 | 1 << 6); 4725 rf |= (reg << 6); 4726 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4727 if ((rf & 0x3f) > txpow_bound) 4728 rf = (rf & ~0x3f) | txpow_bound; 4729 run_rt3070_rf_write(sc, 50, rf); 4730 4731 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4732 run_rt3070_rf_read(sc, 1, &rf); 4733 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4734 if (sc->ntxchains > 1) 4735 rf |= RT3070_TX1_PD; 4736 if (sc->nrxchains > 1) 4737 rf |= RT3070_RX1_PD; 4738 run_rt3070_rf_write(sc, 1, rf); 4739 4740 run_rt3070_rf_write(sc, 6, 0xe4); 4741 4742 run_rt3070_rf_write(sc, 30, 0x10); 4743 run_rt3070_rf_write(sc, 31, 0x80); 4744 run_rt3070_rf_write(sc, 32, 0x80); 4745 4746 run_adjust_freq_offset(sc); 4747 4748 /* Enable VCO calibration. */ 4749 run_rt3070_rf_read(sc, 3, &rf); 4750 rf |= RT5390_VCOCAL; 4751 run_rt3070_rf_write(sc, 3, rf); 4752 } 4753 4754 static void 4755 run_set_rx_antenna(struct run_softc *sc, int aux) 4756 { 4757 uint32_t tmp; 4758 uint8_t bbp152; 4759 4760 if (aux) { 4761 if (sc->rf_rev == RT5390_RF_5370) { 4762 run_bbp_read(sc, 152, &bbp152); 4763 run_bbp_write(sc, 152, bbp152 & ~0x80); 4764 } else { 4765 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4766 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4767 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4768 } 4769 } else { 4770 if (sc->rf_rev == RT5390_RF_5370) { 4771 run_bbp_read(sc, 152, &bbp152); 4772 run_bbp_write(sc, 152, bbp152 | 0x80); 4773 } else { 4774 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4775 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4776 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4777 } 4778 } 4779 } 4780 4781 static int 4782 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4783 { 4784 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4785 u_int chan, group; 4786 4787 chan = ieee80211_chan2ieee(ic, c); 4788 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4789 return (EINVAL); 4790 4791 if (sc->mac_ver == 0x5592) 4792 run_rt5592_set_chan(sc, chan); 4793 else if (sc->mac_ver >= 0x5390) 4794 run_rt5390_set_chan(sc, chan); 4795 else if (sc->mac_ver == 0x3593) 4796 run_rt3593_set_chan(sc, chan); 4797 else if (sc->mac_ver == 0x3572) 4798 run_rt3572_set_chan(sc, chan); 4799 else if (sc->mac_ver >= 0x3070) 4800 run_rt3070_set_chan(sc, chan); 4801 else 4802 run_rt2870_set_chan(sc, chan); 4803 4804 /* determine channel group */ 4805 if (chan <= 14) 4806 group = 0; 4807 else if (chan <= 64) 4808 group = 1; 4809 else if (chan <= 128) 4810 group = 2; 4811 else 4812 group = 3; 4813 4814 /* XXX necessary only when group has changed! */ 4815 run_select_chan_group(sc, group); 4816 4817 run_delay(sc, 10); 4818 4819 /* Perform IQ calibration. */ 4820 if (sc->mac_ver >= 0x5392) 4821 run_iq_calib(sc, chan); 4822 4823 return (0); 4824 } 4825 4826 static void 4827 run_set_channel(struct ieee80211com *ic) 4828 { 4829 struct run_softc *sc = ic->ic_ifp->if_softc; 4830 4831 RUN_LOCK(sc); 4832 run_set_chan(sc, ic->ic_curchan); 4833 RUN_UNLOCK(sc); 4834 4835 return; 4836 } 4837 4838 static void 4839 run_scan_start(struct ieee80211com *ic) 4840 { 4841 struct run_softc *sc = ic->ic_ifp->if_softc; 4842 uint32_t tmp; 4843 4844 RUN_LOCK(sc); 4845 4846 /* abort TSF synchronization */ 4847 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4848 run_write(sc, RT2860_BCN_TIME_CFG, 4849 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4850 RT2860_TBTT_TIMER_EN)); 4851 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4852 4853 RUN_UNLOCK(sc); 4854 4855 return; 4856 } 4857 4858 static void 4859 run_scan_end(struct ieee80211com *ic) 4860 { 4861 struct run_softc *sc = ic->ic_ifp->if_softc; 4862 4863 RUN_LOCK(sc); 4864 4865 run_enable_tsf_sync(sc); 4866 /* XXX keep local copy */ 4867 run_set_bssid(sc, sc->sc_bssid); 4868 4869 RUN_UNLOCK(sc); 4870 4871 return; 4872 } 4873 4874 /* 4875 * Could be called from ieee80211_node_timeout() 4876 * (non-sleepable thread) 4877 */ 4878 static void 4879 run_update_beacon(struct ieee80211vap *vap, int item) 4880 { 4881 struct ieee80211com *ic = vap->iv_ic; 4882 struct run_softc *sc = ic->ic_ifp->if_softc; 4883 struct run_vap *rvp = RUN_VAP(vap); 4884 int mcast = 0; 4885 uint32_t i; 4886 4887 KASSERT(vap != NULL, ("no beacon")); 4888 4889 switch (item) { 4890 case IEEE80211_BEACON_ERP: 4891 run_updateslot(ic->ic_ifp); 4892 break; 4893 case IEEE80211_BEACON_HTINFO: 4894 run_updateprot(ic); 4895 break; 4896 case IEEE80211_BEACON_TIM: 4897 mcast = 1; /*TODO*/ 4898 break; 4899 default: 4900 break; 4901 } 4902 4903 setbit(rvp->bo.bo_flags, item); 4904 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4905 4906 i = RUN_CMDQ_GET(&sc->cmdq_store); 4907 DPRINTF("cmdq_store=%d\n", i); 4908 sc->cmdq[i].func = run_update_beacon_cb; 4909 sc->cmdq[i].arg0 = vap; 4910 ieee80211_runtask(ic, &sc->cmdq_task); 4911 4912 return; 4913 } 4914 4915 static void 4916 run_update_beacon_cb(void *arg) 4917 { 4918 struct ieee80211vap *vap = arg; 4919 struct run_vap *rvp = RUN_VAP(vap); 4920 struct ieee80211com *ic = vap->iv_ic; 4921 struct run_softc *sc = ic->ic_ifp->if_softc; 4922 struct rt2860_txwi txwi; 4923 struct mbuf *m; 4924 uint16_t txwisize; 4925 uint8_t ridx; 4926 4927 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4928 return; 4929 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4930 return; 4931 4932 /* 4933 * No need to call ieee80211_beacon_update(), run_update_beacon() 4934 * is taking care of apropriate calls. 4935 */ 4936 if (rvp->beacon_mbuf == NULL) { 4937 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4938 &rvp->bo); 4939 if (rvp->beacon_mbuf == NULL) 4940 return; 4941 } 4942 m = rvp->beacon_mbuf; 4943 4944 memset(&txwi, 0, sizeof(txwi)); 4945 txwi.wcid = 0xff; 4946 txwi.len = htole16(m->m_pkthdr.len); 4947 4948 /* send beacons at the lowest available rate */ 4949 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4950 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4951 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4952 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4953 txwi.phy |= htole16(RT2860_PHY_OFDM); 4954 txwi.txop = RT2860_TX_TXOP_HT; 4955 txwi.flags = RT2860_TX_TS; 4956 txwi.xflags = RT2860_TX_NSEQ; 4957 4958 txwisize = (sc->mac_ver == 0x5592) ? 4959 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4960 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4961 txwisize); 4962 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4963 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4964 } 4965 4966 static void 4967 run_updateprot(struct ieee80211com *ic) 4968 { 4969 struct run_softc *sc = ic->ic_ifp->if_softc; 4970 uint32_t i; 4971 4972 i = RUN_CMDQ_GET(&sc->cmdq_store); 4973 DPRINTF("cmdq_store=%d\n", i); 4974 sc->cmdq[i].func = run_updateprot_cb; 4975 sc->cmdq[i].arg0 = ic; 4976 ieee80211_runtask(ic, &sc->cmdq_task); 4977 } 4978 4979 static void 4980 run_updateprot_cb(void *arg) 4981 { 4982 struct ieee80211com *ic = arg; 4983 struct run_softc *sc = ic->ic_ifp->if_softc; 4984 uint32_t tmp; 4985 4986 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 4987 /* setup protection frame rate (MCS code) */ 4988 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 4989 rt2860_rates[RT2860_RIDX_OFDM6].mcs : 4990 rt2860_rates[RT2860_RIDX_CCK11].mcs; 4991 4992 /* CCK frames don't require protection */ 4993 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 4994 if (ic->ic_flags & IEEE80211_F_USEPROT) { 4995 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 4996 tmp |= RT2860_PROT_CTRL_RTS_CTS; 4997 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 4998 tmp |= RT2860_PROT_CTRL_CTS; 4999 } 5000 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5001 } 5002 5003 static void 5004 run_usb_timeout_cb(void *arg) 5005 { 5006 struct ieee80211vap *vap = arg; 5007 struct run_softc *sc = vap->iv_ic->ic_ifp->if_softc; 5008 5009 RUN_LOCK_ASSERT(sc, MA_OWNED); 5010 5011 if(vap->iv_state == IEEE80211_S_RUN && 5012 vap->iv_opmode != IEEE80211_M_STA) 5013 run_reset_livelock(sc); 5014 else if (vap->iv_state == IEEE80211_S_SCAN) { 5015 DPRINTF("timeout caused by scan\n"); 5016 /* cancel bgscan */ 5017 ieee80211_cancel_scan(vap); 5018 } else 5019 DPRINTF("timeout by unknown cause\n"); 5020 } 5021 5022 static void 5023 run_reset_livelock(struct run_softc *sc) 5024 { 5025 uint32_t tmp; 5026 5027 RUN_LOCK_ASSERT(sc, MA_OWNED); 5028 5029 /* 5030 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5031 * can run into a livelock and start sending CTS-to-self frames like 5032 * crazy if protection is enabled. Reset MAC/BBP for a while 5033 */ 5034 run_read(sc, RT2860_DEBUG, &tmp); 5035 DPRINTFN(3, "debug reg %08x\n", tmp); 5036 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5037 DPRINTF("CTS-to-self livelock detected\n"); 5038 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5039 run_delay(sc, 1); 5040 run_write(sc, RT2860_MAC_SYS_CTRL, 5041 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5042 } 5043 } 5044 5045 static void 5046 run_update_promisc_locked(struct ifnet *ifp) 5047 { 5048 struct run_softc *sc = ifp->if_softc; 5049 uint32_t tmp; 5050 5051 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5052 5053 tmp |= RT2860_DROP_UC_NOME; 5054 if (ifp->if_flags & IFF_PROMISC) 5055 tmp &= ~RT2860_DROP_UC_NOME; 5056 5057 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5058 5059 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 5060 "entering" : "leaving"); 5061 } 5062 5063 static void 5064 run_update_promisc(struct ifnet *ifp) 5065 { 5066 struct run_softc *sc = ifp->if_softc; 5067 5068 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 5069 return; 5070 5071 RUN_LOCK(sc); 5072 run_update_promisc_locked(ifp); 5073 RUN_UNLOCK(sc); 5074 } 5075 5076 static void 5077 run_enable_tsf_sync(struct run_softc *sc) 5078 { 5079 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5080 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5081 uint32_t tmp; 5082 5083 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5084 ic->ic_opmode); 5085 5086 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5087 tmp &= ~0x1fffff; 5088 tmp |= vap->iv_bss->ni_intval * 16; 5089 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5090 5091 if (ic->ic_opmode == IEEE80211_M_STA) { 5092 /* 5093 * Local TSF is always updated with remote TSF on beacon 5094 * reception. 5095 */ 5096 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5097 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5098 tmp |= RT2860_BCN_TX_EN; 5099 /* 5100 * Local TSF is updated with remote TSF on beacon reception 5101 * only if the remote TSF is greater than local TSF. 5102 */ 5103 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5104 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5105 ic->ic_opmode == IEEE80211_M_MBSS) { 5106 tmp |= RT2860_BCN_TX_EN; 5107 /* SYNC with nobody */ 5108 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5109 } else { 5110 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5111 return; 5112 } 5113 5114 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5115 } 5116 5117 static void 5118 run_enable_mrr(struct run_softc *sc) 5119 { 5120 #define CCK(mcs) (mcs) 5121 #define OFDM(mcs) (1 << 3 | (mcs)) 5122 run_write(sc, RT2860_LG_FBK_CFG0, 5123 OFDM(6) << 28 | /* 54->48 */ 5124 OFDM(5) << 24 | /* 48->36 */ 5125 OFDM(4) << 20 | /* 36->24 */ 5126 OFDM(3) << 16 | /* 24->18 */ 5127 OFDM(2) << 12 | /* 18->12 */ 5128 OFDM(1) << 8 | /* 12-> 9 */ 5129 OFDM(0) << 4 | /* 9-> 6 */ 5130 OFDM(0)); /* 6-> 6 */ 5131 5132 run_write(sc, RT2860_LG_FBK_CFG1, 5133 CCK(2) << 12 | /* 11->5.5 */ 5134 CCK(1) << 8 | /* 5.5-> 2 */ 5135 CCK(0) << 4 | /* 2-> 1 */ 5136 CCK(0)); /* 1-> 1 */ 5137 #undef OFDM 5138 #undef CCK 5139 } 5140 5141 static void 5142 run_set_txpreamble(struct run_softc *sc) 5143 { 5144 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5145 uint32_t tmp; 5146 5147 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5148 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5149 tmp |= RT2860_CCK_SHORT_EN; 5150 else 5151 tmp &= ~RT2860_CCK_SHORT_EN; 5152 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5153 } 5154 5155 static void 5156 run_set_basicrates(struct run_softc *sc) 5157 { 5158 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5159 5160 /* set basic rates mask */ 5161 if (ic->ic_curmode == IEEE80211_MODE_11B) 5162 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5163 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5164 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5165 else /* 11g */ 5166 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5167 } 5168 5169 static void 5170 run_set_leds(struct run_softc *sc, uint16_t which) 5171 { 5172 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5173 which | (sc->leds & 0x7f)); 5174 } 5175 5176 static void 5177 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5178 { 5179 run_write(sc, RT2860_MAC_BSSID_DW0, 5180 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5181 run_write(sc, RT2860_MAC_BSSID_DW1, 5182 bssid[4] | bssid[5] << 8); 5183 } 5184 5185 static void 5186 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5187 { 5188 run_write(sc, RT2860_MAC_ADDR_DW0, 5189 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5190 run_write(sc, RT2860_MAC_ADDR_DW1, 5191 addr[4] | addr[5] << 8 | 0xff << 16); 5192 } 5193 5194 static void 5195 run_updateslot(struct ifnet *ifp) 5196 { 5197 struct run_softc *sc = ifp->if_softc; 5198 struct ieee80211com *ic = ifp->if_l2com; 5199 uint32_t i; 5200 5201 i = RUN_CMDQ_GET(&sc->cmdq_store); 5202 DPRINTF("cmdq_store=%d\n", i); 5203 sc->cmdq[i].func = run_updateslot_cb; 5204 sc->cmdq[i].arg0 = ifp; 5205 ieee80211_runtask(ic, &sc->cmdq_task); 5206 5207 return; 5208 } 5209 5210 /* ARGSUSED */ 5211 static void 5212 run_updateslot_cb(void *arg) 5213 { 5214 struct ifnet *ifp = arg; 5215 struct run_softc *sc = ifp->if_softc; 5216 struct ieee80211com *ic = ifp->if_l2com; 5217 uint32_t tmp; 5218 5219 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5220 tmp &= ~0xff; 5221 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5222 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5223 } 5224 5225 static void 5226 run_update_mcast(struct ifnet *ifp) 5227 { 5228 /* h/w filter supports getting everything or nothing */ 5229 ifp->if_flags |= IFF_ALLMULTI; 5230 } 5231 5232 static int8_t 5233 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5234 { 5235 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5236 struct ieee80211_channel *c = ic->ic_curchan; 5237 int delta; 5238 5239 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5240 u_int chan = ieee80211_chan2ieee(ic, c); 5241 delta = sc->rssi_5ghz[rxchain]; 5242 5243 /* determine channel group */ 5244 if (chan <= 64) 5245 delta -= sc->lna[1]; 5246 else if (chan <= 128) 5247 delta -= sc->lna[2]; 5248 else 5249 delta -= sc->lna[3]; 5250 } else 5251 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5252 5253 return (-12 - delta - rssi); 5254 } 5255 5256 static void 5257 run_rt5390_bbp_init(struct run_softc *sc) 5258 { 5259 int i; 5260 uint8_t bbp; 5261 5262 /* Apply maximum likelihood detection for 2 stream case. */ 5263 run_bbp_read(sc, 105, &bbp); 5264 if (sc->nrxchains > 1) 5265 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5266 5267 /* Avoid data lost and CRC error. */ 5268 run_bbp_read(sc, 4, &bbp); 5269 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5270 5271 if (sc->mac_ver == 0x5592) { 5272 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 5273 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5274 rt5592_def_bbp[i].val); 5275 } 5276 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 5277 run_bbp_write(sc, 195, i + 0x80); 5278 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5279 } 5280 } else { 5281 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 5282 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5283 rt5390_def_bbp[i].val); 5284 } 5285 } 5286 if (sc->mac_ver == 0x5392) { 5287 run_bbp_write(sc, 88, 0x90); 5288 run_bbp_write(sc, 95, 0x9a); 5289 run_bbp_write(sc, 98, 0x12); 5290 run_bbp_write(sc, 106, 0x12); 5291 run_bbp_write(sc, 134, 0xd0); 5292 run_bbp_write(sc, 135, 0xf6); 5293 run_bbp_write(sc, 148, 0x84); 5294 } 5295 5296 run_bbp_read(sc, 152, &bbp); 5297 run_bbp_write(sc, 152, bbp | 0x80); 5298 5299 /* Fix BBP254 for RT5592C. */ 5300 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5301 run_bbp_read(sc, 254, &bbp); 5302 run_bbp_write(sc, 254, bbp | 0x80); 5303 } 5304 5305 /* Disable hardware antenna diversity. */ 5306 if (sc->mac_ver == 0x5390) 5307 run_bbp_write(sc, 154, 0); 5308 5309 /* Initialize Rx CCK/OFDM frequency offset report. */ 5310 run_bbp_write(sc, 142, 1); 5311 run_bbp_write(sc, 143, 57); 5312 } 5313 5314 static int 5315 run_bbp_init(struct run_softc *sc) 5316 { 5317 int i, error, ntries; 5318 uint8_t bbp0; 5319 5320 /* wait for BBP to wake up */ 5321 for (ntries = 0; ntries < 20; ntries++) { 5322 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5323 return error; 5324 if (bbp0 != 0 && bbp0 != 0xff) 5325 break; 5326 } 5327 if (ntries == 20) 5328 return (ETIMEDOUT); 5329 5330 /* initialize BBP registers to default values */ 5331 if (sc->mac_ver >= 0x5390) 5332 run_rt5390_bbp_init(sc); 5333 else { 5334 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 5335 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5336 rt2860_def_bbp[i].val); 5337 } 5338 } 5339 5340 if (sc->mac_ver == 0x3593) { 5341 run_bbp_write(sc, 79, 0x13); 5342 run_bbp_write(sc, 80, 0x05); 5343 run_bbp_write(sc, 81, 0x33); 5344 run_bbp_write(sc, 86, 0x46); 5345 run_bbp_write(sc, 137, 0x0f); 5346 } 5347 5348 /* fix BBP84 for RT2860E */ 5349 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5350 run_bbp_write(sc, 84, 0x19); 5351 5352 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5353 sc->mac_ver != 0x5592)) { 5354 run_bbp_write(sc, 79, 0x13); 5355 run_bbp_write(sc, 80, 0x05); 5356 run_bbp_write(sc, 81, 0x33); 5357 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5358 run_bbp_write(sc, 69, 0x16); 5359 run_bbp_write(sc, 73, 0x12); 5360 } 5361 return (0); 5362 } 5363 5364 static int 5365 run_rt3070_rf_init(struct run_softc *sc) 5366 { 5367 uint32_t tmp; 5368 uint8_t bbp4, mingain, rf, target; 5369 int i; 5370 5371 run_rt3070_rf_read(sc, 30, &rf); 5372 /* toggle RF R30 bit 7 */ 5373 run_rt3070_rf_write(sc, 30, rf | 0x80); 5374 run_delay(sc, 10); 5375 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5376 5377 /* initialize RF registers to default value */ 5378 if (sc->mac_ver == 0x3572) { 5379 for (i = 0; i < nitems(rt3572_def_rf); i++) { 5380 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5381 rt3572_def_rf[i].val); 5382 } 5383 } else { 5384 for (i = 0; i < nitems(rt3070_def_rf); i++) { 5385 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5386 rt3070_def_rf[i].val); 5387 } 5388 } 5389 5390 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5391 /* 5392 * Change voltage from 1.2V to 1.35V for RT3070. 5393 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5394 * in RT3070(F). 5395 */ 5396 run_read(sc, RT3070_LDO_CFG0, &tmp); 5397 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5398 run_write(sc, RT3070_LDO_CFG0, tmp); 5399 5400 } else if (sc->mac_ver == 0x3071) { 5401 run_rt3070_rf_read(sc, 6, &rf); 5402 run_rt3070_rf_write(sc, 6, rf | 0x40); 5403 run_rt3070_rf_write(sc, 31, 0x14); 5404 5405 run_read(sc, RT3070_LDO_CFG0, &tmp); 5406 tmp &= ~0x1f000000; 5407 if (sc->mac_rev < 0x0211) 5408 tmp |= 0x0d000000; /* 1.3V */ 5409 else 5410 tmp |= 0x01000000; /* 1.2V */ 5411 run_write(sc, RT3070_LDO_CFG0, tmp); 5412 5413 /* patch LNA_PE_G1 */ 5414 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5415 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5416 5417 } else if (sc->mac_ver == 0x3572) { 5418 run_rt3070_rf_read(sc, 6, &rf); 5419 run_rt3070_rf_write(sc, 6, rf | 0x40); 5420 5421 /* increase voltage from 1.2V to 1.35V */ 5422 run_read(sc, RT3070_LDO_CFG0, &tmp); 5423 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5424 run_write(sc, RT3070_LDO_CFG0, tmp); 5425 5426 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5427 run_delay(sc, 1); /* wait for 1msec */ 5428 /* decrease voltage back to 1.2V */ 5429 tmp = (tmp & ~0x1f000000) | 0x01000000; 5430 run_write(sc, RT3070_LDO_CFG0, tmp); 5431 } 5432 } 5433 5434 /* select 20MHz bandwidth */ 5435 run_rt3070_rf_read(sc, 31, &rf); 5436 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5437 5438 /* calibrate filter for 20MHz bandwidth */ 5439 sc->rf24_20mhz = 0x1f; /* default value */ 5440 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5441 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5442 5443 /* select 40MHz bandwidth */ 5444 run_bbp_read(sc, 4, &bbp4); 5445 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5446 run_rt3070_rf_read(sc, 31, &rf); 5447 run_rt3070_rf_write(sc, 31, rf | 0x20); 5448 5449 /* calibrate filter for 40MHz bandwidth */ 5450 sc->rf24_40mhz = 0x2f; /* default value */ 5451 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5452 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5453 5454 /* go back to 20MHz bandwidth */ 5455 run_bbp_read(sc, 4, &bbp4); 5456 run_bbp_write(sc, 4, bbp4 & ~0x18); 5457 5458 if (sc->mac_ver == 0x3572) { 5459 /* save default BBP registers 25 and 26 values */ 5460 run_bbp_read(sc, 25, &sc->bbp25); 5461 run_bbp_read(sc, 26, &sc->bbp26); 5462 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5463 run_rt3070_rf_write(sc, 27, 0x03); 5464 5465 run_read(sc, RT3070_OPT_14, &tmp); 5466 run_write(sc, RT3070_OPT_14, tmp | 1); 5467 5468 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5469 run_rt3070_rf_read(sc, 17, &rf); 5470 rf &= ~RT3070_TX_LO1; 5471 if ((sc->mac_ver == 0x3070 || 5472 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5473 !sc->ext_2ghz_lna) 5474 rf |= 0x20; /* fix for long range Rx issue */ 5475 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5476 if (sc->txmixgain_2ghz >= mingain) 5477 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5478 run_rt3070_rf_write(sc, 17, rf); 5479 } 5480 5481 if (sc->mac_rev == 0x3071) { 5482 run_rt3070_rf_read(sc, 1, &rf); 5483 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5484 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5485 run_rt3070_rf_write(sc, 1, rf); 5486 5487 run_rt3070_rf_read(sc, 15, &rf); 5488 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5489 5490 run_rt3070_rf_read(sc, 20, &rf); 5491 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5492 5493 run_rt3070_rf_read(sc, 21, &rf); 5494 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5495 } 5496 5497 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5498 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5499 run_rt3070_rf_read(sc, 27, &rf); 5500 rf &= ~0x77; 5501 if (sc->mac_rev < 0x0211) 5502 rf |= 0x03; 5503 run_rt3070_rf_write(sc, 27, rf); 5504 } 5505 return (0); 5506 } 5507 5508 static void 5509 run_rt3593_rf_init(struct run_softc *sc) 5510 { 5511 uint32_t tmp; 5512 uint8_t rf; 5513 int i; 5514 5515 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5516 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5517 tmp &= ~(1 << 4 | 1 << 7); 5518 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5519 5520 /* Initialize RF registers to default value. */ 5521 for (i = 0; i < nitems(rt3593_def_rf); i++) { 5522 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5523 rt3593_def_rf[i].val); 5524 } 5525 5526 /* Toggle RF R2 to initiate calibration. */ 5527 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5528 5529 /* Initialize RF frequency offset. */ 5530 run_adjust_freq_offset(sc); 5531 5532 run_rt3070_rf_read(sc, 18, &rf); 5533 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5534 5535 /* 5536 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5537 * decrease voltage back to 1.2V. 5538 */ 5539 run_read(sc, RT3070_LDO_CFG0, &tmp); 5540 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5541 run_write(sc, RT3070_LDO_CFG0, tmp); 5542 run_delay(sc, 1); 5543 tmp = (tmp & ~0x1f000000) | 0x01000000; 5544 run_write(sc, RT3070_LDO_CFG0, tmp); 5545 5546 sc->rf24_20mhz = 0x1f; 5547 sc->rf24_40mhz = 0x2f; 5548 5549 /* Save default BBP registers 25 and 26 values. */ 5550 run_bbp_read(sc, 25, &sc->bbp25); 5551 run_bbp_read(sc, 26, &sc->bbp26); 5552 5553 run_read(sc, RT3070_OPT_14, &tmp); 5554 run_write(sc, RT3070_OPT_14, tmp | 1); 5555 } 5556 5557 static void 5558 run_rt5390_rf_init(struct run_softc *sc) 5559 { 5560 uint32_t tmp; 5561 uint8_t rf; 5562 int i; 5563 5564 /* Toggle RF R2 to initiate calibration. */ 5565 if (sc->mac_ver == 0x5390) { 5566 run_rt3070_rf_read(sc, 2, &rf); 5567 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5568 run_delay(sc, 10); 5569 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5570 } else { 5571 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5572 run_delay(sc, 10); 5573 } 5574 5575 /* Initialize RF registers to default value. */ 5576 if (sc->mac_ver == 0x5592) { 5577 for (i = 0; i < nitems(rt5592_def_rf); i++) { 5578 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5579 rt5592_def_rf[i].val); 5580 } 5581 /* Initialize RF frequency offset. */ 5582 run_adjust_freq_offset(sc); 5583 } else if (sc->mac_ver == 0x5392) { 5584 for (i = 0; i < nitems(rt5392_def_rf); i++) { 5585 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5586 rt5392_def_rf[i].val); 5587 } 5588 if (sc->mac_rev >= 0x0223) { 5589 run_rt3070_rf_write(sc, 23, 0x0f); 5590 run_rt3070_rf_write(sc, 24, 0x3e); 5591 run_rt3070_rf_write(sc, 51, 0x32); 5592 run_rt3070_rf_write(sc, 53, 0x22); 5593 run_rt3070_rf_write(sc, 56, 0xc1); 5594 run_rt3070_rf_write(sc, 59, 0x0f); 5595 } 5596 } else { 5597 for (i = 0; i < nitems(rt5390_def_rf); i++) { 5598 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5599 rt5390_def_rf[i].val); 5600 } 5601 if (sc->mac_rev >= 0x0502) { 5602 run_rt3070_rf_write(sc, 6, 0xe0); 5603 run_rt3070_rf_write(sc, 25, 0x80); 5604 run_rt3070_rf_write(sc, 46, 0x73); 5605 run_rt3070_rf_write(sc, 53, 0x00); 5606 run_rt3070_rf_write(sc, 56, 0x42); 5607 run_rt3070_rf_write(sc, 61, 0xd1); 5608 } 5609 } 5610 5611 sc->rf24_20mhz = 0x1f; /* default value */ 5612 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5613 5614 if (sc->mac_rev < 0x0211) 5615 run_rt3070_rf_write(sc, 27, 0x3); 5616 5617 run_read(sc, RT3070_OPT_14, &tmp); 5618 run_write(sc, RT3070_OPT_14, tmp | 1); 5619 } 5620 5621 static int 5622 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5623 uint8_t *val) 5624 { 5625 uint8_t rf22, rf24; 5626 uint8_t bbp55_pb, bbp55_sb, delta; 5627 int ntries; 5628 5629 /* program filter */ 5630 run_rt3070_rf_read(sc, 24, &rf24); 5631 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5632 run_rt3070_rf_write(sc, 24, rf24); 5633 5634 /* enable baseband loopback mode */ 5635 run_rt3070_rf_read(sc, 22, &rf22); 5636 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5637 5638 /* set power and frequency of passband test tone */ 5639 run_bbp_write(sc, 24, 0x00); 5640 for (ntries = 0; ntries < 100; ntries++) { 5641 /* transmit test tone */ 5642 run_bbp_write(sc, 25, 0x90); 5643 run_delay(sc, 10); 5644 /* read received power */ 5645 run_bbp_read(sc, 55, &bbp55_pb); 5646 if (bbp55_pb != 0) 5647 break; 5648 } 5649 if (ntries == 100) 5650 return (ETIMEDOUT); 5651 5652 /* set power and frequency of stopband test tone */ 5653 run_bbp_write(sc, 24, 0x06); 5654 for (ntries = 0; ntries < 100; ntries++) { 5655 /* transmit test tone */ 5656 run_bbp_write(sc, 25, 0x90); 5657 run_delay(sc, 10); 5658 /* read received power */ 5659 run_bbp_read(sc, 55, &bbp55_sb); 5660 5661 delta = bbp55_pb - bbp55_sb; 5662 if (delta > target) 5663 break; 5664 5665 /* reprogram filter */ 5666 rf24++; 5667 run_rt3070_rf_write(sc, 24, rf24); 5668 } 5669 if (ntries < 100) { 5670 if (rf24 != init) 5671 rf24--; /* backtrack */ 5672 *val = rf24; 5673 run_rt3070_rf_write(sc, 24, rf24); 5674 } 5675 5676 /* restore initial state */ 5677 run_bbp_write(sc, 24, 0x00); 5678 5679 /* disable baseband loopback mode */ 5680 run_rt3070_rf_read(sc, 22, &rf22); 5681 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5682 5683 return (0); 5684 } 5685 5686 static void 5687 run_rt3070_rf_setup(struct run_softc *sc) 5688 { 5689 uint8_t bbp, rf; 5690 int i; 5691 5692 if (sc->mac_ver == 0x3572) { 5693 /* enable DC filter */ 5694 if (sc->mac_rev >= 0x0201) 5695 run_bbp_write(sc, 103, 0xc0); 5696 5697 run_bbp_read(sc, 138, &bbp); 5698 if (sc->ntxchains == 1) 5699 bbp |= 0x20; /* turn off DAC1 */ 5700 if (sc->nrxchains == 1) 5701 bbp &= ~0x02; /* turn off ADC1 */ 5702 run_bbp_write(sc, 138, bbp); 5703 5704 if (sc->mac_rev >= 0x0211) { 5705 /* improve power consumption */ 5706 run_bbp_read(sc, 31, &bbp); 5707 run_bbp_write(sc, 31, bbp & ~0x03); 5708 } 5709 5710 run_rt3070_rf_read(sc, 16, &rf); 5711 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5712 run_rt3070_rf_write(sc, 16, rf); 5713 5714 } else if (sc->mac_ver == 0x3071) { 5715 if (sc->mac_rev >= 0x0211) { 5716 /* enable DC filter */ 5717 run_bbp_write(sc, 103, 0xc0); 5718 5719 /* improve power consumption */ 5720 run_bbp_read(sc, 31, &bbp); 5721 run_bbp_write(sc, 31, bbp & ~0x03); 5722 } 5723 5724 run_bbp_read(sc, 138, &bbp); 5725 if (sc->ntxchains == 1) 5726 bbp |= 0x20; /* turn off DAC1 */ 5727 if (sc->nrxchains == 1) 5728 bbp &= ~0x02; /* turn off ADC1 */ 5729 run_bbp_write(sc, 138, bbp); 5730 5731 run_write(sc, RT2860_TX_SW_CFG1, 0); 5732 if (sc->mac_rev < 0x0211) { 5733 run_write(sc, RT2860_TX_SW_CFG2, 5734 sc->patch_dac ? 0x2c : 0x0f); 5735 } else 5736 run_write(sc, RT2860_TX_SW_CFG2, 0); 5737 5738 } else if (sc->mac_ver == 0x3070) { 5739 if (sc->mac_rev >= 0x0201) { 5740 /* enable DC filter */ 5741 run_bbp_write(sc, 103, 0xc0); 5742 5743 /* improve power consumption */ 5744 run_bbp_read(sc, 31, &bbp); 5745 run_bbp_write(sc, 31, bbp & ~0x03); 5746 } 5747 5748 if (sc->mac_rev < 0x0201) { 5749 run_write(sc, RT2860_TX_SW_CFG1, 0); 5750 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5751 } else 5752 run_write(sc, RT2860_TX_SW_CFG2, 0); 5753 } 5754 5755 /* initialize RF registers from ROM for >=RT3071*/ 5756 if (sc->mac_ver >= 0x3071) { 5757 for (i = 0; i < 10; i++) { 5758 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5759 continue; 5760 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5761 } 5762 } 5763 } 5764 5765 static void 5766 run_rt3593_rf_setup(struct run_softc *sc) 5767 { 5768 uint8_t bbp, rf; 5769 5770 if (sc->mac_rev >= 0x0211) { 5771 /* Enable DC filter. */ 5772 run_bbp_write(sc, 103, 0xc0); 5773 } 5774 run_write(sc, RT2860_TX_SW_CFG1, 0); 5775 if (sc->mac_rev < 0x0211) { 5776 run_write(sc, RT2860_TX_SW_CFG2, 5777 sc->patch_dac ? 0x2c : 0x0f); 5778 } else 5779 run_write(sc, RT2860_TX_SW_CFG2, 0); 5780 5781 run_rt3070_rf_read(sc, 50, &rf); 5782 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5783 5784 run_rt3070_rf_read(sc, 51, &rf); 5785 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5786 ((sc->txmixgain_2ghz & 0x07) << 2); 5787 run_rt3070_rf_write(sc, 51, rf); 5788 5789 run_rt3070_rf_read(sc, 38, &rf); 5790 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5791 5792 run_rt3070_rf_read(sc, 39, &rf); 5793 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5794 5795 run_rt3070_rf_read(sc, 1, &rf); 5796 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5797 5798 run_rt3070_rf_read(sc, 30, &rf); 5799 rf = (rf & ~0x18) | 0x10; 5800 run_rt3070_rf_write(sc, 30, rf); 5801 5802 /* Apply maximum likelihood detection for 2 stream case. */ 5803 run_bbp_read(sc, 105, &bbp); 5804 if (sc->nrxchains > 1) 5805 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5806 5807 /* Avoid data lost and CRC error. */ 5808 run_bbp_read(sc, 4, &bbp); 5809 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5810 5811 run_bbp_write(sc, 92, 0x02); 5812 run_bbp_write(sc, 82, 0x82); 5813 run_bbp_write(sc, 106, 0x05); 5814 run_bbp_write(sc, 104, 0x92); 5815 run_bbp_write(sc, 88, 0x90); 5816 run_bbp_write(sc, 148, 0xc8); 5817 run_bbp_write(sc, 47, 0x48); 5818 run_bbp_write(sc, 120, 0x50); 5819 5820 run_bbp_write(sc, 163, 0x9d); 5821 5822 /* SNR mapping. */ 5823 run_bbp_write(sc, 142, 0x06); 5824 run_bbp_write(sc, 143, 0xa0); 5825 run_bbp_write(sc, 142, 0x07); 5826 run_bbp_write(sc, 143, 0xa1); 5827 run_bbp_write(sc, 142, 0x08); 5828 run_bbp_write(sc, 143, 0xa2); 5829 5830 run_bbp_write(sc, 31, 0x08); 5831 run_bbp_write(sc, 68, 0x0b); 5832 run_bbp_write(sc, 105, 0x04); 5833 } 5834 5835 static void 5836 run_rt5390_rf_setup(struct run_softc *sc) 5837 { 5838 uint8_t bbp, rf; 5839 5840 if (sc->mac_rev >= 0x0211) { 5841 /* Enable DC filter. */ 5842 run_bbp_write(sc, 103, 0xc0); 5843 5844 if (sc->mac_ver != 0x5592) { 5845 /* Improve power consumption. */ 5846 run_bbp_read(sc, 31, &bbp); 5847 run_bbp_write(sc, 31, bbp & ~0x03); 5848 } 5849 } 5850 5851 run_bbp_read(sc, 138, &bbp); 5852 if (sc->ntxchains == 1) 5853 bbp |= 0x20; /* turn off DAC1 */ 5854 if (sc->nrxchains == 1) 5855 bbp &= ~0x02; /* turn off ADC1 */ 5856 run_bbp_write(sc, 138, bbp); 5857 5858 run_rt3070_rf_read(sc, 38, &rf); 5859 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5860 5861 run_rt3070_rf_read(sc, 39, &rf); 5862 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5863 5864 /* Avoid data lost and CRC error. */ 5865 run_bbp_read(sc, 4, &bbp); 5866 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5867 5868 run_rt3070_rf_read(sc, 30, &rf); 5869 rf = (rf & ~0x18) | 0x10; 5870 run_rt3070_rf_write(sc, 30, rf); 5871 5872 if (sc->mac_ver != 0x5592) { 5873 run_write(sc, RT2860_TX_SW_CFG1, 0); 5874 if (sc->mac_rev < 0x0211) { 5875 run_write(sc, RT2860_TX_SW_CFG2, 5876 sc->patch_dac ? 0x2c : 0x0f); 5877 } else 5878 run_write(sc, RT2860_TX_SW_CFG2, 0); 5879 } 5880 } 5881 5882 static int 5883 run_txrx_enable(struct run_softc *sc) 5884 { 5885 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5886 uint32_t tmp; 5887 int error, ntries; 5888 5889 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5890 for (ntries = 0; ntries < 200; ntries++) { 5891 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5892 return (error); 5893 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5894 break; 5895 run_delay(sc, 50); 5896 } 5897 if (ntries == 200) 5898 return (ETIMEDOUT); 5899 5900 run_delay(sc, 50); 5901 5902 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5903 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5904 5905 /* enable Rx bulk aggregation (set timeout and limit) */ 5906 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5907 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5908 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5909 5910 /* set Rx filter */ 5911 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5912 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5913 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5914 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5915 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5916 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5917 if (ic->ic_opmode == IEEE80211_M_STA) 5918 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5919 } 5920 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5921 5922 run_write(sc, RT2860_MAC_SYS_CTRL, 5923 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5924 5925 return (0); 5926 } 5927 5928 static void 5929 run_adjust_freq_offset(struct run_softc *sc) 5930 { 5931 uint8_t rf, tmp; 5932 5933 run_rt3070_rf_read(sc, 17, &rf); 5934 tmp = rf; 5935 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5936 rf = MIN(rf, 0x5f); 5937 5938 if (tmp != rf) 5939 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5940 } 5941 5942 static void 5943 run_init_locked(struct run_softc *sc) 5944 { 5945 struct ifnet *ifp = sc->sc_ifp; 5946 struct ieee80211com *ic = ifp->if_l2com; 5947 uint32_t tmp; 5948 uint8_t bbp1, bbp3; 5949 int i; 5950 int ridx; 5951 int ntries; 5952 5953 if (ic->ic_nrunning > 1) 5954 return; 5955 5956 run_stop(sc); 5957 5958 if (run_load_microcode(sc) != 0) { 5959 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5960 goto fail; 5961 } 5962 5963 for (ntries = 0; ntries < 100; ntries++) { 5964 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5965 goto fail; 5966 if (tmp != 0 && tmp != 0xffffffff) 5967 break; 5968 run_delay(sc, 10); 5969 } 5970 if (ntries == 100) 5971 goto fail; 5972 5973 for (i = 0; i != RUN_EP_QUEUES; i++) 5974 run_setup_tx_list(sc, &sc->sc_epq[i]); 5975 5976 run_set_macaddr(sc, IF_LLADDR(ifp)); 5977 5978 for (ntries = 0; ntries < 100; ntries++) { 5979 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 5980 goto fail; 5981 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5982 break; 5983 run_delay(sc, 10); 5984 } 5985 if (ntries == 100) { 5986 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 5987 goto fail; 5988 } 5989 tmp &= 0xff0; 5990 tmp |= RT2860_TX_WB_DDONE; 5991 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5992 5993 /* turn off PME_OEN to solve high-current issue */ 5994 run_read(sc, RT2860_SYS_CTRL, &tmp); 5995 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 5996 5997 run_write(sc, RT2860_MAC_SYS_CTRL, 5998 RT2860_BBP_HRST | RT2860_MAC_SRST); 5999 run_write(sc, RT2860_USB_DMA_CFG, 0); 6000 6001 if (run_reset(sc) != 0) { 6002 device_printf(sc->sc_dev, "could not reset chipset\n"); 6003 goto fail; 6004 } 6005 6006 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6007 6008 /* init Tx power for all Tx rates (from EEPROM) */ 6009 for (ridx = 0; ridx < 5; ridx++) { 6010 if (sc->txpow20mhz[ridx] == 0xffffffff) 6011 continue; 6012 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6013 } 6014 6015 for (i = 0; i < nitems(rt2870_def_mac); i++) 6016 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6017 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6018 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6019 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6020 6021 if (sc->mac_ver >= 0x5390) { 6022 run_write(sc, RT2860_TX_SW_CFG0, 6023 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6024 if (sc->mac_ver >= 0x5392) { 6025 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6026 if (sc->mac_ver == 0x5592) { 6027 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6028 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6029 } else { 6030 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6031 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6032 } 6033 } 6034 } else if (sc->mac_ver == 0x3593) { 6035 run_write(sc, RT2860_TX_SW_CFG0, 6036 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6037 } else if (sc->mac_ver >= 0x3070) { 6038 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6039 run_write(sc, RT2860_TX_SW_CFG0, 6040 4 << RT2860_DLY_PAPE_EN_SHIFT); 6041 } 6042 6043 /* wait while MAC is busy */ 6044 for (ntries = 0; ntries < 100; ntries++) { 6045 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6046 goto fail; 6047 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6048 break; 6049 run_delay(sc, 10); 6050 } 6051 if (ntries == 100) 6052 goto fail; 6053 6054 /* clear Host to MCU mailbox */ 6055 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6056 run_write(sc, RT2860_H2M_MAILBOX, 0); 6057 run_delay(sc, 10); 6058 6059 if (run_bbp_init(sc) != 0) { 6060 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6061 goto fail; 6062 } 6063 6064 /* abort TSF synchronization */ 6065 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6066 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6067 RT2860_TBTT_TIMER_EN); 6068 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6069 6070 /* clear RX WCID search table */ 6071 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6072 /* clear WCID attribute table */ 6073 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6074 6075 /* hostapd sets a key before init. So, don't clear it. */ 6076 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6077 /* clear shared key table */ 6078 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6079 /* clear shared key mode */ 6080 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6081 } 6082 6083 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6084 tmp = (tmp & ~0xff) | 0x1e; 6085 run_write(sc, RT2860_US_CYC_CNT, tmp); 6086 6087 if (sc->mac_rev != 0x0101) 6088 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6089 6090 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6091 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6092 6093 /* write vendor-specific BBP values (from EEPROM) */ 6094 if (sc->mac_ver < 0x3593) { 6095 for (i = 0; i < 10; i++) { 6096 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6097 continue; 6098 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6099 } 6100 } 6101 6102 /* select Main antenna for 1T1R devices */ 6103 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6104 run_set_rx_antenna(sc, 0); 6105 6106 /* send LEDs operating mode to microcontroller */ 6107 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6108 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6109 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6110 6111 if (sc->mac_ver >= 0x5390) 6112 run_rt5390_rf_init(sc); 6113 else if (sc->mac_ver == 0x3593) 6114 run_rt3593_rf_init(sc); 6115 else if (sc->mac_ver >= 0x3070) 6116 run_rt3070_rf_init(sc); 6117 6118 /* disable non-existing Rx chains */ 6119 run_bbp_read(sc, 3, &bbp3); 6120 bbp3 &= ~(1 << 3 | 1 << 4); 6121 if (sc->nrxchains == 2) 6122 bbp3 |= 1 << 3; 6123 else if (sc->nrxchains == 3) 6124 bbp3 |= 1 << 4; 6125 run_bbp_write(sc, 3, bbp3); 6126 6127 /* disable non-existing Tx chains */ 6128 run_bbp_read(sc, 1, &bbp1); 6129 if (sc->ntxchains == 1) 6130 bbp1 &= ~(1 << 3 | 1 << 4); 6131 run_bbp_write(sc, 1, bbp1); 6132 6133 if (sc->mac_ver >= 0x5390) 6134 run_rt5390_rf_setup(sc); 6135 else if (sc->mac_ver == 0x3593) 6136 run_rt3593_rf_setup(sc); 6137 else if (sc->mac_ver >= 0x3070) 6138 run_rt3070_rf_setup(sc); 6139 6140 /* select default channel */ 6141 run_set_chan(sc, ic->ic_curchan); 6142 6143 /* setup initial protection mode */ 6144 run_updateprot_cb(ic); 6145 6146 /* turn radio LED on */ 6147 run_set_leds(sc, RT2860_LED_RADIO); 6148 6149 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 6150 ifp->if_drv_flags |= IFF_DRV_RUNNING; 6151 sc->cmdq_run = RUN_CMDQ_GO; 6152 6153 for (i = 0; i != RUN_N_XFER; i++) 6154 usbd_xfer_set_stall(sc->sc_xfer[i]); 6155 6156 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6157 6158 if (run_txrx_enable(sc) != 0) 6159 goto fail; 6160 6161 return; 6162 6163 fail: 6164 run_stop(sc); 6165 } 6166 6167 static void 6168 run_init(void *arg) 6169 { 6170 struct run_softc *sc = arg; 6171 struct ifnet *ifp = sc->sc_ifp; 6172 struct ieee80211com *ic = ifp->if_l2com; 6173 6174 RUN_LOCK(sc); 6175 run_init_locked(sc); 6176 RUN_UNLOCK(sc); 6177 6178 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6179 ieee80211_start_all(ic); 6180 } 6181 6182 static void 6183 run_stop(void *arg) 6184 { 6185 struct run_softc *sc = (struct run_softc *)arg; 6186 struct ifnet *ifp = sc->sc_ifp; 6187 uint32_t tmp; 6188 int i; 6189 int ntries; 6190 6191 RUN_LOCK_ASSERT(sc, MA_OWNED); 6192 6193 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6194 run_set_leds(sc, 0); /* turn all LEDs off */ 6195 6196 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 6197 6198 sc->ratectl_run = RUN_RATECTL_OFF; 6199 sc->cmdq_run = sc->cmdq_key_set; 6200 6201 RUN_UNLOCK(sc); 6202 6203 for(i = 0; i < RUN_N_XFER; i++) 6204 usbd_transfer_drain(sc->sc_xfer[i]); 6205 6206 RUN_LOCK(sc); 6207 6208 if (sc->rx_m != NULL) { 6209 m_free(sc->rx_m); 6210 sc->rx_m = NULL; 6211 } 6212 6213 /* Disable Tx/Rx DMA. */ 6214 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6215 return; 6216 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6217 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6218 6219 for (ntries = 0; ntries < 100; ntries++) { 6220 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6221 return; 6222 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6223 break; 6224 run_delay(sc, 10); 6225 } 6226 if (ntries == 100) { 6227 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6228 return; 6229 } 6230 6231 /* disable Tx/Rx */ 6232 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6233 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6234 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6235 6236 /* wait for pending Tx to complete */ 6237 for (ntries = 0; ntries < 100; ntries++) { 6238 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6239 DPRINTF("Cannot read Tx queue count\n"); 6240 break; 6241 } 6242 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6243 DPRINTF("All Tx cleared\n"); 6244 break; 6245 } 6246 run_delay(sc, 10); 6247 } 6248 if (ntries >= 100) 6249 DPRINTF("There are still pending Tx\n"); 6250 run_delay(sc, 10); 6251 run_write(sc, RT2860_USB_DMA_CFG, 0); 6252 6253 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6254 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6255 6256 for (i = 0; i != RUN_EP_QUEUES; i++) 6257 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6258 } 6259 6260 static void 6261 run_delay(struct run_softc *sc, u_int ms) 6262 { 6263 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ? 6264 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms)); 6265 } 6266 6267 static device_method_t run_methods[] = { 6268 /* Device interface */ 6269 DEVMETHOD(device_probe, run_match), 6270 DEVMETHOD(device_attach, run_attach), 6271 DEVMETHOD(device_detach, run_detach), 6272 DEVMETHOD_END 6273 }; 6274 6275 static driver_t run_driver = { 6276 .name = "run", 6277 .methods = run_methods, 6278 .size = sizeof(struct run_softc) 6279 }; 6280 6281 static devclass_t run_devclass; 6282 6283 DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6284 MODULE_DEPEND(run, wlan, 1, 1, 1); 6285 MODULE_DEPEND(run, usb, 1, 1, 1); 6286 MODULE_DEPEND(run, firmware, 1, 1, 1); 6287 MODULE_VERSION(run, 1); 6288