1 /*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD$"); 22 23 /*- 24 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sockio.h> 30 #include <sys/sysctl.h> 31 #include <sys/lock.h> 32 #include <sys/mutex.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 #include <sys/linker.h> 42 #include <sys/firmware.h> 43 #include <sys/kdb.h> 44 45 #include <machine/bus.h> 46 #include <machine/resource.h> 47 #include <sys/rman.h> 48 49 #include <net/bpf.h> 50 #include <net/if.h> 51 #include <net/if_var.h> 52 #include <net/if_arp.h> 53 #include <net/ethernet.h> 54 #include <net/if_dl.h> 55 #include <net/if_media.h> 56 #include <net/if_types.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #include <netinet/ip.h> 63 64 #include <net80211/ieee80211_var.h> 65 #include <net80211/ieee80211_regdomain.h> 66 #include <net80211/ieee80211_radiotap.h> 67 #include <net80211/ieee80211_ratectl.h> 68 69 #include <dev/usb/usb.h> 70 #include <dev/usb/usbdi.h> 71 #include "usbdevs.h" 72 73 #define USB_DEBUG_VAR run_debug 74 #include <dev/usb/usb_debug.h> 75 #include <dev/usb/usb_msctest.h> 76 77 #include <dev/usb/wlan/if_runreg.h> 78 #include <dev/usb/wlan/if_runvar.h> 79 80 #ifdef USB_DEBUG 81 #define RUN_DEBUG 82 #endif 83 84 #ifdef RUN_DEBUG 85 int run_debug = 0; 86 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 87 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 88 "run debug level"); 89 #endif 90 91 #define IEEE80211_HAS_ADDR4(wh) \ 92 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 93 94 /* 95 * Because of LOR in run_key_delete(), use atomic instead. 96 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 97 */ 98 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 99 100 static const STRUCT_USB_HOST_ID run_devs[] = { 101 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 102 #define RUN_DEV_EJECT(v,p) \ 103 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, 0) } 104 RUN_DEV(ABOCOM, RT2770), 105 RUN_DEV(ABOCOM, RT2870), 106 RUN_DEV(ABOCOM, RT3070), 107 RUN_DEV(ABOCOM, RT3071), 108 RUN_DEV(ABOCOM, RT3072), 109 RUN_DEV(ABOCOM2, RT2870_1), 110 RUN_DEV(ACCTON, RT2770), 111 RUN_DEV(ACCTON, RT2870_1), 112 RUN_DEV(ACCTON, RT2870_2), 113 RUN_DEV(ACCTON, RT2870_3), 114 RUN_DEV(ACCTON, RT2870_4), 115 RUN_DEV(ACCTON, RT2870_5), 116 RUN_DEV(ACCTON, RT3070), 117 RUN_DEV(ACCTON, RT3070_1), 118 RUN_DEV(ACCTON, RT3070_2), 119 RUN_DEV(ACCTON, RT3070_3), 120 RUN_DEV(ACCTON, RT3070_4), 121 RUN_DEV(ACCTON, RT3070_5), 122 RUN_DEV(AIRTIES, RT3070), 123 RUN_DEV(ALLWIN, RT2070), 124 RUN_DEV(ALLWIN, RT2770), 125 RUN_DEV(ALLWIN, RT2870), 126 RUN_DEV(ALLWIN, RT3070), 127 RUN_DEV(ALLWIN, RT3071), 128 RUN_DEV(ALLWIN, RT3072), 129 RUN_DEV(ALLWIN, RT3572), 130 RUN_DEV(AMIGO, RT2870_1), 131 RUN_DEV(AMIGO, RT2870_2), 132 RUN_DEV(AMIT, CGWLUSB2GNR), 133 RUN_DEV(AMIT, RT2870_1), 134 RUN_DEV(AMIT2, RT2870), 135 RUN_DEV(ASUS, RT2870_1), 136 RUN_DEV(ASUS, RT2870_2), 137 RUN_DEV(ASUS, RT2870_3), 138 RUN_DEV(ASUS, RT2870_4), 139 RUN_DEV(ASUS, RT2870_5), 140 RUN_DEV(ASUS, USBN13), 141 RUN_DEV(ASUS, RT3070_1), 142 RUN_DEV(ASUS, USBN66), 143 RUN_DEV(ASUS, USB_N53), 144 RUN_DEV(ASUS2, USBN11), 145 RUN_DEV(AZUREWAVE, RT2870_1), 146 RUN_DEV(AZUREWAVE, RT2870_2), 147 RUN_DEV(AZUREWAVE, RT3070_1), 148 RUN_DEV(AZUREWAVE, RT3070_2), 149 RUN_DEV(AZUREWAVE, RT3070_3), 150 RUN_DEV(BELKIN, F9L1103), 151 RUN_DEV(BELKIN, F5D8053V3), 152 RUN_DEV(BELKIN, F5D8055), 153 RUN_DEV(BELKIN, F5D8055V2), 154 RUN_DEV(BELKIN, F6D4050V1), 155 RUN_DEV(BELKIN, F6D4050V2), 156 RUN_DEV(BELKIN, RT2870_1), 157 RUN_DEV(BELKIN, RT2870_2), 158 RUN_DEV(CISCOLINKSYS, AE1000), 159 RUN_DEV(CISCOLINKSYS2, RT3070), 160 RUN_DEV(CISCOLINKSYS3, RT3070), 161 RUN_DEV(CONCEPTRONIC2, RT2870_1), 162 RUN_DEV(CONCEPTRONIC2, RT2870_2), 163 RUN_DEV(CONCEPTRONIC2, RT2870_3), 164 RUN_DEV(CONCEPTRONIC2, RT2870_4), 165 RUN_DEV(CONCEPTRONIC2, RT2870_5), 166 RUN_DEV(CONCEPTRONIC2, RT2870_6), 167 RUN_DEV(CONCEPTRONIC2, RT2870_7), 168 RUN_DEV(CONCEPTRONIC2, RT2870_8), 169 RUN_DEV(CONCEPTRONIC2, RT3070_1), 170 RUN_DEV(CONCEPTRONIC2, RT3070_2), 171 RUN_DEV(CONCEPTRONIC2, VIGORN61), 172 RUN_DEV(COREGA, CGWLUSB300GNM), 173 RUN_DEV(COREGA, RT2870_1), 174 RUN_DEV(COREGA, RT2870_2), 175 RUN_DEV(COREGA, RT2870_3), 176 RUN_DEV(COREGA, RT3070), 177 RUN_DEV(CYBERTAN, RT2870), 178 RUN_DEV(DLINK, RT2870), 179 RUN_DEV(DLINK, RT3072), 180 RUN_DEV(DLINK, DWA127), 181 RUN_DEV(DLINK, DWA140B3), 182 RUN_DEV(DLINK, DWA160B2), 183 RUN_DEV(DLINK, DWA162), 184 RUN_DEV(DLINK2, DWA130), 185 RUN_DEV(DLINK2, RT2870_1), 186 RUN_DEV(DLINK2, RT2870_2), 187 RUN_DEV(DLINK2, RT3070_1), 188 RUN_DEV(DLINK2, RT3070_2), 189 RUN_DEV(DLINK2, RT3070_3), 190 RUN_DEV(DLINK2, RT3070_4), 191 RUN_DEV(DLINK2, RT3070_5), 192 RUN_DEV(DLINK2, RT3072), 193 RUN_DEV(DLINK2, RT3072_1), 194 RUN_DEV(EDIMAX, EW7717), 195 RUN_DEV(EDIMAX, EW7718), 196 RUN_DEV(EDIMAX, EW7733UND), 197 RUN_DEV(EDIMAX, RT2870_1), 198 RUN_DEV(ENCORE, RT3070_1), 199 RUN_DEV(ENCORE, RT3070_2), 200 RUN_DEV(ENCORE, RT3070_3), 201 RUN_DEV(GIGABYTE, GNWB31N), 202 RUN_DEV(GIGABYTE, GNWB32L), 203 RUN_DEV(GIGABYTE, RT2870_1), 204 RUN_DEV(GIGASET, RT3070_1), 205 RUN_DEV(GIGASET, RT3070_2), 206 RUN_DEV(GUILLEMOT, HWNU300), 207 RUN_DEV(HAWKING, HWUN2), 208 RUN_DEV(HAWKING, RT2870_1), 209 RUN_DEV(HAWKING, RT2870_2), 210 RUN_DEV(HAWKING, RT3070), 211 RUN_DEV(IODATA, RT3072_1), 212 RUN_DEV(IODATA, RT3072_2), 213 RUN_DEV(IODATA, RT3072_3), 214 RUN_DEV(IODATA, RT3072_4), 215 RUN_DEV(LINKSYS4, RT3070), 216 RUN_DEV(LINKSYS4, WUSB100), 217 RUN_DEV(LINKSYS4, WUSB54GCV3), 218 RUN_DEV(LINKSYS4, WUSB600N), 219 RUN_DEV(LINKSYS4, WUSB600NV2), 220 RUN_DEV(LOGITEC, RT2870_1), 221 RUN_DEV(LOGITEC, RT2870_2), 222 RUN_DEV(LOGITEC, RT2870_3), 223 RUN_DEV(LOGITEC, LANW300NU2), 224 RUN_DEV(LOGITEC, LANW150NU2), 225 RUN_DEV(LOGITEC, LANW300NU2S), 226 RUN_DEV(MELCO, RT2870_1), 227 RUN_DEV(MELCO, RT2870_2), 228 RUN_DEV(MELCO, WLIUCAG300N), 229 RUN_DEV(MELCO, WLIUCG300N), 230 RUN_DEV(MELCO, WLIUCG301N), 231 RUN_DEV(MELCO, WLIUCGN), 232 RUN_DEV(MELCO, WLIUCGNM), 233 RUN_DEV(MELCO, WLIUCGNM2), 234 RUN_DEV(MOTOROLA4, RT2770), 235 RUN_DEV(MOTOROLA4, RT3070), 236 RUN_DEV(MSI, RT3070_1), 237 RUN_DEV(MSI, RT3070_2), 238 RUN_DEV(MSI, RT3070_3), 239 RUN_DEV(MSI, RT3070_4), 240 RUN_DEV(MSI, RT3070_5), 241 RUN_DEV(MSI, RT3070_6), 242 RUN_DEV(MSI, RT3070_7), 243 RUN_DEV(MSI, RT3070_8), 244 RUN_DEV(MSI, RT3070_9), 245 RUN_DEV(MSI, RT3070_10), 246 RUN_DEV(MSI, RT3070_11), 247 RUN_DEV(OVISLINK, RT3072), 248 RUN_DEV(PARA, RT3070), 249 RUN_DEV(PEGATRON, RT2870), 250 RUN_DEV(PEGATRON, RT3070), 251 RUN_DEV(PEGATRON, RT3070_2), 252 RUN_DEV(PEGATRON, RT3070_3), 253 RUN_DEV(PHILIPS, RT2870), 254 RUN_DEV(PLANEX2, GWUS300MINIS), 255 RUN_DEV(PLANEX2, GWUSMICRON), 256 RUN_DEV(PLANEX2, RT2870), 257 RUN_DEV(PLANEX2, RT3070), 258 RUN_DEV(QCOM, RT2870), 259 RUN_DEV(QUANTA, RT3070), 260 RUN_DEV(RALINK, RT2070), 261 RUN_DEV(RALINK, RT2770), 262 RUN_DEV(RALINK, RT2870), 263 RUN_DEV(RALINK, RT3070), 264 RUN_DEV(RALINK, RT3071), 265 RUN_DEV(RALINK, RT3072), 266 RUN_DEV(RALINK, RT3370), 267 RUN_DEV(RALINK, RT3572), 268 RUN_DEV(RALINK, RT3573), 269 RUN_DEV(RALINK, RT5370), 270 RUN_DEV(RALINK, RT5572), 271 RUN_DEV(RALINK, RT8070), 272 RUN_DEV(SAMSUNG, WIS09ABGN), 273 RUN_DEV(SAMSUNG2, RT2870_1), 274 RUN_DEV(SENAO, RT2870_1), 275 RUN_DEV(SENAO, RT2870_2), 276 RUN_DEV(SENAO, RT2870_3), 277 RUN_DEV(SENAO, RT2870_4), 278 RUN_DEV(SENAO, RT3070), 279 RUN_DEV(SENAO, RT3071), 280 RUN_DEV(SENAO, RT3072_1), 281 RUN_DEV(SENAO, RT3072_2), 282 RUN_DEV(SENAO, RT3072_3), 283 RUN_DEV(SENAO, RT3072_4), 284 RUN_DEV(SENAO, RT3072_5), 285 RUN_DEV(SITECOMEU, RT2770), 286 RUN_DEV(SITECOMEU, RT2870_1), 287 RUN_DEV(SITECOMEU, RT2870_2), 288 RUN_DEV(SITECOMEU, RT2870_3), 289 RUN_DEV(SITECOMEU, RT2870_4), 290 RUN_DEV(SITECOMEU, RT3070), 291 RUN_DEV(SITECOMEU, RT3070_2), 292 RUN_DEV(SITECOMEU, RT3070_3), 293 RUN_DEV(SITECOMEU, RT3070_4), 294 RUN_DEV(SITECOMEU, RT3071), 295 RUN_DEV(SITECOMEU, RT3072_1), 296 RUN_DEV(SITECOMEU, RT3072_2), 297 RUN_DEV(SITECOMEU, RT3072_3), 298 RUN_DEV(SITECOMEU, RT3072_4), 299 RUN_DEV(SITECOMEU, RT3072_5), 300 RUN_DEV(SITECOMEU, RT3072_6), 301 RUN_DEV(SITECOMEU, WL608), 302 RUN_DEV(SPARKLAN, RT2870_1), 303 RUN_DEV(SPARKLAN, RT3070), 304 RUN_DEV(SWEEX2, LW153), 305 RUN_DEV(SWEEX2, LW303), 306 RUN_DEV(SWEEX2, LW313), 307 RUN_DEV(TOSHIBA, RT3070), 308 RUN_DEV(UMEDIA, RT2870_1), 309 RUN_DEV(ZCOM, RT2870_1), 310 RUN_DEV(ZCOM, RT2870_2), 311 RUN_DEV(ZINWELL, RT2870_1), 312 RUN_DEV(ZINWELL, RT2870_2), 313 RUN_DEV(ZINWELL, RT3070), 314 RUN_DEV(ZINWELL, RT3072_1), 315 RUN_DEV(ZINWELL, RT3072_2), 316 RUN_DEV(ZYXEL, RT2870_1), 317 RUN_DEV(ZYXEL, RT2870_2), 318 RUN_DEV(ZYXEL, NWD2705), 319 RUN_DEV_EJECT(RALINK, RT_STOR), 320 #undef RUN_DEV_EJECT 321 #undef RUN_DEV 322 }; 323 324 static device_probe_t run_match; 325 static device_attach_t run_attach; 326 static device_detach_t run_detach; 327 328 static usb_callback_t run_bulk_rx_callback; 329 static usb_callback_t run_bulk_tx_callback0; 330 static usb_callback_t run_bulk_tx_callback1; 331 static usb_callback_t run_bulk_tx_callback2; 332 static usb_callback_t run_bulk_tx_callback3; 333 static usb_callback_t run_bulk_tx_callback4; 334 static usb_callback_t run_bulk_tx_callback5; 335 336 static void run_autoinst(void *, struct usb_device *, 337 struct usb_attach_arg *); 338 static int run_driver_loaded(struct module *, int, void *); 339 static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 340 usb_error_t error, u_int index); 341 static struct ieee80211vap *run_vap_create(struct ieee80211com *, 342 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 343 const uint8_t [IEEE80211_ADDR_LEN], 344 const uint8_t [IEEE80211_ADDR_LEN]); 345 static void run_vap_delete(struct ieee80211vap *); 346 static void run_cmdq_cb(void *, int); 347 static void run_setup_tx_list(struct run_softc *, 348 struct run_endpoint_queue *); 349 static void run_unsetup_tx_list(struct run_softc *, 350 struct run_endpoint_queue *); 351 static int run_load_microcode(struct run_softc *); 352 static int run_reset(struct run_softc *); 353 static usb_error_t run_do_request(struct run_softc *, 354 struct usb_device_request *, void *); 355 static int run_read(struct run_softc *, uint16_t, uint32_t *); 356 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 357 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 358 static int run_write(struct run_softc *, uint16_t, uint32_t); 359 static int run_write_region_1(struct run_softc *, uint16_t, 360 const uint8_t *, int); 361 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 362 static int run_rf3593_efuse_read_1(struct run_softc *, uint16_t, 363 uint16_t *); 364 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 365 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 366 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 367 static int run_rt2870_rf_write(struct run_softc *, uint32_t); 368 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 369 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 370 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 371 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 372 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 373 static const char *run_get_rf(uint16_t); 374 static void run_rt3593_get_txpower(struct run_softc *); 375 static void run_get_txpower(struct run_softc *); 376 static int run_read_eeprom(struct run_softc *); 377 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 378 const uint8_t mac[IEEE80211_ADDR_LEN]); 379 static int run_media_change(struct ifnet *); 380 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 381 static int run_wme_update(struct ieee80211com *); 382 static void run_wme_update_cb(void *); 383 static void run_key_update_begin(struct ieee80211vap *); 384 static void run_key_update_end(struct ieee80211vap *); 385 static void run_key_set_cb(void *); 386 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 387 const uint8_t mac[IEEE80211_ADDR_LEN]); 388 static void run_key_delete_cb(void *); 389 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 390 static void run_ratectl_to(void *); 391 static void run_ratectl_cb(void *, int); 392 static void run_drain_fifo(void *); 393 static void run_iter_func(void *, struct ieee80211_node *); 394 static void run_newassoc_cb(void *); 395 static void run_newassoc(struct ieee80211_node *, int); 396 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 397 static void run_tx_free(struct run_endpoint_queue *pq, 398 struct run_tx_data *, int); 399 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 400 static int run_tx(struct run_softc *, struct mbuf *, 401 struct ieee80211_node *); 402 static int run_tx_mgt(struct run_softc *, struct mbuf *, 403 struct ieee80211_node *); 404 static int run_sendprot(struct run_softc *, const struct mbuf *, 405 struct ieee80211_node *, int, int); 406 static int run_tx_param(struct run_softc *, struct mbuf *, 407 struct ieee80211_node *, 408 const struct ieee80211_bpf_params *); 409 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 410 const struct ieee80211_bpf_params *); 411 static void run_start(struct ifnet *); 412 static int run_ioctl(struct ifnet *, u_long, caddr_t); 413 static void run_iq_calib(struct run_softc *, u_int); 414 static void run_set_agc(struct run_softc *, uint8_t); 415 static void run_select_chan_group(struct run_softc *, int); 416 static void run_set_rx_antenna(struct run_softc *, int); 417 static void run_rt2870_set_chan(struct run_softc *, u_int); 418 static void run_rt3070_set_chan(struct run_softc *, u_int); 419 static void run_rt3572_set_chan(struct run_softc *, u_int); 420 static void run_rt3593_set_chan(struct run_softc *, u_int); 421 static void run_rt5390_set_chan(struct run_softc *, u_int); 422 static void run_rt5592_set_chan(struct run_softc *, u_int); 423 static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 424 static void run_set_channel(struct ieee80211com *); 425 static void run_scan_start(struct ieee80211com *); 426 static void run_scan_end(struct ieee80211com *); 427 static void run_update_beacon(struct ieee80211vap *, int); 428 static void run_update_beacon_cb(void *); 429 static void run_updateprot(struct ieee80211com *); 430 static void run_updateprot_cb(void *); 431 static void run_usb_timeout_cb(void *); 432 static void run_reset_livelock(struct run_softc *); 433 static void run_enable_tsf_sync(struct run_softc *); 434 static void run_enable_mrr(struct run_softc *); 435 static void run_set_txpreamble(struct run_softc *); 436 static void run_set_basicrates(struct run_softc *); 437 static void run_set_leds(struct run_softc *, uint16_t); 438 static void run_set_bssid(struct run_softc *, const uint8_t *); 439 static void run_set_macaddr(struct run_softc *, const uint8_t *); 440 static void run_updateslot(struct ifnet *); 441 static void run_updateslot_cb(void *); 442 static void run_update_mcast(struct ifnet *); 443 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 444 static void run_update_promisc_locked(struct ifnet *); 445 static void run_update_promisc(struct ifnet *); 446 static void run_rt5390_bbp_init(struct run_softc *); 447 static int run_bbp_init(struct run_softc *); 448 static int run_rt3070_rf_init(struct run_softc *); 449 static void run_rt3593_rf_init(struct run_softc *); 450 static void run_rt5390_rf_init(struct run_softc *); 451 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 452 uint8_t *); 453 static void run_rt3070_rf_setup(struct run_softc *); 454 static void run_rt3593_rf_setup(struct run_softc *); 455 static void run_rt5390_rf_setup(struct run_softc *); 456 static int run_txrx_enable(struct run_softc *); 457 static void run_adjust_freq_offset(struct run_softc *); 458 static void run_init(void *); 459 static void run_init_locked(struct run_softc *); 460 static void run_stop(void *); 461 static void run_delay(struct run_softc *, u_int); 462 463 static eventhandler_tag run_etag; 464 465 static const struct rt2860_rate { 466 uint8_t rate; 467 uint8_t mcs; 468 enum ieee80211_phytype phy; 469 uint8_t ctl_ridx; 470 uint16_t sp_ack_dur; 471 uint16_t lp_ack_dur; 472 } rt2860_rates[] = { 473 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 474 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 475 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 476 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 477 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 478 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 479 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 480 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 481 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 482 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 483 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 484 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 485 }; 486 487 static const struct { 488 uint16_t reg; 489 uint32_t val; 490 } rt2870_def_mac[] = { 491 RT2870_DEF_MAC 492 }; 493 494 static const struct { 495 uint8_t reg; 496 uint8_t val; 497 } rt2860_def_bbp[] = { 498 RT2860_DEF_BBP 499 },rt5390_def_bbp[] = { 500 RT5390_DEF_BBP 501 },rt5592_def_bbp[] = { 502 RT5592_DEF_BBP 503 }; 504 505 /* 506 * Default values for BBP register R196 for RT5592. 507 */ 508 static const uint8_t rt5592_bbp_r196[] = { 509 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 510 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 511 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 512 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 513 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 514 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 515 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 516 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 517 0x2e, 0x36, 0x30, 0x6e 518 }; 519 520 static const struct rfprog { 521 uint8_t chan; 522 uint32_t r1, r2, r3, r4; 523 } rt2860_rf2850[] = { 524 RT2860_RF2850 525 }; 526 527 struct { 528 uint8_t n, r, k; 529 } rt3070_freqs[] = { 530 RT3070_RF3052 531 }; 532 533 static const struct rt5592_freqs { 534 uint16_t n; 535 uint8_t k, m, r; 536 } rt5592_freqs_20mhz[] = { 537 RT5592_RF5592_20MHZ 538 },rt5592_freqs_40mhz[] = { 539 RT5592_RF5592_40MHZ 540 }; 541 542 static const struct { 543 uint8_t reg; 544 uint8_t val; 545 } rt3070_def_rf[] = { 546 RT3070_DEF_RF 547 },rt3572_def_rf[] = { 548 RT3572_DEF_RF 549 },rt3593_def_rf[] = { 550 RT3593_DEF_RF 551 },rt5390_def_rf[] = { 552 RT5390_DEF_RF 553 },rt5392_def_rf[] = { 554 RT5392_DEF_RF 555 },rt5592_def_rf[] = { 556 RT5592_DEF_RF 557 },rt5592_2ghz_def_rf[] = { 558 RT5592_2GHZ_DEF_RF 559 },rt5592_5ghz_def_rf[] = { 560 RT5592_5GHZ_DEF_RF 561 }; 562 563 static const struct { 564 u_int firstchan; 565 u_int lastchan; 566 uint8_t reg; 567 uint8_t val; 568 } rt5592_chan_5ghz[] = { 569 RT5592_CHAN_5GHZ 570 }; 571 572 static const struct usb_config run_config[RUN_N_XFER] = { 573 [RUN_BULK_TX_BE] = { 574 .type = UE_BULK, 575 .endpoint = UE_ADDR_ANY, 576 .ep_index = 0, 577 .direction = UE_DIR_OUT, 578 .bufsize = RUN_MAX_TXSZ, 579 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 580 .callback = run_bulk_tx_callback0, 581 .timeout = 5000, /* ms */ 582 }, 583 [RUN_BULK_TX_BK] = { 584 .type = UE_BULK, 585 .endpoint = UE_ADDR_ANY, 586 .direction = UE_DIR_OUT, 587 .ep_index = 1, 588 .bufsize = RUN_MAX_TXSZ, 589 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 590 .callback = run_bulk_tx_callback1, 591 .timeout = 5000, /* ms */ 592 }, 593 [RUN_BULK_TX_VI] = { 594 .type = UE_BULK, 595 .endpoint = UE_ADDR_ANY, 596 .direction = UE_DIR_OUT, 597 .ep_index = 2, 598 .bufsize = RUN_MAX_TXSZ, 599 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 600 .callback = run_bulk_tx_callback2, 601 .timeout = 5000, /* ms */ 602 }, 603 [RUN_BULK_TX_VO] = { 604 .type = UE_BULK, 605 .endpoint = UE_ADDR_ANY, 606 .direction = UE_DIR_OUT, 607 .ep_index = 3, 608 .bufsize = RUN_MAX_TXSZ, 609 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 610 .callback = run_bulk_tx_callback3, 611 .timeout = 5000, /* ms */ 612 }, 613 [RUN_BULK_TX_HCCA] = { 614 .type = UE_BULK, 615 .endpoint = UE_ADDR_ANY, 616 .direction = UE_DIR_OUT, 617 .ep_index = 4, 618 .bufsize = RUN_MAX_TXSZ, 619 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 620 .callback = run_bulk_tx_callback4, 621 .timeout = 5000, /* ms */ 622 }, 623 [RUN_BULK_TX_PRIO] = { 624 .type = UE_BULK, 625 .endpoint = UE_ADDR_ANY, 626 .direction = UE_DIR_OUT, 627 .ep_index = 5, 628 .bufsize = RUN_MAX_TXSZ, 629 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 630 .callback = run_bulk_tx_callback5, 631 .timeout = 5000, /* ms */ 632 }, 633 [RUN_BULK_RX] = { 634 .type = UE_BULK, 635 .endpoint = UE_ADDR_ANY, 636 .direction = UE_DIR_IN, 637 .bufsize = RUN_MAX_RXSZ, 638 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 639 .callback = run_bulk_rx_callback, 640 } 641 }; 642 643 static void 644 run_autoinst(void *arg, struct usb_device *udev, 645 struct usb_attach_arg *uaa) 646 { 647 struct usb_interface *iface; 648 struct usb_interface_descriptor *id; 649 650 if (uaa->dev_state != UAA_DEV_READY) 651 return; 652 653 iface = usbd_get_iface(udev, 0); 654 if (iface == NULL) 655 return; 656 id = iface->idesc; 657 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 658 return; 659 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 660 return; 661 662 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 663 uaa->dev_state = UAA_DEV_EJECTING; 664 } 665 666 static int 667 run_driver_loaded(struct module *mod, int what, void *arg) 668 { 669 switch (what) { 670 case MOD_LOAD: 671 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 672 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 673 break; 674 case MOD_UNLOAD: 675 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 676 break; 677 default: 678 return (EOPNOTSUPP); 679 } 680 return (0); 681 } 682 683 static int 684 run_match(device_t self) 685 { 686 struct usb_attach_arg *uaa = device_get_ivars(self); 687 688 if (uaa->usb_mode != USB_MODE_HOST) 689 return (ENXIO); 690 if (uaa->info.bConfigIndex != 0) 691 return (ENXIO); 692 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 693 return (ENXIO); 694 695 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 696 } 697 698 static int 699 run_attach(device_t self) 700 { 701 struct run_softc *sc = device_get_softc(self); 702 struct usb_attach_arg *uaa = device_get_ivars(self); 703 struct ieee80211com *ic; 704 struct ifnet *ifp; 705 uint32_t ver; 706 int ntries, error; 707 uint8_t iface_index, bands; 708 709 device_set_usb_desc(self); 710 sc->sc_udev = uaa->device; 711 sc->sc_dev = self; 712 713 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), 714 MTX_NETWORK_LOCK, MTX_DEF); 715 716 iface_index = RT2860_IFACE_INDEX; 717 718 error = usbd_transfer_setup(uaa->device, &iface_index, 719 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx); 720 if (error) { 721 device_printf(self, "could not allocate USB transfers, " 722 "err=%s\n", usbd_errstr(error)); 723 goto detach; 724 } 725 726 RUN_LOCK(sc); 727 728 /* wait for the chip to settle */ 729 for (ntries = 0; ntries < 100; ntries++) { 730 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 731 RUN_UNLOCK(sc); 732 goto detach; 733 } 734 if (ver != 0 && ver != 0xffffffff) 735 break; 736 run_delay(sc, 10); 737 } 738 if (ntries == 100) { 739 device_printf(sc->sc_dev, 740 "timeout waiting for NIC to initialize\n"); 741 RUN_UNLOCK(sc); 742 goto detach; 743 } 744 sc->mac_ver = ver >> 16; 745 sc->mac_rev = ver & 0xffff; 746 747 /* retrieve RF rev. no and various other things from EEPROM */ 748 run_read_eeprom(sc); 749 750 device_printf(sc->sc_dev, 751 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 752 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 753 sc->ntxchains, sc->nrxchains, ether_sprintf(sc->sc_bssid)); 754 755 RUN_UNLOCK(sc); 756 757 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 758 if (ifp == NULL) { 759 device_printf(sc->sc_dev, "can not if_alloc()\n"); 760 goto detach; 761 } 762 ic = ifp->if_l2com; 763 764 ifp->if_softc = sc; 765 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 766 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 767 ifp->if_init = run_init; 768 ifp->if_ioctl = run_ioctl; 769 ifp->if_start = run_start; 770 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 771 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 772 IFQ_SET_READY(&ifp->if_snd); 773 774 ic->ic_ifp = ifp; 775 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 776 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 777 778 /* set device capabilities */ 779 ic->ic_caps = 780 IEEE80211_C_STA | /* station mode supported */ 781 IEEE80211_C_MONITOR | /* monitor mode supported */ 782 IEEE80211_C_IBSS | 783 IEEE80211_C_HOSTAP | 784 IEEE80211_C_WDS | /* 4-address traffic works */ 785 IEEE80211_C_MBSS | 786 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 787 IEEE80211_C_SHSLOT | /* short slot time supported */ 788 IEEE80211_C_WME | /* WME */ 789 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 790 791 ic->ic_cryptocaps = 792 IEEE80211_CRYPTO_WEP | 793 IEEE80211_CRYPTO_AES_CCM | 794 IEEE80211_CRYPTO_TKIPMIC | 795 IEEE80211_CRYPTO_TKIP; 796 797 ic->ic_flags |= IEEE80211_F_DATAPAD; 798 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 799 800 bands = 0; 801 setbit(&bands, IEEE80211_MODE_11B); 802 setbit(&bands, IEEE80211_MODE_11G); 803 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 804 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 805 sc->rf_rev == RT5592_RF_5592) 806 setbit(&bands, IEEE80211_MODE_11A); 807 ieee80211_init_channels(ic, NULL, &bands); 808 809 ieee80211_ifattach(ic, sc->sc_bssid); 810 811 ic->ic_scan_start = run_scan_start; 812 ic->ic_scan_end = run_scan_end; 813 ic->ic_set_channel = run_set_channel; 814 ic->ic_node_alloc = run_node_alloc; 815 ic->ic_newassoc = run_newassoc; 816 ic->ic_updateslot = run_updateslot; 817 ic->ic_update_mcast = run_update_mcast; 818 ic->ic_wme.wme_update = run_wme_update; 819 ic->ic_raw_xmit = run_raw_xmit; 820 ic->ic_update_promisc = run_update_promisc; 821 822 ic->ic_vap_create = run_vap_create; 823 ic->ic_vap_delete = run_vap_delete; 824 825 ieee80211_radiotap_attach(ic, 826 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 827 RUN_TX_RADIOTAP_PRESENT, 828 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 829 RUN_RX_RADIOTAP_PRESENT); 830 831 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 832 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 833 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0); 834 835 if (bootverbose) 836 ieee80211_announce(ic); 837 838 return (0); 839 840 detach: 841 run_detach(self); 842 return (ENXIO); 843 } 844 845 static int 846 run_detach(device_t self) 847 { 848 struct run_softc *sc = device_get_softc(self); 849 struct ifnet *ifp = sc->sc_ifp; 850 struct ieee80211com *ic; 851 int i; 852 853 RUN_LOCK(sc); 854 sc->sc_detached = 1; 855 RUN_UNLOCK(sc); 856 857 /* stop all USB transfers */ 858 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 859 860 RUN_LOCK(sc); 861 sc->ratectl_run = RUN_RATECTL_OFF; 862 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 863 864 /* free TX list, if any */ 865 for (i = 0; i != RUN_EP_QUEUES; i++) 866 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 867 RUN_UNLOCK(sc); 868 869 if (ifp) { 870 ic = ifp->if_l2com; 871 /* drain tasks */ 872 usb_callout_drain(&sc->ratectl_ch); 873 ieee80211_draintask(ic, &sc->cmdq_task); 874 ieee80211_draintask(ic, &sc->ratectl_task); 875 ieee80211_ifdetach(ic); 876 if_free(ifp); 877 } 878 879 mtx_destroy(&sc->sc_mtx); 880 881 return (0); 882 } 883 884 static struct ieee80211vap * 885 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 886 enum ieee80211_opmode opmode, int flags, 887 const uint8_t bssid[IEEE80211_ADDR_LEN], 888 const uint8_t mac[IEEE80211_ADDR_LEN]) 889 { 890 struct ifnet *ifp = ic->ic_ifp; 891 struct run_softc *sc = ifp->if_softc; 892 struct run_vap *rvp; 893 struct ieee80211vap *vap; 894 int i; 895 896 if (sc->rvp_cnt >= RUN_VAP_MAX) { 897 if_printf(ifp, "number of VAPs maxed out\n"); 898 return (NULL); 899 } 900 901 switch (opmode) { 902 case IEEE80211_M_STA: 903 /* enable s/w bmiss handling for sta mode */ 904 flags |= IEEE80211_CLONE_NOBEACONS; 905 /* fall though */ 906 case IEEE80211_M_IBSS: 907 case IEEE80211_M_MONITOR: 908 case IEEE80211_M_HOSTAP: 909 case IEEE80211_M_MBSS: 910 /* other than WDS vaps, only one at a time */ 911 if (!TAILQ_EMPTY(&ic->ic_vaps)) 912 return (NULL); 913 break; 914 case IEEE80211_M_WDS: 915 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 916 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 917 continue; 918 /* WDS vap's always share the local mac address. */ 919 flags &= ~IEEE80211_CLONE_BSSID; 920 break; 921 } 922 if (vap == NULL) { 923 if_printf(ifp, "wds only supported in ap mode\n"); 924 return (NULL); 925 } 926 break; 927 default: 928 if_printf(ifp, "unknown opmode %d\n", opmode); 929 return (NULL); 930 } 931 932 rvp = (struct run_vap *) malloc(sizeof(struct run_vap), 933 M_80211_VAP, M_NOWAIT | M_ZERO); 934 if (rvp == NULL) 935 return (NULL); 936 vap = &rvp->vap; 937 938 if (ieee80211_vap_setup(ic, vap, name, unit, 939 opmode, flags, bssid, mac) != 0) { 940 /* out of memory */ 941 free(rvp, M_80211_VAP); 942 return (NULL); 943 } 944 945 vap->iv_key_update_begin = run_key_update_begin; 946 vap->iv_key_update_end = run_key_update_end; 947 vap->iv_update_beacon = run_update_beacon; 948 vap->iv_max_aid = RT2870_WCID_MAX; 949 /* 950 * To delete the right key from h/w, we need wcid. 951 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 952 * and matching wcid will be written into there. So, cast 953 * some spells to remove 'const' from ieee80211_key{} 954 */ 955 vap->iv_key_delete = (void *)run_key_delete; 956 vap->iv_key_set = (void *)run_key_set; 957 958 /* override state transition machine */ 959 rvp->newstate = vap->iv_newstate; 960 vap->iv_newstate = run_newstate; 961 962 ieee80211_ratectl_init(vap); 963 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 964 965 /* complete setup */ 966 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 967 968 /* make sure id is always unique */ 969 for (i = 0; i < RUN_VAP_MAX; i++) { 970 if((sc->rvp_bmap & 1 << i) == 0){ 971 sc->rvp_bmap |= 1 << i; 972 rvp->rvp_id = i; 973 break; 974 } 975 } 976 if (sc->rvp_cnt++ == 0) 977 ic->ic_opmode = opmode; 978 979 if (opmode == IEEE80211_M_HOSTAP) 980 sc->cmdq_run = RUN_CMDQ_GO; 981 982 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 983 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 984 985 return (vap); 986 } 987 988 static void 989 run_vap_delete(struct ieee80211vap *vap) 990 { 991 struct run_vap *rvp = RUN_VAP(vap); 992 struct ifnet *ifp; 993 struct ieee80211com *ic; 994 struct run_softc *sc; 995 uint8_t rvp_id; 996 997 if (vap == NULL) 998 return; 999 1000 ic = vap->iv_ic; 1001 ifp = ic->ic_ifp; 1002 1003 sc = ifp->if_softc; 1004 1005 RUN_LOCK(sc); 1006 1007 m_freem(rvp->beacon_mbuf); 1008 rvp->beacon_mbuf = NULL; 1009 1010 rvp_id = rvp->rvp_id; 1011 sc->ratectl_run &= ~(1 << rvp_id); 1012 sc->rvp_bmap &= ~(1 << rvp_id); 1013 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1014 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1015 --sc->rvp_cnt; 1016 1017 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1018 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1019 1020 RUN_UNLOCK(sc); 1021 1022 ieee80211_ratectl_deinit(vap); 1023 ieee80211_vap_detach(vap); 1024 free(rvp, M_80211_VAP); 1025 } 1026 1027 /* 1028 * There are numbers of functions need to be called in context thread. 1029 * Rather than creating taskqueue event for each of those functions, 1030 * here is all-for-one taskqueue callback function. This function 1031 * gurantees deferred functions are executed in the same order they 1032 * were enqueued. 1033 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1034 */ 1035 static void 1036 run_cmdq_cb(void *arg, int pending) 1037 { 1038 struct run_softc *sc = arg; 1039 uint8_t i; 1040 1041 /* call cmdq[].func locked */ 1042 RUN_LOCK(sc); 1043 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1044 i = sc->cmdq_exec, pending--) { 1045 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1046 if (sc->cmdq_run == RUN_CMDQ_GO) { 1047 /* 1048 * If arg0 is NULL, callback func needs more 1049 * than one arg. So, pass ptr to cmdq struct. 1050 */ 1051 if (sc->cmdq[i].arg0) 1052 sc->cmdq[i].func(sc->cmdq[i].arg0); 1053 else 1054 sc->cmdq[i].func(&sc->cmdq[i]); 1055 } 1056 sc->cmdq[i].arg0 = NULL; 1057 sc->cmdq[i].func = NULL; 1058 sc->cmdq_exec++; 1059 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1060 } 1061 RUN_UNLOCK(sc); 1062 } 1063 1064 static void 1065 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1066 { 1067 struct run_tx_data *data; 1068 1069 memset(pq, 0, sizeof(*pq)); 1070 1071 STAILQ_INIT(&pq->tx_qh); 1072 STAILQ_INIT(&pq->tx_fh); 1073 1074 for (data = &pq->tx_data[0]; 1075 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1076 data->sc = sc; 1077 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1078 } 1079 pq->tx_nfree = RUN_TX_RING_COUNT; 1080 } 1081 1082 static void 1083 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1084 { 1085 struct run_tx_data *data; 1086 1087 /* make sure any subsequent use of the queues will fail */ 1088 pq->tx_nfree = 0; 1089 STAILQ_INIT(&pq->tx_fh); 1090 STAILQ_INIT(&pq->tx_qh); 1091 1092 /* free up all node references and mbufs */ 1093 for (data = &pq->tx_data[0]; 1094 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1095 if (data->m != NULL) { 1096 m_freem(data->m); 1097 data->m = NULL; 1098 } 1099 if (data->ni != NULL) { 1100 ieee80211_free_node(data->ni); 1101 data->ni = NULL; 1102 } 1103 } 1104 } 1105 1106 static int 1107 run_load_microcode(struct run_softc *sc) 1108 { 1109 usb_device_request_t req; 1110 const struct firmware *fw; 1111 const u_char *base; 1112 uint32_t tmp; 1113 int ntries, error; 1114 const uint64_t *temp; 1115 uint64_t bytes; 1116 1117 RUN_UNLOCK(sc); 1118 fw = firmware_get("runfw"); 1119 RUN_LOCK(sc); 1120 if (fw == NULL) { 1121 device_printf(sc->sc_dev, 1122 "failed loadfirmware of file %s\n", "runfw"); 1123 return ENOENT; 1124 } 1125 1126 if (fw->datasize != 8192) { 1127 device_printf(sc->sc_dev, 1128 "invalid firmware size (should be 8KB)\n"); 1129 error = EINVAL; 1130 goto fail; 1131 } 1132 1133 /* 1134 * RT3071/RT3072 use a different firmware 1135 * run-rt2870 (8KB) contains both, 1136 * first half (4KB) is for rt2870, 1137 * last half is for rt3071. 1138 */ 1139 base = fw->data; 1140 if ((sc->mac_ver) != 0x2860 && 1141 (sc->mac_ver) != 0x2872 && 1142 (sc->mac_ver) != 0x3070) { 1143 base += 4096; 1144 } 1145 1146 /* cheap sanity check */ 1147 temp = fw->data; 1148 bytes = *temp; 1149 if (bytes != be64toh(0xffffff0210280210ULL)) { 1150 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1151 error = EINVAL; 1152 goto fail; 1153 } 1154 1155 /* write microcode image */ 1156 if (sc->mac_ver != 0x3593) { 1157 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1158 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1159 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1160 } 1161 1162 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1163 req.bRequest = RT2870_RESET; 1164 USETW(req.wValue, 8); 1165 USETW(req.wIndex, 0); 1166 USETW(req.wLength, 0); 1167 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) 1168 != 0) { 1169 device_printf(sc->sc_dev, "firmware reset failed\n"); 1170 goto fail; 1171 } 1172 1173 run_delay(sc, 10); 1174 1175 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1176 run_write(sc, RT2860_H2M_MAILBOX, 0); 1177 run_write(sc, RT2860_H2M_INTSRC, 0); 1178 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1179 goto fail; 1180 1181 /* wait until microcontroller is ready */ 1182 for (ntries = 0; ntries < 1000; ntries++) { 1183 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1184 goto fail; 1185 if (tmp & RT2860_MCU_READY) 1186 break; 1187 run_delay(sc, 10); 1188 } 1189 if (ntries == 1000) { 1190 device_printf(sc->sc_dev, 1191 "timeout waiting for MCU to initialize\n"); 1192 error = ETIMEDOUT; 1193 goto fail; 1194 } 1195 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1196 (base == fw->data) ? "RT2870" : "RT3071", 1197 *(base + 4092), *(base + 4093)); 1198 1199 fail: 1200 firmware_put(fw, FIRMWARE_UNLOAD); 1201 return (error); 1202 } 1203 1204 static int 1205 run_reset(struct run_softc *sc) 1206 { 1207 usb_device_request_t req; 1208 1209 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1210 req.bRequest = RT2870_RESET; 1211 USETW(req.wValue, 1); 1212 USETW(req.wIndex, 0); 1213 USETW(req.wLength, 0); 1214 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)); 1215 } 1216 1217 static usb_error_t 1218 run_do_request(struct run_softc *sc, 1219 struct usb_device_request *req, void *data) 1220 { 1221 usb_error_t err; 1222 int ntries = 10; 1223 1224 RUN_LOCK_ASSERT(sc, MA_OWNED); 1225 1226 while (ntries--) { 1227 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 1228 req, data, 0, NULL, 250 /* ms */); 1229 if (err == 0) 1230 break; 1231 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1232 usbd_errstr(err)); 1233 run_delay(sc, 10); 1234 } 1235 return (err); 1236 } 1237 1238 static int 1239 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1240 { 1241 uint32_t tmp; 1242 int error; 1243 1244 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1245 if (error == 0) 1246 *val = le32toh(tmp); 1247 else 1248 *val = 0xffffffff; 1249 return (error); 1250 } 1251 1252 static int 1253 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1254 { 1255 usb_device_request_t req; 1256 1257 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1258 req.bRequest = RT2870_READ_REGION_1; 1259 USETW(req.wValue, 0); 1260 USETW(req.wIndex, reg); 1261 USETW(req.wLength, len); 1262 1263 return (run_do_request(sc, &req, buf)); 1264 } 1265 1266 static int 1267 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1268 { 1269 usb_device_request_t req; 1270 1271 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1272 req.bRequest = RT2870_WRITE_2; 1273 USETW(req.wValue, val); 1274 USETW(req.wIndex, reg); 1275 USETW(req.wLength, 0); 1276 1277 return (run_do_request(sc, &req, NULL)); 1278 } 1279 1280 static int 1281 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1282 { 1283 int error; 1284 1285 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1286 error = run_write_2(sc, reg + 2, val >> 16); 1287 return (error); 1288 } 1289 1290 static int 1291 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1292 int len) 1293 { 1294 #if 1 1295 int i, error = 0; 1296 /* 1297 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1298 * We thus issue multiple WRITE_2 commands instead. 1299 */ 1300 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1301 for (i = 0; i < len && error == 0; i += 2) 1302 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1303 return (error); 1304 #else 1305 usb_device_request_t req; 1306 int error = 0; 1307 1308 /* 1309 * NOTE: It appears the WRITE_REGION_1 command cannot be 1310 * passed a huge amount of data, which will crash the 1311 * firmware. Limit amount of data passed to 64-bytes at a 1312 * time. 1313 */ 1314 while (len > 0) { 1315 int delta = 64; 1316 if (delta > len) 1317 delta = len; 1318 1319 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1320 req.bRequest = RT2870_WRITE_REGION_1; 1321 USETW(req.wValue, 0); 1322 USETW(req.wIndex, reg); 1323 USETW(req.wLength, delta); 1324 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1325 if (error != 0) 1326 break; 1327 reg += delta; 1328 buf += delta; 1329 len -= delta; 1330 } 1331 return (error); 1332 #endif 1333 } 1334 1335 static int 1336 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1337 { 1338 int i, error = 0; 1339 1340 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1341 for (i = 0; i < len && error == 0; i += 4) 1342 error = run_write(sc, reg + i, val); 1343 return (error); 1344 } 1345 1346 static int 1347 run_rf3593_efuse_read_1(struct run_softc *sc, uint16_t addr, uint16_t *val) 1348 { 1349 return (run_efuse_read(sc, addr * 2, val, 1)); 1350 } 1351 1352 static int 1353 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1354 { 1355 uint32_t tmp; 1356 uint16_t reg; 1357 int error, ntries; 1358 1359 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1360 return (error); 1361 1362 if (count == 2) 1363 addr *= 2; 1364 /*- 1365 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1366 * DATA0: F E D C 1367 * DATA1: B A 9 8 1368 * DATA2: 7 6 5 4 1369 * DATA3: 3 2 1 0 1370 */ 1371 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1372 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1373 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1374 for (ntries = 0; ntries < 100; ntries++) { 1375 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1376 return (error); 1377 if (!(tmp & RT3070_EFSROM_KICK)) 1378 break; 1379 run_delay(sc, 2); 1380 } 1381 if (ntries == 100) 1382 return (ETIMEDOUT); 1383 1384 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1385 *val = 0xffff; /* address not found */ 1386 return (0); 1387 } 1388 /* determine to which 32-bit register our 16-bit word belongs */ 1389 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1390 if ((error = run_read(sc, reg, &tmp)) != 0) 1391 return (error); 1392 1393 if (count == 2) 1394 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1395 else { 1396 tmp >>= (8 *(addr & 0x3)); 1397 memmove(val, &tmp, sizeof(*val)); 1398 } 1399 return (0); 1400 } 1401 1402 /* Read 16-bit from eFUSE ROM (RT3070 only.) */ 1403 static int 1404 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1405 { 1406 return (run_efuse_read(sc, addr, val, 2)); 1407 } 1408 1409 static int 1410 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1411 { 1412 usb_device_request_t req; 1413 uint16_t tmp; 1414 int error; 1415 1416 addr *= 2; 1417 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1418 req.bRequest = RT2870_EEPROM_READ; 1419 USETW(req.wValue, 0); 1420 USETW(req.wIndex, addr); 1421 USETW(req.wLength, sizeof(tmp)); 1422 1423 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp); 1424 if (error == 0) 1425 *val = le16toh(tmp); 1426 else 1427 *val = 0xffff; 1428 return (error); 1429 } 1430 1431 static __inline int 1432 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1433 { 1434 /* either eFUSE ROM or EEPROM */ 1435 return sc->sc_srom_read(sc, addr, val); 1436 } 1437 1438 static int 1439 run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1440 { 1441 uint32_t tmp; 1442 int error, ntries; 1443 1444 for (ntries = 0; ntries < 10; ntries++) { 1445 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1446 return (error); 1447 if (!(tmp & RT2860_RF_REG_CTRL)) 1448 break; 1449 } 1450 if (ntries == 10) 1451 return (ETIMEDOUT); 1452 1453 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1454 } 1455 1456 static int 1457 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1458 { 1459 uint32_t tmp; 1460 int error, ntries; 1461 1462 for (ntries = 0; ntries < 100; ntries++) { 1463 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1464 return (error); 1465 if (!(tmp & RT3070_RF_KICK)) 1466 break; 1467 } 1468 if (ntries == 100) 1469 return (ETIMEDOUT); 1470 1471 tmp = RT3070_RF_KICK | reg << 8; 1472 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1473 return (error); 1474 1475 for (ntries = 0; ntries < 100; ntries++) { 1476 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1477 return (error); 1478 if (!(tmp & RT3070_RF_KICK)) 1479 break; 1480 } 1481 if (ntries == 100) 1482 return (ETIMEDOUT); 1483 1484 *val = tmp & 0xff; 1485 return (0); 1486 } 1487 1488 static int 1489 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1490 { 1491 uint32_t tmp; 1492 int error, ntries; 1493 1494 for (ntries = 0; ntries < 10; ntries++) { 1495 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1496 return (error); 1497 if (!(tmp & RT3070_RF_KICK)) 1498 break; 1499 } 1500 if (ntries == 10) 1501 return (ETIMEDOUT); 1502 1503 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1504 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1505 } 1506 1507 static int 1508 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1509 { 1510 uint32_t tmp; 1511 int ntries, error; 1512 1513 for (ntries = 0; ntries < 10; ntries++) { 1514 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1515 return (error); 1516 if (!(tmp & RT2860_BBP_CSR_KICK)) 1517 break; 1518 } 1519 if (ntries == 10) 1520 return (ETIMEDOUT); 1521 1522 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1523 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1524 return (error); 1525 1526 for (ntries = 0; ntries < 10; ntries++) { 1527 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1528 return (error); 1529 if (!(tmp & RT2860_BBP_CSR_KICK)) 1530 break; 1531 } 1532 if (ntries == 10) 1533 return (ETIMEDOUT); 1534 1535 *val = tmp & 0xff; 1536 return (0); 1537 } 1538 1539 static int 1540 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1541 { 1542 uint32_t tmp; 1543 int ntries, error; 1544 1545 for (ntries = 0; ntries < 10; ntries++) { 1546 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1547 return (error); 1548 if (!(tmp & RT2860_BBP_CSR_KICK)) 1549 break; 1550 } 1551 if (ntries == 10) 1552 return (ETIMEDOUT); 1553 1554 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1555 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1556 } 1557 1558 /* 1559 * Send a command to the 8051 microcontroller unit. 1560 */ 1561 static int 1562 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1563 { 1564 uint32_t tmp; 1565 int error, ntries; 1566 1567 for (ntries = 0; ntries < 100; ntries++) { 1568 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1569 return error; 1570 if (!(tmp & RT2860_H2M_BUSY)) 1571 break; 1572 } 1573 if (ntries == 100) 1574 return ETIMEDOUT; 1575 1576 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1577 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1578 error = run_write(sc, RT2860_HOST_CMD, cmd); 1579 return (error); 1580 } 1581 1582 /* 1583 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1584 * Used to adjust per-rate Tx power registers. 1585 */ 1586 static __inline uint32_t 1587 b4inc(uint32_t b32, int8_t delta) 1588 { 1589 int8_t i, b4; 1590 1591 for (i = 0; i < 8; i++) { 1592 b4 = b32 & 0xf; 1593 b4 += delta; 1594 if (b4 < 0) 1595 b4 = 0; 1596 else if (b4 > 0xf) 1597 b4 = 0xf; 1598 b32 = b32 >> 4 | b4 << 28; 1599 } 1600 return (b32); 1601 } 1602 1603 static const char * 1604 run_get_rf(uint16_t rev) 1605 { 1606 switch (rev) { 1607 case RT2860_RF_2820: return "RT2820"; 1608 case RT2860_RF_2850: return "RT2850"; 1609 case RT2860_RF_2720: return "RT2720"; 1610 case RT2860_RF_2750: return "RT2750"; 1611 case RT3070_RF_3020: return "RT3020"; 1612 case RT3070_RF_2020: return "RT2020"; 1613 case RT3070_RF_3021: return "RT3021"; 1614 case RT3070_RF_3022: return "RT3022"; 1615 case RT3070_RF_3052: return "RT3052"; 1616 case RT3593_RF_3053: return "RT3053"; 1617 case RT5592_RF_5592: return "RT5592"; 1618 case RT5390_RF_5370: return "RT5370"; 1619 case RT5390_RF_5372: return "RT5372"; 1620 } 1621 return ("unknown"); 1622 } 1623 1624 static void 1625 run_rt3593_get_txpower(struct run_softc *sc) 1626 { 1627 uint16_t addr, val; 1628 int i; 1629 1630 /* Read power settings for 2GHz channels. */ 1631 for (i = 0; i < 14; i += 2) { 1632 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1633 RT2860_EEPROM_PWR2GHZ_BASE1; 1634 run_srom_read(sc, addr + i / 2, &val); 1635 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1636 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1637 1638 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1639 RT2860_EEPROM_PWR2GHZ_BASE2; 1640 run_srom_read(sc, addr + i / 2, &val); 1641 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1642 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1643 1644 if (sc->ntxchains == 3) { 1645 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1646 &val); 1647 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1648 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1649 } 1650 } 1651 /* Fix broken Tx power entries. */ 1652 for (i = 0; i < 14; i++) { 1653 if ((sc->txpow1[i] & 0x1f) > 31) 1654 sc->txpow1[i] = 5; 1655 if ((sc->txpow2[i] & 0x1f) > 31) 1656 sc->txpow2[i] = 5; 1657 if (sc->ntxchains == 3) { 1658 if ((sc->txpow3[i] & 0x1f) > 31) 1659 sc->txpow3[i] = 5; 1660 } 1661 } 1662 /* Read power settings for 5GHz channels. */ 1663 for (i = 0; i < 40; i += 2) { 1664 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1665 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1666 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1667 1668 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1669 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1670 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1671 1672 if (sc->ntxchains == 3) { 1673 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1674 &val); 1675 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1676 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1677 } 1678 } 1679 } 1680 1681 static void 1682 run_get_txpower(struct run_softc *sc) 1683 { 1684 uint16_t val; 1685 int i; 1686 1687 /* Read power settings for 2GHz channels. */ 1688 for (i = 0; i < 14; i += 2) { 1689 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1690 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1691 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1692 1693 if (sc->mac_ver != 0x5390) { 1694 run_srom_read(sc, 1695 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1696 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1697 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1698 } 1699 } 1700 /* Fix broken Tx power entries. */ 1701 for (i = 0; i < 14; i++) { 1702 if (sc->mac_ver >= 0x5390) { 1703 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1704 sc->txpow1[i] = 5; 1705 } else { 1706 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1707 sc->txpow1[i] = 5; 1708 } 1709 if (sc->mac_ver > 0x5390) { 1710 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1711 sc->txpow2[i] = 5; 1712 } else if (sc->mac_ver < 0x5390) { 1713 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1714 sc->txpow2[i] = 5; 1715 } 1716 DPRINTF("chan %d: power1=%d, power2=%d\n", 1717 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1718 } 1719 /* Read power settings for 5GHz channels. */ 1720 for (i = 0; i < 40; i += 2) { 1721 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1722 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1723 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1724 1725 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1726 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1727 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1728 } 1729 /* Fix broken Tx power entries. */ 1730 for (i = 0; i < 40; i++ ) { 1731 if (sc->mac_ver != 0x5592) { 1732 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1733 sc->txpow1[14 + i] = 5; 1734 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1735 sc->txpow2[14 + i] = 5; 1736 } 1737 DPRINTF("chan %d: power1=%d, power2=%d\n", 1738 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1739 sc->txpow2[14 + i]); 1740 } 1741 } 1742 1743 static int 1744 run_read_eeprom(struct run_softc *sc) 1745 { 1746 int8_t delta_2ghz, delta_5ghz; 1747 uint32_t tmp; 1748 uint16_t val; 1749 int ridx, ant, i; 1750 1751 /* check whether the ROM is eFUSE ROM or EEPROM */ 1752 sc->sc_srom_read = run_eeprom_read_2; 1753 if (sc->mac_ver >= 0x3070) { 1754 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1755 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1756 if ((tmp & RT3070_SEL_EFUSE) && sc->mac_ver != 0x3593) 1757 sc->sc_srom_read = run_efuse_read_2; 1758 else 1759 sc->sc_srom_read = run_rf3593_efuse_read_1; 1760 } 1761 1762 /* read ROM version */ 1763 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1764 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1765 1766 /* read MAC address */ 1767 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1768 sc->sc_bssid[0] = val & 0xff; 1769 sc->sc_bssid[1] = val >> 8; 1770 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1771 sc->sc_bssid[2] = val & 0xff; 1772 sc->sc_bssid[3] = val >> 8; 1773 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1774 sc->sc_bssid[4] = val & 0xff; 1775 sc->sc_bssid[5] = val >> 8; 1776 1777 if (sc->mac_ver < 0x3593) { 1778 /* read vender BBP settings */ 1779 for (i = 0; i < 10; i++) { 1780 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1781 sc->bbp[i].val = val & 0xff; 1782 sc->bbp[i].reg = val >> 8; 1783 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1784 sc->bbp[i].val); 1785 } 1786 if (sc->mac_ver >= 0x3071) { 1787 /* read vendor RF settings */ 1788 for (i = 0; i < 10; i++) { 1789 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1790 &val); 1791 sc->rf[i].val = val & 0xff; 1792 sc->rf[i].reg = val >> 8; 1793 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1794 sc->rf[i].val); 1795 } 1796 } 1797 } 1798 1799 /* read RF frequency offset from EEPROM */ 1800 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1801 RT3593_EEPROM_FREQ, &val); 1802 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1803 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1804 1805 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1806 RT3593_EEPROM_FREQ_LEDS, &val); 1807 if (val >> 8 != 0xff) { 1808 /* read LEDs operating mode */ 1809 sc->leds = val >> 8; 1810 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1811 RT3593_EEPROM_LED1, &sc->led[0]); 1812 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1813 RT3593_EEPROM_LED2, &sc->led[1]); 1814 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1815 RT3593_EEPROM_LED3, &sc->led[2]); 1816 } else { 1817 /* broken EEPROM, use default settings */ 1818 sc->leds = 0x01; 1819 sc->led[0] = 0x5555; 1820 sc->led[1] = 0x2221; 1821 sc->led[2] = 0x5627; /* differs from RT2860 */ 1822 } 1823 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1824 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1825 1826 /* read RF information */ 1827 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1828 run_srom_read(sc, 0x00, &val); 1829 else 1830 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1831 1832 if (val == 0xffff) { 1833 device_printf(sc->sc_dev, 1834 "invalid EEPROM antenna info, using default\n"); 1835 DPRINTF("invalid EEPROM antenna info, using default\n"); 1836 if (sc->mac_ver == 0x3572) { 1837 /* default to RF3052 2T2R */ 1838 sc->rf_rev = RT3070_RF_3052; 1839 sc->ntxchains = 2; 1840 sc->nrxchains = 2; 1841 } else if (sc->mac_ver >= 0x3070) { 1842 /* default to RF3020 1T1R */ 1843 sc->rf_rev = RT3070_RF_3020; 1844 sc->ntxchains = 1; 1845 sc->nrxchains = 1; 1846 } else { 1847 /* default to RF2820 1T2R */ 1848 sc->rf_rev = RT2860_RF_2820; 1849 sc->ntxchains = 1; 1850 sc->nrxchains = 2; 1851 } 1852 } else { 1853 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1854 sc->rf_rev = val; 1855 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1856 } else 1857 sc->rf_rev = (val >> 8) & 0xf; 1858 sc->ntxchains = (val >> 4) & 0xf; 1859 sc->nrxchains = val & 0xf; 1860 } 1861 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1862 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1863 1864 /* check if RF supports automatic Tx access gain control */ 1865 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1866 DPRINTF("EEPROM CFG 0x%04x\n", val); 1867 /* check if driver should patch the DAC issue */ 1868 if ((val >> 8) != 0xff) 1869 sc->patch_dac = (val >> 15) & 1; 1870 if ((val & 0xff) != 0xff) { 1871 sc->ext_5ghz_lna = (val >> 3) & 1; 1872 sc->ext_2ghz_lna = (val >> 2) & 1; 1873 /* check if RF supports automatic Tx access gain control */ 1874 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1875 /* check if we have a hardware radio switch */ 1876 sc->rfswitch = val & 1; 1877 } 1878 1879 /* Read Tx power settings. */ 1880 if (sc->mac_ver == 0x3593) 1881 run_rt3593_get_txpower(sc); 1882 else 1883 run_get_txpower(sc); 1884 1885 /* read Tx power compensation for each Tx rate */ 1886 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1887 delta_2ghz = delta_5ghz = 0; 1888 if ((val & 0xff) != 0xff && (val & 0x80)) { 1889 delta_2ghz = val & 0xf; 1890 if (!(val & 0x40)) /* negative number */ 1891 delta_2ghz = -delta_2ghz; 1892 } 1893 val >>= 8; 1894 if ((val & 0xff) != 0xff && (val & 0x80)) { 1895 delta_5ghz = val & 0xf; 1896 if (!(val & 0x40)) /* negative number */ 1897 delta_5ghz = -delta_5ghz; 1898 } 1899 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1900 delta_2ghz, delta_5ghz); 1901 1902 for (ridx = 0; ridx < 5; ridx++) { 1903 uint32_t reg; 1904 1905 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1906 reg = val; 1907 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1908 reg |= (uint32_t)val << 16; 1909 1910 sc->txpow20mhz[ridx] = reg; 1911 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1912 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1913 1914 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1915 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1916 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1917 } 1918 1919 /* Read RSSI offsets and LNA gains from EEPROM. */ 1920 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1921 RT3593_EEPROM_RSSI1_2GHZ, &val); 1922 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1923 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1924 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1925 RT3593_EEPROM_RSSI2_2GHZ, &val); 1926 if (sc->mac_ver >= 0x3070) { 1927 if (sc->mac_ver == 0x3593) { 1928 sc->txmixgain_2ghz = 0; 1929 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1930 } else { 1931 /* 1932 * On RT3070 chips (limited to 2 Rx chains), this ROM 1933 * field contains the Tx mixer gain for the 2GHz band. 1934 */ 1935 if ((val & 0xff) != 0xff) 1936 sc->txmixgain_2ghz = val & 0x7; 1937 } 1938 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1939 } else 1940 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1941 if (sc->mac_ver == 0x3593) 1942 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1943 sc->lna[2] = val >> 8; /* channel group 2 */ 1944 1945 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1946 RT3593_EEPROM_RSSI1_5GHZ, &val); 1947 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1948 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1949 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1950 RT3593_EEPROM_RSSI2_5GHZ, &val); 1951 if (sc->mac_ver == 0x3572) { 1952 /* 1953 * On RT3572 chips (limited to 2 Rx chains), this ROM 1954 * field contains the Tx mixer gain for the 5GHz band. 1955 */ 1956 if ((val & 0xff) != 0xff) 1957 sc->txmixgain_5ghz = val & 0x7; 1958 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1959 } else 1960 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1961 if (sc->mac_ver == 0x3593) { 1962 sc->txmixgain_5ghz = 0; 1963 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1964 } 1965 sc->lna[3] = val >> 8; /* channel group 3 */ 1966 1967 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1968 RT3593_EEPROM_LNA, &val); 1969 sc->lna[0] = val & 0xff; /* channel group 0 */ 1970 sc->lna[1] = val >> 8; /* channel group 1 */ 1971 1972 /* fix broken 5GHz LNA entries */ 1973 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1974 DPRINTF("invalid LNA for channel group %d\n", 2); 1975 sc->lna[2] = sc->lna[1]; 1976 } 1977 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1978 DPRINTF("invalid LNA for channel group %d\n", 3); 1979 sc->lna[3] = sc->lna[1]; 1980 } 1981 1982 /* fix broken RSSI offset entries */ 1983 for (ant = 0; ant < 3; ant++) { 1984 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1985 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1986 ant + 1, sc->rssi_2ghz[ant]); 1987 sc->rssi_2ghz[ant] = 0; 1988 } 1989 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1990 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1991 ant + 1, sc->rssi_5ghz[ant]); 1992 sc->rssi_5ghz[ant] = 0; 1993 } 1994 } 1995 return (0); 1996 } 1997 1998 static struct ieee80211_node * 1999 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 2000 { 2001 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 2002 } 2003 2004 static int 2005 run_media_change(struct ifnet *ifp) 2006 { 2007 struct ieee80211vap *vap = ifp->if_softc; 2008 struct ieee80211com *ic = vap->iv_ic; 2009 const struct ieee80211_txparam *tp; 2010 struct run_softc *sc = ic->ic_ifp->if_softc; 2011 uint8_t rate, ridx; 2012 int error; 2013 2014 RUN_LOCK(sc); 2015 2016 error = ieee80211_media_change(ifp); 2017 if (error != ENETRESET) { 2018 RUN_UNLOCK(sc); 2019 return (error); 2020 } 2021 2022 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2023 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2024 struct ieee80211_node *ni; 2025 struct run_node *rn; 2026 2027 rate = ic->ic_sup_rates[ic->ic_curmode]. 2028 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2029 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2030 if (rt2860_rates[ridx].rate == rate) 2031 break; 2032 ni = ieee80211_ref_node(vap->iv_bss); 2033 rn = (struct run_node *)ni; 2034 rn->fix_ridx = ridx; 2035 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2036 ieee80211_free_node(ni); 2037 } 2038 2039 #if 0 2040 if ((ifp->if_flags & IFF_UP) && 2041 (ifp->if_drv_flags & IFF_DRV_RUNNING)){ 2042 run_init_locked(sc); 2043 } 2044 #endif 2045 2046 RUN_UNLOCK(sc); 2047 2048 return (0); 2049 } 2050 2051 static int 2052 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2053 { 2054 const struct ieee80211_txparam *tp; 2055 struct ieee80211com *ic = vap->iv_ic; 2056 struct run_softc *sc = ic->ic_ifp->if_softc; 2057 struct run_vap *rvp = RUN_VAP(vap); 2058 enum ieee80211_state ostate; 2059 uint32_t sta[3]; 2060 uint32_t tmp; 2061 uint8_t ratectl; 2062 uint8_t restart_ratectl = 0; 2063 uint8_t bid = 1 << rvp->rvp_id; 2064 2065 ostate = vap->iv_state; 2066 DPRINTF("%s -> %s\n", 2067 ieee80211_state_name[ostate], 2068 ieee80211_state_name[nstate]); 2069 2070 IEEE80211_UNLOCK(ic); 2071 RUN_LOCK(sc); 2072 2073 ratectl = sc->ratectl_run; /* remember current state */ 2074 sc->ratectl_run = RUN_RATECTL_OFF; 2075 usb_callout_stop(&sc->ratectl_ch); 2076 2077 if (ostate == IEEE80211_S_RUN) { 2078 /* turn link LED off */ 2079 run_set_leds(sc, RT2860_LED_RADIO); 2080 } 2081 2082 switch (nstate) { 2083 case IEEE80211_S_INIT: 2084 restart_ratectl = 1; 2085 2086 if (ostate != IEEE80211_S_RUN) 2087 break; 2088 2089 ratectl &= ~bid; 2090 sc->runbmap &= ~bid; 2091 2092 /* abort TSF synchronization if there is no vap running */ 2093 if (--sc->running == 0) { 2094 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2095 run_write(sc, RT2860_BCN_TIME_CFG, 2096 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2097 RT2860_TBTT_TIMER_EN)); 2098 } 2099 break; 2100 2101 case IEEE80211_S_RUN: 2102 if (!(sc->runbmap & bid)) { 2103 if(sc->running++) 2104 restart_ratectl = 1; 2105 sc->runbmap |= bid; 2106 } 2107 2108 m_freem(rvp->beacon_mbuf); 2109 rvp->beacon_mbuf = NULL; 2110 2111 switch (vap->iv_opmode) { 2112 case IEEE80211_M_HOSTAP: 2113 case IEEE80211_M_MBSS: 2114 sc->ap_running |= bid; 2115 ic->ic_opmode = vap->iv_opmode; 2116 run_update_beacon_cb(vap); 2117 break; 2118 case IEEE80211_M_IBSS: 2119 sc->adhoc_running |= bid; 2120 if (!sc->ap_running) 2121 ic->ic_opmode = vap->iv_opmode; 2122 run_update_beacon_cb(vap); 2123 break; 2124 case IEEE80211_M_STA: 2125 sc->sta_running |= bid; 2126 if (!sc->ap_running && !sc->adhoc_running) 2127 ic->ic_opmode = vap->iv_opmode; 2128 2129 /* read statistic counters (clear on read) */ 2130 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2131 (uint8_t *)sta, sizeof sta); 2132 2133 break; 2134 default: 2135 ic->ic_opmode = vap->iv_opmode; 2136 break; 2137 } 2138 2139 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2140 struct ieee80211_node *ni; 2141 2142 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2143 RUN_UNLOCK(sc); 2144 IEEE80211_LOCK(ic); 2145 return (-1); 2146 } 2147 run_updateslot(ic->ic_ifp); 2148 run_enable_mrr(sc); 2149 run_set_txpreamble(sc); 2150 run_set_basicrates(sc); 2151 ni = ieee80211_ref_node(vap->iv_bss); 2152 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2153 run_set_bssid(sc, ni->ni_bssid); 2154 ieee80211_free_node(ni); 2155 run_enable_tsf_sync(sc); 2156 2157 /* enable automatic rate adaptation */ 2158 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2159 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2160 ratectl |= bid; 2161 } 2162 2163 /* turn link LED on */ 2164 run_set_leds(sc, RT2860_LED_RADIO | 2165 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2166 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2167 2168 break; 2169 default: 2170 DPRINTFN(6, "undefined case\n"); 2171 break; 2172 } 2173 2174 /* restart amrr for running VAPs */ 2175 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2176 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2177 2178 RUN_UNLOCK(sc); 2179 IEEE80211_LOCK(ic); 2180 2181 return(rvp->newstate(vap, nstate, arg)); 2182 } 2183 2184 /* ARGSUSED */ 2185 static void 2186 run_wme_update_cb(void *arg) 2187 { 2188 struct ieee80211com *ic = arg; 2189 struct run_softc *sc = ic->ic_ifp->if_softc; 2190 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2191 int aci, error = 0; 2192 2193 RUN_LOCK_ASSERT(sc, MA_OWNED); 2194 2195 /* update MAC TX configuration registers */ 2196 for (aci = 0; aci < WME_NUM_AC; aci++) { 2197 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2198 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2199 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2200 wmesp->wme_params[aci].wmep_aifsn << 8 | 2201 wmesp->wme_params[aci].wmep_txopLimit); 2202 if (error) goto err; 2203 } 2204 2205 /* update SCH/DMA registers too */ 2206 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2207 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2208 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2209 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2210 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2211 if (error) goto err; 2212 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2213 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2214 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2215 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2216 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2217 if (error) goto err; 2218 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2219 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2220 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2221 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2222 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2223 if (error) goto err; 2224 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2225 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2226 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2227 if (error) goto err; 2228 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2229 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2230 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2231 2232 err: 2233 if (error) 2234 DPRINTF("WME update failed\n"); 2235 2236 return; 2237 } 2238 2239 static int 2240 run_wme_update(struct ieee80211com *ic) 2241 { 2242 struct run_softc *sc = ic->ic_ifp->if_softc; 2243 2244 /* sometime called wothout lock */ 2245 if (mtx_owned(&ic->ic_comlock.mtx)) { 2246 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2247 DPRINTF("cmdq_store=%d\n", i); 2248 sc->cmdq[i].func = run_wme_update_cb; 2249 sc->cmdq[i].arg0 = ic; 2250 ieee80211_runtask(ic, &sc->cmdq_task); 2251 return (0); 2252 } 2253 2254 RUN_LOCK(sc); 2255 run_wme_update_cb(ic); 2256 RUN_UNLOCK(sc); 2257 2258 /* return whatever, upper layer desn't care anyway */ 2259 return (0); 2260 } 2261 2262 static void 2263 run_key_update_begin(struct ieee80211vap *vap) 2264 { 2265 /* 2266 * To avoid out-of-order events, both run_key_set() and 2267 * _delete() are deferred and handled by run_cmdq_cb(). 2268 * So, there is nothing we need to do here. 2269 */ 2270 } 2271 2272 static void 2273 run_key_update_end(struct ieee80211vap *vap) 2274 { 2275 /* null */ 2276 } 2277 2278 static void 2279 run_key_set_cb(void *arg) 2280 { 2281 struct run_cmdq *cmdq = arg; 2282 struct ieee80211vap *vap = cmdq->arg1; 2283 struct ieee80211_key *k = cmdq->k; 2284 struct ieee80211com *ic = vap->iv_ic; 2285 struct run_softc *sc = ic->ic_ifp->if_softc; 2286 struct ieee80211_node *ni; 2287 uint32_t attr; 2288 uint16_t base, associd; 2289 uint8_t mode, wcid, iv[8]; 2290 2291 RUN_LOCK_ASSERT(sc, MA_OWNED); 2292 2293 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2294 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2295 else 2296 ni = vap->iv_bss; 2297 associd = (ni != NULL) ? ni->ni_associd : 0; 2298 2299 /* map net80211 cipher to RT2860 security mode */ 2300 switch (k->wk_cipher->ic_cipher) { 2301 case IEEE80211_CIPHER_WEP: 2302 if(k->wk_keylen < 8) 2303 mode = RT2860_MODE_WEP40; 2304 else 2305 mode = RT2860_MODE_WEP104; 2306 break; 2307 case IEEE80211_CIPHER_TKIP: 2308 mode = RT2860_MODE_TKIP; 2309 break; 2310 case IEEE80211_CIPHER_AES_CCM: 2311 mode = RT2860_MODE_AES_CCMP; 2312 break; 2313 default: 2314 DPRINTF("undefined case\n"); 2315 return; 2316 } 2317 2318 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2319 associd, k->wk_keyix, mode, 2320 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2321 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2322 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2323 2324 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2325 wcid = 0; /* NB: update WCID0 for group keys */ 2326 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2327 } else { 2328 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2329 1 : RUN_AID2WCID(associd); 2330 base = RT2860_PKEY(wcid); 2331 } 2332 2333 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2334 if(run_write_region_1(sc, base, k->wk_key, 16)) 2335 return; 2336 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2337 return; 2338 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2339 return; 2340 } else { 2341 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2342 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2343 return; 2344 } 2345 2346 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2347 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2348 /* set initial packet number in IV+EIV */ 2349 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2350 memset(iv, 0, sizeof iv); 2351 iv[3] = vap->iv_def_txkey << 6; 2352 } else { 2353 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2354 iv[0] = k->wk_keytsc >> 8; 2355 iv[1] = (iv[0] | 0x20) & 0x7f; 2356 iv[2] = k->wk_keytsc; 2357 } else /* CCMP */ { 2358 iv[0] = k->wk_keytsc; 2359 iv[1] = k->wk_keytsc >> 8; 2360 iv[2] = 0; 2361 } 2362 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2363 iv[4] = k->wk_keytsc >> 16; 2364 iv[5] = k->wk_keytsc >> 24; 2365 iv[6] = k->wk_keytsc >> 32; 2366 iv[7] = k->wk_keytsc >> 40; 2367 } 2368 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2369 return; 2370 } 2371 2372 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2373 /* install group key */ 2374 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2375 return; 2376 attr &= ~(0xf << (k->wk_keyix * 4)); 2377 attr |= mode << (k->wk_keyix * 4); 2378 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2379 return; 2380 } else { 2381 /* install pairwise key */ 2382 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2383 return; 2384 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2385 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2386 return; 2387 } 2388 2389 /* TODO create a pass-thru key entry? */ 2390 2391 /* need wcid to delete the right key later */ 2392 k->wk_pad = wcid; 2393 } 2394 2395 /* 2396 * Don't have to be deferred, but in order to keep order of 2397 * execution, i.e. with run_key_delete(), defer this and let 2398 * run_cmdq_cb() maintain the order. 2399 * 2400 * return 0 on error 2401 */ 2402 static int 2403 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2404 const uint8_t mac[IEEE80211_ADDR_LEN]) 2405 { 2406 struct ieee80211com *ic = vap->iv_ic; 2407 struct run_softc *sc = ic->ic_ifp->if_softc; 2408 uint32_t i; 2409 2410 i = RUN_CMDQ_GET(&sc->cmdq_store); 2411 DPRINTF("cmdq_store=%d\n", i); 2412 sc->cmdq[i].func = run_key_set_cb; 2413 sc->cmdq[i].arg0 = NULL; 2414 sc->cmdq[i].arg1 = vap; 2415 sc->cmdq[i].k = k; 2416 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2417 ieee80211_runtask(ic, &sc->cmdq_task); 2418 2419 /* 2420 * To make sure key will be set when hostapd 2421 * calls iv_key_set() before if_init(). 2422 */ 2423 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2424 RUN_LOCK(sc); 2425 sc->cmdq_key_set = RUN_CMDQ_GO; 2426 RUN_UNLOCK(sc); 2427 } 2428 2429 return (1); 2430 } 2431 2432 /* 2433 * If wlan is destroyed without being brought down i.e. without 2434 * wlan down or wpa_cli terminate, this function is called after 2435 * vap is gone. Don't refer it. 2436 */ 2437 static void 2438 run_key_delete_cb(void *arg) 2439 { 2440 struct run_cmdq *cmdq = arg; 2441 struct run_softc *sc = cmdq->arg1; 2442 struct ieee80211_key *k = &cmdq->key; 2443 uint32_t attr; 2444 uint8_t wcid; 2445 2446 RUN_LOCK_ASSERT(sc, MA_OWNED); 2447 2448 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2449 /* remove group key */ 2450 DPRINTF("removing group key\n"); 2451 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2452 attr &= ~(0xf << (k->wk_keyix * 4)); 2453 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2454 } else { 2455 /* remove pairwise key */ 2456 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2457 /* matching wcid was written to wk_pad in run_key_set() */ 2458 wcid = k->wk_pad; 2459 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2460 attr &= ~0xf; 2461 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2462 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2463 } 2464 2465 k->wk_pad = 0; 2466 } 2467 2468 /* 2469 * return 0 on error 2470 */ 2471 static int 2472 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2473 { 2474 struct ieee80211com *ic = vap->iv_ic; 2475 struct run_softc *sc = ic->ic_ifp->if_softc; 2476 struct ieee80211_key *k0; 2477 uint32_t i; 2478 2479 /* 2480 * When called back, key might be gone. So, make a copy 2481 * of some values need to delete keys before deferring. 2482 * But, because of LOR with node lock, cannot use lock here. 2483 * So, use atomic instead. 2484 */ 2485 i = RUN_CMDQ_GET(&sc->cmdq_store); 2486 DPRINTF("cmdq_store=%d\n", i); 2487 sc->cmdq[i].func = run_key_delete_cb; 2488 sc->cmdq[i].arg0 = NULL; 2489 sc->cmdq[i].arg1 = sc; 2490 k0 = &sc->cmdq[i].key; 2491 k0->wk_flags = k->wk_flags; 2492 k0->wk_keyix = k->wk_keyix; 2493 /* matching wcid was written to wk_pad in run_key_set() */ 2494 k0->wk_pad = k->wk_pad; 2495 ieee80211_runtask(ic, &sc->cmdq_task); 2496 return (1); /* return fake success */ 2497 2498 } 2499 2500 static void 2501 run_ratectl_to(void *arg) 2502 { 2503 struct run_softc *sc = arg; 2504 2505 /* do it in a process context, so it can go sleep */ 2506 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2507 /* next timeout will be rescheduled in the callback task */ 2508 } 2509 2510 /* ARGSUSED */ 2511 static void 2512 run_ratectl_cb(void *arg, int pending) 2513 { 2514 struct run_softc *sc = arg; 2515 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2516 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2517 2518 if (vap == NULL) 2519 return; 2520 2521 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA) 2522 run_iter_func(sc, vap->iv_bss); 2523 else { 2524 /* 2525 * run_reset_livelock() doesn't do anything with AMRR, 2526 * but Ralink wants us to call it every 1 sec. So, we 2527 * piggyback here rather than creating another callout. 2528 * Livelock may occur only in HOSTAP or IBSS mode 2529 * (when h/w is sending beacons). 2530 */ 2531 RUN_LOCK(sc); 2532 run_reset_livelock(sc); 2533 /* just in case, there are some stats to drain */ 2534 run_drain_fifo(sc); 2535 RUN_UNLOCK(sc); 2536 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2537 } 2538 2539 RUN_LOCK(sc); 2540 if(sc->ratectl_run != RUN_RATECTL_OFF) 2541 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2542 RUN_UNLOCK(sc); 2543 } 2544 2545 static void 2546 run_drain_fifo(void *arg) 2547 { 2548 struct run_softc *sc = arg; 2549 struct ifnet *ifp = sc->sc_ifp; 2550 uint32_t stat; 2551 uint16_t (*wstat)[3]; 2552 uint8_t wcid, mcs, pid; 2553 int8_t retry; 2554 2555 RUN_LOCK_ASSERT(sc, MA_OWNED); 2556 2557 for (;;) { 2558 /* drain Tx status FIFO (maxsize = 16) */ 2559 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2560 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2561 if (!(stat & RT2860_TXQ_VLD)) 2562 break; 2563 2564 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2565 2566 /* if no ACK was requested, no feedback is available */ 2567 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2568 wcid == 0) 2569 continue; 2570 2571 /* 2572 * Even though each stat is Tx-complete-status like format, 2573 * the device can poll stats. Because there is no guarantee 2574 * that the referring node is still around when read the stats. 2575 * So that, if we use ieee80211_ratectl_tx_update(), we will 2576 * have hard time not to refer already freed node. 2577 * 2578 * To eliminate such page faults, we poll stats in softc. 2579 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2580 */ 2581 wstat = &(sc->wcid_stats[wcid]); 2582 (*wstat)[RUN_TXCNT]++; 2583 if (stat & RT2860_TXQ_OK) 2584 (*wstat)[RUN_SUCCESS]++; 2585 else 2586 ifp->if_oerrors++; 2587 /* 2588 * Check if there were retries, ie if the Tx success rate is 2589 * different from the requested rate. Note that it works only 2590 * because we do not allow rate fallback from OFDM to CCK. 2591 */ 2592 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2593 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2594 if ((retry = pid -1 - mcs) > 0) { 2595 (*wstat)[RUN_TXCNT] += retry; 2596 (*wstat)[RUN_RETRY] += retry; 2597 } 2598 } 2599 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2600 2601 sc->fifo_cnt = 0; 2602 } 2603 2604 static void 2605 run_iter_func(void *arg, struct ieee80211_node *ni) 2606 { 2607 struct run_softc *sc = arg; 2608 struct ieee80211vap *vap = ni->ni_vap; 2609 struct ieee80211com *ic = ni->ni_ic; 2610 struct ifnet *ifp = ic->ic_ifp; 2611 struct run_node *rn = (void *)ni; 2612 union run_stats sta[2]; 2613 uint16_t (*wstat)[3]; 2614 int txcnt, success, retrycnt, error; 2615 2616 RUN_LOCK(sc); 2617 2618 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2619 vap->iv_opmode == IEEE80211_M_STA)) { 2620 /* read statistic counters (clear on read) and update AMRR state */ 2621 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2622 sizeof sta); 2623 if (error != 0) 2624 goto fail; 2625 2626 /* count failed TX as errors */ 2627 ifp->if_oerrors += le16toh(sta[0].error.fail); 2628 2629 retrycnt = le16toh(sta[1].tx.retry); 2630 success = le16toh(sta[1].tx.success); 2631 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2632 2633 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2634 retrycnt, success, le16toh(sta[0].error.fail)); 2635 } else { 2636 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2637 2638 if (wstat == &(sc->wcid_stats[0]) || 2639 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2640 goto fail; 2641 2642 txcnt = (*wstat)[RUN_TXCNT]; 2643 success = (*wstat)[RUN_SUCCESS]; 2644 retrycnt = (*wstat)[RUN_RETRY]; 2645 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2646 retrycnt, txcnt, success); 2647 2648 memset(wstat, 0, sizeof(*wstat)); 2649 } 2650 2651 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2652 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2653 2654 fail: 2655 RUN_UNLOCK(sc); 2656 2657 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2658 } 2659 2660 static void 2661 run_newassoc_cb(void *arg) 2662 { 2663 struct run_cmdq *cmdq = arg; 2664 struct ieee80211_node *ni = cmdq->arg1; 2665 struct run_softc *sc = ni->ni_vap->iv_ic->ic_ifp->if_softc; 2666 uint8_t wcid = cmdq->wcid; 2667 2668 RUN_LOCK_ASSERT(sc, MA_OWNED); 2669 2670 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2671 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2672 2673 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2674 } 2675 2676 static void 2677 run_newassoc(struct ieee80211_node *ni, int isnew) 2678 { 2679 struct run_node *rn = (void *)ni; 2680 struct ieee80211_rateset *rs = &ni->ni_rates; 2681 struct ieee80211vap *vap = ni->ni_vap; 2682 struct ieee80211com *ic = vap->iv_ic; 2683 struct run_softc *sc = ic->ic_ifp->if_softc; 2684 uint8_t rate; 2685 uint8_t ridx; 2686 uint8_t wcid; 2687 int i, j; 2688 2689 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2690 1 : RUN_AID2WCID(ni->ni_associd); 2691 2692 if (wcid > RT2870_WCID_MAX) { 2693 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2694 return; 2695 } 2696 2697 /* only interested in true associations */ 2698 if (isnew && ni->ni_associd != 0) { 2699 2700 /* 2701 * This function could is called though timeout function. 2702 * Need to defer. 2703 */ 2704 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2705 DPRINTF("cmdq_store=%d\n", cnt); 2706 sc->cmdq[cnt].func = run_newassoc_cb; 2707 sc->cmdq[cnt].arg0 = NULL; 2708 sc->cmdq[cnt].arg1 = ni; 2709 sc->cmdq[cnt].wcid = wcid; 2710 ieee80211_runtask(ic, &sc->cmdq_task); 2711 } 2712 2713 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2714 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr)); 2715 2716 for (i = 0; i < rs->rs_nrates; i++) { 2717 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2718 /* convert 802.11 rate to hardware rate index */ 2719 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2720 if (rt2860_rates[ridx].rate == rate) 2721 break; 2722 rn->ridx[i] = ridx; 2723 /* determine rate of control response frames */ 2724 for (j = i; j >= 0; j--) { 2725 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2726 rt2860_rates[rn->ridx[i]].phy == 2727 rt2860_rates[rn->ridx[j]].phy) 2728 break; 2729 } 2730 if (j >= 0) { 2731 rn->ctl_ridx[i] = rn->ridx[j]; 2732 } else { 2733 /* no basic rate found, use mandatory one */ 2734 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2735 } 2736 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2737 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2738 } 2739 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2740 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2741 if (rt2860_rates[ridx].rate == rate) 2742 break; 2743 rn->mgt_ridx = ridx; 2744 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2745 2746 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2747 } 2748 2749 /* 2750 * Return the Rx chain with the highest RSSI for a given frame. 2751 */ 2752 static __inline uint8_t 2753 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2754 { 2755 uint8_t rxchain = 0; 2756 2757 if (sc->nrxchains > 1) { 2758 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2759 rxchain = 1; 2760 if (sc->nrxchains > 2) 2761 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2762 rxchain = 2; 2763 } 2764 return (rxchain); 2765 } 2766 2767 static void 2768 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2769 { 2770 struct ifnet *ifp = sc->sc_ifp; 2771 struct ieee80211com *ic = ifp->if_l2com; 2772 struct ieee80211_frame *wh; 2773 struct ieee80211_node *ni; 2774 struct rt2870_rxd *rxd; 2775 struct rt2860_rxwi *rxwi; 2776 uint32_t flags; 2777 uint16_t len, rxwisize; 2778 uint8_t ant, rssi; 2779 int8_t nf; 2780 2781 rxwi = mtod(m, struct rt2860_rxwi *); 2782 len = le16toh(rxwi->len) & 0xfff; 2783 rxwisize = sizeof(struct rt2860_rxwi); 2784 if (sc->mac_ver == 0x5592) 2785 rxwisize += sizeof(uint64_t); 2786 else if (sc->mac_ver == 0x3593) 2787 rxwisize += sizeof(uint32_t); 2788 if (__predict_false(len > dmalen)) { 2789 m_freem(m); 2790 ifp->if_ierrors++; 2791 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2792 return; 2793 } 2794 /* Rx descriptor is located at the end */ 2795 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2796 flags = le32toh(rxd->flags); 2797 2798 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2799 m_freem(m); 2800 ifp->if_ierrors++; 2801 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2802 return; 2803 } 2804 2805 m->m_data += rxwisize; 2806 m->m_pkthdr.len = m->m_len -= rxwisize; 2807 2808 wh = mtod(m, struct ieee80211_frame *); 2809 2810 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2811 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2812 m->m_flags |= M_WEP; 2813 } 2814 2815 if (flags & RT2860_RX_L2PAD) { 2816 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2817 len += 2; 2818 } 2819 2820 ni = ieee80211_find_rxnode(ic, 2821 mtod(m, struct ieee80211_frame_min *)); 2822 2823 if (__predict_false(flags & RT2860_RX_MICERR)) { 2824 /* report MIC failures to net80211 for TKIP */ 2825 if (ni != NULL) 2826 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2827 rxwi->keyidx); 2828 m_freem(m); 2829 ifp->if_ierrors++; 2830 DPRINTF("MIC error. Someone is lying.\n"); 2831 return; 2832 } 2833 2834 ant = run_maxrssi_chain(sc, rxwi); 2835 rssi = rxwi->rssi[ant]; 2836 nf = run_rssi2dbm(sc, rssi, ant); 2837 2838 m->m_pkthdr.rcvif = ifp; 2839 m->m_pkthdr.len = m->m_len = len; 2840 2841 if (ni != NULL) { 2842 (void)ieee80211_input(ni, m, rssi, nf); 2843 ieee80211_free_node(ni); 2844 } else { 2845 (void)ieee80211_input_all(ic, m, rssi, nf); 2846 } 2847 2848 if (__predict_false(ieee80211_radiotap_active(ic))) { 2849 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2850 uint16_t phy; 2851 2852 tap->wr_flags = 0; 2853 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2854 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2855 tap->wr_antsignal = rssi; 2856 tap->wr_antenna = ant; 2857 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2858 tap->wr_rate = 2; /* in case it can't be found below */ 2859 phy = le16toh(rxwi->phy); 2860 switch (phy & RT2860_PHY_MODE) { 2861 case RT2860_PHY_CCK: 2862 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2863 case 0: tap->wr_rate = 2; break; 2864 case 1: tap->wr_rate = 4; break; 2865 case 2: tap->wr_rate = 11; break; 2866 case 3: tap->wr_rate = 22; break; 2867 } 2868 if (phy & RT2860_PHY_SHPRE) 2869 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2870 break; 2871 case RT2860_PHY_OFDM: 2872 switch (phy & RT2860_PHY_MCS) { 2873 case 0: tap->wr_rate = 12; break; 2874 case 1: tap->wr_rate = 18; break; 2875 case 2: tap->wr_rate = 24; break; 2876 case 3: tap->wr_rate = 36; break; 2877 case 4: tap->wr_rate = 48; break; 2878 case 5: tap->wr_rate = 72; break; 2879 case 6: tap->wr_rate = 96; break; 2880 case 7: tap->wr_rate = 108; break; 2881 } 2882 break; 2883 } 2884 } 2885 } 2886 2887 static void 2888 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2889 { 2890 struct run_softc *sc = usbd_xfer_softc(xfer); 2891 struct ifnet *ifp = sc->sc_ifp; 2892 struct mbuf *m = NULL; 2893 struct mbuf *m0; 2894 uint32_t dmalen; 2895 uint16_t rxwisize; 2896 int xferlen; 2897 2898 rxwisize = sizeof(struct rt2860_rxwi); 2899 if (sc->mac_ver == 0x5592) 2900 rxwisize += sizeof(uint64_t); 2901 else if (sc->mac_ver == 0x3593) 2902 rxwisize += sizeof(uint32_t); 2903 2904 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2905 2906 switch (USB_GET_STATE(xfer)) { 2907 case USB_ST_TRANSFERRED: 2908 2909 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2910 2911 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2912 sizeof(struct rt2870_rxd))) { 2913 DPRINTF("xfer too short %d\n", xferlen); 2914 goto tr_setup; 2915 } 2916 2917 m = sc->rx_m; 2918 sc->rx_m = NULL; 2919 2920 /* FALLTHROUGH */ 2921 case USB_ST_SETUP: 2922 tr_setup: 2923 if (sc->rx_m == NULL) { 2924 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2925 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2926 } 2927 if (sc->rx_m == NULL) { 2928 DPRINTF("could not allocate mbuf - idle with stall\n"); 2929 ifp->if_ierrors++; 2930 usbd_xfer_set_stall(xfer); 2931 usbd_xfer_set_frames(xfer, 0); 2932 } else { 2933 /* 2934 * Directly loading a mbuf cluster into DMA to 2935 * save some data copying. This works because 2936 * there is only one cluster. 2937 */ 2938 usbd_xfer_set_frame_data(xfer, 0, 2939 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2940 usbd_xfer_set_frames(xfer, 1); 2941 } 2942 usbd_transfer_submit(xfer); 2943 break; 2944 2945 default: /* Error */ 2946 if (error != USB_ERR_CANCELLED) { 2947 /* try to clear stall first */ 2948 usbd_xfer_set_stall(xfer); 2949 2950 if (error == USB_ERR_TIMEOUT) 2951 device_printf(sc->sc_dev, "device timeout\n"); 2952 2953 ifp->if_ierrors++; 2954 2955 goto tr_setup; 2956 } 2957 if (sc->rx_m != NULL) { 2958 m_freem(sc->rx_m); 2959 sc->rx_m = NULL; 2960 } 2961 break; 2962 } 2963 2964 if (m == NULL) 2965 return; 2966 2967 /* inputting all the frames must be last */ 2968 2969 RUN_UNLOCK(sc); 2970 2971 m->m_pkthdr.len = m->m_len = xferlen; 2972 2973 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2974 for(;;) { 2975 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2976 2977 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2978 ((dmalen & 3) != 0)) { 2979 DPRINTF("bad DMA length %u\n", dmalen); 2980 break; 2981 } 2982 if ((dmalen + 8) > (uint32_t)xferlen) { 2983 DPRINTF("bad DMA length %u > %d\n", 2984 dmalen + 8, xferlen); 2985 break; 2986 } 2987 2988 /* If it is the last one or a single frame, we won't copy. */ 2989 if ((xferlen -= dmalen + 8) <= 8) { 2990 /* trim 32-bit DMA-len header */ 2991 m->m_data += 4; 2992 m->m_pkthdr.len = m->m_len -= 4; 2993 run_rx_frame(sc, m, dmalen); 2994 m = NULL; /* don't free source buffer */ 2995 break; 2996 } 2997 2998 /* copy aggregated frames to another mbuf */ 2999 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 3000 if (__predict_false(m0 == NULL)) { 3001 DPRINTF("could not allocate mbuf\n"); 3002 ifp->if_ierrors++; 3003 break; 3004 } 3005 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 3006 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 3007 m0->m_pkthdr.len = m0->m_len = 3008 dmalen + sizeof(struct rt2870_rxd); 3009 run_rx_frame(sc, m0, dmalen); 3010 3011 /* update data ptr */ 3012 m->m_data += dmalen + 8; 3013 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3014 } 3015 3016 /* make sure we free the source buffer, if any */ 3017 m_freem(m); 3018 3019 RUN_LOCK(sc); 3020 } 3021 3022 static void 3023 run_tx_free(struct run_endpoint_queue *pq, 3024 struct run_tx_data *data, int txerr) 3025 { 3026 if (data->m != NULL) { 3027 if (data->m->m_flags & M_TXCB) 3028 ieee80211_process_callback(data->ni, data->m, 3029 txerr ? ETIMEDOUT : 0); 3030 m_freem(data->m); 3031 data->m = NULL; 3032 3033 if (data->ni == NULL) { 3034 DPRINTF("no node\n"); 3035 } else { 3036 ieee80211_free_node(data->ni); 3037 data->ni = NULL; 3038 } 3039 } 3040 3041 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3042 pq->tx_nfree++; 3043 } 3044 3045 static void 3046 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3047 { 3048 struct run_softc *sc = usbd_xfer_softc(xfer); 3049 struct ifnet *ifp = sc->sc_ifp; 3050 struct ieee80211com *ic = ifp->if_l2com; 3051 struct run_tx_data *data; 3052 struct ieee80211vap *vap = NULL; 3053 struct usb_page_cache *pc; 3054 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3055 struct mbuf *m; 3056 usb_frlength_t size; 3057 int actlen; 3058 int sumlen; 3059 3060 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3061 3062 switch (USB_GET_STATE(xfer)) { 3063 case USB_ST_TRANSFERRED: 3064 DPRINTFN(11, "transfer complete: %d " 3065 "bytes @ index %d\n", actlen, index); 3066 3067 data = usbd_xfer_get_priv(xfer); 3068 3069 run_tx_free(pq, data, 0); 3070 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3071 3072 usbd_xfer_set_priv(xfer, NULL); 3073 3074 ifp->if_opackets++; 3075 3076 /* FALLTHROUGH */ 3077 case USB_ST_SETUP: 3078 tr_setup: 3079 data = STAILQ_FIRST(&pq->tx_qh); 3080 if (data == NULL) 3081 break; 3082 3083 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3084 3085 m = data->m; 3086 size = (sc->mac_ver == 0x5592) ? 3087 RUN_MAX_TXSZ + sizeof(uint32_t) : RUN_MAX_TXSZ; 3088 if ((m->m_pkthdr.len + 3089 sizeof(data->desc) + 3 + 8) > size) { 3090 DPRINTF("data overflow, %u bytes\n", 3091 m->m_pkthdr.len); 3092 3093 ifp->if_oerrors++; 3094 3095 run_tx_free(pq, data, 1); 3096 3097 goto tr_setup; 3098 } 3099 3100 pc = usbd_xfer_get_frame(xfer, 0); 3101 size = (sc->mac_ver == 0x5592) ? 3102 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3103 usbd_copy_in(pc, 0, &data->desc, size); 3104 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3105 size += m->m_pkthdr.len; 3106 /* 3107 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3108 * 4-byte padding), and be sure to zero those trailing 3109 * bytes: 3110 */ 3111 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3112 size += ((-size) & 3) + 8; 3113 3114 vap = data->ni->ni_vap; 3115 if (ieee80211_radiotap_active_vap(vap)) { 3116 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3117 struct rt2860_txwi *txwi = 3118 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3119 tap->wt_flags = 0; 3120 tap->wt_rate = rt2860_rates[data->ridx].rate; 3121 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3122 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3123 tap->wt_hwqueue = index; 3124 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3125 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3126 3127 ieee80211_radiotap_tx(vap, m); 3128 } 3129 3130 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3131 m->m_pkthdr.len, size, index); 3132 3133 usbd_xfer_set_frame_len(xfer, 0, size); 3134 usbd_xfer_set_priv(xfer, data); 3135 3136 usbd_transfer_submit(xfer); 3137 3138 RUN_UNLOCK(sc); 3139 run_start(ifp); 3140 RUN_LOCK(sc); 3141 3142 break; 3143 3144 default: 3145 DPRINTF("USB transfer error, %s\n", 3146 usbd_errstr(error)); 3147 3148 data = usbd_xfer_get_priv(xfer); 3149 3150 ifp->if_oerrors++; 3151 3152 if (data != NULL) { 3153 if(data->ni != NULL) 3154 vap = data->ni->ni_vap; 3155 run_tx_free(pq, data, error); 3156 usbd_xfer_set_priv(xfer, NULL); 3157 } 3158 if (vap == NULL) 3159 vap = TAILQ_FIRST(&ic->ic_vaps); 3160 3161 if (error != USB_ERR_CANCELLED) { 3162 if (error == USB_ERR_TIMEOUT) { 3163 device_printf(sc->sc_dev, "device timeout\n"); 3164 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3165 DPRINTF("cmdq_store=%d\n", i); 3166 sc->cmdq[i].func = run_usb_timeout_cb; 3167 sc->cmdq[i].arg0 = vap; 3168 ieee80211_runtask(ic, &sc->cmdq_task); 3169 } 3170 3171 /* 3172 * Try to clear stall first, also if other 3173 * errors occur, hence clearing stall 3174 * introduces a 50 ms delay: 3175 */ 3176 usbd_xfer_set_stall(xfer); 3177 goto tr_setup; 3178 } 3179 break; 3180 } 3181 } 3182 3183 static void 3184 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3185 { 3186 run_bulk_tx_callbackN(xfer, error, 0); 3187 } 3188 3189 static void 3190 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3191 { 3192 run_bulk_tx_callbackN(xfer, error, 1); 3193 } 3194 3195 static void 3196 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3197 { 3198 run_bulk_tx_callbackN(xfer, error, 2); 3199 } 3200 3201 static void 3202 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3203 { 3204 run_bulk_tx_callbackN(xfer, error, 3); 3205 } 3206 3207 static void 3208 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3209 { 3210 run_bulk_tx_callbackN(xfer, error, 4); 3211 } 3212 3213 static void 3214 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3215 { 3216 run_bulk_tx_callbackN(xfer, error, 5); 3217 } 3218 3219 static void 3220 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3221 { 3222 struct mbuf *m = data->m; 3223 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3224 struct ieee80211vap *vap = data->ni->ni_vap; 3225 struct ieee80211_frame *wh; 3226 struct rt2870_txd *txd; 3227 struct rt2860_txwi *txwi; 3228 uint16_t xferlen, txwisize; 3229 uint16_t mcs; 3230 uint8_t ridx = data->ridx; 3231 uint8_t pad; 3232 3233 /* get MCS code from rate index */ 3234 mcs = rt2860_rates[ridx].mcs; 3235 3236 txwisize = (sc->mac_ver == 0x5592) ? 3237 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3238 xferlen = txwisize + m->m_pkthdr.len; 3239 3240 /* roundup to 32-bit alignment */ 3241 xferlen = (xferlen + 3) & ~3; 3242 3243 txd = (struct rt2870_txd *)&data->desc; 3244 txd->len = htole16(xferlen); 3245 3246 wh = mtod(m, struct ieee80211_frame *); 3247 3248 /* 3249 * Ether both are true or both are false, the header 3250 * are nicely aligned to 32-bit. So, no L2 padding. 3251 */ 3252 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3253 pad = 0; 3254 else 3255 pad = 2; 3256 3257 /* setup TX Wireless Information */ 3258 txwi = (struct rt2860_txwi *)(txd + 1); 3259 txwi->len = htole16(m->m_pkthdr.len - pad); 3260 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3261 txwi->phy = htole16(RT2860_PHY_CCK); 3262 if (ridx != RT2860_RIDX_CCK1 && 3263 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3264 mcs |= RT2860_PHY_SHPRE; 3265 } else 3266 txwi->phy = htole16(RT2860_PHY_OFDM); 3267 txwi->phy |= htole16(mcs); 3268 3269 /* check if RTS/CTS or CTS-to-self protection is required */ 3270 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3271 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3272 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3273 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3274 txwi->txop |= RT2860_TX_TXOP_HT; 3275 else 3276 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3277 3278 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3279 txwi->xflags |= RT2860_TX_NSEQ; 3280 } 3281 3282 /* This function must be called locked */ 3283 static int 3284 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3285 { 3286 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3287 struct ieee80211vap *vap = ni->ni_vap; 3288 struct ieee80211_frame *wh; 3289 struct ieee80211_channel *chan; 3290 const struct ieee80211_txparam *tp; 3291 struct run_node *rn = (void *)ni; 3292 struct run_tx_data *data; 3293 struct rt2870_txd *txd; 3294 struct rt2860_txwi *txwi; 3295 uint16_t qos; 3296 uint16_t dur; 3297 uint16_t qid; 3298 uint8_t type; 3299 uint8_t tid; 3300 uint8_t ridx; 3301 uint8_t ctl_ridx; 3302 uint8_t qflags; 3303 uint8_t xflags = 0; 3304 int hasqos; 3305 3306 RUN_LOCK_ASSERT(sc, MA_OWNED); 3307 3308 wh = mtod(m, struct ieee80211_frame *); 3309 3310 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3311 3312 /* 3313 * There are 7 bulk endpoints: 1 for RX 3314 * and 6 for TX (4 EDCAs + HCCA + Prio). 3315 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3316 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3317 */ 3318 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3319 uint8_t *frm; 3320 3321 if(IEEE80211_HAS_ADDR4(wh)) 3322 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3323 else 3324 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3325 3326 qos = le16toh(*(const uint16_t *)frm); 3327 tid = qos & IEEE80211_QOS_TID; 3328 qid = TID_TO_WME_AC(tid); 3329 } else { 3330 qos = 0; 3331 tid = 0; 3332 qid = WME_AC_BE; 3333 } 3334 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3335 3336 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3337 qos, qid, tid, qflags); 3338 3339 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3340 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3341 3342 /* pickup a rate index */ 3343 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3344 type != IEEE80211_FC0_TYPE_DATA) { 3345 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3346 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3347 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3348 } else { 3349 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3350 ridx = rn->fix_ridx; 3351 else 3352 ridx = rn->amrr_ridx; 3353 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3354 } 3355 3356 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3357 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3358 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3359 xflags |= RT2860_TX_ACK; 3360 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3361 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3362 else 3363 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3364 USETW(wh->i_dur, dur); 3365 } 3366 3367 /* reserve slots for mgmt packets, just in case */ 3368 if (sc->sc_epq[qid].tx_nfree < 3) { 3369 DPRINTFN(10, "tx ring %d is full\n", qid); 3370 return (-1); 3371 } 3372 3373 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3374 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3375 sc->sc_epq[qid].tx_nfree--; 3376 3377 txd = (struct rt2870_txd *)&data->desc; 3378 txd->flags = qflags; 3379 txwi = (struct rt2860_txwi *)(txd + 1); 3380 txwi->xflags = xflags; 3381 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3382 txwi->wcid = 0; 3383 else 3384 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3385 1 : RUN_AID2WCID(ni->ni_associd); 3386 3387 /* clear leftover garbage bits */ 3388 txwi->flags = 0; 3389 txwi->txop = 0; 3390 3391 data->m = m; 3392 data->ni = ni; 3393 data->ridx = ridx; 3394 3395 run_set_tx_desc(sc, data); 3396 3397 /* 3398 * The chip keeps track of 2 kind of Tx stats, 3399 * * TX_STAT_FIFO, for per WCID stats, and 3400 * * TX_STA_CNT0 for all-TX-in-one stats. 3401 * 3402 * To use FIFO stats, we need to store MCS into the driver-private 3403 * PacketID field. So that, we can tell whose stats when we read them. 3404 * We add 1 to the MCS because setting the PacketID field to 0 means 3405 * that we don't want feedback in TX_STAT_FIFO. 3406 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3407 * 3408 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3409 */ 3410 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3411 vap->iv_opmode == IEEE80211_M_MBSS) { 3412 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3413 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3414 3415 /* 3416 * Unlike PCI based devices, we don't get any interrupt from 3417 * USB devices, so we simulate FIFO-is-full interrupt here. 3418 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3419 * quickly get fulled. To prevent overflow, increment a counter on 3420 * every FIFO stat request, so we know how many slots are left. 3421 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3422 * are used only in those modes. 3423 * We just drain stats. AMRR gets updated every 1 sec by 3424 * run_ratectl_cb() via callout. 3425 * Call it early. Otherwise overflow. 3426 */ 3427 if (sc->fifo_cnt++ == 10) { 3428 /* 3429 * With multiple vaps or if_bridge, if_start() is called 3430 * with a non-sleepable lock, tcpinp. So, need to defer. 3431 */ 3432 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3433 DPRINTFN(6, "cmdq_store=%d\n", i); 3434 sc->cmdq[i].func = run_drain_fifo; 3435 sc->cmdq[i].arg0 = sc; 3436 ieee80211_runtask(ic, &sc->cmdq_task); 3437 } 3438 } 3439 3440 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3441 3442 usbd_transfer_start(sc->sc_xfer[qid]); 3443 3444 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3445 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3446 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3447 3448 return (0); 3449 } 3450 3451 static int 3452 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3453 { 3454 struct ifnet *ifp = sc->sc_ifp; 3455 struct ieee80211com *ic = ifp->if_l2com; 3456 struct run_node *rn = (void *)ni; 3457 struct run_tx_data *data; 3458 struct ieee80211_frame *wh; 3459 struct rt2870_txd *txd; 3460 struct rt2860_txwi *txwi; 3461 uint16_t dur; 3462 uint8_t ridx = rn->mgt_ridx; 3463 uint8_t type; 3464 uint8_t xflags = 0; 3465 uint8_t wflags = 0; 3466 3467 RUN_LOCK_ASSERT(sc, MA_OWNED); 3468 3469 wh = mtod(m, struct ieee80211_frame *); 3470 3471 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3472 3473 /* tell hardware to add timestamp for probe responses */ 3474 if ((wh->i_fc[0] & 3475 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3476 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3477 wflags |= RT2860_TX_TS; 3478 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3479 xflags |= RT2860_TX_ACK; 3480 3481 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3482 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3483 USETW(wh->i_dur, dur); 3484 } 3485 3486 if (sc->sc_epq[0].tx_nfree == 0) { 3487 /* let caller free mbuf */ 3488 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3489 return (EIO); 3490 } 3491 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3492 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3493 sc->sc_epq[0].tx_nfree--; 3494 3495 txd = (struct rt2870_txd *)&data->desc; 3496 txd->flags = RT2860_TX_QSEL_EDCA; 3497 txwi = (struct rt2860_txwi *)(txd + 1); 3498 txwi->wcid = 0xff; 3499 txwi->flags = wflags; 3500 txwi->xflags = xflags; 3501 txwi->txop = 0; /* clear leftover garbage bits */ 3502 3503 data->m = m; 3504 data->ni = ni; 3505 data->ridx = ridx; 3506 3507 run_set_tx_desc(sc, data); 3508 3509 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3510 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3511 rt2860_rates[ridx].rate); 3512 3513 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3514 3515 usbd_transfer_start(sc->sc_xfer[0]); 3516 3517 return (0); 3518 } 3519 3520 static int 3521 run_sendprot(struct run_softc *sc, 3522 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3523 { 3524 struct ieee80211com *ic = ni->ni_ic; 3525 struct ieee80211_frame *wh; 3526 struct run_tx_data *data; 3527 struct rt2870_txd *txd; 3528 struct rt2860_txwi *txwi; 3529 struct mbuf *mprot; 3530 int ridx; 3531 int protrate; 3532 int ackrate; 3533 int pktlen; 3534 int isshort; 3535 uint16_t dur; 3536 uint8_t type; 3537 uint8_t wflags = 0; 3538 uint8_t xflags = 0; 3539 3540 RUN_LOCK_ASSERT(sc, MA_OWNED); 3541 3542 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3543 ("protection %d", prot)); 3544 3545 wh = mtod(m, struct ieee80211_frame *); 3546 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3547 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3548 3549 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3550 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3551 3552 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3553 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3554 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3555 wflags = RT2860_TX_FRAG; 3556 3557 /* check that there are free slots before allocating the mbuf */ 3558 if (sc->sc_epq[0].tx_nfree == 0) { 3559 /* let caller free mbuf */ 3560 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3561 return (ENOBUFS); 3562 } 3563 3564 if (prot == IEEE80211_PROT_RTSCTS) { 3565 /* NB: CTS is the same size as an ACK */ 3566 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3567 xflags |= RT2860_TX_ACK; 3568 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3569 } else { 3570 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3571 } 3572 if (mprot == NULL) { 3573 sc->sc_ifp->if_oerrors++; 3574 DPRINTF("could not allocate mbuf\n"); 3575 return (ENOBUFS); 3576 } 3577 3578 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3579 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3580 sc->sc_epq[0].tx_nfree--; 3581 3582 txd = (struct rt2870_txd *)&data->desc; 3583 txd->flags = RT2860_TX_QSEL_EDCA; 3584 txwi = (struct rt2860_txwi *)(txd + 1); 3585 txwi->wcid = 0xff; 3586 txwi->flags = wflags; 3587 txwi->xflags = xflags; 3588 txwi->txop = 0; /* clear leftover garbage bits */ 3589 3590 data->m = mprot; 3591 data->ni = ieee80211_ref_node(ni); 3592 3593 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3594 if (rt2860_rates[ridx].rate == protrate) 3595 break; 3596 data->ridx = ridx; 3597 3598 run_set_tx_desc(sc, data); 3599 3600 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3601 m->m_pkthdr.len, rate); 3602 3603 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3604 3605 usbd_transfer_start(sc->sc_xfer[0]); 3606 3607 return (0); 3608 } 3609 3610 static int 3611 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3612 const struct ieee80211_bpf_params *params) 3613 { 3614 struct ieee80211com *ic = ni->ni_ic; 3615 struct ieee80211_frame *wh; 3616 struct run_tx_data *data; 3617 struct rt2870_txd *txd; 3618 struct rt2860_txwi *txwi; 3619 uint8_t type; 3620 uint8_t ridx; 3621 uint8_t rate; 3622 uint8_t opflags = 0; 3623 uint8_t xflags = 0; 3624 int error; 3625 3626 RUN_LOCK_ASSERT(sc, MA_OWNED); 3627 3628 KASSERT(params != NULL, ("no raw xmit params")); 3629 3630 wh = mtod(m, struct ieee80211_frame *); 3631 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3632 3633 rate = params->ibp_rate0; 3634 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3635 /* let caller free mbuf */ 3636 return (EINVAL); 3637 } 3638 3639 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3640 xflags |= RT2860_TX_ACK; 3641 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3642 error = run_sendprot(sc, m, ni, 3643 params->ibp_flags & IEEE80211_BPF_RTS ? 3644 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3645 rate); 3646 if (error) { 3647 /* let caller free mbuf */ 3648 return error; 3649 } 3650 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3651 } 3652 3653 if (sc->sc_epq[0].tx_nfree == 0) { 3654 /* let caller free mbuf */ 3655 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3656 DPRINTF("sending raw frame, but tx ring is full\n"); 3657 return (EIO); 3658 } 3659 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3660 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3661 sc->sc_epq[0].tx_nfree--; 3662 3663 txd = (struct rt2870_txd *)&data->desc; 3664 txd->flags = RT2860_TX_QSEL_EDCA; 3665 txwi = (struct rt2860_txwi *)(txd + 1); 3666 txwi->wcid = 0xff; 3667 txwi->xflags = xflags; 3668 txwi->txop = opflags; 3669 txwi->flags = 0; /* clear leftover garbage bits */ 3670 3671 data->m = m; 3672 data->ni = ni; 3673 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3674 if (rt2860_rates[ridx].rate == rate) 3675 break; 3676 data->ridx = ridx; 3677 3678 run_set_tx_desc(sc, data); 3679 3680 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3681 m->m_pkthdr.len, rate); 3682 3683 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3684 3685 usbd_transfer_start(sc->sc_xfer[0]); 3686 3687 return (0); 3688 } 3689 3690 static int 3691 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3692 const struct ieee80211_bpf_params *params) 3693 { 3694 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3695 struct run_softc *sc = ifp->if_softc; 3696 int error = 0; 3697 3698 RUN_LOCK(sc); 3699 3700 /* prevent management frames from being sent if we're not ready */ 3701 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3702 error = ENETDOWN; 3703 goto done; 3704 } 3705 3706 if (params == NULL) { 3707 /* tx mgt packet */ 3708 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3709 ifp->if_oerrors++; 3710 DPRINTF("mgt tx failed\n"); 3711 goto done; 3712 } 3713 } else { 3714 /* tx raw packet with param */ 3715 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3716 ifp->if_oerrors++; 3717 DPRINTF("tx with param failed\n"); 3718 goto done; 3719 } 3720 } 3721 3722 ifp->if_opackets++; 3723 3724 done: 3725 RUN_UNLOCK(sc); 3726 3727 if (error != 0) { 3728 if(m != NULL) 3729 m_freem(m); 3730 ieee80211_free_node(ni); 3731 } 3732 3733 return (error); 3734 } 3735 3736 static void 3737 run_start(struct ifnet *ifp) 3738 { 3739 struct run_softc *sc = ifp->if_softc; 3740 struct ieee80211_node *ni; 3741 struct mbuf *m; 3742 3743 RUN_LOCK(sc); 3744 3745 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 3746 RUN_UNLOCK(sc); 3747 return; 3748 } 3749 3750 for (;;) { 3751 /* send data frames */ 3752 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 3753 if (m == NULL) 3754 break; 3755 3756 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3757 if (run_tx(sc, m, ni) != 0) { 3758 IFQ_DRV_PREPEND(&ifp->if_snd, m); 3759 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3760 break; 3761 } 3762 } 3763 3764 RUN_UNLOCK(sc); 3765 } 3766 3767 static int 3768 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3769 { 3770 struct run_softc *sc = ifp->if_softc; 3771 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3772 struct ifreq *ifr = (struct ifreq *) data; 3773 int startall = 0; 3774 int error; 3775 3776 RUN_LOCK(sc); 3777 error = sc->sc_detached ? ENXIO : 0; 3778 RUN_UNLOCK(sc); 3779 if (error) 3780 return (error); 3781 3782 switch (cmd) { 3783 case SIOCSIFFLAGS: 3784 RUN_LOCK(sc); 3785 if (ifp->if_flags & IFF_UP) { 3786 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){ 3787 startall = 1; 3788 run_init_locked(sc); 3789 } else 3790 run_update_promisc_locked(ifp); 3791 } else { 3792 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 3793 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3794 run_stop(sc); 3795 } 3796 } 3797 RUN_UNLOCK(sc); 3798 if (startall) 3799 ieee80211_start_all(ic); 3800 break; 3801 case SIOCGIFMEDIA: 3802 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3803 break; 3804 case SIOCGIFADDR: 3805 error = ether_ioctl(ifp, cmd, data); 3806 break; 3807 default: 3808 error = EINVAL; 3809 break; 3810 } 3811 3812 return (error); 3813 } 3814 3815 static void 3816 run_iq_calib(struct run_softc *sc, u_int chan) 3817 { 3818 uint16_t val; 3819 3820 /* Tx0 IQ gain. */ 3821 run_bbp_write(sc, 158, 0x2c); 3822 if (chan <= 14) 3823 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3824 else if (chan <= 64) { 3825 run_efuse_read(sc, 3826 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3827 &val, 1); 3828 } else if (chan <= 138) { 3829 run_efuse_read(sc, 3830 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3831 &val, 1); 3832 } else if (chan <= 165) { 3833 run_efuse_read(sc, 3834 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3835 &val, 1); 3836 } else 3837 val = 0; 3838 run_bbp_write(sc, 159, val); 3839 3840 /* Tx0 IQ phase. */ 3841 run_bbp_write(sc, 158, 0x2d); 3842 if (chan <= 14) { 3843 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3844 &val, 1); 3845 } else if (chan <= 64) { 3846 run_efuse_read(sc, 3847 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3848 &val, 1); 3849 } else if (chan <= 138) { 3850 run_efuse_read(sc, 3851 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3852 &val, 1); 3853 } else if (chan <= 165) { 3854 run_efuse_read(sc, 3855 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3856 &val, 1); 3857 } else 3858 val = 0; 3859 run_bbp_write(sc, 159, val); 3860 3861 /* Tx1 IQ gain. */ 3862 run_bbp_write(sc, 158, 0x4a); 3863 if (chan <= 14) { 3864 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3865 &val, 1); 3866 } else if (chan <= 64) { 3867 run_efuse_read(sc, 3868 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3869 &val, 1); 3870 } else if (chan <= 138) { 3871 run_efuse_read(sc, 3872 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3873 &val, 1); 3874 } else if (chan <= 165) { 3875 run_efuse_read(sc, 3876 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3877 &val, 1); 3878 } else 3879 val = 0; 3880 run_bbp_write(sc, 159, val); 3881 3882 /* Tx1 IQ phase. */ 3883 run_bbp_write(sc, 158, 0x4b); 3884 if (chan <= 14) { 3885 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3886 &val, 1); 3887 } else if (chan <= 64) { 3888 run_efuse_read(sc, 3889 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3890 &val, 1); 3891 } else if (chan <= 138) { 3892 run_efuse_read(sc, 3893 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3894 &val, 1); 3895 } else if (chan <= 165) { 3896 run_efuse_read(sc, 3897 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3898 &val, 1); 3899 } else 3900 val = 0; 3901 run_bbp_write(sc, 159, val); 3902 3903 /* RF IQ compensation control. */ 3904 run_bbp_write(sc, 158, 0x04); 3905 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3906 &val, 1); 3907 run_bbp_write(sc, 159, val); 3908 3909 /* RF IQ imbalance compensation control. */ 3910 run_bbp_write(sc, 158, 0x03); 3911 run_efuse_read(sc, 3912 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3913 run_bbp_write(sc, 159, val); 3914 } 3915 3916 static void 3917 run_set_agc(struct run_softc *sc, uint8_t agc) 3918 { 3919 uint8_t bbp; 3920 3921 if (sc->mac_ver == 0x3572) { 3922 run_bbp_read(sc, 27, &bbp); 3923 bbp &= ~(0x3 << 5); 3924 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3925 run_bbp_write(sc, 66, agc); 3926 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3927 run_bbp_write(sc, 66, agc); 3928 } else 3929 run_bbp_write(sc, 66, agc); 3930 } 3931 3932 static void 3933 run_select_chan_group(struct run_softc *sc, int group) 3934 { 3935 uint32_t tmp; 3936 uint8_t agc; 3937 3938 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3939 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3940 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3941 if (sc->mac_ver < 0x3572) 3942 run_bbp_write(sc, 86, 0x00); 3943 3944 if (sc->mac_ver == 0x3593) { 3945 run_bbp_write(sc, 77, 0x98); 3946 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3947 } 3948 3949 if (group == 0) { 3950 if (sc->ext_2ghz_lna) { 3951 if (sc->mac_ver >= 0x5390) 3952 run_bbp_write(sc, 75, 0x52); 3953 else { 3954 run_bbp_write(sc, 82, 0x62); 3955 run_bbp_write(sc, 75, 0x46); 3956 } 3957 } else { 3958 if (sc->mac_ver == 0x5592) { 3959 run_bbp_write(sc, 79, 0x1c); 3960 run_bbp_write(sc, 80, 0x0e); 3961 run_bbp_write(sc, 81, 0x3a); 3962 run_bbp_write(sc, 82, 0x62); 3963 3964 run_bbp_write(sc, 195, 0x80); 3965 run_bbp_write(sc, 196, 0xe0); 3966 run_bbp_write(sc, 195, 0x81); 3967 run_bbp_write(sc, 196, 0x1f); 3968 run_bbp_write(sc, 195, 0x82); 3969 run_bbp_write(sc, 196, 0x38); 3970 run_bbp_write(sc, 195, 0x83); 3971 run_bbp_write(sc, 196, 0x32); 3972 run_bbp_write(sc, 195, 0x85); 3973 run_bbp_write(sc, 196, 0x28); 3974 run_bbp_write(sc, 195, 0x86); 3975 run_bbp_write(sc, 196, 0x19); 3976 } else if (sc->mac_ver >= 0x5390) 3977 run_bbp_write(sc, 75, 0x50); 3978 else { 3979 run_bbp_write(sc, 82, 3980 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3981 run_bbp_write(sc, 75, 0x50); 3982 } 3983 } 3984 } else { 3985 if (sc->mac_ver == 0x5592) { 3986 run_bbp_write(sc, 79, 0x18); 3987 run_bbp_write(sc, 80, 0x08); 3988 run_bbp_write(sc, 81, 0x38); 3989 run_bbp_write(sc, 82, 0x92); 3990 3991 run_bbp_write(sc, 195, 0x80); 3992 run_bbp_write(sc, 196, 0xf0); 3993 run_bbp_write(sc, 195, 0x81); 3994 run_bbp_write(sc, 196, 0x1e); 3995 run_bbp_write(sc, 195, 0x82); 3996 run_bbp_write(sc, 196, 0x28); 3997 run_bbp_write(sc, 195, 0x83); 3998 run_bbp_write(sc, 196, 0x20); 3999 run_bbp_write(sc, 195, 0x85); 4000 run_bbp_write(sc, 196, 0x7f); 4001 run_bbp_write(sc, 195, 0x86); 4002 run_bbp_write(sc, 196, 0x7f); 4003 } else if (sc->mac_ver == 0x3572) 4004 run_bbp_write(sc, 82, 0x94); 4005 else 4006 run_bbp_write(sc, 82, 4007 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 4008 if (sc->ext_5ghz_lna) 4009 run_bbp_write(sc, 75, 0x46); 4010 else 4011 run_bbp_write(sc, 75, 0x50); 4012 } 4013 4014 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 4015 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4016 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4017 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4018 4019 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4020 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4021 if (sc->mac_ver == 0x3593) 4022 tmp |= 1 << 29 | 1 << 28; 4023 if (sc->nrxchains > 1) 4024 tmp |= RT2860_LNA_PE1_EN; 4025 if (group == 0) { /* 2GHz */ 4026 tmp |= RT2860_PA_PE_G0_EN; 4027 if (sc->ntxchains > 1) 4028 tmp |= RT2860_PA_PE_G1_EN; 4029 if (sc->mac_ver == 0x3593) { 4030 if (sc->ntxchains > 2) 4031 tmp |= 1 << 25; 4032 } 4033 } else { /* 5GHz */ 4034 tmp |= RT2860_PA_PE_A0_EN; 4035 if (sc->ntxchains > 1) 4036 tmp |= RT2860_PA_PE_A1_EN; 4037 } 4038 if (sc->mac_ver == 0x3572) { 4039 run_rt3070_rf_write(sc, 8, 0x00); 4040 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4041 run_rt3070_rf_write(sc, 8, 0x80); 4042 } else 4043 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4044 4045 if (sc->mac_ver == 0x5592) { 4046 run_bbp_write(sc, 195, 0x8d); 4047 run_bbp_write(sc, 196, 0x1a); 4048 } 4049 4050 if (sc->mac_ver == 0x3593) { 4051 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4052 tmp &= ~0x01010000; 4053 if (group == 0) 4054 tmp |= 0x00010000; 4055 tmp = (tmp & ~0x00009090) | 0x00000090; 4056 run_write(sc, RT2860_GPIO_CTRL, tmp); 4057 } 4058 4059 /* set initial AGC value */ 4060 if (group == 0) { /* 2GHz band */ 4061 if (sc->mac_ver >= 0x3070) 4062 agc = 0x1c + sc->lna[0] * 2; 4063 else 4064 agc = 0x2e + sc->lna[0]; 4065 } else { /* 5GHz band */ 4066 if (sc->mac_ver == 0x5592) 4067 agc = 0x24 + sc->lna[group] * 2; 4068 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4069 agc = 0x22 + (sc->lna[group] * 5) / 3; 4070 else 4071 agc = 0x32 + (sc->lna[group] * 5) / 3; 4072 } 4073 run_set_agc(sc, agc); 4074 } 4075 4076 static void 4077 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4078 { 4079 const struct rfprog *rfprog = rt2860_rf2850; 4080 uint32_t r2, r3, r4; 4081 int8_t txpow1, txpow2; 4082 int i; 4083 4084 /* find the settings for this channel (we know it exists) */ 4085 for (i = 0; rfprog[i].chan != chan; i++); 4086 4087 r2 = rfprog[i].r2; 4088 if (sc->ntxchains == 1) 4089 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4090 if (sc->nrxchains == 1) 4091 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4092 else if (sc->nrxchains == 2) 4093 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4094 4095 /* use Tx power values from EEPROM */ 4096 txpow1 = sc->txpow1[i]; 4097 txpow2 = sc->txpow2[i]; 4098 4099 /* Initialize RF R3 and R4. */ 4100 r3 = rfprog[i].r3 & 0xffffc1ff; 4101 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4102 if (chan > 14) { 4103 if (txpow1 >= 0) { 4104 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4105 r3 |= (txpow1 << 10) | (1 << 9); 4106 } else { 4107 txpow1 += 7; 4108 4109 /* txpow1 is not possible larger than 15. */ 4110 r3 |= (txpow1 << 10); 4111 } 4112 if (txpow2 >= 0) { 4113 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4114 r4 |= (txpow2 << 7) | (1 << 6); 4115 } else { 4116 txpow2 += 7; 4117 r4 |= (txpow2 << 7); 4118 } 4119 } else { 4120 /* Set Tx0 power. */ 4121 r3 |= (txpow1 << 9); 4122 4123 /* Set frequency offset and Tx1 power. */ 4124 r4 |= (txpow2 << 6); 4125 } 4126 4127 run_rt2870_rf_write(sc, rfprog[i].r1); 4128 run_rt2870_rf_write(sc, r2); 4129 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4130 run_rt2870_rf_write(sc, r4); 4131 4132 run_delay(sc, 10); 4133 4134 run_rt2870_rf_write(sc, rfprog[i].r1); 4135 run_rt2870_rf_write(sc, r2); 4136 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4137 run_rt2870_rf_write(sc, r4); 4138 4139 run_delay(sc, 10); 4140 4141 run_rt2870_rf_write(sc, rfprog[i].r1); 4142 run_rt2870_rf_write(sc, r2); 4143 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4144 run_rt2870_rf_write(sc, r4); 4145 } 4146 4147 static void 4148 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4149 { 4150 int8_t txpow1, txpow2; 4151 uint8_t rf; 4152 int i; 4153 4154 /* find the settings for this channel (we know it exists) */ 4155 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4156 4157 /* use Tx power values from EEPROM */ 4158 txpow1 = sc->txpow1[i]; 4159 txpow2 = sc->txpow2[i]; 4160 4161 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4162 4163 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4164 run_rt3070_rf_read(sc, 3, &rf); 4165 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4166 run_rt3070_rf_write(sc, 3, rf); 4167 4168 run_rt3070_rf_read(sc, 6, &rf); 4169 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4170 run_rt3070_rf_write(sc, 6, rf); 4171 4172 /* set Tx0 power */ 4173 run_rt3070_rf_read(sc, 12, &rf); 4174 rf = (rf & ~0x1f) | txpow1; 4175 run_rt3070_rf_write(sc, 12, rf); 4176 4177 /* set Tx1 power */ 4178 run_rt3070_rf_read(sc, 13, &rf); 4179 rf = (rf & ~0x1f) | txpow2; 4180 run_rt3070_rf_write(sc, 13, rf); 4181 4182 run_rt3070_rf_read(sc, 1, &rf); 4183 rf &= ~0xfc; 4184 if (sc->ntxchains == 1) 4185 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4186 else if (sc->ntxchains == 2) 4187 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4188 if (sc->nrxchains == 1) 4189 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4190 else if (sc->nrxchains == 2) 4191 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4192 run_rt3070_rf_write(sc, 1, rf); 4193 4194 /* set RF offset */ 4195 run_rt3070_rf_read(sc, 23, &rf); 4196 rf = (rf & ~0x7f) | sc->freq; 4197 run_rt3070_rf_write(sc, 23, rf); 4198 4199 /* program RF filter */ 4200 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4201 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4202 run_rt3070_rf_write(sc, 24, rf); 4203 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4204 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4205 run_rt3070_rf_write(sc, 31, rf); 4206 4207 /* enable RF tuning */ 4208 run_rt3070_rf_read(sc, 7, &rf); 4209 run_rt3070_rf_write(sc, 7, rf | 0x01); 4210 } 4211 4212 static void 4213 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4214 { 4215 int8_t txpow1, txpow2; 4216 uint32_t tmp; 4217 uint8_t rf; 4218 int i; 4219 4220 /* find the settings for this channel (we know it exists) */ 4221 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4222 4223 /* use Tx power values from EEPROM */ 4224 txpow1 = sc->txpow1[i]; 4225 txpow2 = sc->txpow2[i]; 4226 4227 if (chan <= 14) { 4228 run_bbp_write(sc, 25, sc->bbp25); 4229 run_bbp_write(sc, 26, sc->bbp26); 4230 } else { 4231 /* enable IQ phase correction */ 4232 run_bbp_write(sc, 25, 0x09); 4233 run_bbp_write(sc, 26, 0xff); 4234 } 4235 4236 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4237 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4238 run_rt3070_rf_read(sc, 6, &rf); 4239 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4240 rf |= (chan <= 14) ? 0x08 : 0x04; 4241 run_rt3070_rf_write(sc, 6, rf); 4242 4243 /* set PLL mode */ 4244 run_rt3070_rf_read(sc, 5, &rf); 4245 rf &= ~(0x08 | 0x04); 4246 rf |= (chan <= 14) ? 0x04 : 0x08; 4247 run_rt3070_rf_write(sc, 5, rf); 4248 4249 /* set Tx power for chain 0 */ 4250 if (chan <= 14) 4251 rf = 0x60 | txpow1; 4252 else 4253 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4254 run_rt3070_rf_write(sc, 12, rf); 4255 4256 /* set Tx power for chain 1 */ 4257 if (chan <= 14) 4258 rf = 0x60 | txpow2; 4259 else 4260 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4261 run_rt3070_rf_write(sc, 13, rf); 4262 4263 /* set Tx/Rx streams */ 4264 run_rt3070_rf_read(sc, 1, &rf); 4265 rf &= ~0xfc; 4266 if (sc->ntxchains == 1) 4267 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4268 else if (sc->ntxchains == 2) 4269 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4270 if (sc->nrxchains == 1) 4271 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4272 else if (sc->nrxchains == 2) 4273 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4274 run_rt3070_rf_write(sc, 1, rf); 4275 4276 /* set RF offset */ 4277 run_rt3070_rf_read(sc, 23, &rf); 4278 rf = (rf & ~0x7f) | sc->freq; 4279 run_rt3070_rf_write(sc, 23, rf); 4280 4281 /* program RF filter */ 4282 rf = sc->rf24_20mhz; 4283 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4284 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4285 4286 /* enable RF tuning */ 4287 run_rt3070_rf_read(sc, 7, &rf); 4288 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4289 run_rt3070_rf_write(sc, 7, rf); 4290 4291 /* TSSI */ 4292 rf = (chan <= 14) ? 0xc3 : 0xc0; 4293 run_rt3070_rf_write(sc, 9, rf); 4294 4295 /* set loop filter 1 */ 4296 run_rt3070_rf_write(sc, 10, 0xf1); 4297 /* set loop filter 2 */ 4298 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4299 4300 /* set tx_mx2_ic */ 4301 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4302 /* set tx_mx1_ic */ 4303 if (chan <= 14) 4304 rf = 0x48 | sc->txmixgain_2ghz; 4305 else 4306 rf = 0x78 | sc->txmixgain_5ghz; 4307 run_rt3070_rf_write(sc, 16, rf); 4308 4309 /* set tx_lo1 */ 4310 run_rt3070_rf_write(sc, 17, 0x23); 4311 /* set tx_lo2 */ 4312 if (chan <= 14) 4313 rf = 0x93; 4314 else if (chan <= 64) 4315 rf = 0xb7; 4316 else if (chan <= 128) 4317 rf = 0x74; 4318 else 4319 rf = 0x72; 4320 run_rt3070_rf_write(sc, 19, rf); 4321 4322 /* set rx_lo1 */ 4323 if (chan <= 14) 4324 rf = 0xb3; 4325 else if (chan <= 64) 4326 rf = 0xf6; 4327 else if (chan <= 128) 4328 rf = 0xf4; 4329 else 4330 rf = 0xf3; 4331 run_rt3070_rf_write(sc, 20, rf); 4332 4333 /* set pfd_delay */ 4334 if (chan <= 14) 4335 rf = 0x15; 4336 else if (chan <= 64) 4337 rf = 0x3d; 4338 else 4339 rf = 0x01; 4340 run_rt3070_rf_write(sc, 25, rf); 4341 4342 /* set rx_lo2 */ 4343 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4344 /* set ldo_rf_vc */ 4345 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4346 /* set drv_cc */ 4347 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4348 4349 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4350 tmp &= ~0x8080; 4351 if (chan <= 14) 4352 tmp |= 0x80; 4353 run_write(sc, RT2860_GPIO_CTRL, tmp); 4354 4355 /* enable RF tuning */ 4356 run_rt3070_rf_read(sc, 7, &rf); 4357 run_rt3070_rf_write(sc, 7, rf | 0x01); 4358 4359 run_delay(sc, 2); 4360 } 4361 4362 static void 4363 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4364 { 4365 int8_t txpow1, txpow2, txpow3; 4366 uint8_t h20mhz, rf; 4367 int i; 4368 4369 /* find the settings for this channel (we know it exists) */ 4370 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4371 4372 /* use Tx power values from EEPROM */ 4373 txpow1 = sc->txpow1[i]; 4374 txpow2 = sc->txpow2[i]; 4375 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4376 4377 if (chan <= 14) { 4378 run_bbp_write(sc, 25, sc->bbp25); 4379 run_bbp_write(sc, 26, sc->bbp26); 4380 } else { 4381 /* Enable IQ phase correction. */ 4382 run_bbp_write(sc, 25, 0x09); 4383 run_bbp_write(sc, 26, 0xff); 4384 } 4385 4386 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4387 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4388 run_rt3070_rf_read(sc, 11, &rf); 4389 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4390 run_rt3070_rf_write(sc, 11, rf); 4391 4392 /* Set pll_idoh. */ 4393 run_rt3070_rf_read(sc, 11, &rf); 4394 rf &= ~0x4c; 4395 rf |= (chan <= 14) ? 0x44 : 0x48; 4396 run_rt3070_rf_write(sc, 11, rf); 4397 4398 if (chan <= 14) 4399 rf = txpow1 & 0x1f; 4400 else 4401 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4402 run_rt3070_rf_write(sc, 53, rf); 4403 4404 if (chan <= 14) 4405 rf = txpow2 & 0x1f; 4406 else 4407 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4408 run_rt3070_rf_write(sc, 55, rf); 4409 4410 if (chan <= 14) 4411 rf = txpow3 & 0x1f; 4412 else 4413 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4414 run_rt3070_rf_write(sc, 54, rf); 4415 4416 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4417 if (sc->ntxchains == 3) 4418 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4419 else 4420 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4421 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4422 run_rt3070_rf_write(sc, 1, rf); 4423 4424 run_adjust_freq_offset(sc); 4425 4426 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4427 4428 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4429 run_rt3070_rf_read(sc, 30, &rf); 4430 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4431 run_rt3070_rf_write(sc, 30, rf); 4432 4433 run_rt3070_rf_read(sc, 36, &rf); 4434 if (chan <= 14) 4435 rf |= 0x80; 4436 else 4437 rf &= ~0x80; 4438 run_rt3070_rf_write(sc, 36, rf); 4439 4440 /* Set vcolo_bs. */ 4441 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4442 /* Set pfd_delay. */ 4443 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4444 4445 /* Set vco bias current control. */ 4446 run_rt3070_rf_read(sc, 6, &rf); 4447 rf &= ~0xc0; 4448 if (chan <= 14) 4449 rf |= 0x40; 4450 else if (chan <= 128) 4451 rf |= 0x80; 4452 else 4453 rf |= 0x40; 4454 run_rt3070_rf_write(sc, 6, rf); 4455 4456 run_rt3070_rf_read(sc, 30, &rf); 4457 rf = (rf & ~0x18) | 0x10; 4458 run_rt3070_rf_write(sc, 30, rf); 4459 4460 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4461 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4462 4463 run_rt3070_rf_read(sc, 51, &rf); 4464 rf = (rf & ~0x03) | 0x01; 4465 run_rt3070_rf_write(sc, 51, rf); 4466 /* Set tx_mx1_cc. */ 4467 run_rt3070_rf_read(sc, 51, &rf); 4468 rf &= ~0x1c; 4469 rf |= (chan <= 14) ? 0x14 : 0x10; 4470 run_rt3070_rf_write(sc, 51, rf); 4471 /* Set tx_mx1_ic. */ 4472 run_rt3070_rf_read(sc, 51, &rf); 4473 rf &= ~0xe0; 4474 rf |= (chan <= 14) ? 0x60 : 0x40; 4475 run_rt3070_rf_write(sc, 51, rf); 4476 /* Set tx_lo1_ic. */ 4477 run_rt3070_rf_read(sc, 49, &rf); 4478 rf &= ~0x1c; 4479 rf |= (chan <= 14) ? 0x0c : 0x08; 4480 run_rt3070_rf_write(sc, 49, rf); 4481 /* Set tx_lo1_en. */ 4482 run_rt3070_rf_read(sc, 50, &rf); 4483 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4484 /* Set drv_cc. */ 4485 run_rt3070_rf_read(sc, 57, &rf); 4486 rf &= ~0xfc; 4487 rf |= (chan <= 14) ? 0x6c : 0x3c; 4488 run_rt3070_rf_write(sc, 57, rf); 4489 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4490 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4491 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4492 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4493 /* Enable VCO calibration. */ 4494 run_rt3070_rf_read(sc, 3, &rf); 4495 rf &= ~RT5390_VCOCAL; 4496 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4497 run_rt3070_rf_write(sc, 3, rf); 4498 4499 if (chan <= 14) 4500 rf = 0x23; 4501 else if (chan <= 64) 4502 rf = 0x36; 4503 else if (chan <= 128) 4504 rf = 0x32; 4505 else 4506 rf = 0x30; 4507 run_rt3070_rf_write(sc, 39, rf); 4508 if (chan <= 14) 4509 rf = 0xbb; 4510 else if (chan <= 64) 4511 rf = 0xeb; 4512 else if (chan <= 128) 4513 rf = 0xb3; 4514 else 4515 rf = 0x9b; 4516 run_rt3070_rf_write(sc, 45, rf); 4517 4518 /* Set FEQ/AEQ control. */ 4519 run_bbp_write(sc, 105, 0x34); 4520 } 4521 4522 static void 4523 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4524 { 4525 int8_t txpow1, txpow2; 4526 uint8_t rf; 4527 int i; 4528 4529 /* find the settings for this channel (we know it exists) */ 4530 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4531 4532 /* use Tx power values from EEPROM */ 4533 txpow1 = sc->txpow1[i]; 4534 txpow2 = sc->txpow2[i]; 4535 4536 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4537 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4538 run_rt3070_rf_read(sc, 11, &rf); 4539 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4540 run_rt3070_rf_write(sc, 11, rf); 4541 4542 run_rt3070_rf_read(sc, 49, &rf); 4543 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4544 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4545 if ((rf & 0x3f) > 0x27) 4546 rf = (rf & ~0x3f) | 0x27; 4547 run_rt3070_rf_write(sc, 49, rf); 4548 4549 if (sc->mac_ver == 0x5392) { 4550 run_rt3070_rf_read(sc, 50, &rf); 4551 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4552 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4553 if ((rf & 0x3f) > 0x27) 4554 rf = (rf & ~0x3f) | 0x27; 4555 run_rt3070_rf_write(sc, 50, rf); 4556 } 4557 4558 run_rt3070_rf_read(sc, 1, &rf); 4559 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4560 if (sc->mac_ver == 0x5392) 4561 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4562 run_rt3070_rf_write(sc, 1, rf); 4563 4564 if (sc->mac_ver != 0x5392) { 4565 run_rt3070_rf_read(sc, 2, &rf); 4566 rf |= 0x80; 4567 run_rt3070_rf_write(sc, 2, rf); 4568 run_delay(sc, 10); 4569 rf &= 0x7f; 4570 run_rt3070_rf_write(sc, 2, rf); 4571 } 4572 4573 run_adjust_freq_offset(sc); 4574 4575 if (sc->mac_ver == 0x5392) { 4576 /* Fix for RT5392C. */ 4577 if (sc->mac_rev >= 0x0223) { 4578 if (chan <= 4) 4579 rf = 0x0f; 4580 else if (chan >= 5 && chan <= 7) 4581 rf = 0x0e; 4582 else 4583 rf = 0x0d; 4584 run_rt3070_rf_write(sc, 23, rf); 4585 4586 if (chan <= 4) 4587 rf = 0x0c; 4588 else if (chan == 5) 4589 rf = 0x0b; 4590 else if (chan >= 6 && chan <= 7) 4591 rf = 0x0a; 4592 else if (chan >= 8 && chan <= 10) 4593 rf = 0x09; 4594 else 4595 rf = 0x08; 4596 run_rt3070_rf_write(sc, 59, rf); 4597 } else { 4598 if (chan <= 11) 4599 rf = 0x0f; 4600 else 4601 rf = 0x0b; 4602 run_rt3070_rf_write(sc, 59, rf); 4603 } 4604 } else { 4605 /* Fix for RT5390F. */ 4606 if (sc->mac_rev >= 0x0502) { 4607 if (chan <= 11) 4608 rf = 0x43; 4609 else 4610 rf = 0x23; 4611 run_rt3070_rf_write(sc, 55, rf); 4612 4613 if (chan <= 11) 4614 rf = 0x0f; 4615 else if (chan == 12) 4616 rf = 0x0d; 4617 else 4618 rf = 0x0b; 4619 run_rt3070_rf_write(sc, 59, rf); 4620 } else { 4621 run_rt3070_rf_write(sc, 55, 0x44); 4622 run_rt3070_rf_write(sc, 59, 0x8f); 4623 } 4624 } 4625 4626 /* Enable VCO calibration. */ 4627 run_rt3070_rf_read(sc, 3, &rf); 4628 rf |= RT5390_VCOCAL; 4629 run_rt3070_rf_write(sc, 3, rf); 4630 } 4631 4632 static void 4633 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4634 { 4635 const struct rt5592_freqs *freqs; 4636 uint32_t tmp; 4637 uint8_t reg, rf, txpow_bound; 4638 int8_t txpow1, txpow2; 4639 int i; 4640 4641 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4642 freqs = (tmp & RT5592_SEL_XTAL) ? 4643 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4644 4645 /* find the settings for this channel (we know it exists) */ 4646 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4647 4648 /* use Tx power values from EEPROM */ 4649 txpow1 = sc->txpow1[i]; 4650 txpow2 = sc->txpow2[i]; 4651 4652 run_read(sc, RT3070_LDO_CFG0, &tmp); 4653 tmp &= ~0x1c000000; 4654 if (chan > 14) 4655 tmp |= 0x14000000; 4656 run_write(sc, RT3070_LDO_CFG0, tmp); 4657 4658 /* N setting. */ 4659 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4660 run_rt3070_rf_read(sc, 9, &rf); 4661 rf &= ~(1 << 4); 4662 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4663 run_rt3070_rf_write(sc, 9, rf); 4664 4665 /* K setting. */ 4666 run_rt3070_rf_read(sc, 9, &rf); 4667 rf &= ~0x0f; 4668 rf |= (freqs->k & 0x0f); 4669 run_rt3070_rf_write(sc, 9, rf); 4670 4671 /* Mode setting. */ 4672 run_rt3070_rf_read(sc, 11, &rf); 4673 rf &= ~0x0c; 4674 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4675 run_rt3070_rf_write(sc, 11, rf); 4676 run_rt3070_rf_read(sc, 9, &rf); 4677 rf &= ~(1 << 7); 4678 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4679 run_rt3070_rf_write(sc, 9, rf); 4680 4681 /* R setting. */ 4682 run_rt3070_rf_read(sc, 11, &rf); 4683 rf &= ~0x03; 4684 rf |= (freqs->r - 0x1); 4685 run_rt3070_rf_write(sc, 11, rf); 4686 4687 if (chan <= 14) { 4688 /* Initialize RF registers for 2GHZ. */ 4689 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 4690 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4691 rt5592_2ghz_def_rf[i].val); 4692 } 4693 4694 rf = (chan <= 10) ? 0x07 : 0x06; 4695 run_rt3070_rf_write(sc, 23, rf); 4696 run_rt3070_rf_write(sc, 59, rf); 4697 4698 run_rt3070_rf_write(sc, 55, 0x43); 4699 4700 /* 4701 * RF R49/R50 Tx power ALC code. 4702 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4703 */ 4704 reg = 2; 4705 txpow_bound = 0x27; 4706 } else { 4707 /* Initialize RF registers for 5GHZ. */ 4708 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 4709 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4710 rt5592_5ghz_def_rf[i].val); 4711 } 4712 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 4713 if (chan >= rt5592_chan_5ghz[i].firstchan && 4714 chan <= rt5592_chan_5ghz[i].lastchan) { 4715 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4716 rt5592_chan_5ghz[i].val); 4717 } 4718 } 4719 4720 /* 4721 * RF R49/R50 Tx power ALC code. 4722 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4723 */ 4724 reg = 3; 4725 txpow_bound = 0x2b; 4726 } 4727 4728 /* RF R49 ch0 Tx power ALC code. */ 4729 run_rt3070_rf_read(sc, 49, &rf); 4730 rf &= ~0xc0; 4731 rf |= (reg << 6); 4732 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4733 if ((rf & 0x3f) > txpow_bound) 4734 rf = (rf & ~0x3f) | txpow_bound; 4735 run_rt3070_rf_write(sc, 49, rf); 4736 4737 /* RF R50 ch1 Tx power ALC code. */ 4738 run_rt3070_rf_read(sc, 50, &rf); 4739 rf &= ~(1 << 7 | 1 << 6); 4740 rf |= (reg << 6); 4741 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4742 if ((rf & 0x3f) > txpow_bound) 4743 rf = (rf & ~0x3f) | txpow_bound; 4744 run_rt3070_rf_write(sc, 50, rf); 4745 4746 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4747 run_rt3070_rf_read(sc, 1, &rf); 4748 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4749 if (sc->ntxchains > 1) 4750 rf |= RT3070_TX1_PD; 4751 if (sc->nrxchains > 1) 4752 rf |= RT3070_RX1_PD; 4753 run_rt3070_rf_write(sc, 1, rf); 4754 4755 run_rt3070_rf_write(sc, 6, 0xe4); 4756 4757 run_rt3070_rf_write(sc, 30, 0x10); 4758 run_rt3070_rf_write(sc, 31, 0x80); 4759 run_rt3070_rf_write(sc, 32, 0x80); 4760 4761 run_adjust_freq_offset(sc); 4762 4763 /* Enable VCO calibration. */ 4764 run_rt3070_rf_read(sc, 3, &rf); 4765 rf |= RT5390_VCOCAL; 4766 run_rt3070_rf_write(sc, 3, rf); 4767 } 4768 4769 static void 4770 run_set_rx_antenna(struct run_softc *sc, int aux) 4771 { 4772 uint32_t tmp; 4773 uint8_t bbp152; 4774 4775 if (aux) { 4776 if (sc->rf_rev == RT5390_RF_5370) { 4777 run_bbp_read(sc, 152, &bbp152); 4778 run_bbp_write(sc, 152, bbp152 & ~0x80); 4779 } else { 4780 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4781 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4782 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4783 } 4784 } else { 4785 if (sc->rf_rev == RT5390_RF_5370) { 4786 run_bbp_read(sc, 152, &bbp152); 4787 run_bbp_write(sc, 152, bbp152 | 0x80); 4788 } else { 4789 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4790 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4791 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4792 } 4793 } 4794 } 4795 4796 static int 4797 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4798 { 4799 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4800 u_int chan, group; 4801 4802 chan = ieee80211_chan2ieee(ic, c); 4803 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4804 return (EINVAL); 4805 4806 if (sc->mac_ver == 0x5592) 4807 run_rt5592_set_chan(sc, chan); 4808 else if (sc->mac_ver >= 0x5390) 4809 run_rt5390_set_chan(sc, chan); 4810 else if (sc->mac_ver == 0x3593) 4811 run_rt3593_set_chan(sc, chan); 4812 else if (sc->mac_ver == 0x3572) 4813 run_rt3572_set_chan(sc, chan); 4814 else if (sc->mac_ver >= 0x3070) 4815 run_rt3070_set_chan(sc, chan); 4816 else 4817 run_rt2870_set_chan(sc, chan); 4818 4819 /* determine channel group */ 4820 if (chan <= 14) 4821 group = 0; 4822 else if (chan <= 64) 4823 group = 1; 4824 else if (chan <= 128) 4825 group = 2; 4826 else 4827 group = 3; 4828 4829 /* XXX necessary only when group has changed! */ 4830 run_select_chan_group(sc, group); 4831 4832 run_delay(sc, 10); 4833 4834 /* Perform IQ calibration. */ 4835 if (sc->mac_ver >= 0x5392) 4836 run_iq_calib(sc, chan); 4837 4838 return (0); 4839 } 4840 4841 static void 4842 run_set_channel(struct ieee80211com *ic) 4843 { 4844 struct run_softc *sc = ic->ic_ifp->if_softc; 4845 4846 RUN_LOCK(sc); 4847 run_set_chan(sc, ic->ic_curchan); 4848 RUN_UNLOCK(sc); 4849 4850 return; 4851 } 4852 4853 static void 4854 run_scan_start(struct ieee80211com *ic) 4855 { 4856 struct run_softc *sc = ic->ic_ifp->if_softc; 4857 uint32_t tmp; 4858 4859 RUN_LOCK(sc); 4860 4861 /* abort TSF synchronization */ 4862 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4863 run_write(sc, RT2860_BCN_TIME_CFG, 4864 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4865 RT2860_TBTT_TIMER_EN)); 4866 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4867 4868 RUN_UNLOCK(sc); 4869 4870 return; 4871 } 4872 4873 static void 4874 run_scan_end(struct ieee80211com *ic) 4875 { 4876 struct run_softc *sc = ic->ic_ifp->if_softc; 4877 4878 RUN_LOCK(sc); 4879 4880 run_enable_tsf_sync(sc); 4881 /* XXX keep local copy */ 4882 run_set_bssid(sc, sc->sc_bssid); 4883 4884 RUN_UNLOCK(sc); 4885 4886 return; 4887 } 4888 4889 /* 4890 * Could be called from ieee80211_node_timeout() 4891 * (non-sleepable thread) 4892 */ 4893 static void 4894 run_update_beacon(struct ieee80211vap *vap, int item) 4895 { 4896 struct ieee80211com *ic = vap->iv_ic; 4897 struct run_softc *sc = ic->ic_ifp->if_softc; 4898 struct run_vap *rvp = RUN_VAP(vap); 4899 int mcast = 0; 4900 uint32_t i; 4901 4902 KASSERT(vap != NULL, ("no beacon")); 4903 4904 switch (item) { 4905 case IEEE80211_BEACON_ERP: 4906 run_updateslot(ic->ic_ifp); 4907 break; 4908 case IEEE80211_BEACON_HTINFO: 4909 run_updateprot(ic); 4910 break; 4911 case IEEE80211_BEACON_TIM: 4912 mcast = 1; /*TODO*/ 4913 break; 4914 default: 4915 break; 4916 } 4917 4918 setbit(rvp->bo.bo_flags, item); 4919 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4920 4921 i = RUN_CMDQ_GET(&sc->cmdq_store); 4922 DPRINTF("cmdq_store=%d\n", i); 4923 sc->cmdq[i].func = run_update_beacon_cb; 4924 sc->cmdq[i].arg0 = vap; 4925 ieee80211_runtask(ic, &sc->cmdq_task); 4926 4927 return; 4928 } 4929 4930 static void 4931 run_update_beacon_cb(void *arg) 4932 { 4933 struct ieee80211vap *vap = arg; 4934 struct run_vap *rvp = RUN_VAP(vap); 4935 struct ieee80211com *ic = vap->iv_ic; 4936 struct run_softc *sc = ic->ic_ifp->if_softc; 4937 struct rt2860_txwi txwi; 4938 struct mbuf *m; 4939 uint16_t txwisize; 4940 uint8_t ridx; 4941 4942 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4943 return; 4944 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4945 return; 4946 4947 /* 4948 * No need to call ieee80211_beacon_update(), run_update_beacon() 4949 * is taking care of apropriate calls. 4950 */ 4951 if (rvp->beacon_mbuf == NULL) { 4952 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4953 &rvp->bo); 4954 if (rvp->beacon_mbuf == NULL) 4955 return; 4956 } 4957 m = rvp->beacon_mbuf; 4958 4959 memset(&txwi, 0, sizeof(txwi)); 4960 txwi.wcid = 0xff; 4961 txwi.len = htole16(m->m_pkthdr.len); 4962 4963 /* send beacons at the lowest available rate */ 4964 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4965 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4966 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4967 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4968 txwi.phy |= htole16(RT2860_PHY_OFDM); 4969 txwi.txop = RT2860_TX_TXOP_HT; 4970 txwi.flags = RT2860_TX_TS; 4971 txwi.xflags = RT2860_TX_NSEQ; 4972 4973 txwisize = (sc->mac_ver == 0x5592) ? 4974 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4975 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4976 txwisize); 4977 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4978 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4979 } 4980 4981 static void 4982 run_updateprot(struct ieee80211com *ic) 4983 { 4984 struct run_softc *sc = ic->ic_ifp->if_softc; 4985 uint32_t i; 4986 4987 i = RUN_CMDQ_GET(&sc->cmdq_store); 4988 DPRINTF("cmdq_store=%d\n", i); 4989 sc->cmdq[i].func = run_updateprot_cb; 4990 sc->cmdq[i].arg0 = ic; 4991 ieee80211_runtask(ic, &sc->cmdq_task); 4992 } 4993 4994 static void 4995 run_updateprot_cb(void *arg) 4996 { 4997 struct ieee80211com *ic = arg; 4998 struct run_softc *sc = ic->ic_ifp->if_softc; 4999 uint32_t tmp; 5000 5001 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 5002 /* setup protection frame rate (MCS code) */ 5003 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 5004 rt2860_rates[RT2860_RIDX_OFDM6].mcs : 5005 rt2860_rates[RT2860_RIDX_CCK11].mcs; 5006 5007 /* CCK frames don't require protection */ 5008 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 5009 if (ic->ic_flags & IEEE80211_F_USEPROT) { 5010 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 5011 tmp |= RT2860_PROT_CTRL_RTS_CTS; 5012 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 5013 tmp |= RT2860_PROT_CTRL_CTS; 5014 } 5015 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5016 } 5017 5018 static void 5019 run_usb_timeout_cb(void *arg) 5020 { 5021 struct ieee80211vap *vap = arg; 5022 struct run_softc *sc = vap->iv_ic->ic_ifp->if_softc; 5023 5024 RUN_LOCK_ASSERT(sc, MA_OWNED); 5025 5026 if(vap->iv_state == IEEE80211_S_RUN && 5027 vap->iv_opmode != IEEE80211_M_STA) 5028 run_reset_livelock(sc); 5029 else if (vap->iv_state == IEEE80211_S_SCAN) { 5030 DPRINTF("timeout caused by scan\n"); 5031 /* cancel bgscan */ 5032 ieee80211_cancel_scan(vap); 5033 } else 5034 DPRINTF("timeout by unknown cause\n"); 5035 } 5036 5037 static void 5038 run_reset_livelock(struct run_softc *sc) 5039 { 5040 uint32_t tmp; 5041 5042 RUN_LOCK_ASSERT(sc, MA_OWNED); 5043 5044 /* 5045 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5046 * can run into a livelock and start sending CTS-to-self frames like 5047 * crazy if protection is enabled. Reset MAC/BBP for a while 5048 */ 5049 run_read(sc, RT2860_DEBUG, &tmp); 5050 DPRINTFN(3, "debug reg %08x\n", tmp); 5051 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5052 DPRINTF("CTS-to-self livelock detected\n"); 5053 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5054 run_delay(sc, 1); 5055 run_write(sc, RT2860_MAC_SYS_CTRL, 5056 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5057 } 5058 } 5059 5060 static void 5061 run_update_promisc_locked(struct ifnet *ifp) 5062 { 5063 struct run_softc *sc = ifp->if_softc; 5064 uint32_t tmp; 5065 5066 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5067 5068 tmp |= RT2860_DROP_UC_NOME; 5069 if (ifp->if_flags & IFF_PROMISC) 5070 tmp &= ~RT2860_DROP_UC_NOME; 5071 5072 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5073 5074 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 5075 "entering" : "leaving"); 5076 } 5077 5078 static void 5079 run_update_promisc(struct ifnet *ifp) 5080 { 5081 struct run_softc *sc = ifp->if_softc; 5082 5083 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 5084 return; 5085 5086 RUN_LOCK(sc); 5087 run_update_promisc_locked(ifp); 5088 RUN_UNLOCK(sc); 5089 } 5090 5091 static void 5092 run_enable_tsf_sync(struct run_softc *sc) 5093 { 5094 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5095 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5096 uint32_t tmp; 5097 5098 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5099 ic->ic_opmode); 5100 5101 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5102 tmp &= ~0x1fffff; 5103 tmp |= vap->iv_bss->ni_intval * 16; 5104 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5105 5106 if (ic->ic_opmode == IEEE80211_M_STA) { 5107 /* 5108 * Local TSF is always updated with remote TSF on beacon 5109 * reception. 5110 */ 5111 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5112 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5113 tmp |= RT2860_BCN_TX_EN; 5114 /* 5115 * Local TSF is updated with remote TSF on beacon reception 5116 * only if the remote TSF is greater than local TSF. 5117 */ 5118 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5119 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5120 ic->ic_opmode == IEEE80211_M_MBSS) { 5121 tmp |= RT2860_BCN_TX_EN; 5122 /* SYNC with nobody */ 5123 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5124 } else { 5125 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5126 return; 5127 } 5128 5129 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5130 } 5131 5132 static void 5133 run_enable_mrr(struct run_softc *sc) 5134 { 5135 #define CCK(mcs) (mcs) 5136 #define OFDM(mcs) (1 << 3 | (mcs)) 5137 run_write(sc, RT2860_LG_FBK_CFG0, 5138 OFDM(6) << 28 | /* 54->48 */ 5139 OFDM(5) << 24 | /* 48->36 */ 5140 OFDM(4) << 20 | /* 36->24 */ 5141 OFDM(3) << 16 | /* 24->18 */ 5142 OFDM(2) << 12 | /* 18->12 */ 5143 OFDM(1) << 8 | /* 12-> 9 */ 5144 OFDM(0) << 4 | /* 9-> 6 */ 5145 OFDM(0)); /* 6-> 6 */ 5146 5147 run_write(sc, RT2860_LG_FBK_CFG1, 5148 CCK(2) << 12 | /* 11->5.5 */ 5149 CCK(1) << 8 | /* 5.5-> 2 */ 5150 CCK(0) << 4 | /* 2-> 1 */ 5151 CCK(0)); /* 1-> 1 */ 5152 #undef OFDM 5153 #undef CCK 5154 } 5155 5156 static void 5157 run_set_txpreamble(struct run_softc *sc) 5158 { 5159 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5160 uint32_t tmp; 5161 5162 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5163 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5164 tmp |= RT2860_CCK_SHORT_EN; 5165 else 5166 tmp &= ~RT2860_CCK_SHORT_EN; 5167 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5168 } 5169 5170 static void 5171 run_set_basicrates(struct run_softc *sc) 5172 { 5173 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5174 5175 /* set basic rates mask */ 5176 if (ic->ic_curmode == IEEE80211_MODE_11B) 5177 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5178 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5179 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5180 else /* 11g */ 5181 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5182 } 5183 5184 static void 5185 run_set_leds(struct run_softc *sc, uint16_t which) 5186 { 5187 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5188 which | (sc->leds & 0x7f)); 5189 } 5190 5191 static void 5192 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5193 { 5194 run_write(sc, RT2860_MAC_BSSID_DW0, 5195 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5196 run_write(sc, RT2860_MAC_BSSID_DW1, 5197 bssid[4] | bssid[5] << 8); 5198 } 5199 5200 static void 5201 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5202 { 5203 run_write(sc, RT2860_MAC_ADDR_DW0, 5204 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5205 run_write(sc, RT2860_MAC_ADDR_DW1, 5206 addr[4] | addr[5] << 8 | 0xff << 16); 5207 } 5208 5209 static void 5210 run_updateslot(struct ifnet *ifp) 5211 { 5212 struct run_softc *sc = ifp->if_softc; 5213 struct ieee80211com *ic = ifp->if_l2com; 5214 uint32_t i; 5215 5216 i = RUN_CMDQ_GET(&sc->cmdq_store); 5217 DPRINTF("cmdq_store=%d\n", i); 5218 sc->cmdq[i].func = run_updateslot_cb; 5219 sc->cmdq[i].arg0 = ifp; 5220 ieee80211_runtask(ic, &sc->cmdq_task); 5221 5222 return; 5223 } 5224 5225 /* ARGSUSED */ 5226 static void 5227 run_updateslot_cb(void *arg) 5228 { 5229 struct ifnet *ifp = arg; 5230 struct run_softc *sc = ifp->if_softc; 5231 struct ieee80211com *ic = ifp->if_l2com; 5232 uint32_t tmp; 5233 5234 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5235 tmp &= ~0xff; 5236 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5237 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5238 } 5239 5240 static void 5241 run_update_mcast(struct ifnet *ifp) 5242 { 5243 /* h/w filter supports getting everything or nothing */ 5244 ifp->if_flags |= IFF_ALLMULTI; 5245 } 5246 5247 static int8_t 5248 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5249 { 5250 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5251 struct ieee80211_channel *c = ic->ic_curchan; 5252 int delta; 5253 5254 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5255 u_int chan = ieee80211_chan2ieee(ic, c); 5256 delta = sc->rssi_5ghz[rxchain]; 5257 5258 /* determine channel group */ 5259 if (chan <= 64) 5260 delta -= sc->lna[1]; 5261 else if (chan <= 128) 5262 delta -= sc->lna[2]; 5263 else 5264 delta -= sc->lna[3]; 5265 } else 5266 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5267 5268 return (-12 - delta - rssi); 5269 } 5270 5271 static void 5272 run_rt5390_bbp_init(struct run_softc *sc) 5273 { 5274 int i; 5275 uint8_t bbp; 5276 5277 /* Apply maximum likelihood detection for 2 stream case. */ 5278 run_bbp_read(sc, 105, &bbp); 5279 if (sc->nrxchains > 1) 5280 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5281 5282 /* Avoid data lost and CRC error. */ 5283 run_bbp_read(sc, 4, &bbp); 5284 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5285 5286 if (sc->mac_ver == 0x5592) { 5287 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 5288 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5289 rt5592_def_bbp[i].val); 5290 } 5291 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 5292 run_bbp_write(sc, 195, i + 0x80); 5293 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5294 } 5295 } else { 5296 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 5297 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5298 rt5390_def_bbp[i].val); 5299 } 5300 } 5301 if (sc->mac_ver == 0x5392) { 5302 run_bbp_write(sc, 88, 0x90); 5303 run_bbp_write(sc, 95, 0x9a); 5304 run_bbp_write(sc, 98, 0x12); 5305 run_bbp_write(sc, 106, 0x12); 5306 run_bbp_write(sc, 134, 0xd0); 5307 run_bbp_write(sc, 135, 0xf6); 5308 run_bbp_write(sc, 148, 0x84); 5309 } 5310 5311 run_bbp_read(sc, 152, &bbp); 5312 run_bbp_write(sc, 152, bbp | 0x80); 5313 5314 /* Fix BBP254 for RT5592C. */ 5315 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5316 run_bbp_read(sc, 254, &bbp); 5317 run_bbp_write(sc, 254, bbp | 0x80); 5318 } 5319 5320 /* Disable hardware antenna diversity. */ 5321 if (sc->mac_ver == 0x5390) 5322 run_bbp_write(sc, 154, 0); 5323 5324 /* Initialize Rx CCK/OFDM frequency offset report. */ 5325 run_bbp_write(sc, 142, 1); 5326 run_bbp_write(sc, 143, 57); 5327 } 5328 5329 static int 5330 run_bbp_init(struct run_softc *sc) 5331 { 5332 int i, error, ntries; 5333 uint8_t bbp0; 5334 5335 /* wait for BBP to wake up */ 5336 for (ntries = 0; ntries < 20; ntries++) { 5337 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5338 return error; 5339 if (bbp0 != 0 && bbp0 != 0xff) 5340 break; 5341 } 5342 if (ntries == 20) 5343 return (ETIMEDOUT); 5344 5345 /* initialize BBP registers to default values */ 5346 if (sc->mac_ver >= 0x5390) 5347 run_rt5390_bbp_init(sc); 5348 else { 5349 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 5350 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5351 rt2860_def_bbp[i].val); 5352 } 5353 } 5354 5355 if (sc->mac_ver == 0x3593) { 5356 run_bbp_write(sc, 79, 0x13); 5357 run_bbp_write(sc, 80, 0x05); 5358 run_bbp_write(sc, 81, 0x33); 5359 run_bbp_write(sc, 86, 0x46); 5360 run_bbp_write(sc, 137, 0x0f); 5361 } 5362 5363 /* fix BBP84 for RT2860E */ 5364 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5365 run_bbp_write(sc, 84, 0x19); 5366 5367 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5368 sc->mac_ver != 0x5592)) { 5369 run_bbp_write(sc, 79, 0x13); 5370 run_bbp_write(sc, 80, 0x05); 5371 run_bbp_write(sc, 81, 0x33); 5372 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5373 run_bbp_write(sc, 69, 0x16); 5374 run_bbp_write(sc, 73, 0x12); 5375 } 5376 return (0); 5377 } 5378 5379 static int 5380 run_rt3070_rf_init(struct run_softc *sc) 5381 { 5382 uint32_t tmp; 5383 uint8_t bbp4, mingain, rf, target; 5384 int i; 5385 5386 run_rt3070_rf_read(sc, 30, &rf); 5387 /* toggle RF R30 bit 7 */ 5388 run_rt3070_rf_write(sc, 30, rf | 0x80); 5389 run_delay(sc, 10); 5390 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5391 5392 /* initialize RF registers to default value */ 5393 if (sc->mac_ver == 0x3572) { 5394 for (i = 0; i < nitems(rt3572_def_rf); i++) { 5395 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5396 rt3572_def_rf[i].val); 5397 } 5398 } else { 5399 for (i = 0; i < nitems(rt3070_def_rf); i++) { 5400 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5401 rt3070_def_rf[i].val); 5402 } 5403 } 5404 5405 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5406 /* 5407 * Change voltage from 1.2V to 1.35V for RT3070. 5408 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5409 * in RT3070(F). 5410 */ 5411 run_read(sc, RT3070_LDO_CFG0, &tmp); 5412 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5413 run_write(sc, RT3070_LDO_CFG0, tmp); 5414 5415 } else if (sc->mac_ver == 0x3071) { 5416 run_rt3070_rf_read(sc, 6, &rf); 5417 run_rt3070_rf_write(sc, 6, rf | 0x40); 5418 run_rt3070_rf_write(sc, 31, 0x14); 5419 5420 run_read(sc, RT3070_LDO_CFG0, &tmp); 5421 tmp &= ~0x1f000000; 5422 if (sc->mac_rev < 0x0211) 5423 tmp |= 0x0d000000; /* 1.3V */ 5424 else 5425 tmp |= 0x01000000; /* 1.2V */ 5426 run_write(sc, RT3070_LDO_CFG0, tmp); 5427 5428 /* patch LNA_PE_G1 */ 5429 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5430 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5431 5432 } else if (sc->mac_ver == 0x3572) { 5433 run_rt3070_rf_read(sc, 6, &rf); 5434 run_rt3070_rf_write(sc, 6, rf | 0x40); 5435 5436 /* increase voltage from 1.2V to 1.35V */ 5437 run_read(sc, RT3070_LDO_CFG0, &tmp); 5438 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5439 run_write(sc, RT3070_LDO_CFG0, tmp); 5440 5441 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5442 run_delay(sc, 1); /* wait for 1msec */ 5443 /* decrease voltage back to 1.2V */ 5444 tmp = (tmp & ~0x1f000000) | 0x01000000; 5445 run_write(sc, RT3070_LDO_CFG0, tmp); 5446 } 5447 } 5448 5449 /* select 20MHz bandwidth */ 5450 run_rt3070_rf_read(sc, 31, &rf); 5451 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5452 5453 /* calibrate filter for 20MHz bandwidth */ 5454 sc->rf24_20mhz = 0x1f; /* default value */ 5455 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5456 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5457 5458 /* select 40MHz bandwidth */ 5459 run_bbp_read(sc, 4, &bbp4); 5460 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5461 run_rt3070_rf_read(sc, 31, &rf); 5462 run_rt3070_rf_write(sc, 31, rf | 0x20); 5463 5464 /* calibrate filter for 40MHz bandwidth */ 5465 sc->rf24_40mhz = 0x2f; /* default value */ 5466 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5467 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5468 5469 /* go back to 20MHz bandwidth */ 5470 run_bbp_read(sc, 4, &bbp4); 5471 run_bbp_write(sc, 4, bbp4 & ~0x18); 5472 5473 if (sc->mac_ver == 0x3572) { 5474 /* save default BBP registers 25 and 26 values */ 5475 run_bbp_read(sc, 25, &sc->bbp25); 5476 run_bbp_read(sc, 26, &sc->bbp26); 5477 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5478 run_rt3070_rf_write(sc, 27, 0x03); 5479 5480 run_read(sc, RT3070_OPT_14, &tmp); 5481 run_write(sc, RT3070_OPT_14, tmp | 1); 5482 5483 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5484 run_rt3070_rf_read(sc, 17, &rf); 5485 rf &= ~RT3070_TX_LO1; 5486 if ((sc->mac_ver == 0x3070 || 5487 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5488 !sc->ext_2ghz_lna) 5489 rf |= 0x20; /* fix for long range Rx issue */ 5490 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5491 if (sc->txmixgain_2ghz >= mingain) 5492 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5493 run_rt3070_rf_write(sc, 17, rf); 5494 } 5495 5496 if (sc->mac_rev == 0x3071) { 5497 run_rt3070_rf_read(sc, 1, &rf); 5498 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5499 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5500 run_rt3070_rf_write(sc, 1, rf); 5501 5502 run_rt3070_rf_read(sc, 15, &rf); 5503 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5504 5505 run_rt3070_rf_read(sc, 20, &rf); 5506 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5507 5508 run_rt3070_rf_read(sc, 21, &rf); 5509 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5510 } 5511 5512 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5513 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5514 run_rt3070_rf_read(sc, 27, &rf); 5515 rf &= ~0x77; 5516 if (sc->mac_rev < 0x0211) 5517 rf |= 0x03; 5518 run_rt3070_rf_write(sc, 27, rf); 5519 } 5520 return (0); 5521 } 5522 5523 static void 5524 run_rt3593_rf_init(struct run_softc *sc) 5525 { 5526 uint32_t tmp; 5527 uint8_t rf; 5528 int i; 5529 5530 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5531 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5532 tmp &= ~(1 << 4 | 1 << 7); 5533 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5534 5535 /* Initialize RF registers to default value. */ 5536 for (i = 0; i < nitems(rt3593_def_rf); i++) { 5537 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5538 rt3593_def_rf[i].val); 5539 } 5540 5541 /* Toggle RF R2 to initiate calibration. */ 5542 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5543 5544 /* Initialize RF frequency offset. */ 5545 run_adjust_freq_offset(sc); 5546 5547 run_rt3070_rf_read(sc, 18, &rf); 5548 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5549 5550 /* 5551 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5552 * decrease voltage back to 1.2V. 5553 */ 5554 run_read(sc, RT3070_LDO_CFG0, &tmp); 5555 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5556 run_write(sc, RT3070_LDO_CFG0, tmp); 5557 run_delay(sc, 1); 5558 tmp = (tmp & ~0x1f000000) | 0x01000000; 5559 run_write(sc, RT3070_LDO_CFG0, tmp); 5560 5561 sc->rf24_20mhz = 0x1f; 5562 sc->rf24_40mhz = 0x2f; 5563 5564 /* Save default BBP registers 25 and 26 values. */ 5565 run_bbp_read(sc, 25, &sc->bbp25); 5566 run_bbp_read(sc, 26, &sc->bbp26); 5567 5568 run_read(sc, RT3070_OPT_14, &tmp); 5569 run_write(sc, RT3070_OPT_14, tmp | 1); 5570 } 5571 5572 static void 5573 run_rt5390_rf_init(struct run_softc *sc) 5574 { 5575 uint32_t tmp; 5576 uint8_t rf; 5577 int i; 5578 5579 /* Toggle RF R2 to initiate calibration. */ 5580 if (sc->mac_ver == 0x5390) { 5581 run_rt3070_rf_read(sc, 2, &rf); 5582 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5583 run_delay(sc, 10); 5584 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5585 } else { 5586 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5587 run_delay(sc, 10); 5588 } 5589 5590 /* Initialize RF registers to default value. */ 5591 if (sc->mac_ver == 0x5592) { 5592 for (i = 0; i < nitems(rt5592_def_rf); i++) { 5593 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5594 rt5592_def_rf[i].val); 5595 } 5596 /* Initialize RF frequency offset. */ 5597 run_adjust_freq_offset(sc); 5598 } else if (sc->mac_ver == 0x5392) { 5599 for (i = 0; i < nitems(rt5392_def_rf); i++) { 5600 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5601 rt5392_def_rf[i].val); 5602 } 5603 if (sc->mac_rev >= 0x0223) { 5604 run_rt3070_rf_write(sc, 23, 0x0f); 5605 run_rt3070_rf_write(sc, 24, 0x3e); 5606 run_rt3070_rf_write(sc, 51, 0x32); 5607 run_rt3070_rf_write(sc, 53, 0x22); 5608 run_rt3070_rf_write(sc, 56, 0xc1); 5609 run_rt3070_rf_write(sc, 59, 0x0f); 5610 } 5611 } else { 5612 for (i = 0; i < nitems(rt5390_def_rf); i++) { 5613 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5614 rt5390_def_rf[i].val); 5615 } 5616 if (sc->mac_rev >= 0x0502) { 5617 run_rt3070_rf_write(sc, 6, 0xe0); 5618 run_rt3070_rf_write(sc, 25, 0x80); 5619 run_rt3070_rf_write(sc, 46, 0x73); 5620 run_rt3070_rf_write(sc, 53, 0x00); 5621 run_rt3070_rf_write(sc, 56, 0x42); 5622 run_rt3070_rf_write(sc, 61, 0xd1); 5623 } 5624 } 5625 5626 sc->rf24_20mhz = 0x1f; /* default value */ 5627 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5628 5629 if (sc->mac_rev < 0x0211) 5630 run_rt3070_rf_write(sc, 27, 0x3); 5631 5632 run_read(sc, RT3070_OPT_14, &tmp); 5633 run_write(sc, RT3070_OPT_14, tmp | 1); 5634 } 5635 5636 static int 5637 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5638 uint8_t *val) 5639 { 5640 uint8_t rf22, rf24; 5641 uint8_t bbp55_pb, bbp55_sb, delta; 5642 int ntries; 5643 5644 /* program filter */ 5645 run_rt3070_rf_read(sc, 24, &rf24); 5646 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5647 run_rt3070_rf_write(sc, 24, rf24); 5648 5649 /* enable baseband loopback mode */ 5650 run_rt3070_rf_read(sc, 22, &rf22); 5651 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5652 5653 /* set power and frequency of passband test tone */ 5654 run_bbp_write(sc, 24, 0x00); 5655 for (ntries = 0; ntries < 100; ntries++) { 5656 /* transmit test tone */ 5657 run_bbp_write(sc, 25, 0x90); 5658 run_delay(sc, 10); 5659 /* read received power */ 5660 run_bbp_read(sc, 55, &bbp55_pb); 5661 if (bbp55_pb != 0) 5662 break; 5663 } 5664 if (ntries == 100) 5665 return (ETIMEDOUT); 5666 5667 /* set power and frequency of stopband test tone */ 5668 run_bbp_write(sc, 24, 0x06); 5669 for (ntries = 0; ntries < 100; ntries++) { 5670 /* transmit test tone */ 5671 run_bbp_write(sc, 25, 0x90); 5672 run_delay(sc, 10); 5673 /* read received power */ 5674 run_bbp_read(sc, 55, &bbp55_sb); 5675 5676 delta = bbp55_pb - bbp55_sb; 5677 if (delta > target) 5678 break; 5679 5680 /* reprogram filter */ 5681 rf24++; 5682 run_rt3070_rf_write(sc, 24, rf24); 5683 } 5684 if (ntries < 100) { 5685 if (rf24 != init) 5686 rf24--; /* backtrack */ 5687 *val = rf24; 5688 run_rt3070_rf_write(sc, 24, rf24); 5689 } 5690 5691 /* restore initial state */ 5692 run_bbp_write(sc, 24, 0x00); 5693 5694 /* disable baseband loopback mode */ 5695 run_rt3070_rf_read(sc, 22, &rf22); 5696 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5697 5698 return (0); 5699 } 5700 5701 static void 5702 run_rt3070_rf_setup(struct run_softc *sc) 5703 { 5704 uint8_t bbp, rf; 5705 int i; 5706 5707 if (sc->mac_ver == 0x3572) { 5708 /* enable DC filter */ 5709 if (sc->mac_rev >= 0x0201) 5710 run_bbp_write(sc, 103, 0xc0); 5711 5712 run_bbp_read(sc, 138, &bbp); 5713 if (sc->ntxchains == 1) 5714 bbp |= 0x20; /* turn off DAC1 */ 5715 if (sc->nrxchains == 1) 5716 bbp &= ~0x02; /* turn off ADC1 */ 5717 run_bbp_write(sc, 138, bbp); 5718 5719 if (sc->mac_rev >= 0x0211) { 5720 /* improve power consumption */ 5721 run_bbp_read(sc, 31, &bbp); 5722 run_bbp_write(sc, 31, bbp & ~0x03); 5723 } 5724 5725 run_rt3070_rf_read(sc, 16, &rf); 5726 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5727 run_rt3070_rf_write(sc, 16, rf); 5728 5729 } else if (sc->mac_ver == 0x3071) { 5730 if (sc->mac_rev >= 0x0211) { 5731 /* enable DC filter */ 5732 run_bbp_write(sc, 103, 0xc0); 5733 5734 /* improve power consumption */ 5735 run_bbp_read(sc, 31, &bbp); 5736 run_bbp_write(sc, 31, bbp & ~0x03); 5737 } 5738 5739 run_bbp_read(sc, 138, &bbp); 5740 if (sc->ntxchains == 1) 5741 bbp |= 0x20; /* turn off DAC1 */ 5742 if (sc->nrxchains == 1) 5743 bbp &= ~0x02; /* turn off ADC1 */ 5744 run_bbp_write(sc, 138, bbp); 5745 5746 run_write(sc, RT2860_TX_SW_CFG1, 0); 5747 if (sc->mac_rev < 0x0211) { 5748 run_write(sc, RT2860_TX_SW_CFG2, 5749 sc->patch_dac ? 0x2c : 0x0f); 5750 } else 5751 run_write(sc, RT2860_TX_SW_CFG2, 0); 5752 5753 } else if (sc->mac_ver == 0x3070) { 5754 if (sc->mac_rev >= 0x0201) { 5755 /* enable DC filter */ 5756 run_bbp_write(sc, 103, 0xc0); 5757 5758 /* improve power consumption */ 5759 run_bbp_read(sc, 31, &bbp); 5760 run_bbp_write(sc, 31, bbp & ~0x03); 5761 } 5762 5763 if (sc->mac_rev < 0x0201) { 5764 run_write(sc, RT2860_TX_SW_CFG1, 0); 5765 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5766 } else 5767 run_write(sc, RT2860_TX_SW_CFG2, 0); 5768 } 5769 5770 /* initialize RF registers from ROM for >=RT3071*/ 5771 if (sc->mac_ver >= 0x3071) { 5772 for (i = 0; i < 10; i++) { 5773 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5774 continue; 5775 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5776 } 5777 } 5778 } 5779 5780 static void 5781 run_rt3593_rf_setup(struct run_softc *sc) 5782 { 5783 uint8_t bbp, rf; 5784 5785 if (sc->mac_rev >= 0x0211) { 5786 /* Enable DC filter. */ 5787 run_bbp_write(sc, 103, 0xc0); 5788 } 5789 run_write(sc, RT2860_TX_SW_CFG1, 0); 5790 if (sc->mac_rev < 0x0211) { 5791 run_write(sc, RT2860_TX_SW_CFG2, 5792 sc->patch_dac ? 0x2c : 0x0f); 5793 } else 5794 run_write(sc, RT2860_TX_SW_CFG2, 0); 5795 5796 run_rt3070_rf_read(sc, 50, &rf); 5797 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5798 5799 run_rt3070_rf_read(sc, 51, &rf); 5800 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5801 ((sc->txmixgain_2ghz & 0x07) << 2); 5802 run_rt3070_rf_write(sc, 51, rf); 5803 5804 run_rt3070_rf_read(sc, 38, &rf); 5805 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5806 5807 run_rt3070_rf_read(sc, 39, &rf); 5808 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5809 5810 run_rt3070_rf_read(sc, 1, &rf); 5811 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5812 5813 run_rt3070_rf_read(sc, 30, &rf); 5814 rf = (rf & ~0x18) | 0x10; 5815 run_rt3070_rf_write(sc, 30, rf); 5816 5817 /* Apply maximum likelihood detection for 2 stream case. */ 5818 run_bbp_read(sc, 105, &bbp); 5819 if (sc->nrxchains > 1) 5820 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5821 5822 /* Avoid data lost and CRC error. */ 5823 run_bbp_read(sc, 4, &bbp); 5824 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5825 5826 run_bbp_write(sc, 92, 0x02); 5827 run_bbp_write(sc, 82, 0x82); 5828 run_bbp_write(sc, 106, 0x05); 5829 run_bbp_write(sc, 104, 0x92); 5830 run_bbp_write(sc, 88, 0x90); 5831 run_bbp_write(sc, 148, 0xc8); 5832 run_bbp_write(sc, 47, 0x48); 5833 run_bbp_write(sc, 120, 0x50); 5834 5835 run_bbp_write(sc, 163, 0x9d); 5836 5837 /* SNR mapping. */ 5838 run_bbp_write(sc, 142, 0x06); 5839 run_bbp_write(sc, 143, 0xa0); 5840 run_bbp_write(sc, 142, 0x07); 5841 run_bbp_write(sc, 143, 0xa1); 5842 run_bbp_write(sc, 142, 0x08); 5843 run_bbp_write(sc, 143, 0xa2); 5844 5845 run_bbp_write(sc, 31, 0x08); 5846 run_bbp_write(sc, 68, 0x0b); 5847 run_bbp_write(sc, 105, 0x04); 5848 } 5849 5850 static void 5851 run_rt5390_rf_setup(struct run_softc *sc) 5852 { 5853 uint8_t bbp, rf; 5854 5855 if (sc->mac_rev >= 0x0211) { 5856 /* Enable DC filter. */ 5857 run_bbp_write(sc, 103, 0xc0); 5858 5859 if (sc->mac_ver != 0x5592) { 5860 /* Improve power consumption. */ 5861 run_bbp_read(sc, 31, &bbp); 5862 run_bbp_write(sc, 31, bbp & ~0x03); 5863 } 5864 } 5865 5866 run_bbp_read(sc, 138, &bbp); 5867 if (sc->ntxchains == 1) 5868 bbp |= 0x20; /* turn off DAC1 */ 5869 if (sc->nrxchains == 1) 5870 bbp &= ~0x02; /* turn off ADC1 */ 5871 run_bbp_write(sc, 138, bbp); 5872 5873 run_rt3070_rf_read(sc, 38, &rf); 5874 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5875 5876 run_rt3070_rf_read(sc, 39, &rf); 5877 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5878 5879 /* Avoid data lost and CRC error. */ 5880 run_bbp_read(sc, 4, &bbp); 5881 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5882 5883 run_rt3070_rf_read(sc, 30, &rf); 5884 rf = (rf & ~0x18) | 0x10; 5885 run_rt3070_rf_write(sc, 30, rf); 5886 5887 if (sc->mac_ver != 0x5592) { 5888 run_write(sc, RT2860_TX_SW_CFG1, 0); 5889 if (sc->mac_rev < 0x0211) { 5890 run_write(sc, RT2860_TX_SW_CFG2, 5891 sc->patch_dac ? 0x2c : 0x0f); 5892 } else 5893 run_write(sc, RT2860_TX_SW_CFG2, 0); 5894 } 5895 } 5896 5897 static int 5898 run_txrx_enable(struct run_softc *sc) 5899 { 5900 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5901 uint32_t tmp; 5902 int error, ntries; 5903 5904 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5905 for (ntries = 0; ntries < 200; ntries++) { 5906 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5907 return (error); 5908 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5909 break; 5910 run_delay(sc, 50); 5911 } 5912 if (ntries == 200) 5913 return (ETIMEDOUT); 5914 5915 run_delay(sc, 50); 5916 5917 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5918 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5919 5920 /* enable Rx bulk aggregation (set timeout and limit) */ 5921 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5922 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5923 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5924 5925 /* set Rx filter */ 5926 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5927 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5928 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5929 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5930 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5931 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5932 if (ic->ic_opmode == IEEE80211_M_STA) 5933 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5934 } 5935 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5936 5937 run_write(sc, RT2860_MAC_SYS_CTRL, 5938 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5939 5940 return (0); 5941 } 5942 5943 static void 5944 run_adjust_freq_offset(struct run_softc *sc) 5945 { 5946 uint8_t rf, tmp; 5947 5948 run_rt3070_rf_read(sc, 17, &rf); 5949 tmp = rf; 5950 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5951 rf = MIN(rf, 0x5f); 5952 5953 if (tmp != rf) 5954 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5955 } 5956 5957 static void 5958 run_init_locked(struct run_softc *sc) 5959 { 5960 struct ifnet *ifp = sc->sc_ifp; 5961 struct ieee80211com *ic = ifp->if_l2com; 5962 uint32_t tmp; 5963 uint8_t bbp1, bbp3; 5964 int i; 5965 int ridx; 5966 int ntries; 5967 5968 if (ic->ic_nrunning > 1) 5969 return; 5970 5971 run_stop(sc); 5972 5973 if (run_load_microcode(sc) != 0) { 5974 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5975 goto fail; 5976 } 5977 5978 for (ntries = 0; ntries < 100; ntries++) { 5979 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5980 goto fail; 5981 if (tmp != 0 && tmp != 0xffffffff) 5982 break; 5983 run_delay(sc, 10); 5984 } 5985 if (ntries == 100) 5986 goto fail; 5987 5988 for (i = 0; i != RUN_EP_QUEUES; i++) 5989 run_setup_tx_list(sc, &sc->sc_epq[i]); 5990 5991 run_set_macaddr(sc, IF_LLADDR(ifp)); 5992 5993 for (ntries = 0; ntries < 100; ntries++) { 5994 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 5995 goto fail; 5996 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5997 break; 5998 run_delay(sc, 10); 5999 } 6000 if (ntries == 100) { 6001 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6002 goto fail; 6003 } 6004 tmp &= 0xff0; 6005 tmp |= RT2860_TX_WB_DDONE; 6006 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6007 6008 /* turn off PME_OEN to solve high-current issue */ 6009 run_read(sc, RT2860_SYS_CTRL, &tmp); 6010 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 6011 6012 run_write(sc, RT2860_MAC_SYS_CTRL, 6013 RT2860_BBP_HRST | RT2860_MAC_SRST); 6014 run_write(sc, RT2860_USB_DMA_CFG, 0); 6015 6016 if (run_reset(sc) != 0) { 6017 device_printf(sc->sc_dev, "could not reset chipset\n"); 6018 goto fail; 6019 } 6020 6021 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6022 6023 /* init Tx power for all Tx rates (from EEPROM) */ 6024 for (ridx = 0; ridx < 5; ridx++) { 6025 if (sc->txpow20mhz[ridx] == 0xffffffff) 6026 continue; 6027 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6028 } 6029 6030 for (i = 0; i < nitems(rt2870_def_mac); i++) 6031 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6032 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6033 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6034 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6035 6036 if (sc->mac_ver >= 0x5390) { 6037 run_write(sc, RT2860_TX_SW_CFG0, 6038 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6039 if (sc->mac_ver >= 0x5392) { 6040 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6041 if (sc->mac_ver == 0x5592) { 6042 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6043 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6044 } else { 6045 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6046 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6047 } 6048 } 6049 } else if (sc->mac_ver == 0x3593) { 6050 run_write(sc, RT2860_TX_SW_CFG0, 6051 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6052 } else if (sc->mac_ver >= 0x3070) { 6053 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6054 run_write(sc, RT2860_TX_SW_CFG0, 6055 4 << RT2860_DLY_PAPE_EN_SHIFT); 6056 } 6057 6058 /* wait while MAC is busy */ 6059 for (ntries = 0; ntries < 100; ntries++) { 6060 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6061 goto fail; 6062 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6063 break; 6064 run_delay(sc, 10); 6065 } 6066 if (ntries == 100) 6067 goto fail; 6068 6069 /* clear Host to MCU mailbox */ 6070 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6071 run_write(sc, RT2860_H2M_MAILBOX, 0); 6072 run_delay(sc, 10); 6073 6074 if (run_bbp_init(sc) != 0) { 6075 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6076 goto fail; 6077 } 6078 6079 /* abort TSF synchronization */ 6080 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6081 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6082 RT2860_TBTT_TIMER_EN); 6083 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6084 6085 /* clear RX WCID search table */ 6086 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6087 /* clear WCID attribute table */ 6088 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6089 6090 /* hostapd sets a key before init. So, don't clear it. */ 6091 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6092 /* clear shared key table */ 6093 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6094 /* clear shared key mode */ 6095 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6096 } 6097 6098 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6099 tmp = (tmp & ~0xff) | 0x1e; 6100 run_write(sc, RT2860_US_CYC_CNT, tmp); 6101 6102 if (sc->mac_rev != 0x0101) 6103 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6104 6105 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6106 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6107 6108 /* write vendor-specific BBP values (from EEPROM) */ 6109 if (sc->mac_ver < 0x3593) { 6110 for (i = 0; i < 10; i++) { 6111 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6112 continue; 6113 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6114 } 6115 } 6116 6117 /* select Main antenna for 1T1R devices */ 6118 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6119 run_set_rx_antenna(sc, 0); 6120 6121 /* send LEDs operating mode to microcontroller */ 6122 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6123 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6124 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6125 6126 if (sc->mac_ver >= 0x5390) 6127 run_rt5390_rf_init(sc); 6128 else if (sc->mac_ver == 0x3593) 6129 run_rt3593_rf_init(sc); 6130 else if (sc->mac_ver >= 0x3070) 6131 run_rt3070_rf_init(sc); 6132 6133 /* disable non-existing Rx chains */ 6134 run_bbp_read(sc, 3, &bbp3); 6135 bbp3 &= ~(1 << 3 | 1 << 4); 6136 if (sc->nrxchains == 2) 6137 bbp3 |= 1 << 3; 6138 else if (sc->nrxchains == 3) 6139 bbp3 |= 1 << 4; 6140 run_bbp_write(sc, 3, bbp3); 6141 6142 /* disable non-existing Tx chains */ 6143 run_bbp_read(sc, 1, &bbp1); 6144 if (sc->ntxchains == 1) 6145 bbp1 &= ~(1 << 3 | 1 << 4); 6146 run_bbp_write(sc, 1, bbp1); 6147 6148 if (sc->mac_ver >= 0x5390) 6149 run_rt5390_rf_setup(sc); 6150 else if (sc->mac_ver == 0x3593) 6151 run_rt3593_rf_setup(sc); 6152 else if (sc->mac_ver >= 0x3070) 6153 run_rt3070_rf_setup(sc); 6154 6155 /* select default channel */ 6156 run_set_chan(sc, ic->ic_curchan); 6157 6158 /* setup initial protection mode */ 6159 run_updateprot_cb(ic); 6160 6161 /* turn radio LED on */ 6162 run_set_leds(sc, RT2860_LED_RADIO); 6163 6164 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 6165 ifp->if_drv_flags |= IFF_DRV_RUNNING; 6166 sc->cmdq_run = RUN_CMDQ_GO; 6167 6168 for (i = 0; i != RUN_N_XFER; i++) 6169 usbd_xfer_set_stall(sc->sc_xfer[i]); 6170 6171 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6172 6173 if (run_txrx_enable(sc) != 0) 6174 goto fail; 6175 6176 return; 6177 6178 fail: 6179 run_stop(sc); 6180 } 6181 6182 static void 6183 run_init(void *arg) 6184 { 6185 struct run_softc *sc = arg; 6186 struct ifnet *ifp = sc->sc_ifp; 6187 struct ieee80211com *ic = ifp->if_l2com; 6188 6189 RUN_LOCK(sc); 6190 run_init_locked(sc); 6191 RUN_UNLOCK(sc); 6192 6193 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6194 ieee80211_start_all(ic); 6195 } 6196 6197 static void 6198 run_stop(void *arg) 6199 { 6200 struct run_softc *sc = (struct run_softc *)arg; 6201 struct ifnet *ifp = sc->sc_ifp; 6202 uint32_t tmp; 6203 int i; 6204 int ntries; 6205 6206 RUN_LOCK_ASSERT(sc, MA_OWNED); 6207 6208 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6209 run_set_leds(sc, 0); /* turn all LEDs off */ 6210 6211 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 6212 6213 sc->ratectl_run = RUN_RATECTL_OFF; 6214 sc->cmdq_run = sc->cmdq_key_set; 6215 6216 RUN_UNLOCK(sc); 6217 6218 for(i = 0; i < RUN_N_XFER; i++) 6219 usbd_transfer_drain(sc->sc_xfer[i]); 6220 6221 RUN_LOCK(sc); 6222 6223 if (sc->rx_m != NULL) { 6224 m_free(sc->rx_m); 6225 sc->rx_m = NULL; 6226 } 6227 6228 /* Disable Tx/Rx DMA. */ 6229 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6230 return; 6231 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6232 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6233 6234 for (ntries = 0; ntries < 100; ntries++) { 6235 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6236 return; 6237 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6238 break; 6239 run_delay(sc, 10); 6240 } 6241 if (ntries == 100) { 6242 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6243 return; 6244 } 6245 6246 /* disable Tx/Rx */ 6247 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6248 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6249 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6250 6251 /* wait for pending Tx to complete */ 6252 for (ntries = 0; ntries < 100; ntries++) { 6253 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6254 DPRINTF("Cannot read Tx queue count\n"); 6255 break; 6256 } 6257 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6258 DPRINTF("All Tx cleared\n"); 6259 break; 6260 } 6261 run_delay(sc, 10); 6262 } 6263 if (ntries >= 100) 6264 DPRINTF("There are still pending Tx\n"); 6265 run_delay(sc, 10); 6266 run_write(sc, RT2860_USB_DMA_CFG, 0); 6267 6268 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6269 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6270 6271 for (i = 0; i != RUN_EP_QUEUES; i++) 6272 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6273 } 6274 6275 static void 6276 run_delay(struct run_softc *sc, u_int ms) 6277 { 6278 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ? 6279 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms)); 6280 } 6281 6282 static device_method_t run_methods[] = { 6283 /* Device interface */ 6284 DEVMETHOD(device_probe, run_match), 6285 DEVMETHOD(device_attach, run_attach), 6286 DEVMETHOD(device_detach, run_detach), 6287 DEVMETHOD_END 6288 }; 6289 6290 static driver_t run_driver = { 6291 .name = "run", 6292 .methods = run_methods, 6293 .size = sizeof(struct run_softc) 6294 }; 6295 6296 static devclass_t run_devclass; 6297 6298 DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6299 MODULE_DEPEND(run, wlan, 1, 1, 1); 6300 MODULE_DEPEND(run, usb, 1, 1, 1); 6301 MODULE_DEPEND(run, firmware, 1, 1, 1); 6302 MODULE_VERSION(run, 1); 6303