1 /* $FreeBSD$ */ 2 3 /*- 4 * Copyright (c) 2008,2009 Damien Bergamini <damien.bergamini@free.fr> 5 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* release date Jan. 09, 2010 */ 21 22 #include <sys/cdefs.h> 23 __FBSDID("$FreeBSD$"); 24 25 /*- 26 * Ralink Technology RT2700U/RT2800U/RT3000U chipset driver. 27 * http://www.ralinktech.com/ 28 */ 29 30 #include <sys/param.h> 31 #include <sys/sockio.h> 32 #include <sys/sysctl.h> 33 #include <sys/lock.h> 34 #include <sys/mutex.h> 35 #include <sys/mbuf.h> 36 #include <sys/kernel.h> 37 #include <sys/socket.h> 38 #include <sys/systm.h> 39 #include <sys/malloc.h> 40 #include <sys/module.h> 41 #include <sys/bus.h> 42 #include <sys/endian.h> 43 #include <sys/systm.h> 44 #include <sys/linker.h> 45 #include <sys/firmware.h> 46 #include <sys/kdb.h> 47 48 #include <machine/bus.h> 49 #include <machine/resource.h> 50 #include <sys/rman.h> 51 52 #include <net/bpf.h> 53 #include <net/if.h> 54 #include <net/if_arp.h> 55 #include <net/ethernet.h> 56 #include <net/if_dl.h> 57 #include <net/if_media.h> 58 #include <net/if_types.h> 59 60 #include <netinet/in.h> 61 #include <netinet/in_systm.h> 62 #include <netinet/in_var.h> 63 #include <netinet/if_ether.h> 64 #include <netinet/ip.h> 65 66 #include <net80211/ieee80211_var.h> 67 #include <net80211/ieee80211_regdomain.h> 68 #include <net80211/ieee80211_radiotap.h> 69 #include <net80211/ieee80211_amrr.h> 70 71 #include <dev/usb/usb.h> 72 #include <dev/usb/usbdi.h> 73 #include "usbdevs.h" 74 75 #define USB_DEBUG_VAR run_debug 76 #include <dev/usb/usb_debug.h> 77 78 #include "if_runreg.h" /* shared with ral(4) */ 79 #include "if_runvar.h" 80 81 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0])) 82 83 #if USB_DEBUG 84 #define RUN_DEBUG 85 #endif 86 87 #ifdef RUN_DEBUG 88 int run_debug = 0; 89 SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 90 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 91 "run debug level"); 92 #endif 93 94 #define IEEE80211_HAS_ADDR4(wh) \ 95 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 96 97 static const struct usb_device_id run_devs[] = { 98 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT2770) }, 99 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT2870) }, 100 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT3070) }, 101 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT3071) }, 102 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT3072) }, 103 { USB_VP(USB_VENDOR_ABOCOM2, USB_PRODUCT_ABOCOM2_RT2870_1) }, 104 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2770) }, 105 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_1) }, 106 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_2) }, 107 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_3) }, 108 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_4) }, 109 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_5) }, 110 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT3070_1) }, 111 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT3070_2) }, 112 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT3070_3) }, 113 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT3070_4) }, 114 { USB_VP(USB_VENDOR_AIRTIES, USB_PRODUCT_AIRTIES_RT3070) }, 115 { USB_VP(USB_VENDOR_AMIGO, USB_PRODUCT_AMIGO_RT2870_1) }, 116 { USB_VP(USB_VENDOR_AMIGO, USB_PRODUCT_AMIGO_RT2870_2) }, 117 { USB_VP(USB_VENDOR_AMIT, USB_PRODUCT_AMIT_CGWLUSB2GNR) }, 118 { USB_VP(USB_VENDOR_AMIT, USB_PRODUCT_AMIT_RT2870_1) }, 119 { USB_VP(USB_VENDOR_AMIT2, USB_PRODUCT_AMIT2_RT2870) }, 120 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_1) }, 121 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_2) }, 122 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_3) }, 123 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_4) }, 124 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_5) }, 125 { USB_VP(USB_VENDOR_ASUS2, USB_PRODUCT_ASUS2_USBN11) }, 126 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT2870_1) }, 127 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT2870_2) }, 128 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT3070_1) }, 129 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT3070_2) }, 130 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT3070_3) }, 131 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F5D8053V3) }, 132 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F5D8055) }, 133 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F6D4050V1) }, 134 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_RT2870_1) }, 135 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_RT2870_2) }, 136 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_1) }, 137 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_2) }, 138 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_3) }, 139 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_4) }, 140 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_5) }, 141 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_6) }, 142 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_7) }, 143 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_8) }, 144 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_VIGORN61) }, 145 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_CGWLUSB300GNM) }, 146 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RT2870_1) }, 147 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RT2870_2) }, 148 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RT2870_3) }, 149 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RT3070) }, 150 { USB_VP(USB_VENDOR_CYBERTAN, USB_PRODUCT_CYBERTAN_RT2870) }, 151 { USB_VP(USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RT2870) }, 152 { USB_VP(USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RT3072) }, 153 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA130) }, 154 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT2870_1) }, 155 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT2870_2) }, 156 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3070_1) }, 157 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3070_2) }, 158 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3070_3) }, 159 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3070_4) }, 160 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3072) }, 161 { USB_VP(USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_EW7717) }, 162 { USB_VP(USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_EW7718) }, 163 { USB_VP(USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_RT2870_1) }, 164 { USB_VP(USB_VENDOR_ENCORE, USB_PRODUCT_ENCORE_RT3070_1) }, 165 { USB_VP(USB_VENDOR_ENCORE, USB_PRODUCT_ENCORE_RT3070_2) }, 166 { USB_VP(USB_VENDOR_ENCORE, USB_PRODUCT_ENCORE_RT3070_3) }, 167 { USB_VP(USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_GNWB31N) }, 168 { USB_VP(USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_GNWB32L) }, 169 { USB_VP(USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_RT2870_1) }, 170 { USB_VP(USB_VENDOR_GIGASET, USB_PRODUCT_GIGASET_RT3070_1) }, 171 { USB_VP(USB_VENDOR_GIGASET, USB_PRODUCT_GIGASET_RT3070_2) }, 172 { USB_VP(USB_VENDOR_GUILLEMOT, USB_PRODUCT_GUILLEMOT_HWNU300) }, 173 { USB_VP(USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_HWUN2) }, 174 { USB_VP(USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_RT2870_1) }, 175 { USB_VP(USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_RT2870_2) }, 176 { USB_VP(USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_RT3070) }, 177 { USB_VP(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_RT3072_1) }, 178 { USB_VP(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_RT3072_2) }, 179 { USB_VP(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_RT3072_3) }, 180 { USB_VP(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_RT3072_4) }, 181 { USB_VP(USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB100) }, 182 { USB_VP(USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB54GCV3) }, 183 { USB_VP(USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB600N) }, 184 { USB_VP(USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB600NV2) }, 185 { USB_VP(USB_VENDOR_LOGITEC, USB_PRODUCT_LOGITEC_RT2870_1) }, 186 { USB_VP(USB_VENDOR_LOGITEC, USB_PRODUCT_LOGITEC_RT2870_2) }, 187 { USB_VP(USB_VENDOR_LOGITEC, USB_PRODUCT_LOGITEC_RT2870_3) }, 188 { USB_VP(USB_VENDOR_MELCO, USB_PRODUCT_MELCO_WLIUCAG300N) }, 189 { USB_VP(USB_VENDOR_MELCO, USB_PRODUCT_MELCO_WLIUCG300N) }, 190 { USB_VP(USB_VENDOR_MELCO, USB_PRODUCT_MELCO_WLIUCGN) }, 191 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_1) }, 192 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_2) }, 193 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_3) }, 194 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_4) }, 195 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_5) }, 196 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_6) }, 197 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_7) }, 198 { USB_VP(USB_VENDOR_PARA, USB_PRODUCT_PARA_RT3070) }, 199 { USB_VP(USB_VENDOR_PEGATRON, USB_PRODUCT_PEGATRON_RT2870) }, 200 { USB_VP(USB_VENDOR_PEGATRON, USB_PRODUCT_PEGATRON_RT3070) }, 201 { USB_VP(USB_VENDOR_PEGATRON, USB_PRODUCT_PEGATRON_RT3070_2) }, 202 { USB_VP(USB_VENDOR_PHILIPS, USB_PRODUCT_PHILIPS_RT2870) }, 203 { USB_VP(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GWUS300MINIS) }, 204 { USB_VP(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GWUSMICRON) }, 205 { USB_VP(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RT2870) }, 206 { USB_VP(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RT3070) }, 207 { USB_VP(USB_VENDOR_QCOM, USB_PRODUCT_QCOM_RT2870) }, 208 { USB_VP(USB_VENDOR_QUANTA, USB_PRODUCT_QUANTA_RT3070) }, 209 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2070) }, 210 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2770) }, 211 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2870) }, 212 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT3070) }, 213 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT3071) }, 214 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT3072) }, 215 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT3572) }, 216 { USB_VP(USB_VENDOR_SAMSUNG2, USB_PRODUCT_SAMSUNG2_RT2870_1) }, 217 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT2870_1) }, 218 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT2870_2) }, 219 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT2870_3) }, 220 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT2870_4) }, 221 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3070) }, 222 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3071) }, 223 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_1) }, 224 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_2) }, 225 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_3) }, 226 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_4) }, 227 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_5) }, 228 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2770) }, 229 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2870_1) }, 230 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2870_2) }, 231 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2870_3) }, 232 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2870_4) }, 233 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3070) }, 234 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3070_2) }, 235 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3070_3) }, 236 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3070_4) }, 237 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_1) }, 238 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_2) }, 239 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_3) }, 240 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_4) }, 241 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_5) }, 242 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_6) }, 243 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_WL608) }, 244 { USB_VP(USB_VENDOR_SPARKLAN, USB_PRODUCT_SPARKLAN_RT2870_1) }, 245 { USB_VP(USB_VENDOR_SPARKLAN, USB_PRODUCT_SPARKLAN_RT3070) }, 246 { USB_VP(USB_VENDOR_SWEEX2, USB_PRODUCT_SWEEX2_LW303) }, 247 { USB_VP(USB_VENDOR_SWEEX2, USB_PRODUCT_SWEEX2_LW313) }, 248 { USB_VP(USB_VENDOR_UMEDIA, USB_PRODUCT_UMEDIA_RT2870_1) }, 249 { USB_VP(USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_RT2870_1) }, 250 { USB_VP(USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_RT2870_2) }, 251 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT2870_1) }, 252 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT2870_2) }, 253 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT3070) }, 254 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT3072_1) }, 255 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT3072_2) }, 256 { USB_VP(USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_RT2870_1) }, 257 }; 258 259 MODULE_DEPEND(run, wlan, 1, 1, 1); 260 MODULE_DEPEND(run, wlan_amrr, 1, 1, 1); 261 MODULE_DEPEND(run, usb, 1, 1, 1); 262 MODULE_DEPEND(run, firmware, 1, 1, 1); 263 264 static device_probe_t run_match; 265 static device_attach_t run_attach; 266 static device_detach_t run_detach; 267 268 static usb_callback_t run_bulk_rx_callback; 269 static usb_callback_t run_bulk_tx_callback0; 270 static usb_callback_t run_bulk_tx_callback1; 271 static usb_callback_t run_bulk_tx_callback2; 272 static usb_callback_t run_bulk_tx_callback3; 273 static usb_callback_t run_bulk_tx_callback4; 274 static usb_callback_t run_bulk_tx_callback5; 275 276 static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 277 usb_error_t error, unsigned int index); 278 static struct ieee80211vap *run_vap_create(struct ieee80211com *, 279 const char name[IFNAMSIZ], int unit, int opmode, int flags, 280 const uint8_t bssid[IEEE80211_ADDR_LEN], const uint8_t 281 mac[IEEE80211_ADDR_LEN]); 282 static void run_vap_delete(struct ieee80211vap *); 283 static void run_setup_tx_list(struct run_softc *, 284 struct run_endpoint_queue *); 285 static void run_unsetup_tx_list(struct run_softc *, 286 struct run_endpoint_queue *); 287 static int run_load_microcode(struct run_softc *); 288 static int run_reset(struct run_softc *); 289 static usb_error_t run_do_request(struct run_softc *, 290 struct usb_device_request *, void *); 291 static int run_read(struct run_softc *, uint16_t, uint32_t *); 292 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 293 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 294 static int run_write(struct run_softc *, uint16_t, uint32_t); 295 static int run_write_region_1(struct run_softc *, uint16_t, 296 const uint8_t *, int); 297 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 298 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 299 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 300 static int run_rt2870_rf_write(struct run_softc *, uint8_t, uint32_t); 301 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 302 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 303 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 304 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 305 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 306 static const char *run_get_rf(int); 307 static int run_read_eeprom(struct run_softc *); 308 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 309 const uint8_t mac[IEEE80211_ADDR_LEN]); 310 static int run_media_change(struct ifnet *); 311 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 312 static int run_wme_update(struct ieee80211com *); 313 static void run_wme_update_cb(void *, int); 314 static void run_key_update_begin(struct ieee80211vap *); 315 static void run_key_update_end(struct ieee80211vap *); 316 static int run_key_set(struct ieee80211vap *, const struct ieee80211_key *, 317 const uint8_t mac[IEEE80211_ADDR_LEN]); 318 static int run_key_delete(struct ieee80211vap *, 319 const struct ieee80211_key *); 320 static void run_amrr_start(struct run_softc *, struct ieee80211_node *); 321 static void run_amrr_to(void *); 322 static void run_amrr_cb(void *, int); 323 static void run_iter_func(void *, struct ieee80211_node *); 324 static void run_newassoc(struct ieee80211_node *, int); 325 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 326 static void run_tx_free(struct run_endpoint_queue *pq, 327 struct run_tx_data *, int); 328 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *, 329 uint8_t, uint8_t, uint8_t, uint8_t, uint8_t, uint8_t); 330 static int run_tx(struct run_softc *, struct mbuf *, 331 struct ieee80211_node *); 332 static int run_tx_mgt(struct run_softc *, struct mbuf *, 333 struct ieee80211_node *); 334 static int run_sendprot(struct run_softc *, const struct mbuf *, 335 struct ieee80211_node *, int, int); 336 static int run_tx_param(struct run_softc *, struct mbuf *, 337 struct ieee80211_node *, 338 const struct ieee80211_bpf_params *); 339 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 340 const struct ieee80211_bpf_params *); 341 static void run_start(struct ifnet *); 342 static int run_ioctl(struct ifnet *, u_long, caddr_t); 343 static void run_select_chan_group(struct run_softc *, int); 344 static void run_set_rx_antenna(struct run_softc *, int); 345 static void run_rt2870_set_chan(struct run_softc *, u_int); 346 static void run_rt3070_set_chan(struct run_softc *, u_int); 347 static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 348 static void run_set_channel(struct ieee80211com *); 349 static void run_scan_start(struct ieee80211com *); 350 static void run_scan_end(struct ieee80211com *); 351 static uint8_t run_rate2mcs(uint8_t); 352 static void run_update_beacon(struct ieee80211vap *, int); 353 static void run_update_beacon_locked(struct ieee80211vap *, int); 354 static void run_updateprot(struct ieee80211com *); 355 static void run_usb_timeout_cb(void *, int); 356 static void run_reset_livelock(struct run_softc *); 357 static void run_enable_tsf_sync(struct run_softc *); 358 static void run_enable_mrr(struct run_softc *); 359 static void run_set_txpreamble(struct run_softc *); 360 static void run_set_basicrates(struct run_softc *); 361 static void run_set_leds(struct run_softc *, uint16_t); 362 static void run_set_bssid(struct run_softc *, const uint8_t *); 363 static void run_set_macaddr(struct run_softc *, const uint8_t *); 364 static void run_updateslot(struct ifnet *); 365 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 366 static void run_update_promisc_locked(struct ifnet *); 367 static void run_update_promisc(struct ifnet *); 368 static int run_bbp_init(struct run_softc *); 369 static int run_rt3070_rf_init(struct run_softc *); 370 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 371 uint8_t *); 372 static int run_txrx_enable(struct run_softc *); 373 static void run_init(void *); 374 static void run_init_locked(struct run_softc *); 375 static void run_stop(void *); 376 static void run_delay(struct run_softc *, unsigned int); 377 378 static const struct { 379 uint32_t reg; 380 uint32_t val; 381 } rt2870_def_mac[] = { 382 RT2870_DEF_MAC 383 }; 384 385 static const struct { 386 uint8_t reg; 387 uint8_t val; 388 } rt2860_def_bbp[] = { 389 RT2860_DEF_BBP 390 }; 391 392 static const struct rfprog { 393 uint8_t chan; 394 uint32_t r1, r2, r3, r4; 395 } rt2860_rf2850[] = { 396 RT2860_RF2850 397 }; 398 399 struct { 400 uint8_t n, r, k; 401 } run_rf3020_freqs[] = { 402 RT3070_RF3020 403 }; 404 405 static const struct { 406 uint8_t reg; 407 uint8_t val; 408 } rt3070_def_rf[] = { 409 RT3070_DEF_RF 410 }; 411 412 static const struct usb_config run_config[RUN_N_XFER] = { 413 [RUN_BULK_TX_BE] = { 414 .type = UE_BULK, 415 .endpoint = UE_ADDR_ANY, 416 .ep_index = 0, 417 .direction = UE_DIR_OUT, 418 .bufsize = RUN_MAX_TXSZ, 419 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 420 .callback = run_bulk_tx_callback0, 421 .timeout = 5000, /* ms */ 422 }, 423 [RUN_BULK_TX_BK] = { 424 .type = UE_BULK, 425 .endpoint = UE_ADDR_ANY, 426 .direction = UE_DIR_OUT, 427 .ep_index = 1, 428 .bufsize = RUN_MAX_TXSZ, 429 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 430 .callback = run_bulk_tx_callback1, 431 .timeout = 5000, /* ms */ 432 }, 433 [RUN_BULK_TX_VI] = { 434 .type = UE_BULK, 435 .endpoint = UE_ADDR_ANY, 436 .direction = UE_DIR_OUT, 437 .ep_index = 2, 438 .bufsize = RUN_MAX_TXSZ, 439 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 440 .callback = run_bulk_tx_callback2, 441 .timeout = 5000, /* ms */ 442 }, 443 [RUN_BULK_TX_VO] = { 444 .type = UE_BULK, 445 .endpoint = UE_ADDR_ANY, 446 .direction = UE_DIR_OUT, 447 .ep_index = 3, 448 .bufsize = RUN_MAX_TXSZ, 449 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 450 .callback = run_bulk_tx_callback3, 451 .timeout = 5000, /* ms */ 452 }, 453 [RUN_BULK_TX_HCCA] = { 454 .type = UE_BULK, 455 .endpoint = UE_ADDR_ANY, 456 .direction = UE_DIR_OUT, 457 .ep_index = 4, 458 .bufsize = RUN_MAX_TXSZ, 459 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 460 .callback = run_bulk_tx_callback4, 461 .timeout = 5000, /* ms */ 462 }, 463 [RUN_BULK_TX_PRIO] = { 464 .type = UE_BULK, 465 .endpoint = UE_ADDR_ANY, 466 .direction = UE_DIR_OUT, 467 .ep_index = 5, 468 .bufsize = RUN_MAX_TXSZ, 469 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 470 .callback = run_bulk_tx_callback5, 471 .timeout = 5000, /* ms */ 472 }, 473 [RUN_BULK_RX] = { 474 .type = UE_BULK, 475 .endpoint = UE_ADDR_ANY, 476 .direction = UE_DIR_IN, 477 .bufsize = RUN_MAX_RXSZ, 478 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 479 .callback = run_bulk_rx_callback, 480 } 481 }; 482 483 int 484 run_match(device_t self) 485 { 486 struct usb_attach_arg *uaa = device_get_ivars(self); 487 488 if (uaa->usb_mode != USB_MODE_HOST) 489 return (ENXIO); 490 if (uaa->info.bConfigIndex != 0) 491 return (ENXIO); 492 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 493 return (ENXIO); 494 495 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 496 } 497 498 static int 499 run_attach(device_t self) 500 { 501 struct run_softc *sc = device_get_softc(self); 502 struct usb_attach_arg *uaa = device_get_ivars(self); 503 struct ieee80211com *ic; 504 struct ifnet *ifp; 505 int i, ntries, error; 506 uint8_t iface_index, bands; 507 508 device_set_usb_desc(self); 509 sc->sc_udev = uaa->device; 510 sc->sc_dev = self; 511 512 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), 513 MTX_NETWORK_LOCK, MTX_DEF); 514 515 iface_index = RT2860_IFACE_INDEX; 516 /* Rx transfer has own lock */ 517 error = usbd_transfer_setup(uaa->device, &iface_index, 518 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx); 519 if (error) { 520 device_printf(self, "could not allocate USB Tx transfers, " 521 "err=%s\n", usbd_errstr(error)); 522 goto detach; 523 } 524 525 RUN_LOCK(sc); 526 527 /* wait for the chip to settle */ 528 for (ntries = 0; ntries < 100; ntries++) { 529 if (run_read(sc, RT2860_ASIC_VER_ID, &sc->mac_rev) != 0){ 530 RUN_UNLOCK(sc); 531 goto detach; 532 } 533 if (sc->mac_rev != 0 && sc->mac_rev != 0xffffffff) 534 break; 535 run_delay(sc, 10); 536 } 537 if (ntries == 100) { 538 device_printf(sc->sc_dev, 539 "timeout waiting for NIC to initialize\n"); 540 RUN_UNLOCK(sc); 541 goto detach; 542 } 543 544 /* retrieve RF rev. no and various other things from EEPROM */ 545 run_read_eeprom(sc); 546 547 device_printf(sc->sc_dev, 548 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 549 sc->mac_rev >> 16, sc->mac_rev & 0xffff, run_get_rf(sc->rf_rev), 550 sc->ntxchains, sc->nrxchains, ether_sprintf(sc->sc_bssid)); 551 552 if ((error = run_load_microcode(sc)) != 0) { 553 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 554 RUN_UNLOCK(sc); 555 goto detach; 556 } 557 558 RUN_UNLOCK(sc); 559 560 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 561 if(ifp == NULL){ 562 device_printf(sc->sc_dev, "can not if_alloc()\n"); 563 goto detach; 564 } 565 ic = ifp->if_l2com; 566 567 ifp->if_softc = sc; 568 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 569 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 570 ifp->if_init = run_init; 571 ifp->if_ioctl = run_ioctl; 572 ifp->if_start = run_start; 573 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 574 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 575 IFQ_SET_READY(&ifp->if_snd); 576 577 ic->ic_ifp = ifp; 578 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 579 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 580 #if 0 581 ic->ic_state = IEEE80211_S_INIT; 582 #endif 583 /* set device capabilities */ 584 ic->ic_caps = 585 IEEE80211_C_STA | /* station mode supported */ 586 IEEE80211_C_MONITOR | /* monitor mode supported */ 587 IEEE80211_C_IBSS | 588 IEEE80211_C_HOSTAP | 589 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 590 IEEE80211_C_SHSLOT | /* short slot time supported */ 591 IEEE80211_C_WME | /* WME */ 592 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 593 594 ic->ic_cryptocaps = 595 IEEE80211_CRYPTO_WEP | 596 IEEE80211_CRYPTO_AES_CCM | 597 IEEE80211_CRYPTO_TKIPMIC | 598 IEEE80211_CRYPTO_TKIP; 599 600 ic->ic_flags |= IEEE80211_F_DATAPAD; 601 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 602 603 bands = 0; 604 setbit(&bands, IEEE80211_MODE_11B); 605 setbit(&bands, IEEE80211_MODE_11G); 606 ieee80211_init_channels(ic, NULL, &bands); 607 608 /* 609 * Do this by own because h/w supports 610 * more channels than ieee80211_init_channels() 611 */ 612 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850) { 613 /* set supported .11a rates */ 614 for (i = 14; i < nitems(rt2860_rf2850); i++) { 615 uint8_t chan = rt2860_rf2850[i].chan; 616 ic->ic_channels[ic->ic_nchans].ic_freq = 617 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_A); 618 ic->ic_channels[ic->ic_nchans].ic_ieee = chan; 619 ic->ic_channels[ic->ic_nchans].ic_flags = IEEE80211_CHAN_A; 620 ic->ic_channels[ic->ic_nchans].ic_extieee = 0; 621 ic->ic_nchans++; 622 } 623 } 624 625 ieee80211_ifattach(ic, sc->sc_bssid); 626 627 ic->ic_scan_start = run_scan_start; 628 ic->ic_scan_end = run_scan_end; 629 ic->ic_set_channel = run_set_channel; 630 ic->ic_node_alloc = run_node_alloc; 631 ic->ic_newassoc = run_newassoc; 632 //ic->ic_updateslot = run_updateslot; 633 ic->ic_wme.wme_update = run_wme_update; 634 ic->ic_raw_xmit = run_raw_xmit; 635 ic->ic_update_promisc = run_update_promisc; 636 637 ic->ic_vap_create = run_vap_create; 638 ic->ic_vap_delete = run_vap_delete; 639 640 ieee80211_radiotap_attach(ic, 641 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 642 RUN_TX_RADIOTAP_PRESENT, 643 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 644 RUN_RX_RADIOTAP_PRESENT); 645 646 if (bootverbose) 647 ieee80211_announce(ic); 648 649 return 0; 650 651 detach: 652 run_detach(self); 653 return(ENXIO); 654 } 655 656 static int 657 run_detach(device_t self) 658 { 659 struct run_softc *sc = device_get_softc(self); 660 struct ifnet *ifp = sc->sc_ifp; 661 struct ieee80211com *ic; 662 int i; 663 664 /* stop all USB transfers */ 665 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 666 667 RUN_LOCK(sc); 668 /* free TX list, if any */ 669 for (i = 0; i != RUN_EP_QUEUES; i++) 670 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 671 RUN_UNLOCK(sc); 672 673 if (ifp) { 674 ic = ifp->if_l2com; 675 ieee80211_ifdetach(ic); 676 if_free(ifp); 677 } 678 679 mtx_destroy(&sc->sc_mtx); 680 681 return (0); 682 } 683 684 static struct ieee80211vap * 685 run_vap_create(struct ieee80211com *ic, 686 const char name[IFNAMSIZ], int unit, int opmode, int flags, 687 const uint8_t bssid[IEEE80211_ADDR_LEN], 688 const uint8_t mac[IEEE80211_ADDR_LEN]) 689 { 690 struct run_softc *sc = ic->ic_ifp->if_softc; 691 struct run_vap *rvp; 692 struct ieee80211vap *vap; 693 694 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 695 return NULL; 696 sc->sc_rvp = rvp = (struct run_vap *) malloc(sizeof(struct run_vap), 697 M_80211_VAP, M_NOWAIT | M_ZERO); 698 if (rvp == NULL) 699 return NULL; 700 vap = &rvp->vap; 701 /* enable s/w bmiss handling for sta mode */ 702 ieee80211_vap_setup(ic, vap, name, unit, opmode, 703 flags | IEEE80211_CLONE_NOBEACONS, bssid, mac); 704 705 vap->iv_key_update_begin = run_key_update_begin; 706 vap->iv_key_update_end = run_key_update_end; 707 vap->iv_key_delete = run_key_delete; 708 vap->iv_key_set = run_key_set; 709 vap->iv_update_beacon = run_update_beacon; 710 711 /* override state transition machine */ 712 rvp->newstate = vap->iv_newstate; 713 vap->iv_newstate = run_newstate; 714 715 TASK_INIT(&rvp->amrr_task, 0, run_amrr_cb, rvp); 716 TASK_INIT(&sc->wme_task, 0, run_wme_update_cb, ic); 717 TASK_INIT(&sc->usb_timeout_task, 0, run_usb_timeout_cb, sc); 718 callout_init((struct callout *)&rvp->amrr_ch, 1); 719 ieee80211_amrr_init(&rvp->amrr, vap, 720 IEEE80211_AMRR_MIN_SUCCESS_THRESHOLD, 721 IEEE80211_AMRR_MAX_SUCCESS_THRESHOLD, 722 1000 /* 1 sec */); 723 724 /* complete setup */ 725 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 726 ic->ic_opmode = opmode; 727 return vap; 728 } 729 730 static void 731 run_vap_delete(struct ieee80211vap *vap) 732 { 733 struct run_vap *rvp = RUN_VAP(vap); 734 struct ifnet *ifp; 735 struct ieee80211com *ic; 736 struct run_softc *sc; 737 738 if(vap == NULL) 739 return; 740 741 ic = vap->iv_ic; 742 ifp = ic->ic_ifp; 743 744 sc = ifp->if_softc; 745 746 if (ifp && ifp->if_flags & IFF_UP){ 747 RUN_LOCK(sc); 748 run_stop(sc); 749 RUN_UNLOCK(sc); 750 } 751 752 ieee80211_amrr_cleanup(&rvp->amrr); 753 ieee80211_vap_detach(vap); 754 free(rvp, M_80211_VAP); 755 sc->sc_rvp = NULL; 756 } 757 758 static void 759 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 760 { 761 struct run_tx_data *data; 762 763 memset(pq, 0, sizeof(*pq)); 764 765 STAILQ_INIT(&pq->tx_qh); 766 STAILQ_INIT(&pq->tx_fh); 767 768 for (data = &pq->tx_data[0]; 769 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 770 data->sc = sc; 771 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 772 } 773 pq->tx_nfree = RUN_TX_RING_COUNT; 774 } 775 776 static void 777 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 778 { 779 struct run_tx_data *data; 780 781 /* make sure any subsequent use of the queues will fail */ 782 pq->tx_nfree = 0; 783 STAILQ_INIT(&pq->tx_fh); 784 STAILQ_INIT(&pq->tx_qh); 785 786 /* free up all node references and mbufs */ 787 for (data = &pq->tx_data[0]; 788 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++){ 789 if (data->m != NULL) { 790 m_freem(data->m); 791 data->m = NULL; 792 } 793 if (data->ni != NULL) { 794 ieee80211_free_node(data->ni); 795 data->ni = NULL; 796 } 797 } 798 } 799 800 int 801 run_load_microcode(struct run_softc *sc) 802 { 803 usb_device_request_t req; 804 const struct firmware *fw; 805 const u_char *base; 806 uint32_t tmp; 807 int ntries, error; 808 const uint64_t *temp; 809 uint64_t bytes; 810 811 fw = firmware_get("runfw"); 812 if(fw == NULL){ 813 device_printf(sc->sc_dev, 814 "failed loadfirmware of file %s\n", "runfw"); 815 return ENOENT; 816 } 817 818 if (fw->datasize != 8192) { 819 device_printf(sc->sc_dev, 820 "invalid firmware size (should be 8KB)\n"); 821 error = EINVAL; 822 goto fail; 823 } 824 825 /* 826 * RT3071/RT3072 use a different firmware 827 * run-rt2870 (8KB) contains both, 828 * first half (4KB) is for rt2870, 829 * last half is for rt3071. 830 */ 831 base = fw->data; 832 if ((sc->mac_rev >> 16) != 0x2860 && 833 (sc->mac_rev >> 16) != 0x2872 && 834 (sc->mac_rev >> 16) != 0x3070 && 835 (sc->mac_rev >> 16) != 0x3572){ 836 base += 4096; 837 device_printf(sc->sc_dev, "loading RT3071 firmware\n"); 838 } else 839 device_printf(sc->sc_dev, "loading RT2870 firmware\n"); 840 841 /* cheap sanity check */ 842 temp = fw->data; 843 bytes = *temp; 844 if(bytes != be64toh(0xffffff0210280210)) { 845 device_printf(sc->sc_dev, "firmware checksum failed\n"); 846 error = EINVAL; 847 goto fail; 848 } 849 850 run_read(sc, RT2860_ASIC_VER_ID, &tmp); 851 /* write microcode image */ 852 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 853 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 854 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 855 856 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 857 req.bRequest = RT2870_RESET; 858 USETW(req.wValue, 8); 859 USETW(req.wIndex, 0); 860 USETW(req.wLength, 0); 861 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) != 0) { 862 device_printf(sc->sc_dev, "firmware reset failed\n"); 863 goto fail; 864 } 865 866 run_delay(sc, 10); 867 868 run_write(sc, RT2860_H2M_MAILBOX, 0); 869 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_BOOT, 0)) != 0) 870 goto fail; 871 872 /* wait until microcontroller is ready */ 873 for (ntries = 0; ntries < 1000; ntries++) { 874 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) { 875 goto fail; 876 } 877 if (tmp & RT2860_MCU_READY) 878 break; 879 run_delay(sc, 10); 880 } 881 if (ntries == 1000) { 882 device_printf(sc->sc_dev, 883 "timeout waiting for MCU to initialize\n"); 884 error = ETIMEDOUT; 885 goto fail; 886 } 887 DPRINTF("microcode successfully loaded after %d tries\n", ntries); 888 889 fail: 890 firmware_put(fw, FIRMWARE_UNLOAD); 891 return (error); 892 } 893 894 int 895 run_reset(struct run_softc *sc) 896 { 897 usb_device_request_t req; 898 899 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 900 req.bRequest = RT2870_RESET; 901 USETW(req.wValue, 1); 902 USETW(req.wIndex, 0); 903 USETW(req.wLength, 0); 904 return usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL); 905 } 906 907 static usb_error_t 908 run_do_request(struct run_softc *sc, 909 struct usb_device_request *req, void *data) 910 { 911 usb_error_t err; 912 int ntries = 10; 913 914 RUN_LOCK_ASSERT(sc, MA_OWNED); 915 916 while (ntries--) { 917 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 918 req, data, 0, NULL, 250 /* ms */); 919 if (err == 0) 920 break; 921 DPRINTFN(1, "Control request failed, %s (retrying)\n", 922 usbd_errstr(err)); 923 run_delay(sc, 10); 924 } 925 return (err); 926 } 927 928 static int 929 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 930 { 931 uint32_t tmp; 932 int error; 933 934 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 935 if (error == 0) 936 *val = le32toh(tmp); 937 else 938 *val = 0xffffffff; 939 return error; 940 } 941 942 static int 943 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 944 { 945 usb_device_request_t req; 946 947 req.bmRequestType = UT_READ_VENDOR_DEVICE; 948 req.bRequest = RT2870_READ_REGION_1; 949 USETW(req.wValue, 0); 950 USETW(req.wIndex, reg); 951 USETW(req.wLength, len); 952 953 return run_do_request(sc, &req, buf); 954 } 955 956 static int 957 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 958 { 959 usb_device_request_t req; 960 961 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 962 req.bRequest = RT2870_WRITE_2; 963 USETW(req.wValue, val); 964 USETW(req.wIndex, reg); 965 USETW(req.wLength, 0); 966 967 return run_do_request(sc, &req, NULL); 968 } 969 970 static int 971 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 972 { 973 int error; 974 975 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 976 error = run_write_2(sc, reg + 2, val >> 16); 977 return error; 978 } 979 980 static int 981 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 982 int len) 983 { 984 #if 1 985 int i, error = 0; 986 /* 987 * NB: the WRITE_REGION_1 command is not stable on RT2860. 988 * We thus issue multiple WRITE_2 commands instead. 989 */ 990 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 991 for (i = 0; i < len && error == 0; i += 2) 992 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 993 return error; 994 #else 995 usb_device_request_t req; 996 997 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 998 req.bRequest = RT2870_WRITE_REGION_1; 999 USETW(req.wValue, 0); 1000 USETW(req.wIndex, reg); 1001 USETW(req.wLength, len); 1002 return run_do_request(sc, &req, buf); 1003 #endif 1004 } 1005 1006 static int 1007 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1008 { 1009 int i, error = 0; 1010 1011 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1012 for (i = 0; i < len && error == 0; i += 4) 1013 error = run_write(sc, reg + i, val); 1014 return error; 1015 } 1016 1017 /* Read 16-bit from eFUSE ROM (RT3070 only.) */ 1018 static int 1019 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1020 { 1021 uint32_t tmp; 1022 uint16_t reg; 1023 int error, ntries; 1024 1025 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1026 return error; 1027 1028 addr *= 2; 1029 /*- 1030 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1031 * DATA0: F E D C 1032 * DATA1: B A 9 8 1033 * DATA2: 7 6 5 4 1034 * DATA3: 3 2 1 0 1035 */ 1036 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1037 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1038 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1039 for (ntries = 0; ntries < 100; ntries++) { 1040 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1041 return error; 1042 if (!(tmp & RT3070_EFSROM_KICK)) 1043 break; 1044 run_delay(sc, 2); 1045 } 1046 if (ntries == 100) 1047 return ETIMEDOUT; 1048 1049 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1050 *val = 0xffff; /* address not found */ 1051 return 0; 1052 } 1053 /* determine to which 32-bit register our 16-bit word belongs */ 1054 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1055 if ((error = run_read(sc, reg, &tmp)) != 0) 1056 return error; 1057 1058 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1059 return 0; 1060 } 1061 1062 static int 1063 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1064 { 1065 usb_device_request_t req; 1066 uint16_t tmp; 1067 int error; 1068 1069 addr *= 2; 1070 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1071 req.bRequest = RT2870_EEPROM_READ; 1072 USETW(req.wValue, 0); 1073 USETW(req.wIndex, addr); 1074 USETW(req.wLength, sizeof tmp); 1075 1076 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp); 1077 if (error == 0) 1078 *val = le16toh(tmp); 1079 else 1080 *val = 0xffff; 1081 return error; 1082 } 1083 1084 static __inline int 1085 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1086 { 1087 /* either eFUSE ROM or EEPROM */ 1088 return sc->sc_srom_read(sc, addr, val); 1089 } 1090 1091 static int 1092 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 1093 { 1094 uint32_t tmp; 1095 int error, ntries; 1096 1097 for (ntries = 0; ntries < 10; ntries++) { 1098 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1099 return error; 1100 if (!(tmp & RT2860_RF_REG_CTRL)) 1101 break; 1102 } 1103 if (ntries == 10) 1104 return ETIMEDOUT; 1105 1106 /* RF registers are 24-bit on the RT2860 */ 1107 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1108 (val & 0x3fffff) << 2 | (reg & 3); 1109 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1110 } 1111 1112 static int 1113 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1114 { 1115 uint32_t tmp; 1116 int error, ntries; 1117 1118 for (ntries = 0; ntries < 100; ntries++) { 1119 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1120 return error; 1121 if (!(tmp & RT3070_RF_KICK)) 1122 break; 1123 } 1124 if (ntries == 100) 1125 return ETIMEDOUT; 1126 1127 tmp = RT3070_RF_KICK | reg << 8; 1128 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1129 return error; 1130 1131 for (ntries = 0; ntries < 100; ntries++) { 1132 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1133 return error; 1134 if (!(tmp & RT3070_RF_KICK)) 1135 break; 1136 } 1137 if (ntries == 100) 1138 return ETIMEDOUT; 1139 1140 *val = tmp & 0xff; 1141 return 0; 1142 } 1143 1144 static int 1145 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1146 { 1147 uint32_t tmp; 1148 int error, ntries; 1149 1150 for (ntries = 0; ntries < 10; ntries++) { 1151 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1152 return error; 1153 if (!(tmp & RT3070_RF_KICK)) 1154 break; 1155 } 1156 if (ntries == 10) 1157 return ETIMEDOUT; 1158 1159 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1160 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1161 } 1162 1163 static int 1164 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1165 { 1166 uint32_t tmp; 1167 int ntries, error; 1168 1169 for (ntries = 0; ntries < 10; ntries++) { 1170 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1171 return error; 1172 if (!(tmp & RT2860_BBP_CSR_KICK)) 1173 break; 1174 } 1175 if (ntries == 10) 1176 return ETIMEDOUT; 1177 1178 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1179 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1180 return error; 1181 1182 for (ntries = 0; ntries < 10; ntries++) { 1183 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1184 return error; 1185 if (!(tmp & RT2860_BBP_CSR_KICK)) 1186 break; 1187 } 1188 if (ntries == 10) 1189 return ETIMEDOUT; 1190 1191 *val = tmp & 0xff; 1192 return 0; 1193 } 1194 1195 static int 1196 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1197 { 1198 uint32_t tmp; 1199 int ntries, error; 1200 1201 for (ntries = 0; ntries < 10; ntries++) { 1202 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1203 return error; 1204 if (!(tmp & RT2860_BBP_CSR_KICK)) 1205 break; 1206 } 1207 if (ntries == 10) 1208 return ETIMEDOUT; 1209 1210 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1211 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1212 } 1213 1214 /* 1215 * Send a command to the 8051 microcontroller unit. 1216 */ 1217 static int 1218 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1219 { 1220 uint32_t tmp; 1221 int error, ntries; 1222 1223 for (ntries = 0; ntries < 100; ntries++) { 1224 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1225 return error; 1226 if (!(tmp & RT2860_H2M_BUSY)) 1227 break; 1228 } 1229 if (ntries == 100) 1230 return ETIMEDOUT; 1231 1232 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1233 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1234 error = run_write(sc, RT2860_HOST_CMD, cmd); 1235 return error; 1236 } 1237 1238 /* 1239 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1240 * Used to adjust per-rate Tx power registers. 1241 */ 1242 static __inline uint32_t 1243 b4inc(uint32_t b32, int8_t delta) 1244 { 1245 int8_t i, b4; 1246 1247 for (i = 0; i < 8; i++) { 1248 b4 = b32 & 0xf; 1249 b4 += delta; 1250 if (b4 < 0) 1251 b4 = 0; 1252 else if (b4 > 0xf) 1253 b4 = 0xf; 1254 b32 = b32 >> 4 | b4 << 28; 1255 } 1256 return b32; 1257 } 1258 1259 static const char * 1260 run_get_rf(int rev) 1261 { 1262 switch (rev) { 1263 case RT2860_RF_2820: return "RT2820"; 1264 case RT2860_RF_2850: return "RT2850"; 1265 case RT2860_RF_2720: return "RT2720"; 1266 case RT2860_RF_2750: return "RT2750"; 1267 case RT3070_RF_3020: return "RT3020"; 1268 case RT3070_RF_2020: return "RT2020"; 1269 case RT3070_RF_3021: return "RT3021"; 1270 case RT3070_RF_3022: return "RT3022"; 1271 case RT3070_RF_3052: return "RT3052"; 1272 } 1273 return "unknown"; 1274 } 1275 1276 int 1277 run_read_eeprom(struct run_softc *sc) 1278 { 1279 int8_t delta_2ghz, delta_5ghz; 1280 uint32_t tmp; 1281 uint16_t val; 1282 int ridx, ant, i; 1283 1284 /* check whether the ROM is eFUSE ROM or EEPROM */ 1285 sc->sc_srom_read = run_eeprom_read_2; 1286 if ((sc->mac_rev & 0xfff00000) >= 0x30700000) { 1287 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1288 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1289 if (tmp & RT3070_SEL_EFUSE) 1290 sc->sc_srom_read = run_efuse_read_2; 1291 } 1292 1293 /* read ROM version */ 1294 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1295 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1296 1297 /* read MAC address */ 1298 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1299 sc->sc_bssid[0] = val & 0xff; 1300 sc->sc_bssid[1] = val >> 8; 1301 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1302 sc->sc_bssid[2] = val & 0xff; 1303 sc->sc_bssid[3] = val >> 8; 1304 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1305 sc->sc_bssid[4] = val & 0xff; 1306 sc->sc_bssid[5] = val >> 8; 1307 1308 /* read default BBP settings */ 1309 for (i = 0; i < 8; i++) { 1310 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1311 sc->bbp[i].val = val & 0xff; 1312 sc->bbp[i].reg = val >> 8; 1313 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val); 1314 } 1315 1316 /* read RF frequency offset from EEPROM */ 1317 run_srom_read(sc, RT2860_EEPROM_FREQ_LEDS, &val); 1318 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1319 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1320 1321 if ((sc->leds = val >> 8) != 0xff) { 1322 /* read LEDs operating mode */ 1323 run_srom_read(sc, RT2860_EEPROM_LED1, &sc->led[0]); 1324 run_srom_read(sc, RT2860_EEPROM_LED2, &sc->led[1]); 1325 run_srom_read(sc, RT2860_EEPROM_LED3, &sc->led[2]); 1326 } else { 1327 /* broken EEPROM, use default settings */ 1328 sc->leds = 0x01; 1329 sc->led[0] = 0x5555; 1330 sc->led[1] = 0x2221; 1331 sc->led[2] = 0x5627; /* differs from RT2860 */ 1332 } 1333 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1334 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1335 1336 /* read RF information */ 1337 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1338 if (val == 0xffff) { 1339 DPRINTF("invalid EEPROM antenna info, using default\n"); 1340 if ((sc->mac_rev >> 16) >= 0x3070) { 1341 /* default to RF3020 1T1R */ 1342 sc->rf_rev = RT3070_RF_3020; 1343 sc->ntxchains = 1; 1344 sc->nrxchains = 1; 1345 } else { 1346 /* default to RF2820 1T2R */ 1347 sc->rf_rev = RT2860_RF_2820; 1348 sc->ntxchains = 1; 1349 sc->nrxchains = 2; 1350 } 1351 } else { 1352 sc->rf_rev = (val >> 8) & 0xf; 1353 sc->ntxchains = (val >> 4) & 0xf; 1354 sc->nrxchains = val & 0xf; 1355 } 1356 DPRINTF("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1357 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1358 1359 /* check if RF supports automatic Tx access gain control */ 1360 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1361 DPRINTF("EEPROM CFG 0x%04x\n", val); 1362 if ((val & 0xff) != 0xff) { 1363 sc->ext_5ghz_lna = (val >> 3) & 1; 1364 sc->ext_2ghz_lna = (val >> 2) & 1; 1365 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1366 } 1367 1368 /* read power settings for 2GHz channels */ 1369 for (i = 0; i < 14; i += 2) { 1370 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1371 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1372 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1373 1374 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1375 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1376 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1377 } 1378 /* fix broken Tx power entries */ 1379 for (i = 0; i < 14; i++) { 1380 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1381 sc->txpow1[i] = 5; 1382 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1383 sc->txpow2[i] = 5; 1384 DPRINTF("chan %d: power1=%d, power2=%d\n", 1385 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1386 } 1387 /* read power settings for 5GHz channels */ 1388 for (i = 0; i < 36; i += 2) { 1389 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1390 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1391 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1392 1393 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1394 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1395 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1396 } 1397 /* fix broken Tx power entries */ 1398 for (i = 0; i < 36; i++) { 1399 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1400 sc->txpow1[14 + i] = 5; 1401 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1402 sc->txpow2[14 + i] = 5; 1403 DPRINTF("chan %d: power1=%d, power2=%d\n", 1404 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1405 sc->txpow2[14 + i]); 1406 } 1407 1408 /* read Tx power compensation for each Tx rate */ 1409 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1410 delta_2ghz = delta_5ghz = 0; 1411 if ((val & 0xff) != 0xff && (val & 0x80)) { 1412 delta_2ghz = val & 0xf; 1413 if (!(val & 0x40)) /* negative number */ 1414 delta_2ghz = -delta_2ghz; 1415 } 1416 val >>= 8; 1417 if ((val & 0xff) != 0xff && (val & 0x80)) { 1418 delta_5ghz = val & 0xf; 1419 if (!(val & 0x40)) /* negative number */ 1420 delta_5ghz = -delta_5ghz; 1421 } 1422 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1423 delta_2ghz, delta_5ghz); 1424 1425 for (ridx = 0; ridx < 5; ridx++) { 1426 uint32_t reg; 1427 1428 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx, &val); 1429 reg = (uint32_t)val << 16; 1430 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx + 1, &val); 1431 reg |= val; 1432 1433 sc->txpow20mhz[ridx] = reg; 1434 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1435 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1436 1437 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1438 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1439 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1440 } 1441 1442 /* read RSSI offsets and LNA gains from EEPROM */ 1443 run_srom_read(sc, RT2860_EEPROM_RSSI1_2GHZ, &val); 1444 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1445 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1446 run_srom_read(sc, RT2860_EEPROM_RSSI2_2GHZ, &val); 1447 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1448 sc->lna[2] = val >> 8; /* channel group 2 */ 1449 1450 run_srom_read(sc, RT2860_EEPROM_RSSI1_5GHZ, &val); 1451 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1452 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1453 run_srom_read(sc, RT2860_EEPROM_RSSI2_5GHZ, &val); 1454 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1455 sc->lna[3] = val >> 8; /* channel group 3 */ 1456 1457 run_srom_read(sc, RT2860_EEPROM_LNA, &val); 1458 sc->lna[0] = val & 0xff; /* channel group 0 */ 1459 sc->lna[1] = val >> 8; /* channel group 1 */ 1460 1461 /* fix broken 5GHz LNA entries */ 1462 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1463 DPRINTF("invalid LNA for channel group %d\n", 2); 1464 sc->lna[2] = sc->lna[1]; 1465 } 1466 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1467 DPRINTF("invalid LNA for channel group %d\n", 3); 1468 sc->lna[3] = sc->lna[1]; 1469 } 1470 1471 /* fix broken RSSI offset entries */ 1472 for (ant = 0; ant < 3; ant++) { 1473 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1474 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1475 ant + 1, sc->rssi_2ghz[ant]); 1476 sc->rssi_2ghz[ant] = 0; 1477 } 1478 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1479 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1480 ant + 1, sc->rssi_5ghz[ant]); 1481 sc->rssi_5ghz[ant] = 0; 1482 } 1483 } 1484 return 0; 1485 } 1486 1487 struct ieee80211_node * 1488 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1489 { 1490 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1491 } 1492 1493 static int 1494 run_media_change(struct ifnet *ifp) 1495 { 1496 const struct ieee80211_txparam *tp; 1497 struct run_softc *sc = ifp->if_softc; 1498 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 1499 struct ieee80211vap *vap = &sc->sc_rvp->vap; 1500 uint8_t rate, ridx; 1501 int error; 1502 1503 RUN_LOCK(sc); 1504 1505 error = ieee80211_media_change(ifp); 1506 if (error != ENETRESET) 1507 RUN_UNLOCK(sc); 1508 return error; 1509 1510 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 1511 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 1512 rate = ic->ic_sup_rates[ic->ic_curmode]. 1513 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 1514 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 1515 if (rt2860_rates[ridx].rate == rate) 1516 break; 1517 sc->fixed_ridx = ridx; 1518 } 1519 1520 if ((ifp->if_flags & IFF_UP) && 1521 (ifp->if_drv_flags & IFF_DRV_RUNNING)){ 1522 run_init_locked(sc); 1523 } 1524 1525 RUN_UNLOCK(sc); 1526 1527 return 0; 1528 } 1529 1530 static int 1531 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 1532 { 1533 const struct ieee80211_txparam *tp; 1534 struct ieee80211com *ic = vap->iv_ic; 1535 struct run_softc *sc = ic->ic_ifp->if_softc; 1536 struct run_vap *rvp = RUN_VAP(vap); 1537 enum ieee80211_state ostate; 1538 struct ieee80211_node *ni; 1539 uint32_t tmp; 1540 uint8_t wcid; 1541 1542 ostate = vap->iv_state; 1543 DPRINTF("%s -> %s\n", 1544 ieee80211_state_name[ostate], 1545 ieee80211_state_name[nstate]); 1546 1547 IEEE80211_UNLOCK(ic); 1548 RUN_LOCK(sc); 1549 1550 sc->sc_rvp->amrr_run = RUN_AMRR_OFF; 1551 usb_callout_stop(&rvp->amrr_ch); 1552 1553 if (ostate == IEEE80211_S_RUN) { 1554 /* turn link LED off */ 1555 run_set_leds(sc, RT2860_LED_RADIO); 1556 } 1557 1558 switch (nstate) { 1559 case IEEE80211_S_INIT: 1560 if (ostate == IEEE80211_S_RUN) { 1561 /* abort TSF synchronization */ 1562 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1563 run_write(sc, RT2860_BCN_TIME_CFG, 1564 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1565 RT2860_TBTT_TIMER_EN)); 1566 } 1567 break; 1568 1569 case IEEE80211_S_RUN: 1570 ni = vap->iv_bss; 1571 1572 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 1573 run_updateslot(ic->ic_ifp); 1574 run_enable_mrr(sc); 1575 run_set_txpreamble(sc); 1576 run_set_basicrates(sc); 1577 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 1578 run_set_bssid(sc, ni->ni_bssid); 1579 } 1580 1581 if (vap->iv_opmode == IEEE80211_M_STA) { 1582 /* add BSS entry to the WCID table */ 1583 wcid = RUN_AID2WCID(ni->ni_associd); 1584 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1585 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1586 } 1587 1588 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 1589 vap->iv_opmode == IEEE80211_M_IBSS) 1590 run_update_beacon_locked(vap, 0); 1591 1592 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 1593 run_enable_tsf_sync(sc); 1594 } /* else tsf */ 1595 1596 /* enable automatic rate adaptation */ 1597 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 1598 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 1599 run_amrr_start(sc, ni); 1600 1601 /* turn link LED on */ 1602 run_set_leds(sc, RT2860_LED_RADIO | 1603 (IEEE80211_IS_CHAN_2GHZ(vap->iv_bss->ni_chan) ? 1604 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1605 1606 break; 1607 default: 1608 DPRINTFN(6, "undefined case\n"); 1609 break; 1610 } 1611 1612 RUN_UNLOCK(sc); 1613 IEEE80211_LOCK(ic); 1614 1615 return(rvp->newstate(vap, nstate, arg)); 1616 } 1617 1618 /* another taskqueue, so usbd_do_request() can go sleep */ 1619 static int 1620 run_wme_update(struct ieee80211com *ic) 1621 { 1622 struct run_softc *sc = ic->ic_ifp->if_softc; 1623 1624 ieee80211_runtask(ic, &sc->wme_task); 1625 1626 /* return whatever, upper layer desn't care anyway */ 1627 return 0; 1628 } 1629 1630 /* ARGSUSED */ 1631 static void 1632 run_wme_update_cb(void *arg, int pending) 1633 { 1634 struct ieee80211com *ic = arg; 1635 struct run_softc *sc = ic->ic_ifp->if_softc; 1636 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 1637 int aci, error = 0; 1638 1639 RUN_LOCK(sc); 1640 1641 /* update MAC TX configuration registers */ 1642 for (aci = 0; aci < WME_NUM_AC; aci++) { 1643 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 1644 wmesp->wme_params[aci].wmep_logcwmax << 16 | 1645 wmesp->wme_params[aci].wmep_logcwmin << 12 | 1646 wmesp->wme_params[aci].wmep_aifsn << 8 | 1647 wmesp->wme_params[aci].wmep_txopLimit); 1648 if(error) goto err; 1649 } 1650 1651 /* update SCH/DMA registers too */ 1652 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 1653 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 1654 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 1655 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 1656 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 1657 if(error) goto err; 1658 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 1659 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 1660 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 1661 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 1662 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 1663 if(error) goto err; 1664 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 1665 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 1666 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 1667 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 1668 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 1669 if(error) goto err; 1670 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 1671 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 1672 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 1673 if(error) goto err; 1674 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 1675 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 1676 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 1677 1678 err: 1679 if(error) 1680 DPRINTF("WME update failed\n"); 1681 1682 RUN_UNLOCK(sc); 1683 return; 1684 } 1685 1686 static void 1687 run_key_update_begin(struct ieee80211vap *vap) 1688 { 1689 /* 1690 * Because run_key_delete() needs special attention 1691 * on lock related operation, lock handling is being done 1692 * differently in run_key_set and _delete. 1693 * 1694 * So, we don't use key_update_begin and _end. 1695 */ 1696 } 1697 1698 static void 1699 run_key_update_end(struct ieee80211vap *vap) 1700 { 1701 /* null */ 1702 } 1703 1704 /* 1705 * return 0 on error 1706 */ 1707 static int 1708 run_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k, 1709 const uint8_t mac[IEEE80211_ADDR_LEN]) 1710 { 1711 struct ieee80211com *ic = vap->iv_ic; 1712 struct ifnet *ifp = ic->ic_ifp; 1713 struct run_softc *sc = ifp->if_softc; 1714 struct ieee80211_node *ni; 1715 uint32_t attr; 1716 uint16_t base, associd; 1717 uint8_t mode, wcid, txmic, rxmic, iv[8]; 1718 int error = 0; 1719 1720 RUN_LOCK(sc); 1721 1722 if(vap->iv_opmode == IEEE80211_M_HOSTAP){ 1723 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, mac); 1724 associd = (ni != NULL) ? ni->ni_associd : 0; 1725 if(ni != NULL) 1726 ieee80211_free_node(ni); 1727 txmic = 24; 1728 rxmic = 16; 1729 } else { 1730 ni = vap->iv_bss; 1731 associd = (ni != NULL) ? ni->ni_associd : 0; 1732 txmic = 16; 1733 rxmic = 24; 1734 } 1735 1736 /* map net80211 cipher to RT2860 security mode */ 1737 switch (k->wk_cipher->ic_cipher) { 1738 case IEEE80211_CIPHER_WEP: 1739 if(k->wk_keylen < 8) 1740 mode = RT2860_MODE_WEP40; 1741 else 1742 mode = RT2860_MODE_WEP104; 1743 break; 1744 case IEEE80211_CIPHER_TKIP: 1745 mode = RT2860_MODE_TKIP; 1746 break; 1747 case IEEE80211_CIPHER_AES_CCM: 1748 mode = RT2860_MODE_AES_CCMP; 1749 break; 1750 default: 1751 DPRINTF("undefined case\n"); 1752 goto fail; 1753 } 1754 1755 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s\n", 1756 associd, k->wk_keyix, mode, 1757 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise"); 1758 1759 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1760 wcid = 0; /* NB: update WCID0 for group keys */ 1761 base = RT2860_SKEY(0, k->wk_keyix); 1762 } else { 1763 wcid = RUN_AID2WCID(associd); 1764 base = RT2860_PKEY(wcid); 1765 } 1766 1767 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 1768 if(run_write_region_1(sc, base, k->wk_key, 16)) 1769 goto fail; 1770 if(run_write_region_1(sc, base + 16, &k->wk_key[txmic], 8)) /* wk_txmic */ 1771 goto fail; 1772 if(run_write_region_1(sc, base + 24, &k->wk_key[rxmic], 8)) /* wk_rxmic */ 1773 goto fail; 1774 } else { 1775 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1776 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 1777 goto fail; 1778 } 1779 1780 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 1781 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 1782 /* set initial packet number in IV+EIV */ 1783 if (k->wk_cipher == IEEE80211_CIPHER_WEP){ 1784 memset(iv, 0, sizeof iv); 1785 iv[3] = sc->sc_rvp->vap.iv_def_txkey << 6; 1786 } else { 1787 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 1788 iv[0] = k->wk_keytsc >> 8; 1789 iv[1] = (iv[0] | 0x20) & 0x7f; 1790 iv[2] = k->wk_keytsc; 1791 } else /* CCMP */ { 1792 iv[0] = k->wk_keytsc; 1793 iv[1] = k->wk_keytsc >> 8; 1794 iv[2] = 0; 1795 } 1796 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 1797 iv[4] = k->wk_keytsc >> 16; 1798 iv[5] = k->wk_keytsc >> 24; 1799 iv[6] = k->wk_keytsc >> 32; 1800 iv[7] = k->wk_keytsc >> 40; 1801 } 1802 if(run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 1803 goto fail; 1804 } 1805 1806 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1807 /* install group key */ 1808 if(run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 1809 goto fail; 1810 attr &= ~(0xf << (k->wk_keyix * 4)); 1811 attr |= mode << (k->wk_keyix * 4); 1812 if(run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 1813 goto fail; 1814 } else { 1815 /* install pairwise key */ 1816 if(run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 1817 goto fail; 1818 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 1819 if(run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 1820 goto fail; 1821 } 1822 1823 /* TODO create a pass-thru key entry? */ 1824 1825 fail: 1826 RUN_UNLOCK(sc); 1827 return (error? 0 : 1); 1828 } 1829 1830 /* 1831 * return 0 on error 1832 */ 1833 static int 1834 run_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 1835 { 1836 struct ieee80211com *ic = vap->iv_ic; 1837 struct run_softc *sc = ic->ic_ifp->if_softc; 1838 struct ieee80211_node *ni = vap->iv_bss; 1839 struct ieee80211_node_table *nt = &ic->ic_sta; 1840 uint32_t attr; 1841 uint8_t wcid; 1842 int error = 0; 1843 uint8_t nislocked, cislocked; 1844 1845 if((nislocked = IEEE80211_NODE_IS_LOCKED(nt))) 1846 IEEE80211_NODE_UNLOCK(nt); 1847 if((cislocked = mtx_owned(&ic->ic_comlock.mtx))) 1848 IEEE80211_UNLOCK(ic); 1849 RUN_LOCK(sc); 1850 1851 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1852 /* remove group key */ 1853 if(run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 1854 goto fail; 1855 attr &= ~(0xf << (k->wk_keyix * 4)); 1856 if(run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 1857 goto fail; 1858 } else { 1859 /* remove pairwise key */ 1860 wcid = RUN_AID2WCID((ni != NULL) ? ni->ni_associd : 0); 1861 if(run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 1862 goto fail; 1863 attr &= ~0xf; 1864 if(run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 1865 goto fail; 1866 } 1867 1868 fail: 1869 RUN_UNLOCK(sc); 1870 if(cislocked) 1871 IEEE80211_LOCK(ic); 1872 if(nislocked) 1873 IEEE80211_NODE_LOCK(nt); 1874 1875 return (error? 0 : 1); 1876 } 1877 1878 static void 1879 run_amrr_start(struct run_softc *sc, struct ieee80211_node *ni) 1880 { 1881 struct ieee80211vap *vap = ni->ni_vap; 1882 struct run_vap *rvp = RUN_VAP(vap); 1883 uint32_t sta[3]; 1884 uint8_t wcid; 1885 1886 RUN_LOCK_ASSERT(sc, MA_OWNED); 1887 1888 /* read statistic counters (clear on read) and update AMRR state */ 1889 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1890 (uint8_t *)sta, sizeof sta); 1891 1892 wcid = RUN_AID2WCID(ni == NULL ? 0 : ni->ni_associd); 1893 ieee80211_amrr_node_init(&rvp->amrr, &rvp->amn[wcid], ni); 1894 1895 /* start at lowest available bit-rate, AMRR will raise */ 1896 ni->ni_txrate = 2; 1897 1898 /* start calibration timer */ 1899 rvp->amrr_run = RUN_AMRR_ON; 1900 usb_callout_reset(&rvp->amrr_ch, hz, run_amrr_to, rvp); 1901 } 1902 1903 static void 1904 run_amrr_to(void *arg) 1905 { 1906 struct run_vap *rvp = arg; 1907 1908 /* do it in a process context, so it can go sleep */ 1909 ieee80211_runtask(rvp->vap.iv_ic, &rvp->amrr_task); 1910 /* next timeout will be rescheduled in the callback task */ 1911 } 1912 1913 /* ARGSUSED */ 1914 static void 1915 run_amrr_cb(void *arg, int pending) 1916 { 1917 struct run_vap *rvp = arg; 1918 struct ieee80211vap *vap = &rvp->vap; 1919 struct ieee80211com *ic = vap->iv_ic; 1920 struct run_softc *sc = ic->ic_ifp->if_softc; 1921 1922 if (ic->ic_opmode == IEEE80211_M_STA) 1923 run_iter_func(rvp, vap->iv_bss); 1924 else { 1925 /* 1926 * run_reset_livelock() doesn't do anything with AMRR, 1927 * but Ralink wants us to call it every 1 sec. So, we 1928 * piggyback here rather than creating another callout. 1929 * Livelock may occur only in HOSTAP or IBSS mode 1930 * (when h/w is sending beacons). 1931 */ 1932 RUN_LOCK(sc); 1933 run_reset_livelock(sc); 1934 RUN_UNLOCK(sc); 1935 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, rvp); 1936 } 1937 1938 if(rvp->amrr_run == RUN_AMRR_ON) 1939 usb_callout_reset(&rvp->amrr_ch, hz, run_amrr_to, rvp); 1940 } 1941 1942 1943 static void 1944 run_iter_func(void *arg, struct ieee80211_node *ni) 1945 { 1946 struct run_vap *rvp = arg; 1947 struct ieee80211com *ic = rvp->vap.iv_ic; 1948 struct ifnet *ifp = ic->ic_ifp; 1949 struct run_softc *sc = ifp->if_softc; 1950 struct ieee80211_node_table *nt = &ic->ic_sta; 1951 struct ieee80211_amrr_node *amn = &rvp->amn[0]; /* make compiler happy */ 1952 uint32_t sta[3], stat; 1953 int error; 1954 uint8_t wcid, mcs, pid; 1955 1956 if(ic->ic_opmode != IEEE80211_M_STA) 1957 IEEE80211_NODE_ITERATE_UNLOCK(nt); 1958 1959 RUN_LOCK(sc); 1960 1961 if(ic->ic_opmode != IEEE80211_M_STA){ 1962 /* drain Tx status FIFO (maxsize = 16) */ 1963 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 1964 while (stat & RT2860_TXQ_VLD) { 1965 DPRINTFN(4, "tx stat 0x%08x\n", stat); 1966 1967 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 1968 1969 /* if no ACK was requested, no feedback is available */ 1970 if (!(stat & RT2860_TXQ_ACKREQ) || wcid == 0xff) 1971 continue; 1972 1973 /* update per-STA AMRR stats */ 1974 amn = &rvp->amn[wcid]; 1975 amn->amn_txcnt++; 1976 if (stat & RT2860_TXQ_OK) { 1977 amn->amn_success++; 1978 /* 1979 * Check if there were retries, ie if the Tx 1980 * success rate is different from the requested 1981 * rate. Note that it works only because we do 1982 * not allow rate fallback from OFDM to CCK. 1983 */ 1984 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 1985 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 1986 if (mcs + 1 != pid) 1987 amn->amn_retrycnt++; 1988 } else { 1989 amn->amn_retrycnt++; 1990 ifp->if_oerrors++; 1991 } 1992 run_read_region_1(sc, RT2860_TX_STAT_FIFO, 1993 (uint8_t *)&stat, sizeof stat); 1994 } 1995 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 1996 amn->amn_retrycnt, amn->amn_txcnt, amn->amn_success); 1997 } else { 1998 /* read statistic counters (clear on read) and update AMRR state */ 1999 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2000 sizeof sta); 2001 if (error != 0) 2002 goto skip; 2003 2004 DPRINTFN(3, "retrycnt=%d txcnt=%d failcnt=%d\n", 2005 le32toh(sta[1]) >> 16, le32toh(sta[1]) & 0xffff, 2006 le32toh(sta[0]) & 0xffff); 2007 2008 wcid = RUN_AID2WCID(ni == NULL ? 0 : ni->ni_associd); 2009 amn = &rvp->amn[wcid]; 2010 2011 /* count failed TX as errors */ 2012 ifp->if_oerrors += le32toh(sta[0]) & 0xffff; 2013 2014 amn->amn_retrycnt = 2015 (le32toh(sta[0]) & 0xffff) + /* failed TX count */ 2016 (le32toh(sta[1]) >> 16); /* TX retransmission count */ 2017 2018 amn->amn_txcnt = 2019 amn->amn_retrycnt + 2020 (le32toh(sta[1]) & 0xffff); /* successful TX count */ 2021 2022 amn->amn_success = 2023 (le32toh(sta[1]) >> 16) + 2024 (le32toh(sta[1]) & 0xffff); 2025 } 2026 2027 ieee80211_amrr_choose(ni, amn); 2028 2029 skip:; 2030 RUN_UNLOCK(sc); 2031 2032 if(ic->ic_opmode != IEEE80211_M_STA) 2033 IEEE80211_NODE_ITERATE_LOCK(nt); 2034 } 2035 2036 static void 2037 run_newassoc(struct ieee80211_node *ni, int isnew) 2038 { 2039 struct run_node *rn = (void *)ni; 2040 struct ieee80211_rateset *rs = &ni->ni_rates; 2041 uint8_t rate; 2042 int ridx, i, j; 2043 2044 DPRINTF("new assoc isnew=%d addr=%s\n", 2045 isnew, ether_sprintf(ni->ni_macaddr)); 2046 2047 for (i = 0; i < rs->rs_nrates; i++) { 2048 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2049 /* convert 802.11 rate to hardware rate index */ 2050 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2051 if (rt2860_rates[ridx].rate == rate) 2052 break; 2053 rn->ridx[i] = ridx; 2054 /* determine rate of control response frames */ 2055 for (j = i; j >= 0; j--) { 2056 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2057 rt2860_rates[rn->ridx[i]].phy == 2058 rt2860_rates[rn->ridx[j]].phy) 2059 break; 2060 } 2061 if (j >= 0) { 2062 rn->ctl_ridx[i] = rn->ridx[j]; 2063 } else { 2064 /* no basic rate found, use mandatory one */ 2065 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2066 } 2067 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2068 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2069 } 2070 } 2071 2072 /* 2073 * Return the Rx chain with the highest RSSI for a given frame. 2074 */ 2075 static __inline uint8_t 2076 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2077 { 2078 uint8_t rxchain = 0; 2079 2080 if (sc->nrxchains > 1) { 2081 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2082 rxchain = 1; 2083 if (sc->nrxchains > 2) 2084 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2085 rxchain = 2; 2086 } 2087 return rxchain; 2088 } 2089 2090 static void 2091 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2092 { 2093 struct ifnet *ifp = sc->sc_ifp; 2094 struct ieee80211vap *vap = &sc->sc_rvp->vap; 2095 struct ieee80211com *ic = ifp->if_l2com; 2096 struct ieee80211_frame *wh; 2097 struct ieee80211_node *ni; 2098 struct rt2870_rxd *rxd; 2099 struct rt2860_rxwi *rxwi; 2100 uint32_t flags; 2101 uint16_t len, phy; 2102 uint8_t ant, rssi; 2103 int8_t nf; 2104 2105 rxwi = mtod(m, struct rt2860_rxwi *); 2106 len = le16toh(rxwi->len) & 0xfff; 2107 if (__predict_false(len > dmalen)) { 2108 m_freem(m); 2109 ifp->if_ierrors++; 2110 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2111 return; 2112 } 2113 /* Rx descriptor is located at the end */ 2114 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2115 flags = le32toh(rxd->flags); 2116 2117 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2118 m_freem(m); 2119 ifp->if_ierrors++; 2120 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2121 return; 2122 } 2123 2124 m->m_data += sizeof(struct rt2860_rxwi); 2125 m->m_pkthdr.len = m->m_len -= sizeof(struct rt2860_rxwi); 2126 2127 wh = mtod(m, struct ieee80211_frame *); 2128 2129 if (wh->i_fc[1] & IEEE80211_FC1_WEP){ 2130 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 2131 m->m_flags |= M_WEP; 2132 } 2133 2134 if (flags & RT2860_RX_L2PAD){ 2135 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2136 len += 2; 2137 } 2138 2139 if (__predict_false(flags & RT2860_RX_MICERR)) { 2140 /* report MIC failures to net80211 for TKIP */ 2141 ieee80211_notify_michael_failure(vap, wh, rxwi->keyidx); 2142 m_freem(m); 2143 ifp->if_ierrors++; 2144 DPRINTF("MIC error. Someone is lying.\n"); 2145 return; 2146 } 2147 2148 ant = run_maxrssi_chain(sc, rxwi); 2149 rssi = rxwi->rssi[ant]; 2150 nf = run_rssi2dbm(sc, rssi, ant); 2151 2152 m->m_pkthdr.rcvif = ifp; 2153 m->m_pkthdr.len = m->m_len = len; 2154 2155 ni = ieee80211_find_rxnode(ic, 2156 mtod(m, struct ieee80211_frame_min *)); 2157 if (ni != NULL) { 2158 (void)ieee80211_input(ni, m, rssi, nf); 2159 ieee80211_free_node(ni); 2160 } else { 2161 (void)ieee80211_input_all(ic, m, rssi, nf); 2162 } 2163 2164 if(__predict_false(ieee80211_radiotap_active(ic))){ 2165 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2166 2167 tap->wr_flags = 0; 2168 tap->wr_chan_freq = htole16(ic->ic_bsschan->ic_freq); 2169 tap->wr_chan_flags = htole16(ic->ic_bsschan->ic_flags); 2170 tap->wr_antsignal = rssi; 2171 tap->wr_antenna = ant; 2172 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2173 tap->wr_rate = 2; /* in case it can't be found below */ 2174 phy = le16toh(rxwi->phy); 2175 switch (phy & RT2860_PHY_MODE) { 2176 case RT2860_PHY_CCK: 2177 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2178 case 0: tap->wr_rate = 2; break; 2179 case 1: tap->wr_rate = 4; break; 2180 case 2: tap->wr_rate = 11; break; 2181 case 3: tap->wr_rate = 22; break; 2182 } 2183 if (phy & RT2860_PHY_SHPRE) 2184 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2185 break; 2186 case RT2860_PHY_OFDM: 2187 switch (phy & RT2860_PHY_MCS) { 2188 case 0: tap->wr_rate = 12; break; 2189 case 1: tap->wr_rate = 18; break; 2190 case 2: tap->wr_rate = 24; break; 2191 case 3: tap->wr_rate = 36; break; 2192 case 4: tap->wr_rate = 48; break; 2193 case 5: tap->wr_rate = 72; break; 2194 case 6: tap->wr_rate = 96; break; 2195 case 7: tap->wr_rate = 108; break; 2196 } 2197 break; 2198 } 2199 } 2200 } 2201 2202 static void 2203 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2204 { 2205 struct run_softc *sc = usbd_xfer_softc(xfer); 2206 struct ifnet *ifp = sc->sc_ifp; 2207 struct mbuf *m = NULL; 2208 struct mbuf *m0; 2209 uint32_t dmalen; 2210 int xferlen; 2211 2212 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2213 2214 switch (USB_GET_STATE(xfer)) { 2215 case USB_ST_TRANSFERRED: 2216 2217 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2218 2219 if (xferlen < sizeof (uint32_t) + 2220 sizeof (struct rt2860_rxwi) + sizeof (struct rt2870_rxd)) { 2221 DPRINTF("xfer too short %d\n", xferlen); 2222 goto tr_setup; 2223 } 2224 2225 m = sc->rx_m; 2226 sc->rx_m = NULL; 2227 2228 /* FALLTHROUGH */ 2229 case USB_ST_SETUP: 2230 tr_setup: 2231 if (sc->rx_m == NULL) { 2232 sc->rx_m = m_getjcl(M_DONTWAIT, MT_DATA, M_PKTHDR, 2233 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2234 } 2235 if (sc->rx_m == NULL) { 2236 DPRINTF("could not allocate mbuf - idle with stall\n"); 2237 ifp->if_ierrors++; 2238 usbd_xfer_set_stall(xfer); 2239 usbd_xfer_set_frames(xfer, 0); 2240 } else { 2241 /* 2242 * Directly loading a mbuf cluster into DMA to 2243 * save some data copying. This works because 2244 * there is only one cluster. 2245 */ 2246 usbd_xfer_set_frame_data(xfer, 0, 2247 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2248 usbd_xfer_set_frames(xfer, 1); 2249 } 2250 usbd_transfer_submit(xfer); 2251 break; 2252 2253 default: /* Error */ 2254 if (error != USB_ERR_CANCELLED) { 2255 /* try to clear stall first */ 2256 usbd_xfer_set_stall(xfer); 2257 2258 if (error == USB_ERR_TIMEOUT) 2259 device_printf(sc->sc_dev, "device timeout\n"); 2260 2261 ifp->if_ierrors++; 2262 2263 goto tr_setup; 2264 } 2265 if(sc->rx_m != NULL){ 2266 m_freem(sc->rx_m); 2267 sc->rx_m = NULL; 2268 } 2269 break; 2270 } 2271 2272 if (m == NULL) 2273 return; 2274 2275 /* inputting all the frames must be last */ 2276 2277 RUN_UNLOCK(sc); 2278 2279 m->m_pkthdr.len = m->m_len = xferlen; 2280 2281 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2282 for(;;) { 2283 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2284 2285 if ((dmalen == 0) || ((dmalen & 3) != 0)) { 2286 DPRINTF("bad DMA length %u\n", dmalen); 2287 break; 2288 } 2289 if ((dmalen + 8) > xferlen) { 2290 DPRINTF("bad DMA length %u > %d\n", 2291 dmalen + 8, xferlen); 2292 break; 2293 } 2294 2295 /* If it is the last one or a single frame, we won't copy. */ 2296 if((xferlen -= dmalen + 8) <= 8){ 2297 /* trim 32-bit DMA-len header */ 2298 m->m_data += 4; 2299 m->m_pkthdr.len = m->m_len -= 4; 2300 run_rx_frame(sc, m, dmalen); 2301 break; 2302 } 2303 2304 /* copy aggregated frames to another mbuf */ 2305 m0 = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 2306 if (__predict_false(m0 == NULL)) { 2307 DPRINTF("could not allocate mbuf\n"); 2308 ifp->if_ierrors++; 2309 break; 2310 } 2311 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 2312 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 2313 m0->m_pkthdr.len = m0->m_len = 2314 dmalen + sizeof(struct rt2870_rxd); 2315 run_rx_frame(sc, m0, dmalen); 2316 2317 /* update data ptr */ 2318 m->m_data += dmalen + 8; 2319 m->m_pkthdr.len = m->m_len -= dmalen + 8; 2320 } 2321 2322 RUN_LOCK(sc); 2323 } 2324 2325 static void 2326 run_tx_free(struct run_endpoint_queue *pq, 2327 struct run_tx_data *data, int txerr) 2328 { 2329 if (data->m != NULL) { 2330 if (data->m->m_flags & M_TXCB) 2331 ieee80211_process_callback(data->ni, data->m, 2332 txerr ? ETIMEDOUT : 0); 2333 m_freem(data->m); 2334 data->m = NULL; 2335 2336 if(data->ni == NULL) { 2337 DPRINTF("no node\n"); 2338 } else { 2339 ieee80211_free_node(data->ni); 2340 data->ni = NULL; 2341 } 2342 } 2343 2344 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 2345 pq->tx_nfree++; 2346 } 2347 2348 static void 2349 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, unsigned int index) 2350 { 2351 struct run_softc *sc = usbd_xfer_softc(xfer); 2352 struct ifnet *ifp = sc->sc_ifp; 2353 struct run_tx_data *data; 2354 struct ieee80211vap *vap = NULL; 2355 struct usb_page_cache *pc; 2356 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 2357 struct mbuf *m; 2358 usb_frlength_t size; 2359 unsigned int len; 2360 int actlen; 2361 int sumlen; 2362 2363 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 2364 2365 switch (USB_GET_STATE(xfer)){ 2366 case USB_ST_TRANSFERRED: 2367 DPRINTFN(11, "transfer complete: %d " 2368 "bytes @ index %d\n", actlen, index); 2369 2370 data = usbd_xfer_get_priv(xfer); 2371 2372 run_tx_free(pq, data, 0); 2373 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2374 2375 usbd_xfer_set_priv(xfer, NULL); 2376 2377 ifp->if_opackets++; 2378 2379 /* FALLTHROUGH */ 2380 case USB_ST_SETUP: 2381 tr_setup: 2382 data = STAILQ_FIRST(&pq->tx_qh); 2383 if(data == NULL) 2384 break; 2385 2386 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 2387 2388 m = data->m; 2389 if (m->m_pkthdr.len > RUN_MAX_TXSZ) { 2390 DPRINTF("data overflow, %u bytes\n", 2391 m->m_pkthdr.len); 2392 2393 ifp->if_oerrors++; 2394 2395 run_tx_free(pq, data, 1); 2396 2397 goto tr_setup; 2398 } 2399 2400 pc = usbd_xfer_get_frame(xfer, 0); 2401 size = sizeof(data->desc); 2402 usbd_copy_in(pc, 0, &data->desc, size); 2403 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 2404 2405 vap = data->ni->ni_vap; 2406 if (ieee80211_radiotap_active_vap(vap)) { 2407 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2408 2409 tap->wt_flags = 0; 2410 tap->wt_rate = rt2860_rates[data->ridx].rate; 2411 tap->wt_chan_freq = htole16(vap->iv_bss->ni_chan->ic_freq); 2412 tap->wt_chan_flags = htole16(vap->iv_bss->ni_chan->ic_flags); 2413 tap->wt_hwqueue = index; 2414 if (data->mcs & RT2860_PHY_SHPRE) 2415 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2416 2417 ieee80211_radiotap_tx(vap, m); 2418 } 2419 2420 /* align end on a 4-bytes boundary */ 2421 len = (size + m->m_pkthdr.len + 3) & ~3; 2422 2423 DPRINTFN(11, "sending frame len=%u xferlen=%u @ index %d\n", 2424 m->m_pkthdr.len, len, index); 2425 2426 usbd_xfer_set_frame_len(xfer, 0, len); 2427 usbd_xfer_set_priv(xfer, data); 2428 2429 usbd_transfer_submit(xfer); 2430 2431 RUN_UNLOCK(sc); 2432 run_start(ifp); 2433 RUN_LOCK(sc); 2434 2435 break; 2436 2437 default: 2438 DPRINTF("USB transfer error, %s\n", 2439 usbd_errstr(error)); 2440 2441 data = usbd_xfer_get_priv(xfer); 2442 2443 ifp->if_oerrors++; 2444 2445 if (data != NULL) { 2446 run_tx_free(pq, data, error); 2447 usbd_xfer_set_priv(xfer, NULL); 2448 } 2449 2450 if (error != USB_ERR_CANCELLED) { 2451 if (error == USB_ERR_TIMEOUT) { 2452 device_printf(sc->sc_dev, "device timeout\n"); 2453 ieee80211_runtask(ifp->if_l2com, &sc->usb_timeout_task); 2454 } 2455 2456 /* 2457 * Try to clear stall first, also if other 2458 * errors occur, hence clearing stall 2459 * introduces a 50 ms delay: 2460 */ 2461 usbd_xfer_set_stall(xfer); 2462 goto tr_setup; 2463 } 2464 break; 2465 } 2466 } 2467 2468 static void 2469 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 2470 { 2471 run_bulk_tx_callbackN(xfer, error, 0); 2472 } 2473 2474 static void 2475 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 2476 { 2477 run_bulk_tx_callbackN(xfer, error, 1); 2478 } 2479 2480 static void 2481 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 2482 { 2483 run_bulk_tx_callbackN(xfer, error, 2); 2484 } 2485 2486 static void 2487 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 2488 { 2489 run_bulk_tx_callbackN(xfer, error, 3); 2490 } 2491 2492 static void 2493 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 2494 { 2495 run_bulk_tx_callbackN(xfer, error, 4); 2496 } 2497 2498 static void 2499 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 2500 { 2501 run_bulk_tx_callbackN(xfer, error, 5); 2502 } 2503 2504 static void 2505 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data, 2506 uint8_t wflags, uint8_t xflags, uint8_t opflags, uint8_t dflags, 2507 uint8_t type, uint8_t pad) 2508 { 2509 struct mbuf *m = data->m; 2510 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2511 struct ieee80211vap *vap = &sc->sc_rvp->vap; 2512 struct ieee80211_frame *wh; 2513 struct rt2870_txd *txd; 2514 struct rt2860_txwi *txwi; 2515 int xferlen; 2516 uint8_t mcs; 2517 uint8_t ridx = data->ridx; 2518 2519 /* get MCS code from rate index */ 2520 data->mcs = mcs = rt2860_rates[ridx].mcs; 2521 2522 xferlen = sizeof(*txwi) + m->m_pkthdr.len; 2523 2524 /* roundup to 32-bit alignment */ 2525 xferlen = (xferlen + 3) & ~3; 2526 2527 txd = (struct rt2870_txd *)&data->desc; 2528 txd->flags = dflags; 2529 txd->len = htole16(xferlen); 2530 2531 /* setup TX Wireless Information */ 2532 txwi = (struct rt2860_txwi *)(txd + 1); 2533 txwi->flags = wflags; 2534 txwi->xflags = xflags; 2535 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2536 RUN_AID2WCID(data->ni->ni_associd) : 0xff; 2537 txwi->len = htole16(m->m_pkthdr.len - pad); 2538 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2539 txwi->phy = htole16(RT2860_PHY_CCK); 2540 if (ridx != RT2860_RIDX_CCK1 && 2541 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2542 mcs |= RT2860_PHY_SHPRE; 2543 } else 2544 txwi->phy = htole16(RT2860_PHY_OFDM); 2545 txwi->phy |= htole16(mcs); 2546 2547 wh = mtod(m, struct ieee80211_frame *); 2548 2549 /* check if RTS/CTS or CTS-to-self protection is required */ 2550 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2551 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 2552 ((ic->ic_flags & IEEE80211_F_USEPROT) && 2553 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 2554 txwi->txop = RT2860_TX_TXOP_HT | opflags; 2555 else 2556 txwi->txop = RT2860_TX_TXOP_BACKOFF | opflags; 2557 } 2558 2559 /* This function must be called locked */ 2560 static int 2561 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2562 { 2563 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2564 struct ieee80211vap *vap = &sc->sc_rvp->vap; 2565 struct ieee80211_frame *wh; 2566 const struct ieee80211_txparam *tp; 2567 struct run_tx_data *data; 2568 uint16_t qos; 2569 uint16_t dur; 2570 uint8_t type; 2571 uint8_t tid; 2572 uint8_t qid; 2573 uint8_t qflags; 2574 uint8_t pad; 2575 uint8_t xflags = 0; 2576 int hasqos; 2577 int ridx; 2578 int ctl_ridx; 2579 2580 RUN_LOCK_ASSERT(sc, MA_OWNED); 2581 2582 wh = mtod(m, struct ieee80211_frame *); 2583 2584 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2585 2586 /* 2587 * There are 7 bulk endpoints: 1 for RX 2588 * and 6 for TX (4 EDCAs + HCCA + Prio). 2589 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 2590 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 2591 */ 2592 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 2593 uint8_t *frm; 2594 2595 if(IEEE80211_HAS_ADDR4(wh)) 2596 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 2597 else 2598 frm =((struct ieee80211_qosframe *)wh)->i_qos; 2599 2600 qos = le16toh(*(const uint16_t *)frm); 2601 tid = qos & IEEE80211_QOS_TID; 2602 qid = TID_TO_WME_AC(tid); 2603 pad = 2; 2604 } else { 2605 qos = 0; 2606 tid = 0; 2607 qid = WME_AC_BE; 2608 pad = 0; 2609 } 2610 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 2611 2612 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 2613 qos, qid, tid, qflags); 2614 2615 tp = &vap->iv_txparms[ieee80211_chan2mode(ni->ni_chan)]; 2616 2617 /* pickup a rate index */ 2618 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2619 type != IEEE80211_FC0_TYPE_DATA) { 2620 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2621 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2622 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2623 } else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2624 ridx = sc->fixed_ridx; 2625 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2626 } else { 2627 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++){ 2628 if (rt2860_rates[ridx].rate == ni->ni_txrate) 2629 break; 2630 } 2631 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2632 } 2633 2634 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2635 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 2636 IEEE80211_QOS_ACKPOLICY_NOACK)) { 2637 xflags |= RT2860_TX_ACK; 2638 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2639 dur = rt2860_rates[ridx].sp_ack_dur; 2640 else 2641 dur = rt2860_rates[ridx].lp_ack_dur; 2642 *(uint16_t *)wh->i_dur = htole16(dur + sc->sifs); 2643 } 2644 2645 /* reserve slots for mgmt packets, just in case */ 2646 if (sc->sc_epq[qid].tx_nfree < 3) { 2647 DPRINTFN(10, "tx ring %d is full\n", qid); 2648 return (-1); 2649 } 2650 2651 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 2652 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 2653 sc->sc_epq[qid].tx_nfree--; 2654 2655 data->m = m; 2656 data->ni = ni; 2657 data->ridx = ridx; 2658 2659 run_set_tx_desc(sc, data, 0, xflags, 0, qflags, type, pad); 2660 2661 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 2662 2663 usbd_transfer_start(sc->sc_xfer[qid]); 2664 2665 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", m->m_pkthdr.len + 2666 (int)(sizeof (struct rt2870_txd) + sizeof (struct rt2860_rxwi)), 2667 rt2860_rates[ridx].rate, qid); 2668 2669 return (0); 2670 } 2671 2672 static int 2673 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2674 { 2675 const struct ieee80211_txparam *tp; 2676 struct ifnet *ifp = sc->sc_ifp; 2677 struct ieee80211vap *vap = ni->ni_vap; 2678 struct ieee80211com *ic = ifp->if_l2com; 2679 struct run_tx_data *data; 2680 struct ieee80211_frame *wh; 2681 int ridx; 2682 uint16_t dur; 2683 uint8_t type; 2684 uint8_t xflags = 0; 2685 2686 RUN_LOCK_ASSERT(sc, MA_OWNED); 2687 2688 wh = mtod(m, struct ieee80211_frame *); 2689 2690 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2691 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2692 2693 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 2694 xflags |= RT2860_TX_ACK; 2695 2696 dur = ieee80211_ack_duration(ic->ic_rt, tp->mgmtrate, 2697 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 2698 *(uint16_t *)wh->i_dur = htole16(dur); 2699 2700 /* tell hardware to add timestamp for probe responses */ 2701 if ((wh->i_fc[0] & 2702 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 2703 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 2704 xflags |= RT2860_TX_TS; 2705 } 2706 2707 if (sc->sc_epq[0].tx_nfree == 0) { 2708 /* let caller free mbuf */ 2709 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2710 return (EIO); 2711 } 2712 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 2713 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 2714 sc->sc_epq[0].tx_nfree--; 2715 2716 data->m = m; 2717 data->ni = ni; 2718 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2719 if (rt2860_rates[ridx].rate == tp->mgmtrate) 2720 break; 2721 data->ridx = ridx; 2722 2723 run_set_tx_desc(sc, data, 0, xflags, 0, RT2860_TX_QSEL_MGMT, 2724 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, 0); 2725 2726 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 2727 (int)(sizeof (struct rt2870_txd) + sizeof (struct rt2860_rxwi)), 2728 tp->mgmtrate); 2729 2730 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 2731 2732 usbd_transfer_start(sc->sc_xfer[0]); 2733 2734 return (0); 2735 } 2736 2737 static int 2738 run_sendprot(struct run_softc *sc, 2739 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 2740 { 2741 struct ieee80211com *ic = ni->ni_ic; 2742 struct ieee80211_frame *wh; 2743 struct run_tx_data *data; 2744 struct mbuf *mprot; 2745 int ridx; 2746 int protrate; 2747 int ackrate; 2748 int pktlen; 2749 int isshort; 2750 uint16_t dur; 2751 uint8_t type; 2752 uint8_t wflags; 2753 uint8_t txflags = 0; 2754 2755 RUN_LOCK_ASSERT(sc, MA_OWNED); 2756 2757 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 2758 ("protection %d", prot)); 2759 2760 wh = mtod(m, struct ieee80211_frame *); 2761 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 2762 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2763 2764 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 2765 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 2766 2767 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 2768 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort); 2769 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 2770 wflags = RT2860_TX_FRAG; 2771 2772 /* check that there are free slots before allocating the mbuf */ 2773 if (sc->sc_epq[0].tx_nfree == 0) { 2774 /* let caller free mbuf */ 2775 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2776 return (ENOBUFS); 2777 } 2778 2779 if (prot == IEEE80211_PROT_RTSCTS) { 2780 /* NB: CTS is the same size as an ACK */ 2781 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 2782 txflags |= RT2860_TX_ACK; 2783 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 2784 } else { 2785 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 2786 } 2787 if (mprot == NULL) { 2788 sc->sc_ifp->if_oerrors++; 2789 DPRINTF("could not allocate mbuf\n"); 2790 return (ENOBUFS); 2791 } 2792 2793 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 2794 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 2795 sc->sc_epq[0].tx_nfree--; 2796 2797 data->m = mprot; 2798 data->ni = ieee80211_ref_node(ni); 2799 2800 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2801 if (rt2860_rates[ridx].rate == protrate) 2802 break; 2803 data->ridx = ridx; 2804 2805 run_set_tx_desc(sc, data, wflags, txflags, 0, 2806 RT2860_TX_QSEL_EDCA, type, 0); 2807 2808 DPRINTFN(1, "sending prot len=%u rate=%u\n", 2809 m->m_pkthdr.len, rate); 2810 2811 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 2812 2813 usbd_transfer_start(sc->sc_xfer[0]); 2814 2815 return (0); 2816 } 2817 2818 static int 2819 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 2820 const struct ieee80211_bpf_params *params) 2821 { 2822 struct ieee80211com *ic = ni->ni_ic; 2823 struct ieee80211_frame *wh; 2824 struct run_tx_data *data; 2825 uint8_t type; 2826 uint8_t opflags; 2827 uint8_t txflags; 2828 int ridx; 2829 int rate; 2830 int error; 2831 2832 RUN_LOCK_ASSERT(sc, MA_OWNED); 2833 2834 KASSERT(params != NULL, ("no raw xmit params")); 2835 2836 wh = mtod(m, struct ieee80211_frame *); 2837 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2838 2839 rate = params->ibp_rate0; 2840 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 2841 /* let caller free mbuf */ 2842 return (EINVAL); 2843 } 2844 2845 opflags = 0; 2846 txflags = 0; 2847 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 2848 txflags |= RT2860_TX_ACK; 2849 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 2850 error = run_sendprot(sc, m, ni, 2851 params->ibp_flags & IEEE80211_BPF_RTS ? 2852 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 2853 rate); 2854 if (error) { 2855 /* let caller free mbuf */ 2856 return (error); 2857 } 2858 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 2859 } 2860 2861 if (sc->sc_epq[0].tx_nfree == 0) { 2862 /* let caller free mbuf */ 2863 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2864 DPRINTF("sending raw frame, but tx ring is full\n"); 2865 return (EIO); 2866 } 2867 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 2868 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 2869 sc->sc_epq[0].tx_nfree--; 2870 2871 data->m = m; 2872 data->ni = ni; 2873 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2874 if (rt2860_rates[ridx].rate == rate) 2875 break; 2876 data->ridx = ridx; 2877 2878 run_set_tx_desc(sc, data, 0, txflags, opflags, 2879 RT2860_TX_QSEL_EDCA, type, 0); 2880 2881 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 2882 m->m_pkthdr.len, rate); 2883 2884 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 2885 2886 usbd_transfer_start(sc->sc_xfer[0]); 2887 2888 return (0); 2889 } 2890 2891 static int 2892 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 2893 const struct ieee80211_bpf_params *params) 2894 { 2895 struct ifnet *ifp = ni->ni_ic->ic_ifp; 2896 struct run_softc *sc = ifp->if_softc; 2897 int error; 2898 2899 RUN_LOCK(sc); 2900 2901 /* prevent management frames from being sent if we're not ready */ 2902 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 2903 error = ENETDOWN; 2904 goto bad; 2905 } 2906 2907 if (params == NULL) { 2908 /* tx mgt packet */ 2909 if ((error = run_tx_mgt(sc, m, ni)) != 0){ 2910 ifp->if_oerrors++; 2911 DPRINTF("mgt tx failed\n"); 2912 goto bad; 2913 } 2914 } else { 2915 /* tx raw packet with param */ 2916 if ((error = run_tx_param(sc, m, ni, params)) != 0){ 2917 ifp->if_oerrors++; 2918 DPRINTF("tx with param failed\n"); 2919 goto bad; 2920 } 2921 } 2922 2923 ifp->if_opackets++; 2924 2925 RUN_UNLOCK(sc); 2926 2927 return (0); 2928 2929 bad: 2930 RUN_UNLOCK(sc); 2931 if(m != NULL) 2932 m_freem(m); 2933 ieee80211_free_node(ni); 2934 2935 return (error); 2936 } 2937 2938 static void 2939 run_start(struct ifnet *ifp) 2940 { 2941 struct run_softc *sc = ifp->if_softc; 2942 struct ieee80211_node *ni; 2943 struct mbuf *m; 2944 2945 RUN_LOCK(sc); 2946 2947 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 2948 RUN_UNLOCK(sc); 2949 return; 2950 } 2951 2952 for (;;) { 2953 /* send data frames */ 2954 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 2955 if (m == NULL) 2956 break; 2957 2958 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 2959 if (run_tx(sc, m, ni) != 0) { 2960 IFQ_DRV_PREPEND(&ifp->if_snd, m); 2961 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2962 break; 2963 } 2964 } 2965 2966 RUN_UNLOCK(sc); 2967 } 2968 2969 static int 2970 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2971 { 2972 struct run_softc *sc = ifp->if_softc; 2973 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2974 struct ifreq *ifr = (struct ifreq *) data; 2975 int error = 0, startall = 0; 2976 2977 switch (cmd) { 2978 case SIOCSIFFLAGS: 2979 RUN_LOCK(sc); 2980 if (ifp->if_flags & IFF_UP) { 2981 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){ 2982 run_init_locked(sc); 2983 startall = 1; 2984 } else 2985 run_update_promisc_locked(ifp); 2986 } else { 2987 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 2988 run_stop(sc); 2989 } 2990 RUN_UNLOCK(sc); 2991 if(startall) 2992 ieee80211_start_all(ic); 2993 break; 2994 case SIOCGIFMEDIA: 2995 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 2996 break; 2997 case SIOCGIFADDR: 2998 error = ether_ioctl(ifp, cmd, data); 2999 break; 3000 default: 3001 error = EINVAL; 3002 break; 3003 } 3004 3005 return (error); 3006 } 3007 3008 static void 3009 run_select_chan_group(struct run_softc *sc, int group) 3010 { 3011 uint32_t tmp; 3012 3013 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3014 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3015 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3016 run_bbp_write(sc, 86, 0x00); 3017 3018 if (group == 0) { 3019 if (sc->ext_2ghz_lna) { 3020 run_bbp_write(sc, 82, 0x62); 3021 run_bbp_write(sc, 75, 0x46); 3022 } else { 3023 run_bbp_write(sc, 82, 0x84); 3024 run_bbp_write(sc, 75, 0x50); 3025 } 3026 } else { 3027 if (sc->ext_5ghz_lna) { 3028 run_bbp_write(sc, 82, 0xf2); 3029 run_bbp_write(sc, 75, 0x46); 3030 } else { 3031 run_bbp_write(sc, 82, 0xf2); 3032 run_bbp_write(sc, 75, 0x50); 3033 } 3034 } 3035 3036 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 3037 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 3038 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 3039 run_write(sc, RT2860_TX_BAND_CFG, tmp); 3040 3041 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 3042 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN; 3043 if (group == 0) { /* 2GHz */ 3044 tmp |= RT2860_PA_PE_G0_EN | RT2860_LNA_PE_G0_EN; 3045 if (sc->ntxchains > 1) 3046 tmp |= RT2860_PA_PE_G1_EN; 3047 if (sc->nrxchains > 1) 3048 tmp |= RT2860_LNA_PE_G1_EN; 3049 } else { /* 5GHz */ 3050 tmp |= RT2860_PA_PE_A0_EN | RT2860_LNA_PE_A0_EN; 3051 if (sc->ntxchains > 1) 3052 tmp |= RT2860_PA_PE_A1_EN; 3053 if (sc->nrxchains > 1) 3054 tmp |= RT2860_LNA_PE_A1_EN; 3055 } 3056 run_write(sc, RT2860_TX_PIN_CFG, tmp); 3057 3058 /* set initial AGC value */ 3059 if (group == 0) 3060 run_bbp_write(sc, 66, 0x2e + sc->lna[0]); 3061 else 3062 run_bbp_write(sc, 66, 0x32 + (sc->lna[group] * 5) / 3); 3063 } 3064 3065 static void 3066 run_rt2870_set_chan(struct run_softc *sc, uint32_t chan) 3067 { 3068 const struct rfprog *rfprog = rt2860_rf2850; 3069 uint32_t r2, r3, r4; 3070 int8_t txpow1, txpow2; 3071 int i; 3072 3073 /* find the settings for this channel (we know it exists) */ 3074 for (i = 0; rfprog[i].chan != chan; i++); 3075 3076 r2 = rfprog[i].r2; 3077 if (sc->ntxchains == 1) 3078 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 3079 if (sc->nrxchains == 1) 3080 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 3081 else if (sc->nrxchains == 2) 3082 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 3083 3084 /* use Tx power values from EEPROM */ 3085 txpow1 = sc->txpow1[i]; 3086 txpow2 = sc->txpow2[i]; 3087 if (chan > 14) { 3088 if (txpow1 >= 0) 3089 txpow1 = txpow1 << 1; 3090 else 3091 txpow1 = (7 + txpow1) << 1 | 1; 3092 if (txpow2 >= 0) 3093 txpow2 = txpow2 << 1; 3094 else 3095 txpow2 = (7 + txpow2) << 1 | 1; 3096 } 3097 r3 = rfprog[i].r3 | txpow1 << 7; 3098 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 3099 3100 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 3101 run_rt2870_rf_write(sc, RT2860_RF2, r2); 3102 run_rt2870_rf_write(sc, RT2860_RF3, r3); 3103 run_rt2870_rf_write(sc, RT2860_RF4, r4); 3104 3105 run_delay(sc, 10); 3106 3107 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 3108 run_rt2870_rf_write(sc, RT2860_RF2, r2); 3109 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 3110 run_rt2870_rf_write(sc, RT2860_RF4, r4); 3111 3112 run_delay(sc, 10); 3113 3114 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 3115 run_rt2870_rf_write(sc, RT2860_RF2, r2); 3116 run_rt2870_rf_write(sc, RT2860_RF3, r3); 3117 run_rt2870_rf_write(sc, RT2860_RF4, r4); 3118 } 3119 3120 static void 3121 run_rt3070_set_chan(struct run_softc *sc, uint32_t chan) 3122 { 3123 int8_t txpow1, txpow2; 3124 uint8_t rf; 3125 3126 /* RT3070 is 2GHz only */ 3127 KASSERT(chan >= 1 && chan <= 14, ("wrong channel selected\n")); 3128 3129 /* use Tx power values from EEPROM */ 3130 txpow1 = sc->txpow1[chan - 1]; 3131 txpow2 = sc->txpow2[chan - 1]; 3132 3133 run_rt3070_rf_write(sc, 2, run_rf3020_freqs[chan - 1].n); 3134 run_rt3070_rf_write(sc, 3, run_rf3020_freqs[chan - 1].k); 3135 run_rt3070_rf_read(sc, 6, &rf); 3136 rf = (rf & ~0x03) | run_rf3020_freqs[chan - 1].r; 3137 run_rt3070_rf_write(sc, 6, rf); 3138 3139 /* set Tx0 power */ 3140 run_rt3070_rf_read(sc, 12, &rf); 3141 rf = (rf & ~0x1f) | txpow1; 3142 run_rt3070_rf_write(sc, 12, rf); 3143 3144 /* set Tx1 power */ 3145 run_rt3070_rf_read(sc, 13, &rf); 3146 rf = (rf & ~0x1f) | txpow2; 3147 run_rt3070_rf_write(sc, 13, rf); 3148 3149 run_rt3070_rf_read(sc, 1, &rf); 3150 rf &= ~0xfc; 3151 if (sc->ntxchains == 1) 3152 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 3153 else if (sc->ntxchains == 2) 3154 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 3155 if (sc->nrxchains == 1) 3156 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 3157 else if (sc->nrxchains == 2) 3158 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 3159 run_rt3070_rf_write(sc, 1, rf); 3160 3161 /* set RF offset */ 3162 run_rt3070_rf_read(sc, 23, &rf); 3163 rf = (rf & ~0x7f) | sc->freq; 3164 run_rt3070_rf_write(sc, 23, rf); 3165 3166 /* program RF filter */ 3167 run_rt3070_rf_write(sc, 24, sc->rf24_20mhz); 3168 run_rt3070_rf_write(sc, 31, sc->rf24_20mhz); 3169 3170 /* enable RF tuning */ 3171 run_rt3070_rf_read(sc, 7, &rf); 3172 run_rt3070_rf_write(sc, 7, rf | 0x01); 3173 } 3174 3175 static void 3176 run_set_rx_antenna(struct run_softc *sc, int aux) 3177 { 3178 uint32_t tmp; 3179 3180 if (aux) { 3181 run_read(sc, RT2860_PCI_EECTRL, &tmp); 3182 run_write(sc, RT2860_PCI_EECTRL, tmp & ~RT2860_C); 3183 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3184 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 3185 } else { 3186 run_read(sc, RT2860_PCI_EECTRL, &tmp); 3187 run_write(sc, RT2860_PCI_EECTRL, tmp | RT2860_C); 3188 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3189 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 3190 } 3191 } 3192 3193 static int 3194 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 3195 { 3196 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3197 uint32_t chan, group; 3198 3199 chan = ieee80211_chan2ieee(ic, c); 3200 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 3201 return EINVAL; 3202 3203 if ((sc->mac_rev >> 16) >= 0x3070) 3204 run_rt3070_set_chan(sc, chan); 3205 else 3206 run_rt2870_set_chan(sc, chan); 3207 3208 /* 802.11a uses a 16 microseconds short interframe space */ 3209 sc->sifs = IEEE80211_IS_CHAN_5GHZ(c) ? 16 : 10; 3210 3211 /* determine channel group */ 3212 if (chan <= 14) 3213 group = 0; 3214 else if (chan <= 64) 3215 group = 1; 3216 else if (chan <= 128) 3217 group = 2; 3218 else 3219 group = 3; 3220 3221 /* XXX necessary only when group has changed! */ 3222 run_select_chan_group(sc, group); 3223 3224 run_delay(sc, 10); 3225 3226 return 0; 3227 } 3228 3229 static void 3230 run_set_channel(struct ieee80211com *ic) 3231 { 3232 struct run_softc *sc = ic->ic_ifp->if_softc; 3233 3234 RUN_LOCK(sc); 3235 run_set_chan(sc, ic->ic_curchan); 3236 RUN_UNLOCK(sc); 3237 3238 return; 3239 } 3240 3241 static void 3242 run_scan_start(struct ieee80211com *ic) 3243 { 3244 struct run_softc *sc = ic->ic_ifp->if_softc; 3245 uint32_t tmp; 3246 3247 RUN_LOCK(sc); 3248 3249 /* abort TSF synchronization */ 3250 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3251 run_write(sc, RT2860_BCN_TIME_CFG, 3252 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 3253 RT2860_TBTT_TIMER_EN)); 3254 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 3255 3256 RUN_UNLOCK(sc); 3257 3258 return; 3259 } 3260 3261 static void 3262 run_scan_end(struct ieee80211com *ic) 3263 { 3264 struct run_softc *sc = ic->ic_ifp->if_softc; 3265 3266 RUN_LOCK(sc); 3267 3268 run_enable_tsf_sync(sc); 3269 /* XXX keep local copy */ 3270 run_set_bssid(sc, sc->sc_bssid); 3271 3272 RUN_UNLOCK(sc); 3273 3274 return; 3275 } 3276 3277 static uint8_t 3278 run_rate2mcs(uint8_t rate) 3279 { 3280 switch (rate) { 3281 /* CCK rates */ 3282 case 2: return 0; 3283 case 4: return 1; 3284 case 11: return 2; 3285 case 22: return 3; 3286 /* OFDM rates */ 3287 case 12: return 0; 3288 case 18: return 1; 3289 case 24: return 2; 3290 case 36: return 3; 3291 case 48: return 4; 3292 case 72: return 5; 3293 case 96: return 6; 3294 case 108: return 7; 3295 } 3296 return 0; /* shouldn't get here */ 3297 } 3298 3299 static void 3300 run_update_beacon_locked(struct ieee80211vap *vap, int item) 3301 { 3302 struct ieee80211com *ic = vap->iv_ic; 3303 struct run_softc *sc = ic->ic_ifp->if_softc; 3304 struct rt2860_txwi txwi; 3305 struct mbuf *m; 3306 int rate; 3307 3308 if ((m = ieee80211_beacon_alloc(vap->iv_bss, &RUN_VAP(vap)->bo)) == NULL) 3309 return; 3310 3311 memset(&txwi, 0, sizeof txwi); 3312 txwi.wcid = 0xff; 3313 txwi.len = htole16(m->m_pkthdr.len); 3314 /* send beacons at the lowest available rate */ 3315 rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 12 : 2; 3316 txwi.phy = htole16(run_rate2mcs(rate)); 3317 if (rate == 12) 3318 txwi.phy |= htole16(RT2860_PHY_OFDM); 3319 txwi.txop = RT2860_TX_TXOP_HT; 3320 txwi.flags = RT2860_TX_TS; 3321 3322 run_write_region_1(sc, RT2860_BCN_BASE(0), 3323 (u_int8_t *)&txwi, sizeof txwi); 3324 run_write_region_1(sc, RT2860_BCN_BASE(0) + sizeof txwi, 3325 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); /* roundup len */ 3326 3327 m_freem(m); 3328 3329 return; 3330 } 3331 3332 static void 3333 run_update_beacon(struct ieee80211vap *vap, int item) 3334 { 3335 struct ieee80211com *ic = vap->iv_ic; 3336 struct run_softc *sc = ic->ic_ifp->if_softc; 3337 3338 IEEE80211_UNLOCK(ic); 3339 RUN_LOCK(sc); 3340 run_update_beacon_locked(vap, item); 3341 RUN_UNLOCK(sc); 3342 IEEE80211_LOCK(ic); 3343 3344 return; 3345 } 3346 3347 static void 3348 run_updateprot(struct ieee80211com *ic) 3349 { 3350 struct run_softc *sc = ic->ic_ifp->if_softc; 3351 uint32_t tmp; 3352 3353 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 3354 /* setup protection frame rate (MCS code) */ 3355 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 3356 rt2860_rates[RT2860_RIDX_OFDM6].mcs : 3357 rt2860_rates[RT2860_RIDX_CCK11].mcs; 3358 3359 /* CCK frames don't require protection */ 3360 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 3361 if (ic->ic_flags & IEEE80211_F_USEPROT) { 3362 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 3363 tmp |= RT2860_PROT_CTRL_RTS_CTS; 3364 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 3365 tmp |= RT2860_PROT_CTRL_CTS; 3366 } 3367 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 3368 } 3369 3370 static void 3371 run_usb_timeout_cb(void *arg, int pending) 3372 { 3373 struct run_softc *sc = arg; 3374 struct ieee80211vap *vap = &sc->sc_rvp->vap; 3375 3376 RUN_LOCK_ASSERT(sc, MA_OWNED); 3377 3378 if(vap->iv_state == IEEE80211_S_RUN && 3379 vap->iv_opmode != IEEE80211_M_STA) 3380 run_reset_livelock(sc); 3381 else if(vap->iv_state == IEEE80211_S_SCAN){ 3382 DPRINTF("timeout caused by scan\n"); 3383 /* cancel bgscan */ 3384 ieee80211_cancel_scan(vap); 3385 } else 3386 DPRINTF("timeout by unknown cause\n"); 3387 } 3388 3389 static void 3390 run_reset_livelock(struct run_softc *sc) 3391 { 3392 uint32_t tmp; 3393 3394 /* 3395 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 3396 * can run into a livelock and start sending CTS-to-self frames like 3397 * crazy if protection is enabled. Reset MAC/BBP for a while 3398 */ 3399 run_read(sc, RT2860_DEBUG, &tmp); 3400 if((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))){ 3401 DPRINTF("CTS-to-self livelock detected\n"); 3402 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 3403 run_delay(sc, 1); 3404 run_write(sc, RT2860_MAC_SYS_CTRL, 3405 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3406 } 3407 } 3408 3409 static void 3410 run_update_promisc_locked(struct ifnet *ifp) 3411 { 3412 struct run_softc *sc = ifp->if_softc; 3413 uint32_t tmp; 3414 3415 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 3416 3417 tmp |= RT2860_DROP_UC_NOME; 3418 if (ifp->if_flags & IFF_PROMISC) 3419 tmp &= ~RT2860_DROP_UC_NOME; 3420 3421 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 3422 3423 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 3424 "entering" : "leaving"); 3425 } 3426 3427 static void 3428 run_update_promisc(struct ifnet *ifp) 3429 { 3430 struct run_softc *sc = ifp->if_softc; 3431 3432 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 3433 return; 3434 3435 RUN_LOCK(sc); 3436 run_update_promisc_locked(ifp); 3437 RUN_UNLOCK(sc); 3438 } 3439 3440 static void 3441 run_enable_tsf_sync(struct run_softc *sc) 3442 { 3443 struct ifnet *ifp = sc->sc_ifp; 3444 struct ieee80211com *ic = ifp->if_l2com; 3445 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3446 uint32_t tmp; 3447 3448 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3449 tmp &= ~0x1fffff; 3450 tmp |= vap->iv_bss->ni_intval * 16; 3451 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 3452 3453 if (vap->iv_opmode == IEEE80211_M_STA) { 3454 /* 3455 * Local TSF is always updated with remote TSF on beacon 3456 * reception. 3457 */ 3458 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 3459 } else if (vap->iv_opmode == IEEE80211_M_IBSS) { 3460 tmp |= RT2860_BCN_TX_EN; 3461 /* 3462 * Local TSF is updated with remote TSF on beacon reception 3463 * only if the remote TSF is greater than local TSF. 3464 */ 3465 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 3466 } else if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 3467 tmp |= RT2860_BCN_TX_EN; 3468 /* SYNC with nobody */ 3469 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 3470 } else 3471 DPRINTF("Enabling TSF failed. undefined opmode\n"); 3472 3473 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3474 } 3475 3476 static void 3477 run_enable_mrr(struct run_softc *sc) 3478 { 3479 #define CCK(mcs) (mcs) 3480 #define OFDM(mcs) (1 << 3 | (mcs)) 3481 run_write(sc, RT2860_LG_FBK_CFG0, 3482 OFDM(6) << 28 | /* 54->48 */ 3483 OFDM(5) << 24 | /* 48->36 */ 3484 OFDM(4) << 20 | /* 36->24 */ 3485 OFDM(3) << 16 | /* 24->18 */ 3486 OFDM(2) << 12 | /* 18->12 */ 3487 OFDM(1) << 8 | /* 12-> 9 */ 3488 OFDM(0) << 4 | /* 9-> 6 */ 3489 OFDM(0)); /* 6-> 6 */ 3490 3491 run_write(sc, RT2860_LG_FBK_CFG1, 3492 CCK(2) << 12 | /* 11->5.5 */ 3493 CCK(1) << 8 | /* 5.5-> 2 */ 3494 CCK(0) << 4 | /* 2-> 1 */ 3495 CCK(0)); /* 1-> 1 */ 3496 #undef OFDM 3497 #undef CCK 3498 } 3499 3500 static void 3501 run_set_txpreamble(struct run_softc *sc) 3502 { 3503 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3504 uint32_t tmp; 3505 3506 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 3507 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3508 tmp |= RT2860_CCK_SHORT_EN; 3509 else 3510 tmp &= ~RT2860_CCK_SHORT_EN; 3511 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 3512 } 3513 3514 static void 3515 run_set_basicrates(struct run_softc *sc) 3516 { 3517 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3518 3519 /* set basic rates mask */ 3520 if (ic->ic_curmode == IEEE80211_MODE_11B) 3521 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 3522 else if (ic->ic_curmode == IEEE80211_MODE_11A) 3523 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 3524 else /* 11g */ 3525 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 3526 } 3527 3528 static void 3529 run_set_leds(struct run_softc *sc, uint16_t which) 3530 { 3531 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 3532 which | (sc->leds & 0x7f)); 3533 } 3534 3535 static void 3536 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 3537 { 3538 run_write(sc, RT2860_MAC_BSSID_DW0, 3539 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3540 run_write(sc, RT2860_MAC_BSSID_DW1, 3541 bssid[4] | bssid[5] << 8); 3542 } 3543 3544 static void 3545 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 3546 { 3547 run_write(sc, RT2860_MAC_ADDR_DW0, 3548 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3549 run_write(sc, RT2860_MAC_ADDR_DW1, 3550 addr[4] | addr[5] << 8 | 0xff << 16); 3551 } 3552 3553 /* ARGSUSED */ 3554 static void 3555 run_updateslot(struct ifnet *ifp) 3556 { 3557 struct run_softc *sc = ifp->if_softc; 3558 struct ieee80211com *ic = ifp->if_l2com; 3559 uint32_t tmp; 3560 3561 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 3562 tmp &= ~0xff; 3563 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 3564 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 3565 } 3566 3567 static int8_t 3568 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 3569 { 3570 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3571 struct ieee80211_channel *c = ic->ic_curchan; 3572 int delta; 3573 3574 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3575 uint32_t chan = ieee80211_chan2ieee(ic, c); 3576 delta = sc->rssi_5ghz[rxchain]; 3577 3578 /* determine channel group */ 3579 if (chan <= 64) 3580 delta -= sc->lna[1]; 3581 else if (chan <= 128) 3582 delta -= sc->lna[2]; 3583 else 3584 delta -= sc->lna[3]; 3585 } else 3586 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 3587 3588 return -12 - delta - rssi; 3589 } 3590 3591 static int 3592 run_bbp_init(struct run_softc *sc) 3593 { 3594 int i, error, ntries; 3595 uint8_t bbp0; 3596 3597 /* wait for BBP to wake up */ 3598 for (ntries = 0; ntries < 20; ntries++) { 3599 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 3600 return error; 3601 if (bbp0 != 0 && bbp0 != 0xff) 3602 break; 3603 } 3604 if (ntries == 20) 3605 return ETIMEDOUT; 3606 3607 /* initialize BBP registers to default values */ 3608 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 3609 run_bbp_write(sc, rt2860_def_bbp[i].reg, 3610 rt2860_def_bbp[i].val); 3611 } 3612 3613 /* fix BBP84 for RT2860E */ 3614 if ((sc->mac_rev >> 16) == 0x2860 && (sc->mac_rev & 0xffff) != 0x0101) 3615 run_bbp_write(sc, 84, 0x19); 3616 3617 if ((sc->mac_rev >> 16) >= 0x3070) { 3618 run_bbp_write(sc, 79, 0x13); 3619 run_bbp_write(sc, 80, 0x05); 3620 run_bbp_write(sc, 81, 0x33); 3621 /* XXX RT3090 needs more */ 3622 } else if (sc->mac_rev == 0x28600100) { 3623 run_bbp_write(sc, 69, 0x16); 3624 run_bbp_write(sc, 73, 0x12); 3625 } 3626 return 0; 3627 } 3628 3629 static int 3630 run_rt3070_rf_init(struct run_softc *sc) 3631 { 3632 uint32_t tmp; 3633 uint8_t rf, bbp4; 3634 int i; 3635 3636 run_rt3070_rf_read(sc, 30, &rf); 3637 /* toggle RF R30 bit 7 */ 3638 run_rt3070_rf_write(sc, 30, rf | 0x80); 3639 run_delay(sc, 10); 3640 run_rt3070_rf_write(sc, 30, rf & ~0x80); 3641 3642 /* initialize RF registers to default value */ 3643 for (i = 0; i < nitems(rt3070_def_rf); i++) { 3644 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3645 rt3070_def_rf[i].val); 3646 } 3647 if ((sc->mac_rev >> 16) == 0x3070) { 3648 /* change voltage from 1.2V to 1.35V for RT3070 */ 3649 run_read(sc, RT3070_LDO_CFG0, &tmp); 3650 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3651 run_write(sc, RT3070_LDO_CFG0, tmp); 3652 3653 } else if ((sc->mac_rev >> 16) == 0x3071) { 3654 run_rt3070_rf_read(sc, 6, &rf); 3655 run_rt3070_rf_write(sc, 6, rf | 0x40); 3656 run_rt3070_rf_write(sc, 31, 0x14); 3657 3658 run_read(sc, RT3070_LDO_CFG0, &tmp); 3659 tmp &= ~0x1f000000; 3660 if ((sc->mac_rev & 0xffff) < 0x0211) 3661 tmp |= 0x0d000000; 3662 else 3663 tmp |= 0x01000000; 3664 run_write(sc, RT3070_LDO_CFG0, tmp); 3665 3666 /* patch LNA_PE_G1 */ 3667 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3668 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3669 } else if((sc->mac_rev >> 16) == 0x3572){ 3670 if ((sc->mac_rev & 0xffff) < 0x0211){ 3671 run_read(sc, RT3070_LDO_CFG0, &tmp); 3672 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3673 run_write(sc, RT3070_LDO_CFG0, tmp); 3674 } else { 3675 run_read(sc, RT3070_LDO_CFG0, &tmp); 3676 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3677 run_write(sc, RT3070_LDO_CFG0, tmp); 3678 3679 run_delay(sc, 1); /* wait for 1msec */ 3680 3681 tmp = (tmp & ~0x1f000000) | 0x01000000; 3682 run_write(sc, RT3070_LDO_CFG0, tmp); 3683 } 3684 } 3685 3686 /* select 20MHz bandwidth */ 3687 run_rt3070_rf_read(sc, 31, &rf); 3688 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3689 3690 /* calibrate filter for 20MHz bandwidth */ 3691 sc->rf24_20mhz = 0x1f; /* default value */ 3692 run_rt3070_filter_calib(sc, 0x07, 0x16, &sc->rf24_20mhz); 3693 3694 /* select 40MHz bandwidth */ 3695 run_bbp_read(sc, 4, &bbp4); 3696 run_bbp_write(sc, 4, (bbp4 & ~0x08) | 0x10); 3697 3698 /* calibrate filter for 40MHz bandwidth */ 3699 sc->rf24_40mhz = 0x2f; /* default value */ 3700 run_rt3070_filter_calib(sc, 0x27, 0x19, &sc->rf24_40mhz); 3701 3702 /* go back to 20MHz bandwidth */ 3703 run_bbp_read(sc, 4, &bbp4); 3704 run_bbp_write(sc, 4, bbp4 & ~0x18); 3705 3706 if ((sc->mac_rev & 0xffff) < 0x0211) 3707 run_rt3070_rf_write(sc, 27, 0x03); 3708 3709 run_read(sc, RT3070_OPT_14, &tmp); 3710 run_write(sc, RT3070_OPT_14, tmp | 1); 3711 3712 if ((sc->mac_rev >> 16) == 0x3071) { 3713 run_rt3070_rf_read(sc, 1, &rf); 3714 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 3715 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 3716 run_rt3070_rf_write(sc, 1, rf); 3717 3718 run_rt3070_rf_read(sc, 15, &rf); 3719 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 3720 3721 run_rt3070_rf_read(sc, 17, &rf); 3722 rf &= ~RT3070_TX_LO1; 3723 if ((sc->mac_rev & 0xffff) >= 0x0211 && !sc->ext_2ghz_lna) 3724 rf |= 0x20; /* fix for long range Rx issue */ 3725 run_rt3070_rf_write(sc, 17, rf); 3726 3727 run_rt3070_rf_read(sc, 20, &rf); 3728 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 3729 3730 run_rt3070_rf_read(sc, 21, &rf); 3731 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 3732 3733 run_rt3070_rf_read(sc, 27, &rf); 3734 rf &= ~0x77; 3735 if ((sc->mac_rev & 0xffff) < 0x0211) 3736 rf |= 0x03; 3737 run_rt3070_rf_write(sc, 27, rf); 3738 } 3739 return 0; 3740 } 3741 3742 static int 3743 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 3744 uint8_t *val) 3745 { 3746 uint8_t rf22, rf24; 3747 uint8_t bbp55_pb, bbp55_sb, delta; 3748 int ntries; 3749 3750 /* program filter */ 3751 rf24 = init; /* initial filter value */ 3752 run_rt3070_rf_write(sc, 24, rf24); 3753 3754 /* enable baseband loopback mode */ 3755 run_rt3070_rf_read(sc, 22, &rf22); 3756 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 3757 3758 /* set power and frequency of passband test tone */ 3759 run_bbp_write(sc, 24, 0x00); 3760 for (ntries = 0; ntries < 100; ntries++) { 3761 /* transmit test tone */ 3762 run_bbp_write(sc, 25, 0x90); 3763 run_delay(sc, 10); 3764 /* read received power */ 3765 run_bbp_read(sc, 55, &bbp55_pb); 3766 if (bbp55_pb != 0) 3767 break; 3768 } 3769 if (ntries == 100) 3770 return ETIMEDOUT; 3771 3772 /* set power and frequency of stopband test tone */ 3773 run_bbp_write(sc, 24, 0x06); 3774 for (ntries = 0; ntries < 100; ntries++) { 3775 /* transmit test tone */ 3776 run_bbp_write(sc, 25, 0x90); 3777 run_delay(sc, 10); 3778 /* read received power */ 3779 run_bbp_read(sc, 55, &bbp55_sb); 3780 3781 delta = bbp55_pb - bbp55_sb; 3782 if (delta > target) 3783 break; 3784 3785 /* reprogram filter */ 3786 rf24++; 3787 run_rt3070_rf_write(sc, 24, rf24); 3788 } 3789 if (ntries < 100) { 3790 if (rf24 != init) 3791 rf24--; /* backtrack */ 3792 *val = rf24; 3793 run_rt3070_rf_write(sc, 24, rf24); 3794 } 3795 3796 /* restore initial state */ 3797 run_bbp_write(sc, 24, 0x00); 3798 3799 /* disable baseband loopback mode */ 3800 run_rt3070_rf_read(sc, 22, &rf22); 3801 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 3802 3803 return 0; 3804 } 3805 3806 static int 3807 run_txrx_enable(struct run_softc *sc) 3808 { 3809 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3810 uint32_t tmp; 3811 int error, ntries; 3812 3813 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 3814 for (ntries = 0; ntries < 200; ntries++) { 3815 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3816 return error; 3817 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3818 break; 3819 run_delay(sc, 50); 3820 } 3821 if (ntries == 200) 3822 return ETIMEDOUT; 3823 3824 run_delay(sc, 50); 3825 3826 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 3827 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3828 3829 /* enable Rx bulk aggregation (set timeout and limit) */ 3830 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 3831 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 3832 run_write(sc, RT2860_USB_DMA_CFG, tmp); 3833 3834 /* set Rx filter */ 3835 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 3836 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 3837 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 3838 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 3839 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 3840 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 3841 if (ic->ic_opmode == IEEE80211_M_STA) 3842 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 3843 } 3844 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 3845 3846 run_write(sc, RT2860_MAC_SYS_CTRL, 3847 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3848 3849 return 0; 3850 } 3851 3852 static void 3853 run_init_locked(struct run_softc *sc) 3854 { 3855 struct ifnet *ifp = sc->sc_ifp; 3856 struct ieee80211com *ic = ifp->if_l2com; 3857 struct ieee80211vap *vap = &sc->sc_rvp->vap; 3858 uint32_t tmp; 3859 uint8_t bbp1, bbp3; 3860 int i; 3861 int ridx; 3862 int ntries; 3863 3864 run_stop(sc); 3865 3866 for (ntries = 0; ntries < 100; ntries++) { 3867 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 3868 goto fail; 3869 if (tmp != 0 && tmp != 0xffffffff) 3870 break; 3871 run_delay(sc, 10); 3872 } 3873 if (ntries == 100) 3874 goto fail; 3875 3876 for (i = 0; i != RUN_EP_QUEUES; i++) 3877 run_setup_tx_list(sc, &sc->sc_epq[i]); 3878 3879 run_set_macaddr(sc, IF_LLADDR(ifp)); 3880 3881 for (ntries = 0; ntries < 100; ntries++) { 3882 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 3883 goto fail; 3884 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3885 break; 3886 run_delay(sc, 10); 3887 } 3888 if (ntries == 100) { 3889 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 3890 goto fail; 3891 } 3892 tmp &= 0xff0; 3893 tmp |= RT2860_TX_WB_DDONE; 3894 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3895 3896 /* turn off PME_OEN to solve high-current issue */ 3897 run_read(sc, RT2860_SYS_CTRL, &tmp); 3898 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 3899 3900 run_write(sc, RT2860_MAC_SYS_CTRL, 3901 RT2860_BBP_HRST | RT2860_MAC_SRST); 3902 run_write(sc, RT2860_USB_DMA_CFG, 0); 3903 3904 if (run_reset(sc) != 0) { 3905 device_printf(sc->sc_dev, "could not reset chipset\n"); 3906 goto fail; 3907 } 3908 3909 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3910 3911 /* init Tx power for all Tx rates (from EEPROM) */ 3912 for (ridx = 0; ridx < 5; ridx++) { 3913 if (sc->txpow20mhz[ridx] == 0xffffffff) 3914 continue; 3915 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 3916 } 3917 3918 for (i = 0; i < nitems(rt2870_def_mac); i++) 3919 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 3920 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 3921 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 3922 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 3923 3924 if ((sc->mac_rev >> 16) >= 0x3070) { 3925 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 3926 run_write(sc, RT2860_TX_SW_CFG0, 3927 4 << RT2860_DLY_PAPE_EN_SHIFT); 3928 run_write(sc, RT2860_TX_SW_CFG1, 0); 3929 run_write(sc, RT2860_TX_SW_CFG2, 0x1f); 3930 } 3931 3932 /* wait while MAC is busy */ 3933 for (ntries = 0; ntries < 100; ntries++) { 3934 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 3935 goto fail; 3936 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 3937 break; 3938 run_delay(sc, 10); 3939 } 3940 if (ntries == 100) 3941 goto fail; 3942 3943 /* clear Host to MCU mailbox */ 3944 run_write(sc, RT2860_H2M_BBPAGENT, 0); 3945 run_write(sc, RT2860_H2M_MAILBOX, 0); 3946 run_delay(sc, 10); 3947 3948 if (run_bbp_init(sc) != 0) { 3949 device_printf(sc->sc_dev, "could not initialize BBP\n"); 3950 goto fail; 3951 } 3952 3953 /* abort TSF synchronization */ 3954 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3955 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 3956 RT2860_TBTT_TIMER_EN); 3957 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3958 3959 /* clear RX WCID search table */ 3960 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 3961 /* clear WCID attribute table */ 3962 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 3963 /* clear shared key table */ 3964 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 3965 /* clear shared key mode */ 3966 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 3967 3968 run_read(sc, RT2860_US_CYC_CNT, &tmp); 3969 tmp = (tmp & ~0xff) | 0x1e; 3970 run_write(sc, RT2860_US_CYC_CNT, tmp); 3971 3972 if ((sc->mac_rev >> 16) == 0x2860 && (sc->mac_rev & 0xffff) != 0x0101) 3973 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 3974 3975 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 3976 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 3977 3978 /* write vendor-specific BBP values (from EEPROM) */ 3979 for (i = 0; i < 8; i++) { 3980 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 3981 continue; 3982 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 3983 } 3984 3985 /* select Main antenna for 1T1R devices */ 3986 if (sc->rf_rev == RT3070_RF_3020) 3987 run_set_rx_antenna(sc, 0); 3988 3989 /* send LEDs operating mode to microcontroller */ 3990 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 3991 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 3992 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 3993 3994 /* disable non-existing Rx chains */ 3995 run_bbp_read(sc, 3, &bbp3); 3996 bbp3 &= ~(1 << 3 | 1 << 4); 3997 if (sc->nrxchains == 2) 3998 bbp3 |= 1 << 3; 3999 else if (sc->nrxchains == 3) 4000 bbp3 |= 1 << 4; 4001 run_bbp_write(sc, 3, bbp3); 4002 4003 /* disable non-existing Tx chains */ 4004 run_bbp_read(sc, 1, &bbp1); 4005 if (sc->ntxchains == 1) 4006 bbp1 &= ~(1 << 3 | 1 << 4); 4007 run_bbp_write(sc, 1, bbp1); 4008 4009 if ((sc->mac_rev >> 16) >= 0x3070) 4010 run_rt3070_rf_init(sc); 4011 4012 /* select default channel */ 4013 vap->iv_bss->ni_chan = ic->ic_curchan; /* ic_bsschan?? */ 4014 run_set_chan(sc, ic->ic_curchan); 4015 4016 /* setup initial protection mode */ 4017 run_updateprot(ic); 4018 4019 /* turn radio LED on */ 4020 run_set_leds(sc, RT2860_LED_RADIO); 4021 4022 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 4023 ifp->if_drv_flags |= IFF_DRV_RUNNING; 4024 4025 for(i = 0; i != RUN_N_XFER; i++) 4026 usbd_xfer_set_stall(sc->sc_xfer[i]); 4027 4028 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 4029 4030 if (run_txrx_enable(sc) != 0) 4031 goto fail; 4032 4033 return; 4034 4035 fail: 4036 run_stop(sc); 4037 } 4038 4039 static void 4040 run_init(void *arg) 4041 { 4042 struct run_softc *sc = arg; 4043 struct ifnet *ifp = sc->sc_ifp; 4044 struct ieee80211com *ic = ifp->if_l2com; 4045 4046 RUN_LOCK(sc); 4047 run_init_locked(sc); 4048 RUN_UNLOCK(sc); 4049 4050 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 4051 ieee80211_start_all(ic); 4052 } 4053 4054 static void 4055 run_stop(void *arg) 4056 { 4057 struct run_softc *sc = (struct run_softc *)arg; 4058 struct ifnet *ifp = sc->sc_ifp; 4059 struct ieee80211com *ic = ifp->if_l2com; 4060 uint32_t tmp; 4061 int i; 4062 int ntries; 4063 4064 RUN_LOCK_ASSERT(sc, MA_OWNED); 4065 4066 if (ic->ic_flags & IEEE80211_F_SCAN) 4067 ieee80211_cancel_scan(&sc->sc_rvp->vap); 4068 4069 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 4070 run_set_leds(sc, 0); /* turn all LEDs off */ 4071 4072 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 4073 4074 sc->sc_rvp->amrr_run = RUN_AMRR_OFF; 4075 4076 RUN_UNLOCK(sc); 4077 4078 /* drain them all */ 4079 usb_callout_drain(&sc->sc_rvp->amrr_ch); 4080 ieee80211_draintask(ic, &sc->sc_rvp->amrr_task); 4081 ieee80211_draintask(ic, &sc->wme_task); 4082 for(i = 0; i < RUN_N_XFER; i++) 4083 usbd_transfer_drain(sc->sc_xfer[i]); 4084 ieee80211_draintask(ic, &sc->usb_timeout_task); 4085 4086 RUN_LOCK(sc); 4087 4088 if(sc->rx_m != NULL){ 4089 m_free(sc->rx_m); 4090 sc->rx_m = NULL; 4091 } 4092 4093 /* disable Tx/Rx */ 4094 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 4095 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4096 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 4097 4098 /* wait for pending Tx to complete */ 4099 for (ntries = 0; ntries < 100; ntries++) { 4100 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0){ 4101 DPRINTF("Cannot read Tx queue count\n"); 4102 break; 4103 } 4104 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0){ 4105 DPRINTF("All Tx cleared\n"); 4106 break; 4107 } 4108 run_delay(sc, 10); 4109 } 4110 if(ntries >= 100) 4111 DPRINTF("There are still pending Tx\n"); 4112 run_delay(sc, 10); 4113 run_write(sc, RT2860_USB_DMA_CFG, 0); 4114 4115 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 4116 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4117 4118 for (i = 0; i != RUN_EP_QUEUES; i++) 4119 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 4120 4121 return; 4122 } 4123 4124 static void 4125 run_delay(struct run_softc *sc, unsigned int ms) 4126 { 4127 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ? 4128 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms)); 4129 } 4130 4131 static device_method_t run_methods[] = { 4132 /* Device interface */ 4133 DEVMETHOD(device_probe, run_match), 4134 DEVMETHOD(device_attach, run_attach), 4135 DEVMETHOD(device_detach, run_detach), 4136 4137 { 0, 0 } 4138 }; 4139 4140 static driver_t run_driver = { 4141 "run", 4142 run_methods, 4143 sizeof(struct run_softc) 4144 }; 4145 4146 static devclass_t run_devclass; 4147 4148 DRIVER_MODULE(run, uhub, run_driver, run_devclass, NULL, 0); 4149