1 /*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD$"); 22 23 /*- 24 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sockio.h> 30 #include <sys/sysctl.h> 31 #include <sys/lock.h> 32 #include <sys/mutex.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 #include <sys/linker.h> 42 #include <sys/firmware.h> 43 #include <sys/kdb.h> 44 45 #include <machine/bus.h> 46 #include <machine/resource.h> 47 #include <sys/rman.h> 48 49 #include <net/bpf.h> 50 #include <net/if.h> 51 #include <net/if_var.h> 52 #include <net/if_arp.h> 53 #include <net/ethernet.h> 54 #include <net/if_dl.h> 55 #include <net/if_media.h> 56 #include <net/if_types.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #include <netinet/ip.h> 63 64 #include <net80211/ieee80211_var.h> 65 #include <net80211/ieee80211_regdomain.h> 66 #include <net80211/ieee80211_radiotap.h> 67 #include <net80211/ieee80211_ratectl.h> 68 69 #include <dev/usb/usb.h> 70 #include <dev/usb/usbdi.h> 71 #include "usbdevs.h" 72 73 #define USB_DEBUG_VAR run_debug 74 #include <dev/usb/usb_debug.h> 75 #include <dev/usb/usb_msctest.h> 76 77 #include <dev/usb/wlan/if_runreg.h> 78 #include <dev/usb/wlan/if_runvar.h> 79 80 #ifdef USB_DEBUG 81 #define RUN_DEBUG 82 #endif 83 84 #ifdef RUN_DEBUG 85 int run_debug = 0; 86 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 87 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RWTUN, &run_debug, 0, 88 "run debug level"); 89 #endif 90 91 #define IEEE80211_HAS_ADDR4(wh) \ 92 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 93 94 /* 95 * Because of LOR in run_key_delete(), use atomic instead. 96 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 97 */ 98 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 99 100 static const STRUCT_USB_HOST_ID run_devs[] = { 101 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 102 #define RUN_DEV_EJECT(v,p) \ 103 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, RUN_EJECT) } 104 #define RUN_EJECT 1 105 RUN_DEV(ABOCOM, RT2770), 106 RUN_DEV(ABOCOM, RT2870), 107 RUN_DEV(ABOCOM, RT3070), 108 RUN_DEV(ABOCOM, RT3071), 109 RUN_DEV(ABOCOM, RT3072), 110 RUN_DEV(ABOCOM2, RT2870_1), 111 RUN_DEV(ACCTON, RT2770), 112 RUN_DEV(ACCTON, RT2870_1), 113 RUN_DEV(ACCTON, RT2870_2), 114 RUN_DEV(ACCTON, RT2870_3), 115 RUN_DEV(ACCTON, RT2870_4), 116 RUN_DEV(ACCTON, RT2870_5), 117 RUN_DEV(ACCTON, RT3070), 118 RUN_DEV(ACCTON, RT3070_1), 119 RUN_DEV(ACCTON, RT3070_2), 120 RUN_DEV(ACCTON, RT3070_3), 121 RUN_DEV(ACCTON, RT3070_4), 122 RUN_DEV(ACCTON, RT3070_5), 123 RUN_DEV(AIRTIES, RT3070), 124 RUN_DEV(ALLWIN, RT2070), 125 RUN_DEV(ALLWIN, RT2770), 126 RUN_DEV(ALLWIN, RT2870), 127 RUN_DEV(ALLWIN, RT3070), 128 RUN_DEV(ALLWIN, RT3071), 129 RUN_DEV(ALLWIN, RT3072), 130 RUN_DEV(ALLWIN, RT3572), 131 RUN_DEV(AMIGO, RT2870_1), 132 RUN_DEV(AMIGO, RT2870_2), 133 RUN_DEV(AMIT, CGWLUSB2GNR), 134 RUN_DEV(AMIT, RT2870_1), 135 RUN_DEV(AMIT2, RT2870), 136 RUN_DEV(ASUS, RT2870_1), 137 RUN_DEV(ASUS, RT2870_2), 138 RUN_DEV(ASUS, RT2870_3), 139 RUN_DEV(ASUS, RT2870_4), 140 RUN_DEV(ASUS, RT2870_5), 141 RUN_DEV(ASUS, USBN13), 142 RUN_DEV(ASUS, RT3070_1), 143 RUN_DEV(ASUS, USBN66), 144 RUN_DEV(ASUS, USB_N53), 145 RUN_DEV(ASUS2, USBN11), 146 RUN_DEV(AZUREWAVE, RT2870_1), 147 RUN_DEV(AZUREWAVE, RT2870_2), 148 RUN_DEV(AZUREWAVE, RT3070_1), 149 RUN_DEV(AZUREWAVE, RT3070_2), 150 RUN_DEV(AZUREWAVE, RT3070_3), 151 RUN_DEV(BELKIN, F9L1103), 152 RUN_DEV(BELKIN, F5D8053V3), 153 RUN_DEV(BELKIN, F5D8055), 154 RUN_DEV(BELKIN, F5D8055V2), 155 RUN_DEV(BELKIN, F6D4050V1), 156 RUN_DEV(BELKIN, F6D4050V2), 157 RUN_DEV(BELKIN, RT2870_1), 158 RUN_DEV(BELKIN, RT2870_2), 159 RUN_DEV(CISCOLINKSYS, AE1000), 160 RUN_DEV(CISCOLINKSYS2, RT3070), 161 RUN_DEV(CISCOLINKSYS3, RT3070), 162 RUN_DEV(CONCEPTRONIC2, RT2870_1), 163 RUN_DEV(CONCEPTRONIC2, RT2870_2), 164 RUN_DEV(CONCEPTRONIC2, RT2870_3), 165 RUN_DEV(CONCEPTRONIC2, RT2870_4), 166 RUN_DEV(CONCEPTRONIC2, RT2870_5), 167 RUN_DEV(CONCEPTRONIC2, RT2870_6), 168 RUN_DEV(CONCEPTRONIC2, RT2870_7), 169 RUN_DEV(CONCEPTRONIC2, RT2870_8), 170 RUN_DEV(CONCEPTRONIC2, RT3070_1), 171 RUN_DEV(CONCEPTRONIC2, RT3070_2), 172 RUN_DEV(CONCEPTRONIC2, VIGORN61), 173 RUN_DEV(COREGA, CGWLUSB300GNM), 174 RUN_DEV(COREGA, RT2870_1), 175 RUN_DEV(COREGA, RT2870_2), 176 RUN_DEV(COREGA, RT2870_3), 177 RUN_DEV(COREGA, RT3070), 178 RUN_DEV(CYBERTAN, RT2870), 179 RUN_DEV(DLINK, RT2870), 180 RUN_DEV(DLINK, RT3072), 181 RUN_DEV(DLINK, DWA127), 182 RUN_DEV(DLINK, DWA140B3), 183 RUN_DEV(DLINK, DWA160B2), 184 RUN_DEV(DLINK, DWA140D1), 185 RUN_DEV(DLINK, DWA162), 186 RUN_DEV(DLINK2, DWA130), 187 RUN_DEV(DLINK2, RT2870_1), 188 RUN_DEV(DLINK2, RT2870_2), 189 RUN_DEV(DLINK2, RT3070_1), 190 RUN_DEV(DLINK2, RT3070_2), 191 RUN_DEV(DLINK2, RT3070_3), 192 RUN_DEV(DLINK2, RT3070_4), 193 RUN_DEV(DLINK2, RT3070_5), 194 RUN_DEV(DLINK2, RT3072), 195 RUN_DEV(DLINK2, RT3072_1), 196 RUN_DEV(EDIMAX, EW7717), 197 RUN_DEV(EDIMAX, EW7718), 198 RUN_DEV(EDIMAX, EW7733UND), 199 RUN_DEV(EDIMAX, RT2870_1), 200 RUN_DEV(ENCORE, RT3070_1), 201 RUN_DEV(ENCORE, RT3070_2), 202 RUN_DEV(ENCORE, RT3070_3), 203 RUN_DEV(GIGABYTE, GNWB31N), 204 RUN_DEV(GIGABYTE, GNWB32L), 205 RUN_DEV(GIGABYTE, RT2870_1), 206 RUN_DEV(GIGASET, RT3070_1), 207 RUN_DEV(GIGASET, RT3070_2), 208 RUN_DEV(GUILLEMOT, HWNU300), 209 RUN_DEV(HAWKING, HWUN2), 210 RUN_DEV(HAWKING, RT2870_1), 211 RUN_DEV(HAWKING, RT2870_2), 212 RUN_DEV(HAWKING, RT3070), 213 RUN_DEV(IODATA, RT3072_1), 214 RUN_DEV(IODATA, RT3072_2), 215 RUN_DEV(IODATA, RT3072_3), 216 RUN_DEV(IODATA, RT3072_4), 217 RUN_DEV(LINKSYS4, RT3070), 218 RUN_DEV(LINKSYS4, WUSB100), 219 RUN_DEV(LINKSYS4, WUSB54GCV3), 220 RUN_DEV(LINKSYS4, WUSB600N), 221 RUN_DEV(LINKSYS4, WUSB600NV2), 222 RUN_DEV(LOGITEC, RT2870_1), 223 RUN_DEV(LOGITEC, RT2870_2), 224 RUN_DEV(LOGITEC, RT2870_3), 225 RUN_DEV(LOGITEC, LANW300NU2), 226 RUN_DEV(LOGITEC, LANW150NU2), 227 RUN_DEV(LOGITEC, LANW300NU2S), 228 RUN_DEV(MELCO, WLIUCG300HP), 229 RUN_DEV(MELCO, RT2870_2), 230 RUN_DEV(MELCO, WLIUCAG300N), 231 RUN_DEV(MELCO, WLIUCG300N), 232 RUN_DEV(MELCO, WLIUCG301N), 233 RUN_DEV(MELCO, WLIUCGN), 234 RUN_DEV(MELCO, WLIUCGNM), 235 RUN_DEV(MELCO, WLIUCG300HPV1), 236 RUN_DEV(MELCO, WLIUCGNM2), 237 RUN_DEV(MOTOROLA4, RT2770), 238 RUN_DEV(MOTOROLA4, RT3070), 239 RUN_DEV(MSI, RT3070_1), 240 RUN_DEV(MSI, RT3070_2), 241 RUN_DEV(MSI, RT3070_3), 242 RUN_DEV(MSI, RT3070_4), 243 RUN_DEV(MSI, RT3070_5), 244 RUN_DEV(MSI, RT3070_6), 245 RUN_DEV(MSI, RT3070_7), 246 RUN_DEV(MSI, RT3070_8), 247 RUN_DEV(MSI, RT3070_9), 248 RUN_DEV(MSI, RT3070_10), 249 RUN_DEV(MSI, RT3070_11), 250 RUN_DEV(OVISLINK, RT3072), 251 RUN_DEV(PARA, RT3070), 252 RUN_DEV(PEGATRON, RT2870), 253 RUN_DEV(PEGATRON, RT3070), 254 RUN_DEV(PEGATRON, RT3070_2), 255 RUN_DEV(PEGATRON, RT3070_3), 256 RUN_DEV(PHILIPS, RT2870), 257 RUN_DEV(PLANEX2, GWUS300MINIS), 258 RUN_DEV(PLANEX2, GWUSMICRON), 259 RUN_DEV(PLANEX2, RT2870), 260 RUN_DEV(PLANEX2, RT3070), 261 RUN_DEV(QCOM, RT2870), 262 RUN_DEV(QUANTA, RT3070), 263 RUN_DEV(RALINK, RT2070), 264 RUN_DEV(RALINK, RT2770), 265 RUN_DEV(RALINK, RT2870), 266 RUN_DEV(RALINK, RT3070), 267 RUN_DEV(RALINK, RT3071), 268 RUN_DEV(RALINK, RT3072), 269 RUN_DEV(RALINK, RT3370), 270 RUN_DEV(RALINK, RT3572), 271 RUN_DEV(RALINK, RT3573), 272 RUN_DEV(RALINK, RT5370), 273 RUN_DEV(RALINK, RT5572), 274 RUN_DEV(RALINK, RT8070), 275 RUN_DEV(SAMSUNG, WIS09ABGN), 276 RUN_DEV(SAMSUNG2, RT2870_1), 277 RUN_DEV(SENAO, RT2870_1), 278 RUN_DEV(SENAO, RT2870_2), 279 RUN_DEV(SENAO, RT2870_3), 280 RUN_DEV(SENAO, RT2870_4), 281 RUN_DEV(SENAO, RT3070), 282 RUN_DEV(SENAO, RT3071), 283 RUN_DEV(SENAO, RT3072_1), 284 RUN_DEV(SENAO, RT3072_2), 285 RUN_DEV(SENAO, RT3072_3), 286 RUN_DEV(SENAO, RT3072_4), 287 RUN_DEV(SENAO, RT3072_5), 288 RUN_DEV(SITECOMEU, RT2770), 289 RUN_DEV(SITECOMEU, RT2870_1), 290 RUN_DEV(SITECOMEU, RT2870_2), 291 RUN_DEV(SITECOMEU, RT2870_3), 292 RUN_DEV(SITECOMEU, RT2870_4), 293 RUN_DEV(SITECOMEU, RT3070), 294 RUN_DEV(SITECOMEU, RT3070_2), 295 RUN_DEV(SITECOMEU, RT3070_3), 296 RUN_DEV(SITECOMEU, RT3070_4), 297 RUN_DEV(SITECOMEU, RT3071), 298 RUN_DEV(SITECOMEU, RT3072_1), 299 RUN_DEV(SITECOMEU, RT3072_2), 300 RUN_DEV(SITECOMEU, RT3072_3), 301 RUN_DEV(SITECOMEU, RT3072_4), 302 RUN_DEV(SITECOMEU, RT3072_5), 303 RUN_DEV(SITECOMEU, RT3072_6), 304 RUN_DEV(SITECOMEU, WL608), 305 RUN_DEV(SPARKLAN, RT2870_1), 306 RUN_DEV(SPARKLAN, RT3070), 307 RUN_DEV(SWEEX2, LW153), 308 RUN_DEV(SWEEX2, LW303), 309 RUN_DEV(SWEEX2, LW313), 310 RUN_DEV(TOSHIBA, RT3070), 311 RUN_DEV(UMEDIA, RT2870_1), 312 RUN_DEV(ZCOM, RT2870_1), 313 RUN_DEV(ZCOM, RT2870_2), 314 RUN_DEV(ZINWELL, RT2870_1), 315 RUN_DEV(ZINWELL, RT2870_2), 316 RUN_DEV(ZINWELL, RT3070), 317 RUN_DEV(ZINWELL, RT3072_1), 318 RUN_DEV(ZINWELL, RT3072_2), 319 RUN_DEV(ZYXEL, RT2870_1), 320 RUN_DEV(ZYXEL, RT2870_2), 321 RUN_DEV(ZYXEL, RT3070), 322 RUN_DEV_EJECT(ZYXEL, NWD2705), 323 RUN_DEV_EJECT(RALINK, RT_STOR), 324 #undef RUN_DEV_EJECT 325 #undef RUN_DEV 326 }; 327 328 static device_probe_t run_match; 329 static device_attach_t run_attach; 330 static device_detach_t run_detach; 331 332 static usb_callback_t run_bulk_rx_callback; 333 static usb_callback_t run_bulk_tx_callback0; 334 static usb_callback_t run_bulk_tx_callback1; 335 static usb_callback_t run_bulk_tx_callback2; 336 static usb_callback_t run_bulk_tx_callback3; 337 static usb_callback_t run_bulk_tx_callback4; 338 static usb_callback_t run_bulk_tx_callback5; 339 340 static void run_autoinst(void *, struct usb_device *, 341 struct usb_attach_arg *); 342 static int run_driver_loaded(struct module *, int, void *); 343 static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 344 usb_error_t error, u_int index); 345 static struct ieee80211vap *run_vap_create(struct ieee80211com *, 346 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 347 const uint8_t [IEEE80211_ADDR_LEN], 348 const uint8_t [IEEE80211_ADDR_LEN]); 349 static void run_vap_delete(struct ieee80211vap *); 350 static void run_cmdq_cb(void *, int); 351 static void run_setup_tx_list(struct run_softc *, 352 struct run_endpoint_queue *); 353 static void run_unsetup_tx_list(struct run_softc *, 354 struct run_endpoint_queue *); 355 static int run_load_microcode(struct run_softc *); 356 static int run_reset(struct run_softc *); 357 static usb_error_t run_do_request(struct run_softc *, 358 struct usb_device_request *, void *); 359 static int run_read(struct run_softc *, uint16_t, uint32_t *); 360 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 361 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 362 static int run_write(struct run_softc *, uint16_t, uint32_t); 363 static int run_write_region_1(struct run_softc *, uint16_t, 364 const uint8_t *, int); 365 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 366 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 367 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 368 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 369 static int run_rt2870_rf_write(struct run_softc *, uint32_t); 370 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 371 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 372 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 373 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 374 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 375 static const char *run_get_rf(uint16_t); 376 static void run_rt3593_get_txpower(struct run_softc *); 377 static void run_get_txpower(struct run_softc *); 378 static int run_read_eeprom(struct run_softc *); 379 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 380 const uint8_t mac[IEEE80211_ADDR_LEN]); 381 static int run_media_change(struct ifnet *); 382 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 383 static int run_wme_update(struct ieee80211com *); 384 static void run_wme_update_cb(void *); 385 static void run_key_update_begin(struct ieee80211vap *); 386 static void run_key_update_end(struct ieee80211vap *); 387 static void run_key_set_cb(void *); 388 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 389 const uint8_t mac[IEEE80211_ADDR_LEN]); 390 static void run_key_delete_cb(void *); 391 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 392 static void run_ratectl_to(void *); 393 static void run_ratectl_cb(void *, int); 394 static void run_drain_fifo(void *); 395 static void run_iter_func(void *, struct ieee80211_node *); 396 static void run_newassoc_cb(void *); 397 static void run_newassoc(struct ieee80211_node *, int); 398 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 399 static void run_tx_free(struct run_endpoint_queue *pq, 400 struct run_tx_data *, int); 401 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 402 static int run_tx(struct run_softc *, struct mbuf *, 403 struct ieee80211_node *); 404 static int run_tx_mgt(struct run_softc *, struct mbuf *, 405 struct ieee80211_node *); 406 static int run_sendprot(struct run_softc *, const struct mbuf *, 407 struct ieee80211_node *, int, int); 408 static int run_tx_param(struct run_softc *, struct mbuf *, 409 struct ieee80211_node *, 410 const struct ieee80211_bpf_params *); 411 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 412 const struct ieee80211_bpf_params *); 413 static void run_start(struct ifnet *); 414 static int run_ioctl(struct ifnet *, u_long, caddr_t); 415 static void run_iq_calib(struct run_softc *, u_int); 416 static void run_set_agc(struct run_softc *, uint8_t); 417 static void run_select_chan_group(struct run_softc *, int); 418 static void run_set_rx_antenna(struct run_softc *, int); 419 static void run_rt2870_set_chan(struct run_softc *, u_int); 420 static void run_rt3070_set_chan(struct run_softc *, u_int); 421 static void run_rt3572_set_chan(struct run_softc *, u_int); 422 static void run_rt3593_set_chan(struct run_softc *, u_int); 423 static void run_rt5390_set_chan(struct run_softc *, u_int); 424 static void run_rt5592_set_chan(struct run_softc *, u_int); 425 static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 426 static void run_set_channel(struct ieee80211com *); 427 static void run_scan_start(struct ieee80211com *); 428 static void run_scan_end(struct ieee80211com *); 429 static void run_update_beacon(struct ieee80211vap *, int); 430 static void run_update_beacon_cb(void *); 431 static void run_updateprot(struct ieee80211com *); 432 static void run_updateprot_cb(void *); 433 static void run_usb_timeout_cb(void *); 434 static void run_reset_livelock(struct run_softc *); 435 static void run_enable_tsf_sync(struct run_softc *); 436 static void run_enable_mrr(struct run_softc *); 437 static void run_set_txpreamble(struct run_softc *); 438 static void run_set_basicrates(struct run_softc *); 439 static void run_set_leds(struct run_softc *, uint16_t); 440 static void run_set_bssid(struct run_softc *, const uint8_t *); 441 static void run_set_macaddr(struct run_softc *, const uint8_t *); 442 static void run_updateslot(struct ieee80211com *); 443 static void run_updateslot_cb(void *); 444 static void run_update_mcast(struct ieee80211com *); 445 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 446 static void run_update_promisc_locked(struct run_softc *); 447 static void run_update_promisc(struct ieee80211com *); 448 static void run_rt5390_bbp_init(struct run_softc *); 449 static int run_bbp_init(struct run_softc *); 450 static int run_rt3070_rf_init(struct run_softc *); 451 static void run_rt3593_rf_init(struct run_softc *); 452 static void run_rt5390_rf_init(struct run_softc *); 453 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 454 uint8_t *); 455 static void run_rt3070_rf_setup(struct run_softc *); 456 static void run_rt3593_rf_setup(struct run_softc *); 457 static void run_rt5390_rf_setup(struct run_softc *); 458 static int run_txrx_enable(struct run_softc *); 459 static void run_adjust_freq_offset(struct run_softc *); 460 static void run_init(void *); 461 static void run_init_locked(struct run_softc *); 462 static void run_stop(void *); 463 static void run_delay(struct run_softc *, u_int); 464 465 static eventhandler_tag run_etag; 466 467 static const struct rt2860_rate { 468 uint8_t rate; 469 uint8_t mcs; 470 enum ieee80211_phytype phy; 471 uint8_t ctl_ridx; 472 uint16_t sp_ack_dur; 473 uint16_t lp_ack_dur; 474 } rt2860_rates[] = { 475 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 476 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 477 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 478 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 479 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 480 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 481 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 482 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 483 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 484 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 485 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 486 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 487 }; 488 489 static const struct { 490 uint16_t reg; 491 uint32_t val; 492 } rt2870_def_mac[] = { 493 RT2870_DEF_MAC 494 }; 495 496 static const struct { 497 uint8_t reg; 498 uint8_t val; 499 } rt2860_def_bbp[] = { 500 RT2860_DEF_BBP 501 },rt5390_def_bbp[] = { 502 RT5390_DEF_BBP 503 },rt5592_def_bbp[] = { 504 RT5592_DEF_BBP 505 }; 506 507 /* 508 * Default values for BBP register R196 for RT5592. 509 */ 510 static const uint8_t rt5592_bbp_r196[] = { 511 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 512 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 513 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 514 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 515 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 516 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 517 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 518 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 519 0x2e, 0x36, 0x30, 0x6e 520 }; 521 522 static const struct rfprog { 523 uint8_t chan; 524 uint32_t r1, r2, r3, r4; 525 } rt2860_rf2850[] = { 526 RT2860_RF2850 527 }; 528 529 struct { 530 uint8_t n, r, k; 531 } rt3070_freqs[] = { 532 RT3070_RF3052 533 }; 534 535 static const struct rt5592_freqs { 536 uint16_t n; 537 uint8_t k, m, r; 538 } rt5592_freqs_20mhz[] = { 539 RT5592_RF5592_20MHZ 540 },rt5592_freqs_40mhz[] = { 541 RT5592_RF5592_40MHZ 542 }; 543 544 static const struct { 545 uint8_t reg; 546 uint8_t val; 547 } rt3070_def_rf[] = { 548 RT3070_DEF_RF 549 },rt3572_def_rf[] = { 550 RT3572_DEF_RF 551 },rt3593_def_rf[] = { 552 RT3593_DEF_RF 553 },rt5390_def_rf[] = { 554 RT5390_DEF_RF 555 },rt5392_def_rf[] = { 556 RT5392_DEF_RF 557 },rt5592_def_rf[] = { 558 RT5592_DEF_RF 559 },rt5592_2ghz_def_rf[] = { 560 RT5592_2GHZ_DEF_RF 561 },rt5592_5ghz_def_rf[] = { 562 RT5592_5GHZ_DEF_RF 563 }; 564 565 static const struct { 566 u_int firstchan; 567 u_int lastchan; 568 uint8_t reg; 569 uint8_t val; 570 } rt5592_chan_5ghz[] = { 571 RT5592_CHAN_5GHZ 572 }; 573 574 static const struct usb_config run_config[RUN_N_XFER] = { 575 [RUN_BULK_TX_BE] = { 576 .type = UE_BULK, 577 .endpoint = UE_ADDR_ANY, 578 .ep_index = 0, 579 .direction = UE_DIR_OUT, 580 .bufsize = RUN_MAX_TXSZ, 581 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 582 .callback = run_bulk_tx_callback0, 583 .timeout = 5000, /* ms */ 584 }, 585 [RUN_BULK_TX_BK] = { 586 .type = UE_BULK, 587 .endpoint = UE_ADDR_ANY, 588 .direction = UE_DIR_OUT, 589 .ep_index = 1, 590 .bufsize = RUN_MAX_TXSZ, 591 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 592 .callback = run_bulk_tx_callback1, 593 .timeout = 5000, /* ms */ 594 }, 595 [RUN_BULK_TX_VI] = { 596 .type = UE_BULK, 597 .endpoint = UE_ADDR_ANY, 598 .direction = UE_DIR_OUT, 599 .ep_index = 2, 600 .bufsize = RUN_MAX_TXSZ, 601 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 602 .callback = run_bulk_tx_callback2, 603 .timeout = 5000, /* ms */ 604 }, 605 [RUN_BULK_TX_VO] = { 606 .type = UE_BULK, 607 .endpoint = UE_ADDR_ANY, 608 .direction = UE_DIR_OUT, 609 .ep_index = 3, 610 .bufsize = RUN_MAX_TXSZ, 611 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 612 .callback = run_bulk_tx_callback3, 613 .timeout = 5000, /* ms */ 614 }, 615 [RUN_BULK_TX_HCCA] = { 616 .type = UE_BULK, 617 .endpoint = UE_ADDR_ANY, 618 .direction = UE_DIR_OUT, 619 .ep_index = 4, 620 .bufsize = RUN_MAX_TXSZ, 621 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 622 .callback = run_bulk_tx_callback4, 623 .timeout = 5000, /* ms */ 624 }, 625 [RUN_BULK_TX_PRIO] = { 626 .type = UE_BULK, 627 .endpoint = UE_ADDR_ANY, 628 .direction = UE_DIR_OUT, 629 .ep_index = 5, 630 .bufsize = RUN_MAX_TXSZ, 631 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 632 .callback = run_bulk_tx_callback5, 633 .timeout = 5000, /* ms */ 634 }, 635 [RUN_BULK_RX] = { 636 .type = UE_BULK, 637 .endpoint = UE_ADDR_ANY, 638 .direction = UE_DIR_IN, 639 .bufsize = RUN_MAX_RXSZ, 640 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 641 .callback = run_bulk_rx_callback, 642 } 643 }; 644 645 static void 646 run_autoinst(void *arg, struct usb_device *udev, 647 struct usb_attach_arg *uaa) 648 { 649 struct usb_interface *iface; 650 struct usb_interface_descriptor *id; 651 652 if (uaa->dev_state != UAA_DEV_READY) 653 return; 654 655 iface = usbd_get_iface(udev, 0); 656 if (iface == NULL) 657 return; 658 id = iface->idesc; 659 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 660 return; 661 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 662 return; 663 664 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 665 uaa->dev_state = UAA_DEV_EJECTING; 666 } 667 668 static int 669 run_driver_loaded(struct module *mod, int what, void *arg) 670 { 671 switch (what) { 672 case MOD_LOAD: 673 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 674 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 675 break; 676 case MOD_UNLOAD: 677 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 678 break; 679 default: 680 return (EOPNOTSUPP); 681 } 682 return (0); 683 } 684 685 static int 686 run_match(device_t self) 687 { 688 struct usb_attach_arg *uaa = device_get_ivars(self); 689 690 if (uaa->usb_mode != USB_MODE_HOST) 691 return (ENXIO); 692 if (uaa->info.bConfigIndex != 0) 693 return (ENXIO); 694 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 695 return (ENXIO); 696 697 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 698 } 699 700 static int 701 run_attach(device_t self) 702 { 703 struct run_softc *sc = device_get_softc(self); 704 struct usb_attach_arg *uaa = device_get_ivars(self); 705 struct ieee80211com *ic; 706 struct ifnet *ifp; 707 uint32_t ver; 708 int ntries, error; 709 uint8_t iface_index, bands; 710 711 device_set_usb_desc(self); 712 sc->sc_udev = uaa->device; 713 sc->sc_dev = self; 714 if (USB_GET_DRIVER_INFO(uaa) != RUN_EJECT) 715 sc->sc_flags |= RUN_FLAG_FWLOAD_NEEDED; 716 717 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), 718 MTX_NETWORK_LOCK, MTX_DEF); 719 720 iface_index = RT2860_IFACE_INDEX; 721 722 error = usbd_transfer_setup(uaa->device, &iface_index, 723 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx); 724 if (error) { 725 device_printf(self, "could not allocate USB transfers, " 726 "err=%s\n", usbd_errstr(error)); 727 goto detach; 728 } 729 730 RUN_LOCK(sc); 731 732 /* wait for the chip to settle */ 733 for (ntries = 0; ntries < 100; ntries++) { 734 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 735 RUN_UNLOCK(sc); 736 goto detach; 737 } 738 if (ver != 0 && ver != 0xffffffff) 739 break; 740 run_delay(sc, 10); 741 } 742 if (ntries == 100) { 743 device_printf(sc->sc_dev, 744 "timeout waiting for NIC to initialize\n"); 745 RUN_UNLOCK(sc); 746 goto detach; 747 } 748 sc->mac_ver = ver >> 16; 749 sc->mac_rev = ver & 0xffff; 750 751 /* retrieve RF rev. no and various other things from EEPROM */ 752 run_read_eeprom(sc); 753 754 device_printf(sc->sc_dev, 755 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 756 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 757 sc->ntxchains, sc->nrxchains, ether_sprintf(sc->sc_bssid)); 758 759 RUN_UNLOCK(sc); 760 761 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 762 if (ifp == NULL) { 763 device_printf(sc->sc_dev, "can not if_alloc()\n"); 764 goto detach; 765 } 766 ic = ifp->if_l2com; 767 768 ifp->if_softc = sc; 769 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 770 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 771 ifp->if_init = run_init; 772 ifp->if_ioctl = run_ioctl; 773 ifp->if_start = run_start; 774 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 775 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 776 IFQ_SET_READY(&ifp->if_snd); 777 778 ic->ic_ifp = ifp; 779 ic->ic_softc = sc; 780 ic->ic_name = device_get_nameunit(self); 781 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 782 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 783 784 /* set device capabilities */ 785 ic->ic_caps = 786 IEEE80211_C_STA | /* station mode supported */ 787 IEEE80211_C_MONITOR | /* monitor mode supported */ 788 IEEE80211_C_IBSS | 789 IEEE80211_C_HOSTAP | 790 IEEE80211_C_WDS | /* 4-address traffic works */ 791 IEEE80211_C_MBSS | 792 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 793 IEEE80211_C_SHSLOT | /* short slot time supported */ 794 IEEE80211_C_WME | /* WME */ 795 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 796 797 ic->ic_cryptocaps = 798 IEEE80211_CRYPTO_WEP | 799 IEEE80211_CRYPTO_AES_CCM | 800 IEEE80211_CRYPTO_TKIPMIC | 801 IEEE80211_CRYPTO_TKIP; 802 803 ic->ic_flags |= IEEE80211_F_DATAPAD; 804 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 805 806 bands = 0; 807 setbit(&bands, IEEE80211_MODE_11B); 808 setbit(&bands, IEEE80211_MODE_11G); 809 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 810 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 811 sc->rf_rev == RT5592_RF_5592) 812 setbit(&bands, IEEE80211_MODE_11A); 813 ieee80211_init_channels(ic, NULL, &bands); 814 815 ieee80211_ifattach(ic, sc->sc_bssid); 816 817 ic->ic_scan_start = run_scan_start; 818 ic->ic_scan_end = run_scan_end; 819 ic->ic_set_channel = run_set_channel; 820 ic->ic_node_alloc = run_node_alloc; 821 ic->ic_newassoc = run_newassoc; 822 ic->ic_updateslot = run_updateslot; 823 ic->ic_update_mcast = run_update_mcast; 824 ic->ic_wme.wme_update = run_wme_update; 825 ic->ic_raw_xmit = run_raw_xmit; 826 ic->ic_update_promisc = run_update_promisc; 827 828 ic->ic_vap_create = run_vap_create; 829 ic->ic_vap_delete = run_vap_delete; 830 831 ieee80211_radiotap_attach(ic, 832 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 833 RUN_TX_RADIOTAP_PRESENT, 834 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 835 RUN_RX_RADIOTAP_PRESENT); 836 837 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 838 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 839 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0); 840 841 if (bootverbose) 842 ieee80211_announce(ic); 843 844 return (0); 845 846 detach: 847 run_detach(self); 848 return (ENXIO); 849 } 850 851 static int 852 run_detach(device_t self) 853 { 854 struct run_softc *sc = device_get_softc(self); 855 struct ifnet *ifp = sc->sc_ifp; 856 struct ieee80211com *ic; 857 int i; 858 859 RUN_LOCK(sc); 860 sc->sc_detached = 1; 861 RUN_UNLOCK(sc); 862 863 /* stop all USB transfers */ 864 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 865 866 RUN_LOCK(sc); 867 sc->ratectl_run = RUN_RATECTL_OFF; 868 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 869 870 /* free TX list, if any */ 871 for (i = 0; i != RUN_EP_QUEUES; i++) 872 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 873 RUN_UNLOCK(sc); 874 875 if (ifp) { 876 ic = ifp->if_l2com; 877 /* drain tasks */ 878 usb_callout_drain(&sc->ratectl_ch); 879 ieee80211_draintask(ic, &sc->cmdq_task); 880 ieee80211_draintask(ic, &sc->ratectl_task); 881 ieee80211_ifdetach(ic); 882 if_free(ifp); 883 } 884 885 mtx_destroy(&sc->sc_mtx); 886 887 return (0); 888 } 889 890 static struct ieee80211vap * 891 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 892 enum ieee80211_opmode opmode, int flags, 893 const uint8_t bssid[IEEE80211_ADDR_LEN], 894 const uint8_t mac[IEEE80211_ADDR_LEN]) 895 { 896 struct ifnet *ifp = ic->ic_ifp; 897 struct run_softc *sc = ifp->if_softc; 898 struct run_vap *rvp; 899 struct ieee80211vap *vap; 900 int i; 901 902 if (sc->rvp_cnt >= RUN_VAP_MAX) { 903 if_printf(ifp, "number of VAPs maxed out\n"); 904 return (NULL); 905 } 906 907 switch (opmode) { 908 case IEEE80211_M_STA: 909 /* enable s/w bmiss handling for sta mode */ 910 flags |= IEEE80211_CLONE_NOBEACONS; 911 /* fall though */ 912 case IEEE80211_M_IBSS: 913 case IEEE80211_M_MONITOR: 914 case IEEE80211_M_HOSTAP: 915 case IEEE80211_M_MBSS: 916 /* other than WDS vaps, only one at a time */ 917 if (!TAILQ_EMPTY(&ic->ic_vaps)) 918 return (NULL); 919 break; 920 case IEEE80211_M_WDS: 921 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 922 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 923 continue; 924 /* WDS vap's always share the local mac address. */ 925 flags &= ~IEEE80211_CLONE_BSSID; 926 break; 927 } 928 if (vap == NULL) { 929 if_printf(ifp, "wds only supported in ap mode\n"); 930 return (NULL); 931 } 932 break; 933 default: 934 if_printf(ifp, "unknown opmode %d\n", opmode); 935 return (NULL); 936 } 937 938 rvp = (struct run_vap *) malloc(sizeof(struct run_vap), 939 M_80211_VAP, M_NOWAIT | M_ZERO); 940 if (rvp == NULL) 941 return (NULL); 942 vap = &rvp->vap; 943 944 if (ieee80211_vap_setup(ic, vap, name, unit, 945 opmode, flags, bssid, mac) != 0) { 946 /* out of memory */ 947 free(rvp, M_80211_VAP); 948 return (NULL); 949 } 950 951 vap->iv_key_update_begin = run_key_update_begin; 952 vap->iv_key_update_end = run_key_update_end; 953 vap->iv_update_beacon = run_update_beacon; 954 vap->iv_max_aid = RT2870_WCID_MAX; 955 /* 956 * To delete the right key from h/w, we need wcid. 957 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 958 * and matching wcid will be written into there. So, cast 959 * some spells to remove 'const' from ieee80211_key{} 960 */ 961 vap->iv_key_delete = (void *)run_key_delete; 962 vap->iv_key_set = (void *)run_key_set; 963 964 /* override state transition machine */ 965 rvp->newstate = vap->iv_newstate; 966 vap->iv_newstate = run_newstate; 967 968 ieee80211_ratectl_init(vap); 969 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 970 971 /* complete setup */ 972 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 973 974 /* make sure id is always unique */ 975 for (i = 0; i < RUN_VAP_MAX; i++) { 976 if((sc->rvp_bmap & 1 << i) == 0){ 977 sc->rvp_bmap |= 1 << i; 978 rvp->rvp_id = i; 979 break; 980 } 981 } 982 if (sc->rvp_cnt++ == 0) 983 ic->ic_opmode = opmode; 984 985 if (opmode == IEEE80211_M_HOSTAP) 986 sc->cmdq_run = RUN_CMDQ_GO; 987 988 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 989 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 990 991 return (vap); 992 } 993 994 static void 995 run_vap_delete(struct ieee80211vap *vap) 996 { 997 struct run_vap *rvp = RUN_VAP(vap); 998 struct ifnet *ifp; 999 struct ieee80211com *ic; 1000 struct run_softc *sc; 1001 uint8_t rvp_id; 1002 1003 if (vap == NULL) 1004 return; 1005 1006 ic = vap->iv_ic; 1007 ifp = ic->ic_ifp; 1008 1009 sc = ifp->if_softc; 1010 1011 RUN_LOCK(sc); 1012 1013 m_freem(rvp->beacon_mbuf); 1014 rvp->beacon_mbuf = NULL; 1015 1016 rvp_id = rvp->rvp_id; 1017 sc->ratectl_run &= ~(1 << rvp_id); 1018 sc->rvp_bmap &= ~(1 << rvp_id); 1019 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1020 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1021 --sc->rvp_cnt; 1022 1023 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1024 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1025 1026 RUN_UNLOCK(sc); 1027 1028 ieee80211_ratectl_deinit(vap); 1029 ieee80211_vap_detach(vap); 1030 free(rvp, M_80211_VAP); 1031 } 1032 1033 /* 1034 * There are numbers of functions need to be called in context thread. 1035 * Rather than creating taskqueue event for each of those functions, 1036 * here is all-for-one taskqueue callback function. This function 1037 * gurantees deferred functions are executed in the same order they 1038 * were enqueued. 1039 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1040 */ 1041 static void 1042 run_cmdq_cb(void *arg, int pending) 1043 { 1044 struct run_softc *sc = arg; 1045 uint8_t i; 1046 1047 /* call cmdq[].func locked */ 1048 RUN_LOCK(sc); 1049 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1050 i = sc->cmdq_exec, pending--) { 1051 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1052 if (sc->cmdq_run == RUN_CMDQ_GO) { 1053 /* 1054 * If arg0 is NULL, callback func needs more 1055 * than one arg. So, pass ptr to cmdq struct. 1056 */ 1057 if (sc->cmdq[i].arg0) 1058 sc->cmdq[i].func(sc->cmdq[i].arg0); 1059 else 1060 sc->cmdq[i].func(&sc->cmdq[i]); 1061 } 1062 sc->cmdq[i].arg0 = NULL; 1063 sc->cmdq[i].func = NULL; 1064 sc->cmdq_exec++; 1065 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1066 } 1067 RUN_UNLOCK(sc); 1068 } 1069 1070 static void 1071 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1072 { 1073 struct run_tx_data *data; 1074 1075 memset(pq, 0, sizeof(*pq)); 1076 1077 STAILQ_INIT(&pq->tx_qh); 1078 STAILQ_INIT(&pq->tx_fh); 1079 1080 for (data = &pq->tx_data[0]; 1081 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1082 data->sc = sc; 1083 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1084 } 1085 pq->tx_nfree = RUN_TX_RING_COUNT; 1086 } 1087 1088 static void 1089 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1090 { 1091 struct run_tx_data *data; 1092 1093 /* make sure any subsequent use of the queues will fail */ 1094 pq->tx_nfree = 0; 1095 STAILQ_INIT(&pq->tx_fh); 1096 STAILQ_INIT(&pq->tx_qh); 1097 1098 /* free up all node references and mbufs */ 1099 for (data = &pq->tx_data[0]; 1100 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1101 if (data->m != NULL) { 1102 m_freem(data->m); 1103 data->m = NULL; 1104 } 1105 if (data->ni != NULL) { 1106 ieee80211_free_node(data->ni); 1107 data->ni = NULL; 1108 } 1109 } 1110 } 1111 1112 static int 1113 run_load_microcode(struct run_softc *sc) 1114 { 1115 usb_device_request_t req; 1116 const struct firmware *fw; 1117 const u_char *base; 1118 uint32_t tmp; 1119 int ntries, error; 1120 const uint64_t *temp; 1121 uint64_t bytes; 1122 1123 RUN_UNLOCK(sc); 1124 fw = firmware_get("runfw"); 1125 RUN_LOCK(sc); 1126 if (fw == NULL) { 1127 device_printf(sc->sc_dev, 1128 "failed loadfirmware of file %s\n", "runfw"); 1129 return ENOENT; 1130 } 1131 1132 if (fw->datasize != 8192) { 1133 device_printf(sc->sc_dev, 1134 "invalid firmware size (should be 8KB)\n"); 1135 error = EINVAL; 1136 goto fail; 1137 } 1138 1139 /* 1140 * RT3071/RT3072 use a different firmware 1141 * run-rt2870 (8KB) contains both, 1142 * first half (4KB) is for rt2870, 1143 * last half is for rt3071. 1144 */ 1145 base = fw->data; 1146 if ((sc->mac_ver) != 0x2860 && 1147 (sc->mac_ver) != 0x2872 && 1148 (sc->mac_ver) != 0x3070) { 1149 base += 4096; 1150 } 1151 1152 /* cheap sanity check */ 1153 temp = fw->data; 1154 bytes = *temp; 1155 if (bytes != be64toh(0xffffff0210280210ULL)) { 1156 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1157 error = EINVAL; 1158 goto fail; 1159 } 1160 1161 /* write microcode image */ 1162 if (sc->sc_flags & RUN_FLAG_FWLOAD_NEEDED) { 1163 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1164 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1165 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1166 } 1167 1168 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1169 req.bRequest = RT2870_RESET; 1170 USETW(req.wValue, 8); 1171 USETW(req.wIndex, 0); 1172 USETW(req.wLength, 0); 1173 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) 1174 != 0) { 1175 device_printf(sc->sc_dev, "firmware reset failed\n"); 1176 goto fail; 1177 } 1178 1179 run_delay(sc, 10); 1180 1181 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1182 run_write(sc, RT2860_H2M_MAILBOX, 0); 1183 run_write(sc, RT2860_H2M_INTSRC, 0); 1184 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1185 goto fail; 1186 1187 /* wait until microcontroller is ready */ 1188 for (ntries = 0; ntries < 1000; ntries++) { 1189 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1190 goto fail; 1191 if (tmp & RT2860_MCU_READY) 1192 break; 1193 run_delay(sc, 10); 1194 } 1195 if (ntries == 1000) { 1196 device_printf(sc->sc_dev, 1197 "timeout waiting for MCU to initialize\n"); 1198 error = ETIMEDOUT; 1199 goto fail; 1200 } 1201 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1202 (base == fw->data) ? "RT2870" : "RT3071", 1203 *(base + 4092), *(base + 4093)); 1204 1205 fail: 1206 firmware_put(fw, FIRMWARE_UNLOAD); 1207 return (error); 1208 } 1209 1210 static int 1211 run_reset(struct run_softc *sc) 1212 { 1213 usb_device_request_t req; 1214 1215 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1216 req.bRequest = RT2870_RESET; 1217 USETW(req.wValue, 1); 1218 USETW(req.wIndex, 0); 1219 USETW(req.wLength, 0); 1220 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)); 1221 } 1222 1223 static usb_error_t 1224 run_do_request(struct run_softc *sc, 1225 struct usb_device_request *req, void *data) 1226 { 1227 usb_error_t err; 1228 int ntries = 10; 1229 1230 RUN_LOCK_ASSERT(sc, MA_OWNED); 1231 1232 while (ntries--) { 1233 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 1234 req, data, 0, NULL, 250 /* ms */); 1235 if (err == 0) 1236 break; 1237 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1238 usbd_errstr(err)); 1239 run_delay(sc, 10); 1240 } 1241 return (err); 1242 } 1243 1244 static int 1245 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1246 { 1247 uint32_t tmp; 1248 int error; 1249 1250 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1251 if (error == 0) 1252 *val = le32toh(tmp); 1253 else 1254 *val = 0xffffffff; 1255 return (error); 1256 } 1257 1258 static int 1259 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1260 { 1261 usb_device_request_t req; 1262 1263 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1264 req.bRequest = RT2870_READ_REGION_1; 1265 USETW(req.wValue, 0); 1266 USETW(req.wIndex, reg); 1267 USETW(req.wLength, len); 1268 1269 return (run_do_request(sc, &req, buf)); 1270 } 1271 1272 static int 1273 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1274 { 1275 usb_device_request_t req; 1276 1277 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1278 req.bRequest = RT2870_WRITE_2; 1279 USETW(req.wValue, val); 1280 USETW(req.wIndex, reg); 1281 USETW(req.wLength, 0); 1282 1283 return (run_do_request(sc, &req, NULL)); 1284 } 1285 1286 static int 1287 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1288 { 1289 int error; 1290 1291 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1292 error = run_write_2(sc, reg + 2, val >> 16); 1293 return (error); 1294 } 1295 1296 static int 1297 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1298 int len) 1299 { 1300 #if 1 1301 int i, error = 0; 1302 /* 1303 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1304 * We thus issue multiple WRITE_2 commands instead. 1305 */ 1306 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1307 for (i = 0; i < len && error == 0; i += 2) 1308 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1309 return (error); 1310 #else 1311 usb_device_request_t req; 1312 int error = 0; 1313 1314 /* 1315 * NOTE: It appears the WRITE_REGION_1 command cannot be 1316 * passed a huge amount of data, which will crash the 1317 * firmware. Limit amount of data passed to 64-bytes at a 1318 * time. 1319 */ 1320 while (len > 0) { 1321 int delta = 64; 1322 if (delta > len) 1323 delta = len; 1324 1325 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1326 req.bRequest = RT2870_WRITE_REGION_1; 1327 USETW(req.wValue, 0); 1328 USETW(req.wIndex, reg); 1329 USETW(req.wLength, delta); 1330 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1331 if (error != 0) 1332 break; 1333 reg += delta; 1334 buf += delta; 1335 len -= delta; 1336 } 1337 return (error); 1338 #endif 1339 } 1340 1341 static int 1342 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1343 { 1344 int i, error = 0; 1345 1346 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1347 for (i = 0; i < len && error == 0; i += 4) 1348 error = run_write(sc, reg + i, val); 1349 return (error); 1350 } 1351 1352 static int 1353 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1354 { 1355 uint32_t tmp; 1356 uint16_t reg; 1357 int error, ntries; 1358 1359 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1360 return (error); 1361 1362 if (count == 2) 1363 addr *= 2; 1364 /*- 1365 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1366 * DATA0: F E D C 1367 * DATA1: B A 9 8 1368 * DATA2: 7 6 5 4 1369 * DATA3: 3 2 1 0 1370 */ 1371 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1372 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1373 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1374 for (ntries = 0; ntries < 100; ntries++) { 1375 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1376 return (error); 1377 if (!(tmp & RT3070_EFSROM_KICK)) 1378 break; 1379 run_delay(sc, 2); 1380 } 1381 if (ntries == 100) 1382 return (ETIMEDOUT); 1383 1384 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1385 *val = 0xffff; /* address not found */ 1386 return (0); 1387 } 1388 /* determine to which 32-bit register our 16-bit word belongs */ 1389 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1390 if ((error = run_read(sc, reg, &tmp)) != 0) 1391 return (error); 1392 1393 tmp >>= (8 * (addr & 0x3)); 1394 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1395 1396 return (0); 1397 } 1398 1399 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1400 static int 1401 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1402 { 1403 return (run_efuse_read(sc, addr, val, 2)); 1404 } 1405 1406 static int 1407 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1408 { 1409 usb_device_request_t req; 1410 uint16_t tmp; 1411 int error; 1412 1413 addr *= 2; 1414 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1415 req.bRequest = RT2870_EEPROM_READ; 1416 USETW(req.wValue, 0); 1417 USETW(req.wIndex, addr); 1418 USETW(req.wLength, sizeof(tmp)); 1419 1420 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp); 1421 if (error == 0) 1422 *val = le16toh(tmp); 1423 else 1424 *val = 0xffff; 1425 return (error); 1426 } 1427 1428 static __inline int 1429 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1430 { 1431 /* either eFUSE ROM or EEPROM */ 1432 return sc->sc_srom_read(sc, addr, val); 1433 } 1434 1435 static int 1436 run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1437 { 1438 uint32_t tmp; 1439 int error, ntries; 1440 1441 for (ntries = 0; ntries < 10; ntries++) { 1442 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1443 return (error); 1444 if (!(tmp & RT2860_RF_REG_CTRL)) 1445 break; 1446 } 1447 if (ntries == 10) 1448 return (ETIMEDOUT); 1449 1450 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1451 } 1452 1453 static int 1454 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1455 { 1456 uint32_t tmp; 1457 int error, ntries; 1458 1459 for (ntries = 0; ntries < 100; ntries++) { 1460 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1461 return (error); 1462 if (!(tmp & RT3070_RF_KICK)) 1463 break; 1464 } 1465 if (ntries == 100) 1466 return (ETIMEDOUT); 1467 1468 tmp = RT3070_RF_KICK | reg << 8; 1469 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1470 return (error); 1471 1472 for (ntries = 0; ntries < 100; ntries++) { 1473 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1474 return (error); 1475 if (!(tmp & RT3070_RF_KICK)) 1476 break; 1477 } 1478 if (ntries == 100) 1479 return (ETIMEDOUT); 1480 1481 *val = tmp & 0xff; 1482 return (0); 1483 } 1484 1485 static int 1486 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1487 { 1488 uint32_t tmp; 1489 int error, ntries; 1490 1491 for (ntries = 0; ntries < 10; ntries++) { 1492 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1493 return (error); 1494 if (!(tmp & RT3070_RF_KICK)) 1495 break; 1496 } 1497 if (ntries == 10) 1498 return (ETIMEDOUT); 1499 1500 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1501 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1502 } 1503 1504 static int 1505 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1506 { 1507 uint32_t tmp; 1508 int ntries, error; 1509 1510 for (ntries = 0; ntries < 10; ntries++) { 1511 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1512 return (error); 1513 if (!(tmp & RT2860_BBP_CSR_KICK)) 1514 break; 1515 } 1516 if (ntries == 10) 1517 return (ETIMEDOUT); 1518 1519 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1520 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1521 return (error); 1522 1523 for (ntries = 0; ntries < 10; ntries++) { 1524 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1525 return (error); 1526 if (!(tmp & RT2860_BBP_CSR_KICK)) 1527 break; 1528 } 1529 if (ntries == 10) 1530 return (ETIMEDOUT); 1531 1532 *val = tmp & 0xff; 1533 return (0); 1534 } 1535 1536 static int 1537 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1538 { 1539 uint32_t tmp; 1540 int ntries, error; 1541 1542 for (ntries = 0; ntries < 10; ntries++) { 1543 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1544 return (error); 1545 if (!(tmp & RT2860_BBP_CSR_KICK)) 1546 break; 1547 } 1548 if (ntries == 10) 1549 return (ETIMEDOUT); 1550 1551 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1552 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1553 } 1554 1555 /* 1556 * Send a command to the 8051 microcontroller unit. 1557 */ 1558 static int 1559 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1560 { 1561 uint32_t tmp; 1562 int error, ntries; 1563 1564 for (ntries = 0; ntries < 100; ntries++) { 1565 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1566 return error; 1567 if (!(tmp & RT2860_H2M_BUSY)) 1568 break; 1569 } 1570 if (ntries == 100) 1571 return ETIMEDOUT; 1572 1573 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1574 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1575 error = run_write(sc, RT2860_HOST_CMD, cmd); 1576 return (error); 1577 } 1578 1579 /* 1580 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1581 * Used to adjust per-rate Tx power registers. 1582 */ 1583 static __inline uint32_t 1584 b4inc(uint32_t b32, int8_t delta) 1585 { 1586 int8_t i, b4; 1587 1588 for (i = 0; i < 8; i++) { 1589 b4 = b32 & 0xf; 1590 b4 += delta; 1591 if (b4 < 0) 1592 b4 = 0; 1593 else if (b4 > 0xf) 1594 b4 = 0xf; 1595 b32 = b32 >> 4 | b4 << 28; 1596 } 1597 return (b32); 1598 } 1599 1600 static const char * 1601 run_get_rf(uint16_t rev) 1602 { 1603 switch (rev) { 1604 case RT2860_RF_2820: return "RT2820"; 1605 case RT2860_RF_2850: return "RT2850"; 1606 case RT2860_RF_2720: return "RT2720"; 1607 case RT2860_RF_2750: return "RT2750"; 1608 case RT3070_RF_3020: return "RT3020"; 1609 case RT3070_RF_2020: return "RT2020"; 1610 case RT3070_RF_3021: return "RT3021"; 1611 case RT3070_RF_3022: return "RT3022"; 1612 case RT3070_RF_3052: return "RT3052"; 1613 case RT3593_RF_3053: return "RT3053"; 1614 case RT5592_RF_5592: return "RT5592"; 1615 case RT5390_RF_5370: return "RT5370"; 1616 case RT5390_RF_5372: return "RT5372"; 1617 } 1618 return ("unknown"); 1619 } 1620 1621 static void 1622 run_rt3593_get_txpower(struct run_softc *sc) 1623 { 1624 uint16_t addr, val; 1625 int i; 1626 1627 /* Read power settings for 2GHz channels. */ 1628 for (i = 0; i < 14; i += 2) { 1629 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1630 RT2860_EEPROM_PWR2GHZ_BASE1; 1631 run_srom_read(sc, addr + i / 2, &val); 1632 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1633 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1634 1635 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1636 RT2860_EEPROM_PWR2GHZ_BASE2; 1637 run_srom_read(sc, addr + i / 2, &val); 1638 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1639 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1640 1641 if (sc->ntxchains == 3) { 1642 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1643 &val); 1644 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1645 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1646 } 1647 } 1648 /* Fix broken Tx power entries. */ 1649 for (i = 0; i < 14; i++) { 1650 if (sc->txpow1[i] > 31) 1651 sc->txpow1[i] = 5; 1652 if (sc->txpow2[i] > 31) 1653 sc->txpow2[i] = 5; 1654 if (sc->ntxchains == 3) { 1655 if (sc->txpow3[i] > 31) 1656 sc->txpow3[i] = 5; 1657 } 1658 } 1659 /* Read power settings for 5GHz channels. */ 1660 for (i = 0; i < 40; i += 2) { 1661 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1662 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1663 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1664 1665 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1666 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1667 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1668 1669 if (sc->ntxchains == 3) { 1670 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1671 &val); 1672 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1673 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1674 } 1675 } 1676 } 1677 1678 static void 1679 run_get_txpower(struct run_softc *sc) 1680 { 1681 uint16_t val; 1682 int i; 1683 1684 /* Read power settings for 2GHz channels. */ 1685 for (i = 0; i < 14; i += 2) { 1686 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1687 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1688 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1689 1690 if (sc->mac_ver != 0x5390) { 1691 run_srom_read(sc, 1692 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1693 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1694 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1695 } 1696 } 1697 /* Fix broken Tx power entries. */ 1698 for (i = 0; i < 14; i++) { 1699 if (sc->mac_ver >= 0x5390) { 1700 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1701 sc->txpow1[i] = 5; 1702 } else { 1703 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1704 sc->txpow1[i] = 5; 1705 } 1706 if (sc->mac_ver > 0x5390) { 1707 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1708 sc->txpow2[i] = 5; 1709 } else if (sc->mac_ver < 0x5390) { 1710 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1711 sc->txpow2[i] = 5; 1712 } 1713 DPRINTF("chan %d: power1=%d, power2=%d\n", 1714 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1715 } 1716 /* Read power settings for 5GHz channels. */ 1717 for (i = 0; i < 40; i += 2) { 1718 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1719 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1720 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1721 1722 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1723 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1724 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1725 } 1726 /* Fix broken Tx power entries. */ 1727 for (i = 0; i < 40; i++ ) { 1728 if (sc->mac_ver != 0x5592) { 1729 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1730 sc->txpow1[14 + i] = 5; 1731 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1732 sc->txpow2[14 + i] = 5; 1733 } 1734 DPRINTF("chan %d: power1=%d, power2=%d\n", 1735 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1736 sc->txpow2[14 + i]); 1737 } 1738 } 1739 1740 static int 1741 run_read_eeprom(struct run_softc *sc) 1742 { 1743 int8_t delta_2ghz, delta_5ghz; 1744 uint32_t tmp; 1745 uint16_t val; 1746 int ridx, ant, i; 1747 1748 /* check whether the ROM is eFUSE ROM or EEPROM */ 1749 sc->sc_srom_read = run_eeprom_read_2; 1750 if (sc->mac_ver >= 0x3070) { 1751 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1752 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1753 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593) 1754 sc->sc_srom_read = run_efuse_read_2; 1755 } 1756 1757 /* read ROM version */ 1758 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1759 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1760 1761 /* read MAC address */ 1762 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1763 sc->sc_bssid[0] = val & 0xff; 1764 sc->sc_bssid[1] = val >> 8; 1765 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1766 sc->sc_bssid[2] = val & 0xff; 1767 sc->sc_bssid[3] = val >> 8; 1768 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1769 sc->sc_bssid[4] = val & 0xff; 1770 sc->sc_bssid[5] = val >> 8; 1771 1772 if (sc->mac_ver < 0x3593) { 1773 /* read vender BBP settings */ 1774 for (i = 0; i < 10; i++) { 1775 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1776 sc->bbp[i].val = val & 0xff; 1777 sc->bbp[i].reg = val >> 8; 1778 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1779 sc->bbp[i].val); 1780 } 1781 if (sc->mac_ver >= 0x3071) { 1782 /* read vendor RF settings */ 1783 for (i = 0; i < 10; i++) { 1784 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1785 &val); 1786 sc->rf[i].val = val & 0xff; 1787 sc->rf[i].reg = val >> 8; 1788 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1789 sc->rf[i].val); 1790 } 1791 } 1792 } 1793 1794 /* read RF frequency offset from EEPROM */ 1795 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1796 RT3593_EEPROM_FREQ, &val); 1797 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1798 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1799 1800 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1801 RT3593_EEPROM_FREQ_LEDS, &val); 1802 if (val >> 8 != 0xff) { 1803 /* read LEDs operating mode */ 1804 sc->leds = val >> 8; 1805 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1806 RT3593_EEPROM_LED1, &sc->led[0]); 1807 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1808 RT3593_EEPROM_LED2, &sc->led[1]); 1809 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1810 RT3593_EEPROM_LED3, &sc->led[2]); 1811 } else { 1812 /* broken EEPROM, use default settings */ 1813 sc->leds = 0x01; 1814 sc->led[0] = 0x5555; 1815 sc->led[1] = 0x2221; 1816 sc->led[2] = 0x5627; /* differs from RT2860 */ 1817 } 1818 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1819 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1820 1821 /* read RF information */ 1822 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1823 run_srom_read(sc, 0x00, &val); 1824 else 1825 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1826 1827 if (val == 0xffff) { 1828 device_printf(sc->sc_dev, 1829 "invalid EEPROM antenna info, using default\n"); 1830 DPRINTF("invalid EEPROM antenna info, using default\n"); 1831 if (sc->mac_ver == 0x3572) { 1832 /* default to RF3052 2T2R */ 1833 sc->rf_rev = RT3070_RF_3052; 1834 sc->ntxchains = 2; 1835 sc->nrxchains = 2; 1836 } else if (sc->mac_ver >= 0x3070) { 1837 /* default to RF3020 1T1R */ 1838 sc->rf_rev = RT3070_RF_3020; 1839 sc->ntxchains = 1; 1840 sc->nrxchains = 1; 1841 } else { 1842 /* default to RF2820 1T2R */ 1843 sc->rf_rev = RT2860_RF_2820; 1844 sc->ntxchains = 1; 1845 sc->nrxchains = 2; 1846 } 1847 } else { 1848 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1849 sc->rf_rev = val; 1850 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1851 } else 1852 sc->rf_rev = (val >> 8) & 0xf; 1853 sc->ntxchains = (val >> 4) & 0xf; 1854 sc->nrxchains = val & 0xf; 1855 } 1856 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1857 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1858 1859 /* check if RF supports automatic Tx access gain control */ 1860 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1861 DPRINTF("EEPROM CFG 0x%04x\n", val); 1862 /* check if driver should patch the DAC issue */ 1863 if ((val >> 8) != 0xff) 1864 sc->patch_dac = (val >> 15) & 1; 1865 if ((val & 0xff) != 0xff) { 1866 sc->ext_5ghz_lna = (val >> 3) & 1; 1867 sc->ext_2ghz_lna = (val >> 2) & 1; 1868 /* check if RF supports automatic Tx access gain control */ 1869 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1870 /* check if we have a hardware radio switch */ 1871 sc->rfswitch = val & 1; 1872 } 1873 1874 /* Read Tx power settings. */ 1875 if (sc->mac_ver == 0x3593) 1876 run_rt3593_get_txpower(sc); 1877 else 1878 run_get_txpower(sc); 1879 1880 /* read Tx power compensation for each Tx rate */ 1881 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1882 delta_2ghz = delta_5ghz = 0; 1883 if ((val & 0xff) != 0xff && (val & 0x80)) { 1884 delta_2ghz = val & 0xf; 1885 if (!(val & 0x40)) /* negative number */ 1886 delta_2ghz = -delta_2ghz; 1887 } 1888 val >>= 8; 1889 if ((val & 0xff) != 0xff && (val & 0x80)) { 1890 delta_5ghz = val & 0xf; 1891 if (!(val & 0x40)) /* negative number */ 1892 delta_5ghz = -delta_5ghz; 1893 } 1894 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1895 delta_2ghz, delta_5ghz); 1896 1897 for (ridx = 0; ridx < 5; ridx++) { 1898 uint32_t reg; 1899 1900 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1901 reg = val; 1902 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1903 reg |= (uint32_t)val << 16; 1904 1905 sc->txpow20mhz[ridx] = reg; 1906 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1907 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1908 1909 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1910 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1911 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1912 } 1913 1914 /* Read RSSI offsets and LNA gains from EEPROM. */ 1915 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1916 RT3593_EEPROM_RSSI1_2GHZ, &val); 1917 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1918 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1919 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1920 RT3593_EEPROM_RSSI2_2GHZ, &val); 1921 if (sc->mac_ver >= 0x3070) { 1922 if (sc->mac_ver == 0x3593) { 1923 sc->txmixgain_2ghz = 0; 1924 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1925 } else { 1926 /* 1927 * On RT3070 chips (limited to 2 Rx chains), this ROM 1928 * field contains the Tx mixer gain for the 2GHz band. 1929 */ 1930 if ((val & 0xff) != 0xff) 1931 sc->txmixgain_2ghz = val & 0x7; 1932 } 1933 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1934 } else 1935 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1936 if (sc->mac_ver == 0x3593) 1937 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1938 sc->lna[2] = val >> 8; /* channel group 2 */ 1939 1940 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1941 RT3593_EEPROM_RSSI1_5GHZ, &val); 1942 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1943 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1944 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1945 RT3593_EEPROM_RSSI2_5GHZ, &val); 1946 if (sc->mac_ver == 0x3572) { 1947 /* 1948 * On RT3572 chips (limited to 2 Rx chains), this ROM 1949 * field contains the Tx mixer gain for the 5GHz band. 1950 */ 1951 if ((val & 0xff) != 0xff) 1952 sc->txmixgain_5ghz = val & 0x7; 1953 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1954 } else 1955 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1956 if (sc->mac_ver == 0x3593) { 1957 sc->txmixgain_5ghz = 0; 1958 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1959 } 1960 sc->lna[3] = val >> 8; /* channel group 3 */ 1961 1962 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1963 RT3593_EEPROM_LNA, &val); 1964 sc->lna[0] = val & 0xff; /* channel group 0 */ 1965 sc->lna[1] = val >> 8; /* channel group 1 */ 1966 1967 /* fix broken 5GHz LNA entries */ 1968 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1969 DPRINTF("invalid LNA for channel group %d\n", 2); 1970 sc->lna[2] = sc->lna[1]; 1971 } 1972 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1973 DPRINTF("invalid LNA for channel group %d\n", 3); 1974 sc->lna[3] = sc->lna[1]; 1975 } 1976 1977 /* fix broken RSSI offset entries */ 1978 for (ant = 0; ant < 3; ant++) { 1979 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1980 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1981 ant + 1, sc->rssi_2ghz[ant]); 1982 sc->rssi_2ghz[ant] = 0; 1983 } 1984 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1985 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1986 ant + 1, sc->rssi_5ghz[ant]); 1987 sc->rssi_5ghz[ant] = 0; 1988 } 1989 } 1990 return (0); 1991 } 1992 1993 static struct ieee80211_node * 1994 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1995 { 1996 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1997 } 1998 1999 static int 2000 run_media_change(struct ifnet *ifp) 2001 { 2002 struct ieee80211vap *vap = ifp->if_softc; 2003 struct ieee80211com *ic = vap->iv_ic; 2004 const struct ieee80211_txparam *tp; 2005 struct run_softc *sc = ic->ic_ifp->if_softc; 2006 uint8_t rate, ridx; 2007 int error; 2008 2009 RUN_LOCK(sc); 2010 2011 error = ieee80211_media_change(ifp); 2012 if (error != ENETRESET) { 2013 RUN_UNLOCK(sc); 2014 return (error); 2015 } 2016 2017 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2018 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2019 struct ieee80211_node *ni; 2020 struct run_node *rn; 2021 2022 rate = ic->ic_sup_rates[ic->ic_curmode]. 2023 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2024 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2025 if (rt2860_rates[ridx].rate == rate) 2026 break; 2027 ni = ieee80211_ref_node(vap->iv_bss); 2028 rn = (struct run_node *)ni; 2029 rn->fix_ridx = ridx; 2030 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2031 ieee80211_free_node(ni); 2032 } 2033 2034 #if 0 2035 if ((ifp->if_flags & IFF_UP) && 2036 (ifp->if_drv_flags & IFF_DRV_RUNNING)){ 2037 run_init_locked(sc); 2038 } 2039 #endif 2040 2041 RUN_UNLOCK(sc); 2042 2043 return (0); 2044 } 2045 2046 static int 2047 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2048 { 2049 const struct ieee80211_txparam *tp; 2050 struct ieee80211com *ic = vap->iv_ic; 2051 struct run_softc *sc = ic->ic_ifp->if_softc; 2052 struct run_vap *rvp = RUN_VAP(vap); 2053 enum ieee80211_state ostate; 2054 uint32_t sta[3]; 2055 uint32_t tmp; 2056 uint8_t ratectl; 2057 uint8_t restart_ratectl = 0; 2058 uint8_t bid = 1 << rvp->rvp_id; 2059 2060 ostate = vap->iv_state; 2061 DPRINTF("%s -> %s\n", 2062 ieee80211_state_name[ostate], 2063 ieee80211_state_name[nstate]); 2064 2065 IEEE80211_UNLOCK(ic); 2066 RUN_LOCK(sc); 2067 2068 ratectl = sc->ratectl_run; /* remember current state */ 2069 sc->ratectl_run = RUN_RATECTL_OFF; 2070 usb_callout_stop(&sc->ratectl_ch); 2071 2072 if (ostate == IEEE80211_S_RUN) { 2073 /* turn link LED off */ 2074 run_set_leds(sc, RT2860_LED_RADIO); 2075 } 2076 2077 switch (nstate) { 2078 case IEEE80211_S_INIT: 2079 restart_ratectl = 1; 2080 2081 if (ostate != IEEE80211_S_RUN) 2082 break; 2083 2084 ratectl &= ~bid; 2085 sc->runbmap &= ~bid; 2086 2087 /* abort TSF synchronization if there is no vap running */ 2088 if (--sc->running == 0) { 2089 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2090 run_write(sc, RT2860_BCN_TIME_CFG, 2091 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2092 RT2860_TBTT_TIMER_EN)); 2093 } 2094 break; 2095 2096 case IEEE80211_S_RUN: 2097 if (!(sc->runbmap & bid)) { 2098 if(sc->running++) 2099 restart_ratectl = 1; 2100 sc->runbmap |= bid; 2101 } 2102 2103 m_freem(rvp->beacon_mbuf); 2104 rvp->beacon_mbuf = NULL; 2105 2106 switch (vap->iv_opmode) { 2107 case IEEE80211_M_HOSTAP: 2108 case IEEE80211_M_MBSS: 2109 sc->ap_running |= bid; 2110 ic->ic_opmode = vap->iv_opmode; 2111 run_update_beacon_cb(vap); 2112 break; 2113 case IEEE80211_M_IBSS: 2114 sc->adhoc_running |= bid; 2115 if (!sc->ap_running) 2116 ic->ic_opmode = vap->iv_opmode; 2117 run_update_beacon_cb(vap); 2118 break; 2119 case IEEE80211_M_STA: 2120 sc->sta_running |= bid; 2121 if (!sc->ap_running && !sc->adhoc_running) 2122 ic->ic_opmode = vap->iv_opmode; 2123 2124 /* read statistic counters (clear on read) */ 2125 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2126 (uint8_t *)sta, sizeof sta); 2127 2128 break; 2129 default: 2130 ic->ic_opmode = vap->iv_opmode; 2131 break; 2132 } 2133 2134 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2135 struct ieee80211_node *ni; 2136 2137 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2138 RUN_UNLOCK(sc); 2139 IEEE80211_LOCK(ic); 2140 return (-1); 2141 } 2142 run_updateslot(ic); 2143 run_enable_mrr(sc); 2144 run_set_txpreamble(sc); 2145 run_set_basicrates(sc); 2146 ni = ieee80211_ref_node(vap->iv_bss); 2147 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2148 run_set_bssid(sc, ni->ni_bssid); 2149 ieee80211_free_node(ni); 2150 run_enable_tsf_sync(sc); 2151 2152 /* enable automatic rate adaptation */ 2153 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2154 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2155 ratectl |= bid; 2156 } 2157 2158 /* turn link LED on */ 2159 run_set_leds(sc, RT2860_LED_RADIO | 2160 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2161 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2162 2163 break; 2164 default: 2165 DPRINTFN(6, "undefined case\n"); 2166 break; 2167 } 2168 2169 /* restart amrr for running VAPs */ 2170 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2171 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2172 2173 RUN_UNLOCK(sc); 2174 IEEE80211_LOCK(ic); 2175 2176 return(rvp->newstate(vap, nstate, arg)); 2177 } 2178 2179 /* ARGSUSED */ 2180 static void 2181 run_wme_update_cb(void *arg) 2182 { 2183 struct ieee80211com *ic = arg; 2184 struct run_softc *sc = ic->ic_ifp->if_softc; 2185 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2186 int aci, error = 0; 2187 2188 RUN_LOCK_ASSERT(sc, MA_OWNED); 2189 2190 /* update MAC TX configuration registers */ 2191 for (aci = 0; aci < WME_NUM_AC; aci++) { 2192 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2193 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2194 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2195 wmesp->wme_params[aci].wmep_aifsn << 8 | 2196 wmesp->wme_params[aci].wmep_txopLimit); 2197 if (error) goto err; 2198 } 2199 2200 /* update SCH/DMA registers too */ 2201 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2202 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2203 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2204 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2205 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2206 if (error) goto err; 2207 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2208 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2209 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2210 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2211 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2212 if (error) goto err; 2213 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2214 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2215 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2216 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2217 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2218 if (error) goto err; 2219 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2220 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2221 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2222 if (error) goto err; 2223 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2224 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2225 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2226 2227 err: 2228 if (error) 2229 DPRINTF("WME update failed\n"); 2230 2231 return; 2232 } 2233 2234 static int 2235 run_wme_update(struct ieee80211com *ic) 2236 { 2237 struct run_softc *sc = ic->ic_ifp->if_softc; 2238 2239 /* sometime called wothout lock */ 2240 if (mtx_owned(&ic->ic_comlock.mtx)) { 2241 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2242 DPRINTF("cmdq_store=%d\n", i); 2243 sc->cmdq[i].func = run_wme_update_cb; 2244 sc->cmdq[i].arg0 = ic; 2245 ieee80211_runtask(ic, &sc->cmdq_task); 2246 return (0); 2247 } 2248 2249 RUN_LOCK(sc); 2250 run_wme_update_cb(ic); 2251 RUN_UNLOCK(sc); 2252 2253 /* return whatever, upper layer desn't care anyway */ 2254 return (0); 2255 } 2256 2257 static void 2258 run_key_update_begin(struct ieee80211vap *vap) 2259 { 2260 /* 2261 * To avoid out-of-order events, both run_key_set() and 2262 * _delete() are deferred and handled by run_cmdq_cb(). 2263 * So, there is nothing we need to do here. 2264 */ 2265 } 2266 2267 static void 2268 run_key_update_end(struct ieee80211vap *vap) 2269 { 2270 /* null */ 2271 } 2272 2273 static void 2274 run_key_set_cb(void *arg) 2275 { 2276 struct run_cmdq *cmdq = arg; 2277 struct ieee80211vap *vap = cmdq->arg1; 2278 struct ieee80211_key *k = cmdq->k; 2279 struct ieee80211com *ic = vap->iv_ic; 2280 struct run_softc *sc = ic->ic_ifp->if_softc; 2281 struct ieee80211_node *ni; 2282 uint32_t attr; 2283 uint16_t base, associd; 2284 uint8_t mode, wcid, iv[8]; 2285 2286 RUN_LOCK_ASSERT(sc, MA_OWNED); 2287 2288 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2289 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2290 else 2291 ni = vap->iv_bss; 2292 associd = (ni != NULL) ? ni->ni_associd : 0; 2293 2294 /* map net80211 cipher to RT2860 security mode */ 2295 switch (k->wk_cipher->ic_cipher) { 2296 case IEEE80211_CIPHER_WEP: 2297 if(k->wk_keylen < 8) 2298 mode = RT2860_MODE_WEP40; 2299 else 2300 mode = RT2860_MODE_WEP104; 2301 break; 2302 case IEEE80211_CIPHER_TKIP: 2303 mode = RT2860_MODE_TKIP; 2304 break; 2305 case IEEE80211_CIPHER_AES_CCM: 2306 mode = RT2860_MODE_AES_CCMP; 2307 break; 2308 default: 2309 DPRINTF("undefined case\n"); 2310 return; 2311 } 2312 2313 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2314 associd, k->wk_keyix, mode, 2315 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2316 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2317 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2318 2319 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2320 wcid = 0; /* NB: update WCID0 for group keys */ 2321 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2322 } else { 2323 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2324 1 : RUN_AID2WCID(associd); 2325 base = RT2860_PKEY(wcid); 2326 } 2327 2328 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2329 if(run_write_region_1(sc, base, k->wk_key, 16)) 2330 return; 2331 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2332 return; 2333 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2334 return; 2335 } else { 2336 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2337 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2338 return; 2339 } 2340 2341 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2342 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2343 /* set initial packet number in IV+EIV */ 2344 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2345 memset(iv, 0, sizeof iv); 2346 iv[3] = vap->iv_def_txkey << 6; 2347 } else { 2348 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2349 iv[0] = k->wk_keytsc >> 8; 2350 iv[1] = (iv[0] | 0x20) & 0x7f; 2351 iv[2] = k->wk_keytsc; 2352 } else /* CCMP */ { 2353 iv[0] = k->wk_keytsc; 2354 iv[1] = k->wk_keytsc >> 8; 2355 iv[2] = 0; 2356 } 2357 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2358 iv[4] = k->wk_keytsc >> 16; 2359 iv[5] = k->wk_keytsc >> 24; 2360 iv[6] = k->wk_keytsc >> 32; 2361 iv[7] = k->wk_keytsc >> 40; 2362 } 2363 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2364 return; 2365 } 2366 2367 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2368 /* install group key */ 2369 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2370 return; 2371 attr &= ~(0xf << (k->wk_keyix * 4)); 2372 attr |= mode << (k->wk_keyix * 4); 2373 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2374 return; 2375 } else { 2376 /* install pairwise key */ 2377 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2378 return; 2379 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2380 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2381 return; 2382 } 2383 2384 /* TODO create a pass-thru key entry? */ 2385 2386 /* need wcid to delete the right key later */ 2387 k->wk_pad = wcid; 2388 } 2389 2390 /* 2391 * Don't have to be deferred, but in order to keep order of 2392 * execution, i.e. with run_key_delete(), defer this and let 2393 * run_cmdq_cb() maintain the order. 2394 * 2395 * return 0 on error 2396 */ 2397 static int 2398 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2399 const uint8_t mac[IEEE80211_ADDR_LEN]) 2400 { 2401 struct ieee80211com *ic = vap->iv_ic; 2402 struct run_softc *sc = ic->ic_ifp->if_softc; 2403 uint32_t i; 2404 2405 i = RUN_CMDQ_GET(&sc->cmdq_store); 2406 DPRINTF("cmdq_store=%d\n", i); 2407 sc->cmdq[i].func = run_key_set_cb; 2408 sc->cmdq[i].arg0 = NULL; 2409 sc->cmdq[i].arg1 = vap; 2410 sc->cmdq[i].k = k; 2411 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2412 ieee80211_runtask(ic, &sc->cmdq_task); 2413 2414 /* 2415 * To make sure key will be set when hostapd 2416 * calls iv_key_set() before if_init(). 2417 */ 2418 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2419 RUN_LOCK(sc); 2420 sc->cmdq_key_set = RUN_CMDQ_GO; 2421 RUN_UNLOCK(sc); 2422 } 2423 2424 return (1); 2425 } 2426 2427 /* 2428 * If wlan is destroyed without being brought down i.e. without 2429 * wlan down or wpa_cli terminate, this function is called after 2430 * vap is gone. Don't refer it. 2431 */ 2432 static void 2433 run_key_delete_cb(void *arg) 2434 { 2435 struct run_cmdq *cmdq = arg; 2436 struct run_softc *sc = cmdq->arg1; 2437 struct ieee80211_key *k = &cmdq->key; 2438 uint32_t attr; 2439 uint8_t wcid; 2440 2441 RUN_LOCK_ASSERT(sc, MA_OWNED); 2442 2443 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2444 /* remove group key */ 2445 DPRINTF("removing group key\n"); 2446 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2447 attr &= ~(0xf << (k->wk_keyix * 4)); 2448 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2449 } else { 2450 /* remove pairwise key */ 2451 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2452 /* matching wcid was written to wk_pad in run_key_set() */ 2453 wcid = k->wk_pad; 2454 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2455 attr &= ~0xf; 2456 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2457 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2458 } 2459 2460 k->wk_pad = 0; 2461 } 2462 2463 /* 2464 * return 0 on error 2465 */ 2466 static int 2467 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2468 { 2469 struct ieee80211com *ic = vap->iv_ic; 2470 struct run_softc *sc = ic->ic_ifp->if_softc; 2471 struct ieee80211_key *k0; 2472 uint32_t i; 2473 2474 /* 2475 * When called back, key might be gone. So, make a copy 2476 * of some values need to delete keys before deferring. 2477 * But, because of LOR with node lock, cannot use lock here. 2478 * So, use atomic instead. 2479 */ 2480 i = RUN_CMDQ_GET(&sc->cmdq_store); 2481 DPRINTF("cmdq_store=%d\n", i); 2482 sc->cmdq[i].func = run_key_delete_cb; 2483 sc->cmdq[i].arg0 = NULL; 2484 sc->cmdq[i].arg1 = sc; 2485 k0 = &sc->cmdq[i].key; 2486 k0->wk_flags = k->wk_flags; 2487 k0->wk_keyix = k->wk_keyix; 2488 /* matching wcid was written to wk_pad in run_key_set() */ 2489 k0->wk_pad = k->wk_pad; 2490 ieee80211_runtask(ic, &sc->cmdq_task); 2491 return (1); /* return fake success */ 2492 2493 } 2494 2495 static void 2496 run_ratectl_to(void *arg) 2497 { 2498 struct run_softc *sc = arg; 2499 2500 /* do it in a process context, so it can go sleep */ 2501 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2502 /* next timeout will be rescheduled in the callback task */ 2503 } 2504 2505 /* ARGSUSED */ 2506 static void 2507 run_ratectl_cb(void *arg, int pending) 2508 { 2509 struct run_softc *sc = arg; 2510 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2511 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2512 2513 if (vap == NULL) 2514 return; 2515 2516 if (sc->rvp_cnt > 1 || vap->iv_opmode != IEEE80211_M_STA) { 2517 /* 2518 * run_reset_livelock() doesn't do anything with AMRR, 2519 * but Ralink wants us to call it every 1 sec. So, we 2520 * piggyback here rather than creating another callout. 2521 * Livelock may occur only in HOSTAP or IBSS mode 2522 * (when h/w is sending beacons). 2523 */ 2524 RUN_LOCK(sc); 2525 run_reset_livelock(sc); 2526 /* just in case, there are some stats to drain */ 2527 run_drain_fifo(sc); 2528 RUN_UNLOCK(sc); 2529 } 2530 2531 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2532 2533 RUN_LOCK(sc); 2534 if(sc->ratectl_run != RUN_RATECTL_OFF) 2535 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2536 RUN_UNLOCK(sc); 2537 } 2538 2539 static void 2540 run_drain_fifo(void *arg) 2541 { 2542 struct run_softc *sc = arg; 2543 struct ifnet *ifp = sc->sc_ifp; 2544 uint32_t stat; 2545 uint16_t (*wstat)[3]; 2546 uint8_t wcid, mcs, pid; 2547 int8_t retry; 2548 2549 RUN_LOCK_ASSERT(sc, MA_OWNED); 2550 2551 for (;;) { 2552 /* drain Tx status FIFO (maxsize = 16) */ 2553 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2554 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2555 if (!(stat & RT2860_TXQ_VLD)) 2556 break; 2557 2558 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2559 2560 /* if no ACK was requested, no feedback is available */ 2561 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2562 wcid == 0) 2563 continue; 2564 2565 /* 2566 * Even though each stat is Tx-complete-status like format, 2567 * the device can poll stats. Because there is no guarantee 2568 * that the referring node is still around when read the stats. 2569 * So that, if we use ieee80211_ratectl_tx_update(), we will 2570 * have hard time not to refer already freed node. 2571 * 2572 * To eliminate such page faults, we poll stats in softc. 2573 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2574 */ 2575 wstat = &(sc->wcid_stats[wcid]); 2576 (*wstat)[RUN_TXCNT]++; 2577 if (stat & RT2860_TXQ_OK) 2578 (*wstat)[RUN_SUCCESS]++; 2579 else 2580 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 2581 /* 2582 * Check if there were retries, ie if the Tx success rate is 2583 * different from the requested rate. Note that it works only 2584 * because we do not allow rate fallback from OFDM to CCK. 2585 */ 2586 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2587 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2588 if ((retry = pid -1 - mcs) > 0) { 2589 (*wstat)[RUN_TXCNT] += retry; 2590 (*wstat)[RUN_RETRY] += retry; 2591 } 2592 } 2593 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2594 2595 sc->fifo_cnt = 0; 2596 } 2597 2598 static void 2599 run_iter_func(void *arg, struct ieee80211_node *ni) 2600 { 2601 struct run_softc *sc = arg; 2602 struct ieee80211vap *vap = ni->ni_vap; 2603 struct ieee80211com *ic = ni->ni_ic; 2604 struct ifnet *ifp = ic->ic_ifp; 2605 struct run_node *rn = (void *)ni; 2606 union run_stats sta[2]; 2607 uint16_t (*wstat)[3]; 2608 int txcnt, success, retrycnt, error; 2609 2610 RUN_LOCK(sc); 2611 2612 /* Check for special case */ 2613 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA && 2614 ni != vap->iv_bss) 2615 goto fail; 2616 2617 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2618 vap->iv_opmode == IEEE80211_M_STA)) { 2619 /* read statistic counters (clear on read) and update AMRR state */ 2620 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2621 sizeof sta); 2622 if (error != 0) 2623 goto fail; 2624 2625 /* count failed TX as errors */ 2626 if_inc_counter(ifp, IFCOUNTER_OERRORS, le16toh(sta[0].error.fail)); 2627 2628 retrycnt = le16toh(sta[1].tx.retry); 2629 success = le16toh(sta[1].tx.success); 2630 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2631 2632 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2633 retrycnt, success, le16toh(sta[0].error.fail)); 2634 } else { 2635 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2636 2637 if (wstat == &(sc->wcid_stats[0]) || 2638 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2639 goto fail; 2640 2641 txcnt = (*wstat)[RUN_TXCNT]; 2642 success = (*wstat)[RUN_SUCCESS]; 2643 retrycnt = (*wstat)[RUN_RETRY]; 2644 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2645 retrycnt, txcnt, success); 2646 2647 memset(wstat, 0, sizeof(*wstat)); 2648 } 2649 2650 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2651 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2652 2653 fail: 2654 RUN_UNLOCK(sc); 2655 2656 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2657 } 2658 2659 static void 2660 run_newassoc_cb(void *arg) 2661 { 2662 struct run_cmdq *cmdq = arg; 2663 struct ieee80211_node *ni = cmdq->arg1; 2664 struct run_softc *sc = ni->ni_vap->iv_ic->ic_ifp->if_softc; 2665 uint8_t wcid = cmdq->wcid; 2666 2667 RUN_LOCK_ASSERT(sc, MA_OWNED); 2668 2669 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2670 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2671 2672 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2673 } 2674 2675 static void 2676 run_newassoc(struct ieee80211_node *ni, int isnew) 2677 { 2678 struct run_node *rn = (void *)ni; 2679 struct ieee80211_rateset *rs = &ni->ni_rates; 2680 struct ieee80211vap *vap = ni->ni_vap; 2681 struct ieee80211com *ic = vap->iv_ic; 2682 struct run_softc *sc = ic->ic_ifp->if_softc; 2683 uint8_t rate; 2684 uint8_t ridx; 2685 uint8_t wcid; 2686 int i, j; 2687 2688 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2689 1 : RUN_AID2WCID(ni->ni_associd); 2690 2691 if (wcid > RT2870_WCID_MAX) { 2692 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2693 return; 2694 } 2695 2696 /* only interested in true associations */ 2697 if (isnew && ni->ni_associd != 0) { 2698 2699 /* 2700 * This function could is called though timeout function. 2701 * Need to defer. 2702 */ 2703 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2704 DPRINTF("cmdq_store=%d\n", cnt); 2705 sc->cmdq[cnt].func = run_newassoc_cb; 2706 sc->cmdq[cnt].arg0 = NULL; 2707 sc->cmdq[cnt].arg1 = ni; 2708 sc->cmdq[cnt].wcid = wcid; 2709 ieee80211_runtask(ic, &sc->cmdq_task); 2710 } 2711 2712 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2713 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr)); 2714 2715 for (i = 0; i < rs->rs_nrates; i++) { 2716 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2717 /* convert 802.11 rate to hardware rate index */ 2718 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2719 if (rt2860_rates[ridx].rate == rate) 2720 break; 2721 rn->ridx[i] = ridx; 2722 /* determine rate of control response frames */ 2723 for (j = i; j >= 0; j--) { 2724 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2725 rt2860_rates[rn->ridx[i]].phy == 2726 rt2860_rates[rn->ridx[j]].phy) 2727 break; 2728 } 2729 if (j >= 0) { 2730 rn->ctl_ridx[i] = rn->ridx[j]; 2731 } else { 2732 /* no basic rate found, use mandatory one */ 2733 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2734 } 2735 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2736 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2737 } 2738 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2739 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2740 if (rt2860_rates[ridx].rate == rate) 2741 break; 2742 rn->mgt_ridx = ridx; 2743 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2744 2745 RUN_LOCK(sc); 2746 if(sc->ratectl_run != RUN_RATECTL_OFF) 2747 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2748 RUN_UNLOCK(sc); 2749 } 2750 2751 /* 2752 * Return the Rx chain with the highest RSSI for a given frame. 2753 */ 2754 static __inline uint8_t 2755 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2756 { 2757 uint8_t rxchain = 0; 2758 2759 if (sc->nrxchains > 1) { 2760 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2761 rxchain = 1; 2762 if (sc->nrxchains > 2) 2763 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2764 rxchain = 2; 2765 } 2766 return (rxchain); 2767 } 2768 2769 static void 2770 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2771 { 2772 struct ifnet *ifp = sc->sc_ifp; 2773 struct ieee80211com *ic = ifp->if_l2com; 2774 struct ieee80211_frame *wh; 2775 struct ieee80211_node *ni; 2776 struct rt2870_rxd *rxd; 2777 struct rt2860_rxwi *rxwi; 2778 uint32_t flags; 2779 uint16_t len, rxwisize; 2780 uint8_t ant, rssi; 2781 int8_t nf; 2782 2783 rxwi = mtod(m, struct rt2860_rxwi *); 2784 len = le16toh(rxwi->len) & 0xfff; 2785 rxwisize = sizeof(struct rt2860_rxwi); 2786 if (sc->mac_ver == 0x5592) 2787 rxwisize += sizeof(uint64_t); 2788 else if (sc->mac_ver == 0x3593) 2789 rxwisize += sizeof(uint32_t); 2790 if (__predict_false(len > dmalen)) { 2791 m_freem(m); 2792 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 2793 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2794 return; 2795 } 2796 /* Rx descriptor is located at the end */ 2797 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2798 flags = le32toh(rxd->flags); 2799 2800 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2801 m_freem(m); 2802 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 2803 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2804 return; 2805 } 2806 2807 m->m_data += rxwisize; 2808 m->m_pkthdr.len = m->m_len -= rxwisize; 2809 2810 wh = mtod(m, struct ieee80211_frame *); 2811 2812 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2813 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2814 m->m_flags |= M_WEP; 2815 } 2816 2817 if (flags & RT2860_RX_L2PAD) { 2818 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2819 len += 2; 2820 } 2821 2822 ni = ieee80211_find_rxnode(ic, 2823 mtod(m, struct ieee80211_frame_min *)); 2824 2825 if (__predict_false(flags & RT2860_RX_MICERR)) { 2826 /* report MIC failures to net80211 for TKIP */ 2827 if (ni != NULL) 2828 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2829 rxwi->keyidx); 2830 m_freem(m); 2831 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 2832 DPRINTF("MIC error. Someone is lying.\n"); 2833 return; 2834 } 2835 2836 ant = run_maxrssi_chain(sc, rxwi); 2837 rssi = rxwi->rssi[ant]; 2838 nf = run_rssi2dbm(sc, rssi, ant); 2839 2840 m->m_pkthdr.rcvif = ifp; 2841 m->m_pkthdr.len = m->m_len = len; 2842 2843 if (ni != NULL) { 2844 (void)ieee80211_input(ni, m, rssi, nf); 2845 ieee80211_free_node(ni); 2846 } else { 2847 (void)ieee80211_input_all(ic, m, rssi, nf); 2848 } 2849 2850 if (__predict_false(ieee80211_radiotap_active(ic))) { 2851 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2852 uint16_t phy; 2853 2854 tap->wr_flags = 0; 2855 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2856 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2857 tap->wr_antsignal = rssi; 2858 tap->wr_antenna = ant; 2859 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2860 tap->wr_rate = 2; /* in case it can't be found below */ 2861 phy = le16toh(rxwi->phy); 2862 switch (phy & RT2860_PHY_MODE) { 2863 case RT2860_PHY_CCK: 2864 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2865 case 0: tap->wr_rate = 2; break; 2866 case 1: tap->wr_rate = 4; break; 2867 case 2: tap->wr_rate = 11; break; 2868 case 3: tap->wr_rate = 22; break; 2869 } 2870 if (phy & RT2860_PHY_SHPRE) 2871 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2872 break; 2873 case RT2860_PHY_OFDM: 2874 switch (phy & RT2860_PHY_MCS) { 2875 case 0: tap->wr_rate = 12; break; 2876 case 1: tap->wr_rate = 18; break; 2877 case 2: tap->wr_rate = 24; break; 2878 case 3: tap->wr_rate = 36; break; 2879 case 4: tap->wr_rate = 48; break; 2880 case 5: tap->wr_rate = 72; break; 2881 case 6: tap->wr_rate = 96; break; 2882 case 7: tap->wr_rate = 108; break; 2883 } 2884 break; 2885 } 2886 } 2887 } 2888 2889 static void 2890 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2891 { 2892 struct run_softc *sc = usbd_xfer_softc(xfer); 2893 struct ifnet *ifp = sc->sc_ifp; 2894 struct mbuf *m = NULL; 2895 struct mbuf *m0; 2896 uint32_t dmalen; 2897 uint16_t rxwisize; 2898 int xferlen; 2899 2900 rxwisize = sizeof(struct rt2860_rxwi); 2901 if (sc->mac_ver == 0x5592) 2902 rxwisize += sizeof(uint64_t); 2903 else if (sc->mac_ver == 0x3593) 2904 rxwisize += sizeof(uint32_t); 2905 2906 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2907 2908 switch (USB_GET_STATE(xfer)) { 2909 case USB_ST_TRANSFERRED: 2910 2911 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2912 2913 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2914 sizeof(struct rt2870_rxd))) { 2915 DPRINTF("xfer too short %d\n", xferlen); 2916 goto tr_setup; 2917 } 2918 2919 m = sc->rx_m; 2920 sc->rx_m = NULL; 2921 2922 /* FALLTHROUGH */ 2923 case USB_ST_SETUP: 2924 tr_setup: 2925 if (sc->rx_m == NULL) { 2926 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2927 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2928 } 2929 if (sc->rx_m == NULL) { 2930 DPRINTF("could not allocate mbuf - idle with stall\n"); 2931 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 2932 usbd_xfer_set_stall(xfer); 2933 usbd_xfer_set_frames(xfer, 0); 2934 } else { 2935 /* 2936 * Directly loading a mbuf cluster into DMA to 2937 * save some data copying. This works because 2938 * there is only one cluster. 2939 */ 2940 usbd_xfer_set_frame_data(xfer, 0, 2941 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2942 usbd_xfer_set_frames(xfer, 1); 2943 } 2944 usbd_transfer_submit(xfer); 2945 break; 2946 2947 default: /* Error */ 2948 if (error != USB_ERR_CANCELLED) { 2949 /* try to clear stall first */ 2950 usbd_xfer_set_stall(xfer); 2951 2952 if (error == USB_ERR_TIMEOUT) 2953 device_printf(sc->sc_dev, "device timeout\n"); 2954 2955 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 2956 2957 goto tr_setup; 2958 } 2959 if (sc->rx_m != NULL) { 2960 m_freem(sc->rx_m); 2961 sc->rx_m = NULL; 2962 } 2963 break; 2964 } 2965 2966 if (m == NULL) 2967 return; 2968 2969 /* inputting all the frames must be last */ 2970 2971 RUN_UNLOCK(sc); 2972 2973 m->m_pkthdr.len = m->m_len = xferlen; 2974 2975 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2976 for(;;) { 2977 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2978 2979 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2980 ((dmalen & 3) != 0)) { 2981 DPRINTF("bad DMA length %u\n", dmalen); 2982 break; 2983 } 2984 if ((dmalen + 8) > (uint32_t)xferlen) { 2985 DPRINTF("bad DMA length %u > %d\n", 2986 dmalen + 8, xferlen); 2987 break; 2988 } 2989 2990 /* If it is the last one or a single frame, we won't copy. */ 2991 if ((xferlen -= dmalen + 8) <= 8) { 2992 /* trim 32-bit DMA-len header */ 2993 m->m_data += 4; 2994 m->m_pkthdr.len = m->m_len -= 4; 2995 run_rx_frame(sc, m, dmalen); 2996 m = NULL; /* don't free source buffer */ 2997 break; 2998 } 2999 3000 /* copy aggregated frames to another mbuf */ 3001 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 3002 if (__predict_false(m0 == NULL)) { 3003 DPRINTF("could not allocate mbuf\n"); 3004 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 3005 break; 3006 } 3007 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 3008 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 3009 m0->m_pkthdr.len = m0->m_len = 3010 dmalen + sizeof(struct rt2870_rxd); 3011 run_rx_frame(sc, m0, dmalen); 3012 3013 /* update data ptr */ 3014 m->m_data += dmalen + 8; 3015 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3016 } 3017 3018 /* make sure we free the source buffer, if any */ 3019 m_freem(m); 3020 3021 RUN_LOCK(sc); 3022 } 3023 3024 static void 3025 run_tx_free(struct run_endpoint_queue *pq, 3026 struct run_tx_data *data, int txerr) 3027 { 3028 if (data->m != NULL) { 3029 if (data->m->m_flags & M_TXCB) 3030 ieee80211_process_callback(data->ni, data->m, 3031 txerr ? ETIMEDOUT : 0); 3032 m_freem(data->m); 3033 data->m = NULL; 3034 3035 if (data->ni == NULL) { 3036 DPRINTF("no node\n"); 3037 } else { 3038 ieee80211_free_node(data->ni); 3039 data->ni = NULL; 3040 } 3041 } 3042 3043 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3044 pq->tx_nfree++; 3045 } 3046 3047 static void 3048 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3049 { 3050 struct run_softc *sc = usbd_xfer_softc(xfer); 3051 struct ifnet *ifp = sc->sc_ifp; 3052 struct ieee80211com *ic = ifp->if_l2com; 3053 struct run_tx_data *data; 3054 struct ieee80211vap *vap = NULL; 3055 struct usb_page_cache *pc; 3056 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3057 struct mbuf *m; 3058 usb_frlength_t size; 3059 int actlen; 3060 int sumlen; 3061 3062 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3063 3064 switch (USB_GET_STATE(xfer)) { 3065 case USB_ST_TRANSFERRED: 3066 DPRINTFN(11, "transfer complete: %d " 3067 "bytes @ index %d\n", actlen, index); 3068 3069 data = usbd_xfer_get_priv(xfer); 3070 3071 run_tx_free(pq, data, 0); 3072 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3073 3074 usbd_xfer_set_priv(xfer, NULL); 3075 3076 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 3077 3078 /* FALLTHROUGH */ 3079 case USB_ST_SETUP: 3080 tr_setup: 3081 data = STAILQ_FIRST(&pq->tx_qh); 3082 if (data == NULL) 3083 break; 3084 3085 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3086 3087 m = data->m; 3088 size = (sc->mac_ver == 0x5592) ? 3089 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3090 if ((m->m_pkthdr.len + 3091 size + 3 + 8) > RUN_MAX_TXSZ) { 3092 DPRINTF("data overflow, %u bytes\n", 3093 m->m_pkthdr.len); 3094 3095 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 3096 3097 run_tx_free(pq, data, 1); 3098 3099 goto tr_setup; 3100 } 3101 3102 pc = usbd_xfer_get_frame(xfer, 0); 3103 usbd_copy_in(pc, 0, &data->desc, size); 3104 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3105 size += m->m_pkthdr.len; 3106 /* 3107 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3108 * 4-byte padding), and be sure to zero those trailing 3109 * bytes: 3110 */ 3111 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3112 size += ((-size) & 3) + 8; 3113 3114 vap = data->ni->ni_vap; 3115 if (ieee80211_radiotap_active_vap(vap)) { 3116 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3117 struct rt2860_txwi *txwi = 3118 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3119 tap->wt_flags = 0; 3120 tap->wt_rate = rt2860_rates[data->ridx].rate; 3121 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3122 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3123 tap->wt_hwqueue = index; 3124 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3125 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3126 3127 ieee80211_radiotap_tx(vap, m); 3128 } 3129 3130 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3131 m->m_pkthdr.len, size, index); 3132 3133 usbd_xfer_set_frame_len(xfer, 0, size); 3134 usbd_xfer_set_priv(xfer, data); 3135 3136 usbd_transfer_submit(xfer); 3137 3138 RUN_UNLOCK(sc); 3139 run_start(ifp); 3140 RUN_LOCK(sc); 3141 3142 break; 3143 3144 default: 3145 DPRINTF("USB transfer error, %s\n", 3146 usbd_errstr(error)); 3147 3148 data = usbd_xfer_get_priv(xfer); 3149 3150 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 3151 3152 if (data != NULL) { 3153 if(data->ni != NULL) 3154 vap = data->ni->ni_vap; 3155 run_tx_free(pq, data, error); 3156 usbd_xfer_set_priv(xfer, NULL); 3157 } 3158 if (vap == NULL) 3159 vap = TAILQ_FIRST(&ic->ic_vaps); 3160 3161 if (error != USB_ERR_CANCELLED) { 3162 if (error == USB_ERR_TIMEOUT) { 3163 device_printf(sc->sc_dev, "device timeout\n"); 3164 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3165 DPRINTF("cmdq_store=%d\n", i); 3166 sc->cmdq[i].func = run_usb_timeout_cb; 3167 sc->cmdq[i].arg0 = vap; 3168 ieee80211_runtask(ic, &sc->cmdq_task); 3169 } 3170 3171 /* 3172 * Try to clear stall first, also if other 3173 * errors occur, hence clearing stall 3174 * introduces a 50 ms delay: 3175 */ 3176 usbd_xfer_set_stall(xfer); 3177 goto tr_setup; 3178 } 3179 break; 3180 } 3181 } 3182 3183 static void 3184 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3185 { 3186 run_bulk_tx_callbackN(xfer, error, 0); 3187 } 3188 3189 static void 3190 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3191 { 3192 run_bulk_tx_callbackN(xfer, error, 1); 3193 } 3194 3195 static void 3196 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3197 { 3198 run_bulk_tx_callbackN(xfer, error, 2); 3199 } 3200 3201 static void 3202 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3203 { 3204 run_bulk_tx_callbackN(xfer, error, 3); 3205 } 3206 3207 static void 3208 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3209 { 3210 run_bulk_tx_callbackN(xfer, error, 4); 3211 } 3212 3213 static void 3214 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3215 { 3216 run_bulk_tx_callbackN(xfer, error, 5); 3217 } 3218 3219 static void 3220 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3221 { 3222 struct mbuf *m = data->m; 3223 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3224 struct ieee80211vap *vap = data->ni->ni_vap; 3225 struct ieee80211_frame *wh; 3226 struct rt2870_txd *txd; 3227 struct rt2860_txwi *txwi; 3228 uint16_t xferlen, txwisize; 3229 uint16_t mcs; 3230 uint8_t ridx = data->ridx; 3231 uint8_t pad; 3232 3233 /* get MCS code from rate index */ 3234 mcs = rt2860_rates[ridx].mcs; 3235 3236 txwisize = (sc->mac_ver == 0x5592) ? 3237 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3238 xferlen = txwisize + m->m_pkthdr.len; 3239 3240 /* roundup to 32-bit alignment */ 3241 xferlen = (xferlen + 3) & ~3; 3242 3243 txd = (struct rt2870_txd *)&data->desc; 3244 txd->len = htole16(xferlen); 3245 3246 wh = mtod(m, struct ieee80211_frame *); 3247 3248 /* 3249 * Ether both are true or both are false, the header 3250 * are nicely aligned to 32-bit. So, no L2 padding. 3251 */ 3252 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3253 pad = 0; 3254 else 3255 pad = 2; 3256 3257 /* setup TX Wireless Information */ 3258 txwi = (struct rt2860_txwi *)(txd + 1); 3259 txwi->len = htole16(m->m_pkthdr.len - pad); 3260 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3261 mcs |= RT2860_PHY_CCK; 3262 if (ridx != RT2860_RIDX_CCK1 && 3263 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3264 mcs |= RT2860_PHY_SHPRE; 3265 } else 3266 mcs |= RT2860_PHY_OFDM; 3267 txwi->phy = htole16(mcs); 3268 3269 /* check if RTS/CTS or CTS-to-self protection is required */ 3270 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3271 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3272 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3273 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3274 txwi->txop |= RT2860_TX_TXOP_HT; 3275 else 3276 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3277 3278 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3279 txwi->xflags |= RT2860_TX_NSEQ; 3280 } 3281 3282 /* This function must be called locked */ 3283 static int 3284 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3285 { 3286 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3287 struct ieee80211vap *vap = ni->ni_vap; 3288 struct ieee80211_frame *wh; 3289 struct ieee80211_channel *chan; 3290 const struct ieee80211_txparam *tp; 3291 struct run_node *rn = (void *)ni; 3292 struct run_tx_data *data; 3293 struct rt2870_txd *txd; 3294 struct rt2860_txwi *txwi; 3295 uint16_t qos; 3296 uint16_t dur; 3297 uint16_t qid; 3298 uint8_t type; 3299 uint8_t tid; 3300 uint8_t ridx; 3301 uint8_t ctl_ridx; 3302 uint8_t qflags; 3303 uint8_t xflags = 0; 3304 int hasqos; 3305 3306 RUN_LOCK_ASSERT(sc, MA_OWNED); 3307 3308 wh = mtod(m, struct ieee80211_frame *); 3309 3310 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3311 3312 /* 3313 * There are 7 bulk endpoints: 1 for RX 3314 * and 6 for TX (4 EDCAs + HCCA + Prio). 3315 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3316 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3317 */ 3318 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3319 uint8_t *frm; 3320 3321 if(IEEE80211_HAS_ADDR4(wh)) 3322 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3323 else 3324 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3325 3326 qos = le16toh(*(const uint16_t *)frm); 3327 tid = qos & IEEE80211_QOS_TID; 3328 qid = TID_TO_WME_AC(tid); 3329 } else { 3330 qos = 0; 3331 tid = 0; 3332 qid = WME_AC_BE; 3333 } 3334 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3335 3336 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3337 qos, qid, tid, qflags); 3338 3339 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3340 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3341 3342 /* pickup a rate index */ 3343 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3344 type != IEEE80211_FC0_TYPE_DATA || m->m_flags & M_EAPOL) { 3345 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3346 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3347 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3348 } else { 3349 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3350 ridx = rn->fix_ridx; 3351 else 3352 ridx = rn->amrr_ridx; 3353 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3354 } 3355 3356 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3357 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3358 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3359 xflags |= RT2860_TX_ACK; 3360 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3361 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3362 else 3363 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3364 USETW(wh->i_dur, dur); 3365 } 3366 3367 /* reserve slots for mgmt packets, just in case */ 3368 if (sc->sc_epq[qid].tx_nfree < 3) { 3369 DPRINTFN(10, "tx ring %d is full\n", qid); 3370 return (-1); 3371 } 3372 3373 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3374 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3375 sc->sc_epq[qid].tx_nfree--; 3376 3377 txd = (struct rt2870_txd *)&data->desc; 3378 txd->flags = qflags; 3379 txwi = (struct rt2860_txwi *)(txd + 1); 3380 txwi->xflags = xflags; 3381 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3382 txwi->wcid = 0; 3383 else 3384 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3385 1 : RUN_AID2WCID(ni->ni_associd); 3386 3387 /* clear leftover garbage bits */ 3388 txwi->flags = 0; 3389 txwi->txop = 0; 3390 3391 data->m = m; 3392 data->ni = ni; 3393 data->ridx = ridx; 3394 3395 run_set_tx_desc(sc, data); 3396 3397 /* 3398 * The chip keeps track of 2 kind of Tx stats, 3399 * * TX_STAT_FIFO, for per WCID stats, and 3400 * * TX_STA_CNT0 for all-TX-in-one stats. 3401 * 3402 * To use FIFO stats, we need to store MCS into the driver-private 3403 * PacketID field. So that, we can tell whose stats when we read them. 3404 * We add 1 to the MCS because setting the PacketID field to 0 means 3405 * that we don't want feedback in TX_STAT_FIFO. 3406 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3407 * 3408 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3409 */ 3410 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3411 vap->iv_opmode == IEEE80211_M_MBSS) { 3412 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3413 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3414 3415 /* 3416 * Unlike PCI based devices, we don't get any interrupt from 3417 * USB devices, so we simulate FIFO-is-full interrupt here. 3418 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3419 * quickly get fulled. To prevent overflow, increment a counter on 3420 * every FIFO stat request, so we know how many slots are left. 3421 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3422 * are used only in those modes. 3423 * We just drain stats. AMRR gets updated every 1 sec by 3424 * run_ratectl_cb() via callout. 3425 * Call it early. Otherwise overflow. 3426 */ 3427 if (sc->fifo_cnt++ == 10) { 3428 /* 3429 * With multiple vaps or if_bridge, if_start() is called 3430 * with a non-sleepable lock, tcpinp. So, need to defer. 3431 */ 3432 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3433 DPRINTFN(6, "cmdq_store=%d\n", i); 3434 sc->cmdq[i].func = run_drain_fifo; 3435 sc->cmdq[i].arg0 = sc; 3436 ieee80211_runtask(ic, &sc->cmdq_task); 3437 } 3438 } 3439 3440 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3441 3442 usbd_transfer_start(sc->sc_xfer[qid]); 3443 3444 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3445 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3446 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3447 3448 return (0); 3449 } 3450 3451 static int 3452 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3453 { 3454 struct ifnet *ifp = sc->sc_ifp; 3455 struct ieee80211com *ic = ifp->if_l2com; 3456 struct run_node *rn = (void *)ni; 3457 struct run_tx_data *data; 3458 struct ieee80211_frame *wh; 3459 struct rt2870_txd *txd; 3460 struct rt2860_txwi *txwi; 3461 uint16_t dur; 3462 uint8_t ridx = rn->mgt_ridx; 3463 uint8_t type; 3464 uint8_t xflags = 0; 3465 uint8_t wflags = 0; 3466 3467 RUN_LOCK_ASSERT(sc, MA_OWNED); 3468 3469 wh = mtod(m, struct ieee80211_frame *); 3470 3471 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3472 3473 /* tell hardware to add timestamp for probe responses */ 3474 if ((wh->i_fc[0] & 3475 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3476 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3477 wflags |= RT2860_TX_TS; 3478 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3479 xflags |= RT2860_TX_ACK; 3480 3481 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3482 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3483 USETW(wh->i_dur, dur); 3484 } 3485 3486 if (sc->sc_epq[0].tx_nfree == 0) { 3487 /* let caller free mbuf */ 3488 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3489 return (EIO); 3490 } 3491 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3492 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3493 sc->sc_epq[0].tx_nfree--; 3494 3495 txd = (struct rt2870_txd *)&data->desc; 3496 txd->flags = RT2860_TX_QSEL_EDCA; 3497 txwi = (struct rt2860_txwi *)(txd + 1); 3498 txwi->wcid = 0xff; 3499 txwi->flags = wflags; 3500 txwi->xflags = xflags; 3501 txwi->txop = 0; /* clear leftover garbage bits */ 3502 3503 data->m = m; 3504 data->ni = ni; 3505 data->ridx = ridx; 3506 3507 run_set_tx_desc(sc, data); 3508 3509 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3510 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3511 rt2860_rates[ridx].rate); 3512 3513 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3514 3515 usbd_transfer_start(sc->sc_xfer[0]); 3516 3517 return (0); 3518 } 3519 3520 static int 3521 run_sendprot(struct run_softc *sc, 3522 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3523 { 3524 struct ieee80211com *ic = ni->ni_ic; 3525 struct ieee80211_frame *wh; 3526 struct run_tx_data *data; 3527 struct rt2870_txd *txd; 3528 struct rt2860_txwi *txwi; 3529 struct mbuf *mprot; 3530 int ridx; 3531 int protrate; 3532 int ackrate; 3533 int pktlen; 3534 int isshort; 3535 uint16_t dur; 3536 uint8_t type; 3537 uint8_t wflags = 0; 3538 uint8_t xflags = 0; 3539 3540 RUN_LOCK_ASSERT(sc, MA_OWNED); 3541 3542 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3543 ("protection %d", prot)); 3544 3545 wh = mtod(m, struct ieee80211_frame *); 3546 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3547 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3548 3549 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3550 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3551 3552 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3553 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3554 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3555 wflags = RT2860_TX_FRAG; 3556 3557 /* check that there are free slots before allocating the mbuf */ 3558 if (sc->sc_epq[0].tx_nfree == 0) { 3559 /* let caller free mbuf */ 3560 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3561 return (ENOBUFS); 3562 } 3563 3564 if (prot == IEEE80211_PROT_RTSCTS) { 3565 /* NB: CTS is the same size as an ACK */ 3566 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3567 xflags |= RT2860_TX_ACK; 3568 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3569 } else { 3570 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3571 } 3572 if (mprot == NULL) { 3573 if_inc_counter(sc->sc_ifp, IFCOUNTER_OERRORS, 1); 3574 DPRINTF("could not allocate mbuf\n"); 3575 return (ENOBUFS); 3576 } 3577 3578 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3579 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3580 sc->sc_epq[0].tx_nfree--; 3581 3582 txd = (struct rt2870_txd *)&data->desc; 3583 txd->flags = RT2860_TX_QSEL_EDCA; 3584 txwi = (struct rt2860_txwi *)(txd + 1); 3585 txwi->wcid = 0xff; 3586 txwi->flags = wflags; 3587 txwi->xflags = xflags; 3588 txwi->txop = 0; /* clear leftover garbage bits */ 3589 3590 data->m = mprot; 3591 data->ni = ieee80211_ref_node(ni); 3592 3593 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3594 if (rt2860_rates[ridx].rate == protrate) 3595 break; 3596 data->ridx = ridx; 3597 3598 run_set_tx_desc(sc, data); 3599 3600 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3601 m->m_pkthdr.len, rate); 3602 3603 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3604 3605 usbd_transfer_start(sc->sc_xfer[0]); 3606 3607 return (0); 3608 } 3609 3610 static int 3611 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3612 const struct ieee80211_bpf_params *params) 3613 { 3614 struct ieee80211com *ic = ni->ni_ic; 3615 struct ieee80211_frame *wh; 3616 struct run_tx_data *data; 3617 struct rt2870_txd *txd; 3618 struct rt2860_txwi *txwi; 3619 uint8_t type; 3620 uint8_t ridx; 3621 uint8_t rate; 3622 uint8_t opflags = 0; 3623 uint8_t xflags = 0; 3624 int error; 3625 3626 RUN_LOCK_ASSERT(sc, MA_OWNED); 3627 3628 KASSERT(params != NULL, ("no raw xmit params")); 3629 3630 wh = mtod(m, struct ieee80211_frame *); 3631 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3632 3633 rate = params->ibp_rate0; 3634 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3635 /* let caller free mbuf */ 3636 return (EINVAL); 3637 } 3638 3639 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3640 xflags |= RT2860_TX_ACK; 3641 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3642 error = run_sendprot(sc, m, ni, 3643 params->ibp_flags & IEEE80211_BPF_RTS ? 3644 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3645 rate); 3646 if (error) { 3647 /* let caller free mbuf */ 3648 return error; 3649 } 3650 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3651 } 3652 3653 if (sc->sc_epq[0].tx_nfree == 0) { 3654 /* let caller free mbuf */ 3655 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3656 DPRINTF("sending raw frame, but tx ring is full\n"); 3657 return (EIO); 3658 } 3659 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3660 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3661 sc->sc_epq[0].tx_nfree--; 3662 3663 txd = (struct rt2870_txd *)&data->desc; 3664 txd->flags = RT2860_TX_QSEL_EDCA; 3665 txwi = (struct rt2860_txwi *)(txd + 1); 3666 txwi->wcid = 0xff; 3667 txwi->xflags = xflags; 3668 txwi->txop = opflags; 3669 txwi->flags = 0; /* clear leftover garbage bits */ 3670 3671 data->m = m; 3672 data->ni = ni; 3673 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3674 if (rt2860_rates[ridx].rate == rate) 3675 break; 3676 data->ridx = ridx; 3677 3678 run_set_tx_desc(sc, data); 3679 3680 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3681 m->m_pkthdr.len, rate); 3682 3683 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3684 3685 usbd_transfer_start(sc->sc_xfer[0]); 3686 3687 return (0); 3688 } 3689 3690 static int 3691 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3692 const struct ieee80211_bpf_params *params) 3693 { 3694 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3695 struct run_softc *sc = ifp->if_softc; 3696 int error = 0; 3697 3698 RUN_LOCK(sc); 3699 3700 /* prevent management frames from being sent if we're not ready */ 3701 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3702 error = ENETDOWN; 3703 goto done; 3704 } 3705 3706 if (params == NULL) { 3707 /* tx mgt packet */ 3708 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3709 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 3710 DPRINTF("mgt tx failed\n"); 3711 goto done; 3712 } 3713 } else { 3714 /* tx raw packet with param */ 3715 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3716 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 3717 DPRINTF("tx with param failed\n"); 3718 goto done; 3719 } 3720 } 3721 3722 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 3723 3724 done: 3725 RUN_UNLOCK(sc); 3726 3727 if (error != 0) { 3728 if(m != NULL) 3729 m_freem(m); 3730 ieee80211_free_node(ni); 3731 } 3732 3733 return (error); 3734 } 3735 3736 static void 3737 run_start(struct ifnet *ifp) 3738 { 3739 struct run_softc *sc = ifp->if_softc; 3740 struct ieee80211_node *ni; 3741 struct mbuf *m; 3742 3743 RUN_LOCK(sc); 3744 3745 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 3746 RUN_UNLOCK(sc); 3747 return; 3748 } 3749 3750 for (;;) { 3751 /* send data frames */ 3752 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 3753 if (m == NULL) 3754 break; 3755 3756 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3757 if (run_tx(sc, m, ni) != 0) { 3758 IFQ_DRV_PREPEND(&ifp->if_snd, m); 3759 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3760 break; 3761 } 3762 } 3763 3764 RUN_UNLOCK(sc); 3765 } 3766 3767 static int 3768 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3769 { 3770 struct run_softc *sc = ifp->if_softc; 3771 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3772 struct ifreq *ifr = (struct ifreq *) data; 3773 int startall = 0; 3774 int error; 3775 3776 RUN_LOCK(sc); 3777 error = sc->sc_detached ? ENXIO : 0; 3778 RUN_UNLOCK(sc); 3779 if (error) 3780 return (error); 3781 3782 switch (cmd) { 3783 case SIOCSIFFLAGS: 3784 RUN_LOCK(sc); 3785 if (ifp->if_flags & IFF_UP) { 3786 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){ 3787 startall = 1; 3788 run_init_locked(sc); 3789 } else 3790 run_update_promisc_locked(sc); 3791 } else { 3792 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 3793 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3794 run_stop(sc); 3795 } 3796 } 3797 RUN_UNLOCK(sc); 3798 if (startall) 3799 ieee80211_start_all(ic); 3800 break; 3801 case SIOCGIFMEDIA: 3802 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3803 break; 3804 case SIOCGIFADDR: 3805 error = ether_ioctl(ifp, cmd, data); 3806 break; 3807 default: 3808 error = EINVAL; 3809 break; 3810 } 3811 3812 return (error); 3813 } 3814 3815 static void 3816 run_iq_calib(struct run_softc *sc, u_int chan) 3817 { 3818 uint16_t val; 3819 3820 /* Tx0 IQ gain. */ 3821 run_bbp_write(sc, 158, 0x2c); 3822 if (chan <= 14) 3823 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3824 else if (chan <= 64) { 3825 run_efuse_read(sc, 3826 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3827 &val, 1); 3828 } else if (chan <= 138) { 3829 run_efuse_read(sc, 3830 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3831 &val, 1); 3832 } else if (chan <= 165) { 3833 run_efuse_read(sc, 3834 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3835 &val, 1); 3836 } else 3837 val = 0; 3838 run_bbp_write(sc, 159, val); 3839 3840 /* Tx0 IQ phase. */ 3841 run_bbp_write(sc, 158, 0x2d); 3842 if (chan <= 14) { 3843 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3844 &val, 1); 3845 } else if (chan <= 64) { 3846 run_efuse_read(sc, 3847 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3848 &val, 1); 3849 } else if (chan <= 138) { 3850 run_efuse_read(sc, 3851 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3852 &val, 1); 3853 } else if (chan <= 165) { 3854 run_efuse_read(sc, 3855 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3856 &val, 1); 3857 } else 3858 val = 0; 3859 run_bbp_write(sc, 159, val); 3860 3861 /* Tx1 IQ gain. */ 3862 run_bbp_write(sc, 158, 0x4a); 3863 if (chan <= 14) { 3864 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3865 &val, 1); 3866 } else if (chan <= 64) { 3867 run_efuse_read(sc, 3868 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3869 &val, 1); 3870 } else if (chan <= 138) { 3871 run_efuse_read(sc, 3872 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3873 &val, 1); 3874 } else if (chan <= 165) { 3875 run_efuse_read(sc, 3876 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3877 &val, 1); 3878 } else 3879 val = 0; 3880 run_bbp_write(sc, 159, val); 3881 3882 /* Tx1 IQ phase. */ 3883 run_bbp_write(sc, 158, 0x4b); 3884 if (chan <= 14) { 3885 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3886 &val, 1); 3887 } else if (chan <= 64) { 3888 run_efuse_read(sc, 3889 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3890 &val, 1); 3891 } else if (chan <= 138) { 3892 run_efuse_read(sc, 3893 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3894 &val, 1); 3895 } else if (chan <= 165) { 3896 run_efuse_read(sc, 3897 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3898 &val, 1); 3899 } else 3900 val = 0; 3901 run_bbp_write(sc, 159, val); 3902 3903 /* RF IQ compensation control. */ 3904 run_bbp_write(sc, 158, 0x04); 3905 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3906 &val, 1); 3907 run_bbp_write(sc, 159, val); 3908 3909 /* RF IQ imbalance compensation control. */ 3910 run_bbp_write(sc, 158, 0x03); 3911 run_efuse_read(sc, 3912 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3913 run_bbp_write(sc, 159, val); 3914 } 3915 3916 static void 3917 run_set_agc(struct run_softc *sc, uint8_t agc) 3918 { 3919 uint8_t bbp; 3920 3921 if (sc->mac_ver == 0x3572) { 3922 run_bbp_read(sc, 27, &bbp); 3923 bbp &= ~(0x3 << 5); 3924 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3925 run_bbp_write(sc, 66, agc); 3926 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3927 run_bbp_write(sc, 66, agc); 3928 } else 3929 run_bbp_write(sc, 66, agc); 3930 } 3931 3932 static void 3933 run_select_chan_group(struct run_softc *sc, int group) 3934 { 3935 uint32_t tmp; 3936 uint8_t agc; 3937 3938 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3939 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3940 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3941 if (sc->mac_ver < 0x3572) 3942 run_bbp_write(sc, 86, 0x00); 3943 3944 if (sc->mac_ver == 0x3593) { 3945 run_bbp_write(sc, 77, 0x98); 3946 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3947 } 3948 3949 if (group == 0) { 3950 if (sc->ext_2ghz_lna) { 3951 if (sc->mac_ver >= 0x5390) 3952 run_bbp_write(sc, 75, 0x52); 3953 else { 3954 run_bbp_write(sc, 82, 0x62); 3955 run_bbp_write(sc, 75, 0x46); 3956 } 3957 } else { 3958 if (sc->mac_ver == 0x5592) { 3959 run_bbp_write(sc, 79, 0x1c); 3960 run_bbp_write(sc, 80, 0x0e); 3961 run_bbp_write(sc, 81, 0x3a); 3962 run_bbp_write(sc, 82, 0x62); 3963 3964 run_bbp_write(sc, 195, 0x80); 3965 run_bbp_write(sc, 196, 0xe0); 3966 run_bbp_write(sc, 195, 0x81); 3967 run_bbp_write(sc, 196, 0x1f); 3968 run_bbp_write(sc, 195, 0x82); 3969 run_bbp_write(sc, 196, 0x38); 3970 run_bbp_write(sc, 195, 0x83); 3971 run_bbp_write(sc, 196, 0x32); 3972 run_bbp_write(sc, 195, 0x85); 3973 run_bbp_write(sc, 196, 0x28); 3974 run_bbp_write(sc, 195, 0x86); 3975 run_bbp_write(sc, 196, 0x19); 3976 } else if (sc->mac_ver >= 0x5390) 3977 run_bbp_write(sc, 75, 0x50); 3978 else { 3979 run_bbp_write(sc, 82, 3980 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3981 run_bbp_write(sc, 75, 0x50); 3982 } 3983 } 3984 } else { 3985 if (sc->mac_ver == 0x5592) { 3986 run_bbp_write(sc, 79, 0x18); 3987 run_bbp_write(sc, 80, 0x08); 3988 run_bbp_write(sc, 81, 0x38); 3989 run_bbp_write(sc, 82, 0x92); 3990 3991 run_bbp_write(sc, 195, 0x80); 3992 run_bbp_write(sc, 196, 0xf0); 3993 run_bbp_write(sc, 195, 0x81); 3994 run_bbp_write(sc, 196, 0x1e); 3995 run_bbp_write(sc, 195, 0x82); 3996 run_bbp_write(sc, 196, 0x28); 3997 run_bbp_write(sc, 195, 0x83); 3998 run_bbp_write(sc, 196, 0x20); 3999 run_bbp_write(sc, 195, 0x85); 4000 run_bbp_write(sc, 196, 0x7f); 4001 run_bbp_write(sc, 195, 0x86); 4002 run_bbp_write(sc, 196, 0x7f); 4003 } else if (sc->mac_ver == 0x3572) 4004 run_bbp_write(sc, 82, 0x94); 4005 else 4006 run_bbp_write(sc, 82, 4007 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 4008 if (sc->ext_5ghz_lna) 4009 run_bbp_write(sc, 75, 0x46); 4010 else 4011 run_bbp_write(sc, 75, 0x50); 4012 } 4013 4014 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 4015 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4016 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4017 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4018 4019 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4020 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4021 if (sc->mac_ver == 0x3593) 4022 tmp |= 1 << 29 | 1 << 28; 4023 if (sc->nrxchains > 1) 4024 tmp |= RT2860_LNA_PE1_EN; 4025 if (group == 0) { /* 2GHz */ 4026 tmp |= RT2860_PA_PE_G0_EN; 4027 if (sc->ntxchains > 1) 4028 tmp |= RT2860_PA_PE_G1_EN; 4029 if (sc->mac_ver == 0x3593) { 4030 if (sc->ntxchains > 2) 4031 tmp |= 1 << 25; 4032 } 4033 } else { /* 5GHz */ 4034 tmp |= RT2860_PA_PE_A0_EN; 4035 if (sc->ntxchains > 1) 4036 tmp |= RT2860_PA_PE_A1_EN; 4037 } 4038 if (sc->mac_ver == 0x3572) { 4039 run_rt3070_rf_write(sc, 8, 0x00); 4040 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4041 run_rt3070_rf_write(sc, 8, 0x80); 4042 } else 4043 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4044 4045 if (sc->mac_ver == 0x5592) { 4046 run_bbp_write(sc, 195, 0x8d); 4047 run_bbp_write(sc, 196, 0x1a); 4048 } 4049 4050 if (sc->mac_ver == 0x3593) { 4051 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4052 tmp &= ~0x01010000; 4053 if (group == 0) 4054 tmp |= 0x00010000; 4055 tmp = (tmp & ~0x00009090) | 0x00000090; 4056 run_write(sc, RT2860_GPIO_CTRL, tmp); 4057 } 4058 4059 /* set initial AGC value */ 4060 if (group == 0) { /* 2GHz band */ 4061 if (sc->mac_ver >= 0x3070) 4062 agc = 0x1c + sc->lna[0] * 2; 4063 else 4064 agc = 0x2e + sc->lna[0]; 4065 } else { /* 5GHz band */ 4066 if (sc->mac_ver == 0x5592) 4067 agc = 0x24 + sc->lna[group] * 2; 4068 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4069 agc = 0x22 + (sc->lna[group] * 5) / 3; 4070 else 4071 agc = 0x32 + (sc->lna[group] * 5) / 3; 4072 } 4073 run_set_agc(sc, agc); 4074 } 4075 4076 static void 4077 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4078 { 4079 const struct rfprog *rfprog = rt2860_rf2850; 4080 uint32_t r2, r3, r4; 4081 int8_t txpow1, txpow2; 4082 int i; 4083 4084 /* find the settings for this channel (we know it exists) */ 4085 for (i = 0; rfprog[i].chan != chan; i++); 4086 4087 r2 = rfprog[i].r2; 4088 if (sc->ntxchains == 1) 4089 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4090 if (sc->nrxchains == 1) 4091 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4092 else if (sc->nrxchains == 2) 4093 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4094 4095 /* use Tx power values from EEPROM */ 4096 txpow1 = sc->txpow1[i]; 4097 txpow2 = sc->txpow2[i]; 4098 4099 /* Initialize RF R3 and R4. */ 4100 r3 = rfprog[i].r3 & 0xffffc1ff; 4101 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4102 if (chan > 14) { 4103 if (txpow1 >= 0) { 4104 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4105 r3 |= (txpow1 << 10) | (1 << 9); 4106 } else { 4107 txpow1 += 7; 4108 4109 /* txpow1 is not possible larger than 15. */ 4110 r3 |= (txpow1 << 10); 4111 } 4112 if (txpow2 >= 0) { 4113 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4114 r4 |= (txpow2 << 7) | (1 << 6); 4115 } else { 4116 txpow2 += 7; 4117 r4 |= (txpow2 << 7); 4118 } 4119 } else { 4120 /* Set Tx0 power. */ 4121 r3 |= (txpow1 << 9); 4122 4123 /* Set frequency offset and Tx1 power. */ 4124 r4 |= (txpow2 << 6); 4125 } 4126 4127 run_rt2870_rf_write(sc, rfprog[i].r1); 4128 run_rt2870_rf_write(sc, r2); 4129 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4130 run_rt2870_rf_write(sc, r4); 4131 4132 run_delay(sc, 10); 4133 4134 run_rt2870_rf_write(sc, rfprog[i].r1); 4135 run_rt2870_rf_write(sc, r2); 4136 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4137 run_rt2870_rf_write(sc, r4); 4138 4139 run_delay(sc, 10); 4140 4141 run_rt2870_rf_write(sc, rfprog[i].r1); 4142 run_rt2870_rf_write(sc, r2); 4143 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4144 run_rt2870_rf_write(sc, r4); 4145 } 4146 4147 static void 4148 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4149 { 4150 int8_t txpow1, txpow2; 4151 uint8_t rf; 4152 int i; 4153 4154 /* find the settings for this channel (we know it exists) */ 4155 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4156 4157 /* use Tx power values from EEPROM */ 4158 txpow1 = sc->txpow1[i]; 4159 txpow2 = sc->txpow2[i]; 4160 4161 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4162 4163 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4164 run_rt3070_rf_read(sc, 3, &rf); 4165 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4166 run_rt3070_rf_write(sc, 3, rf); 4167 4168 run_rt3070_rf_read(sc, 6, &rf); 4169 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4170 run_rt3070_rf_write(sc, 6, rf); 4171 4172 /* set Tx0 power */ 4173 run_rt3070_rf_read(sc, 12, &rf); 4174 rf = (rf & ~0x1f) | txpow1; 4175 run_rt3070_rf_write(sc, 12, rf); 4176 4177 /* set Tx1 power */ 4178 run_rt3070_rf_read(sc, 13, &rf); 4179 rf = (rf & ~0x1f) | txpow2; 4180 run_rt3070_rf_write(sc, 13, rf); 4181 4182 run_rt3070_rf_read(sc, 1, &rf); 4183 rf &= ~0xfc; 4184 if (sc->ntxchains == 1) 4185 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4186 else if (sc->ntxchains == 2) 4187 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4188 if (sc->nrxchains == 1) 4189 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4190 else if (sc->nrxchains == 2) 4191 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4192 run_rt3070_rf_write(sc, 1, rf); 4193 4194 /* set RF offset */ 4195 run_rt3070_rf_read(sc, 23, &rf); 4196 rf = (rf & ~0x7f) | sc->freq; 4197 run_rt3070_rf_write(sc, 23, rf); 4198 4199 /* program RF filter */ 4200 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4201 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4202 run_rt3070_rf_write(sc, 24, rf); 4203 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4204 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4205 run_rt3070_rf_write(sc, 31, rf); 4206 4207 /* enable RF tuning */ 4208 run_rt3070_rf_read(sc, 7, &rf); 4209 run_rt3070_rf_write(sc, 7, rf | 0x01); 4210 } 4211 4212 static void 4213 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4214 { 4215 int8_t txpow1, txpow2; 4216 uint32_t tmp; 4217 uint8_t rf; 4218 int i; 4219 4220 /* find the settings for this channel (we know it exists) */ 4221 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4222 4223 /* use Tx power values from EEPROM */ 4224 txpow1 = sc->txpow1[i]; 4225 txpow2 = sc->txpow2[i]; 4226 4227 if (chan <= 14) { 4228 run_bbp_write(sc, 25, sc->bbp25); 4229 run_bbp_write(sc, 26, sc->bbp26); 4230 } else { 4231 /* enable IQ phase correction */ 4232 run_bbp_write(sc, 25, 0x09); 4233 run_bbp_write(sc, 26, 0xff); 4234 } 4235 4236 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4237 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4238 run_rt3070_rf_read(sc, 6, &rf); 4239 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4240 rf |= (chan <= 14) ? 0x08 : 0x04; 4241 run_rt3070_rf_write(sc, 6, rf); 4242 4243 /* set PLL mode */ 4244 run_rt3070_rf_read(sc, 5, &rf); 4245 rf &= ~(0x08 | 0x04); 4246 rf |= (chan <= 14) ? 0x04 : 0x08; 4247 run_rt3070_rf_write(sc, 5, rf); 4248 4249 /* set Tx power for chain 0 */ 4250 if (chan <= 14) 4251 rf = 0x60 | txpow1; 4252 else 4253 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4254 run_rt3070_rf_write(sc, 12, rf); 4255 4256 /* set Tx power for chain 1 */ 4257 if (chan <= 14) 4258 rf = 0x60 | txpow2; 4259 else 4260 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4261 run_rt3070_rf_write(sc, 13, rf); 4262 4263 /* set Tx/Rx streams */ 4264 run_rt3070_rf_read(sc, 1, &rf); 4265 rf &= ~0xfc; 4266 if (sc->ntxchains == 1) 4267 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4268 else if (sc->ntxchains == 2) 4269 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4270 if (sc->nrxchains == 1) 4271 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4272 else if (sc->nrxchains == 2) 4273 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4274 run_rt3070_rf_write(sc, 1, rf); 4275 4276 /* set RF offset */ 4277 run_rt3070_rf_read(sc, 23, &rf); 4278 rf = (rf & ~0x7f) | sc->freq; 4279 run_rt3070_rf_write(sc, 23, rf); 4280 4281 /* program RF filter */ 4282 rf = sc->rf24_20mhz; 4283 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4284 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4285 4286 /* enable RF tuning */ 4287 run_rt3070_rf_read(sc, 7, &rf); 4288 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4289 run_rt3070_rf_write(sc, 7, rf); 4290 4291 /* TSSI */ 4292 rf = (chan <= 14) ? 0xc3 : 0xc0; 4293 run_rt3070_rf_write(sc, 9, rf); 4294 4295 /* set loop filter 1 */ 4296 run_rt3070_rf_write(sc, 10, 0xf1); 4297 /* set loop filter 2 */ 4298 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4299 4300 /* set tx_mx2_ic */ 4301 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4302 /* set tx_mx1_ic */ 4303 if (chan <= 14) 4304 rf = 0x48 | sc->txmixgain_2ghz; 4305 else 4306 rf = 0x78 | sc->txmixgain_5ghz; 4307 run_rt3070_rf_write(sc, 16, rf); 4308 4309 /* set tx_lo1 */ 4310 run_rt3070_rf_write(sc, 17, 0x23); 4311 /* set tx_lo2 */ 4312 if (chan <= 14) 4313 rf = 0x93; 4314 else if (chan <= 64) 4315 rf = 0xb7; 4316 else if (chan <= 128) 4317 rf = 0x74; 4318 else 4319 rf = 0x72; 4320 run_rt3070_rf_write(sc, 19, rf); 4321 4322 /* set rx_lo1 */ 4323 if (chan <= 14) 4324 rf = 0xb3; 4325 else if (chan <= 64) 4326 rf = 0xf6; 4327 else if (chan <= 128) 4328 rf = 0xf4; 4329 else 4330 rf = 0xf3; 4331 run_rt3070_rf_write(sc, 20, rf); 4332 4333 /* set pfd_delay */ 4334 if (chan <= 14) 4335 rf = 0x15; 4336 else if (chan <= 64) 4337 rf = 0x3d; 4338 else 4339 rf = 0x01; 4340 run_rt3070_rf_write(sc, 25, rf); 4341 4342 /* set rx_lo2 */ 4343 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4344 /* set ldo_rf_vc */ 4345 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4346 /* set drv_cc */ 4347 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4348 4349 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4350 tmp &= ~0x8080; 4351 if (chan <= 14) 4352 tmp |= 0x80; 4353 run_write(sc, RT2860_GPIO_CTRL, tmp); 4354 4355 /* enable RF tuning */ 4356 run_rt3070_rf_read(sc, 7, &rf); 4357 run_rt3070_rf_write(sc, 7, rf | 0x01); 4358 4359 run_delay(sc, 2); 4360 } 4361 4362 static void 4363 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4364 { 4365 int8_t txpow1, txpow2, txpow3; 4366 uint8_t h20mhz, rf; 4367 int i; 4368 4369 /* find the settings for this channel (we know it exists) */ 4370 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4371 4372 /* use Tx power values from EEPROM */ 4373 txpow1 = sc->txpow1[i]; 4374 txpow2 = sc->txpow2[i]; 4375 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4376 4377 if (chan <= 14) { 4378 run_bbp_write(sc, 25, sc->bbp25); 4379 run_bbp_write(sc, 26, sc->bbp26); 4380 } else { 4381 /* Enable IQ phase correction. */ 4382 run_bbp_write(sc, 25, 0x09); 4383 run_bbp_write(sc, 26, 0xff); 4384 } 4385 4386 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4387 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4388 run_rt3070_rf_read(sc, 11, &rf); 4389 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4390 run_rt3070_rf_write(sc, 11, rf); 4391 4392 /* Set pll_idoh. */ 4393 run_rt3070_rf_read(sc, 11, &rf); 4394 rf &= ~0x4c; 4395 rf |= (chan <= 14) ? 0x44 : 0x48; 4396 run_rt3070_rf_write(sc, 11, rf); 4397 4398 if (chan <= 14) 4399 rf = txpow1 & 0x1f; 4400 else 4401 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4402 run_rt3070_rf_write(sc, 53, rf); 4403 4404 if (chan <= 14) 4405 rf = txpow2 & 0x1f; 4406 else 4407 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4408 run_rt3070_rf_write(sc, 55, rf); 4409 4410 if (chan <= 14) 4411 rf = txpow3 & 0x1f; 4412 else 4413 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4414 run_rt3070_rf_write(sc, 54, rf); 4415 4416 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4417 if (sc->ntxchains == 3) 4418 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4419 else 4420 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4421 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4422 run_rt3070_rf_write(sc, 1, rf); 4423 4424 run_adjust_freq_offset(sc); 4425 4426 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4427 4428 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4429 run_rt3070_rf_read(sc, 30, &rf); 4430 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4431 run_rt3070_rf_write(sc, 30, rf); 4432 4433 run_rt3070_rf_read(sc, 36, &rf); 4434 if (chan <= 14) 4435 rf |= 0x80; 4436 else 4437 rf &= ~0x80; 4438 run_rt3070_rf_write(sc, 36, rf); 4439 4440 /* Set vcolo_bs. */ 4441 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4442 /* Set pfd_delay. */ 4443 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4444 4445 /* Set vco bias current control. */ 4446 run_rt3070_rf_read(sc, 6, &rf); 4447 rf &= ~0xc0; 4448 if (chan <= 14) 4449 rf |= 0x40; 4450 else if (chan <= 128) 4451 rf |= 0x80; 4452 else 4453 rf |= 0x40; 4454 run_rt3070_rf_write(sc, 6, rf); 4455 4456 run_rt3070_rf_read(sc, 30, &rf); 4457 rf = (rf & ~0x18) | 0x10; 4458 run_rt3070_rf_write(sc, 30, rf); 4459 4460 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4461 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4462 4463 run_rt3070_rf_read(sc, 51, &rf); 4464 rf = (rf & ~0x03) | 0x01; 4465 run_rt3070_rf_write(sc, 51, rf); 4466 /* Set tx_mx1_cc. */ 4467 run_rt3070_rf_read(sc, 51, &rf); 4468 rf &= ~0x1c; 4469 rf |= (chan <= 14) ? 0x14 : 0x10; 4470 run_rt3070_rf_write(sc, 51, rf); 4471 /* Set tx_mx1_ic. */ 4472 run_rt3070_rf_read(sc, 51, &rf); 4473 rf &= ~0xe0; 4474 rf |= (chan <= 14) ? 0x60 : 0x40; 4475 run_rt3070_rf_write(sc, 51, rf); 4476 /* Set tx_lo1_ic. */ 4477 run_rt3070_rf_read(sc, 49, &rf); 4478 rf &= ~0x1c; 4479 rf |= (chan <= 14) ? 0x0c : 0x08; 4480 run_rt3070_rf_write(sc, 49, rf); 4481 /* Set tx_lo1_en. */ 4482 run_rt3070_rf_read(sc, 50, &rf); 4483 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4484 /* Set drv_cc. */ 4485 run_rt3070_rf_read(sc, 57, &rf); 4486 rf &= ~0xfc; 4487 rf |= (chan <= 14) ? 0x6c : 0x3c; 4488 run_rt3070_rf_write(sc, 57, rf); 4489 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4490 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4491 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4492 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4493 /* Enable VCO calibration. */ 4494 run_rt3070_rf_read(sc, 3, &rf); 4495 rf &= ~RT5390_VCOCAL; 4496 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4497 run_rt3070_rf_write(sc, 3, rf); 4498 4499 if (chan <= 14) 4500 rf = 0x23; 4501 else if (chan <= 64) 4502 rf = 0x36; 4503 else if (chan <= 128) 4504 rf = 0x32; 4505 else 4506 rf = 0x30; 4507 run_rt3070_rf_write(sc, 39, rf); 4508 if (chan <= 14) 4509 rf = 0xbb; 4510 else if (chan <= 64) 4511 rf = 0xeb; 4512 else if (chan <= 128) 4513 rf = 0xb3; 4514 else 4515 rf = 0x9b; 4516 run_rt3070_rf_write(sc, 45, rf); 4517 4518 /* Set FEQ/AEQ control. */ 4519 run_bbp_write(sc, 105, 0x34); 4520 } 4521 4522 static void 4523 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4524 { 4525 int8_t txpow1, txpow2; 4526 uint8_t rf; 4527 int i; 4528 4529 /* find the settings for this channel (we know it exists) */ 4530 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4531 4532 /* use Tx power values from EEPROM */ 4533 txpow1 = sc->txpow1[i]; 4534 txpow2 = sc->txpow2[i]; 4535 4536 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4537 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4538 run_rt3070_rf_read(sc, 11, &rf); 4539 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4540 run_rt3070_rf_write(sc, 11, rf); 4541 4542 run_rt3070_rf_read(sc, 49, &rf); 4543 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4544 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4545 if ((rf & 0x3f) > 0x27) 4546 rf = (rf & ~0x3f) | 0x27; 4547 run_rt3070_rf_write(sc, 49, rf); 4548 4549 if (sc->mac_ver == 0x5392) { 4550 run_rt3070_rf_read(sc, 50, &rf); 4551 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4552 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4553 if ((rf & 0x3f) > 0x27) 4554 rf = (rf & ~0x3f) | 0x27; 4555 run_rt3070_rf_write(sc, 50, rf); 4556 } 4557 4558 run_rt3070_rf_read(sc, 1, &rf); 4559 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4560 if (sc->mac_ver == 0x5392) 4561 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4562 run_rt3070_rf_write(sc, 1, rf); 4563 4564 if (sc->mac_ver != 0x5392) { 4565 run_rt3070_rf_read(sc, 2, &rf); 4566 rf |= 0x80; 4567 run_rt3070_rf_write(sc, 2, rf); 4568 run_delay(sc, 10); 4569 rf &= 0x7f; 4570 run_rt3070_rf_write(sc, 2, rf); 4571 } 4572 4573 run_adjust_freq_offset(sc); 4574 4575 if (sc->mac_ver == 0x5392) { 4576 /* Fix for RT5392C. */ 4577 if (sc->mac_rev >= 0x0223) { 4578 if (chan <= 4) 4579 rf = 0x0f; 4580 else if (chan >= 5 && chan <= 7) 4581 rf = 0x0e; 4582 else 4583 rf = 0x0d; 4584 run_rt3070_rf_write(sc, 23, rf); 4585 4586 if (chan <= 4) 4587 rf = 0x0c; 4588 else if (chan == 5) 4589 rf = 0x0b; 4590 else if (chan >= 6 && chan <= 7) 4591 rf = 0x0a; 4592 else if (chan >= 8 && chan <= 10) 4593 rf = 0x09; 4594 else 4595 rf = 0x08; 4596 run_rt3070_rf_write(sc, 59, rf); 4597 } else { 4598 if (chan <= 11) 4599 rf = 0x0f; 4600 else 4601 rf = 0x0b; 4602 run_rt3070_rf_write(sc, 59, rf); 4603 } 4604 } else { 4605 /* Fix for RT5390F. */ 4606 if (sc->mac_rev >= 0x0502) { 4607 if (chan <= 11) 4608 rf = 0x43; 4609 else 4610 rf = 0x23; 4611 run_rt3070_rf_write(sc, 55, rf); 4612 4613 if (chan <= 11) 4614 rf = 0x0f; 4615 else if (chan == 12) 4616 rf = 0x0d; 4617 else 4618 rf = 0x0b; 4619 run_rt3070_rf_write(sc, 59, rf); 4620 } else { 4621 run_rt3070_rf_write(sc, 55, 0x44); 4622 run_rt3070_rf_write(sc, 59, 0x8f); 4623 } 4624 } 4625 4626 /* Enable VCO calibration. */ 4627 run_rt3070_rf_read(sc, 3, &rf); 4628 rf |= RT5390_VCOCAL; 4629 run_rt3070_rf_write(sc, 3, rf); 4630 } 4631 4632 static void 4633 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4634 { 4635 const struct rt5592_freqs *freqs; 4636 uint32_t tmp; 4637 uint8_t reg, rf, txpow_bound; 4638 int8_t txpow1, txpow2; 4639 int i; 4640 4641 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4642 freqs = (tmp & RT5592_SEL_XTAL) ? 4643 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4644 4645 /* find the settings for this channel (we know it exists) */ 4646 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4647 4648 /* use Tx power values from EEPROM */ 4649 txpow1 = sc->txpow1[i]; 4650 txpow2 = sc->txpow2[i]; 4651 4652 run_read(sc, RT3070_LDO_CFG0, &tmp); 4653 tmp &= ~0x1c000000; 4654 if (chan > 14) 4655 tmp |= 0x14000000; 4656 run_write(sc, RT3070_LDO_CFG0, tmp); 4657 4658 /* N setting. */ 4659 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4660 run_rt3070_rf_read(sc, 9, &rf); 4661 rf &= ~(1 << 4); 4662 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4663 run_rt3070_rf_write(sc, 9, rf); 4664 4665 /* K setting. */ 4666 run_rt3070_rf_read(sc, 9, &rf); 4667 rf &= ~0x0f; 4668 rf |= (freqs->k & 0x0f); 4669 run_rt3070_rf_write(sc, 9, rf); 4670 4671 /* Mode setting. */ 4672 run_rt3070_rf_read(sc, 11, &rf); 4673 rf &= ~0x0c; 4674 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4675 run_rt3070_rf_write(sc, 11, rf); 4676 run_rt3070_rf_read(sc, 9, &rf); 4677 rf &= ~(1 << 7); 4678 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4679 run_rt3070_rf_write(sc, 9, rf); 4680 4681 /* R setting. */ 4682 run_rt3070_rf_read(sc, 11, &rf); 4683 rf &= ~0x03; 4684 rf |= (freqs->r - 0x1); 4685 run_rt3070_rf_write(sc, 11, rf); 4686 4687 if (chan <= 14) { 4688 /* Initialize RF registers for 2GHZ. */ 4689 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 4690 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4691 rt5592_2ghz_def_rf[i].val); 4692 } 4693 4694 rf = (chan <= 10) ? 0x07 : 0x06; 4695 run_rt3070_rf_write(sc, 23, rf); 4696 run_rt3070_rf_write(sc, 59, rf); 4697 4698 run_rt3070_rf_write(sc, 55, 0x43); 4699 4700 /* 4701 * RF R49/R50 Tx power ALC code. 4702 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4703 */ 4704 reg = 2; 4705 txpow_bound = 0x27; 4706 } else { 4707 /* Initialize RF registers for 5GHZ. */ 4708 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 4709 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4710 rt5592_5ghz_def_rf[i].val); 4711 } 4712 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 4713 if (chan >= rt5592_chan_5ghz[i].firstchan && 4714 chan <= rt5592_chan_5ghz[i].lastchan) { 4715 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4716 rt5592_chan_5ghz[i].val); 4717 } 4718 } 4719 4720 /* 4721 * RF R49/R50 Tx power ALC code. 4722 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4723 */ 4724 reg = 3; 4725 txpow_bound = 0x2b; 4726 } 4727 4728 /* RF R49 ch0 Tx power ALC code. */ 4729 run_rt3070_rf_read(sc, 49, &rf); 4730 rf &= ~0xc0; 4731 rf |= (reg << 6); 4732 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4733 if ((rf & 0x3f) > txpow_bound) 4734 rf = (rf & ~0x3f) | txpow_bound; 4735 run_rt3070_rf_write(sc, 49, rf); 4736 4737 /* RF R50 ch1 Tx power ALC code. */ 4738 run_rt3070_rf_read(sc, 50, &rf); 4739 rf &= ~(1 << 7 | 1 << 6); 4740 rf |= (reg << 6); 4741 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4742 if ((rf & 0x3f) > txpow_bound) 4743 rf = (rf & ~0x3f) | txpow_bound; 4744 run_rt3070_rf_write(sc, 50, rf); 4745 4746 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4747 run_rt3070_rf_read(sc, 1, &rf); 4748 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4749 if (sc->ntxchains > 1) 4750 rf |= RT3070_TX1_PD; 4751 if (sc->nrxchains > 1) 4752 rf |= RT3070_RX1_PD; 4753 run_rt3070_rf_write(sc, 1, rf); 4754 4755 run_rt3070_rf_write(sc, 6, 0xe4); 4756 4757 run_rt3070_rf_write(sc, 30, 0x10); 4758 run_rt3070_rf_write(sc, 31, 0x80); 4759 run_rt3070_rf_write(sc, 32, 0x80); 4760 4761 run_adjust_freq_offset(sc); 4762 4763 /* Enable VCO calibration. */ 4764 run_rt3070_rf_read(sc, 3, &rf); 4765 rf |= RT5390_VCOCAL; 4766 run_rt3070_rf_write(sc, 3, rf); 4767 } 4768 4769 static void 4770 run_set_rx_antenna(struct run_softc *sc, int aux) 4771 { 4772 uint32_t tmp; 4773 uint8_t bbp152; 4774 4775 if (aux) { 4776 if (sc->rf_rev == RT5390_RF_5370) { 4777 run_bbp_read(sc, 152, &bbp152); 4778 run_bbp_write(sc, 152, bbp152 & ~0x80); 4779 } else { 4780 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4781 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4782 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4783 } 4784 } else { 4785 if (sc->rf_rev == RT5390_RF_5370) { 4786 run_bbp_read(sc, 152, &bbp152); 4787 run_bbp_write(sc, 152, bbp152 | 0x80); 4788 } else { 4789 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4790 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4791 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4792 } 4793 } 4794 } 4795 4796 static int 4797 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4798 { 4799 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4800 u_int chan, group; 4801 4802 chan = ieee80211_chan2ieee(ic, c); 4803 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4804 return (EINVAL); 4805 4806 if (sc->mac_ver == 0x5592) 4807 run_rt5592_set_chan(sc, chan); 4808 else if (sc->mac_ver >= 0x5390) 4809 run_rt5390_set_chan(sc, chan); 4810 else if (sc->mac_ver == 0x3593) 4811 run_rt3593_set_chan(sc, chan); 4812 else if (sc->mac_ver == 0x3572) 4813 run_rt3572_set_chan(sc, chan); 4814 else if (sc->mac_ver >= 0x3070) 4815 run_rt3070_set_chan(sc, chan); 4816 else 4817 run_rt2870_set_chan(sc, chan); 4818 4819 /* determine channel group */ 4820 if (chan <= 14) 4821 group = 0; 4822 else if (chan <= 64) 4823 group = 1; 4824 else if (chan <= 128) 4825 group = 2; 4826 else 4827 group = 3; 4828 4829 /* XXX necessary only when group has changed! */ 4830 run_select_chan_group(sc, group); 4831 4832 run_delay(sc, 10); 4833 4834 /* Perform IQ calibration. */ 4835 if (sc->mac_ver >= 0x5392) 4836 run_iq_calib(sc, chan); 4837 4838 return (0); 4839 } 4840 4841 static void 4842 run_set_channel(struct ieee80211com *ic) 4843 { 4844 struct run_softc *sc = ic->ic_ifp->if_softc; 4845 4846 RUN_LOCK(sc); 4847 run_set_chan(sc, ic->ic_curchan); 4848 RUN_UNLOCK(sc); 4849 4850 return; 4851 } 4852 4853 static void 4854 run_scan_start(struct ieee80211com *ic) 4855 { 4856 struct run_softc *sc = ic->ic_ifp->if_softc; 4857 uint32_t tmp; 4858 4859 RUN_LOCK(sc); 4860 4861 /* abort TSF synchronization */ 4862 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4863 run_write(sc, RT2860_BCN_TIME_CFG, 4864 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4865 RT2860_TBTT_TIMER_EN)); 4866 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4867 4868 RUN_UNLOCK(sc); 4869 4870 return; 4871 } 4872 4873 static void 4874 run_scan_end(struct ieee80211com *ic) 4875 { 4876 struct run_softc *sc = ic->ic_ifp->if_softc; 4877 4878 RUN_LOCK(sc); 4879 4880 run_enable_tsf_sync(sc); 4881 /* XXX keep local copy */ 4882 run_set_bssid(sc, sc->sc_bssid); 4883 4884 RUN_UNLOCK(sc); 4885 4886 return; 4887 } 4888 4889 /* 4890 * Could be called from ieee80211_node_timeout() 4891 * (non-sleepable thread) 4892 */ 4893 static void 4894 run_update_beacon(struct ieee80211vap *vap, int item) 4895 { 4896 struct ieee80211com *ic = vap->iv_ic; 4897 struct run_softc *sc = ic->ic_ifp->if_softc; 4898 struct run_vap *rvp = RUN_VAP(vap); 4899 int mcast = 0; 4900 uint32_t i; 4901 4902 KASSERT(vap != NULL, ("no beacon")); 4903 4904 switch (item) { 4905 case IEEE80211_BEACON_ERP: 4906 run_updateslot(ic); 4907 break; 4908 case IEEE80211_BEACON_HTINFO: 4909 run_updateprot(ic); 4910 break; 4911 case IEEE80211_BEACON_TIM: 4912 mcast = 1; /*TODO*/ 4913 break; 4914 default: 4915 break; 4916 } 4917 4918 setbit(rvp->bo.bo_flags, item); 4919 if (rvp->beacon_mbuf == NULL) { 4920 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4921 &rvp->bo); 4922 if (rvp->beacon_mbuf == NULL) 4923 return; 4924 } 4925 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4926 4927 i = RUN_CMDQ_GET(&sc->cmdq_store); 4928 DPRINTF("cmdq_store=%d\n", i); 4929 sc->cmdq[i].func = run_update_beacon_cb; 4930 sc->cmdq[i].arg0 = vap; 4931 ieee80211_runtask(ic, &sc->cmdq_task); 4932 4933 return; 4934 } 4935 4936 static void 4937 run_update_beacon_cb(void *arg) 4938 { 4939 struct ieee80211vap *vap = arg; 4940 struct run_vap *rvp = RUN_VAP(vap); 4941 struct ieee80211com *ic = vap->iv_ic; 4942 struct run_softc *sc = ic->ic_ifp->if_softc; 4943 struct rt2860_txwi txwi; 4944 struct mbuf *m; 4945 uint16_t txwisize; 4946 uint8_t ridx; 4947 4948 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4949 return; 4950 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4951 return; 4952 4953 /* 4954 * No need to call ieee80211_beacon_update(), run_update_beacon() 4955 * is taking care of apropriate calls. 4956 */ 4957 if (rvp->beacon_mbuf == NULL) { 4958 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4959 &rvp->bo); 4960 if (rvp->beacon_mbuf == NULL) 4961 return; 4962 } 4963 m = rvp->beacon_mbuf; 4964 4965 memset(&txwi, 0, sizeof(txwi)); 4966 txwi.wcid = 0xff; 4967 txwi.len = htole16(m->m_pkthdr.len); 4968 4969 /* send beacons at the lowest available rate */ 4970 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4971 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4972 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4973 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4974 txwi.phy |= htole16(RT2860_PHY_OFDM); 4975 txwi.txop = RT2860_TX_TXOP_HT; 4976 txwi.flags = RT2860_TX_TS; 4977 txwi.xflags = RT2860_TX_NSEQ; 4978 4979 txwisize = (sc->mac_ver == 0x5592) ? 4980 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4981 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4982 txwisize); 4983 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4984 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4985 } 4986 4987 static void 4988 run_updateprot(struct ieee80211com *ic) 4989 { 4990 struct run_softc *sc = ic->ic_ifp->if_softc; 4991 uint32_t i; 4992 4993 i = RUN_CMDQ_GET(&sc->cmdq_store); 4994 DPRINTF("cmdq_store=%d\n", i); 4995 sc->cmdq[i].func = run_updateprot_cb; 4996 sc->cmdq[i].arg0 = ic; 4997 ieee80211_runtask(ic, &sc->cmdq_task); 4998 } 4999 5000 static void 5001 run_updateprot_cb(void *arg) 5002 { 5003 struct ieee80211com *ic = arg; 5004 struct run_softc *sc = ic->ic_ifp->if_softc; 5005 uint32_t tmp; 5006 5007 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 5008 /* setup protection frame rate (MCS code) */ 5009 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 5010 rt2860_rates[RT2860_RIDX_OFDM6].mcs | RT2860_PHY_OFDM : 5011 rt2860_rates[RT2860_RIDX_CCK11].mcs; 5012 5013 /* CCK frames don't require protection */ 5014 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 5015 if (ic->ic_flags & IEEE80211_F_USEPROT) { 5016 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 5017 tmp |= RT2860_PROT_CTRL_RTS_CTS; 5018 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 5019 tmp |= RT2860_PROT_CTRL_CTS; 5020 } 5021 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5022 } 5023 5024 static void 5025 run_usb_timeout_cb(void *arg) 5026 { 5027 struct ieee80211vap *vap = arg; 5028 struct run_softc *sc = vap->iv_ic->ic_ifp->if_softc; 5029 5030 RUN_LOCK_ASSERT(sc, MA_OWNED); 5031 5032 if(vap->iv_state == IEEE80211_S_RUN && 5033 vap->iv_opmode != IEEE80211_M_STA) 5034 run_reset_livelock(sc); 5035 else if (vap->iv_state == IEEE80211_S_SCAN) { 5036 DPRINTF("timeout caused by scan\n"); 5037 /* cancel bgscan */ 5038 ieee80211_cancel_scan(vap); 5039 } else 5040 DPRINTF("timeout by unknown cause\n"); 5041 } 5042 5043 static void 5044 run_reset_livelock(struct run_softc *sc) 5045 { 5046 uint32_t tmp; 5047 5048 RUN_LOCK_ASSERT(sc, MA_OWNED); 5049 5050 /* 5051 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5052 * can run into a livelock and start sending CTS-to-self frames like 5053 * crazy if protection is enabled. Reset MAC/BBP for a while 5054 */ 5055 run_read(sc, RT2860_DEBUG, &tmp); 5056 DPRINTFN(3, "debug reg %08x\n", tmp); 5057 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5058 DPRINTF("CTS-to-self livelock detected\n"); 5059 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5060 run_delay(sc, 1); 5061 run_write(sc, RT2860_MAC_SYS_CTRL, 5062 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5063 } 5064 } 5065 5066 static void 5067 run_update_promisc_locked(struct run_softc *sc) 5068 { 5069 uint32_t tmp; 5070 5071 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5072 5073 tmp |= RT2860_DROP_UC_NOME; 5074 if (sc->sc_ifp->if_flags & IFF_PROMISC) 5075 tmp &= ~RT2860_DROP_UC_NOME; 5076 5077 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5078 5079 DPRINTF("%s promiscuous mode\n", (sc->sc_ifp->if_flags & IFF_PROMISC) ? 5080 "entering" : "leaving"); 5081 } 5082 5083 static void 5084 run_update_promisc(struct ieee80211com *ic) 5085 { 5086 struct run_softc *sc = ic->ic_softc; 5087 5088 if ((ic->ic_ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 5089 return; 5090 5091 RUN_LOCK(sc); 5092 run_update_promisc_locked(sc); 5093 RUN_UNLOCK(sc); 5094 } 5095 5096 static void 5097 run_enable_tsf_sync(struct run_softc *sc) 5098 { 5099 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5100 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5101 uint32_t tmp; 5102 5103 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5104 ic->ic_opmode); 5105 5106 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5107 tmp &= ~0x1fffff; 5108 tmp |= vap->iv_bss->ni_intval * 16; 5109 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5110 5111 if (ic->ic_opmode == IEEE80211_M_STA) { 5112 /* 5113 * Local TSF is always updated with remote TSF on beacon 5114 * reception. 5115 */ 5116 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5117 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5118 tmp |= RT2860_BCN_TX_EN; 5119 /* 5120 * Local TSF is updated with remote TSF on beacon reception 5121 * only if the remote TSF is greater than local TSF. 5122 */ 5123 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5124 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5125 ic->ic_opmode == IEEE80211_M_MBSS) { 5126 tmp |= RT2860_BCN_TX_EN; 5127 /* SYNC with nobody */ 5128 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5129 } else { 5130 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5131 return; 5132 } 5133 5134 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5135 } 5136 5137 static void 5138 run_enable_mrr(struct run_softc *sc) 5139 { 5140 #define CCK(mcs) (mcs) 5141 #define OFDM(mcs) (1 << 3 | (mcs)) 5142 run_write(sc, RT2860_LG_FBK_CFG0, 5143 OFDM(6) << 28 | /* 54->48 */ 5144 OFDM(5) << 24 | /* 48->36 */ 5145 OFDM(4) << 20 | /* 36->24 */ 5146 OFDM(3) << 16 | /* 24->18 */ 5147 OFDM(2) << 12 | /* 18->12 */ 5148 OFDM(1) << 8 | /* 12-> 9 */ 5149 OFDM(0) << 4 | /* 9-> 6 */ 5150 OFDM(0)); /* 6-> 6 */ 5151 5152 run_write(sc, RT2860_LG_FBK_CFG1, 5153 CCK(2) << 12 | /* 11->5.5 */ 5154 CCK(1) << 8 | /* 5.5-> 2 */ 5155 CCK(0) << 4 | /* 2-> 1 */ 5156 CCK(0)); /* 1-> 1 */ 5157 #undef OFDM 5158 #undef CCK 5159 } 5160 5161 static void 5162 run_set_txpreamble(struct run_softc *sc) 5163 { 5164 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5165 uint32_t tmp; 5166 5167 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5168 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5169 tmp |= RT2860_CCK_SHORT_EN; 5170 else 5171 tmp &= ~RT2860_CCK_SHORT_EN; 5172 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5173 } 5174 5175 static void 5176 run_set_basicrates(struct run_softc *sc) 5177 { 5178 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5179 5180 /* set basic rates mask */ 5181 if (ic->ic_curmode == IEEE80211_MODE_11B) 5182 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5183 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5184 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5185 else /* 11g */ 5186 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5187 } 5188 5189 static void 5190 run_set_leds(struct run_softc *sc, uint16_t which) 5191 { 5192 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5193 which | (sc->leds & 0x7f)); 5194 } 5195 5196 static void 5197 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5198 { 5199 run_write(sc, RT2860_MAC_BSSID_DW0, 5200 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5201 run_write(sc, RT2860_MAC_BSSID_DW1, 5202 bssid[4] | bssid[5] << 8); 5203 } 5204 5205 static void 5206 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5207 { 5208 run_write(sc, RT2860_MAC_ADDR_DW0, 5209 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5210 run_write(sc, RT2860_MAC_ADDR_DW1, 5211 addr[4] | addr[5] << 8 | 0xff << 16); 5212 } 5213 5214 static void 5215 run_updateslot(struct ieee80211com *ic) 5216 { 5217 struct run_softc *sc = ic->ic_softc; 5218 uint32_t i; 5219 5220 i = RUN_CMDQ_GET(&sc->cmdq_store); 5221 DPRINTF("cmdq_store=%d\n", i); 5222 sc->cmdq[i].func = run_updateslot_cb; 5223 sc->cmdq[i].arg0 = ic->ic_ifp; 5224 ieee80211_runtask(ic, &sc->cmdq_task); 5225 5226 return; 5227 } 5228 5229 /* ARGSUSED */ 5230 static void 5231 run_updateslot_cb(void *arg) 5232 { 5233 struct ifnet *ifp = arg; 5234 struct run_softc *sc = ifp->if_softc; 5235 struct ieee80211com *ic = ifp->if_l2com; 5236 uint32_t tmp; 5237 5238 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5239 tmp &= ~0xff; 5240 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5241 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5242 } 5243 5244 static void 5245 run_update_mcast(struct ieee80211com *ic) 5246 { 5247 5248 /* h/w filter supports getting everything or nothing */ 5249 ic->ic_ifp->if_flags |= IFF_ALLMULTI; 5250 } 5251 5252 static int8_t 5253 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5254 { 5255 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5256 struct ieee80211_channel *c = ic->ic_curchan; 5257 int delta; 5258 5259 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5260 u_int chan = ieee80211_chan2ieee(ic, c); 5261 delta = sc->rssi_5ghz[rxchain]; 5262 5263 /* determine channel group */ 5264 if (chan <= 64) 5265 delta -= sc->lna[1]; 5266 else if (chan <= 128) 5267 delta -= sc->lna[2]; 5268 else 5269 delta -= sc->lna[3]; 5270 } else 5271 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5272 5273 return (-12 - delta - rssi); 5274 } 5275 5276 static void 5277 run_rt5390_bbp_init(struct run_softc *sc) 5278 { 5279 int i; 5280 uint8_t bbp; 5281 5282 /* Apply maximum likelihood detection for 2 stream case. */ 5283 run_bbp_read(sc, 105, &bbp); 5284 if (sc->nrxchains > 1) 5285 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5286 5287 /* Avoid data lost and CRC error. */ 5288 run_bbp_read(sc, 4, &bbp); 5289 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5290 5291 if (sc->mac_ver == 0x5592) { 5292 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 5293 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5294 rt5592_def_bbp[i].val); 5295 } 5296 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 5297 run_bbp_write(sc, 195, i + 0x80); 5298 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5299 } 5300 } else { 5301 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 5302 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5303 rt5390_def_bbp[i].val); 5304 } 5305 } 5306 if (sc->mac_ver == 0x5392) { 5307 run_bbp_write(sc, 88, 0x90); 5308 run_bbp_write(sc, 95, 0x9a); 5309 run_bbp_write(sc, 98, 0x12); 5310 run_bbp_write(sc, 106, 0x12); 5311 run_bbp_write(sc, 134, 0xd0); 5312 run_bbp_write(sc, 135, 0xf6); 5313 run_bbp_write(sc, 148, 0x84); 5314 } 5315 5316 run_bbp_read(sc, 152, &bbp); 5317 run_bbp_write(sc, 152, bbp | 0x80); 5318 5319 /* Fix BBP254 for RT5592C. */ 5320 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5321 run_bbp_read(sc, 254, &bbp); 5322 run_bbp_write(sc, 254, bbp | 0x80); 5323 } 5324 5325 /* Disable hardware antenna diversity. */ 5326 if (sc->mac_ver == 0x5390) 5327 run_bbp_write(sc, 154, 0); 5328 5329 /* Initialize Rx CCK/OFDM frequency offset report. */ 5330 run_bbp_write(sc, 142, 1); 5331 run_bbp_write(sc, 143, 57); 5332 } 5333 5334 static int 5335 run_bbp_init(struct run_softc *sc) 5336 { 5337 int i, error, ntries; 5338 uint8_t bbp0; 5339 5340 /* wait for BBP to wake up */ 5341 for (ntries = 0; ntries < 20; ntries++) { 5342 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5343 return error; 5344 if (bbp0 != 0 && bbp0 != 0xff) 5345 break; 5346 } 5347 if (ntries == 20) 5348 return (ETIMEDOUT); 5349 5350 /* initialize BBP registers to default values */ 5351 if (sc->mac_ver >= 0x5390) 5352 run_rt5390_bbp_init(sc); 5353 else { 5354 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 5355 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5356 rt2860_def_bbp[i].val); 5357 } 5358 } 5359 5360 if (sc->mac_ver == 0x3593) { 5361 run_bbp_write(sc, 79, 0x13); 5362 run_bbp_write(sc, 80, 0x05); 5363 run_bbp_write(sc, 81, 0x33); 5364 run_bbp_write(sc, 86, 0x46); 5365 run_bbp_write(sc, 137, 0x0f); 5366 } 5367 5368 /* fix BBP84 for RT2860E */ 5369 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5370 run_bbp_write(sc, 84, 0x19); 5371 5372 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5373 sc->mac_ver != 0x5592)) { 5374 run_bbp_write(sc, 79, 0x13); 5375 run_bbp_write(sc, 80, 0x05); 5376 run_bbp_write(sc, 81, 0x33); 5377 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5378 run_bbp_write(sc, 69, 0x16); 5379 run_bbp_write(sc, 73, 0x12); 5380 } 5381 return (0); 5382 } 5383 5384 static int 5385 run_rt3070_rf_init(struct run_softc *sc) 5386 { 5387 uint32_t tmp; 5388 uint8_t bbp4, mingain, rf, target; 5389 int i; 5390 5391 run_rt3070_rf_read(sc, 30, &rf); 5392 /* toggle RF R30 bit 7 */ 5393 run_rt3070_rf_write(sc, 30, rf | 0x80); 5394 run_delay(sc, 10); 5395 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5396 5397 /* initialize RF registers to default value */ 5398 if (sc->mac_ver == 0x3572) { 5399 for (i = 0; i < nitems(rt3572_def_rf); i++) { 5400 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5401 rt3572_def_rf[i].val); 5402 } 5403 } else { 5404 for (i = 0; i < nitems(rt3070_def_rf); i++) { 5405 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5406 rt3070_def_rf[i].val); 5407 } 5408 } 5409 5410 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5411 /* 5412 * Change voltage from 1.2V to 1.35V for RT3070. 5413 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5414 * in RT3070(F). 5415 */ 5416 run_read(sc, RT3070_LDO_CFG0, &tmp); 5417 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5418 run_write(sc, RT3070_LDO_CFG0, tmp); 5419 5420 } else if (sc->mac_ver == 0x3071) { 5421 run_rt3070_rf_read(sc, 6, &rf); 5422 run_rt3070_rf_write(sc, 6, rf | 0x40); 5423 run_rt3070_rf_write(sc, 31, 0x14); 5424 5425 run_read(sc, RT3070_LDO_CFG0, &tmp); 5426 tmp &= ~0x1f000000; 5427 if (sc->mac_rev < 0x0211) 5428 tmp |= 0x0d000000; /* 1.3V */ 5429 else 5430 tmp |= 0x01000000; /* 1.2V */ 5431 run_write(sc, RT3070_LDO_CFG0, tmp); 5432 5433 /* patch LNA_PE_G1 */ 5434 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5435 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5436 5437 } else if (sc->mac_ver == 0x3572) { 5438 run_rt3070_rf_read(sc, 6, &rf); 5439 run_rt3070_rf_write(sc, 6, rf | 0x40); 5440 5441 /* increase voltage from 1.2V to 1.35V */ 5442 run_read(sc, RT3070_LDO_CFG0, &tmp); 5443 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5444 run_write(sc, RT3070_LDO_CFG0, tmp); 5445 5446 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5447 run_delay(sc, 1); /* wait for 1msec */ 5448 /* decrease voltage back to 1.2V */ 5449 tmp = (tmp & ~0x1f000000) | 0x01000000; 5450 run_write(sc, RT3070_LDO_CFG0, tmp); 5451 } 5452 } 5453 5454 /* select 20MHz bandwidth */ 5455 run_rt3070_rf_read(sc, 31, &rf); 5456 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5457 5458 /* calibrate filter for 20MHz bandwidth */ 5459 sc->rf24_20mhz = 0x1f; /* default value */ 5460 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5461 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5462 5463 /* select 40MHz bandwidth */ 5464 run_bbp_read(sc, 4, &bbp4); 5465 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5466 run_rt3070_rf_read(sc, 31, &rf); 5467 run_rt3070_rf_write(sc, 31, rf | 0x20); 5468 5469 /* calibrate filter for 40MHz bandwidth */ 5470 sc->rf24_40mhz = 0x2f; /* default value */ 5471 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5472 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5473 5474 /* go back to 20MHz bandwidth */ 5475 run_bbp_read(sc, 4, &bbp4); 5476 run_bbp_write(sc, 4, bbp4 & ~0x18); 5477 5478 if (sc->mac_ver == 0x3572) { 5479 /* save default BBP registers 25 and 26 values */ 5480 run_bbp_read(sc, 25, &sc->bbp25); 5481 run_bbp_read(sc, 26, &sc->bbp26); 5482 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5483 run_rt3070_rf_write(sc, 27, 0x03); 5484 5485 run_read(sc, RT3070_OPT_14, &tmp); 5486 run_write(sc, RT3070_OPT_14, tmp | 1); 5487 5488 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5489 run_rt3070_rf_read(sc, 17, &rf); 5490 rf &= ~RT3070_TX_LO1; 5491 if ((sc->mac_ver == 0x3070 || 5492 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5493 !sc->ext_2ghz_lna) 5494 rf |= 0x20; /* fix for long range Rx issue */ 5495 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5496 if (sc->txmixgain_2ghz >= mingain) 5497 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5498 run_rt3070_rf_write(sc, 17, rf); 5499 } 5500 5501 if (sc->mac_ver == 0x3071) { 5502 run_rt3070_rf_read(sc, 1, &rf); 5503 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5504 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5505 run_rt3070_rf_write(sc, 1, rf); 5506 5507 run_rt3070_rf_read(sc, 15, &rf); 5508 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5509 5510 run_rt3070_rf_read(sc, 20, &rf); 5511 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5512 5513 run_rt3070_rf_read(sc, 21, &rf); 5514 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5515 } 5516 5517 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5518 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5519 run_rt3070_rf_read(sc, 27, &rf); 5520 rf &= ~0x77; 5521 if (sc->mac_rev < 0x0211) 5522 rf |= 0x03; 5523 run_rt3070_rf_write(sc, 27, rf); 5524 } 5525 return (0); 5526 } 5527 5528 static void 5529 run_rt3593_rf_init(struct run_softc *sc) 5530 { 5531 uint32_t tmp; 5532 uint8_t rf; 5533 int i; 5534 5535 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5536 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5537 tmp &= ~(1 << 4 | 1 << 7); 5538 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5539 5540 /* Initialize RF registers to default value. */ 5541 for (i = 0; i < nitems(rt3593_def_rf); i++) { 5542 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5543 rt3593_def_rf[i].val); 5544 } 5545 5546 /* Toggle RF R2 to initiate calibration. */ 5547 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5548 5549 /* Initialize RF frequency offset. */ 5550 run_adjust_freq_offset(sc); 5551 5552 run_rt3070_rf_read(sc, 18, &rf); 5553 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5554 5555 /* 5556 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5557 * decrease voltage back to 1.2V. 5558 */ 5559 run_read(sc, RT3070_LDO_CFG0, &tmp); 5560 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5561 run_write(sc, RT3070_LDO_CFG0, tmp); 5562 run_delay(sc, 1); 5563 tmp = (tmp & ~0x1f000000) | 0x01000000; 5564 run_write(sc, RT3070_LDO_CFG0, tmp); 5565 5566 sc->rf24_20mhz = 0x1f; 5567 sc->rf24_40mhz = 0x2f; 5568 5569 /* Save default BBP registers 25 and 26 values. */ 5570 run_bbp_read(sc, 25, &sc->bbp25); 5571 run_bbp_read(sc, 26, &sc->bbp26); 5572 5573 run_read(sc, RT3070_OPT_14, &tmp); 5574 run_write(sc, RT3070_OPT_14, tmp | 1); 5575 } 5576 5577 static void 5578 run_rt5390_rf_init(struct run_softc *sc) 5579 { 5580 uint32_t tmp; 5581 uint8_t rf; 5582 int i; 5583 5584 /* Toggle RF R2 to initiate calibration. */ 5585 if (sc->mac_ver == 0x5390) { 5586 run_rt3070_rf_read(sc, 2, &rf); 5587 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5588 run_delay(sc, 10); 5589 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5590 } else { 5591 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5592 run_delay(sc, 10); 5593 } 5594 5595 /* Initialize RF registers to default value. */ 5596 if (sc->mac_ver == 0x5592) { 5597 for (i = 0; i < nitems(rt5592_def_rf); i++) { 5598 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5599 rt5592_def_rf[i].val); 5600 } 5601 /* Initialize RF frequency offset. */ 5602 run_adjust_freq_offset(sc); 5603 } else if (sc->mac_ver == 0x5392) { 5604 for (i = 0; i < nitems(rt5392_def_rf); i++) { 5605 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5606 rt5392_def_rf[i].val); 5607 } 5608 if (sc->mac_rev >= 0x0223) { 5609 run_rt3070_rf_write(sc, 23, 0x0f); 5610 run_rt3070_rf_write(sc, 24, 0x3e); 5611 run_rt3070_rf_write(sc, 51, 0x32); 5612 run_rt3070_rf_write(sc, 53, 0x22); 5613 run_rt3070_rf_write(sc, 56, 0xc1); 5614 run_rt3070_rf_write(sc, 59, 0x0f); 5615 } 5616 } else { 5617 for (i = 0; i < nitems(rt5390_def_rf); i++) { 5618 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5619 rt5390_def_rf[i].val); 5620 } 5621 if (sc->mac_rev >= 0x0502) { 5622 run_rt3070_rf_write(sc, 6, 0xe0); 5623 run_rt3070_rf_write(sc, 25, 0x80); 5624 run_rt3070_rf_write(sc, 46, 0x73); 5625 run_rt3070_rf_write(sc, 53, 0x00); 5626 run_rt3070_rf_write(sc, 56, 0x42); 5627 run_rt3070_rf_write(sc, 61, 0xd1); 5628 } 5629 } 5630 5631 sc->rf24_20mhz = 0x1f; /* default value */ 5632 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5633 5634 if (sc->mac_rev < 0x0211) 5635 run_rt3070_rf_write(sc, 27, 0x3); 5636 5637 run_read(sc, RT3070_OPT_14, &tmp); 5638 run_write(sc, RT3070_OPT_14, tmp | 1); 5639 } 5640 5641 static int 5642 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5643 uint8_t *val) 5644 { 5645 uint8_t rf22, rf24; 5646 uint8_t bbp55_pb, bbp55_sb, delta; 5647 int ntries; 5648 5649 /* program filter */ 5650 run_rt3070_rf_read(sc, 24, &rf24); 5651 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5652 run_rt3070_rf_write(sc, 24, rf24); 5653 5654 /* enable baseband loopback mode */ 5655 run_rt3070_rf_read(sc, 22, &rf22); 5656 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5657 5658 /* set power and frequency of passband test tone */ 5659 run_bbp_write(sc, 24, 0x00); 5660 for (ntries = 0; ntries < 100; ntries++) { 5661 /* transmit test tone */ 5662 run_bbp_write(sc, 25, 0x90); 5663 run_delay(sc, 10); 5664 /* read received power */ 5665 run_bbp_read(sc, 55, &bbp55_pb); 5666 if (bbp55_pb != 0) 5667 break; 5668 } 5669 if (ntries == 100) 5670 return (ETIMEDOUT); 5671 5672 /* set power and frequency of stopband test tone */ 5673 run_bbp_write(sc, 24, 0x06); 5674 for (ntries = 0; ntries < 100; ntries++) { 5675 /* transmit test tone */ 5676 run_bbp_write(sc, 25, 0x90); 5677 run_delay(sc, 10); 5678 /* read received power */ 5679 run_bbp_read(sc, 55, &bbp55_sb); 5680 5681 delta = bbp55_pb - bbp55_sb; 5682 if (delta > target) 5683 break; 5684 5685 /* reprogram filter */ 5686 rf24++; 5687 run_rt3070_rf_write(sc, 24, rf24); 5688 } 5689 if (ntries < 100) { 5690 if (rf24 != init) 5691 rf24--; /* backtrack */ 5692 *val = rf24; 5693 run_rt3070_rf_write(sc, 24, rf24); 5694 } 5695 5696 /* restore initial state */ 5697 run_bbp_write(sc, 24, 0x00); 5698 5699 /* disable baseband loopback mode */ 5700 run_rt3070_rf_read(sc, 22, &rf22); 5701 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5702 5703 return (0); 5704 } 5705 5706 static void 5707 run_rt3070_rf_setup(struct run_softc *sc) 5708 { 5709 uint8_t bbp, rf; 5710 int i; 5711 5712 if (sc->mac_ver == 0x3572) { 5713 /* enable DC filter */ 5714 if (sc->mac_rev >= 0x0201) 5715 run_bbp_write(sc, 103, 0xc0); 5716 5717 run_bbp_read(sc, 138, &bbp); 5718 if (sc->ntxchains == 1) 5719 bbp |= 0x20; /* turn off DAC1 */ 5720 if (sc->nrxchains == 1) 5721 bbp &= ~0x02; /* turn off ADC1 */ 5722 run_bbp_write(sc, 138, bbp); 5723 5724 if (sc->mac_rev >= 0x0211) { 5725 /* improve power consumption */ 5726 run_bbp_read(sc, 31, &bbp); 5727 run_bbp_write(sc, 31, bbp & ~0x03); 5728 } 5729 5730 run_rt3070_rf_read(sc, 16, &rf); 5731 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5732 run_rt3070_rf_write(sc, 16, rf); 5733 5734 } else if (sc->mac_ver == 0x3071) { 5735 if (sc->mac_rev >= 0x0211) { 5736 /* enable DC filter */ 5737 run_bbp_write(sc, 103, 0xc0); 5738 5739 /* improve power consumption */ 5740 run_bbp_read(sc, 31, &bbp); 5741 run_bbp_write(sc, 31, bbp & ~0x03); 5742 } 5743 5744 run_bbp_read(sc, 138, &bbp); 5745 if (sc->ntxchains == 1) 5746 bbp |= 0x20; /* turn off DAC1 */ 5747 if (sc->nrxchains == 1) 5748 bbp &= ~0x02; /* turn off ADC1 */ 5749 run_bbp_write(sc, 138, bbp); 5750 5751 run_write(sc, RT2860_TX_SW_CFG1, 0); 5752 if (sc->mac_rev < 0x0211) { 5753 run_write(sc, RT2860_TX_SW_CFG2, 5754 sc->patch_dac ? 0x2c : 0x0f); 5755 } else 5756 run_write(sc, RT2860_TX_SW_CFG2, 0); 5757 5758 } else if (sc->mac_ver == 0x3070) { 5759 if (sc->mac_rev >= 0x0201) { 5760 /* enable DC filter */ 5761 run_bbp_write(sc, 103, 0xc0); 5762 5763 /* improve power consumption */ 5764 run_bbp_read(sc, 31, &bbp); 5765 run_bbp_write(sc, 31, bbp & ~0x03); 5766 } 5767 5768 if (sc->mac_rev < 0x0201) { 5769 run_write(sc, RT2860_TX_SW_CFG1, 0); 5770 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5771 } else 5772 run_write(sc, RT2860_TX_SW_CFG2, 0); 5773 } 5774 5775 /* initialize RF registers from ROM for >=RT3071*/ 5776 if (sc->mac_ver >= 0x3071) { 5777 for (i = 0; i < 10; i++) { 5778 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5779 continue; 5780 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5781 } 5782 } 5783 } 5784 5785 static void 5786 run_rt3593_rf_setup(struct run_softc *sc) 5787 { 5788 uint8_t bbp, rf; 5789 5790 if (sc->mac_rev >= 0x0211) { 5791 /* Enable DC filter. */ 5792 run_bbp_write(sc, 103, 0xc0); 5793 } 5794 run_write(sc, RT2860_TX_SW_CFG1, 0); 5795 if (sc->mac_rev < 0x0211) { 5796 run_write(sc, RT2860_TX_SW_CFG2, 5797 sc->patch_dac ? 0x2c : 0x0f); 5798 } else 5799 run_write(sc, RT2860_TX_SW_CFG2, 0); 5800 5801 run_rt3070_rf_read(sc, 50, &rf); 5802 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5803 5804 run_rt3070_rf_read(sc, 51, &rf); 5805 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5806 ((sc->txmixgain_2ghz & 0x07) << 2); 5807 run_rt3070_rf_write(sc, 51, rf); 5808 5809 run_rt3070_rf_read(sc, 38, &rf); 5810 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5811 5812 run_rt3070_rf_read(sc, 39, &rf); 5813 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5814 5815 run_rt3070_rf_read(sc, 1, &rf); 5816 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5817 5818 run_rt3070_rf_read(sc, 30, &rf); 5819 rf = (rf & ~0x18) | 0x10; 5820 run_rt3070_rf_write(sc, 30, rf); 5821 5822 /* Apply maximum likelihood detection for 2 stream case. */ 5823 run_bbp_read(sc, 105, &bbp); 5824 if (sc->nrxchains > 1) 5825 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5826 5827 /* Avoid data lost and CRC error. */ 5828 run_bbp_read(sc, 4, &bbp); 5829 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5830 5831 run_bbp_write(sc, 92, 0x02); 5832 run_bbp_write(sc, 82, 0x82); 5833 run_bbp_write(sc, 106, 0x05); 5834 run_bbp_write(sc, 104, 0x92); 5835 run_bbp_write(sc, 88, 0x90); 5836 run_bbp_write(sc, 148, 0xc8); 5837 run_bbp_write(sc, 47, 0x48); 5838 run_bbp_write(sc, 120, 0x50); 5839 5840 run_bbp_write(sc, 163, 0x9d); 5841 5842 /* SNR mapping. */ 5843 run_bbp_write(sc, 142, 0x06); 5844 run_bbp_write(sc, 143, 0xa0); 5845 run_bbp_write(sc, 142, 0x07); 5846 run_bbp_write(sc, 143, 0xa1); 5847 run_bbp_write(sc, 142, 0x08); 5848 run_bbp_write(sc, 143, 0xa2); 5849 5850 run_bbp_write(sc, 31, 0x08); 5851 run_bbp_write(sc, 68, 0x0b); 5852 run_bbp_write(sc, 105, 0x04); 5853 } 5854 5855 static void 5856 run_rt5390_rf_setup(struct run_softc *sc) 5857 { 5858 uint8_t bbp, rf; 5859 5860 if (sc->mac_rev >= 0x0211) { 5861 /* Enable DC filter. */ 5862 run_bbp_write(sc, 103, 0xc0); 5863 5864 if (sc->mac_ver != 0x5592) { 5865 /* Improve power consumption. */ 5866 run_bbp_read(sc, 31, &bbp); 5867 run_bbp_write(sc, 31, bbp & ~0x03); 5868 } 5869 } 5870 5871 run_bbp_read(sc, 138, &bbp); 5872 if (sc->ntxchains == 1) 5873 bbp |= 0x20; /* turn off DAC1 */ 5874 if (sc->nrxchains == 1) 5875 bbp &= ~0x02; /* turn off ADC1 */ 5876 run_bbp_write(sc, 138, bbp); 5877 5878 run_rt3070_rf_read(sc, 38, &rf); 5879 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5880 5881 run_rt3070_rf_read(sc, 39, &rf); 5882 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5883 5884 /* Avoid data lost and CRC error. */ 5885 run_bbp_read(sc, 4, &bbp); 5886 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5887 5888 run_rt3070_rf_read(sc, 30, &rf); 5889 rf = (rf & ~0x18) | 0x10; 5890 run_rt3070_rf_write(sc, 30, rf); 5891 5892 if (sc->mac_ver != 0x5592) { 5893 run_write(sc, RT2860_TX_SW_CFG1, 0); 5894 if (sc->mac_rev < 0x0211) { 5895 run_write(sc, RT2860_TX_SW_CFG2, 5896 sc->patch_dac ? 0x2c : 0x0f); 5897 } else 5898 run_write(sc, RT2860_TX_SW_CFG2, 0); 5899 } 5900 } 5901 5902 static int 5903 run_txrx_enable(struct run_softc *sc) 5904 { 5905 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5906 uint32_t tmp; 5907 int error, ntries; 5908 5909 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5910 for (ntries = 0; ntries < 200; ntries++) { 5911 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5912 return (error); 5913 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5914 break; 5915 run_delay(sc, 50); 5916 } 5917 if (ntries == 200) 5918 return (ETIMEDOUT); 5919 5920 run_delay(sc, 50); 5921 5922 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5923 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5924 5925 /* enable Rx bulk aggregation (set timeout and limit) */ 5926 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5927 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5928 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5929 5930 /* set Rx filter */ 5931 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5932 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5933 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5934 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5935 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5936 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5937 if (ic->ic_opmode == IEEE80211_M_STA) 5938 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5939 } 5940 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5941 5942 run_write(sc, RT2860_MAC_SYS_CTRL, 5943 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5944 5945 return (0); 5946 } 5947 5948 static void 5949 run_adjust_freq_offset(struct run_softc *sc) 5950 { 5951 uint8_t rf, tmp; 5952 5953 run_rt3070_rf_read(sc, 17, &rf); 5954 tmp = rf; 5955 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5956 rf = MIN(rf, 0x5f); 5957 5958 if (tmp != rf) 5959 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5960 } 5961 5962 static void 5963 run_init_locked(struct run_softc *sc) 5964 { 5965 struct ifnet *ifp = sc->sc_ifp; 5966 struct ieee80211com *ic = ifp->if_l2com; 5967 uint32_t tmp; 5968 uint8_t bbp1, bbp3; 5969 int i; 5970 int ridx; 5971 int ntries; 5972 5973 if (ic->ic_nrunning > 1) 5974 return; 5975 5976 run_stop(sc); 5977 5978 if (run_load_microcode(sc) != 0) { 5979 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5980 goto fail; 5981 } 5982 5983 for (ntries = 0; ntries < 100; ntries++) { 5984 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5985 goto fail; 5986 if (tmp != 0 && tmp != 0xffffffff) 5987 break; 5988 run_delay(sc, 10); 5989 } 5990 if (ntries == 100) 5991 goto fail; 5992 5993 for (i = 0; i != RUN_EP_QUEUES; i++) 5994 run_setup_tx_list(sc, &sc->sc_epq[i]); 5995 5996 run_set_macaddr(sc, IF_LLADDR(ifp)); 5997 5998 for (ntries = 0; ntries < 100; ntries++) { 5999 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6000 goto fail; 6001 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6002 break; 6003 run_delay(sc, 10); 6004 } 6005 if (ntries == 100) { 6006 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6007 goto fail; 6008 } 6009 tmp &= 0xff0; 6010 tmp |= RT2860_TX_WB_DDONE; 6011 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6012 6013 /* turn off PME_OEN to solve high-current issue */ 6014 run_read(sc, RT2860_SYS_CTRL, &tmp); 6015 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 6016 6017 run_write(sc, RT2860_MAC_SYS_CTRL, 6018 RT2860_BBP_HRST | RT2860_MAC_SRST); 6019 run_write(sc, RT2860_USB_DMA_CFG, 0); 6020 6021 if (run_reset(sc) != 0) { 6022 device_printf(sc->sc_dev, "could not reset chipset\n"); 6023 goto fail; 6024 } 6025 6026 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6027 6028 /* init Tx power for all Tx rates (from EEPROM) */ 6029 for (ridx = 0; ridx < 5; ridx++) { 6030 if (sc->txpow20mhz[ridx] == 0xffffffff) 6031 continue; 6032 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6033 } 6034 6035 for (i = 0; i < nitems(rt2870_def_mac); i++) 6036 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6037 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6038 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6039 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6040 6041 if (sc->mac_ver >= 0x5390) { 6042 run_write(sc, RT2860_TX_SW_CFG0, 6043 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6044 if (sc->mac_ver >= 0x5392) { 6045 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6046 if (sc->mac_ver == 0x5592) { 6047 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6048 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6049 } else { 6050 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6051 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6052 } 6053 } 6054 } else if (sc->mac_ver == 0x3593) { 6055 run_write(sc, RT2860_TX_SW_CFG0, 6056 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6057 } else if (sc->mac_ver >= 0x3070) { 6058 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6059 run_write(sc, RT2860_TX_SW_CFG0, 6060 4 << RT2860_DLY_PAPE_EN_SHIFT); 6061 } 6062 6063 /* wait while MAC is busy */ 6064 for (ntries = 0; ntries < 100; ntries++) { 6065 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6066 goto fail; 6067 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6068 break; 6069 run_delay(sc, 10); 6070 } 6071 if (ntries == 100) 6072 goto fail; 6073 6074 /* clear Host to MCU mailbox */ 6075 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6076 run_write(sc, RT2860_H2M_MAILBOX, 0); 6077 run_delay(sc, 10); 6078 6079 if (run_bbp_init(sc) != 0) { 6080 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6081 goto fail; 6082 } 6083 6084 /* abort TSF synchronization */ 6085 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6086 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6087 RT2860_TBTT_TIMER_EN); 6088 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6089 6090 /* clear RX WCID search table */ 6091 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6092 /* clear WCID attribute table */ 6093 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6094 6095 /* hostapd sets a key before init. So, don't clear it. */ 6096 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6097 /* clear shared key table */ 6098 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6099 /* clear shared key mode */ 6100 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6101 } 6102 6103 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6104 tmp = (tmp & ~0xff) | 0x1e; 6105 run_write(sc, RT2860_US_CYC_CNT, tmp); 6106 6107 if (sc->mac_rev != 0x0101) 6108 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6109 6110 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6111 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6112 6113 /* write vendor-specific BBP values (from EEPROM) */ 6114 if (sc->mac_ver < 0x3593) { 6115 for (i = 0; i < 10; i++) { 6116 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6117 continue; 6118 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6119 } 6120 } 6121 6122 /* select Main antenna for 1T1R devices */ 6123 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6124 run_set_rx_antenna(sc, 0); 6125 6126 /* send LEDs operating mode to microcontroller */ 6127 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6128 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6129 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6130 6131 if (sc->mac_ver >= 0x5390) 6132 run_rt5390_rf_init(sc); 6133 else if (sc->mac_ver == 0x3593) 6134 run_rt3593_rf_init(sc); 6135 else if (sc->mac_ver >= 0x3070) 6136 run_rt3070_rf_init(sc); 6137 6138 /* disable non-existing Rx chains */ 6139 run_bbp_read(sc, 3, &bbp3); 6140 bbp3 &= ~(1 << 3 | 1 << 4); 6141 if (sc->nrxchains == 2) 6142 bbp3 |= 1 << 3; 6143 else if (sc->nrxchains == 3) 6144 bbp3 |= 1 << 4; 6145 run_bbp_write(sc, 3, bbp3); 6146 6147 /* disable non-existing Tx chains */ 6148 run_bbp_read(sc, 1, &bbp1); 6149 if (sc->ntxchains == 1) 6150 bbp1 &= ~(1 << 3 | 1 << 4); 6151 run_bbp_write(sc, 1, bbp1); 6152 6153 if (sc->mac_ver >= 0x5390) 6154 run_rt5390_rf_setup(sc); 6155 else if (sc->mac_ver == 0x3593) 6156 run_rt3593_rf_setup(sc); 6157 else if (sc->mac_ver >= 0x3070) 6158 run_rt3070_rf_setup(sc); 6159 6160 /* select default channel */ 6161 run_set_chan(sc, ic->ic_curchan); 6162 6163 /* setup initial protection mode */ 6164 run_updateprot_cb(ic); 6165 6166 /* turn radio LED on */ 6167 run_set_leds(sc, RT2860_LED_RADIO); 6168 6169 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 6170 ifp->if_drv_flags |= IFF_DRV_RUNNING; 6171 sc->cmdq_run = RUN_CMDQ_GO; 6172 6173 for (i = 0; i != RUN_N_XFER; i++) 6174 usbd_xfer_set_stall(sc->sc_xfer[i]); 6175 6176 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6177 6178 if (run_txrx_enable(sc) != 0) 6179 goto fail; 6180 6181 return; 6182 6183 fail: 6184 run_stop(sc); 6185 } 6186 6187 static void 6188 run_init(void *arg) 6189 { 6190 struct run_softc *sc = arg; 6191 struct ifnet *ifp = sc->sc_ifp; 6192 struct ieee80211com *ic = ifp->if_l2com; 6193 6194 RUN_LOCK(sc); 6195 run_init_locked(sc); 6196 RUN_UNLOCK(sc); 6197 6198 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6199 ieee80211_start_all(ic); 6200 } 6201 6202 static void 6203 run_stop(void *arg) 6204 { 6205 struct run_softc *sc = (struct run_softc *)arg; 6206 struct ifnet *ifp = sc->sc_ifp; 6207 uint32_t tmp; 6208 int i; 6209 int ntries; 6210 6211 RUN_LOCK_ASSERT(sc, MA_OWNED); 6212 6213 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6214 run_set_leds(sc, 0); /* turn all LEDs off */ 6215 6216 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 6217 6218 sc->ratectl_run = RUN_RATECTL_OFF; 6219 sc->cmdq_run = sc->cmdq_key_set; 6220 6221 RUN_UNLOCK(sc); 6222 6223 for(i = 0; i < RUN_N_XFER; i++) 6224 usbd_transfer_drain(sc->sc_xfer[i]); 6225 6226 RUN_LOCK(sc); 6227 6228 if (sc->rx_m != NULL) { 6229 m_free(sc->rx_m); 6230 sc->rx_m = NULL; 6231 } 6232 6233 /* Disable Tx/Rx DMA. */ 6234 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6235 return; 6236 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6237 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6238 6239 for (ntries = 0; ntries < 100; ntries++) { 6240 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6241 return; 6242 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6243 break; 6244 run_delay(sc, 10); 6245 } 6246 if (ntries == 100) { 6247 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6248 return; 6249 } 6250 6251 /* disable Tx/Rx */ 6252 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6253 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6254 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6255 6256 /* wait for pending Tx to complete */ 6257 for (ntries = 0; ntries < 100; ntries++) { 6258 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6259 DPRINTF("Cannot read Tx queue count\n"); 6260 break; 6261 } 6262 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6263 DPRINTF("All Tx cleared\n"); 6264 break; 6265 } 6266 run_delay(sc, 10); 6267 } 6268 if (ntries >= 100) 6269 DPRINTF("There are still pending Tx\n"); 6270 run_delay(sc, 10); 6271 run_write(sc, RT2860_USB_DMA_CFG, 0); 6272 6273 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6274 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6275 6276 for (i = 0; i != RUN_EP_QUEUES; i++) 6277 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6278 } 6279 6280 static void 6281 run_delay(struct run_softc *sc, u_int ms) 6282 { 6283 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ? 6284 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms)); 6285 } 6286 6287 static device_method_t run_methods[] = { 6288 /* Device interface */ 6289 DEVMETHOD(device_probe, run_match), 6290 DEVMETHOD(device_attach, run_attach), 6291 DEVMETHOD(device_detach, run_detach), 6292 DEVMETHOD_END 6293 }; 6294 6295 static driver_t run_driver = { 6296 .name = "run", 6297 .methods = run_methods, 6298 .size = sizeof(struct run_softc) 6299 }; 6300 6301 static devclass_t run_devclass; 6302 6303 DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6304 MODULE_DEPEND(run, wlan, 1, 1, 1); 6305 MODULE_DEPEND(run, usb, 1, 1, 1); 6306 MODULE_DEPEND(run, firmware, 1, 1, 1); 6307 MODULE_VERSION(run, 1); 6308