1 /* $OpenBSD: if_run.c,v 1.140 2024/05/23 03:21:08 jsg Exp $ */
2
3 /*-
4 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr>
5 * Copyright (c) 2013-2014 Kevin Lo
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 /*-
21 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver.
22 * http://www.ralinktech.com/
23 */
24
25 #include "bpfilter.h"
26
27 #include <sys/param.h>
28 #include <sys/sockio.h>
29 #include <sys/mbuf.h>
30 #include <sys/systm.h>
31 #include <sys/timeout.h>
32 #include <sys/device.h>
33 #include <sys/endian.h>
34
35 #include <machine/intr.h>
36
37 #if NBPFILTER > 0
38 #include <net/bpf.h>
39 #endif
40 #include <net/if.h>
41 #include <net/if_dl.h>
42 #include <net/if_media.h>
43
44 #include <netinet/in.h>
45 #include <netinet/if_ether.h>
46
47 #include <net80211/ieee80211_var.h>
48 #include <net80211/ieee80211_amrr.h>
49 #include <net80211/ieee80211_radiotap.h>
50
51 #include <dev/usb/usb.h>
52 #include <dev/usb/usbdi.h>
53 #include <dev/usb/usbdi_util.h>
54 #include <dev/usb/usbdevs.h>
55
56 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */
57 #include <dev/usb/if_runvar.h>
58
59 #ifdef RUN_DEBUG
60 #define DPRINTF(x) do { if (run_debug) printf x; } while (0)
61 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0)
62 int run_debug = 0;
63 #else
64 #define DPRINTF(x)
65 #define DPRINTFN(n, x)
66 #endif
67
68 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }
69 static const struct usb_devno run_devs[] = {
70 USB_ID(ABOCOM, RT2770),
71 USB_ID(ABOCOM, RT2870),
72 USB_ID(ABOCOM, RT3070),
73 USB_ID(ABOCOM, RT3071),
74 USB_ID(ABOCOM, RT3072),
75 USB_ID(ABOCOM2, RT2870_1),
76 USB_ID(ACCTON, RT2770),
77 USB_ID(ACCTON, RT2870_1),
78 USB_ID(ACCTON, RT2870_2),
79 USB_ID(ACCTON, RT2870_3),
80 USB_ID(ACCTON, RT2870_4),
81 USB_ID(ACCTON, RT2870_5),
82 USB_ID(ACCTON, RT3070),
83 USB_ID(ACCTON, RT3070_1),
84 USB_ID(ACCTON, RT3070_2),
85 USB_ID(ACCTON, RT3070_3),
86 USB_ID(ACCTON, RT3070_4),
87 USB_ID(ACCTON, RT3070_5),
88 USB_ID(ACCTON, RT3070_6),
89 USB_ID(AIRTIES, RT3070),
90 USB_ID(AIRTIES, RT3070_2),
91 USB_ID(ALLWIN, RT2070),
92 USB_ID(ALLWIN, RT2770),
93 USB_ID(ALLWIN, RT2870),
94 USB_ID(ALLWIN, RT3070),
95 USB_ID(ALLWIN, RT3071),
96 USB_ID(ALLWIN, RT3072),
97 USB_ID(ALLWIN, RT3572),
98 USB_ID(AMIGO, RT2870_1),
99 USB_ID(AMIGO, RT2870_2),
100 USB_ID(AMIT, CGWLUSB2GNR),
101 USB_ID(AMIT, RT2870_1),
102 USB_ID(AMIT2, RT2870),
103 USB_ID(ASUS, RT2870_1),
104 USB_ID(ASUS, RT2870_2),
105 USB_ID(ASUS, RT2870_3),
106 USB_ID(ASUS, RT2870_4),
107 USB_ID(ASUS, RT2870_5),
108 USB_ID(ASUS, RT3070_1),
109 USB_ID(ASUS, USBN13),
110 USB_ID(ASUS, USBN53),
111 USB_ID(ASUS, USBN66),
112 USB_ID(ASUS2, USBN11),
113 USB_ID(AZUREWAVE, RT2870_1),
114 USB_ID(AZUREWAVE, RT2870_2),
115 USB_ID(AZUREWAVE, RT3070_1),
116 USB_ID(AZUREWAVE, RT3070_2),
117 USB_ID(AZUREWAVE, RT3070_3),
118 USB_ID(AZUREWAVE, RT3070_4),
119 USB_ID(AZUREWAVE, RT3070_5),
120 USB_ID(BELKIN, F9L1103),
121 USB_ID(BELKIN, F5D8053V3),
122 USB_ID(BELKIN, F5D8055),
123 USB_ID(BELKIN, F5D8055V2),
124 USB_ID(BELKIN, F6D4050V1),
125 USB_ID(BELKIN, F6D4050V2),
126 USB_ID(BELKIN, F7D1101V2),
127 USB_ID(BELKIN, RT2870_1),
128 USB_ID(BELKIN, RT2870_2),
129 USB_ID(BEWAN, RT3070),
130 USB_ID(CISCOLINKSYS, AE1000),
131 USB_ID(CISCOLINKSYS, AM10),
132 USB_ID(CISCOLINKSYS2, RT3070),
133 USB_ID(CISCOLINKSYS3, RT3070),
134 USB_ID(CONCEPTRONIC2, RT2870_1),
135 USB_ID(CONCEPTRONIC2, RT2870_2),
136 USB_ID(CONCEPTRONIC2, RT2870_3),
137 USB_ID(CONCEPTRONIC2, RT2870_5),
138 USB_ID(CONCEPTRONIC2, RT2870_6),
139 USB_ID(CONCEPTRONIC2, RT2870_7),
140 USB_ID(CONCEPTRONIC2, RT2870_8),
141 USB_ID(CONCEPTRONIC2, RT3070_1),
142 USB_ID(CONCEPTRONIC2, RT3070_2),
143 USB_ID(CONCEPTRONIC2, RT3070_3),
144 USB_ID(CONCEPTRONIC2, VIGORN61),
145 USB_ID(COREGA, CGWLUSB300GNM),
146 USB_ID(COREGA, RT2870_1),
147 USB_ID(COREGA, RT2870_2),
148 USB_ID(COREGA, RT2870_3),
149 USB_ID(COREGA, RT3070),
150 USB_ID(CYBERTAN, RT2870),
151 USB_ID(DLINK, DWA125B2),
152 USB_ID(DLINK, DWA127),
153 USB_ID(DLINK, DWA130F1),
154 USB_ID(DLINK, DWA137A1),
155 USB_ID(DLINK, DWA140B3),
156 USB_ID(DLINK, DWA140D1),
157 USB_ID(DLINK, DWA160B2),
158 USB_ID(DLINK, DWA162),
159 USB_ID(DLINK, RT2870),
160 USB_ID(DLINK, RT3072),
161 USB_ID(DLINK2, DWA130),
162 USB_ID(DLINK2, RT2870_1),
163 USB_ID(DLINK2, RT2870_2),
164 USB_ID(DLINK2, RT3070_1),
165 USB_ID(DLINK2, RT3070_2),
166 USB_ID(DLINK2, RT3070_3),
167 USB_ID(DLINK2, RT3070_4),
168 USB_ID(DLINK2, RT3070_5),
169 USB_ID(DLINK2, RT3072),
170 USB_ID(DLINK2, RT3072_1),
171 USB_ID(DVICO, RT3070),
172 USB_ID(EDIMAX, EW7717),
173 USB_ID(EDIMAX, EW7718),
174 USB_ID(EDIMAX, EW7722UTN),
175 USB_ID(EDIMAX, RT2870_1),
176 USB_ID(ENCORE, RT3070_1),
177 USB_ID(ENCORE, RT3070_2),
178 USB_ID(ENCORE, RT3070_3),
179 USB_ID(GIGABYTE, GNWB31N),
180 USB_ID(GIGABYTE, GNWB32L),
181 USB_ID(GIGABYTE, RT2870_1),
182 USB_ID(GIGASET, RT3070_1),
183 USB_ID(GIGASET, RT3070_2),
184 USB_ID(GUILLEMOT, HWNU300),
185 USB_ID(HAWKING, HWDN2),
186 USB_ID(HAWKING, HWUN2),
187 USB_ID(HAWKING, RT2870_1),
188 USB_ID(HAWKING, RT2870_2),
189 USB_ID(HAWKING, RT2870_3),
190 USB_ID(HAWKING, RT2870_4),
191 USB_ID(HAWKING, RT2870_5),
192 USB_ID(IODATA, RT3072_1),
193 USB_ID(IODATA, RT3072_2),
194 USB_ID(IODATA, RT3072_3),
195 USB_ID(IODATA, RT3072_4),
196 USB_ID(LINKSYS4, RT3070),
197 USB_ID(LINKSYS4, WUSB100),
198 USB_ID(LINKSYS4, WUSB54GCV3),
199 USB_ID(LINKSYS4, WUSB600N),
200 USB_ID(LINKSYS4, WUSB600NV2),
201 USB_ID(LOGITEC, LANW150NU2),
202 USB_ID(LOGITEC, LANW300NU2),
203 USB_ID(LOGITEC, LANW300NU2S),
204 USB_ID(LOGITEC, RT2870_1),
205 USB_ID(LOGITEC, RT2870_2),
206 USB_ID(LOGITEC, RT2870_3),
207 USB_ID(MELCO, RT2870_1),
208 USB_ID(MELCO, RT2870_2),
209 USB_ID(MELCO, WLIUCAG300N),
210 USB_ID(MELCO, WLIUCG300N),
211 USB_ID(MELCO, WLIUCG301N),
212 USB_ID(MELCO, WLIUCGN),
213 USB_ID(MELCO, WLIUCGNHP),
214 USB_ID(MELCO, WLIUCGNM),
215 USB_ID(MELCO, WLIUCGNM2),
216 USB_ID(MOTOROLA4, RT2770),
217 USB_ID(MOTOROLA4, RT3070),
218 USB_ID(MSI, RT3070_1),
219 USB_ID(MSI, RT3070_2),
220 USB_ID(MSI, RT3070_3),
221 USB_ID(MSI, RT3070_4),
222 USB_ID(MSI, RT3070_5),
223 USB_ID(MSI, RT3070_6),
224 USB_ID(MSI, RT3070_7),
225 USB_ID(MSI, RT3070_8),
226 USB_ID(MSI, RT3070_9),
227 USB_ID(MSI, RT3070_10),
228 USB_ID(MSI, RT3070_11),
229 USB_ID(MSI, RT3070_12),
230 USB_ID(MSI, RT3070_13),
231 USB_ID(MSI, RT3070_14),
232 USB_ID(MSI, RT3070_15),
233 USB_ID(OVISLINK, RT3071),
234 USB_ID(OVISLINK, RT3072),
235 USB_ID(PARA, RT3070),
236 USB_ID(PEGATRON, RT2870),
237 USB_ID(PEGATRON, RT3070),
238 USB_ID(PEGATRON, RT3070_2),
239 USB_ID(PEGATRON, RT3070_3),
240 USB_ID(PEGATRON, RT3072),
241 USB_ID(PHILIPS, RT2870),
242 USB_ID(PLANEX2, GWUS300MINIS),
243 USB_ID(PLANEX2, GWUSMICRO300),
244 USB_ID(PLANEX2, GWUSMICRON),
245 USB_ID(PLANEX2, RT2870),
246 USB_ID(PLANEX2, RT3070),
247 USB_ID(QCOM, RT2870),
248 USB_ID(QUANTA, RT3070),
249 USB_ID(RALINK, RT2070),
250 USB_ID(RALINK, RT2770),
251 USB_ID(RALINK, RT2870),
252 USB_ID(RALINK, RT3070),
253 USB_ID(RALINK, RT3071),
254 USB_ID(RALINK, RT3072),
255 USB_ID(RALINK, RT3370),
256 USB_ID(RALINK, RT3572),
257 USB_ID(RALINK, RT3573),
258 USB_ID(RALINK, RT5370),
259 USB_ID(RALINK, RT5372),
260 USB_ID(RALINK, RT5572),
261 USB_ID(RALINK, RT8070),
262 USB_ID(SAMSUNG, WIS09ABGN),
263 USB_ID(SAMSUNG2, RT2870_1),
264 USB_ID(SENAO, RT2870_1),
265 USB_ID(SENAO, RT2870_2),
266 USB_ID(SENAO, RT2870_3),
267 USB_ID(SENAO, RT2870_4),
268 USB_ID(SENAO, RT3070),
269 USB_ID(SENAO, RT3071),
270 USB_ID(SENAO, RT3072_1),
271 USB_ID(SENAO, RT3072_2),
272 USB_ID(SENAO, RT3072_3),
273 USB_ID(SENAO, RT3072_4),
274 USB_ID(SENAO, RT3072_5),
275 USB_ID(SITECOMEU, WL302),
276 USB_ID(SITECOMEU, WL315),
277 USB_ID(SITECOMEU, WL321),
278 USB_ID(SITECOMEU, RT3070_3),
279 USB_ID(SITECOMEU, WL302),
280 USB_ID(SITECOMEU, WL344),
281 USB_ID(SITECOMEU, WL329),
282 USB_ID(SITECOMEU, WL345),
283 USB_ID(SITECOMEU, RT2870_1),
284 USB_ID(SITECOMEU, RT2870_2),
285 USB_ID(SITECOMEU, RT2870_3),
286 USB_ID(SITECOMEU, RT3070_1),
287 USB_ID(SITECOMEU, RT3072_3),
288 USB_ID(SITECOMEU, RT3072_4),
289 USB_ID(SITECOMEU, RT3072_5),
290 USB_ID(SITECOMEU, RT3072_6),
291 USB_ID(SITECOMEU, WL302),
292 USB_ID(SITECOMEU, WL315),
293 USB_ID(SITECOMEU, WL321),
294 USB_ID(SITECOMEU, WL324),
295 USB_ID(SITECOMEU, WL329),
296 USB_ID(SITECOMEU, WL343),
297 USB_ID(SITECOMEU, WL344),
298 USB_ID(SITECOMEU, WL345),
299 USB_ID(SITECOMEU, WL349V4),
300 USB_ID(SITECOMEU, WL608),
301 USB_ID(SITECOMEU, WLA4000),
302 USB_ID(SITECOMEU, WLA5000),
303 USB_ID(SPARKLAN, RT2870_1),
304 USB_ID(SPARKLAN, RT2870_2),
305 USB_ID(SPARKLAN, RT3070),
306 USB_ID(SWEEX2, LW153),
307 USB_ID(SWEEX2, LW303),
308 USB_ID(SWEEX2, LW313),
309 USB_ID(TOSHIBA, RT3070),
310 USB_ID(UMEDIA, RT2870_1),
311 USB_ID(UMEDIA, TEW645UB),
312 USB_ID(ZCOM, RT2870_1),
313 USB_ID(ZCOM, RT2870_2),
314 USB_ID(ZINWELL, RT2870_1),
315 USB_ID(ZINWELL, RT2870_2),
316 USB_ID(ZINWELL, RT3070),
317 USB_ID(ZINWELL, RT3072_1),
318 USB_ID(ZINWELL, RT3072_2),
319 USB_ID(ZYXEL, NWD2105),
320 USB_ID(ZYXEL, NWD211AN),
321 USB_ID(ZYXEL, RT2870_1),
322 USB_ID(ZYXEL, RT2870_2),
323 USB_ID(ZYXEL, RT3070)
324 };
325
326 int run_match(struct device *, void *, void *);
327 void run_attach(struct device *, struct device *, void *);
328 int run_detach(struct device *, int);
329 int run_alloc_rx_ring(struct run_softc *);
330 void run_free_rx_ring(struct run_softc *);
331 int run_alloc_tx_ring(struct run_softc *, int);
332 void run_free_tx_ring(struct run_softc *, int);
333 int run_load_microcode(struct run_softc *);
334 int run_reset(struct run_softc *);
335 int run_read(struct run_softc *, uint16_t, uint32_t *);
336 int run_read_region_1(struct run_softc *, uint16_t, uint8_t *,
337 int);
338 int run_write_2(struct run_softc *, uint16_t, uint16_t);
339 int run_write(struct run_softc *, uint16_t, uint32_t);
340 int run_write_region_1(struct run_softc *, uint16_t,
341 const uint8_t *, int);
342 int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int);
343 int run_efuse_read(struct run_softc *, uint16_t, uint16_t *);
344 int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *);
345 int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *);
346 int run_rt2870_rf_write(struct run_softc *, uint8_t, uint32_t);
347 int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *);
348 int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t);
349 int run_bbp_read(struct run_softc *, uint8_t, uint8_t *);
350 int run_bbp_write(struct run_softc *, uint8_t, uint8_t);
351 int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t);
352 const char * run_get_rf(int);
353 void run_get_txpower(struct run_softc *);
354 void run_rt3593_get_txpower(struct run_softc *);
355 int run_read_eeprom(struct run_softc *);
356 struct ieee80211_node *run_node_alloc(struct ieee80211com *);
357 int run_media_change(struct ifnet *);
358 void run_next_scan(void *);
359 void run_task(void *);
360 void run_do_async(struct run_softc *, void (*)(struct run_softc *,
361 void *), void *, int);
362 int run_newstate(struct ieee80211com *, enum ieee80211_state, int);
363 void run_newstate_cb(struct run_softc *, void *);
364 void run_updateedca(struct ieee80211com *);
365 void run_updateedca_cb(struct run_softc *, void *);
366 int run_set_key(struct ieee80211com *, struct ieee80211_node *,
367 struct ieee80211_key *);
368 void run_set_key_cb(struct run_softc *, void *);
369 void run_delete_key(struct ieee80211com *, struct ieee80211_node *,
370 struct ieee80211_key *);
371 void run_delete_key_cb(struct run_softc *, void *);
372 void run_calibrate_to(void *);
373 void run_calibrate_cb(struct run_softc *, void *);
374 void run_newassoc(struct ieee80211com *, struct ieee80211_node *,
375 int);
376 void run_rx_frame(struct run_softc *, uint8_t *, int,
377 struct mbuf_list *);
378 void run_rxeof(struct usbd_xfer *, void *, usbd_status);
379 void run_txeof(struct usbd_xfer *, void *, usbd_status);
380 int run_tx(struct run_softc *, struct mbuf *,
381 struct ieee80211_node *);
382 void run_start(struct ifnet *);
383 void run_watchdog(struct ifnet *);
384 int run_ioctl(struct ifnet *, u_long, caddr_t);
385 void run_iq_calib(struct run_softc *, u_int);
386 void run_select_chan_group(struct run_softc *, int);
387 void run_set_agc(struct run_softc *, uint8_t);
388 void run_set_rx_antenna(struct run_softc *, int);
389 void run_rt2870_set_chan(struct run_softc *, u_int);
390 void run_rt3070_set_chan(struct run_softc *, u_int);
391 void run_rt3572_set_chan(struct run_softc *, u_int);
392 void run_rt3593_set_chan(struct run_softc *, u_int);
393 void run_rt5390_set_chan(struct run_softc *, u_int);
394 void run_rt5592_set_chan(struct run_softc *, u_int);
395 int run_set_chan(struct run_softc *, struct ieee80211_channel *);
396 void run_enable_tsf_sync(struct run_softc *);
397 void run_enable_mrr(struct run_softc *);
398 void run_set_txpreamble(struct run_softc *);
399 void run_set_basicrates(struct run_softc *);
400 void run_set_leds(struct run_softc *, uint16_t);
401 void run_set_bssid(struct run_softc *, const uint8_t *);
402 void run_set_macaddr(struct run_softc *, const uint8_t *);
403 void run_updateslot(struct ieee80211com *);
404 void run_updateslot_cb(struct run_softc *, void *);
405 #if NBPFILTER > 0
406 int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t);
407 #endif
408 void run_rt5390_bbp_init(struct run_softc *);
409 int run_bbp_init(struct run_softc *);
410 int run_rt3070_rf_init(struct run_softc *);
411 void run_rt3593_rf_init(struct run_softc *);
412 void run_rt5390_rf_init(struct run_softc *);
413 int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t,
414 uint8_t *);
415 void run_rt3070_rf_setup(struct run_softc *);
416 void run_rt3593_rf_setup(struct run_softc *);
417 void run_rt5390_rf_setup(struct run_softc *);
418 int run_txrx_enable(struct run_softc *);
419 void run_adjust_freq_offset(struct run_softc *);
420 int run_init(struct ifnet *);
421 void run_stop(struct ifnet *, int);
422
423 struct cfdriver run_cd = {
424 NULL, "run", DV_IFNET
425 };
426
427 const struct cfattach run_ca = {
428 sizeof (struct run_softc), run_match, run_attach, run_detach
429 };
430
431 static const struct {
432 uint32_t reg;
433 uint32_t val;
434 } rt2870_def_mac[] = {
435 RT2870_DEF_MAC
436 };
437
438 static const struct {
439 uint8_t reg;
440 uint8_t val;
441 } rt2860_def_bbp[] = {
442 RT2860_DEF_BBP
443 },rt5390_def_bbp[] = {
444 RT5390_DEF_BBP
445 },rt5592_def_bbp[] = {
446 RT5592_DEF_BBP
447 };
448
449 /*
450 * Default values for BBP register R196 for RT5592.
451 */
452 static const uint8_t rt5592_bbp_r196[] = {
453 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00,
454 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36,
455 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40,
456 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41,
457 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16,
458 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00,
459 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
460 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c,
461 0x2e, 0x36, 0x30, 0x6e
462 };
463
464 static const struct rfprog {
465 uint8_t chan;
466 uint32_t r1, r2, r3, r4;
467 } rt2860_rf2850[] = {
468 RT2860_RF2850
469 };
470
471 struct {
472 uint8_t n, r, k;
473 } rt3070_freqs[] = {
474 RT3070_RF3052
475 };
476
477 static const struct rt5592_freqs {
478 uint16_t n;
479 uint8_t k, m, r;
480 } rt5592_freqs_20mhz[] = {
481 RT5592_RF5592_20MHZ
482 },rt5592_freqs_40mhz[] = {
483 RT5592_RF5592_40MHZ
484 };
485
486 static const struct {
487 uint8_t reg;
488 uint8_t val;
489 } rt3070_def_rf[] = {
490 RT3070_DEF_RF
491 },rt3572_def_rf[] = {
492 RT3572_DEF_RF
493 },rt3593_def_rf[] = {
494 RT3593_DEF_RF
495 },rt5390_def_rf[] = {
496 RT5390_DEF_RF
497 },rt5392_def_rf[] = {
498 RT5392_DEF_RF
499 },rt5592_def_rf[] = {
500 RT5592_DEF_RF
501 },rt5592_2ghz_def_rf[] = {
502 RT5592_2GHZ_DEF_RF
503 },rt5592_5ghz_def_rf[] = {
504 RT5592_5GHZ_DEF_RF
505 };
506
507 static const struct {
508 u_int firstchan;
509 u_int lastchan;
510 uint8_t reg;
511 uint8_t val;
512 } rt5592_chan_5ghz[] = {
513 RT5592_CHAN_5GHZ
514 };
515
516 int
run_match(struct device * parent,void * match,void * aux)517 run_match(struct device *parent, void *match, void *aux)
518 {
519 struct usb_attach_arg *uaa = aux;
520
521 if (uaa->iface == NULL || uaa->configno != 1)
522 return UMATCH_NONE;
523
524 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ?
525 UMATCH_VENDOR_PRODUCT_CONF_IFACE : UMATCH_NONE;
526 }
527
528 void
run_attach(struct device * parent,struct device * self,void * aux)529 run_attach(struct device *parent, struct device *self, void *aux)
530 {
531 struct run_softc *sc = (struct run_softc *)self;
532 struct usb_attach_arg *uaa = aux;
533 struct ieee80211com *ic = &sc->sc_ic;
534 struct ifnet *ifp = &ic->ic_if;
535 usb_interface_descriptor_t *id;
536 usb_endpoint_descriptor_t *ed;
537 int i, nrx, ntx, ntries;
538 uint32_t ver;
539
540 sc->sc_udev = uaa->device;
541 sc->sc_iface = uaa->iface;
542
543 /*
544 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX
545 * and 6 for TX (4 EDCAs + HCCA + Prio).
546 * Update 03-14-2009: some devices like the Planex GW-US300MiniS
547 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki).
548 */
549 nrx = ntx = 0;
550 id = usbd_get_interface_descriptor(sc->sc_iface);
551 for (i = 0; i < id->bNumEndpoints; i++) {
552 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i);
553 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK)
554 continue;
555
556 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) {
557 sc->rxq.pipe_no = ed->bEndpointAddress;
558 nrx++;
559 } else if (ntx < 4) {
560 sc->txq[ntx].pipe_no = ed->bEndpointAddress;
561 ntx++;
562 }
563 }
564 /* make sure we've got them all */
565 if (nrx < 1 || ntx < 4) {
566 printf("%s: missing endpoint\n", sc->sc_dev.dv_xname);
567 return;
568 }
569
570 usb_init_task(&sc->sc_task, run_task, sc, USB_TASK_TYPE_GENERIC);
571 timeout_set(&sc->scan_to, run_next_scan, sc);
572 timeout_set(&sc->calib_to, run_calibrate_to, sc);
573
574 sc->amrr.amrr_min_success_threshold = 1;
575 sc->amrr.amrr_max_success_threshold = 10;
576
577 /* wait for the chip to settle */
578 for (ntries = 0; ntries < 100; ntries++) {
579 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0)
580 return;
581 if (ver != 0 && ver != 0xffffffff)
582 break;
583 DELAY(10);
584 }
585 if (ntries == 100) {
586 printf("%s: timeout waiting for NIC to initialize\n",
587 sc->sc_dev.dv_xname);
588 return;
589 }
590 sc->mac_ver = ver >> 16;
591 sc->mac_rev = ver & 0xffff;
592
593 /* retrieve RF rev. no and various other things from EEPROM */
594 run_read_eeprom(sc);
595
596 printf("%s: MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), "
597 "address %s\n", sc->sc_dev.dv_xname, sc->mac_ver,
598 sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains,
599 sc->nrxchains, ether_sprintf(ic->ic_myaddr));
600
601 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
602 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
603 ic->ic_state = IEEE80211_S_INIT;
604
605 /* set device capabilities */
606 ic->ic_caps =
607 IEEE80211_C_MONITOR | /* monitor mode supported */
608 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
609 IEEE80211_C_SHSLOT | /* short slot time supported */
610 IEEE80211_C_WEP | /* WEP */
611 IEEE80211_C_RSN; /* WPA/RSN */
612
613 if (sc->rf_rev == RT2860_RF_2750 ||
614 sc->rf_rev == RT2860_RF_2850 ||
615 sc->rf_rev == RT3070_RF_3052 ||
616 sc->rf_rev == RT3070_RF_3053 ||
617 sc->rf_rev == RT5592_RF_5592) {
618 /* set supported .11a rates */
619 ic->ic_sup_rates[IEEE80211_MODE_11A] =
620 ieee80211_std_rateset_11a;
621
622 /* set supported .11a channels */
623 for (i = 14; i < nitems(rt2860_rf2850); i++) {
624 uint8_t chan = rt2860_rf2850[i].chan;
625 ic->ic_channels[chan].ic_freq =
626 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ);
627 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A;
628 }
629 }
630
631 /* set supported .11b and .11g rates */
632 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b;
633 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g;
634
635 /* set supported .11b and .11g channels (1 through 14) */
636 for (i = 1; i <= 14; i++) {
637 ic->ic_channels[i].ic_freq =
638 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ);
639 ic->ic_channels[i].ic_flags =
640 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM |
641 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ;
642 }
643
644 ifp->if_softc = sc;
645 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
646 ifp->if_ioctl = run_ioctl;
647 ifp->if_start = run_start;
648 ifp->if_watchdog = run_watchdog;
649 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ);
650
651 if_attach(ifp);
652 ieee80211_ifattach(ifp);
653 ic->ic_node_alloc = run_node_alloc;
654 ic->ic_newassoc = run_newassoc;
655 ic->ic_updateslot = run_updateslot;
656 ic->ic_updateedca = run_updateedca;
657 ic->ic_set_key = run_set_key;
658 ic->ic_delete_key = run_delete_key;
659 /* override state transition machine */
660 sc->sc_newstate = ic->ic_newstate;
661 ic->ic_newstate = run_newstate;
662 ieee80211_media_init(ifp, run_media_change, ieee80211_media_status);
663
664 #if NBPFILTER > 0
665 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO,
666 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN);
667
668 sc->sc_rxtap_len = sizeof sc->sc_rxtapu;
669 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len);
670 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT);
671
672 sc->sc_txtap_len = sizeof sc->sc_txtapu;
673 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len);
674 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT);
675 #endif
676 }
677
678 int
run_detach(struct device * self,int flags)679 run_detach(struct device *self, int flags)
680 {
681 struct run_softc *sc = (struct run_softc *)self;
682 struct ifnet *ifp = &sc->sc_ic.ic_if;
683 int qid, s;
684
685 s = splusb();
686
687 if (timeout_initialized(&sc->scan_to))
688 timeout_del(&sc->scan_to);
689 if (timeout_initialized(&sc->calib_to))
690 timeout_del(&sc->calib_to);
691
692 /* wait for all queued asynchronous commands to complete */
693 usb_rem_wait_task(sc->sc_udev, &sc->sc_task);
694
695 usbd_ref_wait(sc->sc_udev);
696
697 if (ifp->if_softc != NULL) {
698 ifp->if_flags &= ~IFF_RUNNING;
699 ifq_clr_oactive(&ifp->if_snd);
700 ieee80211_ifdetach(ifp);
701 if_detach(ifp);
702 }
703
704 for (qid = 0; qid < 4; qid++)
705 run_free_tx_ring(sc, qid);
706 run_free_rx_ring(sc);
707
708 splx(s);
709
710 return 0;
711 }
712
713 int
run_alloc_rx_ring(struct run_softc * sc)714 run_alloc_rx_ring(struct run_softc *sc)
715 {
716 struct run_rx_ring *rxq = &sc->rxq;
717 int i, error;
718
719 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh);
720 if (error != 0)
721 goto fail;
722
723 for (i = 0; i < RUN_RX_RING_COUNT; i++) {
724 struct run_rx_data *data = &rxq->data[i];
725
726 data->sc = sc; /* backpointer for callbacks */
727
728 data->xfer = usbd_alloc_xfer(sc->sc_udev);
729 if (data->xfer == NULL) {
730 error = ENOMEM;
731 goto fail;
732 }
733 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ);
734 if (data->buf == NULL) {
735 error = ENOMEM;
736 goto fail;
737 }
738 }
739 if (error != 0)
740 fail: run_free_rx_ring(sc);
741 return error;
742 }
743
744 void
run_free_rx_ring(struct run_softc * sc)745 run_free_rx_ring(struct run_softc *sc)
746 {
747 struct run_rx_ring *rxq = &sc->rxq;
748 int i;
749
750 if (rxq->pipeh != NULL) {
751 usbd_close_pipe(rxq->pipeh);
752 rxq->pipeh = NULL;
753 }
754 for (i = 0; i < RUN_RX_RING_COUNT; i++) {
755 if (rxq->data[i].xfer != NULL)
756 usbd_free_xfer(rxq->data[i].xfer);
757 rxq->data[i].xfer = NULL;
758 }
759 }
760
761 int
run_alloc_tx_ring(struct run_softc * sc,int qid)762 run_alloc_tx_ring(struct run_softc *sc, int qid)
763 {
764 struct run_tx_ring *txq = &sc->txq[qid];
765 int i, error;
766 uint16_t txwisize;
767
768 txwisize = sizeof(struct rt2860_txwi);
769 if (sc->mac_ver == 0x5592)
770 txwisize += sizeof(uint32_t);
771
772 txq->cur = txq->queued = 0;
773
774 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh);
775 if (error != 0)
776 goto fail;
777
778 for (i = 0; i < RUN_TX_RING_COUNT; i++) {
779 struct run_tx_data *data = &txq->data[i];
780
781 data->sc = sc; /* backpointer for callbacks */
782 data->qid = qid;
783
784 data->xfer = usbd_alloc_xfer(sc->sc_udev);
785 if (data->xfer == NULL) {
786 error = ENOMEM;
787 goto fail;
788 }
789 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ);
790 if (data->buf == NULL) {
791 error = ENOMEM;
792 goto fail;
793 }
794 /* zeroize the TXD + TXWI part */
795 memset(data->buf, 0, sizeof(struct rt2870_txd) + txwisize);
796 }
797 if (error != 0)
798 fail: run_free_tx_ring(sc, qid);
799 return error;
800 }
801
802 void
run_free_tx_ring(struct run_softc * sc,int qid)803 run_free_tx_ring(struct run_softc *sc, int qid)
804 {
805 struct run_tx_ring *txq = &sc->txq[qid];
806 int i;
807
808 if (txq->pipeh != NULL) {
809 usbd_close_pipe(txq->pipeh);
810 txq->pipeh = NULL;
811 }
812 for (i = 0; i < RUN_TX_RING_COUNT; i++) {
813 if (txq->data[i].xfer != NULL)
814 usbd_free_xfer(txq->data[i].xfer);
815 txq->data[i].xfer = NULL;
816 }
817 }
818
819 int
run_load_microcode(struct run_softc * sc)820 run_load_microcode(struct run_softc *sc)
821 {
822 usb_device_request_t req;
823 const char *fwname;
824 u_char *ucode;
825 size_t size;
826 uint32_t tmp;
827 int ntries, error;
828
829 /* RT3071/RT3072 use a different firmware */
830 if (sc->mac_ver != 0x2860 &&
831 sc->mac_ver != 0x2872 &&
832 sc->mac_ver != 0x3070)
833 fwname = "run-rt3071";
834 else
835 fwname = "run-rt2870";
836
837 if ((error = loadfirmware(fwname, &ucode, &size)) != 0) {
838 printf("%s: failed loadfirmware of file %s (error %d)\n",
839 sc->sc_dev.dv_xname, fwname, error);
840 return error;
841 }
842 if (size != 4096) {
843 printf("%s: invalid firmware size (should be 4KB)\n",
844 sc->sc_dev.dv_xname);
845 free(ucode, M_DEVBUF, size);
846 return EINVAL;
847 }
848
849 /* write microcode image */
850 run_write_region_1(sc, RT2870_FW_BASE, ucode, size);
851 free(ucode, M_DEVBUF, size);
852 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff);
853 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff);
854
855 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
856 req.bRequest = RT2870_RESET;
857 USETW(req.wValue, 8);
858 USETW(req.wIndex, 0);
859 USETW(req.wLength, 0);
860 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0)
861 return error;
862
863 usbd_delay_ms(sc->sc_udev, 10);
864 run_write(sc, RT2860_H2M_BBPAGENT, 0);
865 run_write(sc, RT2860_H2M_MAILBOX, 0);
866 run_write(sc, RT2860_H2M_INTSRC, 0);
867 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0)
868 return error;
869
870 /* wait until microcontroller is ready */
871 for (ntries = 0; ntries < 1000; ntries++) {
872 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0)
873 return error;
874 if (tmp & RT2860_MCU_READY)
875 break;
876 DELAY(1000);
877 }
878 if (ntries == 1000) {
879 printf("%s: timeout waiting for MCU to initialize\n",
880 sc->sc_dev.dv_xname);
881 return ETIMEDOUT;
882 }
883 DPRINTF(("microcode successfully loaded after %d tries\n", ntries));
884 return 0;
885 }
886
887 int
run_reset(struct run_softc * sc)888 run_reset(struct run_softc *sc)
889 {
890 usb_device_request_t req;
891
892 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
893 req.bRequest = RT2870_RESET;
894 USETW(req.wValue, 1);
895 USETW(req.wIndex, 0);
896 USETW(req.wLength, 0);
897 return usbd_do_request(sc->sc_udev, &req, NULL);
898 }
899
900 int
run_read(struct run_softc * sc,uint16_t reg,uint32_t * val)901 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val)
902 {
903 uint32_t tmp;
904 int error;
905
906 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp);
907 if (error == 0)
908 *val = letoh32(tmp);
909 else
910 *val = 0xffffffff;
911 return error;
912 }
913
914 int
run_read_region_1(struct run_softc * sc,uint16_t reg,uint8_t * buf,int len)915 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len)
916 {
917 usb_device_request_t req;
918
919 req.bmRequestType = UT_READ_VENDOR_DEVICE;
920 req.bRequest = RT2870_READ_REGION_1;
921 USETW(req.wValue, 0);
922 USETW(req.wIndex, reg);
923 USETW(req.wLength, len);
924 return usbd_do_request(sc->sc_udev, &req, buf);
925 }
926
927 int
run_write_2(struct run_softc * sc,uint16_t reg,uint16_t val)928 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val)
929 {
930 usb_device_request_t req;
931
932 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
933 req.bRequest = RT2870_WRITE_2;
934 USETW(req.wValue, val);
935 USETW(req.wIndex, reg);
936 USETW(req.wLength, 0);
937 return usbd_do_request(sc->sc_udev, &req, NULL);
938 }
939
940 int
run_write(struct run_softc * sc,uint16_t reg,uint32_t val)941 run_write(struct run_softc *sc, uint16_t reg, uint32_t val)
942 {
943 int error;
944
945 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0)
946 error = run_write_2(sc, reg + 2, val >> 16);
947 return error;
948 }
949
950 int
run_write_region_1(struct run_softc * sc,uint16_t reg,const uint8_t * buf,int len)951 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf,
952 int len)
953 {
954 #if 1
955 int i, error = 0;
956 /*
957 * NB: the WRITE_REGION_1 command is not stable on RT2860.
958 * We thus issue multiple WRITE_2 commands instead.
959 */
960 KASSERT((len & 1) == 0);
961 for (i = 0; i < len && error == 0; i += 2)
962 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8);
963 return error;
964 #else
965 usb_device_request_t req;
966
967 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
968 req.bRequest = RT2870_WRITE_REGION_1;
969 USETW(req.wValue, 0);
970 USETW(req.wIndex, reg);
971 USETW(req.wLength, len);
972 return usbd_do_request(sc->sc_udev, &req, buf);
973 #endif
974 }
975
976 int
run_set_region_4(struct run_softc * sc,uint16_t reg,uint32_t val,int count)977 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count)
978 {
979 int error = 0;
980
981 for (; count > 0 && error == 0; count--, reg += 4)
982 error = run_write(sc, reg, val);
983 return error;
984 }
985
986 /* Read 16-bit from eFUSE ROM. */
987 int
run_efuse_read(struct run_softc * sc,uint16_t addr,uint16_t * val)988 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val)
989 {
990 uint32_t tmp;
991 uint16_t reg;
992 int error, ntries;
993
994 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
995 return error;
996
997 /*-
998 * Read one 16-byte block into registers EFUSE_DATA[0-3]:
999 * DATA0: F E D C
1000 * DATA1: B A 9 8
1001 * DATA2: 7 6 5 4
1002 * DATA3: 3 2 1 0
1003 */
1004 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK);
1005 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK;
1006 run_write(sc, RT3070_EFUSE_CTRL, tmp);
1007 for (ntries = 0; ntries < 100; ntries++) {
1008 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1009 return error;
1010 if (!(tmp & RT3070_EFSROM_KICK))
1011 break;
1012 DELAY(2);
1013 }
1014 if (ntries == 100)
1015 return ETIMEDOUT;
1016
1017 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) {
1018 *val = 0xffff; /* address not found */
1019 return 0;
1020 }
1021 /* determine to which 32-bit register our 16-bit word belongs */
1022 reg = RT3070_EFUSE_DATA3 - (addr & 0xc);
1023 if ((error = run_read(sc, reg, &tmp)) != 0)
1024 return error;
1025
1026 tmp >>= (8 * (addr & 0x3));
1027 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff;
1028 return 0;
1029 }
1030
1031 /* Read 16-bit from eFUSE ROM for RT3xxx. */
1032 int
run_efuse_read_2(struct run_softc * sc,uint16_t addr,uint16_t * val)1033 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val)
1034 {
1035 uint32_t tmp;
1036 uint16_t reg;
1037 int error, ntries;
1038
1039 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1040 return error;
1041
1042 addr *= 2;
1043 /*-
1044 * Read one 16-byte block into registers EFUSE_DATA[0-3]:
1045 * DATA0: F E D C
1046 * DATA1: B A 9 8
1047 * DATA2: 7 6 5 4
1048 * DATA3: 3 2 1 0
1049 */
1050 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK);
1051 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK;
1052 run_write(sc, RT3070_EFUSE_CTRL, tmp);
1053 for (ntries = 0; ntries < 100; ntries++) {
1054 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1055 return error;
1056 if (!(tmp & RT3070_EFSROM_KICK))
1057 break;
1058 DELAY(2);
1059 }
1060 if (ntries == 100)
1061 return ETIMEDOUT;
1062
1063 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) {
1064 *val = 0xffff; /* address not found */
1065 return 0;
1066 }
1067 /* determine to which 32-bit register our 16-bit word belongs */
1068 reg = RT3070_EFUSE_DATA3 - (addr & 0xc);
1069 if ((error = run_read(sc, reg, &tmp)) != 0)
1070 return error;
1071
1072 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff;
1073 return 0;
1074 }
1075
1076 int
run_eeprom_read_2(struct run_softc * sc,uint16_t addr,uint16_t * val)1077 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val)
1078 {
1079 usb_device_request_t req;
1080 uint16_t tmp;
1081 int error;
1082
1083 addr *= 2;
1084 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1085 req.bRequest = RT2870_EEPROM_READ;
1086 USETW(req.wValue, 0);
1087 USETW(req.wIndex, addr);
1088 USETW(req.wLength, sizeof tmp);
1089 error = usbd_do_request(sc->sc_udev, &req, &tmp);
1090 if (error == 0)
1091 *val = letoh16(tmp);
1092 else
1093 *val = 0xffff;
1094 return error;
1095 }
1096
1097 static __inline int
run_srom_read(struct run_softc * sc,uint16_t addr,uint16_t * val)1098 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val)
1099 {
1100 /* either eFUSE ROM or EEPROM */
1101 return sc->sc_srom_read(sc, addr, val);
1102 }
1103
1104 int
run_rt2870_rf_write(struct run_softc * sc,uint8_t reg,uint32_t val)1105 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val)
1106 {
1107 uint32_t tmp;
1108 int error, ntries;
1109
1110 for (ntries = 0; ntries < 10; ntries++) {
1111 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0)
1112 return error;
1113 if (!(tmp & RT2860_RF_REG_CTRL))
1114 break;
1115 }
1116 if (ntries == 10)
1117 return ETIMEDOUT;
1118
1119 /* RF registers are 24-bit on the RT2860 */
1120 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT |
1121 (val & 0x3fffff) << 2 | (reg & 3);
1122 return run_write(sc, RT2860_RF_CSR_CFG0, tmp);
1123 }
1124
1125 int
run_rt3070_rf_read(struct run_softc * sc,uint8_t reg,uint8_t * val)1126 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val)
1127 {
1128 uint32_t tmp;
1129 int error, ntries;
1130
1131 for (ntries = 0; ntries < 100; ntries++) {
1132 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1133 return error;
1134 if (!(tmp & RT3070_RF_KICK))
1135 break;
1136 }
1137 if (ntries == 100)
1138 return ETIMEDOUT;
1139
1140 tmp = RT3070_RF_KICK | reg << 8;
1141 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0)
1142 return error;
1143
1144 for (ntries = 0; ntries < 100; ntries++) {
1145 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1146 return error;
1147 if (!(tmp & RT3070_RF_KICK))
1148 break;
1149 }
1150 if (ntries == 100)
1151 return ETIMEDOUT;
1152
1153 *val = tmp & 0xff;
1154 return 0;
1155 }
1156
1157 int
run_rt3070_rf_write(struct run_softc * sc,uint8_t reg,uint8_t val)1158 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val)
1159 {
1160 uint32_t tmp;
1161 int error, ntries;
1162
1163 for (ntries = 0; ntries < 10; ntries++) {
1164 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1165 return error;
1166 if (!(tmp & RT3070_RF_KICK))
1167 break;
1168 }
1169 if (ntries == 10)
1170 return ETIMEDOUT;
1171
1172 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val;
1173 return run_write(sc, RT3070_RF_CSR_CFG, tmp);
1174 }
1175
1176 int
run_bbp_read(struct run_softc * sc,uint8_t reg,uint8_t * val)1177 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val)
1178 {
1179 uint32_t tmp;
1180 int ntries, error;
1181
1182 for (ntries = 0; ntries < 10; ntries++) {
1183 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1184 return error;
1185 if (!(tmp & RT2860_BBP_CSR_KICK))
1186 break;
1187 }
1188 if (ntries == 10)
1189 return ETIMEDOUT;
1190
1191 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8;
1192 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0)
1193 return error;
1194
1195 for (ntries = 0; ntries < 10; ntries++) {
1196 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1197 return error;
1198 if (!(tmp & RT2860_BBP_CSR_KICK))
1199 break;
1200 }
1201 if (ntries == 10)
1202 return ETIMEDOUT;
1203
1204 *val = tmp & 0xff;
1205 return 0;
1206 }
1207
1208 int
run_bbp_write(struct run_softc * sc,uint8_t reg,uint8_t val)1209 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val)
1210 {
1211 uint32_t tmp;
1212 int ntries, error;
1213
1214 for (ntries = 0; ntries < 10; ntries++) {
1215 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1216 return error;
1217 if (!(tmp & RT2860_BBP_CSR_KICK))
1218 break;
1219 }
1220 if (ntries == 10)
1221 return ETIMEDOUT;
1222
1223 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val;
1224 return run_write(sc, RT2860_BBP_CSR_CFG, tmp);
1225 }
1226
1227 /*
1228 * Send a command to the 8051 microcontroller unit.
1229 */
1230 int
run_mcu_cmd(struct run_softc * sc,uint8_t cmd,uint16_t arg)1231 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg)
1232 {
1233 uint32_t tmp;
1234 int error, ntries;
1235
1236 for (ntries = 0; ntries < 100; ntries++) {
1237 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0)
1238 return error;
1239 if (!(tmp & RT2860_H2M_BUSY))
1240 break;
1241 }
1242 if (ntries == 100)
1243 return ETIMEDOUT;
1244
1245 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg;
1246 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0)
1247 error = run_write(sc, RT2860_HOST_CMD, cmd);
1248 return error;
1249 }
1250
1251 /*
1252 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word.
1253 * Used to adjust per-rate Tx power registers.
1254 */
1255 static __inline uint32_t
b4inc(uint32_t b32,int8_t delta)1256 b4inc(uint32_t b32, int8_t delta)
1257 {
1258 int8_t i, b4;
1259
1260 for (i = 0; i < 8; i++) {
1261 b4 = b32 & 0xf;
1262 b4 += delta;
1263 if (b4 < 0)
1264 b4 = 0;
1265 else if (b4 > 0xf)
1266 b4 = 0xf;
1267 b32 = b32 >> 4 | b4 << 28;
1268 }
1269 return b32;
1270 }
1271
1272 const char *
run_get_rf(int rev)1273 run_get_rf(int rev)
1274 {
1275 switch (rev) {
1276 case RT2860_RF_2820: return "RT2820";
1277 case RT2860_RF_2850: return "RT2850";
1278 case RT2860_RF_2720: return "RT2720";
1279 case RT2860_RF_2750: return "RT2750";
1280 case RT3070_RF_3020: return "RT3020";
1281 case RT3070_RF_2020: return "RT2020";
1282 case RT3070_RF_3021: return "RT3021";
1283 case RT3070_RF_3022: return "RT3022";
1284 case RT3070_RF_3052: return "RT3052";
1285 case RT3070_RF_3053: return "RT3053";
1286 case RT5592_RF_5592: return "RT5592";
1287 case RT5390_RF_5370: return "RT5370";
1288 case RT5390_RF_5372: return "RT5372";
1289 }
1290 return "unknown";
1291 }
1292
1293 void
run_rt3593_get_txpower(struct run_softc * sc)1294 run_rt3593_get_txpower(struct run_softc *sc)
1295 {
1296 uint16_t addr, val;
1297 int i;
1298
1299 /* Read power settings for 2GHz channels. */
1300 for (i = 0; i < 14; i += 2) {
1301 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 :
1302 RT2860_EEPROM_PWR2GHZ_BASE1;
1303 run_srom_read(sc, addr + i / 2, &val);
1304 sc->txpow1[i + 0] = (int8_t)(val & 0xff);
1305 sc->txpow1[i + 1] = (int8_t)(val >> 8);
1306
1307 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 :
1308 RT2860_EEPROM_PWR2GHZ_BASE2;
1309 run_srom_read(sc, addr + i / 2, &val);
1310 sc->txpow2[i + 0] = (int8_t)(val & 0xff);
1311 sc->txpow2[i + 1] = (int8_t)(val >> 8);
1312
1313 if (sc->ntxchains == 3) {
1314 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2,
1315 &val);
1316 sc->txpow3[i + 0] = (int8_t)(val & 0xff);
1317 sc->txpow3[i + 1] = (int8_t)(val >> 8);
1318 }
1319 }
1320 /* Fix broken Tx power entries. */
1321 for (i = 0; i < 14; i++) {
1322 if (sc->txpow1[i] > 31)
1323 sc->txpow1[i] = 5;
1324 if (sc->txpow2[i] > 31)
1325 sc->txpow2[i] = 5;
1326 if (sc->ntxchains == 3) {
1327 if (sc->txpow3[i] > 31)
1328 sc->txpow3[i] = 5;
1329 }
1330 }
1331 /* Read power settings for 5GHz channels. */
1332 for (i = 0; i < 40; i += 2) {
1333 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val);
1334 sc->txpow1[i + 14] = (int8_t)(val & 0xff);
1335 sc->txpow1[i + 15] = (int8_t)(val >> 8);
1336
1337 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val);
1338 sc->txpow2[i + 14] = (int8_t)(val & 0xff);
1339 sc->txpow2[i + 15] = (int8_t)(val >> 8);
1340
1341 if (sc->ntxchains == 3) {
1342 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2,
1343 &val);
1344 sc->txpow3[i + 14] = (int8_t)(val & 0xff);
1345 sc->txpow3[i + 15] = (int8_t)(val >> 8);
1346 }
1347 }
1348 }
1349
1350 void
run_get_txpower(struct run_softc * sc)1351 run_get_txpower(struct run_softc *sc)
1352 {
1353 uint16_t val;
1354 int i;
1355
1356 /* Read power settings for 2GHz channels. */
1357 for (i = 0; i < 14; i += 2) {
1358 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val);
1359 sc->txpow1[i + 0] = (int8_t)(val & 0xff);
1360 sc->txpow1[i + 1] = (int8_t)(val >> 8);
1361
1362 if (sc->mac_ver != 0x5390) {
1363 run_srom_read(sc,
1364 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val);
1365 sc->txpow2[i + 0] = (int8_t)(val & 0xff);
1366 sc->txpow2[i + 1] = (int8_t)(val >> 8);
1367 }
1368 }
1369 /* Fix broken Tx power entries. */
1370 for (i = 0; i < 14; i++) {
1371 if (sc->mac_ver >= 0x5390) {
1372 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27)
1373 sc->txpow1[i] = 5;
1374 } else {
1375 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31)
1376 sc->txpow1[i] = 5;
1377 }
1378 if (sc->mac_ver > 0x5390) {
1379 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27)
1380 sc->txpow2[i] = 5;
1381 } else if (sc->mac_ver < 0x5390) {
1382 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31)
1383 sc->txpow2[i] = 5;
1384 }
1385 DPRINTF(("chan %d: power1=%d, power2=%d\n",
1386 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]));
1387 }
1388 /* Read power settings for 5GHz channels. */
1389 for (i = 0; i < 40; i += 2) {
1390 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val);
1391 sc->txpow1[i + 14] = (int8_t)(val & 0xff);
1392 sc->txpow1[i + 15] = (int8_t)(val >> 8);
1393
1394 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val);
1395 sc->txpow2[i + 14] = (int8_t)(val & 0xff);
1396 sc->txpow2[i + 15] = (int8_t)(val >> 8);
1397 }
1398 /* Fix broken Tx power entries. */
1399 for (i = 0; i < 40; i++ ) {
1400 if (sc->mac_ver != 0x5592) {
1401 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15)
1402 sc->txpow1[14 + i] = 5;
1403 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15)
1404 sc->txpow2[14 + i] = 5;
1405 }
1406 DPRINTF(("chan %d: power1=%d, power2=%d\n",
1407 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i],
1408 sc->txpow2[14 + i]));
1409 }
1410 }
1411
1412 int
run_read_eeprom(struct run_softc * sc)1413 run_read_eeprom(struct run_softc *sc)
1414 {
1415 struct ieee80211com *ic = &sc->sc_ic;
1416 int8_t delta_2ghz, delta_5ghz;
1417 uint32_t tmp;
1418 uint16_t val;
1419 int ridx, ant, i;
1420
1421 /* check whether the ROM is eFUSE ROM or EEPROM */
1422 sc->sc_srom_read = run_eeprom_read_2;
1423 if (sc->mac_ver >= 0x3070) {
1424 run_read(sc, RT3070_EFUSE_CTRL, &tmp);
1425 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp));
1426 if (tmp & RT3070_SEL_EFUSE || sc->mac_ver == 0x3593)
1427 sc->sc_srom_read = run_efuse_read_2;
1428 }
1429
1430 /* read ROM version */
1431 run_srom_read(sc, RT2860_EEPROM_VERSION, &val);
1432 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8));
1433
1434 /* read MAC address */
1435 run_srom_read(sc, RT2860_EEPROM_MAC01, &val);
1436 ic->ic_myaddr[0] = val & 0xff;
1437 ic->ic_myaddr[1] = val >> 8;
1438 run_srom_read(sc, RT2860_EEPROM_MAC23, &val);
1439 ic->ic_myaddr[2] = val & 0xff;
1440 ic->ic_myaddr[3] = val >> 8;
1441 run_srom_read(sc, RT2860_EEPROM_MAC45, &val);
1442 ic->ic_myaddr[4] = val & 0xff;
1443 ic->ic_myaddr[5] = val >> 8;
1444
1445 if (sc->mac_ver < 0x3593) {
1446 /* read vendor BBP settings */
1447 for (i = 0; i < 10; i++) {
1448 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val);
1449 sc->bbp[i].val = val & 0xff;
1450 sc->bbp[i].reg = val >> 8;
1451 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg,
1452 sc->bbp[i].val));
1453 }
1454 if (sc->mac_ver >= 0x3071) {
1455 /* read vendor RF settings */
1456 for (i = 0; i < 10; i++) {
1457 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i,
1458 &val);
1459 sc->rf[i].val = val & 0xff;
1460 sc->rf[i].reg = val >> 8;
1461 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg,
1462 sc->rf[i].val));
1463 }
1464 }
1465 }
1466
1467 /* read RF frequency offset from EEPROM */
1468 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS :
1469 RT3593_EEPROM_FREQ, &val);
1470 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0;
1471 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff));
1472 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS :
1473 RT3593_EEPROM_FREQ_LEDS, &val);
1474 if ((val >> 8) != 0xff) {
1475 /* read LEDs operating mode */
1476 sc->leds = val >> 8;
1477 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 :
1478 RT3593_EEPROM_LED1, &sc->led[0]);
1479 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 :
1480 RT3593_EEPROM_LED2, &sc->led[1]);
1481 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 :
1482 RT3593_EEPROM_LED3, &sc->led[2]);
1483 } else {
1484 /* broken EEPROM, use default settings */
1485 sc->leds = 0x01;
1486 sc->led[0] = 0x5555;
1487 sc->led[1] = 0x2221;
1488 sc->led[2] = 0x5627; /* differs from RT2860 */
1489 }
1490 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n",
1491 sc->leds, sc->led[0], sc->led[1], sc->led[2]));
1492
1493 /* read RF information */
1494 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392)
1495 run_srom_read(sc, 0x00, &val);
1496 else
1497 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val);
1498 if (val == 0xffff) {
1499 DPRINTF(("invalid EEPROM antenna info, using default\n"));
1500 if (sc->mac_ver == 0x3572) {
1501 /* default to RF3052 2T2R */
1502 sc->rf_rev = RT3070_RF_3052;
1503 sc->ntxchains = 2;
1504 sc->nrxchains = 2;
1505 } else if (sc->mac_ver >= 0x3070) {
1506 /* default to RF3020 1T1R */
1507 sc->rf_rev = RT3070_RF_3020;
1508 sc->ntxchains = 1;
1509 sc->nrxchains = 1;
1510 } else {
1511 /* default to RF2820 1T2R */
1512 sc->rf_rev = RT2860_RF_2820;
1513 sc->ntxchains = 1;
1514 sc->nrxchains = 2;
1515 }
1516 } else {
1517 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) {
1518 sc->rf_rev = val;
1519 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val);
1520 } else
1521 sc->rf_rev = (val >> 8) & 0xf;
1522 sc->ntxchains = (val >> 4) & 0xf;
1523 sc->nrxchains = val & 0xf;
1524 }
1525 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n",
1526 sc->rf_rev, sc->ntxchains, sc->nrxchains));
1527
1528 /* check if RF supports automatic Tx access gain control */
1529 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val);
1530 DPRINTF(("EEPROM CFG 0x%04x\n", val));
1531 /* check if driver should patch the DAC issue */
1532 if ((val >> 8) != 0xff)
1533 sc->patch_dac = (val >> 15) & 1;
1534 if ((val & 0xff) != 0xff) {
1535 sc->ext_5ghz_lna = (val >> 3) & 1;
1536 sc->ext_2ghz_lna = (val >> 2) & 1;
1537 /* check if RF supports automatic Tx access gain control */
1538 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1;
1539 /* check if we have a hardware radio switch */
1540 sc->rfswitch = val & 1;
1541 }
1542
1543 /* Read Tx power settings. */
1544 if (sc->mac_ver == 0x3593)
1545 run_rt3593_get_txpower(sc);
1546 else
1547 run_get_txpower(sc);
1548
1549 /* read Tx power compensation for each Tx rate */
1550 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val);
1551 delta_2ghz = delta_5ghz = 0;
1552 if ((val & 0xff) != 0xff && (val & 0x80)) {
1553 delta_2ghz = val & 0xf;
1554 if (!(val & 0x40)) /* negative number */
1555 delta_2ghz = -delta_2ghz;
1556 }
1557 val >>= 8;
1558 if ((val & 0xff) != 0xff && (val & 0x80)) {
1559 delta_5ghz = val & 0xf;
1560 if (!(val & 0x40)) /* negative number */
1561 delta_5ghz = -delta_5ghz;
1562 }
1563 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n",
1564 delta_2ghz, delta_5ghz));
1565
1566 for (ridx = 0; ridx < 5; ridx++) {
1567 uint32_t reg;
1568
1569 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val);
1570 reg = val;
1571 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val);
1572 reg |= (uint32_t)val << 16;
1573
1574 sc->txpow20mhz[ridx] = reg;
1575 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz);
1576 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz);
1577
1578 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, "
1579 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx],
1580 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]));
1581 }
1582
1583 /* read RSSI offsets and LNA gains from EEPROM */
1584 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ :
1585 RT3593_EEPROM_RSSI1_2GHZ, &val);
1586 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */
1587 sc->rssi_2ghz[1] = val >> 8; /* Ant B */
1588 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ :
1589 RT3593_EEPROM_RSSI2_2GHZ, &val);
1590 if (sc->mac_ver >= 0x3070) {
1591 if (sc->mac_ver == 0x3593) {
1592 sc->txmixgain_2ghz = 0;
1593 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */
1594 } else {
1595 /*
1596 * On RT3070 chips (limited to 2 Rx chains), this ROM
1597 * field contains the Tx mixer gain for the 2GHz band.
1598 */
1599 if ((val & 0xff) != 0xff)
1600 sc->txmixgain_2ghz = val & 0x7;
1601 }
1602 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz));
1603 } else
1604 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */
1605 if (sc->mac_ver == 0x3593)
1606 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val);
1607 sc->lna[2] = val >> 8; /* channel group 2 */
1608
1609 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ :
1610 RT3593_EEPROM_RSSI1_5GHZ, &val);
1611 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */
1612 sc->rssi_5ghz[1] = val >> 8; /* Ant B */
1613 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ :
1614 RT3593_EEPROM_RSSI2_5GHZ, &val);
1615 if (sc->mac_ver == 0x3572) {
1616 /*
1617 * On RT3572 chips (limited to 2 Rx chains), this ROM
1618 * field contains the Tx mixer gain for the 5GHz band.
1619 */
1620 if ((val & 0xff) != 0xff)
1621 sc->txmixgain_5ghz = val & 0x7;
1622 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz));
1623 } else
1624 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */
1625 if (sc->mac_ver == 0x3593) {
1626 sc->txmixgain_5ghz = 0;
1627 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val);
1628 }
1629 sc->lna[3] = val >> 8; /* channel group 3 */
1630
1631 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA :
1632 RT3593_EEPROM_LNA, &val);
1633 sc->lna[0] = val & 0xff; /* channel group 0 */
1634 sc->lna[1] = val >> 8; /* channel group 1 */
1635
1636 /* fix broken 5GHz LNA entries */
1637 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) {
1638 DPRINTF(("invalid LNA for channel group %d\n", 2));
1639 sc->lna[2] = sc->lna[1];
1640 }
1641 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) {
1642 DPRINTF(("invalid LNA for channel group %d\n", 3));
1643 sc->lna[3] = sc->lna[1];
1644 }
1645
1646 /* fix broken RSSI offset entries */
1647 for (ant = 0; ant < 3; ant++) {
1648 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) {
1649 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n",
1650 ant + 1, sc->rssi_2ghz[ant]));
1651 sc->rssi_2ghz[ant] = 0;
1652 }
1653 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) {
1654 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n",
1655 ant + 1, sc->rssi_5ghz[ant]));
1656 sc->rssi_5ghz[ant] = 0;
1657 }
1658 }
1659 return 0;
1660 }
1661
1662 struct ieee80211_node *
run_node_alloc(struct ieee80211com * ic)1663 run_node_alloc(struct ieee80211com *ic)
1664 {
1665 return malloc(sizeof (struct run_node), M_USBDEV, M_NOWAIT | M_ZERO);
1666 }
1667
1668 int
run_media_change(struct ifnet * ifp)1669 run_media_change(struct ifnet *ifp)
1670 {
1671 struct run_softc *sc = ifp->if_softc;
1672 struct ieee80211com *ic = &sc->sc_ic;
1673 uint8_t rate, ridx;
1674 int error;
1675
1676 error = ieee80211_media_change(ifp);
1677 if (error != ENETRESET)
1678 return error;
1679
1680 if (ic->ic_fixed_rate != -1) {
1681 rate = ic->ic_sup_rates[ic->ic_curmode].
1682 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL;
1683 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++)
1684 if (rt2860_rates[ridx].rate == rate)
1685 break;
1686 sc->fixed_ridx = ridx;
1687 }
1688
1689 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
1690 (IFF_UP | IFF_RUNNING)) {
1691 run_stop(ifp, 0);
1692 error = run_init(ifp);
1693 }
1694
1695 return error;
1696 }
1697
1698 void
run_next_scan(void * arg)1699 run_next_scan(void *arg)
1700 {
1701 struct run_softc *sc = arg;
1702 int s;
1703
1704 if (usbd_is_dying(sc->sc_udev))
1705 return;
1706
1707 usbd_ref_incr(sc->sc_udev);
1708
1709 s = splnet();
1710 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN)
1711 ieee80211_next_scan(&sc->sc_ic.ic_if);
1712 splx(s);
1713
1714 usbd_ref_decr(sc->sc_udev);
1715 }
1716
1717 void
run_task(void * arg)1718 run_task(void *arg)
1719 {
1720 struct run_softc *sc = arg;
1721 struct run_host_cmd_ring *ring = &sc->cmdq;
1722 struct run_host_cmd *cmd;
1723 int s;
1724
1725 if (usbd_is_dying(sc->sc_udev))
1726 return;
1727
1728 /* process host commands */
1729 s = splusb();
1730 while (ring->next != ring->cur) {
1731 cmd = &ring->cmd[ring->next];
1732 splx(s);
1733 /* callback */
1734 cmd->cb(sc, cmd->data);
1735 s = splusb();
1736 ring->queued--;
1737 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT;
1738 }
1739 splx(s);
1740 }
1741
1742 void
run_do_async(struct run_softc * sc,void (* cb)(struct run_softc *,void *),void * arg,int len)1743 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *),
1744 void *arg, int len)
1745 {
1746 struct run_host_cmd_ring *ring = &sc->cmdq;
1747 struct run_host_cmd *cmd;
1748 int s;
1749
1750 if (usbd_is_dying(sc->sc_udev))
1751 return;
1752
1753 s = splusb();
1754 cmd = &ring->cmd[ring->cur];
1755 cmd->cb = cb;
1756 KASSERT(len <= sizeof (cmd->data));
1757 memcpy(cmd->data, arg, len);
1758 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT;
1759
1760 /* if there is no pending command already, schedule a task */
1761 if (++ring->queued == 1)
1762 usb_add_task(sc->sc_udev, &sc->sc_task);
1763 splx(s);
1764 }
1765
1766 int
run_newstate(struct ieee80211com * ic,enum ieee80211_state nstate,int arg)1767 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
1768 {
1769 struct run_softc *sc = ic->ic_softc;
1770 struct run_cmd_newstate cmd;
1771
1772 /* do it in a process context */
1773 cmd.state = nstate;
1774 cmd.arg = arg;
1775 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd);
1776 return 0;
1777 }
1778
1779 void
run_newstate_cb(struct run_softc * sc,void * arg)1780 run_newstate_cb(struct run_softc *sc, void *arg)
1781 {
1782 struct run_cmd_newstate *cmd = arg;
1783 struct ieee80211com *ic = &sc->sc_ic;
1784 enum ieee80211_state ostate;
1785 struct ieee80211_node *ni;
1786 uint32_t tmp, sta[3];
1787 uint8_t wcid;
1788 int s;
1789
1790 s = splnet();
1791 ostate = ic->ic_state;
1792
1793 if (ostate == IEEE80211_S_RUN) {
1794 /* turn link LED off */
1795 run_set_leds(sc, RT2860_LED_RADIO);
1796 }
1797
1798 switch (cmd->state) {
1799 case IEEE80211_S_INIT:
1800 if (ostate == IEEE80211_S_RUN) {
1801 /* abort TSF synchronization */
1802 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
1803 run_write(sc, RT2860_BCN_TIME_CFG,
1804 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
1805 RT2860_TBTT_TIMER_EN));
1806 }
1807 break;
1808
1809 case IEEE80211_S_SCAN:
1810 run_set_chan(sc, ic->ic_bss->ni_chan);
1811 if (!usbd_is_dying(sc->sc_udev))
1812 timeout_add_msec(&sc->scan_to, 200);
1813 break;
1814
1815 case IEEE80211_S_AUTH:
1816 case IEEE80211_S_ASSOC:
1817 run_set_chan(sc, ic->ic_bss->ni_chan);
1818 break;
1819
1820 case IEEE80211_S_RUN:
1821 run_set_chan(sc, ic->ic_bss->ni_chan);
1822
1823 ni = ic->ic_bss;
1824
1825 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1826 run_updateslot(ic);
1827 run_enable_mrr(sc);
1828 run_set_txpreamble(sc);
1829 run_set_basicrates(sc);
1830 run_set_bssid(sc, ni->ni_bssid);
1831 }
1832 if (ic->ic_opmode == IEEE80211_M_STA) {
1833 /* add BSS entry to the WCID table */
1834 wcid = RUN_AID2WCID(ni->ni_associd);
1835 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid),
1836 ni->ni_macaddr, IEEE80211_ADDR_LEN);
1837
1838 /* fake a join to init the tx rate */
1839 run_newassoc(ic, ni, 1);
1840 }
1841 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
1842 run_enable_tsf_sync(sc);
1843
1844 /* clear statistic registers used by AMRR */
1845 run_read_region_1(sc, RT2860_TX_STA_CNT0,
1846 (uint8_t *)sta, sizeof sta);
1847 /* start calibration timer */
1848 if (!usbd_is_dying(sc->sc_udev))
1849 timeout_add_sec(&sc->calib_to, 1);
1850 }
1851
1852 /* turn link LED on */
1853 run_set_leds(sc, RT2860_LED_RADIO |
1854 (IEEE80211_IS_CHAN_2GHZ(ic->ic_bss->ni_chan) ?
1855 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ));
1856 break;
1857 }
1858 (void)sc->sc_newstate(ic, cmd->state, cmd->arg);
1859 splx(s);
1860 }
1861
1862 void
run_updateedca(struct ieee80211com * ic)1863 run_updateedca(struct ieee80211com *ic)
1864 {
1865 /* do it in a process context */
1866 run_do_async(ic->ic_softc, run_updateedca_cb, NULL, 0);
1867 }
1868
1869 void
run_updateedca_cb(struct run_softc * sc,void * arg)1870 run_updateedca_cb(struct run_softc *sc, void *arg)
1871 {
1872 struct ieee80211com *ic = &sc->sc_ic;
1873 int s, aci;
1874
1875 s = splnet();
1876 /* update MAC TX configuration registers */
1877 for (aci = 0; aci < EDCA_NUM_AC; aci++) {
1878 run_write(sc, RT2860_EDCA_AC_CFG(aci),
1879 ic->ic_edca_ac[aci].ac_ecwmax << 16 |
1880 ic->ic_edca_ac[aci].ac_ecwmin << 12 |
1881 ic->ic_edca_ac[aci].ac_aifsn << 8 |
1882 ic->ic_edca_ac[aci].ac_txoplimit);
1883 }
1884
1885 /* update SCH/DMA registers too */
1886 run_write(sc, RT2860_WMM_AIFSN_CFG,
1887 ic->ic_edca_ac[EDCA_AC_VO].ac_aifsn << 12 |
1888 ic->ic_edca_ac[EDCA_AC_VI].ac_aifsn << 8 |
1889 ic->ic_edca_ac[EDCA_AC_BK].ac_aifsn << 4 |
1890 ic->ic_edca_ac[EDCA_AC_BE].ac_aifsn);
1891 run_write(sc, RT2860_WMM_CWMIN_CFG,
1892 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmin << 12 |
1893 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmin << 8 |
1894 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmin << 4 |
1895 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmin);
1896 run_write(sc, RT2860_WMM_CWMAX_CFG,
1897 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmax << 12 |
1898 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmax << 8 |
1899 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmax << 4 |
1900 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmax);
1901 run_write(sc, RT2860_WMM_TXOP0_CFG,
1902 ic->ic_edca_ac[EDCA_AC_BK].ac_txoplimit << 16 |
1903 ic->ic_edca_ac[EDCA_AC_BE].ac_txoplimit);
1904 run_write(sc, RT2860_WMM_TXOP1_CFG,
1905 ic->ic_edca_ac[EDCA_AC_VO].ac_txoplimit << 16 |
1906 ic->ic_edca_ac[EDCA_AC_VI].ac_txoplimit);
1907 splx(s);
1908 }
1909
1910 int
run_set_key(struct ieee80211com * ic,struct ieee80211_node * ni,struct ieee80211_key * k)1911 run_set_key(struct ieee80211com *ic, struct ieee80211_node *ni,
1912 struct ieee80211_key *k)
1913 {
1914 struct run_softc *sc = ic->ic_softc;
1915 struct run_cmd_key cmd;
1916
1917 /* defer setting of WEP keys until interface is brought up */
1918 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) !=
1919 (IFF_UP | IFF_RUNNING))
1920 return 0;
1921
1922 /* do it in a process context */
1923 cmd.key = *k;
1924 cmd.ni = ni;
1925 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd);
1926 sc->sc_key_tasks++;
1927
1928 return EBUSY;
1929 }
1930
1931 void
run_set_key_cb(struct run_softc * sc,void * arg)1932 run_set_key_cb(struct run_softc *sc, void *arg)
1933 {
1934 struct ieee80211com *ic = &sc->sc_ic;
1935 struct run_cmd_key *cmd = arg;
1936 struct ieee80211_key *k = &cmd->key;
1937 uint32_t attr;
1938 uint16_t base;
1939 uint8_t mode, wcid, iv[8];
1940
1941 sc->sc_key_tasks--;
1942
1943 /* map net80211 cipher to RT2860 security mode */
1944 switch (k->k_cipher) {
1945 case IEEE80211_CIPHER_WEP40:
1946 mode = RT2860_MODE_WEP40;
1947 break;
1948 case IEEE80211_CIPHER_WEP104:
1949 mode = RT2860_MODE_WEP104;
1950 break;
1951 case IEEE80211_CIPHER_TKIP:
1952 mode = RT2860_MODE_TKIP;
1953 break;
1954 case IEEE80211_CIPHER_CCMP:
1955 mode = RT2860_MODE_AES_CCMP;
1956 break;
1957 default:
1958 IEEE80211_SEND_MGMT(ic, cmd->ni, IEEE80211_FC0_SUBTYPE_DEAUTH,
1959 IEEE80211_REASON_AUTH_LEAVE);
1960 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
1961 return;
1962 }
1963
1964 if (k->k_flags & IEEE80211_KEY_GROUP) {
1965 wcid = 0; /* NB: update WCID0 for group keys */
1966 base = RT2860_SKEY(0, k->k_id);
1967 } else {
1968 wcid = (cmd->ni != NULL) ? RUN_AID2WCID(cmd->ni->ni_associd) : 0;
1969 base = RT2860_PKEY(wcid);
1970 }
1971
1972 if (k->k_cipher == IEEE80211_CIPHER_TKIP) {
1973 run_write_region_1(sc, base, k->k_key, 16);
1974 run_write_region_1(sc, base + 16, &k->k_key[24], 8);
1975 run_write_region_1(sc, base + 24, &k->k_key[16], 8);
1976 } else {
1977 /* roundup len to 16-bit: XXX fix write_region_1() instead */
1978 run_write_region_1(sc, base, k->k_key, (k->k_len + 1) & ~1);
1979 }
1980
1981 if (!(k->k_flags & IEEE80211_KEY_GROUP) ||
1982 (k->k_flags & IEEE80211_KEY_TX)) {
1983 /* set initial packet number in IV+EIV */
1984 if (k->k_cipher == IEEE80211_CIPHER_WEP40 ||
1985 k->k_cipher == IEEE80211_CIPHER_WEP104) {
1986 memset(iv, 0, sizeof iv);
1987 iv[3] = sc->sc_ic.ic_def_txkey << 6;
1988 } else {
1989 if (k->k_cipher == IEEE80211_CIPHER_TKIP) {
1990 iv[0] = k->k_tsc >> 8;
1991 iv[1] = (iv[0] | 0x20) & 0x7f;
1992 iv[2] = k->k_tsc;
1993 } else /* CCMP */ {
1994 iv[0] = k->k_tsc;
1995 iv[1] = k->k_tsc >> 8;
1996 iv[2] = 0;
1997 }
1998 iv[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV;
1999 iv[4] = k->k_tsc >> 16;
2000 iv[5] = k->k_tsc >> 24;
2001 iv[6] = k->k_tsc >> 32;
2002 iv[7] = k->k_tsc >> 40;
2003 }
2004 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8);
2005 }
2006
2007 if (k->k_flags & IEEE80211_KEY_GROUP) {
2008 /* install group key */
2009 run_read(sc, RT2860_SKEY_MODE_0_7, &attr);
2010 attr &= ~(0xf << (k->k_id * 4));
2011 attr |= mode << (k->k_id * 4);
2012 run_write(sc, RT2860_SKEY_MODE_0_7, attr);
2013 } else {
2014 /* install pairwise key */
2015 run_read(sc, RT2860_WCID_ATTR(wcid), &attr);
2016 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN;
2017 run_write(sc, RT2860_WCID_ATTR(wcid), attr);
2018 }
2019
2020 if (sc->sc_key_tasks == 0) {
2021 if (cmd->ni != NULL)
2022 cmd->ni->ni_port_valid = 1;
2023 ieee80211_set_link_state(ic, LINK_STATE_UP);
2024 }
2025 }
2026
2027 void
run_delete_key(struct ieee80211com * ic,struct ieee80211_node * ni,struct ieee80211_key * k)2028 run_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni,
2029 struct ieee80211_key *k)
2030 {
2031 struct run_softc *sc = ic->ic_softc;
2032 struct run_cmd_key cmd;
2033
2034 if (!(ic->ic_if.if_flags & IFF_RUNNING) ||
2035 ic->ic_state != IEEE80211_S_RUN)
2036 return; /* nothing to do */
2037
2038 /* do it in a process context */
2039 cmd.key = *k;
2040 cmd.ni = ni;
2041 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd);
2042 }
2043
2044 void
run_delete_key_cb(struct run_softc * sc,void * arg)2045 run_delete_key_cb(struct run_softc *sc, void *arg)
2046 {
2047 struct run_cmd_key *cmd = arg;
2048 struct ieee80211_key *k = &cmd->key;
2049 uint32_t attr;
2050 uint8_t wcid;
2051
2052 if (k->k_flags & IEEE80211_KEY_GROUP) {
2053 /* remove group key */
2054 run_read(sc, RT2860_SKEY_MODE_0_7, &attr);
2055 attr &= ~(0xf << (k->k_id * 4));
2056 run_write(sc, RT2860_SKEY_MODE_0_7, attr);
2057
2058 } else {
2059 /* remove pairwise key */
2060 wcid = (cmd->ni != NULL) ? RUN_AID2WCID(cmd->ni->ni_associd) : 0;
2061 run_read(sc, RT2860_WCID_ATTR(wcid), &attr);
2062 attr &= ~0xf;
2063 run_write(sc, RT2860_WCID_ATTR(wcid), attr);
2064 }
2065 }
2066
2067 void
run_calibrate_to(void * arg)2068 run_calibrate_to(void *arg)
2069 {
2070 /* do it in a process context */
2071 run_do_async(arg, run_calibrate_cb, NULL, 0);
2072 /* next timeout will be rescheduled in the calibration task */
2073 }
2074
2075 void
run_calibrate_cb(struct run_softc * sc,void * arg)2076 run_calibrate_cb(struct run_softc *sc, void *arg)
2077 {
2078 struct ifnet *ifp = &sc->sc_ic.ic_if;
2079 uint32_t sta[3];
2080 int s, error;
2081
2082 /* read statistic counters (clear on read) and update AMRR state */
2083 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta,
2084 sizeof sta);
2085 if (error != 0)
2086 goto skip;
2087
2088 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n",
2089 letoh32(sta[1]) >> 16, letoh32(sta[1]) & 0xffff,
2090 letoh32(sta[0]) & 0xffff));
2091
2092 s = splnet();
2093 /* count failed TX as errors */
2094 ifp->if_oerrors += letoh32(sta[0]) & 0xffff;
2095
2096 sc->amn.amn_retrycnt =
2097 (letoh32(sta[0]) & 0xffff) + /* failed TX count */
2098 (letoh32(sta[1]) >> 16); /* TX retransmission count */
2099
2100 sc->amn.amn_txcnt =
2101 sc->amn.amn_retrycnt +
2102 (letoh32(sta[1]) & 0xffff); /* successful TX count */
2103
2104 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn);
2105 splx(s);
2106
2107 skip:
2108 if (!usbd_is_dying(sc->sc_udev))
2109 timeout_add_sec(&sc->calib_to, 1);
2110 }
2111
2112 void
run_newassoc(struct ieee80211com * ic,struct ieee80211_node * ni,int isnew)2113 run_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew)
2114 {
2115 struct run_softc *sc = ic->ic_softc;
2116 struct run_node *rn = (void *)ni;
2117 struct ieee80211_rateset *rs = &ni->ni_rates;
2118 uint8_t rate;
2119 int ridx, i, j;
2120
2121 DPRINTF(("new assoc isnew=%d addr=%s\n",
2122 isnew, ether_sprintf(ni->ni_macaddr)));
2123
2124 ieee80211_amrr_node_init(&sc->amrr, &sc->amn);
2125 /* start at lowest available bit-rate, AMRR will raise */
2126 ni->ni_txrate = 0;
2127
2128 for (i = 0; i < rs->rs_nrates; i++) {
2129 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL;
2130 /* convert 802.11 rate to hardware rate index */
2131 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2132 if (rt2860_rates[ridx].rate == rate)
2133 break;
2134 rn->ridx[i] = ridx;
2135 /* determine rate of control response frames */
2136 for (j = i; j >= 0; j--) {
2137 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) &&
2138 rt2860_rates[rn->ridx[i]].phy ==
2139 rt2860_rates[rn->ridx[j]].phy)
2140 break;
2141 }
2142 if (j >= 0) {
2143 rn->ctl_ridx[i] = rn->ridx[j];
2144 } else {
2145 /* no basic rate found, use mandatory one */
2146 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx;
2147 }
2148 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n",
2149 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]));
2150 }
2151 }
2152
2153 /*
2154 * Return the Rx chain with the highest RSSI for a given frame.
2155 */
2156 static __inline uint8_t
run_maxrssi_chain(struct run_softc * sc,const struct rt2860_rxwi * rxwi)2157 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi)
2158 {
2159 uint8_t rxchain = 0;
2160
2161 if (sc->nrxchains > 1) {
2162 if (rxwi->rssi[1] > rxwi->rssi[rxchain])
2163 rxchain = 1;
2164 if (sc->nrxchains > 2)
2165 if (rxwi->rssi[2] > rxwi->rssi[rxchain])
2166 rxchain = 2;
2167 }
2168 return rxchain;
2169 }
2170
2171 void
run_rx_frame(struct run_softc * sc,uint8_t * buf,int dmalen,struct mbuf_list * ml)2172 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen,
2173 struct mbuf_list *ml)
2174 {
2175 struct ieee80211com *ic = &sc->sc_ic;
2176 struct ifnet *ifp = &ic->ic_if;
2177 struct ieee80211_frame *wh;
2178 struct ieee80211_rxinfo rxi;
2179 struct ieee80211_node *ni;
2180 struct rt2870_rxd *rxd;
2181 struct rt2860_rxwi *rxwi;
2182 struct mbuf *m;
2183 uint32_t flags;
2184 uint16_t len;
2185 #if NBPFILTER > 0
2186 uint16_t phy;
2187 #endif
2188 uint16_t rxwisize;
2189 uint8_t ant, rssi;
2190 int s;
2191
2192 rxwi = (struct rt2860_rxwi *)buf;
2193 rxwisize = sizeof(struct rt2860_rxwi);
2194 if (sc->mac_ver == 0x5592)
2195 rxwisize += sizeof(uint64_t);
2196 else if (sc->mac_ver == 0x3593)
2197 rxwisize += sizeof(uint32_t);
2198 len = letoh16(rxwi->len) & 0xfff;
2199 if (__predict_false(len > dmalen)) {
2200 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen));
2201 return;
2202 }
2203 if (len > MCLBYTES) {
2204 DPRINTF(("frame too large (length=%d)\n", len));
2205 ifp->if_ierrors++;
2206 return;
2207 }
2208 /* Rx descriptor is located at the end */
2209 rxd = (struct rt2870_rxd *)(buf + dmalen);
2210 flags = letoh32(rxd->flags);
2211
2212 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) {
2213 ifp->if_ierrors++;
2214 return;
2215 }
2216
2217 if (__predict_false((flags & RT2860_RX_MICERR))) {
2218 /* report MIC failures to net80211 for TKIP */
2219 ic->ic_stats.is_rx_locmicfail++;
2220 ieee80211_michael_mic_failure(ic, 0/* XXX */);
2221 ifp->if_ierrors++;
2222 return;
2223 }
2224
2225 wh = (struct ieee80211_frame *)(buf + rxwisize);
2226 memset(&rxi, 0, sizeof(rxi));
2227 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) {
2228 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED;
2229 rxi.rxi_flags |= IEEE80211_RXI_HWDEC;
2230 }
2231
2232 if (flags & RT2860_RX_L2PAD) {
2233 u_int hdrlen = ieee80211_get_hdrlen(wh);
2234 memmove((caddr_t)wh + 2, wh, hdrlen);
2235 wh = (struct ieee80211_frame *)((caddr_t)wh + 2);
2236 }
2237
2238 /* could use m_devget but net80211 wants contig mgmt frames */
2239 MGETHDR(m, M_DONTWAIT, MT_DATA);
2240 if (__predict_false(m == NULL)) {
2241 ifp->if_ierrors++;
2242 return;
2243 }
2244 if (len > MHLEN) {
2245 MCLGET(m, M_DONTWAIT);
2246 if (__predict_false(!(m->m_flags & M_EXT))) {
2247 ifp->if_ierrors++;
2248 m_freem(m);
2249 return;
2250 }
2251 }
2252 /* finalize mbuf */
2253 memcpy(mtod(m, caddr_t), wh, len);
2254 m->m_pkthdr.len = m->m_len = len;
2255
2256 ant = run_maxrssi_chain(sc, rxwi);
2257 rssi = rxwi->rssi[ant];
2258
2259 #if NBPFILTER > 0
2260 if (__predict_false(sc->sc_drvbpf != NULL)) {
2261 struct run_rx_radiotap_header *tap = &sc->sc_rxtap;
2262 struct mbuf mb;
2263
2264 tap->wr_flags = 0;
2265 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq);
2266 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags);
2267 tap->wr_antsignal = rssi;
2268 tap->wr_antenna = ant;
2269 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant);
2270 tap->wr_rate = 2; /* in case it can't be found below */
2271 phy = letoh16(rxwi->phy);
2272 switch (phy & RT2860_PHY_MODE) {
2273 case RT2860_PHY_CCK:
2274 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) {
2275 case 0: tap->wr_rate = 2; break;
2276 case 1: tap->wr_rate = 4; break;
2277 case 2: tap->wr_rate = 11; break;
2278 case 3: tap->wr_rate = 22; break;
2279 }
2280 if (phy & RT2860_PHY_SHPRE)
2281 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
2282 break;
2283 case RT2860_PHY_OFDM:
2284 switch (phy & RT2860_PHY_MCS) {
2285 case 0: tap->wr_rate = 12; break;
2286 case 1: tap->wr_rate = 18; break;
2287 case 2: tap->wr_rate = 24; break;
2288 case 3: tap->wr_rate = 36; break;
2289 case 4: tap->wr_rate = 48; break;
2290 case 5: tap->wr_rate = 72; break;
2291 case 6: tap->wr_rate = 96; break;
2292 case 7: tap->wr_rate = 108; break;
2293 }
2294 break;
2295 }
2296 mb.m_data = (caddr_t)tap;
2297 mb.m_len = sc->sc_rxtap_len;
2298 mb.m_next = m;
2299 mb.m_nextpkt = NULL;
2300 mb.m_type = 0;
2301 mb.m_flags = 0;
2302 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN);
2303 }
2304 #endif
2305
2306 s = splnet();
2307 ni = ieee80211_find_rxnode(ic, wh);
2308 rxi.rxi_rssi = rssi;
2309 ieee80211_inputm(ifp, m, ni, &rxi, ml);
2310
2311 /* node is no longer needed */
2312 ieee80211_release_node(ic, ni);
2313 splx(s);
2314 }
2315
2316 void
run_rxeof(struct usbd_xfer * xfer,void * priv,usbd_status status)2317 run_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status)
2318 {
2319 struct mbuf_list ml = MBUF_LIST_INITIALIZER();
2320 struct run_rx_data *data = priv;
2321 struct run_softc *sc = data->sc;
2322 uint8_t *buf;
2323 uint32_t dmalen;
2324 int xferlen;
2325 uint16_t rxwisize;
2326
2327 rxwisize = sizeof(struct rt2860_rxwi);
2328 if (sc->mac_ver == 0x5592)
2329 rxwisize += sizeof(uint64_t);
2330 else if (sc->mac_ver == 0x3593)
2331 rxwisize += sizeof(uint32_t);
2332
2333 if (__predict_false(status != USBD_NORMAL_COMPLETION)) {
2334 DPRINTF(("RX status=%d\n", status));
2335 if (status == USBD_STALLED)
2336 usbd_clear_endpoint_stall_async(sc->rxq.pipeh);
2337 if (status != USBD_CANCELLED)
2338 goto skip;
2339 return;
2340 }
2341 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL);
2342
2343 if (__predict_false(xferlen < sizeof (uint32_t) + rxwisize +
2344 sizeof(struct rt2870_rxd))) {
2345 DPRINTF(("xfer too short %d\n", xferlen));
2346 goto skip;
2347 }
2348
2349 /* HW can aggregate multiple 802.11 frames in a single USB xfer */
2350 buf = data->buf;
2351 while (xferlen > 8) {
2352 dmalen = letoh32(*(uint32_t *)buf) & 0xffff;
2353
2354 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) {
2355 DPRINTF(("bad DMA length %u\n", dmalen));
2356 break;
2357 }
2358 if (__predict_false(dmalen + 8 > xferlen)) {
2359 DPRINTF(("bad DMA length %u > %d\n",
2360 dmalen + 8, xferlen));
2361 break;
2362 }
2363 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen, &ml);
2364 buf += dmalen + 8;
2365 xferlen -= dmalen + 8;
2366 }
2367 if_input(&sc->sc_ic.ic_if, &ml);
2368
2369 skip: /* setup a new transfer */
2370 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ,
2371 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof);
2372 (void)usbd_transfer(data->xfer);
2373 }
2374
2375 void
run_txeof(struct usbd_xfer * xfer,void * priv,usbd_status status)2376 run_txeof(struct usbd_xfer *xfer, void *priv, usbd_status status)
2377 {
2378 struct run_tx_data *data = priv;
2379 struct run_softc *sc = data->sc;
2380 struct run_tx_ring *txq = &sc->txq[data->qid];
2381 struct ifnet *ifp = &sc->sc_ic.ic_if;
2382 int s;
2383
2384 s = splnet();
2385 txq->queued--;
2386 sc->qfullmsk &= ~(1 << data->qid);
2387
2388 if (__predict_false(status != USBD_NORMAL_COMPLETION)) {
2389 DPRINTF(("TX status=%d\n", status));
2390 if (status == USBD_STALLED)
2391 usbd_clear_endpoint_stall_async(txq->pipeh);
2392 ifp->if_oerrors++;
2393 splx(s);
2394 return;
2395 }
2396
2397 sc->sc_tx_timer = 0;
2398 ifq_clr_oactive(&ifp->if_snd);
2399 run_start(ifp);
2400 splx(s);
2401 }
2402
2403 int
run_tx(struct run_softc * sc,struct mbuf * m,struct ieee80211_node * ni)2404 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni)
2405 {
2406 struct ieee80211com *ic = &sc->sc_ic;
2407 struct run_node *rn = (void *)ni;
2408 struct ieee80211_frame *wh;
2409 struct run_tx_ring *ring;
2410 struct run_tx_data *data;
2411 struct rt2870_txd *txd;
2412 struct rt2860_txwi *txwi;
2413 uint16_t qos, dur;
2414 uint16_t txwisize;
2415 uint8_t type, mcs, tid, qid;
2416 int error, hasqos, ridx, ctl_ridx, xferlen;
2417
2418 wh = mtod(m, struct ieee80211_frame *);
2419 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
2420
2421 if ((hasqos = ieee80211_has_qos(wh))) {
2422 qos = ieee80211_get_qos(wh);
2423 tid = qos & IEEE80211_QOS_TID;
2424 qid = ieee80211_up_to_ac(ic, tid);
2425 } else {
2426 qos = 0;
2427 tid = 0;
2428 qid = EDCA_AC_BE;
2429 }
2430 ring = &sc->txq[qid];
2431 data = &ring->data[ring->cur];
2432
2433 /* pickup a rate index */
2434 if (IEEE80211_IS_MULTICAST(wh->i_addr1) ||
2435 type != IEEE80211_FC0_TYPE_DATA) {
2436 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ?
2437 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1;
2438 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
2439 } else if (ic->ic_fixed_rate != -1) {
2440 ridx = sc->fixed_ridx;
2441 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
2442 } else {
2443 ridx = rn->ridx[ni->ni_txrate];
2444 ctl_ridx = rn->ctl_ridx[ni->ni_txrate];
2445 }
2446
2447 /* get MCS code from rate index */
2448 mcs = rt2860_rates[ridx].mcs;
2449
2450 txwisize = sizeof(struct rt2860_txwi);
2451 if (sc->mac_ver == 0x5592)
2452 txwisize += sizeof(uint32_t);
2453 xferlen = txwisize + m->m_pkthdr.len;
2454
2455 /* roundup to 32-bit alignment */
2456 xferlen = (xferlen + 3) & ~3;
2457
2458 txd = (struct rt2870_txd *)data->buf;
2459 txd->flags = RT2860_TX_QSEL_EDCA;
2460 txd->len = htole16(xferlen);
2461
2462 /* setup TX Wireless Information */
2463 txwi = (struct rt2860_txwi *)(txd + 1);
2464 txwi->flags = 0;
2465 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ;
2466 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ?
2467 RUN_AID2WCID(ni->ni_associd) : 0xff;
2468 txwi->len = htole16(m->m_pkthdr.len);
2469 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) {
2470 txwi->phy = htole16(RT2860_PHY_CCK);
2471 if (ridx != RT2860_RIDX_CCK1 &&
2472 (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
2473 mcs |= RT2860_PHY_SHPRE;
2474 } else
2475 txwi->phy = htole16(RT2860_PHY_OFDM);
2476 txwi->phy |= htole16(mcs);
2477
2478 txwi->txop = RT2860_TX_TXOP_BACKOFF;
2479
2480 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
2481 (!hasqos || (qos & IEEE80211_QOS_ACK_POLICY_MASK) !=
2482 IEEE80211_QOS_ACK_POLICY_NOACK)) {
2483 txwi->xflags |= RT2860_TX_ACK;
2484 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
2485 dur = rt2860_rates[ctl_ridx].sp_ack_dur;
2486 else
2487 dur = rt2860_rates[ctl_ridx].lp_ack_dur;
2488 *(uint16_t *)wh->i_dur = htole16(dur);
2489 }
2490
2491 #if NBPFILTER > 0
2492 if (__predict_false(sc->sc_drvbpf != NULL)) {
2493 struct run_tx_radiotap_header *tap = &sc->sc_txtap;
2494 struct mbuf mb;
2495
2496 tap->wt_flags = 0;
2497 tap->wt_rate = rt2860_rates[ridx].rate;
2498 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq);
2499 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags);
2500 if (mcs & RT2860_PHY_SHPRE)
2501 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
2502
2503 mb.m_data = (caddr_t)tap;
2504 mb.m_len = sc->sc_txtap_len;
2505 mb.m_next = m;
2506 mb.m_nextpkt = NULL;
2507 mb.m_type = 0;
2508 mb.m_flags = 0;
2509 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT);
2510 }
2511 #endif
2512
2513 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)txwi + txwisize);
2514 m_freem(m);
2515
2516 xferlen += sizeof (*txd) + 4;
2517
2518 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen,
2519 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof);
2520 error = usbd_transfer(data->xfer);
2521 if (__predict_false(error != USBD_IN_PROGRESS && error != 0))
2522 return error;
2523
2524 ieee80211_release_node(ic, ni);
2525
2526 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT;
2527 if (++ring->queued >= RUN_TX_RING_COUNT)
2528 sc->qfullmsk |= 1 << qid;
2529
2530 return 0;
2531 }
2532
2533 void
run_start(struct ifnet * ifp)2534 run_start(struct ifnet *ifp)
2535 {
2536 struct run_softc *sc = ifp->if_softc;
2537 struct ieee80211com *ic = &sc->sc_ic;
2538 struct ieee80211_node *ni;
2539 struct mbuf *m;
2540
2541 if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(&ifp->if_snd))
2542 return;
2543
2544 for (;;) {
2545 if (sc->qfullmsk != 0) {
2546 ifq_set_oactive(&ifp->if_snd);
2547 break;
2548 }
2549 /* send pending management frames first */
2550 m = mq_dequeue(&ic->ic_mgtq);
2551 if (m != NULL) {
2552 ni = m->m_pkthdr.ph_cookie;
2553 goto sendit;
2554 }
2555 if (ic->ic_state != IEEE80211_S_RUN)
2556 break;
2557
2558 /* encapsulate and send data frames */
2559 m = ifq_dequeue(&ifp->if_snd);
2560 if (m == NULL)
2561 break;
2562 #if NBPFILTER > 0
2563 if (ifp->if_bpf != NULL)
2564 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT);
2565 #endif
2566 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL)
2567 continue;
2568 sendit:
2569 #if NBPFILTER > 0
2570 if (ic->ic_rawbpf != NULL)
2571 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT);
2572 #endif
2573 if (run_tx(sc, m, ni) != 0) {
2574 ieee80211_release_node(ic, ni);
2575 ifp->if_oerrors++;
2576 continue;
2577 }
2578
2579 sc->sc_tx_timer = 5;
2580 ifp->if_timer = 1;
2581 }
2582 }
2583
2584 void
run_watchdog(struct ifnet * ifp)2585 run_watchdog(struct ifnet *ifp)
2586 {
2587 struct run_softc *sc = ifp->if_softc;
2588
2589 ifp->if_timer = 0;
2590
2591 if (sc->sc_tx_timer > 0) {
2592 if (--sc->sc_tx_timer == 0) {
2593 printf("%s: device timeout\n", sc->sc_dev.dv_xname);
2594 /* run_init(ifp); XXX needs a process context! */
2595 ifp->if_oerrors++;
2596 return;
2597 }
2598 ifp->if_timer = 1;
2599 }
2600
2601 ieee80211_watchdog(ifp);
2602 }
2603
2604 int
run_ioctl(struct ifnet * ifp,u_long cmd,caddr_t data)2605 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
2606 {
2607 struct run_softc *sc = ifp->if_softc;
2608 struct ieee80211com *ic = &sc->sc_ic;
2609 int s, error = 0;
2610
2611 if (usbd_is_dying(sc->sc_udev))
2612 return ENXIO;
2613
2614 usbd_ref_incr(sc->sc_udev);
2615
2616 s = splnet();
2617
2618 switch (cmd) {
2619 case SIOCSIFADDR:
2620 ifp->if_flags |= IFF_UP;
2621 /* FALLTHROUGH */
2622 case SIOCSIFFLAGS:
2623 if (ifp->if_flags & IFF_UP) {
2624 if (!(ifp->if_flags & IFF_RUNNING))
2625 run_init(ifp);
2626 } else {
2627 if (ifp->if_flags & IFF_RUNNING)
2628 run_stop(ifp, 1);
2629 }
2630 break;
2631
2632 case SIOCS80211CHANNEL:
2633 /*
2634 * This allows for fast channel switching in monitor mode
2635 * (used by kismet).
2636 */
2637 error = ieee80211_ioctl(ifp, cmd, data);
2638 if (error == ENETRESET &&
2639 ic->ic_opmode == IEEE80211_M_MONITOR) {
2640 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
2641 (IFF_UP | IFF_RUNNING))
2642 run_set_chan(sc, ic->ic_ibss_chan);
2643 error = 0;
2644 }
2645 break;
2646
2647 default:
2648 error = ieee80211_ioctl(ifp, cmd, data);
2649 }
2650
2651 if (error == ENETRESET) {
2652 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) ==
2653 (IFF_UP | IFF_RUNNING)) {
2654 run_stop(ifp, 0);
2655 run_init(ifp);
2656 }
2657 error = 0;
2658 }
2659
2660 splx(s);
2661
2662 usbd_ref_decr(sc->sc_udev);
2663
2664 return error;
2665 }
2666
2667 void
run_iq_calib(struct run_softc * sc,u_int chan)2668 run_iq_calib(struct run_softc *sc, u_int chan)
2669 {
2670 uint16_t val;
2671
2672 /* Tx0 IQ gain. */
2673 run_bbp_write(sc, 158, 0x2c);
2674 if (chan <= 14)
2675 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val);
2676 else if (chan <= 64) {
2677 run_efuse_read(sc,
2678 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, &val);
2679 } else if (chan <= 138) {
2680 run_efuse_read(sc,
2681 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, &val);
2682 } else if (chan <= 165) {
2683 run_efuse_read(sc,
2684 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ,
2685 &val);
2686 } else
2687 val = 0;
2688 run_bbp_write(sc, 159, val);
2689
2690 /* Tx0 IQ phase. */
2691 run_bbp_write(sc, 158, 0x2d);
2692 if (chan <= 14) {
2693 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, &val);
2694 } else if (chan <= 64) {
2695 run_efuse_read(sc,
2696 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, &val);
2697 } else if (chan <= 138) {
2698 run_efuse_read(sc,
2699 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, &val);
2700 } else if (chan <= 165) {
2701 run_efuse_read(sc,
2702 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, &val);
2703 } else
2704 val = 0;
2705 run_bbp_write(sc, 159, val);
2706
2707 /* Tx1 IQ gain. */
2708 run_bbp_write(sc, 158, 0x4a);
2709 if (chan <= 14) {
2710 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, &val);
2711 } else if (chan <= 64) {
2712 run_efuse_read(sc,
2713 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, &val);
2714 } else if (chan <= 138) {
2715 run_efuse_read(sc,
2716 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, &val);
2717 } else if (chan <= 165) {
2718 run_efuse_read(sc,
2719 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, &val);
2720 } else
2721 val = 0;
2722 run_bbp_write(sc, 159, val);
2723
2724 /* Tx1 IQ phase. */
2725 run_bbp_write(sc, 158, 0x4b);
2726 if (chan <= 14) {
2727 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, &val);
2728 } else if (chan <= 64) {
2729 run_efuse_read(sc,
2730 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, &val);
2731 } else if (chan <= 138) {
2732 run_efuse_read(sc,
2733 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, &val);
2734 } else if (chan <= 165) {
2735 run_efuse_read(sc,
2736 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, &val);
2737 } else
2738 val = 0;
2739 run_bbp_write(sc, 159, val);
2740
2741 /* RF IQ compensation control. */
2742 run_bbp_write(sc, 158, 0x04);
2743 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, &val);
2744 run_bbp_write(sc, 159, val);
2745
2746 /* RF IQ imbalance compensation control. */
2747 run_bbp_write(sc, 158, 0x03);
2748 run_efuse_read(sc,
2749 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val);
2750 run_bbp_write(sc, 159, val);
2751 }
2752
2753 void
run_select_chan_group(struct run_softc * sc,int group)2754 run_select_chan_group(struct run_softc *sc, int group)
2755 {
2756 uint32_t tmp;
2757 uint8_t agc;
2758
2759 run_bbp_write(sc, 62, 0x37 - sc->lna[group]);
2760 run_bbp_write(sc, 63, 0x37 - sc->lna[group]);
2761 run_bbp_write(sc, 64, 0x37 - sc->lna[group]);
2762 if (sc->mac_ver < 0x3572)
2763 run_bbp_write(sc, 86, 0x00);
2764
2765 if (sc->mac_ver == 0x3593) {
2766 run_bbp_write(sc, 77, 0x98);
2767 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a);
2768 }
2769
2770 if (group == 0) {
2771 if (sc->ext_2ghz_lna) {
2772 if (sc->mac_ver >= 0x5390)
2773 run_bbp_write(sc, 75, 0x52);
2774 else {
2775 run_bbp_write(sc, 82, 0x62);
2776 run_bbp_write(sc, 75, 0x46);
2777 }
2778 } else {
2779 if (sc->mac_ver == 0x5592) {
2780 run_bbp_write(sc, 79, 0x1c);
2781 run_bbp_write(sc, 80, 0x0e);
2782 run_bbp_write(sc, 81, 0x3a);
2783 run_bbp_write(sc, 82, 0x62);
2784
2785 run_bbp_write(sc, 195, 0x80);
2786 run_bbp_write(sc, 196, 0xe0);
2787 run_bbp_write(sc, 195, 0x81);
2788 run_bbp_write(sc, 196, 0x1f);
2789 run_bbp_write(sc, 195, 0x82);
2790 run_bbp_write(sc, 196, 0x38);
2791 run_bbp_write(sc, 195, 0x83);
2792 run_bbp_write(sc, 196, 0x32);
2793 run_bbp_write(sc, 195, 0x85);
2794 run_bbp_write(sc, 196, 0x28);
2795 run_bbp_write(sc, 195, 0x86);
2796 run_bbp_write(sc, 196, 0x19);
2797 } else if (sc->mac_ver >= 0x5390)
2798 run_bbp_write(sc, 75, 0x50);
2799 else {
2800 run_bbp_write(sc, 82,
2801 (sc->mac_ver == 0x3593) ? 0x62 : 0x84);
2802 run_bbp_write(sc, 75, 0x50);
2803 }
2804 }
2805 } else {
2806 if (sc->mac_ver == 0x5592) {
2807 run_bbp_write(sc, 79, 0x18);
2808 run_bbp_write(sc, 80, 0x08);
2809 run_bbp_write(sc, 81, 0x38);
2810 run_bbp_write(sc, 82, 0x92);
2811
2812 run_bbp_write(sc, 195, 0x80);
2813 run_bbp_write(sc, 196, 0xf0);
2814 run_bbp_write(sc, 195, 0x81);
2815 run_bbp_write(sc, 196, 0x1e);
2816 run_bbp_write(sc, 195, 0x82);
2817 run_bbp_write(sc, 196, 0x28);
2818 run_bbp_write(sc, 195, 0x83);
2819 run_bbp_write(sc, 196, 0x20);
2820 run_bbp_write(sc, 195, 0x85);
2821 run_bbp_write(sc, 196, 0x7f);
2822 run_bbp_write(sc, 195, 0x86);
2823 run_bbp_write(sc, 196, 0x7f);
2824 } else if (sc->mac_ver == 0x3572)
2825 run_bbp_write(sc, 82, 0x94);
2826 else
2827 run_bbp_write(sc, 82,
2828 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2);
2829 if (sc->ext_5ghz_lna)
2830 run_bbp_write(sc, 75, 0x46);
2831 else
2832 run_bbp_write(sc, 75, 0x50);
2833 }
2834
2835 run_read(sc, RT2860_TX_BAND_CFG, &tmp);
2836 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P);
2837 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P;
2838 run_write(sc, RT2860_TX_BAND_CFG, tmp);
2839
2840 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */
2841 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN;
2842 if (sc->mac_ver == 0x3593)
2843 tmp |= 1 << 29 | 1 << 28;
2844 if (sc->nrxchains > 1)
2845 tmp |= RT2860_LNA_PE1_EN;
2846 if (group == 0) { /* 2GHz */
2847 tmp |= RT2860_PA_PE_G0_EN;
2848 if (sc->ntxchains > 1)
2849 tmp |= RT2860_PA_PE_G1_EN;
2850 if (sc->mac_ver == 0x3593) {
2851 if (sc->ntxchains > 2)
2852 tmp |= 1 << 25;
2853 }
2854 } else { /* 5GHz */
2855 tmp |= RT2860_PA_PE_A0_EN;
2856 if (sc->ntxchains > 1)
2857 tmp |= RT2860_PA_PE_A1_EN;
2858 }
2859 if (sc->mac_ver == 0x3572) {
2860 run_rt3070_rf_write(sc, 8, 0x00);
2861 run_write(sc, RT2860_TX_PIN_CFG, tmp);
2862 run_rt3070_rf_write(sc, 8, 0x80);
2863 } else
2864 run_write(sc, RT2860_TX_PIN_CFG, tmp);
2865
2866 if (sc->mac_ver == 0x5592) {
2867 run_bbp_write(sc, 195, 0x8d);
2868 run_bbp_write(sc, 196, 0x1a);
2869 }
2870
2871 if (sc->mac_ver == 0x3593) {
2872 run_read(sc, RT2860_GPIO_CTRL, &tmp);
2873 tmp &= ~0x01010000;
2874 if (group == 0)
2875 tmp |= 0x00010000;
2876 tmp = (tmp & ~0x00009090) | 0x00000090;
2877 run_write(sc, RT2860_GPIO_CTRL, tmp);
2878 }
2879
2880 /* set initial AGC value */
2881 if (group == 0) { /* 2GHz band */
2882 if (sc->mac_ver >= 0x3070)
2883 agc = 0x1c + sc->lna[0] * 2;
2884 else
2885 agc = 0x2e + sc->lna[0];
2886 } else { /* 5GHz band */
2887 if (sc->mac_ver == 0x5592)
2888 agc = 0x24 + sc->lna[group] * 2;
2889 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593)
2890 agc = 0x22 + (sc->lna[group] * 5) / 3;
2891 else
2892 agc = 0x32 + (sc->lna[group] * 5) / 3;
2893 }
2894 run_set_agc(sc, agc);
2895 }
2896
2897 void
run_rt2870_set_chan(struct run_softc * sc,u_int chan)2898 run_rt2870_set_chan(struct run_softc *sc, u_int chan)
2899 {
2900 const struct rfprog *rfprog = rt2860_rf2850;
2901 uint32_t r2, r3, r4;
2902 int8_t txpow1, txpow2;
2903 int i;
2904
2905 /* find the settings for this channel (we know it exists) */
2906 for (i = 0; rfprog[i].chan != chan; i++)
2907 ;
2908
2909 r2 = rfprog[i].r2;
2910 if (sc->ntxchains == 1)
2911 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */
2912 if (sc->nrxchains == 1)
2913 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
2914 else if (sc->nrxchains == 2)
2915 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */
2916
2917 /* use Tx power values from EEPROM */
2918 txpow1 = sc->txpow1[i];
2919 txpow2 = sc->txpow2[i];
2920 if (chan > 14) {
2921 if (txpow1 >= 0)
2922 txpow1 = txpow1 << 1 | 1;
2923 else
2924 txpow1 = (7 + txpow1) << 1;
2925 if (txpow2 >= 0)
2926 txpow2 = txpow2 << 1 | 1;
2927 else
2928 txpow2 = (7 + txpow2) << 1;
2929 }
2930 r3 = rfprog[i].r3 | txpow1 << 7;
2931 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4;
2932
2933 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1);
2934 run_rt2870_rf_write(sc, RT2860_RF2, r2);
2935 run_rt2870_rf_write(sc, RT2860_RF3, r3);
2936 run_rt2870_rf_write(sc, RT2860_RF4, r4);
2937
2938 DELAY(200);
2939
2940 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1);
2941 run_rt2870_rf_write(sc, RT2860_RF2, r2);
2942 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1);
2943 run_rt2870_rf_write(sc, RT2860_RF4, r4);
2944
2945 DELAY(200);
2946
2947 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1);
2948 run_rt2870_rf_write(sc, RT2860_RF2, r2);
2949 run_rt2870_rf_write(sc, RT2860_RF3, r3);
2950 run_rt2870_rf_write(sc, RT2860_RF4, r4);
2951 }
2952
2953 void
run_rt3070_set_chan(struct run_softc * sc,u_int chan)2954 run_rt3070_set_chan(struct run_softc *sc, u_int chan)
2955 {
2956 int8_t txpow1, txpow2;
2957 uint8_t rf;
2958 int i;
2959
2960 /* find the settings for this channel (we know it exists) */
2961 for (i = 0; rt2860_rf2850[i].chan != chan; i++)
2962 ;
2963
2964 /* use Tx power values from EEPROM */
2965 txpow1 = sc->txpow1[i];
2966 txpow2 = sc->txpow2[i];
2967
2968 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n);
2969
2970 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */
2971 run_rt3070_rf_read(sc, 3, &rf);
2972 rf = (rf & ~0x0f) | rt3070_freqs[i].k;
2973 run_rt3070_rf_write(sc, 3, rf);
2974
2975 run_rt3070_rf_read(sc, 6, &rf);
2976 rf = (rf & ~0x03) | rt3070_freqs[i].r;
2977 run_rt3070_rf_write(sc, 6, rf);
2978
2979 /* set Tx0 power */
2980 run_rt3070_rf_read(sc, 12, &rf);
2981 rf = (rf & ~0x1f) | txpow1;
2982 run_rt3070_rf_write(sc, 12, rf);
2983
2984 /* set Tx1 power */
2985 run_rt3070_rf_read(sc, 13, &rf);
2986 rf = (rf & ~0x1f) | txpow2;
2987 run_rt3070_rf_write(sc, 13, rf);
2988
2989 run_rt3070_rf_read(sc, 1, &rf);
2990 rf &= ~0xfc;
2991 if (sc->ntxchains == 1)
2992 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */
2993 else if (sc->ntxchains == 2)
2994 rf |= 1 << 7; /* 2T: disable Tx chain 3 */
2995 if (sc->nrxchains == 1)
2996 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
2997 else if (sc->nrxchains == 2)
2998 rf |= 1 << 6; /* 2R: disable Rx chain 3 */
2999 run_rt3070_rf_write(sc, 1, rf);
3000
3001 /* set RF offset */
3002 run_rt3070_rf_read(sc, 23, &rf);
3003 rf = (rf & ~0x7f) | sc->freq;
3004 run_rt3070_rf_write(sc, 23, rf);
3005
3006 /* program RF filter */
3007 run_rt3070_rf_read(sc, 24, &rf); /* Tx */
3008 rf = (rf & ~0x3f) | sc->rf24_20mhz;
3009 run_rt3070_rf_write(sc, 24, rf);
3010 run_rt3070_rf_read(sc, 31, &rf); /* Rx */
3011 rf = (rf & ~0x3f) | sc->rf24_20mhz;
3012 run_rt3070_rf_write(sc, 31, rf);
3013
3014 /* enable RF tuning */
3015 run_rt3070_rf_read(sc, 7, &rf);
3016 run_rt3070_rf_write(sc, 7, rf | 0x01);
3017 }
3018
3019 void
run_rt3572_set_chan(struct run_softc * sc,u_int chan)3020 run_rt3572_set_chan(struct run_softc *sc, u_int chan)
3021 {
3022 int8_t txpow1, txpow2;
3023 uint32_t tmp;
3024 uint8_t rf;
3025 int i;
3026
3027 /* find the settings for this channel (we know it exists) */
3028 for (i = 0; rt2860_rf2850[i].chan != chan; i++)
3029 ;
3030
3031 /* use Tx power values from EEPROM */
3032 txpow1 = sc->txpow1[i];
3033 txpow2 = sc->txpow2[i];
3034
3035 if (chan <= 14) {
3036 run_bbp_write(sc, 25, sc->bbp25);
3037 run_bbp_write(sc, 26, sc->bbp26);
3038 } else {
3039 /* enable IQ phase correction */
3040 run_bbp_write(sc, 25, 0x09);
3041 run_bbp_write(sc, 26, 0xff);
3042 }
3043
3044 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n);
3045 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k);
3046 run_rt3070_rf_read(sc, 6, &rf);
3047 rf = (rf & ~0x0f) | rt3070_freqs[i].r;
3048 rf |= (chan <= 14) ? 0x08 : 0x04;
3049 run_rt3070_rf_write(sc, 6, rf);
3050
3051 /* set PLL mode */
3052 run_rt3070_rf_read(sc, 5, &rf);
3053 rf &= ~(0x08 | 0x04);
3054 rf |= (chan <= 14) ? 0x04 : 0x08;
3055 run_rt3070_rf_write(sc, 5, rf);
3056
3057 /* set Tx power for chain 0 */
3058 if (chan <= 14)
3059 rf = 0x60 | txpow1;
3060 else
3061 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3);
3062 run_rt3070_rf_write(sc, 12, rf);
3063
3064 /* set Tx power for chain 1 */
3065 if (chan <= 14)
3066 rf = 0x60 | txpow2;
3067 else
3068 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3);
3069 run_rt3070_rf_write(sc, 13, rf);
3070
3071 /* set Tx/Rx streams */
3072 run_rt3070_rf_read(sc, 1, &rf);
3073 rf &= ~0xfc;
3074 if (sc->ntxchains == 1)
3075 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */
3076 else if (sc->ntxchains == 2)
3077 rf |= 1 << 7; /* 2T: disable Tx chain 3 */
3078 if (sc->nrxchains == 1)
3079 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
3080 else if (sc->nrxchains == 2)
3081 rf |= 1 << 6; /* 2R: disable Rx chain 3 */
3082 run_rt3070_rf_write(sc, 1, rf);
3083
3084 /* set RF offset */
3085 run_rt3070_rf_read(sc, 23, &rf);
3086 rf = (rf & ~0x7f) | sc->freq;
3087 run_rt3070_rf_write(sc, 23, rf);
3088
3089 /* program RF filter */
3090 rf = sc->rf24_20mhz;
3091 run_rt3070_rf_write(sc, 24, rf); /* Tx */
3092 run_rt3070_rf_write(sc, 31, rf); /* Rx */
3093
3094 /* enable RF tuning */
3095 run_rt3070_rf_read(sc, 7, &rf);
3096 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14);
3097 run_rt3070_rf_write(sc, 7, rf);
3098
3099 /* TSSI */
3100 rf = (chan <= 14) ? 0xc3 : 0xc0;
3101 run_rt3070_rf_write(sc, 9, rf);
3102
3103 /* set loop filter 1 */
3104 run_rt3070_rf_write(sc, 10, 0xf1);
3105 /* set loop filter 2 */
3106 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00);
3107
3108 /* set tx_mx2_ic */
3109 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43);
3110 /* set tx_mx1_ic */
3111 if (chan <= 14)
3112 rf = 0x48 | sc->txmixgain_2ghz;
3113 else
3114 rf = 0x78 | sc->txmixgain_5ghz;
3115 run_rt3070_rf_write(sc, 16, rf);
3116
3117 /* set tx_lo1 */
3118 run_rt3070_rf_write(sc, 17, 0x23);
3119 /* set tx_lo2 */
3120 if (chan <= 14)
3121 rf = 0x93;
3122 else if (chan <= 64)
3123 rf = 0xb7;
3124 else if (chan <= 128)
3125 rf = 0x74;
3126 else
3127 rf = 0x72;
3128 run_rt3070_rf_write(sc, 19, rf);
3129
3130 /* set rx_lo1 */
3131 if (chan <= 14)
3132 rf = 0xb3;
3133 else if (chan <= 64)
3134 rf = 0xf6;
3135 else if (chan <= 128)
3136 rf = 0xf4;
3137 else
3138 rf = 0xf3;
3139 run_rt3070_rf_write(sc, 20, rf);
3140
3141 /* set pfd_delay */
3142 if (chan <= 14)
3143 rf = 0x15;
3144 else if (chan <= 64)
3145 rf = 0x3d;
3146 else
3147 rf = 0x01;
3148 run_rt3070_rf_write(sc, 25, rf);
3149
3150 /* set rx_lo2 */
3151 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87);
3152 /* set ldo_rf_vc */
3153 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01);
3154 /* set drv_cc */
3155 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f);
3156
3157 run_read(sc, RT2860_GPIO_CTRL, &tmp);
3158 tmp &= ~0x8080;
3159 if (chan <= 14)
3160 tmp |= 0x80;
3161 run_write(sc, RT2860_GPIO_CTRL, tmp);
3162
3163 /* enable RF tuning */
3164 run_rt3070_rf_read(sc, 7, &rf);
3165 run_rt3070_rf_write(sc, 7, rf | 0x01);
3166
3167 DELAY(2000);
3168 }
3169
3170 void
run_rt3593_set_chan(struct run_softc * sc,u_int chan)3171 run_rt3593_set_chan(struct run_softc *sc, u_int chan)
3172 {
3173 int8_t txpow1, txpow2, txpow3;
3174 uint8_t h20mhz, rf;
3175 int i;
3176
3177 /* find the settings for this channel (we know it exists) */
3178 for (i = 0; rt2860_rf2850[i].chan != chan; i++)
3179 ;
3180
3181 /* use Tx power values from EEPROM */
3182 txpow1 = sc->txpow1[i];
3183 txpow2 = sc->txpow2[i];
3184 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0;
3185
3186 if (chan <= 14) {
3187 run_bbp_write(sc, 25, sc->bbp25);
3188 run_bbp_write(sc, 26, sc->bbp26);
3189 } else {
3190 /* Enable IQ phase correction. */
3191 run_bbp_write(sc, 25, 0x09);
3192 run_bbp_write(sc, 26, 0xff);
3193 }
3194
3195 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n);
3196 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f);
3197 run_rt3070_rf_read(sc, 11, &rf);
3198 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03);
3199 run_rt3070_rf_write(sc, 11, rf);
3200
3201 /* Set pll_idoh. */
3202 run_rt3070_rf_read(sc, 11, &rf);
3203 rf &= ~0x4c;
3204 rf |= (chan <= 14) ? 0x44 : 0x48;
3205 run_rt3070_rf_write(sc, 11, rf);
3206
3207 if (chan <= 14)
3208 rf = txpow1 & 0x1f;
3209 else
3210 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07);
3211 run_rt3070_rf_write(sc, 53, rf);
3212
3213 if (chan <= 14)
3214 rf = txpow2 & 0x1f;
3215 else
3216 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07);
3217 run_rt3070_rf_write(sc, 55, rf);
3218
3219 if (chan <= 14)
3220 rf = txpow3 & 0x1f;
3221 else
3222 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07);
3223 run_rt3070_rf_write(sc, 54, rf);
3224
3225 rf = RT3070_RF_BLOCK | RT3070_PLL_PD;
3226 if (sc->ntxchains == 3)
3227 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD;
3228 else
3229 rf |= RT3070_TX0_PD | RT3070_TX1_PD;
3230 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD;
3231 run_rt3070_rf_write(sc, 1, rf);
3232
3233 run_adjust_freq_offset(sc);
3234
3235 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80);
3236
3237 h20mhz = (sc->rf24_20mhz & 0x20) >> 5;
3238 run_rt3070_rf_read(sc, 30, &rf);
3239 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2);
3240 run_rt3070_rf_write(sc, 30, rf);
3241
3242 run_rt3070_rf_read(sc, 36, &rf);
3243 if (chan <= 14)
3244 rf |= 0x80;
3245 else
3246 rf &= ~0x80;
3247 run_rt3070_rf_write(sc, 36, rf);
3248
3249 /* Set vcolo_bs. */
3250 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20);
3251 /* Set pfd_delay. */
3252 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12);
3253
3254 /* Set vco bias current control. */
3255 run_rt3070_rf_read(sc, 6, &rf);
3256 rf &= ~0xc0;
3257 if (chan <= 14)
3258 rf |= 0x40;
3259 else if (chan <= 128)
3260 rf |= 0x80;
3261 else
3262 rf |= 0x40;
3263 run_rt3070_rf_write(sc, 6, rf);
3264
3265 run_rt3070_rf_read(sc, 30, &rf);
3266 rf = (rf & ~0x18) | 0x10;
3267 run_rt3070_rf_write(sc, 30, rf);
3268
3269 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8);
3270 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23);
3271
3272 run_rt3070_rf_read(sc, 51, &rf);
3273 rf = (rf & ~0x03) | 0x01;
3274 run_rt3070_rf_write(sc, 51, rf);
3275 /* Set tx_mx1_cc. */
3276 run_rt3070_rf_read(sc, 51, &rf);
3277 rf &= ~0x1c;
3278 rf |= (chan <= 14) ? 0x14 : 0x10;
3279 run_rt3070_rf_write(sc, 51, rf);
3280 /* Set tx_mx1_ic. */
3281 run_rt3070_rf_read(sc, 51, &rf);
3282 rf &= ~0xe0;
3283 rf |= (chan <= 14) ? 0x60 : 0x40;
3284 run_rt3070_rf_write(sc, 51, rf);
3285 /* Set tx_lo1_ic. */
3286 run_rt3070_rf_read(sc, 49, &rf);
3287 rf &= ~0x1c;
3288 rf |= (chan <= 14) ? 0x0c : 0x08;
3289 run_rt3070_rf_write(sc, 49, rf);
3290 /* Set tx_lo1_en. */
3291 run_rt3070_rf_read(sc, 50, &rf);
3292 run_rt3070_rf_write(sc, 50, rf & ~0x20);
3293 /* Set drv_cc. */
3294 run_rt3070_rf_read(sc, 57, &rf);
3295 rf &= ~0xfc;
3296 rf |= (chan <= 14) ? 0x6c : 0x3c;
3297 run_rt3070_rf_write(sc, 57, rf);
3298 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */
3299 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b);
3300 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */
3301 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05);
3302 /* Enable VCO calibration. */
3303 run_rt3070_rf_read(sc, 3, &rf);
3304 rf &= ~RT3593_VCOCAL;
3305 rf |= (chan <= 14) ? RT3593_VCOCAL : 0xbe;
3306 run_rt3070_rf_write(sc, 3, rf);
3307
3308 if (chan <= 14)
3309 rf = 0x23;
3310 else if (chan <= 64)
3311 rf = 0x36;
3312 else if (chan <= 128)
3313 rf = 0x32;
3314 else
3315 rf = 0x30;
3316 run_rt3070_rf_write(sc, 39, rf);
3317 if (chan <= 14)
3318 rf = 0xbb;
3319 else if (chan <= 64)
3320 rf = 0xeb;
3321 else if (chan <= 128)
3322 rf = 0xb3;
3323 else
3324 rf = 0x9b;
3325 run_rt3070_rf_write(sc, 45, rf);
3326
3327 /* Set FEQ/AEQ control. */
3328 run_bbp_write(sc, 105, 0x34);
3329 }
3330
3331 void
run_rt5390_set_chan(struct run_softc * sc,u_int chan)3332 run_rt5390_set_chan(struct run_softc *sc, u_int chan)
3333 {
3334 int8_t txpow1, txpow2;
3335 uint8_t rf;
3336 int i;
3337
3338 /* find the settings for this channel (we know it exists) */
3339 for (i = 0; rt2860_rf2850[i].chan != chan; i++)
3340 ;
3341
3342 /* use Tx power values from EEPROM */
3343 txpow1 = sc->txpow1[i];
3344 txpow2 = sc->txpow2[i];
3345
3346 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n);
3347 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f);
3348 run_rt3070_rf_read(sc, 11, &rf);
3349 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03);
3350 run_rt3070_rf_write(sc, 11, rf);
3351
3352 run_rt3070_rf_read(sc, 49, &rf);
3353 rf = (rf & ~0x3f) | (txpow1 & 0x3f);
3354 /* The valid range of the RF R49 is 0x00 to 0x27. */
3355 if ((rf & 0x3f) > 0x27)
3356 rf = (rf & ~0x3f) | 0x27;
3357 run_rt3070_rf_write(sc, 49, rf);
3358
3359 if (sc->mac_ver == 0x5392) {
3360 run_rt3070_rf_read(sc, 50, &rf);
3361 rf = (rf & ~0x3f) | (txpow2 & 0x3f);
3362 /* The valid range of the RF R50 is 0x00 to 0x27. */
3363 if ((rf & 0x3f) > 0x27)
3364 rf = (rf & ~0x3f) | 0x27;
3365 run_rt3070_rf_write(sc, 50, rf);
3366 }
3367
3368 run_rt3070_rf_read(sc, 1, &rf);
3369 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD;
3370 if (sc->mac_ver == 0x5392)
3371 rf |= RT3070_RX1_PD | RT3070_TX1_PD;
3372 run_rt3070_rf_write(sc, 1, rf);
3373
3374 if (sc->mac_ver != 0x5392) {
3375 run_rt3070_rf_read(sc, 2, &rf);
3376 rf |= 0x80;
3377 run_rt3070_rf_write(sc, 2, rf);
3378 DELAY(10);
3379 rf &= 0x7f;
3380 run_rt3070_rf_write(sc, 2, rf);
3381 }
3382
3383 run_adjust_freq_offset(sc);
3384
3385 if (sc->mac_ver == 0x5392) {
3386 /* Fix for RT5392C. */
3387 if (sc->mac_rev >= 0x0223) {
3388 if (chan <= 4)
3389 rf = 0x0f;
3390 else if (chan >= 5 && chan <= 7)
3391 rf = 0x0e;
3392 else
3393 rf = 0x0d;
3394 run_rt3070_rf_write(sc, 23, rf);
3395
3396 if (chan <= 4)
3397 rf = 0x0c;
3398 else if (chan == 5)
3399 rf = 0x0b;
3400 else if (chan >= 6 && chan <= 7)
3401 rf = 0x0a;
3402 else if (chan >= 8 && chan <= 10)
3403 rf = 0x09;
3404 else
3405 rf = 0x08;
3406 run_rt3070_rf_write(sc, 59, rf);
3407 } else {
3408 if (chan <= 11)
3409 rf = 0x0f;
3410 else
3411 rf = 0x0b;
3412 run_rt3070_rf_write(sc, 59, rf);
3413 }
3414 } else {
3415 /* Fix for RT5390F. */
3416 if (sc->mac_rev >= 0x0502) {
3417 if (chan <= 11)
3418 rf = 0x43;
3419 else
3420 rf = 0x23;
3421 run_rt3070_rf_write(sc, 55, rf);
3422
3423 if (chan <= 11)
3424 rf = 0x0f;
3425 else if (chan == 12)
3426 rf = 0x0d;
3427 else
3428 rf = 0x0b;
3429 run_rt3070_rf_write(sc, 59, rf);
3430 } else {
3431 run_rt3070_rf_write(sc, 55, 0x44);
3432 run_rt3070_rf_write(sc, 59, 0x8f);
3433 }
3434 }
3435
3436 /* Enable VCO calibration. */
3437 run_rt3070_rf_read(sc, 3, &rf);
3438 rf |= RT3593_VCOCAL;
3439 run_rt3070_rf_write(sc, 3, rf);
3440 }
3441
3442 void
run_rt5592_set_chan(struct run_softc * sc,u_int chan)3443 run_rt5592_set_chan(struct run_softc *sc, u_int chan)
3444 {
3445 const struct rt5592_freqs *freqs;
3446 uint32_t tmp;
3447 uint8_t reg, rf, txpow_bound;
3448 int8_t txpow1, txpow2;
3449 int i;
3450
3451 run_read(sc, RT5592_DEBUG_INDEX, &tmp);
3452 freqs = (tmp & RT5592_SEL_XTAL) ?
3453 rt5592_freqs_40mhz : rt5592_freqs_20mhz;
3454
3455 /* find the settings for this channel (we know it exists) */
3456 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++)
3457 ;
3458
3459 /* use Tx power values from EEPROM */
3460 txpow1 = sc->txpow1[i];
3461 txpow2 = sc->txpow2[i];
3462
3463 run_read(sc, RT3070_LDO_CFG0, &tmp);
3464 tmp &= ~0x1c000000;
3465 if (chan > 14)
3466 tmp |= 0x14000000;
3467 run_write(sc, RT3070_LDO_CFG0, tmp);
3468
3469 /* N setting. */
3470 run_rt3070_rf_write(sc, 8, freqs->n & 0xff);
3471 run_rt3070_rf_read(sc, 9, &rf);
3472 rf &= ~(1 << 4);
3473 rf |= ((freqs->n & 0x0100) >> 8) << 4;
3474 run_rt3070_rf_write(sc, 9, rf);
3475
3476 /* K setting. */
3477 run_rt3070_rf_read(sc, 9, &rf);
3478 rf &= ~0x0f;
3479 rf |= (freqs->k & 0x0f);
3480 run_rt3070_rf_write(sc, 9, rf);
3481
3482 /* Mode setting. */
3483 run_rt3070_rf_read(sc, 11, &rf);
3484 rf &= ~0x0c;
3485 rf |= ((freqs->m - 0x8) & 0x3) << 2;
3486 run_rt3070_rf_write(sc, 11, rf);
3487 run_rt3070_rf_read(sc, 9, &rf);
3488 rf &= ~(1 << 7);
3489 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7;
3490 run_rt3070_rf_write(sc, 9, rf);
3491
3492 /* R setting. */
3493 run_rt3070_rf_read(sc, 11, &rf);
3494 rf &= ~0x03;
3495 rf |= (freqs->r - 0x1);
3496 run_rt3070_rf_write(sc, 11, rf);
3497
3498 if (chan <= 14) {
3499 /* Initialize RF registers for 2GHZ. */
3500 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) {
3501 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg,
3502 rt5592_2ghz_def_rf[i].val);
3503 }
3504
3505 rf = (chan <= 10) ? 0x07 : 0x06;
3506 run_rt3070_rf_write(sc, 23, rf);
3507 run_rt3070_rf_write(sc, 59, rf);
3508
3509 run_rt3070_rf_write(sc, 55, 0x43);
3510
3511 /*
3512 * RF R49/R50 Tx power ALC code.
3513 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27.
3514 */
3515 reg = 2;
3516 txpow_bound = 0x27;
3517 } else {
3518 /* Initialize RF registers for 5GHZ. */
3519 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) {
3520 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg,
3521 rt5592_5ghz_def_rf[i].val);
3522 }
3523 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) {
3524 if (chan >= rt5592_chan_5ghz[i].firstchan &&
3525 chan <= rt5592_chan_5ghz[i].lastchan) {
3526 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg,
3527 rt5592_chan_5ghz[i].val);
3528 }
3529 }
3530
3531 /*
3532 * RF R49/R50 Tx power ALC code.
3533 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b.
3534 */
3535 reg = 3;
3536 txpow_bound = 0x2b;
3537 }
3538
3539 /* RF R49 ch0 Tx power ALC code. */
3540 run_rt3070_rf_read(sc, 49, &rf);
3541 rf &= ~0xc0;
3542 rf |= (reg << 6);
3543 rf = (rf & ~0x3f) | (txpow1 & 0x3f);
3544 if ((rf & 0x3f) > txpow_bound)
3545 rf = (rf & ~0x3f) | txpow_bound;
3546 run_rt3070_rf_write(sc, 49, rf);
3547
3548 /* RF R50 ch1 Tx power ALC code. */
3549 run_rt3070_rf_read(sc, 50, &rf);
3550 rf &= ~(1 << 7 | 1 << 6);
3551 rf |= (reg << 6);
3552 rf = (rf & ~0x3f) | (txpow2 & 0x3f);
3553 if ((rf & 0x3f) > txpow_bound)
3554 rf = (rf & ~0x3f) | txpow_bound;
3555 run_rt3070_rf_write(sc, 50, rf);
3556
3557 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */
3558 run_rt3070_rf_read(sc, 1, &rf);
3559 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD);
3560 if (sc->ntxchains > 1)
3561 rf |= RT3070_TX1_PD;
3562 if (sc->nrxchains > 1)
3563 rf |= RT3070_RX1_PD;
3564 run_rt3070_rf_write(sc, 1, rf);
3565
3566 run_rt3070_rf_write(sc, 6, 0xe4);
3567
3568 run_rt3070_rf_write(sc, 30, 0x10);
3569 run_rt3070_rf_write(sc, 31, 0x80);
3570 run_rt3070_rf_write(sc, 32, 0x80);
3571
3572 run_adjust_freq_offset(sc);
3573
3574 /* Enable VCO calibration. */
3575 run_rt3070_rf_read(sc, 3, &rf);
3576 rf |= RT3593_VCOCAL;
3577 run_rt3070_rf_write(sc, 3, rf);
3578 }
3579
3580 void
run_set_agc(struct run_softc * sc,uint8_t agc)3581 run_set_agc(struct run_softc *sc, uint8_t agc)
3582 {
3583 uint8_t bbp;
3584
3585 if (sc->mac_ver == 0x3572) {
3586 run_bbp_read(sc, 27, &bbp);
3587 bbp &= ~(0x3 << 5);
3588 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */
3589 run_bbp_write(sc, 66, agc);
3590 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */
3591 run_bbp_write(sc, 66, agc);
3592 } else
3593 run_bbp_write(sc, 66, agc);
3594 }
3595
3596 void
run_set_rx_antenna(struct run_softc * sc,int aux)3597 run_set_rx_antenna(struct run_softc *sc, int aux)
3598 {
3599 uint32_t tmp;
3600 uint8_t bbp152;
3601
3602 if (aux) {
3603 if (sc->rf_rev == RT5390_RF_5370) {
3604 run_bbp_read(sc, 152, &bbp152);
3605 run_bbp_write(sc, 152, bbp152 & ~0x80);
3606 } else {
3607 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0);
3608 run_read(sc, RT2860_GPIO_CTRL, &tmp);
3609 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08);
3610 }
3611 } else {
3612 if (sc->rf_rev == RT5390_RF_5370) {
3613 run_bbp_read(sc, 152, &bbp152);
3614 run_bbp_write(sc, 152, bbp152 | 0x80);
3615 } else {
3616 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1);
3617 run_read(sc, RT2860_GPIO_CTRL, &tmp);
3618 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808);
3619 }
3620 }
3621 }
3622
3623 int
run_set_chan(struct run_softc * sc,struct ieee80211_channel * c)3624 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c)
3625 {
3626 struct ieee80211com *ic = &sc->sc_ic;
3627 u_int chan, group;
3628
3629 chan = ieee80211_chan2ieee(ic, c);
3630 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
3631 return EINVAL;
3632
3633 if (sc->mac_ver == 0x5592)
3634 run_rt5592_set_chan(sc, chan);
3635 else if (sc->mac_ver >= 0x5390)
3636 run_rt5390_set_chan(sc, chan);
3637 else if (sc->mac_ver == 0x3593)
3638 run_rt3593_set_chan(sc, chan);
3639 else if (sc->mac_ver == 0x3572)
3640 run_rt3572_set_chan(sc, chan);
3641 else if (sc->mac_ver >= 0x3070)
3642 run_rt3070_set_chan(sc, chan);
3643 else
3644 run_rt2870_set_chan(sc, chan);
3645
3646 /* determine channel group */
3647 if (chan <= 14)
3648 group = 0;
3649 else if (chan <= 64)
3650 group = 1;
3651 else if (chan <= 128)
3652 group = 2;
3653 else
3654 group = 3;
3655
3656 /* XXX necessary only when group has changed! */
3657 run_select_chan_group(sc, group);
3658
3659 DELAY(1000);
3660
3661 /* Perform IQ calibration. */
3662 if (sc->mac_ver >= 0x5392)
3663 run_iq_calib(sc, chan);
3664
3665 return 0;
3666 }
3667
3668 void
run_enable_tsf_sync(struct run_softc * sc)3669 run_enable_tsf_sync(struct run_softc *sc)
3670 {
3671 struct ieee80211com *ic = &sc->sc_ic;
3672 uint32_t tmp;
3673
3674 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
3675 tmp &= ~0x1fffff;
3676 tmp |= ic->ic_bss->ni_intval * 16;
3677 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN;
3678 /* local TSF is always updated with remote TSF on beacon reception */
3679 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT;
3680 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
3681 }
3682
3683 void
run_enable_mrr(struct run_softc * sc)3684 run_enable_mrr(struct run_softc *sc)
3685 {
3686 #define CCK(mcs) (mcs)
3687 #define OFDM(mcs) (1 << 3 | (mcs))
3688 run_write(sc, RT2860_LG_FBK_CFG0,
3689 OFDM(6) << 28 | /* 54->48 */
3690 OFDM(5) << 24 | /* 48->36 */
3691 OFDM(4) << 20 | /* 36->24 */
3692 OFDM(3) << 16 | /* 24->18 */
3693 OFDM(2) << 12 | /* 18->12 */
3694 OFDM(1) << 8 | /* 12-> 9 */
3695 OFDM(0) << 4 | /* 9-> 6 */
3696 OFDM(0)); /* 6-> 6 */
3697
3698 run_write(sc, RT2860_LG_FBK_CFG1,
3699 CCK(2) << 12 | /* 11->5.5 */
3700 CCK(1) << 8 | /* 5.5-> 2 */
3701 CCK(0) << 4 | /* 2-> 1 */
3702 CCK(0)); /* 1-> 1 */
3703 #undef OFDM
3704 #undef CCK
3705 }
3706
3707 void
run_set_txpreamble(struct run_softc * sc)3708 run_set_txpreamble(struct run_softc *sc)
3709 {
3710 uint32_t tmp;
3711
3712 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp);
3713 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE)
3714 tmp |= RT2860_CCK_SHORT_EN;
3715 else
3716 tmp &= ~RT2860_CCK_SHORT_EN;
3717 run_write(sc, RT2860_AUTO_RSP_CFG, tmp);
3718 }
3719
3720 void
run_set_basicrates(struct run_softc * sc)3721 run_set_basicrates(struct run_softc *sc)
3722 {
3723 struct ieee80211com *ic = &sc->sc_ic;
3724
3725 /* set basic rates mask */
3726 if (ic->ic_curmode == IEEE80211_MODE_11B)
3727 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003);
3728 else if (ic->ic_curmode == IEEE80211_MODE_11A)
3729 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150);
3730 else /* 11g */
3731 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f);
3732 }
3733
3734 void
run_set_leds(struct run_softc * sc,uint16_t which)3735 run_set_leds(struct run_softc *sc, uint16_t which)
3736 {
3737 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS,
3738 which | (sc->leds & 0x7f));
3739 }
3740
3741 void
run_set_bssid(struct run_softc * sc,const uint8_t * bssid)3742 run_set_bssid(struct run_softc *sc, const uint8_t *bssid)
3743 {
3744 run_write(sc, RT2860_MAC_BSSID_DW0,
3745 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24);
3746 run_write(sc, RT2860_MAC_BSSID_DW1,
3747 bssid[4] | bssid[5] << 8);
3748 }
3749
3750 void
run_set_macaddr(struct run_softc * sc,const uint8_t * addr)3751 run_set_macaddr(struct run_softc *sc, const uint8_t *addr)
3752 {
3753 run_write(sc, RT2860_MAC_ADDR_DW0,
3754 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24);
3755 run_write(sc, RT2860_MAC_ADDR_DW1,
3756 addr[4] | addr[5] << 8 | 0xff << 16);
3757 }
3758
3759 void
run_updateslot(struct ieee80211com * ic)3760 run_updateslot(struct ieee80211com *ic)
3761 {
3762 /* do it in a process context */
3763 run_do_async(ic->ic_softc, run_updateslot_cb, NULL, 0);
3764 }
3765
3766 void
run_updateslot_cb(struct run_softc * sc,void * arg)3767 run_updateslot_cb(struct run_softc *sc, void *arg)
3768 {
3769 uint32_t tmp;
3770
3771 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp);
3772 tmp &= ~0xff;
3773 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ?
3774 IEEE80211_DUR_DS_SHSLOT : IEEE80211_DUR_DS_SLOT;
3775 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp);
3776 }
3777
3778 #if NBPFILTER > 0
3779 int8_t
run_rssi2dbm(struct run_softc * sc,uint8_t rssi,uint8_t rxchain)3780 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain)
3781 {
3782 struct ieee80211com *ic = &sc->sc_ic;
3783 struct ieee80211_channel *c = ic->ic_ibss_chan;
3784 int delta;
3785
3786 if (IEEE80211_IS_CHAN_5GHZ(c)) {
3787 u_int chan = ieee80211_chan2ieee(ic, c);
3788 delta = sc->rssi_5ghz[rxchain];
3789
3790 /* determine channel group */
3791 if (chan <= 64)
3792 delta -= sc->lna[1];
3793 else if (chan <= 128)
3794 delta -= sc->lna[2];
3795 else
3796 delta -= sc->lna[3];
3797 } else
3798 delta = sc->rssi_2ghz[rxchain] - sc->lna[0];
3799
3800 return -12 - delta - rssi;
3801 }
3802 #endif
3803
3804 void
run_rt5390_bbp_init(struct run_softc * sc)3805 run_rt5390_bbp_init(struct run_softc *sc)
3806 {
3807 int i;
3808 uint8_t bbp;
3809
3810 /* Apply maximum likelihood detection for 2 stream case. */
3811 run_bbp_read(sc, 105, &bbp);
3812 if (sc->nrxchains > 1)
3813 run_bbp_write(sc, 105, bbp | RT5390_MLD);
3814
3815 /* Avoid data lost and CRC error. */
3816 run_bbp_read(sc, 4, &bbp);
3817 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
3818
3819 if (sc->mac_ver == 0x5592) {
3820 for (i = 0; i < nitems(rt5592_def_bbp); i++) {
3821 run_bbp_write(sc, rt5592_def_bbp[i].reg,
3822 rt5592_def_bbp[i].val);
3823 }
3824 for (i = 0; i < nitems(rt5592_bbp_r196); i++) {
3825 run_bbp_write(sc, 195, i + 0x80);
3826 run_bbp_write(sc, 196, rt5592_bbp_r196[i]);
3827 }
3828 } else {
3829 for (i = 0; i < nitems(rt5390_def_bbp); i++) {
3830 run_bbp_write(sc, rt5390_def_bbp[i].reg,
3831 rt5390_def_bbp[i].val);
3832 }
3833 }
3834 if (sc->mac_ver == 0x5392) {
3835 run_bbp_write(sc, 88, 0x90);
3836 run_bbp_write(sc, 95, 0x9a);
3837 run_bbp_write(sc, 98, 0x12);
3838 run_bbp_write(sc, 106, 0x12);
3839 run_bbp_write(sc, 134, 0xd0);
3840 run_bbp_write(sc, 135, 0xf6);
3841 run_bbp_write(sc, 148, 0x84);
3842 }
3843
3844 run_bbp_read(sc, 152, &bbp);
3845 run_bbp_write(sc, 152, bbp | 0x80);
3846
3847 /* Fix BBP254 for RT5592C. */
3848 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) {
3849 run_bbp_read(sc, 254, &bbp);
3850 run_bbp_write(sc, 254, bbp | 0x80);
3851 }
3852
3853 /* Disable hardware antenna diversity. */
3854 if (sc->mac_ver == 0x5390)
3855 run_bbp_write(sc, 154, 0);
3856
3857 /* Initialize Rx CCK/OFDM frequency offset report. */
3858 run_bbp_write(sc, 142, 1);
3859 run_bbp_write(sc, 143, 57);
3860 }
3861
3862 int
run_bbp_init(struct run_softc * sc)3863 run_bbp_init(struct run_softc *sc)
3864 {
3865 int i, error, ntries;
3866 uint8_t bbp0;
3867
3868 /* wait for BBP to wake up */
3869 for (ntries = 0; ntries < 20; ntries++) {
3870 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0)
3871 return error;
3872 if (bbp0 != 0 && bbp0 != 0xff)
3873 break;
3874 }
3875 if (ntries == 20)
3876 return ETIMEDOUT;
3877
3878 /* initialize BBP registers to default values */
3879 if (sc->mac_ver >= 0x5390)
3880 run_rt5390_bbp_init(sc);
3881 else {
3882 for (i = 0; i < nitems(rt2860_def_bbp); i++) {
3883 run_bbp_write(sc, rt2860_def_bbp[i].reg,
3884 rt2860_def_bbp[i].val);
3885 }
3886 }
3887
3888 if (sc->mac_ver == 0x3593) {
3889 run_bbp_write(sc, 79, 0x13);
3890 run_bbp_write(sc, 80, 0x05);
3891 run_bbp_write(sc, 81, 0x33);
3892 run_bbp_write(sc, 86, 0x46);
3893 run_bbp_write(sc, 137, 0x0f);
3894 }
3895
3896 /* fix BBP84 for RT2860E */
3897 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101)
3898 run_bbp_write(sc, 84, 0x19);
3899
3900 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 &&
3901 sc->mac_ver != 0x5592)) {
3902 run_bbp_write(sc, 79, 0x13);
3903 run_bbp_write(sc, 80, 0x05);
3904 run_bbp_write(sc, 81, 0x33);
3905 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) {
3906 run_bbp_write(sc, 69, 0x16);
3907 run_bbp_write(sc, 73, 0x12);
3908 }
3909 return 0;
3910 }
3911
3912 int
run_rt3070_rf_init(struct run_softc * sc)3913 run_rt3070_rf_init(struct run_softc *sc)
3914 {
3915 uint32_t tmp;
3916 uint8_t bbp4, mingain, rf, target;
3917 int i;
3918
3919 run_rt3070_rf_read(sc, 30, &rf);
3920 /* toggle RF R30 bit 7 */
3921 run_rt3070_rf_write(sc, 30, rf | 0x80);
3922 DELAY(1000);
3923 run_rt3070_rf_write(sc, 30, rf & ~0x80);
3924
3925 /* initialize RF registers to default value */
3926 if (sc->mac_ver == 0x3572) {
3927 for (i = 0; i < nitems(rt3572_def_rf); i++) {
3928 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg,
3929 rt3572_def_rf[i].val);
3930 }
3931 } else {
3932 for (i = 0; i < nitems(rt3070_def_rf); i++) {
3933 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg,
3934 rt3070_def_rf[i].val);
3935 }
3936 }
3937 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) {
3938 /*
3939 * Change voltage from 1.2V to 1.35V for RT3070.
3940 * The DAC issue (RT3070_LDO_CFG0) has been fixed
3941 * in RT3070(F).
3942 */
3943 run_read(sc, RT3070_LDO_CFG0, &tmp);
3944 tmp = (tmp & ~0x0f000000) | 0x0d000000;
3945 run_write(sc, RT3070_LDO_CFG0, tmp);
3946
3947 } else if (sc->mac_ver == 0x3071) {
3948 run_rt3070_rf_read(sc, 6, &rf);
3949 run_rt3070_rf_write(sc, 6, rf | 0x40);
3950 run_rt3070_rf_write(sc, 31, 0x14);
3951
3952 run_read(sc, RT3070_LDO_CFG0, &tmp);
3953 tmp &= ~0x1f000000;
3954 if (sc->mac_rev < 0x0211)
3955 tmp |= 0x0d000000; /* 1.35V */
3956 else
3957 tmp |= 0x01000000; /* 1.2V */
3958 run_write(sc, RT3070_LDO_CFG0, tmp);
3959
3960 /* patch LNA_PE_G1 */
3961 run_read(sc, RT3070_GPIO_SWITCH, &tmp);
3962 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20);
3963
3964 } else if (sc->mac_ver == 0x3572) {
3965 run_rt3070_rf_read(sc, 6, &rf);
3966 run_rt3070_rf_write(sc, 6, rf | 0x40);
3967 /* increase voltage from 1.2V to 1.35V */
3968 run_read(sc, RT3070_LDO_CFG0, &tmp);
3969 tmp = (tmp & ~0x1f000000) | 0x0d000000;
3970 run_write(sc, RT3070_LDO_CFG0, tmp);
3971
3972 if (sc->mac_rev < 0x0211 || !sc->patch_dac) {
3973 DELAY(1); /* wait for 1msec */
3974 /* decrease voltage back to 1.2V */
3975 tmp = (tmp & ~0x1f000000) | 0x01000000;
3976 run_write(sc, RT3070_LDO_CFG0, tmp);
3977 }
3978 }
3979
3980 /* select 20MHz bandwidth */
3981 run_rt3070_rf_read(sc, 31, &rf);
3982 run_rt3070_rf_write(sc, 31, rf & ~0x20);
3983
3984 /* calibrate filter for 20MHz bandwidth */
3985 sc->rf24_20mhz = 0x1f; /* default value */
3986 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13;
3987 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz);
3988
3989 /* select 40MHz bandwidth */
3990 run_bbp_read(sc, 4, &bbp4);
3991 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10);
3992 run_rt3070_rf_read(sc, 31, &rf);
3993 run_rt3070_rf_write(sc, 31, rf | 0x20);
3994
3995 /* calibrate filter for 40MHz bandwidth */
3996 sc->rf24_40mhz = 0x2f; /* default value */
3997 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15;
3998 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz);
3999
4000 /* go back to 20MHz bandwidth */
4001 run_bbp_read(sc, 4, &bbp4);
4002 run_bbp_write(sc, 4, bbp4 & ~0x18);
4003
4004 if (sc->mac_ver == 0x3572) {
4005 /* save default BBP registers 25 and 26 values */
4006 run_bbp_read(sc, 25, &sc->bbp25);
4007 run_bbp_read(sc, 26, &sc->bbp26);
4008
4009 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211)
4010 run_rt3070_rf_write(sc, 27, 0x03);
4011
4012 run_read(sc, RT3070_OPT_14, &tmp);
4013 run_write(sc, RT3070_OPT_14, tmp | 1);
4014
4015 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) {
4016 run_rt3070_rf_read(sc, 17, &rf);
4017 rf &= ~RT3070_TX_LO1;
4018 if ((sc->mac_ver == 0x3070 ||
4019 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) &&
4020 !sc->ext_2ghz_lna)
4021 rf |= 0x20; /* fix for long range Rx issue */
4022 mingain = (sc->mac_ver == 0x3070) ? 1 : 2;
4023 if (sc->txmixgain_2ghz >= mingain)
4024 rf = (rf & ~0x7) | sc->txmixgain_2ghz;
4025 run_rt3070_rf_write(sc, 17, rf);
4026 }
4027 if (sc->mac_ver == 0x3071) {
4028 run_rt3070_rf_read(sc, 1, &rf);
4029 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD);
4030 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD;
4031 run_rt3070_rf_write(sc, 1, rf);
4032
4033 run_rt3070_rf_read(sc, 15, &rf);
4034 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2);
4035
4036 run_rt3070_rf_read(sc, 20, &rf);
4037 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1);
4038
4039 run_rt3070_rf_read(sc, 21, &rf);
4040 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2);
4041 }
4042 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) {
4043 /* fix Tx to Rx IQ glitch by raising RF voltage */
4044 run_rt3070_rf_read(sc, 27, &rf);
4045 rf &= ~0x77;
4046 if (sc->mac_rev < 0x0211)
4047 rf |= 0x03;
4048 run_rt3070_rf_write(sc, 27, rf);
4049 }
4050 return 0;
4051 }
4052
4053 void
run_rt3593_rf_init(struct run_softc * sc)4054 run_rt3593_rf_init(struct run_softc *sc)
4055 {
4056 uint32_t tmp;
4057 uint8_t rf;
4058 int i;
4059
4060 /* Disable the GPIO bits 4 and 7 for LNA PE control. */
4061 run_read(sc, RT3070_GPIO_SWITCH, &tmp);
4062 tmp &= ~(1 << 4 | 1 << 7);
4063 run_write(sc, RT3070_GPIO_SWITCH, tmp);
4064
4065 /* Initialize RF registers to default value. */
4066 for (i = 0; i < nitems(rt3593_def_rf); i++) {
4067 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg,
4068 rt3593_def_rf[i].val);
4069 }
4070
4071 /* Toggle RF R2 to initiate calibration. */
4072 run_rt3070_rf_write(sc, 2, RT3593_RESCAL);
4073
4074 /* Initialize RF frequency offset. */
4075 run_adjust_freq_offset(sc);
4076
4077 run_rt3070_rf_read(sc, 18, &rf);
4078 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS);
4079
4080 /*
4081 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to
4082 * decrease voltage back to 1.2V.
4083 */
4084 run_read(sc, RT3070_LDO_CFG0, &tmp);
4085 tmp = (tmp & ~0x1f000000) | 0x0d000000;
4086 run_write(sc, RT3070_LDO_CFG0, tmp);
4087 DELAY(1);
4088 tmp = (tmp & ~0x1f000000) | 0x01000000;
4089 run_write(sc, RT3070_LDO_CFG0, tmp);
4090
4091 sc->rf24_20mhz = 0x1f;
4092 sc->rf24_40mhz = 0x2f;
4093
4094 /* Save default BBP registers 25 and 26 values. */
4095 run_bbp_read(sc, 25, &sc->bbp25);
4096 run_bbp_read(sc, 26, &sc->bbp26);
4097
4098 run_read(sc, RT3070_OPT_14, &tmp);
4099 run_write(sc, RT3070_OPT_14, tmp | 1);
4100 }
4101
4102 void
run_rt5390_rf_init(struct run_softc * sc)4103 run_rt5390_rf_init(struct run_softc *sc)
4104 {
4105 uint32_t tmp;
4106 uint8_t rf;
4107 int i;
4108
4109 /* Toggle RF R2 to initiate calibration. */
4110 if (sc->mac_ver == 0x5390) {
4111 run_rt3070_rf_read(sc, 2, &rf);
4112 run_rt3070_rf_write(sc, 2, rf | RT3593_RESCAL);
4113 DELAY(10);
4114 run_rt3070_rf_write(sc, 2, rf & ~RT3593_RESCAL);
4115 } else {
4116 run_rt3070_rf_write(sc, 2, RT3593_RESCAL);
4117 DELAY(10);
4118 }
4119
4120 /* Initialize RF registers to default value. */
4121 if (sc->mac_ver == 0x5592) {
4122 for (i = 0; i < nitems(rt5592_def_rf); i++) {
4123 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg,
4124 rt5592_def_rf[i].val);
4125 }
4126 /* Initialize RF frequency offset. */
4127 run_adjust_freq_offset(sc);
4128 } else if (sc->mac_ver == 0x5392) {
4129 for (i = 0; i < nitems(rt5392_def_rf); i++) {
4130 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg,
4131 rt5392_def_rf[i].val);
4132 }
4133 if (sc->mac_rev >= 0x0223) {
4134 run_rt3070_rf_write(sc, 23, 0x0f);
4135 run_rt3070_rf_write(sc, 24, 0x3e);
4136 run_rt3070_rf_write(sc, 51, 0x32);
4137 run_rt3070_rf_write(sc, 53, 0x22);
4138 run_rt3070_rf_write(sc, 56, 0xc1);
4139 run_rt3070_rf_write(sc, 59, 0x0f);
4140 }
4141 } else {
4142 for (i = 0; i < nitems(rt5390_def_rf); i++) {
4143 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg,
4144 rt5390_def_rf[i].val);
4145 }
4146 if (sc->mac_rev >= 0x0502) {
4147 run_rt3070_rf_write(sc, 6, 0xe0);
4148 run_rt3070_rf_write(sc, 25, 0x80);
4149 run_rt3070_rf_write(sc, 46, 0x73);
4150 run_rt3070_rf_write(sc, 53, 0x00);
4151 run_rt3070_rf_write(sc, 56, 0x42);
4152 run_rt3070_rf_write(sc, 61, 0xd1);
4153 }
4154 }
4155
4156 sc->rf24_20mhz = 0x1f; /* default value */
4157 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f;
4158
4159 if (sc->mac_rev < 0x0211)
4160 run_rt3070_rf_write(sc, 27, 0x3);
4161
4162 run_read(sc, RT3070_OPT_14, &tmp);
4163 run_write(sc, RT3070_OPT_14, tmp | 1);
4164 }
4165
4166 int
run_rt3070_filter_calib(struct run_softc * sc,uint8_t init,uint8_t target,uint8_t * val)4167 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target,
4168 uint8_t *val)
4169 {
4170 uint8_t rf22, rf24;
4171 uint8_t bbp55_pb, bbp55_sb, delta;
4172 int ntries;
4173
4174 /* program filter */
4175 run_rt3070_rf_read(sc, 24, &rf24);
4176 rf24 = (rf24 & 0xc0) | init; /* initial filter value */
4177 run_rt3070_rf_write(sc, 24, rf24);
4178
4179 /* enable baseband loopback mode */
4180 run_rt3070_rf_read(sc, 22, &rf22);
4181 run_rt3070_rf_write(sc, 22, rf22 | 0x01);
4182
4183 /* set power and frequency of passband test tone */
4184 run_bbp_write(sc, 24, 0x00);
4185 for (ntries = 0; ntries < 100; ntries++) {
4186 /* transmit test tone */
4187 run_bbp_write(sc, 25, 0x90);
4188 DELAY(1000);
4189 /* read received power */
4190 run_bbp_read(sc, 55, &bbp55_pb);
4191 if (bbp55_pb != 0)
4192 break;
4193 }
4194 if (ntries == 100)
4195 return ETIMEDOUT;
4196
4197 /* set power and frequency of stopband test tone */
4198 run_bbp_write(sc, 24, 0x06);
4199 for (ntries = 0; ntries < 100; ntries++) {
4200 /* transmit test tone */
4201 run_bbp_write(sc, 25, 0x90);
4202 DELAY(1000);
4203 /* read received power */
4204 run_bbp_read(sc, 55, &bbp55_sb);
4205
4206 delta = bbp55_pb - bbp55_sb;
4207 if (delta > target)
4208 break;
4209
4210 /* reprogram filter */
4211 rf24++;
4212 run_rt3070_rf_write(sc, 24, rf24);
4213 }
4214 if (ntries < 100) {
4215 if (rf24 != init)
4216 rf24--; /* backtrack */
4217 *val = rf24;
4218 run_rt3070_rf_write(sc, 24, rf24);
4219 }
4220
4221 /* restore initial state */
4222 run_bbp_write(sc, 24, 0x00);
4223
4224 /* disable baseband loopback mode */
4225 run_rt3070_rf_read(sc, 22, &rf22);
4226 run_rt3070_rf_write(sc, 22, rf22 & ~0x01);
4227
4228 return 0;
4229 }
4230
4231 void
run_rt3070_rf_setup(struct run_softc * sc)4232 run_rt3070_rf_setup(struct run_softc *sc)
4233 {
4234 uint8_t bbp, rf;
4235 int i;
4236
4237 if (sc->mac_ver == 0x3572) {
4238 /* enable DC filter */
4239 if (sc->mac_rev >= 0x0201)
4240 run_bbp_write(sc, 103, 0xc0);
4241
4242 run_bbp_read(sc, 138, &bbp);
4243 if (sc->ntxchains == 1)
4244 bbp |= 0x20; /* turn off DAC1 */
4245 if (sc->nrxchains == 1)
4246 bbp &= ~0x02; /* turn off ADC1 */
4247 run_bbp_write(sc, 138, bbp);
4248
4249 if (sc->mac_rev >= 0x0211) {
4250 /* improve power consumption */
4251 run_bbp_read(sc, 31, &bbp);
4252 run_bbp_write(sc, 31, bbp & ~0x03);
4253 }
4254
4255 run_rt3070_rf_read(sc, 16, &rf);
4256 rf = (rf & ~0x07) | sc->txmixgain_2ghz;
4257 run_rt3070_rf_write(sc, 16, rf);
4258
4259 } else if (sc->mac_ver == 0x3071) {
4260 /* enable DC filter */
4261 if (sc->mac_rev >= 0x0211) {
4262 run_bbp_write(sc, 103, 0xc0);
4263
4264 /* improve power consumption */
4265 run_bbp_read(sc, 31, &bbp);
4266 run_bbp_write(sc, 31, bbp & ~0x03);
4267 }
4268
4269 run_bbp_read(sc, 138, &bbp);
4270 if (sc->ntxchains == 1)
4271 bbp |= 0x20; /* turn off DAC1 */
4272 if (sc->nrxchains == 1)
4273 bbp &= ~0x02; /* turn off ADC1 */
4274 run_bbp_write(sc, 138, bbp);
4275
4276 run_write(sc, RT2860_TX_SW_CFG1, 0);
4277 if (sc->mac_rev < 0x0211) {
4278 run_write(sc, RT2860_TX_SW_CFG2,
4279 sc->patch_dac ? 0x2c : 0x0f);
4280 } else
4281 run_write(sc, RT2860_TX_SW_CFG2, 0);
4282
4283 } else if (sc->mac_ver == 0x3070) {
4284 if (sc->mac_rev >= 0x0201) {
4285 /* enable DC filter */
4286 run_bbp_write(sc, 103, 0xc0);
4287
4288 /* improve power consumption */
4289 run_bbp_read(sc, 31, &bbp);
4290 run_bbp_write(sc, 31, bbp & ~0x03);
4291 }
4292
4293 if (sc->mac_rev < 0x0201) {
4294 run_write(sc, RT2860_TX_SW_CFG1, 0);
4295 run_write(sc, RT2860_TX_SW_CFG2, 0x2c);
4296 } else
4297 run_write(sc, RT2860_TX_SW_CFG2, 0);
4298 }
4299
4300 /* initialize RF registers from ROM for >=RT3071*/
4301 if (sc->mac_ver >= 0x3071) {
4302 for (i = 0; i < 10; i++) {
4303 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff)
4304 continue;
4305 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val);
4306 }
4307 }
4308 }
4309
4310 void
run_rt3593_rf_setup(struct run_softc * sc)4311 run_rt3593_rf_setup(struct run_softc *sc)
4312 {
4313 uint8_t bbp, rf;
4314
4315 if (sc->mac_rev >= 0x0211) {
4316 /* Enable DC filter. */
4317 run_bbp_write(sc, 103, 0xc0);
4318 }
4319 run_write(sc, RT2860_TX_SW_CFG1, 0);
4320 if (sc->mac_rev < 0x0211) {
4321 run_write(sc, RT2860_TX_SW_CFG2,
4322 sc->patch_dac ? 0x2c : 0x0f);
4323 } else
4324 run_write(sc, RT2860_TX_SW_CFG2, 0);
4325
4326 run_rt3070_rf_read(sc, 50, &rf);
4327 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2);
4328
4329 run_rt3070_rf_read(sc, 51, &rf);
4330 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) |
4331 ((sc->txmixgain_2ghz & 0x07) << 2);
4332 run_rt3070_rf_write(sc, 51, rf);
4333
4334 run_rt3070_rf_read(sc, 38, &rf);
4335 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1);
4336
4337 run_rt3070_rf_read(sc, 39, &rf);
4338 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2);
4339
4340 run_rt3070_rf_read(sc, 1, &rf);
4341 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD));
4342
4343 run_rt3070_rf_read(sc, 30, &rf);
4344 rf = (rf & ~0x18) | 0x10;
4345 run_rt3070_rf_write(sc, 30, rf);
4346
4347 /* Apply maximum likelihood detection for 2 stream case. */
4348 run_bbp_read(sc, 105, &bbp);
4349 if (sc->nrxchains > 1)
4350 run_bbp_write(sc, 105, bbp | RT5390_MLD);
4351
4352 /* Avoid data lost and CRC error. */
4353 run_bbp_read(sc, 4, &bbp);
4354 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
4355
4356 run_bbp_write(sc, 92, 0x02);
4357 run_bbp_write(sc, 82, 0x82);
4358 run_bbp_write(sc, 106, 0x05);
4359 run_bbp_write(sc, 104, 0x92);
4360 run_bbp_write(sc, 88, 0x90);
4361 run_bbp_write(sc, 148, 0xc8);
4362 run_bbp_write(sc, 47, 0x48);
4363 run_bbp_write(sc, 120, 0x50);
4364
4365 run_bbp_write(sc, 163, 0x9d);
4366
4367 /* SNR mapping. */
4368 run_bbp_write(sc, 142, 0x06);
4369 run_bbp_write(sc, 143, 0xa0);
4370 run_bbp_write(sc, 142, 0x07);
4371 run_bbp_write(sc, 143, 0xa1);
4372 run_bbp_write(sc, 142, 0x08);
4373 run_bbp_write(sc, 143, 0xa2);
4374
4375 run_bbp_write(sc, 31, 0x08);
4376 run_bbp_write(sc, 68, 0x0b);
4377 run_bbp_write(sc, 105, 0x04);
4378 }
4379
4380 void
run_rt5390_rf_setup(struct run_softc * sc)4381 run_rt5390_rf_setup(struct run_softc *sc)
4382 {
4383 uint8_t bbp, rf;
4384
4385 if (sc->mac_rev >= 0x0211) {
4386 /* Enable DC filter. */
4387 run_bbp_write(sc, 103, 0xc0);
4388
4389 if (sc->mac_ver != 0x5592) {
4390 /* Improve power consumption. */
4391 run_bbp_read(sc, 31, &bbp);
4392 run_bbp_write(sc, 31, bbp & ~0x03);
4393 }
4394 }
4395
4396 run_bbp_read(sc, 138, &bbp);
4397 if (sc->ntxchains == 1)
4398 bbp |= 0x20; /* turn off DAC1 */
4399 if (sc->nrxchains == 1)
4400 bbp &= ~0x02; /* turn off ADC1 */
4401 run_bbp_write(sc, 138, bbp);
4402
4403 run_rt3070_rf_read(sc, 38, &rf);
4404 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1);
4405
4406 run_rt3070_rf_read(sc, 39, &rf);
4407 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2);
4408
4409 /* Avoid data lost and CRC error. */
4410 run_bbp_read(sc, 4, &bbp);
4411 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
4412
4413 run_rt3070_rf_read(sc, 30, &rf);
4414 rf = (rf & ~0x18) | 0x10;
4415 run_rt3070_rf_write(sc, 30, rf);
4416
4417 if (sc->mac_ver != 0x5592) {
4418 run_write(sc, RT2860_TX_SW_CFG1, 0);
4419 if (sc->mac_rev < 0x0211) {
4420 run_write(sc, RT2860_TX_SW_CFG2,
4421 sc->patch_dac ? 0x2c : 0x0f);
4422 } else
4423 run_write(sc, RT2860_TX_SW_CFG2, 0);
4424 }
4425 }
4426
4427 int
run_txrx_enable(struct run_softc * sc)4428 run_txrx_enable(struct run_softc *sc)
4429 {
4430 uint32_t tmp;
4431 int error, ntries;
4432
4433 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN);
4434 for (ntries = 0; ntries < 200; ntries++) {
4435 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0)
4436 return error;
4437 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
4438 break;
4439 DELAY(1000);
4440 }
4441 if (ntries == 200)
4442 return ETIMEDOUT;
4443
4444 DELAY(50);
4445
4446 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE;
4447 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
4448
4449 /* enable Rx bulk aggregation (set timeout and limit) */
4450 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN |
4451 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2);
4452 run_write(sc, RT2860_USB_DMA_CFG, tmp);
4453
4454 /* set Rx filter */
4455 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR;
4456 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) {
4457 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL |
4458 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK |
4459 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV |
4460 RT2860_DROP_CFACK | RT2860_DROP_CFEND;
4461 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA)
4462 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL;
4463 }
4464 run_write(sc, RT2860_RX_FILTR_CFG, tmp);
4465
4466 run_write(sc, RT2860_MAC_SYS_CTRL,
4467 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
4468
4469 return 0;
4470 }
4471
4472 void
run_adjust_freq_offset(struct run_softc * sc)4473 run_adjust_freq_offset(struct run_softc *sc)
4474 {
4475 uint8_t rf, tmp;
4476
4477 run_rt3070_rf_read(sc, 17, &rf);
4478 tmp = rf;
4479 rf = (rf & ~0x7f) | (sc->freq & 0x7f);
4480 rf = MIN(rf, 0x5f);
4481
4482 if (tmp != rf)
4483 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf);
4484 }
4485
4486 int
run_init(struct ifnet * ifp)4487 run_init(struct ifnet *ifp)
4488 {
4489 struct run_softc *sc = ifp->if_softc;
4490 struct ieee80211com *ic = &sc->sc_ic;
4491 uint32_t tmp;
4492 uint8_t bbp1, bbp3;
4493 int i, error, qid, ridx, ntries;
4494
4495 if (usbd_is_dying(sc->sc_udev))
4496 return ENXIO;
4497
4498 for (ntries = 0; ntries < 100; ntries++) {
4499 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0)
4500 goto fail;
4501 if (tmp != 0 && tmp != 0xffffffff)
4502 break;
4503 DELAY(10);
4504 }
4505 if (ntries == 100) {
4506 error = ETIMEDOUT;
4507 goto fail;
4508 }
4509
4510 if ((error = run_load_microcode(sc)) != 0) {
4511 printf("%s: could not load 8051 microcode\n",
4512 sc->sc_dev.dv_xname);
4513 goto fail;
4514 }
4515
4516 /* init host command ring */
4517 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0;
4518
4519 /* init Tx rings (4 EDCAs) */
4520 for (qid = 0; qid < 4; qid++) {
4521 if ((error = run_alloc_tx_ring(sc, qid)) != 0)
4522 goto fail;
4523 }
4524 /* init Rx ring */
4525 if ((error = run_alloc_rx_ring(sc)) != 0)
4526 goto fail;
4527
4528 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl));
4529 run_set_macaddr(sc, ic->ic_myaddr);
4530
4531 for (ntries = 0; ntries < 100; ntries++) {
4532 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0)
4533 goto fail;
4534 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
4535 break;
4536 DELAY(1000);
4537 }
4538 if (ntries == 100) {
4539 printf("%s: timeout waiting for DMA engine\n",
4540 sc->sc_dev.dv_xname);
4541 error = ETIMEDOUT;
4542 goto fail;
4543 }
4544 tmp &= 0xff0;
4545 tmp |= RT2860_TX_WB_DDONE;
4546 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
4547
4548 /* turn off PME_OEN to solve high-current issue */
4549 run_read(sc, RT2860_SYS_CTRL, &tmp);
4550 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN);
4551
4552 run_write(sc, RT2860_MAC_SYS_CTRL,
4553 RT2860_BBP_HRST | RT2860_MAC_SRST);
4554 run_write(sc, RT2860_USB_DMA_CFG, 0);
4555
4556 if ((error = run_reset(sc)) != 0) {
4557 printf("%s: could not reset chipset\n", sc->sc_dev.dv_xname);
4558 goto fail;
4559 }
4560
4561 run_write(sc, RT2860_MAC_SYS_CTRL, 0);
4562
4563 /* init Tx power for all Tx rates (from EEPROM) */
4564 for (ridx = 0; ridx < 5; ridx++) {
4565 if (sc->txpow20mhz[ridx] == 0xffffffff)
4566 continue;
4567 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]);
4568 }
4569
4570 for (i = 0; i < nitems(rt2870_def_mac); i++)
4571 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val);
4572 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273);
4573 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344);
4574 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa);
4575
4576 if (sc->mac_ver >= 0x5390) {
4577 run_write(sc, RT2860_TX_SW_CFG0,
4578 4 << RT2860_DLY_PAPE_EN_SHIFT | 4);
4579 if (sc->mac_ver >= 0x5392) {
4580 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff);
4581 if (sc->mac_ver == 0x5592) {
4582 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980);
4583 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082);
4584 } else {
4585 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980);
4586 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322);
4587 }
4588 }
4589 } else if (sc->mac_ver == 0x3593) {
4590 run_write(sc, RT2860_TX_SW_CFG0,
4591 4 << RT2860_DLY_PAPE_EN_SHIFT | 2);
4592 } else if (sc->mac_ver >= 0x3070) {
4593 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */
4594 run_write(sc, RT2860_TX_SW_CFG0,
4595 4 << RT2860_DLY_PAPE_EN_SHIFT);
4596 }
4597
4598 /* wait while MAC is busy */
4599 for (ntries = 0; ntries < 100; ntries++) {
4600 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0)
4601 goto fail;
4602 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY)))
4603 break;
4604 DELAY(1000);
4605 }
4606 if (ntries == 100) {
4607 error = ETIMEDOUT;
4608 goto fail;
4609 }
4610
4611 /* clear Host to MCU mailbox */
4612 run_write(sc, RT2860_H2M_BBPAGENT, 0);
4613 run_write(sc, RT2860_H2M_MAILBOX, 0);
4614 DELAY(1000);
4615
4616 if ((error = run_bbp_init(sc)) != 0) {
4617 printf("%s: could not initialize BBP\n", sc->sc_dev.dv_xname);
4618 goto fail;
4619 }
4620
4621 /* abort TSF synchronization */
4622 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
4623 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
4624 RT2860_TBTT_TIMER_EN);
4625 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
4626
4627 /* clear RX WCID search table */
4628 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512);
4629 /* clear WCID attribute table */
4630 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32);
4631 /* clear shared key table */
4632 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32);
4633 /* clear shared key mode */
4634 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4);
4635
4636 run_read(sc, RT2860_US_CYC_CNT, &tmp);
4637 tmp = (tmp & ~0xff) | 0x1e;
4638 run_write(sc, RT2860_US_CYC_CNT, tmp);
4639
4640 if (sc->mac_rev != 0x0101)
4641 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f);
4642
4643 run_write(sc, RT2860_WMM_TXOP0_CFG, 0);
4644 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96);
4645
4646 /* write vendor-specific BBP values (from EEPROM) */
4647 if (sc->mac_ver < 0x3593) {
4648 for (i = 0; i < 8; i++) {
4649 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff)
4650 continue;
4651 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val);
4652 }
4653 }
4654
4655 /* select Main antenna for 1T1R devices */
4656 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370)
4657 run_set_rx_antenna(sc, 0);
4658
4659 /* send LEDs operating mode to microcontroller */
4660 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]);
4661 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]);
4662 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]);
4663
4664 if (sc->mac_ver >= 0x5390)
4665 run_rt5390_rf_init(sc);
4666 else if (sc->mac_ver == 0x3593)
4667 run_rt3593_rf_init(sc);
4668 else if (sc->mac_ver >= 0x3070)
4669 run_rt3070_rf_init(sc);
4670
4671 /* disable non-existing Rx chains */
4672 run_bbp_read(sc, 3, &bbp3);
4673 bbp3 &= ~(1 << 3 | 1 << 4);
4674 if (sc->nrxchains == 2)
4675 bbp3 |= 1 << 3;
4676 else if (sc->nrxchains == 3)
4677 bbp3 |= 1 << 4;
4678 run_bbp_write(sc, 3, bbp3);
4679
4680 /* disable non-existing Tx chains */
4681 run_bbp_read(sc, 1, &bbp1);
4682 if (sc->ntxchains == 1)
4683 bbp1 &= ~(1 << 3 | 1 << 4);
4684 run_bbp_write(sc, 1, bbp1);
4685
4686 if (sc->mac_ver >= 0x5390)
4687 run_rt5390_rf_setup(sc);
4688 else if (sc->mac_ver == 0x3593)
4689 run_rt3593_rf_setup(sc);
4690 else if (sc->mac_ver >= 0x3070)
4691 run_rt3070_rf_setup(sc);
4692
4693 /* select default channel */
4694 ic->ic_bss->ni_chan = ic->ic_ibss_chan;
4695 run_set_chan(sc, ic->ic_ibss_chan);
4696
4697 /* turn radio LED on */
4698 run_set_leds(sc, RT2860_LED_RADIO);
4699
4700 for (i = 0; i < RUN_RX_RING_COUNT; i++) {
4701 struct run_rx_data *data = &sc->rxq.data[i];
4702
4703 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf,
4704 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY,
4705 USBD_NO_TIMEOUT, run_rxeof);
4706 error = usbd_transfer(data->xfer);
4707 if (error != 0 && error != USBD_IN_PROGRESS)
4708 goto fail;
4709 }
4710
4711 if ((error = run_txrx_enable(sc)) != 0)
4712 goto fail;
4713
4714 ifp->if_flags |= IFF_RUNNING;
4715 ifq_clr_oactive(&ifp->if_snd);
4716
4717 if (ic->ic_flags & IEEE80211_F_WEPON) {
4718 /* install WEP keys */
4719 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
4720 if (ic->ic_nw_keys[i].k_cipher != IEEE80211_CIPHER_NONE)
4721 (void)run_set_key(ic, NULL, &ic->ic_nw_keys[i]);
4722 }
4723 }
4724
4725 if (ic->ic_opmode == IEEE80211_M_MONITOR)
4726 ieee80211_new_state(ic, IEEE80211_S_RUN, -1);
4727 else
4728 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
4729
4730 if (error != 0)
4731 fail: run_stop(ifp, 1);
4732 return error;
4733 }
4734
4735 void
run_stop(struct ifnet * ifp,int disable)4736 run_stop(struct ifnet *ifp, int disable)
4737 {
4738 struct run_softc *sc = ifp->if_softc;
4739 struct ieee80211com *ic = &sc->sc_ic;
4740 uint32_t tmp;
4741 int s, ntries, qid;
4742
4743 if (ifp->if_flags & IFF_RUNNING)
4744 run_set_leds(sc, 0); /* turn all LEDs off */
4745
4746 sc->sc_tx_timer = 0;
4747 ifp->if_timer = 0;
4748 ifp->if_flags &= ~IFF_RUNNING;
4749 ifq_clr_oactive(&ifp->if_snd);
4750
4751 timeout_del(&sc->scan_to);
4752 timeout_del(&sc->calib_to);
4753
4754 s = splusb();
4755 ieee80211_new_state(ic, IEEE80211_S_INIT, -1);
4756 /* wait for all queued asynchronous commands to complete */
4757 usb_wait_task(sc->sc_udev, &sc->sc_task);
4758 splx(s);
4759
4760 /* Disable Tx/Rx DMA. */
4761 run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp);
4762 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN);
4763 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
4764
4765 for (ntries = 0; ntries < 100; ntries++) {
4766 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0)
4767 break;
4768 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
4769 break;
4770 DELAY(10);
4771 }
4772 if (ntries == 100) {
4773 printf("%s: timeout waiting for DMA engine\n",
4774 sc->sc_dev.dv_xname);
4775 }
4776
4777 /* disable Tx/Rx */
4778 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp);
4779 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
4780 run_write(sc, RT2860_MAC_SYS_CTRL, tmp);
4781
4782 /* wait for pending Tx to complete */
4783 for (ntries = 0; ntries < 100; ntries++) {
4784 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0)
4785 break;
4786 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0)
4787 break;
4788 }
4789 DELAY(1000);
4790 run_write(sc, RT2860_USB_DMA_CFG, 0);
4791
4792 /* reset adapter */
4793 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST);
4794 run_write(sc, RT2860_MAC_SYS_CTRL, 0);
4795
4796 /* reset Tx and Rx rings */
4797 sc->qfullmsk = 0;
4798 for (qid = 0; qid < 4; qid++)
4799 run_free_tx_ring(sc, qid);
4800 run_free_rx_ring(sc);
4801 }
4802