1 /*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 * 19 * $FreeBSD: head/sys/dev/usb/wlan/if_run.c 270643 2014-08-26 02:20:37Z kevlo $ 20 */ 21 22 /*- 23 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 24 * http://www.ralinktech.com/ 25 */ 26 27 #include <sys/param.h> 28 #include <sys/sockio.h> 29 #include <sys/sysctl.h> 30 #include <sys/lock.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/module.h> 37 #include <sys/bus.h> 38 #include <sys/endian.h> 39 #include <sys/linker.h> 40 #include <sys/firmware.h> 41 42 #include <sys/rman.h> 43 44 #include <net/bpf.h> 45 #include <net/if.h> 46 #include <net/if_var.h> 47 #include <net/if_arp.h> 48 #include <net/ethernet.h> 49 #include <net/if_dl.h> 50 #include <net/if_media.h> 51 #include <net/if_types.h> 52 #include <net/ifq_var.h> 53 54 #include <netinet/in.h> 55 #include <netinet/in_systm.h> 56 #include <netinet/in_var.h> 57 #include <netinet/if_ether.h> 58 #include <netinet/ip.h> 59 60 #include <netproto/802_11/ieee80211_var.h> 61 #include <netproto/802_11/ieee80211_regdomain.h> 62 #include <netproto/802_11/ieee80211_radiotap.h> 63 #include <netproto/802_11/ieee80211_ratectl.h> 64 65 #include <bus/u4b/usb.h> 66 #include <bus/u4b/usbdi.h> 67 #include "usbdevs.h" 68 69 #define USB_DEBUG_VAR run_debug 70 #include <bus/u4b/usb_debug.h> 71 #include <bus/u4b/usb_msctest.h> 72 73 #include <bus/u4b/wlan/if_runreg.h> 74 #include <bus/u4b/wlan/if_runvar.h> 75 76 #ifdef USB_DEBUG 77 #define RUN_DEBUG 78 #endif 79 80 #ifdef RUN_DEBUG 81 int run_debug = 0; 82 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 83 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 84 "run debug level"); 85 #endif 86 87 #define IEEE80211_HAS_ADDR4(wh) \ 88 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 89 90 /* 91 * Because of LOR in run_key_delete(), use atomic instead. 92 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 93 */ 94 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 95 96 static const STRUCT_USB_HOST_ID run_devs[] = { 97 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 98 #define RUN_DEV_EJECT(v,p) \ 99 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, RUN_EJECT) } 100 #define RUN_EJECT 1 101 RUN_DEV(ABOCOM, RT2770), 102 RUN_DEV(ABOCOM, RT2870), 103 RUN_DEV(ABOCOM, RT3070), 104 RUN_DEV(ABOCOM, RT3071), 105 RUN_DEV(ABOCOM, RT3072), 106 RUN_DEV(ABOCOM2, RT2870_1), 107 RUN_DEV(ACCTON, RT2770), 108 RUN_DEV(ACCTON, RT2870_1), 109 RUN_DEV(ACCTON, RT2870_2), 110 RUN_DEV(ACCTON, RT2870_3), 111 RUN_DEV(ACCTON, RT2870_4), 112 RUN_DEV(ACCTON, RT2870_5), 113 RUN_DEV(ACCTON, RT3070), 114 RUN_DEV(ACCTON, RT3070_1), 115 RUN_DEV(ACCTON, RT3070_2), 116 RUN_DEV(ACCTON, RT3070_3), 117 RUN_DEV(ACCTON, RT3070_4), 118 RUN_DEV(ACCTON, RT3070_5), 119 RUN_DEV(AIRTIES, RT3070), 120 RUN_DEV(ALLWIN, RT2070), 121 RUN_DEV(ALLWIN, RT2770), 122 RUN_DEV(ALLWIN, RT2870), 123 RUN_DEV(ALLWIN, RT3070), 124 RUN_DEV(ALLWIN, RT3071), 125 RUN_DEV(ALLWIN, RT3072), 126 RUN_DEV(ALLWIN, RT3572), 127 RUN_DEV(AMIGO, RT2870_1), 128 RUN_DEV(AMIGO, RT2870_2), 129 RUN_DEV(AMIT, CGWLUSB2GNR), 130 RUN_DEV(AMIT, RT2870_1), 131 RUN_DEV(AMIT2, RT2870), 132 RUN_DEV(ASUS, RT2870_1), 133 RUN_DEV(ASUS, RT2870_2), 134 RUN_DEV(ASUS, RT2870_3), 135 RUN_DEV(ASUS, RT2870_4), 136 RUN_DEV(ASUS, RT2870_5), 137 RUN_DEV(ASUS, USBN13), 138 RUN_DEV(ASUS, RT3070_1), 139 RUN_DEV(ASUS, USBN66), 140 RUN_DEV(ASUS, USB_N53), 141 RUN_DEV(ASUS2, USBN11), 142 RUN_DEV(AZUREWAVE, RT2870_1), 143 RUN_DEV(AZUREWAVE, RT2870_2), 144 RUN_DEV(AZUREWAVE, RT3070_1), 145 RUN_DEV(AZUREWAVE, RT3070_2), 146 RUN_DEV(AZUREWAVE, RT3070_3), 147 RUN_DEV(BELKIN, F9L1103), 148 RUN_DEV(BELKIN, F5D8053V3), 149 RUN_DEV(BELKIN, F5D8055), 150 RUN_DEV(BELKIN, F5D8055V2), 151 RUN_DEV(BELKIN, F6D4050V1), 152 RUN_DEV(BELKIN, F6D4050V2), 153 RUN_DEV(BELKIN, RT2870_1), 154 RUN_DEV(BELKIN, RT2870_2), 155 RUN_DEV(CISCOLINKSYS, AE1000), 156 RUN_DEV(CISCOLINKSYS2, RT3070), 157 RUN_DEV(CISCOLINKSYS3, RT3070), 158 RUN_DEV(CONCEPTRONIC2, RT2870_1), 159 RUN_DEV(CONCEPTRONIC2, RT2870_2), 160 RUN_DEV(CONCEPTRONIC2, RT2870_3), 161 RUN_DEV(CONCEPTRONIC2, RT2870_4), 162 RUN_DEV(CONCEPTRONIC2, RT2870_5), 163 RUN_DEV(CONCEPTRONIC2, RT2870_6), 164 RUN_DEV(CONCEPTRONIC2, RT2870_7), 165 RUN_DEV(CONCEPTRONIC2, RT2870_8), 166 RUN_DEV(CONCEPTRONIC2, RT3070_1), 167 RUN_DEV(CONCEPTRONIC2, RT3070_2), 168 RUN_DEV(CONCEPTRONIC2, VIGORN61), 169 RUN_DEV(COREGA, CGWLUSB300GNM), 170 RUN_DEV(COREGA, RT2870_1), 171 RUN_DEV(COREGA, RT2870_2), 172 RUN_DEV(COREGA, RT2870_3), 173 RUN_DEV(COREGA, RT3070), 174 RUN_DEV(CYBERTAN, RT2870), 175 RUN_DEV(DLINK, RT2870), 176 RUN_DEV(DLINK, RT3072), 177 RUN_DEV(DLINK, DWA127), 178 RUN_DEV(DLINK, DWA140B3), 179 RUN_DEV(DLINK, DWA160B2), 180 RUN_DEV(DLINK, DWA140D1), 181 RUN_DEV(DLINK, DWA162), 182 RUN_DEV(DLINK2, DWA130), 183 RUN_DEV(DLINK2, RT2870_1), 184 RUN_DEV(DLINK2, RT2870_2), 185 RUN_DEV(DLINK2, RT3070_1), 186 RUN_DEV(DLINK2, RT3070_2), 187 RUN_DEV(DLINK2, RT3070_3), 188 RUN_DEV(DLINK2, RT3070_4), 189 RUN_DEV(DLINK2, RT3070_5), 190 RUN_DEV(DLINK2, RT3072), 191 RUN_DEV(DLINK2, RT3072_1), 192 RUN_DEV(EDIMAX, EW7717), 193 RUN_DEV(EDIMAX, EW7718), 194 RUN_DEV(EDIMAX, EW7733UND), 195 RUN_DEV(EDIMAX, RT2870_1), 196 RUN_DEV(ENCORE, RT3070_1), 197 RUN_DEV(ENCORE, RT3070_2), 198 RUN_DEV(ENCORE, RT3070_3), 199 RUN_DEV(GIGABYTE, GNWB31N), 200 RUN_DEV(GIGABYTE, GNWB32L), 201 RUN_DEV(GIGABYTE, RT2870_1), 202 RUN_DEV(GIGASET, RT3070_1), 203 RUN_DEV(GIGASET, RT3070_2), 204 RUN_DEV(GUILLEMOT, HWNU300), 205 RUN_DEV(HAWKING, HWUN2), 206 RUN_DEV(HAWKING, RT2870_1), 207 RUN_DEV(HAWKING, RT2870_2), 208 RUN_DEV(HAWKING, RT3070), 209 RUN_DEV(IODATA, RT3072_1), 210 RUN_DEV(IODATA, RT3072_2), 211 RUN_DEV(IODATA, RT3072_3), 212 RUN_DEV(IODATA, RT3072_4), 213 RUN_DEV(LINKSYS4, RT3070), 214 RUN_DEV(LINKSYS4, WUSB100), 215 RUN_DEV(LINKSYS4, WUSB54GCV3), 216 RUN_DEV(LINKSYS4, WUSB600N), 217 RUN_DEV(LINKSYS4, WUSB600NV2), 218 RUN_DEV(LOGITEC, RT2870_1), 219 RUN_DEV(LOGITEC, RT2870_2), 220 RUN_DEV(LOGITEC, RT2870_3), 221 RUN_DEV(LOGITEC, LANW300NU2), 222 RUN_DEV(LOGITEC, LANW150NU2), 223 RUN_DEV(LOGITEC, LANW300NU2S), 224 RUN_DEV(MELCO, RT2870_1), 225 RUN_DEV(MELCO, RT2870_2), 226 RUN_DEV(MELCO, WLIUCAG300N), 227 RUN_DEV(MELCO, WLIUCG300N), 228 RUN_DEV(MELCO, WLIUCG301N), 229 RUN_DEV(MELCO, WLIUCGN), 230 RUN_DEV(MELCO, WLIUCGNM), 231 RUN_DEV(MELCO, WLIUCGNM2), 232 RUN_DEV(MOTOROLA4, RT2770), 233 RUN_DEV(MOTOROLA4, RT3070), 234 RUN_DEV(MSI, RT3070_1), 235 RUN_DEV(MSI, RT3070_2), 236 RUN_DEV(MSI, RT3070_3), 237 RUN_DEV(MSI, RT3070_4), 238 RUN_DEV(MSI, RT3070_5), 239 RUN_DEV(MSI, RT3070_6), 240 RUN_DEV(MSI, RT3070_7), 241 RUN_DEV(MSI, RT3070_8), 242 RUN_DEV(MSI, RT3070_9), 243 RUN_DEV(MSI, RT3070_10), 244 RUN_DEV(MSI, RT3070_11), 245 RUN_DEV(OVISLINK, RT3072), 246 RUN_DEV(PARA, RT3070), 247 RUN_DEV(PEGATRON, RT2870), 248 RUN_DEV(PEGATRON, RT3070), 249 RUN_DEV(PEGATRON, RT3070_2), 250 RUN_DEV(PEGATRON, RT3070_3), 251 RUN_DEV(PHILIPS, RT2870), 252 RUN_DEV(PLANEX2, GWUS300MINIS), 253 RUN_DEV(PLANEX2, GWUSMICRON), 254 RUN_DEV(PLANEX2, RT2870), 255 RUN_DEV(PLANEX2, RT3070), 256 RUN_DEV(QCOM, RT2870), 257 RUN_DEV(QUANTA, RT3070), 258 RUN_DEV(RALINK, RT2070), 259 RUN_DEV(RALINK, RT2770), 260 RUN_DEV(RALINK, RT2870), 261 RUN_DEV(RALINK, RT3070), 262 RUN_DEV(RALINK, RT3071), 263 RUN_DEV(RALINK, RT3072), 264 RUN_DEV(RALINK, RT3370), 265 RUN_DEV(RALINK, RT3572), 266 RUN_DEV(RALINK, RT3573), 267 RUN_DEV(RALINK, RT5370), 268 RUN_DEV(RALINK, RT5572), 269 RUN_DEV(RALINK, RT8070), 270 RUN_DEV(SAMSUNG, WIS09ABGN), 271 RUN_DEV(SAMSUNG2, RT2870_1), 272 RUN_DEV(SENAO, RT2870_1), 273 RUN_DEV(SENAO, RT2870_2), 274 RUN_DEV(SENAO, RT2870_3), 275 RUN_DEV(SENAO, RT2870_4), 276 RUN_DEV(SENAO, RT3070), 277 RUN_DEV(SENAO, RT3071), 278 RUN_DEV(SENAO, RT3072_1), 279 RUN_DEV(SENAO, RT3072_2), 280 RUN_DEV(SENAO, RT3072_3), 281 RUN_DEV(SENAO, RT3072_4), 282 RUN_DEV(SENAO, RT3072_5), 283 RUN_DEV(SITECOMEU, RT2770), 284 RUN_DEV(SITECOMEU, RT2870_1), 285 RUN_DEV(SITECOMEU, RT2870_2), 286 RUN_DEV(SITECOMEU, RT2870_3), 287 RUN_DEV(SITECOMEU, RT2870_4), 288 RUN_DEV(SITECOMEU, RT3070), 289 RUN_DEV(SITECOMEU, RT3070_2), 290 RUN_DEV(SITECOMEU, RT3070_3), 291 RUN_DEV(SITECOMEU, RT3070_4), 292 RUN_DEV(SITECOMEU, RT3071), 293 RUN_DEV(SITECOMEU, RT3072_1), 294 RUN_DEV(SITECOMEU, RT3072_2), 295 RUN_DEV(SITECOMEU, RT3072_3), 296 RUN_DEV(SITECOMEU, RT3072_4), 297 RUN_DEV(SITECOMEU, RT3072_5), 298 RUN_DEV(SITECOMEU, RT3072_6), 299 RUN_DEV(SITECOMEU, WL608), 300 RUN_DEV(SPARKLAN, RT2870_1), 301 RUN_DEV(SPARKLAN, RT3070), 302 RUN_DEV(SWEEX2, LW153), 303 RUN_DEV(SWEEX2, LW303), 304 RUN_DEV(SWEEX2, LW313), 305 RUN_DEV(TOSHIBA, RT3070), 306 RUN_DEV(UMEDIA, RT2870_1), 307 RUN_DEV(ZCOM, RT2870_1), 308 RUN_DEV(ZCOM, RT2870_2), 309 RUN_DEV(ZINWELL, RT2870_1), 310 RUN_DEV(ZINWELL, RT2870_2), 311 RUN_DEV(ZINWELL, RT3070), 312 RUN_DEV(ZINWELL, RT3072_1), 313 RUN_DEV(ZINWELL, RT3072_2), 314 RUN_DEV(ZYXEL, RT2870_1), 315 RUN_DEV(ZYXEL, RT2870_2), 316 RUN_DEV(ZYXEL, RT3070), 317 RUN_DEV_EJECT(ZYXEL, NWD2705), 318 RUN_DEV_EJECT(RALINK, RT_STOR), 319 #undef RUN_DEV_EJECT 320 #undef RUN_DEV 321 }; 322 323 static device_probe_t run_match; 324 static device_attach_t run_attach; 325 static device_detach_t run_detach; 326 327 static usb_callback_t run_bulk_rx_callback; 328 static usb_callback_t run_bulk_tx_callback0; 329 static usb_callback_t run_bulk_tx_callback1; 330 static usb_callback_t run_bulk_tx_callback2; 331 static usb_callback_t run_bulk_tx_callback3; 332 static usb_callback_t run_bulk_tx_callback4; 333 static usb_callback_t run_bulk_tx_callback5; 334 335 static void run_autoinst(void *, struct usb_device *, 336 struct usb_attach_arg *); 337 static int run_driver_loaded(struct module *, int, void *); 338 static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 339 usb_error_t error, u_int index); 340 static struct ieee80211vap *run_vap_create(struct ieee80211com *, 341 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 342 const uint8_t [IEEE80211_ADDR_LEN], 343 const uint8_t [IEEE80211_ADDR_LEN]); 344 static void run_vap_delete(struct ieee80211vap *); 345 static void run_cmdq_cb(void *, int); 346 static void run_setup_tx_list(struct run_softc *, 347 struct run_endpoint_queue *); 348 static void run_unsetup_tx_list(struct run_softc *, 349 struct run_endpoint_queue *); 350 static int run_load_microcode(struct run_softc *); 351 static int run_reset(struct run_softc *); 352 static usb_error_t run_do_request(struct run_softc *, 353 struct usb_device_request *, void *); 354 static int run_read(struct run_softc *, uint16_t, uint32_t *); 355 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 356 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 357 static int run_write(struct run_softc *, uint16_t, uint32_t); 358 static int run_write_region_1(struct run_softc *, uint16_t, 359 const uint8_t *, int); 360 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 361 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 362 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 363 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 364 static int run_rt2870_rf_write(struct run_softc *, uint32_t); 365 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 366 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 367 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 368 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 369 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 370 static const char *run_get_rf(uint16_t); 371 static void run_rt3593_get_txpower(struct run_softc *); 372 static void run_get_txpower(struct run_softc *); 373 static int run_read_eeprom(struct run_softc *); 374 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 375 const uint8_t mac[IEEE80211_ADDR_LEN]); 376 static int run_media_change(struct ifnet *); 377 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 378 static int run_wme_update(struct ieee80211com *); 379 static void run_wme_update_cb(void *); 380 static void run_key_update_begin(struct ieee80211vap *); 381 static void run_key_update_end(struct ieee80211vap *); 382 static void run_key_set_cb(void *); 383 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 384 const uint8_t mac[IEEE80211_ADDR_LEN]); 385 static void run_key_delete_cb(void *); 386 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 387 static void run_ratectl_to(void *); 388 static void run_ratectl_cb(void *, int); 389 static void run_drain_fifo(void *); 390 static void run_iter_func(void *, struct ieee80211_node *); 391 static void run_newassoc_cb(void *); 392 static void run_newassoc(struct ieee80211_node *, int); 393 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 394 static void run_tx_free(struct run_endpoint_queue *pq, 395 struct run_tx_data *, int); 396 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 397 static int run_tx(struct run_softc *, struct mbuf *, 398 struct ieee80211_node *); 399 static int run_tx_mgt(struct run_softc *, struct mbuf *, 400 struct ieee80211_node *); 401 static int run_sendprot(struct run_softc *, const struct mbuf *, 402 struct ieee80211_node *, int, int); 403 static int run_tx_param(struct run_softc *, struct mbuf *, 404 struct ieee80211_node *, 405 const struct ieee80211_bpf_params *); 406 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 407 const struct ieee80211_bpf_params *); 408 static void run_start(struct ifnet *, struct ifaltq_subque *); 409 static int run_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 410 static void run_iq_calib(struct run_softc *, u_int); 411 static void run_set_agc(struct run_softc *, uint8_t); 412 static void run_select_chan_group(struct run_softc *, int); 413 static void run_set_rx_antenna(struct run_softc *, int); 414 static void run_rt2870_set_chan(struct run_softc *, u_int); 415 static void run_rt3070_set_chan(struct run_softc *, u_int); 416 static void run_rt3572_set_chan(struct run_softc *, u_int); 417 static void run_rt3593_set_chan(struct run_softc *, u_int); 418 static void run_rt5390_set_chan(struct run_softc *, u_int); 419 static void run_rt5592_set_chan(struct run_softc *, u_int); 420 static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 421 static void run_set_channel(struct ieee80211com *); 422 static void run_scan_start(struct ieee80211com *); 423 static void run_scan_end(struct ieee80211com *); 424 static void run_update_beacon(struct ieee80211vap *, int); 425 static void run_update_beacon_cb(void *); 426 static void run_updateprot(struct ieee80211com *); 427 static void run_updateprot_cb(void *); 428 static void run_usb_timeout_cb(void *); 429 static void run_reset_livelock(struct run_softc *); 430 static void run_enable_tsf_sync(struct run_softc *); 431 static void run_enable_mrr(struct run_softc *); 432 static void run_set_txpreamble(struct run_softc *); 433 static void run_set_basicrates(struct run_softc *); 434 static void run_set_leds(struct run_softc *, uint16_t); 435 static void run_set_bssid(struct run_softc *, const uint8_t *); 436 static void run_set_macaddr(struct run_softc *, const uint8_t *); 437 static void run_updateslot(struct ieee80211com *); 438 static void run_updateslot_cb(void *); 439 static void run_update_mcast(struct ieee80211com *); 440 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 441 static void run_update_promisc_locked(struct run_softc *); 442 static void run_update_promisc(struct ieee80211com *); 443 static void run_rt5390_bbp_init(struct run_softc *); 444 static int run_bbp_init(struct run_softc *); 445 static int run_rt3070_rf_init(struct run_softc *); 446 static void run_rt3593_rf_init(struct run_softc *); 447 static void run_rt5390_rf_init(struct run_softc *); 448 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 449 uint8_t *); 450 static void run_rt3070_rf_setup(struct run_softc *); 451 static void run_rt3593_rf_setup(struct run_softc *); 452 static void run_rt5390_rf_setup(struct run_softc *); 453 static int run_txrx_enable(struct run_softc *); 454 static void run_adjust_freq_offset(struct run_softc *); 455 static void run_init(void *); 456 static void run_init_locked(struct run_softc *); 457 static void run_stop(void *); 458 static void run_delay(struct run_softc *, u_int); 459 460 static eventhandler_tag run_etag; 461 462 static const struct rt2860_rate { 463 uint8_t rate; 464 uint8_t mcs; 465 enum ieee80211_phytype phy; 466 uint8_t ctl_ridx; 467 uint16_t sp_ack_dur; 468 uint16_t lp_ack_dur; 469 } rt2860_rates[] = { 470 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 471 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 472 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 473 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 474 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 475 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 476 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 477 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 478 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 479 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 480 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 481 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 482 }; 483 484 static const struct { 485 uint16_t reg; 486 uint32_t val; 487 } rt2870_def_mac[] = { 488 RT2870_DEF_MAC 489 }; 490 491 static const struct { 492 uint8_t reg; 493 uint8_t val; 494 } rt2860_def_bbp[] = { 495 RT2860_DEF_BBP 496 },rt5390_def_bbp[] = { 497 RT5390_DEF_BBP 498 },rt5592_def_bbp[] = { 499 RT5592_DEF_BBP 500 }; 501 502 /* 503 * Default values for BBP register R196 for RT5592. 504 */ 505 static const uint8_t rt5592_bbp_r196[] = { 506 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 507 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 508 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 509 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 510 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 511 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 512 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 513 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 514 0x2e, 0x36, 0x30, 0x6e 515 }; 516 517 static const struct rfprog { 518 uint8_t chan; 519 uint32_t r1, r2, r3, r4; 520 } rt2860_rf2850[] = { 521 RT2860_RF2850 522 }; 523 524 struct { 525 uint8_t n, r, k; 526 } rt3070_freqs[] = { 527 RT3070_RF3052 528 }; 529 530 static const struct rt5592_freqs { 531 uint16_t n; 532 uint8_t k, m, r; 533 } rt5592_freqs_20mhz[] = { 534 RT5592_RF5592_20MHZ 535 },rt5592_freqs_40mhz[] = { 536 RT5592_RF5592_40MHZ 537 }; 538 539 static const struct { 540 uint8_t reg; 541 uint8_t val; 542 } rt3070_def_rf[] = { 543 RT3070_DEF_RF 544 },rt3572_def_rf[] = { 545 RT3572_DEF_RF 546 },rt3593_def_rf[] = { 547 RT3593_DEF_RF 548 },rt5390_def_rf[] = { 549 RT5390_DEF_RF 550 },rt5392_def_rf[] = { 551 RT5392_DEF_RF 552 },rt5592_def_rf[] = { 553 RT5592_DEF_RF 554 },rt5592_2ghz_def_rf[] = { 555 RT5592_2GHZ_DEF_RF 556 },rt5592_5ghz_def_rf[] = { 557 RT5592_5GHZ_DEF_RF 558 }; 559 560 static const struct { 561 u_int firstchan; 562 u_int lastchan; 563 uint8_t reg; 564 uint8_t val; 565 } rt5592_chan_5ghz[] = { 566 RT5592_CHAN_5GHZ 567 }; 568 569 static const struct usb_config run_config[RUN_N_XFER] = { 570 [RUN_BULK_TX_BE] = { 571 .type = UE_BULK, 572 .endpoint = UE_ADDR_ANY, 573 .ep_index = 0, 574 .direction = UE_DIR_OUT, 575 .bufsize = RUN_MAX_TXSZ, 576 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 577 .callback = run_bulk_tx_callback0, 578 .timeout = 5000, /* ms */ 579 }, 580 [RUN_BULK_TX_BK] = { 581 .type = UE_BULK, 582 .endpoint = UE_ADDR_ANY, 583 .direction = UE_DIR_OUT, 584 .ep_index = 1, 585 .bufsize = RUN_MAX_TXSZ, 586 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 587 .callback = run_bulk_tx_callback1, 588 .timeout = 5000, /* ms */ 589 }, 590 [RUN_BULK_TX_VI] = { 591 .type = UE_BULK, 592 .endpoint = UE_ADDR_ANY, 593 .direction = UE_DIR_OUT, 594 .ep_index = 2, 595 .bufsize = RUN_MAX_TXSZ, 596 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 597 .callback = run_bulk_tx_callback2, 598 .timeout = 5000, /* ms */ 599 }, 600 [RUN_BULK_TX_VO] = { 601 .type = UE_BULK, 602 .endpoint = UE_ADDR_ANY, 603 .direction = UE_DIR_OUT, 604 .ep_index = 3, 605 .bufsize = RUN_MAX_TXSZ, 606 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 607 .callback = run_bulk_tx_callback3, 608 .timeout = 5000, /* ms */ 609 }, 610 [RUN_BULK_TX_HCCA] = { 611 .type = UE_BULK, 612 .endpoint = UE_ADDR_ANY, 613 .direction = UE_DIR_OUT, 614 .ep_index = 4, 615 .bufsize = RUN_MAX_TXSZ, 616 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 617 .callback = run_bulk_tx_callback4, 618 .timeout = 5000, /* ms */ 619 }, 620 [RUN_BULK_TX_PRIO] = { 621 .type = UE_BULK, 622 .endpoint = UE_ADDR_ANY, 623 .direction = UE_DIR_OUT, 624 .ep_index = 5, 625 .bufsize = RUN_MAX_TXSZ, 626 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 627 .callback = run_bulk_tx_callback5, 628 .timeout = 5000, /* ms */ 629 }, 630 [RUN_BULK_RX] = { 631 .type = UE_BULK, 632 .endpoint = UE_ADDR_ANY, 633 .direction = UE_DIR_IN, 634 .bufsize = RUN_MAX_RXSZ, 635 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 636 .callback = run_bulk_rx_callback, 637 } 638 }; 639 640 static void 641 run_autoinst(void *arg, struct usb_device *udev, 642 struct usb_attach_arg *uaa) 643 { 644 struct usb_interface *iface; 645 struct usb_interface_descriptor *id; 646 647 if (uaa->dev_state != UAA_DEV_READY) 648 return; 649 650 iface = usbd_get_iface(udev, 0); 651 if (iface == NULL) 652 return; 653 id = iface->idesc; 654 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 655 return; 656 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 657 return; 658 659 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 660 uaa->dev_state = UAA_DEV_EJECTING; 661 } 662 663 static int 664 run_driver_loaded(struct module *mod, int what, void *arg) 665 { 666 switch (what) { 667 case MOD_LOAD: 668 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 669 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 670 break; 671 case MOD_UNLOAD: 672 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 673 break; 674 default: 675 return (EOPNOTSUPP); 676 } 677 return (0); 678 } 679 680 static int 681 run_match(device_t self) 682 { 683 struct usb_attach_arg *uaa = device_get_ivars(self); 684 685 if (uaa->usb_mode != USB_MODE_HOST) 686 return (ENXIO); 687 if (uaa->info.bConfigIndex != 0) 688 return (ENXIO); 689 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 690 return (ENXIO); 691 692 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 693 } 694 695 static int 696 run_attach(device_t self) 697 { 698 struct run_softc *sc = device_get_softc(self); 699 struct usb_attach_arg *uaa = device_get_ivars(self); 700 struct ieee80211com *ic; 701 struct ifnet *ifp; 702 uint32_t ver; 703 int ntries, error; 704 uint8_t iface_index, bands; 705 char ethstr[ETHER_ADDRSTRLEN + 1]; 706 707 wlan_serialize_enter(); 708 709 device_set_usb_desc(self); 710 sc->sc_udev = uaa->device; 711 sc->sc_dev = self; 712 if (USB_GET_DRIVER_INFO(uaa) != RUN_EJECT) 713 sc->sc_flags |= RUN_FLAG_FWLOAD_NEEDED; 714 715 lockinit(&sc->sc_lock, device_get_nameunit(sc->sc_dev), 716 0, LK_CANRECURSE); 717 718 iface_index = RT2860_IFACE_INDEX; 719 720 error = usbd_transfer_setup(uaa->device, &iface_index, 721 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_lock); 722 if (error) { 723 device_printf(self, "could not allocate USB transfers, " 724 "err=%s\n", usbd_errstr(error)); 725 goto detach; 726 } 727 728 RUN_LOCK(sc); 729 730 /* wait for the chip to settle */ 731 for (ntries = 0; ntries < 100; ntries++) { 732 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 733 RUN_UNLOCK(sc); 734 goto detach; 735 } 736 if (ver != 0 && ver != 0xffffffff) 737 break; 738 run_delay(sc, 10); 739 } 740 if (ntries == 100) { 741 device_printf(sc->sc_dev, 742 "timeout waiting for NIC to initialize\n"); 743 RUN_UNLOCK(sc); 744 goto detach; 745 } 746 sc->mac_ver = ver >> 16; 747 sc->mac_rev = ver & 0xffff; 748 749 /* retrieve RF rev. no and various other things from EEPROM */ 750 run_read_eeprom(sc); 751 752 device_printf(sc->sc_dev, 753 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 754 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 755 sc->ntxchains, sc->nrxchains, kether_ntoa(sc->sc_bssid, ethstr)); 756 757 RUN_UNLOCK(sc); 758 759 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 760 if (ifp == NULL) { 761 device_printf(sc->sc_dev, "can not if_alloc()\n"); 762 goto detach; 763 } 764 ic = ifp->if_l2com; 765 766 ifp->if_softc = sc; 767 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 768 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 769 ifp->if_init = run_init; 770 ifp->if_ioctl = run_ioctl; 771 ifp->if_start = run_start; 772 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen); 773 #if 0 /* XXX swildner: see c3d4131842e47b168d93a0650d58d425ebeef789 */ 774 ifq_set_ready(&ifp->if_snd); 775 #endif 776 777 ic->ic_ifp = ifp; 778 ic->ic_softc = sc; 779 ic->ic_name = device_get_nameunit(sc->sc_dev); 780 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 781 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 782 783 /* set device capabilities */ 784 ic->ic_caps = 785 IEEE80211_C_STA | /* station mode supported */ 786 IEEE80211_C_MONITOR | /* monitor mode supported */ 787 IEEE80211_C_IBSS | 788 IEEE80211_C_HOSTAP | 789 IEEE80211_C_WDS | /* 4-address traffic works */ 790 IEEE80211_C_MBSS | 791 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 792 IEEE80211_C_SHSLOT | /* short slot time supported */ 793 IEEE80211_C_WME | /* WME */ 794 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 795 796 ic->ic_cryptocaps = 797 IEEE80211_CRYPTO_WEP | 798 IEEE80211_CRYPTO_AES_CCM | 799 IEEE80211_CRYPTO_TKIPMIC | 800 IEEE80211_CRYPTO_TKIP; 801 802 ic->ic_flags |= IEEE80211_F_DATAPAD; 803 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 804 805 bands = 0; 806 setbit(&bands, IEEE80211_MODE_11B); 807 setbit(&bands, IEEE80211_MODE_11G); 808 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 809 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 810 sc->rf_rev == RT5592_RF_5592) 811 setbit(&bands, IEEE80211_MODE_11A); 812 ieee80211_init_channels(ic, NULL, &bands); 813 814 ieee80211_ifattach(ic, sc->sc_bssid); 815 816 ic->ic_scan_start = run_scan_start; 817 ic->ic_scan_end = run_scan_end; 818 ic->ic_set_channel = run_set_channel; 819 ic->ic_node_alloc = run_node_alloc; 820 ic->ic_newassoc = run_newassoc; 821 ic->ic_updateslot = run_updateslot; 822 ic->ic_update_mcast = run_update_mcast; 823 ic->ic_wme.wme_update = run_wme_update; 824 ic->ic_raw_xmit = run_raw_xmit; 825 ic->ic_update_promisc = run_update_promisc; 826 827 ic->ic_vap_create = run_vap_create; 828 ic->ic_vap_delete = run_vap_delete; 829 830 ieee80211_radiotap_attach(ic, 831 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 832 RUN_TX_RADIOTAP_PRESENT, 833 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 834 RUN_RX_RADIOTAP_PRESENT); 835 836 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 837 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 838 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_lock, 1); 839 840 if (bootverbose) 841 ieee80211_announce(ic); 842 843 wlan_serialize_exit(); 844 return (0); 845 846 detach: 847 wlan_serialize_exit(); 848 run_detach(self); 849 return (ENXIO); 850 } 851 852 static int 853 run_detach(device_t self) 854 { 855 struct run_softc *sc = device_get_softc(self); 856 struct ifnet *ifp = sc->sc_ifp; 857 struct ieee80211com *ic; 858 int i; 859 860 wlan_serialize_enter(); 861 sc->sc_detached = 1; 862 863 /* stop all USB transfers */ 864 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 865 866 RUN_LOCK(sc); 867 sc->ratectl_run = RUN_RATECTL_OFF; 868 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 869 870 /* free TX list, if any */ 871 for (i = 0; i != RUN_EP_QUEUES; i++) 872 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 873 RUN_UNLOCK(sc); 874 875 if (ifp) { 876 ic = ifp->if_l2com; 877 /* drain tasks */ 878 usb_callout_drain(&sc->ratectl_ch); 879 ieee80211_draintask(ic, &sc->cmdq_task); 880 ieee80211_draintask(ic, &sc->ratectl_task); 881 ieee80211_ifdetach(ic); 882 if_free(ifp); 883 } 884 885 lockuninit(&sc->sc_lock); 886 887 wlan_serialize_exit(); 888 return (0); 889 } 890 891 static struct ieee80211vap * 892 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 893 enum ieee80211_opmode opmode, int flags, 894 const uint8_t bssid[IEEE80211_ADDR_LEN], 895 const uint8_t mac[IEEE80211_ADDR_LEN]) 896 { 897 struct ifnet *ifp = ic->ic_ifp; 898 struct run_softc *sc = ic->ic_softc; 899 struct run_vap *rvp; 900 struct ieee80211vap *vap; 901 int i; 902 903 if (sc->rvp_cnt >= RUN_VAP_MAX) { 904 if_printf(ifp, "number of VAPs maxed out\n"); 905 return (NULL); 906 } 907 908 switch (opmode) { 909 case IEEE80211_M_STA: 910 /* enable s/w bmiss handling for sta mode */ 911 flags |= IEEE80211_CLONE_NOBEACONS; 912 /* fall though */ 913 case IEEE80211_M_IBSS: 914 case IEEE80211_M_MONITOR: 915 case IEEE80211_M_HOSTAP: 916 case IEEE80211_M_MBSS: 917 /* other than WDS vaps, only one at a time */ 918 if (!TAILQ_EMPTY(&ic->ic_vaps)) 919 return (NULL); 920 break; 921 case IEEE80211_M_WDS: 922 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 923 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 924 continue; 925 /* WDS vap's always share the local mac address. */ 926 flags &= ~IEEE80211_CLONE_BSSID; 927 break; 928 } 929 if (vap == NULL) { 930 if_printf(ifp, "wds only supported in ap mode\n"); 931 return (NULL); 932 } 933 break; 934 default: 935 if_printf(ifp, "unknown opmode %d\n", opmode); 936 return (NULL); 937 } 938 939 rvp = (struct run_vap *) kmalloc(sizeof(struct run_vap), 940 M_80211_VAP, M_INTWAIT | M_ZERO); 941 vap = &rvp->vap; 942 943 if (ieee80211_vap_setup(ic, vap, name, unit, 944 opmode, flags, bssid, mac) != 0) { 945 /* out of memory */ 946 kfree(rvp, M_80211_VAP); 947 return (NULL); 948 } 949 950 vap->iv_key_update_begin = run_key_update_begin; 951 vap->iv_key_update_end = run_key_update_end; 952 vap->iv_update_beacon = run_update_beacon; 953 vap->iv_max_aid = RT2870_WCID_MAX; 954 /* 955 * To delete the right key from h/w, we need wcid. 956 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 957 * and matching wcid will be written into there. So, cast 958 * some spells to remove 'const' from ieee80211_key{} 959 */ 960 vap->iv_key_delete = (void *)run_key_delete; 961 vap->iv_key_set = (void *)run_key_set; 962 963 /* override state transition machine */ 964 rvp->newstate = vap->iv_newstate; 965 vap->iv_newstate = run_newstate; 966 967 ieee80211_ratectl_init(vap); 968 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 969 970 /* complete setup */ 971 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 972 973 /* make sure id is always unique */ 974 for (i = 0; i < RUN_VAP_MAX; i++) { 975 if((sc->rvp_bmap & 1 << i) == 0){ 976 sc->rvp_bmap |= 1 << i; 977 rvp->rvp_id = i; 978 break; 979 } 980 } 981 if (sc->rvp_cnt++ == 0) 982 ic->ic_opmode = opmode; 983 984 if (opmode == IEEE80211_M_HOSTAP) 985 sc->cmdq_run = RUN_CMDQ_GO; 986 987 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 988 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 989 990 return (vap); 991 } 992 993 static void 994 run_vap_delete(struct ieee80211vap *vap) 995 { 996 struct run_vap *rvp = RUN_VAP(vap); 997 struct ifnet *ifp; 998 struct ieee80211com *ic; 999 struct run_softc *sc; 1000 uint8_t rvp_id; 1001 1002 if (vap == NULL) 1003 return; 1004 1005 ic = vap->iv_ic; 1006 ifp = ic->ic_ifp; 1007 sc = ic->ic_softc; 1008 1009 RUN_LOCK(sc); 1010 1011 m_freem(rvp->beacon_mbuf); 1012 rvp->beacon_mbuf = NULL; 1013 1014 rvp_id = rvp->rvp_id; 1015 sc->ratectl_run &= ~(1 << rvp_id); 1016 sc->rvp_bmap &= ~(1 << rvp_id); 1017 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1018 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1019 --sc->rvp_cnt; 1020 1021 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1022 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1023 1024 RUN_UNLOCK(sc); 1025 1026 ieee80211_ratectl_deinit(vap); 1027 ieee80211_vap_detach(vap); 1028 kfree(rvp, M_80211_VAP); 1029 } 1030 1031 /* 1032 * There are numbers of functions need to be called in context thread. 1033 * Rather than creating taskqueue event for each of those functions, 1034 * here is all-for-one taskqueue callback function. This function 1035 * gurantees deferred functions are executed in the same order they 1036 * were enqueued. 1037 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1038 */ 1039 static void 1040 run_cmdq_cb(void *arg, int pending) 1041 { 1042 struct run_softc *sc = arg; 1043 uint8_t i; 1044 1045 /* call cmdq[].func locked */ 1046 RUN_LOCK(sc); 1047 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1048 i = sc->cmdq_exec, pending--) { 1049 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1050 if (sc->cmdq_run == RUN_CMDQ_GO) { 1051 /* 1052 * If arg0 is NULL, callback func needs more 1053 * than one arg. So, pass ptr to cmdq struct. 1054 */ 1055 if (sc->cmdq[i].arg0) 1056 sc->cmdq[i].func(sc->cmdq[i].arg0); 1057 else 1058 sc->cmdq[i].func(&sc->cmdq[i]); 1059 } 1060 sc->cmdq[i].arg0 = NULL; 1061 sc->cmdq[i].func = NULL; 1062 sc->cmdq_exec++; 1063 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1064 } 1065 RUN_UNLOCK(sc); 1066 } 1067 1068 static void 1069 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1070 { 1071 struct run_tx_data *data; 1072 1073 memset(pq, 0, sizeof(*pq)); 1074 1075 STAILQ_INIT(&pq->tx_qh); 1076 STAILQ_INIT(&pq->tx_fh); 1077 1078 for (data = &pq->tx_data[0]; 1079 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1080 data->sc = sc; 1081 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1082 } 1083 pq->tx_nfree = RUN_TX_RING_COUNT; 1084 } 1085 1086 static void 1087 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1088 { 1089 struct run_tx_data *data; 1090 1091 /* make sure any subsequent use of the queues will fail */ 1092 pq->tx_nfree = 0; 1093 STAILQ_INIT(&pq->tx_fh); 1094 STAILQ_INIT(&pq->tx_qh); 1095 1096 /* free up all node references and mbufs */ 1097 for (data = &pq->tx_data[0]; 1098 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1099 if (data->m != NULL) { 1100 m_freem(data->m); 1101 data->m = NULL; 1102 } 1103 if (data->ni != NULL) { 1104 ieee80211_free_node(data->ni); 1105 data->ni = NULL; 1106 } 1107 } 1108 } 1109 1110 static int 1111 run_load_microcode(struct run_softc *sc) 1112 { 1113 usb_device_request_t req; 1114 const struct firmware *fw; 1115 const u_char *base; 1116 uint32_t tmp; 1117 int ntries, error; 1118 const uint64_t *temp; 1119 uint64_t bytes; 1120 1121 wlan_assert_serialized(); 1122 1123 wlan_serialize_exit(); 1124 fw = firmware_get("runfw"); 1125 wlan_serialize_enter(); 1126 if (fw == NULL) { 1127 device_printf(sc->sc_dev, 1128 "failed loadfirmware of file %s\n", "runfw"); 1129 return ENOENT; 1130 } 1131 1132 if (fw->datasize != 8192) { 1133 device_printf(sc->sc_dev, 1134 "invalid firmware size (should be 8KB)\n"); 1135 error = EINVAL; 1136 goto fail; 1137 } 1138 1139 /* 1140 * RT3071/RT3072 use a different firmware 1141 * run-rt2870 (8KB) contains both, 1142 * first half (4KB) is for rt2870, 1143 * last half is for rt3071. 1144 */ 1145 base = fw->data; 1146 if ((sc->mac_ver) != 0x2860 && 1147 (sc->mac_ver) != 0x2872 && 1148 (sc->mac_ver) != 0x3070) { 1149 base += 4096; 1150 } 1151 1152 /* cheap sanity check */ 1153 temp = fw->data; 1154 bytes = *temp; 1155 if (bytes != be64toh(0xffffff0210280210ULL)) { 1156 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1157 error = EINVAL; 1158 goto fail; 1159 } 1160 1161 /* write microcode image */ 1162 if (sc->sc_flags & RUN_FLAG_FWLOAD_NEEDED) { 1163 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1164 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1165 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1166 } 1167 1168 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1169 req.bRequest = RT2870_RESET; 1170 USETW(req.wValue, 8); 1171 USETW(req.wIndex, 0); 1172 USETW(req.wLength, 0); 1173 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_lock, &req, NULL)) 1174 != 0) { 1175 device_printf(sc->sc_dev, "firmware reset failed\n"); 1176 goto fail; 1177 } 1178 1179 run_delay(sc, 10); 1180 1181 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1182 run_write(sc, RT2860_H2M_MAILBOX, 0); 1183 run_write(sc, RT2860_H2M_INTSRC, 0); 1184 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1185 goto fail; 1186 1187 /* wait until microcontroller is ready */ 1188 for (ntries = 0; ntries < 1000; ntries++) { 1189 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1190 goto fail; 1191 if (tmp & RT2860_MCU_READY) 1192 break; 1193 run_delay(sc, 10); 1194 } 1195 if (ntries == 1000) { 1196 device_printf(sc->sc_dev, 1197 "timeout waiting for MCU to initialize\n"); 1198 error = ETIMEDOUT; 1199 goto fail; 1200 } 1201 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1202 (base == fw->data) ? "RT2870" : "RT3071", 1203 *(base + 4092), *(base + 4093)); 1204 1205 fail: 1206 firmware_put(fw, FIRMWARE_UNLOAD); 1207 return (error); 1208 } 1209 1210 static int 1211 run_reset(struct run_softc *sc) 1212 { 1213 usb_device_request_t req; 1214 usb_error_t error; 1215 1216 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1217 req.bRequest = RT2870_RESET; 1218 USETW(req.wValue, 1); 1219 USETW(req.wIndex, 0); 1220 USETW(req.wLength, 0); 1221 error = usbd_do_request(sc->sc_udev, &sc->sc_lock, &req, NULL); 1222 return (error); 1223 } 1224 1225 static usb_error_t 1226 run_do_request(struct run_softc *sc, 1227 struct usb_device_request *req, void *data) 1228 { 1229 usb_error_t err; 1230 int ntries = 10; 1231 1232 RUN_LOCK_ASSERT(sc, MA_OWNED); 1233 1234 while (ntries--) { 1235 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_lock, 1236 req, data, 0, NULL, 250 /* ms */); 1237 if (err == 0) 1238 break; 1239 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1240 usbd_errstr(err)); 1241 run_delay(sc, 10); 1242 } 1243 return (err); 1244 } 1245 1246 static int 1247 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1248 { 1249 uint32_t tmp; 1250 int error; 1251 1252 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1253 if (error == 0) 1254 *val = le32toh(tmp); 1255 else 1256 *val = 0xffffffff; 1257 return (error); 1258 } 1259 1260 static int 1261 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1262 { 1263 usb_device_request_t req; 1264 1265 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1266 req.bRequest = RT2870_READ_REGION_1; 1267 USETW(req.wValue, 0); 1268 USETW(req.wIndex, reg); 1269 USETW(req.wLength, len); 1270 1271 return (run_do_request(sc, &req, buf)); 1272 } 1273 1274 static int 1275 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1276 { 1277 usb_device_request_t req; 1278 1279 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1280 req.bRequest = RT2870_WRITE_2; 1281 USETW(req.wValue, val); 1282 USETW(req.wIndex, reg); 1283 USETW(req.wLength, 0); 1284 1285 return (run_do_request(sc, &req, NULL)); 1286 } 1287 1288 static int 1289 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1290 { 1291 int error; 1292 1293 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1294 error = run_write_2(sc, reg + 2, val >> 16); 1295 return (error); 1296 } 1297 1298 static int 1299 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1300 int len) 1301 { 1302 #if 1 1303 int i, error = 0; 1304 /* 1305 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1306 * We thus issue multiple WRITE_2 commands instead. 1307 */ 1308 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1309 for (i = 0; i < len && error == 0; i += 2) 1310 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1311 return (error); 1312 #else 1313 usb_device_request_t req; 1314 int error = 0; 1315 1316 /* 1317 * NOTE: It appears the WRITE_REGION_1 command cannot be 1318 * passed a huge amount of data, which will crash the 1319 * firmware. Limit amount of data passed to 64-bytes at a 1320 * time. 1321 */ 1322 while (len > 0) { 1323 int delta = 64; 1324 if (delta > len) 1325 delta = len; 1326 1327 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1328 req.bRequest = RT2870_WRITE_REGION_1; 1329 USETW(req.wValue, 0); 1330 USETW(req.wIndex, reg); 1331 USETW(req.wLength, delta); 1332 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1333 if (error != 0) 1334 break; 1335 reg += delta; 1336 buf += delta; 1337 len -= delta; 1338 } 1339 return (error); 1340 #endif 1341 } 1342 1343 static int 1344 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1345 { 1346 int i, error = 0; 1347 1348 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1349 for (i = 0; i < len && error == 0; i += 4) 1350 error = run_write(sc, reg + i, val); 1351 return (error); 1352 } 1353 1354 static int 1355 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1356 { 1357 uint32_t tmp; 1358 uint16_t reg; 1359 int error, ntries; 1360 1361 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1362 return (error); 1363 1364 if (count == 2) 1365 addr *= 2; 1366 /*- 1367 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1368 * DATA0: F E D C 1369 * DATA1: B A 9 8 1370 * DATA2: 7 6 5 4 1371 * DATA3: 3 2 1 0 1372 */ 1373 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1374 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1375 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1376 for (ntries = 0; ntries < 100; ntries++) { 1377 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1378 return (error); 1379 if (!(tmp & RT3070_EFSROM_KICK)) 1380 break; 1381 run_delay(sc, 2); 1382 } 1383 if (ntries == 100) 1384 return (ETIMEDOUT); 1385 1386 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1387 *val = 0xffff; /* address not found */ 1388 return (0); 1389 } 1390 /* determine to which 32-bit register our 16-bit word belongs */ 1391 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1392 if ((error = run_read(sc, reg, &tmp)) != 0) 1393 return (error); 1394 1395 tmp >>= (8 * (addr & 0x3)); 1396 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1397 1398 return (0); 1399 } 1400 1401 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1402 static int 1403 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1404 { 1405 return (run_efuse_read(sc, addr, val, 2)); 1406 } 1407 1408 static int 1409 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1410 { 1411 usb_device_request_t req; 1412 uint16_t tmp; 1413 int error; 1414 1415 addr *= 2; 1416 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1417 req.bRequest = RT2870_EEPROM_READ; 1418 USETW(req.wValue, 0); 1419 USETW(req.wIndex, addr); 1420 USETW(req.wLength, sizeof(tmp)); 1421 1422 error = usbd_do_request(sc->sc_udev, &sc->sc_lock, &req, &tmp); 1423 if (error == 0) 1424 *val = le16toh(tmp); 1425 else 1426 *val = 0xffff; 1427 return (error); 1428 } 1429 1430 static __inline int 1431 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1432 { 1433 /* either eFUSE ROM or EEPROM */ 1434 return sc->sc_srom_read(sc, addr, val); 1435 } 1436 1437 static int 1438 run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1439 { 1440 uint32_t tmp; 1441 int error, ntries; 1442 1443 for (ntries = 0; ntries < 10; ntries++) { 1444 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1445 return (error); 1446 if (!(tmp & RT2860_RF_REG_CTRL)) 1447 break; 1448 } 1449 if (ntries == 10) 1450 return (ETIMEDOUT); 1451 1452 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1453 } 1454 1455 static int 1456 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1457 { 1458 uint32_t tmp; 1459 int error, ntries; 1460 1461 for (ntries = 0; ntries < 100; ntries++) { 1462 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1463 return (error); 1464 if (!(tmp & RT3070_RF_KICK)) 1465 break; 1466 } 1467 if (ntries == 100) 1468 return (ETIMEDOUT); 1469 1470 tmp = RT3070_RF_KICK | reg << 8; 1471 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1472 return (error); 1473 1474 for (ntries = 0; ntries < 100; ntries++) { 1475 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1476 return (error); 1477 if (!(tmp & RT3070_RF_KICK)) 1478 break; 1479 } 1480 if (ntries == 100) 1481 return (ETIMEDOUT); 1482 1483 *val = tmp & 0xff; 1484 return (0); 1485 } 1486 1487 static int 1488 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1489 { 1490 uint32_t tmp; 1491 int error, ntries; 1492 1493 for (ntries = 0; ntries < 10; ntries++) { 1494 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1495 return (error); 1496 if (!(tmp & RT3070_RF_KICK)) 1497 break; 1498 } 1499 if (ntries == 10) 1500 return (ETIMEDOUT); 1501 1502 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1503 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1504 } 1505 1506 static int 1507 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1508 { 1509 uint32_t tmp; 1510 int ntries, error; 1511 1512 for (ntries = 0; ntries < 10; ntries++) { 1513 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1514 return (error); 1515 if (!(tmp & RT2860_BBP_CSR_KICK)) 1516 break; 1517 } 1518 if (ntries == 10) 1519 return (ETIMEDOUT); 1520 1521 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1522 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1523 return (error); 1524 1525 for (ntries = 0; ntries < 10; ntries++) { 1526 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1527 return (error); 1528 if (!(tmp & RT2860_BBP_CSR_KICK)) 1529 break; 1530 } 1531 if (ntries == 10) 1532 return (ETIMEDOUT); 1533 1534 *val = tmp & 0xff; 1535 return (0); 1536 } 1537 1538 static int 1539 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1540 { 1541 uint32_t tmp; 1542 int ntries, error; 1543 1544 for (ntries = 0; ntries < 10; ntries++) { 1545 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1546 return (error); 1547 if (!(tmp & RT2860_BBP_CSR_KICK)) 1548 break; 1549 } 1550 if (ntries == 10) 1551 return (ETIMEDOUT); 1552 1553 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1554 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1555 } 1556 1557 /* 1558 * Send a command to the 8051 microcontroller unit. 1559 */ 1560 static int 1561 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1562 { 1563 uint32_t tmp; 1564 int error, ntries; 1565 1566 for (ntries = 0; ntries < 100; ntries++) { 1567 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1568 return error; 1569 if (!(tmp & RT2860_H2M_BUSY)) 1570 break; 1571 } 1572 if (ntries == 100) 1573 return ETIMEDOUT; 1574 1575 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1576 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1577 error = run_write(sc, RT2860_HOST_CMD, cmd); 1578 return (error); 1579 } 1580 1581 /* 1582 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1583 * Used to adjust per-rate Tx power registers. 1584 */ 1585 static __inline uint32_t 1586 b4inc(uint32_t b32, int8_t delta) 1587 { 1588 int8_t i, b4; 1589 1590 for (i = 0; i < 8; i++) { 1591 b4 = b32 & 0xf; 1592 b4 += delta; 1593 if (b4 < 0) 1594 b4 = 0; 1595 else if (b4 > 0xf) 1596 b4 = 0xf; 1597 b32 = b32 >> 4 | b4 << 28; 1598 } 1599 return (b32); 1600 } 1601 1602 static const char * 1603 run_get_rf(uint16_t rev) 1604 { 1605 switch (rev) { 1606 case RT2860_RF_2820: return "RT2820"; 1607 case RT2860_RF_2850: return "RT2850"; 1608 case RT2860_RF_2720: return "RT2720"; 1609 case RT2860_RF_2750: return "RT2750"; 1610 case RT3070_RF_3020: return "RT3020"; 1611 case RT3070_RF_2020: return "RT2020"; 1612 case RT3070_RF_3021: return "RT3021"; 1613 case RT3070_RF_3022: return "RT3022"; 1614 case RT3070_RF_3052: return "RT3052"; 1615 case RT3593_RF_3053: return "RT3053"; 1616 case RT5592_RF_5592: return "RT5592"; 1617 case RT5390_RF_5370: return "RT5370"; 1618 case RT5390_RF_5372: return "RT5372"; 1619 } 1620 return ("unknown"); 1621 } 1622 1623 static void 1624 run_rt3593_get_txpower(struct run_softc *sc) 1625 { 1626 uint16_t addr, val; 1627 int i; 1628 1629 /* Read power settings for 2GHz channels. */ 1630 for (i = 0; i < 14; i += 2) { 1631 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1632 RT2860_EEPROM_PWR2GHZ_BASE1; 1633 run_srom_read(sc, addr + i / 2, &val); 1634 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1635 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1636 1637 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1638 RT2860_EEPROM_PWR2GHZ_BASE2; 1639 run_srom_read(sc, addr + i / 2, &val); 1640 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1641 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1642 1643 if (sc->ntxchains == 3) { 1644 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1645 &val); 1646 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1647 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1648 } 1649 } 1650 /* Fix broken Tx power entries. */ 1651 for (i = 0; i < 14; i++) { 1652 if (sc->txpow1[i] > 31) 1653 sc->txpow1[i] = 5; 1654 if (sc->txpow2[i] > 31) 1655 sc->txpow2[i] = 5; 1656 if (sc->ntxchains == 3) { 1657 if (sc->txpow3[i] > 31) 1658 sc->txpow3[i] = 5; 1659 } 1660 } 1661 /* Read power settings for 5GHz channels. */ 1662 for (i = 0; i < 40; i += 2) { 1663 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1664 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1665 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1666 1667 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1668 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1669 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1670 1671 if (sc->ntxchains == 3) { 1672 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1673 &val); 1674 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1675 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1676 } 1677 } 1678 } 1679 1680 static void 1681 run_get_txpower(struct run_softc *sc) 1682 { 1683 uint16_t val; 1684 int i; 1685 1686 /* Read power settings for 2GHz channels. */ 1687 for (i = 0; i < 14; i += 2) { 1688 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1689 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1690 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1691 1692 if (sc->mac_ver != 0x5390) { 1693 run_srom_read(sc, 1694 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1695 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1696 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1697 } 1698 } 1699 /* Fix broken Tx power entries. */ 1700 for (i = 0; i < 14; i++) { 1701 if (sc->mac_ver >= 0x5390) { 1702 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1703 sc->txpow1[i] = 5; 1704 } else { 1705 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1706 sc->txpow1[i] = 5; 1707 } 1708 if (sc->mac_ver > 0x5390) { 1709 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1710 sc->txpow2[i] = 5; 1711 } else if (sc->mac_ver < 0x5390) { 1712 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1713 sc->txpow2[i] = 5; 1714 } 1715 DPRINTF("chan %d: power1=%d, power2=%d\n", 1716 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1717 } 1718 /* Read power settings for 5GHz channels. */ 1719 for (i = 0; i < 40; i += 2) { 1720 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1721 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1722 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1723 1724 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1725 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1726 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1727 } 1728 /* Fix broken Tx power entries. */ 1729 for (i = 0; i < 40; i++ ) { 1730 if (sc->mac_ver != 0x5592) { 1731 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1732 sc->txpow1[14 + i] = 5; 1733 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1734 sc->txpow2[14 + i] = 5; 1735 } 1736 DPRINTF("chan %d: power1=%d, power2=%d\n", 1737 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1738 sc->txpow2[14 + i]); 1739 } 1740 } 1741 1742 static int 1743 run_read_eeprom(struct run_softc *sc) 1744 { 1745 int8_t delta_2ghz, delta_5ghz; 1746 uint32_t tmp; 1747 uint16_t val; 1748 int ridx, ant, i; 1749 1750 /* check whether the ROM is eFUSE ROM or EEPROM */ 1751 sc->sc_srom_read = run_eeprom_read_2; 1752 if (sc->mac_ver >= 0x3070) { 1753 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1754 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1755 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593) 1756 sc->sc_srom_read = run_efuse_read_2; 1757 } 1758 1759 /* read ROM version */ 1760 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1761 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1762 1763 /* read MAC address */ 1764 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1765 sc->sc_bssid[0] = val & 0xff; 1766 sc->sc_bssid[1] = val >> 8; 1767 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1768 sc->sc_bssid[2] = val & 0xff; 1769 sc->sc_bssid[3] = val >> 8; 1770 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1771 sc->sc_bssid[4] = val & 0xff; 1772 sc->sc_bssid[5] = val >> 8; 1773 1774 if (sc->mac_ver < 0x3593) { 1775 /* read vender BBP settings */ 1776 for (i = 0; i < 10; i++) { 1777 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1778 sc->bbp[i].val = val & 0xff; 1779 sc->bbp[i].reg = val >> 8; 1780 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1781 sc->bbp[i].val); 1782 } 1783 if (sc->mac_ver >= 0x3071) { 1784 /* read vendor RF settings */ 1785 for (i = 0; i < 10; i++) { 1786 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1787 &val); 1788 sc->rf[i].val = val & 0xff; 1789 sc->rf[i].reg = val >> 8; 1790 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1791 sc->rf[i].val); 1792 } 1793 } 1794 } 1795 1796 /* read RF frequency offset from EEPROM */ 1797 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1798 RT3593_EEPROM_FREQ, &val); 1799 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1800 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1801 1802 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1803 RT3593_EEPROM_FREQ_LEDS, &val); 1804 if (val >> 8 != 0xff) { 1805 /* read LEDs operating mode */ 1806 sc->leds = val >> 8; 1807 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1808 RT3593_EEPROM_LED1, &sc->led[0]); 1809 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1810 RT3593_EEPROM_LED2, &sc->led[1]); 1811 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1812 RT3593_EEPROM_LED3, &sc->led[2]); 1813 } else { 1814 /* broken EEPROM, use default settings */ 1815 sc->leds = 0x01; 1816 sc->led[0] = 0x5555; 1817 sc->led[1] = 0x2221; 1818 sc->led[2] = 0x5627; /* differs from RT2860 */ 1819 } 1820 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1821 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1822 1823 /* read RF information */ 1824 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1825 run_srom_read(sc, 0x00, &val); 1826 else 1827 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1828 1829 if (val == 0xffff) { 1830 device_printf(sc->sc_dev, 1831 "invalid EEPROM antenna info, using default\n"); 1832 DPRINTF("invalid EEPROM antenna info, using default\n"); 1833 if (sc->mac_ver == 0x3572) { 1834 /* default to RF3052 2T2R */ 1835 sc->rf_rev = RT3070_RF_3052; 1836 sc->ntxchains = 2; 1837 sc->nrxchains = 2; 1838 } else if (sc->mac_ver >= 0x3070) { 1839 /* default to RF3020 1T1R */ 1840 sc->rf_rev = RT3070_RF_3020; 1841 sc->ntxchains = 1; 1842 sc->nrxchains = 1; 1843 } else { 1844 /* default to RF2820 1T2R */ 1845 sc->rf_rev = RT2860_RF_2820; 1846 sc->ntxchains = 1; 1847 sc->nrxchains = 2; 1848 } 1849 } else { 1850 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1851 sc->rf_rev = val; 1852 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1853 } else 1854 sc->rf_rev = (val >> 8) & 0xf; 1855 sc->ntxchains = (val >> 4) & 0xf; 1856 sc->nrxchains = val & 0xf; 1857 } 1858 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1859 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1860 1861 /* check if RF supports automatic Tx access gain control */ 1862 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1863 DPRINTF("EEPROM CFG 0x%04x\n", val); 1864 /* check if driver should patch the DAC issue */ 1865 if ((val >> 8) != 0xff) 1866 sc->patch_dac = (val >> 15) & 1; 1867 if ((val & 0xff) != 0xff) { 1868 sc->ext_5ghz_lna = (val >> 3) & 1; 1869 sc->ext_2ghz_lna = (val >> 2) & 1; 1870 /* check if RF supports automatic Tx access gain control */ 1871 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1872 /* check if we have a hardware radio switch */ 1873 sc->rfswitch = val & 1; 1874 } 1875 1876 /* Read Tx power settings. */ 1877 if (sc->mac_ver == 0x3593) 1878 run_rt3593_get_txpower(sc); 1879 else 1880 run_get_txpower(sc); 1881 1882 /* read Tx power compensation for each Tx rate */ 1883 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1884 delta_2ghz = delta_5ghz = 0; 1885 if ((val & 0xff) != 0xff && (val & 0x80)) { 1886 delta_2ghz = val & 0xf; 1887 if (!(val & 0x40)) /* negative number */ 1888 delta_2ghz = -delta_2ghz; 1889 } 1890 val >>= 8; 1891 if ((val & 0xff) != 0xff && (val & 0x80)) { 1892 delta_5ghz = val & 0xf; 1893 if (!(val & 0x40)) /* negative number */ 1894 delta_5ghz = -delta_5ghz; 1895 } 1896 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1897 delta_2ghz, delta_5ghz); 1898 1899 for (ridx = 0; ridx < 5; ridx++) { 1900 uint32_t reg; 1901 1902 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1903 reg = val; 1904 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1905 reg |= (uint32_t)val << 16; 1906 1907 sc->txpow20mhz[ridx] = reg; 1908 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1909 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1910 1911 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1912 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1913 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1914 } 1915 1916 /* Read RSSI offsets and LNA gains from EEPROM. */ 1917 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1918 RT3593_EEPROM_RSSI1_2GHZ, &val); 1919 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1920 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1921 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1922 RT3593_EEPROM_RSSI2_2GHZ, &val); 1923 if (sc->mac_ver >= 0x3070) { 1924 if (sc->mac_ver == 0x3593) { 1925 sc->txmixgain_2ghz = 0; 1926 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1927 } else { 1928 /* 1929 * On RT3070 chips (limited to 2 Rx chains), this ROM 1930 * field contains the Tx mixer gain for the 2GHz band. 1931 */ 1932 if ((val & 0xff) != 0xff) 1933 sc->txmixgain_2ghz = val & 0x7; 1934 } 1935 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1936 } else 1937 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1938 if (sc->mac_ver == 0x3593) 1939 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1940 sc->lna[2] = val >> 8; /* channel group 2 */ 1941 1942 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1943 RT3593_EEPROM_RSSI1_5GHZ, &val); 1944 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1945 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1946 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1947 RT3593_EEPROM_RSSI2_5GHZ, &val); 1948 if (sc->mac_ver == 0x3572) { 1949 /* 1950 * On RT3572 chips (limited to 2 Rx chains), this ROM 1951 * field contains the Tx mixer gain for the 5GHz band. 1952 */ 1953 if ((val & 0xff) != 0xff) 1954 sc->txmixgain_5ghz = val & 0x7; 1955 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1956 } else 1957 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1958 if (sc->mac_ver == 0x3593) { 1959 sc->txmixgain_5ghz = 0; 1960 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1961 } 1962 sc->lna[3] = val >> 8; /* channel group 3 */ 1963 1964 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1965 RT3593_EEPROM_LNA, &val); 1966 sc->lna[0] = val & 0xff; /* channel group 0 */ 1967 sc->lna[1] = val >> 8; /* channel group 1 */ 1968 1969 /* fix broken 5GHz LNA entries */ 1970 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1971 DPRINTF("invalid LNA for channel group %d\n", 2); 1972 sc->lna[2] = sc->lna[1]; 1973 } 1974 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1975 DPRINTF("invalid LNA for channel group %d\n", 3); 1976 sc->lna[3] = sc->lna[1]; 1977 } 1978 1979 /* fix broken RSSI offset entries */ 1980 for (ant = 0; ant < 3; ant++) { 1981 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1982 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1983 ant + 1, sc->rssi_2ghz[ant]); 1984 sc->rssi_2ghz[ant] = 0; 1985 } 1986 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1987 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1988 ant + 1, sc->rssi_5ghz[ant]); 1989 sc->rssi_5ghz[ant] = 0; 1990 } 1991 } 1992 return (0); 1993 } 1994 1995 static struct ieee80211_node * 1996 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1997 { 1998 return kmalloc(sizeof (struct run_node), M_DEVBUF, M_WAITOK | M_ZERO); 1999 } 2000 2001 static int 2002 run_media_change(struct ifnet *ifp) 2003 { 2004 struct ieee80211vap *vap = ifp->if_softc; 2005 struct ieee80211com *ic = vap->iv_ic; 2006 const struct ieee80211_txparam *tp; 2007 struct run_softc *sc = ic->ic_softc; 2008 uint8_t rate, ridx; 2009 int error; 2010 2011 RUN_LOCK(sc); 2012 2013 error = ieee80211_media_change(ifp); 2014 if (error != ENETRESET) { 2015 RUN_UNLOCK(sc); 2016 return (error); 2017 } 2018 2019 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2020 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2021 struct ieee80211_node *ni; 2022 struct run_node *rn; 2023 2024 rate = ic->ic_sup_rates[ic->ic_curmode]. 2025 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2026 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2027 if (rt2860_rates[ridx].rate == rate) 2028 break; 2029 ni = ieee80211_ref_node(vap->iv_bss); 2030 rn = (struct run_node *)ni; 2031 rn->fix_ridx = ridx; 2032 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2033 ieee80211_free_node(ni); 2034 } 2035 2036 #if 0 2037 if ((ifp->if_flags & IFF_UP) && 2038 (ifp->if_flags & IFF_RUNNING)){ 2039 run_init_locked(sc); 2040 } 2041 #endif 2042 2043 RUN_UNLOCK(sc); 2044 2045 return (0); 2046 } 2047 2048 static int 2049 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2050 { 2051 const struct ieee80211_txparam *tp; 2052 struct ieee80211com *ic = vap->iv_ic; 2053 struct run_softc *sc = ic->ic_softc; 2054 struct run_vap *rvp = RUN_VAP(vap); 2055 enum ieee80211_state ostate; 2056 uint32_t sta[3]; 2057 uint32_t tmp; 2058 uint8_t ratectl; 2059 uint8_t restart_ratectl = 0; 2060 uint8_t bid = 1 << rvp->rvp_id; 2061 2062 ostate = vap->iv_state; 2063 DPRINTF("%s -> %s\n", 2064 ieee80211_state_name[ostate], 2065 ieee80211_state_name[nstate]); 2066 2067 RUN_LOCK(sc); 2068 2069 ratectl = sc->ratectl_run; /* remember current state */ 2070 sc->ratectl_run = RUN_RATECTL_OFF; 2071 usb_callout_stop(&sc->ratectl_ch); 2072 2073 if (ostate == IEEE80211_S_RUN) { 2074 /* turn link LED off */ 2075 run_set_leds(sc, RT2860_LED_RADIO); 2076 } 2077 2078 switch (nstate) { 2079 case IEEE80211_S_INIT: 2080 restart_ratectl = 1; 2081 2082 if (ostate != IEEE80211_S_RUN) 2083 break; 2084 2085 ratectl &= ~bid; 2086 sc->runbmap &= ~bid; 2087 2088 /* abort TSF synchronization if there is no vap running */ 2089 if (--sc->running == 0) { 2090 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2091 run_write(sc, RT2860_BCN_TIME_CFG, 2092 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2093 RT2860_TBTT_TIMER_EN)); 2094 } 2095 break; 2096 2097 case IEEE80211_S_RUN: 2098 if (!(sc->runbmap & bid)) { 2099 if(sc->running++) 2100 restart_ratectl = 1; 2101 sc->runbmap |= bid; 2102 } 2103 2104 m_freem(rvp->beacon_mbuf); 2105 rvp->beacon_mbuf = NULL; 2106 2107 switch (vap->iv_opmode) { 2108 case IEEE80211_M_HOSTAP: 2109 case IEEE80211_M_MBSS: 2110 sc->ap_running |= bid; 2111 ic->ic_opmode = vap->iv_opmode; 2112 run_update_beacon_cb(vap); 2113 break; 2114 case IEEE80211_M_IBSS: 2115 sc->adhoc_running |= bid; 2116 if (!sc->ap_running) 2117 ic->ic_opmode = vap->iv_opmode; 2118 run_update_beacon_cb(vap); 2119 break; 2120 case IEEE80211_M_STA: 2121 sc->sta_running |= bid; 2122 if (!sc->ap_running && !sc->adhoc_running) 2123 ic->ic_opmode = vap->iv_opmode; 2124 2125 /* read statistic counters (clear on read) */ 2126 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2127 (uint8_t *)sta, sizeof sta); 2128 2129 break; 2130 default: 2131 ic->ic_opmode = vap->iv_opmode; 2132 break; 2133 } 2134 2135 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2136 struct ieee80211_node *ni; 2137 2138 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2139 RUN_UNLOCK(sc); 2140 return (-1); 2141 } 2142 run_updateslot(ic); 2143 run_enable_mrr(sc); 2144 run_set_txpreamble(sc); 2145 run_set_basicrates(sc); 2146 ni = ieee80211_ref_node(vap->iv_bss); 2147 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2148 run_set_bssid(sc, ni->ni_bssid); 2149 ieee80211_free_node(ni); 2150 run_enable_tsf_sync(sc); 2151 2152 /* enable automatic rate adaptation */ 2153 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2154 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2155 ratectl |= bid; 2156 } 2157 2158 /* turn link LED on */ 2159 run_set_leds(sc, RT2860_LED_RADIO | 2160 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2161 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2162 2163 break; 2164 default: 2165 DPRINTFN(6, "undefined case\n"); 2166 break; 2167 } 2168 2169 /* restart amrr for running VAPs */ 2170 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2171 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2172 2173 RUN_UNLOCK(sc); 2174 2175 return(rvp->newstate(vap, nstate, arg)); 2176 } 2177 2178 /* ARGSUSED */ 2179 static void 2180 run_wme_update_cb(void *arg) 2181 { 2182 struct ieee80211com *ic = arg; 2183 struct run_softc *sc = ic->ic_softc; 2184 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2185 int aci, error = 0; 2186 2187 RUN_LOCK_ASSERT(sc, MA_OWNED); 2188 2189 /* update MAC TX configuration registers */ 2190 for (aci = 0; aci < WME_NUM_AC; aci++) { 2191 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2192 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2193 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2194 wmesp->wme_params[aci].wmep_aifsn << 8 | 2195 wmesp->wme_params[aci].wmep_txopLimit); 2196 if (error) goto err; 2197 } 2198 2199 /* update SCH/DMA registers too */ 2200 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2201 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2202 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2203 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2204 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2205 if (error) goto err; 2206 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2207 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2208 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2209 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2210 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2211 if (error) goto err; 2212 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2213 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2214 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2215 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2216 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2217 if (error) goto err; 2218 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2219 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2220 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2221 if (error) goto err; 2222 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2223 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2224 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2225 2226 err: 2227 if (error) 2228 DPRINTF("WME update failed\n"); 2229 2230 return; 2231 } 2232 2233 static int 2234 run_wme_update(struct ieee80211com *ic) 2235 { 2236 struct run_softc *sc = ic->ic_softc; 2237 2238 #if defined(__DragonFly__) 2239 if (lockstatus(&ic->ic_comlock, curthread) == LK_EXCLUSIVE) { 2240 #else 2241 if (mtx_owned(&ic->ic_comlock.mtx)) { 2242 #endif 2243 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2244 DPRINTF("cmdq_store=%d\n", i); 2245 sc->cmdq[i].func = run_wme_update_cb; 2246 sc->cmdq[i].arg0 = ic; 2247 ieee80211_runtask(ic, &sc->cmdq_task); 2248 return (0); 2249 } 2250 2251 RUN_LOCK(sc); 2252 run_wme_update_cb(ic); 2253 RUN_UNLOCK(sc); 2254 2255 /* return whatever, upper layer desn't care anyway */ 2256 return (0); 2257 } 2258 2259 static void 2260 run_key_update_begin(struct ieee80211vap *vap) 2261 { 2262 /* 2263 * To avoid out-of-order events, both run_key_set() and 2264 * _delete() are deferred and handled by run_cmdq_cb(). 2265 * So, there is nothing we need to do here. 2266 */ 2267 } 2268 2269 static void 2270 run_key_update_end(struct ieee80211vap *vap) 2271 { 2272 /* null */ 2273 } 2274 2275 static void 2276 run_key_set_cb(void *arg) 2277 { 2278 struct run_cmdq *cmdq = arg; 2279 struct ieee80211vap *vap = cmdq->arg1; 2280 struct ieee80211_key *k = cmdq->k; 2281 struct ieee80211com *ic = vap->iv_ic; 2282 struct run_softc *sc = ic->ic_softc; 2283 struct ieee80211_node *ni; 2284 uint32_t attr; 2285 uint16_t base, associd; 2286 uint8_t mode, wcid, iv[8]; 2287 2288 RUN_LOCK_ASSERT(sc, MA_OWNED); 2289 2290 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2291 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2292 else 2293 ni = vap->iv_bss; 2294 associd = (ni != NULL) ? ni->ni_associd : 0; 2295 2296 /* map net80211 cipher to RT2860 security mode */ 2297 switch (k->wk_cipher->ic_cipher) { 2298 case IEEE80211_CIPHER_WEP: 2299 if(k->wk_keylen < 8) 2300 mode = RT2860_MODE_WEP40; 2301 else 2302 mode = RT2860_MODE_WEP104; 2303 break; 2304 case IEEE80211_CIPHER_TKIP: 2305 mode = RT2860_MODE_TKIP; 2306 break; 2307 case IEEE80211_CIPHER_AES_CCM: 2308 mode = RT2860_MODE_AES_CCMP; 2309 break; 2310 default: 2311 DPRINTF("undefined case\n"); 2312 return; 2313 } 2314 2315 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2316 associd, k->wk_keyix, mode, 2317 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2318 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2319 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2320 2321 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2322 wcid = 0; /* NB: update WCID0 for group keys */ 2323 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2324 } else { 2325 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2326 1 : RUN_AID2WCID(associd); 2327 base = RT2860_PKEY(wcid); 2328 } 2329 2330 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2331 if(run_write_region_1(sc, base, k->wk_key, 16)) 2332 return; 2333 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2334 return; 2335 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2336 return; 2337 } else { 2338 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2339 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2340 return; 2341 } 2342 2343 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2344 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2345 /* set initial packet number in IV+EIV */ 2346 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2347 memset(iv, 0, sizeof iv); 2348 iv[3] = vap->iv_def_txkey << 6; 2349 } else { 2350 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2351 iv[0] = k->wk_keytsc >> 8; 2352 iv[1] = (iv[0] | 0x20) & 0x7f; 2353 iv[2] = k->wk_keytsc; 2354 } else /* CCMP */ { 2355 iv[0] = k->wk_keytsc; 2356 iv[1] = k->wk_keytsc >> 8; 2357 iv[2] = 0; 2358 } 2359 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2360 iv[4] = k->wk_keytsc >> 16; 2361 iv[5] = k->wk_keytsc >> 24; 2362 iv[6] = k->wk_keytsc >> 32; 2363 iv[7] = k->wk_keytsc >> 40; 2364 } 2365 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2366 return; 2367 } 2368 2369 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2370 /* install group key */ 2371 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2372 return; 2373 attr &= ~(0xf << (k->wk_keyix * 4)); 2374 attr |= mode << (k->wk_keyix * 4); 2375 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2376 return; 2377 } else { 2378 /* install pairwise key */ 2379 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2380 return; 2381 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2382 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2383 return; 2384 } 2385 2386 /* TODO create a pass-thru key entry? */ 2387 2388 /* need wcid to delete the right key later */ 2389 k->wk_pad = wcid; 2390 } 2391 2392 /* 2393 * Don't have to be deferred, but in order to keep order of 2394 * execution, i.e. with run_key_delete(), defer this and let 2395 * run_cmdq_cb() maintain the order. 2396 * 2397 * return 0 on error 2398 */ 2399 static int 2400 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2401 const uint8_t mac[IEEE80211_ADDR_LEN]) 2402 { 2403 struct ieee80211com *ic = vap->iv_ic; 2404 struct run_softc *sc = ic->ic_softc; 2405 uint32_t i; 2406 2407 i = RUN_CMDQ_GET(&sc->cmdq_store); 2408 DPRINTF("cmdq_store=%d\n", i); 2409 sc->cmdq[i].func = run_key_set_cb; 2410 sc->cmdq[i].arg0 = NULL; 2411 sc->cmdq[i].arg1 = vap; 2412 sc->cmdq[i].k = k; 2413 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2414 ieee80211_runtask(ic, &sc->cmdq_task); 2415 2416 /* 2417 * To make sure key will be set when hostapd 2418 * calls iv_key_set() before if_init(). 2419 */ 2420 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2421 RUN_LOCK(sc); 2422 sc->cmdq_key_set = RUN_CMDQ_GO; 2423 RUN_UNLOCK(sc); 2424 } 2425 2426 return (1); 2427 } 2428 2429 /* 2430 * If wlan is destroyed without being brought down i.e. without 2431 * wlan down or wpa_cli terminate, this function is called after 2432 * vap is gone. Don't refer it. 2433 */ 2434 static void 2435 run_key_delete_cb(void *arg) 2436 { 2437 struct run_cmdq *cmdq = arg; 2438 struct run_softc *sc = cmdq->arg1; 2439 struct ieee80211_key *k = &cmdq->key; 2440 uint32_t attr; 2441 uint8_t wcid; 2442 2443 RUN_LOCK_ASSERT(sc, MA_OWNED); 2444 2445 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2446 /* remove group key */ 2447 DPRINTF("removing group key\n"); 2448 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2449 attr &= ~(0xf << (k->wk_keyix * 4)); 2450 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2451 } else { 2452 /* remove pairwise key */ 2453 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2454 /* matching wcid was written to wk_pad in run_key_set() */ 2455 wcid = k->wk_pad; 2456 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2457 attr &= ~0xf; 2458 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2459 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2460 } 2461 2462 k->wk_pad = 0; 2463 } 2464 2465 /* 2466 * return 0 on error 2467 */ 2468 static int 2469 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2470 { 2471 struct ieee80211com *ic = vap->iv_ic; 2472 struct run_softc *sc = ic->ic_softc; 2473 struct ieee80211_key *k0; 2474 uint32_t i; 2475 2476 /* 2477 * When called back, key might be gone. So, make a copy 2478 * of some values need to delete keys before deferring. 2479 * But, because of LOR with node lock, cannot use lock here. 2480 * So, use atomic instead. 2481 */ 2482 i = RUN_CMDQ_GET(&sc->cmdq_store); 2483 DPRINTF("cmdq_store=%d\n", i); 2484 sc->cmdq[i].func = run_key_delete_cb; 2485 sc->cmdq[i].arg0 = NULL; 2486 sc->cmdq[i].arg1 = sc; 2487 k0 = &sc->cmdq[i].key; 2488 k0->wk_flags = k->wk_flags; 2489 k0->wk_keyix = k->wk_keyix; 2490 /* matching wcid was written to wk_pad in run_key_set() */ 2491 k0->wk_pad = k->wk_pad; 2492 ieee80211_runtask(ic, &sc->cmdq_task); 2493 return (1); /* return fake success */ 2494 2495 } 2496 2497 static void 2498 run_ratectl_to(void *arg) 2499 { 2500 struct run_softc *sc = arg; 2501 2502 /* do it in a process context, so it can go sleep */ 2503 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2504 /* next timeout will be rescheduled in the callback task */ 2505 } 2506 2507 /* ARGSUSED */ 2508 static void 2509 run_ratectl_cb(void *arg, int pending) 2510 { 2511 struct run_softc *sc = arg; 2512 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2513 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2514 2515 if (vap == NULL) 2516 return; 2517 2518 if (sc->rvp_cnt > 1 || vap->iv_opmode != IEEE80211_M_STA) { 2519 /* 2520 * run_reset_livelock() doesn't do anything with AMRR, 2521 * but Ralink wants us to call it every 1 sec. So, we 2522 * piggyback here rather than creating another callout. 2523 * Livelock may occur only in HOSTAP or IBSS mode 2524 * (when h/w is sending beacons). 2525 */ 2526 RUN_LOCK(sc); 2527 run_reset_livelock(sc); 2528 /* just in case, there are some stats to drain */ 2529 run_drain_fifo(sc); 2530 RUN_UNLOCK(sc); 2531 } 2532 2533 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2534 2535 RUN_LOCK(sc); 2536 if(sc->ratectl_run != RUN_RATECTL_OFF) 2537 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2538 RUN_UNLOCK(sc); 2539 } 2540 2541 static void 2542 run_drain_fifo(void *arg) 2543 { 2544 struct run_softc *sc = arg; 2545 struct ifnet *ifp = sc->sc_ifp; 2546 uint32_t stat; 2547 uint16_t (*wstat)[3]; 2548 uint8_t wcid, mcs, pid; 2549 int8_t retry; 2550 2551 RUN_LOCK_ASSERT(sc, MA_OWNED); 2552 2553 for (;;) { 2554 /* drain Tx status FIFO (maxsize = 16) */ 2555 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2556 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2557 if (!(stat & RT2860_TXQ_VLD)) 2558 break; 2559 2560 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2561 2562 /* if no ACK was requested, no feedback is available */ 2563 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2564 wcid == 0) 2565 continue; 2566 2567 /* 2568 * Even though each stat is Tx-complete-status like format, 2569 * the device can poll stats. Because there is no guarantee 2570 * that the referring node is still around when read the stats. 2571 * So that, if we use ieee80211_ratectl_tx_update(), we will 2572 * have hard time not to refer already freed node. 2573 * 2574 * To eliminate such page faults, we poll stats in softc. 2575 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2576 */ 2577 wstat = &(sc->wcid_stats[wcid]); 2578 (*wstat)[RUN_TXCNT]++; 2579 if (stat & RT2860_TXQ_OK) 2580 (*wstat)[RUN_SUCCESS]++; 2581 else 2582 IFNET_STAT_INC(ifp, oerrors, 1); 2583 /* 2584 * Check if there were retries, ie if the Tx success rate is 2585 * different from the requested rate. Note that it works only 2586 * because we do not allow rate fallback from OFDM to CCK. 2587 */ 2588 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2589 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2590 if ((retry = pid -1 - mcs) > 0) { 2591 (*wstat)[RUN_TXCNT] += retry; 2592 (*wstat)[RUN_RETRY] += retry; 2593 } 2594 } 2595 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2596 2597 sc->fifo_cnt = 0; 2598 } 2599 2600 static void 2601 run_iter_func(void *arg, struct ieee80211_node *ni) 2602 { 2603 struct run_softc *sc = arg; 2604 struct ieee80211vap *vap = ni->ni_vap; 2605 struct ieee80211com *ic = ni->ni_ic; 2606 struct ifnet *ifp = ic->ic_ifp; 2607 struct run_node *rn = (void *)ni; 2608 union run_stats sta[2]; 2609 uint16_t (*wstat)[3]; 2610 int txcnt, success, retrycnt, error; 2611 2612 RUN_LOCK(sc); 2613 2614 /* Check for special case */ 2615 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA && 2616 ni != vap->iv_bss) 2617 goto fail; 2618 2619 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2620 vap->iv_opmode == IEEE80211_M_STA)) { 2621 /* read statistic counters (clear on read) and update AMRR state */ 2622 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2623 sizeof sta); 2624 if (error != 0) 2625 goto fail; 2626 2627 /* count failed TX as errors */ 2628 IFNET_STAT_INC(ifp, oerrors, le16toh(sta[0].error.fail)); 2629 2630 retrycnt = le16toh(sta[1].tx.retry); 2631 success = le16toh(sta[1].tx.success); 2632 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2633 2634 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2635 retrycnt, success, le16toh(sta[0].error.fail)); 2636 } else { 2637 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2638 2639 if (wstat == &(sc->wcid_stats[0]) || 2640 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2641 goto fail; 2642 2643 txcnt = (*wstat)[RUN_TXCNT]; 2644 success = (*wstat)[RUN_SUCCESS]; 2645 retrycnt = (*wstat)[RUN_RETRY]; 2646 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2647 retrycnt, txcnt, success); 2648 2649 memset(wstat, 0, sizeof(*wstat)); 2650 } 2651 2652 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2653 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2654 2655 fail: 2656 RUN_UNLOCK(sc); 2657 2658 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2659 } 2660 2661 static void 2662 run_newassoc_cb(void *arg) 2663 { 2664 struct run_cmdq *cmdq = arg; 2665 struct ieee80211_node *ni = cmdq->arg1; 2666 struct run_softc *sc = ni->ni_vap->iv_ic->ic_softc; 2667 uint8_t wcid = cmdq->wcid; 2668 2669 RUN_LOCK_ASSERT(sc, MA_OWNED); 2670 2671 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2672 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2673 2674 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2675 } 2676 2677 static void 2678 run_newassoc(struct ieee80211_node *ni, int isnew) 2679 { 2680 struct run_node *rn = (void *)ni; 2681 struct ieee80211_rateset *rs = &ni->ni_rates; 2682 struct ieee80211vap *vap = ni->ni_vap; 2683 struct ieee80211com *ic = vap->iv_ic; 2684 struct run_softc *sc = ic->ic_softc; 2685 uint8_t rate; 2686 uint8_t ridx; 2687 uint8_t wcid; 2688 int i, j; 2689 #ifdef RUN_DEBUG 2690 char ethstr[ETHER_ADDRSTRLEN + 1]; 2691 #endif 2692 2693 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2694 1 : RUN_AID2WCID(ni->ni_associd); 2695 2696 if (wcid > RT2870_WCID_MAX) { 2697 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2698 return; 2699 } 2700 2701 /* only interested in true associations */ 2702 if (isnew && ni->ni_associd != 0) { 2703 2704 /* 2705 * This function could is called though timeout function. 2706 * Need to defer. 2707 */ 2708 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2709 DPRINTF("cmdq_store=%d\n", cnt); 2710 sc->cmdq[cnt].func = run_newassoc_cb; 2711 sc->cmdq[cnt].arg0 = NULL; 2712 sc->cmdq[cnt].arg1 = ni; 2713 sc->cmdq[cnt].wcid = wcid; 2714 ieee80211_runtask(ic, &sc->cmdq_task); 2715 } 2716 2717 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2718 isnew, ni->ni_associd, kether_ntoa(ni->ni_macaddr, ethstr)); 2719 2720 for (i = 0; i < rs->rs_nrates; i++) { 2721 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2722 /* convert 802.11 rate to hardware rate index */ 2723 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2724 if (rt2860_rates[ridx].rate == rate) 2725 break; 2726 rn->ridx[i] = ridx; 2727 /* determine rate of control response frames */ 2728 for (j = i; j >= 0; j--) { 2729 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2730 rt2860_rates[rn->ridx[i]].phy == 2731 rt2860_rates[rn->ridx[j]].phy) 2732 break; 2733 } 2734 if (j >= 0) { 2735 rn->ctl_ridx[i] = rn->ridx[j]; 2736 } else { 2737 /* no basic rate found, use mandatory one */ 2738 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2739 } 2740 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2741 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2742 } 2743 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2744 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2745 if (rt2860_rates[ridx].rate == rate) 2746 break; 2747 rn->mgt_ridx = ridx; 2748 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2749 2750 RUN_LOCK(sc); 2751 if(sc->ratectl_run != RUN_RATECTL_OFF) 2752 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2753 RUN_UNLOCK(sc); 2754 } 2755 2756 /* 2757 * Return the Rx chain with the highest RSSI for a given frame. 2758 */ 2759 static __inline uint8_t 2760 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2761 { 2762 uint8_t rxchain = 0; 2763 2764 if (sc->nrxchains > 1) { 2765 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2766 rxchain = 1; 2767 if (sc->nrxchains > 2) 2768 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2769 rxchain = 2; 2770 } 2771 return (rxchain); 2772 } 2773 2774 static void 2775 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2776 { 2777 struct ifnet *ifp = sc->sc_ifp; 2778 struct ieee80211com *ic = ifp->if_l2com; 2779 struct ieee80211_frame *wh; 2780 struct ieee80211_node *ni; 2781 struct rt2870_rxd *rxd; 2782 struct rt2860_rxwi *rxwi; 2783 uint32_t flags; 2784 uint16_t len, rxwisize; 2785 uint8_t ant, rssi; 2786 int8_t nf; 2787 2788 rxwi = mtod(m, struct rt2860_rxwi *); 2789 len = le16toh(rxwi->len) & 0xfff; 2790 rxwisize = sizeof(struct rt2860_rxwi); 2791 if (sc->mac_ver == 0x5592) 2792 rxwisize += sizeof(uint64_t); 2793 else if (sc->mac_ver == 0x3593) 2794 rxwisize += sizeof(uint32_t); 2795 if (__predict_false(len > dmalen)) { 2796 m_freem(m); 2797 IFNET_STAT_INC(ifp, ierrors, 1); 2798 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2799 return; 2800 } 2801 /* Rx descriptor is located at the end */ 2802 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2803 flags = le32toh(rxd->flags); 2804 2805 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2806 m_freem(m); 2807 IFNET_STAT_INC(ifp, ierrors, 1); 2808 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2809 return; 2810 } 2811 2812 m->m_data += rxwisize; 2813 m->m_pkthdr.len = m->m_len -= rxwisize; 2814 2815 wh = mtod(m, struct ieee80211_frame *); 2816 2817 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2818 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2819 m->m_flags |= M_WEP; 2820 } 2821 2822 if (flags & RT2860_RX_L2PAD) { 2823 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2824 len += 2; 2825 } 2826 2827 ni = ieee80211_find_rxnode(ic, 2828 mtod(m, struct ieee80211_frame_min *)); 2829 2830 if (__predict_false(flags & RT2860_RX_MICERR)) { 2831 /* report MIC failures to net80211 for TKIP */ 2832 if (ni != NULL) 2833 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2834 rxwi->keyidx); 2835 m_freem(m); 2836 IFNET_STAT_INC(ifp, ierrors, 1); 2837 DPRINTF("MIC error. Someone is lying.\n"); 2838 return; 2839 } 2840 2841 ant = run_maxrssi_chain(sc, rxwi); 2842 rssi = rxwi->rssi[ant]; 2843 nf = run_rssi2dbm(sc, rssi, ant); 2844 2845 m->m_pkthdr.rcvif = ifp; 2846 m->m_pkthdr.len = m->m_len = len; 2847 2848 if (ni != NULL) { 2849 (void)ieee80211_input(ni, m, rssi, nf); 2850 ieee80211_free_node(ni); 2851 } else { 2852 (void)ieee80211_input_all(ic, m, rssi, nf); 2853 } 2854 2855 if (__predict_false(ieee80211_radiotap_active(ic))) { 2856 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2857 uint16_t phy; 2858 2859 tap->wr_flags = 0; 2860 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2861 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2862 tap->wr_antsignal = rssi; 2863 tap->wr_antenna = ant; 2864 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2865 tap->wr_rate = 2; /* in case it can't be found below */ 2866 phy = le16toh(rxwi->phy); 2867 switch (phy & RT2860_PHY_MODE) { 2868 case RT2860_PHY_CCK: 2869 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2870 case 0: tap->wr_rate = 2; break; 2871 case 1: tap->wr_rate = 4; break; 2872 case 2: tap->wr_rate = 11; break; 2873 case 3: tap->wr_rate = 22; break; 2874 } 2875 if (phy & RT2860_PHY_SHPRE) 2876 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2877 break; 2878 case RT2860_PHY_OFDM: 2879 switch (phy & RT2860_PHY_MCS) { 2880 case 0: tap->wr_rate = 12; break; 2881 case 1: tap->wr_rate = 18; break; 2882 case 2: tap->wr_rate = 24; break; 2883 case 3: tap->wr_rate = 36; break; 2884 case 4: tap->wr_rate = 48; break; 2885 case 5: tap->wr_rate = 72; break; 2886 case 6: tap->wr_rate = 96; break; 2887 case 7: tap->wr_rate = 108; break; 2888 } 2889 break; 2890 } 2891 } 2892 } 2893 2894 static void 2895 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2896 { 2897 struct run_softc *sc = usbd_xfer_softc(xfer); 2898 struct ifnet *ifp = sc->sc_ifp; 2899 struct mbuf *m = NULL; 2900 struct mbuf *m0; 2901 uint32_t dmalen; 2902 uint16_t rxwisize; 2903 int xferlen; 2904 2905 rxwisize = sizeof(struct rt2860_rxwi); 2906 if (sc->mac_ver == 0x5592) 2907 rxwisize += sizeof(uint64_t); 2908 else if (sc->mac_ver == 0x3593) 2909 rxwisize += sizeof(uint32_t); 2910 2911 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2912 2913 switch (USB_GET_STATE(xfer)) { 2914 case USB_ST_TRANSFERRED: 2915 2916 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2917 2918 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2919 sizeof(struct rt2870_rxd))) { 2920 DPRINTF("xfer too short %d\n", xferlen); 2921 goto tr_setup; 2922 } 2923 2924 m = sc->rx_m; 2925 sc->rx_m = NULL; 2926 2927 /* FALLTHROUGH */ 2928 case USB_ST_SETUP: 2929 tr_setup: 2930 if (sc->rx_m == NULL) { 2931 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2932 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2933 } 2934 if (sc->rx_m == NULL) { 2935 DPRINTF("could not allocate mbuf - idle with stall\n"); 2936 IFNET_STAT_INC(ifp, ierrors, 1); 2937 usbd_xfer_set_stall(xfer); 2938 usbd_xfer_set_frames(xfer, 0); 2939 } else { 2940 /* 2941 * Directly loading a mbuf cluster into DMA to 2942 * save some data copying. This works because 2943 * there is only one cluster. 2944 */ 2945 usbd_xfer_set_frame_data(xfer, 0, 2946 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2947 usbd_xfer_set_frames(xfer, 1); 2948 } 2949 usbd_transfer_submit(xfer); 2950 break; 2951 2952 default: /* Error */ 2953 if (error != USB_ERR_CANCELLED) { 2954 /* try to clear stall first */ 2955 usbd_xfer_set_stall(xfer); 2956 2957 if (error == USB_ERR_TIMEOUT) 2958 device_printf(sc->sc_dev, "device timeout\n"); 2959 2960 IFNET_STAT_INC(ifp, ierrors, 1); 2961 2962 goto tr_setup; 2963 } 2964 if (sc->rx_m != NULL) { 2965 m_freem(sc->rx_m); 2966 sc->rx_m = NULL; 2967 } 2968 break; 2969 } 2970 2971 if (m == NULL) 2972 return; 2973 2974 /* inputting all the frames must be last */ 2975 2976 RUN_UNLOCK(sc); 2977 2978 m->m_pkthdr.len = m->m_len = xferlen; 2979 2980 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2981 for(;;) { 2982 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2983 2984 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2985 ((dmalen & 3) != 0)) { 2986 DPRINTF("bad DMA length %u\n", dmalen); 2987 break; 2988 } 2989 if ((dmalen + 8) > (uint32_t)xferlen) { 2990 DPRINTF("bad DMA length %u > %d\n", 2991 dmalen + 8, xferlen); 2992 break; 2993 } 2994 2995 /* If it is the last one or a single frame, we won't copy. */ 2996 if ((xferlen -= dmalen + 8) <= 8) { 2997 /* trim 32-bit DMA-len header */ 2998 m->m_data += 4; 2999 m->m_pkthdr.len = m->m_len -= 4; 3000 run_rx_frame(sc, m, dmalen); 3001 m = NULL; /* don't free source buffer */ 3002 break; 3003 } 3004 3005 /* copy aggregated frames to another mbuf */ 3006 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 3007 if (__predict_false(m0 == NULL)) { 3008 DPRINTF("could not allocate mbuf\n"); 3009 IFNET_STAT_INC(ifp, ierrors, 1); 3010 break; 3011 } 3012 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 3013 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 3014 m0->m_pkthdr.len = m0->m_len = 3015 dmalen + sizeof(struct rt2870_rxd); 3016 run_rx_frame(sc, m0, dmalen); 3017 3018 /* update data ptr */ 3019 m->m_data += dmalen + 8; 3020 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3021 } 3022 3023 /* make sure we free the source buffer, if any */ 3024 m_freem(m); 3025 3026 RUN_LOCK(sc); 3027 } 3028 3029 static void 3030 run_tx_free(struct run_endpoint_queue *pq, 3031 struct run_tx_data *data, int txerr) 3032 { 3033 if (data->m != NULL) { 3034 if (data->m->m_flags & M_TXCB) 3035 ieee80211_process_callback(data->ni, data->m, 3036 txerr ? ETIMEDOUT : 0); 3037 m_freem(data->m); 3038 data->m = NULL; 3039 3040 if (data->ni == NULL) { 3041 DPRINTF("no node\n"); 3042 } else { 3043 ieee80211_free_node(data->ni); 3044 data->ni = NULL; 3045 } 3046 } 3047 3048 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3049 pq->tx_nfree++; 3050 } 3051 3052 static void 3053 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3054 { 3055 struct run_softc *sc = usbd_xfer_softc(xfer); 3056 struct ifnet *ifp = sc->sc_ifp; 3057 struct ieee80211com *ic = ifp->if_l2com; 3058 struct run_tx_data *data; 3059 struct ieee80211vap *vap = NULL; 3060 struct usb_page_cache *pc; 3061 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3062 struct mbuf *m; 3063 usb_frlength_t size; 3064 int actlen; 3065 int sumlen; 3066 3067 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3068 3069 switch (USB_GET_STATE(xfer)) { 3070 case USB_ST_TRANSFERRED: 3071 DPRINTFN(11, "transfer complete: %d " 3072 "bytes @ index %d\n", actlen, index); 3073 3074 data = usbd_xfer_get_priv(xfer); 3075 3076 run_tx_free(pq, data, 0); 3077 ifq_clr_oactive(&ifp->if_snd); 3078 3079 usbd_xfer_set_priv(xfer, NULL); 3080 3081 IFNET_STAT_INC(ifp, opackets, 1); 3082 3083 /* FALLTHROUGH */ 3084 case USB_ST_SETUP: 3085 tr_setup: 3086 data = STAILQ_FIRST(&pq->tx_qh); 3087 if (data == NULL) 3088 break; 3089 3090 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3091 3092 m = data->m; 3093 size = (sc->mac_ver == 0x5592) ? 3094 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3095 if ((m->m_pkthdr.len + 3096 size + 3 + 8) > RUN_MAX_TXSZ) { 3097 DPRINTF("data overflow, %u bytes\n", 3098 m->m_pkthdr.len); 3099 3100 IFNET_STAT_INC(ifp, oerrors, 1); 3101 3102 run_tx_free(pq, data, 1); 3103 3104 goto tr_setup; 3105 } 3106 3107 pc = usbd_xfer_get_frame(xfer, 0); 3108 usbd_copy_in(pc, 0, &data->desc, size); 3109 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3110 size += m->m_pkthdr.len; 3111 /* 3112 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3113 * 4-byte padding), and be sure to zero those trailing 3114 * bytes: 3115 */ 3116 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3117 size += ((-size) & 3) + 8; 3118 3119 vap = data->ni->ni_vap; 3120 if (ieee80211_radiotap_active_vap(vap)) { 3121 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3122 struct rt2860_txwi *txwi = 3123 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3124 tap->wt_flags = 0; 3125 tap->wt_rate = rt2860_rates[data->ridx].rate; 3126 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3127 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3128 tap->wt_hwqueue = index; 3129 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3130 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3131 3132 ieee80211_radiotap_tx(vap, m); 3133 } 3134 3135 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3136 m->m_pkthdr.len, size, index); 3137 3138 usbd_xfer_set_frame_len(xfer, 0, size); 3139 usbd_xfer_set_priv(xfer, data); 3140 3141 usbd_transfer_submit(xfer); 3142 3143 run_start(ifp, NULL); 3144 3145 break; 3146 3147 default: 3148 DPRINTF("USB transfer error, %s\n", 3149 usbd_errstr(error)); 3150 3151 data = usbd_xfer_get_priv(xfer); 3152 3153 IFNET_STAT_INC(ifp, oerrors, 1); 3154 3155 if (data != NULL) { 3156 if(data->ni != NULL) 3157 vap = data->ni->ni_vap; 3158 run_tx_free(pq, data, error); 3159 usbd_xfer_set_priv(xfer, NULL); 3160 } 3161 if (vap == NULL) 3162 vap = TAILQ_FIRST(&ic->ic_vaps); 3163 3164 if (error != USB_ERR_CANCELLED) { 3165 if (error == USB_ERR_TIMEOUT) { 3166 device_printf(sc->sc_dev, "device timeout\n"); 3167 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3168 DPRINTF("cmdq_store=%d\n", i); 3169 sc->cmdq[i].func = run_usb_timeout_cb; 3170 sc->cmdq[i].arg0 = vap; 3171 ieee80211_runtask(ic, &sc->cmdq_task); 3172 } 3173 3174 /* 3175 * Try to clear stall first, also if other 3176 * errors occur, hence clearing stall 3177 * introduces a 50 ms delay: 3178 */ 3179 usbd_xfer_set_stall(xfer); 3180 goto tr_setup; 3181 } 3182 break; 3183 } 3184 } 3185 3186 static void 3187 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3188 { 3189 run_bulk_tx_callbackN(xfer, error, 0); 3190 } 3191 3192 static void 3193 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3194 { 3195 run_bulk_tx_callbackN(xfer, error, 1); 3196 } 3197 3198 static void 3199 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3200 { 3201 run_bulk_tx_callbackN(xfer, error, 2); 3202 } 3203 3204 static void 3205 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3206 { 3207 run_bulk_tx_callbackN(xfer, error, 3); 3208 } 3209 3210 static void 3211 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3212 { 3213 run_bulk_tx_callbackN(xfer, error, 4); 3214 } 3215 3216 static void 3217 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3218 { 3219 run_bulk_tx_callbackN(xfer, error, 5); 3220 } 3221 3222 static void 3223 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3224 { 3225 struct mbuf *m = data->m; 3226 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3227 struct ieee80211vap *vap = data->ni->ni_vap; 3228 struct ieee80211_frame *wh; 3229 struct rt2870_txd *txd; 3230 struct rt2860_txwi *txwi; 3231 uint16_t xferlen, txwisize; 3232 uint16_t mcs; 3233 uint8_t ridx = data->ridx; 3234 uint8_t pad; 3235 3236 /* get MCS code from rate index */ 3237 mcs = rt2860_rates[ridx].mcs; 3238 3239 txwisize = (sc->mac_ver == 0x5592) ? 3240 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3241 xferlen = txwisize + m->m_pkthdr.len; 3242 3243 /* roundup to 32-bit alignment */ 3244 xferlen = (xferlen + 3) & ~3; 3245 3246 txd = (struct rt2870_txd *)&data->desc; 3247 txd->len = htole16(xferlen); 3248 3249 wh = mtod(m, struct ieee80211_frame *); 3250 3251 /* 3252 * Ether both are true or both are false, the header 3253 * are nicely aligned to 32-bit. So, no L2 padding. 3254 */ 3255 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3256 pad = 0; 3257 else 3258 pad = 2; 3259 3260 /* setup TX Wireless Information */ 3261 txwi = (struct rt2860_txwi *)(txd + 1); 3262 txwi->len = htole16(m->m_pkthdr.len - pad); 3263 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3264 mcs |= RT2860_PHY_CCK; 3265 if (ridx != RT2860_RIDX_CCK1 && 3266 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3267 mcs |= RT2860_PHY_SHPRE; 3268 } else 3269 mcs |= RT2860_PHY_OFDM; 3270 txwi->phy |= htole16(mcs); 3271 3272 /* check if RTS/CTS or CTS-to-self protection is required */ 3273 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3274 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3275 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3276 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3277 txwi->txop |= RT2860_TX_TXOP_HT; 3278 else 3279 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3280 3281 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3282 txwi->xflags |= RT2860_TX_NSEQ; 3283 } 3284 3285 /* This function must be called locked */ 3286 static int 3287 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3288 { 3289 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3290 struct ieee80211vap *vap = ni->ni_vap; 3291 struct ieee80211_frame *wh; 3292 struct ieee80211_channel *chan; 3293 const struct ieee80211_txparam *tp; 3294 struct run_node *rn = (void *)ni; 3295 struct run_tx_data *data; 3296 struct rt2870_txd *txd; 3297 struct rt2860_txwi *txwi; 3298 uint16_t qos; 3299 uint16_t dur; 3300 uint16_t qid; 3301 uint8_t type; 3302 uint8_t tid; 3303 uint8_t ridx; 3304 uint8_t ctl_ridx; 3305 uint8_t qflags; 3306 uint8_t xflags = 0; 3307 int hasqos; 3308 3309 #if 0 /* XXX swildner: lock needed? */ 3310 RUN_LOCK_ASSERT(sc, MA_OWNED); 3311 #endif 3312 3313 wh = mtod(m, struct ieee80211_frame *); 3314 3315 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3316 3317 /* 3318 * There are 7 bulk endpoints: 1 for RX 3319 * and 6 for TX (4 EDCAs + HCCA + Prio). 3320 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3321 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3322 */ 3323 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3324 uint8_t *frm; 3325 3326 if(IEEE80211_HAS_ADDR4(wh)) 3327 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3328 else 3329 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3330 3331 qos = le16toh(*(const uint16_t *)frm); 3332 tid = qos & IEEE80211_QOS_TID; 3333 qid = TID_TO_WME_AC(tid); 3334 } else { 3335 qos = 0; 3336 tid = 0; 3337 qid = WME_AC_BE; 3338 } 3339 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3340 3341 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3342 qos, qid, tid, qflags); 3343 3344 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3345 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3346 3347 /* pickup a rate index */ 3348 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3349 type != IEEE80211_FC0_TYPE_DATA || m->m_flags & M_EAPOL) { 3350 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3351 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3352 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3353 } else { 3354 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3355 ridx = rn->fix_ridx; 3356 else 3357 ridx = rn->amrr_ridx; 3358 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3359 } 3360 3361 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3362 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3363 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3364 xflags |= RT2860_TX_ACK; 3365 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3366 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3367 else 3368 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3369 USETW(wh->i_dur, dur); 3370 } 3371 3372 /* reserve slots for mgmt packets, just in case */ 3373 if (sc->sc_epq[qid].tx_nfree < 3) { 3374 DPRINTFN(10, "tx ring %d is full\n", qid); 3375 return (-1); 3376 } 3377 3378 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3379 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3380 sc->sc_epq[qid].tx_nfree--; 3381 3382 txd = (struct rt2870_txd *)&data->desc; 3383 txd->flags = qflags; 3384 txwi = (struct rt2860_txwi *)(txd + 1); 3385 txwi->xflags = xflags; 3386 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3387 txwi->wcid = 0; 3388 else 3389 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3390 1 : RUN_AID2WCID(ni->ni_associd); 3391 3392 /* clear leftover garbage bits */ 3393 txwi->flags = 0; 3394 txwi->txop = 0; 3395 3396 data->m = m; 3397 data->ni = ni; 3398 data->ridx = ridx; 3399 3400 run_set_tx_desc(sc, data); 3401 3402 /* 3403 * The chip keeps track of 2 kind of Tx stats, 3404 * * TX_STAT_FIFO, for per WCID stats, and 3405 * * TX_STA_CNT0 for all-TX-in-one stats. 3406 * 3407 * To use FIFO stats, we need to store MCS into the driver-private 3408 * PacketID field. So that, we can tell whose stats when we read them. 3409 * We add 1 to the MCS because setting the PacketID field to 0 means 3410 * that we don't want feedback in TX_STAT_FIFO. 3411 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3412 * 3413 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3414 */ 3415 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3416 vap->iv_opmode == IEEE80211_M_MBSS) { 3417 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3418 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3419 3420 /* 3421 * Unlike PCI based devices, we don't get any interrupt from 3422 * USB devices, so we simulate FIFO-is-full interrupt here. 3423 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3424 * quickly get fulled. To prevent overflow, increment a counter on 3425 * every FIFO stat request, so we know how many slots are left. 3426 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3427 * are used only in those modes. 3428 * We just drain stats. AMRR gets updated every 1 sec by 3429 * run_ratectl_cb() via callout. 3430 * Call it early. Otherwise overflow. 3431 */ 3432 if (sc->fifo_cnt++ == 10) { 3433 /* 3434 * With multiple vaps or if_bridge, if_start() is called 3435 * with a non-sleepable lock, tcpinp. So, need to defer. 3436 */ 3437 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3438 DPRINTFN(6, "cmdq_store=%d\n", i); 3439 sc->cmdq[i].func = run_drain_fifo; 3440 sc->cmdq[i].arg0 = sc; 3441 ieee80211_runtask(ic, &sc->cmdq_task); 3442 } 3443 } 3444 3445 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3446 3447 RUN_LOCK(sc); 3448 usbd_transfer_start(sc->sc_xfer[qid]); 3449 RUN_UNLOCK(sc); 3450 3451 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3452 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3453 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3454 3455 return (0); 3456 } 3457 3458 static int 3459 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3460 { 3461 struct ifnet *ifp = sc->sc_ifp; 3462 struct ieee80211com *ic = ifp->if_l2com; 3463 struct run_node *rn = (void *)ni; 3464 struct run_tx_data *data; 3465 struct ieee80211_frame *wh; 3466 struct rt2870_txd *txd; 3467 struct rt2860_txwi *txwi; 3468 uint16_t dur; 3469 uint8_t ridx = rn->mgt_ridx; 3470 uint8_t type; 3471 uint8_t xflags = 0; 3472 uint8_t wflags = 0; 3473 3474 RUN_LOCK_ASSERT(sc, MA_OWNED); 3475 3476 wh = mtod(m, struct ieee80211_frame *); 3477 3478 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3479 3480 /* tell hardware to add timestamp for probe responses */ 3481 if ((wh->i_fc[0] & 3482 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3483 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3484 wflags |= RT2860_TX_TS; 3485 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3486 xflags |= RT2860_TX_ACK; 3487 3488 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3489 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3490 USETW(wh->i_dur, dur); 3491 } 3492 3493 if (sc->sc_epq[0].tx_nfree == 0) { 3494 /* let caller free mbuf */ 3495 ifq_set_oactive(&ifp->if_snd); 3496 return (EIO); 3497 } 3498 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3499 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3500 sc->sc_epq[0].tx_nfree--; 3501 3502 txd = (struct rt2870_txd *)&data->desc; 3503 txd->flags = RT2860_TX_QSEL_EDCA; 3504 txwi = (struct rt2860_txwi *)(txd + 1); 3505 txwi->wcid = 0xff; 3506 txwi->flags = wflags; 3507 txwi->xflags = xflags; 3508 txwi->txop = 0; /* clear leftover garbage bits */ 3509 3510 data->m = m; 3511 data->ni = ni; 3512 data->ridx = ridx; 3513 3514 run_set_tx_desc(sc, data); 3515 3516 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3517 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3518 rt2860_rates[ridx].rate); 3519 3520 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3521 3522 usbd_transfer_start(sc->sc_xfer[0]); 3523 3524 return (0); 3525 } 3526 3527 static int 3528 run_sendprot(struct run_softc *sc, 3529 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3530 { 3531 struct ieee80211com *ic = ni->ni_ic; 3532 struct ieee80211_frame *wh; 3533 struct run_tx_data *data; 3534 struct rt2870_txd *txd; 3535 struct rt2860_txwi *txwi; 3536 struct mbuf *mprot; 3537 int ridx; 3538 int protrate; 3539 int ackrate; 3540 int pktlen; 3541 int isshort; 3542 uint16_t dur; 3543 uint8_t type; 3544 uint8_t wflags = 0; 3545 uint8_t xflags = 0; 3546 3547 RUN_LOCK_ASSERT(sc, MA_OWNED); 3548 3549 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3550 ("protection %d", prot)); 3551 3552 wh = mtod(m, struct ieee80211_frame *); 3553 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3554 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3555 3556 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3557 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3558 3559 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3560 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3561 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3562 wflags = RT2860_TX_FRAG; 3563 3564 /* check that there are free slots before allocating the mbuf */ 3565 if (sc->sc_epq[0].tx_nfree == 0) { 3566 /* let caller free mbuf */ 3567 ifq_set_oactive(&sc->sc_ifp->if_snd); 3568 return (ENOBUFS); 3569 } 3570 3571 if (prot == IEEE80211_PROT_RTSCTS) { 3572 /* NB: CTS is the same size as an ACK */ 3573 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3574 xflags |= RT2860_TX_ACK; 3575 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3576 } else { 3577 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3578 } 3579 if (mprot == NULL) { 3580 IFNET_STAT_INC(sc->sc_ifp, oerrors, 1); 3581 DPRINTF("could not allocate mbuf\n"); 3582 return (ENOBUFS); 3583 } 3584 3585 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3586 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3587 sc->sc_epq[0].tx_nfree--; 3588 3589 txd = (struct rt2870_txd *)&data->desc; 3590 txd->flags = RT2860_TX_QSEL_EDCA; 3591 txwi = (struct rt2860_txwi *)(txd + 1); 3592 txwi->wcid = 0xff; 3593 txwi->flags = wflags; 3594 txwi->xflags = xflags; 3595 txwi->txop = 0; /* clear leftover garbage bits */ 3596 3597 data->m = mprot; 3598 data->ni = ieee80211_ref_node(ni); 3599 3600 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3601 if (rt2860_rates[ridx].rate == protrate) 3602 break; 3603 data->ridx = ridx; 3604 3605 run_set_tx_desc(sc, data); 3606 3607 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3608 m->m_pkthdr.len, rate); 3609 3610 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3611 3612 usbd_transfer_start(sc->sc_xfer[0]); 3613 3614 return (0); 3615 } 3616 3617 static int 3618 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3619 const struct ieee80211_bpf_params *params) 3620 { 3621 struct ieee80211com *ic = ni->ni_ic; 3622 struct ieee80211_frame *wh; 3623 struct run_tx_data *data; 3624 struct rt2870_txd *txd; 3625 struct rt2860_txwi *txwi; 3626 uint8_t type; 3627 uint8_t ridx; 3628 uint8_t rate; 3629 uint8_t opflags = 0; 3630 uint8_t xflags = 0; 3631 int error; 3632 3633 RUN_LOCK_ASSERT(sc, MA_OWNED); 3634 3635 KASSERT(params != NULL, ("no raw xmit params")); 3636 3637 wh = mtod(m, struct ieee80211_frame *); 3638 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3639 3640 rate = params->ibp_rate0; 3641 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3642 /* let caller free mbuf */ 3643 return (EINVAL); 3644 } 3645 3646 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3647 xflags |= RT2860_TX_ACK; 3648 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3649 error = run_sendprot(sc, m, ni, 3650 params->ibp_flags & IEEE80211_BPF_RTS ? 3651 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3652 rate); 3653 if (error) { 3654 /* let caller free mbuf */ 3655 return error; 3656 } 3657 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3658 } 3659 3660 if (sc->sc_epq[0].tx_nfree == 0) { 3661 /* let caller free mbuf */ 3662 ifq_set_oactive(&sc->sc_ifp->if_snd); 3663 DPRINTF("sending raw frame, but tx ring is full\n"); 3664 return (EIO); 3665 } 3666 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3667 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3668 sc->sc_epq[0].tx_nfree--; 3669 3670 txd = (struct rt2870_txd *)&data->desc; 3671 txd->flags = RT2860_TX_QSEL_EDCA; 3672 txwi = (struct rt2860_txwi *)(txd + 1); 3673 txwi->wcid = 0xff; 3674 txwi->xflags = xflags; 3675 txwi->txop = opflags; 3676 txwi->flags = 0; /* clear leftover garbage bits */ 3677 3678 data->m = m; 3679 data->ni = ni; 3680 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3681 if (rt2860_rates[ridx].rate == rate) 3682 break; 3683 data->ridx = ridx; 3684 3685 run_set_tx_desc(sc, data); 3686 3687 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3688 m->m_pkthdr.len, rate); 3689 3690 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3691 3692 usbd_transfer_start(sc->sc_xfer[0]); 3693 3694 return (0); 3695 } 3696 3697 static int 3698 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3699 const struct ieee80211_bpf_params *params) 3700 { 3701 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3702 struct run_softc *sc = ni->ni_ic->ic_softc; 3703 int error = 0; 3704 3705 RUN_LOCK(sc); 3706 3707 /* prevent management frames from being sent if we're not ready */ 3708 if (!(ifp->if_flags & IFF_RUNNING)) { 3709 error = ENETDOWN; 3710 goto done; 3711 } 3712 3713 if (params == NULL) { 3714 /* tx mgt packet */ 3715 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3716 IFNET_STAT_INC(ifp, oerrors, 1); 3717 DPRINTF("mgt tx failed\n"); 3718 goto done; 3719 } 3720 } else { 3721 /* tx raw packet with param */ 3722 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3723 IFNET_STAT_INC(ifp, oerrors, 1); 3724 DPRINTF("tx with param failed\n"); 3725 goto done; 3726 } 3727 } 3728 3729 IFNET_STAT_INC(ifp, opackets, 1); 3730 3731 done: 3732 RUN_UNLOCK(sc); 3733 3734 if (error != 0) { 3735 if(m != NULL) 3736 m_freem(m); 3737 ieee80211_free_node(ni); 3738 } 3739 3740 return (error); 3741 } 3742 3743 static void 3744 run_start(struct ifnet *ifp, struct ifaltq_subque *ifsq) 3745 { 3746 struct run_softc *sc = ifp->if_softc; 3747 struct ieee80211_node *ni; 3748 struct mbuf *m = NULL; 3749 3750 #if 0 3751 ASSERT_ALTQ_SQ_DEFAULT(ifp, ifsq); 3752 #endif 3753 if ((ifp->if_flags & IFF_RUNNING) == 0) 3754 return; 3755 3756 RUN_LOCK(sc); 3757 for (;;) { 3758 /* send data frames */ 3759 m = ifq_dequeue(&ifp->if_snd); 3760 if (m == NULL) 3761 break; 3762 3763 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3764 if (run_tx(sc, m, ni) != 0) { 3765 ifq_prepend(&ifp->if_snd, m); 3766 ifq_set_oactive(&ifp->if_snd); 3767 break; 3768 } 3769 } 3770 RUN_UNLOCK(sc); 3771 } 3772 3773 static int 3774 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 3775 { 3776 struct ieee80211com *ic = ifp->if_l2com; 3777 struct run_softc *sc = ic->ic_softc; 3778 struct ifreq *ifr = (struct ifreq *) data; 3779 int startall = 0; 3780 int error; 3781 3782 RUN_LOCK(sc); 3783 error = sc->sc_detached ? ENXIO : 0; 3784 RUN_UNLOCK(sc); 3785 if (error) 3786 return (error); 3787 3788 switch (cmd) { 3789 case SIOCSIFFLAGS: 3790 RUN_LOCK(sc); 3791 if (ifp->if_flags & IFF_UP) { 3792 if (!(ifp->if_flags & IFF_RUNNING)){ 3793 startall = 1; 3794 run_init_locked(sc); 3795 } else 3796 run_update_promisc_locked(sc); 3797 } else { 3798 if (ifp->if_flags & IFF_RUNNING && 3799 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3800 run_stop(sc); 3801 } 3802 } 3803 RUN_UNLOCK(sc); 3804 if (startall) 3805 ieee80211_start_all(ic); 3806 break; 3807 case SIOCGIFMEDIA: 3808 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3809 break; 3810 case SIOCGIFADDR: 3811 error = ether_ioctl(ifp, cmd, data); 3812 break; 3813 default: 3814 error = EINVAL; 3815 break; 3816 } 3817 3818 return (error); 3819 } 3820 3821 static void 3822 run_iq_calib(struct run_softc *sc, u_int chan) 3823 { 3824 uint16_t val; 3825 3826 /* Tx0 IQ gain. */ 3827 run_bbp_write(sc, 158, 0x2c); 3828 if (chan <= 14) 3829 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3830 else if (chan <= 64) { 3831 run_efuse_read(sc, 3832 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3833 &val, 1); 3834 } else if (chan <= 138) { 3835 run_efuse_read(sc, 3836 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3837 &val, 1); 3838 } else if (chan <= 165) { 3839 run_efuse_read(sc, 3840 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3841 &val, 1); 3842 } else 3843 val = 0; 3844 run_bbp_write(sc, 159, val); 3845 3846 /* Tx0 IQ phase. */ 3847 run_bbp_write(sc, 158, 0x2d); 3848 if (chan <= 14) { 3849 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3850 &val, 1); 3851 } else if (chan <= 64) { 3852 run_efuse_read(sc, 3853 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3854 &val, 1); 3855 } else if (chan <= 138) { 3856 run_efuse_read(sc, 3857 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3858 &val, 1); 3859 } else if (chan <= 165) { 3860 run_efuse_read(sc, 3861 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3862 &val, 1); 3863 } else 3864 val = 0; 3865 run_bbp_write(sc, 159, val); 3866 3867 /* Tx1 IQ gain. */ 3868 run_bbp_write(sc, 158, 0x4a); 3869 if (chan <= 14) { 3870 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3871 &val, 1); 3872 } else if (chan <= 64) { 3873 run_efuse_read(sc, 3874 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3875 &val, 1); 3876 } else if (chan <= 138) { 3877 run_efuse_read(sc, 3878 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3879 &val, 1); 3880 } else if (chan <= 165) { 3881 run_efuse_read(sc, 3882 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3883 &val, 1); 3884 } else 3885 val = 0; 3886 run_bbp_write(sc, 159, val); 3887 3888 /* Tx1 IQ phase. */ 3889 run_bbp_write(sc, 158, 0x4b); 3890 if (chan <= 14) { 3891 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3892 &val, 1); 3893 } else if (chan <= 64) { 3894 run_efuse_read(sc, 3895 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3896 &val, 1); 3897 } else if (chan <= 138) { 3898 run_efuse_read(sc, 3899 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3900 &val, 1); 3901 } else if (chan <= 165) { 3902 run_efuse_read(sc, 3903 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3904 &val, 1); 3905 } else 3906 val = 0; 3907 run_bbp_write(sc, 159, val); 3908 3909 /* RF IQ compensation control. */ 3910 run_bbp_write(sc, 158, 0x04); 3911 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3912 &val, 1); 3913 run_bbp_write(sc, 159, val); 3914 3915 /* RF IQ imbalance compensation control. */ 3916 run_bbp_write(sc, 158, 0x03); 3917 run_efuse_read(sc, 3918 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3919 run_bbp_write(sc, 159, val); 3920 } 3921 3922 static void 3923 run_set_agc(struct run_softc *sc, uint8_t agc) 3924 { 3925 uint8_t bbp; 3926 3927 if (sc->mac_ver == 0x3572) { 3928 run_bbp_read(sc, 27, &bbp); 3929 bbp &= ~(0x3 << 5); 3930 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3931 run_bbp_write(sc, 66, agc); 3932 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3933 run_bbp_write(sc, 66, agc); 3934 } else 3935 run_bbp_write(sc, 66, agc); 3936 } 3937 3938 static void 3939 run_select_chan_group(struct run_softc *sc, int group) 3940 { 3941 uint32_t tmp; 3942 uint8_t agc; 3943 3944 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3945 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3946 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3947 if (sc->mac_ver < 0x3572) 3948 run_bbp_write(sc, 86, 0x00); 3949 3950 if (sc->mac_ver == 0x3593) { 3951 run_bbp_write(sc, 77, 0x98); 3952 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3953 } 3954 3955 if (group == 0) { 3956 if (sc->ext_2ghz_lna) { 3957 if (sc->mac_ver >= 0x5390) 3958 run_bbp_write(sc, 75, 0x52); 3959 else { 3960 run_bbp_write(sc, 82, 0x62); 3961 run_bbp_write(sc, 75, 0x46); 3962 } 3963 } else { 3964 if (sc->mac_ver == 0x5592) { 3965 run_bbp_write(sc, 79, 0x1c); 3966 run_bbp_write(sc, 80, 0x0e); 3967 run_bbp_write(sc, 81, 0x3a); 3968 run_bbp_write(sc, 82, 0x62); 3969 3970 run_bbp_write(sc, 195, 0x80); 3971 run_bbp_write(sc, 196, 0xe0); 3972 run_bbp_write(sc, 195, 0x81); 3973 run_bbp_write(sc, 196, 0x1f); 3974 run_bbp_write(sc, 195, 0x82); 3975 run_bbp_write(sc, 196, 0x38); 3976 run_bbp_write(sc, 195, 0x83); 3977 run_bbp_write(sc, 196, 0x32); 3978 run_bbp_write(sc, 195, 0x85); 3979 run_bbp_write(sc, 196, 0x28); 3980 run_bbp_write(sc, 195, 0x86); 3981 run_bbp_write(sc, 196, 0x19); 3982 } else if (sc->mac_ver >= 0x5390) 3983 run_bbp_write(sc, 75, 0x50); 3984 else { 3985 run_bbp_write(sc, 82, 3986 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3987 run_bbp_write(sc, 75, 0x50); 3988 } 3989 } 3990 } else { 3991 if (sc->mac_ver == 0x5592) { 3992 run_bbp_write(sc, 79, 0x18); 3993 run_bbp_write(sc, 80, 0x08); 3994 run_bbp_write(sc, 81, 0x38); 3995 run_bbp_write(sc, 82, 0x92); 3996 3997 run_bbp_write(sc, 195, 0x80); 3998 run_bbp_write(sc, 196, 0xf0); 3999 run_bbp_write(sc, 195, 0x81); 4000 run_bbp_write(sc, 196, 0x1e); 4001 run_bbp_write(sc, 195, 0x82); 4002 run_bbp_write(sc, 196, 0x28); 4003 run_bbp_write(sc, 195, 0x83); 4004 run_bbp_write(sc, 196, 0x20); 4005 run_bbp_write(sc, 195, 0x85); 4006 run_bbp_write(sc, 196, 0x7f); 4007 run_bbp_write(sc, 195, 0x86); 4008 run_bbp_write(sc, 196, 0x7f); 4009 } else if (sc->mac_ver == 0x3572) 4010 run_bbp_write(sc, 82, 0x94); 4011 else 4012 run_bbp_write(sc, 82, 4013 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 4014 if (sc->ext_5ghz_lna) 4015 run_bbp_write(sc, 75, 0x46); 4016 else 4017 run_bbp_write(sc, 75, 0x50); 4018 } 4019 4020 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 4021 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4022 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4023 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4024 4025 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4026 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4027 if (sc->mac_ver == 0x3593) 4028 tmp |= 1 << 29 | 1 << 28; 4029 if (sc->nrxchains > 1) 4030 tmp |= RT2860_LNA_PE1_EN; 4031 if (group == 0) { /* 2GHz */ 4032 tmp |= RT2860_PA_PE_G0_EN; 4033 if (sc->ntxchains > 1) 4034 tmp |= RT2860_PA_PE_G1_EN; 4035 if (sc->mac_ver == 0x3593) { 4036 if (sc->ntxchains > 2) 4037 tmp |= 1 << 25; 4038 } 4039 } else { /* 5GHz */ 4040 tmp |= RT2860_PA_PE_A0_EN; 4041 if (sc->ntxchains > 1) 4042 tmp |= RT2860_PA_PE_A1_EN; 4043 } 4044 if (sc->mac_ver == 0x3572) { 4045 run_rt3070_rf_write(sc, 8, 0x00); 4046 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4047 run_rt3070_rf_write(sc, 8, 0x80); 4048 } else 4049 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4050 4051 if (sc->mac_ver == 0x5592) { 4052 run_bbp_write(sc, 195, 0x8d); 4053 run_bbp_write(sc, 196, 0x1a); 4054 } 4055 4056 if (sc->mac_ver == 0x3593) { 4057 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4058 tmp &= ~0x01010000; 4059 if (group == 0) 4060 tmp |= 0x00010000; 4061 tmp = (tmp & ~0x00009090) | 0x00000090; 4062 run_write(sc, RT2860_GPIO_CTRL, tmp); 4063 } 4064 4065 /* set initial AGC value */ 4066 if (group == 0) { /* 2GHz band */ 4067 if (sc->mac_ver >= 0x3070) 4068 agc = 0x1c + sc->lna[0] * 2; 4069 else 4070 agc = 0x2e + sc->lna[0]; 4071 } else { /* 5GHz band */ 4072 if (sc->mac_ver == 0x5592) 4073 agc = 0x24 + sc->lna[group] * 2; 4074 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4075 agc = 0x22 + (sc->lna[group] * 5) / 3; 4076 else 4077 agc = 0x32 + (sc->lna[group] * 5) / 3; 4078 } 4079 run_set_agc(sc, agc); 4080 } 4081 4082 static void 4083 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4084 { 4085 const struct rfprog *rfprog = rt2860_rf2850; 4086 uint32_t r2, r3, r4; 4087 int8_t txpow1, txpow2; 4088 int i; 4089 4090 /* find the settings for this channel (we know it exists) */ 4091 for (i = 0; rfprog[i].chan != chan; i++); 4092 4093 r2 = rfprog[i].r2; 4094 if (sc->ntxchains == 1) 4095 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4096 if (sc->nrxchains == 1) 4097 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4098 else if (sc->nrxchains == 2) 4099 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4100 4101 /* use Tx power values from EEPROM */ 4102 txpow1 = sc->txpow1[i]; 4103 txpow2 = sc->txpow2[i]; 4104 4105 /* Initialize RF R3 and R4. */ 4106 r3 = rfprog[i].r3 & 0xffffc1ff; 4107 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4108 if (chan > 14) { 4109 if (txpow1 >= 0) { 4110 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4111 r3 |= (txpow1 << 10) | (1 << 9); 4112 } else { 4113 txpow1 += 7; 4114 4115 /* txpow1 is not possible larger than 15. */ 4116 r3 |= (txpow1 << 10); 4117 } 4118 if (txpow2 >= 0) { 4119 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4120 r4 |= (txpow2 << 7) | (1 << 6); 4121 } else { 4122 txpow2 += 7; 4123 r4 |= (txpow2 << 7); 4124 } 4125 } else { 4126 /* Set Tx0 power. */ 4127 r3 |= (txpow1 << 9); 4128 4129 /* Set frequency offset and Tx1 power. */ 4130 r4 |= (txpow2 << 6); 4131 } 4132 4133 run_rt2870_rf_write(sc, rfprog[i].r1); 4134 run_rt2870_rf_write(sc, r2); 4135 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4136 run_rt2870_rf_write(sc, r4); 4137 4138 run_delay(sc, 10); 4139 4140 run_rt2870_rf_write(sc, rfprog[i].r1); 4141 run_rt2870_rf_write(sc, r2); 4142 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4143 run_rt2870_rf_write(sc, r4); 4144 4145 run_delay(sc, 10); 4146 4147 run_rt2870_rf_write(sc, rfprog[i].r1); 4148 run_rt2870_rf_write(sc, r2); 4149 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4150 run_rt2870_rf_write(sc, r4); 4151 } 4152 4153 static void 4154 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4155 { 4156 int8_t txpow1, txpow2; 4157 uint8_t rf; 4158 int i; 4159 4160 /* find the settings for this channel (we know it exists) */ 4161 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4162 4163 /* use Tx power values from EEPROM */ 4164 txpow1 = sc->txpow1[i]; 4165 txpow2 = sc->txpow2[i]; 4166 4167 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4168 4169 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4170 run_rt3070_rf_read(sc, 3, &rf); 4171 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4172 run_rt3070_rf_write(sc, 3, rf); 4173 4174 run_rt3070_rf_read(sc, 6, &rf); 4175 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4176 run_rt3070_rf_write(sc, 6, rf); 4177 4178 /* set Tx0 power */ 4179 run_rt3070_rf_read(sc, 12, &rf); 4180 rf = (rf & ~0x1f) | txpow1; 4181 run_rt3070_rf_write(sc, 12, rf); 4182 4183 /* set Tx1 power */ 4184 run_rt3070_rf_read(sc, 13, &rf); 4185 rf = (rf & ~0x1f) | txpow2; 4186 run_rt3070_rf_write(sc, 13, rf); 4187 4188 run_rt3070_rf_read(sc, 1, &rf); 4189 rf &= ~0xfc; 4190 if (sc->ntxchains == 1) 4191 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4192 else if (sc->ntxchains == 2) 4193 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4194 if (sc->nrxchains == 1) 4195 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4196 else if (sc->nrxchains == 2) 4197 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4198 run_rt3070_rf_write(sc, 1, rf); 4199 4200 /* set RF offset */ 4201 run_rt3070_rf_read(sc, 23, &rf); 4202 rf = (rf & ~0x7f) | sc->freq; 4203 run_rt3070_rf_write(sc, 23, rf); 4204 4205 /* program RF filter */ 4206 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4207 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4208 run_rt3070_rf_write(sc, 24, rf); 4209 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4210 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4211 run_rt3070_rf_write(sc, 31, rf); 4212 4213 /* enable RF tuning */ 4214 run_rt3070_rf_read(sc, 7, &rf); 4215 run_rt3070_rf_write(sc, 7, rf | 0x01); 4216 } 4217 4218 static void 4219 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4220 { 4221 int8_t txpow1, txpow2; 4222 uint32_t tmp; 4223 uint8_t rf; 4224 int i; 4225 4226 /* find the settings for this channel (we know it exists) */ 4227 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4228 4229 /* use Tx power values from EEPROM */ 4230 txpow1 = sc->txpow1[i]; 4231 txpow2 = sc->txpow2[i]; 4232 4233 if (chan <= 14) { 4234 run_bbp_write(sc, 25, sc->bbp25); 4235 run_bbp_write(sc, 26, sc->bbp26); 4236 } else { 4237 /* enable IQ phase correction */ 4238 run_bbp_write(sc, 25, 0x09); 4239 run_bbp_write(sc, 26, 0xff); 4240 } 4241 4242 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4243 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4244 run_rt3070_rf_read(sc, 6, &rf); 4245 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4246 rf |= (chan <= 14) ? 0x08 : 0x04; 4247 run_rt3070_rf_write(sc, 6, rf); 4248 4249 /* set PLL mode */ 4250 run_rt3070_rf_read(sc, 5, &rf); 4251 rf &= ~(0x08 | 0x04); 4252 rf |= (chan <= 14) ? 0x04 : 0x08; 4253 run_rt3070_rf_write(sc, 5, rf); 4254 4255 /* set Tx power for chain 0 */ 4256 if (chan <= 14) 4257 rf = 0x60 | txpow1; 4258 else 4259 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4260 run_rt3070_rf_write(sc, 12, rf); 4261 4262 /* set Tx power for chain 1 */ 4263 if (chan <= 14) 4264 rf = 0x60 | txpow2; 4265 else 4266 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4267 run_rt3070_rf_write(sc, 13, rf); 4268 4269 /* set Tx/Rx streams */ 4270 run_rt3070_rf_read(sc, 1, &rf); 4271 rf &= ~0xfc; 4272 if (sc->ntxchains == 1) 4273 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4274 else if (sc->ntxchains == 2) 4275 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4276 if (sc->nrxchains == 1) 4277 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4278 else if (sc->nrxchains == 2) 4279 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4280 run_rt3070_rf_write(sc, 1, rf); 4281 4282 /* set RF offset */ 4283 run_rt3070_rf_read(sc, 23, &rf); 4284 rf = (rf & ~0x7f) | sc->freq; 4285 run_rt3070_rf_write(sc, 23, rf); 4286 4287 /* program RF filter */ 4288 rf = sc->rf24_20mhz; 4289 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4290 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4291 4292 /* enable RF tuning */ 4293 run_rt3070_rf_read(sc, 7, &rf); 4294 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4295 run_rt3070_rf_write(sc, 7, rf); 4296 4297 /* TSSI */ 4298 rf = (chan <= 14) ? 0xc3 : 0xc0; 4299 run_rt3070_rf_write(sc, 9, rf); 4300 4301 /* set loop filter 1 */ 4302 run_rt3070_rf_write(sc, 10, 0xf1); 4303 /* set loop filter 2 */ 4304 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4305 4306 /* set tx_mx2_ic */ 4307 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4308 /* set tx_mx1_ic */ 4309 if (chan <= 14) 4310 rf = 0x48 | sc->txmixgain_2ghz; 4311 else 4312 rf = 0x78 | sc->txmixgain_5ghz; 4313 run_rt3070_rf_write(sc, 16, rf); 4314 4315 /* set tx_lo1 */ 4316 run_rt3070_rf_write(sc, 17, 0x23); 4317 /* set tx_lo2 */ 4318 if (chan <= 14) 4319 rf = 0x93; 4320 else if (chan <= 64) 4321 rf = 0xb7; 4322 else if (chan <= 128) 4323 rf = 0x74; 4324 else 4325 rf = 0x72; 4326 run_rt3070_rf_write(sc, 19, rf); 4327 4328 /* set rx_lo1 */ 4329 if (chan <= 14) 4330 rf = 0xb3; 4331 else if (chan <= 64) 4332 rf = 0xf6; 4333 else if (chan <= 128) 4334 rf = 0xf4; 4335 else 4336 rf = 0xf3; 4337 run_rt3070_rf_write(sc, 20, rf); 4338 4339 /* set pfd_delay */ 4340 if (chan <= 14) 4341 rf = 0x15; 4342 else if (chan <= 64) 4343 rf = 0x3d; 4344 else 4345 rf = 0x01; 4346 run_rt3070_rf_write(sc, 25, rf); 4347 4348 /* set rx_lo2 */ 4349 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4350 /* set ldo_rf_vc */ 4351 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4352 /* set drv_cc */ 4353 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4354 4355 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4356 tmp &= ~0x8080; 4357 if (chan <= 14) 4358 tmp |= 0x80; 4359 run_write(sc, RT2860_GPIO_CTRL, tmp); 4360 4361 /* enable RF tuning */ 4362 run_rt3070_rf_read(sc, 7, &rf); 4363 run_rt3070_rf_write(sc, 7, rf | 0x01); 4364 4365 run_delay(sc, 2); 4366 } 4367 4368 static void 4369 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4370 { 4371 int8_t txpow1, txpow2, txpow3; 4372 uint8_t h20mhz, rf; 4373 int i; 4374 4375 /* find the settings for this channel (we know it exists) */ 4376 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4377 4378 /* use Tx power values from EEPROM */ 4379 txpow1 = sc->txpow1[i]; 4380 txpow2 = sc->txpow2[i]; 4381 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4382 4383 if (chan <= 14) { 4384 run_bbp_write(sc, 25, sc->bbp25); 4385 run_bbp_write(sc, 26, sc->bbp26); 4386 } else { 4387 /* Enable IQ phase correction. */ 4388 run_bbp_write(sc, 25, 0x09); 4389 run_bbp_write(sc, 26, 0xff); 4390 } 4391 4392 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4393 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4394 run_rt3070_rf_read(sc, 11, &rf); 4395 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4396 run_rt3070_rf_write(sc, 11, rf); 4397 4398 /* Set pll_idoh. */ 4399 run_rt3070_rf_read(sc, 11, &rf); 4400 rf &= ~0x4c; 4401 rf |= (chan <= 14) ? 0x44 : 0x48; 4402 run_rt3070_rf_write(sc, 11, rf); 4403 4404 if (chan <= 14) 4405 rf = txpow1 & 0x1f; 4406 else 4407 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4408 run_rt3070_rf_write(sc, 53, rf); 4409 4410 if (chan <= 14) 4411 rf = txpow2 & 0x1f; 4412 else 4413 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4414 run_rt3070_rf_write(sc, 55, rf); 4415 4416 if (chan <= 14) 4417 rf = txpow3 & 0x1f; 4418 else 4419 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4420 run_rt3070_rf_write(sc, 54, rf); 4421 4422 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4423 if (sc->ntxchains == 3) 4424 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4425 else 4426 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4427 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4428 run_rt3070_rf_write(sc, 1, rf); 4429 4430 run_adjust_freq_offset(sc); 4431 4432 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4433 4434 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4435 run_rt3070_rf_read(sc, 30, &rf); 4436 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4437 run_rt3070_rf_write(sc, 30, rf); 4438 4439 run_rt3070_rf_read(sc, 36, &rf); 4440 if (chan <= 14) 4441 rf |= 0x80; 4442 else 4443 rf &= ~0x80; 4444 run_rt3070_rf_write(sc, 36, rf); 4445 4446 /* Set vcolo_bs. */ 4447 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4448 /* Set pfd_delay. */ 4449 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4450 4451 /* Set vco bias current control. */ 4452 run_rt3070_rf_read(sc, 6, &rf); 4453 rf &= ~0xc0; 4454 if (chan <= 14) 4455 rf |= 0x40; 4456 else if (chan <= 128) 4457 rf |= 0x80; 4458 else 4459 rf |= 0x40; 4460 run_rt3070_rf_write(sc, 6, rf); 4461 4462 run_rt3070_rf_read(sc, 30, &rf); 4463 rf = (rf & ~0x18) | 0x10; 4464 run_rt3070_rf_write(sc, 30, rf); 4465 4466 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4467 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4468 4469 run_rt3070_rf_read(sc, 51, &rf); 4470 rf = (rf & ~0x03) | 0x01; 4471 run_rt3070_rf_write(sc, 51, rf); 4472 /* Set tx_mx1_cc. */ 4473 run_rt3070_rf_read(sc, 51, &rf); 4474 rf &= ~0x1c; 4475 rf |= (chan <= 14) ? 0x14 : 0x10; 4476 run_rt3070_rf_write(sc, 51, rf); 4477 /* Set tx_mx1_ic. */ 4478 run_rt3070_rf_read(sc, 51, &rf); 4479 rf &= ~0xe0; 4480 rf |= (chan <= 14) ? 0x60 : 0x40; 4481 run_rt3070_rf_write(sc, 51, rf); 4482 /* Set tx_lo1_ic. */ 4483 run_rt3070_rf_read(sc, 49, &rf); 4484 rf &= ~0x1c; 4485 rf |= (chan <= 14) ? 0x0c : 0x08; 4486 run_rt3070_rf_write(sc, 49, rf); 4487 /* Set tx_lo1_en. */ 4488 run_rt3070_rf_read(sc, 50, &rf); 4489 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4490 /* Set drv_cc. */ 4491 run_rt3070_rf_read(sc, 57, &rf); 4492 rf &= ~0xfc; 4493 rf |= (chan <= 14) ? 0x6c : 0x3c; 4494 run_rt3070_rf_write(sc, 57, rf); 4495 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4496 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4497 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4498 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4499 /* Enable VCO calibration. */ 4500 run_rt3070_rf_read(sc, 3, &rf); 4501 rf &= ~RT5390_VCOCAL; 4502 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4503 run_rt3070_rf_write(sc, 3, rf); 4504 4505 if (chan <= 14) 4506 rf = 0x23; 4507 else if (chan <= 64) 4508 rf = 0x36; 4509 else if (chan <= 128) 4510 rf = 0x32; 4511 else 4512 rf = 0x30; 4513 run_rt3070_rf_write(sc, 39, rf); 4514 if (chan <= 14) 4515 rf = 0xbb; 4516 else if (chan <= 64) 4517 rf = 0xeb; 4518 else if (chan <= 128) 4519 rf = 0xb3; 4520 else 4521 rf = 0x9b; 4522 run_rt3070_rf_write(sc, 45, rf); 4523 4524 /* Set FEQ/AEQ control. */ 4525 run_bbp_write(sc, 105, 0x34); 4526 } 4527 4528 static void 4529 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4530 { 4531 int8_t txpow1, txpow2; 4532 uint8_t rf; 4533 int i; 4534 4535 /* find the settings for this channel (we know it exists) */ 4536 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4537 4538 /* use Tx power values from EEPROM */ 4539 txpow1 = sc->txpow1[i]; 4540 txpow2 = sc->txpow2[i]; 4541 4542 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4543 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4544 run_rt3070_rf_read(sc, 11, &rf); 4545 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4546 run_rt3070_rf_write(sc, 11, rf); 4547 4548 run_rt3070_rf_read(sc, 49, &rf); 4549 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4550 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4551 if ((rf & 0x3f) > 0x27) 4552 rf = (rf & ~0x3f) | 0x27; 4553 run_rt3070_rf_write(sc, 49, rf); 4554 4555 if (sc->mac_ver == 0x5392) { 4556 run_rt3070_rf_read(sc, 50, &rf); 4557 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4558 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4559 if ((rf & 0x3f) > 0x27) 4560 rf = (rf & ~0x3f) | 0x27; 4561 run_rt3070_rf_write(sc, 50, rf); 4562 } 4563 4564 run_rt3070_rf_read(sc, 1, &rf); 4565 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4566 if (sc->mac_ver == 0x5392) 4567 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4568 run_rt3070_rf_write(sc, 1, rf); 4569 4570 if (sc->mac_ver != 0x5392) { 4571 run_rt3070_rf_read(sc, 2, &rf); 4572 rf |= 0x80; 4573 run_rt3070_rf_write(sc, 2, rf); 4574 run_delay(sc, 10); 4575 rf &= 0x7f; 4576 run_rt3070_rf_write(sc, 2, rf); 4577 } 4578 4579 run_adjust_freq_offset(sc); 4580 4581 if (sc->mac_ver == 0x5392) { 4582 /* Fix for RT5392C. */ 4583 if (sc->mac_rev >= 0x0223) { 4584 if (chan <= 4) 4585 rf = 0x0f; 4586 else if (chan >= 5 && chan <= 7) 4587 rf = 0x0e; 4588 else 4589 rf = 0x0d; 4590 run_rt3070_rf_write(sc, 23, rf); 4591 4592 if (chan <= 4) 4593 rf = 0x0c; 4594 else if (chan == 5) 4595 rf = 0x0b; 4596 else if (chan >= 6 && chan <= 7) 4597 rf = 0x0a; 4598 else if (chan >= 8 && chan <= 10) 4599 rf = 0x09; 4600 else 4601 rf = 0x08; 4602 run_rt3070_rf_write(sc, 59, rf); 4603 } else { 4604 if (chan <= 11) 4605 rf = 0x0f; 4606 else 4607 rf = 0x0b; 4608 run_rt3070_rf_write(sc, 59, rf); 4609 } 4610 } else { 4611 /* Fix for RT5390F. */ 4612 if (sc->mac_rev >= 0x0502) { 4613 if (chan <= 11) 4614 rf = 0x43; 4615 else 4616 rf = 0x23; 4617 run_rt3070_rf_write(sc, 55, rf); 4618 4619 if (chan <= 11) 4620 rf = 0x0f; 4621 else if (chan == 12) 4622 rf = 0x0d; 4623 else 4624 rf = 0x0b; 4625 run_rt3070_rf_write(sc, 59, rf); 4626 } else { 4627 run_rt3070_rf_write(sc, 55, 0x44); 4628 run_rt3070_rf_write(sc, 59, 0x8f); 4629 } 4630 } 4631 4632 /* Enable VCO calibration. */ 4633 run_rt3070_rf_read(sc, 3, &rf); 4634 rf |= RT5390_VCOCAL; 4635 run_rt3070_rf_write(sc, 3, rf); 4636 } 4637 4638 static void 4639 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4640 { 4641 const struct rt5592_freqs *freqs; 4642 uint32_t tmp; 4643 uint8_t reg, rf, txpow_bound; 4644 int8_t txpow1, txpow2; 4645 int i; 4646 4647 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4648 freqs = (tmp & RT5592_SEL_XTAL) ? 4649 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4650 4651 /* find the settings for this channel (we know it exists) */ 4652 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4653 4654 /* use Tx power values from EEPROM */ 4655 txpow1 = sc->txpow1[i]; 4656 txpow2 = sc->txpow2[i]; 4657 4658 run_read(sc, RT3070_LDO_CFG0, &tmp); 4659 tmp &= ~0x1c000000; 4660 if (chan > 14) 4661 tmp |= 0x14000000; 4662 run_write(sc, RT3070_LDO_CFG0, tmp); 4663 4664 /* N setting. */ 4665 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4666 run_rt3070_rf_read(sc, 9, &rf); 4667 rf &= ~(1 << 4); 4668 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4669 run_rt3070_rf_write(sc, 9, rf); 4670 4671 /* K setting. */ 4672 run_rt3070_rf_read(sc, 9, &rf); 4673 rf &= ~0x0f; 4674 rf |= (freqs->k & 0x0f); 4675 run_rt3070_rf_write(sc, 9, rf); 4676 4677 /* Mode setting. */ 4678 run_rt3070_rf_read(sc, 11, &rf); 4679 rf &= ~0x0c; 4680 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4681 run_rt3070_rf_write(sc, 11, rf); 4682 run_rt3070_rf_read(sc, 9, &rf); 4683 rf &= ~(1 << 7); 4684 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4685 run_rt3070_rf_write(sc, 9, rf); 4686 4687 /* R setting. */ 4688 run_rt3070_rf_read(sc, 11, &rf); 4689 rf &= ~0x03; 4690 rf |= (freqs->r - 0x1); 4691 run_rt3070_rf_write(sc, 11, rf); 4692 4693 if (chan <= 14) { 4694 /* Initialize RF registers for 2GHZ. */ 4695 for (i = 0; i < NELEM(rt5592_2ghz_def_rf); i++) { 4696 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4697 rt5592_2ghz_def_rf[i].val); 4698 } 4699 4700 rf = (chan <= 10) ? 0x07 : 0x06; 4701 run_rt3070_rf_write(sc, 23, rf); 4702 run_rt3070_rf_write(sc, 59, rf); 4703 4704 run_rt3070_rf_write(sc, 55, 0x43); 4705 4706 /* 4707 * RF R49/R50 Tx power ALC code. 4708 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4709 */ 4710 reg = 2; 4711 txpow_bound = 0x27; 4712 } else { 4713 /* Initialize RF registers for 5GHZ. */ 4714 for (i = 0; i < NELEM(rt5592_5ghz_def_rf); i++) { 4715 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4716 rt5592_5ghz_def_rf[i].val); 4717 } 4718 for (i = 0; i < NELEM(rt5592_chan_5ghz); i++) { 4719 if (chan >= rt5592_chan_5ghz[i].firstchan && 4720 chan <= rt5592_chan_5ghz[i].lastchan) { 4721 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4722 rt5592_chan_5ghz[i].val); 4723 } 4724 } 4725 4726 /* 4727 * RF R49/R50 Tx power ALC code. 4728 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4729 */ 4730 reg = 3; 4731 txpow_bound = 0x2b; 4732 } 4733 4734 /* RF R49 ch0 Tx power ALC code. */ 4735 run_rt3070_rf_read(sc, 49, &rf); 4736 rf &= ~0xc0; 4737 rf |= (reg << 6); 4738 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4739 if ((rf & 0x3f) > txpow_bound) 4740 rf = (rf & ~0x3f) | txpow_bound; 4741 run_rt3070_rf_write(sc, 49, rf); 4742 4743 /* RF R50 ch1 Tx power ALC code. */ 4744 run_rt3070_rf_read(sc, 50, &rf); 4745 rf &= ~(1 << 7 | 1 << 6); 4746 rf |= (reg << 6); 4747 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4748 if ((rf & 0x3f) > txpow_bound) 4749 rf = (rf & ~0x3f) | txpow_bound; 4750 run_rt3070_rf_write(sc, 50, rf); 4751 4752 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4753 run_rt3070_rf_read(sc, 1, &rf); 4754 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4755 if (sc->ntxchains > 1) 4756 rf |= RT3070_TX1_PD; 4757 if (sc->nrxchains > 1) 4758 rf |= RT3070_RX1_PD; 4759 run_rt3070_rf_write(sc, 1, rf); 4760 4761 run_rt3070_rf_write(sc, 6, 0xe4); 4762 4763 run_rt3070_rf_write(sc, 30, 0x10); 4764 run_rt3070_rf_write(sc, 31, 0x80); 4765 run_rt3070_rf_write(sc, 32, 0x80); 4766 4767 run_adjust_freq_offset(sc); 4768 4769 /* Enable VCO calibration. */ 4770 run_rt3070_rf_read(sc, 3, &rf); 4771 rf |= RT5390_VCOCAL; 4772 run_rt3070_rf_write(sc, 3, rf); 4773 } 4774 4775 static void 4776 run_set_rx_antenna(struct run_softc *sc, int aux) 4777 { 4778 uint32_t tmp; 4779 uint8_t bbp152; 4780 4781 if (aux) { 4782 if (sc->rf_rev == RT5390_RF_5370) { 4783 run_bbp_read(sc, 152, &bbp152); 4784 run_bbp_write(sc, 152, bbp152 & ~0x80); 4785 } else { 4786 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4787 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4788 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4789 } 4790 } else { 4791 if (sc->rf_rev == RT5390_RF_5370) { 4792 run_bbp_read(sc, 152, &bbp152); 4793 run_bbp_write(sc, 152, bbp152 | 0x80); 4794 } else { 4795 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4796 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4797 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4798 } 4799 } 4800 } 4801 4802 static int 4803 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4804 { 4805 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4806 u_int chan, group; 4807 4808 chan = ieee80211_chan2ieee(ic, c); 4809 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4810 return (EINVAL); 4811 4812 if (sc->mac_ver == 0x5592) 4813 run_rt5592_set_chan(sc, chan); 4814 else if (sc->mac_ver >= 0x5390) 4815 run_rt5390_set_chan(sc, chan); 4816 else if (sc->mac_ver == 0x3593) 4817 run_rt3593_set_chan(sc, chan); 4818 else if (sc->mac_ver == 0x3572) 4819 run_rt3572_set_chan(sc, chan); 4820 else if (sc->mac_ver >= 0x3070) 4821 run_rt3070_set_chan(sc, chan); 4822 else 4823 run_rt2870_set_chan(sc, chan); 4824 4825 /* determine channel group */ 4826 if (chan <= 14) 4827 group = 0; 4828 else if (chan <= 64) 4829 group = 1; 4830 else if (chan <= 128) 4831 group = 2; 4832 else 4833 group = 3; 4834 4835 /* XXX necessary only when group has changed! */ 4836 run_select_chan_group(sc, group); 4837 4838 run_delay(sc, 10); 4839 4840 /* Perform IQ calibration. */ 4841 if (sc->mac_ver >= 0x5392) 4842 run_iq_calib(sc, chan); 4843 4844 return (0); 4845 } 4846 4847 static void 4848 run_set_channel(struct ieee80211com *ic) 4849 { 4850 struct run_softc *sc = ic->ic_softc; 4851 4852 RUN_LOCK(sc); 4853 run_set_chan(sc, ic->ic_curchan); 4854 RUN_UNLOCK(sc); 4855 4856 return; 4857 } 4858 4859 static void 4860 run_scan_start(struct ieee80211com *ic) 4861 { 4862 struct run_softc *sc = ic->ic_softc; 4863 uint32_t tmp; 4864 4865 RUN_LOCK(sc); 4866 4867 /* abort TSF synchronization */ 4868 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4869 run_write(sc, RT2860_BCN_TIME_CFG, 4870 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4871 RT2860_TBTT_TIMER_EN)); 4872 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4873 4874 RUN_UNLOCK(sc); 4875 4876 return; 4877 } 4878 4879 static void 4880 run_scan_end(struct ieee80211com *ic) 4881 { 4882 struct run_softc *sc = ic->ic_softc; 4883 4884 RUN_LOCK(sc); 4885 4886 run_enable_tsf_sync(sc); 4887 /* XXX keep local copy */ 4888 run_set_bssid(sc, sc->sc_bssid); 4889 4890 RUN_UNLOCK(sc); 4891 4892 return; 4893 } 4894 4895 /* 4896 * Could be called from ieee80211_node_timeout() 4897 * (non-sleepable thread) 4898 */ 4899 static void 4900 run_update_beacon(struct ieee80211vap *vap, int item) 4901 { 4902 struct ieee80211com *ic = vap->iv_ic; 4903 struct run_softc *sc = ic->ic_softc; 4904 struct run_vap *rvp = RUN_VAP(vap); 4905 int mcast = 0; 4906 uint32_t i; 4907 4908 KASSERT(vap != NULL, ("no beacon")); 4909 4910 switch (item) { 4911 case IEEE80211_BEACON_ERP: 4912 run_updateslot(ic); 4913 break; 4914 case IEEE80211_BEACON_HTINFO: 4915 run_updateprot(ic); 4916 break; 4917 case IEEE80211_BEACON_TIM: 4918 mcast = 1; /*TODO*/ 4919 break; 4920 default: 4921 break; 4922 } 4923 4924 setbit(rvp->bo.bo_flags, item); 4925 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4926 4927 i = RUN_CMDQ_GET(&sc->cmdq_store); 4928 DPRINTF("cmdq_store=%d\n", i); 4929 sc->cmdq[i].func = run_update_beacon_cb; 4930 sc->cmdq[i].arg0 = vap; 4931 ieee80211_runtask(ic, &sc->cmdq_task); 4932 4933 return; 4934 } 4935 4936 static void 4937 run_update_beacon_cb(void *arg) 4938 { 4939 struct ieee80211vap *vap = arg; 4940 struct run_vap *rvp = RUN_VAP(vap); 4941 struct ieee80211com *ic = vap->iv_ic; 4942 struct run_softc *sc = ic->ic_softc; 4943 struct rt2860_txwi txwi; 4944 struct mbuf *m; 4945 uint16_t txwisize; 4946 uint8_t ridx; 4947 4948 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4949 return; 4950 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4951 return; 4952 4953 /* 4954 * No need to call ieee80211_beacon_update(), run_update_beacon() 4955 * is taking care of apropriate calls. 4956 */ 4957 if (rvp->beacon_mbuf == NULL) { 4958 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4959 &rvp->bo); 4960 if (rvp->beacon_mbuf == NULL) 4961 return; 4962 } 4963 m = rvp->beacon_mbuf; 4964 4965 memset(&txwi, 0, sizeof(txwi)); 4966 txwi.wcid = 0xff; 4967 txwi.len = htole16(m->m_pkthdr.len); 4968 4969 /* send beacons at the lowest available rate */ 4970 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4971 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4972 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4973 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4974 txwi.phy |= htole16(RT2860_PHY_OFDM); 4975 txwi.txop = RT2860_TX_TXOP_HT; 4976 txwi.flags = RT2860_TX_TS; 4977 txwi.xflags = RT2860_TX_NSEQ; 4978 4979 txwisize = (sc->mac_ver == 0x5592) ? 4980 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4981 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4982 txwisize); 4983 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4984 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4985 } 4986 4987 static void 4988 run_updateprot(struct ieee80211com *ic) 4989 { 4990 struct run_softc *sc = ic->ic_softc; 4991 uint32_t i; 4992 4993 i = RUN_CMDQ_GET(&sc->cmdq_store); 4994 DPRINTF("cmdq_store=%d\n", i); 4995 sc->cmdq[i].func = run_updateprot_cb; 4996 sc->cmdq[i].arg0 = ic; 4997 ieee80211_runtask(ic, &sc->cmdq_task); 4998 } 4999 5000 static void 5001 run_updateprot_cb(void *arg) 5002 { 5003 struct ieee80211com *ic = arg; 5004 struct run_softc *sc = ic->ic_softc; 5005 uint32_t tmp; 5006 5007 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 5008 /* setup protection frame rate (MCS code) */ 5009 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 5010 rt2860_rates[RT2860_RIDX_OFDM6].mcs | RT2860_PHY_OFDM : 5011 rt2860_rates[RT2860_RIDX_CCK11].mcs; 5012 5013 /* CCK frames don't require protection */ 5014 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 5015 if (ic->ic_flags & IEEE80211_F_USEPROT) { 5016 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 5017 tmp |= RT2860_PROT_CTRL_RTS_CTS; 5018 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 5019 tmp |= RT2860_PROT_CTRL_CTS; 5020 } 5021 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5022 } 5023 5024 static void 5025 run_usb_timeout_cb(void *arg) 5026 { 5027 struct ieee80211vap *vap = arg; 5028 struct run_softc *sc = vap->iv_ic->ic_softc; 5029 5030 RUN_LOCK_ASSERT(sc, MA_OWNED); 5031 5032 if(vap->iv_state == IEEE80211_S_RUN && 5033 vap->iv_opmode != IEEE80211_M_STA) 5034 run_reset_livelock(sc); 5035 else if (vap->iv_state == IEEE80211_S_SCAN) { 5036 DPRINTF("timeout caused by scan\n"); 5037 /* cancel bgscan */ 5038 ieee80211_cancel_scan(vap); 5039 } else 5040 DPRINTF("timeout by unknown cause\n"); 5041 } 5042 5043 static void 5044 run_reset_livelock(struct run_softc *sc) 5045 { 5046 uint32_t tmp; 5047 5048 RUN_LOCK_ASSERT(sc, MA_OWNED); 5049 5050 /* 5051 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5052 * can run into a livelock and start sending CTS-to-self frames like 5053 * crazy if protection is enabled. Reset MAC/BBP for a while 5054 */ 5055 run_read(sc, RT2860_DEBUG, &tmp); 5056 DPRINTFN(3, "debug reg %08x\n", tmp); 5057 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5058 DPRINTF("CTS-to-self livelock detected\n"); 5059 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5060 run_delay(sc, 1); 5061 run_write(sc, RT2860_MAC_SYS_CTRL, 5062 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5063 } 5064 } 5065 5066 static void 5067 run_update_promisc_locked(struct run_softc *sc) 5068 { 5069 uint32_t tmp; 5070 5071 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5072 5073 tmp |= RT2860_DROP_UC_NOME; 5074 if (sc->sc_ifp->if_flags & IFF_PROMISC) 5075 tmp &= ~RT2860_DROP_UC_NOME; 5076 5077 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5078 5079 DPRINTF("%s promiscuous mode\n", (sc->sc_ifp->if_flags & IFF_PROMISC) ? 5080 "entering" : "leaving"); 5081 } 5082 5083 static void 5084 run_update_promisc(struct ieee80211com *ic) 5085 { 5086 struct run_softc *sc = ic->ic_softc; 5087 5088 if ((ic->ic_ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 5089 return; 5090 5091 RUN_LOCK(sc); 5092 run_update_promisc_locked(sc); 5093 RUN_UNLOCK(sc); 5094 } 5095 5096 static void 5097 run_enable_tsf_sync(struct run_softc *sc) 5098 { 5099 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5100 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5101 uint32_t tmp; 5102 5103 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5104 ic->ic_opmode); 5105 5106 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5107 tmp &= ~0x1fffff; 5108 tmp |= vap->iv_bss->ni_intval * 16; 5109 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5110 5111 if (ic->ic_opmode == IEEE80211_M_STA) { 5112 /* 5113 * Local TSF is always updated with remote TSF on beacon 5114 * reception. 5115 */ 5116 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5117 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5118 tmp |= RT2860_BCN_TX_EN; 5119 /* 5120 * Local TSF is updated with remote TSF on beacon reception 5121 * only if the remote TSF is greater than local TSF. 5122 */ 5123 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5124 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5125 ic->ic_opmode == IEEE80211_M_MBSS) { 5126 tmp |= RT2860_BCN_TX_EN; 5127 /* SYNC with nobody */ 5128 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5129 } else { 5130 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5131 return; 5132 } 5133 5134 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5135 } 5136 5137 static void 5138 run_enable_mrr(struct run_softc *sc) 5139 { 5140 #define CCK(mcs) (mcs) 5141 #define OFDM(mcs) (1 << 3 | (mcs)) 5142 run_write(sc, RT2860_LG_FBK_CFG0, 5143 OFDM(6) << 28 | /* 54->48 */ 5144 OFDM(5) << 24 | /* 48->36 */ 5145 OFDM(4) << 20 | /* 36->24 */ 5146 OFDM(3) << 16 | /* 24->18 */ 5147 OFDM(2) << 12 | /* 18->12 */ 5148 OFDM(1) << 8 | /* 12-> 9 */ 5149 OFDM(0) << 4 | /* 9-> 6 */ 5150 OFDM(0)); /* 6-> 6 */ 5151 5152 run_write(sc, RT2860_LG_FBK_CFG1, 5153 CCK(2) << 12 | /* 11->5.5 */ 5154 CCK(1) << 8 | /* 5.5-> 2 */ 5155 CCK(0) << 4 | /* 2-> 1 */ 5156 CCK(0)); /* 1-> 1 */ 5157 #undef OFDM 5158 #undef CCK 5159 } 5160 5161 static void 5162 run_set_txpreamble(struct run_softc *sc) 5163 { 5164 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5165 uint32_t tmp; 5166 5167 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5168 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5169 tmp |= RT2860_CCK_SHORT_EN; 5170 else 5171 tmp &= ~RT2860_CCK_SHORT_EN; 5172 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5173 } 5174 5175 static void 5176 run_set_basicrates(struct run_softc *sc) 5177 { 5178 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5179 5180 /* set basic rates mask */ 5181 if (ic->ic_curmode == IEEE80211_MODE_11B) 5182 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5183 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5184 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5185 else /* 11g */ 5186 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5187 } 5188 5189 static void 5190 run_set_leds(struct run_softc *sc, uint16_t which) 5191 { 5192 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5193 which | (sc->leds & 0x7f)); 5194 } 5195 5196 static void 5197 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5198 { 5199 run_write(sc, RT2860_MAC_BSSID_DW0, 5200 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5201 run_write(sc, RT2860_MAC_BSSID_DW1, 5202 bssid[4] | bssid[5] << 8); 5203 } 5204 5205 static void 5206 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5207 { 5208 run_write(sc, RT2860_MAC_ADDR_DW0, 5209 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5210 run_write(sc, RT2860_MAC_ADDR_DW1, 5211 addr[4] | addr[5] << 8 | 0xff << 16); 5212 } 5213 5214 static void 5215 run_updateslot(struct ieee80211com *ic) 5216 { 5217 struct run_softc *sc = ic->ic_softc; 5218 uint32_t i; 5219 5220 i = RUN_CMDQ_GET(&sc->cmdq_store); 5221 DPRINTF("cmdq_store=%d\n", i); 5222 sc->cmdq[i].func = run_updateslot_cb; 5223 sc->cmdq[i].arg0 = ic->ic_ifp; 5224 ieee80211_runtask(ic, &sc->cmdq_task); 5225 5226 return; 5227 } 5228 5229 /* ARGSUSED */ 5230 static void 5231 run_updateslot_cb(void *arg) 5232 { 5233 struct ifnet *ifp = arg; 5234 struct ieee80211com *ic = ifp->if_l2com; 5235 struct run_softc *sc = ic->ic_softc; 5236 uint32_t tmp; 5237 5238 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5239 tmp &= ~0xff; 5240 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5241 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5242 } 5243 5244 static void 5245 run_update_mcast(struct ieee80211com *ic) 5246 { 5247 /* h/w filter supports getting everything or nothing */ 5248 ic->ic_ifp->if_flags |= IFF_ALLMULTI; 5249 } 5250 5251 static int8_t 5252 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5253 { 5254 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5255 struct ieee80211_channel *c = ic->ic_curchan; 5256 int delta; 5257 5258 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5259 u_int chan = ieee80211_chan2ieee(ic, c); 5260 delta = sc->rssi_5ghz[rxchain]; 5261 5262 /* determine channel group */ 5263 if (chan <= 64) 5264 delta -= sc->lna[1]; 5265 else if (chan <= 128) 5266 delta -= sc->lna[2]; 5267 else 5268 delta -= sc->lna[3]; 5269 } else 5270 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5271 5272 return (-12 - delta - rssi); 5273 } 5274 5275 static void 5276 run_rt5390_bbp_init(struct run_softc *sc) 5277 { 5278 int i; 5279 uint8_t bbp; 5280 5281 /* Apply maximum likelihood detection for 2 stream case. */ 5282 run_bbp_read(sc, 105, &bbp); 5283 if (sc->nrxchains > 1) 5284 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5285 5286 /* Avoid data lost and CRC error. */ 5287 run_bbp_read(sc, 4, &bbp); 5288 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5289 5290 if (sc->mac_ver == 0x5592) { 5291 for (i = 0; i < NELEM(rt5592_def_bbp); i++) { 5292 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5293 rt5592_def_bbp[i].val); 5294 } 5295 for (i = 0; i < NELEM(rt5592_bbp_r196); i++) { 5296 run_bbp_write(sc, 195, i + 0x80); 5297 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5298 } 5299 } else { 5300 for (i = 0; i < NELEM(rt5390_def_bbp); i++) { 5301 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5302 rt5390_def_bbp[i].val); 5303 } 5304 } 5305 if (sc->mac_ver == 0x5392) { 5306 run_bbp_write(sc, 88, 0x90); 5307 run_bbp_write(sc, 95, 0x9a); 5308 run_bbp_write(sc, 98, 0x12); 5309 run_bbp_write(sc, 106, 0x12); 5310 run_bbp_write(sc, 134, 0xd0); 5311 run_bbp_write(sc, 135, 0xf6); 5312 run_bbp_write(sc, 148, 0x84); 5313 } 5314 5315 run_bbp_read(sc, 152, &bbp); 5316 run_bbp_write(sc, 152, bbp | 0x80); 5317 5318 /* Fix BBP254 for RT5592C. */ 5319 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5320 run_bbp_read(sc, 254, &bbp); 5321 run_bbp_write(sc, 254, bbp | 0x80); 5322 } 5323 5324 /* Disable hardware antenna diversity. */ 5325 if (sc->mac_ver == 0x5390) 5326 run_bbp_write(sc, 154, 0); 5327 5328 /* Initialize Rx CCK/OFDM frequency offset report. */ 5329 run_bbp_write(sc, 142, 1); 5330 run_bbp_write(sc, 143, 57); 5331 } 5332 5333 static int 5334 run_bbp_init(struct run_softc *sc) 5335 { 5336 int i, error, ntries; 5337 uint8_t bbp0; 5338 5339 /* wait for BBP to wake up */ 5340 for (ntries = 0; ntries < 20; ntries++) { 5341 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5342 return error; 5343 if (bbp0 != 0 && bbp0 != 0xff) 5344 break; 5345 } 5346 if (ntries == 20) 5347 return (ETIMEDOUT); 5348 5349 /* initialize BBP registers to default values */ 5350 if (sc->mac_ver >= 0x5390) 5351 run_rt5390_bbp_init(sc); 5352 else { 5353 for (i = 0; i < NELEM(rt2860_def_bbp); i++) { 5354 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5355 rt2860_def_bbp[i].val); 5356 } 5357 } 5358 5359 if (sc->mac_ver == 0x3593) { 5360 run_bbp_write(sc, 79, 0x13); 5361 run_bbp_write(sc, 80, 0x05); 5362 run_bbp_write(sc, 81, 0x33); 5363 run_bbp_write(sc, 86, 0x46); 5364 run_bbp_write(sc, 137, 0x0f); 5365 } 5366 5367 /* fix BBP84 for RT2860E */ 5368 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5369 run_bbp_write(sc, 84, 0x19); 5370 5371 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5372 sc->mac_ver != 0x5592)) { 5373 run_bbp_write(sc, 79, 0x13); 5374 run_bbp_write(sc, 80, 0x05); 5375 run_bbp_write(sc, 81, 0x33); 5376 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5377 run_bbp_write(sc, 69, 0x16); 5378 run_bbp_write(sc, 73, 0x12); 5379 } 5380 return (0); 5381 } 5382 5383 static int 5384 run_rt3070_rf_init(struct run_softc *sc) 5385 { 5386 uint32_t tmp; 5387 uint8_t bbp4, mingain, rf, target; 5388 int i; 5389 5390 run_rt3070_rf_read(sc, 30, &rf); 5391 /* toggle RF R30 bit 7 */ 5392 run_rt3070_rf_write(sc, 30, rf | 0x80); 5393 run_delay(sc, 10); 5394 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5395 5396 /* initialize RF registers to default value */ 5397 if (sc->mac_ver == 0x3572) { 5398 for (i = 0; i < NELEM(rt3572_def_rf); i++) { 5399 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5400 rt3572_def_rf[i].val); 5401 } 5402 } else { 5403 for (i = 0; i < NELEM(rt3070_def_rf); i++) { 5404 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5405 rt3070_def_rf[i].val); 5406 } 5407 } 5408 5409 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5410 /* 5411 * Change voltage from 1.2V to 1.35V for RT3070. 5412 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5413 * in RT3070(F). 5414 */ 5415 run_read(sc, RT3070_LDO_CFG0, &tmp); 5416 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5417 run_write(sc, RT3070_LDO_CFG0, tmp); 5418 5419 } else if (sc->mac_ver == 0x3071) { 5420 run_rt3070_rf_read(sc, 6, &rf); 5421 run_rt3070_rf_write(sc, 6, rf | 0x40); 5422 run_rt3070_rf_write(sc, 31, 0x14); 5423 5424 run_read(sc, RT3070_LDO_CFG0, &tmp); 5425 tmp &= ~0x1f000000; 5426 if (sc->mac_rev < 0x0211) 5427 tmp |= 0x0d000000; /* 1.3V */ 5428 else 5429 tmp |= 0x01000000; /* 1.2V */ 5430 run_write(sc, RT3070_LDO_CFG0, tmp); 5431 5432 /* patch LNA_PE_G1 */ 5433 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5434 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5435 5436 } else if (sc->mac_ver == 0x3572) { 5437 run_rt3070_rf_read(sc, 6, &rf); 5438 run_rt3070_rf_write(sc, 6, rf | 0x40); 5439 5440 /* increase voltage from 1.2V to 1.35V */ 5441 run_read(sc, RT3070_LDO_CFG0, &tmp); 5442 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5443 run_write(sc, RT3070_LDO_CFG0, tmp); 5444 5445 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5446 run_delay(sc, 1); /* wait for 1msec */ 5447 /* decrease voltage back to 1.2V */ 5448 tmp = (tmp & ~0x1f000000) | 0x01000000; 5449 run_write(sc, RT3070_LDO_CFG0, tmp); 5450 } 5451 } 5452 5453 /* select 20MHz bandwidth */ 5454 run_rt3070_rf_read(sc, 31, &rf); 5455 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5456 5457 /* calibrate filter for 20MHz bandwidth */ 5458 sc->rf24_20mhz = 0x1f; /* default value */ 5459 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5460 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5461 5462 /* select 40MHz bandwidth */ 5463 run_bbp_read(sc, 4, &bbp4); 5464 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5465 run_rt3070_rf_read(sc, 31, &rf); 5466 run_rt3070_rf_write(sc, 31, rf | 0x20); 5467 5468 /* calibrate filter for 40MHz bandwidth */ 5469 sc->rf24_40mhz = 0x2f; /* default value */ 5470 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5471 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5472 5473 /* go back to 20MHz bandwidth */ 5474 run_bbp_read(sc, 4, &bbp4); 5475 run_bbp_write(sc, 4, bbp4 & ~0x18); 5476 5477 if (sc->mac_ver == 0x3572) { 5478 /* save default BBP registers 25 and 26 values */ 5479 run_bbp_read(sc, 25, &sc->bbp25); 5480 run_bbp_read(sc, 26, &sc->bbp26); 5481 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5482 run_rt3070_rf_write(sc, 27, 0x03); 5483 5484 run_read(sc, RT3070_OPT_14, &tmp); 5485 run_write(sc, RT3070_OPT_14, tmp | 1); 5486 5487 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5488 run_rt3070_rf_read(sc, 17, &rf); 5489 rf &= ~RT3070_TX_LO1; 5490 if ((sc->mac_ver == 0x3070 || 5491 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5492 !sc->ext_2ghz_lna) 5493 rf |= 0x20; /* fix for long range Rx issue */ 5494 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5495 if (sc->txmixgain_2ghz >= mingain) 5496 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5497 run_rt3070_rf_write(sc, 17, rf); 5498 } 5499 5500 if (sc->mac_ver == 0x3071) { 5501 run_rt3070_rf_read(sc, 1, &rf); 5502 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5503 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5504 run_rt3070_rf_write(sc, 1, rf); 5505 5506 run_rt3070_rf_read(sc, 15, &rf); 5507 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5508 5509 run_rt3070_rf_read(sc, 20, &rf); 5510 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5511 5512 run_rt3070_rf_read(sc, 21, &rf); 5513 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5514 } 5515 5516 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5517 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5518 run_rt3070_rf_read(sc, 27, &rf); 5519 rf &= ~0x77; 5520 if (sc->mac_rev < 0x0211) 5521 rf |= 0x03; 5522 run_rt3070_rf_write(sc, 27, rf); 5523 } 5524 return (0); 5525 } 5526 5527 static void 5528 run_rt3593_rf_init(struct run_softc *sc) 5529 { 5530 uint32_t tmp; 5531 uint8_t rf; 5532 int i; 5533 5534 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5535 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5536 tmp &= ~(1 << 4 | 1 << 7); 5537 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5538 5539 /* Initialize RF registers to default value. */ 5540 for (i = 0; i < NELEM(rt3593_def_rf); i++) { 5541 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5542 rt3593_def_rf[i].val); 5543 } 5544 5545 /* Toggle RF R2 to initiate calibration. */ 5546 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5547 5548 /* Initialize RF frequency offset. */ 5549 run_adjust_freq_offset(sc); 5550 5551 run_rt3070_rf_read(sc, 18, &rf); 5552 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5553 5554 /* 5555 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5556 * decrease voltage back to 1.2V. 5557 */ 5558 run_read(sc, RT3070_LDO_CFG0, &tmp); 5559 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5560 run_write(sc, RT3070_LDO_CFG0, tmp); 5561 run_delay(sc, 1); 5562 tmp = (tmp & ~0x1f000000) | 0x01000000; 5563 run_write(sc, RT3070_LDO_CFG0, tmp); 5564 5565 sc->rf24_20mhz = 0x1f; 5566 sc->rf24_40mhz = 0x2f; 5567 5568 /* Save default BBP registers 25 and 26 values. */ 5569 run_bbp_read(sc, 25, &sc->bbp25); 5570 run_bbp_read(sc, 26, &sc->bbp26); 5571 5572 run_read(sc, RT3070_OPT_14, &tmp); 5573 run_write(sc, RT3070_OPT_14, tmp | 1); 5574 } 5575 5576 static void 5577 run_rt5390_rf_init(struct run_softc *sc) 5578 { 5579 uint32_t tmp; 5580 uint8_t rf; 5581 int i; 5582 5583 /* Toggle RF R2 to initiate calibration. */ 5584 if (sc->mac_ver == 0x5390) { 5585 run_rt3070_rf_read(sc, 2, &rf); 5586 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5587 run_delay(sc, 10); 5588 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5589 } else { 5590 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5591 run_delay(sc, 10); 5592 } 5593 5594 /* Initialize RF registers to default value. */ 5595 if (sc->mac_ver == 0x5592) { 5596 for (i = 0; i < NELEM(rt5592_def_rf); i++) { 5597 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5598 rt5592_def_rf[i].val); 5599 } 5600 /* Initialize RF frequency offset. */ 5601 run_adjust_freq_offset(sc); 5602 } else if (sc->mac_ver == 0x5392) { 5603 for (i = 0; i < NELEM(rt5392_def_rf); i++) { 5604 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5605 rt5392_def_rf[i].val); 5606 } 5607 if (sc->mac_rev >= 0x0223) { 5608 run_rt3070_rf_write(sc, 23, 0x0f); 5609 run_rt3070_rf_write(sc, 24, 0x3e); 5610 run_rt3070_rf_write(sc, 51, 0x32); 5611 run_rt3070_rf_write(sc, 53, 0x22); 5612 run_rt3070_rf_write(sc, 56, 0xc1); 5613 run_rt3070_rf_write(sc, 59, 0x0f); 5614 } 5615 } else { 5616 for (i = 0; i < NELEM(rt5390_def_rf); i++) { 5617 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5618 rt5390_def_rf[i].val); 5619 } 5620 if (sc->mac_rev >= 0x0502) { 5621 run_rt3070_rf_write(sc, 6, 0xe0); 5622 run_rt3070_rf_write(sc, 25, 0x80); 5623 run_rt3070_rf_write(sc, 46, 0x73); 5624 run_rt3070_rf_write(sc, 53, 0x00); 5625 run_rt3070_rf_write(sc, 56, 0x42); 5626 run_rt3070_rf_write(sc, 61, 0xd1); 5627 } 5628 } 5629 5630 sc->rf24_20mhz = 0x1f; /* default value */ 5631 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5632 5633 if (sc->mac_rev < 0x0211) 5634 run_rt3070_rf_write(sc, 27, 0x3); 5635 5636 run_read(sc, RT3070_OPT_14, &tmp); 5637 run_write(sc, RT3070_OPT_14, tmp | 1); 5638 } 5639 5640 static int 5641 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5642 uint8_t *val) 5643 { 5644 uint8_t rf22, rf24; 5645 uint8_t bbp55_pb, bbp55_sb, delta; 5646 int ntries; 5647 5648 /* program filter */ 5649 run_rt3070_rf_read(sc, 24, &rf24); 5650 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5651 run_rt3070_rf_write(sc, 24, rf24); 5652 5653 /* enable baseband loopback mode */ 5654 run_rt3070_rf_read(sc, 22, &rf22); 5655 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5656 5657 /* set power and frequency of passband test tone */ 5658 run_bbp_write(sc, 24, 0x00); 5659 for (ntries = 0; ntries < 100; ntries++) { 5660 /* transmit test tone */ 5661 run_bbp_write(sc, 25, 0x90); 5662 run_delay(sc, 10); 5663 /* read received power */ 5664 run_bbp_read(sc, 55, &bbp55_pb); 5665 if (bbp55_pb != 0) 5666 break; 5667 } 5668 if (ntries == 100) 5669 return (ETIMEDOUT); 5670 5671 /* set power and frequency of stopband test tone */ 5672 run_bbp_write(sc, 24, 0x06); 5673 for (ntries = 0; ntries < 100; ntries++) { 5674 /* transmit test tone */ 5675 run_bbp_write(sc, 25, 0x90); 5676 run_delay(sc, 10); 5677 /* read received power */ 5678 run_bbp_read(sc, 55, &bbp55_sb); 5679 5680 delta = bbp55_pb - bbp55_sb; 5681 if (delta > target) 5682 break; 5683 5684 /* reprogram filter */ 5685 rf24++; 5686 run_rt3070_rf_write(sc, 24, rf24); 5687 } 5688 if (ntries < 100) { 5689 if (rf24 != init) 5690 rf24--; /* backtrack */ 5691 *val = rf24; 5692 run_rt3070_rf_write(sc, 24, rf24); 5693 } 5694 5695 /* restore initial state */ 5696 run_bbp_write(sc, 24, 0x00); 5697 5698 /* disable baseband loopback mode */ 5699 run_rt3070_rf_read(sc, 22, &rf22); 5700 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5701 5702 return (0); 5703 } 5704 5705 static void 5706 run_rt3070_rf_setup(struct run_softc *sc) 5707 { 5708 uint8_t bbp, rf; 5709 int i; 5710 5711 if (sc->mac_ver == 0x3572) { 5712 /* enable DC filter */ 5713 if (sc->mac_rev >= 0x0201) 5714 run_bbp_write(sc, 103, 0xc0); 5715 5716 run_bbp_read(sc, 138, &bbp); 5717 if (sc->ntxchains == 1) 5718 bbp |= 0x20; /* turn off DAC1 */ 5719 if (sc->nrxchains == 1) 5720 bbp &= ~0x02; /* turn off ADC1 */ 5721 run_bbp_write(sc, 138, bbp); 5722 5723 if (sc->mac_rev >= 0x0211) { 5724 /* improve power consumption */ 5725 run_bbp_read(sc, 31, &bbp); 5726 run_bbp_write(sc, 31, bbp & ~0x03); 5727 } 5728 5729 run_rt3070_rf_read(sc, 16, &rf); 5730 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5731 run_rt3070_rf_write(sc, 16, rf); 5732 5733 } else if (sc->mac_ver == 0x3071) { 5734 if (sc->mac_rev >= 0x0211) { 5735 /* enable DC filter */ 5736 run_bbp_write(sc, 103, 0xc0); 5737 5738 /* improve power consumption */ 5739 run_bbp_read(sc, 31, &bbp); 5740 run_bbp_write(sc, 31, bbp & ~0x03); 5741 } 5742 5743 run_bbp_read(sc, 138, &bbp); 5744 if (sc->ntxchains == 1) 5745 bbp |= 0x20; /* turn off DAC1 */ 5746 if (sc->nrxchains == 1) 5747 bbp &= ~0x02; /* turn off ADC1 */ 5748 run_bbp_write(sc, 138, bbp); 5749 5750 run_write(sc, RT2860_TX_SW_CFG1, 0); 5751 if (sc->mac_rev < 0x0211) { 5752 run_write(sc, RT2860_TX_SW_CFG2, 5753 sc->patch_dac ? 0x2c : 0x0f); 5754 } else 5755 run_write(sc, RT2860_TX_SW_CFG2, 0); 5756 5757 } else if (sc->mac_ver == 0x3070) { 5758 if (sc->mac_rev >= 0x0201) { 5759 /* enable DC filter */ 5760 run_bbp_write(sc, 103, 0xc0); 5761 5762 /* improve power consumption */ 5763 run_bbp_read(sc, 31, &bbp); 5764 run_bbp_write(sc, 31, bbp & ~0x03); 5765 } 5766 5767 if (sc->mac_rev < 0x0201) { 5768 run_write(sc, RT2860_TX_SW_CFG1, 0); 5769 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5770 } else 5771 run_write(sc, RT2860_TX_SW_CFG2, 0); 5772 } 5773 5774 /* initialize RF registers from ROM for >=RT3071*/ 5775 if (sc->mac_ver >= 0x3071) { 5776 for (i = 0; i < 10; i++) { 5777 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5778 continue; 5779 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5780 } 5781 } 5782 } 5783 5784 static void 5785 run_rt3593_rf_setup(struct run_softc *sc) 5786 { 5787 uint8_t bbp, rf; 5788 5789 if (sc->mac_rev >= 0x0211) { 5790 /* Enable DC filter. */ 5791 run_bbp_write(sc, 103, 0xc0); 5792 } 5793 run_write(sc, RT2860_TX_SW_CFG1, 0); 5794 if (sc->mac_rev < 0x0211) { 5795 run_write(sc, RT2860_TX_SW_CFG2, 5796 sc->patch_dac ? 0x2c : 0x0f); 5797 } else 5798 run_write(sc, RT2860_TX_SW_CFG2, 0); 5799 5800 run_rt3070_rf_read(sc, 50, &rf); 5801 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5802 5803 run_rt3070_rf_read(sc, 51, &rf); 5804 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5805 ((sc->txmixgain_2ghz & 0x07) << 2); 5806 run_rt3070_rf_write(sc, 51, rf); 5807 5808 run_rt3070_rf_read(sc, 38, &rf); 5809 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5810 5811 run_rt3070_rf_read(sc, 39, &rf); 5812 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5813 5814 run_rt3070_rf_read(sc, 1, &rf); 5815 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5816 5817 run_rt3070_rf_read(sc, 30, &rf); 5818 rf = (rf & ~0x18) | 0x10; 5819 run_rt3070_rf_write(sc, 30, rf); 5820 5821 /* Apply maximum likelihood detection for 2 stream case. */ 5822 run_bbp_read(sc, 105, &bbp); 5823 if (sc->nrxchains > 1) 5824 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5825 5826 /* Avoid data lost and CRC error. */ 5827 run_bbp_read(sc, 4, &bbp); 5828 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5829 5830 run_bbp_write(sc, 92, 0x02); 5831 run_bbp_write(sc, 82, 0x82); 5832 run_bbp_write(sc, 106, 0x05); 5833 run_bbp_write(sc, 104, 0x92); 5834 run_bbp_write(sc, 88, 0x90); 5835 run_bbp_write(sc, 148, 0xc8); 5836 run_bbp_write(sc, 47, 0x48); 5837 run_bbp_write(sc, 120, 0x50); 5838 5839 run_bbp_write(sc, 163, 0x9d); 5840 5841 /* SNR mapping. */ 5842 run_bbp_write(sc, 142, 0x06); 5843 run_bbp_write(sc, 143, 0xa0); 5844 run_bbp_write(sc, 142, 0x07); 5845 run_bbp_write(sc, 143, 0xa1); 5846 run_bbp_write(sc, 142, 0x08); 5847 run_bbp_write(sc, 143, 0xa2); 5848 5849 run_bbp_write(sc, 31, 0x08); 5850 run_bbp_write(sc, 68, 0x0b); 5851 run_bbp_write(sc, 105, 0x04); 5852 } 5853 5854 static void 5855 run_rt5390_rf_setup(struct run_softc *sc) 5856 { 5857 uint8_t bbp, rf; 5858 5859 if (sc->mac_rev >= 0x0211) { 5860 /* Enable DC filter. */ 5861 run_bbp_write(sc, 103, 0xc0); 5862 5863 if (sc->mac_ver != 0x5592) { 5864 /* Improve power consumption. */ 5865 run_bbp_read(sc, 31, &bbp); 5866 run_bbp_write(sc, 31, bbp & ~0x03); 5867 } 5868 } 5869 5870 run_bbp_read(sc, 138, &bbp); 5871 if (sc->ntxchains == 1) 5872 bbp |= 0x20; /* turn off DAC1 */ 5873 if (sc->nrxchains == 1) 5874 bbp &= ~0x02; /* turn off ADC1 */ 5875 run_bbp_write(sc, 138, bbp); 5876 5877 run_rt3070_rf_read(sc, 38, &rf); 5878 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5879 5880 run_rt3070_rf_read(sc, 39, &rf); 5881 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5882 5883 /* Avoid data lost and CRC error. */ 5884 run_bbp_read(sc, 4, &bbp); 5885 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5886 5887 run_rt3070_rf_read(sc, 30, &rf); 5888 rf = (rf & ~0x18) | 0x10; 5889 run_rt3070_rf_write(sc, 30, rf); 5890 5891 if (sc->mac_ver != 0x5592) { 5892 run_write(sc, RT2860_TX_SW_CFG1, 0); 5893 if (sc->mac_rev < 0x0211) { 5894 run_write(sc, RT2860_TX_SW_CFG2, 5895 sc->patch_dac ? 0x2c : 0x0f); 5896 } else 5897 run_write(sc, RT2860_TX_SW_CFG2, 0); 5898 } 5899 } 5900 5901 static int 5902 run_txrx_enable(struct run_softc *sc) 5903 { 5904 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5905 uint32_t tmp; 5906 int error, ntries; 5907 5908 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5909 for (ntries = 0; ntries < 200; ntries++) { 5910 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5911 return (error); 5912 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5913 break; 5914 run_delay(sc, 50); 5915 } 5916 if (ntries == 200) 5917 return (ETIMEDOUT); 5918 5919 run_delay(sc, 50); 5920 5921 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5922 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5923 5924 /* enable Rx bulk aggregation (set timeout and limit) */ 5925 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5926 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5927 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5928 5929 /* set Rx filter */ 5930 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5931 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5932 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5933 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5934 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5935 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5936 if (ic->ic_opmode == IEEE80211_M_STA) 5937 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5938 } 5939 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5940 5941 run_write(sc, RT2860_MAC_SYS_CTRL, 5942 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5943 5944 return (0); 5945 } 5946 5947 static void 5948 run_adjust_freq_offset(struct run_softc *sc) 5949 { 5950 uint8_t rf, tmp; 5951 5952 run_rt3070_rf_read(sc, 17, &rf); 5953 tmp = rf; 5954 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5955 rf = MIN(rf, 0x5f); 5956 5957 if (tmp != rf) 5958 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5959 } 5960 5961 static void 5962 run_init_locked(struct run_softc *sc) 5963 { 5964 struct ifnet *ifp = sc->sc_ifp; 5965 struct ieee80211com *ic = ifp->if_l2com; 5966 uint32_t tmp; 5967 uint8_t bbp1, bbp3; 5968 int i; 5969 int ridx; 5970 int ntries; 5971 5972 if (ic->ic_nrunning > 1) 5973 return; 5974 5975 run_stop(sc); 5976 5977 if (run_load_microcode(sc) != 0) { 5978 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5979 goto fail; 5980 } 5981 5982 for (ntries = 0; ntries < 100; ntries++) { 5983 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5984 goto fail; 5985 if (tmp != 0 && tmp != 0xffffffff) 5986 break; 5987 run_delay(sc, 10); 5988 } 5989 if (ntries == 100) 5990 goto fail; 5991 5992 for (i = 0; i != RUN_EP_QUEUES; i++) 5993 run_setup_tx_list(sc, &sc->sc_epq[i]); 5994 5995 run_set_macaddr(sc, IF_LLADDR(ifp)); 5996 5997 for (ntries = 0; ntries < 100; ntries++) { 5998 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 5999 goto fail; 6000 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6001 break; 6002 run_delay(sc, 10); 6003 } 6004 if (ntries == 100) { 6005 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6006 goto fail; 6007 } 6008 tmp &= 0xff0; 6009 tmp |= RT2860_TX_WB_DDONE; 6010 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6011 6012 /* turn off PME_OEN to solve high-current issue */ 6013 run_read(sc, RT2860_SYS_CTRL, &tmp); 6014 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 6015 6016 run_write(sc, RT2860_MAC_SYS_CTRL, 6017 RT2860_BBP_HRST | RT2860_MAC_SRST); 6018 run_write(sc, RT2860_USB_DMA_CFG, 0); 6019 6020 if (run_reset(sc) != 0) { 6021 device_printf(sc->sc_dev, "could not reset chipset\n"); 6022 goto fail; 6023 } 6024 6025 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6026 6027 /* init Tx power for all Tx rates (from EEPROM) */ 6028 for (ridx = 0; ridx < 5; ridx++) { 6029 if (sc->txpow20mhz[ridx] == 0xffffffff) 6030 continue; 6031 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6032 } 6033 6034 for (i = 0; i < NELEM(rt2870_def_mac); i++) 6035 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6036 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6037 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6038 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6039 6040 if (sc->mac_ver >= 0x5390) { 6041 run_write(sc, RT2860_TX_SW_CFG0, 6042 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6043 if (sc->mac_ver >= 0x5392) { 6044 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6045 if (sc->mac_ver == 0x5592) { 6046 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6047 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6048 } else { 6049 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6050 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6051 } 6052 } 6053 } else if (sc->mac_ver == 0x3593) { 6054 run_write(sc, RT2860_TX_SW_CFG0, 6055 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6056 } else if (sc->mac_ver >= 0x3070) { 6057 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6058 run_write(sc, RT2860_TX_SW_CFG0, 6059 4 << RT2860_DLY_PAPE_EN_SHIFT); 6060 } 6061 6062 /* wait while MAC is busy */ 6063 for (ntries = 0; ntries < 100; ntries++) { 6064 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6065 goto fail; 6066 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6067 break; 6068 run_delay(sc, 10); 6069 } 6070 if (ntries == 100) 6071 goto fail; 6072 6073 /* clear Host to MCU mailbox */ 6074 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6075 run_write(sc, RT2860_H2M_MAILBOX, 0); 6076 run_delay(sc, 10); 6077 6078 if (run_bbp_init(sc) != 0) { 6079 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6080 goto fail; 6081 } 6082 6083 /* abort TSF synchronization */ 6084 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6085 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6086 RT2860_TBTT_TIMER_EN); 6087 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6088 6089 /* clear RX WCID search table */ 6090 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6091 /* clear WCID attribute table */ 6092 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6093 6094 /* hostapd sets a key before init. So, don't clear it. */ 6095 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6096 /* clear shared key table */ 6097 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6098 /* clear shared key mode */ 6099 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6100 } 6101 6102 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6103 tmp = (tmp & ~0xff) | 0x1e; 6104 run_write(sc, RT2860_US_CYC_CNT, tmp); 6105 6106 if (sc->mac_rev != 0x0101) 6107 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6108 6109 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6110 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6111 6112 /* write vendor-specific BBP values (from EEPROM) */ 6113 if (sc->mac_ver < 0x3593) { 6114 for (i = 0; i < 10; i++) { 6115 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6116 continue; 6117 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6118 } 6119 } 6120 6121 /* select Main antenna for 1T1R devices */ 6122 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6123 run_set_rx_antenna(sc, 0); 6124 6125 /* send LEDs operating mode to microcontroller */ 6126 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6127 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6128 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6129 6130 if (sc->mac_ver >= 0x5390) 6131 run_rt5390_rf_init(sc); 6132 else if (sc->mac_ver == 0x3593) 6133 run_rt3593_rf_init(sc); 6134 else if (sc->mac_ver >= 0x3070) 6135 run_rt3070_rf_init(sc); 6136 6137 /* disable non-existing Rx chains */ 6138 run_bbp_read(sc, 3, &bbp3); 6139 bbp3 &= ~(1 << 3 | 1 << 4); 6140 if (sc->nrxchains == 2) 6141 bbp3 |= 1 << 3; 6142 else if (sc->nrxchains == 3) 6143 bbp3 |= 1 << 4; 6144 run_bbp_write(sc, 3, bbp3); 6145 6146 /* disable non-existing Tx chains */ 6147 run_bbp_read(sc, 1, &bbp1); 6148 if (sc->ntxchains == 1) 6149 bbp1 &= ~(1 << 3 | 1 << 4); 6150 run_bbp_write(sc, 1, bbp1); 6151 6152 if (sc->mac_ver >= 0x5390) 6153 run_rt5390_rf_setup(sc); 6154 else if (sc->mac_ver == 0x3593) 6155 run_rt3593_rf_setup(sc); 6156 else if (sc->mac_ver >= 0x3070) 6157 run_rt3070_rf_setup(sc); 6158 6159 /* select default channel */ 6160 run_set_chan(sc, ic->ic_curchan); 6161 6162 /* setup initial protection mode */ 6163 run_updateprot_cb(ic); 6164 6165 /* turn radio LED on */ 6166 run_set_leds(sc, RT2860_LED_RADIO); 6167 6168 ifq_clr_oactive(&ifp->if_snd); 6169 ifp->if_flags |= IFF_RUNNING; 6170 sc->cmdq_run = RUN_CMDQ_GO; 6171 6172 for (i = 0; i != RUN_N_XFER; i++) 6173 usbd_xfer_set_stall(sc->sc_xfer[i]); 6174 6175 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6176 6177 if (run_txrx_enable(sc) != 0) 6178 goto fail; 6179 6180 return; 6181 6182 fail: 6183 run_stop(sc); 6184 } 6185 6186 static void 6187 run_init(void *arg) 6188 { 6189 struct run_softc *sc = arg; 6190 struct ifnet *ifp = sc->sc_ifp; 6191 struct ieee80211com *ic = ifp->if_l2com; 6192 6193 RUN_LOCK(sc); 6194 run_init_locked(sc); 6195 RUN_UNLOCK(sc); 6196 6197 if (ifp->if_flags & IFF_RUNNING) 6198 ieee80211_start_all(ic); 6199 } 6200 6201 static void 6202 run_stop(void *arg) 6203 { 6204 struct run_softc *sc = (struct run_softc *)arg; 6205 struct ifnet *ifp = sc->sc_ifp; 6206 uint32_t tmp; 6207 int i; 6208 int ntries; 6209 6210 RUN_LOCK_ASSERT(sc, MA_OWNED); 6211 6212 if (ifp->if_flags & IFF_RUNNING) 6213 run_set_leds(sc, 0); /* turn all LEDs off */ 6214 6215 ifp->if_flags &= ~IFF_RUNNING; 6216 ifq_clr_oactive(&ifp->if_snd); 6217 6218 sc->ratectl_run = RUN_RATECTL_OFF; 6219 sc->cmdq_run = sc->cmdq_key_set; 6220 6221 RUN_UNLOCK(sc); 6222 6223 for(i = 0; i < RUN_N_XFER; i++) 6224 usbd_transfer_drain(sc->sc_xfer[i]); 6225 6226 RUN_LOCK(sc); 6227 6228 if (sc->rx_m != NULL) { 6229 m_free(sc->rx_m); 6230 sc->rx_m = NULL; 6231 } 6232 6233 /* Disable Tx/Rx DMA. */ 6234 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6235 return; 6236 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6237 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6238 6239 for (ntries = 0; ntries < 100; ntries++) { 6240 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6241 return; 6242 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6243 break; 6244 run_delay(sc, 10); 6245 } 6246 if (ntries == 100) { 6247 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6248 return; 6249 } 6250 6251 /* disable Tx/Rx */ 6252 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6253 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6254 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6255 6256 /* wait for pending Tx to complete */ 6257 for (ntries = 0; ntries < 100; ntries++) { 6258 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6259 DPRINTF("Cannot read Tx queue count\n"); 6260 break; 6261 } 6262 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6263 DPRINTF("All Tx cleared\n"); 6264 break; 6265 } 6266 run_delay(sc, 10); 6267 } 6268 if (ntries >= 100) 6269 DPRINTF("There are still pending Tx\n"); 6270 run_delay(sc, 10); 6271 run_write(sc, RT2860_USB_DMA_CFG, 0); 6272 6273 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6274 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6275 6276 for (i = 0; i != RUN_EP_QUEUES; i++) 6277 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6278 } 6279 6280 static void 6281 run_delay(struct run_softc *sc, u_int ms) 6282 { 6283 usb_pause_mtx(lockowned(&sc->sc_lock) ? &sc->sc_lock : NULL, 6284 USB_MS_TO_TICKS(ms)); 6285 } 6286 6287 static device_method_t run_methods[] = { 6288 /* Device interface */ 6289 DEVMETHOD(device_probe, run_match), 6290 DEVMETHOD(device_attach, run_attach), 6291 DEVMETHOD(device_detach, run_detach), 6292 DEVMETHOD_END 6293 }; 6294 6295 static driver_t run_driver = { 6296 .name = "run", 6297 .methods = run_methods, 6298 .size = sizeof(struct run_softc) 6299 }; 6300 6301 static devclass_t run_devclass; 6302 6303 DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6304 MODULE_DEPEND(run, wlan, 1, 1, 1); 6305 MODULE_DEPEND(run, usb, 1, 1, 1); 6306 MODULE_DEPEND(run, firmware, 1, 1, 1); 6307 MODULE_VERSION(run, 1); 6308