1 /* $OpenBSD: if_run.c,v 1.132 2020/11/27 14:45:03 krw Exp $ */ 2 3 /*- 4 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 22 * http://www.ralinktech.com/ 23 */ 24 25 #include "bpfilter.h" 26 27 #include <sys/param.h> 28 #include <sys/sockio.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/timeout.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 #include <sys/endian.h> 37 38 #include <machine/intr.h> 39 40 #if NBPFILTER > 0 41 #include <net/bpf.h> 42 #endif 43 #include <net/if.h> 44 #include <net/if_dl.h> 45 #include <net/if_media.h> 46 47 #include <netinet/in.h> 48 #include <netinet/if_ether.h> 49 50 #include <net80211/ieee80211_var.h> 51 #include <net80211/ieee80211_amrr.h> 52 #include <net80211/ieee80211_radiotap.h> 53 54 #include <dev/usb/usb.h> 55 #include <dev/usb/usbdi.h> 56 #include <dev/usb/usbdi_util.h> 57 #include <dev/usb/usbdevs.h> 58 59 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */ 60 #include <dev/usb/if_runvar.h> 61 62 #ifdef RUN_DEBUG 63 #define DPRINTF(x) do { if (run_debug) printf x; } while (0) 64 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0) 65 int run_debug = 0; 66 #else 67 #define DPRINTF(x) 68 #define DPRINTFN(n, x) 69 #endif 70 71 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p } 72 static const struct usb_devno run_devs[] = { 73 USB_ID(ABOCOM, RT2770), 74 USB_ID(ABOCOM, RT2870), 75 USB_ID(ABOCOM, RT3070), 76 USB_ID(ABOCOM, RT3071), 77 USB_ID(ABOCOM, RT3072), 78 USB_ID(ABOCOM2, RT2870_1), 79 USB_ID(ACCTON, RT2770), 80 USB_ID(ACCTON, RT2870_1), 81 USB_ID(ACCTON, RT2870_2), 82 USB_ID(ACCTON, RT2870_3), 83 USB_ID(ACCTON, RT2870_4), 84 USB_ID(ACCTON, RT2870_5), 85 USB_ID(ACCTON, RT3070), 86 USB_ID(ACCTON, RT3070_1), 87 USB_ID(ACCTON, RT3070_2), 88 USB_ID(ACCTON, RT3070_3), 89 USB_ID(ACCTON, RT3070_4), 90 USB_ID(ACCTON, RT3070_5), 91 USB_ID(ACCTON, RT3070_6), 92 USB_ID(AIRTIES, RT3070), 93 USB_ID(AIRTIES, RT3070_2), 94 USB_ID(ALLWIN, RT2070), 95 USB_ID(ALLWIN, RT2770), 96 USB_ID(ALLWIN, RT2870), 97 USB_ID(ALLWIN, RT3070), 98 USB_ID(ALLWIN, RT3071), 99 USB_ID(ALLWIN, RT3072), 100 USB_ID(ALLWIN, RT3572), 101 USB_ID(AMIGO, RT2870_1), 102 USB_ID(AMIGO, RT2870_2), 103 USB_ID(AMIT, CGWLUSB2GNR), 104 USB_ID(AMIT, RT2870_1), 105 USB_ID(AMIT2, RT2870), 106 USB_ID(ASUS, RT2870_1), 107 USB_ID(ASUS, RT2870_2), 108 USB_ID(ASUS, RT2870_3), 109 USB_ID(ASUS, RT2870_4), 110 USB_ID(ASUS, RT2870_5), 111 USB_ID(ASUS, RT3070_1), 112 USB_ID(ASUS, USBN13), 113 USB_ID(ASUS, USBN53), 114 USB_ID(ASUS, USBN66), 115 USB_ID(ASUS2, USBN11), 116 USB_ID(AZUREWAVE, RT2870_1), 117 USB_ID(AZUREWAVE, RT2870_2), 118 USB_ID(AZUREWAVE, RT3070_1), 119 USB_ID(AZUREWAVE, RT3070_2), 120 USB_ID(AZUREWAVE, RT3070_3), 121 USB_ID(AZUREWAVE, RT3070_4), 122 USB_ID(AZUREWAVE, RT3070_5), 123 USB_ID(BELKIN, F9L1103), 124 USB_ID(BELKIN, F5D8053V3), 125 USB_ID(BELKIN, F5D8055), 126 USB_ID(BELKIN, F5D8055V2), 127 USB_ID(BELKIN, F6D4050V1), 128 USB_ID(BELKIN, F6D4050V2), 129 USB_ID(BELKIN, F7D1101V2), 130 USB_ID(BELKIN, RT2870_1), 131 USB_ID(BELKIN, RT2870_2), 132 USB_ID(BEWAN, RT3070), 133 USB_ID(CISCOLINKSYS, AE1000), 134 USB_ID(CISCOLINKSYS, AM10), 135 USB_ID(CISCOLINKSYS2, RT3070), 136 USB_ID(CISCOLINKSYS3, RT3070), 137 USB_ID(CONCEPTRONIC2, RT2870_1), 138 USB_ID(CONCEPTRONIC2, RT2870_2), 139 USB_ID(CONCEPTRONIC2, RT2870_3), 140 USB_ID(CONCEPTRONIC2, RT2870_5), 141 USB_ID(CONCEPTRONIC2, RT2870_6), 142 USB_ID(CONCEPTRONIC2, RT2870_7), 143 USB_ID(CONCEPTRONIC2, RT2870_8), 144 USB_ID(CONCEPTRONIC2, RT3070_1), 145 USB_ID(CONCEPTRONIC2, RT3070_2), 146 USB_ID(CONCEPTRONIC2, RT3070_3), 147 USB_ID(CONCEPTRONIC2, VIGORN61), 148 USB_ID(COREGA, CGWLUSB300GNM), 149 USB_ID(COREGA, RT2870_1), 150 USB_ID(COREGA, RT2870_2), 151 USB_ID(COREGA, RT2870_3), 152 USB_ID(COREGA, RT3070), 153 USB_ID(CYBERTAN, RT2870), 154 USB_ID(DLINK, DWA125B2), 155 USB_ID(DLINK, DWA127), 156 USB_ID(DLINK, DWA130F1), 157 USB_ID(DLINK, DWA137A1), 158 USB_ID(DLINK, DWA140B3), 159 USB_ID(DLINK, DWA140D1), 160 USB_ID(DLINK, DWA160B2), 161 USB_ID(DLINK, DWA162), 162 USB_ID(DLINK, RT2870), 163 USB_ID(DLINK, RT3072), 164 USB_ID(DLINK2, DWA130), 165 USB_ID(DLINK2, RT2870_1), 166 USB_ID(DLINK2, RT2870_2), 167 USB_ID(DLINK2, RT3070_1), 168 USB_ID(DLINK2, RT3070_2), 169 USB_ID(DLINK2, RT3070_3), 170 USB_ID(DLINK2, RT3070_4), 171 USB_ID(DLINK2, RT3070_5), 172 USB_ID(DLINK2, RT3072), 173 USB_ID(DLINK2, RT3072_1), 174 USB_ID(DVICO, RT3070), 175 USB_ID(EDIMAX, EW7717), 176 USB_ID(EDIMAX, EW7718), 177 USB_ID(EDIMAX, EW7722UTN), 178 USB_ID(EDIMAX, RT2870_1), 179 USB_ID(ENCORE, RT3070_1), 180 USB_ID(ENCORE, RT3070_2), 181 USB_ID(ENCORE, RT3070_3), 182 USB_ID(GIGABYTE, GNWB31N), 183 USB_ID(GIGABYTE, GNWB32L), 184 USB_ID(GIGABYTE, RT2870_1), 185 USB_ID(GIGASET, RT3070_1), 186 USB_ID(GIGASET, RT3070_2), 187 USB_ID(GUILLEMOT, HWNU300), 188 USB_ID(HAWKING, HWDN2), 189 USB_ID(HAWKING, HWUN2), 190 USB_ID(HAWKING, RT2870_1), 191 USB_ID(HAWKING, RT2870_2), 192 USB_ID(HAWKING, RT2870_3), 193 USB_ID(HAWKING, RT2870_4), 194 USB_ID(HAWKING, RT2870_5), 195 USB_ID(IODATA, RT3072_1), 196 USB_ID(IODATA, RT3072_2), 197 USB_ID(IODATA, RT3072_3), 198 USB_ID(IODATA, RT3072_4), 199 USB_ID(LINKSYS4, RT3070), 200 USB_ID(LINKSYS4, WUSB100), 201 USB_ID(LINKSYS4, WUSB54GCV3), 202 USB_ID(LINKSYS4, WUSB600N), 203 USB_ID(LINKSYS4, WUSB600NV2), 204 USB_ID(LOGITEC, LANW150NU2), 205 USB_ID(LOGITEC, LANW300NU2), 206 USB_ID(LOGITEC, LANW300NU2S), 207 USB_ID(LOGITEC, RT2870_1), 208 USB_ID(LOGITEC, RT2870_2), 209 USB_ID(LOGITEC, RT2870_3), 210 USB_ID(MELCO, RT2870_1), 211 USB_ID(MELCO, RT2870_2), 212 USB_ID(MELCO, WLIUCAG300N), 213 USB_ID(MELCO, WLIUCG300N), 214 USB_ID(MELCO, WLIUCG301N), 215 USB_ID(MELCO, WLIUCGN), 216 USB_ID(MELCO, WLIUCGNHP), 217 USB_ID(MELCO, WLIUCGNM), 218 USB_ID(MELCO, WLIUCGNM2), 219 USB_ID(MOTOROLA4, RT2770), 220 USB_ID(MOTOROLA4, RT3070), 221 USB_ID(MSI, RT3070_1), 222 USB_ID(MSI, RT3070_2), 223 USB_ID(MSI, RT3070_3), 224 USB_ID(MSI, RT3070_4), 225 USB_ID(MSI, RT3070_5), 226 USB_ID(MSI, RT3070_6), 227 USB_ID(MSI, RT3070_7), 228 USB_ID(MSI, RT3070_8), 229 USB_ID(MSI, RT3070_9), 230 USB_ID(MSI, RT3070_10), 231 USB_ID(MSI, RT3070_11), 232 USB_ID(MSI, RT3070_12), 233 USB_ID(MSI, RT3070_13), 234 USB_ID(MSI, RT3070_14), 235 USB_ID(MSI, RT3070_15), 236 USB_ID(OVISLINK, RT3071), 237 USB_ID(OVISLINK, RT3072), 238 USB_ID(PARA, RT3070), 239 USB_ID(PEGATRON, RT2870), 240 USB_ID(PEGATRON, RT3070), 241 USB_ID(PEGATRON, RT3070_2), 242 USB_ID(PEGATRON, RT3070_3), 243 USB_ID(PEGATRON, RT3072), 244 USB_ID(PHILIPS, RT2870), 245 USB_ID(PLANEX2, GWUS300MINIS), 246 USB_ID(PLANEX2, GWUSMICRO300), 247 USB_ID(PLANEX2, GWUSMICRON), 248 USB_ID(PLANEX2, RT2870), 249 USB_ID(PLANEX2, RT3070), 250 USB_ID(QCOM, RT2870), 251 USB_ID(QUANTA, RT3070), 252 USB_ID(RALINK, RT2070), 253 USB_ID(RALINK, RT2770), 254 USB_ID(RALINK, RT2870), 255 USB_ID(RALINK, RT3070), 256 USB_ID(RALINK, RT3071), 257 USB_ID(RALINK, RT3072), 258 USB_ID(RALINK, RT3370), 259 USB_ID(RALINK, RT3572), 260 USB_ID(RALINK, RT3573), 261 USB_ID(RALINK, RT5370), 262 USB_ID(RALINK, RT5572), 263 USB_ID(RALINK, RT8070), 264 USB_ID(SAMSUNG, WIS09ABGN), 265 USB_ID(SAMSUNG2, RT2870_1), 266 USB_ID(SENAO, RT2870_1), 267 USB_ID(SENAO, RT2870_2), 268 USB_ID(SENAO, RT2870_3), 269 USB_ID(SENAO, RT2870_4), 270 USB_ID(SENAO, RT3070), 271 USB_ID(SENAO, RT3071), 272 USB_ID(SENAO, RT3072_1), 273 USB_ID(SENAO, RT3072_2), 274 USB_ID(SENAO, RT3072_3), 275 USB_ID(SENAO, RT3072_4), 276 USB_ID(SENAO, RT3072_5), 277 USB_ID(SITECOMEU, WL302), 278 USB_ID(SITECOMEU, WL315), 279 USB_ID(SITECOMEU, WL321), 280 USB_ID(SITECOMEU, RT3070_3), 281 USB_ID(SITECOMEU, WL302), 282 USB_ID(SITECOMEU, WL344), 283 USB_ID(SITECOMEU, WL329), 284 USB_ID(SITECOMEU, WL345), 285 USB_ID(SITECOMEU, RT2870_1), 286 USB_ID(SITECOMEU, RT2870_2), 287 USB_ID(SITECOMEU, RT2870_3), 288 USB_ID(SITECOMEU, RT3070_1), 289 USB_ID(SITECOMEU, RT3072_3), 290 USB_ID(SITECOMEU, RT3072_4), 291 USB_ID(SITECOMEU, RT3072_5), 292 USB_ID(SITECOMEU, RT3072_6), 293 USB_ID(SITECOMEU, WL302), 294 USB_ID(SITECOMEU, WL315), 295 USB_ID(SITECOMEU, WL321), 296 USB_ID(SITECOMEU, WL324), 297 USB_ID(SITECOMEU, WL329), 298 USB_ID(SITECOMEU, WL343), 299 USB_ID(SITECOMEU, WL344), 300 USB_ID(SITECOMEU, WL345), 301 USB_ID(SITECOMEU, WL349V4), 302 USB_ID(SITECOMEU, WL608), 303 USB_ID(SITECOMEU, WLA4000), 304 USB_ID(SITECOMEU, WLA5000), 305 USB_ID(SPARKLAN, RT2870_1), 306 USB_ID(SPARKLAN, RT2870_2), 307 USB_ID(SPARKLAN, RT3070), 308 USB_ID(SWEEX2, LW153), 309 USB_ID(SWEEX2, LW303), 310 USB_ID(SWEEX2, LW313), 311 USB_ID(TOSHIBA, RT3070), 312 USB_ID(UMEDIA, RT2870_1), 313 USB_ID(UMEDIA, TEW645UB), 314 USB_ID(ZCOM, RT2870_1), 315 USB_ID(ZCOM, RT2870_2), 316 USB_ID(ZINWELL, RT2870_1), 317 USB_ID(ZINWELL, RT2870_2), 318 USB_ID(ZINWELL, RT3070), 319 USB_ID(ZINWELL, RT3072_1), 320 USB_ID(ZINWELL, RT3072_2), 321 USB_ID(ZYXEL, NWD2105), 322 USB_ID(ZYXEL, NWD211AN), 323 USB_ID(ZYXEL, RT2870_1), 324 USB_ID(ZYXEL, RT2870_2), 325 USB_ID(ZYXEL, RT3070) 326 }; 327 328 int run_match(struct device *, void *, void *); 329 void run_attach(struct device *, struct device *, void *); 330 int run_detach(struct device *, int); 331 int run_alloc_rx_ring(struct run_softc *); 332 void run_free_rx_ring(struct run_softc *); 333 int run_alloc_tx_ring(struct run_softc *, int); 334 void run_free_tx_ring(struct run_softc *, int); 335 int run_load_microcode(struct run_softc *); 336 int run_reset(struct run_softc *); 337 int run_read(struct run_softc *, uint16_t, uint32_t *); 338 int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, 339 int); 340 int run_write_2(struct run_softc *, uint16_t, uint16_t); 341 int run_write(struct run_softc *, uint16_t, uint32_t); 342 int run_write_region_1(struct run_softc *, uint16_t, 343 const uint8_t *, int); 344 int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 345 int run_efuse_read(struct run_softc *, uint16_t, uint16_t *); 346 int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 347 int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 348 int run_rt2870_rf_write(struct run_softc *, uint8_t, uint32_t); 349 int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 350 int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 351 int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 352 int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 353 int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 354 const char * run_get_rf(int); 355 void run_get_txpower(struct run_softc *); 356 void run_rt3593_get_txpower(struct run_softc *); 357 int run_read_eeprom(struct run_softc *); 358 struct ieee80211_node *run_node_alloc(struct ieee80211com *); 359 int run_media_change(struct ifnet *); 360 void run_next_scan(void *); 361 void run_task(void *); 362 void run_do_async(struct run_softc *, void (*)(struct run_softc *, 363 void *), void *, int); 364 int run_newstate(struct ieee80211com *, enum ieee80211_state, int); 365 void run_newstate_cb(struct run_softc *, void *); 366 void run_updateedca(struct ieee80211com *); 367 void run_updateedca_cb(struct run_softc *, void *); 368 int run_set_key(struct ieee80211com *, struct ieee80211_node *, 369 struct ieee80211_key *); 370 void run_set_key_cb(struct run_softc *, void *); 371 void run_delete_key(struct ieee80211com *, struct ieee80211_node *, 372 struct ieee80211_key *); 373 void run_delete_key_cb(struct run_softc *, void *); 374 void run_calibrate_to(void *); 375 void run_calibrate_cb(struct run_softc *, void *); 376 void run_newassoc(struct ieee80211com *, struct ieee80211_node *, 377 int); 378 void run_rx_frame(struct run_softc *, uint8_t *, int, 379 struct mbuf_list *); 380 void run_rxeof(struct usbd_xfer *, void *, usbd_status); 381 void run_txeof(struct usbd_xfer *, void *, usbd_status); 382 int run_tx(struct run_softc *, struct mbuf *, 383 struct ieee80211_node *); 384 void run_start(struct ifnet *); 385 void run_watchdog(struct ifnet *); 386 int run_ioctl(struct ifnet *, u_long, caddr_t); 387 void run_iq_calib(struct run_softc *, u_int); 388 void run_select_chan_group(struct run_softc *, int); 389 void run_set_agc(struct run_softc *, uint8_t); 390 void run_set_rx_antenna(struct run_softc *, int); 391 void run_rt2870_set_chan(struct run_softc *, u_int); 392 void run_rt3070_set_chan(struct run_softc *, u_int); 393 void run_rt3572_set_chan(struct run_softc *, u_int); 394 void run_rt3593_set_chan(struct run_softc *, u_int); 395 void run_rt5390_set_chan(struct run_softc *, u_int); 396 void run_rt5592_set_chan(struct run_softc *, u_int); 397 int run_set_chan(struct run_softc *, struct ieee80211_channel *); 398 void run_enable_tsf_sync(struct run_softc *); 399 void run_enable_mrr(struct run_softc *); 400 void run_set_txpreamble(struct run_softc *); 401 void run_set_basicrates(struct run_softc *); 402 void run_set_leds(struct run_softc *, uint16_t); 403 void run_set_bssid(struct run_softc *, const uint8_t *); 404 void run_set_macaddr(struct run_softc *, const uint8_t *); 405 void run_updateslot(struct ieee80211com *); 406 void run_updateslot_cb(struct run_softc *, void *); 407 #if NBPFILTER > 0 408 int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 409 #endif 410 void run_rt5390_bbp_init(struct run_softc *); 411 int run_bbp_init(struct run_softc *); 412 int run_rt3070_rf_init(struct run_softc *); 413 void run_rt3593_rf_init(struct run_softc *); 414 void run_rt5390_rf_init(struct run_softc *); 415 int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 416 uint8_t *); 417 void run_rt3070_rf_setup(struct run_softc *); 418 void run_rt3593_rf_setup(struct run_softc *); 419 void run_rt5390_rf_setup(struct run_softc *); 420 int run_txrx_enable(struct run_softc *); 421 void run_adjust_freq_offset(struct run_softc *); 422 int run_init(struct ifnet *); 423 void run_stop(struct ifnet *, int); 424 425 struct cfdriver run_cd = { 426 NULL, "run", DV_IFNET 427 }; 428 429 const struct cfattach run_ca = { 430 sizeof (struct run_softc), run_match, run_attach, run_detach 431 }; 432 433 static const struct { 434 uint32_t reg; 435 uint32_t val; 436 } rt2870_def_mac[] = { 437 RT2870_DEF_MAC 438 }; 439 440 static const struct { 441 uint8_t reg; 442 uint8_t val; 443 } rt2860_def_bbp[] = { 444 RT2860_DEF_BBP 445 },rt5390_def_bbp[] = { 446 RT5390_DEF_BBP 447 },rt5592_def_bbp[] = { 448 RT5592_DEF_BBP 449 }; 450 451 /* 452 * Default values for BBP register R196 for RT5592. 453 */ 454 static const uint8_t rt5592_bbp_r196[] = { 455 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 456 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 457 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 458 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 459 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 460 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 461 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 462 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 463 0x2e, 0x36, 0x30, 0x6e 464 }; 465 466 static const struct rfprog { 467 uint8_t chan; 468 uint32_t r1, r2, r3, r4; 469 } rt2860_rf2850[] = { 470 RT2860_RF2850 471 }; 472 473 struct { 474 uint8_t n, r, k; 475 } rt3070_freqs[] = { 476 RT3070_RF3052 477 }; 478 479 static const struct rt5592_freqs { 480 uint16_t n; 481 uint8_t k, m, r; 482 } rt5592_freqs_20mhz[] = { 483 RT5592_RF5592_20MHZ 484 },rt5592_freqs_40mhz[] = { 485 RT5592_RF5592_40MHZ 486 }; 487 488 static const struct { 489 uint8_t reg; 490 uint8_t val; 491 } rt3070_def_rf[] = { 492 RT3070_DEF_RF 493 },rt3572_def_rf[] = { 494 RT3572_DEF_RF 495 },rt3593_def_rf[] = { 496 RT3593_DEF_RF 497 },rt5390_def_rf[] = { 498 RT5390_DEF_RF 499 },rt5392_def_rf[] = { 500 RT5392_DEF_RF 501 },rt5592_def_rf[] = { 502 RT5592_DEF_RF 503 },rt5592_2ghz_def_rf[] = { 504 RT5592_2GHZ_DEF_RF 505 },rt5592_5ghz_def_rf[] = { 506 RT5592_5GHZ_DEF_RF 507 }; 508 509 static const struct { 510 u_int firstchan; 511 u_int lastchan; 512 uint8_t reg; 513 uint8_t val; 514 } rt5592_chan_5ghz[] = { 515 RT5592_CHAN_5GHZ 516 }; 517 518 int 519 run_match(struct device *parent, void *match, void *aux) 520 { 521 struct usb_attach_arg *uaa = aux; 522 523 if (uaa->iface == NULL || uaa->configno != 1) 524 return UMATCH_NONE; 525 526 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ? 527 UMATCH_VENDOR_PRODUCT_CONF_IFACE : UMATCH_NONE; 528 } 529 530 void 531 run_attach(struct device *parent, struct device *self, void *aux) 532 { 533 struct run_softc *sc = (struct run_softc *)self; 534 struct usb_attach_arg *uaa = aux; 535 struct ieee80211com *ic = &sc->sc_ic; 536 struct ifnet *ifp = &ic->ic_if; 537 usb_interface_descriptor_t *id; 538 usb_endpoint_descriptor_t *ed; 539 int i, nrx, ntx, ntries; 540 uint32_t ver; 541 542 sc->sc_udev = uaa->device; 543 sc->sc_iface = uaa->iface; 544 545 /* 546 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX 547 * and 6 for TX (4 EDCAs + HCCA + Prio). 548 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 549 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 550 */ 551 nrx = ntx = 0; 552 id = usbd_get_interface_descriptor(sc->sc_iface); 553 for (i = 0; i < id->bNumEndpoints; i++) { 554 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 555 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK) 556 continue; 557 558 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) { 559 sc->rxq.pipe_no = ed->bEndpointAddress; 560 nrx++; 561 } else if (ntx < 4) { 562 sc->txq[ntx].pipe_no = ed->bEndpointAddress; 563 ntx++; 564 } 565 } 566 /* make sure we've got them all */ 567 if (nrx < 1 || ntx < 4) { 568 printf("%s: missing endpoint\n", sc->sc_dev.dv_xname); 569 return; 570 } 571 572 usb_init_task(&sc->sc_task, run_task, sc, USB_TASK_TYPE_GENERIC); 573 timeout_set(&sc->scan_to, run_next_scan, sc); 574 timeout_set(&sc->calib_to, run_calibrate_to, sc); 575 576 sc->amrr.amrr_min_success_threshold = 1; 577 sc->amrr.amrr_max_success_threshold = 10; 578 579 /* wait for the chip to settle */ 580 for (ntries = 0; ntries < 100; ntries++) { 581 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) 582 return; 583 if (ver != 0 && ver != 0xffffffff) 584 break; 585 DELAY(10); 586 } 587 if (ntries == 100) { 588 printf("%s: timeout waiting for NIC to initialize\n", 589 sc->sc_dev.dv_xname); 590 return; 591 } 592 sc->mac_ver = ver >> 16; 593 sc->mac_rev = ver & 0xffff; 594 595 /* retrieve RF rev. no and various other things from EEPROM */ 596 run_read_eeprom(sc); 597 598 printf("%s: MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), " 599 "address %s\n", sc->sc_dev.dv_xname, sc->mac_ver, 600 sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains, 601 sc->nrxchains, ether_sprintf(ic->ic_myaddr)); 602 603 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 604 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 605 ic->ic_state = IEEE80211_S_INIT; 606 607 /* set device capabilities */ 608 ic->ic_caps = 609 IEEE80211_C_MONITOR | /* monitor mode supported */ 610 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 611 IEEE80211_C_SHSLOT | /* short slot time supported */ 612 IEEE80211_C_WEP | /* WEP */ 613 IEEE80211_C_RSN; /* WPA/RSN */ 614 615 if (sc->rf_rev == RT2860_RF_2750 || 616 sc->rf_rev == RT2860_RF_2850 || 617 sc->rf_rev == RT3070_RF_3052 || 618 sc->rf_rev == RT3070_RF_3053 || 619 sc->rf_rev == RT5592_RF_5592) { 620 /* set supported .11a rates */ 621 ic->ic_sup_rates[IEEE80211_MODE_11A] = 622 ieee80211_std_rateset_11a; 623 624 /* set supported .11a channels */ 625 for (i = 14; i < nitems(rt2860_rf2850); i++) { 626 uint8_t chan = rt2860_rf2850[i].chan; 627 ic->ic_channels[chan].ic_freq = 628 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 629 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 630 } 631 } 632 633 /* set supported .11b and .11g rates */ 634 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 635 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 636 637 /* set supported .11b and .11g channels (1 through 14) */ 638 for (i = 1; i <= 14; i++) { 639 ic->ic_channels[i].ic_freq = 640 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 641 ic->ic_channels[i].ic_flags = 642 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 643 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 644 } 645 646 ifp->if_softc = sc; 647 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 648 ifp->if_ioctl = run_ioctl; 649 ifp->if_start = run_start; 650 ifp->if_watchdog = run_watchdog; 651 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 652 653 if_attach(ifp); 654 ieee80211_ifattach(ifp); 655 ic->ic_node_alloc = run_node_alloc; 656 ic->ic_newassoc = run_newassoc; 657 ic->ic_updateslot = run_updateslot; 658 ic->ic_updateedca = run_updateedca; 659 ic->ic_set_key = run_set_key; 660 ic->ic_delete_key = run_delete_key; 661 /* override state transition machine */ 662 sc->sc_newstate = ic->ic_newstate; 663 ic->ic_newstate = run_newstate; 664 ieee80211_media_init(ifp, run_media_change, ieee80211_media_status); 665 666 #if NBPFILTER > 0 667 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 668 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 669 670 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 671 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 672 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT); 673 674 sc->sc_txtap_len = sizeof sc->sc_txtapu; 675 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 676 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT); 677 #endif 678 } 679 680 int 681 run_detach(struct device *self, int flags) 682 { 683 struct run_softc *sc = (struct run_softc *)self; 684 struct ifnet *ifp = &sc->sc_ic.ic_if; 685 int qid, s; 686 687 s = splusb(); 688 689 if (timeout_initialized(&sc->scan_to)) 690 timeout_del(&sc->scan_to); 691 if (timeout_initialized(&sc->calib_to)) 692 timeout_del(&sc->calib_to); 693 694 /* wait for all queued asynchronous commands to complete */ 695 usb_rem_wait_task(sc->sc_udev, &sc->sc_task); 696 697 usbd_ref_wait(sc->sc_udev); 698 699 if (ifp->if_softc != NULL) { 700 ifp->if_flags &= ~IFF_RUNNING; 701 ifq_clr_oactive(&ifp->if_snd); 702 ieee80211_ifdetach(ifp); 703 if_detach(ifp); 704 } 705 706 for (qid = 0; qid < 4; qid++) 707 run_free_tx_ring(sc, qid); 708 run_free_rx_ring(sc); 709 710 splx(s); 711 712 return 0; 713 } 714 715 int 716 run_alloc_rx_ring(struct run_softc *sc) 717 { 718 struct run_rx_ring *rxq = &sc->rxq; 719 int i, error; 720 721 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh); 722 if (error != 0) 723 goto fail; 724 725 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 726 struct run_rx_data *data = &rxq->data[i]; 727 728 data->sc = sc; /* backpointer for callbacks */ 729 730 data->xfer = usbd_alloc_xfer(sc->sc_udev); 731 if (data->xfer == NULL) { 732 error = ENOMEM; 733 goto fail; 734 } 735 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ); 736 if (data->buf == NULL) { 737 error = ENOMEM; 738 goto fail; 739 } 740 } 741 if (error != 0) 742 fail: run_free_rx_ring(sc); 743 return error; 744 } 745 746 void 747 run_free_rx_ring(struct run_softc *sc) 748 { 749 struct run_rx_ring *rxq = &sc->rxq; 750 int i; 751 752 if (rxq->pipeh != NULL) { 753 usbd_close_pipe(rxq->pipeh); 754 rxq->pipeh = NULL; 755 } 756 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 757 if (rxq->data[i].xfer != NULL) 758 usbd_free_xfer(rxq->data[i].xfer); 759 rxq->data[i].xfer = NULL; 760 } 761 } 762 763 int 764 run_alloc_tx_ring(struct run_softc *sc, int qid) 765 { 766 struct run_tx_ring *txq = &sc->txq[qid]; 767 int i, error; 768 uint16_t txwisize; 769 770 txwisize = sizeof(struct rt2860_txwi); 771 if (sc->mac_ver == 0x5592) 772 txwisize += sizeof(uint32_t); 773 774 txq->cur = txq->queued = 0; 775 776 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh); 777 if (error != 0) 778 goto fail; 779 780 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 781 struct run_tx_data *data = &txq->data[i]; 782 783 data->sc = sc; /* backpointer for callbacks */ 784 data->qid = qid; 785 786 data->xfer = usbd_alloc_xfer(sc->sc_udev); 787 if (data->xfer == NULL) { 788 error = ENOMEM; 789 goto fail; 790 } 791 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ); 792 if (data->buf == NULL) { 793 error = ENOMEM; 794 goto fail; 795 } 796 /* zeroize the TXD + TXWI part */ 797 memset(data->buf, 0, sizeof(struct rt2870_txd) + txwisize); 798 } 799 if (error != 0) 800 fail: run_free_tx_ring(sc, qid); 801 return error; 802 } 803 804 void 805 run_free_tx_ring(struct run_softc *sc, int qid) 806 { 807 struct run_tx_ring *txq = &sc->txq[qid]; 808 int i; 809 810 if (txq->pipeh != NULL) { 811 usbd_close_pipe(txq->pipeh); 812 txq->pipeh = NULL; 813 } 814 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 815 if (txq->data[i].xfer != NULL) 816 usbd_free_xfer(txq->data[i].xfer); 817 txq->data[i].xfer = NULL; 818 } 819 } 820 821 int 822 run_load_microcode(struct run_softc *sc) 823 { 824 usb_device_request_t req; 825 const char *fwname; 826 u_char *ucode; 827 size_t size; 828 uint32_t tmp; 829 int ntries, error; 830 831 /* RT3071/RT3072 use a different firmware */ 832 if (sc->mac_ver != 0x2860 && 833 sc->mac_ver != 0x2872 && 834 sc->mac_ver != 0x3070) 835 fwname = "run-rt3071"; 836 else 837 fwname = "run-rt2870"; 838 839 if ((error = loadfirmware(fwname, &ucode, &size)) != 0) { 840 printf("%s: failed loadfirmware of file %s (error %d)\n", 841 sc->sc_dev.dv_xname, fwname, error); 842 return error; 843 } 844 if (size != 4096) { 845 printf("%s: invalid firmware size (should be 4KB)\n", 846 sc->sc_dev.dv_xname); 847 free(ucode, M_DEVBUF, size); 848 return EINVAL; 849 } 850 851 /* write microcode image */ 852 run_write_region_1(sc, RT2870_FW_BASE, ucode, size); 853 free(ucode, M_DEVBUF, size); 854 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 855 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 856 857 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 858 req.bRequest = RT2870_RESET; 859 USETW(req.wValue, 8); 860 USETW(req.wIndex, 0); 861 USETW(req.wLength, 0); 862 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0) 863 return error; 864 865 usbd_delay_ms(sc->sc_udev, 10); 866 run_write(sc, RT2860_H2M_BBPAGENT, 0); 867 run_write(sc, RT2860_H2M_MAILBOX, 0); 868 run_write(sc, RT2860_H2M_INTSRC, 0); 869 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 870 return error; 871 872 /* wait until microcontroller is ready */ 873 for (ntries = 0; ntries < 1000; ntries++) { 874 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 875 return error; 876 if (tmp & RT2860_MCU_READY) 877 break; 878 DELAY(1000); 879 } 880 if (ntries == 1000) { 881 printf("%s: timeout waiting for MCU to initialize\n", 882 sc->sc_dev.dv_xname); 883 return ETIMEDOUT; 884 } 885 DPRINTF(("microcode successfully loaded after %d tries\n", ntries)); 886 return 0; 887 } 888 889 int 890 run_reset(struct run_softc *sc) 891 { 892 usb_device_request_t req; 893 894 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 895 req.bRequest = RT2870_RESET; 896 USETW(req.wValue, 1); 897 USETW(req.wIndex, 0); 898 USETW(req.wLength, 0); 899 return usbd_do_request(sc->sc_udev, &req, NULL); 900 } 901 902 int 903 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 904 { 905 uint32_t tmp; 906 int error; 907 908 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 909 if (error == 0) 910 *val = letoh32(tmp); 911 else 912 *val = 0xffffffff; 913 return error; 914 } 915 916 int 917 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 918 { 919 usb_device_request_t req; 920 921 req.bmRequestType = UT_READ_VENDOR_DEVICE; 922 req.bRequest = RT2870_READ_REGION_1; 923 USETW(req.wValue, 0); 924 USETW(req.wIndex, reg); 925 USETW(req.wLength, len); 926 return usbd_do_request(sc->sc_udev, &req, buf); 927 } 928 929 int 930 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 931 { 932 usb_device_request_t req; 933 934 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 935 req.bRequest = RT2870_WRITE_2; 936 USETW(req.wValue, val); 937 USETW(req.wIndex, reg); 938 USETW(req.wLength, 0); 939 return usbd_do_request(sc->sc_udev, &req, NULL); 940 } 941 942 int 943 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 944 { 945 int error; 946 947 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 948 error = run_write_2(sc, reg + 2, val >> 16); 949 return error; 950 } 951 952 int 953 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 954 int len) 955 { 956 #if 1 957 int i, error = 0; 958 /* 959 * NB: the WRITE_REGION_1 command is not stable on RT2860. 960 * We thus issue multiple WRITE_2 commands instead. 961 */ 962 KASSERT((len & 1) == 0); 963 for (i = 0; i < len && error == 0; i += 2) 964 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 965 return error; 966 #else 967 usb_device_request_t req; 968 969 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 970 req.bRequest = RT2870_WRITE_REGION_1; 971 USETW(req.wValue, 0); 972 USETW(req.wIndex, reg); 973 USETW(req.wLength, len); 974 return usbd_do_request(sc->sc_udev, &req, buf); 975 #endif 976 } 977 978 int 979 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count) 980 { 981 int error = 0; 982 983 for (; count > 0 && error == 0; count--, reg += 4) 984 error = run_write(sc, reg, val); 985 return error; 986 } 987 988 /* Read 16-bit from eFUSE ROM. */ 989 int 990 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 991 { 992 uint32_t tmp; 993 uint16_t reg; 994 int error, ntries; 995 996 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 997 return error; 998 999 /*- 1000 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1001 * DATA0: F E D C 1002 * DATA1: B A 9 8 1003 * DATA2: 7 6 5 4 1004 * DATA3: 3 2 1 0 1005 */ 1006 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1007 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1008 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1009 for (ntries = 0; ntries < 100; ntries++) { 1010 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1011 return error; 1012 if (!(tmp & RT3070_EFSROM_KICK)) 1013 break; 1014 DELAY(2); 1015 } 1016 if (ntries == 100) 1017 return ETIMEDOUT; 1018 1019 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1020 *val = 0xffff; /* address not found */ 1021 return 0; 1022 } 1023 /* determine to which 32-bit register our 16-bit word belongs */ 1024 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1025 if ((error = run_read(sc, reg, &tmp)) != 0) 1026 return error; 1027 1028 tmp >>= (8 * (addr & 0x3)); 1029 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1030 return 0; 1031 } 1032 1033 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1034 int 1035 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1036 { 1037 uint32_t tmp; 1038 uint16_t reg; 1039 int error, ntries; 1040 1041 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1042 return error; 1043 1044 addr *= 2; 1045 /*- 1046 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1047 * DATA0: F E D C 1048 * DATA1: B A 9 8 1049 * DATA2: 7 6 5 4 1050 * DATA3: 3 2 1 0 1051 */ 1052 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1053 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1054 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1055 for (ntries = 0; ntries < 100; ntries++) { 1056 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1057 return error; 1058 if (!(tmp & RT3070_EFSROM_KICK)) 1059 break; 1060 DELAY(2); 1061 } 1062 if (ntries == 100) 1063 return ETIMEDOUT; 1064 1065 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1066 *val = 0xffff; /* address not found */ 1067 return 0; 1068 } 1069 /* determine to which 32-bit register our 16-bit word belongs */ 1070 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1071 if ((error = run_read(sc, reg, &tmp)) != 0) 1072 return error; 1073 1074 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1075 return 0; 1076 } 1077 1078 int 1079 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1080 { 1081 usb_device_request_t req; 1082 uint16_t tmp; 1083 int error; 1084 1085 addr *= 2; 1086 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1087 req.bRequest = RT2870_EEPROM_READ; 1088 USETW(req.wValue, 0); 1089 USETW(req.wIndex, addr); 1090 USETW(req.wLength, sizeof tmp); 1091 error = usbd_do_request(sc->sc_udev, &req, &tmp); 1092 if (error == 0) 1093 *val = letoh16(tmp); 1094 else 1095 *val = 0xffff; 1096 return error; 1097 } 1098 1099 static __inline int 1100 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1101 { 1102 /* either eFUSE ROM or EEPROM */ 1103 return sc->sc_srom_read(sc, addr, val); 1104 } 1105 1106 int 1107 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 1108 { 1109 uint32_t tmp; 1110 int error, ntries; 1111 1112 for (ntries = 0; ntries < 10; ntries++) { 1113 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1114 return error; 1115 if (!(tmp & RT2860_RF_REG_CTRL)) 1116 break; 1117 } 1118 if (ntries == 10) 1119 return ETIMEDOUT; 1120 1121 /* RF registers are 24-bit on the RT2860 */ 1122 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1123 (val & 0x3fffff) << 2 | (reg & 3); 1124 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1125 } 1126 1127 int 1128 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1129 { 1130 uint32_t tmp; 1131 int error, ntries; 1132 1133 for (ntries = 0; ntries < 100; ntries++) { 1134 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1135 return error; 1136 if (!(tmp & RT3070_RF_KICK)) 1137 break; 1138 } 1139 if (ntries == 100) 1140 return ETIMEDOUT; 1141 1142 tmp = RT3070_RF_KICK | reg << 8; 1143 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1144 return error; 1145 1146 for (ntries = 0; ntries < 100; ntries++) { 1147 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1148 return error; 1149 if (!(tmp & RT3070_RF_KICK)) 1150 break; 1151 } 1152 if (ntries == 100) 1153 return ETIMEDOUT; 1154 1155 *val = tmp & 0xff; 1156 return 0; 1157 } 1158 1159 int 1160 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1161 { 1162 uint32_t tmp; 1163 int error, ntries; 1164 1165 for (ntries = 0; ntries < 10; ntries++) { 1166 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1167 return error; 1168 if (!(tmp & RT3070_RF_KICK)) 1169 break; 1170 } 1171 if (ntries == 10) 1172 return ETIMEDOUT; 1173 1174 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1175 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1176 } 1177 1178 int 1179 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1180 { 1181 uint32_t tmp; 1182 int ntries, error; 1183 1184 for (ntries = 0; ntries < 10; ntries++) { 1185 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1186 return error; 1187 if (!(tmp & RT2860_BBP_CSR_KICK)) 1188 break; 1189 } 1190 if (ntries == 10) 1191 return ETIMEDOUT; 1192 1193 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1194 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1195 return error; 1196 1197 for (ntries = 0; ntries < 10; ntries++) { 1198 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1199 return error; 1200 if (!(tmp & RT2860_BBP_CSR_KICK)) 1201 break; 1202 } 1203 if (ntries == 10) 1204 return ETIMEDOUT; 1205 1206 *val = tmp & 0xff; 1207 return 0; 1208 } 1209 1210 int 1211 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1212 { 1213 uint32_t tmp; 1214 int ntries, error; 1215 1216 for (ntries = 0; ntries < 10; ntries++) { 1217 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1218 return error; 1219 if (!(tmp & RT2860_BBP_CSR_KICK)) 1220 break; 1221 } 1222 if (ntries == 10) 1223 return ETIMEDOUT; 1224 1225 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1226 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1227 } 1228 1229 /* 1230 * Send a command to the 8051 microcontroller unit. 1231 */ 1232 int 1233 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1234 { 1235 uint32_t tmp; 1236 int error, ntries; 1237 1238 for (ntries = 0; ntries < 100; ntries++) { 1239 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1240 return error; 1241 if (!(tmp & RT2860_H2M_BUSY)) 1242 break; 1243 } 1244 if (ntries == 100) 1245 return ETIMEDOUT; 1246 1247 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1248 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1249 error = run_write(sc, RT2860_HOST_CMD, cmd); 1250 return error; 1251 } 1252 1253 /* 1254 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1255 * Used to adjust per-rate Tx power registers. 1256 */ 1257 static __inline uint32_t 1258 b4inc(uint32_t b32, int8_t delta) 1259 { 1260 int8_t i, b4; 1261 1262 for (i = 0; i < 8; i++) { 1263 b4 = b32 & 0xf; 1264 b4 += delta; 1265 if (b4 < 0) 1266 b4 = 0; 1267 else if (b4 > 0xf) 1268 b4 = 0xf; 1269 b32 = b32 >> 4 | b4 << 28; 1270 } 1271 return b32; 1272 } 1273 1274 const char * 1275 run_get_rf(int rev) 1276 { 1277 switch (rev) { 1278 case RT2860_RF_2820: return "RT2820"; 1279 case RT2860_RF_2850: return "RT2850"; 1280 case RT2860_RF_2720: return "RT2720"; 1281 case RT2860_RF_2750: return "RT2750"; 1282 case RT3070_RF_3020: return "RT3020"; 1283 case RT3070_RF_2020: return "RT2020"; 1284 case RT3070_RF_3021: return "RT3021"; 1285 case RT3070_RF_3022: return "RT3022"; 1286 case RT3070_RF_3052: return "RT3052"; 1287 case RT3070_RF_3053: return "RT3053"; 1288 case RT5592_RF_5592: return "RT5592"; 1289 case RT5390_RF_5370: return "RT5370"; 1290 case RT5390_RF_5372: return "RT5372"; 1291 } 1292 return "unknown"; 1293 } 1294 1295 void 1296 run_rt3593_get_txpower(struct run_softc *sc) 1297 { 1298 uint16_t addr, val; 1299 int i; 1300 1301 /* Read power settings for 2GHz channels. */ 1302 for (i = 0; i < 14; i += 2) { 1303 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1304 RT2860_EEPROM_PWR2GHZ_BASE1; 1305 run_srom_read(sc, addr + i / 2, &val); 1306 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1307 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1308 1309 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1310 RT2860_EEPROM_PWR2GHZ_BASE2; 1311 run_srom_read(sc, addr + i / 2, &val); 1312 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1313 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1314 1315 if (sc->ntxchains == 3) { 1316 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1317 &val); 1318 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1319 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1320 } 1321 } 1322 /* Fix broken Tx power entries. */ 1323 for (i = 0; i < 14; i++) { 1324 if (sc->txpow1[i] > 31) 1325 sc->txpow1[i] = 5; 1326 if (sc->txpow2[i] > 31) 1327 sc->txpow2[i] = 5; 1328 if (sc->ntxchains == 3) { 1329 if (sc->txpow3[i] > 31) 1330 sc->txpow3[i] = 5; 1331 } 1332 } 1333 /* Read power settings for 5GHz channels. */ 1334 for (i = 0; i < 40; i += 2) { 1335 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1336 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1337 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1338 1339 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1340 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1341 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1342 1343 if (sc->ntxchains == 3) { 1344 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1345 &val); 1346 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1347 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1348 } 1349 } 1350 } 1351 1352 void 1353 run_get_txpower(struct run_softc *sc) 1354 { 1355 uint16_t val; 1356 int i; 1357 1358 /* Read power settings for 2GHz channels. */ 1359 for (i = 0; i < 14; i += 2) { 1360 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1361 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1362 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1363 1364 if (sc->mac_ver != 0x5390) { 1365 run_srom_read(sc, 1366 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1367 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1368 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1369 } 1370 } 1371 /* Fix broken Tx power entries. */ 1372 for (i = 0; i < 14; i++) { 1373 if (sc->mac_ver >= 0x5390) { 1374 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1375 sc->txpow1[i] = 5; 1376 } else { 1377 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1378 sc->txpow1[i] = 5; 1379 } 1380 if (sc->mac_ver > 0x5390) { 1381 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1382 sc->txpow2[i] = 5; 1383 } else if (sc->mac_ver < 0x5390) { 1384 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1385 sc->txpow2[i] = 5; 1386 } 1387 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1388 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i])); 1389 } 1390 /* Read power settings for 5GHz channels. */ 1391 for (i = 0; i < 40; i += 2) { 1392 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1393 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1394 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1395 1396 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1397 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1398 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1399 } 1400 /* Fix broken Tx power entries. */ 1401 for (i = 0; i < 40; i++ ) { 1402 if (sc->mac_ver != 0x5592) { 1403 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1404 sc->txpow1[14 + i] = 5; 1405 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1406 sc->txpow2[14 + i] = 5; 1407 } 1408 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1409 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1410 sc->txpow2[14 + i])); 1411 } 1412 } 1413 1414 int 1415 run_read_eeprom(struct run_softc *sc) 1416 { 1417 struct ieee80211com *ic = &sc->sc_ic; 1418 int8_t delta_2ghz, delta_5ghz; 1419 uint32_t tmp; 1420 uint16_t val; 1421 int ridx, ant, i; 1422 1423 /* check whether the ROM is eFUSE ROM or EEPROM */ 1424 sc->sc_srom_read = run_eeprom_read_2; 1425 if (sc->mac_ver >= 0x3070) { 1426 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1427 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp)); 1428 if (tmp & RT3070_SEL_EFUSE || sc->mac_ver == 0x3593) 1429 sc->sc_srom_read = run_efuse_read_2; 1430 } 1431 1432 /* read ROM version */ 1433 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1434 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8)); 1435 1436 /* read MAC address */ 1437 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1438 ic->ic_myaddr[0] = val & 0xff; 1439 ic->ic_myaddr[1] = val >> 8; 1440 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1441 ic->ic_myaddr[2] = val & 0xff; 1442 ic->ic_myaddr[3] = val >> 8; 1443 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1444 ic->ic_myaddr[4] = val & 0xff; 1445 ic->ic_myaddr[5] = val >> 8; 1446 1447 if (sc->mac_ver < 0x3593) { 1448 /* read vendor BBP settings */ 1449 for (i = 0; i < 10; i++) { 1450 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1451 sc->bbp[i].val = val & 0xff; 1452 sc->bbp[i].reg = val >> 8; 1453 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, 1454 sc->bbp[i].val)); 1455 } 1456 if (sc->mac_ver >= 0x3071) { 1457 /* read vendor RF settings */ 1458 for (i = 0; i < 10; i++) { 1459 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1460 &val); 1461 sc->rf[i].val = val & 0xff; 1462 sc->rf[i].reg = val >> 8; 1463 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg, 1464 sc->rf[i].val)); 1465 } 1466 } 1467 } 1468 1469 /* read RF frequency offset from EEPROM */ 1470 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1471 RT3593_EEPROM_FREQ, &val); 1472 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1473 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff)); 1474 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1475 RT3593_EEPROM_FREQ_LEDS, &val); 1476 if ((val >> 8) != 0xff) { 1477 /* read LEDs operating mode */ 1478 sc->leds = val >> 8; 1479 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1480 RT3593_EEPROM_LED1, &sc->led[0]); 1481 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1482 RT3593_EEPROM_LED2, &sc->led[1]); 1483 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1484 RT3593_EEPROM_LED3, &sc->led[2]); 1485 } else { 1486 /* broken EEPROM, use default settings */ 1487 sc->leds = 0x01; 1488 sc->led[0] = 0x5555; 1489 sc->led[1] = 0x2221; 1490 sc->led[2] = 0x5627; /* differs from RT2860 */ 1491 } 1492 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1493 sc->leds, sc->led[0], sc->led[1], sc->led[2])); 1494 1495 /* read RF information */ 1496 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) 1497 run_srom_read(sc, 0x00, &val); 1498 else 1499 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1500 if (val == 0xffff) { 1501 DPRINTF(("invalid EEPROM antenna info, using default\n")); 1502 if (sc->mac_ver == 0x3572) { 1503 /* default to RF3052 2T2R */ 1504 sc->rf_rev = RT3070_RF_3052; 1505 sc->ntxchains = 2; 1506 sc->nrxchains = 2; 1507 } else if (sc->mac_ver >= 0x3070) { 1508 /* default to RF3020 1T1R */ 1509 sc->rf_rev = RT3070_RF_3020; 1510 sc->ntxchains = 1; 1511 sc->nrxchains = 1; 1512 } else { 1513 /* default to RF2820 1T2R */ 1514 sc->rf_rev = RT2860_RF_2820; 1515 sc->ntxchains = 1; 1516 sc->nrxchains = 2; 1517 } 1518 } else { 1519 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) { 1520 sc->rf_rev = val; 1521 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1522 } else 1523 sc->rf_rev = (val >> 8) & 0xf; 1524 sc->ntxchains = (val >> 4) & 0xf; 1525 sc->nrxchains = val & 0xf; 1526 } 1527 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1528 sc->rf_rev, sc->ntxchains, sc->nrxchains)); 1529 1530 /* check if RF supports automatic Tx access gain control */ 1531 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1532 DPRINTF(("EEPROM CFG 0x%04x\n", val)); 1533 /* check if driver should patch the DAC issue */ 1534 if ((val >> 8) != 0xff) 1535 sc->patch_dac = (val >> 15) & 1; 1536 if ((val & 0xff) != 0xff) { 1537 sc->ext_5ghz_lna = (val >> 3) & 1; 1538 sc->ext_2ghz_lna = (val >> 2) & 1; 1539 /* check if RF supports automatic Tx access gain control */ 1540 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1541 /* check if we have a hardware radio switch */ 1542 sc->rfswitch = val & 1; 1543 } 1544 1545 /* Read Tx power settings. */ 1546 if (sc->mac_ver == 0x3593) 1547 run_rt3593_get_txpower(sc); 1548 else 1549 run_get_txpower(sc); 1550 1551 /* read Tx power compensation for each Tx rate */ 1552 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1553 delta_2ghz = delta_5ghz = 0; 1554 if ((val & 0xff) != 0xff && (val & 0x80)) { 1555 delta_2ghz = val & 0xf; 1556 if (!(val & 0x40)) /* negative number */ 1557 delta_2ghz = -delta_2ghz; 1558 } 1559 val >>= 8; 1560 if ((val & 0xff) != 0xff && (val & 0x80)) { 1561 delta_5ghz = val & 0xf; 1562 if (!(val & 0x40)) /* negative number */ 1563 delta_5ghz = -delta_5ghz; 1564 } 1565 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n", 1566 delta_2ghz, delta_5ghz)); 1567 1568 for (ridx = 0; ridx < 5; ridx++) { 1569 uint32_t reg; 1570 1571 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1572 reg = val; 1573 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1574 reg |= (uint32_t)val << 16; 1575 1576 sc->txpow20mhz[ridx] = reg; 1577 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1578 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1579 1580 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1581 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1582 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx])); 1583 } 1584 1585 /* read RSSI offsets and LNA gains from EEPROM */ 1586 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1587 RT3593_EEPROM_RSSI1_2GHZ, &val); 1588 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1589 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1590 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1591 RT3593_EEPROM_RSSI2_2GHZ, &val); 1592 if (sc->mac_ver >= 0x3070) { 1593 if (sc->mac_ver == 0x3593) { 1594 sc->txmixgain_2ghz = 0; 1595 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1596 } else { 1597 /* 1598 * On RT3070 chips (limited to 2 Rx chains), this ROM 1599 * field contains the Tx mixer gain for the 2GHz band. 1600 */ 1601 if ((val & 0xff) != 0xff) 1602 sc->txmixgain_2ghz = val & 0x7; 1603 } 1604 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz)); 1605 } else 1606 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1607 if (sc->mac_ver == 0x3593) 1608 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1609 sc->lna[2] = val >> 8; /* channel group 2 */ 1610 1611 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1612 RT3593_EEPROM_RSSI1_5GHZ, &val); 1613 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1614 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1615 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1616 RT3593_EEPROM_RSSI2_5GHZ, &val); 1617 if (sc->mac_ver == 0x3572) { 1618 /* 1619 * On RT3572 chips (limited to 2 Rx chains), this ROM 1620 * field contains the Tx mixer gain for the 5GHz band. 1621 */ 1622 if ((val & 0xff) != 0xff) 1623 sc->txmixgain_5ghz = val & 0x7; 1624 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz)); 1625 } else 1626 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1627 if (sc->mac_ver == 0x3593) { 1628 sc->txmixgain_5ghz = 0; 1629 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1630 } 1631 sc->lna[3] = val >> 8; /* channel group 3 */ 1632 1633 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1634 RT3593_EEPROM_LNA, &val); 1635 sc->lna[0] = val & 0xff; /* channel group 0 */ 1636 sc->lna[1] = val >> 8; /* channel group 1 */ 1637 1638 /* fix broken 5GHz LNA entries */ 1639 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1640 DPRINTF(("invalid LNA for channel group %d\n", 2)); 1641 sc->lna[2] = sc->lna[1]; 1642 } 1643 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1644 DPRINTF(("invalid LNA for channel group %d\n", 3)); 1645 sc->lna[3] = sc->lna[1]; 1646 } 1647 1648 /* fix broken RSSI offset entries */ 1649 for (ant = 0; ant < 3; ant++) { 1650 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1651 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n", 1652 ant + 1, sc->rssi_2ghz[ant])); 1653 sc->rssi_2ghz[ant] = 0; 1654 } 1655 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1656 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n", 1657 ant + 1, sc->rssi_5ghz[ant])); 1658 sc->rssi_5ghz[ant] = 0; 1659 } 1660 } 1661 return 0; 1662 } 1663 1664 struct ieee80211_node * 1665 run_node_alloc(struct ieee80211com *ic) 1666 { 1667 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1668 } 1669 1670 int 1671 run_media_change(struct ifnet *ifp) 1672 { 1673 struct run_softc *sc = ifp->if_softc; 1674 struct ieee80211com *ic = &sc->sc_ic; 1675 uint8_t rate, ridx; 1676 int error; 1677 1678 error = ieee80211_media_change(ifp); 1679 if (error != ENETRESET) 1680 return error; 1681 1682 if (ic->ic_fixed_rate != -1) { 1683 rate = ic->ic_sup_rates[ic->ic_curmode]. 1684 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1685 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++) 1686 if (rt2860_rates[ridx].rate == rate) 1687 break; 1688 sc->fixed_ridx = ridx; 1689 } 1690 1691 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1692 (IFF_UP | IFF_RUNNING)) { 1693 run_stop(ifp, 0); 1694 error = run_init(ifp); 1695 } 1696 1697 return error; 1698 } 1699 1700 void 1701 run_next_scan(void *arg) 1702 { 1703 struct run_softc *sc = arg; 1704 1705 if (usbd_is_dying(sc->sc_udev)) 1706 return; 1707 1708 usbd_ref_incr(sc->sc_udev); 1709 1710 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1711 ieee80211_next_scan(&sc->sc_ic.ic_if); 1712 1713 usbd_ref_decr(sc->sc_udev); 1714 } 1715 1716 void 1717 run_task(void *arg) 1718 { 1719 struct run_softc *sc = arg; 1720 struct run_host_cmd_ring *ring = &sc->cmdq; 1721 struct run_host_cmd *cmd; 1722 int s; 1723 1724 if (usbd_is_dying(sc->sc_udev)) 1725 return; 1726 1727 /* process host commands */ 1728 s = splusb(); 1729 while (ring->next != ring->cur) { 1730 cmd = &ring->cmd[ring->next]; 1731 splx(s); 1732 /* callback */ 1733 cmd->cb(sc, cmd->data); 1734 s = splusb(); 1735 ring->queued--; 1736 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT; 1737 } 1738 splx(s); 1739 } 1740 1741 void 1742 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *), 1743 void *arg, int len) 1744 { 1745 struct run_host_cmd_ring *ring = &sc->cmdq; 1746 struct run_host_cmd *cmd; 1747 int s; 1748 1749 if (usbd_is_dying(sc->sc_udev)) 1750 return; 1751 1752 s = splusb(); 1753 cmd = &ring->cmd[ring->cur]; 1754 cmd->cb = cb; 1755 KASSERT(len <= sizeof (cmd->data)); 1756 memcpy(cmd->data, arg, len); 1757 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT; 1758 1759 /* if there is no pending command already, schedule a task */ 1760 if (++ring->queued == 1) 1761 usb_add_task(sc->sc_udev, &sc->sc_task); 1762 splx(s); 1763 } 1764 1765 int 1766 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1767 { 1768 struct run_softc *sc = ic->ic_softc; 1769 struct run_cmd_newstate cmd; 1770 1771 /* do it in a process context */ 1772 cmd.state = nstate; 1773 cmd.arg = arg; 1774 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd); 1775 return 0; 1776 } 1777 1778 void 1779 run_newstate_cb(struct run_softc *sc, void *arg) 1780 { 1781 struct run_cmd_newstate *cmd = arg; 1782 struct ieee80211com *ic = &sc->sc_ic; 1783 enum ieee80211_state ostate; 1784 struct ieee80211_node *ni; 1785 uint32_t tmp, sta[3]; 1786 uint8_t wcid; 1787 int s; 1788 1789 s = splnet(); 1790 ostate = ic->ic_state; 1791 1792 if (ostate == IEEE80211_S_RUN) { 1793 /* turn link LED off */ 1794 run_set_leds(sc, RT2860_LED_RADIO); 1795 } 1796 1797 switch (cmd->state) { 1798 case IEEE80211_S_INIT: 1799 if (ostate == IEEE80211_S_RUN) { 1800 /* abort TSF synchronization */ 1801 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1802 run_write(sc, RT2860_BCN_TIME_CFG, 1803 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1804 RT2860_TBTT_TIMER_EN)); 1805 } 1806 break; 1807 1808 case IEEE80211_S_SCAN: 1809 run_set_chan(sc, ic->ic_bss->ni_chan); 1810 if (!usbd_is_dying(sc->sc_udev)) 1811 timeout_add_msec(&sc->scan_to, 200); 1812 break; 1813 1814 case IEEE80211_S_AUTH: 1815 case IEEE80211_S_ASSOC: 1816 run_set_chan(sc, ic->ic_bss->ni_chan); 1817 break; 1818 1819 case IEEE80211_S_RUN: 1820 run_set_chan(sc, ic->ic_bss->ni_chan); 1821 1822 ni = ic->ic_bss; 1823 1824 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1825 run_updateslot(ic); 1826 run_enable_mrr(sc); 1827 run_set_txpreamble(sc); 1828 run_set_basicrates(sc); 1829 run_set_bssid(sc, ni->ni_bssid); 1830 } 1831 if (ic->ic_opmode == IEEE80211_M_STA) { 1832 /* add BSS entry to the WCID table */ 1833 wcid = RUN_AID2WCID(ni->ni_associd); 1834 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1835 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1836 1837 /* fake a join to init the tx rate */ 1838 run_newassoc(ic, ni, 1); 1839 } 1840 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1841 run_enable_tsf_sync(sc); 1842 1843 /* clear statistic registers used by AMRR */ 1844 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1845 (uint8_t *)sta, sizeof sta); 1846 /* start calibration timer */ 1847 if (!usbd_is_dying(sc->sc_udev)) 1848 timeout_add_sec(&sc->calib_to, 1); 1849 } 1850 1851 /* turn link LED on */ 1852 run_set_leds(sc, RT2860_LED_RADIO | 1853 (IEEE80211_IS_CHAN_2GHZ(ic->ic_bss->ni_chan) ? 1854 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1855 break; 1856 } 1857 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 1858 splx(s); 1859 } 1860 1861 void 1862 run_updateedca(struct ieee80211com *ic) 1863 { 1864 /* do it in a process context */ 1865 run_do_async(ic->ic_softc, run_updateedca_cb, NULL, 0); 1866 } 1867 1868 /* ARGSUSED */ 1869 void 1870 run_updateedca_cb(struct run_softc *sc, void *arg) 1871 { 1872 struct ieee80211com *ic = &sc->sc_ic; 1873 int s, aci; 1874 1875 s = splnet(); 1876 /* update MAC TX configuration registers */ 1877 for (aci = 0; aci < EDCA_NUM_AC; aci++) { 1878 run_write(sc, RT2860_EDCA_AC_CFG(aci), 1879 ic->ic_edca_ac[aci].ac_ecwmax << 16 | 1880 ic->ic_edca_ac[aci].ac_ecwmin << 12 | 1881 ic->ic_edca_ac[aci].ac_aifsn << 8 | 1882 ic->ic_edca_ac[aci].ac_txoplimit); 1883 } 1884 1885 /* update SCH/DMA registers too */ 1886 run_write(sc, RT2860_WMM_AIFSN_CFG, 1887 ic->ic_edca_ac[EDCA_AC_VO].ac_aifsn << 12 | 1888 ic->ic_edca_ac[EDCA_AC_VI].ac_aifsn << 8 | 1889 ic->ic_edca_ac[EDCA_AC_BK].ac_aifsn << 4 | 1890 ic->ic_edca_ac[EDCA_AC_BE].ac_aifsn); 1891 run_write(sc, RT2860_WMM_CWMIN_CFG, 1892 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmin << 12 | 1893 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmin << 8 | 1894 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmin << 4 | 1895 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmin); 1896 run_write(sc, RT2860_WMM_CWMAX_CFG, 1897 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmax << 12 | 1898 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmax << 8 | 1899 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmax << 4 | 1900 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmax); 1901 run_write(sc, RT2860_WMM_TXOP0_CFG, 1902 ic->ic_edca_ac[EDCA_AC_BK].ac_txoplimit << 16 | 1903 ic->ic_edca_ac[EDCA_AC_BE].ac_txoplimit); 1904 run_write(sc, RT2860_WMM_TXOP1_CFG, 1905 ic->ic_edca_ac[EDCA_AC_VO].ac_txoplimit << 16 | 1906 ic->ic_edca_ac[EDCA_AC_VI].ac_txoplimit); 1907 splx(s); 1908 } 1909 1910 int 1911 run_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 1912 struct ieee80211_key *k) 1913 { 1914 struct run_softc *sc = ic->ic_softc; 1915 struct run_cmd_key cmd; 1916 1917 /* defer setting of WEP keys until interface is brought up */ 1918 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) != 1919 (IFF_UP | IFF_RUNNING)) 1920 return 0; 1921 1922 /* do it in a process context */ 1923 cmd.key = *k; 1924 cmd.ni = ni; 1925 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd); 1926 sc->sc_key_tasks++; 1927 1928 return EBUSY; 1929 } 1930 1931 void 1932 run_set_key_cb(struct run_softc *sc, void *arg) 1933 { 1934 struct ieee80211com *ic = &sc->sc_ic; 1935 struct run_cmd_key *cmd = arg; 1936 struct ieee80211_key *k = &cmd->key; 1937 uint32_t attr; 1938 uint16_t base; 1939 uint8_t mode, wcid, iv[8]; 1940 1941 sc->sc_key_tasks--; 1942 1943 /* map net80211 cipher to RT2860 security mode */ 1944 switch (k->k_cipher) { 1945 case IEEE80211_CIPHER_WEP40: 1946 mode = RT2860_MODE_WEP40; 1947 break; 1948 case IEEE80211_CIPHER_WEP104: 1949 mode = RT2860_MODE_WEP104; 1950 break; 1951 case IEEE80211_CIPHER_TKIP: 1952 mode = RT2860_MODE_TKIP; 1953 break; 1954 case IEEE80211_CIPHER_CCMP: 1955 mode = RT2860_MODE_AES_CCMP; 1956 break; 1957 default: 1958 IEEE80211_SEND_MGMT(ic, cmd->ni, IEEE80211_FC0_SUBTYPE_DEAUTH, 1959 IEEE80211_REASON_AUTH_LEAVE); 1960 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1961 return; 1962 } 1963 1964 if (k->k_flags & IEEE80211_KEY_GROUP) { 1965 wcid = 0; /* NB: update WCID0 for group keys */ 1966 base = RT2860_SKEY(0, k->k_id); 1967 } else { 1968 wcid = RUN_AID2WCID(cmd->ni->ni_associd); 1969 base = RT2860_PKEY(wcid); 1970 } 1971 1972 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1973 run_write_region_1(sc, base, k->k_key, 16); 1974 run_write_region_1(sc, base + 16, &k->k_key[24], 8); 1975 run_write_region_1(sc, base + 24, &k->k_key[16], 8); 1976 } else { 1977 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1978 run_write_region_1(sc, base, k->k_key, (k->k_len + 1) & ~1); 1979 } 1980 1981 if (!(k->k_flags & IEEE80211_KEY_GROUP) || 1982 (k->k_flags & IEEE80211_KEY_TX)) { 1983 /* set initial packet number in IV+EIV */ 1984 if (k->k_cipher == IEEE80211_CIPHER_WEP40 || 1985 k->k_cipher == IEEE80211_CIPHER_WEP104) { 1986 memset(iv, 0, sizeof iv); 1987 iv[3] = sc->sc_ic.ic_def_txkey << 6; 1988 } else { 1989 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1990 iv[0] = k->k_tsc >> 8; 1991 iv[1] = (iv[0] | 0x20) & 0x7f; 1992 iv[2] = k->k_tsc; 1993 } else /* CCMP */ { 1994 iv[0] = k->k_tsc; 1995 iv[1] = k->k_tsc >> 8; 1996 iv[2] = 0; 1997 } 1998 iv[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV; 1999 iv[4] = k->k_tsc >> 16; 2000 iv[5] = k->k_tsc >> 24; 2001 iv[6] = k->k_tsc >> 32; 2002 iv[7] = k->k_tsc >> 40; 2003 } 2004 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8); 2005 } 2006 2007 if (k->k_flags & IEEE80211_KEY_GROUP) { 2008 /* install group key */ 2009 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2010 attr &= ~(0xf << (k->k_id * 4)); 2011 attr |= mode << (k->k_id * 4); 2012 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2013 } else { 2014 /* install pairwise key */ 2015 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2016 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2017 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2018 } 2019 2020 if (sc->sc_key_tasks == 0) { 2021 cmd->ni->ni_port_valid = 1; 2022 ieee80211_set_link_state(ic, LINK_STATE_UP); 2023 } 2024 } 2025 2026 void 2027 run_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2028 struct ieee80211_key *k) 2029 { 2030 struct run_softc *sc = ic->ic_softc; 2031 struct run_cmd_key cmd; 2032 2033 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2034 ic->ic_state != IEEE80211_S_RUN) 2035 return; /* nothing to do */ 2036 2037 /* do it in a process context */ 2038 cmd.key = *k; 2039 cmd.ni = ni; 2040 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd); 2041 } 2042 2043 void 2044 run_delete_key_cb(struct run_softc *sc, void *arg) 2045 { 2046 struct run_cmd_key *cmd = arg; 2047 struct ieee80211_key *k = &cmd->key; 2048 uint32_t attr; 2049 uint8_t wcid; 2050 2051 if (k->k_flags & IEEE80211_KEY_GROUP) { 2052 /* remove group key */ 2053 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2054 attr &= ~(0xf << (k->k_id * 4)); 2055 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2056 2057 } else { 2058 /* remove pairwise key */ 2059 wcid = RUN_AID2WCID(cmd->ni->ni_associd); 2060 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2061 attr &= ~0xf; 2062 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2063 } 2064 } 2065 2066 void 2067 run_calibrate_to(void *arg) 2068 { 2069 /* do it in a process context */ 2070 run_do_async(arg, run_calibrate_cb, NULL, 0); 2071 /* next timeout will be rescheduled in the calibration task */ 2072 } 2073 2074 /* ARGSUSED */ 2075 void 2076 run_calibrate_cb(struct run_softc *sc, void *arg) 2077 { 2078 struct ifnet *ifp = &sc->sc_ic.ic_if; 2079 uint32_t sta[3]; 2080 int s, error; 2081 2082 /* read statistic counters (clear on read) and update AMRR state */ 2083 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2084 sizeof sta); 2085 if (error != 0) 2086 goto skip; 2087 2088 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n", 2089 letoh32(sta[1]) >> 16, letoh32(sta[1]) & 0xffff, 2090 letoh32(sta[0]) & 0xffff)); 2091 2092 s = splnet(); 2093 /* count failed TX as errors */ 2094 ifp->if_oerrors += letoh32(sta[0]) & 0xffff; 2095 2096 sc->amn.amn_retrycnt = 2097 (letoh32(sta[0]) & 0xffff) + /* failed TX count */ 2098 (letoh32(sta[1]) >> 16); /* TX retransmission count */ 2099 2100 sc->amn.amn_txcnt = 2101 sc->amn.amn_retrycnt + 2102 (letoh32(sta[1]) & 0xffff); /* successful TX count */ 2103 2104 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn); 2105 splx(s); 2106 2107 skip: 2108 if (!usbd_is_dying(sc->sc_udev)) 2109 timeout_add_sec(&sc->calib_to, 1); 2110 } 2111 2112 void 2113 run_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2114 { 2115 struct run_softc *sc = ic->ic_softc; 2116 struct run_node *rn = (void *)ni; 2117 struct ieee80211_rateset *rs = &ni->ni_rates; 2118 uint8_t rate; 2119 int ridx, i, j; 2120 2121 DPRINTF(("new assoc isnew=%d addr=%s\n", 2122 isnew, ether_sprintf(ni->ni_macaddr))); 2123 2124 ieee80211_amrr_node_init(&sc->amrr, &sc->amn); 2125 /* start at lowest available bit-rate, AMRR will raise */ 2126 ni->ni_txrate = 0; 2127 2128 for (i = 0; i < rs->rs_nrates; i++) { 2129 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2130 /* convert 802.11 rate to hardware rate index */ 2131 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2132 if (rt2860_rates[ridx].rate == rate) 2133 break; 2134 rn->ridx[i] = ridx; 2135 /* determine rate of control response frames */ 2136 for (j = i; j >= 0; j--) { 2137 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2138 rt2860_rates[rn->ridx[i]].phy == 2139 rt2860_rates[rn->ridx[j]].phy) 2140 break; 2141 } 2142 if (j >= 0) { 2143 rn->ctl_ridx[i] = rn->ridx[j]; 2144 } else { 2145 /* no basic rate found, use mandatory one */ 2146 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2147 } 2148 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2149 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i])); 2150 } 2151 } 2152 2153 /* 2154 * Return the Rx chain with the highest RSSI for a given frame. 2155 */ 2156 static __inline uint8_t 2157 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2158 { 2159 uint8_t rxchain = 0; 2160 2161 if (sc->nrxchains > 1) { 2162 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2163 rxchain = 1; 2164 if (sc->nrxchains > 2) 2165 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2166 rxchain = 2; 2167 } 2168 return rxchain; 2169 } 2170 2171 void 2172 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen, 2173 struct mbuf_list *ml) 2174 { 2175 struct ieee80211com *ic = &sc->sc_ic; 2176 struct ifnet *ifp = &ic->ic_if; 2177 struct ieee80211_frame *wh; 2178 struct ieee80211_rxinfo rxi; 2179 struct ieee80211_node *ni; 2180 struct rt2870_rxd *rxd; 2181 struct rt2860_rxwi *rxwi; 2182 struct mbuf *m; 2183 uint32_t flags; 2184 uint16_t len; 2185 #if NBPFILTER > 0 2186 uint16_t phy; 2187 #endif 2188 uint16_t rxwisize; 2189 uint8_t ant, rssi; 2190 int s; 2191 2192 rxwi = (struct rt2860_rxwi *)buf; 2193 rxwisize = sizeof(struct rt2860_rxwi); 2194 if (sc->mac_ver == 0x5592) 2195 rxwisize += sizeof(uint64_t); 2196 else if (sc->mac_ver == 0x3593) 2197 rxwisize += sizeof(uint32_t); 2198 len = letoh16(rxwi->len) & 0xfff; 2199 if (__predict_false(len > dmalen)) { 2200 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen)); 2201 return; 2202 } 2203 if (len > MCLBYTES) { 2204 DPRINTF(("frame too large (length=%d)\n", len)); 2205 ifp->if_ierrors++; 2206 return; 2207 } 2208 /* Rx descriptor is located at the end */ 2209 rxd = (struct rt2870_rxd *)(buf + dmalen); 2210 flags = letoh32(rxd->flags); 2211 2212 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2213 ifp->if_ierrors++; 2214 return; 2215 } 2216 2217 if (__predict_false((flags & RT2860_RX_MICERR))) { 2218 /* report MIC failures to net80211 for TKIP */ 2219 ic->ic_stats.is_rx_locmicfail++; 2220 ieee80211_michael_mic_failure(ic, 0/* XXX */); 2221 ifp->if_ierrors++; 2222 return; 2223 } 2224 2225 wh = (struct ieee80211_frame *)(buf + rxwisize); 2226 rxi.rxi_flags = 0; 2227 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2228 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2229 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 2230 } 2231 2232 if (flags & RT2860_RX_L2PAD) { 2233 u_int hdrlen = ieee80211_get_hdrlen(wh); 2234 memmove((caddr_t)wh + 2, wh, hdrlen); 2235 wh = (struct ieee80211_frame *)((caddr_t)wh + 2); 2236 } 2237 2238 /* could use m_devget but net80211 wants contig mgmt frames */ 2239 MGETHDR(m, M_DONTWAIT, MT_DATA); 2240 if (__predict_false(m == NULL)) { 2241 ifp->if_ierrors++; 2242 return; 2243 } 2244 if (len > MHLEN) { 2245 MCLGET(m, M_DONTWAIT); 2246 if (__predict_false(!(m->m_flags & M_EXT))) { 2247 ifp->if_ierrors++; 2248 m_freem(m); 2249 return; 2250 } 2251 } 2252 /* finalize mbuf */ 2253 memcpy(mtod(m, caddr_t), wh, len); 2254 m->m_pkthdr.len = m->m_len = len; 2255 2256 ant = run_maxrssi_chain(sc, rxwi); 2257 rssi = rxwi->rssi[ant]; 2258 2259 #if NBPFILTER > 0 2260 if (__predict_false(sc->sc_drvbpf != NULL)) { 2261 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2262 struct mbuf mb; 2263 2264 tap->wr_flags = 0; 2265 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 2266 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 2267 tap->wr_antsignal = rssi; 2268 tap->wr_antenna = ant; 2269 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2270 tap->wr_rate = 2; /* in case it can't be found below */ 2271 phy = letoh16(rxwi->phy); 2272 switch (phy & RT2860_PHY_MODE) { 2273 case RT2860_PHY_CCK: 2274 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2275 case 0: tap->wr_rate = 2; break; 2276 case 1: tap->wr_rate = 4; break; 2277 case 2: tap->wr_rate = 11; break; 2278 case 3: tap->wr_rate = 22; break; 2279 } 2280 if (phy & RT2860_PHY_SHPRE) 2281 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2282 break; 2283 case RT2860_PHY_OFDM: 2284 switch (phy & RT2860_PHY_MCS) { 2285 case 0: tap->wr_rate = 12; break; 2286 case 1: tap->wr_rate = 18; break; 2287 case 2: tap->wr_rate = 24; break; 2288 case 3: tap->wr_rate = 36; break; 2289 case 4: tap->wr_rate = 48; break; 2290 case 5: tap->wr_rate = 72; break; 2291 case 6: tap->wr_rate = 96; break; 2292 case 7: tap->wr_rate = 108; break; 2293 } 2294 break; 2295 } 2296 mb.m_data = (caddr_t)tap; 2297 mb.m_len = sc->sc_rxtap_len; 2298 mb.m_next = m; 2299 mb.m_nextpkt = NULL; 2300 mb.m_type = 0; 2301 mb.m_flags = 0; 2302 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 2303 } 2304 #endif 2305 2306 s = splnet(); 2307 ni = ieee80211_find_rxnode(ic, wh); 2308 rxi.rxi_rssi = rssi; 2309 rxi.rxi_tstamp = 0; /* unused */ 2310 ieee80211_inputm(ifp, m, ni, &rxi, ml); 2311 2312 /* node is no longer needed */ 2313 ieee80211_release_node(ic, ni); 2314 splx(s); 2315 } 2316 2317 void 2318 run_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 2319 { 2320 struct mbuf_list ml = MBUF_LIST_INITIALIZER(); 2321 struct run_rx_data *data = priv; 2322 struct run_softc *sc = data->sc; 2323 uint8_t *buf; 2324 uint32_t dmalen; 2325 int xferlen; 2326 uint16_t rxwisize; 2327 2328 rxwisize = sizeof(struct rt2860_rxwi); 2329 if (sc->mac_ver == 0x5592) 2330 rxwisize += sizeof(uint64_t); 2331 else if (sc->mac_ver == 0x3593) 2332 rxwisize += sizeof(uint32_t); 2333 2334 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2335 DPRINTF(("RX status=%d\n", status)); 2336 if (status == USBD_STALLED) 2337 usbd_clear_endpoint_stall_async(sc->rxq.pipeh); 2338 if (status != USBD_CANCELLED) 2339 goto skip; 2340 return; 2341 } 2342 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL); 2343 2344 if (__predict_false(xferlen < sizeof (uint32_t) + rxwisize + 2345 sizeof(struct rt2870_rxd))) { 2346 DPRINTF(("xfer too short %d\n", xferlen)); 2347 goto skip; 2348 } 2349 2350 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2351 buf = data->buf; 2352 while (xferlen > 8) { 2353 dmalen = letoh32(*(uint32_t *)buf) & 0xffff; 2354 2355 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) { 2356 DPRINTF(("bad DMA length %u\n", dmalen)); 2357 break; 2358 } 2359 if (__predict_false(dmalen + 8 > xferlen)) { 2360 DPRINTF(("bad DMA length %u > %d\n", 2361 dmalen + 8, xferlen)); 2362 break; 2363 } 2364 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen, &ml); 2365 buf += dmalen + 8; 2366 xferlen -= dmalen + 8; 2367 } 2368 if_input(&sc->sc_ic.ic_if, &ml); 2369 2370 skip: /* setup a new transfer */ 2371 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ, 2372 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof); 2373 (void)usbd_transfer(data->xfer); 2374 } 2375 2376 void 2377 run_txeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 2378 { 2379 struct run_tx_data *data = priv; 2380 struct run_softc *sc = data->sc; 2381 struct run_tx_ring *txq = &sc->txq[data->qid]; 2382 struct ifnet *ifp = &sc->sc_ic.ic_if; 2383 int s; 2384 2385 s = splnet(); 2386 txq->queued--; 2387 sc->qfullmsk &= ~(1 << data->qid); 2388 2389 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2390 DPRINTF(("TX status=%d\n", status)); 2391 if (status == USBD_STALLED) 2392 usbd_clear_endpoint_stall_async(txq->pipeh); 2393 ifp->if_oerrors++; 2394 splx(s); 2395 return; 2396 } 2397 2398 sc->sc_tx_timer = 0; 2399 ifq_clr_oactive(&ifp->if_snd); 2400 run_start(ifp); 2401 splx(s); 2402 } 2403 2404 int 2405 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2406 { 2407 struct ieee80211com *ic = &sc->sc_ic; 2408 struct run_node *rn = (void *)ni; 2409 struct ieee80211_frame *wh; 2410 struct run_tx_ring *ring; 2411 struct run_tx_data *data; 2412 struct rt2870_txd *txd; 2413 struct rt2860_txwi *txwi; 2414 uint16_t qos, dur; 2415 uint16_t txwisize; 2416 uint8_t type, mcs, tid, qid; 2417 int error, hasqos, ridx, ctl_ridx, xferlen; 2418 2419 wh = mtod(m, struct ieee80211_frame *); 2420 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2421 2422 if ((hasqos = ieee80211_has_qos(wh))) { 2423 qos = ieee80211_get_qos(wh); 2424 tid = qos & IEEE80211_QOS_TID; 2425 qid = ieee80211_up_to_ac(ic, tid); 2426 } else { 2427 qos = 0; 2428 tid = 0; 2429 qid = EDCA_AC_BE; 2430 } 2431 ring = &sc->txq[qid]; 2432 data = &ring->data[ring->cur]; 2433 2434 /* pickup a rate index */ 2435 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2436 type != IEEE80211_FC0_TYPE_DATA) { 2437 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2438 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2439 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2440 } else if (ic->ic_fixed_rate != -1) { 2441 ridx = sc->fixed_ridx; 2442 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2443 } else { 2444 ridx = rn->ridx[ni->ni_txrate]; 2445 ctl_ridx = rn->ctl_ridx[ni->ni_txrate]; 2446 } 2447 2448 /* get MCS code from rate index */ 2449 mcs = rt2860_rates[ridx].mcs; 2450 2451 txwisize = sizeof(struct rt2860_txwi); 2452 if (sc->mac_ver == 0x5592) 2453 txwisize += sizeof(uint32_t); 2454 xferlen = txwisize + m->m_pkthdr.len; 2455 2456 /* roundup to 32-bit alignment */ 2457 xferlen = (xferlen + 3) & ~3; 2458 2459 txd = (struct rt2870_txd *)data->buf; 2460 txd->flags = RT2860_TX_QSEL_EDCA; 2461 txd->len = htole16(xferlen); 2462 2463 /* setup TX Wireless Information */ 2464 txwi = (struct rt2860_txwi *)(txd + 1); 2465 txwi->flags = 0; 2466 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ; 2467 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2468 RUN_AID2WCID(ni->ni_associd) : 0xff; 2469 txwi->len = htole16(m->m_pkthdr.len); 2470 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2471 txwi->phy = htole16(RT2860_PHY_CCK); 2472 if (ridx != RT2860_RIDX_CCK1 && 2473 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2474 mcs |= RT2860_PHY_SHPRE; 2475 } else 2476 txwi->phy = htole16(RT2860_PHY_OFDM); 2477 txwi->phy |= htole16(mcs); 2478 2479 txwi->txop = RT2860_TX_TXOP_BACKOFF; 2480 2481 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2482 (!hasqos || (qos & IEEE80211_QOS_ACK_POLICY_MASK) != 2483 IEEE80211_QOS_ACK_POLICY_NOACK)) { 2484 txwi->xflags |= RT2860_TX_ACK; 2485 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2486 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 2487 else 2488 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 2489 *(uint16_t *)wh->i_dur = htole16(dur); 2490 } 2491 2492 #if NBPFILTER > 0 2493 if (__predict_false(sc->sc_drvbpf != NULL)) { 2494 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2495 struct mbuf mb; 2496 2497 tap->wt_flags = 0; 2498 tap->wt_rate = rt2860_rates[ridx].rate; 2499 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 2500 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 2501 if (mcs & RT2860_PHY_SHPRE) 2502 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2503 2504 mb.m_data = (caddr_t)tap; 2505 mb.m_len = sc->sc_txtap_len; 2506 mb.m_next = m; 2507 mb.m_nextpkt = NULL; 2508 mb.m_type = 0; 2509 mb.m_flags = 0; 2510 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 2511 } 2512 #endif 2513 2514 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)txwi + txwisize); 2515 m_freem(m); 2516 2517 xferlen += sizeof (*txd) + 4; 2518 2519 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen, 2520 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof); 2521 error = usbd_transfer(data->xfer); 2522 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 2523 return error; 2524 2525 ieee80211_release_node(ic, ni); 2526 2527 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT; 2528 if (++ring->queued >= RUN_TX_RING_COUNT) 2529 sc->qfullmsk |= 1 << qid; 2530 2531 return 0; 2532 } 2533 2534 void 2535 run_start(struct ifnet *ifp) 2536 { 2537 struct run_softc *sc = ifp->if_softc; 2538 struct ieee80211com *ic = &sc->sc_ic; 2539 struct ieee80211_node *ni; 2540 struct mbuf *m; 2541 2542 if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(&ifp->if_snd)) 2543 return; 2544 2545 for (;;) { 2546 if (sc->qfullmsk != 0) { 2547 ifq_set_oactive(&ifp->if_snd); 2548 break; 2549 } 2550 /* send pending management frames first */ 2551 m = mq_dequeue(&ic->ic_mgtq); 2552 if (m != NULL) { 2553 ni = m->m_pkthdr.ph_cookie; 2554 goto sendit; 2555 } 2556 if (ic->ic_state != IEEE80211_S_RUN) 2557 break; 2558 2559 /* encapsulate and send data frames */ 2560 m = ifq_dequeue(&ifp->if_snd); 2561 if (m == NULL) 2562 break; 2563 #if NBPFILTER > 0 2564 if (ifp->if_bpf != NULL) 2565 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 2566 #endif 2567 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 2568 continue; 2569 sendit: 2570 #if NBPFILTER > 0 2571 if (ic->ic_rawbpf != NULL) 2572 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 2573 #endif 2574 if (run_tx(sc, m, ni) != 0) { 2575 ieee80211_release_node(ic, ni); 2576 ifp->if_oerrors++; 2577 continue; 2578 } 2579 2580 sc->sc_tx_timer = 5; 2581 ifp->if_timer = 1; 2582 } 2583 } 2584 2585 void 2586 run_watchdog(struct ifnet *ifp) 2587 { 2588 struct run_softc *sc = ifp->if_softc; 2589 2590 ifp->if_timer = 0; 2591 2592 if (sc->sc_tx_timer > 0) { 2593 if (--sc->sc_tx_timer == 0) { 2594 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 2595 /* run_init(ifp); XXX needs a process context! */ 2596 ifp->if_oerrors++; 2597 return; 2598 } 2599 ifp->if_timer = 1; 2600 } 2601 2602 ieee80211_watchdog(ifp); 2603 } 2604 2605 int 2606 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2607 { 2608 struct run_softc *sc = ifp->if_softc; 2609 struct ieee80211com *ic = &sc->sc_ic; 2610 int s, error = 0; 2611 2612 if (usbd_is_dying(sc->sc_udev)) 2613 return ENXIO; 2614 2615 usbd_ref_incr(sc->sc_udev); 2616 2617 s = splnet(); 2618 2619 switch (cmd) { 2620 case SIOCSIFADDR: 2621 ifp->if_flags |= IFF_UP; 2622 /* FALLTHROUGH */ 2623 case SIOCSIFFLAGS: 2624 if (ifp->if_flags & IFF_UP) { 2625 if (!(ifp->if_flags & IFF_RUNNING)) 2626 run_init(ifp); 2627 } else { 2628 if (ifp->if_flags & IFF_RUNNING) 2629 run_stop(ifp, 1); 2630 } 2631 break; 2632 2633 case SIOCS80211CHANNEL: 2634 /* 2635 * This allows for fast channel switching in monitor mode 2636 * (used by kismet). 2637 */ 2638 error = ieee80211_ioctl(ifp, cmd, data); 2639 if (error == ENETRESET && 2640 ic->ic_opmode == IEEE80211_M_MONITOR) { 2641 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2642 (IFF_UP | IFF_RUNNING)) 2643 run_set_chan(sc, ic->ic_ibss_chan); 2644 error = 0; 2645 } 2646 break; 2647 2648 default: 2649 error = ieee80211_ioctl(ifp, cmd, data); 2650 } 2651 2652 if (error == ENETRESET) { 2653 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2654 (IFF_UP | IFF_RUNNING)) { 2655 run_stop(ifp, 0); 2656 run_init(ifp); 2657 } 2658 error = 0; 2659 } 2660 2661 splx(s); 2662 2663 usbd_ref_decr(sc->sc_udev); 2664 2665 return error; 2666 } 2667 2668 void 2669 run_iq_calib(struct run_softc *sc, u_int chan) 2670 { 2671 uint16_t val; 2672 2673 /* Tx0 IQ gain. */ 2674 run_bbp_write(sc, 158, 0x2c); 2675 if (chan <= 14) 2676 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val); 2677 else if (chan <= 64) { 2678 run_efuse_read(sc, 2679 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, &val); 2680 } else if (chan <= 138) { 2681 run_efuse_read(sc, 2682 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, &val); 2683 } else if (chan <= 165) { 2684 run_efuse_read(sc, 2685 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 2686 &val); 2687 } else 2688 val = 0; 2689 run_bbp_write(sc, 159, val); 2690 2691 /* Tx0 IQ phase. */ 2692 run_bbp_write(sc, 158, 0x2d); 2693 if (chan <= 14) { 2694 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, &val); 2695 } else if (chan <= 64) { 2696 run_efuse_read(sc, 2697 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, &val); 2698 } else if (chan <= 138) { 2699 run_efuse_read(sc, 2700 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, &val); 2701 } else if (chan <= 165) { 2702 run_efuse_read(sc, 2703 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, &val); 2704 } else 2705 val = 0; 2706 run_bbp_write(sc, 159, val); 2707 2708 /* Tx1 IQ gain. */ 2709 run_bbp_write(sc, 158, 0x4a); 2710 if (chan <= 14) { 2711 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, &val); 2712 } else if (chan <= 64) { 2713 run_efuse_read(sc, 2714 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, &val); 2715 } else if (chan <= 138) { 2716 run_efuse_read(sc, 2717 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, &val); 2718 } else if (chan <= 165) { 2719 run_efuse_read(sc, 2720 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, &val); 2721 } else 2722 val = 0; 2723 run_bbp_write(sc, 159, val); 2724 2725 /* Tx1 IQ phase. */ 2726 run_bbp_write(sc, 158, 0x4b); 2727 if (chan <= 14) { 2728 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, &val); 2729 } else if (chan <= 64) { 2730 run_efuse_read(sc, 2731 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, &val); 2732 } else if (chan <= 138) { 2733 run_efuse_read(sc, 2734 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, &val); 2735 } else if (chan <= 165) { 2736 run_efuse_read(sc, 2737 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, &val); 2738 } else 2739 val = 0; 2740 run_bbp_write(sc, 159, val); 2741 2742 /* RF IQ compensation control. */ 2743 run_bbp_write(sc, 158, 0x04); 2744 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, &val); 2745 run_bbp_write(sc, 159, val); 2746 2747 /* RF IQ imbalance compensation control. */ 2748 run_bbp_write(sc, 158, 0x03); 2749 run_efuse_read(sc, 2750 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val); 2751 run_bbp_write(sc, 159, val); 2752 } 2753 2754 void 2755 run_select_chan_group(struct run_softc *sc, int group) 2756 { 2757 uint32_t tmp; 2758 uint8_t agc; 2759 2760 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 2761 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 2762 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 2763 if (sc->mac_ver < 0x3572) 2764 run_bbp_write(sc, 86, 0x00); 2765 2766 if (sc->mac_ver == 0x3593) { 2767 run_bbp_write(sc, 77, 0x98); 2768 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 2769 } 2770 2771 if (group == 0) { 2772 if (sc->ext_2ghz_lna) { 2773 if (sc->mac_ver >= 0x5390) 2774 run_bbp_write(sc, 75, 0x52); 2775 else { 2776 run_bbp_write(sc, 82, 0x62); 2777 run_bbp_write(sc, 75, 0x46); 2778 } 2779 } else { 2780 if (sc->mac_ver == 0x5592) { 2781 run_bbp_write(sc, 79, 0x1c); 2782 run_bbp_write(sc, 80, 0x0e); 2783 run_bbp_write(sc, 81, 0x3a); 2784 run_bbp_write(sc, 82, 0x62); 2785 2786 run_bbp_write(sc, 195, 0x80); 2787 run_bbp_write(sc, 196, 0xe0); 2788 run_bbp_write(sc, 195, 0x81); 2789 run_bbp_write(sc, 196, 0x1f); 2790 run_bbp_write(sc, 195, 0x82); 2791 run_bbp_write(sc, 196, 0x38); 2792 run_bbp_write(sc, 195, 0x83); 2793 run_bbp_write(sc, 196, 0x32); 2794 run_bbp_write(sc, 195, 0x85); 2795 run_bbp_write(sc, 196, 0x28); 2796 run_bbp_write(sc, 195, 0x86); 2797 run_bbp_write(sc, 196, 0x19); 2798 } else if (sc->mac_ver >= 0x5390) 2799 run_bbp_write(sc, 75, 0x50); 2800 else { 2801 run_bbp_write(sc, 82, 2802 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 2803 run_bbp_write(sc, 75, 0x50); 2804 } 2805 } 2806 } else { 2807 if (sc->mac_ver == 0x5592) { 2808 run_bbp_write(sc, 79, 0x18); 2809 run_bbp_write(sc, 80, 0x08); 2810 run_bbp_write(sc, 81, 0x38); 2811 run_bbp_write(sc, 82, 0x92); 2812 2813 run_bbp_write(sc, 195, 0x80); 2814 run_bbp_write(sc, 196, 0xf0); 2815 run_bbp_write(sc, 195, 0x81); 2816 run_bbp_write(sc, 196, 0x1e); 2817 run_bbp_write(sc, 195, 0x82); 2818 run_bbp_write(sc, 196, 0x28); 2819 run_bbp_write(sc, 195, 0x83); 2820 run_bbp_write(sc, 196, 0x20); 2821 run_bbp_write(sc, 195, 0x85); 2822 run_bbp_write(sc, 196, 0x7f); 2823 run_bbp_write(sc, 195, 0x86); 2824 run_bbp_write(sc, 196, 0x7f); 2825 } else if (sc->mac_ver == 0x3572) 2826 run_bbp_write(sc, 82, 0x94); 2827 else 2828 run_bbp_write(sc, 82, 2829 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 2830 if (sc->ext_5ghz_lna) 2831 run_bbp_write(sc, 75, 0x46); 2832 else 2833 run_bbp_write(sc, 75, 0x50); 2834 } 2835 2836 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 2837 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 2838 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 2839 run_write(sc, RT2860_TX_BAND_CFG, tmp); 2840 2841 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 2842 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 2843 if (sc->mac_ver == 0x3593) 2844 tmp |= 1 << 29 | 1 << 28; 2845 if (sc->nrxchains > 1) 2846 tmp |= RT2860_LNA_PE1_EN; 2847 if (group == 0) { /* 2GHz */ 2848 tmp |= RT2860_PA_PE_G0_EN; 2849 if (sc->ntxchains > 1) 2850 tmp |= RT2860_PA_PE_G1_EN; 2851 if (sc->mac_ver == 0x3593) { 2852 if (sc->ntxchains > 2) 2853 tmp |= 1 << 25; 2854 } 2855 } else { /* 5GHz */ 2856 tmp |= RT2860_PA_PE_A0_EN; 2857 if (sc->ntxchains > 1) 2858 tmp |= RT2860_PA_PE_A1_EN; 2859 } 2860 if (sc->mac_ver == 0x3572) { 2861 run_rt3070_rf_write(sc, 8, 0x00); 2862 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2863 run_rt3070_rf_write(sc, 8, 0x80); 2864 } else 2865 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2866 2867 if (sc->mac_ver == 0x5592) { 2868 run_bbp_write(sc, 195, 0x8d); 2869 run_bbp_write(sc, 196, 0x1a); 2870 } 2871 2872 if (sc->mac_ver == 0x3593) { 2873 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2874 tmp &= ~0x01010000; 2875 if (group == 0) 2876 tmp |= 0x00010000; 2877 tmp = (tmp & ~0x00009090) | 0x00000090; 2878 run_write(sc, RT2860_GPIO_CTRL, tmp); 2879 } 2880 2881 /* set initial AGC value */ 2882 if (group == 0) { /* 2GHz band */ 2883 if (sc->mac_ver >= 0x3070) 2884 agc = 0x1c + sc->lna[0] * 2; 2885 else 2886 agc = 0x2e + sc->lna[0]; 2887 } else { /* 5GHz band */ 2888 if (sc->mac_ver == 0x5592) 2889 agc = 0x24 + sc->lna[group] * 2; 2890 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 2891 agc = 0x22 + (sc->lna[group] * 5) / 3; 2892 else 2893 agc = 0x32 + (sc->lna[group] * 5) / 3; 2894 } 2895 run_set_agc(sc, agc); 2896 } 2897 2898 void 2899 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 2900 { 2901 const struct rfprog *rfprog = rt2860_rf2850; 2902 uint32_t r2, r3, r4; 2903 int8_t txpow1, txpow2; 2904 int i; 2905 2906 /* find the settings for this channel (we know it exists) */ 2907 for (i = 0; rfprog[i].chan != chan; i++); 2908 2909 r2 = rfprog[i].r2; 2910 if (sc->ntxchains == 1) 2911 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 2912 if (sc->nrxchains == 1) 2913 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2914 else if (sc->nrxchains == 2) 2915 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 2916 2917 /* use Tx power values from EEPROM */ 2918 txpow1 = sc->txpow1[i]; 2919 txpow2 = sc->txpow2[i]; 2920 if (chan > 14) { 2921 if (txpow1 >= 0) 2922 txpow1 = txpow1 << 1 | 1; 2923 else 2924 txpow1 = (7 + txpow1) << 1; 2925 if (txpow2 >= 0) 2926 txpow2 = txpow2 << 1 | 1; 2927 else 2928 txpow2 = (7 + txpow2) << 1; 2929 } 2930 r3 = rfprog[i].r3 | txpow1 << 7; 2931 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 2932 2933 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2934 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2935 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2936 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2937 2938 DELAY(200); 2939 2940 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2941 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2942 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 2943 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2944 2945 DELAY(200); 2946 2947 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2948 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2949 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2950 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2951 } 2952 2953 void 2954 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 2955 { 2956 int8_t txpow1, txpow2; 2957 uint8_t rf; 2958 int i; 2959 2960 /* find the settings for this channel (we know it exists) */ 2961 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 2962 2963 /* use Tx power values from EEPROM */ 2964 txpow1 = sc->txpow1[i]; 2965 txpow2 = sc->txpow2[i]; 2966 2967 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2968 2969 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 2970 run_rt3070_rf_read(sc, 3, &rf); 2971 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 2972 run_rt3070_rf_write(sc, 3, rf); 2973 2974 run_rt3070_rf_read(sc, 6, &rf); 2975 rf = (rf & ~0x03) | rt3070_freqs[i].r; 2976 run_rt3070_rf_write(sc, 6, rf); 2977 2978 /* set Tx0 power */ 2979 run_rt3070_rf_read(sc, 12, &rf); 2980 rf = (rf & ~0x1f) | txpow1; 2981 run_rt3070_rf_write(sc, 12, rf); 2982 2983 /* set Tx1 power */ 2984 run_rt3070_rf_read(sc, 13, &rf); 2985 rf = (rf & ~0x1f) | txpow2; 2986 run_rt3070_rf_write(sc, 13, rf); 2987 2988 run_rt3070_rf_read(sc, 1, &rf); 2989 rf &= ~0xfc; 2990 if (sc->ntxchains == 1) 2991 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2992 else if (sc->ntxchains == 2) 2993 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2994 if (sc->nrxchains == 1) 2995 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2996 else if (sc->nrxchains == 2) 2997 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2998 run_rt3070_rf_write(sc, 1, rf); 2999 3000 /* set RF offset */ 3001 run_rt3070_rf_read(sc, 23, &rf); 3002 rf = (rf & ~0x7f) | sc->freq; 3003 run_rt3070_rf_write(sc, 23, rf); 3004 3005 /* program RF filter */ 3006 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 3007 rf = (rf & ~0x3f) | sc->rf24_20mhz; 3008 run_rt3070_rf_write(sc, 24, rf); 3009 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 3010 rf = (rf & ~0x3f) | sc->rf24_20mhz; 3011 run_rt3070_rf_write(sc, 31, rf); 3012 3013 /* enable RF tuning */ 3014 run_rt3070_rf_read(sc, 7, &rf); 3015 run_rt3070_rf_write(sc, 7, rf | 0x01); 3016 } 3017 3018 void 3019 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 3020 { 3021 int8_t txpow1, txpow2; 3022 uint32_t tmp; 3023 uint8_t rf; 3024 int i; 3025 3026 /* find the settings for this channel (we know it exists) */ 3027 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3028 3029 /* use Tx power values from EEPROM */ 3030 txpow1 = sc->txpow1[i]; 3031 txpow2 = sc->txpow2[i]; 3032 3033 if (chan <= 14) { 3034 run_bbp_write(sc, 25, sc->bbp25); 3035 run_bbp_write(sc, 26, sc->bbp26); 3036 } else { 3037 /* enable IQ phase correction */ 3038 run_bbp_write(sc, 25, 0x09); 3039 run_bbp_write(sc, 26, 0xff); 3040 } 3041 3042 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 3043 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 3044 run_rt3070_rf_read(sc, 6, &rf); 3045 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 3046 rf |= (chan <= 14) ? 0x08 : 0x04; 3047 run_rt3070_rf_write(sc, 6, rf); 3048 3049 /* set PLL mode */ 3050 run_rt3070_rf_read(sc, 5, &rf); 3051 rf &= ~(0x08 | 0x04); 3052 rf |= (chan <= 14) ? 0x04 : 0x08; 3053 run_rt3070_rf_write(sc, 5, rf); 3054 3055 /* set Tx power for chain 0 */ 3056 if (chan <= 14) 3057 rf = 0x60 | txpow1; 3058 else 3059 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 3060 run_rt3070_rf_write(sc, 12, rf); 3061 3062 /* set Tx power for chain 1 */ 3063 if (chan <= 14) 3064 rf = 0x60 | txpow2; 3065 else 3066 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 3067 run_rt3070_rf_write(sc, 13, rf); 3068 3069 /* set Tx/Rx streams */ 3070 run_rt3070_rf_read(sc, 1, &rf); 3071 rf &= ~0xfc; 3072 if (sc->ntxchains == 1) 3073 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 3074 else if (sc->ntxchains == 2) 3075 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 3076 if (sc->nrxchains == 1) 3077 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 3078 else if (sc->nrxchains == 2) 3079 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 3080 run_rt3070_rf_write(sc, 1, rf); 3081 3082 /* set RF offset */ 3083 run_rt3070_rf_read(sc, 23, &rf); 3084 rf = (rf & ~0x7f) | sc->freq; 3085 run_rt3070_rf_write(sc, 23, rf); 3086 3087 /* program RF filter */ 3088 rf = sc->rf24_20mhz; 3089 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 3090 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 3091 3092 /* enable RF tuning */ 3093 run_rt3070_rf_read(sc, 7, &rf); 3094 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 3095 run_rt3070_rf_write(sc, 7, rf); 3096 3097 /* TSSI */ 3098 rf = (chan <= 14) ? 0xc3 : 0xc0; 3099 run_rt3070_rf_write(sc, 9, rf); 3100 3101 /* set loop filter 1 */ 3102 run_rt3070_rf_write(sc, 10, 0xf1); 3103 /* set loop filter 2 */ 3104 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 3105 3106 /* set tx_mx2_ic */ 3107 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 3108 /* set tx_mx1_ic */ 3109 if (chan <= 14) 3110 rf = 0x48 | sc->txmixgain_2ghz; 3111 else 3112 rf = 0x78 | sc->txmixgain_5ghz; 3113 run_rt3070_rf_write(sc, 16, rf); 3114 3115 /* set tx_lo1 */ 3116 run_rt3070_rf_write(sc, 17, 0x23); 3117 /* set tx_lo2 */ 3118 if (chan <= 14) 3119 rf = 0x93; 3120 else if (chan <= 64) 3121 rf = 0xb7; 3122 else if (chan <= 128) 3123 rf = 0x74; 3124 else 3125 rf = 0x72; 3126 run_rt3070_rf_write(sc, 19, rf); 3127 3128 /* set rx_lo1 */ 3129 if (chan <= 14) 3130 rf = 0xb3; 3131 else if (chan <= 64) 3132 rf = 0xf6; 3133 else if (chan <= 128) 3134 rf = 0xf4; 3135 else 3136 rf = 0xf3; 3137 run_rt3070_rf_write(sc, 20, rf); 3138 3139 /* set pfd_delay */ 3140 if (chan <= 14) 3141 rf = 0x15; 3142 else if (chan <= 64) 3143 rf = 0x3d; 3144 else 3145 rf = 0x01; 3146 run_rt3070_rf_write(sc, 25, rf); 3147 3148 /* set rx_lo2 */ 3149 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 3150 /* set ldo_rf_vc */ 3151 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 3152 /* set drv_cc */ 3153 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 3154 3155 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3156 tmp &= ~0x8080; 3157 if (chan <= 14) 3158 tmp |= 0x80; 3159 run_write(sc, RT2860_GPIO_CTRL, tmp); 3160 3161 /* enable RF tuning */ 3162 run_rt3070_rf_read(sc, 7, &rf); 3163 run_rt3070_rf_write(sc, 7, rf | 0x01); 3164 3165 DELAY(2000); 3166 } 3167 3168 void 3169 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 3170 { 3171 int8_t txpow1, txpow2, txpow3; 3172 uint8_t h20mhz, rf; 3173 int i; 3174 3175 /* find the settings for this channel (we know it exists) */ 3176 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3177 3178 /* use Tx power values from EEPROM */ 3179 txpow1 = sc->txpow1[i]; 3180 txpow2 = sc->txpow2[i]; 3181 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 3182 3183 if (chan <= 14) { 3184 run_bbp_write(sc, 25, sc->bbp25); 3185 run_bbp_write(sc, 26, sc->bbp26); 3186 } else { 3187 /* Enable IQ phase correction. */ 3188 run_bbp_write(sc, 25, 0x09); 3189 run_bbp_write(sc, 26, 0xff); 3190 } 3191 3192 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 3193 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 3194 run_rt3070_rf_read(sc, 11, &rf); 3195 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 3196 run_rt3070_rf_write(sc, 11, rf); 3197 3198 /* Set pll_idoh. */ 3199 run_rt3070_rf_read(sc, 11, &rf); 3200 rf &= ~0x4c; 3201 rf |= (chan <= 14) ? 0x44 : 0x48; 3202 run_rt3070_rf_write(sc, 11, rf); 3203 3204 if (chan <= 14) 3205 rf = txpow1 & 0x1f; 3206 else 3207 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 3208 run_rt3070_rf_write(sc, 53, rf); 3209 3210 if (chan <= 14) 3211 rf = txpow2 & 0x1f; 3212 else 3213 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 3214 run_rt3070_rf_write(sc, 55, rf); 3215 3216 if (chan <= 14) 3217 rf = txpow3 & 0x1f; 3218 else 3219 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 3220 run_rt3070_rf_write(sc, 54, rf); 3221 3222 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 3223 if (sc->ntxchains == 3) 3224 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 3225 else 3226 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 3227 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 3228 run_rt3070_rf_write(sc, 1, rf); 3229 3230 run_adjust_freq_offset(sc); 3231 3232 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 3233 3234 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 3235 run_rt3070_rf_read(sc, 30, &rf); 3236 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 3237 run_rt3070_rf_write(sc, 30, rf); 3238 3239 run_rt3070_rf_read(sc, 36, &rf); 3240 if (chan <= 14) 3241 rf |= 0x80; 3242 else 3243 rf &= ~0x80; 3244 run_rt3070_rf_write(sc, 36, rf); 3245 3246 /* Set vcolo_bs. */ 3247 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 3248 /* Set pfd_delay. */ 3249 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 3250 3251 /* Set vco bias current control. */ 3252 run_rt3070_rf_read(sc, 6, &rf); 3253 rf &= ~0xc0; 3254 if (chan <= 14) 3255 rf |= 0x40; 3256 else if (chan <= 128) 3257 rf |= 0x80; 3258 else 3259 rf |= 0x40; 3260 run_rt3070_rf_write(sc, 6, rf); 3261 3262 run_rt3070_rf_read(sc, 30, &rf); 3263 rf = (rf & ~0x18) | 0x10; 3264 run_rt3070_rf_write(sc, 30, rf); 3265 3266 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 3267 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 3268 3269 run_rt3070_rf_read(sc, 51, &rf); 3270 rf = (rf & ~0x03) | 0x01; 3271 run_rt3070_rf_write(sc, 51, rf); 3272 /* Set tx_mx1_cc. */ 3273 run_rt3070_rf_read(sc, 51, &rf); 3274 rf &= ~0x1c; 3275 rf |= (chan <= 14) ? 0x14 : 0x10; 3276 run_rt3070_rf_write(sc, 51, rf); 3277 /* Set tx_mx1_ic. */ 3278 run_rt3070_rf_read(sc, 51, &rf); 3279 rf &= ~0xe0; 3280 rf |= (chan <= 14) ? 0x60 : 0x40; 3281 run_rt3070_rf_write(sc, 51, rf); 3282 /* Set tx_lo1_ic. */ 3283 run_rt3070_rf_read(sc, 49, &rf); 3284 rf &= ~0x1c; 3285 rf |= (chan <= 14) ? 0x0c : 0x08; 3286 run_rt3070_rf_write(sc, 49, rf); 3287 /* Set tx_lo1_en. */ 3288 run_rt3070_rf_read(sc, 50, &rf); 3289 run_rt3070_rf_write(sc, 50, rf & ~0x20); 3290 /* Set drv_cc. */ 3291 run_rt3070_rf_read(sc, 57, &rf); 3292 rf &= ~0xfc; 3293 rf |= (chan <= 14) ? 0x6c : 0x3c; 3294 run_rt3070_rf_write(sc, 57, rf); 3295 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 3296 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 3297 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 3298 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 3299 /* Enable VCO calibration. */ 3300 run_rt3070_rf_read(sc, 3, &rf); 3301 rf &= ~RT3593_VCOCAL; 3302 rf |= (chan <= 14) ? RT3593_VCOCAL : 0xbe; 3303 run_rt3070_rf_write(sc, 3, rf); 3304 3305 if (chan <= 14) 3306 rf = 0x23; 3307 else if (chan <= 64) 3308 rf = 0x36; 3309 else if (chan <= 128) 3310 rf = 0x32; 3311 else 3312 rf = 0x30; 3313 run_rt3070_rf_write(sc, 39, rf); 3314 if (chan <= 14) 3315 rf = 0xbb; 3316 else if (chan <= 64) 3317 rf = 0xeb; 3318 else if (chan <= 128) 3319 rf = 0xb3; 3320 else 3321 rf = 0x9b; 3322 run_rt3070_rf_write(sc, 45, rf); 3323 3324 /* Set FEQ/AEQ control. */ 3325 run_bbp_write(sc, 105, 0x34); 3326 } 3327 3328 void 3329 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 3330 { 3331 int8_t txpow1, txpow2; 3332 uint8_t rf; 3333 int i; 3334 3335 /* find the settings for this channel (we know it exists) */ 3336 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3337 3338 /* use Tx power values from EEPROM */ 3339 txpow1 = sc->txpow1[i]; 3340 txpow2 = sc->txpow2[i]; 3341 3342 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 3343 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 3344 run_rt3070_rf_read(sc, 11, &rf); 3345 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 3346 run_rt3070_rf_write(sc, 11, rf); 3347 3348 run_rt3070_rf_read(sc, 49, &rf); 3349 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 3350 /* The valid range of the RF R49 is 0x00 to 0x27. */ 3351 if ((rf & 0x3f) > 0x27) 3352 rf = (rf & ~0x3f) | 0x27; 3353 run_rt3070_rf_write(sc, 49, rf); 3354 3355 if (sc->mac_ver == 0x5392) { 3356 run_rt3070_rf_read(sc, 50, &rf); 3357 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 3358 /* The valid range of the RF R50 is 0x00 to 0x27. */ 3359 if ((rf & 0x3f) > 0x27) 3360 rf = (rf & ~0x3f) | 0x27; 3361 run_rt3070_rf_write(sc, 50, rf); 3362 } 3363 3364 run_rt3070_rf_read(sc, 1, &rf); 3365 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 3366 if (sc->mac_ver == 0x5392) 3367 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 3368 run_rt3070_rf_write(sc, 1, rf); 3369 3370 if (sc->mac_ver != 0x5392) { 3371 run_rt3070_rf_read(sc, 2, &rf); 3372 rf |= 0x80; 3373 run_rt3070_rf_write(sc, 2, rf); 3374 DELAY(10); 3375 rf &= 0x7f; 3376 run_rt3070_rf_write(sc, 2, rf); 3377 } 3378 3379 run_adjust_freq_offset(sc); 3380 3381 if (sc->mac_ver == 0x5392) { 3382 /* Fix for RT5392C. */ 3383 if (sc->mac_rev >= 0x0223) { 3384 if (chan <= 4) 3385 rf = 0x0f; 3386 else if (chan >= 5 && chan <= 7) 3387 rf = 0x0e; 3388 else 3389 rf = 0x0d; 3390 run_rt3070_rf_write(sc, 23, rf); 3391 3392 if (chan <= 4) 3393 rf = 0x0c; 3394 else if (chan == 5) 3395 rf = 0x0b; 3396 else if (chan >= 6 && chan <= 7) 3397 rf = 0x0a; 3398 else if (chan >= 8 && chan <= 10) 3399 rf = 0x09; 3400 else 3401 rf = 0x08; 3402 run_rt3070_rf_write(sc, 59, rf); 3403 } else { 3404 if (chan <= 11) 3405 rf = 0x0f; 3406 else 3407 rf = 0x0b; 3408 run_rt3070_rf_write(sc, 59, rf); 3409 } 3410 } else { 3411 /* Fix for RT5390F. */ 3412 if (sc->mac_rev >= 0x0502) { 3413 if (chan <= 11) 3414 rf = 0x43; 3415 else 3416 rf = 0x23; 3417 run_rt3070_rf_write(sc, 55, rf); 3418 3419 if (chan <= 11) 3420 rf = 0x0f; 3421 else if (chan == 12) 3422 rf = 0x0d; 3423 else 3424 rf = 0x0b; 3425 run_rt3070_rf_write(sc, 59, rf); 3426 } else { 3427 run_rt3070_rf_write(sc, 55, 0x44); 3428 run_rt3070_rf_write(sc, 59, 0x8f); 3429 } 3430 } 3431 3432 /* Enable VCO calibration. */ 3433 run_rt3070_rf_read(sc, 3, &rf); 3434 rf |= RT3593_VCOCAL; 3435 run_rt3070_rf_write(sc, 3, rf); 3436 } 3437 3438 void 3439 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 3440 { 3441 const struct rt5592_freqs *freqs; 3442 uint32_t tmp; 3443 uint8_t reg, rf, txpow_bound; 3444 int8_t txpow1, txpow2; 3445 int i; 3446 3447 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 3448 freqs = (tmp & RT5592_SEL_XTAL) ? 3449 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 3450 3451 /* find the settings for this channel (we know it exists) */ 3452 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 3453 3454 /* use Tx power values from EEPROM */ 3455 txpow1 = sc->txpow1[i]; 3456 txpow2 = sc->txpow2[i]; 3457 3458 run_read(sc, RT3070_LDO_CFG0, &tmp); 3459 tmp &= ~0x1c000000; 3460 if (chan > 14) 3461 tmp |= 0x14000000; 3462 run_write(sc, RT3070_LDO_CFG0, tmp); 3463 3464 /* N setting. */ 3465 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 3466 run_rt3070_rf_read(sc, 9, &rf); 3467 rf &= ~(1 << 4); 3468 rf |= ((freqs->n & 0x0100) >> 8) << 4; 3469 run_rt3070_rf_write(sc, 9, rf); 3470 3471 /* K setting. */ 3472 run_rt3070_rf_read(sc, 9, &rf); 3473 rf &= ~0x0f; 3474 rf |= (freqs->k & 0x0f); 3475 run_rt3070_rf_write(sc, 9, rf); 3476 3477 /* Mode setting. */ 3478 run_rt3070_rf_read(sc, 11, &rf); 3479 rf &= ~0x0c; 3480 rf |= ((freqs->m - 0x8) & 0x3) << 2; 3481 run_rt3070_rf_write(sc, 11, rf); 3482 run_rt3070_rf_read(sc, 9, &rf); 3483 rf &= ~(1 << 7); 3484 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 3485 run_rt3070_rf_write(sc, 9, rf); 3486 3487 /* R setting. */ 3488 run_rt3070_rf_read(sc, 11, &rf); 3489 rf &= ~0x03; 3490 rf |= (freqs->r - 0x1); 3491 run_rt3070_rf_write(sc, 11, rf); 3492 3493 if (chan <= 14) { 3494 /* Initialize RF registers for 2GHZ. */ 3495 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 3496 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 3497 rt5592_2ghz_def_rf[i].val); 3498 } 3499 3500 rf = (chan <= 10) ? 0x07 : 0x06; 3501 run_rt3070_rf_write(sc, 23, rf); 3502 run_rt3070_rf_write(sc, 59, rf); 3503 3504 run_rt3070_rf_write(sc, 55, 0x43); 3505 3506 /* 3507 * RF R49/R50 Tx power ALC code. 3508 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 3509 */ 3510 reg = 2; 3511 txpow_bound = 0x27; 3512 } else { 3513 /* Initialize RF registers for 5GHZ. */ 3514 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 3515 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 3516 rt5592_5ghz_def_rf[i].val); 3517 } 3518 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 3519 if (chan >= rt5592_chan_5ghz[i].firstchan && 3520 chan <= rt5592_chan_5ghz[i].lastchan) { 3521 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 3522 rt5592_chan_5ghz[i].val); 3523 } 3524 } 3525 3526 /* 3527 * RF R49/R50 Tx power ALC code. 3528 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 3529 */ 3530 reg = 3; 3531 txpow_bound = 0x2b; 3532 } 3533 3534 /* RF R49 ch0 Tx power ALC code. */ 3535 run_rt3070_rf_read(sc, 49, &rf); 3536 rf &= ~0xc0; 3537 rf |= (reg << 6); 3538 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 3539 if ((rf & 0x3f) > txpow_bound) 3540 rf = (rf & ~0x3f) | txpow_bound; 3541 run_rt3070_rf_write(sc, 49, rf); 3542 3543 /* RF R50 ch1 Tx power ALC code. */ 3544 run_rt3070_rf_read(sc, 50, &rf); 3545 rf &= ~(1 << 7 | 1 << 6); 3546 rf |= (reg << 6); 3547 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 3548 if ((rf & 0x3f) > txpow_bound) 3549 rf = (rf & ~0x3f) | txpow_bound; 3550 run_rt3070_rf_write(sc, 50, rf); 3551 3552 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 3553 run_rt3070_rf_read(sc, 1, &rf); 3554 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 3555 if (sc->ntxchains > 1) 3556 rf |= RT3070_TX1_PD; 3557 if (sc->nrxchains > 1) 3558 rf |= RT3070_RX1_PD; 3559 run_rt3070_rf_write(sc, 1, rf); 3560 3561 run_rt3070_rf_write(sc, 6, 0xe4); 3562 3563 run_rt3070_rf_write(sc, 30, 0x10); 3564 run_rt3070_rf_write(sc, 31, 0x80); 3565 run_rt3070_rf_write(sc, 32, 0x80); 3566 3567 run_adjust_freq_offset(sc); 3568 3569 /* Enable VCO calibration. */ 3570 run_rt3070_rf_read(sc, 3, &rf); 3571 rf |= RT3593_VCOCAL; 3572 run_rt3070_rf_write(sc, 3, rf); 3573 } 3574 3575 void 3576 run_set_agc(struct run_softc *sc, uint8_t agc) 3577 { 3578 uint8_t bbp; 3579 3580 if (sc->mac_ver == 0x3572) { 3581 run_bbp_read(sc, 27, &bbp); 3582 bbp &= ~(0x3 << 5); 3583 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3584 run_bbp_write(sc, 66, agc); 3585 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3586 run_bbp_write(sc, 66, agc); 3587 } else 3588 run_bbp_write(sc, 66, agc); 3589 } 3590 3591 void 3592 run_set_rx_antenna(struct run_softc *sc, int aux) 3593 { 3594 uint32_t tmp; 3595 uint8_t bbp152; 3596 3597 if (aux) { 3598 if (sc->rf_rev == RT5390_RF_5370) { 3599 run_bbp_read(sc, 152, &bbp152); 3600 run_bbp_write(sc, 152, bbp152 & ~0x80); 3601 } else { 3602 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 3603 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3604 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 3605 } 3606 } else { 3607 if (sc->rf_rev == RT5390_RF_5370) { 3608 run_bbp_read(sc, 152, &bbp152); 3609 run_bbp_write(sc, 152, bbp152 | 0x80); 3610 } else { 3611 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 3612 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3613 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 3614 } 3615 } 3616 } 3617 3618 int 3619 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 3620 { 3621 struct ieee80211com *ic = &sc->sc_ic; 3622 u_int chan, group; 3623 3624 chan = ieee80211_chan2ieee(ic, c); 3625 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 3626 return EINVAL; 3627 3628 if (sc->mac_ver == 0x5592) 3629 run_rt5592_set_chan(sc, chan); 3630 else if (sc->mac_ver >= 0x5390) 3631 run_rt5390_set_chan(sc, chan); 3632 else if (sc->mac_ver == 0x3593) 3633 run_rt3593_set_chan(sc, chan); 3634 else if (sc->mac_ver == 0x3572) 3635 run_rt3572_set_chan(sc, chan); 3636 else if (sc->mac_ver >= 0x3070) 3637 run_rt3070_set_chan(sc, chan); 3638 else 3639 run_rt2870_set_chan(sc, chan); 3640 3641 /* determine channel group */ 3642 if (chan <= 14) 3643 group = 0; 3644 else if (chan <= 64) 3645 group = 1; 3646 else if (chan <= 128) 3647 group = 2; 3648 else 3649 group = 3; 3650 3651 /* XXX necessary only when group has changed! */ 3652 run_select_chan_group(sc, group); 3653 3654 DELAY(1000); 3655 3656 /* Perform IQ calibration. */ 3657 if (sc->mac_ver >= 0x5392) 3658 run_iq_calib(sc, chan); 3659 3660 return 0; 3661 } 3662 3663 void 3664 run_enable_tsf_sync(struct run_softc *sc) 3665 { 3666 struct ieee80211com *ic = &sc->sc_ic; 3667 uint32_t tmp; 3668 3669 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3670 tmp &= ~0x1fffff; 3671 tmp |= ic->ic_bss->ni_intval * 16; 3672 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 3673 /* local TSF is always updated with remote TSF on beacon reception */ 3674 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 3675 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3676 } 3677 3678 void 3679 run_enable_mrr(struct run_softc *sc) 3680 { 3681 #define CCK(mcs) (mcs) 3682 #define OFDM(mcs) (1 << 3 | (mcs)) 3683 run_write(sc, RT2860_LG_FBK_CFG0, 3684 OFDM(6) << 28 | /* 54->48 */ 3685 OFDM(5) << 24 | /* 48->36 */ 3686 OFDM(4) << 20 | /* 36->24 */ 3687 OFDM(3) << 16 | /* 24->18 */ 3688 OFDM(2) << 12 | /* 18->12 */ 3689 OFDM(1) << 8 | /* 12-> 9 */ 3690 OFDM(0) << 4 | /* 9-> 6 */ 3691 OFDM(0)); /* 6-> 6 */ 3692 3693 run_write(sc, RT2860_LG_FBK_CFG1, 3694 CCK(2) << 12 | /* 11->5.5 */ 3695 CCK(1) << 8 | /* 5.5-> 2 */ 3696 CCK(0) << 4 | /* 2-> 1 */ 3697 CCK(0)); /* 1-> 1 */ 3698 #undef OFDM 3699 #undef CCK 3700 } 3701 3702 void 3703 run_set_txpreamble(struct run_softc *sc) 3704 { 3705 uint32_t tmp; 3706 3707 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 3708 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 3709 tmp |= RT2860_CCK_SHORT_EN; 3710 else 3711 tmp &= ~RT2860_CCK_SHORT_EN; 3712 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 3713 } 3714 3715 void 3716 run_set_basicrates(struct run_softc *sc) 3717 { 3718 struct ieee80211com *ic = &sc->sc_ic; 3719 3720 /* set basic rates mask */ 3721 if (ic->ic_curmode == IEEE80211_MODE_11B) 3722 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 3723 else if (ic->ic_curmode == IEEE80211_MODE_11A) 3724 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 3725 else /* 11g */ 3726 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 3727 } 3728 3729 void 3730 run_set_leds(struct run_softc *sc, uint16_t which) 3731 { 3732 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 3733 which | (sc->leds & 0x7f)); 3734 } 3735 3736 void 3737 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 3738 { 3739 run_write(sc, RT2860_MAC_BSSID_DW0, 3740 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3741 run_write(sc, RT2860_MAC_BSSID_DW1, 3742 bssid[4] | bssid[5] << 8); 3743 } 3744 3745 void 3746 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 3747 { 3748 run_write(sc, RT2860_MAC_ADDR_DW0, 3749 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3750 run_write(sc, RT2860_MAC_ADDR_DW1, 3751 addr[4] | addr[5] << 8 | 0xff << 16); 3752 } 3753 3754 void 3755 run_updateslot(struct ieee80211com *ic) 3756 { 3757 /* do it in a process context */ 3758 run_do_async(ic->ic_softc, run_updateslot_cb, NULL, 0); 3759 } 3760 3761 /* ARGSUSED */ 3762 void 3763 run_updateslot_cb(struct run_softc *sc, void *arg) 3764 { 3765 uint32_t tmp; 3766 3767 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 3768 tmp &= ~0xff; 3769 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 3770 IEEE80211_DUR_DS_SHSLOT : IEEE80211_DUR_DS_SLOT; 3771 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 3772 } 3773 3774 #if NBPFILTER > 0 3775 int8_t 3776 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 3777 { 3778 struct ieee80211com *ic = &sc->sc_ic; 3779 struct ieee80211_channel *c = ic->ic_ibss_chan; 3780 int delta; 3781 3782 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3783 u_int chan = ieee80211_chan2ieee(ic, c); 3784 delta = sc->rssi_5ghz[rxchain]; 3785 3786 /* determine channel group */ 3787 if (chan <= 64) 3788 delta -= sc->lna[1]; 3789 else if (chan <= 128) 3790 delta -= sc->lna[2]; 3791 else 3792 delta -= sc->lna[3]; 3793 } else 3794 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 3795 3796 return -12 - delta - rssi; 3797 } 3798 #endif 3799 3800 void 3801 run_rt5390_bbp_init(struct run_softc *sc) 3802 { 3803 int i; 3804 uint8_t bbp; 3805 3806 /* Apply maximum likelihood detection for 2 stream case. */ 3807 run_bbp_read(sc, 105, &bbp); 3808 if (sc->nrxchains > 1) 3809 run_bbp_write(sc, 105, bbp | RT5390_MLD); 3810 3811 /* Avoid data lost and CRC error. */ 3812 run_bbp_read(sc, 4, &bbp); 3813 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 3814 3815 if (sc->mac_ver == 0x5592) { 3816 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 3817 run_bbp_write(sc, rt5592_def_bbp[i].reg, 3818 rt5592_def_bbp[i].val); 3819 } 3820 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 3821 run_bbp_write(sc, 195, i + 0x80); 3822 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 3823 } 3824 } else { 3825 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 3826 run_bbp_write(sc, rt5390_def_bbp[i].reg, 3827 rt5390_def_bbp[i].val); 3828 } 3829 } 3830 if (sc->mac_ver == 0x5392) { 3831 run_bbp_write(sc, 88, 0x90); 3832 run_bbp_write(sc, 95, 0x9a); 3833 run_bbp_write(sc, 98, 0x12); 3834 run_bbp_write(sc, 106, 0x12); 3835 run_bbp_write(sc, 134, 0xd0); 3836 run_bbp_write(sc, 135, 0xf6); 3837 run_bbp_write(sc, 148, 0x84); 3838 } 3839 3840 run_bbp_read(sc, 152, &bbp); 3841 run_bbp_write(sc, 152, bbp | 0x80); 3842 3843 /* Fix BBP254 for RT5592C. */ 3844 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 3845 run_bbp_read(sc, 254, &bbp); 3846 run_bbp_write(sc, 254, bbp | 0x80); 3847 } 3848 3849 /* Disable hardware antenna diversity. */ 3850 if (sc->mac_ver == 0x5390) 3851 run_bbp_write(sc, 154, 0); 3852 3853 /* Initialize Rx CCK/OFDM frequency offset report. */ 3854 run_bbp_write(sc, 142, 1); 3855 run_bbp_write(sc, 143, 57); 3856 } 3857 3858 int 3859 run_bbp_init(struct run_softc *sc) 3860 { 3861 int i, error, ntries; 3862 uint8_t bbp0; 3863 3864 /* wait for BBP to wake up */ 3865 for (ntries = 0; ntries < 20; ntries++) { 3866 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 3867 return error; 3868 if (bbp0 != 0 && bbp0 != 0xff) 3869 break; 3870 } 3871 if (ntries == 20) 3872 return ETIMEDOUT; 3873 3874 /* initialize BBP registers to default values */ 3875 if (sc->mac_ver >= 0x5390) 3876 run_rt5390_bbp_init(sc); 3877 else { 3878 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 3879 run_bbp_write(sc, rt2860_def_bbp[i].reg, 3880 rt2860_def_bbp[i].val); 3881 } 3882 } 3883 3884 if (sc->mac_ver == 0x3593) { 3885 run_bbp_write(sc, 79, 0x13); 3886 run_bbp_write(sc, 80, 0x05); 3887 run_bbp_write(sc, 81, 0x33); 3888 run_bbp_write(sc, 86, 0x46); 3889 run_bbp_write(sc, 137, 0x0f); 3890 } 3891 3892 /* fix BBP84 for RT2860E */ 3893 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 3894 run_bbp_write(sc, 84, 0x19); 3895 3896 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 3897 sc->mac_ver != 0x5592)) { 3898 run_bbp_write(sc, 79, 0x13); 3899 run_bbp_write(sc, 80, 0x05); 3900 run_bbp_write(sc, 81, 0x33); 3901 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 3902 run_bbp_write(sc, 69, 0x16); 3903 run_bbp_write(sc, 73, 0x12); 3904 } 3905 return 0; 3906 } 3907 3908 int 3909 run_rt3070_rf_init(struct run_softc *sc) 3910 { 3911 uint32_t tmp; 3912 uint8_t bbp4, mingain, rf, target; 3913 int i; 3914 3915 run_rt3070_rf_read(sc, 30, &rf); 3916 /* toggle RF R30 bit 7 */ 3917 run_rt3070_rf_write(sc, 30, rf | 0x80); 3918 DELAY(1000); 3919 run_rt3070_rf_write(sc, 30, rf & ~0x80); 3920 3921 /* initialize RF registers to default value */ 3922 if (sc->mac_ver == 0x3572) { 3923 for (i = 0; i < nitems(rt3572_def_rf); i++) { 3924 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 3925 rt3572_def_rf[i].val); 3926 } 3927 } else { 3928 for (i = 0; i < nitems(rt3070_def_rf); i++) { 3929 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3930 rt3070_def_rf[i].val); 3931 } 3932 } 3933 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 3934 /* 3935 * Change voltage from 1.2V to 1.35V for RT3070. 3936 * The DAC issue (RT3070_LDO_CFG0) has been fixed 3937 * in RT3070(F). 3938 */ 3939 run_read(sc, RT3070_LDO_CFG0, &tmp); 3940 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3941 run_write(sc, RT3070_LDO_CFG0, tmp); 3942 3943 } else if (sc->mac_ver == 0x3071) { 3944 run_rt3070_rf_read(sc, 6, &rf); 3945 run_rt3070_rf_write(sc, 6, rf | 0x40); 3946 run_rt3070_rf_write(sc, 31, 0x14); 3947 3948 run_read(sc, RT3070_LDO_CFG0, &tmp); 3949 tmp &= ~0x1f000000; 3950 if (sc->mac_rev < 0x0211) 3951 tmp |= 0x0d000000; /* 1.35V */ 3952 else 3953 tmp |= 0x01000000; /* 1.2V */ 3954 run_write(sc, RT3070_LDO_CFG0, tmp); 3955 3956 /* patch LNA_PE_G1 */ 3957 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3958 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3959 3960 } else if (sc->mac_ver == 0x3572) { 3961 run_rt3070_rf_read(sc, 6, &rf); 3962 run_rt3070_rf_write(sc, 6, rf | 0x40); 3963 /* increase voltage from 1.2V to 1.35V */ 3964 run_read(sc, RT3070_LDO_CFG0, &tmp); 3965 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3966 run_write(sc, RT3070_LDO_CFG0, tmp); 3967 3968 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 3969 DELAY(1); /* wait for 1msec */ 3970 /* decrease voltage back to 1.2V */ 3971 tmp = (tmp & ~0x1f000000) | 0x01000000; 3972 run_write(sc, RT3070_LDO_CFG0, tmp); 3973 } 3974 } 3975 3976 /* select 20MHz bandwidth */ 3977 run_rt3070_rf_read(sc, 31, &rf); 3978 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3979 3980 /* calibrate filter for 20MHz bandwidth */ 3981 sc->rf24_20mhz = 0x1f; /* default value */ 3982 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 3983 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 3984 3985 /* select 40MHz bandwidth */ 3986 run_bbp_read(sc, 4, &bbp4); 3987 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 3988 run_rt3070_rf_read(sc, 31, &rf); 3989 run_rt3070_rf_write(sc, 31, rf | 0x20); 3990 3991 /* calibrate filter for 40MHz bandwidth */ 3992 sc->rf24_40mhz = 0x2f; /* default value */ 3993 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 3994 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 3995 3996 /* go back to 20MHz bandwidth */ 3997 run_bbp_read(sc, 4, &bbp4); 3998 run_bbp_write(sc, 4, bbp4 & ~0x18); 3999 4000 if (sc->mac_ver == 0x3572) { 4001 /* save default BBP registers 25 and 26 values */ 4002 run_bbp_read(sc, 25, &sc->bbp25); 4003 run_bbp_read(sc, 26, &sc->bbp26); 4004 4005 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 4006 run_rt3070_rf_write(sc, 27, 0x03); 4007 4008 run_read(sc, RT3070_OPT_14, &tmp); 4009 run_write(sc, RT3070_OPT_14, tmp | 1); 4010 4011 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 4012 run_rt3070_rf_read(sc, 17, &rf); 4013 rf &= ~RT3070_TX_LO1; 4014 if ((sc->mac_ver == 0x3070 || 4015 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 4016 !sc->ext_2ghz_lna) 4017 rf |= 0x20; /* fix for long range Rx issue */ 4018 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 4019 if (sc->txmixgain_2ghz >= mingain) 4020 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 4021 run_rt3070_rf_write(sc, 17, rf); 4022 } 4023 if (sc->mac_ver == 0x3071) { 4024 run_rt3070_rf_read(sc, 1, &rf); 4025 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 4026 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 4027 run_rt3070_rf_write(sc, 1, rf); 4028 4029 run_rt3070_rf_read(sc, 15, &rf); 4030 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 4031 4032 run_rt3070_rf_read(sc, 20, &rf); 4033 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 4034 4035 run_rt3070_rf_read(sc, 21, &rf); 4036 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 4037 } 4038 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 4039 /* fix Tx to Rx IQ glitch by raising RF voltage */ 4040 run_rt3070_rf_read(sc, 27, &rf); 4041 rf &= ~0x77; 4042 if (sc->mac_rev < 0x0211) 4043 rf |= 0x03; 4044 run_rt3070_rf_write(sc, 27, rf); 4045 } 4046 return 0; 4047 } 4048 4049 void 4050 run_rt3593_rf_init(struct run_softc *sc) 4051 { 4052 uint32_t tmp; 4053 uint8_t rf; 4054 int i; 4055 4056 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 4057 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 4058 tmp &= ~(1 << 4 | 1 << 7); 4059 run_write(sc, RT3070_GPIO_SWITCH, tmp); 4060 4061 /* Initialize RF registers to default value. */ 4062 for (i = 0; i < nitems(rt3593_def_rf); i++) { 4063 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 4064 rt3593_def_rf[i].val); 4065 } 4066 4067 /* Toggle RF R2 to initiate calibration. */ 4068 run_rt3070_rf_write(sc, 2, RT3593_RESCAL); 4069 4070 /* Initialize RF frequency offset. */ 4071 run_adjust_freq_offset(sc); 4072 4073 run_rt3070_rf_read(sc, 18, &rf); 4074 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 4075 4076 /* 4077 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 4078 * decrease voltage back to 1.2V. 4079 */ 4080 run_read(sc, RT3070_LDO_CFG0, &tmp); 4081 tmp = (tmp & ~0x1f000000) | 0x0d000000; 4082 run_write(sc, RT3070_LDO_CFG0, tmp); 4083 DELAY(1); 4084 tmp = (tmp & ~0x1f000000) | 0x01000000; 4085 run_write(sc, RT3070_LDO_CFG0, tmp); 4086 4087 sc->rf24_20mhz = 0x1f; 4088 sc->rf24_40mhz = 0x2f; 4089 4090 /* Save default BBP registers 25 and 26 values. */ 4091 run_bbp_read(sc, 25, &sc->bbp25); 4092 run_bbp_read(sc, 26, &sc->bbp26); 4093 4094 run_read(sc, RT3070_OPT_14, &tmp); 4095 run_write(sc, RT3070_OPT_14, tmp | 1); 4096 } 4097 4098 void 4099 run_rt5390_rf_init(struct run_softc *sc) 4100 { 4101 uint32_t tmp; 4102 uint8_t rf; 4103 int i; 4104 4105 /* Toggle RF R2 to initiate calibration. */ 4106 if (sc->mac_ver == 0x5390) { 4107 run_rt3070_rf_read(sc, 2, &rf); 4108 run_rt3070_rf_write(sc, 2, rf | RT3593_RESCAL); 4109 DELAY(10); 4110 run_rt3070_rf_write(sc, 2, rf & ~RT3593_RESCAL); 4111 } else { 4112 run_rt3070_rf_write(sc, 2, RT3593_RESCAL); 4113 DELAY(10); 4114 } 4115 4116 /* Initialize RF registers to default value. */ 4117 if (sc->mac_ver == 0x5592) { 4118 for (i = 0; i < nitems(rt5592_def_rf); i++) { 4119 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 4120 rt5592_def_rf[i].val); 4121 } 4122 /* Initialize RF frequency offset. */ 4123 run_adjust_freq_offset(sc); 4124 } else if (sc->mac_ver == 0x5392) { 4125 for (i = 0; i < nitems(rt5392_def_rf); i++) { 4126 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 4127 rt5392_def_rf[i].val); 4128 } 4129 if (sc->mac_rev >= 0x0223) { 4130 run_rt3070_rf_write(sc, 23, 0x0f); 4131 run_rt3070_rf_write(sc, 24, 0x3e); 4132 run_rt3070_rf_write(sc, 51, 0x32); 4133 run_rt3070_rf_write(sc, 53, 0x22); 4134 run_rt3070_rf_write(sc, 56, 0xc1); 4135 run_rt3070_rf_write(sc, 59, 0x0f); 4136 } 4137 } else { 4138 for (i = 0; i < nitems(rt5390_def_rf); i++) { 4139 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 4140 rt5390_def_rf[i].val); 4141 } 4142 if (sc->mac_rev >= 0x0502) { 4143 run_rt3070_rf_write(sc, 6, 0xe0); 4144 run_rt3070_rf_write(sc, 25, 0x80); 4145 run_rt3070_rf_write(sc, 46, 0x73); 4146 run_rt3070_rf_write(sc, 53, 0x00); 4147 run_rt3070_rf_write(sc, 56, 0x42); 4148 run_rt3070_rf_write(sc, 61, 0xd1); 4149 } 4150 } 4151 4152 sc->rf24_20mhz = 0x1f; /* default value */ 4153 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 4154 4155 if (sc->mac_rev < 0x0211) 4156 run_rt3070_rf_write(sc, 27, 0x3); 4157 4158 run_read(sc, RT3070_OPT_14, &tmp); 4159 run_write(sc, RT3070_OPT_14, tmp | 1); 4160 } 4161 4162 int 4163 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 4164 uint8_t *val) 4165 { 4166 uint8_t rf22, rf24; 4167 uint8_t bbp55_pb, bbp55_sb, delta; 4168 int ntries; 4169 4170 /* program filter */ 4171 run_rt3070_rf_read(sc, 24, &rf24); 4172 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 4173 run_rt3070_rf_write(sc, 24, rf24); 4174 4175 /* enable baseband loopback mode */ 4176 run_rt3070_rf_read(sc, 22, &rf22); 4177 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 4178 4179 /* set power and frequency of passband test tone */ 4180 run_bbp_write(sc, 24, 0x00); 4181 for (ntries = 0; ntries < 100; ntries++) { 4182 /* transmit test tone */ 4183 run_bbp_write(sc, 25, 0x90); 4184 DELAY(1000); 4185 /* read received power */ 4186 run_bbp_read(sc, 55, &bbp55_pb); 4187 if (bbp55_pb != 0) 4188 break; 4189 } 4190 if (ntries == 100) 4191 return ETIMEDOUT; 4192 4193 /* set power and frequency of stopband test tone */ 4194 run_bbp_write(sc, 24, 0x06); 4195 for (ntries = 0; ntries < 100; ntries++) { 4196 /* transmit test tone */ 4197 run_bbp_write(sc, 25, 0x90); 4198 DELAY(1000); 4199 /* read received power */ 4200 run_bbp_read(sc, 55, &bbp55_sb); 4201 4202 delta = bbp55_pb - bbp55_sb; 4203 if (delta > target) 4204 break; 4205 4206 /* reprogram filter */ 4207 rf24++; 4208 run_rt3070_rf_write(sc, 24, rf24); 4209 } 4210 if (ntries < 100) { 4211 if (rf24 != init) 4212 rf24--; /* backtrack */ 4213 *val = rf24; 4214 run_rt3070_rf_write(sc, 24, rf24); 4215 } 4216 4217 /* restore initial state */ 4218 run_bbp_write(sc, 24, 0x00); 4219 4220 /* disable baseband loopback mode */ 4221 run_rt3070_rf_read(sc, 22, &rf22); 4222 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 4223 4224 return 0; 4225 } 4226 4227 void 4228 run_rt3070_rf_setup(struct run_softc *sc) 4229 { 4230 uint8_t bbp, rf; 4231 int i; 4232 4233 if (sc->mac_ver == 0x3572) { 4234 /* enable DC filter */ 4235 if (sc->mac_rev >= 0x0201) 4236 run_bbp_write(sc, 103, 0xc0); 4237 4238 run_bbp_read(sc, 138, &bbp); 4239 if (sc->ntxchains == 1) 4240 bbp |= 0x20; /* turn off DAC1 */ 4241 if (sc->nrxchains == 1) 4242 bbp &= ~0x02; /* turn off ADC1 */ 4243 run_bbp_write(sc, 138, bbp); 4244 4245 if (sc->mac_rev >= 0x0211) { 4246 /* improve power consumption */ 4247 run_bbp_read(sc, 31, &bbp); 4248 run_bbp_write(sc, 31, bbp & ~0x03); 4249 } 4250 4251 run_rt3070_rf_read(sc, 16, &rf); 4252 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 4253 run_rt3070_rf_write(sc, 16, rf); 4254 4255 } else if (sc->mac_ver == 0x3071) { 4256 /* enable DC filter */ 4257 if (sc->mac_rev >= 0x0211) { 4258 run_bbp_write(sc, 103, 0xc0); 4259 4260 /* improve power consumption */ 4261 run_bbp_read(sc, 31, &bbp); 4262 run_bbp_write(sc, 31, bbp & ~0x03); 4263 } 4264 4265 run_bbp_read(sc, 138, &bbp); 4266 if (sc->ntxchains == 1) 4267 bbp |= 0x20; /* turn off DAC1 */ 4268 if (sc->nrxchains == 1) 4269 bbp &= ~0x02; /* turn off ADC1 */ 4270 run_bbp_write(sc, 138, bbp); 4271 4272 run_write(sc, RT2860_TX_SW_CFG1, 0); 4273 if (sc->mac_rev < 0x0211) { 4274 run_write(sc, RT2860_TX_SW_CFG2, 4275 sc->patch_dac ? 0x2c : 0x0f); 4276 } else 4277 run_write(sc, RT2860_TX_SW_CFG2, 0); 4278 4279 } else if (sc->mac_ver == 0x3070) { 4280 if (sc->mac_rev >= 0x0201) { 4281 /* enable DC filter */ 4282 run_bbp_write(sc, 103, 0xc0); 4283 4284 /* improve power consumption */ 4285 run_bbp_read(sc, 31, &bbp); 4286 run_bbp_write(sc, 31, bbp & ~0x03); 4287 } 4288 4289 if (sc->mac_rev < 0x0201) { 4290 run_write(sc, RT2860_TX_SW_CFG1, 0); 4291 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 4292 } else 4293 run_write(sc, RT2860_TX_SW_CFG2, 0); 4294 } 4295 4296 /* initialize RF registers from ROM for >=RT3071*/ 4297 if (sc->mac_ver >= 0x3071) { 4298 for (i = 0; i < 10; i++) { 4299 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 4300 continue; 4301 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 4302 } 4303 } 4304 } 4305 4306 void 4307 run_rt3593_rf_setup(struct run_softc *sc) 4308 { 4309 uint8_t bbp, rf; 4310 4311 if (sc->mac_rev >= 0x0211) { 4312 /* Enable DC filter. */ 4313 run_bbp_write(sc, 103, 0xc0); 4314 } 4315 run_write(sc, RT2860_TX_SW_CFG1, 0); 4316 if (sc->mac_rev < 0x0211) { 4317 run_write(sc, RT2860_TX_SW_CFG2, 4318 sc->patch_dac ? 0x2c : 0x0f); 4319 } else 4320 run_write(sc, RT2860_TX_SW_CFG2, 0); 4321 4322 run_rt3070_rf_read(sc, 50, &rf); 4323 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 4324 4325 run_rt3070_rf_read(sc, 51, &rf); 4326 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 4327 ((sc->txmixgain_2ghz & 0x07) << 2); 4328 run_rt3070_rf_write(sc, 51, rf); 4329 4330 run_rt3070_rf_read(sc, 38, &rf); 4331 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 4332 4333 run_rt3070_rf_read(sc, 39, &rf); 4334 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 4335 4336 run_rt3070_rf_read(sc, 1, &rf); 4337 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 4338 4339 run_rt3070_rf_read(sc, 30, &rf); 4340 rf = (rf & ~0x18) | 0x10; 4341 run_rt3070_rf_write(sc, 30, rf); 4342 4343 /* Apply maximum likelihood detection for 2 stream case. */ 4344 run_bbp_read(sc, 105, &bbp); 4345 if (sc->nrxchains > 1) 4346 run_bbp_write(sc, 105, bbp | RT5390_MLD); 4347 4348 /* Avoid data lost and CRC error. */ 4349 run_bbp_read(sc, 4, &bbp); 4350 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 4351 4352 run_bbp_write(sc, 92, 0x02); 4353 run_bbp_write(sc, 82, 0x82); 4354 run_bbp_write(sc, 106, 0x05); 4355 run_bbp_write(sc, 104, 0x92); 4356 run_bbp_write(sc, 88, 0x90); 4357 run_bbp_write(sc, 148, 0xc8); 4358 run_bbp_write(sc, 47, 0x48); 4359 run_bbp_write(sc, 120, 0x50); 4360 4361 run_bbp_write(sc, 163, 0x9d); 4362 4363 /* SNR mapping. */ 4364 run_bbp_write(sc, 142, 0x06); 4365 run_bbp_write(sc, 143, 0xa0); 4366 run_bbp_write(sc, 142, 0x07); 4367 run_bbp_write(sc, 143, 0xa1); 4368 run_bbp_write(sc, 142, 0x08); 4369 run_bbp_write(sc, 143, 0xa2); 4370 4371 run_bbp_write(sc, 31, 0x08); 4372 run_bbp_write(sc, 68, 0x0b); 4373 run_bbp_write(sc, 105, 0x04); 4374 } 4375 4376 void 4377 run_rt5390_rf_setup(struct run_softc *sc) 4378 { 4379 uint8_t bbp, rf; 4380 4381 if (sc->mac_rev >= 0x0211) { 4382 /* Enable DC filter. */ 4383 run_bbp_write(sc, 103, 0xc0); 4384 4385 if (sc->mac_ver != 0x5592) { 4386 /* Improve power consumption. */ 4387 run_bbp_read(sc, 31, &bbp); 4388 run_bbp_write(sc, 31, bbp & ~0x03); 4389 } 4390 } 4391 4392 run_bbp_read(sc, 138, &bbp); 4393 if (sc->ntxchains == 1) 4394 bbp |= 0x20; /* turn off DAC1 */ 4395 if (sc->nrxchains == 1) 4396 bbp &= ~0x02; /* turn off ADC1 */ 4397 run_bbp_write(sc, 138, bbp); 4398 4399 run_rt3070_rf_read(sc, 38, &rf); 4400 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 4401 4402 run_rt3070_rf_read(sc, 39, &rf); 4403 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 4404 4405 /* Avoid data lost and CRC error. */ 4406 run_bbp_read(sc, 4, &bbp); 4407 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 4408 4409 run_rt3070_rf_read(sc, 30, &rf); 4410 rf = (rf & ~0x18) | 0x10; 4411 run_rt3070_rf_write(sc, 30, rf); 4412 4413 if (sc->mac_ver != 0x5592) { 4414 run_write(sc, RT2860_TX_SW_CFG1, 0); 4415 if (sc->mac_rev < 0x0211) { 4416 run_write(sc, RT2860_TX_SW_CFG2, 4417 sc->patch_dac ? 0x2c : 0x0f); 4418 } else 4419 run_write(sc, RT2860_TX_SW_CFG2, 0); 4420 } 4421 } 4422 4423 int 4424 run_txrx_enable(struct run_softc *sc) 4425 { 4426 uint32_t tmp; 4427 int error, ntries; 4428 4429 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 4430 for (ntries = 0; ntries < 200; ntries++) { 4431 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 4432 return error; 4433 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4434 break; 4435 DELAY(1000); 4436 } 4437 if (ntries == 200) 4438 return ETIMEDOUT; 4439 4440 DELAY(50); 4441 4442 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 4443 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4444 4445 /* enable Rx bulk aggregation (set timeout and limit) */ 4446 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 4447 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 4448 run_write(sc, RT2860_USB_DMA_CFG, tmp); 4449 4450 /* set Rx filter */ 4451 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 4452 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) { 4453 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 4454 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 4455 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 4456 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 4457 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA) 4458 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 4459 } 4460 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 4461 4462 run_write(sc, RT2860_MAC_SYS_CTRL, 4463 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4464 4465 return 0; 4466 } 4467 4468 void 4469 run_adjust_freq_offset(struct run_softc *sc) 4470 { 4471 uint8_t rf, tmp; 4472 4473 run_rt3070_rf_read(sc, 17, &rf); 4474 tmp = rf; 4475 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 4476 rf = MIN(rf, 0x5f); 4477 4478 if (tmp != rf) 4479 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 4480 } 4481 4482 int 4483 run_init(struct ifnet *ifp) 4484 { 4485 struct run_softc *sc = ifp->if_softc; 4486 struct ieee80211com *ic = &sc->sc_ic; 4487 uint32_t tmp; 4488 uint8_t bbp1, bbp3; 4489 int i, error, qid, ridx, ntries; 4490 4491 if (usbd_is_dying(sc->sc_udev)) 4492 return ENXIO; 4493 4494 for (ntries = 0; ntries < 100; ntries++) { 4495 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0) 4496 goto fail; 4497 if (tmp != 0 && tmp != 0xffffffff) 4498 break; 4499 DELAY(10); 4500 } 4501 if (ntries == 100) { 4502 error = ETIMEDOUT; 4503 goto fail; 4504 } 4505 4506 if ((error = run_load_microcode(sc)) != 0) { 4507 printf("%s: could not load 8051 microcode\n", 4508 sc->sc_dev.dv_xname); 4509 goto fail; 4510 } 4511 4512 /* init host command ring */ 4513 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 4514 4515 /* init Tx rings (4 EDCAs) */ 4516 for (qid = 0; qid < 4; qid++) { 4517 if ((error = run_alloc_tx_ring(sc, qid)) != 0) 4518 goto fail; 4519 } 4520 /* init Rx ring */ 4521 if ((error = run_alloc_rx_ring(sc)) != 0) 4522 goto fail; 4523 4524 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 4525 run_set_macaddr(sc, ic->ic_myaddr); 4526 4527 for (ntries = 0; ntries < 100; ntries++) { 4528 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 4529 goto fail; 4530 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4531 break; 4532 DELAY(1000); 4533 } 4534 if (ntries == 100) { 4535 printf("%s: timeout waiting for DMA engine\n", 4536 sc->sc_dev.dv_xname); 4537 error = ETIMEDOUT; 4538 goto fail; 4539 } 4540 tmp &= 0xff0; 4541 tmp |= RT2860_TX_WB_DDONE; 4542 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4543 4544 /* turn off PME_OEN to solve high-current issue */ 4545 run_read(sc, RT2860_SYS_CTRL, &tmp); 4546 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 4547 4548 run_write(sc, RT2860_MAC_SYS_CTRL, 4549 RT2860_BBP_HRST | RT2860_MAC_SRST); 4550 run_write(sc, RT2860_USB_DMA_CFG, 0); 4551 4552 if ((error = run_reset(sc)) != 0) { 4553 printf("%s: could not reset chipset\n", sc->sc_dev.dv_xname); 4554 goto fail; 4555 } 4556 4557 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4558 4559 /* init Tx power for all Tx rates (from EEPROM) */ 4560 for (ridx = 0; ridx < 5; ridx++) { 4561 if (sc->txpow20mhz[ridx] == 0xffffffff) 4562 continue; 4563 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 4564 } 4565 4566 for (i = 0; i < nitems(rt2870_def_mac); i++) 4567 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 4568 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 4569 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 4570 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 4571 4572 if (sc->mac_ver >= 0x5390) { 4573 run_write(sc, RT2860_TX_SW_CFG0, 4574 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 4575 if (sc->mac_ver >= 0x5392) { 4576 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 4577 if (sc->mac_ver == 0x5592) { 4578 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 4579 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 4580 } else { 4581 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 4582 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 4583 } 4584 } 4585 } else if (sc->mac_ver == 0x3593) { 4586 run_write(sc, RT2860_TX_SW_CFG0, 4587 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 4588 } else if (sc->mac_ver >= 0x3070) { 4589 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 4590 run_write(sc, RT2860_TX_SW_CFG0, 4591 4 << RT2860_DLY_PAPE_EN_SHIFT); 4592 } 4593 4594 /* wait while MAC is busy */ 4595 for (ntries = 0; ntries < 100; ntries++) { 4596 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0) 4597 goto fail; 4598 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 4599 break; 4600 DELAY(1000); 4601 } 4602 if (ntries == 100) { 4603 error = ETIMEDOUT; 4604 goto fail; 4605 } 4606 4607 /* clear Host to MCU mailbox */ 4608 run_write(sc, RT2860_H2M_BBPAGENT, 0); 4609 run_write(sc, RT2860_H2M_MAILBOX, 0); 4610 DELAY(1000); 4611 4612 if ((error = run_bbp_init(sc)) != 0) { 4613 printf("%s: could not initialize BBP\n", sc->sc_dev.dv_xname); 4614 goto fail; 4615 } 4616 4617 /* abort TSF synchronization */ 4618 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4619 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4620 RT2860_TBTT_TIMER_EN); 4621 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 4622 4623 /* clear RX WCID search table */ 4624 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 4625 /* clear WCID attribute table */ 4626 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 4627 /* clear shared key table */ 4628 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 4629 /* clear shared key mode */ 4630 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 4631 4632 run_read(sc, RT2860_US_CYC_CNT, &tmp); 4633 tmp = (tmp & ~0xff) | 0x1e; 4634 run_write(sc, RT2860_US_CYC_CNT, tmp); 4635 4636 if (sc->mac_rev != 0x0101) 4637 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 4638 4639 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 4640 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 4641 4642 /* write vendor-specific BBP values (from EEPROM) */ 4643 if (sc->mac_ver < 0x3593) { 4644 for (i = 0; i < 8; i++) { 4645 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 4646 continue; 4647 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 4648 } 4649 } 4650 4651 /* select Main antenna for 1T1R devices */ 4652 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 4653 run_set_rx_antenna(sc, 0); 4654 4655 /* send LEDs operating mode to microcontroller */ 4656 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 4657 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 4658 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 4659 4660 if (sc->mac_ver >= 0x5390) 4661 run_rt5390_rf_init(sc); 4662 else if (sc->mac_ver == 0x3593) 4663 run_rt3593_rf_init(sc); 4664 else if (sc->mac_ver >= 0x3070) 4665 run_rt3070_rf_init(sc); 4666 4667 /* disable non-existing Rx chains */ 4668 run_bbp_read(sc, 3, &bbp3); 4669 bbp3 &= ~(1 << 3 | 1 << 4); 4670 if (sc->nrxchains == 2) 4671 bbp3 |= 1 << 3; 4672 else if (sc->nrxchains == 3) 4673 bbp3 |= 1 << 4; 4674 run_bbp_write(sc, 3, bbp3); 4675 4676 /* disable non-existing Tx chains */ 4677 run_bbp_read(sc, 1, &bbp1); 4678 if (sc->ntxchains == 1) 4679 bbp1 &= ~(1 << 3 | 1 << 4); 4680 run_bbp_write(sc, 1, bbp1); 4681 4682 if (sc->mac_ver >= 0x5390) 4683 run_rt5390_rf_setup(sc); 4684 else if (sc->mac_ver == 0x3593) 4685 run_rt3593_rf_setup(sc); 4686 else if (sc->mac_ver >= 0x3070) 4687 run_rt3070_rf_setup(sc); 4688 4689 /* select default channel */ 4690 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 4691 run_set_chan(sc, ic->ic_ibss_chan); 4692 4693 /* turn radio LED on */ 4694 run_set_leds(sc, RT2860_LED_RADIO); 4695 4696 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 4697 struct run_rx_data *data = &sc->rxq.data[i]; 4698 4699 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf, 4700 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 4701 USBD_NO_TIMEOUT, run_rxeof); 4702 error = usbd_transfer(data->xfer); 4703 if (error != 0 && error != USBD_IN_PROGRESS) 4704 goto fail; 4705 } 4706 4707 if ((error = run_txrx_enable(sc)) != 0) 4708 goto fail; 4709 4710 ifp->if_flags |= IFF_RUNNING; 4711 ifq_clr_oactive(&ifp->if_snd); 4712 4713 if (ic->ic_flags & IEEE80211_F_WEPON) { 4714 /* install WEP keys */ 4715 for (i = 0; i < IEEE80211_WEP_NKID; i++) 4716 (void)run_set_key(ic, NULL, &ic->ic_nw_keys[i]); 4717 } 4718 4719 if (ic->ic_opmode == IEEE80211_M_MONITOR) 4720 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 4721 else 4722 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 4723 4724 if (error != 0) 4725 fail: run_stop(ifp, 1); 4726 return error; 4727 } 4728 4729 void 4730 run_stop(struct ifnet *ifp, int disable) 4731 { 4732 struct run_softc *sc = ifp->if_softc; 4733 struct ieee80211com *ic = &sc->sc_ic; 4734 uint32_t tmp; 4735 int s, ntries, qid; 4736 4737 if (ifp->if_flags & IFF_RUNNING) 4738 run_set_leds(sc, 0); /* turn all LEDs off */ 4739 4740 sc->sc_tx_timer = 0; 4741 ifp->if_timer = 0; 4742 ifp->if_flags &= ~IFF_RUNNING; 4743 ifq_clr_oactive(&ifp->if_snd); 4744 4745 timeout_del(&sc->scan_to); 4746 timeout_del(&sc->calib_to); 4747 4748 s = splusb(); 4749 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 4750 /* wait for all queued asynchronous commands to complete */ 4751 usb_wait_task(sc->sc_udev, &sc->sc_task); 4752 splx(s); 4753 4754 /* Disable Tx/Rx DMA. */ 4755 run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp); 4756 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 4757 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4758 4759 for (ntries = 0; ntries < 100; ntries++) { 4760 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 4761 break; 4762 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4763 break; 4764 DELAY(10); 4765 } 4766 if (ntries == 100) { 4767 printf("%s: timeout waiting for DMA engine\n", 4768 sc->sc_dev.dv_xname); 4769 } 4770 4771 /* disable Tx/Rx */ 4772 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 4773 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4774 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 4775 4776 /* wait for pending Tx to complete */ 4777 for (ntries = 0; ntries < 100; ntries++) { 4778 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) 4779 break; 4780 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) 4781 break; 4782 } 4783 DELAY(1000); 4784 run_write(sc, RT2860_USB_DMA_CFG, 0); 4785 4786 /* reset adapter */ 4787 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 4788 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4789 4790 /* reset Tx and Rx rings */ 4791 sc->qfullmsk = 0; 4792 for (qid = 0; qid < 4; qid++) 4793 run_free_tx_ring(sc, qid); 4794 run_free_rx_ring(sc); 4795 } 4796