1 /*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 * 19 * $FreeBSD: head/sys/dev/usb/wlan/if_run.c 262795 2014-03-05 18:39:27Z hselasky $ 20 */ 21 22 /*- 23 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 24 * http://www.ralinktech.com/ 25 */ 26 27 #include <sys/param.h> 28 #include <sys/sockio.h> 29 #include <sys/sysctl.h> 30 #include <sys/lock.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/module.h> 37 #include <sys/bus.h> 38 #include <sys/endian.h> 39 #include <sys/linker.h> 40 #include <sys/firmware.h> 41 42 #include <sys/rman.h> 43 44 #include <net/bpf.h> 45 #include <net/if.h> 46 #include <net/if_var.h> 47 #include <net/if_arp.h> 48 #include <net/ethernet.h> 49 #include <net/if_dl.h> 50 #include <net/if_media.h> 51 #include <net/if_types.h> 52 #include <net/ifq_var.h> 53 54 #include <netinet/in.h> 55 #include <netinet/in_systm.h> 56 #include <netinet/in_var.h> 57 #include <netinet/if_ether.h> 58 #include <netinet/ip.h> 59 60 #include <netproto/802_11/ieee80211_var.h> 61 #include <netproto/802_11/ieee80211_regdomain.h> 62 #include <netproto/802_11/ieee80211_radiotap.h> 63 #include <netproto/802_11/ieee80211_ratectl.h> 64 65 #include <bus/u4b/usb.h> 66 #include <bus/u4b/usbdi.h> 67 #include "usbdevs.h" 68 69 #define USB_DEBUG_VAR run_debug 70 #include <bus/u4b/usb_debug.h> 71 #include <bus/u4b/usb_msctest.h> 72 73 #include <bus/u4b/wlan/if_runreg.h> 74 #include <bus/u4b/wlan/if_runvar.h> 75 76 #ifdef USB_DEBUG 77 #define RUN_DEBUG 78 #endif 79 80 #ifdef RUN_DEBUG 81 int run_debug = 0; 82 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 83 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 84 "run debug level"); 85 #endif 86 87 #define IEEE80211_HAS_ADDR4(wh) \ 88 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 89 90 /* 91 * Because of LOR in run_key_delete(), use atomic instead. 92 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 93 */ 94 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 95 96 static const STRUCT_USB_HOST_ID run_devs[] = { 97 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 98 #define RUN_DEV_EJECT(v,p) \ 99 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, RUN_EJECT) } 100 #define RUN_EJECT 1 101 RUN_DEV(ABOCOM, RT2770), 102 RUN_DEV(ABOCOM, RT2870), 103 RUN_DEV(ABOCOM, RT3070), 104 RUN_DEV(ABOCOM, RT3071), 105 RUN_DEV(ABOCOM, RT3072), 106 RUN_DEV(ABOCOM2, RT2870_1), 107 RUN_DEV(ACCTON, RT2770), 108 RUN_DEV(ACCTON, RT2870_1), 109 RUN_DEV(ACCTON, RT2870_2), 110 RUN_DEV(ACCTON, RT2870_3), 111 RUN_DEV(ACCTON, RT2870_4), 112 RUN_DEV(ACCTON, RT2870_5), 113 RUN_DEV(ACCTON, RT3070), 114 RUN_DEV(ACCTON, RT3070_1), 115 RUN_DEV(ACCTON, RT3070_2), 116 RUN_DEV(ACCTON, RT3070_3), 117 RUN_DEV(ACCTON, RT3070_4), 118 RUN_DEV(ACCTON, RT3070_5), 119 RUN_DEV(AIRTIES, RT3070), 120 RUN_DEV(ALLWIN, RT2070), 121 RUN_DEV(ALLWIN, RT2770), 122 RUN_DEV(ALLWIN, RT2870), 123 RUN_DEV(ALLWIN, RT3070), 124 RUN_DEV(ALLWIN, RT3071), 125 RUN_DEV(ALLWIN, RT3072), 126 RUN_DEV(ALLWIN, RT3572), 127 RUN_DEV(AMIGO, RT2870_1), 128 RUN_DEV(AMIGO, RT2870_2), 129 RUN_DEV(AMIT, CGWLUSB2GNR), 130 RUN_DEV(AMIT, RT2870_1), 131 RUN_DEV(AMIT2, RT2870), 132 RUN_DEV(ASUS, RT2870_1), 133 RUN_DEV(ASUS, RT2870_2), 134 RUN_DEV(ASUS, RT2870_3), 135 RUN_DEV(ASUS, RT2870_4), 136 RUN_DEV(ASUS, RT2870_5), 137 RUN_DEV(ASUS, USBN13), 138 RUN_DEV(ASUS, RT3070_1), 139 RUN_DEV(ASUS, USBN66), 140 RUN_DEV(ASUS, USB_N53), 141 RUN_DEV(ASUS2, USBN11), 142 RUN_DEV(AZUREWAVE, RT2870_1), 143 RUN_DEV(AZUREWAVE, RT2870_2), 144 RUN_DEV(AZUREWAVE, RT3070_1), 145 RUN_DEV(AZUREWAVE, RT3070_2), 146 RUN_DEV(AZUREWAVE, RT3070_3), 147 RUN_DEV(BELKIN, F9L1103), 148 RUN_DEV(BELKIN, F5D8053V3), 149 RUN_DEV(BELKIN, F5D8055), 150 RUN_DEV(BELKIN, F5D8055V2), 151 RUN_DEV(BELKIN, F6D4050V1), 152 RUN_DEV(BELKIN, F6D4050V2), 153 RUN_DEV(BELKIN, RT2870_1), 154 RUN_DEV(BELKIN, RT2870_2), 155 RUN_DEV(CISCOLINKSYS, AE1000), 156 RUN_DEV(CISCOLINKSYS2, RT3070), 157 RUN_DEV(CISCOLINKSYS3, RT3070), 158 RUN_DEV(CONCEPTRONIC2, RT2870_1), 159 RUN_DEV(CONCEPTRONIC2, RT2870_2), 160 RUN_DEV(CONCEPTRONIC2, RT2870_3), 161 RUN_DEV(CONCEPTRONIC2, RT2870_4), 162 RUN_DEV(CONCEPTRONIC2, RT2870_5), 163 RUN_DEV(CONCEPTRONIC2, RT2870_6), 164 RUN_DEV(CONCEPTRONIC2, RT2870_7), 165 RUN_DEV(CONCEPTRONIC2, RT2870_8), 166 RUN_DEV(CONCEPTRONIC2, RT3070_1), 167 RUN_DEV(CONCEPTRONIC2, RT3070_2), 168 RUN_DEV(CONCEPTRONIC2, VIGORN61), 169 RUN_DEV(COREGA, CGWLUSB300GNM), 170 RUN_DEV(COREGA, RT2870_1), 171 RUN_DEV(COREGA, RT2870_2), 172 RUN_DEV(COREGA, RT2870_3), 173 RUN_DEV(COREGA, RT3070), 174 RUN_DEV(CYBERTAN, RT2870), 175 RUN_DEV(DLINK, RT2870), 176 RUN_DEV(DLINK, RT3072), 177 RUN_DEV(DLINK, DWA127), 178 RUN_DEV(DLINK, DWA140B3), 179 RUN_DEV(DLINK, DWA160B2), 180 RUN_DEV(DLINK, DWA162), 181 RUN_DEV(DLINK2, DWA130), 182 RUN_DEV(DLINK2, RT2870_1), 183 RUN_DEV(DLINK2, RT2870_2), 184 RUN_DEV(DLINK2, RT3070_1), 185 RUN_DEV(DLINK2, RT3070_2), 186 RUN_DEV(DLINK2, RT3070_3), 187 RUN_DEV(DLINK2, RT3070_4), 188 RUN_DEV(DLINK2, RT3070_5), 189 RUN_DEV(DLINK2, RT3072), 190 RUN_DEV(DLINK2, RT3072_1), 191 RUN_DEV(EDIMAX, EW7717), 192 RUN_DEV(EDIMAX, EW7718), 193 RUN_DEV(EDIMAX, EW7733UND), 194 RUN_DEV(EDIMAX, RT2870_1), 195 RUN_DEV(ENCORE, RT3070_1), 196 RUN_DEV(ENCORE, RT3070_2), 197 RUN_DEV(ENCORE, RT3070_3), 198 RUN_DEV(GIGABYTE, GNWB31N), 199 RUN_DEV(GIGABYTE, GNWB32L), 200 RUN_DEV(GIGABYTE, RT2870_1), 201 RUN_DEV(GIGASET, RT3070_1), 202 RUN_DEV(GIGASET, RT3070_2), 203 RUN_DEV(GUILLEMOT, HWNU300), 204 RUN_DEV(HAWKING, HWUN2), 205 RUN_DEV(HAWKING, RT2870_1), 206 RUN_DEV(HAWKING, RT2870_2), 207 RUN_DEV(HAWKING, RT3070), 208 RUN_DEV(IODATA, RT3072_1), 209 RUN_DEV(IODATA, RT3072_2), 210 RUN_DEV(IODATA, RT3072_3), 211 RUN_DEV(IODATA, RT3072_4), 212 RUN_DEV(LINKSYS4, RT3070), 213 RUN_DEV(LINKSYS4, WUSB100), 214 RUN_DEV(LINKSYS4, WUSB54GCV3), 215 RUN_DEV(LINKSYS4, WUSB600N), 216 RUN_DEV(LINKSYS4, WUSB600NV2), 217 RUN_DEV(LOGITEC, RT2870_1), 218 RUN_DEV(LOGITEC, RT2870_2), 219 RUN_DEV(LOGITEC, RT2870_3), 220 RUN_DEV(LOGITEC, LANW300NU2), 221 RUN_DEV(LOGITEC, LANW150NU2), 222 RUN_DEV(LOGITEC, LANW300NU2S), 223 RUN_DEV(MELCO, RT2870_1), 224 RUN_DEV(MELCO, RT2870_2), 225 RUN_DEV(MELCO, WLIUCAG300N), 226 RUN_DEV(MELCO, WLIUCG300N), 227 RUN_DEV(MELCO, WLIUCG301N), 228 RUN_DEV(MELCO, WLIUCGN), 229 RUN_DEV(MELCO, WLIUCGNM), 230 RUN_DEV(MELCO, WLIUCGNM2), 231 RUN_DEV(MOTOROLA4, RT2770), 232 RUN_DEV(MOTOROLA4, RT3070), 233 RUN_DEV(MSI, RT3070_1), 234 RUN_DEV(MSI, RT3070_2), 235 RUN_DEV(MSI, RT3070_3), 236 RUN_DEV(MSI, RT3070_4), 237 RUN_DEV(MSI, RT3070_5), 238 RUN_DEV(MSI, RT3070_6), 239 RUN_DEV(MSI, RT3070_7), 240 RUN_DEV(MSI, RT3070_8), 241 RUN_DEV(MSI, RT3070_9), 242 RUN_DEV(MSI, RT3070_10), 243 RUN_DEV(MSI, RT3070_11), 244 RUN_DEV(OVISLINK, RT3072), 245 RUN_DEV(PARA, RT3070), 246 RUN_DEV(PEGATRON, RT2870), 247 RUN_DEV(PEGATRON, RT3070), 248 RUN_DEV(PEGATRON, RT3070_2), 249 RUN_DEV(PEGATRON, RT3070_3), 250 RUN_DEV(PHILIPS, RT2870), 251 RUN_DEV(PLANEX2, GWUS300MINIS), 252 RUN_DEV(PLANEX2, GWUSMICRON), 253 RUN_DEV(PLANEX2, RT2870), 254 RUN_DEV(PLANEX2, RT3070), 255 RUN_DEV(QCOM, RT2870), 256 RUN_DEV(QUANTA, RT3070), 257 RUN_DEV(RALINK, RT2070), 258 RUN_DEV(RALINK, RT2770), 259 RUN_DEV(RALINK, RT2870), 260 RUN_DEV(RALINK, RT3070), 261 RUN_DEV(RALINK, RT3071), 262 RUN_DEV(RALINK, RT3072), 263 RUN_DEV(RALINK, RT3370), 264 RUN_DEV(RALINK, RT3572), 265 RUN_DEV(RALINK, RT3573), 266 RUN_DEV(RALINK, RT5370), 267 RUN_DEV(RALINK, RT5572), 268 RUN_DEV(RALINK, RT8070), 269 RUN_DEV(SAMSUNG, WIS09ABGN), 270 RUN_DEV(SAMSUNG2, RT2870_1), 271 RUN_DEV(SENAO, RT2870_1), 272 RUN_DEV(SENAO, RT2870_2), 273 RUN_DEV(SENAO, RT2870_3), 274 RUN_DEV(SENAO, RT2870_4), 275 RUN_DEV(SENAO, RT3070), 276 RUN_DEV(SENAO, RT3071), 277 RUN_DEV(SENAO, RT3072_1), 278 RUN_DEV(SENAO, RT3072_2), 279 RUN_DEV(SENAO, RT3072_3), 280 RUN_DEV(SENAO, RT3072_4), 281 RUN_DEV(SENAO, RT3072_5), 282 RUN_DEV(SITECOMEU, RT2770), 283 RUN_DEV(SITECOMEU, RT2870_1), 284 RUN_DEV(SITECOMEU, RT2870_2), 285 RUN_DEV(SITECOMEU, RT2870_3), 286 RUN_DEV(SITECOMEU, RT2870_4), 287 RUN_DEV(SITECOMEU, RT3070), 288 RUN_DEV(SITECOMEU, RT3070_2), 289 RUN_DEV(SITECOMEU, RT3070_3), 290 RUN_DEV(SITECOMEU, RT3070_4), 291 RUN_DEV(SITECOMEU, RT3071), 292 RUN_DEV(SITECOMEU, RT3072_1), 293 RUN_DEV(SITECOMEU, RT3072_2), 294 RUN_DEV(SITECOMEU, RT3072_3), 295 RUN_DEV(SITECOMEU, RT3072_4), 296 RUN_DEV(SITECOMEU, RT3072_5), 297 RUN_DEV(SITECOMEU, RT3072_6), 298 RUN_DEV(SITECOMEU, WL608), 299 RUN_DEV(SPARKLAN, RT2870_1), 300 RUN_DEV(SPARKLAN, RT3070), 301 RUN_DEV(SWEEX2, LW153), 302 RUN_DEV(SWEEX2, LW303), 303 RUN_DEV(SWEEX2, LW313), 304 RUN_DEV(TOSHIBA, RT3070), 305 RUN_DEV(UMEDIA, RT2870_1), 306 RUN_DEV(ZCOM, RT2870_1), 307 RUN_DEV(ZCOM, RT2870_2), 308 RUN_DEV(ZINWELL, RT2870_1), 309 RUN_DEV(ZINWELL, RT2870_2), 310 RUN_DEV(ZINWELL, RT3070), 311 RUN_DEV(ZINWELL, RT3072_1), 312 RUN_DEV(ZINWELL, RT3072_2), 313 RUN_DEV(ZYXEL, RT2870_1), 314 RUN_DEV(ZYXEL, RT2870_2), 315 RUN_DEV_EJECT(ZYXEL, NWD2705), 316 RUN_DEV_EJECT(RALINK, RT_STOR), 317 #undef RUN_DEV_EJECT 318 #undef RUN_DEV 319 }; 320 321 static device_probe_t run_match; 322 static device_attach_t run_attach; 323 static device_detach_t run_detach; 324 325 static usb_callback_t run_bulk_rx_callback; 326 static usb_callback_t run_bulk_tx_callback0; 327 static usb_callback_t run_bulk_tx_callback1; 328 static usb_callback_t run_bulk_tx_callback2; 329 static usb_callback_t run_bulk_tx_callback3; 330 static usb_callback_t run_bulk_tx_callback4; 331 static usb_callback_t run_bulk_tx_callback5; 332 333 static void run_autoinst(void *, struct usb_device *, 334 struct usb_attach_arg *); 335 static int run_driver_loaded(struct module *, int, void *); 336 static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 337 usb_error_t error, u_int index); 338 static struct ieee80211vap *run_vap_create(struct ieee80211com *, 339 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 340 const uint8_t [IEEE80211_ADDR_LEN], 341 const uint8_t [IEEE80211_ADDR_LEN]); 342 static void run_vap_delete(struct ieee80211vap *); 343 static void run_cmdq_cb(void *, int); 344 static void run_setup_tx_list(struct run_softc *, 345 struct run_endpoint_queue *); 346 static void run_unsetup_tx_list(struct run_softc *, 347 struct run_endpoint_queue *); 348 static int run_load_microcode(struct run_softc *); 349 static int run_reset(struct run_softc *); 350 static usb_error_t run_do_request(struct run_softc *, 351 struct usb_device_request *, void *); 352 static int run_read(struct run_softc *, uint16_t, uint32_t *); 353 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 354 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 355 static int run_write(struct run_softc *, uint16_t, uint32_t); 356 static int run_write_region_1(struct run_softc *, uint16_t, 357 const uint8_t *, int); 358 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 359 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 360 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 361 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 362 static int run_rt2870_rf_write(struct run_softc *, uint32_t); 363 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 364 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 365 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 366 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 367 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 368 static const char *run_get_rf(uint16_t); 369 static void run_rt3593_get_txpower(struct run_softc *); 370 static void run_get_txpower(struct run_softc *); 371 static int run_read_eeprom(struct run_softc *); 372 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 373 const uint8_t mac[IEEE80211_ADDR_LEN]); 374 static int run_media_change(struct ifnet *); 375 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 376 static int run_wme_update(struct ieee80211com *); 377 static void run_wme_update_cb(void *); 378 static void run_key_update_begin(struct ieee80211vap *); 379 static void run_key_update_end(struct ieee80211vap *); 380 static void run_key_set_cb(void *); 381 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 382 const uint8_t mac[IEEE80211_ADDR_LEN]); 383 static void run_key_delete_cb(void *); 384 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 385 static void run_ratectl_to(void *); 386 static void run_ratectl_cb(void *, int); 387 static void run_drain_fifo(void *); 388 static void run_iter_func(void *, struct ieee80211_node *); 389 static void run_newassoc_cb(void *); 390 static void run_newassoc(struct ieee80211_node *, int); 391 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 392 static void run_tx_free(struct run_endpoint_queue *pq, 393 struct run_tx_data *, int); 394 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 395 static int run_tx(struct run_softc *, struct mbuf *, 396 struct ieee80211_node *); 397 static int run_tx_mgt(struct run_softc *, struct mbuf *, 398 struct ieee80211_node *); 399 static int run_sendprot(struct run_softc *, const struct mbuf *, 400 struct ieee80211_node *, int, int); 401 static int run_tx_param(struct run_softc *, struct mbuf *, 402 struct ieee80211_node *, 403 const struct ieee80211_bpf_params *); 404 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 405 const struct ieee80211_bpf_params *); 406 static void run_start(struct ifnet *, struct ifaltq_subque *); 407 static int run_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *); 408 static void run_iq_calib(struct run_softc *, u_int); 409 static void run_set_agc(struct run_softc *, uint8_t); 410 static void run_select_chan_group(struct run_softc *, int); 411 static void run_set_rx_antenna(struct run_softc *, int); 412 static void run_rt2870_set_chan(struct run_softc *, u_int); 413 static void run_rt3070_set_chan(struct run_softc *, u_int); 414 static void run_rt3572_set_chan(struct run_softc *, u_int); 415 static void run_rt3593_set_chan(struct run_softc *, u_int); 416 static void run_rt5390_set_chan(struct run_softc *, u_int); 417 static void run_rt5592_set_chan(struct run_softc *, u_int); 418 static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 419 static void run_set_channel(struct ieee80211com *); 420 static void run_scan_start(struct ieee80211com *); 421 static void run_scan_end(struct ieee80211com *); 422 static void run_update_beacon(struct ieee80211vap *, int); 423 static void run_update_beacon_cb(void *); 424 static void run_updateprot(struct ieee80211com *); 425 static void run_updateprot_cb(void *); 426 static void run_usb_timeout_cb(void *); 427 static void run_reset_livelock(struct run_softc *); 428 static void run_enable_tsf_sync(struct run_softc *); 429 static void run_enable_mrr(struct run_softc *); 430 static void run_set_txpreamble(struct run_softc *); 431 static void run_set_basicrates(struct run_softc *); 432 static void run_set_leds(struct run_softc *, uint16_t); 433 static void run_set_bssid(struct run_softc *, const uint8_t *); 434 static void run_set_macaddr(struct run_softc *, const uint8_t *); 435 static void run_updateslot(struct ifnet *); 436 static void run_updateslot_cb(void *); 437 static void run_update_mcast(struct ifnet *); 438 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 439 static void run_update_promisc_locked(struct ifnet *); 440 static void run_update_promisc(struct ifnet *); 441 static void run_rt5390_bbp_init(struct run_softc *); 442 static int run_bbp_init(struct run_softc *); 443 static int run_rt3070_rf_init(struct run_softc *); 444 static void run_rt3593_rf_init(struct run_softc *); 445 static void run_rt5390_rf_init(struct run_softc *); 446 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 447 uint8_t *); 448 static void run_rt3070_rf_setup(struct run_softc *); 449 static void run_rt3593_rf_setup(struct run_softc *); 450 static void run_rt5390_rf_setup(struct run_softc *); 451 static int run_txrx_enable(struct run_softc *); 452 static void run_adjust_freq_offset(struct run_softc *); 453 static void run_init(void *); 454 static void run_init_locked(struct run_softc *); 455 static void run_stop(void *); 456 static void run_delay(struct run_softc *, u_int); 457 458 static eventhandler_tag run_etag; 459 460 static const struct rt2860_rate { 461 uint8_t rate; 462 uint8_t mcs; 463 enum ieee80211_phytype phy; 464 uint8_t ctl_ridx; 465 uint16_t sp_ack_dur; 466 uint16_t lp_ack_dur; 467 } rt2860_rates[] = { 468 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 469 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 470 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 471 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 472 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 473 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 474 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 475 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 476 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 477 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 478 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 479 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 480 }; 481 482 static const struct { 483 uint16_t reg; 484 uint32_t val; 485 } rt2870_def_mac[] = { 486 RT2870_DEF_MAC 487 }; 488 489 static const struct { 490 uint8_t reg; 491 uint8_t val; 492 } rt2860_def_bbp[] = { 493 RT2860_DEF_BBP 494 },rt5390_def_bbp[] = { 495 RT5390_DEF_BBP 496 },rt5592_def_bbp[] = { 497 RT5592_DEF_BBP 498 }; 499 500 /* 501 * Default values for BBP register R196 for RT5592. 502 */ 503 static const uint8_t rt5592_bbp_r196[] = { 504 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 505 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 506 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 507 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 508 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 509 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 510 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 511 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 512 0x2e, 0x36, 0x30, 0x6e 513 }; 514 515 static const struct rfprog { 516 uint8_t chan; 517 uint32_t r1, r2, r3, r4; 518 } rt2860_rf2850[] = { 519 RT2860_RF2850 520 }; 521 522 struct { 523 uint8_t n, r, k; 524 } rt3070_freqs[] = { 525 RT3070_RF3052 526 }; 527 528 static const struct rt5592_freqs { 529 uint16_t n; 530 uint8_t k, m, r; 531 } rt5592_freqs_20mhz[] = { 532 RT5592_RF5592_20MHZ 533 },rt5592_freqs_40mhz[] = { 534 RT5592_RF5592_40MHZ 535 }; 536 537 static const struct { 538 uint8_t reg; 539 uint8_t val; 540 } rt3070_def_rf[] = { 541 RT3070_DEF_RF 542 },rt3572_def_rf[] = { 543 RT3572_DEF_RF 544 },rt3593_def_rf[] = { 545 RT3593_DEF_RF 546 },rt5390_def_rf[] = { 547 RT5390_DEF_RF 548 },rt5392_def_rf[] = { 549 RT5392_DEF_RF 550 },rt5592_def_rf[] = { 551 RT5592_DEF_RF 552 },rt5592_2ghz_def_rf[] = { 553 RT5592_2GHZ_DEF_RF 554 },rt5592_5ghz_def_rf[] = { 555 RT5592_5GHZ_DEF_RF 556 }; 557 558 static const struct { 559 u_int firstchan; 560 u_int lastchan; 561 uint8_t reg; 562 uint8_t val; 563 } rt5592_chan_5ghz[] = { 564 RT5592_CHAN_5GHZ 565 }; 566 567 static const struct usb_config run_config[RUN_N_XFER] = { 568 [RUN_BULK_TX_BE] = { 569 .type = UE_BULK, 570 .endpoint = UE_ADDR_ANY, 571 .ep_index = 0, 572 .direction = UE_DIR_OUT, 573 .bufsize = RUN_MAX_TXSZ, 574 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 575 .callback = run_bulk_tx_callback0, 576 .timeout = 5000, /* ms */ 577 }, 578 [RUN_BULK_TX_BK] = { 579 .type = UE_BULK, 580 .endpoint = UE_ADDR_ANY, 581 .direction = UE_DIR_OUT, 582 .ep_index = 1, 583 .bufsize = RUN_MAX_TXSZ, 584 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 585 .callback = run_bulk_tx_callback1, 586 .timeout = 5000, /* ms */ 587 }, 588 [RUN_BULK_TX_VI] = { 589 .type = UE_BULK, 590 .endpoint = UE_ADDR_ANY, 591 .direction = UE_DIR_OUT, 592 .ep_index = 2, 593 .bufsize = RUN_MAX_TXSZ, 594 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 595 .callback = run_bulk_tx_callback2, 596 .timeout = 5000, /* ms */ 597 }, 598 [RUN_BULK_TX_VO] = { 599 .type = UE_BULK, 600 .endpoint = UE_ADDR_ANY, 601 .direction = UE_DIR_OUT, 602 .ep_index = 3, 603 .bufsize = RUN_MAX_TXSZ, 604 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 605 .callback = run_bulk_tx_callback3, 606 .timeout = 5000, /* ms */ 607 }, 608 [RUN_BULK_TX_HCCA] = { 609 .type = UE_BULK, 610 .endpoint = UE_ADDR_ANY, 611 .direction = UE_DIR_OUT, 612 .ep_index = 4, 613 .bufsize = RUN_MAX_TXSZ, 614 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 615 .callback = run_bulk_tx_callback4, 616 .timeout = 5000, /* ms */ 617 }, 618 [RUN_BULK_TX_PRIO] = { 619 .type = UE_BULK, 620 .endpoint = UE_ADDR_ANY, 621 .direction = UE_DIR_OUT, 622 .ep_index = 5, 623 .bufsize = RUN_MAX_TXSZ, 624 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 625 .callback = run_bulk_tx_callback5, 626 .timeout = 5000, /* ms */ 627 }, 628 [RUN_BULK_RX] = { 629 .type = UE_BULK, 630 .endpoint = UE_ADDR_ANY, 631 .direction = UE_DIR_IN, 632 .bufsize = RUN_MAX_RXSZ, 633 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 634 .callback = run_bulk_rx_callback, 635 } 636 }; 637 638 static void 639 run_autoinst(void *arg, struct usb_device *udev, 640 struct usb_attach_arg *uaa) 641 { 642 struct usb_interface *iface; 643 struct usb_interface_descriptor *id; 644 645 if (uaa->dev_state != UAA_DEV_READY) 646 return; 647 648 iface = usbd_get_iface(udev, 0); 649 if (iface == NULL) 650 return; 651 id = iface->idesc; 652 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 653 return; 654 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 655 return; 656 657 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 658 uaa->dev_state = UAA_DEV_EJECTING; 659 } 660 661 static int 662 run_driver_loaded(struct module *mod, int what, void *arg) 663 { 664 switch (what) { 665 case MOD_LOAD: 666 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 667 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 668 break; 669 case MOD_UNLOAD: 670 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 671 break; 672 default: 673 return (EOPNOTSUPP); 674 } 675 return (0); 676 } 677 678 static int 679 run_match(device_t self) 680 { 681 struct usb_attach_arg *uaa = device_get_ivars(self); 682 683 if (uaa->usb_mode != USB_MODE_HOST) 684 return (ENXIO); 685 if (uaa->info.bConfigIndex != 0) 686 return (ENXIO); 687 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 688 return (ENXIO); 689 690 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 691 } 692 693 static int 694 run_attach(device_t self) 695 { 696 struct run_softc *sc = device_get_softc(self); 697 struct usb_attach_arg *uaa = device_get_ivars(self); 698 struct ieee80211com *ic; 699 struct ifnet *ifp; 700 uint32_t ver; 701 int ntries, error; 702 uint8_t iface_index, bands; 703 char ethstr[ETHER_ADDRSTRLEN + 1]; 704 705 wlan_serialize_enter(); 706 707 device_set_usb_desc(self); 708 sc->sc_udev = uaa->device; 709 sc->sc_dev = self; 710 if (USB_GET_DRIVER_INFO(uaa) != RUN_EJECT) 711 sc->sc_flags |= RUN_FLAG_FWLOAD_NEEDED; 712 713 lockinit(&sc->sc_lock, device_get_nameunit(sc->sc_dev), 714 0, LK_CANRECURSE); 715 716 iface_index = RT2860_IFACE_INDEX; 717 718 error = usbd_transfer_setup(uaa->device, &iface_index, 719 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_lock); 720 if (error) { 721 device_printf(self, "could not allocate USB transfers, " 722 "err=%s\n", usbd_errstr(error)); 723 goto detach; 724 } 725 726 RUN_LOCK(sc); 727 728 /* wait for the chip to settle */ 729 for (ntries = 0; ntries < 100; ntries++) { 730 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 731 RUN_UNLOCK(sc); 732 goto detach; 733 } 734 if (ver != 0 && ver != 0xffffffff) 735 break; 736 run_delay(sc, 10); 737 } 738 if (ntries == 100) { 739 device_printf(sc->sc_dev, 740 "timeout waiting for NIC to initialize\n"); 741 RUN_UNLOCK(sc); 742 goto detach; 743 } 744 sc->mac_ver = ver >> 16; 745 sc->mac_rev = ver & 0xffff; 746 747 /* retrieve RF rev. no and various other things from EEPROM */ 748 run_read_eeprom(sc); 749 750 device_printf(sc->sc_dev, 751 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 752 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 753 sc->ntxchains, sc->nrxchains, kether_ntoa(sc->sc_bssid, ethstr)); 754 755 RUN_UNLOCK(sc); 756 757 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 758 if (ifp == NULL) { 759 device_printf(sc->sc_dev, "can not if_alloc()\n"); 760 goto detach; 761 } 762 ic = ifp->if_l2com; 763 764 ifp->if_softc = sc; 765 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 766 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 767 ifp->if_init = run_init; 768 ifp->if_ioctl = run_ioctl; 769 ifp->if_start = run_start; 770 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen); 771 #if 0 /* XXX swildner: see c3d4131842e47b168d93a0650d58d425ebeef789 */ 772 ifq_set_ready(&ifp->if_snd); 773 #endif 774 775 ic->ic_ifp = ifp; 776 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 777 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 778 779 /* set device capabilities */ 780 ic->ic_caps = 781 IEEE80211_C_STA | /* station mode supported */ 782 IEEE80211_C_MONITOR | /* monitor mode supported */ 783 IEEE80211_C_IBSS | 784 IEEE80211_C_HOSTAP | 785 IEEE80211_C_WDS | /* 4-address traffic works */ 786 IEEE80211_C_MBSS | 787 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 788 IEEE80211_C_SHSLOT | /* short slot time supported */ 789 IEEE80211_C_WME | /* WME */ 790 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 791 792 ic->ic_cryptocaps = 793 IEEE80211_CRYPTO_WEP | 794 IEEE80211_CRYPTO_AES_CCM | 795 IEEE80211_CRYPTO_TKIPMIC | 796 IEEE80211_CRYPTO_TKIP; 797 798 ic->ic_flags |= IEEE80211_F_DATAPAD; 799 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 800 801 bands = 0; 802 setbit(&bands, IEEE80211_MODE_11B); 803 setbit(&bands, IEEE80211_MODE_11G); 804 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 805 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 806 sc->rf_rev == RT5592_RF_5592) 807 setbit(&bands, IEEE80211_MODE_11A); 808 ieee80211_init_channels(ic, NULL, &bands); 809 810 ieee80211_ifattach(ic, sc->sc_bssid); 811 812 ic->ic_scan_start = run_scan_start; 813 ic->ic_scan_end = run_scan_end; 814 ic->ic_set_channel = run_set_channel; 815 ic->ic_node_alloc = run_node_alloc; 816 ic->ic_newassoc = run_newassoc; 817 ic->ic_updateslot = run_updateslot; 818 ic->ic_update_mcast = run_update_mcast; 819 ic->ic_wme.wme_update = run_wme_update; 820 ic->ic_raw_xmit = run_raw_xmit; 821 ic->ic_update_promisc = run_update_promisc; 822 823 ic->ic_vap_create = run_vap_create; 824 ic->ic_vap_delete = run_vap_delete; 825 826 ieee80211_radiotap_attach(ic, 827 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 828 RUN_TX_RADIOTAP_PRESENT, 829 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 830 RUN_RX_RADIOTAP_PRESENT); 831 832 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 833 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 834 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_lock, 1); 835 836 if (bootverbose) 837 ieee80211_announce(ic); 838 839 wlan_serialize_exit(); 840 return (0); 841 842 detach: 843 wlan_serialize_exit(); 844 run_detach(self); 845 return (ENXIO); 846 } 847 848 static int 849 run_detach(device_t self) 850 { 851 struct run_softc *sc = device_get_softc(self); 852 struct ifnet *ifp = sc->sc_ifp; 853 struct ieee80211com *ic; 854 int i; 855 856 wlan_serialize_enter(); 857 sc->sc_detached = 1; 858 859 /* stop all USB transfers */ 860 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 861 862 RUN_LOCK(sc); 863 864 sc->ratectl_run = RUN_RATECTL_OFF; 865 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 866 867 /* free TX list, if any */ 868 for (i = 0; i != RUN_EP_QUEUES; i++) 869 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 870 RUN_UNLOCK(sc); 871 872 if (ifp) { 873 ic = ifp->if_l2com; 874 /* drain tasks */ 875 usb_callout_drain(&sc->ratectl_ch); 876 ieee80211_draintask(ic, &sc->cmdq_task); 877 ieee80211_draintask(ic, &sc->ratectl_task); 878 ieee80211_ifdetach(ic); 879 if_free(ifp); 880 } 881 882 lockuninit(&sc->sc_lock); 883 884 wlan_serialize_exit(); 885 return (0); 886 } 887 888 static struct ieee80211vap * 889 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 890 enum ieee80211_opmode opmode, int flags, 891 const uint8_t bssid[IEEE80211_ADDR_LEN], 892 const uint8_t mac[IEEE80211_ADDR_LEN]) 893 { 894 struct ifnet *ifp = ic->ic_ifp; 895 struct run_softc *sc = ifp->if_softc; 896 struct run_vap *rvp; 897 struct ieee80211vap *vap; 898 int i; 899 900 if (sc->rvp_cnt >= RUN_VAP_MAX) { 901 if_printf(ifp, "number of VAPs maxed out\n"); 902 return (NULL); 903 } 904 905 switch (opmode) { 906 case IEEE80211_M_STA: 907 /* enable s/w bmiss handling for sta mode */ 908 flags |= IEEE80211_CLONE_NOBEACONS; 909 /* fall though */ 910 case IEEE80211_M_IBSS: 911 case IEEE80211_M_MONITOR: 912 case IEEE80211_M_HOSTAP: 913 case IEEE80211_M_MBSS: 914 /* other than WDS vaps, only one at a time */ 915 if (!TAILQ_EMPTY(&ic->ic_vaps)) 916 return (NULL); 917 break; 918 case IEEE80211_M_WDS: 919 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 920 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 921 continue; 922 /* WDS vap's always share the local mac address. */ 923 flags &= ~IEEE80211_CLONE_BSSID; 924 break; 925 } 926 if (vap == NULL) { 927 if_printf(ifp, "wds only supported in ap mode\n"); 928 return (NULL); 929 } 930 break; 931 default: 932 if_printf(ifp, "unknown opmode %d\n", opmode); 933 return (NULL); 934 } 935 936 rvp = (struct run_vap *) kmalloc(sizeof(struct run_vap), 937 M_80211_VAP, M_INTWAIT | M_ZERO); 938 vap = &rvp->vap; 939 940 if (ieee80211_vap_setup(ic, vap, name, unit, 941 opmode, flags, bssid, mac) != 0) { 942 /* out of memory */ 943 kfree(rvp, M_80211_VAP); 944 return (NULL); 945 } 946 947 vap->iv_key_update_begin = run_key_update_begin; 948 vap->iv_key_update_end = run_key_update_end; 949 vap->iv_update_beacon = run_update_beacon; 950 vap->iv_max_aid = RT2870_WCID_MAX; 951 /* 952 * To delete the right key from h/w, we need wcid. 953 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 954 * and matching wcid will be written into there. So, cast 955 * some spells to remove 'const' from ieee80211_key{} 956 */ 957 vap->iv_key_delete = (void *)run_key_delete; 958 vap->iv_key_set = (void *)run_key_set; 959 960 /* override state transition machine */ 961 rvp->newstate = vap->iv_newstate; 962 vap->iv_newstate = run_newstate; 963 964 ieee80211_ratectl_init(vap); 965 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 966 967 /* complete setup */ 968 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 969 970 /* make sure id is always unique */ 971 for (i = 0; i < RUN_VAP_MAX; i++) { 972 if((sc->rvp_bmap & 1 << i) == 0){ 973 sc->rvp_bmap |= 1 << i; 974 rvp->rvp_id = i; 975 break; 976 } 977 } 978 if (sc->rvp_cnt++ == 0) 979 ic->ic_opmode = opmode; 980 981 if (opmode == IEEE80211_M_HOSTAP) 982 sc->cmdq_run = RUN_CMDQ_GO; 983 984 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 985 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 986 987 return (vap); 988 } 989 990 static void 991 run_vap_delete(struct ieee80211vap *vap) 992 { 993 struct run_vap *rvp = RUN_VAP(vap); 994 struct ifnet *ifp; 995 struct ieee80211com *ic; 996 struct run_softc *sc; 997 uint8_t rvp_id; 998 999 if (vap == NULL) 1000 return; 1001 1002 ic = vap->iv_ic; 1003 ifp = ic->ic_ifp; 1004 1005 sc = ifp->if_softc; 1006 1007 RUN_LOCK(sc); 1008 1009 m_freem(rvp->beacon_mbuf); 1010 rvp->beacon_mbuf = NULL; 1011 1012 rvp_id = rvp->rvp_id; 1013 sc->ratectl_run &= ~(1 << rvp_id); 1014 sc->rvp_bmap &= ~(1 << rvp_id); 1015 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1016 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1017 --sc->rvp_cnt; 1018 1019 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1020 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1021 1022 RUN_UNLOCK(sc); 1023 1024 ieee80211_ratectl_deinit(vap); 1025 ieee80211_vap_detach(vap); 1026 kfree(rvp, M_80211_VAP); 1027 } 1028 1029 /* 1030 * There are numbers of functions need to be called in context thread. 1031 * Rather than creating taskqueue event for each of those functions, 1032 * here is all-for-one taskqueue callback function. This function 1033 * gurantees deferred functions are executed in the same order they 1034 * were enqueued. 1035 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1036 */ 1037 static void 1038 run_cmdq_cb(void *arg, int pending) 1039 { 1040 struct run_softc *sc = arg; 1041 uint8_t i; 1042 1043 /* call cmdq[].func locked */ 1044 RUN_LOCK(sc); 1045 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1046 i = sc->cmdq_exec, pending--) { 1047 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1048 if (sc->cmdq_run == RUN_CMDQ_GO) { 1049 /* 1050 * If arg0 is NULL, callback func needs more 1051 * than one arg. So, pass ptr to cmdq struct. 1052 */ 1053 if (sc->cmdq[i].arg0) 1054 sc->cmdq[i].func(sc->cmdq[i].arg0); 1055 else 1056 sc->cmdq[i].func(&sc->cmdq[i]); 1057 } 1058 sc->cmdq[i].arg0 = NULL; 1059 sc->cmdq[i].func = NULL; 1060 sc->cmdq_exec++; 1061 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1062 } 1063 RUN_UNLOCK(sc); 1064 } 1065 1066 static void 1067 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1068 { 1069 struct run_tx_data *data; 1070 1071 memset(pq, 0, sizeof(*pq)); 1072 1073 STAILQ_INIT(&pq->tx_qh); 1074 STAILQ_INIT(&pq->tx_fh); 1075 1076 for (data = &pq->tx_data[0]; 1077 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1078 data->sc = sc; 1079 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1080 } 1081 pq->tx_nfree = RUN_TX_RING_COUNT; 1082 } 1083 1084 static void 1085 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1086 { 1087 struct run_tx_data *data; 1088 1089 /* make sure any subsequent use of the queues will fail */ 1090 pq->tx_nfree = 0; 1091 STAILQ_INIT(&pq->tx_fh); 1092 STAILQ_INIT(&pq->tx_qh); 1093 1094 /* free up all node references and mbufs */ 1095 for (data = &pq->tx_data[0]; 1096 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1097 if (data->m != NULL) { 1098 m_freem(data->m); 1099 data->m = NULL; 1100 } 1101 if (data->ni != NULL) { 1102 ieee80211_free_node(data->ni); 1103 data->ni = NULL; 1104 } 1105 } 1106 } 1107 1108 static int 1109 run_load_microcode(struct run_softc *sc) 1110 { 1111 usb_device_request_t req; 1112 const struct firmware *fw; 1113 const u_char *base; 1114 uint32_t tmp; 1115 int ntries, error; 1116 const uint64_t *temp; 1117 uint64_t bytes; 1118 1119 wlan_assert_serialized(); 1120 1121 wlan_serialize_exit(); 1122 fw = firmware_get("runfw"); 1123 wlan_serialize_enter(); 1124 if (fw == NULL) { 1125 device_printf(sc->sc_dev, 1126 "failed loadfirmware of file %s\n", "runfw"); 1127 return ENOENT; 1128 } 1129 1130 if (fw->datasize != 8192) { 1131 device_printf(sc->sc_dev, 1132 "invalid firmware size (should be 8KB)\n"); 1133 error = EINVAL; 1134 goto fail; 1135 } 1136 1137 /* 1138 * RT3071/RT3072 use a different firmware 1139 * run-rt2870 (8KB) contains both, 1140 * first half (4KB) is for rt2870, 1141 * last half is for rt3071. 1142 */ 1143 base = fw->data; 1144 if ((sc->mac_ver) != 0x2860 && 1145 (sc->mac_ver) != 0x2872 && 1146 (sc->mac_ver) != 0x3070) { 1147 base += 4096; 1148 } 1149 1150 /* cheap sanity check */ 1151 temp = fw->data; 1152 bytes = *temp; 1153 if (bytes != be64toh(0xffffff0210280210ULL)) { 1154 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1155 error = EINVAL; 1156 goto fail; 1157 } 1158 1159 /* write microcode image */ 1160 if (sc->sc_flags & RUN_FLAG_FWLOAD_NEEDED) { 1161 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1162 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1163 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1164 } 1165 1166 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1167 req.bRequest = RT2870_RESET; 1168 USETW(req.wValue, 8); 1169 USETW(req.wIndex, 0); 1170 USETW(req.wLength, 0); 1171 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_lock, &req, NULL)) 1172 != 0) { 1173 device_printf(sc->sc_dev, "firmware reset failed\n"); 1174 goto fail; 1175 } 1176 1177 run_delay(sc, 10); 1178 1179 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1180 run_write(sc, RT2860_H2M_MAILBOX, 0); 1181 run_write(sc, RT2860_H2M_INTSRC, 0); 1182 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1183 goto fail; 1184 1185 /* wait until microcontroller is ready */ 1186 for (ntries = 0; ntries < 1000; ntries++) { 1187 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1188 goto fail; 1189 if (tmp & RT2860_MCU_READY) 1190 break; 1191 run_delay(sc, 10); 1192 } 1193 if (ntries == 1000) { 1194 device_printf(sc->sc_dev, 1195 "timeout waiting for MCU to initialize\n"); 1196 error = ETIMEDOUT; 1197 goto fail; 1198 } 1199 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1200 (base == fw->data) ? "RT2870" : "RT3071", 1201 *(base + 4092), *(base + 4093)); 1202 1203 fail: 1204 firmware_put(fw, FIRMWARE_UNLOAD); 1205 return (error); 1206 } 1207 1208 static int 1209 run_reset(struct run_softc *sc) 1210 { 1211 usb_device_request_t req; 1212 usb_error_t error; 1213 1214 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1215 req.bRequest = RT2870_RESET; 1216 USETW(req.wValue, 1); 1217 USETW(req.wIndex, 0); 1218 USETW(req.wLength, 0); 1219 error = usbd_do_request(sc->sc_udev, &sc->sc_lock, &req, NULL); 1220 return (error); 1221 } 1222 1223 static usb_error_t 1224 run_do_request(struct run_softc *sc, 1225 struct usb_device_request *req, void *data) 1226 { 1227 usb_error_t err; 1228 int ntries = 10; 1229 1230 RUN_LOCK_ASSERT(sc, MA_OWNED); 1231 1232 while (ntries--) { 1233 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_lock, 1234 req, data, 0, NULL, 250 /* ms */); 1235 if (err == 0) 1236 break; 1237 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1238 usbd_errstr(err)); 1239 run_delay(sc, 10); 1240 } 1241 return (err); 1242 } 1243 1244 static int 1245 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1246 { 1247 uint32_t tmp; 1248 int error; 1249 1250 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1251 if (error == 0) 1252 *val = le32toh(tmp); 1253 else 1254 *val = 0xffffffff; 1255 return (error); 1256 } 1257 1258 static int 1259 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1260 { 1261 usb_device_request_t req; 1262 1263 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1264 req.bRequest = RT2870_READ_REGION_1; 1265 USETW(req.wValue, 0); 1266 USETW(req.wIndex, reg); 1267 USETW(req.wLength, len); 1268 1269 return (run_do_request(sc, &req, buf)); 1270 } 1271 1272 static int 1273 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1274 { 1275 usb_device_request_t req; 1276 1277 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1278 req.bRequest = RT2870_WRITE_2; 1279 USETW(req.wValue, val); 1280 USETW(req.wIndex, reg); 1281 USETW(req.wLength, 0); 1282 1283 return (run_do_request(sc, &req, NULL)); 1284 } 1285 1286 static int 1287 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1288 { 1289 int error; 1290 1291 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1292 error = run_write_2(sc, reg + 2, val >> 16); 1293 return (error); 1294 } 1295 1296 static int 1297 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1298 int len) 1299 { 1300 #if 1 1301 int i, error = 0; 1302 /* 1303 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1304 * We thus issue multiple WRITE_2 commands instead. 1305 */ 1306 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1307 for (i = 0; i < len && error == 0; i += 2) 1308 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1309 return (error); 1310 #else 1311 usb_device_request_t req; 1312 int error = 0; 1313 1314 /* 1315 * NOTE: It appears the WRITE_REGION_1 command cannot be 1316 * passed a huge amount of data, which will crash the 1317 * firmware. Limit amount of data passed to 64-bytes at a 1318 * time. 1319 */ 1320 while (len > 0) { 1321 int delta = 64; 1322 if (delta > len) 1323 delta = len; 1324 1325 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1326 req.bRequest = RT2870_WRITE_REGION_1; 1327 USETW(req.wValue, 0); 1328 USETW(req.wIndex, reg); 1329 USETW(req.wLength, delta); 1330 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1331 if (error != 0) 1332 break; 1333 reg += delta; 1334 buf += delta; 1335 len -= delta; 1336 } 1337 return (error); 1338 #endif 1339 } 1340 1341 static int 1342 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1343 { 1344 int i, error = 0; 1345 1346 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1347 for (i = 0; i < len && error == 0; i += 4) 1348 error = run_write(sc, reg + i, val); 1349 return (error); 1350 } 1351 1352 static int 1353 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1354 { 1355 uint32_t tmp; 1356 uint16_t reg; 1357 int error, ntries; 1358 1359 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1360 return (error); 1361 1362 if (count == 2) 1363 addr *= 2; 1364 /*- 1365 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1366 * DATA0: F E D C 1367 * DATA1: B A 9 8 1368 * DATA2: 7 6 5 4 1369 * DATA3: 3 2 1 0 1370 */ 1371 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1372 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1373 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1374 for (ntries = 0; ntries < 100; ntries++) { 1375 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1376 return (error); 1377 if (!(tmp & RT3070_EFSROM_KICK)) 1378 break; 1379 run_delay(sc, 2); 1380 } 1381 if (ntries == 100) 1382 return (ETIMEDOUT); 1383 1384 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1385 *val = 0xffff; /* address not found */ 1386 return (0); 1387 } 1388 /* determine to which 32-bit register our 16-bit word belongs */ 1389 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1390 if ((error = run_read(sc, reg, &tmp)) != 0) 1391 return (error); 1392 1393 tmp >>= (8 * (addr & 0x3)); 1394 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1395 1396 return (0); 1397 } 1398 1399 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1400 static int 1401 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1402 { 1403 return (run_efuse_read(sc, addr, val, 2)); 1404 } 1405 1406 static int 1407 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1408 { 1409 usb_device_request_t req; 1410 uint16_t tmp; 1411 int error; 1412 1413 addr *= 2; 1414 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1415 req.bRequest = RT2870_EEPROM_READ; 1416 USETW(req.wValue, 0); 1417 USETW(req.wIndex, addr); 1418 USETW(req.wLength, sizeof(tmp)); 1419 1420 error = usbd_do_request(sc->sc_udev, &sc->sc_lock, &req, &tmp); 1421 if (error == 0) 1422 *val = le16toh(tmp); 1423 else 1424 *val = 0xffff; 1425 return (error); 1426 } 1427 1428 static __inline int 1429 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1430 { 1431 /* either eFUSE ROM or EEPROM */ 1432 return sc->sc_srom_read(sc, addr, val); 1433 } 1434 1435 static int 1436 run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1437 { 1438 uint32_t tmp; 1439 int error, ntries; 1440 1441 for (ntries = 0; ntries < 10; ntries++) { 1442 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1443 return (error); 1444 if (!(tmp & RT2860_RF_REG_CTRL)) 1445 break; 1446 } 1447 if (ntries == 10) 1448 return (ETIMEDOUT); 1449 1450 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1451 } 1452 1453 static int 1454 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1455 { 1456 uint32_t tmp; 1457 int error, ntries; 1458 1459 for (ntries = 0; ntries < 100; ntries++) { 1460 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1461 return (error); 1462 if (!(tmp & RT3070_RF_KICK)) 1463 break; 1464 } 1465 if (ntries == 100) 1466 return (ETIMEDOUT); 1467 1468 tmp = RT3070_RF_KICK | reg << 8; 1469 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1470 return (error); 1471 1472 for (ntries = 0; ntries < 100; ntries++) { 1473 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1474 return (error); 1475 if (!(tmp & RT3070_RF_KICK)) 1476 break; 1477 } 1478 if (ntries == 100) 1479 return (ETIMEDOUT); 1480 1481 *val = tmp & 0xff; 1482 return (0); 1483 } 1484 1485 static int 1486 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1487 { 1488 uint32_t tmp; 1489 int error, ntries; 1490 1491 for (ntries = 0; ntries < 10; ntries++) { 1492 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1493 return (error); 1494 if (!(tmp & RT3070_RF_KICK)) 1495 break; 1496 } 1497 if (ntries == 10) 1498 return (ETIMEDOUT); 1499 1500 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1501 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1502 } 1503 1504 static int 1505 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1506 { 1507 uint32_t tmp; 1508 int ntries, error; 1509 1510 for (ntries = 0; ntries < 10; ntries++) { 1511 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1512 return (error); 1513 if (!(tmp & RT2860_BBP_CSR_KICK)) 1514 break; 1515 } 1516 if (ntries == 10) 1517 return (ETIMEDOUT); 1518 1519 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1520 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1521 return (error); 1522 1523 for (ntries = 0; ntries < 10; ntries++) { 1524 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1525 return (error); 1526 if (!(tmp & RT2860_BBP_CSR_KICK)) 1527 break; 1528 } 1529 if (ntries == 10) 1530 return (ETIMEDOUT); 1531 1532 *val = tmp & 0xff; 1533 return (0); 1534 } 1535 1536 static int 1537 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1538 { 1539 uint32_t tmp; 1540 int ntries, error; 1541 1542 for (ntries = 0; ntries < 10; ntries++) { 1543 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1544 return (error); 1545 if (!(tmp & RT2860_BBP_CSR_KICK)) 1546 break; 1547 } 1548 if (ntries == 10) 1549 return (ETIMEDOUT); 1550 1551 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1552 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1553 } 1554 1555 /* 1556 * Send a command to the 8051 microcontroller unit. 1557 */ 1558 static int 1559 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1560 { 1561 uint32_t tmp; 1562 int error, ntries; 1563 1564 for (ntries = 0; ntries < 100; ntries++) { 1565 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1566 return error; 1567 if (!(tmp & RT2860_H2M_BUSY)) 1568 break; 1569 } 1570 if (ntries == 100) 1571 return ETIMEDOUT; 1572 1573 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1574 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1575 error = run_write(sc, RT2860_HOST_CMD, cmd); 1576 return (error); 1577 } 1578 1579 /* 1580 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1581 * Used to adjust per-rate Tx power registers. 1582 */ 1583 static __inline uint32_t 1584 b4inc(uint32_t b32, int8_t delta) 1585 { 1586 int8_t i, b4; 1587 1588 for (i = 0; i < 8; i++) { 1589 b4 = b32 & 0xf; 1590 b4 += delta; 1591 if (b4 < 0) 1592 b4 = 0; 1593 else if (b4 > 0xf) 1594 b4 = 0xf; 1595 b32 = b32 >> 4 | b4 << 28; 1596 } 1597 return (b32); 1598 } 1599 1600 static const char * 1601 run_get_rf(uint16_t rev) 1602 { 1603 switch (rev) { 1604 case RT2860_RF_2820: return "RT2820"; 1605 case RT2860_RF_2850: return "RT2850"; 1606 case RT2860_RF_2720: return "RT2720"; 1607 case RT2860_RF_2750: return "RT2750"; 1608 case RT3070_RF_3020: return "RT3020"; 1609 case RT3070_RF_2020: return "RT2020"; 1610 case RT3070_RF_3021: return "RT3021"; 1611 case RT3070_RF_3022: return "RT3022"; 1612 case RT3070_RF_3052: return "RT3052"; 1613 case RT3593_RF_3053: return "RT3053"; 1614 case RT5592_RF_5592: return "RT5592"; 1615 case RT5390_RF_5370: return "RT5370"; 1616 case RT5390_RF_5372: return "RT5372"; 1617 } 1618 return ("unknown"); 1619 } 1620 1621 static void 1622 run_rt3593_get_txpower(struct run_softc *sc) 1623 { 1624 uint16_t addr, val; 1625 int i; 1626 1627 /* Read power settings for 2GHz channels. */ 1628 for (i = 0; i < 14; i += 2) { 1629 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1630 RT2860_EEPROM_PWR2GHZ_BASE1; 1631 run_srom_read(sc, addr + i / 2, &val); 1632 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1633 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1634 1635 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1636 RT2860_EEPROM_PWR2GHZ_BASE2; 1637 run_srom_read(sc, addr + i / 2, &val); 1638 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1639 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1640 1641 if (sc->ntxchains == 3) { 1642 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1643 &val); 1644 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1645 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1646 } 1647 } 1648 /* Fix broken Tx power entries. */ 1649 for (i = 0; i < 14; i++) { 1650 if (sc->txpow1[i] > 31) 1651 sc->txpow1[i] = 5; 1652 if (sc->txpow2[i] > 31) 1653 sc->txpow2[i] = 5; 1654 if (sc->ntxchains == 3) { 1655 if (sc->txpow3[i] > 31) 1656 sc->txpow3[i] = 5; 1657 } 1658 } 1659 /* Read power settings for 5GHz channels. */ 1660 for (i = 0; i < 40; i += 2) { 1661 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1662 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1663 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1664 1665 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1666 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1667 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1668 1669 if (sc->ntxchains == 3) { 1670 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1671 &val); 1672 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1673 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1674 } 1675 } 1676 } 1677 1678 static void 1679 run_get_txpower(struct run_softc *sc) 1680 { 1681 uint16_t val; 1682 int i; 1683 1684 /* Read power settings for 2GHz channels. */ 1685 for (i = 0; i < 14; i += 2) { 1686 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1687 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1688 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1689 1690 if (sc->mac_ver != 0x5390) { 1691 run_srom_read(sc, 1692 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1693 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1694 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1695 } 1696 } 1697 /* Fix broken Tx power entries. */ 1698 for (i = 0; i < 14; i++) { 1699 if (sc->mac_ver >= 0x5390) { 1700 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1701 sc->txpow1[i] = 5; 1702 } else { 1703 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1704 sc->txpow1[i] = 5; 1705 } 1706 if (sc->mac_ver > 0x5390) { 1707 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1708 sc->txpow2[i] = 5; 1709 } else if (sc->mac_ver < 0x5390) { 1710 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1711 sc->txpow2[i] = 5; 1712 } 1713 DPRINTF("chan %d: power1=%d, power2=%d\n", 1714 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1715 } 1716 /* Read power settings for 5GHz channels. */ 1717 for (i = 0; i < 40; i += 2) { 1718 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1719 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1720 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1721 1722 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1723 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1724 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1725 } 1726 /* Fix broken Tx power entries. */ 1727 for (i = 0; i < 40; i++ ) { 1728 if (sc->mac_ver != 0x5592) { 1729 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1730 sc->txpow1[14 + i] = 5; 1731 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1732 sc->txpow2[14 + i] = 5; 1733 } 1734 DPRINTF("chan %d: power1=%d, power2=%d\n", 1735 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1736 sc->txpow2[14 + i]); 1737 } 1738 } 1739 1740 static int 1741 run_read_eeprom(struct run_softc *sc) 1742 { 1743 int8_t delta_2ghz, delta_5ghz; 1744 uint32_t tmp; 1745 uint16_t val; 1746 int ridx, ant, i; 1747 1748 /* check whether the ROM is eFUSE ROM or EEPROM */ 1749 sc->sc_srom_read = run_eeprom_read_2; 1750 if (sc->mac_ver >= 0x3070) { 1751 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1752 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1753 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593) 1754 sc->sc_srom_read = run_efuse_read_2; 1755 } 1756 1757 /* read ROM version */ 1758 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1759 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1760 1761 /* read MAC address */ 1762 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1763 sc->sc_bssid[0] = val & 0xff; 1764 sc->sc_bssid[1] = val >> 8; 1765 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1766 sc->sc_bssid[2] = val & 0xff; 1767 sc->sc_bssid[3] = val >> 8; 1768 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1769 sc->sc_bssid[4] = val & 0xff; 1770 sc->sc_bssid[5] = val >> 8; 1771 1772 if (sc->mac_ver < 0x3593) { 1773 /* read vender BBP settings */ 1774 for (i = 0; i < 10; i++) { 1775 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1776 sc->bbp[i].val = val & 0xff; 1777 sc->bbp[i].reg = val >> 8; 1778 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1779 sc->bbp[i].val); 1780 } 1781 if (sc->mac_ver >= 0x3071) { 1782 /* read vendor RF settings */ 1783 for (i = 0; i < 10; i++) { 1784 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1785 &val); 1786 sc->rf[i].val = val & 0xff; 1787 sc->rf[i].reg = val >> 8; 1788 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1789 sc->rf[i].val); 1790 } 1791 } 1792 } 1793 1794 /* read RF frequency offset from EEPROM */ 1795 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1796 RT3593_EEPROM_FREQ, &val); 1797 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1798 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1799 1800 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1801 RT3593_EEPROM_FREQ_LEDS, &val); 1802 if (val >> 8 != 0xff) { 1803 /* read LEDs operating mode */ 1804 sc->leds = val >> 8; 1805 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1806 RT3593_EEPROM_LED1, &sc->led[0]); 1807 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1808 RT3593_EEPROM_LED2, &sc->led[1]); 1809 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1810 RT3593_EEPROM_LED3, &sc->led[2]); 1811 } else { 1812 /* broken EEPROM, use default settings */ 1813 sc->leds = 0x01; 1814 sc->led[0] = 0x5555; 1815 sc->led[1] = 0x2221; 1816 sc->led[2] = 0x5627; /* differs from RT2860 */ 1817 } 1818 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1819 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1820 1821 /* read RF information */ 1822 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1823 run_srom_read(sc, 0x00, &val); 1824 else 1825 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1826 1827 if (val == 0xffff) { 1828 device_printf(sc->sc_dev, 1829 "invalid EEPROM antenna info, using default\n"); 1830 DPRINTF("invalid EEPROM antenna info, using default\n"); 1831 if (sc->mac_ver == 0x3572) { 1832 /* default to RF3052 2T2R */ 1833 sc->rf_rev = RT3070_RF_3052; 1834 sc->ntxchains = 2; 1835 sc->nrxchains = 2; 1836 } else if (sc->mac_ver >= 0x3070) { 1837 /* default to RF3020 1T1R */ 1838 sc->rf_rev = RT3070_RF_3020; 1839 sc->ntxchains = 1; 1840 sc->nrxchains = 1; 1841 } else { 1842 /* default to RF2820 1T2R */ 1843 sc->rf_rev = RT2860_RF_2820; 1844 sc->ntxchains = 1; 1845 sc->nrxchains = 2; 1846 } 1847 } else { 1848 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1849 sc->rf_rev = val; 1850 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1851 } else 1852 sc->rf_rev = (val >> 8) & 0xf; 1853 sc->ntxchains = (val >> 4) & 0xf; 1854 sc->nrxchains = val & 0xf; 1855 } 1856 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1857 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1858 1859 /* check if RF supports automatic Tx access gain control */ 1860 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1861 DPRINTF("EEPROM CFG 0x%04x\n", val); 1862 /* check if driver should patch the DAC issue */ 1863 if ((val >> 8) != 0xff) 1864 sc->patch_dac = (val >> 15) & 1; 1865 if ((val & 0xff) != 0xff) { 1866 sc->ext_5ghz_lna = (val >> 3) & 1; 1867 sc->ext_2ghz_lna = (val >> 2) & 1; 1868 /* check if RF supports automatic Tx access gain control */ 1869 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1870 /* check if we have a hardware radio switch */ 1871 sc->rfswitch = val & 1; 1872 } 1873 1874 /* Read Tx power settings. */ 1875 if (sc->mac_ver == 0x3593) 1876 run_rt3593_get_txpower(sc); 1877 else 1878 run_get_txpower(sc); 1879 1880 /* read Tx power compensation for each Tx rate */ 1881 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1882 delta_2ghz = delta_5ghz = 0; 1883 if ((val & 0xff) != 0xff && (val & 0x80)) { 1884 delta_2ghz = val & 0xf; 1885 if (!(val & 0x40)) /* negative number */ 1886 delta_2ghz = -delta_2ghz; 1887 } 1888 val >>= 8; 1889 if ((val & 0xff) != 0xff && (val & 0x80)) { 1890 delta_5ghz = val & 0xf; 1891 if (!(val & 0x40)) /* negative number */ 1892 delta_5ghz = -delta_5ghz; 1893 } 1894 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1895 delta_2ghz, delta_5ghz); 1896 1897 for (ridx = 0; ridx < 5; ridx++) { 1898 uint32_t reg; 1899 1900 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1901 reg = val; 1902 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1903 reg |= (uint32_t)val << 16; 1904 1905 sc->txpow20mhz[ridx] = reg; 1906 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1907 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1908 1909 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1910 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1911 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1912 } 1913 1914 /* Read RSSI offsets and LNA gains from EEPROM. */ 1915 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1916 RT3593_EEPROM_RSSI1_2GHZ, &val); 1917 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1918 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1919 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1920 RT3593_EEPROM_RSSI2_2GHZ, &val); 1921 if (sc->mac_ver >= 0x3070) { 1922 if (sc->mac_ver == 0x3593) { 1923 sc->txmixgain_2ghz = 0; 1924 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1925 } else { 1926 /* 1927 * On RT3070 chips (limited to 2 Rx chains), this ROM 1928 * field contains the Tx mixer gain for the 2GHz band. 1929 */ 1930 if ((val & 0xff) != 0xff) 1931 sc->txmixgain_2ghz = val & 0x7; 1932 } 1933 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1934 } else 1935 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1936 if (sc->mac_ver == 0x3593) 1937 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1938 sc->lna[2] = val >> 8; /* channel group 2 */ 1939 1940 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1941 RT3593_EEPROM_RSSI1_5GHZ, &val); 1942 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1943 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1944 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1945 RT3593_EEPROM_RSSI2_5GHZ, &val); 1946 if (sc->mac_ver == 0x3572) { 1947 /* 1948 * On RT3572 chips (limited to 2 Rx chains), this ROM 1949 * field contains the Tx mixer gain for the 5GHz band. 1950 */ 1951 if ((val & 0xff) != 0xff) 1952 sc->txmixgain_5ghz = val & 0x7; 1953 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1954 } else 1955 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1956 if (sc->mac_ver == 0x3593) { 1957 sc->txmixgain_5ghz = 0; 1958 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1959 } 1960 sc->lna[3] = val >> 8; /* channel group 3 */ 1961 1962 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1963 RT3593_EEPROM_LNA, &val); 1964 sc->lna[0] = val & 0xff; /* channel group 0 */ 1965 sc->lna[1] = val >> 8; /* channel group 1 */ 1966 1967 /* fix broken 5GHz LNA entries */ 1968 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1969 DPRINTF("invalid LNA for channel group %d\n", 2); 1970 sc->lna[2] = sc->lna[1]; 1971 } 1972 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1973 DPRINTF("invalid LNA for channel group %d\n", 3); 1974 sc->lna[3] = sc->lna[1]; 1975 } 1976 1977 /* fix broken RSSI offset entries */ 1978 for (ant = 0; ant < 3; ant++) { 1979 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1980 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1981 ant + 1, sc->rssi_2ghz[ant]); 1982 sc->rssi_2ghz[ant] = 0; 1983 } 1984 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1985 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1986 ant + 1, sc->rssi_5ghz[ant]); 1987 sc->rssi_5ghz[ant] = 0; 1988 } 1989 } 1990 return (0); 1991 } 1992 1993 static struct ieee80211_node * 1994 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1995 { 1996 return kmalloc(sizeof (struct run_node), M_DEVBUF, M_WAITOK | M_ZERO); 1997 } 1998 1999 static int 2000 run_media_change(struct ifnet *ifp) 2001 { 2002 struct ieee80211vap *vap = ifp->if_softc; 2003 struct ieee80211com *ic = vap->iv_ic; 2004 const struct ieee80211_txparam *tp; 2005 struct run_softc *sc = ic->ic_ifp->if_softc; 2006 uint8_t rate, ridx; 2007 int error; 2008 2009 RUN_LOCK(sc); 2010 2011 error = ieee80211_media_change(ifp); 2012 if (error != ENETRESET) { 2013 RUN_UNLOCK(sc); 2014 return (error); 2015 } 2016 2017 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2018 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2019 struct ieee80211_node *ni; 2020 struct run_node *rn; 2021 2022 rate = ic->ic_sup_rates[ic->ic_curmode]. 2023 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2024 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2025 if (rt2860_rates[ridx].rate == rate) 2026 break; 2027 ni = ieee80211_ref_node(vap->iv_bss); 2028 rn = (struct run_node *)ni; 2029 rn->fix_ridx = ridx; 2030 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2031 ieee80211_free_node(ni); 2032 } 2033 2034 #if 0 2035 if ((ifp->if_flags & IFF_UP) && 2036 (ifp->if_flags & IFF_RUNNING)){ 2037 run_init_locked(sc); 2038 } 2039 #endif 2040 2041 RUN_UNLOCK(sc); 2042 2043 return (0); 2044 } 2045 2046 static int 2047 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2048 { 2049 const struct ieee80211_txparam *tp; 2050 struct ieee80211com *ic = vap->iv_ic; 2051 struct run_softc *sc = ic->ic_ifp->if_softc; 2052 struct run_vap *rvp = RUN_VAP(vap); 2053 enum ieee80211_state ostate; 2054 uint32_t sta[3]; 2055 uint32_t tmp; 2056 uint8_t ratectl; 2057 uint8_t restart_ratectl = 0; 2058 uint8_t bid = 1 << rvp->rvp_id; 2059 2060 ostate = vap->iv_state; 2061 DPRINTF("%s -> %s\n", 2062 ieee80211_state_name[ostate], 2063 ieee80211_state_name[nstate]); 2064 2065 RUN_LOCK(sc); 2066 2067 ratectl = sc->ratectl_run; /* remember current state */ 2068 sc->ratectl_run = RUN_RATECTL_OFF; 2069 usb_callout_stop(&sc->ratectl_ch); 2070 2071 if (ostate == IEEE80211_S_RUN) { 2072 /* turn link LED off */ 2073 run_set_leds(sc, RT2860_LED_RADIO); 2074 } 2075 2076 switch (nstate) { 2077 case IEEE80211_S_INIT: 2078 restart_ratectl = 1; 2079 2080 if (ostate != IEEE80211_S_RUN) 2081 break; 2082 2083 ratectl &= ~bid; 2084 sc->runbmap &= ~bid; 2085 2086 /* abort TSF synchronization if there is no vap running */ 2087 if (--sc->running == 0) { 2088 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2089 run_write(sc, RT2860_BCN_TIME_CFG, 2090 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2091 RT2860_TBTT_TIMER_EN)); 2092 } 2093 break; 2094 2095 case IEEE80211_S_RUN: 2096 if (!(sc->runbmap & bid)) { 2097 if(sc->running++) 2098 restart_ratectl = 1; 2099 sc->runbmap |= bid; 2100 } 2101 2102 m_freem(rvp->beacon_mbuf); 2103 rvp->beacon_mbuf = NULL; 2104 2105 switch (vap->iv_opmode) { 2106 case IEEE80211_M_HOSTAP: 2107 case IEEE80211_M_MBSS: 2108 sc->ap_running |= bid; 2109 ic->ic_opmode = vap->iv_opmode; 2110 run_update_beacon_cb(vap); 2111 break; 2112 case IEEE80211_M_IBSS: 2113 sc->adhoc_running |= bid; 2114 if (!sc->ap_running) 2115 ic->ic_opmode = vap->iv_opmode; 2116 run_update_beacon_cb(vap); 2117 break; 2118 case IEEE80211_M_STA: 2119 sc->sta_running |= bid; 2120 if (!sc->ap_running && !sc->adhoc_running) 2121 ic->ic_opmode = vap->iv_opmode; 2122 2123 /* read statistic counters (clear on read) */ 2124 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2125 (uint8_t *)sta, sizeof sta); 2126 2127 break; 2128 default: 2129 ic->ic_opmode = vap->iv_opmode; 2130 break; 2131 } 2132 2133 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2134 struct ieee80211_node *ni; 2135 2136 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2137 RUN_UNLOCK(sc); 2138 return (-1); 2139 } 2140 run_updateslot(ic->ic_ifp); 2141 run_enable_mrr(sc); 2142 run_set_txpreamble(sc); 2143 run_set_basicrates(sc); 2144 ni = ieee80211_ref_node(vap->iv_bss); 2145 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2146 run_set_bssid(sc, ni->ni_bssid); 2147 ieee80211_free_node(ni); 2148 run_enable_tsf_sync(sc); 2149 2150 /* enable automatic rate adaptation */ 2151 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2152 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2153 ratectl |= bid; 2154 } 2155 2156 /* turn link LED on */ 2157 run_set_leds(sc, RT2860_LED_RADIO | 2158 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2159 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2160 2161 break; 2162 default: 2163 DPRINTFN(6, "undefined case\n"); 2164 break; 2165 } 2166 2167 /* restart amrr for running VAPs */ 2168 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2169 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2170 2171 RUN_UNLOCK(sc); 2172 2173 return(rvp->newstate(vap, nstate, arg)); 2174 } 2175 2176 /* ARGSUSED */ 2177 static void 2178 run_wme_update_cb(void *arg) 2179 { 2180 struct ieee80211com *ic = arg; 2181 struct run_softc *sc = ic->ic_ifp->if_softc; 2182 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2183 int aci, error = 0; 2184 2185 RUN_LOCK_ASSERT(sc, MA_OWNED); 2186 2187 /* update MAC TX configuration registers */ 2188 for (aci = 0; aci < WME_NUM_AC; aci++) { 2189 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2190 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2191 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2192 wmesp->wme_params[aci].wmep_aifsn << 8 | 2193 wmesp->wme_params[aci].wmep_txopLimit); 2194 if (error) goto err; 2195 } 2196 2197 /* update SCH/DMA registers too */ 2198 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2199 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2200 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2201 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2202 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2203 if (error) goto err; 2204 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2205 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2206 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2207 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2208 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2209 if (error) goto err; 2210 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2211 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2212 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2213 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2214 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2215 if (error) goto err; 2216 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2217 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2218 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2219 if (error) goto err; 2220 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2221 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2222 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2223 2224 err: 2225 if (error) 2226 DPRINTF("WME update failed\n"); 2227 2228 return; 2229 } 2230 2231 static int 2232 run_wme_update(struct ieee80211com *ic) 2233 { 2234 struct run_softc *sc = ic->ic_ifp->if_softc; 2235 2236 #if 0 /* XXX swildner */ 2237 /* sometime called without lock */ 2238 if (mtx_owned(&ic->ic_comlock.mtx)) { 2239 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2240 DPRINTF("cmdq_store=%d\n", i); 2241 sc->cmdq[i].func = run_wme_update_cb; 2242 sc->cmdq[i].arg0 = ic; 2243 ieee80211_runtask(ic, &sc->cmdq_task); 2244 return (0); 2245 } 2246 #endif 2247 2248 RUN_LOCK(sc); 2249 run_wme_update_cb(ic); 2250 RUN_UNLOCK(sc); 2251 2252 /* return whatever, upper layer desn't care anyway */ 2253 return (0); 2254 } 2255 2256 static void 2257 run_key_update_begin(struct ieee80211vap *vap) 2258 { 2259 /* 2260 * To avoid out-of-order events, both run_key_set() and 2261 * _delete() are deferred and handled by run_cmdq_cb(). 2262 * So, there is nothing we need to do here. 2263 */ 2264 } 2265 2266 static void 2267 run_key_update_end(struct ieee80211vap *vap) 2268 { 2269 /* null */ 2270 } 2271 2272 static void 2273 run_key_set_cb(void *arg) 2274 { 2275 struct run_cmdq *cmdq = arg; 2276 struct ieee80211vap *vap = cmdq->arg1; 2277 struct ieee80211_key *k = cmdq->k; 2278 struct ieee80211com *ic = vap->iv_ic; 2279 struct run_softc *sc = ic->ic_ifp->if_softc; 2280 struct ieee80211_node *ni; 2281 uint32_t attr; 2282 uint16_t base, associd; 2283 uint8_t mode, wcid, iv[8]; 2284 2285 RUN_LOCK_ASSERT(sc, MA_OWNED); 2286 2287 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2288 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2289 else 2290 ni = vap->iv_bss; 2291 associd = (ni != NULL) ? ni->ni_associd : 0; 2292 2293 /* map net80211 cipher to RT2860 security mode */ 2294 switch (k->wk_cipher->ic_cipher) { 2295 case IEEE80211_CIPHER_WEP: 2296 if(k->wk_keylen < 8) 2297 mode = RT2860_MODE_WEP40; 2298 else 2299 mode = RT2860_MODE_WEP104; 2300 break; 2301 case IEEE80211_CIPHER_TKIP: 2302 mode = RT2860_MODE_TKIP; 2303 break; 2304 case IEEE80211_CIPHER_AES_CCM: 2305 mode = RT2860_MODE_AES_CCMP; 2306 break; 2307 default: 2308 DPRINTF("undefined case\n"); 2309 return; 2310 } 2311 2312 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2313 associd, k->wk_keyix, mode, 2314 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2315 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2316 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2317 2318 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2319 wcid = 0; /* NB: update WCID0 for group keys */ 2320 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2321 } else { 2322 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2323 1 : RUN_AID2WCID(associd); 2324 base = RT2860_PKEY(wcid); 2325 } 2326 2327 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2328 if(run_write_region_1(sc, base, k->wk_key, 16)) 2329 return; 2330 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2331 return; 2332 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2333 return; 2334 } else { 2335 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2336 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2337 return; 2338 } 2339 2340 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2341 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2342 /* set initial packet number in IV+EIV */ 2343 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2344 memset(iv, 0, sizeof iv); 2345 iv[3] = vap->iv_def_txkey << 6; 2346 } else { 2347 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2348 iv[0] = k->wk_keytsc >> 8; 2349 iv[1] = (iv[0] | 0x20) & 0x7f; 2350 iv[2] = k->wk_keytsc; 2351 } else /* CCMP */ { 2352 iv[0] = k->wk_keytsc; 2353 iv[1] = k->wk_keytsc >> 8; 2354 iv[2] = 0; 2355 } 2356 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2357 iv[4] = k->wk_keytsc >> 16; 2358 iv[5] = k->wk_keytsc >> 24; 2359 iv[6] = k->wk_keytsc >> 32; 2360 iv[7] = k->wk_keytsc >> 40; 2361 } 2362 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2363 return; 2364 } 2365 2366 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2367 /* install group key */ 2368 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2369 return; 2370 attr &= ~(0xf << (k->wk_keyix * 4)); 2371 attr |= mode << (k->wk_keyix * 4); 2372 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2373 return; 2374 } else { 2375 /* install pairwise key */ 2376 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2377 return; 2378 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2379 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2380 return; 2381 } 2382 2383 /* TODO create a pass-thru key entry? */ 2384 2385 /* need wcid to delete the right key later */ 2386 k->wk_pad = wcid; 2387 } 2388 2389 /* 2390 * Don't have to be deferred, but in order to keep order of 2391 * execution, i.e. with run_key_delete(), defer this and let 2392 * run_cmdq_cb() maintain the order. 2393 * 2394 * return 0 on error 2395 */ 2396 static int 2397 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2398 const uint8_t mac[IEEE80211_ADDR_LEN]) 2399 { 2400 struct ieee80211com *ic = vap->iv_ic; 2401 struct run_softc *sc = ic->ic_ifp->if_softc; 2402 uint32_t i; 2403 2404 i = RUN_CMDQ_GET(&sc->cmdq_store); 2405 DPRINTF("cmdq_store=%d\n", i); 2406 sc->cmdq[i].func = run_key_set_cb; 2407 sc->cmdq[i].arg0 = NULL; 2408 sc->cmdq[i].arg1 = vap; 2409 sc->cmdq[i].k = k; 2410 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2411 ieee80211_runtask(ic, &sc->cmdq_task); 2412 2413 /* 2414 * To make sure key will be set when hostapd 2415 * calls iv_key_set() before if_init(). 2416 */ 2417 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2418 RUN_LOCK(sc); 2419 sc->cmdq_key_set = RUN_CMDQ_GO; 2420 RUN_UNLOCK(sc); 2421 } 2422 2423 return (1); 2424 } 2425 2426 /* 2427 * If wlan is destroyed without being brought down i.e. without 2428 * wlan down or wpa_cli terminate, this function is called after 2429 * vap is gone. Don't refer it. 2430 */ 2431 static void 2432 run_key_delete_cb(void *arg) 2433 { 2434 struct run_cmdq *cmdq = arg; 2435 struct run_softc *sc = cmdq->arg1; 2436 struct ieee80211_key *k = &cmdq->key; 2437 uint32_t attr; 2438 uint8_t wcid; 2439 2440 RUN_LOCK_ASSERT(sc, MA_OWNED); 2441 2442 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2443 /* remove group key */ 2444 DPRINTF("removing group key\n"); 2445 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2446 attr &= ~(0xf << (k->wk_keyix * 4)); 2447 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2448 } else { 2449 /* remove pairwise key */ 2450 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2451 /* matching wcid was written to wk_pad in run_key_set() */ 2452 wcid = k->wk_pad; 2453 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2454 attr &= ~0xf; 2455 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2456 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2457 } 2458 2459 k->wk_pad = 0; 2460 } 2461 2462 /* 2463 * return 0 on error 2464 */ 2465 static int 2466 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2467 { 2468 struct ieee80211com *ic = vap->iv_ic; 2469 struct run_softc *sc = ic->ic_ifp->if_softc; 2470 struct ieee80211_key *k0; 2471 uint32_t i; 2472 2473 /* 2474 * When called back, key might be gone. So, make a copy 2475 * of some values need to delete keys before deferring. 2476 * But, because of LOR with node lock, cannot use lock here. 2477 * So, use atomic instead. 2478 */ 2479 i = RUN_CMDQ_GET(&sc->cmdq_store); 2480 DPRINTF("cmdq_store=%d\n", i); 2481 sc->cmdq[i].func = run_key_delete_cb; 2482 sc->cmdq[i].arg0 = NULL; 2483 sc->cmdq[i].arg1 = sc; 2484 k0 = &sc->cmdq[i].key; 2485 k0->wk_flags = k->wk_flags; 2486 k0->wk_keyix = k->wk_keyix; 2487 /* matching wcid was written to wk_pad in run_key_set() */ 2488 k0->wk_pad = k->wk_pad; 2489 ieee80211_runtask(ic, &sc->cmdq_task); 2490 return (1); /* return fake success */ 2491 2492 } 2493 2494 static void 2495 run_ratectl_to(void *arg) 2496 { 2497 struct run_softc *sc = arg; 2498 2499 /* do it in a process context, so it can go sleep */ 2500 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2501 /* next timeout will be rescheduled in the callback task */ 2502 } 2503 2504 /* ARGSUSED */ 2505 static void 2506 run_ratectl_cb(void *arg, int pending) 2507 { 2508 struct run_softc *sc = arg; 2509 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2510 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2511 2512 if (vap == NULL) 2513 return; 2514 2515 if (sc->rvp_cnt > 1 || vap->iv_opmode != IEEE80211_M_STA) { 2516 /* 2517 * run_reset_livelock() doesn't do anything with AMRR, 2518 * but Ralink wants us to call it every 1 sec. So, we 2519 * piggyback here rather than creating another callout. 2520 * Livelock may occur only in HOSTAP or IBSS mode 2521 * (when h/w is sending beacons). 2522 */ 2523 RUN_LOCK(sc); 2524 run_reset_livelock(sc); 2525 /* just in case, there are some stats to drain */ 2526 run_drain_fifo(sc); 2527 RUN_UNLOCK(sc); 2528 } 2529 2530 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2531 2532 RUN_LOCK(sc); 2533 if(sc->ratectl_run != RUN_RATECTL_OFF) 2534 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2535 RUN_UNLOCK(sc); 2536 } 2537 2538 static void 2539 run_drain_fifo(void *arg) 2540 { 2541 struct run_softc *sc = arg; 2542 struct ifnet *ifp = sc->sc_ifp; 2543 uint32_t stat; 2544 uint16_t (*wstat)[3]; 2545 uint8_t wcid, mcs, pid; 2546 int8_t retry; 2547 2548 RUN_LOCK_ASSERT(sc, MA_OWNED); 2549 2550 for (;;) { 2551 /* drain Tx status FIFO (maxsize = 16) */ 2552 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2553 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2554 if (!(stat & RT2860_TXQ_VLD)) 2555 break; 2556 2557 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2558 2559 /* if no ACK was requested, no feedback is available */ 2560 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2561 wcid == 0) 2562 continue; 2563 2564 /* 2565 * Even though each stat is Tx-complete-status like format, 2566 * the device can poll stats. Because there is no guarantee 2567 * that the referring node is still around when read the stats. 2568 * So that, if we use ieee80211_ratectl_tx_update(), we will 2569 * have hard time not to refer already freed node. 2570 * 2571 * To eliminate such page faults, we poll stats in softc. 2572 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2573 */ 2574 wstat = &(sc->wcid_stats[wcid]); 2575 (*wstat)[RUN_TXCNT]++; 2576 if (stat & RT2860_TXQ_OK) 2577 (*wstat)[RUN_SUCCESS]++; 2578 else 2579 ifp->if_oerrors++; 2580 /* 2581 * Check if there were retries, ie if the Tx success rate is 2582 * different from the requested rate. Note that it works only 2583 * because we do not allow rate fallback from OFDM to CCK. 2584 */ 2585 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2586 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2587 if ((retry = pid -1 - mcs) > 0) { 2588 (*wstat)[RUN_TXCNT] += retry; 2589 (*wstat)[RUN_RETRY] += retry; 2590 } 2591 } 2592 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2593 2594 sc->fifo_cnt = 0; 2595 } 2596 2597 static void 2598 run_iter_func(void *arg, struct ieee80211_node *ni) 2599 { 2600 struct run_softc *sc = arg; 2601 struct ieee80211vap *vap = ni->ni_vap; 2602 struct ieee80211com *ic = ni->ni_ic; 2603 struct ifnet *ifp = ic->ic_ifp; 2604 struct run_node *rn = (void *)ni; 2605 union run_stats sta[2]; 2606 uint16_t (*wstat)[3]; 2607 int txcnt, success, retrycnt, error; 2608 2609 RUN_LOCK(sc); 2610 2611 /* Check for special case */ 2612 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA && 2613 ni != vap->iv_bss) 2614 goto fail; 2615 2616 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2617 vap->iv_opmode == IEEE80211_M_STA)) { 2618 /* read statistic counters (clear on read) and update AMRR state */ 2619 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2620 sizeof sta); 2621 if (error != 0) 2622 goto fail; 2623 2624 /* count failed TX as errors */ 2625 ifp->if_oerrors += le16toh(sta[0].error.fail); 2626 2627 retrycnt = le16toh(sta[1].tx.retry); 2628 success = le16toh(sta[1].tx.success); 2629 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2630 2631 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2632 retrycnt, success, le16toh(sta[0].error.fail)); 2633 } else { 2634 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2635 2636 if (wstat == &(sc->wcid_stats[0]) || 2637 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2638 goto fail; 2639 2640 txcnt = (*wstat)[RUN_TXCNT]; 2641 success = (*wstat)[RUN_SUCCESS]; 2642 retrycnt = (*wstat)[RUN_RETRY]; 2643 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2644 retrycnt, txcnt, success); 2645 2646 memset(wstat, 0, sizeof(*wstat)); 2647 } 2648 2649 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2650 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2651 2652 fail: 2653 RUN_UNLOCK(sc); 2654 2655 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2656 } 2657 2658 static void 2659 run_newassoc_cb(void *arg) 2660 { 2661 struct run_cmdq *cmdq = arg; 2662 struct ieee80211_node *ni = cmdq->arg1; 2663 struct run_softc *sc = ni->ni_vap->iv_ic->ic_ifp->if_softc; 2664 uint8_t wcid = cmdq->wcid; 2665 2666 RUN_LOCK_ASSERT(sc, MA_OWNED); 2667 2668 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2669 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2670 2671 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2672 } 2673 2674 static void 2675 run_newassoc(struct ieee80211_node *ni, int isnew) 2676 { 2677 struct run_node *rn = (void *)ni; 2678 struct ieee80211_rateset *rs = &ni->ni_rates; 2679 struct ieee80211vap *vap = ni->ni_vap; 2680 struct ieee80211com *ic = vap->iv_ic; 2681 struct run_softc *sc = ic->ic_ifp->if_softc; 2682 uint8_t rate; 2683 uint8_t ridx; 2684 uint8_t wcid; 2685 int i, j; 2686 #ifdef RUN_DEBUG 2687 char ethstr[ETHER_ADDRSTRLEN + 1]; 2688 #endif 2689 2690 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2691 1 : RUN_AID2WCID(ni->ni_associd); 2692 2693 if (wcid > RT2870_WCID_MAX) { 2694 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2695 return; 2696 } 2697 2698 /* only interested in true associations */ 2699 if (isnew && ni->ni_associd != 0) { 2700 2701 /* 2702 * This function could is called though timeout function. 2703 * Need to defer. 2704 */ 2705 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2706 DPRINTF("cmdq_store=%d\n", cnt); 2707 sc->cmdq[cnt].func = run_newassoc_cb; 2708 sc->cmdq[cnt].arg0 = NULL; 2709 sc->cmdq[cnt].arg1 = ni; 2710 sc->cmdq[cnt].wcid = wcid; 2711 ieee80211_runtask(ic, &sc->cmdq_task); 2712 } 2713 2714 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2715 isnew, ni->ni_associd, kether_ntoa(ni->ni_macaddr, ethstr)); 2716 2717 for (i = 0; i < rs->rs_nrates; i++) { 2718 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2719 /* convert 802.11 rate to hardware rate index */ 2720 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2721 if (rt2860_rates[ridx].rate == rate) 2722 break; 2723 rn->ridx[i] = ridx; 2724 /* determine rate of control response frames */ 2725 for (j = i; j >= 0; j--) { 2726 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2727 rt2860_rates[rn->ridx[i]].phy == 2728 rt2860_rates[rn->ridx[j]].phy) 2729 break; 2730 } 2731 if (j >= 0) { 2732 rn->ctl_ridx[i] = rn->ridx[j]; 2733 } else { 2734 /* no basic rate found, use mandatory one */ 2735 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2736 } 2737 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2738 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2739 } 2740 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2741 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2742 if (rt2860_rates[ridx].rate == rate) 2743 break; 2744 rn->mgt_ridx = ridx; 2745 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2746 2747 RUN_LOCK(sc); 2748 if(sc->ratectl_run != RUN_RATECTL_OFF) 2749 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2750 RUN_UNLOCK(sc); 2751 } 2752 2753 /* 2754 * Return the Rx chain with the highest RSSI for a given frame. 2755 */ 2756 static __inline uint8_t 2757 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2758 { 2759 uint8_t rxchain = 0; 2760 2761 if (sc->nrxchains > 1) { 2762 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2763 rxchain = 1; 2764 if (sc->nrxchains > 2) 2765 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2766 rxchain = 2; 2767 } 2768 return (rxchain); 2769 } 2770 2771 static void 2772 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2773 { 2774 struct ifnet *ifp = sc->sc_ifp; 2775 struct ieee80211com *ic = ifp->if_l2com; 2776 struct ieee80211_frame *wh; 2777 struct ieee80211_node *ni; 2778 struct rt2870_rxd *rxd; 2779 struct rt2860_rxwi *rxwi; 2780 uint32_t flags; 2781 uint16_t len, rxwisize; 2782 uint8_t ant, rssi; 2783 int8_t nf; 2784 2785 rxwi = mtod(m, struct rt2860_rxwi *); 2786 len = le16toh(rxwi->len) & 0xfff; 2787 rxwisize = sizeof(struct rt2860_rxwi); 2788 if (sc->mac_ver == 0x5592) 2789 rxwisize += sizeof(uint64_t); 2790 else if (sc->mac_ver == 0x3593) 2791 rxwisize += sizeof(uint32_t); 2792 if (__predict_false(len > dmalen)) { 2793 m_freem(m); 2794 ifp->if_ierrors++; 2795 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2796 return; 2797 } 2798 /* Rx descriptor is located at the end */ 2799 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2800 flags = le32toh(rxd->flags); 2801 2802 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2803 m_freem(m); 2804 ifp->if_ierrors++; 2805 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2806 return; 2807 } 2808 2809 m->m_data += rxwisize; 2810 m->m_pkthdr.len = m->m_len -= rxwisize; 2811 2812 wh = mtod(m, struct ieee80211_frame *); 2813 2814 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2815 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2816 m->m_flags |= M_WEP; 2817 } 2818 2819 if (flags & RT2860_RX_L2PAD) { 2820 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2821 len += 2; 2822 } 2823 2824 ni = ieee80211_find_rxnode(ic, 2825 mtod(m, struct ieee80211_frame_min *)); 2826 2827 if (__predict_false(flags & RT2860_RX_MICERR)) { 2828 /* report MIC failures to net80211 for TKIP */ 2829 if (ni != NULL) 2830 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2831 rxwi->keyidx); 2832 m_freem(m); 2833 ifp->if_ierrors++; 2834 DPRINTF("MIC error. Someone is lying.\n"); 2835 return; 2836 } 2837 2838 ant = run_maxrssi_chain(sc, rxwi); 2839 rssi = rxwi->rssi[ant]; 2840 nf = run_rssi2dbm(sc, rssi, ant); 2841 2842 m->m_pkthdr.rcvif = ifp; 2843 m->m_pkthdr.len = m->m_len = len; 2844 2845 if (ni != NULL) { 2846 (void)ieee80211_input(ni, m, rssi, nf); 2847 ieee80211_free_node(ni); 2848 } else { 2849 (void)ieee80211_input_all(ic, m, rssi, nf); 2850 } 2851 2852 if (__predict_false(ieee80211_radiotap_active(ic))) { 2853 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2854 uint16_t phy; 2855 2856 tap->wr_flags = 0; 2857 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2858 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2859 tap->wr_antsignal = rssi; 2860 tap->wr_antenna = ant; 2861 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2862 tap->wr_rate = 2; /* in case it can't be found below */ 2863 phy = le16toh(rxwi->phy); 2864 switch (phy & RT2860_PHY_MODE) { 2865 case RT2860_PHY_CCK: 2866 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2867 case 0: tap->wr_rate = 2; break; 2868 case 1: tap->wr_rate = 4; break; 2869 case 2: tap->wr_rate = 11; break; 2870 case 3: tap->wr_rate = 22; break; 2871 } 2872 if (phy & RT2860_PHY_SHPRE) 2873 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2874 break; 2875 case RT2860_PHY_OFDM: 2876 switch (phy & RT2860_PHY_MCS) { 2877 case 0: tap->wr_rate = 12; break; 2878 case 1: tap->wr_rate = 18; break; 2879 case 2: tap->wr_rate = 24; break; 2880 case 3: tap->wr_rate = 36; break; 2881 case 4: tap->wr_rate = 48; break; 2882 case 5: tap->wr_rate = 72; break; 2883 case 6: tap->wr_rate = 96; break; 2884 case 7: tap->wr_rate = 108; break; 2885 } 2886 break; 2887 } 2888 } 2889 } 2890 2891 static void 2892 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2893 { 2894 struct run_softc *sc = usbd_xfer_softc(xfer); 2895 struct ifnet *ifp = sc->sc_ifp; 2896 struct mbuf *m = NULL; 2897 struct mbuf *m0; 2898 uint32_t dmalen; 2899 uint16_t rxwisize; 2900 int xferlen; 2901 2902 rxwisize = sizeof(struct rt2860_rxwi); 2903 if (sc->mac_ver == 0x5592) 2904 rxwisize += sizeof(uint64_t); 2905 else if (sc->mac_ver == 0x3593) 2906 rxwisize += sizeof(uint32_t); 2907 2908 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2909 2910 switch (USB_GET_STATE(xfer)) { 2911 case USB_ST_TRANSFERRED: 2912 2913 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2914 2915 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2916 sizeof(struct rt2870_rxd))) { 2917 DPRINTF("xfer too short %d\n", xferlen); 2918 goto tr_setup; 2919 } 2920 2921 m = sc->rx_m; 2922 sc->rx_m = NULL; 2923 2924 /* FALLTHROUGH */ 2925 case USB_ST_SETUP: 2926 tr_setup: 2927 if (sc->rx_m == NULL) { 2928 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2929 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2930 } 2931 if (sc->rx_m == NULL) { 2932 DPRINTF("could not allocate mbuf - idle with stall\n"); 2933 ifp->if_ierrors++; 2934 usbd_xfer_set_stall(xfer); 2935 usbd_xfer_set_frames(xfer, 0); 2936 } else { 2937 /* 2938 * Directly loading a mbuf cluster into DMA to 2939 * save some data copying. This works because 2940 * there is only one cluster. 2941 */ 2942 usbd_xfer_set_frame_data(xfer, 0, 2943 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2944 usbd_xfer_set_frames(xfer, 1); 2945 } 2946 usbd_transfer_submit(xfer); 2947 break; 2948 2949 default: /* Error */ 2950 if (error != USB_ERR_CANCELLED) { 2951 /* try to clear stall first */ 2952 usbd_xfer_set_stall(xfer); 2953 2954 if (error == USB_ERR_TIMEOUT) 2955 device_printf(sc->sc_dev, "device timeout\n"); 2956 2957 ifp->if_ierrors++; 2958 2959 goto tr_setup; 2960 } 2961 if (sc->rx_m != NULL) { 2962 m_freem(sc->rx_m); 2963 sc->rx_m = NULL; 2964 } 2965 break; 2966 } 2967 2968 if (m == NULL) 2969 return; 2970 2971 /* inputting all the frames must be last */ 2972 2973 RUN_UNLOCK(sc); 2974 2975 m->m_pkthdr.len = m->m_len = xferlen; 2976 2977 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2978 for(;;) { 2979 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2980 2981 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2982 ((dmalen & 3) != 0)) { 2983 DPRINTF("bad DMA length %u\n", dmalen); 2984 break; 2985 } 2986 if ((dmalen + 8) > (uint32_t)xferlen) { 2987 DPRINTF("bad DMA length %u > %d\n", 2988 dmalen + 8, xferlen); 2989 break; 2990 } 2991 2992 /* If it is the last one or a single frame, we won't copy. */ 2993 if ((xferlen -= dmalen + 8) <= 8) { 2994 /* trim 32-bit DMA-len header */ 2995 m->m_data += 4; 2996 m->m_pkthdr.len = m->m_len -= 4; 2997 run_rx_frame(sc, m, dmalen); 2998 m = NULL; /* don't free source buffer */ 2999 break; 3000 } 3001 3002 /* copy aggregated frames to another mbuf */ 3003 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 3004 if (__predict_false(m0 == NULL)) { 3005 DPRINTF("could not allocate mbuf\n"); 3006 ifp->if_ierrors++; 3007 break; 3008 } 3009 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 3010 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 3011 m0->m_pkthdr.len = m0->m_len = 3012 dmalen + sizeof(struct rt2870_rxd); 3013 run_rx_frame(sc, m0, dmalen); 3014 3015 /* update data ptr */ 3016 m->m_data += dmalen + 8; 3017 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3018 } 3019 3020 /* make sure we free the source buffer, if any */ 3021 m_freem(m); 3022 3023 RUN_LOCK(sc); 3024 } 3025 3026 static void 3027 run_tx_free(struct run_endpoint_queue *pq, 3028 struct run_tx_data *data, int txerr) 3029 { 3030 if (data->m != NULL) { 3031 if (data->m->m_flags & M_TXCB) 3032 ieee80211_process_callback(data->ni, data->m, 3033 txerr ? ETIMEDOUT : 0); 3034 m_freem(data->m); 3035 data->m = NULL; 3036 3037 if (data->ni == NULL) { 3038 DPRINTF("no node\n"); 3039 } else { 3040 ieee80211_free_node(data->ni); 3041 data->ni = NULL; 3042 } 3043 } 3044 3045 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3046 pq->tx_nfree++; 3047 } 3048 3049 static void 3050 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3051 { 3052 struct run_softc *sc = usbd_xfer_softc(xfer); 3053 struct ifnet *ifp = sc->sc_ifp; 3054 struct ieee80211com *ic = ifp->if_l2com; 3055 struct run_tx_data *data; 3056 struct ieee80211vap *vap = NULL; 3057 struct usb_page_cache *pc; 3058 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3059 struct mbuf *m; 3060 usb_frlength_t size; 3061 int actlen; 3062 int sumlen; 3063 3064 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3065 3066 switch (USB_GET_STATE(xfer)) { 3067 case USB_ST_TRANSFERRED: 3068 DPRINTFN(11, "transfer complete: %d " 3069 "bytes @ index %d\n", actlen, index); 3070 3071 data = usbd_xfer_get_priv(xfer); 3072 3073 run_tx_free(pq, data, 0); 3074 ifq_clr_oactive(&ifp->if_snd); 3075 3076 usbd_xfer_set_priv(xfer, NULL); 3077 3078 ifp->if_opackets++; 3079 3080 /* FALLTHROUGH */ 3081 case USB_ST_SETUP: 3082 tr_setup: 3083 data = STAILQ_FIRST(&pq->tx_qh); 3084 if (data == NULL) 3085 break; 3086 3087 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3088 3089 m = data->m; 3090 size = (sc->mac_ver == 0x5592) ? 3091 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3092 if ((m->m_pkthdr.len + 3093 size + 3 + 8) > RUN_MAX_TXSZ) { 3094 DPRINTF("data overflow, %u bytes\n", 3095 m->m_pkthdr.len); 3096 3097 ifp->if_oerrors++; 3098 3099 run_tx_free(pq, data, 1); 3100 3101 goto tr_setup; 3102 } 3103 3104 pc = usbd_xfer_get_frame(xfer, 0); 3105 usbd_copy_in(pc, 0, &data->desc, size); 3106 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3107 size += m->m_pkthdr.len; 3108 /* 3109 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3110 * 4-byte padding), and be sure to zero those trailing 3111 * bytes: 3112 */ 3113 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3114 size += ((-size) & 3) + 8; 3115 3116 vap = data->ni->ni_vap; 3117 if (ieee80211_radiotap_active_vap(vap)) { 3118 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3119 struct rt2860_txwi *txwi = 3120 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3121 tap->wt_flags = 0; 3122 tap->wt_rate = rt2860_rates[data->ridx].rate; 3123 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3124 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3125 tap->wt_hwqueue = index; 3126 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3127 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3128 3129 ieee80211_radiotap_tx(vap, m); 3130 } 3131 3132 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3133 m->m_pkthdr.len, size, index); 3134 3135 usbd_xfer_set_frame_len(xfer, 0, size); 3136 usbd_xfer_set_priv(xfer, data); 3137 3138 usbd_transfer_submit(xfer); 3139 3140 run_start(ifp, NULL); 3141 3142 break; 3143 3144 default: 3145 DPRINTF("USB transfer error, %s\n", 3146 usbd_errstr(error)); 3147 3148 data = usbd_xfer_get_priv(xfer); 3149 3150 ifp->if_oerrors++; 3151 3152 if (data != NULL) { 3153 if(data->ni != NULL) 3154 vap = data->ni->ni_vap; 3155 run_tx_free(pq, data, error); 3156 usbd_xfer_set_priv(xfer, NULL); 3157 } 3158 if (vap == NULL) 3159 vap = TAILQ_FIRST(&ic->ic_vaps); 3160 3161 if (error != USB_ERR_CANCELLED) { 3162 if (error == USB_ERR_TIMEOUT) { 3163 device_printf(sc->sc_dev, "device timeout\n"); 3164 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3165 DPRINTF("cmdq_store=%d\n", i); 3166 sc->cmdq[i].func = run_usb_timeout_cb; 3167 sc->cmdq[i].arg0 = vap; 3168 ieee80211_runtask(ic, &sc->cmdq_task); 3169 } 3170 3171 /* 3172 * Try to clear stall first, also if other 3173 * errors occur, hence clearing stall 3174 * introduces a 50 ms delay: 3175 */ 3176 usbd_xfer_set_stall(xfer); 3177 goto tr_setup; 3178 } 3179 break; 3180 } 3181 } 3182 3183 static void 3184 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3185 { 3186 run_bulk_tx_callbackN(xfer, error, 0); 3187 } 3188 3189 static void 3190 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3191 { 3192 run_bulk_tx_callbackN(xfer, error, 1); 3193 } 3194 3195 static void 3196 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3197 { 3198 run_bulk_tx_callbackN(xfer, error, 2); 3199 } 3200 3201 static void 3202 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3203 { 3204 run_bulk_tx_callbackN(xfer, error, 3); 3205 } 3206 3207 static void 3208 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3209 { 3210 run_bulk_tx_callbackN(xfer, error, 4); 3211 } 3212 3213 static void 3214 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3215 { 3216 run_bulk_tx_callbackN(xfer, error, 5); 3217 } 3218 3219 static void 3220 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3221 { 3222 struct mbuf *m = data->m; 3223 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3224 struct ieee80211vap *vap = data->ni->ni_vap; 3225 struct ieee80211_frame *wh; 3226 struct rt2870_txd *txd; 3227 struct rt2860_txwi *txwi; 3228 uint16_t xferlen, txwisize; 3229 uint16_t mcs; 3230 uint8_t ridx = data->ridx; 3231 uint8_t pad; 3232 3233 /* get MCS code from rate index */ 3234 mcs = rt2860_rates[ridx].mcs; 3235 3236 txwisize = (sc->mac_ver == 0x5592) ? 3237 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3238 xferlen = txwisize + m->m_pkthdr.len; 3239 3240 /* roundup to 32-bit alignment */ 3241 xferlen = (xferlen + 3) & ~3; 3242 3243 txd = (struct rt2870_txd *)&data->desc; 3244 txd->len = htole16(xferlen); 3245 3246 wh = mtod(m, struct ieee80211_frame *); 3247 3248 /* 3249 * Ether both are true or both are false, the header 3250 * are nicely aligned to 32-bit. So, no L2 padding. 3251 */ 3252 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3253 pad = 0; 3254 else 3255 pad = 2; 3256 3257 /* setup TX Wireless Information */ 3258 txwi = (struct rt2860_txwi *)(txd + 1); 3259 txwi->len = htole16(m->m_pkthdr.len - pad); 3260 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3261 txwi->phy = htole16(RT2860_PHY_CCK); 3262 if (ridx != RT2860_RIDX_CCK1 && 3263 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3264 mcs |= RT2860_PHY_SHPRE; 3265 } else 3266 txwi->phy = htole16(RT2860_PHY_OFDM); 3267 txwi->phy |= htole16(mcs); 3268 3269 /* check if RTS/CTS or CTS-to-self protection is required */ 3270 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3271 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3272 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3273 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3274 txwi->txop |= RT2860_TX_TXOP_HT; 3275 else 3276 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3277 3278 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3279 txwi->xflags |= RT2860_TX_NSEQ; 3280 } 3281 3282 /* This function must be called locked */ 3283 static int 3284 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3285 { 3286 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3287 struct ieee80211vap *vap = ni->ni_vap; 3288 struct ieee80211_frame *wh; 3289 struct ieee80211_channel *chan; 3290 const struct ieee80211_txparam *tp; 3291 struct run_node *rn = (void *)ni; 3292 struct run_tx_data *data; 3293 struct rt2870_txd *txd; 3294 struct rt2860_txwi *txwi; 3295 uint16_t qos; 3296 uint16_t dur; 3297 uint16_t qid; 3298 uint8_t type; 3299 uint8_t tid; 3300 uint8_t ridx; 3301 uint8_t ctl_ridx; 3302 uint8_t qflags; 3303 uint8_t xflags = 0; 3304 int hasqos; 3305 3306 #if 0 /* XXX swildner: lock needed? */ 3307 RUN_LOCK_ASSERT(sc, MA_OWNED); 3308 #endif 3309 3310 wh = mtod(m, struct ieee80211_frame *); 3311 3312 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3313 3314 /* 3315 * There are 7 bulk endpoints: 1 for RX 3316 * and 6 for TX (4 EDCAs + HCCA + Prio). 3317 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3318 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3319 */ 3320 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3321 uint8_t *frm; 3322 3323 if(IEEE80211_HAS_ADDR4(wh)) 3324 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3325 else 3326 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3327 3328 qos = le16toh(*(const uint16_t *)frm); 3329 tid = qos & IEEE80211_QOS_TID; 3330 qid = TID_TO_WME_AC(tid); 3331 } else { 3332 qos = 0; 3333 tid = 0; 3334 qid = WME_AC_BE; 3335 } 3336 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3337 3338 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3339 qos, qid, tid, qflags); 3340 3341 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3342 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3343 3344 /* pickup a rate index */ 3345 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3346 type != IEEE80211_FC0_TYPE_DATA) { 3347 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3348 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3349 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3350 } else { 3351 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3352 ridx = rn->fix_ridx; 3353 else 3354 ridx = rn->amrr_ridx; 3355 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3356 } 3357 3358 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3359 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3360 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3361 xflags |= RT2860_TX_ACK; 3362 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3363 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3364 else 3365 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3366 USETW(wh->i_dur, dur); 3367 } 3368 3369 /* reserve slots for mgmt packets, just in case */ 3370 if (sc->sc_epq[qid].tx_nfree < 3) { 3371 DPRINTFN(10, "tx ring %d is full\n", qid); 3372 return (-1); 3373 } 3374 3375 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3376 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3377 sc->sc_epq[qid].tx_nfree--; 3378 3379 txd = (struct rt2870_txd *)&data->desc; 3380 txd->flags = qflags; 3381 txwi = (struct rt2860_txwi *)(txd + 1); 3382 txwi->xflags = xflags; 3383 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3384 txwi->wcid = 0; 3385 else 3386 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3387 1 : RUN_AID2WCID(ni->ni_associd); 3388 3389 /* clear leftover garbage bits */ 3390 txwi->flags = 0; 3391 txwi->txop = 0; 3392 3393 data->m = m; 3394 data->ni = ni; 3395 data->ridx = ridx; 3396 3397 run_set_tx_desc(sc, data); 3398 3399 /* 3400 * The chip keeps track of 2 kind of Tx stats, 3401 * * TX_STAT_FIFO, for per WCID stats, and 3402 * * TX_STA_CNT0 for all-TX-in-one stats. 3403 * 3404 * To use FIFO stats, we need to store MCS into the driver-private 3405 * PacketID field. So that, we can tell whose stats when we read them. 3406 * We add 1 to the MCS because setting the PacketID field to 0 means 3407 * that we don't want feedback in TX_STAT_FIFO. 3408 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3409 * 3410 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3411 */ 3412 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3413 vap->iv_opmode == IEEE80211_M_MBSS) { 3414 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3415 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3416 3417 /* 3418 * Unlike PCI based devices, we don't get any interrupt from 3419 * USB devices, so we simulate FIFO-is-full interrupt here. 3420 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3421 * quickly get fulled. To prevent overflow, increment a counter on 3422 * every FIFO stat request, so we know how many slots are left. 3423 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3424 * are used only in those modes. 3425 * We just drain stats. AMRR gets updated every 1 sec by 3426 * run_ratectl_cb() via callout. 3427 * Call it early. Otherwise overflow. 3428 */ 3429 if (sc->fifo_cnt++ == 10) { 3430 /* 3431 * With multiple vaps or if_bridge, if_start() is called 3432 * with a non-sleepable lock, tcpinp. So, need to defer. 3433 */ 3434 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3435 DPRINTFN(6, "cmdq_store=%d\n", i); 3436 sc->cmdq[i].func = run_drain_fifo; 3437 sc->cmdq[i].arg0 = sc; 3438 ieee80211_runtask(ic, &sc->cmdq_task); 3439 } 3440 } 3441 3442 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3443 3444 RUN_LOCK(sc); 3445 usbd_transfer_start(sc->sc_xfer[qid]); 3446 RUN_UNLOCK(sc); 3447 3448 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3449 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3450 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3451 3452 return (0); 3453 } 3454 3455 static int 3456 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3457 { 3458 struct ifnet *ifp = sc->sc_ifp; 3459 struct ieee80211com *ic = ifp->if_l2com; 3460 struct run_node *rn = (void *)ni; 3461 struct run_tx_data *data; 3462 struct ieee80211_frame *wh; 3463 struct rt2870_txd *txd; 3464 struct rt2860_txwi *txwi; 3465 uint16_t dur; 3466 uint8_t ridx = rn->mgt_ridx; 3467 uint8_t type; 3468 uint8_t xflags = 0; 3469 uint8_t wflags = 0; 3470 3471 RUN_LOCK_ASSERT(sc, MA_OWNED); 3472 3473 wh = mtod(m, struct ieee80211_frame *); 3474 3475 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3476 3477 /* tell hardware to add timestamp for probe responses */ 3478 if ((wh->i_fc[0] & 3479 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3480 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3481 wflags |= RT2860_TX_TS; 3482 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3483 xflags |= RT2860_TX_ACK; 3484 3485 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3486 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3487 USETW(wh->i_dur, dur); 3488 } 3489 3490 if (sc->sc_epq[0].tx_nfree == 0) { 3491 /* let caller free mbuf */ 3492 ifq_set_oactive(&ifp->if_snd); 3493 return (EIO); 3494 } 3495 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3496 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3497 sc->sc_epq[0].tx_nfree--; 3498 3499 txd = (struct rt2870_txd *)&data->desc; 3500 txd->flags = RT2860_TX_QSEL_EDCA; 3501 txwi = (struct rt2860_txwi *)(txd + 1); 3502 txwi->wcid = 0xff; 3503 txwi->flags = wflags; 3504 txwi->xflags = xflags; 3505 txwi->txop = 0; /* clear leftover garbage bits */ 3506 3507 data->m = m; 3508 data->ni = ni; 3509 data->ridx = ridx; 3510 3511 run_set_tx_desc(sc, data); 3512 3513 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3514 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3515 rt2860_rates[ridx].rate); 3516 3517 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3518 3519 usbd_transfer_start(sc->sc_xfer[0]); 3520 3521 return (0); 3522 } 3523 3524 static int 3525 run_sendprot(struct run_softc *sc, 3526 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3527 { 3528 struct ieee80211com *ic = ni->ni_ic; 3529 struct ieee80211_frame *wh; 3530 struct run_tx_data *data; 3531 struct rt2870_txd *txd; 3532 struct rt2860_txwi *txwi; 3533 struct mbuf *mprot; 3534 int ridx; 3535 int protrate; 3536 int ackrate; 3537 int pktlen; 3538 int isshort; 3539 uint16_t dur; 3540 uint8_t type; 3541 uint8_t wflags = 0; 3542 uint8_t xflags = 0; 3543 3544 RUN_LOCK_ASSERT(sc, MA_OWNED); 3545 3546 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3547 ("protection %d", prot)); 3548 3549 wh = mtod(m, struct ieee80211_frame *); 3550 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3551 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3552 3553 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3554 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3555 3556 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3557 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3558 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3559 wflags = RT2860_TX_FRAG; 3560 3561 /* check that there are free slots before allocating the mbuf */ 3562 if (sc->sc_epq[0].tx_nfree == 0) { 3563 /* let caller free mbuf */ 3564 ifq_set_oactive(&sc->sc_ifp->if_snd); 3565 return (ENOBUFS); 3566 } 3567 3568 if (prot == IEEE80211_PROT_RTSCTS) { 3569 /* NB: CTS is the same size as an ACK */ 3570 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3571 xflags |= RT2860_TX_ACK; 3572 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3573 } else { 3574 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3575 } 3576 if (mprot == NULL) { 3577 sc->sc_ifp->if_oerrors++; 3578 DPRINTF("could not allocate mbuf\n"); 3579 return (ENOBUFS); 3580 } 3581 3582 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3583 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3584 sc->sc_epq[0].tx_nfree--; 3585 3586 txd = (struct rt2870_txd *)&data->desc; 3587 txd->flags = RT2860_TX_QSEL_EDCA; 3588 txwi = (struct rt2860_txwi *)(txd + 1); 3589 txwi->wcid = 0xff; 3590 txwi->flags = wflags; 3591 txwi->xflags = xflags; 3592 txwi->txop = 0; /* clear leftover garbage bits */ 3593 3594 data->m = mprot; 3595 data->ni = ieee80211_ref_node(ni); 3596 3597 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3598 if (rt2860_rates[ridx].rate == protrate) 3599 break; 3600 data->ridx = ridx; 3601 3602 run_set_tx_desc(sc, data); 3603 3604 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3605 m->m_pkthdr.len, rate); 3606 3607 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3608 3609 usbd_transfer_start(sc->sc_xfer[0]); 3610 3611 return (0); 3612 } 3613 3614 static int 3615 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3616 const struct ieee80211_bpf_params *params) 3617 { 3618 struct ieee80211com *ic = ni->ni_ic; 3619 struct ieee80211_frame *wh; 3620 struct run_tx_data *data; 3621 struct rt2870_txd *txd; 3622 struct rt2860_txwi *txwi; 3623 uint8_t type; 3624 uint8_t ridx; 3625 uint8_t rate; 3626 uint8_t opflags = 0; 3627 uint8_t xflags = 0; 3628 int error; 3629 3630 RUN_LOCK_ASSERT(sc, MA_OWNED); 3631 3632 KASSERT(params != NULL, ("no raw xmit params")); 3633 3634 wh = mtod(m, struct ieee80211_frame *); 3635 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3636 3637 rate = params->ibp_rate0; 3638 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3639 /* let caller free mbuf */ 3640 return (EINVAL); 3641 } 3642 3643 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3644 xflags |= RT2860_TX_ACK; 3645 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3646 error = run_sendprot(sc, m, ni, 3647 params->ibp_flags & IEEE80211_BPF_RTS ? 3648 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3649 rate); 3650 if (error) { 3651 /* let caller free mbuf */ 3652 return error; 3653 } 3654 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3655 } 3656 3657 if (sc->sc_epq[0].tx_nfree == 0) { 3658 /* let caller free mbuf */ 3659 ifq_set_oactive(&sc->sc_ifp->if_snd); 3660 DPRINTF("sending raw frame, but tx ring is full\n"); 3661 return (EIO); 3662 } 3663 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3664 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3665 sc->sc_epq[0].tx_nfree--; 3666 3667 txd = (struct rt2870_txd *)&data->desc; 3668 txd->flags = RT2860_TX_QSEL_EDCA; 3669 txwi = (struct rt2860_txwi *)(txd + 1); 3670 txwi->wcid = 0xff; 3671 txwi->xflags = xflags; 3672 txwi->txop = opflags; 3673 txwi->flags = 0; /* clear leftover garbage bits */ 3674 3675 data->m = m; 3676 data->ni = ni; 3677 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3678 if (rt2860_rates[ridx].rate == rate) 3679 break; 3680 data->ridx = ridx; 3681 3682 run_set_tx_desc(sc, data); 3683 3684 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3685 m->m_pkthdr.len, rate); 3686 3687 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3688 3689 usbd_transfer_start(sc->sc_xfer[0]); 3690 3691 return (0); 3692 } 3693 3694 static int 3695 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3696 const struct ieee80211_bpf_params *params) 3697 { 3698 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3699 struct run_softc *sc = ifp->if_softc; 3700 int error = 0; 3701 3702 RUN_LOCK(sc); 3703 3704 /* prevent management frames from being sent if we're not ready */ 3705 if (!(ifp->if_flags & IFF_RUNNING)) { 3706 error = ENETDOWN; 3707 goto done; 3708 } 3709 3710 if (params == NULL) { 3711 /* tx mgt packet */ 3712 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3713 ifp->if_oerrors++; 3714 DPRINTF("mgt tx failed\n"); 3715 goto done; 3716 } 3717 } else { 3718 /* tx raw packet with param */ 3719 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3720 ifp->if_oerrors++; 3721 DPRINTF("tx with param failed\n"); 3722 goto done; 3723 } 3724 } 3725 3726 ifp->if_opackets++; 3727 3728 done: 3729 RUN_UNLOCK(sc); 3730 3731 if (error != 0) { 3732 if(m != NULL) 3733 m_freem(m); 3734 ieee80211_free_node(ni); 3735 } 3736 3737 return (error); 3738 } 3739 3740 static void 3741 run_start(struct ifnet *ifp, struct ifaltq_subque *ifsq) 3742 { 3743 struct run_softc *sc = ifp->if_softc; 3744 struct ieee80211_node *ni; 3745 struct mbuf *m = NULL; 3746 3747 #if 0 3748 ASSERT_ALTQ_SQ_DEFAULT(ifp, ifsq); 3749 #endif 3750 if ((ifp->if_flags & IFF_RUNNING) == 0) 3751 return; 3752 3753 RUN_LOCK(sc); 3754 for (;;) { 3755 /* send data frames */ 3756 m = ifq_dequeue(&ifp->if_snd); 3757 if (m == NULL) 3758 break; 3759 3760 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3761 if (run_tx(sc, m, ni) != 0) { 3762 ifq_prepend(&ifp->if_snd, m); 3763 ifq_set_oactive(&ifp->if_snd); 3764 break; 3765 } 3766 } 3767 RUN_UNLOCK(sc); 3768 } 3769 3770 static int 3771 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *cr) 3772 { 3773 struct run_softc *sc = ifp->if_softc; 3774 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3775 struct ifreq *ifr = (struct ifreq *) data; 3776 int startall = 0; 3777 int error; 3778 3779 RUN_LOCK(sc); 3780 error = sc->sc_detached ? ENXIO : 0; 3781 RUN_UNLOCK(sc); 3782 if (error) 3783 return (error); 3784 3785 switch (cmd) { 3786 case SIOCSIFFLAGS: 3787 RUN_LOCK(sc); 3788 if (ifp->if_flags & IFF_UP) { 3789 if (!(ifp->if_flags & IFF_RUNNING)){ 3790 startall = 1; 3791 run_init_locked(sc); 3792 } else 3793 run_update_promisc_locked(ifp); 3794 } else { 3795 if (ifp->if_flags & IFF_RUNNING && 3796 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3797 run_stop(sc); 3798 } 3799 } 3800 RUN_UNLOCK(sc); 3801 if (startall) 3802 ieee80211_start_all(ic); 3803 break; 3804 case SIOCGIFMEDIA: 3805 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3806 break; 3807 case SIOCGIFADDR: 3808 error = ether_ioctl(ifp, cmd, data); 3809 break; 3810 default: 3811 error = EINVAL; 3812 break; 3813 } 3814 3815 return (error); 3816 } 3817 3818 static void 3819 run_iq_calib(struct run_softc *sc, u_int chan) 3820 { 3821 uint16_t val; 3822 3823 /* Tx0 IQ gain. */ 3824 run_bbp_write(sc, 158, 0x2c); 3825 if (chan <= 14) 3826 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3827 else if (chan <= 64) { 3828 run_efuse_read(sc, 3829 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3830 &val, 1); 3831 } else if (chan <= 138) { 3832 run_efuse_read(sc, 3833 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3834 &val, 1); 3835 } else if (chan <= 165) { 3836 run_efuse_read(sc, 3837 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3838 &val, 1); 3839 } else 3840 val = 0; 3841 run_bbp_write(sc, 159, val); 3842 3843 /* Tx0 IQ phase. */ 3844 run_bbp_write(sc, 158, 0x2d); 3845 if (chan <= 14) { 3846 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3847 &val, 1); 3848 } else if (chan <= 64) { 3849 run_efuse_read(sc, 3850 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3851 &val, 1); 3852 } else if (chan <= 138) { 3853 run_efuse_read(sc, 3854 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3855 &val, 1); 3856 } else if (chan <= 165) { 3857 run_efuse_read(sc, 3858 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3859 &val, 1); 3860 } else 3861 val = 0; 3862 run_bbp_write(sc, 159, val); 3863 3864 /* Tx1 IQ gain. */ 3865 run_bbp_write(sc, 158, 0x4a); 3866 if (chan <= 14) { 3867 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3868 &val, 1); 3869 } else if (chan <= 64) { 3870 run_efuse_read(sc, 3871 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3872 &val, 1); 3873 } else if (chan <= 138) { 3874 run_efuse_read(sc, 3875 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3876 &val, 1); 3877 } else if (chan <= 165) { 3878 run_efuse_read(sc, 3879 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3880 &val, 1); 3881 } else 3882 val = 0; 3883 run_bbp_write(sc, 159, val); 3884 3885 /* Tx1 IQ phase. */ 3886 run_bbp_write(sc, 158, 0x4b); 3887 if (chan <= 14) { 3888 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3889 &val, 1); 3890 } else if (chan <= 64) { 3891 run_efuse_read(sc, 3892 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3893 &val, 1); 3894 } else if (chan <= 138) { 3895 run_efuse_read(sc, 3896 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3897 &val, 1); 3898 } else if (chan <= 165) { 3899 run_efuse_read(sc, 3900 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3901 &val, 1); 3902 } else 3903 val = 0; 3904 run_bbp_write(sc, 159, val); 3905 3906 /* RF IQ compensation control. */ 3907 run_bbp_write(sc, 158, 0x04); 3908 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3909 &val, 1); 3910 run_bbp_write(sc, 159, val); 3911 3912 /* RF IQ imbalance compensation control. */ 3913 run_bbp_write(sc, 158, 0x03); 3914 run_efuse_read(sc, 3915 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3916 run_bbp_write(sc, 159, val); 3917 } 3918 3919 static void 3920 run_set_agc(struct run_softc *sc, uint8_t agc) 3921 { 3922 uint8_t bbp; 3923 3924 if (sc->mac_ver == 0x3572) { 3925 run_bbp_read(sc, 27, &bbp); 3926 bbp &= ~(0x3 << 5); 3927 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3928 run_bbp_write(sc, 66, agc); 3929 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3930 run_bbp_write(sc, 66, agc); 3931 } else 3932 run_bbp_write(sc, 66, agc); 3933 } 3934 3935 static void 3936 run_select_chan_group(struct run_softc *sc, int group) 3937 { 3938 uint32_t tmp; 3939 uint8_t agc; 3940 3941 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3942 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3943 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3944 if (sc->mac_ver < 0x3572) 3945 run_bbp_write(sc, 86, 0x00); 3946 3947 if (sc->mac_ver == 0x3593) { 3948 run_bbp_write(sc, 77, 0x98); 3949 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3950 } 3951 3952 if (group == 0) { 3953 if (sc->ext_2ghz_lna) { 3954 if (sc->mac_ver >= 0x5390) 3955 run_bbp_write(sc, 75, 0x52); 3956 else { 3957 run_bbp_write(sc, 82, 0x62); 3958 run_bbp_write(sc, 75, 0x46); 3959 } 3960 } else { 3961 if (sc->mac_ver == 0x5592) { 3962 run_bbp_write(sc, 79, 0x1c); 3963 run_bbp_write(sc, 80, 0x0e); 3964 run_bbp_write(sc, 81, 0x3a); 3965 run_bbp_write(sc, 82, 0x62); 3966 3967 run_bbp_write(sc, 195, 0x80); 3968 run_bbp_write(sc, 196, 0xe0); 3969 run_bbp_write(sc, 195, 0x81); 3970 run_bbp_write(sc, 196, 0x1f); 3971 run_bbp_write(sc, 195, 0x82); 3972 run_bbp_write(sc, 196, 0x38); 3973 run_bbp_write(sc, 195, 0x83); 3974 run_bbp_write(sc, 196, 0x32); 3975 run_bbp_write(sc, 195, 0x85); 3976 run_bbp_write(sc, 196, 0x28); 3977 run_bbp_write(sc, 195, 0x86); 3978 run_bbp_write(sc, 196, 0x19); 3979 } else if (sc->mac_ver >= 0x5390) 3980 run_bbp_write(sc, 75, 0x50); 3981 else { 3982 run_bbp_write(sc, 82, 3983 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3984 run_bbp_write(sc, 75, 0x50); 3985 } 3986 } 3987 } else { 3988 if (sc->mac_ver == 0x5592) { 3989 run_bbp_write(sc, 79, 0x18); 3990 run_bbp_write(sc, 80, 0x08); 3991 run_bbp_write(sc, 81, 0x38); 3992 run_bbp_write(sc, 82, 0x92); 3993 3994 run_bbp_write(sc, 195, 0x80); 3995 run_bbp_write(sc, 196, 0xf0); 3996 run_bbp_write(sc, 195, 0x81); 3997 run_bbp_write(sc, 196, 0x1e); 3998 run_bbp_write(sc, 195, 0x82); 3999 run_bbp_write(sc, 196, 0x28); 4000 run_bbp_write(sc, 195, 0x83); 4001 run_bbp_write(sc, 196, 0x20); 4002 run_bbp_write(sc, 195, 0x85); 4003 run_bbp_write(sc, 196, 0x7f); 4004 run_bbp_write(sc, 195, 0x86); 4005 run_bbp_write(sc, 196, 0x7f); 4006 } else if (sc->mac_ver == 0x3572) 4007 run_bbp_write(sc, 82, 0x94); 4008 else 4009 run_bbp_write(sc, 82, 4010 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 4011 if (sc->ext_5ghz_lna) 4012 run_bbp_write(sc, 75, 0x46); 4013 else 4014 run_bbp_write(sc, 75, 0x50); 4015 } 4016 4017 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 4018 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4019 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4020 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4021 4022 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4023 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4024 if (sc->mac_ver == 0x3593) 4025 tmp |= 1 << 29 | 1 << 28; 4026 if (sc->nrxchains > 1) 4027 tmp |= RT2860_LNA_PE1_EN; 4028 if (group == 0) { /* 2GHz */ 4029 tmp |= RT2860_PA_PE_G0_EN; 4030 if (sc->ntxchains > 1) 4031 tmp |= RT2860_PA_PE_G1_EN; 4032 if (sc->mac_ver == 0x3593) { 4033 if (sc->ntxchains > 2) 4034 tmp |= 1 << 25; 4035 } 4036 } else { /* 5GHz */ 4037 tmp |= RT2860_PA_PE_A0_EN; 4038 if (sc->ntxchains > 1) 4039 tmp |= RT2860_PA_PE_A1_EN; 4040 } 4041 if (sc->mac_ver == 0x3572) { 4042 run_rt3070_rf_write(sc, 8, 0x00); 4043 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4044 run_rt3070_rf_write(sc, 8, 0x80); 4045 } else 4046 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4047 4048 if (sc->mac_ver == 0x5592) { 4049 run_bbp_write(sc, 195, 0x8d); 4050 run_bbp_write(sc, 196, 0x1a); 4051 } 4052 4053 if (sc->mac_ver == 0x3593) { 4054 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4055 tmp &= ~0x01010000; 4056 if (group == 0) 4057 tmp |= 0x00010000; 4058 tmp = (tmp & ~0x00009090) | 0x00000090; 4059 run_write(sc, RT2860_GPIO_CTRL, tmp); 4060 } 4061 4062 /* set initial AGC value */ 4063 if (group == 0) { /* 2GHz band */ 4064 if (sc->mac_ver >= 0x3070) 4065 agc = 0x1c + sc->lna[0] * 2; 4066 else 4067 agc = 0x2e + sc->lna[0]; 4068 } else { /* 5GHz band */ 4069 if (sc->mac_ver == 0x5592) 4070 agc = 0x24 + sc->lna[group] * 2; 4071 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4072 agc = 0x22 + (sc->lna[group] * 5) / 3; 4073 else 4074 agc = 0x32 + (sc->lna[group] * 5) / 3; 4075 } 4076 run_set_agc(sc, agc); 4077 } 4078 4079 static void 4080 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4081 { 4082 const struct rfprog *rfprog = rt2860_rf2850; 4083 uint32_t r2, r3, r4; 4084 int8_t txpow1, txpow2; 4085 int i; 4086 4087 /* find the settings for this channel (we know it exists) */ 4088 for (i = 0; rfprog[i].chan != chan; i++); 4089 4090 r2 = rfprog[i].r2; 4091 if (sc->ntxchains == 1) 4092 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4093 if (sc->nrxchains == 1) 4094 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4095 else if (sc->nrxchains == 2) 4096 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4097 4098 /* use Tx power values from EEPROM */ 4099 txpow1 = sc->txpow1[i]; 4100 txpow2 = sc->txpow2[i]; 4101 4102 /* Initialize RF R3 and R4. */ 4103 r3 = rfprog[i].r3 & 0xffffc1ff; 4104 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4105 if (chan > 14) { 4106 if (txpow1 >= 0) { 4107 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4108 r3 |= (txpow1 << 10) | (1 << 9); 4109 } else { 4110 txpow1 += 7; 4111 4112 /* txpow1 is not possible larger than 15. */ 4113 r3 |= (txpow1 << 10); 4114 } 4115 if (txpow2 >= 0) { 4116 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4117 r4 |= (txpow2 << 7) | (1 << 6); 4118 } else { 4119 txpow2 += 7; 4120 r4 |= (txpow2 << 7); 4121 } 4122 } else { 4123 /* Set Tx0 power. */ 4124 r3 |= (txpow1 << 9); 4125 4126 /* Set frequency offset and Tx1 power. */ 4127 r4 |= (txpow2 << 6); 4128 } 4129 4130 run_rt2870_rf_write(sc, rfprog[i].r1); 4131 run_rt2870_rf_write(sc, r2); 4132 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4133 run_rt2870_rf_write(sc, r4); 4134 4135 run_delay(sc, 10); 4136 4137 run_rt2870_rf_write(sc, rfprog[i].r1); 4138 run_rt2870_rf_write(sc, r2); 4139 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4140 run_rt2870_rf_write(sc, r4); 4141 4142 run_delay(sc, 10); 4143 4144 run_rt2870_rf_write(sc, rfprog[i].r1); 4145 run_rt2870_rf_write(sc, r2); 4146 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4147 run_rt2870_rf_write(sc, r4); 4148 } 4149 4150 static void 4151 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4152 { 4153 int8_t txpow1, txpow2; 4154 uint8_t rf; 4155 int i; 4156 4157 /* find the settings for this channel (we know it exists) */ 4158 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4159 4160 /* use Tx power values from EEPROM */ 4161 txpow1 = sc->txpow1[i]; 4162 txpow2 = sc->txpow2[i]; 4163 4164 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4165 4166 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4167 run_rt3070_rf_read(sc, 3, &rf); 4168 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4169 run_rt3070_rf_write(sc, 3, rf); 4170 4171 run_rt3070_rf_read(sc, 6, &rf); 4172 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4173 run_rt3070_rf_write(sc, 6, rf); 4174 4175 /* set Tx0 power */ 4176 run_rt3070_rf_read(sc, 12, &rf); 4177 rf = (rf & ~0x1f) | txpow1; 4178 run_rt3070_rf_write(sc, 12, rf); 4179 4180 /* set Tx1 power */ 4181 run_rt3070_rf_read(sc, 13, &rf); 4182 rf = (rf & ~0x1f) | txpow2; 4183 run_rt3070_rf_write(sc, 13, rf); 4184 4185 run_rt3070_rf_read(sc, 1, &rf); 4186 rf &= ~0xfc; 4187 if (sc->ntxchains == 1) 4188 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4189 else if (sc->ntxchains == 2) 4190 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4191 if (sc->nrxchains == 1) 4192 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4193 else if (sc->nrxchains == 2) 4194 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4195 run_rt3070_rf_write(sc, 1, rf); 4196 4197 /* set RF offset */ 4198 run_rt3070_rf_read(sc, 23, &rf); 4199 rf = (rf & ~0x7f) | sc->freq; 4200 run_rt3070_rf_write(sc, 23, rf); 4201 4202 /* program RF filter */ 4203 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4204 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4205 run_rt3070_rf_write(sc, 24, rf); 4206 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4207 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4208 run_rt3070_rf_write(sc, 31, rf); 4209 4210 /* enable RF tuning */ 4211 run_rt3070_rf_read(sc, 7, &rf); 4212 run_rt3070_rf_write(sc, 7, rf | 0x01); 4213 } 4214 4215 static void 4216 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4217 { 4218 int8_t txpow1, txpow2; 4219 uint32_t tmp; 4220 uint8_t rf; 4221 int i; 4222 4223 /* find the settings for this channel (we know it exists) */ 4224 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4225 4226 /* use Tx power values from EEPROM */ 4227 txpow1 = sc->txpow1[i]; 4228 txpow2 = sc->txpow2[i]; 4229 4230 if (chan <= 14) { 4231 run_bbp_write(sc, 25, sc->bbp25); 4232 run_bbp_write(sc, 26, sc->bbp26); 4233 } else { 4234 /* enable IQ phase correction */ 4235 run_bbp_write(sc, 25, 0x09); 4236 run_bbp_write(sc, 26, 0xff); 4237 } 4238 4239 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4240 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4241 run_rt3070_rf_read(sc, 6, &rf); 4242 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4243 rf |= (chan <= 14) ? 0x08 : 0x04; 4244 run_rt3070_rf_write(sc, 6, rf); 4245 4246 /* set PLL mode */ 4247 run_rt3070_rf_read(sc, 5, &rf); 4248 rf &= ~(0x08 | 0x04); 4249 rf |= (chan <= 14) ? 0x04 : 0x08; 4250 run_rt3070_rf_write(sc, 5, rf); 4251 4252 /* set Tx power for chain 0 */ 4253 if (chan <= 14) 4254 rf = 0x60 | txpow1; 4255 else 4256 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4257 run_rt3070_rf_write(sc, 12, rf); 4258 4259 /* set Tx power for chain 1 */ 4260 if (chan <= 14) 4261 rf = 0x60 | txpow2; 4262 else 4263 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4264 run_rt3070_rf_write(sc, 13, rf); 4265 4266 /* set Tx/Rx streams */ 4267 run_rt3070_rf_read(sc, 1, &rf); 4268 rf &= ~0xfc; 4269 if (sc->ntxchains == 1) 4270 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4271 else if (sc->ntxchains == 2) 4272 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4273 if (sc->nrxchains == 1) 4274 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4275 else if (sc->nrxchains == 2) 4276 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4277 run_rt3070_rf_write(sc, 1, rf); 4278 4279 /* set RF offset */ 4280 run_rt3070_rf_read(sc, 23, &rf); 4281 rf = (rf & ~0x7f) | sc->freq; 4282 run_rt3070_rf_write(sc, 23, rf); 4283 4284 /* program RF filter */ 4285 rf = sc->rf24_20mhz; 4286 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4287 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4288 4289 /* enable RF tuning */ 4290 run_rt3070_rf_read(sc, 7, &rf); 4291 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4292 run_rt3070_rf_write(sc, 7, rf); 4293 4294 /* TSSI */ 4295 rf = (chan <= 14) ? 0xc3 : 0xc0; 4296 run_rt3070_rf_write(sc, 9, rf); 4297 4298 /* set loop filter 1 */ 4299 run_rt3070_rf_write(sc, 10, 0xf1); 4300 /* set loop filter 2 */ 4301 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4302 4303 /* set tx_mx2_ic */ 4304 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4305 /* set tx_mx1_ic */ 4306 if (chan <= 14) 4307 rf = 0x48 | sc->txmixgain_2ghz; 4308 else 4309 rf = 0x78 | sc->txmixgain_5ghz; 4310 run_rt3070_rf_write(sc, 16, rf); 4311 4312 /* set tx_lo1 */ 4313 run_rt3070_rf_write(sc, 17, 0x23); 4314 /* set tx_lo2 */ 4315 if (chan <= 14) 4316 rf = 0x93; 4317 else if (chan <= 64) 4318 rf = 0xb7; 4319 else if (chan <= 128) 4320 rf = 0x74; 4321 else 4322 rf = 0x72; 4323 run_rt3070_rf_write(sc, 19, rf); 4324 4325 /* set rx_lo1 */ 4326 if (chan <= 14) 4327 rf = 0xb3; 4328 else if (chan <= 64) 4329 rf = 0xf6; 4330 else if (chan <= 128) 4331 rf = 0xf4; 4332 else 4333 rf = 0xf3; 4334 run_rt3070_rf_write(sc, 20, rf); 4335 4336 /* set pfd_delay */ 4337 if (chan <= 14) 4338 rf = 0x15; 4339 else if (chan <= 64) 4340 rf = 0x3d; 4341 else 4342 rf = 0x01; 4343 run_rt3070_rf_write(sc, 25, rf); 4344 4345 /* set rx_lo2 */ 4346 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4347 /* set ldo_rf_vc */ 4348 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4349 /* set drv_cc */ 4350 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4351 4352 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4353 tmp &= ~0x8080; 4354 if (chan <= 14) 4355 tmp |= 0x80; 4356 run_write(sc, RT2860_GPIO_CTRL, tmp); 4357 4358 /* enable RF tuning */ 4359 run_rt3070_rf_read(sc, 7, &rf); 4360 run_rt3070_rf_write(sc, 7, rf | 0x01); 4361 4362 run_delay(sc, 2); 4363 } 4364 4365 static void 4366 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4367 { 4368 int8_t txpow1, txpow2, txpow3; 4369 uint8_t h20mhz, rf; 4370 int i; 4371 4372 /* find the settings for this channel (we know it exists) */ 4373 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4374 4375 /* use Tx power values from EEPROM */ 4376 txpow1 = sc->txpow1[i]; 4377 txpow2 = sc->txpow2[i]; 4378 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4379 4380 if (chan <= 14) { 4381 run_bbp_write(sc, 25, sc->bbp25); 4382 run_bbp_write(sc, 26, sc->bbp26); 4383 } else { 4384 /* Enable IQ phase correction. */ 4385 run_bbp_write(sc, 25, 0x09); 4386 run_bbp_write(sc, 26, 0xff); 4387 } 4388 4389 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4390 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4391 run_rt3070_rf_read(sc, 11, &rf); 4392 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4393 run_rt3070_rf_write(sc, 11, rf); 4394 4395 /* Set pll_idoh. */ 4396 run_rt3070_rf_read(sc, 11, &rf); 4397 rf &= ~0x4c; 4398 rf |= (chan <= 14) ? 0x44 : 0x48; 4399 run_rt3070_rf_write(sc, 11, rf); 4400 4401 if (chan <= 14) 4402 rf = txpow1 & 0x1f; 4403 else 4404 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4405 run_rt3070_rf_write(sc, 53, rf); 4406 4407 if (chan <= 14) 4408 rf = txpow2 & 0x1f; 4409 else 4410 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4411 run_rt3070_rf_write(sc, 55, rf); 4412 4413 if (chan <= 14) 4414 rf = txpow3 & 0x1f; 4415 else 4416 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4417 run_rt3070_rf_write(sc, 54, rf); 4418 4419 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4420 if (sc->ntxchains == 3) 4421 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4422 else 4423 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4424 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4425 run_rt3070_rf_write(sc, 1, rf); 4426 4427 run_adjust_freq_offset(sc); 4428 4429 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4430 4431 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4432 run_rt3070_rf_read(sc, 30, &rf); 4433 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4434 run_rt3070_rf_write(sc, 30, rf); 4435 4436 run_rt3070_rf_read(sc, 36, &rf); 4437 if (chan <= 14) 4438 rf |= 0x80; 4439 else 4440 rf &= ~0x80; 4441 run_rt3070_rf_write(sc, 36, rf); 4442 4443 /* Set vcolo_bs. */ 4444 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4445 /* Set pfd_delay. */ 4446 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4447 4448 /* Set vco bias current control. */ 4449 run_rt3070_rf_read(sc, 6, &rf); 4450 rf &= ~0xc0; 4451 if (chan <= 14) 4452 rf |= 0x40; 4453 else if (chan <= 128) 4454 rf |= 0x80; 4455 else 4456 rf |= 0x40; 4457 run_rt3070_rf_write(sc, 6, rf); 4458 4459 run_rt3070_rf_read(sc, 30, &rf); 4460 rf = (rf & ~0x18) | 0x10; 4461 run_rt3070_rf_write(sc, 30, rf); 4462 4463 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4464 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4465 4466 run_rt3070_rf_read(sc, 51, &rf); 4467 rf = (rf & ~0x03) | 0x01; 4468 run_rt3070_rf_write(sc, 51, rf); 4469 /* Set tx_mx1_cc. */ 4470 run_rt3070_rf_read(sc, 51, &rf); 4471 rf &= ~0x1c; 4472 rf |= (chan <= 14) ? 0x14 : 0x10; 4473 run_rt3070_rf_write(sc, 51, rf); 4474 /* Set tx_mx1_ic. */ 4475 run_rt3070_rf_read(sc, 51, &rf); 4476 rf &= ~0xe0; 4477 rf |= (chan <= 14) ? 0x60 : 0x40; 4478 run_rt3070_rf_write(sc, 51, rf); 4479 /* Set tx_lo1_ic. */ 4480 run_rt3070_rf_read(sc, 49, &rf); 4481 rf &= ~0x1c; 4482 rf |= (chan <= 14) ? 0x0c : 0x08; 4483 run_rt3070_rf_write(sc, 49, rf); 4484 /* Set tx_lo1_en. */ 4485 run_rt3070_rf_read(sc, 50, &rf); 4486 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4487 /* Set drv_cc. */ 4488 run_rt3070_rf_read(sc, 57, &rf); 4489 rf &= ~0xfc; 4490 rf |= (chan <= 14) ? 0x6c : 0x3c; 4491 run_rt3070_rf_write(sc, 57, rf); 4492 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4493 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4494 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4495 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4496 /* Enable VCO calibration. */ 4497 run_rt3070_rf_read(sc, 3, &rf); 4498 rf &= ~RT5390_VCOCAL; 4499 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4500 run_rt3070_rf_write(sc, 3, rf); 4501 4502 if (chan <= 14) 4503 rf = 0x23; 4504 else if (chan <= 64) 4505 rf = 0x36; 4506 else if (chan <= 128) 4507 rf = 0x32; 4508 else 4509 rf = 0x30; 4510 run_rt3070_rf_write(sc, 39, rf); 4511 if (chan <= 14) 4512 rf = 0xbb; 4513 else if (chan <= 64) 4514 rf = 0xeb; 4515 else if (chan <= 128) 4516 rf = 0xb3; 4517 else 4518 rf = 0x9b; 4519 run_rt3070_rf_write(sc, 45, rf); 4520 4521 /* Set FEQ/AEQ control. */ 4522 run_bbp_write(sc, 105, 0x34); 4523 } 4524 4525 static void 4526 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4527 { 4528 int8_t txpow1, txpow2; 4529 uint8_t rf; 4530 int i; 4531 4532 /* find the settings for this channel (we know it exists) */ 4533 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4534 4535 /* use Tx power values from EEPROM */ 4536 txpow1 = sc->txpow1[i]; 4537 txpow2 = sc->txpow2[i]; 4538 4539 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4540 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4541 run_rt3070_rf_read(sc, 11, &rf); 4542 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4543 run_rt3070_rf_write(sc, 11, rf); 4544 4545 run_rt3070_rf_read(sc, 49, &rf); 4546 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4547 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4548 if ((rf & 0x3f) > 0x27) 4549 rf = (rf & ~0x3f) | 0x27; 4550 run_rt3070_rf_write(sc, 49, rf); 4551 4552 if (sc->mac_ver == 0x5392) { 4553 run_rt3070_rf_read(sc, 50, &rf); 4554 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4555 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4556 if ((rf & 0x3f) > 0x27) 4557 rf = (rf & ~0x3f) | 0x27; 4558 run_rt3070_rf_write(sc, 50, rf); 4559 } 4560 4561 run_rt3070_rf_read(sc, 1, &rf); 4562 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4563 if (sc->mac_ver == 0x5392) 4564 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4565 run_rt3070_rf_write(sc, 1, rf); 4566 4567 if (sc->mac_ver != 0x5392) { 4568 run_rt3070_rf_read(sc, 2, &rf); 4569 rf |= 0x80; 4570 run_rt3070_rf_write(sc, 2, rf); 4571 run_delay(sc, 10); 4572 rf &= 0x7f; 4573 run_rt3070_rf_write(sc, 2, rf); 4574 } 4575 4576 run_adjust_freq_offset(sc); 4577 4578 if (sc->mac_ver == 0x5392) { 4579 /* Fix for RT5392C. */ 4580 if (sc->mac_rev >= 0x0223) { 4581 if (chan <= 4) 4582 rf = 0x0f; 4583 else if (chan >= 5 && chan <= 7) 4584 rf = 0x0e; 4585 else 4586 rf = 0x0d; 4587 run_rt3070_rf_write(sc, 23, rf); 4588 4589 if (chan <= 4) 4590 rf = 0x0c; 4591 else if (chan == 5) 4592 rf = 0x0b; 4593 else if (chan >= 6 && chan <= 7) 4594 rf = 0x0a; 4595 else if (chan >= 8 && chan <= 10) 4596 rf = 0x09; 4597 else 4598 rf = 0x08; 4599 run_rt3070_rf_write(sc, 59, rf); 4600 } else { 4601 if (chan <= 11) 4602 rf = 0x0f; 4603 else 4604 rf = 0x0b; 4605 run_rt3070_rf_write(sc, 59, rf); 4606 } 4607 } else { 4608 /* Fix for RT5390F. */ 4609 if (sc->mac_rev >= 0x0502) { 4610 if (chan <= 11) 4611 rf = 0x43; 4612 else 4613 rf = 0x23; 4614 run_rt3070_rf_write(sc, 55, rf); 4615 4616 if (chan <= 11) 4617 rf = 0x0f; 4618 else if (chan == 12) 4619 rf = 0x0d; 4620 else 4621 rf = 0x0b; 4622 run_rt3070_rf_write(sc, 59, rf); 4623 } else { 4624 run_rt3070_rf_write(sc, 55, 0x44); 4625 run_rt3070_rf_write(sc, 59, 0x8f); 4626 } 4627 } 4628 4629 /* Enable VCO calibration. */ 4630 run_rt3070_rf_read(sc, 3, &rf); 4631 rf |= RT5390_VCOCAL; 4632 run_rt3070_rf_write(sc, 3, rf); 4633 } 4634 4635 static void 4636 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4637 { 4638 const struct rt5592_freqs *freqs; 4639 uint32_t tmp; 4640 uint8_t reg, rf, txpow_bound; 4641 int8_t txpow1, txpow2; 4642 int i; 4643 4644 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4645 freqs = (tmp & RT5592_SEL_XTAL) ? 4646 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4647 4648 /* find the settings for this channel (we know it exists) */ 4649 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4650 4651 /* use Tx power values from EEPROM */ 4652 txpow1 = sc->txpow1[i]; 4653 txpow2 = sc->txpow2[i]; 4654 4655 run_read(sc, RT3070_LDO_CFG0, &tmp); 4656 tmp &= ~0x1c000000; 4657 if (chan > 14) 4658 tmp |= 0x14000000; 4659 run_write(sc, RT3070_LDO_CFG0, tmp); 4660 4661 /* N setting. */ 4662 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4663 run_rt3070_rf_read(sc, 9, &rf); 4664 rf &= ~(1 << 4); 4665 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4666 run_rt3070_rf_write(sc, 9, rf); 4667 4668 /* K setting. */ 4669 run_rt3070_rf_read(sc, 9, &rf); 4670 rf &= ~0x0f; 4671 rf |= (freqs->k & 0x0f); 4672 run_rt3070_rf_write(sc, 9, rf); 4673 4674 /* Mode setting. */ 4675 run_rt3070_rf_read(sc, 11, &rf); 4676 rf &= ~0x0c; 4677 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4678 run_rt3070_rf_write(sc, 11, rf); 4679 run_rt3070_rf_read(sc, 9, &rf); 4680 rf &= ~(1 << 7); 4681 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4682 run_rt3070_rf_write(sc, 9, rf); 4683 4684 /* R setting. */ 4685 run_rt3070_rf_read(sc, 11, &rf); 4686 rf &= ~0x03; 4687 rf |= (freqs->r - 0x1); 4688 run_rt3070_rf_write(sc, 11, rf); 4689 4690 if (chan <= 14) { 4691 /* Initialize RF registers for 2GHZ. */ 4692 for (i = 0; i < NELEM(rt5592_2ghz_def_rf); i++) { 4693 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4694 rt5592_2ghz_def_rf[i].val); 4695 } 4696 4697 rf = (chan <= 10) ? 0x07 : 0x06; 4698 run_rt3070_rf_write(sc, 23, rf); 4699 run_rt3070_rf_write(sc, 59, rf); 4700 4701 run_rt3070_rf_write(sc, 55, 0x43); 4702 4703 /* 4704 * RF R49/R50 Tx power ALC code. 4705 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4706 */ 4707 reg = 2; 4708 txpow_bound = 0x27; 4709 } else { 4710 /* Initialize RF registers for 5GHZ. */ 4711 for (i = 0; i < NELEM(rt5592_5ghz_def_rf); i++) { 4712 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4713 rt5592_5ghz_def_rf[i].val); 4714 } 4715 for (i = 0; i < NELEM(rt5592_chan_5ghz); i++) { 4716 if (chan >= rt5592_chan_5ghz[i].firstchan && 4717 chan <= rt5592_chan_5ghz[i].lastchan) { 4718 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4719 rt5592_chan_5ghz[i].val); 4720 } 4721 } 4722 4723 /* 4724 * RF R49/R50 Tx power ALC code. 4725 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4726 */ 4727 reg = 3; 4728 txpow_bound = 0x2b; 4729 } 4730 4731 /* RF R49 ch0 Tx power ALC code. */ 4732 run_rt3070_rf_read(sc, 49, &rf); 4733 rf &= ~0xc0; 4734 rf |= (reg << 6); 4735 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4736 if ((rf & 0x3f) > txpow_bound) 4737 rf = (rf & ~0x3f) | txpow_bound; 4738 run_rt3070_rf_write(sc, 49, rf); 4739 4740 /* RF R50 ch1 Tx power ALC code. */ 4741 run_rt3070_rf_read(sc, 50, &rf); 4742 rf &= ~(1 << 7 | 1 << 6); 4743 rf |= (reg << 6); 4744 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4745 if ((rf & 0x3f) > txpow_bound) 4746 rf = (rf & ~0x3f) | txpow_bound; 4747 run_rt3070_rf_write(sc, 50, rf); 4748 4749 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4750 run_rt3070_rf_read(sc, 1, &rf); 4751 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4752 if (sc->ntxchains > 1) 4753 rf |= RT3070_TX1_PD; 4754 if (sc->nrxchains > 1) 4755 rf |= RT3070_RX1_PD; 4756 run_rt3070_rf_write(sc, 1, rf); 4757 4758 run_rt3070_rf_write(sc, 6, 0xe4); 4759 4760 run_rt3070_rf_write(sc, 30, 0x10); 4761 run_rt3070_rf_write(sc, 31, 0x80); 4762 run_rt3070_rf_write(sc, 32, 0x80); 4763 4764 run_adjust_freq_offset(sc); 4765 4766 /* Enable VCO calibration. */ 4767 run_rt3070_rf_read(sc, 3, &rf); 4768 rf |= RT5390_VCOCAL; 4769 run_rt3070_rf_write(sc, 3, rf); 4770 } 4771 4772 static void 4773 run_set_rx_antenna(struct run_softc *sc, int aux) 4774 { 4775 uint32_t tmp; 4776 uint8_t bbp152; 4777 4778 if (aux) { 4779 if (sc->rf_rev == RT5390_RF_5370) { 4780 run_bbp_read(sc, 152, &bbp152); 4781 run_bbp_write(sc, 152, bbp152 & ~0x80); 4782 } else { 4783 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4784 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4785 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4786 } 4787 } else { 4788 if (sc->rf_rev == RT5390_RF_5370) { 4789 run_bbp_read(sc, 152, &bbp152); 4790 run_bbp_write(sc, 152, bbp152 | 0x80); 4791 } else { 4792 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4793 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4794 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4795 } 4796 } 4797 } 4798 4799 static int 4800 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4801 { 4802 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4803 u_int chan, group; 4804 4805 chan = ieee80211_chan2ieee(ic, c); 4806 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4807 return (EINVAL); 4808 4809 if (sc->mac_ver == 0x5592) 4810 run_rt5592_set_chan(sc, chan); 4811 else if (sc->mac_ver >= 0x5390) 4812 run_rt5390_set_chan(sc, chan); 4813 else if (sc->mac_ver == 0x3593) 4814 run_rt3593_set_chan(sc, chan); 4815 else if (sc->mac_ver == 0x3572) 4816 run_rt3572_set_chan(sc, chan); 4817 else if (sc->mac_ver >= 0x3070) 4818 run_rt3070_set_chan(sc, chan); 4819 else 4820 run_rt2870_set_chan(sc, chan); 4821 4822 /* determine channel group */ 4823 if (chan <= 14) 4824 group = 0; 4825 else if (chan <= 64) 4826 group = 1; 4827 else if (chan <= 128) 4828 group = 2; 4829 else 4830 group = 3; 4831 4832 /* XXX necessary only when group has changed! */ 4833 run_select_chan_group(sc, group); 4834 4835 run_delay(sc, 10); 4836 4837 /* Perform IQ calibration. */ 4838 if (sc->mac_ver >= 0x5392) 4839 run_iq_calib(sc, chan); 4840 4841 return (0); 4842 } 4843 4844 static void 4845 run_set_channel(struct ieee80211com *ic) 4846 { 4847 struct run_softc *sc = ic->ic_ifp->if_softc; 4848 4849 RUN_LOCK(sc); 4850 run_set_chan(sc, ic->ic_curchan); 4851 RUN_UNLOCK(sc); 4852 4853 return; 4854 } 4855 4856 static void 4857 run_scan_start(struct ieee80211com *ic) 4858 { 4859 struct run_softc *sc = ic->ic_ifp->if_softc; 4860 uint32_t tmp; 4861 4862 RUN_LOCK(sc); 4863 4864 /* abort TSF synchronization */ 4865 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4866 run_write(sc, RT2860_BCN_TIME_CFG, 4867 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4868 RT2860_TBTT_TIMER_EN)); 4869 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4870 4871 RUN_UNLOCK(sc); 4872 4873 return; 4874 } 4875 4876 static void 4877 run_scan_end(struct ieee80211com *ic) 4878 { 4879 struct run_softc *sc = ic->ic_ifp->if_softc; 4880 4881 RUN_LOCK(sc); 4882 4883 run_enable_tsf_sync(sc); 4884 /* XXX keep local copy */ 4885 run_set_bssid(sc, sc->sc_bssid); 4886 4887 RUN_UNLOCK(sc); 4888 4889 return; 4890 } 4891 4892 /* 4893 * Could be called from ieee80211_node_timeout() 4894 * (non-sleepable thread) 4895 */ 4896 static void 4897 run_update_beacon(struct ieee80211vap *vap, int item) 4898 { 4899 struct ieee80211com *ic = vap->iv_ic; 4900 struct run_softc *sc = ic->ic_ifp->if_softc; 4901 struct run_vap *rvp = RUN_VAP(vap); 4902 int mcast = 0; 4903 uint32_t i; 4904 4905 KASSERT(vap != NULL, ("no beacon")); 4906 4907 switch (item) { 4908 case IEEE80211_BEACON_ERP: 4909 run_updateslot(ic->ic_ifp); 4910 break; 4911 case IEEE80211_BEACON_HTINFO: 4912 run_updateprot(ic); 4913 break; 4914 case IEEE80211_BEACON_TIM: 4915 mcast = 1; /*TODO*/ 4916 break; 4917 default: 4918 break; 4919 } 4920 4921 setbit(rvp->bo.bo_flags, item); 4922 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4923 4924 i = RUN_CMDQ_GET(&sc->cmdq_store); 4925 DPRINTF("cmdq_store=%d\n", i); 4926 sc->cmdq[i].func = run_update_beacon_cb; 4927 sc->cmdq[i].arg0 = vap; 4928 ieee80211_runtask(ic, &sc->cmdq_task); 4929 4930 return; 4931 } 4932 4933 static void 4934 run_update_beacon_cb(void *arg) 4935 { 4936 struct ieee80211vap *vap = arg; 4937 struct run_vap *rvp = RUN_VAP(vap); 4938 struct ieee80211com *ic = vap->iv_ic; 4939 struct run_softc *sc = ic->ic_ifp->if_softc; 4940 struct rt2860_txwi txwi; 4941 struct mbuf *m; 4942 uint16_t txwisize; 4943 uint8_t ridx; 4944 4945 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4946 return; 4947 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4948 return; 4949 4950 /* 4951 * No need to call ieee80211_beacon_update(), run_update_beacon() 4952 * is taking care of apropriate calls. 4953 */ 4954 if (rvp->beacon_mbuf == NULL) { 4955 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4956 &rvp->bo); 4957 if (rvp->beacon_mbuf == NULL) 4958 return; 4959 } 4960 m = rvp->beacon_mbuf; 4961 4962 memset(&txwi, 0, sizeof(txwi)); 4963 txwi.wcid = 0xff; 4964 txwi.len = htole16(m->m_pkthdr.len); 4965 4966 /* send beacons at the lowest available rate */ 4967 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4968 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4969 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4970 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4971 txwi.phy |= htole16(RT2860_PHY_OFDM); 4972 txwi.txop = RT2860_TX_TXOP_HT; 4973 txwi.flags = RT2860_TX_TS; 4974 txwi.xflags = RT2860_TX_NSEQ; 4975 4976 txwisize = (sc->mac_ver == 0x5592) ? 4977 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4978 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4979 txwisize); 4980 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4981 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4982 } 4983 4984 static void 4985 run_updateprot(struct ieee80211com *ic) 4986 { 4987 struct run_softc *sc = ic->ic_ifp->if_softc; 4988 uint32_t i; 4989 4990 i = RUN_CMDQ_GET(&sc->cmdq_store); 4991 DPRINTF("cmdq_store=%d\n", i); 4992 sc->cmdq[i].func = run_updateprot_cb; 4993 sc->cmdq[i].arg0 = ic; 4994 ieee80211_runtask(ic, &sc->cmdq_task); 4995 } 4996 4997 static void 4998 run_updateprot_cb(void *arg) 4999 { 5000 struct ieee80211com *ic = arg; 5001 struct run_softc *sc = ic->ic_ifp->if_softc; 5002 uint32_t tmp; 5003 5004 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 5005 /* setup protection frame rate (MCS code) */ 5006 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 5007 rt2860_rates[RT2860_RIDX_OFDM6].mcs : 5008 rt2860_rates[RT2860_RIDX_CCK11].mcs; 5009 5010 /* CCK frames don't require protection */ 5011 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 5012 if (ic->ic_flags & IEEE80211_F_USEPROT) { 5013 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 5014 tmp |= RT2860_PROT_CTRL_RTS_CTS; 5015 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 5016 tmp |= RT2860_PROT_CTRL_CTS; 5017 } 5018 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5019 } 5020 5021 static void 5022 run_usb_timeout_cb(void *arg) 5023 { 5024 struct ieee80211vap *vap = arg; 5025 struct run_softc *sc = vap->iv_ic->ic_ifp->if_softc; 5026 5027 RUN_LOCK_ASSERT(sc, MA_OWNED); 5028 5029 if(vap->iv_state == IEEE80211_S_RUN && 5030 vap->iv_opmode != IEEE80211_M_STA) 5031 run_reset_livelock(sc); 5032 else if (vap->iv_state == IEEE80211_S_SCAN) { 5033 DPRINTF("timeout caused by scan\n"); 5034 /* cancel bgscan */ 5035 ieee80211_cancel_scan(vap); 5036 } else 5037 DPRINTF("timeout by unknown cause\n"); 5038 } 5039 5040 static void 5041 run_reset_livelock(struct run_softc *sc) 5042 { 5043 uint32_t tmp; 5044 5045 RUN_LOCK_ASSERT(sc, MA_OWNED); 5046 5047 /* 5048 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5049 * can run into a livelock and start sending CTS-to-self frames like 5050 * crazy if protection is enabled. Reset MAC/BBP for a while 5051 */ 5052 run_read(sc, RT2860_DEBUG, &tmp); 5053 DPRINTFN(3, "debug reg %08x\n", tmp); 5054 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5055 DPRINTF("CTS-to-self livelock detected\n"); 5056 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5057 run_delay(sc, 1); 5058 run_write(sc, RT2860_MAC_SYS_CTRL, 5059 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5060 } 5061 } 5062 5063 static void 5064 run_update_promisc_locked(struct ifnet *ifp) 5065 { 5066 struct run_softc *sc = ifp->if_softc; 5067 uint32_t tmp; 5068 5069 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5070 5071 tmp |= RT2860_DROP_UC_NOME; 5072 if (ifp->if_flags & IFF_PROMISC) 5073 tmp &= ~RT2860_DROP_UC_NOME; 5074 5075 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5076 5077 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 5078 "entering" : "leaving"); 5079 } 5080 5081 static void 5082 run_update_promisc(struct ifnet *ifp) 5083 { 5084 struct run_softc *sc = ifp->if_softc; 5085 5086 if ((ifp->if_flags & IFF_RUNNING) == 0) 5087 return; 5088 5089 RUN_LOCK(sc); 5090 run_update_promisc_locked(ifp); 5091 RUN_UNLOCK(sc); 5092 } 5093 5094 static void 5095 run_enable_tsf_sync(struct run_softc *sc) 5096 { 5097 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5098 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5099 uint32_t tmp; 5100 5101 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5102 ic->ic_opmode); 5103 5104 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5105 tmp &= ~0x1fffff; 5106 tmp |= vap->iv_bss->ni_intval * 16; 5107 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5108 5109 if (ic->ic_opmode == IEEE80211_M_STA) { 5110 /* 5111 * Local TSF is always updated with remote TSF on beacon 5112 * reception. 5113 */ 5114 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5115 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5116 tmp |= RT2860_BCN_TX_EN; 5117 /* 5118 * Local TSF is updated with remote TSF on beacon reception 5119 * only if the remote TSF is greater than local TSF. 5120 */ 5121 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5122 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5123 ic->ic_opmode == IEEE80211_M_MBSS) { 5124 tmp |= RT2860_BCN_TX_EN; 5125 /* SYNC with nobody */ 5126 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5127 } else { 5128 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5129 return; 5130 } 5131 5132 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5133 } 5134 5135 static void 5136 run_enable_mrr(struct run_softc *sc) 5137 { 5138 #define CCK(mcs) (mcs) 5139 #define OFDM(mcs) (1 << 3 | (mcs)) 5140 run_write(sc, RT2860_LG_FBK_CFG0, 5141 OFDM(6) << 28 | /* 54->48 */ 5142 OFDM(5) << 24 | /* 48->36 */ 5143 OFDM(4) << 20 | /* 36->24 */ 5144 OFDM(3) << 16 | /* 24->18 */ 5145 OFDM(2) << 12 | /* 18->12 */ 5146 OFDM(1) << 8 | /* 12-> 9 */ 5147 OFDM(0) << 4 | /* 9-> 6 */ 5148 OFDM(0)); /* 6-> 6 */ 5149 5150 run_write(sc, RT2860_LG_FBK_CFG1, 5151 CCK(2) << 12 | /* 11->5.5 */ 5152 CCK(1) << 8 | /* 5.5-> 2 */ 5153 CCK(0) << 4 | /* 2-> 1 */ 5154 CCK(0)); /* 1-> 1 */ 5155 #undef OFDM 5156 #undef CCK 5157 } 5158 5159 static void 5160 run_set_txpreamble(struct run_softc *sc) 5161 { 5162 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5163 uint32_t tmp; 5164 5165 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5166 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5167 tmp |= RT2860_CCK_SHORT_EN; 5168 else 5169 tmp &= ~RT2860_CCK_SHORT_EN; 5170 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5171 } 5172 5173 static void 5174 run_set_basicrates(struct run_softc *sc) 5175 { 5176 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5177 5178 /* set basic rates mask */ 5179 if (ic->ic_curmode == IEEE80211_MODE_11B) 5180 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5181 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5182 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5183 else /* 11g */ 5184 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5185 } 5186 5187 static void 5188 run_set_leds(struct run_softc *sc, uint16_t which) 5189 { 5190 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5191 which | (sc->leds & 0x7f)); 5192 } 5193 5194 static void 5195 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5196 { 5197 run_write(sc, RT2860_MAC_BSSID_DW0, 5198 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5199 run_write(sc, RT2860_MAC_BSSID_DW1, 5200 bssid[4] | bssid[5] << 8); 5201 } 5202 5203 static void 5204 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5205 { 5206 run_write(sc, RT2860_MAC_ADDR_DW0, 5207 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5208 run_write(sc, RT2860_MAC_ADDR_DW1, 5209 addr[4] | addr[5] << 8 | 0xff << 16); 5210 } 5211 5212 static void 5213 run_updateslot(struct ifnet *ifp) 5214 { 5215 struct run_softc *sc = ifp->if_softc; 5216 struct ieee80211com *ic = ifp->if_l2com; 5217 uint32_t i; 5218 5219 i = RUN_CMDQ_GET(&sc->cmdq_store); 5220 DPRINTF("cmdq_store=%d\n", i); 5221 sc->cmdq[i].func = run_updateslot_cb; 5222 sc->cmdq[i].arg0 = ifp; 5223 ieee80211_runtask(ic, &sc->cmdq_task); 5224 5225 return; 5226 } 5227 5228 /* ARGSUSED */ 5229 static void 5230 run_updateslot_cb(void *arg) 5231 { 5232 struct ifnet *ifp = arg; 5233 struct run_softc *sc = ifp->if_softc; 5234 struct ieee80211com *ic = ifp->if_l2com; 5235 uint32_t tmp; 5236 5237 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5238 tmp &= ~0xff; 5239 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5240 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5241 } 5242 5243 static void 5244 run_update_mcast(struct ifnet *ifp) 5245 { 5246 /* h/w filter supports getting everything or nothing */ 5247 ifp->if_flags |= IFF_ALLMULTI; 5248 } 5249 5250 static int8_t 5251 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5252 { 5253 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5254 struct ieee80211_channel *c = ic->ic_curchan; 5255 int delta; 5256 5257 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5258 u_int chan = ieee80211_chan2ieee(ic, c); 5259 delta = sc->rssi_5ghz[rxchain]; 5260 5261 /* determine channel group */ 5262 if (chan <= 64) 5263 delta -= sc->lna[1]; 5264 else if (chan <= 128) 5265 delta -= sc->lna[2]; 5266 else 5267 delta -= sc->lna[3]; 5268 } else 5269 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5270 5271 return (-12 - delta - rssi); 5272 } 5273 5274 static void 5275 run_rt5390_bbp_init(struct run_softc *sc) 5276 { 5277 int i; 5278 uint8_t bbp; 5279 5280 /* Apply maximum likelihood detection for 2 stream case. */ 5281 run_bbp_read(sc, 105, &bbp); 5282 if (sc->nrxchains > 1) 5283 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5284 5285 /* Avoid data lost and CRC error. */ 5286 run_bbp_read(sc, 4, &bbp); 5287 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5288 5289 if (sc->mac_ver == 0x5592) { 5290 for (i = 0; i < NELEM(rt5592_def_bbp); i++) { 5291 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5292 rt5592_def_bbp[i].val); 5293 } 5294 for (i = 0; i < NELEM(rt5592_bbp_r196); i++) { 5295 run_bbp_write(sc, 195, i + 0x80); 5296 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5297 } 5298 } else { 5299 for (i = 0; i < NELEM(rt5390_def_bbp); i++) { 5300 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5301 rt5390_def_bbp[i].val); 5302 } 5303 } 5304 if (sc->mac_ver == 0x5392) { 5305 run_bbp_write(sc, 88, 0x90); 5306 run_bbp_write(sc, 95, 0x9a); 5307 run_bbp_write(sc, 98, 0x12); 5308 run_bbp_write(sc, 106, 0x12); 5309 run_bbp_write(sc, 134, 0xd0); 5310 run_bbp_write(sc, 135, 0xf6); 5311 run_bbp_write(sc, 148, 0x84); 5312 } 5313 5314 run_bbp_read(sc, 152, &bbp); 5315 run_bbp_write(sc, 152, bbp | 0x80); 5316 5317 /* Fix BBP254 for RT5592C. */ 5318 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5319 run_bbp_read(sc, 254, &bbp); 5320 run_bbp_write(sc, 254, bbp | 0x80); 5321 } 5322 5323 /* Disable hardware antenna diversity. */ 5324 if (sc->mac_ver == 0x5390) 5325 run_bbp_write(sc, 154, 0); 5326 5327 /* Initialize Rx CCK/OFDM frequency offset report. */ 5328 run_bbp_write(sc, 142, 1); 5329 run_bbp_write(sc, 143, 57); 5330 } 5331 5332 static int 5333 run_bbp_init(struct run_softc *sc) 5334 { 5335 int i, error, ntries; 5336 uint8_t bbp0; 5337 5338 /* wait for BBP to wake up */ 5339 for (ntries = 0; ntries < 20; ntries++) { 5340 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5341 return error; 5342 if (bbp0 != 0 && bbp0 != 0xff) 5343 break; 5344 } 5345 if (ntries == 20) 5346 return (ETIMEDOUT); 5347 5348 /* initialize BBP registers to default values */ 5349 if (sc->mac_ver >= 0x5390) 5350 run_rt5390_bbp_init(sc); 5351 else { 5352 for (i = 0; i < NELEM(rt2860_def_bbp); i++) { 5353 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5354 rt2860_def_bbp[i].val); 5355 } 5356 } 5357 5358 if (sc->mac_ver == 0x3593) { 5359 run_bbp_write(sc, 79, 0x13); 5360 run_bbp_write(sc, 80, 0x05); 5361 run_bbp_write(sc, 81, 0x33); 5362 run_bbp_write(sc, 86, 0x46); 5363 run_bbp_write(sc, 137, 0x0f); 5364 } 5365 5366 /* fix BBP84 for RT2860E */ 5367 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5368 run_bbp_write(sc, 84, 0x19); 5369 5370 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5371 sc->mac_ver != 0x5592)) { 5372 run_bbp_write(sc, 79, 0x13); 5373 run_bbp_write(sc, 80, 0x05); 5374 run_bbp_write(sc, 81, 0x33); 5375 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5376 run_bbp_write(sc, 69, 0x16); 5377 run_bbp_write(sc, 73, 0x12); 5378 } 5379 return (0); 5380 } 5381 5382 static int 5383 run_rt3070_rf_init(struct run_softc *sc) 5384 { 5385 uint32_t tmp; 5386 uint8_t bbp4, mingain, rf, target; 5387 int i; 5388 5389 run_rt3070_rf_read(sc, 30, &rf); 5390 /* toggle RF R30 bit 7 */ 5391 run_rt3070_rf_write(sc, 30, rf | 0x80); 5392 run_delay(sc, 10); 5393 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5394 5395 /* initialize RF registers to default value */ 5396 if (sc->mac_ver == 0x3572) { 5397 for (i = 0; i < NELEM(rt3572_def_rf); i++) { 5398 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5399 rt3572_def_rf[i].val); 5400 } 5401 } else { 5402 for (i = 0; i < NELEM(rt3070_def_rf); i++) { 5403 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5404 rt3070_def_rf[i].val); 5405 } 5406 } 5407 5408 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5409 /* 5410 * Change voltage from 1.2V to 1.35V for RT3070. 5411 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5412 * in RT3070(F). 5413 */ 5414 run_read(sc, RT3070_LDO_CFG0, &tmp); 5415 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5416 run_write(sc, RT3070_LDO_CFG0, tmp); 5417 5418 } else if (sc->mac_ver == 0x3071) { 5419 run_rt3070_rf_read(sc, 6, &rf); 5420 run_rt3070_rf_write(sc, 6, rf | 0x40); 5421 run_rt3070_rf_write(sc, 31, 0x14); 5422 5423 run_read(sc, RT3070_LDO_CFG0, &tmp); 5424 tmp &= ~0x1f000000; 5425 if (sc->mac_rev < 0x0211) 5426 tmp |= 0x0d000000; /* 1.3V */ 5427 else 5428 tmp |= 0x01000000; /* 1.2V */ 5429 run_write(sc, RT3070_LDO_CFG0, tmp); 5430 5431 /* patch LNA_PE_G1 */ 5432 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5433 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5434 5435 } else if (sc->mac_ver == 0x3572) { 5436 run_rt3070_rf_read(sc, 6, &rf); 5437 run_rt3070_rf_write(sc, 6, rf | 0x40); 5438 5439 /* increase voltage from 1.2V to 1.35V */ 5440 run_read(sc, RT3070_LDO_CFG0, &tmp); 5441 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5442 run_write(sc, RT3070_LDO_CFG0, tmp); 5443 5444 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5445 run_delay(sc, 1); /* wait for 1msec */ 5446 /* decrease voltage back to 1.2V */ 5447 tmp = (tmp & ~0x1f000000) | 0x01000000; 5448 run_write(sc, RT3070_LDO_CFG0, tmp); 5449 } 5450 } 5451 5452 /* select 20MHz bandwidth */ 5453 run_rt3070_rf_read(sc, 31, &rf); 5454 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5455 5456 /* calibrate filter for 20MHz bandwidth */ 5457 sc->rf24_20mhz = 0x1f; /* default value */ 5458 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5459 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5460 5461 /* select 40MHz bandwidth */ 5462 run_bbp_read(sc, 4, &bbp4); 5463 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5464 run_rt3070_rf_read(sc, 31, &rf); 5465 run_rt3070_rf_write(sc, 31, rf | 0x20); 5466 5467 /* calibrate filter for 40MHz bandwidth */ 5468 sc->rf24_40mhz = 0x2f; /* default value */ 5469 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5470 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5471 5472 /* go back to 20MHz bandwidth */ 5473 run_bbp_read(sc, 4, &bbp4); 5474 run_bbp_write(sc, 4, bbp4 & ~0x18); 5475 5476 if (sc->mac_ver == 0x3572) { 5477 /* save default BBP registers 25 and 26 values */ 5478 run_bbp_read(sc, 25, &sc->bbp25); 5479 run_bbp_read(sc, 26, &sc->bbp26); 5480 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5481 run_rt3070_rf_write(sc, 27, 0x03); 5482 5483 run_read(sc, RT3070_OPT_14, &tmp); 5484 run_write(sc, RT3070_OPT_14, tmp | 1); 5485 5486 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5487 run_rt3070_rf_read(sc, 17, &rf); 5488 rf &= ~RT3070_TX_LO1; 5489 if ((sc->mac_ver == 0x3070 || 5490 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5491 !sc->ext_2ghz_lna) 5492 rf |= 0x20; /* fix for long range Rx issue */ 5493 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5494 if (sc->txmixgain_2ghz >= mingain) 5495 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5496 run_rt3070_rf_write(sc, 17, rf); 5497 } 5498 5499 if (sc->mac_rev == 0x3071) { 5500 run_rt3070_rf_read(sc, 1, &rf); 5501 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5502 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5503 run_rt3070_rf_write(sc, 1, rf); 5504 5505 run_rt3070_rf_read(sc, 15, &rf); 5506 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5507 5508 run_rt3070_rf_read(sc, 20, &rf); 5509 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5510 5511 run_rt3070_rf_read(sc, 21, &rf); 5512 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5513 } 5514 5515 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5516 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5517 run_rt3070_rf_read(sc, 27, &rf); 5518 rf &= ~0x77; 5519 if (sc->mac_rev < 0x0211) 5520 rf |= 0x03; 5521 run_rt3070_rf_write(sc, 27, rf); 5522 } 5523 return (0); 5524 } 5525 5526 static void 5527 run_rt3593_rf_init(struct run_softc *sc) 5528 { 5529 uint32_t tmp; 5530 uint8_t rf; 5531 int i; 5532 5533 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5534 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5535 tmp &= ~(1 << 4 | 1 << 7); 5536 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5537 5538 /* Initialize RF registers to default value. */ 5539 for (i = 0; i < NELEM(rt3593_def_rf); i++) { 5540 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5541 rt3593_def_rf[i].val); 5542 } 5543 5544 /* Toggle RF R2 to initiate calibration. */ 5545 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5546 5547 /* Initialize RF frequency offset. */ 5548 run_adjust_freq_offset(sc); 5549 5550 run_rt3070_rf_read(sc, 18, &rf); 5551 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5552 5553 /* 5554 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5555 * decrease voltage back to 1.2V. 5556 */ 5557 run_read(sc, RT3070_LDO_CFG0, &tmp); 5558 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5559 run_write(sc, RT3070_LDO_CFG0, tmp); 5560 run_delay(sc, 1); 5561 tmp = (tmp & ~0x1f000000) | 0x01000000; 5562 run_write(sc, RT3070_LDO_CFG0, tmp); 5563 5564 sc->rf24_20mhz = 0x1f; 5565 sc->rf24_40mhz = 0x2f; 5566 5567 /* Save default BBP registers 25 and 26 values. */ 5568 run_bbp_read(sc, 25, &sc->bbp25); 5569 run_bbp_read(sc, 26, &sc->bbp26); 5570 5571 run_read(sc, RT3070_OPT_14, &tmp); 5572 run_write(sc, RT3070_OPT_14, tmp | 1); 5573 } 5574 5575 static void 5576 run_rt5390_rf_init(struct run_softc *sc) 5577 { 5578 uint32_t tmp; 5579 uint8_t rf; 5580 int i; 5581 5582 /* Toggle RF R2 to initiate calibration. */ 5583 if (sc->mac_ver == 0x5390) { 5584 run_rt3070_rf_read(sc, 2, &rf); 5585 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5586 run_delay(sc, 10); 5587 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5588 } else { 5589 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5590 run_delay(sc, 10); 5591 } 5592 5593 /* Initialize RF registers to default value. */ 5594 if (sc->mac_ver == 0x5592) { 5595 for (i = 0; i < NELEM(rt5592_def_rf); i++) { 5596 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5597 rt5592_def_rf[i].val); 5598 } 5599 /* Initialize RF frequency offset. */ 5600 run_adjust_freq_offset(sc); 5601 } else if (sc->mac_ver == 0x5392) { 5602 for (i = 0; i < NELEM(rt5392_def_rf); i++) { 5603 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5604 rt5392_def_rf[i].val); 5605 } 5606 if (sc->mac_rev >= 0x0223) { 5607 run_rt3070_rf_write(sc, 23, 0x0f); 5608 run_rt3070_rf_write(sc, 24, 0x3e); 5609 run_rt3070_rf_write(sc, 51, 0x32); 5610 run_rt3070_rf_write(sc, 53, 0x22); 5611 run_rt3070_rf_write(sc, 56, 0xc1); 5612 run_rt3070_rf_write(sc, 59, 0x0f); 5613 } 5614 } else { 5615 for (i = 0; i < NELEM(rt5390_def_rf); i++) { 5616 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5617 rt5390_def_rf[i].val); 5618 } 5619 if (sc->mac_rev >= 0x0502) { 5620 run_rt3070_rf_write(sc, 6, 0xe0); 5621 run_rt3070_rf_write(sc, 25, 0x80); 5622 run_rt3070_rf_write(sc, 46, 0x73); 5623 run_rt3070_rf_write(sc, 53, 0x00); 5624 run_rt3070_rf_write(sc, 56, 0x42); 5625 run_rt3070_rf_write(sc, 61, 0xd1); 5626 } 5627 } 5628 5629 sc->rf24_20mhz = 0x1f; /* default value */ 5630 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5631 5632 if (sc->mac_rev < 0x0211) 5633 run_rt3070_rf_write(sc, 27, 0x3); 5634 5635 run_read(sc, RT3070_OPT_14, &tmp); 5636 run_write(sc, RT3070_OPT_14, tmp | 1); 5637 } 5638 5639 static int 5640 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5641 uint8_t *val) 5642 { 5643 uint8_t rf22, rf24; 5644 uint8_t bbp55_pb, bbp55_sb, delta; 5645 int ntries; 5646 5647 /* program filter */ 5648 run_rt3070_rf_read(sc, 24, &rf24); 5649 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5650 run_rt3070_rf_write(sc, 24, rf24); 5651 5652 /* enable baseband loopback mode */ 5653 run_rt3070_rf_read(sc, 22, &rf22); 5654 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5655 5656 /* set power and frequency of passband test tone */ 5657 run_bbp_write(sc, 24, 0x00); 5658 for (ntries = 0; ntries < 100; ntries++) { 5659 /* transmit test tone */ 5660 run_bbp_write(sc, 25, 0x90); 5661 run_delay(sc, 10); 5662 /* read received power */ 5663 run_bbp_read(sc, 55, &bbp55_pb); 5664 if (bbp55_pb != 0) 5665 break; 5666 } 5667 if (ntries == 100) 5668 return (ETIMEDOUT); 5669 5670 /* set power and frequency of stopband test tone */ 5671 run_bbp_write(sc, 24, 0x06); 5672 for (ntries = 0; ntries < 100; ntries++) { 5673 /* transmit test tone */ 5674 run_bbp_write(sc, 25, 0x90); 5675 run_delay(sc, 10); 5676 /* read received power */ 5677 run_bbp_read(sc, 55, &bbp55_sb); 5678 5679 delta = bbp55_pb - bbp55_sb; 5680 if (delta > target) 5681 break; 5682 5683 /* reprogram filter */ 5684 rf24++; 5685 run_rt3070_rf_write(sc, 24, rf24); 5686 } 5687 if (ntries < 100) { 5688 if (rf24 != init) 5689 rf24--; /* backtrack */ 5690 *val = rf24; 5691 run_rt3070_rf_write(sc, 24, rf24); 5692 } 5693 5694 /* restore initial state */ 5695 run_bbp_write(sc, 24, 0x00); 5696 5697 /* disable baseband loopback mode */ 5698 run_rt3070_rf_read(sc, 22, &rf22); 5699 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5700 5701 return (0); 5702 } 5703 5704 static void 5705 run_rt3070_rf_setup(struct run_softc *sc) 5706 { 5707 uint8_t bbp, rf; 5708 int i; 5709 5710 if (sc->mac_ver == 0x3572) { 5711 /* enable DC filter */ 5712 if (sc->mac_rev >= 0x0201) 5713 run_bbp_write(sc, 103, 0xc0); 5714 5715 run_bbp_read(sc, 138, &bbp); 5716 if (sc->ntxchains == 1) 5717 bbp |= 0x20; /* turn off DAC1 */ 5718 if (sc->nrxchains == 1) 5719 bbp &= ~0x02; /* turn off ADC1 */ 5720 run_bbp_write(sc, 138, bbp); 5721 5722 if (sc->mac_rev >= 0x0211) { 5723 /* improve power consumption */ 5724 run_bbp_read(sc, 31, &bbp); 5725 run_bbp_write(sc, 31, bbp & ~0x03); 5726 } 5727 5728 run_rt3070_rf_read(sc, 16, &rf); 5729 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5730 run_rt3070_rf_write(sc, 16, rf); 5731 5732 } else if (sc->mac_ver == 0x3071) { 5733 if (sc->mac_rev >= 0x0211) { 5734 /* enable DC filter */ 5735 run_bbp_write(sc, 103, 0xc0); 5736 5737 /* improve power consumption */ 5738 run_bbp_read(sc, 31, &bbp); 5739 run_bbp_write(sc, 31, bbp & ~0x03); 5740 } 5741 5742 run_bbp_read(sc, 138, &bbp); 5743 if (sc->ntxchains == 1) 5744 bbp |= 0x20; /* turn off DAC1 */ 5745 if (sc->nrxchains == 1) 5746 bbp &= ~0x02; /* turn off ADC1 */ 5747 run_bbp_write(sc, 138, bbp); 5748 5749 run_write(sc, RT2860_TX_SW_CFG1, 0); 5750 if (sc->mac_rev < 0x0211) { 5751 run_write(sc, RT2860_TX_SW_CFG2, 5752 sc->patch_dac ? 0x2c : 0x0f); 5753 } else 5754 run_write(sc, RT2860_TX_SW_CFG2, 0); 5755 5756 } else if (sc->mac_ver == 0x3070) { 5757 if (sc->mac_rev >= 0x0201) { 5758 /* enable DC filter */ 5759 run_bbp_write(sc, 103, 0xc0); 5760 5761 /* improve power consumption */ 5762 run_bbp_read(sc, 31, &bbp); 5763 run_bbp_write(sc, 31, bbp & ~0x03); 5764 } 5765 5766 if (sc->mac_rev < 0x0201) { 5767 run_write(sc, RT2860_TX_SW_CFG1, 0); 5768 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5769 } else 5770 run_write(sc, RT2860_TX_SW_CFG2, 0); 5771 } 5772 5773 /* initialize RF registers from ROM for >=RT3071*/ 5774 if (sc->mac_ver >= 0x3071) { 5775 for (i = 0; i < 10; i++) { 5776 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5777 continue; 5778 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5779 } 5780 } 5781 } 5782 5783 static void 5784 run_rt3593_rf_setup(struct run_softc *sc) 5785 { 5786 uint8_t bbp, rf; 5787 5788 if (sc->mac_rev >= 0x0211) { 5789 /* Enable DC filter. */ 5790 run_bbp_write(sc, 103, 0xc0); 5791 } 5792 run_write(sc, RT2860_TX_SW_CFG1, 0); 5793 if (sc->mac_rev < 0x0211) { 5794 run_write(sc, RT2860_TX_SW_CFG2, 5795 sc->patch_dac ? 0x2c : 0x0f); 5796 } else 5797 run_write(sc, RT2860_TX_SW_CFG2, 0); 5798 5799 run_rt3070_rf_read(sc, 50, &rf); 5800 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5801 5802 run_rt3070_rf_read(sc, 51, &rf); 5803 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5804 ((sc->txmixgain_2ghz & 0x07) << 2); 5805 run_rt3070_rf_write(sc, 51, rf); 5806 5807 run_rt3070_rf_read(sc, 38, &rf); 5808 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5809 5810 run_rt3070_rf_read(sc, 39, &rf); 5811 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5812 5813 run_rt3070_rf_read(sc, 1, &rf); 5814 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5815 5816 run_rt3070_rf_read(sc, 30, &rf); 5817 rf = (rf & ~0x18) | 0x10; 5818 run_rt3070_rf_write(sc, 30, rf); 5819 5820 /* Apply maximum likelihood detection for 2 stream case. */ 5821 run_bbp_read(sc, 105, &bbp); 5822 if (sc->nrxchains > 1) 5823 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5824 5825 /* Avoid data lost and CRC error. */ 5826 run_bbp_read(sc, 4, &bbp); 5827 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5828 5829 run_bbp_write(sc, 92, 0x02); 5830 run_bbp_write(sc, 82, 0x82); 5831 run_bbp_write(sc, 106, 0x05); 5832 run_bbp_write(sc, 104, 0x92); 5833 run_bbp_write(sc, 88, 0x90); 5834 run_bbp_write(sc, 148, 0xc8); 5835 run_bbp_write(sc, 47, 0x48); 5836 run_bbp_write(sc, 120, 0x50); 5837 5838 run_bbp_write(sc, 163, 0x9d); 5839 5840 /* SNR mapping. */ 5841 run_bbp_write(sc, 142, 0x06); 5842 run_bbp_write(sc, 143, 0xa0); 5843 run_bbp_write(sc, 142, 0x07); 5844 run_bbp_write(sc, 143, 0xa1); 5845 run_bbp_write(sc, 142, 0x08); 5846 run_bbp_write(sc, 143, 0xa2); 5847 5848 run_bbp_write(sc, 31, 0x08); 5849 run_bbp_write(sc, 68, 0x0b); 5850 run_bbp_write(sc, 105, 0x04); 5851 } 5852 5853 static void 5854 run_rt5390_rf_setup(struct run_softc *sc) 5855 { 5856 uint8_t bbp, rf; 5857 5858 if (sc->mac_rev >= 0x0211) { 5859 /* Enable DC filter. */ 5860 run_bbp_write(sc, 103, 0xc0); 5861 5862 if (sc->mac_ver != 0x5592) { 5863 /* Improve power consumption. */ 5864 run_bbp_read(sc, 31, &bbp); 5865 run_bbp_write(sc, 31, bbp & ~0x03); 5866 } 5867 } 5868 5869 run_bbp_read(sc, 138, &bbp); 5870 if (sc->ntxchains == 1) 5871 bbp |= 0x20; /* turn off DAC1 */ 5872 if (sc->nrxchains == 1) 5873 bbp &= ~0x02; /* turn off ADC1 */ 5874 run_bbp_write(sc, 138, bbp); 5875 5876 run_rt3070_rf_read(sc, 38, &rf); 5877 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5878 5879 run_rt3070_rf_read(sc, 39, &rf); 5880 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5881 5882 /* Avoid data lost and CRC error. */ 5883 run_bbp_read(sc, 4, &bbp); 5884 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5885 5886 run_rt3070_rf_read(sc, 30, &rf); 5887 rf = (rf & ~0x18) | 0x10; 5888 run_rt3070_rf_write(sc, 30, rf); 5889 5890 if (sc->mac_ver != 0x5592) { 5891 run_write(sc, RT2860_TX_SW_CFG1, 0); 5892 if (sc->mac_rev < 0x0211) { 5893 run_write(sc, RT2860_TX_SW_CFG2, 5894 sc->patch_dac ? 0x2c : 0x0f); 5895 } else 5896 run_write(sc, RT2860_TX_SW_CFG2, 0); 5897 } 5898 } 5899 5900 static int 5901 run_txrx_enable(struct run_softc *sc) 5902 { 5903 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5904 uint32_t tmp; 5905 int error, ntries; 5906 5907 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5908 for (ntries = 0; ntries < 200; ntries++) { 5909 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5910 return (error); 5911 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5912 break; 5913 run_delay(sc, 50); 5914 } 5915 if (ntries == 200) 5916 return (ETIMEDOUT); 5917 5918 run_delay(sc, 50); 5919 5920 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5921 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5922 5923 /* enable Rx bulk aggregation (set timeout and limit) */ 5924 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5925 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5926 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5927 5928 /* set Rx filter */ 5929 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5930 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5931 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5932 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5933 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5934 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5935 if (ic->ic_opmode == IEEE80211_M_STA) 5936 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5937 } 5938 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5939 5940 run_write(sc, RT2860_MAC_SYS_CTRL, 5941 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5942 5943 return (0); 5944 } 5945 5946 static void 5947 run_adjust_freq_offset(struct run_softc *sc) 5948 { 5949 uint8_t rf, tmp; 5950 5951 run_rt3070_rf_read(sc, 17, &rf); 5952 tmp = rf; 5953 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5954 rf = MIN(rf, 0x5f); 5955 5956 if (tmp != rf) 5957 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5958 } 5959 5960 static void 5961 run_init_locked(struct run_softc *sc) 5962 { 5963 struct ifnet *ifp = sc->sc_ifp; 5964 struct ieee80211com *ic = ifp->if_l2com; 5965 uint32_t tmp; 5966 uint8_t bbp1, bbp3; 5967 int i; 5968 int ridx; 5969 int ntries; 5970 5971 if (ic->ic_nrunning > 1) 5972 return; 5973 5974 run_stop(sc); 5975 5976 if (run_load_microcode(sc) != 0) { 5977 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5978 goto fail; 5979 } 5980 5981 for (ntries = 0; ntries < 100; ntries++) { 5982 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5983 goto fail; 5984 if (tmp != 0 && tmp != 0xffffffff) 5985 break; 5986 run_delay(sc, 10); 5987 } 5988 if (ntries == 100) 5989 goto fail; 5990 5991 for (i = 0; i != RUN_EP_QUEUES; i++) 5992 run_setup_tx_list(sc, &sc->sc_epq[i]); 5993 5994 run_set_macaddr(sc, IF_LLADDR(ifp)); 5995 5996 for (ntries = 0; ntries < 100; ntries++) { 5997 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 5998 goto fail; 5999 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6000 break; 6001 run_delay(sc, 10); 6002 } 6003 if (ntries == 100) { 6004 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6005 goto fail; 6006 } 6007 tmp &= 0xff0; 6008 tmp |= RT2860_TX_WB_DDONE; 6009 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6010 6011 /* turn off PME_OEN to solve high-current issue */ 6012 run_read(sc, RT2860_SYS_CTRL, &tmp); 6013 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 6014 6015 run_write(sc, RT2860_MAC_SYS_CTRL, 6016 RT2860_BBP_HRST | RT2860_MAC_SRST); 6017 run_write(sc, RT2860_USB_DMA_CFG, 0); 6018 6019 if (run_reset(sc) != 0) { 6020 device_printf(sc->sc_dev, "could not reset chipset\n"); 6021 goto fail; 6022 } 6023 6024 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6025 6026 /* init Tx power for all Tx rates (from EEPROM) */ 6027 for (ridx = 0; ridx < 5; ridx++) { 6028 if (sc->txpow20mhz[ridx] == 0xffffffff) 6029 continue; 6030 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6031 } 6032 6033 for (i = 0; i < NELEM(rt2870_def_mac); i++) 6034 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6035 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6036 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6037 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6038 6039 if (sc->mac_ver >= 0x5390) { 6040 run_write(sc, RT2860_TX_SW_CFG0, 6041 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6042 if (sc->mac_ver >= 0x5392) { 6043 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6044 if (sc->mac_ver == 0x5592) { 6045 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6046 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6047 } else { 6048 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6049 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6050 } 6051 } 6052 } else if (sc->mac_ver == 0x3593) { 6053 run_write(sc, RT2860_TX_SW_CFG0, 6054 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6055 } else if (sc->mac_ver >= 0x3070) { 6056 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6057 run_write(sc, RT2860_TX_SW_CFG0, 6058 4 << RT2860_DLY_PAPE_EN_SHIFT); 6059 } 6060 6061 /* wait while MAC is busy */ 6062 for (ntries = 0; ntries < 100; ntries++) { 6063 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6064 goto fail; 6065 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6066 break; 6067 run_delay(sc, 10); 6068 } 6069 if (ntries == 100) 6070 goto fail; 6071 6072 /* clear Host to MCU mailbox */ 6073 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6074 run_write(sc, RT2860_H2M_MAILBOX, 0); 6075 run_delay(sc, 10); 6076 6077 if (run_bbp_init(sc) != 0) { 6078 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6079 goto fail; 6080 } 6081 6082 /* abort TSF synchronization */ 6083 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6084 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6085 RT2860_TBTT_TIMER_EN); 6086 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6087 6088 /* clear RX WCID search table */ 6089 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6090 /* clear WCID attribute table */ 6091 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6092 6093 /* hostapd sets a key before init. So, don't clear it. */ 6094 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6095 /* clear shared key table */ 6096 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6097 /* clear shared key mode */ 6098 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6099 } 6100 6101 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6102 tmp = (tmp & ~0xff) | 0x1e; 6103 run_write(sc, RT2860_US_CYC_CNT, tmp); 6104 6105 if (sc->mac_rev != 0x0101) 6106 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6107 6108 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6109 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6110 6111 /* write vendor-specific BBP values (from EEPROM) */ 6112 if (sc->mac_ver < 0x3593) { 6113 for (i = 0; i < 10; i++) { 6114 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6115 continue; 6116 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6117 } 6118 } 6119 6120 /* select Main antenna for 1T1R devices */ 6121 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6122 run_set_rx_antenna(sc, 0); 6123 6124 /* send LEDs operating mode to microcontroller */ 6125 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6126 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6127 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6128 6129 if (sc->mac_ver >= 0x5390) 6130 run_rt5390_rf_init(sc); 6131 else if (sc->mac_ver == 0x3593) 6132 run_rt3593_rf_init(sc); 6133 else if (sc->mac_ver >= 0x3070) 6134 run_rt3070_rf_init(sc); 6135 6136 /* disable non-existing Rx chains */ 6137 run_bbp_read(sc, 3, &bbp3); 6138 bbp3 &= ~(1 << 3 | 1 << 4); 6139 if (sc->nrxchains == 2) 6140 bbp3 |= 1 << 3; 6141 else if (sc->nrxchains == 3) 6142 bbp3 |= 1 << 4; 6143 run_bbp_write(sc, 3, bbp3); 6144 6145 /* disable non-existing Tx chains */ 6146 run_bbp_read(sc, 1, &bbp1); 6147 if (sc->ntxchains == 1) 6148 bbp1 &= ~(1 << 3 | 1 << 4); 6149 run_bbp_write(sc, 1, bbp1); 6150 6151 if (sc->mac_ver >= 0x5390) 6152 run_rt5390_rf_setup(sc); 6153 else if (sc->mac_ver == 0x3593) 6154 run_rt3593_rf_setup(sc); 6155 else if (sc->mac_ver >= 0x3070) 6156 run_rt3070_rf_setup(sc); 6157 6158 /* select default channel */ 6159 run_set_chan(sc, ic->ic_curchan); 6160 6161 /* setup initial protection mode */ 6162 run_updateprot_cb(ic); 6163 6164 /* turn radio LED on */ 6165 run_set_leds(sc, RT2860_LED_RADIO); 6166 6167 ifq_clr_oactive(&ifp->if_snd); 6168 ifp->if_flags |= IFF_RUNNING; 6169 sc->cmdq_run = RUN_CMDQ_GO; 6170 6171 for (i = 0; i != RUN_N_XFER; i++) 6172 usbd_xfer_set_stall(sc->sc_xfer[i]); 6173 6174 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6175 6176 if (run_txrx_enable(sc) != 0) 6177 goto fail; 6178 6179 return; 6180 6181 fail: 6182 run_stop(sc); 6183 } 6184 6185 static void 6186 run_init(void *arg) 6187 { 6188 struct run_softc *sc = arg; 6189 struct ifnet *ifp = sc->sc_ifp; 6190 struct ieee80211com *ic = ifp->if_l2com; 6191 6192 RUN_LOCK(sc); 6193 run_init_locked(sc); 6194 RUN_UNLOCK(sc); 6195 6196 if (ifp->if_flags & IFF_RUNNING) 6197 ieee80211_start_all(ic); 6198 } 6199 6200 static void 6201 run_stop(void *arg) 6202 { 6203 struct run_softc *sc = (struct run_softc *)arg; 6204 struct ifnet *ifp = sc->sc_ifp; 6205 uint32_t tmp; 6206 int i; 6207 int ntries; 6208 6209 RUN_LOCK_ASSERT(sc, MA_OWNED); 6210 6211 if (ifp->if_flags & IFF_RUNNING) 6212 run_set_leds(sc, 0); /* turn all LEDs off */ 6213 6214 ifp->if_flags &= ~IFF_RUNNING; 6215 ifq_clr_oactive(&ifp->if_snd); 6216 6217 sc->ratectl_run = RUN_RATECTL_OFF; 6218 sc->cmdq_run = sc->cmdq_key_set; 6219 6220 RUN_UNLOCK(sc); 6221 6222 for(i = 0; i < RUN_N_XFER; i++) 6223 usbd_transfer_drain(sc->sc_xfer[i]); 6224 6225 RUN_LOCK(sc); 6226 6227 if (sc->rx_m != NULL) { 6228 m_free(sc->rx_m); 6229 sc->rx_m = NULL; 6230 } 6231 6232 /* Disable Tx/Rx DMA. */ 6233 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6234 return; 6235 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6236 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6237 6238 for (ntries = 0; ntries < 100; ntries++) { 6239 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6240 return; 6241 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6242 break; 6243 run_delay(sc, 10); 6244 } 6245 if (ntries == 100) { 6246 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6247 return; 6248 } 6249 6250 /* disable Tx/Rx */ 6251 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6252 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6253 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6254 6255 /* wait for pending Tx to complete */ 6256 for (ntries = 0; ntries < 100; ntries++) { 6257 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6258 DPRINTF("Cannot read Tx queue count\n"); 6259 break; 6260 } 6261 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6262 DPRINTF("All Tx cleared\n"); 6263 break; 6264 } 6265 run_delay(sc, 10); 6266 } 6267 if (ntries >= 100) 6268 DPRINTF("There are still pending Tx\n"); 6269 run_delay(sc, 10); 6270 run_write(sc, RT2860_USB_DMA_CFG, 0); 6271 6272 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6273 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6274 6275 for (i = 0; i != RUN_EP_QUEUES; i++) 6276 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6277 } 6278 6279 static void 6280 run_delay(struct run_softc *sc, u_int ms) 6281 { 6282 usb_pause_mtx(lockowned(&sc->sc_lock) ? &sc->sc_lock : NULL, 6283 USB_MS_TO_TICKS(ms)); 6284 } 6285 6286 static device_method_t run_methods[] = { 6287 /* Device interface */ 6288 DEVMETHOD(device_probe, run_match), 6289 DEVMETHOD(device_attach, run_attach), 6290 DEVMETHOD(device_detach, run_detach), 6291 DEVMETHOD_END 6292 }; 6293 6294 static driver_t run_driver = { 6295 .name = "run", 6296 .methods = run_methods, 6297 .size = sizeof(struct run_softc) 6298 }; 6299 6300 static devclass_t run_devclass; 6301 6302 DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6303 MODULE_DEPEND(run, wlan, 1, 1, 1); 6304 MODULE_DEPEND(run, usb, 1, 1, 1); 6305 MODULE_DEPEND(run, firmware, 1, 1, 1); 6306 MODULE_VERSION(run, 1); 6307