Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/dev/usb/wlan/if_run.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD: releng/10.2/sys/dev/usb/wlan/if_run.c 281878 2015-04-23 01:52:07Z kevlo $"); 22 23 /*- 24 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sockio.h> 30 #include <sys/sysctl.h> 31 #include <sys/lock.h> 32 #include <sys/mutex.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 #include <sys/linker.h> 42 #include <sys/firmware.h> 43 #include <sys/kdb.h> 44 45 #include <machine/bus.h> 46 #include <machine/resource.h> 47 #include <sys/rman.h> 48 49 #include <net/bpf.h> 50 #include <net/if.h> 51 #include <net/if_arp.h> 52 #include <net/ethernet.h> 53 #include <net/if_dl.h> 54 #include <net/if_media.h> 55 #include <net/if_types.h> 56 57 #include <netinet/in.h> 58 #include <netinet/in_systm.h> 59 #include <netinet/in_var.h> 60 #include <netinet/if_ether.h> 61 #include <netinet/ip.h> 62 63 #include <net80211/ieee80211_var.h> 64 #include <net80211/ieee80211_regdomain.h> 65 #include <net80211/ieee80211_radiotap.h> 66 #include <net80211/ieee80211_ratectl.h> 67 68 #include <dev/usb/usb.h> 69 #include <dev/usb/usbdi.h> 70 #include "usbdevs.h" 71 72 #define USB_DEBUG_VAR run_debug 73 #include <dev/usb/usb_debug.h> 74 #include <dev/usb/usb_msctest.h> 75 76 #include <dev/usb/wlan/if_runreg.h> 77 #include <dev/usb/wlan/if_runvar.h> 78 79 #ifdef USB_DEBUG 80 #define RUN_DEBUG 81 #endif 82 83 #ifdef RUN_DEBUG 84 int run_debug = 0; 85 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 86 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 87 "run debug level"); 88 #endif 89 90 #define IEEE80211_HAS_ADDR4(wh) \ 91 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 92 93 /* 94 * Because of LOR in run_key_delete(), use atomic instead. 95 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 96 */ 97 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 98 99 static const STRUCT_USB_HOST_ID run_devs[] = { 100 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 101 #define RUN_DEV_EJECT(v,p) \ 102 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, RUN_EJECT) } 103 #define RUN_EJECT 1 104 RUN_DEV(ABOCOM, RT2770), 105 RUN_DEV(ABOCOM, RT2870), 106 RUN_DEV(ABOCOM, RT3070), 107 RUN_DEV(ABOCOM, RT3071), 108 RUN_DEV(ABOCOM, RT3072), 109 RUN_DEV(ABOCOM2, RT2870_1), 110 RUN_DEV(ACCTON, RT2770), 111 RUN_DEV(ACCTON, RT2870_1), 112 RUN_DEV(ACCTON, RT2870_2), 113 RUN_DEV(ACCTON, RT2870_3), 114 RUN_DEV(ACCTON, RT2870_4), 115 RUN_DEV(ACCTON, RT2870_5), 116 RUN_DEV(ACCTON, RT3070), 117 RUN_DEV(ACCTON, RT3070_1), 118 RUN_DEV(ACCTON, RT3070_2), 119 RUN_DEV(ACCTON, RT3070_3), 120 RUN_DEV(ACCTON, RT3070_4), 121 RUN_DEV(ACCTON, RT3070_5), 122 RUN_DEV(AIRTIES, RT3070), 123 RUN_DEV(ALLWIN, RT2070), 124 RUN_DEV(ALLWIN, RT2770), 125 RUN_DEV(ALLWIN, RT2870), 126 RUN_DEV(ALLWIN, RT3070), 127 RUN_DEV(ALLWIN, RT3071), 128 RUN_DEV(ALLWIN, RT3072), 129 RUN_DEV(ALLWIN, RT3572), 130 RUN_DEV(AMIGO, RT2870_1), 131 RUN_DEV(AMIGO, RT2870_2), 132 RUN_DEV(AMIT, CGWLUSB2GNR), 133 RUN_DEV(AMIT, RT2870_1), 134 RUN_DEV(AMIT2, RT2870), 135 RUN_DEV(ASUS, RT2870_1), 136 RUN_DEV(ASUS, RT2870_2), 137 RUN_DEV(ASUS, RT2870_3), 138 RUN_DEV(ASUS, RT2870_4), 139 RUN_DEV(ASUS, RT2870_5), 140 RUN_DEV(ASUS, USBN13), 141 RUN_DEV(ASUS, RT3070_1), 142 RUN_DEV(ASUS, USBN66), 143 RUN_DEV(ASUS, USB_N53), 144 RUN_DEV(ASUS2, USBN11), 145 RUN_DEV(AZUREWAVE, RT2870_1), 146 RUN_DEV(AZUREWAVE, RT2870_2), 147 RUN_DEV(AZUREWAVE, RT3070_1), 148 RUN_DEV(AZUREWAVE, RT3070_2), 149 RUN_DEV(AZUREWAVE, RT3070_3), 150 RUN_DEV(BELKIN, F9L1103), 151 RUN_DEV(BELKIN, F5D8053V3), 152 RUN_DEV(BELKIN, F5D8055), 153 RUN_DEV(BELKIN, F5D8055V2), 154 RUN_DEV(BELKIN, F6D4050V1), 155 RUN_DEV(BELKIN, F6D4050V2), 156 RUN_DEV(BELKIN, RT2870_1), 157 RUN_DEV(BELKIN, RT2870_2), 158 RUN_DEV(CISCOLINKSYS, AE1000), 159 RUN_DEV(CISCOLINKSYS2, RT3070), 160 RUN_DEV(CISCOLINKSYS3, RT3070), 161 RUN_DEV(CONCEPTRONIC2, RT2870_1), 162 RUN_DEV(CONCEPTRONIC2, RT2870_2), 163 RUN_DEV(CONCEPTRONIC2, RT2870_3), 164 RUN_DEV(CONCEPTRONIC2, RT2870_4), 165 RUN_DEV(CONCEPTRONIC2, RT2870_5), 166 RUN_DEV(CONCEPTRONIC2, RT2870_6), 167 RUN_DEV(CONCEPTRONIC2, RT2870_7), 168 RUN_DEV(CONCEPTRONIC2, RT2870_8), 169 RUN_DEV(CONCEPTRONIC2, RT3070_1), 170 RUN_DEV(CONCEPTRONIC2, RT3070_2), 171 RUN_DEV(CONCEPTRONIC2, VIGORN61), 172 RUN_DEV(COREGA, CGWLUSB300GNM), 173 RUN_DEV(COREGA, RT2870_1), 174 RUN_DEV(COREGA, RT2870_2), 175 RUN_DEV(COREGA, RT2870_3), 176 RUN_DEV(COREGA, RT3070), 177 RUN_DEV(CYBERTAN, RT2870), 178 RUN_DEV(DLINK, RT2870), 179 RUN_DEV(DLINK, RT3072), 180 RUN_DEV(DLINK, DWA127), 181 RUN_DEV(DLINK, DWA140B3), 182 RUN_DEV(DLINK, DWA160B2), 183 RUN_DEV(DLINK, DWA140D1), 184 RUN_DEV(DLINK, DWA162), 185 RUN_DEV(DLINK2, DWA130), 186 RUN_DEV(DLINK2, RT2870_1), 187 RUN_DEV(DLINK2, RT2870_2), 188 RUN_DEV(DLINK2, RT3070_1), 189 RUN_DEV(DLINK2, RT3070_2), 190 RUN_DEV(DLINK2, RT3070_3), 191 RUN_DEV(DLINK2, RT3070_4), 192 RUN_DEV(DLINK2, RT3070_5), 193 RUN_DEV(DLINK2, RT3072), 194 RUN_DEV(DLINK2, RT3072_1), 195 RUN_DEV(EDIMAX, EW7717), 196 RUN_DEV(EDIMAX, EW7718), 197 RUN_DEV(EDIMAX, EW7733UND), 198 RUN_DEV(EDIMAX, RT2870_1), 199 RUN_DEV(ENCORE, RT3070_1), 200 RUN_DEV(ENCORE, RT3070_2), 201 RUN_DEV(ENCORE, RT3070_3), 202 RUN_DEV(GIGABYTE, GNWB31N), 203 RUN_DEV(GIGABYTE, GNWB32L), 204 RUN_DEV(GIGABYTE, RT2870_1), 205 RUN_DEV(GIGASET, RT3070_1), 206 RUN_DEV(GIGASET, RT3070_2), 207 RUN_DEV(GUILLEMOT, HWNU300), 208 RUN_DEV(HAWKING, HWUN2), 209 RUN_DEV(HAWKING, RT2870_1), 210 RUN_DEV(HAWKING, RT2870_2), 211 RUN_DEV(HAWKING, RT3070), 212 RUN_DEV(IODATA, RT3072_1), 213 RUN_DEV(IODATA, RT3072_2), 214 RUN_DEV(IODATA, RT3072_3), 215 RUN_DEV(IODATA, RT3072_4), 216 RUN_DEV(LINKSYS4, RT3070), 217 RUN_DEV(LINKSYS4, WUSB100), 218 RUN_DEV(LINKSYS4, WUSB54GCV3), 219 RUN_DEV(LINKSYS4, WUSB600N), 220 RUN_DEV(LINKSYS4, WUSB600NV2), 221 RUN_DEV(LOGITEC, RT2870_1), 222 RUN_DEV(LOGITEC, RT2870_2), 223 RUN_DEV(LOGITEC, RT2870_3), 224 RUN_DEV(LOGITEC, LANW300NU2), 225 RUN_DEV(LOGITEC, LANW150NU2), 226 RUN_DEV(LOGITEC, LANW300NU2S), 227 RUN_DEV(MELCO, WLIUCG300HP), 228 RUN_DEV(MELCO, RT2870_2), 229 RUN_DEV(MELCO, WLIUCAG300N), 230 RUN_DEV(MELCO, WLIUCG300N), 231 RUN_DEV(MELCO, WLIUCG301N), 232 RUN_DEV(MELCO, WLIUCGN), 233 RUN_DEV(MELCO, WLIUCGNM), 234 RUN_DEV(MELCO, WLIUCG300HPV1), 235 RUN_DEV(MELCO, WLIUCGNM2), 236 RUN_DEV(MOTOROLA4, RT2770), 237 RUN_DEV(MOTOROLA4, RT3070), 238 RUN_DEV(MSI, RT3070_1), 239 RUN_DEV(MSI, RT3070_2), 240 RUN_DEV(MSI, RT3070_3), 241 RUN_DEV(MSI, RT3070_4), 242 RUN_DEV(MSI, RT3070_5), 243 RUN_DEV(MSI, RT3070_6), 244 RUN_DEV(MSI, RT3070_7), 245 RUN_DEV(MSI, RT3070_8), 246 RUN_DEV(MSI, RT3070_9), 247 RUN_DEV(MSI, RT3070_10), 248 RUN_DEV(MSI, RT3070_11), 249 RUN_DEV(OVISLINK, RT3072), 250 RUN_DEV(PARA, RT3070), 251 RUN_DEV(PEGATRON, RT2870), 252 RUN_DEV(PEGATRON, RT3070), 253 RUN_DEV(PEGATRON, RT3070_2), 254 RUN_DEV(PEGATRON, RT3070_3), 255 RUN_DEV(PHILIPS, RT2870), 256 RUN_DEV(PLANEX2, GWUS300MINIS), 257 RUN_DEV(PLANEX2, GWUSMICRON), 258 RUN_DEV(PLANEX2, RT2870), 259 RUN_DEV(PLANEX2, RT3070), 260 RUN_DEV(QCOM, RT2870), 261 RUN_DEV(QUANTA, RT3070), 262 RUN_DEV(RALINK, RT2070), 263 RUN_DEV(RALINK, RT2770), 264 RUN_DEV(RALINK, RT2870), 265 RUN_DEV(RALINK, RT3070), 266 RUN_DEV(RALINK, RT3071), 267 RUN_DEV(RALINK, RT3072), 268 RUN_DEV(RALINK, RT3370), 269 RUN_DEV(RALINK, RT3572), 270 RUN_DEV(RALINK, RT3573), 271 RUN_DEV(RALINK, RT5370), 272 RUN_DEV(RALINK, RT5572), 273 RUN_DEV(RALINK, RT8070), 274 RUN_DEV(SAMSUNG, WIS09ABGN), 275 RUN_DEV(SAMSUNG2, RT2870_1), 276 RUN_DEV(SENAO, RT2870_1), 277 RUN_DEV(SENAO, RT2870_2), 278 RUN_DEV(SENAO, RT2870_3), 279 RUN_DEV(SENAO, RT2870_4), 280 RUN_DEV(SENAO, RT3070), 281 RUN_DEV(SENAO, RT3071), 282 RUN_DEV(SENAO, RT3072_1), 283 RUN_DEV(SENAO, RT3072_2), 284 RUN_DEV(SENAO, RT3072_3), 285 RUN_DEV(SENAO, RT3072_4), 286 RUN_DEV(SENAO, RT3072_5), 287 RUN_DEV(SITECOMEU, RT2770), 288 RUN_DEV(SITECOMEU, RT2870_1), 289 RUN_DEV(SITECOMEU, RT2870_2), 290 RUN_DEV(SITECOMEU, RT2870_3), 291 RUN_DEV(SITECOMEU, RT2870_4), 292 RUN_DEV(SITECOMEU, RT3070), 293 RUN_DEV(SITECOMEU, RT3070_2), 294 RUN_DEV(SITECOMEU, RT3070_3), 295 RUN_DEV(SITECOMEU, RT3070_4), 296 RUN_DEV(SITECOMEU, RT3071), 297 RUN_DEV(SITECOMEU, RT3072_1), 298 RUN_DEV(SITECOMEU, RT3072_2), 299 RUN_DEV(SITECOMEU, RT3072_3), 300 RUN_DEV(SITECOMEU, RT3072_4), 301 RUN_DEV(SITECOMEU, RT3072_5), 302 RUN_DEV(SITECOMEU, RT3072_6), 303 RUN_DEV(SITECOMEU, WL608), 304 RUN_DEV(SPARKLAN, RT2870_1), 305 RUN_DEV(SPARKLAN, RT3070), 306 RUN_DEV(SWEEX2, LW153), 307 RUN_DEV(SWEEX2, LW303), 308 RUN_DEV(SWEEX2, LW313), 309 RUN_DEV(TOSHIBA, RT3070), 310 RUN_DEV(UMEDIA, RT2870_1), 311 RUN_DEV(ZCOM, RT2870_1), 312 RUN_DEV(ZCOM, RT2870_2), 313 RUN_DEV(ZINWELL, RT2870_1), 314 RUN_DEV(ZINWELL, RT2870_2), 315 RUN_DEV(ZINWELL, RT3070), 316 RUN_DEV(ZINWELL, RT3072_1), 317 RUN_DEV(ZINWELL, RT3072_2), 318 RUN_DEV(ZYXEL, RT2870_1), 319 RUN_DEV(ZYXEL, RT2870_2), 320 RUN_DEV_EJECT(ZYXEL, NWD2705), 321 RUN_DEV_EJECT(RALINK, RT_STOR), 322 #undef RUN_DEV_EJECT 323 #undef RUN_DEV 324 }; 325 326 static device_probe_t run_match; 327 static device_attach_t run_attach; 328 static device_detach_t run_detach; 329 330 static usb_callback_t run_bulk_rx_callback; 331 static usb_callback_t run_bulk_tx_callback0; 332 static usb_callback_t run_bulk_tx_callback1; 333 static usb_callback_t run_bulk_tx_callback2; 334 static usb_callback_t run_bulk_tx_callback3; 335 static usb_callback_t run_bulk_tx_callback4; 336 static usb_callback_t run_bulk_tx_callback5; 337 338 static void run_autoinst(void *, struct usb_device *, 339 struct usb_attach_arg *); 340 static int run_driver_loaded(struct module *, int, void *); 341 static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 342 usb_error_t error, u_int index); 343 static struct ieee80211vap *run_vap_create(struct ieee80211com *, 344 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 345 const uint8_t [IEEE80211_ADDR_LEN], 346 const uint8_t [IEEE80211_ADDR_LEN]); 347 static void run_vap_delete(struct ieee80211vap *); 348 static void run_cmdq_cb(void *, int); 349 static void run_setup_tx_list(struct run_softc *, 350 struct run_endpoint_queue *); 351 static void run_unsetup_tx_list(struct run_softc *, 352 struct run_endpoint_queue *); 353 static int run_load_microcode(struct run_softc *); 354 static int run_reset(struct run_softc *); 355 static usb_error_t run_do_request(struct run_softc *, 356 struct usb_device_request *, void *); 357 static int run_read(struct run_softc *, uint16_t, uint32_t *); 358 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 359 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 360 static int run_write(struct run_softc *, uint16_t, uint32_t); 361 static int run_write_region_1(struct run_softc *, uint16_t, 362 const uint8_t *, int); 363 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 364 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 365 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 366 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 367 static int run_rt2870_rf_write(struct run_softc *, uint32_t); 368 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 369 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 370 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 371 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 372 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 373 static const char *run_get_rf(uint16_t); 374 static void run_rt3593_get_txpower(struct run_softc *); 375 static void run_get_txpower(struct run_softc *); 376 static int run_read_eeprom(struct run_softc *); 377 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 378 const uint8_t mac[IEEE80211_ADDR_LEN]); 379 static int run_media_change(struct ifnet *); 380 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 381 static int run_wme_update(struct ieee80211com *); 382 static void run_wme_update_cb(void *); 383 static void run_key_update_begin(struct ieee80211vap *); 384 static void run_key_update_end(struct ieee80211vap *); 385 static void run_key_set_cb(void *); 386 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 387 const uint8_t mac[IEEE80211_ADDR_LEN]); 388 static void run_key_delete_cb(void *); 389 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 390 static void run_ratectl_to(void *); 391 static void run_ratectl_cb(void *, int); 392 static void run_drain_fifo(void *); 393 static void run_iter_func(void *, struct ieee80211_node *); 394 static void run_newassoc_cb(void *); 395 static void run_newassoc(struct ieee80211_node *, int); 396 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 397 static void run_tx_free(struct run_endpoint_queue *pq, 398 struct run_tx_data *, int); 399 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 400 static int run_tx(struct run_softc *, struct mbuf *, 401 struct ieee80211_node *); 402 static int run_tx_mgt(struct run_softc *, struct mbuf *, 403 struct ieee80211_node *); 404 static int run_sendprot(struct run_softc *, const struct mbuf *, 405 struct ieee80211_node *, int, int); 406 static int run_tx_param(struct run_softc *, struct mbuf *, 407 struct ieee80211_node *, 408 const struct ieee80211_bpf_params *); 409 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 410 const struct ieee80211_bpf_params *); 411 static void run_start(struct ifnet *); 412 static int run_ioctl(struct ifnet *, u_long, caddr_t); 413 static void run_iq_calib(struct run_softc *, u_int); 414 static void run_set_agc(struct run_softc *, uint8_t); 415 static void run_select_chan_group(struct run_softc *, int); 416 static void run_set_rx_antenna(struct run_softc *, int); 417 static void run_rt2870_set_chan(struct run_softc *, u_int); 418 static void run_rt3070_set_chan(struct run_softc *, u_int); 419 static void run_rt3572_set_chan(struct run_softc *, u_int); 420 static void run_rt3593_set_chan(struct run_softc *, u_int); 421 static void run_rt5390_set_chan(struct run_softc *, u_int); 422 static void run_rt5592_set_chan(struct run_softc *, u_int); 423 static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 424 static void run_set_channel(struct ieee80211com *); 425 static void run_scan_start(struct ieee80211com *); 426 static void run_scan_end(struct ieee80211com *); 427 static void run_update_beacon(struct ieee80211vap *, int); 428 static void run_update_beacon_cb(void *); 429 static void run_updateprot(struct ieee80211com *); 430 static void run_updateprot_cb(void *); 431 static void run_usb_timeout_cb(void *); 432 static void run_reset_livelock(struct run_softc *); 433 static void run_enable_tsf_sync(struct run_softc *); 434 static void run_enable_mrr(struct run_softc *); 435 static void run_set_txpreamble(struct run_softc *); 436 static void run_set_basicrates(struct run_softc *); 437 static void run_set_leds(struct run_softc *, uint16_t); 438 static void run_set_bssid(struct run_softc *, const uint8_t *); 439 static void run_set_macaddr(struct run_softc *, const uint8_t *); 440 static void run_updateslot(struct ifnet *); 441 static void run_updateslot_cb(void *); 442 static void run_update_mcast(struct ifnet *); 443 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 444 static void run_update_promisc_locked(struct ifnet *); 445 static void run_update_promisc(struct ifnet *); 446 static void run_rt5390_bbp_init(struct run_softc *); 447 static int run_bbp_init(struct run_softc *); 448 static int run_rt3070_rf_init(struct run_softc *); 449 static void run_rt3593_rf_init(struct run_softc *); 450 static void run_rt5390_rf_init(struct run_softc *); 451 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 452 uint8_t *); 453 static void run_rt3070_rf_setup(struct run_softc *); 454 static void run_rt3593_rf_setup(struct run_softc *); 455 static void run_rt5390_rf_setup(struct run_softc *); 456 static int run_txrx_enable(struct run_softc *); 457 static void run_adjust_freq_offset(struct run_softc *); 458 static void run_init(void *); 459 static void run_init_locked(struct run_softc *); 460 static void run_stop(void *); 461 static void run_delay(struct run_softc *, u_int); 462 463 static eventhandler_tag run_etag; 464 465 static const struct rt2860_rate { 466 uint8_t rate; 467 uint8_t mcs; 468 enum ieee80211_phytype phy; 469 uint8_t ctl_ridx; 470 uint16_t sp_ack_dur; 471 uint16_t lp_ack_dur; 472 } rt2860_rates[] = { 473 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 474 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 475 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 476 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 477 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 478 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 479 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 480 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 481 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 482 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 483 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 484 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 485 }; 486 487 static const struct { 488 uint16_t reg; 489 uint32_t val; 490 } rt2870_def_mac[] = { 491 RT2870_DEF_MAC 492 }; 493 494 static const struct { 495 uint8_t reg; 496 uint8_t val; 497 } rt2860_def_bbp[] = { 498 RT2860_DEF_BBP 499 },rt5390_def_bbp[] = { 500 RT5390_DEF_BBP 501 },rt5592_def_bbp[] = { 502 RT5592_DEF_BBP 503 }; 504 505 /* 506 * Default values for BBP register R196 for RT5592. 507 */ 508 static const uint8_t rt5592_bbp_r196[] = { 509 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 510 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 511 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 512 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 513 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 514 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 515 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 516 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 517 0x2e, 0x36, 0x30, 0x6e 518 }; 519 520 static const struct rfprog { 521 uint8_t chan; 522 uint32_t r1, r2, r3, r4; 523 } rt2860_rf2850[] = { 524 RT2860_RF2850 525 }; 526 527 struct { 528 uint8_t n, r, k; 529 } rt3070_freqs[] = { 530 RT3070_RF3052 531 }; 532 533 static const struct rt5592_freqs { 534 uint16_t n; 535 uint8_t k, m, r; 536 } rt5592_freqs_20mhz[] = { 537 RT5592_RF5592_20MHZ 538 },rt5592_freqs_40mhz[] = { 539 RT5592_RF5592_40MHZ 540 }; 541 542 static const struct { 543 uint8_t reg; 544 uint8_t val; 545 } rt3070_def_rf[] = { 546 RT3070_DEF_RF 547 },rt3572_def_rf[] = { 548 RT3572_DEF_RF 549 },rt3593_def_rf[] = { 550 RT3593_DEF_RF 551 },rt5390_def_rf[] = { 552 RT5390_DEF_RF 553 },rt5392_def_rf[] = { 554 RT5392_DEF_RF 555 },rt5592_def_rf[] = { 556 RT5592_DEF_RF 557 },rt5592_2ghz_def_rf[] = { 558 RT5592_2GHZ_DEF_RF 559 },rt5592_5ghz_def_rf[] = { 560 RT5592_5GHZ_DEF_RF 561 }; 562 563 static const struct { 564 u_int firstchan; 565 u_int lastchan; 566 uint8_t reg; 567 uint8_t val; 568 } rt5592_chan_5ghz[] = { 569 RT5592_CHAN_5GHZ 570 }; 571 572 static const struct usb_config run_config[RUN_N_XFER] = { 573 [RUN_BULK_TX_BE] = { 574 .type = UE_BULK, 575 .endpoint = UE_ADDR_ANY, 576 .ep_index = 0, 577 .direction = UE_DIR_OUT, 578 .bufsize = RUN_MAX_TXSZ, 579 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 580 .callback = run_bulk_tx_callback0, 581 .timeout = 5000, /* ms */ 582 }, 583 [RUN_BULK_TX_BK] = { 584 .type = UE_BULK, 585 .endpoint = UE_ADDR_ANY, 586 .direction = UE_DIR_OUT, 587 .ep_index = 1, 588 .bufsize = RUN_MAX_TXSZ, 589 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 590 .callback = run_bulk_tx_callback1, 591 .timeout = 5000, /* ms */ 592 }, 593 [RUN_BULK_TX_VI] = { 594 .type = UE_BULK, 595 .endpoint = UE_ADDR_ANY, 596 .direction = UE_DIR_OUT, 597 .ep_index = 2, 598 .bufsize = RUN_MAX_TXSZ, 599 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 600 .callback = run_bulk_tx_callback2, 601 .timeout = 5000, /* ms */ 602 }, 603 [RUN_BULK_TX_VO] = { 604 .type = UE_BULK, 605 .endpoint = UE_ADDR_ANY, 606 .direction = UE_DIR_OUT, 607 .ep_index = 3, 608 .bufsize = RUN_MAX_TXSZ, 609 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 610 .callback = run_bulk_tx_callback3, 611 .timeout = 5000, /* ms */ 612 }, 613 [RUN_BULK_TX_HCCA] = { 614 .type = UE_BULK, 615 .endpoint = UE_ADDR_ANY, 616 .direction = UE_DIR_OUT, 617 .ep_index = 4, 618 .bufsize = RUN_MAX_TXSZ, 619 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 620 .callback = run_bulk_tx_callback4, 621 .timeout = 5000, /* ms */ 622 }, 623 [RUN_BULK_TX_PRIO] = { 624 .type = UE_BULK, 625 .endpoint = UE_ADDR_ANY, 626 .direction = UE_DIR_OUT, 627 .ep_index = 5, 628 .bufsize = RUN_MAX_TXSZ, 629 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 630 .callback = run_bulk_tx_callback5, 631 .timeout = 5000, /* ms */ 632 }, 633 [RUN_BULK_RX] = { 634 .type = UE_BULK, 635 .endpoint = UE_ADDR_ANY, 636 .direction = UE_DIR_IN, 637 .bufsize = RUN_MAX_RXSZ, 638 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 639 .callback = run_bulk_rx_callback, 640 } 641 }; 642 643 static void 644 run_autoinst(void *arg, struct usb_device *udev, 645 struct usb_attach_arg *uaa) 646 { 647 struct usb_interface *iface; 648 struct usb_interface_descriptor *id; 649 650 if (uaa->dev_state != UAA_DEV_READY) 651 return; 652 653 iface = usbd_get_iface(udev, 0); 654 if (iface == NULL) 655 return; 656 id = iface->idesc; 657 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 658 return; 659 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 660 return; 661 662 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 663 uaa->dev_state = UAA_DEV_EJECTING; 664 } 665 666 static int 667 run_driver_loaded(struct module *mod, int what, void *arg) 668 { 669 switch (what) { 670 case MOD_LOAD: 671 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 672 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 673 break; 674 case MOD_UNLOAD: 675 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 676 break; 677 default: 678 return (EOPNOTSUPP); 679 } 680 return (0); 681 } 682 683 static int 684 run_match(device_t self) 685 { 686 struct usb_attach_arg *uaa = device_get_ivars(self); 687 688 if (uaa->usb_mode != USB_MODE_HOST) 689 return (ENXIO); 690 if (uaa->info.bConfigIndex != 0) 691 return (ENXIO); 692 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 693 return (ENXIO); 694 695 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 696 } 697 698 static int 699 run_attach(device_t self) 700 { 701 struct run_softc *sc = device_get_softc(self); 702 struct usb_attach_arg *uaa = device_get_ivars(self); 703 struct ieee80211com *ic; 704 struct ifnet *ifp; 705 uint32_t ver; 706 int ntries, error; 707 uint8_t iface_index, bands; 708 709 device_set_usb_desc(self); 710 sc->sc_udev = uaa->device; 711 sc->sc_dev = self; 712 if (USB_GET_DRIVER_INFO(uaa) != RUN_EJECT) 713 sc->sc_flags |= RUN_FLAG_FWLOAD_NEEDED; 714 715 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), 716 MTX_NETWORK_LOCK, MTX_DEF); 717 718 iface_index = RT2860_IFACE_INDEX; 719 720 error = usbd_transfer_setup(uaa->device, &iface_index, 721 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx); 722 if (error) { 723 device_printf(self, "could not allocate USB transfers, " 724 "err=%s\n", usbd_errstr(error)); 725 goto detach; 726 } 727 728 RUN_LOCK(sc); 729 730 /* wait for the chip to settle */ 731 for (ntries = 0; ntries < 100; ntries++) { 732 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 733 RUN_UNLOCK(sc); 734 goto detach; 735 } 736 if (ver != 0 && ver != 0xffffffff) 737 break; 738 run_delay(sc, 10); 739 } 740 if (ntries == 100) { 741 device_printf(sc->sc_dev, 742 "timeout waiting for NIC to initialize\n"); 743 RUN_UNLOCK(sc); 744 goto detach; 745 } 746 sc->mac_ver = ver >> 16; 747 sc->mac_rev = ver & 0xffff; 748 749 /* retrieve RF rev. no and various other things from EEPROM */ 750 run_read_eeprom(sc); 751 752 device_printf(sc->sc_dev, 753 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 754 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 755 sc->ntxchains, sc->nrxchains, ether_sprintf(sc->sc_bssid)); 756 757 RUN_UNLOCK(sc); 758 759 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 760 if (ifp == NULL) { 761 device_printf(sc->sc_dev, "can not if_alloc()\n"); 762 goto detach; 763 } 764 ic = ifp->if_l2com; 765 766 ifp->if_softc = sc; 767 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 768 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 769 ifp->if_init = run_init; 770 ifp->if_ioctl = run_ioctl; 771 ifp->if_start = run_start; 772 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 773 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 774 IFQ_SET_READY(&ifp->if_snd); 775 776 ic->ic_ifp = ifp; 777 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 778 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 779 780 /* set device capabilities */ 781 ic->ic_caps = 782 IEEE80211_C_STA | /* station mode supported */ 783 IEEE80211_C_MONITOR | /* monitor mode supported */ 784 IEEE80211_C_IBSS | 785 IEEE80211_C_HOSTAP | 786 IEEE80211_C_WDS | /* 4-address traffic works */ 787 IEEE80211_C_MBSS | 788 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 789 IEEE80211_C_SHSLOT | /* short slot time supported */ 790 IEEE80211_C_WME | /* WME */ 791 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 792 793 ic->ic_cryptocaps = 794 IEEE80211_CRYPTO_WEP | 795 IEEE80211_CRYPTO_AES_CCM | 796 IEEE80211_CRYPTO_TKIPMIC | 797 IEEE80211_CRYPTO_TKIP; 798 799 ic->ic_flags |= IEEE80211_F_DATAPAD; 800 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 801 802 bands = 0; 803 setbit(&bands, IEEE80211_MODE_11B); 804 setbit(&bands, IEEE80211_MODE_11G); 805 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 806 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 807 sc->rf_rev == RT5592_RF_5592) 808 setbit(&bands, IEEE80211_MODE_11A); 809 ieee80211_init_channels(ic, NULL, &bands); 810 811 ieee80211_ifattach(ic, sc->sc_bssid); 812 813 ic->ic_scan_start = run_scan_start; 814 ic->ic_scan_end = run_scan_end; 815 ic->ic_set_channel = run_set_channel; 816 ic->ic_node_alloc = run_node_alloc; 817 ic->ic_newassoc = run_newassoc; 818 ic->ic_updateslot = run_updateslot; 819 ic->ic_update_mcast = run_update_mcast; 820 ic->ic_wme.wme_update = run_wme_update; 821 ic->ic_raw_xmit = run_raw_xmit; 822 ic->ic_update_promisc = run_update_promisc; 823 824 ic->ic_vap_create = run_vap_create; 825 ic->ic_vap_delete = run_vap_delete; 826 827 ieee80211_radiotap_attach(ic, 828 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 829 RUN_TX_RADIOTAP_PRESENT, 830 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 831 RUN_RX_RADIOTAP_PRESENT); 832 833 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 834 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 835 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0); 836 837 if (bootverbose) 838 ieee80211_announce(ic); 839 840 return (0); 841 842 detach: 843 run_detach(self); 844 return (ENXIO); 845 } 846 847 static int 848 run_detach(device_t self) 849 { 850 struct run_softc *sc = device_get_softc(self); 851 struct ifnet *ifp = sc->sc_ifp; 852 struct ieee80211com *ic; 853 int i; 854 855 RUN_LOCK(sc); 856 sc->sc_detached = 1; 857 RUN_UNLOCK(sc); 858 859 /* stop all USB transfers */ 860 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 861 862 RUN_LOCK(sc); 863 sc->ratectl_run = RUN_RATECTL_OFF; 864 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 865 866 /* free TX list, if any */ 867 for (i = 0; i != RUN_EP_QUEUES; i++) 868 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 869 RUN_UNLOCK(sc); 870 871 if (ifp) { 872 ic = ifp->if_l2com; 873 /* drain tasks */ 874 usb_callout_drain(&sc->ratectl_ch); 875 ieee80211_draintask(ic, &sc->cmdq_task); 876 ieee80211_draintask(ic, &sc->ratectl_task); 877 ieee80211_ifdetach(ic); 878 if_free(ifp); 879 } 880 881 mtx_destroy(&sc->sc_mtx); 882 883 return (0); 884 } 885 886 static struct ieee80211vap * 887 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 888 enum ieee80211_opmode opmode, int flags, 889 const uint8_t bssid[IEEE80211_ADDR_LEN], 890 const uint8_t mac[IEEE80211_ADDR_LEN]) 891 { 892 struct ifnet *ifp = ic->ic_ifp; 893 struct run_softc *sc = ifp->if_softc; 894 struct run_vap *rvp; 895 struct ieee80211vap *vap; 896 int i; 897 898 if (sc->rvp_cnt >= RUN_VAP_MAX) { 899 if_printf(ifp, "number of VAPs maxed out\n"); 900 return (NULL); 901 } 902 903 switch (opmode) { 904 case IEEE80211_M_STA: 905 /* enable s/w bmiss handling for sta mode */ 906 flags |= IEEE80211_CLONE_NOBEACONS; 907 /* fall though */ 908 case IEEE80211_M_IBSS: 909 case IEEE80211_M_MONITOR: 910 case IEEE80211_M_HOSTAP: 911 case IEEE80211_M_MBSS: 912 /* other than WDS vaps, only one at a time */ 913 if (!TAILQ_EMPTY(&ic->ic_vaps)) 914 return (NULL); 915 break; 916 case IEEE80211_M_WDS: 917 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 918 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 919 continue; 920 /* WDS vap's always share the local mac address. */ 921 flags &= ~IEEE80211_CLONE_BSSID; 922 break; 923 } 924 if (vap == NULL) { 925 if_printf(ifp, "wds only supported in ap mode\n"); 926 return (NULL); 927 } 928 break; 929 default: 930 if_printf(ifp, "unknown opmode %d\n", opmode); 931 return (NULL); 932 } 933 934 rvp = (struct run_vap *) malloc(sizeof(struct run_vap), 935 M_80211_VAP, M_NOWAIT | M_ZERO); 936 if (rvp == NULL) 937 return (NULL); 938 vap = &rvp->vap; 939 940 if (ieee80211_vap_setup(ic, vap, name, unit, 941 opmode, flags, bssid, mac) != 0) { 942 /* out of memory */ 943 free(rvp, M_80211_VAP); 944 return (NULL); 945 } 946 947 vap->iv_key_update_begin = run_key_update_begin; 948 vap->iv_key_update_end = run_key_update_end; 949 vap->iv_update_beacon = run_update_beacon; 950 vap->iv_max_aid = RT2870_WCID_MAX; 951 /* 952 * To delete the right key from h/w, we need wcid. 953 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 954 * and matching wcid will be written into there. So, cast 955 * some spells to remove 'const' from ieee80211_key{} 956 */ 957 vap->iv_key_delete = (void *)run_key_delete; 958 vap->iv_key_set = (void *)run_key_set; 959 960 /* override state transition machine */ 961 rvp->newstate = vap->iv_newstate; 962 vap->iv_newstate = run_newstate; 963 964 ieee80211_ratectl_init(vap); 965 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 966 967 /* complete setup */ 968 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 969 970 /* make sure id is always unique */ 971 for (i = 0; i < RUN_VAP_MAX; i++) { 972 if((sc->rvp_bmap & 1 << i) == 0){ 973 sc->rvp_bmap |= 1 << i; 974 rvp->rvp_id = i; 975 break; 976 } 977 } 978 if (sc->rvp_cnt++ == 0) 979 ic->ic_opmode = opmode; 980 981 if (opmode == IEEE80211_M_HOSTAP) 982 sc->cmdq_run = RUN_CMDQ_GO; 983 984 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 985 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 986 987 return (vap); 988 } 989 990 static void 991 run_vap_delete(struct ieee80211vap *vap) 992 { 993 struct run_vap *rvp = RUN_VAP(vap); 994 struct ifnet *ifp; 995 struct ieee80211com *ic; 996 struct run_softc *sc; 997 uint8_t rvp_id; 998 999 if (vap == NULL) 1000 return; 1001 1002 ic = vap->iv_ic; 1003 ifp = ic->ic_ifp; 1004 1005 sc = ifp->if_softc; 1006 1007 RUN_LOCK(sc); 1008 1009 m_freem(rvp->beacon_mbuf); 1010 rvp->beacon_mbuf = NULL; 1011 1012 rvp_id = rvp->rvp_id; 1013 sc->ratectl_run &= ~(1 << rvp_id); 1014 sc->rvp_bmap &= ~(1 << rvp_id); 1015 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1016 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1017 --sc->rvp_cnt; 1018 1019 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1020 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1021 1022 RUN_UNLOCK(sc); 1023 1024 ieee80211_ratectl_deinit(vap); 1025 ieee80211_vap_detach(vap); 1026 free(rvp, M_80211_VAP); 1027 } 1028 1029 /* 1030 * There are numbers of functions need to be called in context thread. 1031 * Rather than creating taskqueue event for each of those functions, 1032 * here is all-for-one taskqueue callback function. This function 1033 * gurantees deferred functions are executed in the same order they 1034 * were enqueued. 1035 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1036 */ 1037 static void 1038 run_cmdq_cb(void *arg, int pending) 1039 { 1040 struct run_softc *sc = arg; 1041 uint8_t i; 1042 1043 /* call cmdq[].func locked */ 1044 RUN_LOCK(sc); 1045 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1046 i = sc->cmdq_exec, pending--) { 1047 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1048 if (sc->cmdq_run == RUN_CMDQ_GO) { 1049 /* 1050 * If arg0 is NULL, callback func needs more 1051 * than one arg. So, pass ptr to cmdq struct. 1052 */ 1053 if (sc->cmdq[i].arg0) 1054 sc->cmdq[i].func(sc->cmdq[i].arg0); 1055 else 1056 sc->cmdq[i].func(&sc->cmdq[i]); 1057 } 1058 sc->cmdq[i].arg0 = NULL; 1059 sc->cmdq[i].func = NULL; 1060 sc->cmdq_exec++; 1061 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1062 } 1063 RUN_UNLOCK(sc); 1064 } 1065 1066 static void 1067 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1068 { 1069 struct run_tx_data *data; 1070 1071 memset(pq, 0, sizeof(*pq)); 1072 1073 STAILQ_INIT(&pq->tx_qh); 1074 STAILQ_INIT(&pq->tx_fh); 1075 1076 for (data = &pq->tx_data[0]; 1077 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1078 data->sc = sc; 1079 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1080 } 1081 pq->tx_nfree = RUN_TX_RING_COUNT; 1082 } 1083 1084 static void 1085 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1086 { 1087 struct run_tx_data *data; 1088 1089 /* make sure any subsequent use of the queues will fail */ 1090 pq->tx_nfree = 0; 1091 STAILQ_INIT(&pq->tx_fh); 1092 STAILQ_INIT(&pq->tx_qh); 1093 1094 /* free up all node references and mbufs */ 1095 for (data = &pq->tx_data[0]; 1096 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1097 if (data->m != NULL) { 1098 m_freem(data->m); 1099 data->m = NULL; 1100 } 1101 if (data->ni != NULL) { 1102 ieee80211_free_node(data->ni); 1103 data->ni = NULL; 1104 } 1105 } 1106 } 1107 1108 static int 1109 run_load_microcode(struct run_softc *sc) 1110 { 1111 usb_device_request_t req; 1112 const struct firmware *fw; 1113 const u_char *base; 1114 uint32_t tmp; 1115 int ntries, error; 1116 const uint64_t *temp; 1117 uint64_t bytes; 1118 1119 RUN_UNLOCK(sc); 1120 fw = firmware_get("runfw"); 1121 RUN_LOCK(sc); 1122 if (fw == NULL) { 1123 device_printf(sc->sc_dev, 1124 "failed loadfirmware of file %s\n", "runfw"); 1125 return ENOENT; 1126 } 1127 1128 if (fw->datasize != 8192) { 1129 device_printf(sc->sc_dev, 1130 "invalid firmware size (should be 8KB)\n"); 1131 error = EINVAL; 1132 goto fail; 1133 } 1134 1135 /* 1136 * RT3071/RT3072 use a different firmware 1137 * run-rt2870 (8KB) contains both, 1138 * first half (4KB) is for rt2870, 1139 * last half is for rt3071. 1140 */ 1141 base = fw->data; 1142 if ((sc->mac_ver) != 0x2860 && 1143 (sc->mac_ver) != 0x2872 && 1144 (sc->mac_ver) != 0x3070) { 1145 base += 4096; 1146 } 1147 1148 /* cheap sanity check */ 1149 temp = fw->data; 1150 bytes = *temp; 1151 if (bytes != be64toh(0xffffff0210280210ULL)) { 1152 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1153 error = EINVAL; 1154 goto fail; 1155 } 1156 1157 /* write microcode image */ 1158 if (sc->sc_flags & RUN_FLAG_FWLOAD_NEEDED) { 1159 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1160 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1161 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1162 } 1163 1164 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1165 req.bRequest = RT2870_RESET; 1166 USETW(req.wValue, 8); 1167 USETW(req.wIndex, 0); 1168 USETW(req.wLength, 0); 1169 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) 1170 != 0) { 1171 device_printf(sc->sc_dev, "firmware reset failed\n"); 1172 goto fail; 1173 } 1174 1175 run_delay(sc, 10); 1176 1177 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1178 run_write(sc, RT2860_H2M_MAILBOX, 0); 1179 run_write(sc, RT2860_H2M_INTSRC, 0); 1180 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1181 goto fail; 1182 1183 /* wait until microcontroller is ready */ 1184 for (ntries = 0; ntries < 1000; ntries++) { 1185 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1186 goto fail; 1187 if (tmp & RT2860_MCU_READY) 1188 break; 1189 run_delay(sc, 10); 1190 } 1191 if (ntries == 1000) { 1192 device_printf(sc->sc_dev, 1193 "timeout waiting for MCU to initialize\n"); 1194 error = ETIMEDOUT; 1195 goto fail; 1196 } 1197 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1198 (base == fw->data) ? "RT2870" : "RT3071", 1199 *(base + 4092), *(base + 4093)); 1200 1201 fail: 1202 firmware_put(fw, FIRMWARE_UNLOAD); 1203 return (error); 1204 } 1205 1206 static int 1207 run_reset(struct run_softc *sc) 1208 { 1209 usb_device_request_t req; 1210 1211 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1212 req.bRequest = RT2870_RESET; 1213 USETW(req.wValue, 1); 1214 USETW(req.wIndex, 0); 1215 USETW(req.wLength, 0); 1216 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)); 1217 } 1218 1219 static usb_error_t 1220 run_do_request(struct run_softc *sc, 1221 struct usb_device_request *req, void *data) 1222 { 1223 usb_error_t err; 1224 int ntries = 10; 1225 1226 RUN_LOCK_ASSERT(sc, MA_OWNED); 1227 1228 while (ntries--) { 1229 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 1230 req, data, 0, NULL, 250 /* ms */); 1231 if (err == 0) 1232 break; 1233 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1234 usbd_errstr(err)); 1235 run_delay(sc, 10); 1236 } 1237 return (err); 1238 } 1239 1240 static int 1241 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1242 { 1243 uint32_t tmp; 1244 int error; 1245 1246 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1247 if (error == 0) 1248 *val = le32toh(tmp); 1249 else 1250 *val = 0xffffffff; 1251 return (error); 1252 } 1253 1254 static int 1255 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1256 { 1257 usb_device_request_t req; 1258 1259 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1260 req.bRequest = RT2870_READ_REGION_1; 1261 USETW(req.wValue, 0); 1262 USETW(req.wIndex, reg); 1263 USETW(req.wLength, len); 1264 1265 return (run_do_request(sc, &req, buf)); 1266 } 1267 1268 static int 1269 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1270 { 1271 usb_device_request_t req; 1272 1273 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1274 req.bRequest = RT2870_WRITE_2; 1275 USETW(req.wValue, val); 1276 USETW(req.wIndex, reg); 1277 USETW(req.wLength, 0); 1278 1279 return (run_do_request(sc, &req, NULL)); 1280 } 1281 1282 static int 1283 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1284 { 1285 int error; 1286 1287 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1288 error = run_write_2(sc, reg + 2, val >> 16); 1289 return (error); 1290 } 1291 1292 static int 1293 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1294 int len) 1295 { 1296 #if 1 1297 int i, error = 0; 1298 /* 1299 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1300 * We thus issue multiple WRITE_2 commands instead. 1301 */ 1302 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1303 for (i = 0; i < len && error == 0; i += 2) 1304 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1305 return (error); 1306 #else 1307 usb_device_request_t req; 1308 int error = 0; 1309 1310 /* 1311 * NOTE: It appears the WRITE_REGION_1 command cannot be 1312 * passed a huge amount of data, which will crash the 1313 * firmware. Limit amount of data passed to 64-bytes at a 1314 * time. 1315 */ 1316 while (len > 0) { 1317 int delta = 64; 1318 if (delta > len) 1319 delta = len; 1320 1321 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1322 req.bRequest = RT2870_WRITE_REGION_1; 1323 USETW(req.wValue, 0); 1324 USETW(req.wIndex, reg); 1325 USETW(req.wLength, delta); 1326 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1327 if (error != 0) 1328 break; 1329 reg += delta; 1330 buf += delta; 1331 len -= delta; 1332 } 1333 return (error); 1334 #endif 1335 } 1336 1337 static int 1338 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1339 { 1340 int i, error = 0; 1341 1342 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1343 for (i = 0; i < len && error == 0; i += 4) 1344 error = run_write(sc, reg + i, val); 1345 return (error); 1346 } 1347 1348 static int 1349 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1350 { 1351 uint32_t tmp; 1352 uint16_t reg; 1353 int error, ntries; 1354 1355 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1356 return (error); 1357 1358 if (count == 2) 1359 addr *= 2; 1360 /*- 1361 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1362 * DATA0: F E D C 1363 * DATA1: B A 9 8 1364 * DATA2: 7 6 5 4 1365 * DATA3: 3 2 1 0 1366 */ 1367 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1368 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1369 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1370 for (ntries = 0; ntries < 100; ntries++) { 1371 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1372 return (error); 1373 if (!(tmp & RT3070_EFSROM_KICK)) 1374 break; 1375 run_delay(sc, 2); 1376 } 1377 if (ntries == 100) 1378 return (ETIMEDOUT); 1379 1380 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1381 *val = 0xffff; /* address not found */ 1382 return (0); 1383 } 1384 /* determine to which 32-bit register our 16-bit word belongs */ 1385 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1386 if ((error = run_read(sc, reg, &tmp)) != 0) 1387 return (error); 1388 1389 tmp >>= (8 * (addr & 0x3)); 1390 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1391 1392 return (0); 1393 } 1394 1395 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1396 static int 1397 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1398 { 1399 return (run_efuse_read(sc, addr, val, 2)); 1400 } 1401 1402 static int 1403 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1404 { 1405 usb_device_request_t req; 1406 uint16_t tmp; 1407 int error; 1408 1409 addr *= 2; 1410 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1411 req.bRequest = RT2870_EEPROM_READ; 1412 USETW(req.wValue, 0); 1413 USETW(req.wIndex, addr); 1414 USETW(req.wLength, sizeof(tmp)); 1415 1416 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp); 1417 if (error == 0) 1418 *val = le16toh(tmp); 1419 else 1420 *val = 0xffff; 1421 return (error); 1422 } 1423 1424 static __inline int 1425 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1426 { 1427 /* either eFUSE ROM or EEPROM */ 1428 return sc->sc_srom_read(sc, addr, val); 1429 } 1430 1431 static int 1432 run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1433 { 1434 uint32_t tmp; 1435 int error, ntries; 1436 1437 for (ntries = 0; ntries < 10; ntries++) { 1438 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1439 return (error); 1440 if (!(tmp & RT2860_RF_REG_CTRL)) 1441 break; 1442 } 1443 if (ntries == 10) 1444 return (ETIMEDOUT); 1445 1446 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1447 } 1448 1449 static int 1450 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1451 { 1452 uint32_t tmp; 1453 int error, ntries; 1454 1455 for (ntries = 0; ntries < 100; ntries++) { 1456 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1457 return (error); 1458 if (!(tmp & RT3070_RF_KICK)) 1459 break; 1460 } 1461 if (ntries == 100) 1462 return (ETIMEDOUT); 1463 1464 tmp = RT3070_RF_KICK | reg << 8; 1465 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1466 return (error); 1467 1468 for (ntries = 0; ntries < 100; ntries++) { 1469 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1470 return (error); 1471 if (!(tmp & RT3070_RF_KICK)) 1472 break; 1473 } 1474 if (ntries == 100) 1475 return (ETIMEDOUT); 1476 1477 *val = tmp & 0xff; 1478 return (0); 1479 } 1480 1481 static int 1482 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1483 { 1484 uint32_t tmp; 1485 int error, ntries; 1486 1487 for (ntries = 0; ntries < 10; ntries++) { 1488 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1489 return (error); 1490 if (!(tmp & RT3070_RF_KICK)) 1491 break; 1492 } 1493 if (ntries == 10) 1494 return (ETIMEDOUT); 1495 1496 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1497 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1498 } 1499 1500 static int 1501 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1502 { 1503 uint32_t tmp; 1504 int ntries, error; 1505 1506 for (ntries = 0; ntries < 10; ntries++) { 1507 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1508 return (error); 1509 if (!(tmp & RT2860_BBP_CSR_KICK)) 1510 break; 1511 } 1512 if (ntries == 10) 1513 return (ETIMEDOUT); 1514 1515 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1516 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1517 return (error); 1518 1519 for (ntries = 0; ntries < 10; ntries++) { 1520 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1521 return (error); 1522 if (!(tmp & RT2860_BBP_CSR_KICK)) 1523 break; 1524 } 1525 if (ntries == 10) 1526 return (ETIMEDOUT); 1527 1528 *val = tmp & 0xff; 1529 return (0); 1530 } 1531 1532 static int 1533 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1534 { 1535 uint32_t tmp; 1536 int ntries, error; 1537 1538 for (ntries = 0; ntries < 10; ntries++) { 1539 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1540 return (error); 1541 if (!(tmp & RT2860_BBP_CSR_KICK)) 1542 break; 1543 } 1544 if (ntries == 10) 1545 return (ETIMEDOUT); 1546 1547 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1548 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1549 } 1550 1551 /* 1552 * Send a command to the 8051 microcontroller unit. 1553 */ 1554 static int 1555 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1556 { 1557 uint32_t tmp; 1558 int error, ntries; 1559 1560 for (ntries = 0; ntries < 100; ntries++) { 1561 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1562 return error; 1563 if (!(tmp & RT2860_H2M_BUSY)) 1564 break; 1565 } 1566 if (ntries == 100) 1567 return ETIMEDOUT; 1568 1569 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1570 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1571 error = run_write(sc, RT2860_HOST_CMD, cmd); 1572 return (error); 1573 } 1574 1575 /* 1576 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1577 * Used to adjust per-rate Tx power registers. 1578 */ 1579 static __inline uint32_t 1580 b4inc(uint32_t b32, int8_t delta) 1581 { 1582 int8_t i, b4; 1583 1584 for (i = 0; i < 8; i++) { 1585 b4 = b32 & 0xf; 1586 b4 += delta; 1587 if (b4 < 0) 1588 b4 = 0; 1589 else if (b4 > 0xf) 1590 b4 = 0xf; 1591 b32 = b32 >> 4 | b4 << 28; 1592 } 1593 return (b32); 1594 } 1595 1596 static const char * 1597 run_get_rf(uint16_t rev) 1598 { 1599 switch (rev) { 1600 case RT2860_RF_2820: return "RT2820"; 1601 case RT2860_RF_2850: return "RT2850"; 1602 case RT2860_RF_2720: return "RT2720"; 1603 case RT2860_RF_2750: return "RT2750"; 1604 case RT3070_RF_3020: return "RT3020"; 1605 case RT3070_RF_2020: return "RT2020"; 1606 case RT3070_RF_3021: return "RT3021"; 1607 case RT3070_RF_3022: return "RT3022"; 1608 case RT3070_RF_3052: return "RT3052"; 1609 case RT3593_RF_3053: return "RT3053"; 1610 case RT5592_RF_5592: return "RT5592"; 1611 case RT5390_RF_5370: return "RT5370"; 1612 case RT5390_RF_5372: return "RT5372"; 1613 } 1614 return ("unknown"); 1615 } 1616 1617 static void 1618 run_rt3593_get_txpower(struct run_softc *sc) 1619 { 1620 uint16_t addr, val; 1621 int i; 1622 1623 /* Read power settings for 2GHz channels. */ 1624 for (i = 0; i < 14; i += 2) { 1625 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1626 RT2860_EEPROM_PWR2GHZ_BASE1; 1627 run_srom_read(sc, addr + i / 2, &val); 1628 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1629 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1630 1631 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1632 RT2860_EEPROM_PWR2GHZ_BASE2; 1633 run_srom_read(sc, addr + i / 2, &val); 1634 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1635 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1636 1637 if (sc->ntxchains == 3) { 1638 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1639 &val); 1640 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1641 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1642 } 1643 } 1644 /* Fix broken Tx power entries. */ 1645 for (i = 0; i < 14; i++) { 1646 if (sc->txpow1[i] > 31) 1647 sc->txpow1[i] = 5; 1648 if (sc->txpow2[i] > 31) 1649 sc->txpow2[i] = 5; 1650 if (sc->ntxchains == 3) { 1651 if (sc->txpow3[i] > 31) 1652 sc->txpow3[i] = 5; 1653 } 1654 } 1655 /* Read power settings for 5GHz channels. */ 1656 for (i = 0; i < 40; i += 2) { 1657 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1658 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1659 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1660 1661 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1662 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1663 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1664 1665 if (sc->ntxchains == 3) { 1666 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1667 &val); 1668 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1669 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1670 } 1671 } 1672 } 1673 1674 static void 1675 run_get_txpower(struct run_softc *sc) 1676 { 1677 uint16_t val; 1678 int i; 1679 1680 /* Read power settings for 2GHz channels. */ 1681 for (i = 0; i < 14; i += 2) { 1682 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1683 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1684 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1685 1686 if (sc->mac_ver != 0x5390) { 1687 run_srom_read(sc, 1688 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1689 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1690 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1691 } 1692 } 1693 /* Fix broken Tx power entries. */ 1694 for (i = 0; i < 14; i++) { 1695 if (sc->mac_ver >= 0x5390) { 1696 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1697 sc->txpow1[i] = 5; 1698 } else { 1699 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1700 sc->txpow1[i] = 5; 1701 } 1702 if (sc->mac_ver > 0x5390) { 1703 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1704 sc->txpow2[i] = 5; 1705 } else if (sc->mac_ver < 0x5390) { 1706 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1707 sc->txpow2[i] = 5; 1708 } 1709 DPRINTF("chan %d: power1=%d, power2=%d\n", 1710 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1711 } 1712 /* Read power settings for 5GHz channels. */ 1713 for (i = 0; i < 40; i += 2) { 1714 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1715 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1716 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1717 1718 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1719 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1720 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1721 } 1722 /* Fix broken Tx power entries. */ 1723 for (i = 0; i < 40; i++ ) { 1724 if (sc->mac_ver != 0x5592) { 1725 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1726 sc->txpow1[14 + i] = 5; 1727 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1728 sc->txpow2[14 + i] = 5; 1729 } 1730 DPRINTF("chan %d: power1=%d, power2=%d\n", 1731 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1732 sc->txpow2[14 + i]); 1733 } 1734 } 1735 1736 static int 1737 run_read_eeprom(struct run_softc *sc) 1738 { 1739 int8_t delta_2ghz, delta_5ghz; 1740 uint32_t tmp; 1741 uint16_t val; 1742 int ridx, ant, i; 1743 1744 /* check whether the ROM is eFUSE ROM or EEPROM */ 1745 sc->sc_srom_read = run_eeprom_read_2; 1746 if (sc->mac_ver >= 0x3070) { 1747 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1748 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1749 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593) 1750 sc->sc_srom_read = run_efuse_read_2; 1751 } 1752 1753 /* read ROM version */ 1754 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1755 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1756 1757 /* read MAC address */ 1758 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1759 sc->sc_bssid[0] = val & 0xff; 1760 sc->sc_bssid[1] = val >> 8; 1761 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1762 sc->sc_bssid[2] = val & 0xff; 1763 sc->sc_bssid[3] = val >> 8; 1764 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1765 sc->sc_bssid[4] = val & 0xff; 1766 sc->sc_bssid[5] = val >> 8; 1767 1768 if (sc->mac_ver < 0x3593) { 1769 /* read vender BBP settings */ 1770 for (i = 0; i < 10; i++) { 1771 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1772 sc->bbp[i].val = val & 0xff; 1773 sc->bbp[i].reg = val >> 8; 1774 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1775 sc->bbp[i].val); 1776 } 1777 if (sc->mac_ver >= 0x3071) { 1778 /* read vendor RF settings */ 1779 for (i = 0; i < 10; i++) { 1780 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1781 &val); 1782 sc->rf[i].val = val & 0xff; 1783 sc->rf[i].reg = val >> 8; 1784 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1785 sc->rf[i].val); 1786 } 1787 } 1788 } 1789 1790 /* read RF frequency offset from EEPROM */ 1791 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1792 RT3593_EEPROM_FREQ, &val); 1793 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1794 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1795 1796 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1797 RT3593_EEPROM_FREQ_LEDS, &val); 1798 if (val >> 8 != 0xff) { 1799 /* read LEDs operating mode */ 1800 sc->leds = val >> 8; 1801 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1802 RT3593_EEPROM_LED1, &sc->led[0]); 1803 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1804 RT3593_EEPROM_LED2, &sc->led[1]); 1805 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1806 RT3593_EEPROM_LED3, &sc->led[2]); 1807 } else { 1808 /* broken EEPROM, use default settings */ 1809 sc->leds = 0x01; 1810 sc->led[0] = 0x5555; 1811 sc->led[1] = 0x2221; 1812 sc->led[2] = 0x5627; /* differs from RT2860 */ 1813 } 1814 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1815 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1816 1817 /* read RF information */ 1818 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1819 run_srom_read(sc, 0x00, &val); 1820 else 1821 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1822 1823 if (val == 0xffff) { 1824 device_printf(sc->sc_dev, 1825 "invalid EEPROM antenna info, using default\n"); 1826 DPRINTF("invalid EEPROM antenna info, using default\n"); 1827 if (sc->mac_ver == 0x3572) { 1828 /* default to RF3052 2T2R */ 1829 sc->rf_rev = RT3070_RF_3052; 1830 sc->ntxchains = 2; 1831 sc->nrxchains = 2; 1832 } else if (sc->mac_ver >= 0x3070) { 1833 /* default to RF3020 1T1R */ 1834 sc->rf_rev = RT3070_RF_3020; 1835 sc->ntxchains = 1; 1836 sc->nrxchains = 1; 1837 } else { 1838 /* default to RF2820 1T2R */ 1839 sc->rf_rev = RT2860_RF_2820; 1840 sc->ntxchains = 1; 1841 sc->nrxchains = 2; 1842 } 1843 } else { 1844 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1845 sc->rf_rev = val; 1846 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1847 } else 1848 sc->rf_rev = (val >> 8) & 0xf; 1849 sc->ntxchains = (val >> 4) & 0xf; 1850 sc->nrxchains = val & 0xf; 1851 } 1852 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1853 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1854 1855 /* check if RF supports automatic Tx access gain control */ 1856 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1857 DPRINTF("EEPROM CFG 0x%04x\n", val); 1858 /* check if driver should patch the DAC issue */ 1859 if ((val >> 8) != 0xff) 1860 sc->patch_dac = (val >> 15) & 1; 1861 if ((val & 0xff) != 0xff) { 1862 sc->ext_5ghz_lna = (val >> 3) & 1; 1863 sc->ext_2ghz_lna = (val >> 2) & 1; 1864 /* check if RF supports automatic Tx access gain control */ 1865 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1866 /* check if we have a hardware radio switch */ 1867 sc->rfswitch = val & 1; 1868 } 1869 1870 /* Read Tx power settings. */ 1871 if (sc->mac_ver == 0x3593) 1872 run_rt3593_get_txpower(sc); 1873 else 1874 run_get_txpower(sc); 1875 1876 /* read Tx power compensation for each Tx rate */ 1877 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1878 delta_2ghz = delta_5ghz = 0; 1879 if ((val & 0xff) != 0xff && (val & 0x80)) { 1880 delta_2ghz = val & 0xf; 1881 if (!(val & 0x40)) /* negative number */ 1882 delta_2ghz = -delta_2ghz; 1883 } 1884 val >>= 8; 1885 if ((val & 0xff) != 0xff && (val & 0x80)) { 1886 delta_5ghz = val & 0xf; 1887 if (!(val & 0x40)) /* negative number */ 1888 delta_5ghz = -delta_5ghz; 1889 } 1890 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1891 delta_2ghz, delta_5ghz); 1892 1893 for (ridx = 0; ridx < 5; ridx++) { 1894 uint32_t reg; 1895 1896 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1897 reg = val; 1898 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1899 reg |= (uint32_t)val << 16; 1900 1901 sc->txpow20mhz[ridx] = reg; 1902 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1903 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1904 1905 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1906 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1907 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1908 } 1909 1910 /* Read RSSI offsets and LNA gains from EEPROM. */ 1911 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1912 RT3593_EEPROM_RSSI1_2GHZ, &val); 1913 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1914 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1915 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1916 RT3593_EEPROM_RSSI2_2GHZ, &val); 1917 if (sc->mac_ver >= 0x3070) { 1918 if (sc->mac_ver == 0x3593) { 1919 sc->txmixgain_2ghz = 0; 1920 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1921 } else { 1922 /* 1923 * On RT3070 chips (limited to 2 Rx chains), this ROM 1924 * field contains the Tx mixer gain for the 2GHz band. 1925 */ 1926 if ((val & 0xff) != 0xff) 1927 sc->txmixgain_2ghz = val & 0x7; 1928 } 1929 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1930 } else 1931 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1932 if (sc->mac_ver == 0x3593) 1933 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1934 sc->lna[2] = val >> 8; /* channel group 2 */ 1935 1936 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1937 RT3593_EEPROM_RSSI1_5GHZ, &val); 1938 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1939 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1940 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1941 RT3593_EEPROM_RSSI2_5GHZ, &val); 1942 if (sc->mac_ver == 0x3572) { 1943 /* 1944 * On RT3572 chips (limited to 2 Rx chains), this ROM 1945 * field contains the Tx mixer gain for the 5GHz band. 1946 */ 1947 if ((val & 0xff) != 0xff) 1948 sc->txmixgain_5ghz = val & 0x7; 1949 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1950 } else 1951 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1952 if (sc->mac_ver == 0x3593) { 1953 sc->txmixgain_5ghz = 0; 1954 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1955 } 1956 sc->lna[3] = val >> 8; /* channel group 3 */ 1957 1958 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1959 RT3593_EEPROM_LNA, &val); 1960 sc->lna[0] = val & 0xff; /* channel group 0 */ 1961 sc->lna[1] = val >> 8; /* channel group 1 */ 1962 1963 /* fix broken 5GHz LNA entries */ 1964 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1965 DPRINTF("invalid LNA for channel group %d\n", 2); 1966 sc->lna[2] = sc->lna[1]; 1967 } 1968 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1969 DPRINTF("invalid LNA for channel group %d\n", 3); 1970 sc->lna[3] = sc->lna[1]; 1971 } 1972 1973 /* fix broken RSSI offset entries */ 1974 for (ant = 0; ant < 3; ant++) { 1975 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1976 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1977 ant + 1, sc->rssi_2ghz[ant]); 1978 sc->rssi_2ghz[ant] = 0; 1979 } 1980 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1981 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1982 ant + 1, sc->rssi_5ghz[ant]); 1983 sc->rssi_5ghz[ant] = 0; 1984 } 1985 } 1986 return (0); 1987 } 1988 1989 static struct ieee80211_node * 1990 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1991 { 1992 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1993 } 1994 1995 static int 1996 run_media_change(struct ifnet *ifp) 1997 { 1998 struct ieee80211vap *vap = ifp->if_softc; 1999 struct ieee80211com *ic = vap->iv_ic; 2000 const struct ieee80211_txparam *tp; 2001 struct run_softc *sc = ic->ic_ifp->if_softc; 2002 uint8_t rate, ridx; 2003 int error; 2004 2005 RUN_LOCK(sc); 2006 2007 error = ieee80211_media_change(ifp); 2008 if (error != ENETRESET) { 2009 RUN_UNLOCK(sc); 2010 return (error); 2011 } 2012 2013 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2014 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2015 struct ieee80211_node *ni; 2016 struct run_node *rn; 2017 2018 rate = ic->ic_sup_rates[ic->ic_curmode]. 2019 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2020 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2021 if (rt2860_rates[ridx].rate == rate) 2022 break; 2023 ni = ieee80211_ref_node(vap->iv_bss); 2024 rn = (struct run_node *)ni; 2025 rn->fix_ridx = ridx; 2026 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2027 ieee80211_free_node(ni); 2028 } 2029 2030 #if 0 2031 if ((ifp->if_flags & IFF_UP) && 2032 (ifp->if_drv_flags & IFF_DRV_RUNNING)){ 2033 run_init_locked(sc); 2034 } 2035 #endif 2036 2037 RUN_UNLOCK(sc); 2038 2039 return (0); 2040 } 2041 2042 static int 2043 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2044 { 2045 const struct ieee80211_txparam *tp; 2046 struct ieee80211com *ic = vap->iv_ic; 2047 struct run_softc *sc = ic->ic_ifp->if_softc; 2048 struct run_vap *rvp = RUN_VAP(vap); 2049 enum ieee80211_state ostate; 2050 uint32_t sta[3]; 2051 uint32_t tmp; 2052 uint8_t ratectl; 2053 uint8_t restart_ratectl = 0; 2054 uint8_t bid = 1 << rvp->rvp_id; 2055 2056 ostate = vap->iv_state; 2057 DPRINTF("%s -> %s\n", 2058 ieee80211_state_name[ostate], 2059 ieee80211_state_name[nstate]); 2060 2061 IEEE80211_UNLOCK(ic); 2062 RUN_LOCK(sc); 2063 2064 ratectl = sc->ratectl_run; /* remember current state */ 2065 sc->ratectl_run = RUN_RATECTL_OFF; 2066 usb_callout_stop(&sc->ratectl_ch); 2067 2068 if (ostate == IEEE80211_S_RUN) { 2069 /* turn link LED off */ 2070 run_set_leds(sc, RT2860_LED_RADIO); 2071 } 2072 2073 switch (nstate) { 2074 case IEEE80211_S_INIT: 2075 restart_ratectl = 1; 2076 2077 if (ostate != IEEE80211_S_RUN) 2078 break; 2079 2080 ratectl &= ~bid; 2081 sc->runbmap &= ~bid; 2082 2083 /* abort TSF synchronization if there is no vap running */ 2084 if (--sc->running == 0) { 2085 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2086 run_write(sc, RT2860_BCN_TIME_CFG, 2087 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2088 RT2860_TBTT_TIMER_EN)); 2089 } 2090 break; 2091 2092 case IEEE80211_S_RUN: 2093 if (!(sc->runbmap & bid)) { 2094 if(sc->running++) 2095 restart_ratectl = 1; 2096 sc->runbmap |= bid; 2097 } 2098 2099 m_freem(rvp->beacon_mbuf); 2100 rvp->beacon_mbuf = NULL; 2101 2102 switch (vap->iv_opmode) { 2103 case IEEE80211_M_HOSTAP: 2104 case IEEE80211_M_MBSS: 2105 sc->ap_running |= bid; 2106 ic->ic_opmode = vap->iv_opmode; 2107 run_update_beacon_cb(vap); 2108 break; 2109 case IEEE80211_M_IBSS: 2110 sc->adhoc_running |= bid; 2111 if (!sc->ap_running) 2112 ic->ic_opmode = vap->iv_opmode; 2113 run_update_beacon_cb(vap); 2114 break; 2115 case IEEE80211_M_STA: 2116 sc->sta_running |= bid; 2117 if (!sc->ap_running && !sc->adhoc_running) 2118 ic->ic_opmode = vap->iv_opmode; 2119 2120 /* read statistic counters (clear on read) */ 2121 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2122 (uint8_t *)sta, sizeof sta); 2123 2124 break; 2125 default: 2126 ic->ic_opmode = vap->iv_opmode; 2127 break; 2128 } 2129 2130 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2131 struct ieee80211_node *ni; 2132 2133 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2134 RUN_UNLOCK(sc); 2135 IEEE80211_LOCK(ic); 2136 return (-1); 2137 } 2138 run_updateslot(ic->ic_ifp); 2139 run_enable_mrr(sc); 2140 run_set_txpreamble(sc); 2141 run_set_basicrates(sc); 2142 ni = ieee80211_ref_node(vap->iv_bss); 2143 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2144 run_set_bssid(sc, ni->ni_bssid); 2145 ieee80211_free_node(ni); 2146 run_enable_tsf_sync(sc); 2147 2148 /* enable automatic rate adaptation */ 2149 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2150 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2151 ratectl |= bid; 2152 } 2153 2154 /* turn link LED on */ 2155 run_set_leds(sc, RT2860_LED_RADIO | 2156 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2157 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2158 2159 break; 2160 default: 2161 DPRINTFN(6, "undefined case\n"); 2162 break; 2163 } 2164 2165 /* restart amrr for running VAPs */ 2166 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2167 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2168 2169 RUN_UNLOCK(sc); 2170 IEEE80211_LOCK(ic); 2171 2172 return(rvp->newstate(vap, nstate, arg)); 2173 } 2174 2175 /* ARGSUSED */ 2176 static void 2177 run_wme_update_cb(void *arg) 2178 { 2179 struct ieee80211com *ic = arg; 2180 struct run_softc *sc = ic->ic_ifp->if_softc; 2181 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2182 int aci, error = 0; 2183 2184 RUN_LOCK_ASSERT(sc, MA_OWNED); 2185 2186 /* update MAC TX configuration registers */ 2187 for (aci = 0; aci < WME_NUM_AC; aci++) { 2188 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2189 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2190 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2191 wmesp->wme_params[aci].wmep_aifsn << 8 | 2192 wmesp->wme_params[aci].wmep_txopLimit); 2193 if (error) goto err; 2194 } 2195 2196 /* update SCH/DMA registers too */ 2197 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2198 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2199 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2200 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2201 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2202 if (error) goto err; 2203 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2204 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2205 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2206 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2207 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2208 if (error) goto err; 2209 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2210 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2211 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2212 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2213 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2214 if (error) goto err; 2215 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2216 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2217 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2218 if (error) goto err; 2219 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2220 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2221 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2222 2223 err: 2224 if (error) 2225 DPRINTF("WME update failed\n"); 2226 2227 return; 2228 } 2229 2230 static int 2231 run_wme_update(struct ieee80211com *ic) 2232 { 2233 struct run_softc *sc = ic->ic_ifp->if_softc; 2234 2235 /* sometime called wothout lock */ 2236 if (mtx_owned(&ic->ic_comlock.mtx)) { 2237 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2238 DPRINTF("cmdq_store=%d\n", i); 2239 sc->cmdq[i].func = run_wme_update_cb; 2240 sc->cmdq[i].arg0 = ic; 2241 ieee80211_runtask(ic, &sc->cmdq_task); 2242 return (0); 2243 } 2244 2245 RUN_LOCK(sc); 2246 run_wme_update_cb(ic); 2247 RUN_UNLOCK(sc); 2248 2249 /* return whatever, upper layer desn't care anyway */ 2250 return (0); 2251 } 2252 2253 static void 2254 run_key_update_begin(struct ieee80211vap *vap) 2255 { 2256 /* 2257 * To avoid out-of-order events, both run_key_set() and 2258 * _delete() are deferred and handled by run_cmdq_cb(). 2259 * So, there is nothing we need to do here. 2260 */ 2261 } 2262 2263 static void 2264 run_key_update_end(struct ieee80211vap *vap) 2265 { 2266 /* null */ 2267 } 2268 2269 static void 2270 run_key_set_cb(void *arg) 2271 { 2272 struct run_cmdq *cmdq = arg; 2273 struct ieee80211vap *vap = cmdq->arg1; 2274 struct ieee80211_key *k = cmdq->k; 2275 struct ieee80211com *ic = vap->iv_ic; 2276 struct run_softc *sc = ic->ic_ifp->if_softc; 2277 struct ieee80211_node *ni; 2278 uint32_t attr; 2279 uint16_t base, associd; 2280 uint8_t mode, wcid, iv[8]; 2281 2282 RUN_LOCK_ASSERT(sc, MA_OWNED); 2283 2284 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2285 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2286 else 2287 ni = vap->iv_bss; 2288 associd = (ni != NULL) ? ni->ni_associd : 0; 2289 2290 /* map net80211 cipher to RT2860 security mode */ 2291 switch (k->wk_cipher->ic_cipher) { 2292 case IEEE80211_CIPHER_WEP: 2293 if(k->wk_keylen < 8) 2294 mode = RT2860_MODE_WEP40; 2295 else 2296 mode = RT2860_MODE_WEP104; 2297 break; 2298 case IEEE80211_CIPHER_TKIP: 2299 mode = RT2860_MODE_TKIP; 2300 break; 2301 case IEEE80211_CIPHER_AES_CCM: 2302 mode = RT2860_MODE_AES_CCMP; 2303 break; 2304 default: 2305 DPRINTF("undefined case\n"); 2306 return; 2307 } 2308 2309 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2310 associd, k->wk_keyix, mode, 2311 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2312 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2313 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2314 2315 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2316 wcid = 0; /* NB: update WCID0 for group keys */ 2317 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2318 } else { 2319 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2320 1 : RUN_AID2WCID(associd); 2321 base = RT2860_PKEY(wcid); 2322 } 2323 2324 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2325 if(run_write_region_1(sc, base, k->wk_key, 16)) 2326 return; 2327 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2328 return; 2329 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2330 return; 2331 } else { 2332 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2333 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2334 return; 2335 } 2336 2337 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2338 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2339 /* set initial packet number in IV+EIV */ 2340 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2341 memset(iv, 0, sizeof iv); 2342 iv[3] = vap->iv_def_txkey << 6; 2343 } else { 2344 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2345 iv[0] = k->wk_keytsc >> 8; 2346 iv[1] = (iv[0] | 0x20) & 0x7f; 2347 iv[2] = k->wk_keytsc; 2348 } else /* CCMP */ { 2349 iv[0] = k->wk_keytsc; 2350 iv[1] = k->wk_keytsc >> 8; 2351 iv[2] = 0; 2352 } 2353 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2354 iv[4] = k->wk_keytsc >> 16; 2355 iv[5] = k->wk_keytsc >> 24; 2356 iv[6] = k->wk_keytsc >> 32; 2357 iv[7] = k->wk_keytsc >> 40; 2358 } 2359 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2360 return; 2361 } 2362 2363 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2364 /* install group key */ 2365 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2366 return; 2367 attr &= ~(0xf << (k->wk_keyix * 4)); 2368 attr |= mode << (k->wk_keyix * 4); 2369 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2370 return; 2371 } else { 2372 /* install pairwise key */ 2373 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2374 return; 2375 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2376 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2377 return; 2378 } 2379 2380 /* TODO create a pass-thru key entry? */ 2381 2382 /* need wcid to delete the right key later */ 2383 k->wk_pad = wcid; 2384 } 2385 2386 /* 2387 * Don't have to be deferred, but in order to keep order of 2388 * execution, i.e. with run_key_delete(), defer this and let 2389 * run_cmdq_cb() maintain the order. 2390 * 2391 * return 0 on error 2392 */ 2393 static int 2394 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2395 const uint8_t mac[IEEE80211_ADDR_LEN]) 2396 { 2397 struct ieee80211com *ic = vap->iv_ic; 2398 struct run_softc *sc = ic->ic_ifp->if_softc; 2399 uint32_t i; 2400 2401 i = RUN_CMDQ_GET(&sc->cmdq_store); 2402 DPRINTF("cmdq_store=%d\n", i); 2403 sc->cmdq[i].func = run_key_set_cb; 2404 sc->cmdq[i].arg0 = NULL; 2405 sc->cmdq[i].arg1 = vap; 2406 sc->cmdq[i].k = k; 2407 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2408 ieee80211_runtask(ic, &sc->cmdq_task); 2409 2410 /* 2411 * To make sure key will be set when hostapd 2412 * calls iv_key_set() before if_init(). 2413 */ 2414 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2415 RUN_LOCK(sc); 2416 sc->cmdq_key_set = RUN_CMDQ_GO; 2417 RUN_UNLOCK(sc); 2418 } 2419 2420 return (1); 2421 } 2422 2423 /* 2424 * If wlan is destroyed without being brought down i.e. without 2425 * wlan down or wpa_cli terminate, this function is called after 2426 * vap is gone. Don't refer it. 2427 */ 2428 static void 2429 run_key_delete_cb(void *arg) 2430 { 2431 struct run_cmdq *cmdq = arg; 2432 struct run_softc *sc = cmdq->arg1; 2433 struct ieee80211_key *k = &cmdq->key; 2434 uint32_t attr; 2435 uint8_t wcid; 2436 2437 RUN_LOCK_ASSERT(sc, MA_OWNED); 2438 2439 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2440 /* remove group key */ 2441 DPRINTF("removing group key\n"); 2442 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2443 attr &= ~(0xf << (k->wk_keyix * 4)); 2444 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2445 } else { 2446 /* remove pairwise key */ 2447 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2448 /* matching wcid was written to wk_pad in run_key_set() */ 2449 wcid = k->wk_pad; 2450 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2451 attr &= ~0xf; 2452 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2453 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2454 } 2455 2456 k->wk_pad = 0; 2457 } 2458 2459 /* 2460 * return 0 on error 2461 */ 2462 static int 2463 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2464 { 2465 struct ieee80211com *ic = vap->iv_ic; 2466 struct run_softc *sc = ic->ic_ifp->if_softc; 2467 struct ieee80211_key *k0; 2468 uint32_t i; 2469 2470 /* 2471 * When called back, key might be gone. So, make a copy 2472 * of some values need to delete keys before deferring. 2473 * But, because of LOR with node lock, cannot use lock here. 2474 * So, use atomic instead. 2475 */ 2476 i = RUN_CMDQ_GET(&sc->cmdq_store); 2477 DPRINTF("cmdq_store=%d\n", i); 2478 sc->cmdq[i].func = run_key_delete_cb; 2479 sc->cmdq[i].arg0 = NULL; 2480 sc->cmdq[i].arg1 = sc; 2481 k0 = &sc->cmdq[i].key; 2482 k0->wk_flags = k->wk_flags; 2483 k0->wk_keyix = k->wk_keyix; 2484 /* matching wcid was written to wk_pad in run_key_set() */ 2485 k0->wk_pad = k->wk_pad; 2486 ieee80211_runtask(ic, &sc->cmdq_task); 2487 return (1); /* return fake success */ 2488 2489 } 2490 2491 static void 2492 run_ratectl_to(void *arg) 2493 { 2494 struct run_softc *sc = arg; 2495 2496 /* do it in a process context, so it can go sleep */ 2497 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2498 /* next timeout will be rescheduled in the callback task */ 2499 } 2500 2501 /* ARGSUSED */ 2502 static void 2503 run_ratectl_cb(void *arg, int pending) 2504 { 2505 struct run_softc *sc = arg; 2506 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2507 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2508 2509 if (vap == NULL) 2510 return; 2511 2512 if (sc->rvp_cnt > 1 || vap->iv_opmode != IEEE80211_M_STA) { 2513 /* 2514 * run_reset_livelock() doesn't do anything with AMRR, 2515 * but Ralink wants us to call it every 1 sec. So, we 2516 * piggyback here rather than creating another callout. 2517 * Livelock may occur only in HOSTAP or IBSS mode 2518 * (when h/w is sending beacons). 2519 */ 2520 RUN_LOCK(sc); 2521 run_reset_livelock(sc); 2522 /* just in case, there are some stats to drain */ 2523 run_drain_fifo(sc); 2524 RUN_UNLOCK(sc); 2525 } 2526 2527 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2528 2529 RUN_LOCK(sc); 2530 if(sc->ratectl_run != RUN_RATECTL_OFF) 2531 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2532 RUN_UNLOCK(sc); 2533 } 2534 2535 static void 2536 run_drain_fifo(void *arg) 2537 { 2538 struct run_softc *sc = arg; 2539 struct ifnet *ifp = sc->sc_ifp; 2540 uint32_t stat; 2541 uint16_t (*wstat)[3]; 2542 uint8_t wcid, mcs, pid; 2543 int8_t retry; 2544 2545 RUN_LOCK_ASSERT(sc, MA_OWNED); 2546 2547 for (;;) { 2548 /* drain Tx status FIFO (maxsize = 16) */ 2549 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2550 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2551 if (!(stat & RT2860_TXQ_VLD)) 2552 break; 2553 2554 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2555 2556 /* if no ACK was requested, no feedback is available */ 2557 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2558 wcid == 0) 2559 continue; 2560 2561 /* 2562 * Even though each stat is Tx-complete-status like format, 2563 * the device can poll stats. Because there is no guarantee 2564 * that the referring node is still around when read the stats. 2565 * So that, if we use ieee80211_ratectl_tx_update(), we will 2566 * have hard time not to refer already freed node. 2567 * 2568 * To eliminate such page faults, we poll stats in softc. 2569 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2570 */ 2571 wstat = &(sc->wcid_stats[wcid]); 2572 (*wstat)[RUN_TXCNT]++; 2573 if (stat & RT2860_TXQ_OK) 2574 (*wstat)[RUN_SUCCESS]++; 2575 else 2576 ifp->if_oerrors++; 2577 /* 2578 * Check if there were retries, ie if the Tx success rate is 2579 * different from the requested rate. Note that it works only 2580 * because we do not allow rate fallback from OFDM to CCK. 2581 */ 2582 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2583 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2584 if ((retry = pid -1 - mcs) > 0) { 2585 (*wstat)[RUN_TXCNT] += retry; 2586 (*wstat)[RUN_RETRY] += retry; 2587 } 2588 } 2589 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2590 2591 sc->fifo_cnt = 0; 2592 } 2593 2594 static void 2595 run_iter_func(void *arg, struct ieee80211_node *ni) 2596 { 2597 struct run_softc *sc = arg; 2598 struct ieee80211vap *vap = ni->ni_vap; 2599 struct ieee80211com *ic = ni->ni_ic; 2600 struct ifnet *ifp = ic->ic_ifp; 2601 struct run_node *rn = (void *)ni; 2602 union run_stats sta[2]; 2603 uint16_t (*wstat)[3]; 2604 int txcnt, success, retrycnt, error; 2605 2606 RUN_LOCK(sc); 2607 2608 /* Check for special case */ 2609 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA && 2610 ni != vap->iv_bss) 2611 goto fail; 2612 2613 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2614 vap->iv_opmode == IEEE80211_M_STA)) { 2615 /* read statistic counters (clear on read) and update AMRR state */ 2616 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2617 sizeof sta); 2618 if (error != 0) 2619 goto fail; 2620 2621 /* count failed TX as errors */ 2622 ifp->if_oerrors += le16toh(sta[0].error.fail); 2623 2624 retrycnt = le16toh(sta[1].tx.retry); 2625 success = le16toh(sta[1].tx.success); 2626 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2627 2628 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2629 retrycnt, success, le16toh(sta[0].error.fail)); 2630 } else { 2631 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2632 2633 if (wstat == &(sc->wcid_stats[0]) || 2634 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2635 goto fail; 2636 2637 txcnt = (*wstat)[RUN_TXCNT]; 2638 success = (*wstat)[RUN_SUCCESS]; 2639 retrycnt = (*wstat)[RUN_RETRY]; 2640 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2641 retrycnt, txcnt, success); 2642 2643 memset(wstat, 0, sizeof(*wstat)); 2644 } 2645 2646 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2647 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2648 2649 fail: 2650 RUN_UNLOCK(sc); 2651 2652 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2653 } 2654 2655 static void 2656 run_newassoc_cb(void *arg) 2657 { 2658 struct run_cmdq *cmdq = arg; 2659 struct ieee80211_node *ni = cmdq->arg1; 2660 struct run_softc *sc = ni->ni_vap->iv_ic->ic_ifp->if_softc; 2661 uint8_t wcid = cmdq->wcid; 2662 2663 RUN_LOCK_ASSERT(sc, MA_OWNED); 2664 2665 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2666 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2667 2668 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2669 } 2670 2671 static void 2672 run_newassoc(struct ieee80211_node *ni, int isnew) 2673 { 2674 struct run_node *rn = (void *)ni; 2675 struct ieee80211_rateset *rs = &ni->ni_rates; 2676 struct ieee80211vap *vap = ni->ni_vap; 2677 struct ieee80211com *ic = vap->iv_ic; 2678 struct run_softc *sc = ic->ic_ifp->if_softc; 2679 uint8_t rate; 2680 uint8_t ridx; 2681 uint8_t wcid; 2682 int i, j; 2683 2684 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2685 1 : RUN_AID2WCID(ni->ni_associd); 2686 2687 if (wcid > RT2870_WCID_MAX) { 2688 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2689 return; 2690 } 2691 2692 /* only interested in true associations */ 2693 if (isnew && ni->ni_associd != 0) { 2694 2695 /* 2696 * This function could is called though timeout function. 2697 * Need to defer. 2698 */ 2699 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2700 DPRINTF("cmdq_store=%d\n", cnt); 2701 sc->cmdq[cnt].func = run_newassoc_cb; 2702 sc->cmdq[cnt].arg0 = NULL; 2703 sc->cmdq[cnt].arg1 = ni; 2704 sc->cmdq[cnt].wcid = wcid; 2705 ieee80211_runtask(ic, &sc->cmdq_task); 2706 } 2707 2708 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2709 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr)); 2710 2711 for (i = 0; i < rs->rs_nrates; i++) { 2712 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2713 /* convert 802.11 rate to hardware rate index */ 2714 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2715 if (rt2860_rates[ridx].rate == rate) 2716 break; 2717 rn->ridx[i] = ridx; 2718 /* determine rate of control response frames */ 2719 for (j = i; j >= 0; j--) { 2720 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2721 rt2860_rates[rn->ridx[i]].phy == 2722 rt2860_rates[rn->ridx[j]].phy) 2723 break; 2724 } 2725 if (j >= 0) { 2726 rn->ctl_ridx[i] = rn->ridx[j]; 2727 } else { 2728 /* no basic rate found, use mandatory one */ 2729 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2730 } 2731 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2732 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2733 } 2734 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2735 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2736 if (rt2860_rates[ridx].rate == rate) 2737 break; 2738 rn->mgt_ridx = ridx; 2739 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2740 2741 RUN_LOCK(sc); 2742 if(sc->ratectl_run != RUN_RATECTL_OFF) 2743 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2744 RUN_UNLOCK(sc); 2745 } 2746 2747 /* 2748 * Return the Rx chain with the highest RSSI for a given frame. 2749 */ 2750 static __inline uint8_t 2751 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2752 { 2753 uint8_t rxchain = 0; 2754 2755 if (sc->nrxchains > 1) { 2756 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2757 rxchain = 1; 2758 if (sc->nrxchains > 2) 2759 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2760 rxchain = 2; 2761 } 2762 return (rxchain); 2763 } 2764 2765 static void 2766 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2767 { 2768 struct ifnet *ifp = sc->sc_ifp; 2769 struct ieee80211com *ic = ifp->if_l2com; 2770 struct ieee80211_frame *wh; 2771 struct ieee80211_node *ni; 2772 struct rt2870_rxd *rxd; 2773 struct rt2860_rxwi *rxwi; 2774 uint32_t flags; 2775 uint16_t len, rxwisize; 2776 uint8_t ant, rssi; 2777 int8_t nf; 2778 2779 rxwi = mtod(m, struct rt2860_rxwi *); 2780 len = le16toh(rxwi->len) & 0xfff; 2781 rxwisize = sizeof(struct rt2860_rxwi); 2782 if (sc->mac_ver == 0x5592) 2783 rxwisize += sizeof(uint64_t); 2784 else if (sc->mac_ver == 0x3593) 2785 rxwisize += sizeof(uint32_t); 2786 if (__predict_false(len > dmalen)) { 2787 m_freem(m); 2788 ifp->if_ierrors++; 2789 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2790 return; 2791 } 2792 /* Rx descriptor is located at the end */ 2793 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2794 flags = le32toh(rxd->flags); 2795 2796 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2797 m_freem(m); 2798 ifp->if_ierrors++; 2799 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2800 return; 2801 } 2802 2803 m->m_data += rxwisize; 2804 m->m_pkthdr.len = m->m_len -= rxwisize; 2805 2806 wh = mtod(m, struct ieee80211_frame *); 2807 2808 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2809 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2810 m->m_flags |= M_WEP; 2811 } 2812 2813 if (flags & RT2860_RX_L2PAD) { 2814 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2815 len += 2; 2816 } 2817 2818 ni = ieee80211_find_rxnode(ic, 2819 mtod(m, struct ieee80211_frame_min *)); 2820 2821 if (__predict_false(flags & RT2860_RX_MICERR)) { 2822 /* report MIC failures to net80211 for TKIP */ 2823 if (ni != NULL) 2824 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2825 rxwi->keyidx); 2826 m_freem(m); 2827 ifp->if_ierrors++; 2828 DPRINTF("MIC error. Someone is lying.\n"); 2829 return; 2830 } 2831 2832 ant = run_maxrssi_chain(sc, rxwi); 2833 rssi = rxwi->rssi[ant]; 2834 nf = run_rssi2dbm(sc, rssi, ant); 2835 2836 m->m_pkthdr.rcvif = ifp; 2837 m->m_pkthdr.len = m->m_len = len; 2838 2839 if (ni != NULL) { 2840 (void)ieee80211_input(ni, m, rssi, nf); 2841 ieee80211_free_node(ni); 2842 } else { 2843 (void)ieee80211_input_all(ic, m, rssi, nf); 2844 } 2845 2846 if (__predict_false(ieee80211_radiotap_active(ic))) { 2847 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2848 uint16_t phy; 2849 2850 tap->wr_flags = 0; 2851 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2852 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2853 tap->wr_antsignal = rssi; 2854 tap->wr_antenna = ant; 2855 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2856 tap->wr_rate = 2; /* in case it can't be found below */ 2857 phy = le16toh(rxwi->phy); 2858 switch (phy & RT2860_PHY_MODE) { 2859 case RT2860_PHY_CCK: 2860 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2861 case 0: tap->wr_rate = 2; break; 2862 case 1: tap->wr_rate = 4; break; 2863 case 2: tap->wr_rate = 11; break; 2864 case 3: tap->wr_rate = 22; break; 2865 } 2866 if (phy & RT2860_PHY_SHPRE) 2867 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2868 break; 2869 case RT2860_PHY_OFDM: 2870 switch (phy & RT2860_PHY_MCS) { 2871 case 0: tap->wr_rate = 12; break; 2872 case 1: tap->wr_rate = 18; break; 2873 case 2: tap->wr_rate = 24; break; 2874 case 3: tap->wr_rate = 36; break; 2875 case 4: tap->wr_rate = 48; break; 2876 case 5: tap->wr_rate = 72; break; 2877 case 6: tap->wr_rate = 96; break; 2878 case 7: tap->wr_rate = 108; break; 2879 } 2880 break; 2881 } 2882 } 2883 } 2884 2885 static void 2886 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2887 { 2888 struct run_softc *sc = usbd_xfer_softc(xfer); 2889 struct ifnet *ifp = sc->sc_ifp; 2890 struct mbuf *m = NULL; 2891 struct mbuf *m0; 2892 uint32_t dmalen; 2893 uint16_t rxwisize; 2894 int xferlen; 2895 2896 rxwisize = sizeof(struct rt2860_rxwi); 2897 if (sc->mac_ver == 0x5592) 2898 rxwisize += sizeof(uint64_t); 2899 else if (sc->mac_ver == 0x3593) 2900 rxwisize += sizeof(uint32_t); 2901 2902 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2903 2904 switch (USB_GET_STATE(xfer)) { 2905 case USB_ST_TRANSFERRED: 2906 2907 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2908 2909 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2910 sizeof(struct rt2870_rxd))) { 2911 DPRINTF("xfer too short %d\n", xferlen); 2912 goto tr_setup; 2913 } 2914 2915 m = sc->rx_m; 2916 sc->rx_m = NULL; 2917 2918 /* FALLTHROUGH */ 2919 case USB_ST_SETUP: 2920 tr_setup: 2921 if (sc->rx_m == NULL) { 2922 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2923 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2924 } 2925 if (sc->rx_m == NULL) { 2926 DPRINTF("could not allocate mbuf - idle with stall\n"); 2927 ifp->if_ierrors++; 2928 usbd_xfer_set_stall(xfer); 2929 usbd_xfer_set_frames(xfer, 0); 2930 } else { 2931 /* 2932 * Directly loading a mbuf cluster into DMA to 2933 * save some data copying. This works because 2934 * there is only one cluster. 2935 */ 2936 usbd_xfer_set_frame_data(xfer, 0, 2937 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2938 usbd_xfer_set_frames(xfer, 1); 2939 } 2940 usbd_transfer_submit(xfer); 2941 break; 2942 2943 default: /* Error */ 2944 if (error != USB_ERR_CANCELLED) { 2945 /* try to clear stall first */ 2946 usbd_xfer_set_stall(xfer); 2947 2948 if (error == USB_ERR_TIMEOUT) 2949 device_printf(sc->sc_dev, "device timeout\n"); 2950 2951 ifp->if_ierrors++; 2952 2953 goto tr_setup; 2954 } 2955 if (sc->rx_m != NULL) { 2956 m_freem(sc->rx_m); 2957 sc->rx_m = NULL; 2958 } 2959 break; 2960 } 2961 2962 if (m == NULL) 2963 return; 2964 2965 /* inputting all the frames must be last */ 2966 2967 RUN_UNLOCK(sc); 2968 2969 m->m_pkthdr.len = m->m_len = xferlen; 2970 2971 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2972 for(;;) { 2973 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2974 2975 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2976 ((dmalen & 3) != 0)) { 2977 DPRINTF("bad DMA length %u\n", dmalen); 2978 break; 2979 } 2980 if ((dmalen + 8) > (uint32_t)xferlen) { 2981 DPRINTF("bad DMA length %u > %d\n", 2982 dmalen + 8, xferlen); 2983 break; 2984 } 2985 2986 /* If it is the last one or a single frame, we won't copy. */ 2987 if ((xferlen -= dmalen + 8) <= 8) { 2988 /* trim 32-bit DMA-len header */ 2989 m->m_data += 4; 2990 m->m_pkthdr.len = m->m_len -= 4; 2991 run_rx_frame(sc, m, dmalen); 2992 m = NULL; /* don't free source buffer */ 2993 break; 2994 } 2995 2996 /* copy aggregated frames to another mbuf */ 2997 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 2998 if (__predict_false(m0 == NULL)) { 2999 DPRINTF("could not allocate mbuf\n"); 3000 ifp->if_ierrors++; 3001 break; 3002 } 3003 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 3004 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 3005 m0->m_pkthdr.len = m0->m_len = 3006 dmalen + sizeof(struct rt2870_rxd); 3007 run_rx_frame(sc, m0, dmalen); 3008 3009 /* update data ptr */ 3010 m->m_data += dmalen + 8; 3011 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3012 } 3013 3014 /* make sure we free the source buffer, if any */ 3015 m_freem(m); 3016 3017 RUN_LOCK(sc); 3018 } 3019 3020 static void 3021 run_tx_free(struct run_endpoint_queue *pq, 3022 struct run_tx_data *data, int txerr) 3023 { 3024 if (data->m != NULL) { 3025 if (data->m->m_flags & M_TXCB) 3026 ieee80211_process_callback(data->ni, data->m, 3027 txerr ? ETIMEDOUT : 0); 3028 m_freem(data->m); 3029 data->m = NULL; 3030 3031 if (data->ni == NULL) { 3032 DPRINTF("no node\n"); 3033 } else { 3034 ieee80211_free_node(data->ni); 3035 data->ni = NULL; 3036 } 3037 } 3038 3039 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3040 pq->tx_nfree++; 3041 } 3042 3043 static void 3044 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3045 { 3046 struct run_softc *sc = usbd_xfer_softc(xfer); 3047 struct ifnet *ifp = sc->sc_ifp; 3048 struct ieee80211com *ic = ifp->if_l2com; 3049 struct run_tx_data *data; 3050 struct ieee80211vap *vap = NULL; 3051 struct usb_page_cache *pc; 3052 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3053 struct mbuf *m; 3054 usb_frlength_t size; 3055 int actlen; 3056 int sumlen; 3057 3058 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3059 3060 switch (USB_GET_STATE(xfer)) { 3061 case USB_ST_TRANSFERRED: 3062 DPRINTFN(11, "transfer complete: %d " 3063 "bytes @ index %d\n", actlen, index); 3064 3065 data = usbd_xfer_get_priv(xfer); 3066 3067 run_tx_free(pq, data, 0); 3068 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3069 3070 usbd_xfer_set_priv(xfer, NULL); 3071 3072 ifp->if_opackets++; 3073 3074 /* FALLTHROUGH */ 3075 case USB_ST_SETUP: 3076 tr_setup: 3077 data = STAILQ_FIRST(&pq->tx_qh); 3078 if (data == NULL) 3079 break; 3080 3081 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3082 3083 m = data->m; 3084 size = (sc->mac_ver == 0x5592) ? 3085 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3086 if ((m->m_pkthdr.len + 3087 size + 3 + 8) > RUN_MAX_TXSZ) { 3088 DPRINTF("data overflow, %u bytes\n", 3089 m->m_pkthdr.len); 3090 3091 ifp->if_oerrors++; 3092 3093 run_tx_free(pq, data, 1); 3094 3095 goto tr_setup; 3096 } 3097 3098 pc = usbd_xfer_get_frame(xfer, 0); 3099 usbd_copy_in(pc, 0, &data->desc, size); 3100 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3101 size += m->m_pkthdr.len; 3102 /* 3103 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3104 * 4-byte padding), and be sure to zero those trailing 3105 * bytes: 3106 */ 3107 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3108 size += ((-size) & 3) + 8; 3109 3110 vap = data->ni->ni_vap; 3111 if (ieee80211_radiotap_active_vap(vap)) { 3112 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3113 struct rt2860_txwi *txwi = 3114 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3115 tap->wt_flags = 0; 3116 tap->wt_rate = rt2860_rates[data->ridx].rate; 3117 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3118 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3119 tap->wt_hwqueue = index; 3120 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3121 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3122 3123 ieee80211_radiotap_tx(vap, m); 3124 } 3125 3126 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3127 m->m_pkthdr.len, size, index); 3128 3129 usbd_xfer_set_frame_len(xfer, 0, size); 3130 usbd_xfer_set_priv(xfer, data); 3131 3132 usbd_transfer_submit(xfer); 3133 3134 RUN_UNLOCK(sc); 3135 run_start(ifp); 3136 RUN_LOCK(sc); 3137 3138 break; 3139 3140 default: 3141 DPRINTF("USB transfer error, %s\n", 3142 usbd_errstr(error)); 3143 3144 data = usbd_xfer_get_priv(xfer); 3145 3146 ifp->if_oerrors++; 3147 3148 if (data != NULL) { 3149 if(data->ni != NULL) 3150 vap = data->ni->ni_vap; 3151 run_tx_free(pq, data, error); 3152 usbd_xfer_set_priv(xfer, NULL); 3153 } 3154 if (vap == NULL) 3155 vap = TAILQ_FIRST(&ic->ic_vaps); 3156 3157 if (error != USB_ERR_CANCELLED) { 3158 if (error == USB_ERR_TIMEOUT) { 3159 device_printf(sc->sc_dev, "device timeout\n"); 3160 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3161 DPRINTF("cmdq_store=%d\n", i); 3162 sc->cmdq[i].func = run_usb_timeout_cb; 3163 sc->cmdq[i].arg0 = vap; 3164 ieee80211_runtask(ic, &sc->cmdq_task); 3165 } 3166 3167 /* 3168 * Try to clear stall first, also if other 3169 * errors occur, hence clearing stall 3170 * introduces a 50 ms delay: 3171 */ 3172 usbd_xfer_set_stall(xfer); 3173 goto tr_setup; 3174 } 3175 break; 3176 } 3177 } 3178 3179 static void 3180 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3181 { 3182 run_bulk_tx_callbackN(xfer, error, 0); 3183 } 3184 3185 static void 3186 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3187 { 3188 run_bulk_tx_callbackN(xfer, error, 1); 3189 } 3190 3191 static void 3192 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3193 { 3194 run_bulk_tx_callbackN(xfer, error, 2); 3195 } 3196 3197 static void 3198 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3199 { 3200 run_bulk_tx_callbackN(xfer, error, 3); 3201 } 3202 3203 static void 3204 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3205 { 3206 run_bulk_tx_callbackN(xfer, error, 4); 3207 } 3208 3209 static void 3210 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3211 { 3212 run_bulk_tx_callbackN(xfer, error, 5); 3213 } 3214 3215 static void 3216 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3217 { 3218 struct mbuf *m = data->m; 3219 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3220 struct ieee80211vap *vap = data->ni->ni_vap; 3221 struct ieee80211_frame *wh; 3222 struct rt2870_txd *txd; 3223 struct rt2860_txwi *txwi; 3224 uint16_t xferlen, txwisize; 3225 uint16_t mcs; 3226 uint8_t ridx = data->ridx; 3227 uint8_t pad; 3228 3229 /* get MCS code from rate index */ 3230 mcs = rt2860_rates[ridx].mcs; 3231 3232 txwisize = (sc->mac_ver == 0x5592) ? 3233 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3234 xferlen = txwisize + m->m_pkthdr.len; 3235 3236 /* roundup to 32-bit alignment */ 3237 xferlen = (xferlen + 3) & ~3; 3238 3239 txd = (struct rt2870_txd *)&data->desc; 3240 txd->len = htole16(xferlen); 3241 3242 wh = mtod(m, struct ieee80211_frame *); 3243 3244 /* 3245 * Ether both are true or both are false, the header 3246 * are nicely aligned to 32-bit. So, no L2 padding. 3247 */ 3248 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3249 pad = 0; 3250 else 3251 pad = 2; 3252 3253 /* setup TX Wireless Information */ 3254 txwi = (struct rt2860_txwi *)(txd + 1); 3255 txwi->len = htole16(m->m_pkthdr.len - pad); 3256 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3257 mcs |= RT2860_PHY_CCK; 3258 if (ridx != RT2860_RIDX_CCK1 && 3259 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3260 mcs |= RT2860_PHY_SHPRE; 3261 } else 3262 mcs |= RT2860_PHY_OFDM; 3263 txwi->phy = htole16(mcs); 3264 3265 /* check if RTS/CTS or CTS-to-self protection is required */ 3266 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3267 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3268 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3269 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3270 txwi->txop |= RT2860_TX_TXOP_HT; 3271 else 3272 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3273 3274 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3275 txwi->xflags |= RT2860_TX_NSEQ; 3276 } 3277 3278 /* This function must be called locked */ 3279 static int 3280 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3281 { 3282 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3283 struct ieee80211vap *vap = ni->ni_vap; 3284 struct ieee80211_frame *wh; 3285 struct ieee80211_channel *chan; 3286 const struct ieee80211_txparam *tp; 3287 struct run_node *rn = (void *)ni; 3288 struct run_tx_data *data; 3289 struct rt2870_txd *txd; 3290 struct rt2860_txwi *txwi; 3291 uint16_t qos; 3292 uint16_t dur; 3293 uint16_t qid; 3294 uint8_t type; 3295 uint8_t tid; 3296 uint8_t ridx; 3297 uint8_t ctl_ridx; 3298 uint8_t qflags; 3299 uint8_t xflags = 0; 3300 int hasqos; 3301 3302 RUN_LOCK_ASSERT(sc, MA_OWNED); 3303 3304 wh = mtod(m, struct ieee80211_frame *); 3305 3306 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3307 3308 /* 3309 * There are 7 bulk endpoints: 1 for RX 3310 * and 6 for TX (4 EDCAs + HCCA + Prio). 3311 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3312 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3313 */ 3314 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3315 uint8_t *frm; 3316 3317 if(IEEE80211_HAS_ADDR4(wh)) 3318 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3319 else 3320 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3321 3322 qos = le16toh(*(const uint16_t *)frm); 3323 tid = qos & IEEE80211_QOS_TID; 3324 qid = TID_TO_WME_AC(tid); 3325 } else { 3326 qos = 0; 3327 tid = 0; 3328 qid = WME_AC_BE; 3329 } 3330 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3331 3332 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3333 qos, qid, tid, qflags); 3334 3335 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3336 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3337 3338 /* pickup a rate index */ 3339 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3340 type != IEEE80211_FC0_TYPE_DATA || m->m_flags & M_EAPOL) { 3341 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3342 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3343 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3344 } else { 3345 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3346 ridx = rn->fix_ridx; 3347 else 3348 ridx = rn->amrr_ridx; 3349 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3350 } 3351 3352 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3353 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3354 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3355 xflags |= RT2860_TX_ACK; 3356 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3357 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3358 else 3359 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3360 USETW(wh->i_dur, dur); 3361 } 3362 3363 /* reserve slots for mgmt packets, just in case */ 3364 if (sc->sc_epq[qid].tx_nfree < 3) { 3365 DPRINTFN(10, "tx ring %d is full\n", qid); 3366 return (-1); 3367 } 3368 3369 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3370 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3371 sc->sc_epq[qid].tx_nfree--; 3372 3373 txd = (struct rt2870_txd *)&data->desc; 3374 txd->flags = qflags; 3375 txwi = (struct rt2860_txwi *)(txd + 1); 3376 txwi->xflags = xflags; 3377 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3378 txwi->wcid = 0; 3379 else 3380 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3381 1 : RUN_AID2WCID(ni->ni_associd); 3382 3383 /* clear leftover garbage bits */ 3384 txwi->flags = 0; 3385 txwi->txop = 0; 3386 3387 data->m = m; 3388 data->ni = ni; 3389 data->ridx = ridx; 3390 3391 run_set_tx_desc(sc, data); 3392 3393 /* 3394 * The chip keeps track of 2 kind of Tx stats, 3395 * * TX_STAT_FIFO, for per WCID stats, and 3396 * * TX_STA_CNT0 for all-TX-in-one stats. 3397 * 3398 * To use FIFO stats, we need to store MCS into the driver-private 3399 * PacketID field. So that, we can tell whose stats when we read them. 3400 * We add 1 to the MCS because setting the PacketID field to 0 means 3401 * that we don't want feedback in TX_STAT_FIFO. 3402 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3403 * 3404 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3405 */ 3406 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3407 vap->iv_opmode == IEEE80211_M_MBSS) { 3408 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3409 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3410 3411 /* 3412 * Unlike PCI based devices, we don't get any interrupt from 3413 * USB devices, so we simulate FIFO-is-full interrupt here. 3414 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3415 * quickly get fulled. To prevent overflow, increment a counter on 3416 * every FIFO stat request, so we know how many slots are left. 3417 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3418 * are used only in those modes. 3419 * We just drain stats. AMRR gets updated every 1 sec by 3420 * run_ratectl_cb() via callout. 3421 * Call it early. Otherwise overflow. 3422 */ 3423 if (sc->fifo_cnt++ == 10) { 3424 /* 3425 * With multiple vaps or if_bridge, if_start() is called 3426 * with a non-sleepable lock, tcpinp. So, need to defer. 3427 */ 3428 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3429 DPRINTFN(6, "cmdq_store=%d\n", i); 3430 sc->cmdq[i].func = run_drain_fifo; 3431 sc->cmdq[i].arg0 = sc; 3432 ieee80211_runtask(ic, &sc->cmdq_task); 3433 } 3434 } 3435 3436 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3437 3438 usbd_transfer_start(sc->sc_xfer[qid]); 3439 3440 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3441 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3442 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3443 3444 return (0); 3445 } 3446 3447 static int 3448 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3449 { 3450 struct ifnet *ifp = sc->sc_ifp; 3451 struct ieee80211com *ic = ifp->if_l2com; 3452 struct run_node *rn = (void *)ni; 3453 struct run_tx_data *data; 3454 struct ieee80211_frame *wh; 3455 struct rt2870_txd *txd; 3456 struct rt2860_txwi *txwi; 3457 uint16_t dur; 3458 uint8_t ridx = rn->mgt_ridx; 3459 uint8_t type; 3460 uint8_t xflags = 0; 3461 uint8_t wflags = 0; 3462 3463 RUN_LOCK_ASSERT(sc, MA_OWNED); 3464 3465 wh = mtod(m, struct ieee80211_frame *); 3466 3467 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3468 3469 /* tell hardware to add timestamp for probe responses */ 3470 if ((wh->i_fc[0] & 3471 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3472 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3473 wflags |= RT2860_TX_TS; 3474 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3475 xflags |= RT2860_TX_ACK; 3476 3477 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3478 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3479 USETW(wh->i_dur, dur); 3480 } 3481 3482 if (sc->sc_epq[0].tx_nfree == 0) { 3483 /* let caller free mbuf */ 3484 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3485 return (EIO); 3486 } 3487 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3488 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3489 sc->sc_epq[0].tx_nfree--; 3490 3491 txd = (struct rt2870_txd *)&data->desc; 3492 txd->flags = RT2860_TX_QSEL_EDCA; 3493 txwi = (struct rt2860_txwi *)(txd + 1); 3494 txwi->wcid = 0xff; 3495 txwi->flags = wflags; 3496 txwi->xflags = xflags; 3497 txwi->txop = 0; /* clear leftover garbage bits */ 3498 3499 data->m = m; 3500 data->ni = ni; 3501 data->ridx = ridx; 3502 3503 run_set_tx_desc(sc, data); 3504 3505 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3506 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3507 rt2860_rates[ridx].rate); 3508 3509 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3510 3511 usbd_transfer_start(sc->sc_xfer[0]); 3512 3513 return (0); 3514 } 3515 3516 static int 3517 run_sendprot(struct run_softc *sc, 3518 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3519 { 3520 struct ieee80211com *ic = ni->ni_ic; 3521 struct ieee80211_frame *wh; 3522 struct run_tx_data *data; 3523 struct rt2870_txd *txd; 3524 struct rt2860_txwi *txwi; 3525 struct mbuf *mprot; 3526 int ridx; 3527 int protrate; 3528 int ackrate; 3529 int pktlen; 3530 int isshort; 3531 uint16_t dur; 3532 uint8_t type; 3533 uint8_t wflags = 0; 3534 uint8_t xflags = 0; 3535 3536 RUN_LOCK_ASSERT(sc, MA_OWNED); 3537 3538 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3539 ("protection %d", prot)); 3540 3541 wh = mtod(m, struct ieee80211_frame *); 3542 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3543 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3544 3545 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3546 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3547 3548 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3549 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3550 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3551 wflags = RT2860_TX_FRAG; 3552 3553 /* check that there are free slots before allocating the mbuf */ 3554 if (sc->sc_epq[0].tx_nfree == 0) { 3555 /* let caller free mbuf */ 3556 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3557 return (ENOBUFS); 3558 } 3559 3560 if (prot == IEEE80211_PROT_RTSCTS) { 3561 /* NB: CTS is the same size as an ACK */ 3562 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3563 xflags |= RT2860_TX_ACK; 3564 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3565 } else { 3566 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3567 } 3568 if (mprot == NULL) { 3569 sc->sc_ifp->if_oerrors++; 3570 DPRINTF("could not allocate mbuf\n"); 3571 return (ENOBUFS); 3572 } 3573 3574 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3575 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3576 sc->sc_epq[0].tx_nfree--; 3577 3578 txd = (struct rt2870_txd *)&data->desc; 3579 txd->flags = RT2860_TX_QSEL_EDCA; 3580 txwi = (struct rt2860_txwi *)(txd + 1); 3581 txwi->wcid = 0xff; 3582 txwi->flags = wflags; 3583 txwi->xflags = xflags; 3584 txwi->txop = 0; /* clear leftover garbage bits */ 3585 3586 data->m = mprot; 3587 data->ni = ieee80211_ref_node(ni); 3588 3589 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3590 if (rt2860_rates[ridx].rate == protrate) 3591 break; 3592 data->ridx = ridx; 3593 3594 run_set_tx_desc(sc, data); 3595 3596 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3597 m->m_pkthdr.len, rate); 3598 3599 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3600 3601 usbd_transfer_start(sc->sc_xfer[0]); 3602 3603 return (0); 3604 } 3605 3606 static int 3607 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3608 const struct ieee80211_bpf_params *params) 3609 { 3610 struct ieee80211com *ic = ni->ni_ic; 3611 struct ieee80211_frame *wh; 3612 struct run_tx_data *data; 3613 struct rt2870_txd *txd; 3614 struct rt2860_txwi *txwi; 3615 uint8_t type; 3616 uint8_t ridx; 3617 uint8_t rate; 3618 uint8_t opflags = 0; 3619 uint8_t xflags = 0; 3620 int error; 3621 3622 RUN_LOCK_ASSERT(sc, MA_OWNED); 3623 3624 KASSERT(params != NULL, ("no raw xmit params")); 3625 3626 wh = mtod(m, struct ieee80211_frame *); 3627 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3628 3629 rate = params->ibp_rate0; 3630 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3631 /* let caller free mbuf */ 3632 return (EINVAL); 3633 } 3634 3635 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3636 xflags |= RT2860_TX_ACK; 3637 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3638 error = run_sendprot(sc, m, ni, 3639 params->ibp_flags & IEEE80211_BPF_RTS ? 3640 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3641 rate); 3642 if (error) { 3643 /* let caller free mbuf */ 3644 return error; 3645 } 3646 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3647 } 3648 3649 if (sc->sc_epq[0].tx_nfree == 0) { 3650 /* let caller free mbuf */ 3651 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3652 DPRINTF("sending raw frame, but tx ring is full\n"); 3653 return (EIO); 3654 } 3655 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3656 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3657 sc->sc_epq[0].tx_nfree--; 3658 3659 txd = (struct rt2870_txd *)&data->desc; 3660 txd->flags = RT2860_TX_QSEL_EDCA; 3661 txwi = (struct rt2860_txwi *)(txd + 1); 3662 txwi->wcid = 0xff; 3663 txwi->xflags = xflags; 3664 txwi->txop = opflags; 3665 txwi->flags = 0; /* clear leftover garbage bits */ 3666 3667 data->m = m; 3668 data->ni = ni; 3669 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3670 if (rt2860_rates[ridx].rate == rate) 3671 break; 3672 data->ridx = ridx; 3673 3674 run_set_tx_desc(sc, data); 3675 3676 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3677 m->m_pkthdr.len, rate); 3678 3679 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3680 3681 usbd_transfer_start(sc->sc_xfer[0]); 3682 3683 return (0); 3684 } 3685 3686 static int 3687 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3688 const struct ieee80211_bpf_params *params) 3689 { 3690 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3691 struct run_softc *sc = ifp->if_softc; 3692 int error = 0; 3693 3694 RUN_LOCK(sc); 3695 3696 /* prevent management frames from being sent if we're not ready */ 3697 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3698 error = ENETDOWN; 3699 goto done; 3700 } 3701 3702 if (params == NULL) { 3703 /* tx mgt packet */ 3704 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3705 ifp->if_oerrors++; 3706 DPRINTF("mgt tx failed\n"); 3707 goto done; 3708 } 3709 } else { 3710 /* tx raw packet with param */ 3711 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3712 ifp->if_oerrors++; 3713 DPRINTF("tx with param failed\n"); 3714 goto done; 3715 } 3716 } 3717 3718 ifp->if_opackets++; 3719 3720 done: 3721 RUN_UNLOCK(sc); 3722 3723 if (error != 0) { 3724 if(m != NULL) 3725 m_freem(m); 3726 ieee80211_free_node(ni); 3727 } 3728 3729 return (error); 3730 } 3731 3732 static void 3733 run_start(struct ifnet *ifp) 3734 { 3735 struct run_softc *sc = ifp->if_softc; 3736 struct ieee80211_node *ni; 3737 struct mbuf *m; 3738 3739 RUN_LOCK(sc); 3740 3741 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 3742 RUN_UNLOCK(sc); 3743 return; 3744 } 3745 3746 for (;;) { 3747 /* send data frames */ 3748 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 3749 if (m == NULL) 3750 break; 3751 3752 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3753 if (run_tx(sc, m, ni) != 0) { 3754 IFQ_DRV_PREPEND(&ifp->if_snd, m); 3755 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3756 break; 3757 } 3758 } 3759 3760 RUN_UNLOCK(sc); 3761 } 3762 3763 static int 3764 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3765 { 3766 struct run_softc *sc = ifp->if_softc; 3767 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3768 struct ifreq *ifr = (struct ifreq *) data; 3769 int startall = 0; 3770 int error; 3771 3772 RUN_LOCK(sc); 3773 error = sc->sc_detached ? ENXIO : 0; 3774 RUN_UNLOCK(sc); 3775 if (error) 3776 return (error); 3777 3778 switch (cmd) { 3779 case SIOCSIFFLAGS: 3780 RUN_LOCK(sc); 3781 if (ifp->if_flags & IFF_UP) { 3782 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){ 3783 startall = 1; 3784 run_init_locked(sc); 3785 } else 3786 run_update_promisc_locked(ifp); 3787 } else { 3788 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 3789 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3790 run_stop(sc); 3791 } 3792 } 3793 RUN_UNLOCK(sc); 3794 if (startall) 3795 ieee80211_start_all(ic); 3796 break; 3797 case SIOCGIFMEDIA: 3798 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3799 break; 3800 case SIOCGIFADDR: 3801 error = ether_ioctl(ifp, cmd, data); 3802 break; 3803 default: 3804 error = EINVAL; 3805 break; 3806 } 3807 3808 return (error); 3809 } 3810 3811 static void 3812 run_iq_calib(struct run_softc *sc, u_int chan) 3813 { 3814 uint16_t val; 3815 3816 /* Tx0 IQ gain. */ 3817 run_bbp_write(sc, 158, 0x2c); 3818 if (chan <= 14) 3819 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3820 else if (chan <= 64) { 3821 run_efuse_read(sc, 3822 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3823 &val, 1); 3824 } else if (chan <= 138) { 3825 run_efuse_read(sc, 3826 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3827 &val, 1); 3828 } else if (chan <= 165) { 3829 run_efuse_read(sc, 3830 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3831 &val, 1); 3832 } else 3833 val = 0; 3834 run_bbp_write(sc, 159, val); 3835 3836 /* Tx0 IQ phase. */ 3837 run_bbp_write(sc, 158, 0x2d); 3838 if (chan <= 14) { 3839 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3840 &val, 1); 3841 } else if (chan <= 64) { 3842 run_efuse_read(sc, 3843 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3844 &val, 1); 3845 } else if (chan <= 138) { 3846 run_efuse_read(sc, 3847 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3848 &val, 1); 3849 } else if (chan <= 165) { 3850 run_efuse_read(sc, 3851 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3852 &val, 1); 3853 } else 3854 val = 0; 3855 run_bbp_write(sc, 159, val); 3856 3857 /* Tx1 IQ gain. */ 3858 run_bbp_write(sc, 158, 0x4a); 3859 if (chan <= 14) { 3860 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3861 &val, 1); 3862 } else if (chan <= 64) { 3863 run_efuse_read(sc, 3864 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3865 &val, 1); 3866 } else if (chan <= 138) { 3867 run_efuse_read(sc, 3868 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3869 &val, 1); 3870 } else if (chan <= 165) { 3871 run_efuse_read(sc, 3872 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3873 &val, 1); 3874 } else 3875 val = 0; 3876 run_bbp_write(sc, 159, val); 3877 3878 /* Tx1 IQ phase. */ 3879 run_bbp_write(sc, 158, 0x4b); 3880 if (chan <= 14) { 3881 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3882 &val, 1); 3883 } else if (chan <= 64) { 3884 run_efuse_read(sc, 3885 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3886 &val, 1); 3887 } else if (chan <= 138) { 3888 run_efuse_read(sc, 3889 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3890 &val, 1); 3891 } else if (chan <= 165) { 3892 run_efuse_read(sc, 3893 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3894 &val, 1); 3895 } else 3896 val = 0; 3897 run_bbp_write(sc, 159, val); 3898 3899 /* RF IQ compensation control. */ 3900 run_bbp_write(sc, 158, 0x04); 3901 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3902 &val, 1); 3903 run_bbp_write(sc, 159, val); 3904 3905 /* RF IQ imbalance compensation control. */ 3906 run_bbp_write(sc, 158, 0x03); 3907 run_efuse_read(sc, 3908 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3909 run_bbp_write(sc, 159, val); 3910 } 3911 3912 static void 3913 run_set_agc(struct run_softc *sc, uint8_t agc) 3914 { 3915 uint8_t bbp; 3916 3917 if (sc->mac_ver == 0x3572) { 3918 run_bbp_read(sc, 27, &bbp); 3919 bbp &= ~(0x3 << 5); 3920 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3921 run_bbp_write(sc, 66, agc); 3922 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3923 run_bbp_write(sc, 66, agc); 3924 } else 3925 run_bbp_write(sc, 66, agc); 3926 } 3927 3928 static void 3929 run_select_chan_group(struct run_softc *sc, int group) 3930 { 3931 uint32_t tmp; 3932 uint8_t agc; 3933 3934 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3935 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3936 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3937 if (sc->mac_ver < 0x3572) 3938 run_bbp_write(sc, 86, 0x00); 3939 3940 if (sc->mac_ver == 0x3593) { 3941 run_bbp_write(sc, 77, 0x98); 3942 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3943 } 3944 3945 if (group == 0) { 3946 if (sc->ext_2ghz_lna) { 3947 if (sc->mac_ver >= 0x5390) 3948 run_bbp_write(sc, 75, 0x52); 3949 else { 3950 run_bbp_write(sc, 82, 0x62); 3951 run_bbp_write(sc, 75, 0x46); 3952 } 3953 } else { 3954 if (sc->mac_ver == 0x5592) { 3955 run_bbp_write(sc, 79, 0x1c); 3956 run_bbp_write(sc, 80, 0x0e); 3957 run_bbp_write(sc, 81, 0x3a); 3958 run_bbp_write(sc, 82, 0x62); 3959 3960 run_bbp_write(sc, 195, 0x80); 3961 run_bbp_write(sc, 196, 0xe0); 3962 run_bbp_write(sc, 195, 0x81); 3963 run_bbp_write(sc, 196, 0x1f); 3964 run_bbp_write(sc, 195, 0x82); 3965 run_bbp_write(sc, 196, 0x38); 3966 run_bbp_write(sc, 195, 0x83); 3967 run_bbp_write(sc, 196, 0x32); 3968 run_bbp_write(sc, 195, 0x85); 3969 run_bbp_write(sc, 196, 0x28); 3970 run_bbp_write(sc, 195, 0x86); 3971 run_bbp_write(sc, 196, 0x19); 3972 } else if (sc->mac_ver >= 0x5390) 3973 run_bbp_write(sc, 75, 0x50); 3974 else { 3975 run_bbp_write(sc, 82, 3976 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3977 run_bbp_write(sc, 75, 0x50); 3978 } 3979 } 3980 } else { 3981 if (sc->mac_ver == 0x5592) { 3982 run_bbp_write(sc, 79, 0x18); 3983 run_bbp_write(sc, 80, 0x08); 3984 run_bbp_write(sc, 81, 0x38); 3985 run_bbp_write(sc, 82, 0x92); 3986 3987 run_bbp_write(sc, 195, 0x80); 3988 run_bbp_write(sc, 196, 0xf0); 3989 run_bbp_write(sc, 195, 0x81); 3990 run_bbp_write(sc, 196, 0x1e); 3991 run_bbp_write(sc, 195, 0x82); 3992 run_bbp_write(sc, 196, 0x28); 3993 run_bbp_write(sc, 195, 0x83); 3994 run_bbp_write(sc, 196, 0x20); 3995 run_bbp_write(sc, 195, 0x85); 3996 run_bbp_write(sc, 196, 0x7f); 3997 run_bbp_write(sc, 195, 0x86); 3998 run_bbp_write(sc, 196, 0x7f); 3999 } else if (sc->mac_ver == 0x3572) 4000 run_bbp_write(sc, 82, 0x94); 4001 else 4002 run_bbp_write(sc, 82, 4003 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 4004 if (sc->ext_5ghz_lna) 4005 run_bbp_write(sc, 75, 0x46); 4006 else 4007 run_bbp_write(sc, 75, 0x50); 4008 } 4009 4010 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 4011 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4012 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4013 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4014 4015 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4016 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4017 if (sc->mac_ver == 0x3593) 4018 tmp |= 1 << 29 | 1 << 28; 4019 if (sc->nrxchains > 1) 4020 tmp |= RT2860_LNA_PE1_EN; 4021 if (group == 0) { /* 2GHz */ 4022 tmp |= RT2860_PA_PE_G0_EN; 4023 if (sc->ntxchains > 1) 4024 tmp |= RT2860_PA_PE_G1_EN; 4025 if (sc->mac_ver == 0x3593) { 4026 if (sc->ntxchains > 2) 4027 tmp |= 1 << 25; 4028 } 4029 } else { /* 5GHz */ 4030 tmp |= RT2860_PA_PE_A0_EN; 4031 if (sc->ntxchains > 1) 4032 tmp |= RT2860_PA_PE_A1_EN; 4033 } 4034 if (sc->mac_ver == 0x3572) { 4035 run_rt3070_rf_write(sc, 8, 0x00); 4036 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4037 run_rt3070_rf_write(sc, 8, 0x80); 4038 } else 4039 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4040 4041 if (sc->mac_ver == 0x5592) { 4042 run_bbp_write(sc, 195, 0x8d); 4043 run_bbp_write(sc, 196, 0x1a); 4044 } 4045 4046 if (sc->mac_ver == 0x3593) { 4047 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4048 tmp &= ~0x01010000; 4049 if (group == 0) 4050 tmp |= 0x00010000; 4051 tmp = (tmp & ~0x00009090) | 0x00000090; 4052 run_write(sc, RT2860_GPIO_CTRL, tmp); 4053 } 4054 4055 /* set initial AGC value */ 4056 if (group == 0) { /* 2GHz band */ 4057 if (sc->mac_ver >= 0x3070) 4058 agc = 0x1c + sc->lna[0] * 2; 4059 else 4060 agc = 0x2e + sc->lna[0]; 4061 } else { /* 5GHz band */ 4062 if (sc->mac_ver == 0x5592) 4063 agc = 0x24 + sc->lna[group] * 2; 4064 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4065 agc = 0x22 + (sc->lna[group] * 5) / 3; 4066 else 4067 agc = 0x32 + (sc->lna[group] * 5) / 3; 4068 } 4069 run_set_agc(sc, agc); 4070 } 4071 4072 static void 4073 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4074 { 4075 const struct rfprog *rfprog = rt2860_rf2850; 4076 uint32_t r2, r3, r4; 4077 int8_t txpow1, txpow2; 4078 int i; 4079 4080 /* find the settings for this channel (we know it exists) */ 4081 for (i = 0; rfprog[i].chan != chan; i++); 4082 4083 r2 = rfprog[i].r2; 4084 if (sc->ntxchains == 1) 4085 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4086 if (sc->nrxchains == 1) 4087 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4088 else if (sc->nrxchains == 2) 4089 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4090 4091 /* use Tx power values from EEPROM */ 4092 txpow1 = sc->txpow1[i]; 4093 txpow2 = sc->txpow2[i]; 4094 4095 /* Initialize RF R3 and R4. */ 4096 r3 = rfprog[i].r3 & 0xffffc1ff; 4097 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4098 if (chan > 14) { 4099 if (txpow1 >= 0) { 4100 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4101 r3 |= (txpow1 << 10) | (1 << 9); 4102 } else { 4103 txpow1 += 7; 4104 4105 /* txpow1 is not possible larger than 15. */ 4106 r3 |= (txpow1 << 10); 4107 } 4108 if (txpow2 >= 0) { 4109 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4110 r4 |= (txpow2 << 7) | (1 << 6); 4111 } else { 4112 txpow2 += 7; 4113 r4 |= (txpow2 << 7); 4114 } 4115 } else { 4116 /* Set Tx0 power. */ 4117 r3 |= (txpow1 << 9); 4118 4119 /* Set frequency offset and Tx1 power. */ 4120 r4 |= (txpow2 << 6); 4121 } 4122 4123 run_rt2870_rf_write(sc, rfprog[i].r1); 4124 run_rt2870_rf_write(sc, r2); 4125 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4126 run_rt2870_rf_write(sc, r4); 4127 4128 run_delay(sc, 10); 4129 4130 run_rt2870_rf_write(sc, rfprog[i].r1); 4131 run_rt2870_rf_write(sc, r2); 4132 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4133 run_rt2870_rf_write(sc, r4); 4134 4135 run_delay(sc, 10); 4136 4137 run_rt2870_rf_write(sc, rfprog[i].r1); 4138 run_rt2870_rf_write(sc, r2); 4139 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4140 run_rt2870_rf_write(sc, r4); 4141 } 4142 4143 static void 4144 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4145 { 4146 int8_t txpow1, txpow2; 4147 uint8_t rf; 4148 int i; 4149 4150 /* find the settings for this channel (we know it exists) */ 4151 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4152 4153 /* use Tx power values from EEPROM */ 4154 txpow1 = sc->txpow1[i]; 4155 txpow2 = sc->txpow2[i]; 4156 4157 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4158 4159 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4160 run_rt3070_rf_read(sc, 3, &rf); 4161 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4162 run_rt3070_rf_write(sc, 3, rf); 4163 4164 run_rt3070_rf_read(sc, 6, &rf); 4165 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4166 run_rt3070_rf_write(sc, 6, rf); 4167 4168 /* set Tx0 power */ 4169 run_rt3070_rf_read(sc, 12, &rf); 4170 rf = (rf & ~0x1f) | txpow1; 4171 run_rt3070_rf_write(sc, 12, rf); 4172 4173 /* set Tx1 power */ 4174 run_rt3070_rf_read(sc, 13, &rf); 4175 rf = (rf & ~0x1f) | txpow2; 4176 run_rt3070_rf_write(sc, 13, rf); 4177 4178 run_rt3070_rf_read(sc, 1, &rf); 4179 rf &= ~0xfc; 4180 if (sc->ntxchains == 1) 4181 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4182 else if (sc->ntxchains == 2) 4183 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4184 if (sc->nrxchains == 1) 4185 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4186 else if (sc->nrxchains == 2) 4187 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4188 run_rt3070_rf_write(sc, 1, rf); 4189 4190 /* set RF offset */ 4191 run_rt3070_rf_read(sc, 23, &rf); 4192 rf = (rf & ~0x7f) | sc->freq; 4193 run_rt3070_rf_write(sc, 23, rf); 4194 4195 /* program RF filter */ 4196 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4197 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4198 run_rt3070_rf_write(sc, 24, rf); 4199 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4200 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4201 run_rt3070_rf_write(sc, 31, rf); 4202 4203 /* enable RF tuning */ 4204 run_rt3070_rf_read(sc, 7, &rf); 4205 run_rt3070_rf_write(sc, 7, rf | 0x01); 4206 } 4207 4208 static void 4209 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4210 { 4211 int8_t txpow1, txpow2; 4212 uint32_t tmp; 4213 uint8_t rf; 4214 int i; 4215 4216 /* find the settings for this channel (we know it exists) */ 4217 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4218 4219 /* use Tx power values from EEPROM */ 4220 txpow1 = sc->txpow1[i]; 4221 txpow2 = sc->txpow2[i]; 4222 4223 if (chan <= 14) { 4224 run_bbp_write(sc, 25, sc->bbp25); 4225 run_bbp_write(sc, 26, sc->bbp26); 4226 } else { 4227 /* enable IQ phase correction */ 4228 run_bbp_write(sc, 25, 0x09); 4229 run_bbp_write(sc, 26, 0xff); 4230 } 4231 4232 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4233 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4234 run_rt3070_rf_read(sc, 6, &rf); 4235 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4236 rf |= (chan <= 14) ? 0x08 : 0x04; 4237 run_rt3070_rf_write(sc, 6, rf); 4238 4239 /* set PLL mode */ 4240 run_rt3070_rf_read(sc, 5, &rf); 4241 rf &= ~(0x08 | 0x04); 4242 rf |= (chan <= 14) ? 0x04 : 0x08; 4243 run_rt3070_rf_write(sc, 5, rf); 4244 4245 /* set Tx power for chain 0 */ 4246 if (chan <= 14) 4247 rf = 0x60 | txpow1; 4248 else 4249 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4250 run_rt3070_rf_write(sc, 12, rf); 4251 4252 /* set Tx power for chain 1 */ 4253 if (chan <= 14) 4254 rf = 0x60 | txpow2; 4255 else 4256 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4257 run_rt3070_rf_write(sc, 13, rf); 4258 4259 /* set Tx/Rx streams */ 4260 run_rt3070_rf_read(sc, 1, &rf); 4261 rf &= ~0xfc; 4262 if (sc->ntxchains == 1) 4263 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4264 else if (sc->ntxchains == 2) 4265 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4266 if (sc->nrxchains == 1) 4267 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4268 else if (sc->nrxchains == 2) 4269 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4270 run_rt3070_rf_write(sc, 1, rf); 4271 4272 /* set RF offset */ 4273 run_rt3070_rf_read(sc, 23, &rf); 4274 rf = (rf & ~0x7f) | sc->freq; 4275 run_rt3070_rf_write(sc, 23, rf); 4276 4277 /* program RF filter */ 4278 rf = sc->rf24_20mhz; 4279 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4280 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4281 4282 /* enable RF tuning */ 4283 run_rt3070_rf_read(sc, 7, &rf); 4284 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4285 run_rt3070_rf_write(sc, 7, rf); 4286 4287 /* TSSI */ 4288 rf = (chan <= 14) ? 0xc3 : 0xc0; 4289 run_rt3070_rf_write(sc, 9, rf); 4290 4291 /* set loop filter 1 */ 4292 run_rt3070_rf_write(sc, 10, 0xf1); 4293 /* set loop filter 2 */ 4294 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4295 4296 /* set tx_mx2_ic */ 4297 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4298 /* set tx_mx1_ic */ 4299 if (chan <= 14) 4300 rf = 0x48 | sc->txmixgain_2ghz; 4301 else 4302 rf = 0x78 | sc->txmixgain_5ghz; 4303 run_rt3070_rf_write(sc, 16, rf); 4304 4305 /* set tx_lo1 */ 4306 run_rt3070_rf_write(sc, 17, 0x23); 4307 /* set tx_lo2 */ 4308 if (chan <= 14) 4309 rf = 0x93; 4310 else if (chan <= 64) 4311 rf = 0xb7; 4312 else if (chan <= 128) 4313 rf = 0x74; 4314 else 4315 rf = 0x72; 4316 run_rt3070_rf_write(sc, 19, rf); 4317 4318 /* set rx_lo1 */ 4319 if (chan <= 14) 4320 rf = 0xb3; 4321 else if (chan <= 64) 4322 rf = 0xf6; 4323 else if (chan <= 128) 4324 rf = 0xf4; 4325 else 4326 rf = 0xf3; 4327 run_rt3070_rf_write(sc, 20, rf); 4328 4329 /* set pfd_delay */ 4330 if (chan <= 14) 4331 rf = 0x15; 4332 else if (chan <= 64) 4333 rf = 0x3d; 4334 else 4335 rf = 0x01; 4336 run_rt3070_rf_write(sc, 25, rf); 4337 4338 /* set rx_lo2 */ 4339 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4340 /* set ldo_rf_vc */ 4341 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4342 /* set drv_cc */ 4343 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4344 4345 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4346 tmp &= ~0x8080; 4347 if (chan <= 14) 4348 tmp |= 0x80; 4349 run_write(sc, RT2860_GPIO_CTRL, tmp); 4350 4351 /* enable RF tuning */ 4352 run_rt3070_rf_read(sc, 7, &rf); 4353 run_rt3070_rf_write(sc, 7, rf | 0x01); 4354 4355 run_delay(sc, 2); 4356 } 4357 4358 static void 4359 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4360 { 4361 int8_t txpow1, txpow2, txpow3; 4362 uint8_t h20mhz, rf; 4363 int i; 4364 4365 /* find the settings for this channel (we know it exists) */ 4366 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4367 4368 /* use Tx power values from EEPROM */ 4369 txpow1 = sc->txpow1[i]; 4370 txpow2 = sc->txpow2[i]; 4371 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4372 4373 if (chan <= 14) { 4374 run_bbp_write(sc, 25, sc->bbp25); 4375 run_bbp_write(sc, 26, sc->bbp26); 4376 } else { 4377 /* Enable IQ phase correction. */ 4378 run_bbp_write(sc, 25, 0x09); 4379 run_bbp_write(sc, 26, 0xff); 4380 } 4381 4382 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4383 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4384 run_rt3070_rf_read(sc, 11, &rf); 4385 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4386 run_rt3070_rf_write(sc, 11, rf); 4387 4388 /* Set pll_idoh. */ 4389 run_rt3070_rf_read(sc, 11, &rf); 4390 rf &= ~0x4c; 4391 rf |= (chan <= 14) ? 0x44 : 0x48; 4392 run_rt3070_rf_write(sc, 11, rf); 4393 4394 if (chan <= 14) 4395 rf = txpow1 & 0x1f; 4396 else 4397 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4398 run_rt3070_rf_write(sc, 53, rf); 4399 4400 if (chan <= 14) 4401 rf = txpow2 & 0x1f; 4402 else 4403 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4404 run_rt3070_rf_write(sc, 55, rf); 4405 4406 if (chan <= 14) 4407 rf = txpow3 & 0x1f; 4408 else 4409 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4410 run_rt3070_rf_write(sc, 54, rf); 4411 4412 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4413 if (sc->ntxchains == 3) 4414 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4415 else 4416 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4417 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4418 run_rt3070_rf_write(sc, 1, rf); 4419 4420 run_adjust_freq_offset(sc); 4421 4422 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4423 4424 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4425 run_rt3070_rf_read(sc, 30, &rf); 4426 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4427 run_rt3070_rf_write(sc, 30, rf); 4428 4429 run_rt3070_rf_read(sc, 36, &rf); 4430 if (chan <= 14) 4431 rf |= 0x80; 4432 else 4433 rf &= ~0x80; 4434 run_rt3070_rf_write(sc, 36, rf); 4435 4436 /* Set vcolo_bs. */ 4437 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4438 /* Set pfd_delay. */ 4439 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4440 4441 /* Set vco bias current control. */ 4442 run_rt3070_rf_read(sc, 6, &rf); 4443 rf &= ~0xc0; 4444 if (chan <= 14) 4445 rf |= 0x40; 4446 else if (chan <= 128) 4447 rf |= 0x80; 4448 else 4449 rf |= 0x40; 4450 run_rt3070_rf_write(sc, 6, rf); 4451 4452 run_rt3070_rf_read(sc, 30, &rf); 4453 rf = (rf & ~0x18) | 0x10; 4454 run_rt3070_rf_write(sc, 30, rf); 4455 4456 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4457 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4458 4459 run_rt3070_rf_read(sc, 51, &rf); 4460 rf = (rf & ~0x03) | 0x01; 4461 run_rt3070_rf_write(sc, 51, rf); 4462 /* Set tx_mx1_cc. */ 4463 run_rt3070_rf_read(sc, 51, &rf); 4464 rf &= ~0x1c; 4465 rf |= (chan <= 14) ? 0x14 : 0x10; 4466 run_rt3070_rf_write(sc, 51, rf); 4467 /* Set tx_mx1_ic. */ 4468 run_rt3070_rf_read(sc, 51, &rf); 4469 rf &= ~0xe0; 4470 rf |= (chan <= 14) ? 0x60 : 0x40; 4471 run_rt3070_rf_write(sc, 51, rf); 4472 /* Set tx_lo1_ic. */ 4473 run_rt3070_rf_read(sc, 49, &rf); 4474 rf &= ~0x1c; 4475 rf |= (chan <= 14) ? 0x0c : 0x08; 4476 run_rt3070_rf_write(sc, 49, rf); 4477 /* Set tx_lo1_en. */ 4478 run_rt3070_rf_read(sc, 50, &rf); 4479 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4480 /* Set drv_cc. */ 4481 run_rt3070_rf_read(sc, 57, &rf); 4482 rf &= ~0xfc; 4483 rf |= (chan <= 14) ? 0x6c : 0x3c; 4484 run_rt3070_rf_write(sc, 57, rf); 4485 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4486 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4487 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4488 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4489 /* Enable VCO calibration. */ 4490 run_rt3070_rf_read(sc, 3, &rf); 4491 rf &= ~RT5390_VCOCAL; 4492 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4493 run_rt3070_rf_write(sc, 3, rf); 4494 4495 if (chan <= 14) 4496 rf = 0x23; 4497 else if (chan <= 64) 4498 rf = 0x36; 4499 else if (chan <= 128) 4500 rf = 0x32; 4501 else 4502 rf = 0x30; 4503 run_rt3070_rf_write(sc, 39, rf); 4504 if (chan <= 14) 4505 rf = 0xbb; 4506 else if (chan <= 64) 4507 rf = 0xeb; 4508 else if (chan <= 128) 4509 rf = 0xb3; 4510 else 4511 rf = 0x9b; 4512 run_rt3070_rf_write(sc, 45, rf); 4513 4514 /* Set FEQ/AEQ control. */ 4515 run_bbp_write(sc, 105, 0x34); 4516 } 4517 4518 static void 4519 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4520 { 4521 int8_t txpow1, txpow2; 4522 uint8_t rf; 4523 int i; 4524 4525 /* find the settings for this channel (we know it exists) */ 4526 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4527 4528 /* use Tx power values from EEPROM */ 4529 txpow1 = sc->txpow1[i]; 4530 txpow2 = sc->txpow2[i]; 4531 4532 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4533 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4534 run_rt3070_rf_read(sc, 11, &rf); 4535 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4536 run_rt3070_rf_write(sc, 11, rf); 4537 4538 run_rt3070_rf_read(sc, 49, &rf); 4539 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4540 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4541 if ((rf & 0x3f) > 0x27) 4542 rf = (rf & ~0x3f) | 0x27; 4543 run_rt3070_rf_write(sc, 49, rf); 4544 4545 if (sc->mac_ver == 0x5392) { 4546 run_rt3070_rf_read(sc, 50, &rf); 4547 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4548 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4549 if ((rf & 0x3f) > 0x27) 4550 rf = (rf & ~0x3f) | 0x27; 4551 run_rt3070_rf_write(sc, 50, rf); 4552 } 4553 4554 run_rt3070_rf_read(sc, 1, &rf); 4555 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4556 if (sc->mac_ver == 0x5392) 4557 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4558 run_rt3070_rf_write(sc, 1, rf); 4559 4560 if (sc->mac_ver != 0x5392) { 4561 run_rt3070_rf_read(sc, 2, &rf); 4562 rf |= 0x80; 4563 run_rt3070_rf_write(sc, 2, rf); 4564 run_delay(sc, 10); 4565 rf &= 0x7f; 4566 run_rt3070_rf_write(sc, 2, rf); 4567 } 4568 4569 run_adjust_freq_offset(sc); 4570 4571 if (sc->mac_ver == 0x5392) { 4572 /* Fix for RT5392C. */ 4573 if (sc->mac_rev >= 0x0223) { 4574 if (chan <= 4) 4575 rf = 0x0f; 4576 else if (chan >= 5 && chan <= 7) 4577 rf = 0x0e; 4578 else 4579 rf = 0x0d; 4580 run_rt3070_rf_write(sc, 23, rf); 4581 4582 if (chan <= 4) 4583 rf = 0x0c; 4584 else if (chan == 5) 4585 rf = 0x0b; 4586 else if (chan >= 6 && chan <= 7) 4587 rf = 0x0a; 4588 else if (chan >= 8 && chan <= 10) 4589 rf = 0x09; 4590 else 4591 rf = 0x08; 4592 run_rt3070_rf_write(sc, 59, rf); 4593 } else { 4594 if (chan <= 11) 4595 rf = 0x0f; 4596 else 4597 rf = 0x0b; 4598 run_rt3070_rf_write(sc, 59, rf); 4599 } 4600 } else { 4601 /* Fix for RT5390F. */ 4602 if (sc->mac_rev >= 0x0502) { 4603 if (chan <= 11) 4604 rf = 0x43; 4605 else 4606 rf = 0x23; 4607 run_rt3070_rf_write(sc, 55, rf); 4608 4609 if (chan <= 11) 4610 rf = 0x0f; 4611 else if (chan == 12) 4612 rf = 0x0d; 4613 else 4614 rf = 0x0b; 4615 run_rt3070_rf_write(sc, 59, rf); 4616 } else { 4617 run_rt3070_rf_write(sc, 55, 0x44); 4618 run_rt3070_rf_write(sc, 59, 0x8f); 4619 } 4620 } 4621 4622 /* Enable VCO calibration. */ 4623 run_rt3070_rf_read(sc, 3, &rf); 4624 rf |= RT5390_VCOCAL; 4625 run_rt3070_rf_write(sc, 3, rf); 4626 } 4627 4628 static void 4629 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4630 { 4631 const struct rt5592_freqs *freqs; 4632 uint32_t tmp; 4633 uint8_t reg, rf, txpow_bound; 4634 int8_t txpow1, txpow2; 4635 int i; 4636 4637 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4638 freqs = (tmp & RT5592_SEL_XTAL) ? 4639 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4640 4641 /* find the settings for this channel (we know it exists) */ 4642 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4643 4644 /* use Tx power values from EEPROM */ 4645 txpow1 = sc->txpow1[i]; 4646 txpow2 = sc->txpow2[i]; 4647 4648 run_read(sc, RT3070_LDO_CFG0, &tmp); 4649 tmp &= ~0x1c000000; 4650 if (chan > 14) 4651 tmp |= 0x14000000; 4652 run_write(sc, RT3070_LDO_CFG0, tmp); 4653 4654 /* N setting. */ 4655 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4656 run_rt3070_rf_read(sc, 9, &rf); 4657 rf &= ~(1 << 4); 4658 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4659 run_rt3070_rf_write(sc, 9, rf); 4660 4661 /* K setting. */ 4662 run_rt3070_rf_read(sc, 9, &rf); 4663 rf &= ~0x0f; 4664 rf |= (freqs->k & 0x0f); 4665 run_rt3070_rf_write(sc, 9, rf); 4666 4667 /* Mode setting. */ 4668 run_rt3070_rf_read(sc, 11, &rf); 4669 rf &= ~0x0c; 4670 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4671 run_rt3070_rf_write(sc, 11, rf); 4672 run_rt3070_rf_read(sc, 9, &rf); 4673 rf &= ~(1 << 7); 4674 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4675 run_rt3070_rf_write(sc, 9, rf); 4676 4677 /* R setting. */ 4678 run_rt3070_rf_read(sc, 11, &rf); 4679 rf &= ~0x03; 4680 rf |= (freqs->r - 0x1); 4681 run_rt3070_rf_write(sc, 11, rf); 4682 4683 if (chan <= 14) { 4684 /* Initialize RF registers for 2GHZ. */ 4685 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 4686 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4687 rt5592_2ghz_def_rf[i].val); 4688 } 4689 4690 rf = (chan <= 10) ? 0x07 : 0x06; 4691 run_rt3070_rf_write(sc, 23, rf); 4692 run_rt3070_rf_write(sc, 59, rf); 4693 4694 run_rt3070_rf_write(sc, 55, 0x43); 4695 4696 /* 4697 * RF R49/R50 Tx power ALC code. 4698 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4699 */ 4700 reg = 2; 4701 txpow_bound = 0x27; 4702 } else { 4703 /* Initialize RF registers for 5GHZ. */ 4704 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 4705 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4706 rt5592_5ghz_def_rf[i].val); 4707 } 4708 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 4709 if (chan >= rt5592_chan_5ghz[i].firstchan && 4710 chan <= rt5592_chan_5ghz[i].lastchan) { 4711 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4712 rt5592_chan_5ghz[i].val); 4713 } 4714 } 4715 4716 /* 4717 * RF R49/R50 Tx power ALC code. 4718 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4719 */ 4720 reg = 3; 4721 txpow_bound = 0x2b; 4722 } 4723 4724 /* RF R49 ch0 Tx power ALC code. */ 4725 run_rt3070_rf_read(sc, 49, &rf); 4726 rf &= ~0xc0; 4727 rf |= (reg << 6); 4728 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4729 if ((rf & 0x3f) > txpow_bound) 4730 rf = (rf & ~0x3f) | txpow_bound; 4731 run_rt3070_rf_write(sc, 49, rf); 4732 4733 /* RF R50 ch1 Tx power ALC code. */ 4734 run_rt3070_rf_read(sc, 50, &rf); 4735 rf &= ~(1 << 7 | 1 << 6); 4736 rf |= (reg << 6); 4737 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4738 if ((rf & 0x3f) > txpow_bound) 4739 rf = (rf & ~0x3f) | txpow_bound; 4740 run_rt3070_rf_write(sc, 50, rf); 4741 4742 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4743 run_rt3070_rf_read(sc, 1, &rf); 4744 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4745 if (sc->ntxchains > 1) 4746 rf |= RT3070_TX1_PD; 4747 if (sc->nrxchains > 1) 4748 rf |= RT3070_RX1_PD; 4749 run_rt3070_rf_write(sc, 1, rf); 4750 4751 run_rt3070_rf_write(sc, 6, 0xe4); 4752 4753 run_rt3070_rf_write(sc, 30, 0x10); 4754 run_rt3070_rf_write(sc, 31, 0x80); 4755 run_rt3070_rf_write(sc, 32, 0x80); 4756 4757 run_adjust_freq_offset(sc); 4758 4759 /* Enable VCO calibration. */ 4760 run_rt3070_rf_read(sc, 3, &rf); 4761 rf |= RT5390_VCOCAL; 4762 run_rt3070_rf_write(sc, 3, rf); 4763 } 4764 4765 static void 4766 run_set_rx_antenna(struct run_softc *sc, int aux) 4767 { 4768 uint32_t tmp; 4769 uint8_t bbp152; 4770 4771 if (aux) { 4772 if (sc->rf_rev == RT5390_RF_5370) { 4773 run_bbp_read(sc, 152, &bbp152); 4774 run_bbp_write(sc, 152, bbp152 & ~0x80); 4775 } else { 4776 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4777 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4778 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4779 } 4780 } else { 4781 if (sc->rf_rev == RT5390_RF_5370) { 4782 run_bbp_read(sc, 152, &bbp152); 4783 run_bbp_write(sc, 152, bbp152 | 0x80); 4784 } else { 4785 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4786 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4787 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4788 } 4789 } 4790 } 4791 4792 static int 4793 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4794 { 4795 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4796 u_int chan, group; 4797 4798 chan = ieee80211_chan2ieee(ic, c); 4799 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4800 return (EINVAL); 4801 4802 if (sc->mac_ver == 0x5592) 4803 run_rt5592_set_chan(sc, chan); 4804 else if (sc->mac_ver >= 0x5390) 4805 run_rt5390_set_chan(sc, chan); 4806 else if (sc->mac_ver == 0x3593) 4807 run_rt3593_set_chan(sc, chan); 4808 else if (sc->mac_ver == 0x3572) 4809 run_rt3572_set_chan(sc, chan); 4810 else if (sc->mac_ver >= 0x3070) 4811 run_rt3070_set_chan(sc, chan); 4812 else 4813 run_rt2870_set_chan(sc, chan); 4814 4815 /* determine channel group */ 4816 if (chan <= 14) 4817 group = 0; 4818 else if (chan <= 64) 4819 group = 1; 4820 else if (chan <= 128) 4821 group = 2; 4822 else 4823 group = 3; 4824 4825 /* XXX necessary only when group has changed! */ 4826 run_select_chan_group(sc, group); 4827 4828 run_delay(sc, 10); 4829 4830 /* Perform IQ calibration. */ 4831 if (sc->mac_ver >= 0x5392) 4832 run_iq_calib(sc, chan); 4833 4834 return (0); 4835 } 4836 4837 static void 4838 run_set_channel(struct ieee80211com *ic) 4839 { 4840 struct run_softc *sc = ic->ic_ifp->if_softc; 4841 4842 RUN_LOCK(sc); 4843 run_set_chan(sc, ic->ic_curchan); 4844 RUN_UNLOCK(sc); 4845 4846 return; 4847 } 4848 4849 static void 4850 run_scan_start(struct ieee80211com *ic) 4851 { 4852 struct run_softc *sc = ic->ic_ifp->if_softc; 4853 uint32_t tmp; 4854 4855 RUN_LOCK(sc); 4856 4857 /* abort TSF synchronization */ 4858 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4859 run_write(sc, RT2860_BCN_TIME_CFG, 4860 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4861 RT2860_TBTT_TIMER_EN)); 4862 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4863 4864 RUN_UNLOCK(sc); 4865 4866 return; 4867 } 4868 4869 static void 4870 run_scan_end(struct ieee80211com *ic) 4871 { 4872 struct run_softc *sc = ic->ic_ifp->if_softc; 4873 4874 RUN_LOCK(sc); 4875 4876 run_enable_tsf_sync(sc); 4877 /* XXX keep local copy */ 4878 run_set_bssid(sc, sc->sc_bssid); 4879 4880 RUN_UNLOCK(sc); 4881 4882 return; 4883 } 4884 4885 /* 4886 * Could be called from ieee80211_node_timeout() 4887 * (non-sleepable thread) 4888 */ 4889 static void 4890 run_update_beacon(struct ieee80211vap *vap, int item) 4891 { 4892 struct ieee80211com *ic = vap->iv_ic; 4893 struct run_softc *sc = ic->ic_ifp->if_softc; 4894 struct run_vap *rvp = RUN_VAP(vap); 4895 int mcast = 0; 4896 uint32_t i; 4897 4898 KASSERT(vap != NULL, ("no beacon")); 4899 4900 switch (item) { 4901 case IEEE80211_BEACON_ERP: 4902 run_updateslot(ic->ic_ifp); 4903 break; 4904 case IEEE80211_BEACON_HTINFO: 4905 run_updateprot(ic); 4906 break; 4907 case IEEE80211_BEACON_TIM: 4908 mcast = 1; /*TODO*/ 4909 break; 4910 default: 4911 break; 4912 } 4913 4914 setbit(rvp->bo.bo_flags, item); 4915 if (rvp->beacon_mbuf == NULL) { 4916 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4917 &rvp->bo); 4918 if (rvp->beacon_mbuf == NULL) 4919 return; 4920 } 4921 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4922 4923 i = RUN_CMDQ_GET(&sc->cmdq_store); 4924 DPRINTF("cmdq_store=%d\n", i); 4925 sc->cmdq[i].func = run_update_beacon_cb; 4926 sc->cmdq[i].arg0 = vap; 4927 ieee80211_runtask(ic, &sc->cmdq_task); 4928 4929 return; 4930 } 4931 4932 static void 4933 run_update_beacon_cb(void *arg) 4934 { 4935 struct ieee80211vap *vap = arg; 4936 struct run_vap *rvp = RUN_VAP(vap); 4937 struct ieee80211com *ic = vap->iv_ic; 4938 struct run_softc *sc = ic->ic_ifp->if_softc; 4939 struct rt2860_txwi txwi; 4940 struct mbuf *m; 4941 uint16_t txwisize; 4942 uint8_t ridx; 4943 4944 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4945 return; 4946 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4947 return; 4948 4949 /* 4950 * No need to call ieee80211_beacon_update(), run_update_beacon() 4951 * is taking care of apropriate calls. 4952 */ 4953 if (rvp->beacon_mbuf == NULL) { 4954 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4955 &rvp->bo); 4956 if (rvp->beacon_mbuf == NULL) 4957 return; 4958 } 4959 m = rvp->beacon_mbuf; 4960 4961 memset(&txwi, 0, sizeof(txwi)); 4962 txwi.wcid = 0xff; 4963 txwi.len = htole16(m->m_pkthdr.len); 4964 4965 /* send beacons at the lowest available rate */ 4966 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4967 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4968 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4969 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4970 txwi.phy |= htole16(RT2860_PHY_OFDM); 4971 txwi.txop = RT2860_TX_TXOP_HT; 4972 txwi.flags = RT2860_TX_TS; 4973 txwi.xflags = RT2860_TX_NSEQ; 4974 4975 txwisize = (sc->mac_ver == 0x5592) ? 4976 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4977 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4978 txwisize); 4979 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4980 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4981 } 4982 4983 static void 4984 run_updateprot(struct ieee80211com *ic) 4985 { 4986 struct run_softc *sc = ic->ic_ifp->if_softc; 4987 uint32_t i; 4988 4989 i = RUN_CMDQ_GET(&sc->cmdq_store); 4990 DPRINTF("cmdq_store=%d\n", i); 4991 sc->cmdq[i].func = run_updateprot_cb; 4992 sc->cmdq[i].arg0 = ic; 4993 ieee80211_runtask(ic, &sc->cmdq_task); 4994 } 4995 4996 static void 4997 run_updateprot_cb(void *arg) 4998 { 4999 struct ieee80211com *ic = arg; 5000 struct run_softc *sc = ic->ic_ifp->if_softc; 5001 uint32_t tmp; 5002 5003 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 5004 /* setup protection frame rate (MCS code) */ 5005 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 5006 rt2860_rates[RT2860_RIDX_OFDM6].mcs | RT2860_PHY_OFDM : 5007 rt2860_rates[RT2860_RIDX_CCK11].mcs; 5008 5009 /* CCK frames don't require protection */ 5010 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 5011 if (ic->ic_flags & IEEE80211_F_USEPROT) { 5012 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 5013 tmp |= RT2860_PROT_CTRL_RTS_CTS; 5014 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 5015 tmp |= RT2860_PROT_CTRL_CTS; 5016 } 5017 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5018 } 5019 5020 static void 5021 run_usb_timeout_cb(void *arg) 5022 { 5023 struct ieee80211vap *vap = arg; 5024 struct run_softc *sc = vap->iv_ic->ic_ifp->if_softc; 5025 5026 RUN_LOCK_ASSERT(sc, MA_OWNED); 5027 5028 if(vap->iv_state == IEEE80211_S_RUN && 5029 vap->iv_opmode != IEEE80211_M_STA) 5030 run_reset_livelock(sc); 5031 else if (vap->iv_state == IEEE80211_S_SCAN) { 5032 DPRINTF("timeout caused by scan\n"); 5033 /* cancel bgscan */ 5034 ieee80211_cancel_scan(vap); 5035 } else 5036 DPRINTF("timeout by unknown cause\n"); 5037 } 5038 5039 static void 5040 run_reset_livelock(struct run_softc *sc) 5041 { 5042 uint32_t tmp; 5043 5044 RUN_LOCK_ASSERT(sc, MA_OWNED); 5045 5046 /* 5047 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5048 * can run into a livelock and start sending CTS-to-self frames like 5049 * crazy if protection is enabled. Reset MAC/BBP for a while 5050 */ 5051 run_read(sc, RT2860_DEBUG, &tmp); 5052 DPRINTFN(3, "debug reg %08x\n", tmp); 5053 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5054 DPRINTF("CTS-to-self livelock detected\n"); 5055 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5056 run_delay(sc, 1); 5057 run_write(sc, RT2860_MAC_SYS_CTRL, 5058 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5059 } 5060 } 5061 5062 static void 5063 run_update_promisc_locked(struct ifnet *ifp) 5064 { 5065 struct run_softc *sc = ifp->if_softc; 5066 uint32_t tmp; 5067 5068 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5069 5070 tmp |= RT2860_DROP_UC_NOME; 5071 if (ifp->if_flags & IFF_PROMISC) 5072 tmp &= ~RT2860_DROP_UC_NOME; 5073 5074 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5075 5076 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 5077 "entering" : "leaving"); 5078 } 5079 5080 static void 5081 run_update_promisc(struct ifnet *ifp) 5082 { 5083 struct run_softc *sc = ifp->if_softc; 5084 5085 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 5086 return; 5087 5088 RUN_LOCK(sc); 5089 run_update_promisc_locked(ifp); 5090 RUN_UNLOCK(sc); 5091 } 5092 5093 static void 5094 run_enable_tsf_sync(struct run_softc *sc) 5095 { 5096 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5097 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5098 uint32_t tmp; 5099 5100 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5101 ic->ic_opmode); 5102 5103 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5104 tmp &= ~0x1fffff; 5105 tmp |= vap->iv_bss->ni_intval * 16; 5106 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5107 5108 if (ic->ic_opmode == IEEE80211_M_STA) { 5109 /* 5110 * Local TSF is always updated with remote TSF on beacon 5111 * reception. 5112 */ 5113 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5114 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5115 tmp |= RT2860_BCN_TX_EN; 5116 /* 5117 * Local TSF is updated with remote TSF on beacon reception 5118 * only if the remote TSF is greater than local TSF. 5119 */ 5120 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5121 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5122 ic->ic_opmode == IEEE80211_M_MBSS) { 5123 tmp |= RT2860_BCN_TX_EN; 5124 /* SYNC with nobody */ 5125 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5126 } else { 5127 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5128 return; 5129 } 5130 5131 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5132 } 5133 5134 static void 5135 run_enable_mrr(struct run_softc *sc) 5136 { 5137 #define CCK(mcs) (mcs) 5138 #define OFDM(mcs) (1 << 3 | (mcs)) 5139 run_write(sc, RT2860_LG_FBK_CFG0, 5140 OFDM(6) << 28 | /* 54->48 */ 5141 OFDM(5) << 24 | /* 48->36 */ 5142 OFDM(4) << 20 | /* 36->24 */ 5143 OFDM(3) << 16 | /* 24->18 */ 5144 OFDM(2) << 12 | /* 18->12 */ 5145 OFDM(1) << 8 | /* 12-> 9 */ 5146 OFDM(0) << 4 | /* 9-> 6 */ 5147 OFDM(0)); /* 6-> 6 */ 5148 5149 run_write(sc, RT2860_LG_FBK_CFG1, 5150 CCK(2) << 12 | /* 11->5.5 */ 5151 CCK(1) << 8 | /* 5.5-> 2 */ 5152 CCK(0) << 4 | /* 2-> 1 */ 5153 CCK(0)); /* 1-> 1 */ 5154 #undef OFDM 5155 #undef CCK 5156 } 5157 5158 static void 5159 run_set_txpreamble(struct run_softc *sc) 5160 { 5161 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5162 uint32_t tmp; 5163 5164 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5165 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5166 tmp |= RT2860_CCK_SHORT_EN; 5167 else 5168 tmp &= ~RT2860_CCK_SHORT_EN; 5169 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5170 } 5171 5172 static void 5173 run_set_basicrates(struct run_softc *sc) 5174 { 5175 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5176 5177 /* set basic rates mask */ 5178 if (ic->ic_curmode == IEEE80211_MODE_11B) 5179 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5180 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5181 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5182 else /* 11g */ 5183 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5184 } 5185 5186 static void 5187 run_set_leds(struct run_softc *sc, uint16_t which) 5188 { 5189 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5190 which | (sc->leds & 0x7f)); 5191 } 5192 5193 static void 5194 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5195 { 5196 run_write(sc, RT2860_MAC_BSSID_DW0, 5197 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5198 run_write(sc, RT2860_MAC_BSSID_DW1, 5199 bssid[4] | bssid[5] << 8); 5200 } 5201 5202 static void 5203 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5204 { 5205 run_write(sc, RT2860_MAC_ADDR_DW0, 5206 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5207 run_write(sc, RT2860_MAC_ADDR_DW1, 5208 addr[4] | addr[5] << 8 | 0xff << 16); 5209 } 5210 5211 static void 5212 run_updateslot(struct ifnet *ifp) 5213 { 5214 struct run_softc *sc = ifp->if_softc; 5215 struct ieee80211com *ic = ifp->if_l2com; 5216 uint32_t i; 5217 5218 i = RUN_CMDQ_GET(&sc->cmdq_store); 5219 DPRINTF("cmdq_store=%d\n", i); 5220 sc->cmdq[i].func = run_updateslot_cb; 5221 sc->cmdq[i].arg0 = ifp; 5222 ieee80211_runtask(ic, &sc->cmdq_task); 5223 5224 return; 5225 } 5226 5227 /* ARGSUSED */ 5228 static void 5229 run_updateslot_cb(void *arg) 5230 { 5231 struct ifnet *ifp = arg; 5232 struct run_softc *sc = ifp->if_softc; 5233 struct ieee80211com *ic = ifp->if_l2com; 5234 uint32_t tmp; 5235 5236 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5237 tmp &= ~0xff; 5238 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5239 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5240 } 5241 5242 static void 5243 run_update_mcast(struct ifnet *ifp) 5244 { 5245 /* h/w filter supports getting everything or nothing */ 5246 ifp->if_flags |= IFF_ALLMULTI; 5247 } 5248 5249 static int8_t 5250 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5251 { 5252 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5253 struct ieee80211_channel *c = ic->ic_curchan; 5254 int delta; 5255 5256 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5257 u_int chan = ieee80211_chan2ieee(ic, c); 5258 delta = sc->rssi_5ghz[rxchain]; 5259 5260 /* determine channel group */ 5261 if (chan <= 64) 5262 delta -= sc->lna[1]; 5263 else if (chan <= 128) 5264 delta -= sc->lna[2]; 5265 else 5266 delta -= sc->lna[3]; 5267 } else 5268 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5269 5270 return (-12 - delta - rssi); 5271 } 5272 5273 static void 5274 run_rt5390_bbp_init(struct run_softc *sc) 5275 { 5276 int i; 5277 uint8_t bbp; 5278 5279 /* Apply maximum likelihood detection for 2 stream case. */ 5280 run_bbp_read(sc, 105, &bbp); 5281 if (sc->nrxchains > 1) 5282 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5283 5284 /* Avoid data lost and CRC error. */ 5285 run_bbp_read(sc, 4, &bbp); 5286 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5287 5288 if (sc->mac_ver == 0x5592) { 5289 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 5290 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5291 rt5592_def_bbp[i].val); 5292 } 5293 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 5294 run_bbp_write(sc, 195, i + 0x80); 5295 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5296 } 5297 } else { 5298 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 5299 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5300 rt5390_def_bbp[i].val); 5301 } 5302 } 5303 if (sc->mac_ver == 0x5392) { 5304 run_bbp_write(sc, 88, 0x90); 5305 run_bbp_write(sc, 95, 0x9a); 5306 run_bbp_write(sc, 98, 0x12); 5307 run_bbp_write(sc, 106, 0x12); 5308 run_bbp_write(sc, 134, 0xd0); 5309 run_bbp_write(sc, 135, 0xf6); 5310 run_bbp_write(sc, 148, 0x84); 5311 } 5312 5313 run_bbp_read(sc, 152, &bbp); 5314 run_bbp_write(sc, 152, bbp | 0x80); 5315 5316 /* Fix BBP254 for RT5592C. */ 5317 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5318 run_bbp_read(sc, 254, &bbp); 5319 run_bbp_write(sc, 254, bbp | 0x80); 5320 } 5321 5322 /* Disable hardware antenna diversity. */ 5323 if (sc->mac_ver == 0x5390) 5324 run_bbp_write(sc, 154, 0); 5325 5326 /* Initialize Rx CCK/OFDM frequency offset report. */ 5327 run_bbp_write(sc, 142, 1); 5328 run_bbp_write(sc, 143, 57); 5329 } 5330 5331 static int 5332 run_bbp_init(struct run_softc *sc) 5333 { 5334 int i, error, ntries; 5335 uint8_t bbp0; 5336 5337 /* wait for BBP to wake up */ 5338 for (ntries = 0; ntries < 20; ntries++) { 5339 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5340 return error; 5341 if (bbp0 != 0 && bbp0 != 0xff) 5342 break; 5343 } 5344 if (ntries == 20) 5345 return (ETIMEDOUT); 5346 5347 /* initialize BBP registers to default values */ 5348 if (sc->mac_ver >= 0x5390) 5349 run_rt5390_bbp_init(sc); 5350 else { 5351 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 5352 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5353 rt2860_def_bbp[i].val); 5354 } 5355 } 5356 5357 if (sc->mac_ver == 0x3593) { 5358 run_bbp_write(sc, 79, 0x13); 5359 run_bbp_write(sc, 80, 0x05); 5360 run_bbp_write(sc, 81, 0x33); 5361 run_bbp_write(sc, 86, 0x46); 5362 run_bbp_write(sc, 137, 0x0f); 5363 } 5364 5365 /* fix BBP84 for RT2860E */ 5366 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5367 run_bbp_write(sc, 84, 0x19); 5368 5369 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5370 sc->mac_ver != 0x5592)) { 5371 run_bbp_write(sc, 79, 0x13); 5372 run_bbp_write(sc, 80, 0x05); 5373 run_bbp_write(sc, 81, 0x33); 5374 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5375 run_bbp_write(sc, 69, 0x16); 5376 run_bbp_write(sc, 73, 0x12); 5377 } 5378 return (0); 5379 } 5380 5381 static int 5382 run_rt3070_rf_init(struct run_softc *sc) 5383 { 5384 uint32_t tmp; 5385 uint8_t bbp4, mingain, rf, target; 5386 int i; 5387 5388 run_rt3070_rf_read(sc, 30, &rf); 5389 /* toggle RF R30 bit 7 */ 5390 run_rt3070_rf_write(sc, 30, rf | 0x80); 5391 run_delay(sc, 10); 5392 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5393 5394 /* initialize RF registers to default value */ 5395 if (sc->mac_ver == 0x3572) { 5396 for (i = 0; i < nitems(rt3572_def_rf); i++) { 5397 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5398 rt3572_def_rf[i].val); 5399 } 5400 } else { 5401 for (i = 0; i < nitems(rt3070_def_rf); i++) { 5402 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5403 rt3070_def_rf[i].val); 5404 } 5405 } 5406 5407 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5408 /* 5409 * Change voltage from 1.2V to 1.35V for RT3070. 5410 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5411 * in RT3070(F). 5412 */ 5413 run_read(sc, RT3070_LDO_CFG0, &tmp); 5414 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5415 run_write(sc, RT3070_LDO_CFG0, tmp); 5416 5417 } else if (sc->mac_ver == 0x3071) { 5418 run_rt3070_rf_read(sc, 6, &rf); 5419 run_rt3070_rf_write(sc, 6, rf | 0x40); 5420 run_rt3070_rf_write(sc, 31, 0x14); 5421 5422 run_read(sc, RT3070_LDO_CFG0, &tmp); 5423 tmp &= ~0x1f000000; 5424 if (sc->mac_rev < 0x0211) 5425 tmp |= 0x0d000000; /* 1.3V */ 5426 else 5427 tmp |= 0x01000000; /* 1.2V */ 5428 run_write(sc, RT3070_LDO_CFG0, tmp); 5429 5430 /* patch LNA_PE_G1 */ 5431 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5432 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5433 5434 } else if (sc->mac_ver == 0x3572) { 5435 run_rt3070_rf_read(sc, 6, &rf); 5436 run_rt3070_rf_write(sc, 6, rf | 0x40); 5437 5438 /* increase voltage from 1.2V to 1.35V */ 5439 run_read(sc, RT3070_LDO_CFG0, &tmp); 5440 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5441 run_write(sc, RT3070_LDO_CFG0, tmp); 5442 5443 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5444 run_delay(sc, 1); /* wait for 1msec */ 5445 /* decrease voltage back to 1.2V */ 5446 tmp = (tmp & ~0x1f000000) | 0x01000000; 5447 run_write(sc, RT3070_LDO_CFG0, tmp); 5448 } 5449 } 5450 5451 /* select 20MHz bandwidth */ 5452 run_rt3070_rf_read(sc, 31, &rf); 5453 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5454 5455 /* calibrate filter for 20MHz bandwidth */ 5456 sc->rf24_20mhz = 0x1f; /* default value */ 5457 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5458 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5459 5460 /* select 40MHz bandwidth */ 5461 run_bbp_read(sc, 4, &bbp4); 5462 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5463 run_rt3070_rf_read(sc, 31, &rf); 5464 run_rt3070_rf_write(sc, 31, rf | 0x20); 5465 5466 /* calibrate filter for 40MHz bandwidth */ 5467 sc->rf24_40mhz = 0x2f; /* default value */ 5468 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5469 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5470 5471 /* go back to 20MHz bandwidth */ 5472 run_bbp_read(sc, 4, &bbp4); 5473 run_bbp_write(sc, 4, bbp4 & ~0x18); 5474 5475 if (sc->mac_ver == 0x3572) { 5476 /* save default BBP registers 25 and 26 values */ 5477 run_bbp_read(sc, 25, &sc->bbp25); 5478 run_bbp_read(sc, 26, &sc->bbp26); 5479 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5480 run_rt3070_rf_write(sc, 27, 0x03); 5481 5482 run_read(sc, RT3070_OPT_14, &tmp); 5483 run_write(sc, RT3070_OPT_14, tmp | 1); 5484 5485 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5486 run_rt3070_rf_read(sc, 17, &rf); 5487 rf &= ~RT3070_TX_LO1; 5488 if ((sc->mac_ver == 0x3070 || 5489 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5490 !sc->ext_2ghz_lna) 5491 rf |= 0x20; /* fix for long range Rx issue */ 5492 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5493 if (sc->txmixgain_2ghz >= mingain) 5494 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5495 run_rt3070_rf_write(sc, 17, rf); 5496 } 5497 5498 if (sc->mac_ver == 0x3071) { 5499 run_rt3070_rf_read(sc, 1, &rf); 5500 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5501 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5502 run_rt3070_rf_write(sc, 1, rf); 5503 5504 run_rt3070_rf_read(sc, 15, &rf); 5505 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5506 5507 run_rt3070_rf_read(sc, 20, &rf); 5508 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5509 5510 run_rt3070_rf_read(sc, 21, &rf); 5511 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5512 } 5513 5514 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5515 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5516 run_rt3070_rf_read(sc, 27, &rf); 5517 rf &= ~0x77; 5518 if (sc->mac_rev < 0x0211) 5519 rf |= 0x03; 5520 run_rt3070_rf_write(sc, 27, rf); 5521 } 5522 return (0); 5523 } 5524 5525 static void 5526 run_rt3593_rf_init(struct run_softc *sc) 5527 { 5528 uint32_t tmp; 5529 uint8_t rf; 5530 int i; 5531 5532 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5533 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5534 tmp &= ~(1 << 4 | 1 << 7); 5535 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5536 5537 /* Initialize RF registers to default value. */ 5538 for (i = 0; i < nitems(rt3593_def_rf); i++) { 5539 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5540 rt3593_def_rf[i].val); 5541 } 5542 5543 /* Toggle RF R2 to initiate calibration. */ 5544 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5545 5546 /* Initialize RF frequency offset. */ 5547 run_adjust_freq_offset(sc); 5548 5549 run_rt3070_rf_read(sc, 18, &rf); 5550 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5551 5552 /* 5553 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5554 * decrease voltage back to 1.2V. 5555 */ 5556 run_read(sc, RT3070_LDO_CFG0, &tmp); 5557 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5558 run_write(sc, RT3070_LDO_CFG0, tmp); 5559 run_delay(sc, 1); 5560 tmp = (tmp & ~0x1f000000) | 0x01000000; 5561 run_write(sc, RT3070_LDO_CFG0, tmp); 5562 5563 sc->rf24_20mhz = 0x1f; 5564 sc->rf24_40mhz = 0x2f; 5565 5566 /* Save default BBP registers 25 and 26 values. */ 5567 run_bbp_read(sc, 25, &sc->bbp25); 5568 run_bbp_read(sc, 26, &sc->bbp26); 5569 5570 run_read(sc, RT3070_OPT_14, &tmp); 5571 run_write(sc, RT3070_OPT_14, tmp | 1); 5572 } 5573 5574 static void 5575 run_rt5390_rf_init(struct run_softc *sc) 5576 { 5577 uint32_t tmp; 5578 uint8_t rf; 5579 int i; 5580 5581 /* Toggle RF R2 to initiate calibration. */ 5582 if (sc->mac_ver == 0x5390) { 5583 run_rt3070_rf_read(sc, 2, &rf); 5584 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5585 run_delay(sc, 10); 5586 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5587 } else { 5588 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5589 run_delay(sc, 10); 5590 } 5591 5592 /* Initialize RF registers to default value. */ 5593 if (sc->mac_ver == 0x5592) { 5594 for (i = 0; i < nitems(rt5592_def_rf); i++) { 5595 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5596 rt5592_def_rf[i].val); 5597 } 5598 /* Initialize RF frequency offset. */ 5599 run_adjust_freq_offset(sc); 5600 } else if (sc->mac_ver == 0x5392) { 5601 for (i = 0; i < nitems(rt5392_def_rf); i++) { 5602 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5603 rt5392_def_rf[i].val); 5604 } 5605 if (sc->mac_rev >= 0x0223) { 5606 run_rt3070_rf_write(sc, 23, 0x0f); 5607 run_rt3070_rf_write(sc, 24, 0x3e); 5608 run_rt3070_rf_write(sc, 51, 0x32); 5609 run_rt3070_rf_write(sc, 53, 0x22); 5610 run_rt3070_rf_write(sc, 56, 0xc1); 5611 run_rt3070_rf_write(sc, 59, 0x0f); 5612 } 5613 } else { 5614 for (i = 0; i < nitems(rt5390_def_rf); i++) { 5615 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5616 rt5390_def_rf[i].val); 5617 } 5618 if (sc->mac_rev >= 0x0502) { 5619 run_rt3070_rf_write(sc, 6, 0xe0); 5620 run_rt3070_rf_write(sc, 25, 0x80); 5621 run_rt3070_rf_write(sc, 46, 0x73); 5622 run_rt3070_rf_write(sc, 53, 0x00); 5623 run_rt3070_rf_write(sc, 56, 0x42); 5624 run_rt3070_rf_write(sc, 61, 0xd1); 5625 } 5626 } 5627 5628 sc->rf24_20mhz = 0x1f; /* default value */ 5629 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5630 5631 if (sc->mac_rev < 0x0211) 5632 run_rt3070_rf_write(sc, 27, 0x3); 5633 5634 run_read(sc, RT3070_OPT_14, &tmp); 5635 run_write(sc, RT3070_OPT_14, tmp | 1); 5636 } 5637 5638 static int 5639 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5640 uint8_t *val) 5641 { 5642 uint8_t rf22, rf24; 5643 uint8_t bbp55_pb, bbp55_sb, delta; 5644 int ntries; 5645 5646 /* program filter */ 5647 run_rt3070_rf_read(sc, 24, &rf24); 5648 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5649 run_rt3070_rf_write(sc, 24, rf24); 5650 5651 /* enable baseband loopback mode */ 5652 run_rt3070_rf_read(sc, 22, &rf22); 5653 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5654 5655 /* set power and frequency of passband test tone */ 5656 run_bbp_write(sc, 24, 0x00); 5657 for (ntries = 0; ntries < 100; ntries++) { 5658 /* transmit test tone */ 5659 run_bbp_write(sc, 25, 0x90); 5660 run_delay(sc, 10); 5661 /* read received power */ 5662 run_bbp_read(sc, 55, &bbp55_pb); 5663 if (bbp55_pb != 0) 5664 break; 5665 } 5666 if (ntries == 100) 5667 return (ETIMEDOUT); 5668 5669 /* set power and frequency of stopband test tone */ 5670 run_bbp_write(sc, 24, 0x06); 5671 for (ntries = 0; ntries < 100; ntries++) { 5672 /* transmit test tone */ 5673 run_bbp_write(sc, 25, 0x90); 5674 run_delay(sc, 10); 5675 /* read received power */ 5676 run_bbp_read(sc, 55, &bbp55_sb); 5677 5678 delta = bbp55_pb - bbp55_sb; 5679 if (delta > target) 5680 break; 5681 5682 /* reprogram filter */ 5683 rf24++; 5684 run_rt3070_rf_write(sc, 24, rf24); 5685 } 5686 if (ntries < 100) { 5687 if (rf24 != init) 5688 rf24--; /* backtrack */ 5689 *val = rf24; 5690 run_rt3070_rf_write(sc, 24, rf24); 5691 } 5692 5693 /* restore initial state */ 5694 run_bbp_write(sc, 24, 0x00); 5695 5696 /* disable baseband loopback mode */ 5697 run_rt3070_rf_read(sc, 22, &rf22); 5698 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5699 5700 return (0); 5701 } 5702 5703 static void 5704 run_rt3070_rf_setup(struct run_softc *sc) 5705 { 5706 uint8_t bbp, rf; 5707 int i; 5708 5709 if (sc->mac_ver == 0x3572) { 5710 /* enable DC filter */ 5711 if (sc->mac_rev >= 0x0201) 5712 run_bbp_write(sc, 103, 0xc0); 5713 5714 run_bbp_read(sc, 138, &bbp); 5715 if (sc->ntxchains == 1) 5716 bbp |= 0x20; /* turn off DAC1 */ 5717 if (sc->nrxchains == 1) 5718 bbp &= ~0x02; /* turn off ADC1 */ 5719 run_bbp_write(sc, 138, bbp); 5720 5721 if (sc->mac_rev >= 0x0211) { 5722 /* improve power consumption */ 5723 run_bbp_read(sc, 31, &bbp); 5724 run_bbp_write(sc, 31, bbp & ~0x03); 5725 } 5726 5727 run_rt3070_rf_read(sc, 16, &rf); 5728 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5729 run_rt3070_rf_write(sc, 16, rf); 5730 5731 } else if (sc->mac_ver == 0x3071) { 5732 if (sc->mac_rev >= 0x0211) { 5733 /* enable DC filter */ 5734 run_bbp_write(sc, 103, 0xc0); 5735 5736 /* improve power consumption */ 5737 run_bbp_read(sc, 31, &bbp); 5738 run_bbp_write(sc, 31, bbp & ~0x03); 5739 } 5740 5741 run_bbp_read(sc, 138, &bbp); 5742 if (sc->ntxchains == 1) 5743 bbp |= 0x20; /* turn off DAC1 */ 5744 if (sc->nrxchains == 1) 5745 bbp &= ~0x02; /* turn off ADC1 */ 5746 run_bbp_write(sc, 138, bbp); 5747 5748 run_write(sc, RT2860_TX_SW_CFG1, 0); 5749 if (sc->mac_rev < 0x0211) { 5750 run_write(sc, RT2860_TX_SW_CFG2, 5751 sc->patch_dac ? 0x2c : 0x0f); 5752 } else 5753 run_write(sc, RT2860_TX_SW_CFG2, 0); 5754 5755 } else if (sc->mac_ver == 0x3070) { 5756 if (sc->mac_rev >= 0x0201) { 5757 /* enable DC filter */ 5758 run_bbp_write(sc, 103, 0xc0); 5759 5760 /* improve power consumption */ 5761 run_bbp_read(sc, 31, &bbp); 5762 run_bbp_write(sc, 31, bbp & ~0x03); 5763 } 5764 5765 if (sc->mac_rev < 0x0201) { 5766 run_write(sc, RT2860_TX_SW_CFG1, 0); 5767 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5768 } else 5769 run_write(sc, RT2860_TX_SW_CFG2, 0); 5770 } 5771 5772 /* initialize RF registers from ROM for >=RT3071*/ 5773 if (sc->mac_ver >= 0x3071) { 5774 for (i = 0; i < 10; i++) { 5775 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5776 continue; 5777 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5778 } 5779 } 5780 } 5781 5782 static void 5783 run_rt3593_rf_setup(struct run_softc *sc) 5784 { 5785 uint8_t bbp, rf; 5786 5787 if (sc->mac_rev >= 0x0211) { 5788 /* Enable DC filter. */ 5789 run_bbp_write(sc, 103, 0xc0); 5790 } 5791 run_write(sc, RT2860_TX_SW_CFG1, 0); 5792 if (sc->mac_rev < 0x0211) { 5793 run_write(sc, RT2860_TX_SW_CFG2, 5794 sc->patch_dac ? 0x2c : 0x0f); 5795 } else 5796 run_write(sc, RT2860_TX_SW_CFG2, 0); 5797 5798 run_rt3070_rf_read(sc, 50, &rf); 5799 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5800 5801 run_rt3070_rf_read(sc, 51, &rf); 5802 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5803 ((sc->txmixgain_2ghz & 0x07) << 2); 5804 run_rt3070_rf_write(sc, 51, rf); 5805 5806 run_rt3070_rf_read(sc, 38, &rf); 5807 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5808 5809 run_rt3070_rf_read(sc, 39, &rf); 5810 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5811 5812 run_rt3070_rf_read(sc, 1, &rf); 5813 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5814 5815 run_rt3070_rf_read(sc, 30, &rf); 5816 rf = (rf & ~0x18) | 0x10; 5817 run_rt3070_rf_write(sc, 30, rf); 5818 5819 /* Apply maximum likelihood detection for 2 stream case. */ 5820 run_bbp_read(sc, 105, &bbp); 5821 if (sc->nrxchains > 1) 5822 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5823 5824 /* Avoid data lost and CRC error. */ 5825 run_bbp_read(sc, 4, &bbp); 5826 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5827 5828 run_bbp_write(sc, 92, 0x02); 5829 run_bbp_write(sc, 82, 0x82); 5830 run_bbp_write(sc, 106, 0x05); 5831 run_bbp_write(sc, 104, 0x92); 5832 run_bbp_write(sc, 88, 0x90); 5833 run_bbp_write(sc, 148, 0xc8); 5834 run_bbp_write(sc, 47, 0x48); 5835 run_bbp_write(sc, 120, 0x50); 5836 5837 run_bbp_write(sc, 163, 0x9d); 5838 5839 /* SNR mapping. */ 5840 run_bbp_write(sc, 142, 0x06); 5841 run_bbp_write(sc, 143, 0xa0); 5842 run_bbp_write(sc, 142, 0x07); 5843 run_bbp_write(sc, 143, 0xa1); 5844 run_bbp_write(sc, 142, 0x08); 5845 run_bbp_write(sc, 143, 0xa2); 5846 5847 run_bbp_write(sc, 31, 0x08); 5848 run_bbp_write(sc, 68, 0x0b); 5849 run_bbp_write(sc, 105, 0x04); 5850 } 5851 5852 static void 5853 run_rt5390_rf_setup(struct run_softc *sc) 5854 { 5855 uint8_t bbp, rf; 5856 5857 if (sc->mac_rev >= 0x0211) { 5858 /* Enable DC filter. */ 5859 run_bbp_write(sc, 103, 0xc0); 5860 5861 if (sc->mac_ver != 0x5592) { 5862 /* Improve power consumption. */ 5863 run_bbp_read(sc, 31, &bbp); 5864 run_bbp_write(sc, 31, bbp & ~0x03); 5865 } 5866 } 5867 5868 run_bbp_read(sc, 138, &bbp); 5869 if (sc->ntxchains == 1) 5870 bbp |= 0x20; /* turn off DAC1 */ 5871 if (sc->nrxchains == 1) 5872 bbp &= ~0x02; /* turn off ADC1 */ 5873 run_bbp_write(sc, 138, bbp); 5874 5875 run_rt3070_rf_read(sc, 38, &rf); 5876 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5877 5878 run_rt3070_rf_read(sc, 39, &rf); 5879 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5880 5881 /* Avoid data lost and CRC error. */ 5882 run_bbp_read(sc, 4, &bbp); 5883 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5884 5885 run_rt3070_rf_read(sc, 30, &rf); 5886 rf = (rf & ~0x18) | 0x10; 5887 run_rt3070_rf_write(sc, 30, rf); 5888 5889 if (sc->mac_ver != 0x5592) { 5890 run_write(sc, RT2860_TX_SW_CFG1, 0); 5891 if (sc->mac_rev < 0x0211) { 5892 run_write(sc, RT2860_TX_SW_CFG2, 5893 sc->patch_dac ? 0x2c : 0x0f); 5894 } else 5895 run_write(sc, RT2860_TX_SW_CFG2, 0); 5896 } 5897 } 5898 5899 static int 5900 run_txrx_enable(struct run_softc *sc) 5901 { 5902 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5903 uint32_t tmp; 5904 int error, ntries; 5905 5906 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5907 for (ntries = 0; ntries < 200; ntries++) { 5908 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5909 return (error); 5910 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5911 break; 5912 run_delay(sc, 50); 5913 } 5914 if (ntries == 200) 5915 return (ETIMEDOUT); 5916 5917 run_delay(sc, 50); 5918 5919 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5920 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5921 5922 /* enable Rx bulk aggregation (set timeout and limit) */ 5923 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5924 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5925 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5926 5927 /* set Rx filter */ 5928 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5929 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5930 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5931 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5932 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5933 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5934 if (ic->ic_opmode == IEEE80211_M_STA) 5935 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5936 } 5937 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5938 5939 run_write(sc, RT2860_MAC_SYS_CTRL, 5940 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5941 5942 return (0); 5943 } 5944 5945 static void 5946 run_adjust_freq_offset(struct run_softc *sc) 5947 { 5948 uint8_t rf, tmp; 5949 5950 run_rt3070_rf_read(sc, 17, &rf); 5951 tmp = rf; 5952 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5953 rf = MIN(rf, 0x5f); 5954 5955 if (tmp != rf) 5956 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5957 } 5958 5959 static void 5960 run_init_locked(struct run_softc *sc) 5961 { 5962 struct ifnet *ifp = sc->sc_ifp; 5963 struct ieee80211com *ic = ifp->if_l2com; 5964 uint32_t tmp; 5965 uint8_t bbp1, bbp3; 5966 int i; 5967 int ridx; 5968 int ntries; 5969 5970 if (ic->ic_nrunning > 1) 5971 return; 5972 5973 run_stop(sc); 5974 5975 if (run_load_microcode(sc) != 0) { 5976 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5977 goto fail; 5978 } 5979 5980 for (ntries = 0; ntries < 100; ntries++) { 5981 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5982 goto fail; 5983 if (tmp != 0 && tmp != 0xffffffff) 5984 break; 5985 run_delay(sc, 10); 5986 } 5987 if (ntries == 100) 5988 goto fail; 5989 5990 for (i = 0; i != RUN_EP_QUEUES; i++) 5991 run_setup_tx_list(sc, &sc->sc_epq[i]); 5992 5993 run_set_macaddr(sc, IF_LLADDR(ifp)); 5994 5995 for (ntries = 0; ntries < 100; ntries++) { 5996 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 5997 goto fail; 5998 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5999 break; 6000 run_delay(sc, 10); 6001 } 6002 if (ntries == 100) { 6003 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6004 goto fail; 6005 } 6006 tmp &= 0xff0; 6007 tmp |= RT2860_TX_WB_DDONE; 6008 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6009 6010 /* turn off PME_OEN to solve high-current issue */ 6011 run_read(sc, RT2860_SYS_CTRL, &tmp); 6012 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 6013 6014 run_write(sc, RT2860_MAC_SYS_CTRL, 6015 RT2860_BBP_HRST | RT2860_MAC_SRST); 6016 run_write(sc, RT2860_USB_DMA_CFG, 0); 6017 6018 if (run_reset(sc) != 0) { 6019 device_printf(sc->sc_dev, "could not reset chipset\n"); 6020 goto fail; 6021 } 6022 6023 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6024 6025 /* init Tx power for all Tx rates (from EEPROM) */ 6026 for (ridx = 0; ridx < 5; ridx++) { 6027 if (sc->txpow20mhz[ridx] == 0xffffffff) 6028 continue; 6029 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6030 } 6031 6032 for (i = 0; i < nitems(rt2870_def_mac); i++) 6033 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6034 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6035 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6036 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6037 6038 if (sc->mac_ver >= 0x5390) { 6039 run_write(sc, RT2860_TX_SW_CFG0, 6040 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6041 if (sc->mac_ver >= 0x5392) { 6042 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6043 if (sc->mac_ver == 0x5592) { 6044 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6045 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6046 } else { 6047 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6048 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6049 } 6050 } 6051 } else if (sc->mac_ver == 0x3593) { 6052 run_write(sc, RT2860_TX_SW_CFG0, 6053 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6054 } else if (sc->mac_ver >= 0x3070) { 6055 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6056 run_write(sc, RT2860_TX_SW_CFG0, 6057 4 << RT2860_DLY_PAPE_EN_SHIFT); 6058 } 6059 6060 /* wait while MAC is busy */ 6061 for (ntries = 0; ntries < 100; ntries++) { 6062 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6063 goto fail; 6064 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6065 break; 6066 run_delay(sc, 10); 6067 } 6068 if (ntries == 100) 6069 goto fail; 6070 6071 /* clear Host to MCU mailbox */ 6072 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6073 run_write(sc, RT2860_H2M_MAILBOX, 0); 6074 run_delay(sc, 10); 6075 6076 if (run_bbp_init(sc) != 0) { 6077 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6078 goto fail; 6079 } 6080 6081 /* abort TSF synchronization */ 6082 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6083 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6084 RT2860_TBTT_TIMER_EN); 6085 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6086 6087 /* clear RX WCID search table */ 6088 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6089 /* clear WCID attribute table */ 6090 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6091 6092 /* hostapd sets a key before init. So, don't clear it. */ 6093 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6094 /* clear shared key table */ 6095 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6096 /* clear shared key mode */ 6097 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6098 } 6099 6100 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6101 tmp = (tmp & ~0xff) | 0x1e; 6102 run_write(sc, RT2860_US_CYC_CNT, tmp); 6103 6104 if (sc->mac_rev != 0x0101) 6105 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6106 6107 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6108 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6109 6110 /* write vendor-specific BBP values (from EEPROM) */ 6111 if (sc->mac_ver < 0x3593) { 6112 for (i = 0; i < 10; i++) { 6113 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6114 continue; 6115 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6116 } 6117 } 6118 6119 /* select Main antenna for 1T1R devices */ 6120 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6121 run_set_rx_antenna(sc, 0); 6122 6123 /* send LEDs operating mode to microcontroller */ 6124 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6125 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6126 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6127 6128 if (sc->mac_ver >= 0x5390) 6129 run_rt5390_rf_init(sc); 6130 else if (sc->mac_ver == 0x3593) 6131 run_rt3593_rf_init(sc); 6132 else if (sc->mac_ver >= 0x3070) 6133 run_rt3070_rf_init(sc); 6134 6135 /* disable non-existing Rx chains */ 6136 run_bbp_read(sc, 3, &bbp3); 6137 bbp3 &= ~(1 << 3 | 1 << 4); 6138 if (sc->nrxchains == 2) 6139 bbp3 |= 1 << 3; 6140 else if (sc->nrxchains == 3) 6141 bbp3 |= 1 << 4; 6142 run_bbp_write(sc, 3, bbp3); 6143 6144 /* disable non-existing Tx chains */ 6145 run_bbp_read(sc, 1, &bbp1); 6146 if (sc->ntxchains == 1) 6147 bbp1 &= ~(1 << 3 | 1 << 4); 6148 run_bbp_write(sc, 1, bbp1); 6149 6150 if (sc->mac_ver >= 0x5390) 6151 run_rt5390_rf_setup(sc); 6152 else if (sc->mac_ver == 0x3593) 6153 run_rt3593_rf_setup(sc); 6154 else if (sc->mac_ver >= 0x3070) 6155 run_rt3070_rf_setup(sc); 6156 6157 /* select default channel */ 6158 run_set_chan(sc, ic->ic_curchan); 6159 6160 /* setup initial protection mode */ 6161 run_updateprot_cb(ic); 6162 6163 /* turn radio LED on */ 6164 run_set_leds(sc, RT2860_LED_RADIO); 6165 6166 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 6167 ifp->if_drv_flags |= IFF_DRV_RUNNING; 6168 sc->cmdq_run = RUN_CMDQ_GO; 6169 6170 for (i = 0; i != RUN_N_XFER; i++) 6171 usbd_xfer_set_stall(sc->sc_xfer[i]); 6172 6173 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6174 6175 if (run_txrx_enable(sc) != 0) 6176 goto fail; 6177 6178 return; 6179 6180 fail: 6181 run_stop(sc); 6182 } 6183 6184 static void 6185 run_init(void *arg) 6186 { 6187 struct run_softc *sc = arg; 6188 struct ifnet *ifp = sc->sc_ifp; 6189 struct ieee80211com *ic = ifp->if_l2com; 6190 6191 RUN_LOCK(sc); 6192 run_init_locked(sc); 6193 RUN_UNLOCK(sc); 6194 6195 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6196 ieee80211_start_all(ic); 6197 } 6198 6199 static void 6200 run_stop(void *arg) 6201 { 6202 struct run_softc *sc = (struct run_softc *)arg; 6203 struct ifnet *ifp = sc->sc_ifp; 6204 uint32_t tmp; 6205 int i; 6206 int ntries; 6207 6208 RUN_LOCK_ASSERT(sc, MA_OWNED); 6209 6210 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6211 run_set_leds(sc, 0); /* turn all LEDs off */ 6212 6213 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 6214 6215 sc->ratectl_run = RUN_RATECTL_OFF; 6216 sc->cmdq_run = sc->cmdq_key_set; 6217 6218 RUN_UNLOCK(sc); 6219 6220 for(i = 0; i < RUN_N_XFER; i++) 6221 usbd_transfer_drain(sc->sc_xfer[i]); 6222 6223 RUN_LOCK(sc); 6224 6225 if (sc->rx_m != NULL) { 6226 m_free(sc->rx_m); 6227 sc->rx_m = NULL; 6228 } 6229 6230 /* Disable Tx/Rx DMA. */ 6231 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6232 return; 6233 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6234 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6235 6236 for (ntries = 0; ntries < 100; ntries++) { 6237 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6238 return; 6239 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6240 break; 6241 run_delay(sc, 10); 6242 } 6243 if (ntries == 100) { 6244 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6245 return; 6246 } 6247 6248 /* disable Tx/Rx */ 6249 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6250 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6251 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6252 6253 /* wait for pending Tx to complete */ 6254 for (ntries = 0; ntries < 100; ntries++) { 6255 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6256 DPRINTF("Cannot read Tx queue count\n"); 6257 break; 6258 } 6259 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6260 DPRINTF("All Tx cleared\n"); 6261 break; 6262 } 6263 run_delay(sc, 10); 6264 } 6265 if (ntries >= 100) 6266 DPRINTF("There are still pending Tx\n"); 6267 run_delay(sc, 10); 6268 run_write(sc, RT2860_USB_DMA_CFG, 0); 6269 6270 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6271 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6272 6273 for (i = 0; i != RUN_EP_QUEUES; i++) 6274 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6275 } 6276 6277 static void 6278 run_delay(struct run_softc *sc, u_int ms) 6279 { 6280 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ? 6281 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms)); 6282 } 6283 6284 static device_method_t run_methods[] = { 6285 /* Device interface */ 6286 DEVMETHOD(device_probe, run_match), 6287 DEVMETHOD(device_attach, run_attach), 6288 DEVMETHOD(device_detach, run_detach), 6289 DEVMETHOD_END 6290 }; 6291 6292 static driver_t run_driver = { 6293 .name = "run", 6294 .methods = run_methods, 6295 .size = sizeof(struct run_softc) 6296 }; 6297 6298 static devclass_t run_devclass; 6299 6300 DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6301 MODULE_DEPEND(run, wlan, 1, 1, 1); 6302 MODULE_DEPEND(run, usb, 1, 1, 1); 6303 MODULE_DEPEND(run, firmware, 1, 1, 1); 6304 MODULE_VERSION(run, 1);
Cache object: b3fdb0991f2f9a6b57c1c6b191414cf9
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]