Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/dev/usb/wlan/if_run.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr> 3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca> 4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __FBSDID("$FreeBSD$"); 22 23 /*- 24 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 25 * http://www.ralinktech.com/ 26 */ 27 28 #include <sys/param.h> 29 #include <sys/sockio.h> 30 #include <sys/sysctl.h> 31 #include <sys/lock.h> 32 #include <sys/mutex.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #include <sys/module.h> 39 #include <sys/bus.h> 40 #include <sys/endian.h> 41 #include <sys/linker.h> 42 #include <sys/firmware.h> 43 #include <sys/kdb.h> 44 45 #include <machine/bus.h> 46 #include <machine/resource.h> 47 #include <sys/rman.h> 48 49 #include <net/bpf.h> 50 #include <net/if.h> 51 #include <net/if_arp.h> 52 #include <net/ethernet.h> 53 #include <net/if_dl.h> 54 #include <net/if_media.h> 55 #include <net/if_types.h> 56 57 #include <netinet/in.h> 58 #include <netinet/in_systm.h> 59 #include <netinet/in_var.h> 60 #include <netinet/if_ether.h> 61 #include <netinet/ip.h> 62 63 #include <net80211/ieee80211_var.h> 64 #include <net80211/ieee80211_regdomain.h> 65 #include <net80211/ieee80211_radiotap.h> 66 #include <net80211/ieee80211_ratectl.h> 67 68 #include <dev/usb/usb.h> 69 #include <dev/usb/usbdi.h> 70 #include "usbdevs.h" 71 72 #define USB_DEBUG_VAR run_debug 73 #include <dev/usb/usb_debug.h> 74 #include <dev/usb/usb_msctest.h> 75 76 #include <dev/usb/wlan/if_runreg.h> 77 #include <dev/usb/wlan/if_runvar.h> 78 79 #ifdef USB_DEBUG 80 #define RUN_DEBUG 81 #endif 82 83 #ifdef RUN_DEBUG 84 int run_debug = 0; 85 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run"); 86 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0, 87 "run debug level"); 88 #endif 89 90 #define IEEE80211_HAS_ADDR4(wh) \ 91 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS) 92 93 /* 94 * Because of LOR in run_key_delete(), use atomic instead. 95 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 96 */ 97 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ) 98 99 static const STRUCT_USB_HOST_ID run_devs[] = { 100 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) } 101 #define RUN_DEV_EJECT(v,p) \ 102 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, RUN_EJECT) } 103 #define RUN_EJECT 1 104 RUN_DEV(ABOCOM, RT2770), 105 RUN_DEV(ABOCOM, RT2870), 106 RUN_DEV(ABOCOM, RT3070), 107 RUN_DEV(ABOCOM, RT3071), 108 RUN_DEV(ABOCOM, RT3072), 109 RUN_DEV(ABOCOM2, RT2870_1), 110 RUN_DEV(ACCTON, RT2770), 111 RUN_DEV(ACCTON, RT2870_1), 112 RUN_DEV(ACCTON, RT2870_2), 113 RUN_DEV(ACCTON, RT2870_3), 114 RUN_DEV(ACCTON, RT2870_4), 115 RUN_DEV(ACCTON, RT2870_5), 116 RUN_DEV(ACCTON, RT3070), 117 RUN_DEV(ACCTON, RT3070_1), 118 RUN_DEV(ACCTON, RT3070_2), 119 RUN_DEV(ACCTON, RT3070_3), 120 RUN_DEV(ACCTON, RT3070_4), 121 RUN_DEV(ACCTON, RT3070_5), 122 RUN_DEV(AIRTIES, RT3070), 123 RUN_DEV(ALLWIN, RT2070), 124 RUN_DEV(ALLWIN, RT2770), 125 RUN_DEV(ALLWIN, RT2870), 126 RUN_DEV(ALLWIN, RT3070), 127 RUN_DEV(ALLWIN, RT3071), 128 RUN_DEV(ALLWIN, RT3072), 129 RUN_DEV(ALLWIN, RT3572), 130 RUN_DEV(AMIGO, RT2870_1), 131 RUN_DEV(AMIGO, RT2870_2), 132 RUN_DEV(AMIT, CGWLUSB2GNR), 133 RUN_DEV(AMIT, RT2870_1), 134 RUN_DEV(AMIT2, RT2870), 135 RUN_DEV(ASUS, RT2870_1), 136 RUN_DEV(ASUS, RT2870_2), 137 RUN_DEV(ASUS, RT2870_3), 138 RUN_DEV(ASUS, RT2870_4), 139 RUN_DEV(ASUS, RT2870_5), 140 RUN_DEV(ASUS, USBN13), 141 RUN_DEV(ASUS, RT3070_1), 142 RUN_DEV(ASUS, USBN66), 143 RUN_DEV(ASUS, USB_N53), 144 RUN_DEV(ASUS2, USBN11), 145 RUN_DEV(AZUREWAVE, RT2870_1), 146 RUN_DEV(AZUREWAVE, RT2870_2), 147 RUN_DEV(AZUREWAVE, RT3070_1), 148 RUN_DEV(AZUREWAVE, RT3070_2), 149 RUN_DEV(AZUREWAVE, RT3070_3), 150 RUN_DEV(BELKIN, F9L1103), 151 RUN_DEV(BELKIN, F5D8053V3), 152 RUN_DEV(BELKIN, F5D8055), 153 RUN_DEV(BELKIN, F5D8055V2), 154 RUN_DEV(BELKIN, F6D4050V1), 155 RUN_DEV(BELKIN, F6D4050V2), 156 RUN_DEV(BELKIN, RT2870_1), 157 RUN_DEV(BELKIN, RT2870_2), 158 RUN_DEV(CISCOLINKSYS, AE1000), 159 RUN_DEV(CISCOLINKSYS2, RT3070), 160 RUN_DEV(CISCOLINKSYS3, RT3070), 161 RUN_DEV(CONCEPTRONIC2, RT2870_1), 162 RUN_DEV(CONCEPTRONIC2, RT2870_2), 163 RUN_DEV(CONCEPTRONIC2, RT2870_3), 164 RUN_DEV(CONCEPTRONIC2, RT2870_4), 165 RUN_DEV(CONCEPTRONIC2, RT2870_5), 166 RUN_DEV(CONCEPTRONIC2, RT2870_6), 167 RUN_DEV(CONCEPTRONIC2, RT2870_7), 168 RUN_DEV(CONCEPTRONIC2, RT2870_8), 169 RUN_DEV(CONCEPTRONIC2, RT3070_1), 170 RUN_DEV(CONCEPTRONIC2, RT3070_2), 171 RUN_DEV(CONCEPTRONIC2, VIGORN61), 172 RUN_DEV(COREGA, CGWLUSB300GNM), 173 RUN_DEV(COREGA, RT2870_1), 174 RUN_DEV(COREGA, RT2870_2), 175 RUN_DEV(COREGA, RT2870_3), 176 RUN_DEV(COREGA, RT3070), 177 RUN_DEV(CYBERTAN, RT2870), 178 RUN_DEV(DLINK, RT2870), 179 RUN_DEV(DLINK, RT3072), 180 RUN_DEV(DLINK, DWA127), 181 RUN_DEV(DLINK, DWA140B3), 182 RUN_DEV(DLINK, DWA160B2), 183 RUN_DEV(DLINK, DWA162), 184 RUN_DEV(DLINK2, DWA130), 185 RUN_DEV(DLINK2, RT2870_1), 186 RUN_DEV(DLINK2, RT2870_2), 187 RUN_DEV(DLINK2, RT3070_1), 188 RUN_DEV(DLINK2, RT3070_2), 189 RUN_DEV(DLINK2, RT3070_3), 190 RUN_DEV(DLINK2, RT3070_4), 191 RUN_DEV(DLINK2, RT3070_5), 192 RUN_DEV(DLINK2, RT3072), 193 RUN_DEV(DLINK2, RT3072_1), 194 RUN_DEV(EDIMAX, EW7717), 195 RUN_DEV(EDIMAX, EW7718), 196 RUN_DEV(EDIMAX, EW7733UND), 197 RUN_DEV(EDIMAX, RT2870_1), 198 RUN_DEV(ENCORE, RT3070_1), 199 RUN_DEV(ENCORE, RT3070_2), 200 RUN_DEV(ENCORE, RT3070_3), 201 RUN_DEV(GIGABYTE, GNWB31N), 202 RUN_DEV(GIGABYTE, GNWB32L), 203 RUN_DEV(GIGABYTE, RT2870_1), 204 RUN_DEV(GIGASET, RT3070_1), 205 RUN_DEV(GIGASET, RT3070_2), 206 RUN_DEV(GUILLEMOT, HWNU300), 207 RUN_DEV(HAWKING, HWUN2), 208 RUN_DEV(HAWKING, RT2870_1), 209 RUN_DEV(HAWKING, RT2870_2), 210 RUN_DEV(HAWKING, RT3070), 211 RUN_DEV(IODATA, RT3072_1), 212 RUN_DEV(IODATA, RT3072_2), 213 RUN_DEV(IODATA, RT3072_3), 214 RUN_DEV(IODATA, RT3072_4), 215 RUN_DEV(LINKSYS4, RT3070), 216 RUN_DEV(LINKSYS4, WUSB100), 217 RUN_DEV(LINKSYS4, WUSB54GCV3), 218 RUN_DEV(LINKSYS4, WUSB600N), 219 RUN_DEV(LINKSYS4, WUSB600NV2), 220 RUN_DEV(LOGITEC, RT2870_1), 221 RUN_DEV(LOGITEC, RT2870_2), 222 RUN_DEV(LOGITEC, RT2870_3), 223 RUN_DEV(LOGITEC, LANW300NU2), 224 RUN_DEV(LOGITEC, LANW150NU2), 225 RUN_DEV(LOGITEC, LANW300NU2S), 226 RUN_DEV(MELCO, WLIUCG300HP), 227 RUN_DEV(MELCO, RT2870_2), 228 RUN_DEV(MELCO, WLIUCAG300N), 229 RUN_DEV(MELCO, WLIUCG300N), 230 RUN_DEV(MELCO, WLIUCG301N), 231 RUN_DEV(MELCO, WLIUCGN), 232 RUN_DEV(MELCO, WLIUCGNM), 233 RUN_DEV(MELCO, WLIUCG300HPV1), 234 RUN_DEV(MELCO, WLIUCGNM2), 235 RUN_DEV(MOTOROLA4, RT2770), 236 RUN_DEV(MOTOROLA4, RT3070), 237 RUN_DEV(MSI, RT3070_1), 238 RUN_DEV(MSI, RT3070_2), 239 RUN_DEV(MSI, RT3070_3), 240 RUN_DEV(MSI, RT3070_4), 241 RUN_DEV(MSI, RT3070_5), 242 RUN_DEV(MSI, RT3070_6), 243 RUN_DEV(MSI, RT3070_7), 244 RUN_DEV(MSI, RT3070_8), 245 RUN_DEV(MSI, RT3070_9), 246 RUN_DEV(MSI, RT3070_10), 247 RUN_DEV(MSI, RT3070_11), 248 RUN_DEV(NETGEAR, WNDA4100), 249 RUN_DEV(OVISLINK, RT3072), 250 RUN_DEV(PARA, RT3070), 251 RUN_DEV(PEGATRON, RT2870), 252 RUN_DEV(PEGATRON, RT3070), 253 RUN_DEV(PEGATRON, RT3070_2), 254 RUN_DEV(PEGATRON, RT3070_3), 255 RUN_DEV(PHILIPS, RT2870), 256 RUN_DEV(PLANEX2, GWUS300MINIS), 257 RUN_DEV(PLANEX2, GWUSMICRON), 258 RUN_DEV(PLANEX2, RT2870), 259 RUN_DEV(PLANEX2, RT3070), 260 RUN_DEV(QCOM, RT2870), 261 RUN_DEV(QUANTA, RT3070), 262 RUN_DEV(RALINK, RT2070), 263 RUN_DEV(RALINK, RT2770), 264 RUN_DEV(RALINK, RT2870), 265 RUN_DEV(RALINK, RT3070), 266 RUN_DEV(RALINK, RT3071), 267 RUN_DEV(RALINK, RT3072), 268 RUN_DEV(RALINK, RT3370), 269 RUN_DEV(RALINK, RT3572), 270 RUN_DEV(RALINK, RT3573), 271 RUN_DEV(RALINK, RT5370), 272 RUN_DEV(RALINK, RT5572), 273 RUN_DEV(RALINK, RT8070), 274 RUN_DEV(SAMSUNG, WIS09ABGN), 275 RUN_DEV(SAMSUNG2, RT2870_1), 276 RUN_DEV(SENAO, RT2870_1), 277 RUN_DEV(SENAO, RT2870_2), 278 RUN_DEV(SENAO, RT2870_3), 279 RUN_DEV(SENAO, RT2870_4), 280 RUN_DEV(SENAO, RT3070), 281 RUN_DEV(SENAO, RT3071), 282 RUN_DEV(SENAO, RT3072_1), 283 RUN_DEV(SENAO, RT3072_2), 284 RUN_DEV(SENAO, RT3072_3), 285 RUN_DEV(SENAO, RT3072_4), 286 RUN_DEV(SENAO, RT3072_5), 287 RUN_DEV(SITECOMEU, RT2770), 288 RUN_DEV(SITECOMEU, RT2870_1), 289 RUN_DEV(SITECOMEU, RT2870_2), 290 RUN_DEV(SITECOMEU, RT2870_3), 291 RUN_DEV(SITECOMEU, RT2870_4), 292 RUN_DEV(SITECOMEU, RT3070), 293 RUN_DEV(SITECOMEU, RT3070_2), 294 RUN_DEV(SITECOMEU, RT3070_3), 295 RUN_DEV(SITECOMEU, RT3070_4), 296 RUN_DEV(SITECOMEU, RT3071), 297 RUN_DEV(SITECOMEU, RT3072_1), 298 RUN_DEV(SITECOMEU, RT3072_2), 299 RUN_DEV(SITECOMEU, RT3072_3), 300 RUN_DEV(SITECOMEU, RT3072_4), 301 RUN_DEV(SITECOMEU, RT3072_5), 302 RUN_DEV(SITECOMEU, RT3072_6), 303 RUN_DEV(SITECOMEU, WL608), 304 RUN_DEV(SPARKLAN, RT2870_1), 305 RUN_DEV(SPARKLAN, RT3070), 306 RUN_DEV(SWEEX2, LW153), 307 RUN_DEV(SWEEX2, LW303), 308 RUN_DEV(SWEEX2, LW313), 309 RUN_DEV(TOSHIBA, RT3070), 310 RUN_DEV(UMEDIA, RT2870_1), 311 RUN_DEV(ZCOM, RT2870_1), 312 RUN_DEV(ZCOM, RT2870_2), 313 RUN_DEV(ZINWELL, RT2870_1), 314 RUN_DEV(ZINWELL, RT2870_2), 315 RUN_DEV(ZINWELL, RT3070), 316 RUN_DEV(ZINWELL, RT3072_1), 317 RUN_DEV(ZINWELL, RT3072_2), 318 RUN_DEV(ZYXEL, RT2870_1), 319 RUN_DEV(ZYXEL, RT2870_2), 320 RUN_DEV(ZYXEL, RT3070), 321 RUN_DEV_EJECT(ZYXEL, NWD2705), 322 RUN_DEV_EJECT(RALINK, RT_STOR), 323 #undef RUN_DEV_EJECT 324 #undef RUN_DEV 325 }; 326 327 static device_probe_t run_match; 328 static device_attach_t run_attach; 329 static device_detach_t run_detach; 330 331 static usb_callback_t run_bulk_rx_callback; 332 static usb_callback_t run_bulk_tx_callback0; 333 static usb_callback_t run_bulk_tx_callback1; 334 static usb_callback_t run_bulk_tx_callback2; 335 static usb_callback_t run_bulk_tx_callback3; 336 static usb_callback_t run_bulk_tx_callback4; 337 static usb_callback_t run_bulk_tx_callback5; 338 339 static void run_autoinst(void *, struct usb_device *, 340 struct usb_attach_arg *); 341 static int run_driver_loaded(struct module *, int, void *); 342 static void run_bulk_tx_callbackN(struct usb_xfer *xfer, 343 usb_error_t error, u_int index); 344 static struct ieee80211vap *run_vap_create(struct ieee80211com *, 345 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 346 const uint8_t [IEEE80211_ADDR_LEN], 347 const uint8_t [IEEE80211_ADDR_LEN]); 348 static void run_vap_delete(struct ieee80211vap *); 349 static void run_cmdq_cb(void *, int); 350 static void run_setup_tx_list(struct run_softc *, 351 struct run_endpoint_queue *); 352 static void run_unsetup_tx_list(struct run_softc *, 353 struct run_endpoint_queue *); 354 static int run_load_microcode(struct run_softc *); 355 static int run_reset(struct run_softc *); 356 static usb_error_t run_do_request(struct run_softc *, 357 struct usb_device_request *, void *); 358 static int run_read(struct run_softc *, uint16_t, uint32_t *); 359 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int); 360 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 361 static int run_write(struct run_softc *, uint16_t, uint32_t); 362 static int run_write_region_1(struct run_softc *, uint16_t, 363 const uint8_t *, int); 364 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 365 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int); 366 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 367 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 368 static int run_rt2870_rf_write(struct run_softc *, uint32_t); 369 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 370 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 371 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 372 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 373 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 374 static const char *run_get_rf(uint16_t); 375 static void run_rt3593_get_txpower(struct run_softc *); 376 static void run_get_txpower(struct run_softc *); 377 static int run_read_eeprom(struct run_softc *); 378 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *, 379 const uint8_t mac[IEEE80211_ADDR_LEN]); 380 static int run_media_change(struct ifnet *); 381 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int); 382 static int run_wme_update(struct ieee80211com *); 383 static void run_wme_update_cb(void *); 384 static void run_key_update_begin(struct ieee80211vap *); 385 static void run_key_update_end(struct ieee80211vap *); 386 static void run_key_set_cb(void *); 387 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *, 388 const uint8_t mac[IEEE80211_ADDR_LEN]); 389 static void run_key_delete_cb(void *); 390 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *); 391 static void run_ratectl_to(void *); 392 static void run_ratectl_cb(void *, int); 393 static void run_drain_fifo(void *); 394 static void run_iter_func(void *, struct ieee80211_node *); 395 static void run_newassoc_cb(void *); 396 static void run_newassoc(struct ieee80211_node *, int); 397 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t); 398 static void run_tx_free(struct run_endpoint_queue *pq, 399 struct run_tx_data *, int); 400 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *); 401 static int run_tx(struct run_softc *, struct mbuf *, 402 struct ieee80211_node *); 403 static int run_tx_mgt(struct run_softc *, struct mbuf *, 404 struct ieee80211_node *); 405 static int run_sendprot(struct run_softc *, const struct mbuf *, 406 struct ieee80211_node *, int, int); 407 static int run_tx_param(struct run_softc *, struct mbuf *, 408 struct ieee80211_node *, 409 const struct ieee80211_bpf_params *); 410 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *, 411 const struct ieee80211_bpf_params *); 412 static void run_start(struct ifnet *); 413 static int run_ioctl(struct ifnet *, u_long, caddr_t); 414 static void run_iq_calib(struct run_softc *, u_int); 415 static void run_set_agc(struct run_softc *, uint8_t); 416 static void run_select_chan_group(struct run_softc *, int); 417 static void run_set_rx_antenna(struct run_softc *, int); 418 static void run_rt2870_set_chan(struct run_softc *, u_int); 419 static void run_rt3070_set_chan(struct run_softc *, u_int); 420 static void run_rt3572_set_chan(struct run_softc *, u_int); 421 static void run_rt3593_set_chan(struct run_softc *, u_int); 422 static void run_rt5390_set_chan(struct run_softc *, u_int); 423 static void run_rt5592_set_chan(struct run_softc *, u_int); 424 static int run_set_chan(struct run_softc *, struct ieee80211_channel *); 425 static void run_set_channel(struct ieee80211com *); 426 static void run_scan_start(struct ieee80211com *); 427 static void run_scan_end(struct ieee80211com *); 428 static void run_update_beacon(struct ieee80211vap *, int); 429 static void run_update_beacon_cb(void *); 430 static void run_updateprot(struct ieee80211com *); 431 static void run_updateprot_cb(void *); 432 static void run_usb_timeout_cb(void *); 433 static void run_reset_livelock(struct run_softc *); 434 static void run_enable_tsf_sync(struct run_softc *); 435 static void run_enable_mrr(struct run_softc *); 436 static void run_set_txpreamble(struct run_softc *); 437 static void run_set_basicrates(struct run_softc *); 438 static void run_set_leds(struct run_softc *, uint16_t); 439 static void run_set_bssid(struct run_softc *, const uint8_t *); 440 static void run_set_macaddr(struct run_softc *, const uint8_t *); 441 static void run_updateslot(struct ifnet *); 442 static void run_updateslot_cb(void *); 443 static void run_update_mcast(struct ifnet *); 444 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 445 static void run_update_promisc_locked(struct ifnet *); 446 static void run_update_promisc(struct ifnet *); 447 static void run_rt5390_bbp_init(struct run_softc *); 448 static int run_bbp_init(struct run_softc *); 449 static int run_rt3070_rf_init(struct run_softc *); 450 static void run_rt3593_rf_init(struct run_softc *); 451 static void run_rt5390_rf_init(struct run_softc *); 452 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 453 uint8_t *); 454 static void run_rt3070_rf_setup(struct run_softc *); 455 static void run_rt3593_rf_setup(struct run_softc *); 456 static void run_rt5390_rf_setup(struct run_softc *); 457 static int run_txrx_enable(struct run_softc *); 458 static void run_adjust_freq_offset(struct run_softc *); 459 static void run_init(void *); 460 static void run_init_locked(struct run_softc *); 461 static void run_stop(void *); 462 static void run_delay(struct run_softc *, u_int); 463 464 static eventhandler_tag run_etag; 465 466 static const struct rt2860_rate { 467 uint8_t rate; 468 uint8_t mcs; 469 enum ieee80211_phytype phy; 470 uint8_t ctl_ridx; 471 uint16_t sp_ack_dur; 472 uint16_t lp_ack_dur; 473 } rt2860_rates[] = { 474 { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, 475 { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, 476 { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, 477 { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, 478 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, 479 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, 480 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, 481 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 }, 482 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, 483 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, 484 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, 485 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } 486 }; 487 488 static const struct { 489 uint16_t reg; 490 uint32_t val; 491 } rt2870_def_mac[] = { 492 RT2870_DEF_MAC 493 }; 494 495 static const struct { 496 uint8_t reg; 497 uint8_t val; 498 } rt2860_def_bbp[] = { 499 RT2860_DEF_BBP 500 },rt5390_def_bbp[] = { 501 RT5390_DEF_BBP 502 },rt5592_def_bbp[] = { 503 RT5592_DEF_BBP 504 }; 505 506 /* 507 * Default values for BBP register R196 for RT5592. 508 */ 509 static const uint8_t rt5592_bbp_r196[] = { 510 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 511 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 512 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 513 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 514 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 515 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 516 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 517 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 518 0x2e, 0x36, 0x30, 0x6e 519 }; 520 521 static const struct rfprog { 522 uint8_t chan; 523 uint32_t r1, r2, r3, r4; 524 } rt2860_rf2850[] = { 525 RT2860_RF2850 526 }; 527 528 struct { 529 uint8_t n, r, k; 530 } rt3070_freqs[] = { 531 RT3070_RF3052 532 }; 533 534 static const struct rt5592_freqs { 535 uint16_t n; 536 uint8_t k, m, r; 537 } rt5592_freqs_20mhz[] = { 538 RT5592_RF5592_20MHZ 539 },rt5592_freqs_40mhz[] = { 540 RT5592_RF5592_40MHZ 541 }; 542 543 static const struct { 544 uint8_t reg; 545 uint8_t val; 546 } rt3070_def_rf[] = { 547 RT3070_DEF_RF 548 },rt3572_def_rf[] = { 549 RT3572_DEF_RF 550 },rt3593_def_rf[] = { 551 RT3593_DEF_RF 552 },rt5390_def_rf[] = { 553 RT5390_DEF_RF 554 },rt5392_def_rf[] = { 555 RT5392_DEF_RF 556 },rt5592_def_rf[] = { 557 RT5592_DEF_RF 558 },rt5592_2ghz_def_rf[] = { 559 RT5592_2GHZ_DEF_RF 560 },rt5592_5ghz_def_rf[] = { 561 RT5592_5GHZ_DEF_RF 562 }; 563 564 static const struct { 565 u_int firstchan; 566 u_int lastchan; 567 uint8_t reg; 568 uint8_t val; 569 } rt5592_chan_5ghz[] = { 570 RT5592_CHAN_5GHZ 571 }; 572 573 static const struct usb_config run_config[RUN_N_XFER] = { 574 [RUN_BULK_TX_BE] = { 575 .type = UE_BULK, 576 .endpoint = UE_ADDR_ANY, 577 .ep_index = 0, 578 .direction = UE_DIR_OUT, 579 .bufsize = RUN_MAX_TXSZ, 580 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 581 .callback = run_bulk_tx_callback0, 582 .timeout = 5000, /* ms */ 583 }, 584 [RUN_BULK_TX_BK] = { 585 .type = UE_BULK, 586 .endpoint = UE_ADDR_ANY, 587 .direction = UE_DIR_OUT, 588 .ep_index = 1, 589 .bufsize = RUN_MAX_TXSZ, 590 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 591 .callback = run_bulk_tx_callback1, 592 .timeout = 5000, /* ms */ 593 }, 594 [RUN_BULK_TX_VI] = { 595 .type = UE_BULK, 596 .endpoint = UE_ADDR_ANY, 597 .direction = UE_DIR_OUT, 598 .ep_index = 2, 599 .bufsize = RUN_MAX_TXSZ, 600 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 601 .callback = run_bulk_tx_callback2, 602 .timeout = 5000, /* ms */ 603 }, 604 [RUN_BULK_TX_VO] = { 605 .type = UE_BULK, 606 .endpoint = UE_ADDR_ANY, 607 .direction = UE_DIR_OUT, 608 .ep_index = 3, 609 .bufsize = RUN_MAX_TXSZ, 610 .flags = {.pipe_bof = 1,.force_short_xfer = 1,}, 611 .callback = run_bulk_tx_callback3, 612 .timeout = 5000, /* ms */ 613 }, 614 [RUN_BULK_TX_HCCA] = { 615 .type = UE_BULK, 616 .endpoint = UE_ADDR_ANY, 617 .direction = UE_DIR_OUT, 618 .ep_index = 4, 619 .bufsize = RUN_MAX_TXSZ, 620 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 621 .callback = run_bulk_tx_callback4, 622 .timeout = 5000, /* ms */ 623 }, 624 [RUN_BULK_TX_PRIO] = { 625 .type = UE_BULK, 626 .endpoint = UE_ADDR_ANY, 627 .direction = UE_DIR_OUT, 628 .ep_index = 5, 629 .bufsize = RUN_MAX_TXSZ, 630 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,}, 631 .callback = run_bulk_tx_callback5, 632 .timeout = 5000, /* ms */ 633 }, 634 [RUN_BULK_RX] = { 635 .type = UE_BULK, 636 .endpoint = UE_ADDR_ANY, 637 .direction = UE_DIR_IN, 638 .bufsize = RUN_MAX_RXSZ, 639 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, 640 .callback = run_bulk_rx_callback, 641 } 642 }; 643 644 static void 645 run_autoinst(void *arg, struct usb_device *udev, 646 struct usb_attach_arg *uaa) 647 { 648 struct usb_interface *iface; 649 struct usb_interface_descriptor *id; 650 651 if (uaa->dev_state != UAA_DEV_READY) 652 return; 653 654 iface = usbd_get_iface(udev, 0); 655 if (iface == NULL) 656 return; 657 id = iface->idesc; 658 if (id == NULL || id->bInterfaceClass != UICLASS_MASS) 659 return; 660 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)) 661 return; 662 663 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0) 664 uaa->dev_state = UAA_DEV_EJECTING; 665 } 666 667 static int 668 run_driver_loaded(struct module *mod, int what, void *arg) 669 { 670 switch (what) { 671 case MOD_LOAD: 672 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured, 673 run_autoinst, NULL, EVENTHANDLER_PRI_ANY); 674 break; 675 case MOD_UNLOAD: 676 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag); 677 break; 678 default: 679 return (EOPNOTSUPP); 680 } 681 return (0); 682 } 683 684 static int 685 run_match(device_t self) 686 { 687 struct usb_attach_arg *uaa = device_get_ivars(self); 688 689 if (uaa->usb_mode != USB_MODE_HOST) 690 return (ENXIO); 691 if (uaa->info.bConfigIndex != 0) 692 return (ENXIO); 693 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX) 694 return (ENXIO); 695 696 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa)); 697 } 698 699 static int 700 run_attach(device_t self) 701 { 702 struct run_softc *sc = device_get_softc(self); 703 struct usb_attach_arg *uaa = device_get_ivars(self); 704 struct ieee80211com *ic; 705 struct ifnet *ifp; 706 uint32_t ver; 707 int ntries, error; 708 uint8_t iface_index, bands; 709 710 device_set_usb_desc(self); 711 sc->sc_udev = uaa->device; 712 sc->sc_dev = self; 713 if (USB_GET_DRIVER_INFO(uaa) != RUN_EJECT) 714 sc->sc_flags |= RUN_FLAG_FWLOAD_NEEDED; 715 716 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev), 717 MTX_NETWORK_LOCK, MTX_DEF); 718 719 iface_index = RT2860_IFACE_INDEX; 720 721 error = usbd_transfer_setup(uaa->device, &iface_index, 722 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx); 723 if (error) { 724 device_printf(self, "could not allocate USB transfers, " 725 "err=%s\n", usbd_errstr(error)); 726 goto detach; 727 } 728 729 RUN_LOCK(sc); 730 731 /* wait for the chip to settle */ 732 for (ntries = 0; ntries < 100; ntries++) { 733 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) { 734 RUN_UNLOCK(sc); 735 goto detach; 736 } 737 if (ver != 0 && ver != 0xffffffff) 738 break; 739 run_delay(sc, 10); 740 } 741 if (ntries == 100) { 742 device_printf(sc->sc_dev, 743 "timeout waiting for NIC to initialize\n"); 744 RUN_UNLOCK(sc); 745 goto detach; 746 } 747 sc->mac_ver = ver >> 16; 748 sc->mac_rev = ver & 0xffff; 749 750 /* retrieve RF rev. no and various other things from EEPROM */ 751 run_read_eeprom(sc); 752 753 device_printf(sc->sc_dev, 754 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 755 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), 756 sc->ntxchains, sc->nrxchains, ether_sprintf(sc->sc_bssid)); 757 758 RUN_UNLOCK(sc); 759 760 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 761 if (ifp == NULL) { 762 device_printf(sc->sc_dev, "can not if_alloc()\n"); 763 goto detach; 764 } 765 ic = ifp->if_l2com; 766 767 ifp->if_softc = sc; 768 if_initname(ifp, "run", device_get_unit(sc->sc_dev)); 769 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 770 ifp->if_init = run_init; 771 ifp->if_ioctl = run_ioctl; 772 ifp->if_start = run_start; 773 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 774 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 775 IFQ_SET_READY(&ifp->if_snd); 776 777 ic->ic_ifp = ifp; 778 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 779 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 780 781 /* set device capabilities */ 782 ic->ic_caps = 783 IEEE80211_C_STA | /* station mode supported */ 784 IEEE80211_C_MONITOR | /* monitor mode supported */ 785 IEEE80211_C_IBSS | 786 IEEE80211_C_HOSTAP | 787 IEEE80211_C_WDS | /* 4-address traffic works */ 788 IEEE80211_C_MBSS | 789 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 790 IEEE80211_C_SHSLOT | /* short slot time supported */ 791 IEEE80211_C_WME | /* WME */ 792 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */ 793 794 ic->ic_cryptocaps = 795 IEEE80211_CRYPTO_WEP | 796 IEEE80211_CRYPTO_AES_CCM | 797 IEEE80211_CRYPTO_TKIPMIC | 798 IEEE80211_CRYPTO_TKIP; 799 800 ic->ic_flags |= IEEE80211_F_DATAPAD; 801 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS; 802 803 bands = 0; 804 setbit(&bands, IEEE80211_MODE_11B); 805 setbit(&bands, IEEE80211_MODE_11G); 806 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 || 807 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || 808 sc->rf_rev == RT5592_RF_5592) 809 setbit(&bands, IEEE80211_MODE_11A); 810 ieee80211_init_channels(ic, NULL, &bands); 811 812 ieee80211_ifattach(ic, sc->sc_bssid); 813 814 ic->ic_scan_start = run_scan_start; 815 ic->ic_scan_end = run_scan_end; 816 ic->ic_set_channel = run_set_channel; 817 ic->ic_node_alloc = run_node_alloc; 818 ic->ic_newassoc = run_newassoc; 819 ic->ic_updateslot = run_updateslot; 820 ic->ic_update_mcast = run_update_mcast; 821 ic->ic_wme.wme_update = run_wme_update; 822 ic->ic_raw_xmit = run_raw_xmit; 823 ic->ic_update_promisc = run_update_promisc; 824 825 ic->ic_vap_create = run_vap_create; 826 ic->ic_vap_delete = run_vap_delete; 827 828 ieee80211_radiotap_attach(ic, 829 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 830 RUN_TX_RADIOTAP_PRESENT, 831 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 832 RUN_RX_RADIOTAP_PRESENT); 833 834 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc); 835 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc); 836 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0); 837 838 if (bootverbose) 839 ieee80211_announce(ic); 840 841 return (0); 842 843 detach: 844 run_detach(self); 845 return (ENXIO); 846 } 847 848 static int 849 run_detach(device_t self) 850 { 851 struct run_softc *sc = device_get_softc(self); 852 struct ifnet *ifp = sc->sc_ifp; 853 struct ieee80211com *ic; 854 int i; 855 856 RUN_LOCK(sc); 857 sc->sc_detached = 1; 858 RUN_UNLOCK(sc); 859 860 /* stop all USB transfers */ 861 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER); 862 863 RUN_LOCK(sc); 864 sc->ratectl_run = RUN_RATECTL_OFF; 865 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT; 866 867 /* free TX list, if any */ 868 for (i = 0; i != RUN_EP_QUEUES; i++) 869 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 870 RUN_UNLOCK(sc); 871 872 if (ifp) { 873 ic = ifp->if_l2com; 874 /* drain tasks */ 875 usb_callout_drain(&sc->ratectl_ch); 876 ieee80211_draintask(ic, &sc->cmdq_task); 877 ieee80211_draintask(ic, &sc->ratectl_task); 878 ieee80211_ifdetach(ic); 879 if_free(ifp); 880 } 881 882 mtx_destroy(&sc->sc_mtx); 883 884 return (0); 885 } 886 887 static struct ieee80211vap * 888 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 889 enum ieee80211_opmode opmode, int flags, 890 const uint8_t bssid[IEEE80211_ADDR_LEN], 891 const uint8_t mac[IEEE80211_ADDR_LEN]) 892 { 893 struct ifnet *ifp = ic->ic_ifp; 894 struct run_softc *sc = ifp->if_softc; 895 struct run_vap *rvp; 896 struct ieee80211vap *vap; 897 int i; 898 899 if (sc->rvp_cnt >= RUN_VAP_MAX) { 900 if_printf(ifp, "number of VAPs maxed out\n"); 901 return (NULL); 902 } 903 904 switch (opmode) { 905 case IEEE80211_M_STA: 906 /* enable s/w bmiss handling for sta mode */ 907 flags |= IEEE80211_CLONE_NOBEACONS; 908 /* fall though */ 909 case IEEE80211_M_IBSS: 910 case IEEE80211_M_MONITOR: 911 case IEEE80211_M_HOSTAP: 912 case IEEE80211_M_MBSS: 913 /* other than WDS vaps, only one at a time */ 914 if (!TAILQ_EMPTY(&ic->ic_vaps)) 915 return (NULL); 916 break; 917 case IEEE80211_M_WDS: 918 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){ 919 if(vap->iv_opmode != IEEE80211_M_HOSTAP) 920 continue; 921 /* WDS vap's always share the local mac address. */ 922 flags &= ~IEEE80211_CLONE_BSSID; 923 break; 924 } 925 if (vap == NULL) { 926 if_printf(ifp, "wds only supported in ap mode\n"); 927 return (NULL); 928 } 929 break; 930 default: 931 if_printf(ifp, "unknown opmode %d\n", opmode); 932 return (NULL); 933 } 934 935 rvp = (struct run_vap *) malloc(sizeof(struct run_vap), 936 M_80211_VAP, M_NOWAIT | M_ZERO); 937 if (rvp == NULL) 938 return (NULL); 939 vap = &rvp->vap; 940 941 if (ieee80211_vap_setup(ic, vap, name, unit, 942 opmode, flags, bssid, mac) != 0) { 943 /* out of memory */ 944 free(rvp, M_80211_VAP); 945 return (NULL); 946 } 947 948 vap->iv_key_update_begin = run_key_update_begin; 949 vap->iv_key_update_end = run_key_update_end; 950 vap->iv_update_beacon = run_update_beacon; 951 vap->iv_max_aid = RT2870_WCID_MAX; 952 /* 953 * To delete the right key from h/w, we need wcid. 954 * Luckily, there is unused space in ieee80211_key{}, wk_pad, 955 * and matching wcid will be written into there. So, cast 956 * some spells to remove 'const' from ieee80211_key{} 957 */ 958 vap->iv_key_delete = (void *)run_key_delete; 959 vap->iv_key_set = (void *)run_key_set; 960 961 /* override state transition machine */ 962 rvp->newstate = vap->iv_newstate; 963 vap->iv_newstate = run_newstate; 964 965 ieee80211_ratectl_init(vap); 966 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */); 967 968 /* complete setup */ 969 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status); 970 971 /* make sure id is always unique */ 972 for (i = 0; i < RUN_VAP_MAX; i++) { 973 if((sc->rvp_bmap & 1 << i) == 0){ 974 sc->rvp_bmap |= 1 << i; 975 rvp->rvp_id = i; 976 break; 977 } 978 } 979 if (sc->rvp_cnt++ == 0) 980 ic->ic_opmode = opmode; 981 982 if (opmode == IEEE80211_M_HOSTAP) 983 sc->cmdq_run = RUN_CMDQ_GO; 984 985 DPRINTF("rvp_id=%d bmap=%x rvp_cnt=%d\n", 986 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt); 987 988 return (vap); 989 } 990 991 static void 992 run_vap_delete(struct ieee80211vap *vap) 993 { 994 struct run_vap *rvp = RUN_VAP(vap); 995 struct ifnet *ifp; 996 struct ieee80211com *ic; 997 struct run_softc *sc; 998 uint8_t rvp_id; 999 1000 if (vap == NULL) 1001 return; 1002 1003 ic = vap->iv_ic; 1004 ifp = ic->ic_ifp; 1005 1006 sc = ifp->if_softc; 1007 1008 RUN_LOCK(sc); 1009 1010 m_freem(rvp->beacon_mbuf); 1011 rvp->beacon_mbuf = NULL; 1012 1013 rvp_id = rvp->rvp_id; 1014 sc->ratectl_run &= ~(1 << rvp_id); 1015 sc->rvp_bmap &= ~(1 << rvp_id); 1016 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128); 1017 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512); 1018 --sc->rvp_cnt; 1019 1020 DPRINTF("vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n", 1021 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt); 1022 1023 RUN_UNLOCK(sc); 1024 1025 ieee80211_ratectl_deinit(vap); 1026 ieee80211_vap_detach(vap); 1027 free(rvp, M_80211_VAP); 1028 } 1029 1030 /* 1031 * There are numbers of functions need to be called in context thread. 1032 * Rather than creating taskqueue event for each of those functions, 1033 * here is all-for-one taskqueue callback function. This function 1034 * gurantees deferred functions are executed in the same order they 1035 * were enqueued. 1036 * '& RUN_CMDQ_MASQ' is to loop cmdq[]. 1037 */ 1038 static void 1039 run_cmdq_cb(void *arg, int pending) 1040 { 1041 struct run_softc *sc = arg; 1042 uint8_t i; 1043 1044 /* call cmdq[].func locked */ 1045 RUN_LOCK(sc); 1046 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending; 1047 i = sc->cmdq_exec, pending--) { 1048 DPRINTFN(6, "cmdq_exec=%d pending=%d\n", i, pending); 1049 if (sc->cmdq_run == RUN_CMDQ_GO) { 1050 /* 1051 * If arg0 is NULL, callback func needs more 1052 * than one arg. So, pass ptr to cmdq struct. 1053 */ 1054 if (sc->cmdq[i].arg0) 1055 sc->cmdq[i].func(sc->cmdq[i].arg0); 1056 else 1057 sc->cmdq[i].func(&sc->cmdq[i]); 1058 } 1059 sc->cmdq[i].arg0 = NULL; 1060 sc->cmdq[i].func = NULL; 1061 sc->cmdq_exec++; 1062 sc->cmdq_exec &= RUN_CMDQ_MASQ; 1063 } 1064 RUN_UNLOCK(sc); 1065 } 1066 1067 static void 1068 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1069 { 1070 struct run_tx_data *data; 1071 1072 memset(pq, 0, sizeof(*pq)); 1073 1074 STAILQ_INIT(&pq->tx_qh); 1075 STAILQ_INIT(&pq->tx_fh); 1076 1077 for (data = &pq->tx_data[0]; 1078 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1079 data->sc = sc; 1080 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 1081 } 1082 pq->tx_nfree = RUN_TX_RING_COUNT; 1083 } 1084 1085 static void 1086 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq) 1087 { 1088 struct run_tx_data *data; 1089 1090 /* make sure any subsequent use of the queues will fail */ 1091 pq->tx_nfree = 0; 1092 STAILQ_INIT(&pq->tx_fh); 1093 STAILQ_INIT(&pq->tx_qh); 1094 1095 /* free up all node references and mbufs */ 1096 for (data = &pq->tx_data[0]; 1097 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) { 1098 if (data->m != NULL) { 1099 m_freem(data->m); 1100 data->m = NULL; 1101 } 1102 if (data->ni != NULL) { 1103 ieee80211_free_node(data->ni); 1104 data->ni = NULL; 1105 } 1106 } 1107 } 1108 1109 static int 1110 run_load_microcode(struct run_softc *sc) 1111 { 1112 usb_device_request_t req; 1113 const struct firmware *fw; 1114 const u_char *base; 1115 uint32_t tmp; 1116 int ntries, error; 1117 const uint64_t *temp; 1118 uint64_t bytes; 1119 1120 RUN_UNLOCK(sc); 1121 fw = firmware_get("runfw"); 1122 RUN_LOCK(sc); 1123 if (fw == NULL) { 1124 device_printf(sc->sc_dev, 1125 "failed loadfirmware of file %s\n", "runfw"); 1126 return ENOENT; 1127 } 1128 1129 if (fw->datasize != 8192) { 1130 device_printf(sc->sc_dev, 1131 "invalid firmware size (should be 8KB)\n"); 1132 error = EINVAL; 1133 goto fail; 1134 } 1135 1136 /* 1137 * RT3071/RT3072 use a different firmware 1138 * run-rt2870 (8KB) contains both, 1139 * first half (4KB) is for rt2870, 1140 * last half is for rt3071. 1141 */ 1142 base = fw->data; 1143 if ((sc->mac_ver) != 0x2860 && 1144 (sc->mac_ver) != 0x2872 && 1145 (sc->mac_ver) != 0x3070) { 1146 base += 4096; 1147 } 1148 1149 /* cheap sanity check */ 1150 temp = fw->data; 1151 bytes = *temp; 1152 if (bytes != be64toh(0xffffff0210280210ULL)) { 1153 device_printf(sc->sc_dev, "firmware checksum failed\n"); 1154 error = EINVAL; 1155 goto fail; 1156 } 1157 1158 /* write microcode image */ 1159 if (sc->sc_flags & RUN_FLAG_FWLOAD_NEEDED) { 1160 run_write_region_1(sc, RT2870_FW_BASE, base, 4096); 1161 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 1162 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 1163 } 1164 1165 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1166 req.bRequest = RT2870_RESET; 1167 USETW(req.wValue, 8); 1168 USETW(req.wIndex, 0); 1169 USETW(req.wLength, 0); 1170 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) 1171 != 0) { 1172 device_printf(sc->sc_dev, "firmware reset failed\n"); 1173 goto fail; 1174 } 1175 1176 run_delay(sc, 10); 1177 1178 run_write(sc, RT2860_H2M_BBPAGENT, 0); 1179 run_write(sc, RT2860_H2M_MAILBOX, 0); 1180 run_write(sc, RT2860_H2M_INTSRC, 0); 1181 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 1182 goto fail; 1183 1184 /* wait until microcontroller is ready */ 1185 for (ntries = 0; ntries < 1000; ntries++) { 1186 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 1187 goto fail; 1188 if (tmp & RT2860_MCU_READY) 1189 break; 1190 run_delay(sc, 10); 1191 } 1192 if (ntries == 1000) { 1193 device_printf(sc->sc_dev, 1194 "timeout waiting for MCU to initialize\n"); 1195 error = ETIMEDOUT; 1196 goto fail; 1197 } 1198 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n", 1199 (base == fw->data) ? "RT2870" : "RT3071", 1200 *(base + 4092), *(base + 4093)); 1201 1202 fail: 1203 firmware_put(fw, FIRMWARE_UNLOAD); 1204 return (error); 1205 } 1206 1207 static int 1208 run_reset(struct run_softc *sc) 1209 { 1210 usb_device_request_t req; 1211 1212 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1213 req.bRequest = RT2870_RESET; 1214 USETW(req.wValue, 1); 1215 USETW(req.wIndex, 0); 1216 USETW(req.wLength, 0); 1217 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)); 1218 } 1219 1220 static usb_error_t 1221 run_do_request(struct run_softc *sc, 1222 struct usb_device_request *req, void *data) 1223 { 1224 usb_error_t err; 1225 int ntries = 10; 1226 1227 RUN_LOCK_ASSERT(sc, MA_OWNED); 1228 1229 while (ntries--) { 1230 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx, 1231 req, data, 0, NULL, 250 /* ms */); 1232 if (err == 0) 1233 break; 1234 DPRINTFN(1, "Control request failed, %s (retrying)\n", 1235 usbd_errstr(err)); 1236 run_delay(sc, 10); 1237 } 1238 return (err); 1239 } 1240 1241 static int 1242 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 1243 { 1244 uint32_t tmp; 1245 int error; 1246 1247 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 1248 if (error == 0) 1249 *val = le32toh(tmp); 1250 else 1251 *val = 0xffffffff; 1252 return (error); 1253 } 1254 1255 static int 1256 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 1257 { 1258 usb_device_request_t req; 1259 1260 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1261 req.bRequest = RT2870_READ_REGION_1; 1262 USETW(req.wValue, 0); 1263 USETW(req.wIndex, reg); 1264 USETW(req.wLength, len); 1265 1266 return (run_do_request(sc, &req, buf)); 1267 } 1268 1269 static int 1270 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 1271 { 1272 usb_device_request_t req; 1273 1274 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1275 req.bRequest = RT2870_WRITE_2; 1276 USETW(req.wValue, val); 1277 USETW(req.wIndex, reg); 1278 USETW(req.wLength, 0); 1279 1280 return (run_do_request(sc, &req, NULL)); 1281 } 1282 1283 static int 1284 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 1285 { 1286 int error; 1287 1288 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 1289 error = run_write_2(sc, reg + 2, val >> 16); 1290 return (error); 1291 } 1292 1293 static int 1294 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 1295 int len) 1296 { 1297 #if 1 1298 int i, error = 0; 1299 /* 1300 * NB: the WRITE_REGION_1 command is not stable on RT2860. 1301 * We thus issue multiple WRITE_2 commands instead. 1302 */ 1303 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n")); 1304 for (i = 0; i < len && error == 0; i += 2) 1305 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 1306 return (error); 1307 #else 1308 usb_device_request_t req; 1309 int error = 0; 1310 1311 /* 1312 * NOTE: It appears the WRITE_REGION_1 command cannot be 1313 * passed a huge amount of data, which will crash the 1314 * firmware. Limit amount of data passed to 64-bytes at a 1315 * time. 1316 */ 1317 while (len > 0) { 1318 int delta = 64; 1319 if (delta > len) 1320 delta = len; 1321 1322 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 1323 req.bRequest = RT2870_WRITE_REGION_1; 1324 USETW(req.wValue, 0); 1325 USETW(req.wIndex, reg); 1326 USETW(req.wLength, delta); 1327 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf)); 1328 if (error != 0) 1329 break; 1330 reg += delta; 1331 buf += delta; 1332 len -= delta; 1333 } 1334 return (error); 1335 #endif 1336 } 1337 1338 static int 1339 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len) 1340 { 1341 int i, error = 0; 1342 1343 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n")); 1344 for (i = 0; i < len && error == 0; i += 4) 1345 error = run_write(sc, reg + i, val); 1346 return (error); 1347 } 1348 1349 static int 1350 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count) 1351 { 1352 uint32_t tmp; 1353 uint16_t reg; 1354 int error, ntries; 1355 1356 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1357 return (error); 1358 1359 if (count == 2) 1360 addr *= 2; 1361 /*- 1362 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1363 * DATA0: F E D C 1364 * DATA1: B A 9 8 1365 * DATA2: 7 6 5 4 1366 * DATA3: 3 2 1 0 1367 */ 1368 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1369 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1370 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1371 for (ntries = 0; ntries < 100; ntries++) { 1372 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1373 return (error); 1374 if (!(tmp & RT3070_EFSROM_KICK)) 1375 break; 1376 run_delay(sc, 2); 1377 } 1378 if (ntries == 100) 1379 return (ETIMEDOUT); 1380 1381 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1382 *val = 0xffff; /* address not found */ 1383 return (0); 1384 } 1385 /* determine to which 32-bit register our 16-bit word belongs */ 1386 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1387 if ((error = run_read(sc, reg, &tmp)) != 0) 1388 return (error); 1389 1390 tmp >>= (8 * (addr & 0x3)); 1391 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1392 1393 return (0); 1394 } 1395 1396 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1397 static int 1398 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1399 { 1400 return (run_efuse_read(sc, addr, val, 2)); 1401 } 1402 1403 static int 1404 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1405 { 1406 usb_device_request_t req; 1407 uint16_t tmp; 1408 int error; 1409 1410 addr *= 2; 1411 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1412 req.bRequest = RT2870_EEPROM_READ; 1413 USETW(req.wValue, 0); 1414 USETW(req.wIndex, addr); 1415 USETW(req.wLength, sizeof(tmp)); 1416 1417 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp); 1418 if (error == 0) 1419 *val = le16toh(tmp); 1420 else 1421 *val = 0xffff; 1422 return (error); 1423 } 1424 1425 static __inline int 1426 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1427 { 1428 /* either eFUSE ROM or EEPROM */ 1429 return sc->sc_srom_read(sc, addr, val); 1430 } 1431 1432 static int 1433 run_rt2870_rf_write(struct run_softc *sc, uint32_t val) 1434 { 1435 uint32_t tmp; 1436 int error, ntries; 1437 1438 for (ntries = 0; ntries < 10; ntries++) { 1439 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1440 return (error); 1441 if (!(tmp & RT2860_RF_REG_CTRL)) 1442 break; 1443 } 1444 if (ntries == 10) 1445 return (ETIMEDOUT); 1446 1447 return (run_write(sc, RT2860_RF_CSR_CFG0, val)); 1448 } 1449 1450 static int 1451 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1452 { 1453 uint32_t tmp; 1454 int error, ntries; 1455 1456 for (ntries = 0; ntries < 100; ntries++) { 1457 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1458 return (error); 1459 if (!(tmp & RT3070_RF_KICK)) 1460 break; 1461 } 1462 if (ntries == 100) 1463 return (ETIMEDOUT); 1464 1465 tmp = RT3070_RF_KICK | reg << 8; 1466 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1467 return (error); 1468 1469 for (ntries = 0; ntries < 100; ntries++) { 1470 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1471 return (error); 1472 if (!(tmp & RT3070_RF_KICK)) 1473 break; 1474 } 1475 if (ntries == 100) 1476 return (ETIMEDOUT); 1477 1478 *val = tmp & 0xff; 1479 return (0); 1480 } 1481 1482 static int 1483 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1484 { 1485 uint32_t tmp; 1486 int error, ntries; 1487 1488 for (ntries = 0; ntries < 10; ntries++) { 1489 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1490 return (error); 1491 if (!(tmp & RT3070_RF_KICK)) 1492 break; 1493 } 1494 if (ntries == 10) 1495 return (ETIMEDOUT); 1496 1497 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1498 return (run_write(sc, RT3070_RF_CSR_CFG, tmp)); 1499 } 1500 1501 static int 1502 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1503 { 1504 uint32_t tmp; 1505 int ntries, error; 1506 1507 for (ntries = 0; ntries < 10; ntries++) { 1508 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1509 return (error); 1510 if (!(tmp & RT2860_BBP_CSR_KICK)) 1511 break; 1512 } 1513 if (ntries == 10) 1514 return (ETIMEDOUT); 1515 1516 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1517 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1518 return (error); 1519 1520 for (ntries = 0; ntries < 10; ntries++) { 1521 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1522 return (error); 1523 if (!(tmp & RT2860_BBP_CSR_KICK)) 1524 break; 1525 } 1526 if (ntries == 10) 1527 return (ETIMEDOUT); 1528 1529 *val = tmp & 0xff; 1530 return (0); 1531 } 1532 1533 static int 1534 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1535 { 1536 uint32_t tmp; 1537 int ntries, error; 1538 1539 for (ntries = 0; ntries < 10; ntries++) { 1540 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1541 return (error); 1542 if (!(tmp & RT2860_BBP_CSR_KICK)) 1543 break; 1544 } 1545 if (ntries == 10) 1546 return (ETIMEDOUT); 1547 1548 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1549 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp)); 1550 } 1551 1552 /* 1553 * Send a command to the 8051 microcontroller unit. 1554 */ 1555 static int 1556 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1557 { 1558 uint32_t tmp; 1559 int error, ntries; 1560 1561 for (ntries = 0; ntries < 100; ntries++) { 1562 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1563 return error; 1564 if (!(tmp & RT2860_H2M_BUSY)) 1565 break; 1566 } 1567 if (ntries == 100) 1568 return ETIMEDOUT; 1569 1570 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1571 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1572 error = run_write(sc, RT2860_HOST_CMD, cmd); 1573 return (error); 1574 } 1575 1576 /* 1577 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1578 * Used to adjust per-rate Tx power registers. 1579 */ 1580 static __inline uint32_t 1581 b4inc(uint32_t b32, int8_t delta) 1582 { 1583 int8_t i, b4; 1584 1585 for (i = 0; i < 8; i++) { 1586 b4 = b32 & 0xf; 1587 b4 += delta; 1588 if (b4 < 0) 1589 b4 = 0; 1590 else if (b4 > 0xf) 1591 b4 = 0xf; 1592 b32 = b32 >> 4 | b4 << 28; 1593 } 1594 return (b32); 1595 } 1596 1597 static const char * 1598 run_get_rf(uint16_t rev) 1599 { 1600 switch (rev) { 1601 case RT2860_RF_2820: return "RT2820"; 1602 case RT2860_RF_2850: return "RT2850"; 1603 case RT2860_RF_2720: return "RT2720"; 1604 case RT2860_RF_2750: return "RT2750"; 1605 case RT3070_RF_3020: return "RT3020"; 1606 case RT3070_RF_2020: return "RT2020"; 1607 case RT3070_RF_3021: return "RT3021"; 1608 case RT3070_RF_3022: return "RT3022"; 1609 case RT3070_RF_3052: return "RT3052"; 1610 case RT3593_RF_3053: return "RT3053"; 1611 case RT5592_RF_5592: return "RT5592"; 1612 case RT5390_RF_5370: return "RT5370"; 1613 case RT5390_RF_5372: return "RT5372"; 1614 } 1615 return ("unknown"); 1616 } 1617 1618 static void 1619 run_rt3593_get_txpower(struct run_softc *sc) 1620 { 1621 uint16_t addr, val; 1622 int i; 1623 1624 /* Read power settings for 2GHz channels. */ 1625 for (i = 0; i < 14; i += 2) { 1626 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1627 RT2860_EEPROM_PWR2GHZ_BASE1; 1628 run_srom_read(sc, addr + i / 2, &val); 1629 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1630 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1631 1632 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1633 RT2860_EEPROM_PWR2GHZ_BASE2; 1634 run_srom_read(sc, addr + i / 2, &val); 1635 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1636 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1637 1638 if (sc->ntxchains == 3) { 1639 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1640 &val); 1641 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1642 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1643 } 1644 } 1645 /* Fix broken Tx power entries. */ 1646 for (i = 0; i < 14; i++) { 1647 if (sc->txpow1[i] > 31) 1648 sc->txpow1[i] = 5; 1649 if (sc->txpow2[i] > 31) 1650 sc->txpow2[i] = 5; 1651 if (sc->ntxchains == 3) { 1652 if (sc->txpow3[i] > 31) 1653 sc->txpow3[i] = 5; 1654 } 1655 } 1656 /* Read power settings for 5GHz channels. */ 1657 for (i = 0; i < 40; i += 2) { 1658 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1659 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1660 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1661 1662 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1663 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1664 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1665 1666 if (sc->ntxchains == 3) { 1667 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1668 &val); 1669 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1670 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1671 } 1672 } 1673 } 1674 1675 static void 1676 run_get_txpower(struct run_softc *sc) 1677 { 1678 uint16_t val; 1679 int i; 1680 1681 /* Read power settings for 2GHz channels. */ 1682 for (i = 0; i < 14; i += 2) { 1683 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1684 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1685 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1686 1687 if (sc->mac_ver != 0x5390) { 1688 run_srom_read(sc, 1689 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1690 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1691 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1692 } 1693 } 1694 /* Fix broken Tx power entries. */ 1695 for (i = 0; i < 14; i++) { 1696 if (sc->mac_ver >= 0x5390) { 1697 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1698 sc->txpow1[i] = 5; 1699 } else { 1700 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1701 sc->txpow1[i] = 5; 1702 } 1703 if (sc->mac_ver > 0x5390) { 1704 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1705 sc->txpow2[i] = 5; 1706 } else if (sc->mac_ver < 0x5390) { 1707 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1708 sc->txpow2[i] = 5; 1709 } 1710 DPRINTF("chan %d: power1=%d, power2=%d\n", 1711 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]); 1712 } 1713 /* Read power settings for 5GHz channels. */ 1714 for (i = 0; i < 40; i += 2) { 1715 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1716 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1717 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1718 1719 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1720 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1721 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1722 } 1723 /* Fix broken Tx power entries. */ 1724 for (i = 0; i < 40; i++ ) { 1725 if (sc->mac_ver != 0x5592) { 1726 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1727 sc->txpow1[14 + i] = 5; 1728 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1729 sc->txpow2[14 + i] = 5; 1730 } 1731 DPRINTF("chan %d: power1=%d, power2=%d\n", 1732 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1733 sc->txpow2[14 + i]); 1734 } 1735 } 1736 1737 static int 1738 run_read_eeprom(struct run_softc *sc) 1739 { 1740 int8_t delta_2ghz, delta_5ghz; 1741 uint32_t tmp; 1742 uint16_t val; 1743 int ridx, ant, i; 1744 1745 /* check whether the ROM is eFUSE ROM or EEPROM */ 1746 sc->sc_srom_read = run_eeprom_read_2; 1747 if (sc->mac_ver >= 0x3070) { 1748 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1749 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp); 1750 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593) 1751 sc->sc_srom_read = run_efuse_read_2; 1752 } 1753 1754 /* read ROM version */ 1755 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1756 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8); 1757 1758 /* read MAC address */ 1759 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1760 sc->sc_bssid[0] = val & 0xff; 1761 sc->sc_bssid[1] = val >> 8; 1762 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1763 sc->sc_bssid[2] = val & 0xff; 1764 sc->sc_bssid[3] = val >> 8; 1765 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1766 sc->sc_bssid[4] = val & 0xff; 1767 sc->sc_bssid[5] = val >> 8; 1768 1769 if (sc->mac_ver < 0x3593) { 1770 /* read vender BBP settings */ 1771 for (i = 0; i < 10; i++) { 1772 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1773 sc->bbp[i].val = val & 0xff; 1774 sc->bbp[i].reg = val >> 8; 1775 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, 1776 sc->bbp[i].val); 1777 } 1778 if (sc->mac_ver >= 0x3071) { 1779 /* read vendor RF settings */ 1780 for (i = 0; i < 10; i++) { 1781 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1782 &val); 1783 sc->rf[i].val = val & 0xff; 1784 sc->rf[i].reg = val >> 8; 1785 DPRINTF("RF%d=0x%02x\n", sc->rf[i].reg, 1786 sc->rf[i].val); 1787 } 1788 } 1789 } 1790 1791 /* read RF frequency offset from EEPROM */ 1792 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1793 RT3593_EEPROM_FREQ, &val); 1794 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1795 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff); 1796 1797 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1798 RT3593_EEPROM_FREQ_LEDS, &val); 1799 if (val >> 8 != 0xff) { 1800 /* read LEDs operating mode */ 1801 sc->leds = val >> 8; 1802 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1803 RT3593_EEPROM_LED1, &sc->led[0]); 1804 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1805 RT3593_EEPROM_LED2, &sc->led[1]); 1806 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1807 RT3593_EEPROM_LED3, &sc->led[2]); 1808 } else { 1809 /* broken EEPROM, use default settings */ 1810 sc->leds = 0x01; 1811 sc->led[0] = 0x5555; 1812 sc->led[1] = 0x2221; 1813 sc->led[2] = 0x5627; /* differs from RT2860 */ 1814 } 1815 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1816 sc->leds, sc->led[0], sc->led[1], sc->led[2]); 1817 1818 /* read RF information */ 1819 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) 1820 run_srom_read(sc, 0x00, &val); 1821 else 1822 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1823 1824 if (val == 0xffff) { 1825 device_printf(sc->sc_dev, 1826 "invalid EEPROM antenna info, using default\n"); 1827 DPRINTF("invalid EEPROM antenna info, using default\n"); 1828 if (sc->mac_ver == 0x3572) { 1829 /* default to RF3052 2T2R */ 1830 sc->rf_rev = RT3070_RF_3052; 1831 sc->ntxchains = 2; 1832 sc->nrxchains = 2; 1833 } else if (sc->mac_ver >= 0x3070) { 1834 /* default to RF3020 1T1R */ 1835 sc->rf_rev = RT3070_RF_3020; 1836 sc->ntxchains = 1; 1837 sc->nrxchains = 1; 1838 } else { 1839 /* default to RF2820 1T2R */ 1840 sc->rf_rev = RT2860_RF_2820; 1841 sc->ntxchains = 1; 1842 sc->nrxchains = 2; 1843 } 1844 } else { 1845 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) { 1846 sc->rf_rev = val; 1847 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1848 } else 1849 sc->rf_rev = (val >> 8) & 0xf; 1850 sc->ntxchains = (val >> 4) & 0xf; 1851 sc->nrxchains = val & 0xf; 1852 } 1853 DPRINTF("EEPROM RF rev=0x%04x chains=%dT%dR\n", 1854 sc->rf_rev, sc->ntxchains, sc->nrxchains); 1855 1856 /* check if RF supports automatic Tx access gain control */ 1857 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1858 DPRINTF("EEPROM CFG 0x%04x\n", val); 1859 /* check if driver should patch the DAC issue */ 1860 if ((val >> 8) != 0xff) 1861 sc->patch_dac = (val >> 15) & 1; 1862 if ((val & 0xff) != 0xff) { 1863 sc->ext_5ghz_lna = (val >> 3) & 1; 1864 sc->ext_2ghz_lna = (val >> 2) & 1; 1865 /* check if RF supports automatic Tx access gain control */ 1866 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1867 /* check if we have a hardware radio switch */ 1868 sc->rfswitch = val & 1; 1869 } 1870 1871 /* Read Tx power settings. */ 1872 if (sc->mac_ver == 0x3593) 1873 run_rt3593_get_txpower(sc); 1874 else 1875 run_get_txpower(sc); 1876 1877 /* read Tx power compensation for each Tx rate */ 1878 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1879 delta_2ghz = delta_5ghz = 0; 1880 if ((val & 0xff) != 0xff && (val & 0x80)) { 1881 delta_2ghz = val & 0xf; 1882 if (!(val & 0x40)) /* negative number */ 1883 delta_2ghz = -delta_2ghz; 1884 } 1885 val >>= 8; 1886 if ((val & 0xff) != 0xff && (val & 0x80)) { 1887 delta_5ghz = val & 0xf; 1888 if (!(val & 0x40)) /* negative number */ 1889 delta_5ghz = -delta_5ghz; 1890 } 1891 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n", 1892 delta_2ghz, delta_5ghz); 1893 1894 for (ridx = 0; ridx < 5; ridx++) { 1895 uint32_t reg; 1896 1897 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1898 reg = val; 1899 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1900 reg |= (uint32_t)val << 16; 1901 1902 sc->txpow20mhz[ridx] = reg; 1903 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1904 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1905 1906 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1907 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1908 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]); 1909 } 1910 1911 /* Read RSSI offsets and LNA gains from EEPROM. */ 1912 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1913 RT3593_EEPROM_RSSI1_2GHZ, &val); 1914 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1915 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1916 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1917 RT3593_EEPROM_RSSI2_2GHZ, &val); 1918 if (sc->mac_ver >= 0x3070) { 1919 if (sc->mac_ver == 0x3593) { 1920 sc->txmixgain_2ghz = 0; 1921 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1922 } else { 1923 /* 1924 * On RT3070 chips (limited to 2 Rx chains), this ROM 1925 * field contains the Tx mixer gain for the 2GHz band. 1926 */ 1927 if ((val & 0xff) != 0xff) 1928 sc->txmixgain_2ghz = val & 0x7; 1929 } 1930 DPRINTF("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz); 1931 } else 1932 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1933 if (sc->mac_ver == 0x3593) 1934 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1935 sc->lna[2] = val >> 8; /* channel group 2 */ 1936 1937 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1938 RT3593_EEPROM_RSSI1_5GHZ, &val); 1939 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1940 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1941 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1942 RT3593_EEPROM_RSSI2_5GHZ, &val); 1943 if (sc->mac_ver == 0x3572) { 1944 /* 1945 * On RT3572 chips (limited to 2 Rx chains), this ROM 1946 * field contains the Tx mixer gain for the 5GHz band. 1947 */ 1948 if ((val & 0xff) != 0xff) 1949 sc->txmixgain_5ghz = val & 0x7; 1950 DPRINTF("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz); 1951 } else 1952 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1953 if (sc->mac_ver == 0x3593) { 1954 sc->txmixgain_5ghz = 0; 1955 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1956 } 1957 sc->lna[3] = val >> 8; /* channel group 3 */ 1958 1959 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1960 RT3593_EEPROM_LNA, &val); 1961 sc->lna[0] = val & 0xff; /* channel group 0 */ 1962 sc->lna[1] = val >> 8; /* channel group 1 */ 1963 1964 /* fix broken 5GHz LNA entries */ 1965 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1966 DPRINTF("invalid LNA for channel group %d\n", 2); 1967 sc->lna[2] = sc->lna[1]; 1968 } 1969 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1970 DPRINTF("invalid LNA for channel group %d\n", 3); 1971 sc->lna[3] = sc->lna[1]; 1972 } 1973 1974 /* fix broken RSSI offset entries */ 1975 for (ant = 0; ant < 3; ant++) { 1976 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1977 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n", 1978 ant + 1, sc->rssi_2ghz[ant]); 1979 sc->rssi_2ghz[ant] = 0; 1980 } 1981 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1982 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n", 1983 ant + 1, sc->rssi_5ghz[ant]); 1984 sc->rssi_5ghz[ant] = 0; 1985 } 1986 } 1987 return (0); 1988 } 1989 1990 static struct ieee80211_node * 1991 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1992 { 1993 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1994 } 1995 1996 static int 1997 run_media_change(struct ifnet *ifp) 1998 { 1999 struct ieee80211vap *vap = ifp->if_softc; 2000 struct ieee80211com *ic = vap->iv_ic; 2001 const struct ieee80211_txparam *tp; 2002 struct run_softc *sc = ic->ic_ifp->if_softc; 2003 uint8_t rate, ridx; 2004 int error; 2005 2006 RUN_LOCK(sc); 2007 2008 error = ieee80211_media_change(ifp); 2009 if (error != ENETRESET) { 2010 RUN_UNLOCK(sc); 2011 return (error); 2012 } 2013 2014 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2015 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) { 2016 struct ieee80211_node *ni; 2017 struct run_node *rn; 2018 2019 rate = ic->ic_sup_rates[ic->ic_curmode]. 2020 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL; 2021 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2022 if (rt2860_rates[ridx].rate == rate) 2023 break; 2024 ni = ieee80211_ref_node(vap->iv_bss); 2025 rn = (struct run_node *)ni; 2026 rn->fix_ridx = ridx; 2027 DPRINTF("rate=%d, fix_ridx=%d\n", rate, rn->fix_ridx); 2028 ieee80211_free_node(ni); 2029 } 2030 2031 #if 0 2032 if ((ifp->if_flags & IFF_UP) && 2033 (ifp->if_drv_flags & IFF_DRV_RUNNING)){ 2034 run_init_locked(sc); 2035 } 2036 #endif 2037 2038 RUN_UNLOCK(sc); 2039 2040 return (0); 2041 } 2042 2043 static int 2044 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 2045 { 2046 const struct ieee80211_txparam *tp; 2047 struct ieee80211com *ic = vap->iv_ic; 2048 struct run_softc *sc = ic->ic_ifp->if_softc; 2049 struct run_vap *rvp = RUN_VAP(vap); 2050 enum ieee80211_state ostate; 2051 uint32_t sta[3]; 2052 uint32_t tmp; 2053 uint8_t ratectl; 2054 uint8_t restart_ratectl = 0; 2055 uint8_t bid = 1 << rvp->rvp_id; 2056 2057 ostate = vap->iv_state; 2058 DPRINTF("%s -> %s\n", 2059 ieee80211_state_name[ostate], 2060 ieee80211_state_name[nstate]); 2061 2062 IEEE80211_UNLOCK(ic); 2063 RUN_LOCK(sc); 2064 2065 ratectl = sc->ratectl_run; /* remember current state */ 2066 sc->ratectl_run = RUN_RATECTL_OFF; 2067 usb_callout_stop(&sc->ratectl_ch); 2068 2069 if (ostate == IEEE80211_S_RUN) { 2070 /* turn link LED off */ 2071 run_set_leds(sc, RT2860_LED_RADIO); 2072 } 2073 2074 switch (nstate) { 2075 case IEEE80211_S_INIT: 2076 restart_ratectl = 1; 2077 2078 if (ostate != IEEE80211_S_RUN) 2079 break; 2080 2081 ratectl &= ~bid; 2082 sc->runbmap &= ~bid; 2083 2084 /* abort TSF synchronization if there is no vap running */ 2085 if (--sc->running == 0) { 2086 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2087 run_write(sc, RT2860_BCN_TIME_CFG, 2088 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 2089 RT2860_TBTT_TIMER_EN)); 2090 } 2091 break; 2092 2093 case IEEE80211_S_RUN: 2094 if (!(sc->runbmap & bid)) { 2095 if(sc->running++) 2096 restart_ratectl = 1; 2097 sc->runbmap |= bid; 2098 } 2099 2100 m_freem(rvp->beacon_mbuf); 2101 rvp->beacon_mbuf = NULL; 2102 2103 switch (vap->iv_opmode) { 2104 case IEEE80211_M_HOSTAP: 2105 case IEEE80211_M_MBSS: 2106 sc->ap_running |= bid; 2107 ic->ic_opmode = vap->iv_opmode; 2108 run_update_beacon_cb(vap); 2109 break; 2110 case IEEE80211_M_IBSS: 2111 sc->adhoc_running |= bid; 2112 if (!sc->ap_running) 2113 ic->ic_opmode = vap->iv_opmode; 2114 run_update_beacon_cb(vap); 2115 break; 2116 case IEEE80211_M_STA: 2117 sc->sta_running |= bid; 2118 if (!sc->ap_running && !sc->adhoc_running) 2119 ic->ic_opmode = vap->iv_opmode; 2120 2121 /* read statistic counters (clear on read) */ 2122 run_read_region_1(sc, RT2860_TX_STA_CNT0, 2123 (uint8_t *)sta, sizeof sta); 2124 2125 break; 2126 default: 2127 ic->ic_opmode = vap->iv_opmode; 2128 break; 2129 } 2130 2131 if (vap->iv_opmode != IEEE80211_M_MONITOR) { 2132 struct ieee80211_node *ni; 2133 2134 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) { 2135 RUN_UNLOCK(sc); 2136 IEEE80211_LOCK(ic); 2137 return (-1); 2138 } 2139 run_updateslot(ic->ic_ifp); 2140 run_enable_mrr(sc); 2141 run_set_txpreamble(sc); 2142 run_set_basicrates(sc); 2143 ni = ieee80211_ref_node(vap->iv_bss); 2144 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid); 2145 run_set_bssid(sc, ni->ni_bssid); 2146 ieee80211_free_node(ni); 2147 run_enable_tsf_sync(sc); 2148 2149 /* enable automatic rate adaptation */ 2150 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)]; 2151 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE) 2152 ratectl |= bid; 2153 } 2154 2155 /* turn link LED on */ 2156 run_set_leds(sc, RT2860_LED_RADIO | 2157 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 2158 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 2159 2160 break; 2161 default: 2162 DPRINTFN(6, "undefined case\n"); 2163 break; 2164 } 2165 2166 /* restart amrr for running VAPs */ 2167 if ((sc->ratectl_run = ratectl) && restart_ratectl) 2168 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2169 2170 RUN_UNLOCK(sc); 2171 IEEE80211_LOCK(ic); 2172 2173 return(rvp->newstate(vap, nstate, arg)); 2174 } 2175 2176 /* ARGSUSED */ 2177 static void 2178 run_wme_update_cb(void *arg) 2179 { 2180 struct ieee80211com *ic = arg; 2181 struct run_softc *sc = ic->ic_ifp->if_softc; 2182 struct ieee80211_wme_state *wmesp = &ic->ic_wme; 2183 int aci, error = 0; 2184 2185 RUN_LOCK_ASSERT(sc, MA_OWNED); 2186 2187 /* update MAC TX configuration registers */ 2188 for (aci = 0; aci < WME_NUM_AC; aci++) { 2189 error = run_write(sc, RT2860_EDCA_AC_CFG(aci), 2190 wmesp->wme_params[aci].wmep_logcwmax << 16 | 2191 wmesp->wme_params[aci].wmep_logcwmin << 12 | 2192 wmesp->wme_params[aci].wmep_aifsn << 8 | 2193 wmesp->wme_params[aci].wmep_txopLimit); 2194 if (error) goto err; 2195 } 2196 2197 /* update SCH/DMA registers too */ 2198 error = run_write(sc, RT2860_WMM_AIFSN_CFG, 2199 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 | 2200 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 | 2201 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 | 2202 wmesp->wme_params[WME_AC_BE].wmep_aifsn); 2203 if (error) goto err; 2204 error = run_write(sc, RT2860_WMM_CWMIN_CFG, 2205 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 | 2206 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 | 2207 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 | 2208 wmesp->wme_params[WME_AC_BE].wmep_logcwmin); 2209 if (error) goto err; 2210 error = run_write(sc, RT2860_WMM_CWMAX_CFG, 2211 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 | 2212 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 | 2213 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 | 2214 wmesp->wme_params[WME_AC_BE].wmep_logcwmax); 2215 if (error) goto err; 2216 error = run_write(sc, RT2860_WMM_TXOP0_CFG, 2217 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 | 2218 wmesp->wme_params[WME_AC_BE].wmep_txopLimit); 2219 if (error) goto err; 2220 error = run_write(sc, RT2860_WMM_TXOP1_CFG, 2221 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 | 2222 wmesp->wme_params[WME_AC_VI].wmep_txopLimit); 2223 2224 err: 2225 if (error) 2226 DPRINTF("WME update failed\n"); 2227 2228 return; 2229 } 2230 2231 static int 2232 run_wme_update(struct ieee80211com *ic) 2233 { 2234 struct run_softc *sc = ic->ic_ifp->if_softc; 2235 2236 /* sometime called wothout lock */ 2237 if (mtx_owned(&ic->ic_comlock.mtx)) { 2238 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 2239 DPRINTF("cmdq_store=%d\n", i); 2240 sc->cmdq[i].func = run_wme_update_cb; 2241 sc->cmdq[i].arg0 = ic; 2242 ieee80211_runtask(ic, &sc->cmdq_task); 2243 return (0); 2244 } 2245 2246 RUN_LOCK(sc); 2247 run_wme_update_cb(ic); 2248 RUN_UNLOCK(sc); 2249 2250 /* return whatever, upper layer desn't care anyway */ 2251 return (0); 2252 } 2253 2254 static void 2255 run_key_update_begin(struct ieee80211vap *vap) 2256 { 2257 /* 2258 * To avoid out-of-order events, both run_key_set() and 2259 * _delete() are deferred and handled by run_cmdq_cb(). 2260 * So, there is nothing we need to do here. 2261 */ 2262 } 2263 2264 static void 2265 run_key_update_end(struct ieee80211vap *vap) 2266 { 2267 /* null */ 2268 } 2269 2270 static void 2271 run_key_set_cb(void *arg) 2272 { 2273 struct run_cmdq *cmdq = arg; 2274 struct ieee80211vap *vap = cmdq->arg1; 2275 struct ieee80211_key *k = cmdq->k; 2276 struct ieee80211com *ic = vap->iv_ic; 2277 struct run_softc *sc = ic->ic_ifp->if_softc; 2278 struct ieee80211_node *ni; 2279 uint32_t attr; 2280 uint16_t base, associd; 2281 uint8_t mode, wcid, iv[8]; 2282 2283 RUN_LOCK_ASSERT(sc, MA_OWNED); 2284 2285 if (vap->iv_opmode == IEEE80211_M_HOSTAP) 2286 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac); 2287 else 2288 ni = vap->iv_bss; 2289 associd = (ni != NULL) ? ni->ni_associd : 0; 2290 2291 /* map net80211 cipher to RT2860 security mode */ 2292 switch (k->wk_cipher->ic_cipher) { 2293 case IEEE80211_CIPHER_WEP: 2294 if(k->wk_keylen < 8) 2295 mode = RT2860_MODE_WEP40; 2296 else 2297 mode = RT2860_MODE_WEP104; 2298 break; 2299 case IEEE80211_CIPHER_TKIP: 2300 mode = RT2860_MODE_TKIP; 2301 break; 2302 case IEEE80211_CIPHER_AES_CCM: 2303 mode = RT2860_MODE_AES_CCMP; 2304 break; 2305 default: 2306 DPRINTF("undefined case\n"); 2307 return; 2308 } 2309 2310 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n", 2311 associd, k->wk_keyix, mode, 2312 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise", 2313 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off", 2314 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off"); 2315 2316 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2317 wcid = 0; /* NB: update WCID0 for group keys */ 2318 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix); 2319 } else { 2320 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2321 1 : RUN_AID2WCID(associd); 2322 base = RT2860_PKEY(wcid); 2323 } 2324 2325 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2326 if(run_write_region_1(sc, base, k->wk_key, 16)) 2327 return; 2328 if(run_write_region_1(sc, base + 16, &k->wk_key[16], 8)) /* wk_txmic */ 2329 return; 2330 if(run_write_region_1(sc, base + 24, &k->wk_key[24], 8)) /* wk_rxmic */ 2331 return; 2332 } else { 2333 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 2334 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1)) 2335 return; 2336 } 2337 2338 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 2339 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) { 2340 /* set initial packet number in IV+EIV */ 2341 if (k->wk_cipher == IEEE80211_CIPHER_WEP) { 2342 memset(iv, 0, sizeof iv); 2343 iv[3] = vap->iv_def_txkey << 6; 2344 } else { 2345 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 2346 iv[0] = k->wk_keytsc >> 8; 2347 iv[1] = (iv[0] | 0x20) & 0x7f; 2348 iv[2] = k->wk_keytsc; 2349 } else /* CCMP */ { 2350 iv[0] = k->wk_keytsc; 2351 iv[1] = k->wk_keytsc >> 8; 2352 iv[2] = 0; 2353 } 2354 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 2355 iv[4] = k->wk_keytsc >> 16; 2356 iv[5] = k->wk_keytsc >> 24; 2357 iv[6] = k->wk_keytsc >> 32; 2358 iv[7] = k->wk_keytsc >> 40; 2359 } 2360 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8)) 2361 return; 2362 } 2363 2364 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2365 /* install group key */ 2366 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr)) 2367 return; 2368 attr &= ~(0xf << (k->wk_keyix * 4)); 2369 attr |= mode << (k->wk_keyix * 4); 2370 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr)) 2371 return; 2372 } else { 2373 /* install pairwise key */ 2374 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr)) 2375 return; 2376 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2377 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr)) 2378 return; 2379 } 2380 2381 /* TODO create a pass-thru key entry? */ 2382 2383 /* need wcid to delete the right key later */ 2384 k->wk_pad = wcid; 2385 } 2386 2387 /* 2388 * Don't have to be deferred, but in order to keep order of 2389 * execution, i.e. with run_key_delete(), defer this and let 2390 * run_cmdq_cb() maintain the order. 2391 * 2392 * return 0 on error 2393 */ 2394 static int 2395 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k, 2396 const uint8_t mac[IEEE80211_ADDR_LEN]) 2397 { 2398 struct ieee80211com *ic = vap->iv_ic; 2399 struct run_softc *sc = ic->ic_ifp->if_softc; 2400 uint32_t i; 2401 2402 i = RUN_CMDQ_GET(&sc->cmdq_store); 2403 DPRINTF("cmdq_store=%d\n", i); 2404 sc->cmdq[i].func = run_key_set_cb; 2405 sc->cmdq[i].arg0 = NULL; 2406 sc->cmdq[i].arg1 = vap; 2407 sc->cmdq[i].k = k; 2408 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, mac); 2409 ieee80211_runtask(ic, &sc->cmdq_task); 2410 2411 /* 2412 * To make sure key will be set when hostapd 2413 * calls iv_key_set() before if_init(). 2414 */ 2415 if (vap->iv_opmode == IEEE80211_M_HOSTAP) { 2416 RUN_LOCK(sc); 2417 sc->cmdq_key_set = RUN_CMDQ_GO; 2418 RUN_UNLOCK(sc); 2419 } 2420 2421 return (1); 2422 } 2423 2424 /* 2425 * If wlan is destroyed without being brought down i.e. without 2426 * wlan down or wpa_cli terminate, this function is called after 2427 * vap is gone. Don't refer it. 2428 */ 2429 static void 2430 run_key_delete_cb(void *arg) 2431 { 2432 struct run_cmdq *cmdq = arg; 2433 struct run_softc *sc = cmdq->arg1; 2434 struct ieee80211_key *k = &cmdq->key; 2435 uint32_t attr; 2436 uint8_t wcid; 2437 2438 RUN_LOCK_ASSERT(sc, MA_OWNED); 2439 2440 if (k->wk_flags & IEEE80211_KEY_GROUP) { 2441 /* remove group key */ 2442 DPRINTF("removing group key\n"); 2443 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2444 attr &= ~(0xf << (k->wk_keyix * 4)); 2445 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2446 } else { 2447 /* remove pairwise key */ 2448 DPRINTF("removing key for wcid %x\n", k->wk_pad); 2449 /* matching wcid was written to wk_pad in run_key_set() */ 2450 wcid = k->wk_pad; 2451 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2452 attr &= ~0xf; 2453 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2454 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8); 2455 } 2456 2457 k->wk_pad = 0; 2458 } 2459 2460 /* 2461 * return 0 on error 2462 */ 2463 static int 2464 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k) 2465 { 2466 struct ieee80211com *ic = vap->iv_ic; 2467 struct run_softc *sc = ic->ic_ifp->if_softc; 2468 struct ieee80211_key *k0; 2469 uint32_t i; 2470 2471 /* 2472 * When called back, key might be gone. So, make a copy 2473 * of some values need to delete keys before deferring. 2474 * But, because of LOR with node lock, cannot use lock here. 2475 * So, use atomic instead. 2476 */ 2477 i = RUN_CMDQ_GET(&sc->cmdq_store); 2478 DPRINTF("cmdq_store=%d\n", i); 2479 sc->cmdq[i].func = run_key_delete_cb; 2480 sc->cmdq[i].arg0 = NULL; 2481 sc->cmdq[i].arg1 = sc; 2482 k0 = &sc->cmdq[i].key; 2483 k0->wk_flags = k->wk_flags; 2484 k0->wk_keyix = k->wk_keyix; 2485 /* matching wcid was written to wk_pad in run_key_set() */ 2486 k0->wk_pad = k->wk_pad; 2487 ieee80211_runtask(ic, &sc->cmdq_task); 2488 return (1); /* return fake success */ 2489 2490 } 2491 2492 static void 2493 run_ratectl_to(void *arg) 2494 { 2495 struct run_softc *sc = arg; 2496 2497 /* do it in a process context, so it can go sleep */ 2498 ieee80211_runtask(sc->sc_ifp->if_l2com, &sc->ratectl_task); 2499 /* next timeout will be rescheduled in the callback task */ 2500 } 2501 2502 /* ARGSUSED */ 2503 static void 2504 run_ratectl_cb(void *arg, int pending) 2505 { 2506 struct run_softc *sc = arg; 2507 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 2508 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2509 2510 if (vap == NULL) 2511 return; 2512 2513 if (sc->rvp_cnt > 1 || vap->iv_opmode != IEEE80211_M_STA) { 2514 /* 2515 * run_reset_livelock() doesn't do anything with AMRR, 2516 * but Ralink wants us to call it every 1 sec. So, we 2517 * piggyback here rather than creating another callout. 2518 * Livelock may occur only in HOSTAP or IBSS mode 2519 * (when h/w is sending beacons). 2520 */ 2521 RUN_LOCK(sc); 2522 run_reset_livelock(sc); 2523 /* just in case, there are some stats to drain */ 2524 run_drain_fifo(sc); 2525 RUN_UNLOCK(sc); 2526 } 2527 2528 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc); 2529 2530 RUN_LOCK(sc); 2531 if(sc->ratectl_run != RUN_RATECTL_OFF) 2532 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2533 RUN_UNLOCK(sc); 2534 } 2535 2536 static void 2537 run_drain_fifo(void *arg) 2538 { 2539 struct run_softc *sc = arg; 2540 struct ifnet *ifp = sc->sc_ifp; 2541 uint32_t stat; 2542 uint16_t (*wstat)[3]; 2543 uint8_t wcid, mcs, pid; 2544 int8_t retry; 2545 2546 RUN_LOCK_ASSERT(sc, MA_OWNED); 2547 2548 for (;;) { 2549 /* drain Tx status FIFO (maxsize = 16) */ 2550 run_read(sc, RT2860_TX_STAT_FIFO, &stat); 2551 DPRINTFN(4, "tx stat 0x%08x\n", stat); 2552 if (!(stat & RT2860_TXQ_VLD)) 2553 break; 2554 2555 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff; 2556 2557 /* if no ACK was requested, no feedback is available */ 2558 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX || 2559 wcid == 0) 2560 continue; 2561 2562 /* 2563 * Even though each stat is Tx-complete-status like format, 2564 * the device can poll stats. Because there is no guarantee 2565 * that the referring node is still around when read the stats. 2566 * So that, if we use ieee80211_ratectl_tx_update(), we will 2567 * have hard time not to refer already freed node. 2568 * 2569 * To eliminate such page faults, we poll stats in softc. 2570 * Then, update the rates later with ieee80211_ratectl_tx_update(). 2571 */ 2572 wstat = &(sc->wcid_stats[wcid]); 2573 (*wstat)[RUN_TXCNT]++; 2574 if (stat & RT2860_TXQ_OK) 2575 (*wstat)[RUN_SUCCESS]++; 2576 else 2577 ifp->if_oerrors++; 2578 /* 2579 * Check if there were retries, ie if the Tx success rate is 2580 * different from the requested rate. Note that it works only 2581 * because we do not allow rate fallback from OFDM to CCK. 2582 */ 2583 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f; 2584 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf; 2585 if ((retry = pid -1 - mcs) > 0) { 2586 (*wstat)[RUN_TXCNT] += retry; 2587 (*wstat)[RUN_RETRY] += retry; 2588 } 2589 } 2590 DPRINTFN(3, "count=%d\n", sc->fifo_cnt); 2591 2592 sc->fifo_cnt = 0; 2593 } 2594 2595 static void 2596 run_iter_func(void *arg, struct ieee80211_node *ni) 2597 { 2598 struct run_softc *sc = arg; 2599 struct ieee80211vap *vap = ni->ni_vap; 2600 struct ieee80211com *ic = ni->ni_ic; 2601 struct ifnet *ifp = ic->ic_ifp; 2602 struct run_node *rn = (void *)ni; 2603 union run_stats sta[2]; 2604 uint16_t (*wstat)[3]; 2605 int txcnt, success, retrycnt, error; 2606 2607 RUN_LOCK(sc); 2608 2609 /* Check for special case */ 2610 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA && 2611 ni != vap->iv_bss) 2612 goto fail; 2613 2614 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS || 2615 vap->iv_opmode == IEEE80211_M_STA)) { 2616 /* read statistic counters (clear on read) and update AMRR state */ 2617 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2618 sizeof sta); 2619 if (error != 0) 2620 goto fail; 2621 2622 /* count failed TX as errors */ 2623 ifp->if_oerrors += le16toh(sta[0].error.fail); 2624 2625 retrycnt = le16toh(sta[1].tx.retry); 2626 success = le16toh(sta[1].tx.success); 2627 txcnt = retrycnt + success + le16toh(sta[0].error.fail); 2628 2629 DPRINTFN(3, "retrycnt=%d success=%d failcnt=%d\n", 2630 retrycnt, success, le16toh(sta[0].error.fail)); 2631 } else { 2632 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]); 2633 2634 if (wstat == &(sc->wcid_stats[0]) || 2635 wstat > &(sc->wcid_stats[RT2870_WCID_MAX])) 2636 goto fail; 2637 2638 txcnt = (*wstat)[RUN_TXCNT]; 2639 success = (*wstat)[RUN_SUCCESS]; 2640 retrycnt = (*wstat)[RUN_RETRY]; 2641 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n", 2642 retrycnt, txcnt, success); 2643 2644 memset(wstat, 0, sizeof(*wstat)); 2645 } 2646 2647 ieee80211_ratectl_tx_update(vap, ni, &txcnt, &success, &retrycnt); 2648 rn->amrr_ridx = ieee80211_ratectl_rate(ni, NULL, 0); 2649 2650 fail: 2651 RUN_UNLOCK(sc); 2652 2653 DPRINTFN(3, "ridx=%d\n", rn->amrr_ridx); 2654 } 2655 2656 static void 2657 run_newassoc_cb(void *arg) 2658 { 2659 struct run_cmdq *cmdq = arg; 2660 struct ieee80211_node *ni = cmdq->arg1; 2661 struct run_softc *sc = ni->ni_vap->iv_ic->ic_ifp->if_softc; 2662 uint8_t wcid = cmdq->wcid; 2663 2664 RUN_LOCK_ASSERT(sc, MA_OWNED); 2665 2666 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 2667 ni->ni_macaddr, IEEE80211_ADDR_LEN); 2668 2669 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid])); 2670 } 2671 2672 static void 2673 run_newassoc(struct ieee80211_node *ni, int isnew) 2674 { 2675 struct run_node *rn = (void *)ni; 2676 struct ieee80211_rateset *rs = &ni->ni_rates; 2677 struct ieee80211vap *vap = ni->ni_vap; 2678 struct ieee80211com *ic = vap->iv_ic; 2679 struct run_softc *sc = ic->ic_ifp->if_softc; 2680 uint8_t rate; 2681 uint8_t ridx; 2682 uint8_t wcid; 2683 int i, j; 2684 2685 wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 2686 1 : RUN_AID2WCID(ni->ni_associd); 2687 2688 if (wcid > RT2870_WCID_MAX) { 2689 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid); 2690 return; 2691 } 2692 2693 /* only interested in true associations */ 2694 if (isnew && ni->ni_associd != 0) { 2695 2696 /* 2697 * This function could is called though timeout function. 2698 * Need to defer. 2699 */ 2700 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store); 2701 DPRINTF("cmdq_store=%d\n", cnt); 2702 sc->cmdq[cnt].func = run_newassoc_cb; 2703 sc->cmdq[cnt].arg0 = NULL; 2704 sc->cmdq[cnt].arg1 = ni; 2705 sc->cmdq[cnt].wcid = wcid; 2706 ieee80211_runtask(ic, &sc->cmdq_task); 2707 } 2708 2709 DPRINTF("new assoc isnew=%d associd=%x addr=%s\n", 2710 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr)); 2711 2712 for (i = 0; i < rs->rs_nrates; i++) { 2713 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2714 /* convert 802.11 rate to hardware rate index */ 2715 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2716 if (rt2860_rates[ridx].rate == rate) 2717 break; 2718 rn->ridx[i] = ridx; 2719 /* determine rate of control response frames */ 2720 for (j = i; j >= 0; j--) { 2721 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2722 rt2860_rates[rn->ridx[i]].phy == 2723 rt2860_rates[rn->ridx[j]].phy) 2724 break; 2725 } 2726 if (j >= 0) { 2727 rn->ctl_ridx[i] = rn->ridx[j]; 2728 } else { 2729 /* no basic rate found, use mandatory one */ 2730 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2731 } 2732 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2733 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]); 2734 } 2735 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate; 2736 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2737 if (rt2860_rates[ridx].rate == rate) 2738 break; 2739 rn->mgt_ridx = ridx; 2740 DPRINTF("rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx); 2741 2742 RUN_LOCK(sc); 2743 if(sc->ratectl_run != RUN_RATECTL_OFF) 2744 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc); 2745 RUN_UNLOCK(sc); 2746 } 2747 2748 /* 2749 * Return the Rx chain with the highest RSSI for a given frame. 2750 */ 2751 static __inline uint8_t 2752 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2753 { 2754 uint8_t rxchain = 0; 2755 2756 if (sc->nrxchains > 1) { 2757 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2758 rxchain = 1; 2759 if (sc->nrxchains > 2) 2760 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2761 rxchain = 2; 2762 } 2763 return (rxchain); 2764 } 2765 2766 static void 2767 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen) 2768 { 2769 struct ifnet *ifp = sc->sc_ifp; 2770 struct ieee80211com *ic = ifp->if_l2com; 2771 struct ieee80211_frame *wh; 2772 struct ieee80211_node *ni; 2773 struct rt2870_rxd *rxd; 2774 struct rt2860_rxwi *rxwi; 2775 uint32_t flags; 2776 uint16_t len, rxwisize; 2777 uint8_t ant, rssi; 2778 int8_t nf; 2779 2780 rxwi = mtod(m, struct rt2860_rxwi *); 2781 len = le16toh(rxwi->len) & 0xfff; 2782 rxwisize = sizeof(struct rt2860_rxwi); 2783 if (sc->mac_ver == 0x5592) 2784 rxwisize += sizeof(uint64_t); 2785 else if (sc->mac_ver == 0x3593) 2786 rxwisize += sizeof(uint32_t); 2787 if (__predict_false(len > dmalen)) { 2788 m_freem(m); 2789 ifp->if_ierrors++; 2790 DPRINTF("bad RXWI length %u > %u\n", len, dmalen); 2791 return; 2792 } 2793 /* Rx descriptor is located at the end */ 2794 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen); 2795 flags = le32toh(rxd->flags); 2796 2797 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2798 m_freem(m); 2799 ifp->if_ierrors++; 2800 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV"); 2801 return; 2802 } 2803 2804 m->m_data += rxwisize; 2805 m->m_pkthdr.len = m->m_len -= rxwisize; 2806 2807 wh = mtod(m, struct ieee80211_frame *); 2808 2809 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2810 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 2811 m->m_flags |= M_WEP; 2812 } 2813 2814 if (flags & RT2860_RX_L2PAD) { 2815 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n"); 2816 len += 2; 2817 } 2818 2819 ni = ieee80211_find_rxnode(ic, 2820 mtod(m, struct ieee80211_frame_min *)); 2821 2822 if (__predict_false(flags & RT2860_RX_MICERR)) { 2823 /* report MIC failures to net80211 for TKIP */ 2824 if (ni != NULL) 2825 ieee80211_notify_michael_failure(ni->ni_vap, wh, 2826 rxwi->keyidx); 2827 m_freem(m); 2828 ifp->if_ierrors++; 2829 DPRINTF("MIC error. Someone is lying.\n"); 2830 return; 2831 } 2832 2833 ant = run_maxrssi_chain(sc, rxwi); 2834 rssi = rxwi->rssi[ant]; 2835 nf = run_rssi2dbm(sc, rssi, ant); 2836 2837 m->m_pkthdr.rcvif = ifp; 2838 m->m_pkthdr.len = m->m_len = len; 2839 2840 if (ni != NULL) { 2841 (void)ieee80211_input(ni, m, rssi, nf); 2842 ieee80211_free_node(ni); 2843 } else { 2844 (void)ieee80211_input_all(ic, m, rssi, nf); 2845 } 2846 2847 if (__predict_false(ieee80211_radiotap_active(ic))) { 2848 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2849 uint16_t phy; 2850 2851 tap->wr_flags = 0; 2852 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2853 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2854 tap->wr_antsignal = rssi; 2855 tap->wr_antenna = ant; 2856 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2857 tap->wr_rate = 2; /* in case it can't be found below */ 2858 phy = le16toh(rxwi->phy); 2859 switch (phy & RT2860_PHY_MODE) { 2860 case RT2860_PHY_CCK: 2861 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2862 case 0: tap->wr_rate = 2; break; 2863 case 1: tap->wr_rate = 4; break; 2864 case 2: tap->wr_rate = 11; break; 2865 case 3: tap->wr_rate = 22; break; 2866 } 2867 if (phy & RT2860_PHY_SHPRE) 2868 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2869 break; 2870 case RT2860_PHY_OFDM: 2871 switch (phy & RT2860_PHY_MCS) { 2872 case 0: tap->wr_rate = 12; break; 2873 case 1: tap->wr_rate = 18; break; 2874 case 2: tap->wr_rate = 24; break; 2875 case 3: tap->wr_rate = 36; break; 2876 case 4: tap->wr_rate = 48; break; 2877 case 5: tap->wr_rate = 72; break; 2878 case 6: tap->wr_rate = 96; break; 2879 case 7: tap->wr_rate = 108; break; 2880 } 2881 break; 2882 } 2883 } 2884 } 2885 2886 static void 2887 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error) 2888 { 2889 struct run_softc *sc = usbd_xfer_softc(xfer); 2890 struct ifnet *ifp = sc->sc_ifp; 2891 struct mbuf *m = NULL; 2892 struct mbuf *m0; 2893 uint32_t dmalen; 2894 uint16_t rxwisize; 2895 int xferlen; 2896 2897 rxwisize = sizeof(struct rt2860_rxwi); 2898 if (sc->mac_ver == 0x5592) 2899 rxwisize += sizeof(uint64_t); 2900 else if (sc->mac_ver == 0x3593) 2901 rxwisize += sizeof(uint32_t); 2902 2903 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL); 2904 2905 switch (USB_GET_STATE(xfer)) { 2906 case USB_ST_TRANSFERRED: 2907 2908 DPRINTFN(15, "rx done, actlen=%d\n", xferlen); 2909 2910 if (xferlen < (int)(sizeof(uint32_t) + rxwisize + 2911 sizeof(struct rt2870_rxd))) { 2912 DPRINTF("xfer too short %d\n", xferlen); 2913 goto tr_setup; 2914 } 2915 2916 m = sc->rx_m; 2917 sc->rx_m = NULL; 2918 2919 /* FALLTHROUGH */ 2920 case USB_ST_SETUP: 2921 tr_setup: 2922 if (sc->rx_m == NULL) { 2923 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, 2924 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */); 2925 } 2926 if (sc->rx_m == NULL) { 2927 DPRINTF("could not allocate mbuf - idle with stall\n"); 2928 ifp->if_ierrors++; 2929 usbd_xfer_set_stall(xfer); 2930 usbd_xfer_set_frames(xfer, 0); 2931 } else { 2932 /* 2933 * Directly loading a mbuf cluster into DMA to 2934 * save some data copying. This works because 2935 * there is only one cluster. 2936 */ 2937 usbd_xfer_set_frame_data(xfer, 0, 2938 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ); 2939 usbd_xfer_set_frames(xfer, 1); 2940 } 2941 usbd_transfer_submit(xfer); 2942 break; 2943 2944 default: /* Error */ 2945 if (error != USB_ERR_CANCELLED) { 2946 /* try to clear stall first */ 2947 usbd_xfer_set_stall(xfer); 2948 2949 if (error == USB_ERR_TIMEOUT) 2950 device_printf(sc->sc_dev, "device timeout\n"); 2951 2952 ifp->if_ierrors++; 2953 2954 goto tr_setup; 2955 } 2956 if (sc->rx_m != NULL) { 2957 m_freem(sc->rx_m); 2958 sc->rx_m = NULL; 2959 } 2960 break; 2961 } 2962 2963 if (m == NULL) 2964 return; 2965 2966 /* inputting all the frames must be last */ 2967 2968 RUN_UNLOCK(sc); 2969 2970 m->m_pkthdr.len = m->m_len = xferlen; 2971 2972 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2973 for(;;) { 2974 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff; 2975 2976 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) || 2977 ((dmalen & 3) != 0)) { 2978 DPRINTF("bad DMA length %u\n", dmalen); 2979 break; 2980 } 2981 if ((dmalen + 8) > (uint32_t)xferlen) { 2982 DPRINTF("bad DMA length %u > %d\n", 2983 dmalen + 8, xferlen); 2984 break; 2985 } 2986 2987 /* If it is the last one or a single frame, we won't copy. */ 2988 if ((xferlen -= dmalen + 8) <= 8) { 2989 /* trim 32-bit DMA-len header */ 2990 m->m_data += 4; 2991 m->m_pkthdr.len = m->m_len -= 4; 2992 run_rx_frame(sc, m, dmalen); 2993 m = NULL; /* don't free source buffer */ 2994 break; 2995 } 2996 2997 /* copy aggregated frames to another mbuf */ 2998 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR); 2999 if (__predict_false(m0 == NULL)) { 3000 DPRINTF("could not allocate mbuf\n"); 3001 ifp->if_ierrors++; 3002 break; 3003 } 3004 m_copydata(m, 4 /* skip 32-bit DMA-len header */, 3005 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t)); 3006 m0->m_pkthdr.len = m0->m_len = 3007 dmalen + sizeof(struct rt2870_rxd); 3008 run_rx_frame(sc, m0, dmalen); 3009 3010 /* update data ptr */ 3011 m->m_data += dmalen + 8; 3012 m->m_pkthdr.len = m->m_len -= dmalen + 8; 3013 } 3014 3015 /* make sure we free the source buffer, if any */ 3016 m_freem(m); 3017 3018 RUN_LOCK(sc); 3019 } 3020 3021 static void 3022 run_tx_free(struct run_endpoint_queue *pq, 3023 struct run_tx_data *data, int txerr) 3024 { 3025 if (data->m != NULL) { 3026 if (data->m->m_flags & M_TXCB) 3027 ieee80211_process_callback(data->ni, data->m, 3028 txerr ? ETIMEDOUT : 0); 3029 m_freem(data->m); 3030 data->m = NULL; 3031 3032 if (data->ni == NULL) { 3033 DPRINTF("no node\n"); 3034 } else { 3035 ieee80211_free_node(data->ni); 3036 data->ni = NULL; 3037 } 3038 } 3039 3040 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next); 3041 pq->tx_nfree++; 3042 } 3043 3044 static void 3045 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index) 3046 { 3047 struct run_softc *sc = usbd_xfer_softc(xfer); 3048 struct ifnet *ifp = sc->sc_ifp; 3049 struct ieee80211com *ic = ifp->if_l2com; 3050 struct run_tx_data *data; 3051 struct ieee80211vap *vap = NULL; 3052 struct usb_page_cache *pc; 3053 struct run_endpoint_queue *pq = &sc->sc_epq[index]; 3054 struct mbuf *m; 3055 usb_frlength_t size; 3056 int actlen; 3057 int sumlen; 3058 3059 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 3060 3061 switch (USB_GET_STATE(xfer)) { 3062 case USB_ST_TRANSFERRED: 3063 DPRINTFN(11, "transfer complete: %d " 3064 "bytes @ index %d\n", actlen, index); 3065 3066 data = usbd_xfer_get_priv(xfer); 3067 3068 run_tx_free(pq, data, 0); 3069 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3070 3071 usbd_xfer_set_priv(xfer, NULL); 3072 3073 ifp->if_opackets++; 3074 3075 /* FALLTHROUGH */ 3076 case USB_ST_SETUP: 3077 tr_setup: 3078 data = STAILQ_FIRST(&pq->tx_qh); 3079 if (data == NULL) 3080 break; 3081 3082 STAILQ_REMOVE_HEAD(&pq->tx_qh, next); 3083 3084 m = data->m; 3085 size = (sc->mac_ver == 0x5592) ? 3086 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc); 3087 if ((m->m_pkthdr.len + 3088 size + 3 + 8) > RUN_MAX_TXSZ) { 3089 DPRINTF("data overflow, %u bytes\n", 3090 m->m_pkthdr.len); 3091 3092 ifp->if_oerrors++; 3093 3094 run_tx_free(pq, data, 1); 3095 3096 goto tr_setup; 3097 } 3098 3099 pc = usbd_xfer_get_frame(xfer, 0); 3100 usbd_copy_in(pc, 0, &data->desc, size); 3101 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len); 3102 size += m->m_pkthdr.len; 3103 /* 3104 * Align end on a 4-byte boundary, pad 8 bytes (CRC + 3105 * 4-byte padding), and be sure to zero those trailing 3106 * bytes: 3107 */ 3108 usbd_frame_zero(pc, size, ((-size) & 3) + 8); 3109 size += ((-size) & 3) + 8; 3110 3111 vap = data->ni->ni_vap; 3112 if (ieee80211_radiotap_active_vap(vap)) { 3113 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 3114 struct rt2860_txwi *txwi = 3115 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd)); 3116 tap->wt_flags = 0; 3117 tap->wt_rate = rt2860_rates[data->ridx].rate; 3118 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 3119 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 3120 tap->wt_hwqueue = index; 3121 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE) 3122 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 3123 3124 ieee80211_radiotap_tx(vap, m); 3125 } 3126 3127 DPRINTFN(11, "sending frame len=%u/%u @ index %d\n", 3128 m->m_pkthdr.len, size, index); 3129 3130 usbd_xfer_set_frame_len(xfer, 0, size); 3131 usbd_xfer_set_priv(xfer, data); 3132 3133 usbd_transfer_submit(xfer); 3134 3135 RUN_UNLOCK(sc); 3136 run_start(ifp); 3137 RUN_LOCK(sc); 3138 3139 break; 3140 3141 default: 3142 DPRINTF("USB transfer error, %s\n", 3143 usbd_errstr(error)); 3144 3145 data = usbd_xfer_get_priv(xfer); 3146 3147 ifp->if_oerrors++; 3148 3149 if (data != NULL) { 3150 if(data->ni != NULL) 3151 vap = data->ni->ni_vap; 3152 run_tx_free(pq, data, error); 3153 usbd_xfer_set_priv(xfer, NULL); 3154 } 3155 if (vap == NULL) 3156 vap = TAILQ_FIRST(&ic->ic_vaps); 3157 3158 if (error != USB_ERR_CANCELLED) { 3159 if (error == USB_ERR_TIMEOUT) { 3160 device_printf(sc->sc_dev, "device timeout\n"); 3161 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3162 DPRINTF("cmdq_store=%d\n", i); 3163 sc->cmdq[i].func = run_usb_timeout_cb; 3164 sc->cmdq[i].arg0 = vap; 3165 ieee80211_runtask(ic, &sc->cmdq_task); 3166 } 3167 3168 /* 3169 * Try to clear stall first, also if other 3170 * errors occur, hence clearing stall 3171 * introduces a 50 ms delay: 3172 */ 3173 usbd_xfer_set_stall(xfer); 3174 goto tr_setup; 3175 } 3176 break; 3177 } 3178 } 3179 3180 static void 3181 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error) 3182 { 3183 run_bulk_tx_callbackN(xfer, error, 0); 3184 } 3185 3186 static void 3187 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error) 3188 { 3189 run_bulk_tx_callbackN(xfer, error, 1); 3190 } 3191 3192 static void 3193 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error) 3194 { 3195 run_bulk_tx_callbackN(xfer, error, 2); 3196 } 3197 3198 static void 3199 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error) 3200 { 3201 run_bulk_tx_callbackN(xfer, error, 3); 3202 } 3203 3204 static void 3205 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error) 3206 { 3207 run_bulk_tx_callbackN(xfer, error, 4); 3208 } 3209 3210 static void 3211 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error) 3212 { 3213 run_bulk_tx_callbackN(xfer, error, 5); 3214 } 3215 3216 static void 3217 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data) 3218 { 3219 struct mbuf *m = data->m; 3220 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3221 struct ieee80211vap *vap = data->ni->ni_vap; 3222 struct ieee80211_frame *wh; 3223 struct rt2870_txd *txd; 3224 struct rt2860_txwi *txwi; 3225 uint16_t xferlen, txwisize; 3226 uint16_t mcs; 3227 uint8_t ridx = data->ridx; 3228 uint8_t pad; 3229 3230 /* get MCS code from rate index */ 3231 mcs = rt2860_rates[ridx].mcs; 3232 3233 txwisize = (sc->mac_ver == 0x5592) ? 3234 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi); 3235 xferlen = txwisize + m->m_pkthdr.len; 3236 3237 /* roundup to 32-bit alignment */ 3238 xferlen = (xferlen + 3) & ~3; 3239 3240 txd = (struct rt2870_txd *)&data->desc; 3241 txd->len = htole16(xferlen); 3242 3243 wh = mtod(m, struct ieee80211_frame *); 3244 3245 /* 3246 * Ether both are true or both are false, the header 3247 * are nicely aligned to 32-bit. So, no L2 padding. 3248 */ 3249 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh)) 3250 pad = 0; 3251 else 3252 pad = 2; 3253 3254 /* setup TX Wireless Information */ 3255 txwi = (struct rt2860_txwi *)(txd + 1); 3256 txwi->len = htole16(m->m_pkthdr.len - pad); 3257 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 3258 txwi->phy = htole16(RT2860_PHY_CCK); 3259 if (ridx != RT2860_RIDX_CCK1 && 3260 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 3261 mcs |= RT2860_PHY_SHPRE; 3262 } else 3263 txwi->phy = htole16(RT2860_PHY_OFDM); 3264 txwi->phy |= htole16(mcs); 3265 3266 /* check if RTS/CTS or CTS-to-self protection is required */ 3267 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3268 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold || 3269 ((ic->ic_flags & IEEE80211_F_USEPROT) && 3270 rt2860_rates[ridx].phy == IEEE80211_T_OFDM))) 3271 txwi->txop |= RT2860_TX_TXOP_HT; 3272 else 3273 txwi->txop |= RT2860_TX_TXOP_BACKOFF; 3274 3275 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh)) 3276 txwi->xflags |= RT2860_TX_NSEQ; 3277 } 3278 3279 /* This function must be called locked */ 3280 static int 3281 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3282 { 3283 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3284 struct ieee80211vap *vap = ni->ni_vap; 3285 struct ieee80211_frame *wh; 3286 struct ieee80211_channel *chan; 3287 const struct ieee80211_txparam *tp; 3288 struct run_node *rn = (void *)ni; 3289 struct run_tx_data *data; 3290 struct rt2870_txd *txd; 3291 struct rt2860_txwi *txwi; 3292 uint16_t qos; 3293 uint16_t dur; 3294 uint16_t qid; 3295 uint8_t type; 3296 uint8_t tid; 3297 uint8_t ridx; 3298 uint8_t ctl_ridx; 3299 uint8_t qflags; 3300 uint8_t xflags = 0; 3301 int hasqos; 3302 3303 RUN_LOCK_ASSERT(sc, MA_OWNED); 3304 3305 wh = mtod(m, struct ieee80211_frame *); 3306 3307 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3308 3309 /* 3310 * There are 7 bulk endpoints: 1 for RX 3311 * and 6 for TX (4 EDCAs + HCCA + Prio). 3312 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 3313 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 3314 */ 3315 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 3316 uint8_t *frm; 3317 3318 if(IEEE80211_HAS_ADDR4(wh)) 3319 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos; 3320 else 3321 frm =((struct ieee80211_qosframe *)wh)->i_qos; 3322 3323 qos = le16toh(*(const uint16_t *)frm); 3324 tid = qos & IEEE80211_QOS_TID; 3325 qid = TID_TO_WME_AC(tid); 3326 } else { 3327 qos = 0; 3328 tid = 0; 3329 qid = WME_AC_BE; 3330 } 3331 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA; 3332 3333 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n", 3334 qos, qid, tid, qflags); 3335 3336 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC)?ni->ni_chan:ic->ic_curchan; 3337 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 3338 3339 /* pickup a rate index */ 3340 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 3341 type != IEEE80211_FC0_TYPE_DATA) { 3342 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3343 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3344 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3345 } else { 3346 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 3347 ridx = rn->fix_ridx; 3348 else 3349 ridx = rn->amrr_ridx; 3350 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 3351 } 3352 3353 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 3354 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 3355 IEEE80211_QOS_ACKPOLICY_NOACK)) { 3356 xflags |= RT2860_TX_ACK; 3357 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3358 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 3359 else 3360 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 3361 USETW(wh->i_dur, dur); 3362 } 3363 3364 /* reserve slots for mgmt packets, just in case */ 3365 if (sc->sc_epq[qid].tx_nfree < 3) { 3366 DPRINTFN(10, "tx ring %d is full\n", qid); 3367 return (-1); 3368 } 3369 3370 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh); 3371 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next); 3372 sc->sc_epq[qid].tx_nfree--; 3373 3374 txd = (struct rt2870_txd *)&data->desc; 3375 txd->flags = qflags; 3376 txwi = (struct rt2860_txwi *)(txd + 1); 3377 txwi->xflags = xflags; 3378 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 3379 txwi->wcid = 0; 3380 else 3381 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ? 3382 1 : RUN_AID2WCID(ni->ni_associd); 3383 3384 /* clear leftover garbage bits */ 3385 txwi->flags = 0; 3386 txwi->txop = 0; 3387 3388 data->m = m; 3389 data->ni = ni; 3390 data->ridx = ridx; 3391 3392 run_set_tx_desc(sc, data); 3393 3394 /* 3395 * The chip keeps track of 2 kind of Tx stats, 3396 * * TX_STAT_FIFO, for per WCID stats, and 3397 * * TX_STA_CNT0 for all-TX-in-one stats. 3398 * 3399 * To use FIFO stats, we need to store MCS into the driver-private 3400 * PacketID field. So that, we can tell whose stats when we read them. 3401 * We add 1 to the MCS because setting the PacketID field to 0 means 3402 * that we don't want feedback in TX_STAT_FIFO. 3403 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job. 3404 * 3405 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx(). 3406 */ 3407 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP || 3408 vap->iv_opmode == IEEE80211_M_MBSS) { 3409 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf; 3410 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT); 3411 3412 /* 3413 * Unlike PCI based devices, we don't get any interrupt from 3414 * USB devices, so we simulate FIFO-is-full interrupt here. 3415 * Ralink recomends to drain FIFO stats every 100 ms, but 16 slots 3416 * quickly get fulled. To prevent overflow, increment a counter on 3417 * every FIFO stat request, so we know how many slots are left. 3418 * We do this only in HOSTAP or multiple vap mode since FIFO stats 3419 * are used only in those modes. 3420 * We just drain stats. AMRR gets updated every 1 sec by 3421 * run_ratectl_cb() via callout. 3422 * Call it early. Otherwise overflow. 3423 */ 3424 if (sc->fifo_cnt++ == 10) { 3425 /* 3426 * With multiple vaps or if_bridge, if_start() is called 3427 * with a non-sleepable lock, tcpinp. So, need to defer. 3428 */ 3429 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store); 3430 DPRINTFN(6, "cmdq_store=%d\n", i); 3431 sc->cmdq[i].func = run_drain_fifo; 3432 sc->cmdq[i].arg0 = sc; 3433 ieee80211_runtask(ic, &sc->cmdq_task); 3434 } 3435 } 3436 3437 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next); 3438 3439 usbd_transfer_start(sc->sc_xfer[qid]); 3440 3441 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", 3442 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) + 3443 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid); 3444 3445 return (0); 3446 } 3447 3448 static int 3449 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 3450 { 3451 struct ifnet *ifp = sc->sc_ifp; 3452 struct ieee80211com *ic = ifp->if_l2com; 3453 struct run_node *rn = (void *)ni; 3454 struct run_tx_data *data; 3455 struct ieee80211_frame *wh; 3456 struct rt2870_txd *txd; 3457 struct rt2860_txwi *txwi; 3458 uint16_t dur; 3459 uint8_t ridx = rn->mgt_ridx; 3460 uint8_t type; 3461 uint8_t xflags = 0; 3462 uint8_t wflags = 0; 3463 3464 RUN_LOCK_ASSERT(sc, MA_OWNED); 3465 3466 wh = mtod(m, struct ieee80211_frame *); 3467 3468 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3469 3470 /* tell hardware to add timestamp for probe responses */ 3471 if ((wh->i_fc[0] & 3472 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 3473 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 3474 wflags |= RT2860_TX_TS; 3475 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) { 3476 xflags |= RT2860_TX_ACK; 3477 3478 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate, 3479 ic->ic_flags & IEEE80211_F_SHPREAMBLE); 3480 USETW(wh->i_dur, dur); 3481 } 3482 3483 if (sc->sc_epq[0].tx_nfree == 0) { 3484 /* let caller free mbuf */ 3485 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3486 return (EIO); 3487 } 3488 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3489 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3490 sc->sc_epq[0].tx_nfree--; 3491 3492 txd = (struct rt2870_txd *)&data->desc; 3493 txd->flags = RT2860_TX_QSEL_EDCA; 3494 txwi = (struct rt2860_txwi *)(txd + 1); 3495 txwi->wcid = 0xff; 3496 txwi->flags = wflags; 3497 txwi->xflags = xflags; 3498 txwi->txop = 0; /* clear leftover garbage bits */ 3499 3500 data->m = m; 3501 data->ni = ni; 3502 data->ridx = ridx; 3503 3504 run_set_tx_desc(sc, data); 3505 3506 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len + 3507 (int)(sizeof(struct rt2870_txd) + sizeof(struct rt2860_txwi)), 3508 rt2860_rates[ridx].rate); 3509 3510 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3511 3512 usbd_transfer_start(sc->sc_xfer[0]); 3513 3514 return (0); 3515 } 3516 3517 static int 3518 run_sendprot(struct run_softc *sc, 3519 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate) 3520 { 3521 struct ieee80211com *ic = ni->ni_ic; 3522 struct ieee80211_frame *wh; 3523 struct run_tx_data *data; 3524 struct rt2870_txd *txd; 3525 struct rt2860_txwi *txwi; 3526 struct mbuf *mprot; 3527 int ridx; 3528 int protrate; 3529 int ackrate; 3530 int pktlen; 3531 int isshort; 3532 uint16_t dur; 3533 uint8_t type; 3534 uint8_t wflags = 0; 3535 uint8_t xflags = 0; 3536 3537 RUN_LOCK_ASSERT(sc, MA_OWNED); 3538 3539 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY, 3540 ("protection %d", prot)); 3541 3542 wh = mtod(m, struct ieee80211_frame *); 3543 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN; 3544 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3545 3546 protrate = ieee80211_ctl_rate(ic->ic_rt, rate); 3547 ackrate = ieee80211_ack_rate(ic->ic_rt, rate); 3548 3549 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0; 3550 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort) 3551 + ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3552 wflags = RT2860_TX_FRAG; 3553 3554 /* check that there are free slots before allocating the mbuf */ 3555 if (sc->sc_epq[0].tx_nfree == 0) { 3556 /* let caller free mbuf */ 3557 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3558 return (ENOBUFS); 3559 } 3560 3561 if (prot == IEEE80211_PROT_RTSCTS) { 3562 /* NB: CTS is the same size as an ACK */ 3563 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort); 3564 xflags |= RT2860_TX_ACK; 3565 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur); 3566 } else { 3567 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur); 3568 } 3569 if (mprot == NULL) { 3570 sc->sc_ifp->if_oerrors++; 3571 DPRINTF("could not allocate mbuf\n"); 3572 return (ENOBUFS); 3573 } 3574 3575 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3576 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3577 sc->sc_epq[0].tx_nfree--; 3578 3579 txd = (struct rt2870_txd *)&data->desc; 3580 txd->flags = RT2860_TX_QSEL_EDCA; 3581 txwi = (struct rt2860_txwi *)(txd + 1); 3582 txwi->wcid = 0xff; 3583 txwi->flags = wflags; 3584 txwi->xflags = xflags; 3585 txwi->txop = 0; /* clear leftover garbage bits */ 3586 3587 data->m = mprot; 3588 data->ni = ieee80211_ref_node(ni); 3589 3590 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3591 if (rt2860_rates[ridx].rate == protrate) 3592 break; 3593 data->ridx = ridx; 3594 3595 run_set_tx_desc(sc, data); 3596 3597 DPRINTFN(1, "sending prot len=%u rate=%u\n", 3598 m->m_pkthdr.len, rate); 3599 3600 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3601 3602 usbd_transfer_start(sc->sc_xfer[0]); 3603 3604 return (0); 3605 } 3606 3607 static int 3608 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 3609 const struct ieee80211_bpf_params *params) 3610 { 3611 struct ieee80211com *ic = ni->ni_ic; 3612 struct ieee80211_frame *wh; 3613 struct run_tx_data *data; 3614 struct rt2870_txd *txd; 3615 struct rt2860_txwi *txwi; 3616 uint8_t type; 3617 uint8_t ridx; 3618 uint8_t rate; 3619 uint8_t opflags = 0; 3620 uint8_t xflags = 0; 3621 int error; 3622 3623 RUN_LOCK_ASSERT(sc, MA_OWNED); 3624 3625 KASSERT(params != NULL, ("no raw xmit params")); 3626 3627 wh = mtod(m, struct ieee80211_frame *); 3628 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 3629 3630 rate = params->ibp_rate0; 3631 if (!ieee80211_isratevalid(ic->ic_rt, rate)) { 3632 /* let caller free mbuf */ 3633 return (EINVAL); 3634 } 3635 3636 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 3637 xflags |= RT2860_TX_ACK; 3638 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) { 3639 error = run_sendprot(sc, m, ni, 3640 params->ibp_flags & IEEE80211_BPF_RTS ? 3641 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY, 3642 rate); 3643 if (error) { 3644 /* let caller free mbuf */ 3645 return error; 3646 } 3647 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS; 3648 } 3649 3650 if (sc->sc_epq[0].tx_nfree == 0) { 3651 /* let caller free mbuf */ 3652 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3653 DPRINTF("sending raw frame, but tx ring is full\n"); 3654 return (EIO); 3655 } 3656 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh); 3657 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next); 3658 sc->sc_epq[0].tx_nfree--; 3659 3660 txd = (struct rt2870_txd *)&data->desc; 3661 txd->flags = RT2860_TX_QSEL_EDCA; 3662 txwi = (struct rt2860_txwi *)(txd + 1); 3663 txwi->wcid = 0xff; 3664 txwi->xflags = xflags; 3665 txwi->txop = opflags; 3666 txwi->flags = 0; /* clear leftover garbage bits */ 3667 3668 data->m = m; 3669 data->ni = ni; 3670 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 3671 if (rt2860_rates[ridx].rate == rate) 3672 break; 3673 data->ridx = ridx; 3674 3675 run_set_tx_desc(sc, data); 3676 3677 DPRINTFN(10, "sending raw frame len=%u rate=%u\n", 3678 m->m_pkthdr.len, rate); 3679 3680 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next); 3681 3682 usbd_transfer_start(sc->sc_xfer[0]); 3683 3684 return (0); 3685 } 3686 3687 static int 3688 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 3689 const struct ieee80211_bpf_params *params) 3690 { 3691 struct ifnet *ifp = ni->ni_ic->ic_ifp; 3692 struct run_softc *sc = ifp->if_softc; 3693 int error = 0; 3694 3695 RUN_LOCK(sc); 3696 3697 /* prevent management frames from being sent if we're not ready */ 3698 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3699 error = ENETDOWN; 3700 goto done; 3701 } 3702 3703 if (params == NULL) { 3704 /* tx mgt packet */ 3705 if ((error = run_tx_mgt(sc, m, ni)) != 0) { 3706 ifp->if_oerrors++; 3707 DPRINTF("mgt tx failed\n"); 3708 goto done; 3709 } 3710 } else { 3711 /* tx raw packet with param */ 3712 if ((error = run_tx_param(sc, m, ni, params)) != 0) { 3713 ifp->if_oerrors++; 3714 DPRINTF("tx with param failed\n"); 3715 goto done; 3716 } 3717 } 3718 3719 ifp->if_opackets++; 3720 3721 done: 3722 RUN_UNLOCK(sc); 3723 3724 if (error != 0) { 3725 if(m != NULL) 3726 m_freem(m); 3727 ieee80211_free_node(ni); 3728 } 3729 3730 return (error); 3731 } 3732 3733 static void 3734 run_start(struct ifnet *ifp) 3735 { 3736 struct run_softc *sc = ifp->if_softc; 3737 struct ieee80211_node *ni; 3738 struct mbuf *m; 3739 3740 RUN_LOCK(sc); 3741 3742 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 3743 RUN_UNLOCK(sc); 3744 return; 3745 } 3746 3747 for (;;) { 3748 /* send data frames */ 3749 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 3750 if (m == NULL) 3751 break; 3752 3753 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 3754 if (run_tx(sc, m, ni) != 0) { 3755 IFQ_DRV_PREPEND(&ifp->if_snd, m); 3756 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 3757 break; 3758 } 3759 } 3760 3761 RUN_UNLOCK(sc); 3762 } 3763 3764 static int 3765 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3766 { 3767 struct run_softc *sc = ifp->if_softc; 3768 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3769 struct ifreq *ifr = (struct ifreq *) data; 3770 int startall = 0; 3771 int error; 3772 3773 RUN_LOCK(sc); 3774 error = sc->sc_detached ? ENXIO : 0; 3775 RUN_UNLOCK(sc); 3776 if (error) 3777 return (error); 3778 3779 switch (cmd) { 3780 case SIOCSIFFLAGS: 3781 RUN_LOCK(sc); 3782 if (ifp->if_flags & IFF_UP) { 3783 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){ 3784 startall = 1; 3785 run_init_locked(sc); 3786 } else 3787 run_update_promisc_locked(ifp); 3788 } else { 3789 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 3790 (ic->ic_nrunning == 0 || sc->rvp_cnt <= 1)) { 3791 run_stop(sc); 3792 } 3793 } 3794 RUN_UNLOCK(sc); 3795 if (startall) 3796 ieee80211_start_all(ic); 3797 break; 3798 case SIOCGIFMEDIA: 3799 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 3800 break; 3801 case SIOCGIFADDR: 3802 error = ether_ioctl(ifp, cmd, data); 3803 break; 3804 default: 3805 error = EINVAL; 3806 break; 3807 } 3808 3809 return (error); 3810 } 3811 3812 static void 3813 run_iq_calib(struct run_softc *sc, u_int chan) 3814 { 3815 uint16_t val; 3816 3817 /* Tx0 IQ gain. */ 3818 run_bbp_write(sc, 158, 0x2c); 3819 if (chan <= 14) 3820 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1); 3821 else if (chan <= 64) { 3822 run_efuse_read(sc, 3823 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, 3824 &val, 1); 3825 } else if (chan <= 138) { 3826 run_efuse_read(sc, 3827 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, 3828 &val, 1); 3829 } else if (chan <= 165) { 3830 run_efuse_read(sc, 3831 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 3832 &val, 1); 3833 } else 3834 val = 0; 3835 run_bbp_write(sc, 159, val); 3836 3837 /* Tx0 IQ phase. */ 3838 run_bbp_write(sc, 158, 0x2d); 3839 if (chan <= 14) { 3840 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, 3841 &val, 1); 3842 } else if (chan <= 64) { 3843 run_efuse_read(sc, 3844 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, 3845 &val, 1); 3846 } else if (chan <= 138) { 3847 run_efuse_read(sc, 3848 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, 3849 &val, 1); 3850 } else if (chan <= 165) { 3851 run_efuse_read(sc, 3852 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, 3853 &val, 1); 3854 } else 3855 val = 0; 3856 run_bbp_write(sc, 159, val); 3857 3858 /* Tx1 IQ gain. */ 3859 run_bbp_write(sc, 158, 0x4a); 3860 if (chan <= 14) { 3861 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, 3862 &val, 1); 3863 } else if (chan <= 64) { 3864 run_efuse_read(sc, 3865 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, 3866 &val, 1); 3867 } else if (chan <= 138) { 3868 run_efuse_read(sc, 3869 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, 3870 &val, 1); 3871 } else if (chan <= 165) { 3872 run_efuse_read(sc, 3873 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, 3874 &val, 1); 3875 } else 3876 val = 0; 3877 run_bbp_write(sc, 159, val); 3878 3879 /* Tx1 IQ phase. */ 3880 run_bbp_write(sc, 158, 0x4b); 3881 if (chan <= 14) { 3882 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, 3883 &val, 1); 3884 } else if (chan <= 64) { 3885 run_efuse_read(sc, 3886 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, 3887 &val, 1); 3888 } else if (chan <= 138) { 3889 run_efuse_read(sc, 3890 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, 3891 &val, 1); 3892 } else if (chan <= 165) { 3893 run_efuse_read(sc, 3894 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, 3895 &val, 1); 3896 } else 3897 val = 0; 3898 run_bbp_write(sc, 159, val); 3899 3900 /* RF IQ compensation control. */ 3901 run_bbp_write(sc, 158, 0x04); 3902 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, 3903 &val, 1); 3904 run_bbp_write(sc, 159, val); 3905 3906 /* RF IQ imbalance compensation control. */ 3907 run_bbp_write(sc, 158, 0x03); 3908 run_efuse_read(sc, 3909 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1); 3910 run_bbp_write(sc, 159, val); 3911 } 3912 3913 static void 3914 run_set_agc(struct run_softc *sc, uint8_t agc) 3915 { 3916 uint8_t bbp; 3917 3918 if (sc->mac_ver == 0x3572) { 3919 run_bbp_read(sc, 27, &bbp); 3920 bbp &= ~(0x3 << 5); 3921 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3922 run_bbp_write(sc, 66, agc); 3923 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3924 run_bbp_write(sc, 66, agc); 3925 } else 3926 run_bbp_write(sc, 66, agc); 3927 } 3928 3929 static void 3930 run_select_chan_group(struct run_softc *sc, int group) 3931 { 3932 uint32_t tmp; 3933 uint8_t agc; 3934 3935 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 3936 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 3937 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 3938 if (sc->mac_ver < 0x3572) 3939 run_bbp_write(sc, 86, 0x00); 3940 3941 if (sc->mac_ver == 0x3593) { 3942 run_bbp_write(sc, 77, 0x98); 3943 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 3944 } 3945 3946 if (group == 0) { 3947 if (sc->ext_2ghz_lna) { 3948 if (sc->mac_ver >= 0x5390) 3949 run_bbp_write(sc, 75, 0x52); 3950 else { 3951 run_bbp_write(sc, 82, 0x62); 3952 run_bbp_write(sc, 75, 0x46); 3953 } 3954 } else { 3955 if (sc->mac_ver == 0x5592) { 3956 run_bbp_write(sc, 79, 0x1c); 3957 run_bbp_write(sc, 80, 0x0e); 3958 run_bbp_write(sc, 81, 0x3a); 3959 run_bbp_write(sc, 82, 0x62); 3960 3961 run_bbp_write(sc, 195, 0x80); 3962 run_bbp_write(sc, 196, 0xe0); 3963 run_bbp_write(sc, 195, 0x81); 3964 run_bbp_write(sc, 196, 0x1f); 3965 run_bbp_write(sc, 195, 0x82); 3966 run_bbp_write(sc, 196, 0x38); 3967 run_bbp_write(sc, 195, 0x83); 3968 run_bbp_write(sc, 196, 0x32); 3969 run_bbp_write(sc, 195, 0x85); 3970 run_bbp_write(sc, 196, 0x28); 3971 run_bbp_write(sc, 195, 0x86); 3972 run_bbp_write(sc, 196, 0x19); 3973 } else if (sc->mac_ver >= 0x5390) 3974 run_bbp_write(sc, 75, 0x50); 3975 else { 3976 run_bbp_write(sc, 82, 3977 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 3978 run_bbp_write(sc, 75, 0x50); 3979 } 3980 } 3981 } else { 3982 if (sc->mac_ver == 0x5592) { 3983 run_bbp_write(sc, 79, 0x18); 3984 run_bbp_write(sc, 80, 0x08); 3985 run_bbp_write(sc, 81, 0x38); 3986 run_bbp_write(sc, 82, 0x92); 3987 3988 run_bbp_write(sc, 195, 0x80); 3989 run_bbp_write(sc, 196, 0xf0); 3990 run_bbp_write(sc, 195, 0x81); 3991 run_bbp_write(sc, 196, 0x1e); 3992 run_bbp_write(sc, 195, 0x82); 3993 run_bbp_write(sc, 196, 0x28); 3994 run_bbp_write(sc, 195, 0x83); 3995 run_bbp_write(sc, 196, 0x20); 3996 run_bbp_write(sc, 195, 0x85); 3997 run_bbp_write(sc, 196, 0x7f); 3998 run_bbp_write(sc, 195, 0x86); 3999 run_bbp_write(sc, 196, 0x7f); 4000 } else if (sc->mac_ver == 0x3572) 4001 run_bbp_write(sc, 82, 0x94); 4002 else 4003 run_bbp_write(sc, 82, 4004 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 4005 if (sc->ext_5ghz_lna) 4006 run_bbp_write(sc, 75, 0x46); 4007 else 4008 run_bbp_write(sc, 75, 0x50); 4009 } 4010 4011 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 4012 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 4013 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 4014 run_write(sc, RT2860_TX_BAND_CFG, tmp); 4015 4016 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 4017 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 4018 if (sc->mac_ver == 0x3593) 4019 tmp |= 1 << 29 | 1 << 28; 4020 if (sc->nrxchains > 1) 4021 tmp |= RT2860_LNA_PE1_EN; 4022 if (group == 0) { /* 2GHz */ 4023 tmp |= RT2860_PA_PE_G0_EN; 4024 if (sc->ntxchains > 1) 4025 tmp |= RT2860_PA_PE_G1_EN; 4026 if (sc->mac_ver == 0x3593) { 4027 if (sc->ntxchains > 2) 4028 tmp |= 1 << 25; 4029 } 4030 } else { /* 5GHz */ 4031 tmp |= RT2860_PA_PE_A0_EN; 4032 if (sc->ntxchains > 1) 4033 tmp |= RT2860_PA_PE_A1_EN; 4034 } 4035 if (sc->mac_ver == 0x3572) { 4036 run_rt3070_rf_write(sc, 8, 0x00); 4037 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4038 run_rt3070_rf_write(sc, 8, 0x80); 4039 } else 4040 run_write(sc, RT2860_TX_PIN_CFG, tmp); 4041 4042 if (sc->mac_ver == 0x5592) { 4043 run_bbp_write(sc, 195, 0x8d); 4044 run_bbp_write(sc, 196, 0x1a); 4045 } 4046 4047 if (sc->mac_ver == 0x3593) { 4048 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4049 tmp &= ~0x01010000; 4050 if (group == 0) 4051 tmp |= 0x00010000; 4052 tmp = (tmp & ~0x00009090) | 0x00000090; 4053 run_write(sc, RT2860_GPIO_CTRL, tmp); 4054 } 4055 4056 /* set initial AGC value */ 4057 if (group == 0) { /* 2GHz band */ 4058 if (sc->mac_ver >= 0x3070) 4059 agc = 0x1c + sc->lna[0] * 2; 4060 else 4061 agc = 0x2e + sc->lna[0]; 4062 } else { /* 5GHz band */ 4063 if (sc->mac_ver == 0x5592) 4064 agc = 0x24 + sc->lna[group] * 2; 4065 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 4066 agc = 0x22 + (sc->lna[group] * 5) / 3; 4067 else 4068 agc = 0x32 + (sc->lna[group] * 5) / 3; 4069 } 4070 run_set_agc(sc, agc); 4071 } 4072 4073 static void 4074 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 4075 { 4076 const struct rfprog *rfprog = rt2860_rf2850; 4077 uint32_t r2, r3, r4; 4078 int8_t txpow1, txpow2; 4079 int i; 4080 4081 /* find the settings for this channel (we know it exists) */ 4082 for (i = 0; rfprog[i].chan != chan; i++); 4083 4084 r2 = rfprog[i].r2; 4085 if (sc->ntxchains == 1) 4086 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */ 4087 if (sc->nrxchains == 1) 4088 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */ 4089 else if (sc->nrxchains == 2) 4090 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */ 4091 4092 /* use Tx power values from EEPROM */ 4093 txpow1 = sc->txpow1[i]; 4094 txpow2 = sc->txpow2[i]; 4095 4096 /* Initialize RF R3 and R4. */ 4097 r3 = rfprog[i].r3 & 0xffffc1ff; 4098 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15); 4099 if (chan > 14) { 4100 if (txpow1 >= 0) { 4101 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1); 4102 r3 |= (txpow1 << 10) | (1 << 9); 4103 } else { 4104 txpow1 += 7; 4105 4106 /* txpow1 is not possible larger than 15. */ 4107 r3 |= (txpow1 << 10); 4108 } 4109 if (txpow2 >= 0) { 4110 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2); 4111 r4 |= (txpow2 << 7) | (1 << 6); 4112 } else { 4113 txpow2 += 7; 4114 r4 |= (txpow2 << 7); 4115 } 4116 } else { 4117 /* Set Tx0 power. */ 4118 r3 |= (txpow1 << 9); 4119 4120 /* Set frequency offset and Tx1 power. */ 4121 r4 |= (txpow2 << 6); 4122 } 4123 4124 run_rt2870_rf_write(sc, rfprog[i].r1); 4125 run_rt2870_rf_write(sc, r2); 4126 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4127 run_rt2870_rf_write(sc, r4); 4128 4129 run_delay(sc, 10); 4130 4131 run_rt2870_rf_write(sc, rfprog[i].r1); 4132 run_rt2870_rf_write(sc, r2); 4133 run_rt2870_rf_write(sc, r3 | (1 << 2)); 4134 run_rt2870_rf_write(sc, r4); 4135 4136 run_delay(sc, 10); 4137 4138 run_rt2870_rf_write(sc, rfprog[i].r1); 4139 run_rt2870_rf_write(sc, r2); 4140 run_rt2870_rf_write(sc, r3 & ~(1 << 2)); 4141 run_rt2870_rf_write(sc, r4); 4142 } 4143 4144 static void 4145 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 4146 { 4147 int8_t txpow1, txpow2; 4148 uint8_t rf; 4149 int i; 4150 4151 /* find the settings for this channel (we know it exists) */ 4152 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4153 4154 /* use Tx power values from EEPROM */ 4155 txpow1 = sc->txpow1[i]; 4156 txpow2 = sc->txpow2[i]; 4157 4158 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4159 4160 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 4161 run_rt3070_rf_read(sc, 3, &rf); 4162 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 4163 run_rt3070_rf_write(sc, 3, rf); 4164 4165 run_rt3070_rf_read(sc, 6, &rf); 4166 rf = (rf & ~0x03) | rt3070_freqs[i].r; 4167 run_rt3070_rf_write(sc, 6, rf); 4168 4169 /* set Tx0 power */ 4170 run_rt3070_rf_read(sc, 12, &rf); 4171 rf = (rf & ~0x1f) | txpow1; 4172 run_rt3070_rf_write(sc, 12, rf); 4173 4174 /* set Tx1 power */ 4175 run_rt3070_rf_read(sc, 13, &rf); 4176 rf = (rf & ~0x1f) | txpow2; 4177 run_rt3070_rf_write(sc, 13, rf); 4178 4179 run_rt3070_rf_read(sc, 1, &rf); 4180 rf &= ~0xfc; 4181 if (sc->ntxchains == 1) 4182 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4183 else if (sc->ntxchains == 2) 4184 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4185 if (sc->nrxchains == 1) 4186 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4187 else if (sc->nrxchains == 2) 4188 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4189 run_rt3070_rf_write(sc, 1, rf); 4190 4191 /* set RF offset */ 4192 run_rt3070_rf_read(sc, 23, &rf); 4193 rf = (rf & ~0x7f) | sc->freq; 4194 run_rt3070_rf_write(sc, 23, rf); 4195 4196 /* program RF filter */ 4197 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 4198 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4199 run_rt3070_rf_write(sc, 24, rf); 4200 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 4201 rf = (rf & ~0x3f) | sc->rf24_20mhz; 4202 run_rt3070_rf_write(sc, 31, rf); 4203 4204 /* enable RF tuning */ 4205 run_rt3070_rf_read(sc, 7, &rf); 4206 run_rt3070_rf_write(sc, 7, rf | 0x01); 4207 } 4208 4209 static void 4210 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 4211 { 4212 int8_t txpow1, txpow2; 4213 uint32_t tmp; 4214 uint8_t rf; 4215 int i; 4216 4217 /* find the settings for this channel (we know it exists) */ 4218 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4219 4220 /* use Tx power values from EEPROM */ 4221 txpow1 = sc->txpow1[i]; 4222 txpow2 = sc->txpow2[i]; 4223 4224 if (chan <= 14) { 4225 run_bbp_write(sc, 25, sc->bbp25); 4226 run_bbp_write(sc, 26, sc->bbp26); 4227 } else { 4228 /* enable IQ phase correction */ 4229 run_bbp_write(sc, 25, 0x09); 4230 run_bbp_write(sc, 26, 0xff); 4231 } 4232 4233 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 4234 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 4235 run_rt3070_rf_read(sc, 6, &rf); 4236 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 4237 rf |= (chan <= 14) ? 0x08 : 0x04; 4238 run_rt3070_rf_write(sc, 6, rf); 4239 4240 /* set PLL mode */ 4241 run_rt3070_rf_read(sc, 5, &rf); 4242 rf &= ~(0x08 | 0x04); 4243 rf |= (chan <= 14) ? 0x04 : 0x08; 4244 run_rt3070_rf_write(sc, 5, rf); 4245 4246 /* set Tx power for chain 0 */ 4247 if (chan <= 14) 4248 rf = 0x60 | txpow1; 4249 else 4250 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 4251 run_rt3070_rf_write(sc, 12, rf); 4252 4253 /* set Tx power for chain 1 */ 4254 if (chan <= 14) 4255 rf = 0x60 | txpow2; 4256 else 4257 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 4258 run_rt3070_rf_write(sc, 13, rf); 4259 4260 /* set Tx/Rx streams */ 4261 run_rt3070_rf_read(sc, 1, &rf); 4262 rf &= ~0xfc; 4263 if (sc->ntxchains == 1) 4264 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 4265 else if (sc->ntxchains == 2) 4266 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 4267 if (sc->nrxchains == 1) 4268 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 4269 else if (sc->nrxchains == 2) 4270 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 4271 run_rt3070_rf_write(sc, 1, rf); 4272 4273 /* set RF offset */ 4274 run_rt3070_rf_read(sc, 23, &rf); 4275 rf = (rf & ~0x7f) | sc->freq; 4276 run_rt3070_rf_write(sc, 23, rf); 4277 4278 /* program RF filter */ 4279 rf = sc->rf24_20mhz; 4280 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 4281 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 4282 4283 /* enable RF tuning */ 4284 run_rt3070_rf_read(sc, 7, &rf); 4285 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 4286 run_rt3070_rf_write(sc, 7, rf); 4287 4288 /* TSSI */ 4289 rf = (chan <= 14) ? 0xc3 : 0xc0; 4290 run_rt3070_rf_write(sc, 9, rf); 4291 4292 /* set loop filter 1 */ 4293 run_rt3070_rf_write(sc, 10, 0xf1); 4294 /* set loop filter 2 */ 4295 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 4296 4297 /* set tx_mx2_ic */ 4298 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 4299 /* set tx_mx1_ic */ 4300 if (chan <= 14) 4301 rf = 0x48 | sc->txmixgain_2ghz; 4302 else 4303 rf = 0x78 | sc->txmixgain_5ghz; 4304 run_rt3070_rf_write(sc, 16, rf); 4305 4306 /* set tx_lo1 */ 4307 run_rt3070_rf_write(sc, 17, 0x23); 4308 /* set tx_lo2 */ 4309 if (chan <= 14) 4310 rf = 0x93; 4311 else if (chan <= 64) 4312 rf = 0xb7; 4313 else if (chan <= 128) 4314 rf = 0x74; 4315 else 4316 rf = 0x72; 4317 run_rt3070_rf_write(sc, 19, rf); 4318 4319 /* set rx_lo1 */ 4320 if (chan <= 14) 4321 rf = 0xb3; 4322 else if (chan <= 64) 4323 rf = 0xf6; 4324 else if (chan <= 128) 4325 rf = 0xf4; 4326 else 4327 rf = 0xf3; 4328 run_rt3070_rf_write(sc, 20, rf); 4329 4330 /* set pfd_delay */ 4331 if (chan <= 14) 4332 rf = 0x15; 4333 else if (chan <= 64) 4334 rf = 0x3d; 4335 else 4336 rf = 0x01; 4337 run_rt3070_rf_write(sc, 25, rf); 4338 4339 /* set rx_lo2 */ 4340 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 4341 /* set ldo_rf_vc */ 4342 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 4343 /* set drv_cc */ 4344 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 4345 4346 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4347 tmp &= ~0x8080; 4348 if (chan <= 14) 4349 tmp |= 0x80; 4350 run_write(sc, RT2860_GPIO_CTRL, tmp); 4351 4352 /* enable RF tuning */ 4353 run_rt3070_rf_read(sc, 7, &rf); 4354 run_rt3070_rf_write(sc, 7, rf | 0x01); 4355 4356 run_delay(sc, 2); 4357 } 4358 4359 static void 4360 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 4361 { 4362 int8_t txpow1, txpow2, txpow3; 4363 uint8_t h20mhz, rf; 4364 int i; 4365 4366 /* find the settings for this channel (we know it exists) */ 4367 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4368 4369 /* use Tx power values from EEPROM */ 4370 txpow1 = sc->txpow1[i]; 4371 txpow2 = sc->txpow2[i]; 4372 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 4373 4374 if (chan <= 14) { 4375 run_bbp_write(sc, 25, sc->bbp25); 4376 run_bbp_write(sc, 26, sc->bbp26); 4377 } else { 4378 /* Enable IQ phase correction. */ 4379 run_bbp_write(sc, 25, 0x09); 4380 run_bbp_write(sc, 26, 0xff); 4381 } 4382 4383 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4384 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4385 run_rt3070_rf_read(sc, 11, &rf); 4386 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4387 run_rt3070_rf_write(sc, 11, rf); 4388 4389 /* Set pll_idoh. */ 4390 run_rt3070_rf_read(sc, 11, &rf); 4391 rf &= ~0x4c; 4392 rf |= (chan <= 14) ? 0x44 : 0x48; 4393 run_rt3070_rf_write(sc, 11, rf); 4394 4395 if (chan <= 14) 4396 rf = txpow1 & 0x1f; 4397 else 4398 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 4399 run_rt3070_rf_write(sc, 53, rf); 4400 4401 if (chan <= 14) 4402 rf = txpow2 & 0x1f; 4403 else 4404 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 4405 run_rt3070_rf_write(sc, 55, rf); 4406 4407 if (chan <= 14) 4408 rf = txpow3 & 0x1f; 4409 else 4410 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 4411 run_rt3070_rf_write(sc, 54, rf); 4412 4413 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 4414 if (sc->ntxchains == 3) 4415 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 4416 else 4417 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 4418 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 4419 run_rt3070_rf_write(sc, 1, rf); 4420 4421 run_adjust_freq_offset(sc); 4422 4423 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 4424 4425 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 4426 run_rt3070_rf_read(sc, 30, &rf); 4427 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 4428 run_rt3070_rf_write(sc, 30, rf); 4429 4430 run_rt3070_rf_read(sc, 36, &rf); 4431 if (chan <= 14) 4432 rf |= 0x80; 4433 else 4434 rf &= ~0x80; 4435 run_rt3070_rf_write(sc, 36, rf); 4436 4437 /* Set vcolo_bs. */ 4438 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 4439 /* Set pfd_delay. */ 4440 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 4441 4442 /* Set vco bias current control. */ 4443 run_rt3070_rf_read(sc, 6, &rf); 4444 rf &= ~0xc0; 4445 if (chan <= 14) 4446 rf |= 0x40; 4447 else if (chan <= 128) 4448 rf |= 0x80; 4449 else 4450 rf |= 0x40; 4451 run_rt3070_rf_write(sc, 6, rf); 4452 4453 run_rt3070_rf_read(sc, 30, &rf); 4454 rf = (rf & ~0x18) | 0x10; 4455 run_rt3070_rf_write(sc, 30, rf); 4456 4457 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 4458 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 4459 4460 run_rt3070_rf_read(sc, 51, &rf); 4461 rf = (rf & ~0x03) | 0x01; 4462 run_rt3070_rf_write(sc, 51, rf); 4463 /* Set tx_mx1_cc. */ 4464 run_rt3070_rf_read(sc, 51, &rf); 4465 rf &= ~0x1c; 4466 rf |= (chan <= 14) ? 0x14 : 0x10; 4467 run_rt3070_rf_write(sc, 51, rf); 4468 /* Set tx_mx1_ic. */ 4469 run_rt3070_rf_read(sc, 51, &rf); 4470 rf &= ~0xe0; 4471 rf |= (chan <= 14) ? 0x60 : 0x40; 4472 run_rt3070_rf_write(sc, 51, rf); 4473 /* Set tx_lo1_ic. */ 4474 run_rt3070_rf_read(sc, 49, &rf); 4475 rf &= ~0x1c; 4476 rf |= (chan <= 14) ? 0x0c : 0x08; 4477 run_rt3070_rf_write(sc, 49, rf); 4478 /* Set tx_lo1_en. */ 4479 run_rt3070_rf_read(sc, 50, &rf); 4480 run_rt3070_rf_write(sc, 50, rf & ~0x20); 4481 /* Set drv_cc. */ 4482 run_rt3070_rf_read(sc, 57, &rf); 4483 rf &= ~0xfc; 4484 rf |= (chan <= 14) ? 0x6c : 0x3c; 4485 run_rt3070_rf_write(sc, 57, rf); 4486 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 4487 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 4488 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 4489 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 4490 /* Enable VCO calibration. */ 4491 run_rt3070_rf_read(sc, 3, &rf); 4492 rf &= ~RT5390_VCOCAL; 4493 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe; 4494 run_rt3070_rf_write(sc, 3, rf); 4495 4496 if (chan <= 14) 4497 rf = 0x23; 4498 else if (chan <= 64) 4499 rf = 0x36; 4500 else if (chan <= 128) 4501 rf = 0x32; 4502 else 4503 rf = 0x30; 4504 run_rt3070_rf_write(sc, 39, rf); 4505 if (chan <= 14) 4506 rf = 0xbb; 4507 else if (chan <= 64) 4508 rf = 0xeb; 4509 else if (chan <= 128) 4510 rf = 0xb3; 4511 else 4512 rf = 0x9b; 4513 run_rt3070_rf_write(sc, 45, rf); 4514 4515 /* Set FEQ/AEQ control. */ 4516 run_bbp_write(sc, 105, 0x34); 4517 } 4518 4519 static void 4520 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 4521 { 4522 int8_t txpow1, txpow2; 4523 uint8_t rf; 4524 int i; 4525 4526 /* find the settings for this channel (we know it exists) */ 4527 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 4528 4529 /* use Tx power values from EEPROM */ 4530 txpow1 = sc->txpow1[i]; 4531 txpow2 = sc->txpow2[i]; 4532 4533 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 4534 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 4535 run_rt3070_rf_read(sc, 11, &rf); 4536 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 4537 run_rt3070_rf_write(sc, 11, rf); 4538 4539 run_rt3070_rf_read(sc, 49, &rf); 4540 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4541 /* The valid range of the RF R49 is 0x00 to 0x27. */ 4542 if ((rf & 0x3f) > 0x27) 4543 rf = (rf & ~0x3f) | 0x27; 4544 run_rt3070_rf_write(sc, 49, rf); 4545 4546 if (sc->mac_ver == 0x5392) { 4547 run_rt3070_rf_read(sc, 50, &rf); 4548 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4549 /* The valid range of the RF R50 is 0x00 to 0x27. */ 4550 if ((rf & 0x3f) > 0x27) 4551 rf = (rf & ~0x3f) | 0x27; 4552 run_rt3070_rf_write(sc, 50, rf); 4553 } 4554 4555 run_rt3070_rf_read(sc, 1, &rf); 4556 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 4557 if (sc->mac_ver == 0x5392) 4558 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 4559 run_rt3070_rf_write(sc, 1, rf); 4560 4561 if (sc->mac_ver != 0x5392) { 4562 run_rt3070_rf_read(sc, 2, &rf); 4563 rf |= 0x80; 4564 run_rt3070_rf_write(sc, 2, rf); 4565 run_delay(sc, 10); 4566 rf &= 0x7f; 4567 run_rt3070_rf_write(sc, 2, rf); 4568 } 4569 4570 run_adjust_freq_offset(sc); 4571 4572 if (sc->mac_ver == 0x5392) { 4573 /* Fix for RT5392C. */ 4574 if (sc->mac_rev >= 0x0223) { 4575 if (chan <= 4) 4576 rf = 0x0f; 4577 else if (chan >= 5 && chan <= 7) 4578 rf = 0x0e; 4579 else 4580 rf = 0x0d; 4581 run_rt3070_rf_write(sc, 23, rf); 4582 4583 if (chan <= 4) 4584 rf = 0x0c; 4585 else if (chan == 5) 4586 rf = 0x0b; 4587 else if (chan >= 6 && chan <= 7) 4588 rf = 0x0a; 4589 else if (chan >= 8 && chan <= 10) 4590 rf = 0x09; 4591 else 4592 rf = 0x08; 4593 run_rt3070_rf_write(sc, 59, rf); 4594 } else { 4595 if (chan <= 11) 4596 rf = 0x0f; 4597 else 4598 rf = 0x0b; 4599 run_rt3070_rf_write(sc, 59, rf); 4600 } 4601 } else { 4602 /* Fix for RT5390F. */ 4603 if (sc->mac_rev >= 0x0502) { 4604 if (chan <= 11) 4605 rf = 0x43; 4606 else 4607 rf = 0x23; 4608 run_rt3070_rf_write(sc, 55, rf); 4609 4610 if (chan <= 11) 4611 rf = 0x0f; 4612 else if (chan == 12) 4613 rf = 0x0d; 4614 else 4615 rf = 0x0b; 4616 run_rt3070_rf_write(sc, 59, rf); 4617 } else { 4618 run_rt3070_rf_write(sc, 55, 0x44); 4619 run_rt3070_rf_write(sc, 59, 0x8f); 4620 } 4621 } 4622 4623 /* Enable VCO calibration. */ 4624 run_rt3070_rf_read(sc, 3, &rf); 4625 rf |= RT5390_VCOCAL; 4626 run_rt3070_rf_write(sc, 3, rf); 4627 } 4628 4629 static void 4630 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 4631 { 4632 const struct rt5592_freqs *freqs; 4633 uint32_t tmp; 4634 uint8_t reg, rf, txpow_bound; 4635 int8_t txpow1, txpow2; 4636 int i; 4637 4638 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 4639 freqs = (tmp & RT5592_SEL_XTAL) ? 4640 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 4641 4642 /* find the settings for this channel (we know it exists) */ 4643 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 4644 4645 /* use Tx power values from EEPROM */ 4646 txpow1 = sc->txpow1[i]; 4647 txpow2 = sc->txpow2[i]; 4648 4649 run_read(sc, RT3070_LDO_CFG0, &tmp); 4650 tmp &= ~0x1c000000; 4651 if (chan > 14) 4652 tmp |= 0x14000000; 4653 run_write(sc, RT3070_LDO_CFG0, tmp); 4654 4655 /* N setting. */ 4656 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 4657 run_rt3070_rf_read(sc, 9, &rf); 4658 rf &= ~(1 << 4); 4659 rf |= ((freqs->n & 0x0100) >> 8) << 4; 4660 run_rt3070_rf_write(sc, 9, rf); 4661 4662 /* K setting. */ 4663 run_rt3070_rf_read(sc, 9, &rf); 4664 rf &= ~0x0f; 4665 rf |= (freqs->k & 0x0f); 4666 run_rt3070_rf_write(sc, 9, rf); 4667 4668 /* Mode setting. */ 4669 run_rt3070_rf_read(sc, 11, &rf); 4670 rf &= ~0x0c; 4671 rf |= ((freqs->m - 0x8) & 0x3) << 2; 4672 run_rt3070_rf_write(sc, 11, rf); 4673 run_rt3070_rf_read(sc, 9, &rf); 4674 rf &= ~(1 << 7); 4675 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 4676 run_rt3070_rf_write(sc, 9, rf); 4677 4678 /* R setting. */ 4679 run_rt3070_rf_read(sc, 11, &rf); 4680 rf &= ~0x03; 4681 rf |= (freqs->r - 0x1); 4682 run_rt3070_rf_write(sc, 11, rf); 4683 4684 if (chan <= 14) { 4685 /* Initialize RF registers for 2GHZ. */ 4686 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 4687 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 4688 rt5592_2ghz_def_rf[i].val); 4689 } 4690 4691 rf = (chan <= 10) ? 0x07 : 0x06; 4692 run_rt3070_rf_write(sc, 23, rf); 4693 run_rt3070_rf_write(sc, 59, rf); 4694 4695 run_rt3070_rf_write(sc, 55, 0x43); 4696 4697 /* 4698 * RF R49/R50 Tx power ALC code. 4699 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 4700 */ 4701 reg = 2; 4702 txpow_bound = 0x27; 4703 } else { 4704 /* Initialize RF registers for 5GHZ. */ 4705 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 4706 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 4707 rt5592_5ghz_def_rf[i].val); 4708 } 4709 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 4710 if (chan >= rt5592_chan_5ghz[i].firstchan && 4711 chan <= rt5592_chan_5ghz[i].lastchan) { 4712 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 4713 rt5592_chan_5ghz[i].val); 4714 } 4715 } 4716 4717 /* 4718 * RF R49/R50 Tx power ALC code. 4719 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 4720 */ 4721 reg = 3; 4722 txpow_bound = 0x2b; 4723 } 4724 4725 /* RF R49 ch0 Tx power ALC code. */ 4726 run_rt3070_rf_read(sc, 49, &rf); 4727 rf &= ~0xc0; 4728 rf |= (reg << 6); 4729 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 4730 if ((rf & 0x3f) > txpow_bound) 4731 rf = (rf & ~0x3f) | txpow_bound; 4732 run_rt3070_rf_write(sc, 49, rf); 4733 4734 /* RF R50 ch1 Tx power ALC code. */ 4735 run_rt3070_rf_read(sc, 50, &rf); 4736 rf &= ~(1 << 7 | 1 << 6); 4737 rf |= (reg << 6); 4738 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 4739 if ((rf & 0x3f) > txpow_bound) 4740 rf = (rf & ~0x3f) | txpow_bound; 4741 run_rt3070_rf_write(sc, 50, rf); 4742 4743 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 4744 run_rt3070_rf_read(sc, 1, &rf); 4745 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 4746 if (sc->ntxchains > 1) 4747 rf |= RT3070_TX1_PD; 4748 if (sc->nrxchains > 1) 4749 rf |= RT3070_RX1_PD; 4750 run_rt3070_rf_write(sc, 1, rf); 4751 4752 run_rt3070_rf_write(sc, 6, 0xe4); 4753 4754 run_rt3070_rf_write(sc, 30, 0x10); 4755 run_rt3070_rf_write(sc, 31, 0x80); 4756 run_rt3070_rf_write(sc, 32, 0x80); 4757 4758 run_adjust_freq_offset(sc); 4759 4760 /* Enable VCO calibration. */ 4761 run_rt3070_rf_read(sc, 3, &rf); 4762 rf |= RT5390_VCOCAL; 4763 run_rt3070_rf_write(sc, 3, rf); 4764 } 4765 4766 static void 4767 run_set_rx_antenna(struct run_softc *sc, int aux) 4768 { 4769 uint32_t tmp; 4770 uint8_t bbp152; 4771 4772 if (aux) { 4773 if (sc->rf_rev == RT5390_RF_5370) { 4774 run_bbp_read(sc, 152, &bbp152); 4775 run_bbp_write(sc, 152, bbp152 & ~0x80); 4776 } else { 4777 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 4778 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4779 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 4780 } 4781 } else { 4782 if (sc->rf_rev == RT5390_RF_5370) { 4783 run_bbp_read(sc, 152, &bbp152); 4784 run_bbp_write(sc, 152, bbp152 | 0x80); 4785 } else { 4786 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 4787 run_read(sc, RT2860_GPIO_CTRL, &tmp); 4788 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 4789 } 4790 } 4791 } 4792 4793 static int 4794 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 4795 { 4796 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 4797 u_int chan, group; 4798 4799 chan = ieee80211_chan2ieee(ic, c); 4800 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 4801 return (EINVAL); 4802 4803 if (sc->mac_ver == 0x5592) 4804 run_rt5592_set_chan(sc, chan); 4805 else if (sc->mac_ver >= 0x5390) 4806 run_rt5390_set_chan(sc, chan); 4807 else if (sc->mac_ver == 0x3593) 4808 run_rt3593_set_chan(sc, chan); 4809 else if (sc->mac_ver == 0x3572) 4810 run_rt3572_set_chan(sc, chan); 4811 else if (sc->mac_ver >= 0x3070) 4812 run_rt3070_set_chan(sc, chan); 4813 else 4814 run_rt2870_set_chan(sc, chan); 4815 4816 /* determine channel group */ 4817 if (chan <= 14) 4818 group = 0; 4819 else if (chan <= 64) 4820 group = 1; 4821 else if (chan <= 128) 4822 group = 2; 4823 else 4824 group = 3; 4825 4826 /* XXX necessary only when group has changed! */ 4827 run_select_chan_group(sc, group); 4828 4829 run_delay(sc, 10); 4830 4831 /* Perform IQ calibration. */ 4832 if (sc->mac_ver >= 0x5392) 4833 run_iq_calib(sc, chan); 4834 4835 return (0); 4836 } 4837 4838 static void 4839 run_set_channel(struct ieee80211com *ic) 4840 { 4841 struct run_softc *sc = ic->ic_ifp->if_softc; 4842 4843 RUN_LOCK(sc); 4844 run_set_chan(sc, ic->ic_curchan); 4845 RUN_UNLOCK(sc); 4846 4847 return; 4848 } 4849 4850 static void 4851 run_scan_start(struct ieee80211com *ic) 4852 { 4853 struct run_softc *sc = ic->ic_ifp->if_softc; 4854 uint32_t tmp; 4855 4856 RUN_LOCK(sc); 4857 4858 /* abort TSF synchronization */ 4859 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4860 run_write(sc, RT2860_BCN_TIME_CFG, 4861 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4862 RT2860_TBTT_TIMER_EN)); 4863 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr); 4864 4865 RUN_UNLOCK(sc); 4866 4867 return; 4868 } 4869 4870 static void 4871 run_scan_end(struct ieee80211com *ic) 4872 { 4873 struct run_softc *sc = ic->ic_ifp->if_softc; 4874 4875 RUN_LOCK(sc); 4876 4877 run_enable_tsf_sync(sc); 4878 /* XXX keep local copy */ 4879 run_set_bssid(sc, sc->sc_bssid); 4880 4881 RUN_UNLOCK(sc); 4882 4883 return; 4884 } 4885 4886 /* 4887 * Could be called from ieee80211_node_timeout() 4888 * (non-sleepable thread) 4889 */ 4890 static void 4891 run_update_beacon(struct ieee80211vap *vap, int item) 4892 { 4893 struct ieee80211com *ic = vap->iv_ic; 4894 struct run_softc *sc = ic->ic_ifp->if_softc; 4895 struct run_vap *rvp = RUN_VAP(vap); 4896 int mcast = 0; 4897 uint32_t i; 4898 4899 KASSERT(vap != NULL, ("no beacon")); 4900 4901 switch (item) { 4902 case IEEE80211_BEACON_ERP: 4903 run_updateslot(ic->ic_ifp); 4904 break; 4905 case IEEE80211_BEACON_HTINFO: 4906 run_updateprot(ic); 4907 break; 4908 case IEEE80211_BEACON_TIM: 4909 mcast = 1; /*TODO*/ 4910 break; 4911 default: 4912 break; 4913 } 4914 4915 setbit(rvp->bo.bo_flags, item); 4916 if (rvp->beacon_mbuf == NULL) { 4917 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4918 &rvp->bo); 4919 if (rvp->beacon_mbuf == NULL) 4920 return; 4921 } 4922 ieee80211_beacon_update(vap->iv_bss, &rvp->bo, rvp->beacon_mbuf, mcast); 4923 4924 i = RUN_CMDQ_GET(&sc->cmdq_store); 4925 DPRINTF("cmdq_store=%d\n", i); 4926 sc->cmdq[i].func = run_update_beacon_cb; 4927 sc->cmdq[i].arg0 = vap; 4928 ieee80211_runtask(ic, &sc->cmdq_task); 4929 4930 return; 4931 } 4932 4933 static void 4934 run_update_beacon_cb(void *arg) 4935 { 4936 struct ieee80211vap *vap = arg; 4937 struct run_vap *rvp = RUN_VAP(vap); 4938 struct ieee80211com *ic = vap->iv_ic; 4939 struct run_softc *sc = ic->ic_ifp->if_softc; 4940 struct rt2860_txwi txwi; 4941 struct mbuf *m; 4942 uint16_t txwisize; 4943 uint8_t ridx; 4944 4945 if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC) 4946 return; 4947 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) 4948 return; 4949 4950 /* 4951 * No need to call ieee80211_beacon_update(), run_update_beacon() 4952 * is taking care of apropriate calls. 4953 */ 4954 if (rvp->beacon_mbuf == NULL) { 4955 rvp->beacon_mbuf = ieee80211_beacon_alloc(vap->iv_bss, 4956 &rvp->bo); 4957 if (rvp->beacon_mbuf == NULL) 4958 return; 4959 } 4960 m = rvp->beacon_mbuf; 4961 4962 memset(&txwi, 0, sizeof(txwi)); 4963 txwi.wcid = 0xff; 4964 txwi.len = htole16(m->m_pkthdr.len); 4965 4966 /* send beacons at the lowest available rate */ 4967 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4968 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 4969 txwi.phy = htole16(rt2860_rates[ridx].mcs); 4970 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 4971 txwi.phy |= htole16(RT2860_PHY_OFDM); 4972 txwi.txop = RT2860_TX_TXOP_HT; 4973 txwi.flags = RT2860_TX_TS; 4974 txwi.xflags = RT2860_TX_NSEQ; 4975 4976 txwisize = (sc->mac_ver == 0x5592) ? 4977 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi); 4978 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi, 4979 txwisize); 4980 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize, 4981 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); 4982 } 4983 4984 static void 4985 run_updateprot(struct ieee80211com *ic) 4986 { 4987 struct run_softc *sc = ic->ic_ifp->if_softc; 4988 uint32_t i; 4989 4990 i = RUN_CMDQ_GET(&sc->cmdq_store); 4991 DPRINTF("cmdq_store=%d\n", i); 4992 sc->cmdq[i].func = run_updateprot_cb; 4993 sc->cmdq[i].arg0 = ic; 4994 ieee80211_runtask(ic, &sc->cmdq_task); 4995 } 4996 4997 static void 4998 run_updateprot_cb(void *arg) 4999 { 5000 struct ieee80211com *ic = arg; 5001 struct run_softc *sc = ic->ic_ifp->if_softc; 5002 uint32_t tmp; 5003 5004 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL; 5005 /* setup protection frame rate (MCS code) */ 5006 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ? 5007 rt2860_rates[RT2860_RIDX_OFDM6].mcs : 5008 rt2860_rates[RT2860_RIDX_CCK11].mcs; 5009 5010 /* CCK frames don't require protection */ 5011 run_write(sc, RT2860_CCK_PROT_CFG, tmp); 5012 if (ic->ic_flags & IEEE80211_F_USEPROT) { 5013 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 5014 tmp |= RT2860_PROT_CTRL_RTS_CTS; 5015 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 5016 tmp |= RT2860_PROT_CTRL_CTS; 5017 } 5018 run_write(sc, RT2860_OFDM_PROT_CFG, tmp); 5019 } 5020 5021 static void 5022 run_usb_timeout_cb(void *arg) 5023 { 5024 struct ieee80211vap *vap = arg; 5025 struct run_softc *sc = vap->iv_ic->ic_ifp->if_softc; 5026 5027 RUN_LOCK_ASSERT(sc, MA_OWNED); 5028 5029 if(vap->iv_state == IEEE80211_S_RUN && 5030 vap->iv_opmode != IEEE80211_M_STA) 5031 run_reset_livelock(sc); 5032 else if (vap->iv_state == IEEE80211_S_SCAN) { 5033 DPRINTF("timeout caused by scan\n"); 5034 /* cancel bgscan */ 5035 ieee80211_cancel_scan(vap); 5036 } else 5037 DPRINTF("timeout by unknown cause\n"); 5038 } 5039 5040 static void 5041 run_reset_livelock(struct run_softc *sc) 5042 { 5043 uint32_t tmp; 5044 5045 RUN_LOCK_ASSERT(sc, MA_OWNED); 5046 5047 /* 5048 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC 5049 * can run into a livelock and start sending CTS-to-self frames like 5050 * crazy if protection is enabled. Reset MAC/BBP for a while 5051 */ 5052 run_read(sc, RT2860_DEBUG, &tmp); 5053 DPRINTFN(3, "debug reg %08x\n", tmp); 5054 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) { 5055 DPRINTF("CTS-to-self livelock detected\n"); 5056 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST); 5057 run_delay(sc, 1); 5058 run_write(sc, RT2860_MAC_SYS_CTRL, 5059 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5060 } 5061 } 5062 5063 static void 5064 run_update_promisc_locked(struct ifnet *ifp) 5065 { 5066 struct run_softc *sc = ifp->if_softc; 5067 uint32_t tmp; 5068 5069 run_read(sc, RT2860_RX_FILTR_CFG, &tmp); 5070 5071 tmp |= RT2860_DROP_UC_NOME; 5072 if (ifp->if_flags & IFF_PROMISC) 5073 tmp &= ~RT2860_DROP_UC_NOME; 5074 5075 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5076 5077 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ? 5078 "entering" : "leaving"); 5079 } 5080 5081 static void 5082 run_update_promisc(struct ifnet *ifp) 5083 { 5084 struct run_softc *sc = ifp->if_softc; 5085 5086 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) 5087 return; 5088 5089 RUN_LOCK(sc); 5090 run_update_promisc_locked(ifp); 5091 RUN_UNLOCK(sc); 5092 } 5093 5094 static void 5095 run_enable_tsf_sync(struct run_softc *sc) 5096 { 5097 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5098 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5099 uint32_t tmp; 5100 5101 DPRINTF("rvp_id=%d ic_opmode=%d\n", RUN_VAP(vap)->rvp_id, 5102 ic->ic_opmode); 5103 5104 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 5105 tmp &= ~0x1fffff; 5106 tmp |= vap->iv_bss->ni_intval * 16; 5107 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 5108 5109 if (ic->ic_opmode == IEEE80211_M_STA) { 5110 /* 5111 * Local TSF is always updated with remote TSF on beacon 5112 * reception. 5113 */ 5114 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 5115 } else if (ic->ic_opmode == IEEE80211_M_IBSS) { 5116 tmp |= RT2860_BCN_TX_EN; 5117 /* 5118 * Local TSF is updated with remote TSF on beacon reception 5119 * only if the remote TSF is greater than local TSF. 5120 */ 5121 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 5122 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP || 5123 ic->ic_opmode == IEEE80211_M_MBSS) { 5124 tmp |= RT2860_BCN_TX_EN; 5125 /* SYNC with nobody */ 5126 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 5127 } else { 5128 DPRINTF("Enabling TSF failed. undefined opmode\n"); 5129 return; 5130 } 5131 5132 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 5133 } 5134 5135 static void 5136 run_enable_mrr(struct run_softc *sc) 5137 { 5138 #define CCK(mcs) (mcs) 5139 #define OFDM(mcs) (1 << 3 | (mcs)) 5140 run_write(sc, RT2860_LG_FBK_CFG0, 5141 OFDM(6) << 28 | /* 54->48 */ 5142 OFDM(5) << 24 | /* 48->36 */ 5143 OFDM(4) << 20 | /* 36->24 */ 5144 OFDM(3) << 16 | /* 24->18 */ 5145 OFDM(2) << 12 | /* 18->12 */ 5146 OFDM(1) << 8 | /* 12-> 9 */ 5147 OFDM(0) << 4 | /* 9-> 6 */ 5148 OFDM(0)); /* 6-> 6 */ 5149 5150 run_write(sc, RT2860_LG_FBK_CFG1, 5151 CCK(2) << 12 | /* 11->5.5 */ 5152 CCK(1) << 8 | /* 5.5-> 2 */ 5153 CCK(0) << 4 | /* 2-> 1 */ 5154 CCK(0)); /* 1-> 1 */ 5155 #undef OFDM 5156 #undef CCK 5157 } 5158 5159 static void 5160 run_set_txpreamble(struct run_softc *sc) 5161 { 5162 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5163 uint32_t tmp; 5164 5165 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 5166 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 5167 tmp |= RT2860_CCK_SHORT_EN; 5168 else 5169 tmp &= ~RT2860_CCK_SHORT_EN; 5170 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 5171 } 5172 5173 static void 5174 run_set_basicrates(struct run_softc *sc) 5175 { 5176 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5177 5178 /* set basic rates mask */ 5179 if (ic->ic_curmode == IEEE80211_MODE_11B) 5180 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 5181 else if (ic->ic_curmode == IEEE80211_MODE_11A) 5182 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 5183 else /* 11g */ 5184 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 5185 } 5186 5187 static void 5188 run_set_leds(struct run_softc *sc, uint16_t which) 5189 { 5190 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 5191 which | (sc->leds & 0x7f)); 5192 } 5193 5194 static void 5195 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 5196 { 5197 run_write(sc, RT2860_MAC_BSSID_DW0, 5198 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 5199 run_write(sc, RT2860_MAC_BSSID_DW1, 5200 bssid[4] | bssid[5] << 8); 5201 } 5202 5203 static void 5204 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 5205 { 5206 run_write(sc, RT2860_MAC_ADDR_DW0, 5207 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 5208 run_write(sc, RT2860_MAC_ADDR_DW1, 5209 addr[4] | addr[5] << 8 | 0xff << 16); 5210 } 5211 5212 static void 5213 run_updateslot(struct ifnet *ifp) 5214 { 5215 struct run_softc *sc = ifp->if_softc; 5216 struct ieee80211com *ic = ifp->if_l2com; 5217 uint32_t i; 5218 5219 i = RUN_CMDQ_GET(&sc->cmdq_store); 5220 DPRINTF("cmdq_store=%d\n", i); 5221 sc->cmdq[i].func = run_updateslot_cb; 5222 sc->cmdq[i].arg0 = ifp; 5223 ieee80211_runtask(ic, &sc->cmdq_task); 5224 5225 return; 5226 } 5227 5228 /* ARGSUSED */ 5229 static void 5230 run_updateslot_cb(void *arg) 5231 { 5232 struct ifnet *ifp = arg; 5233 struct run_softc *sc = ifp->if_softc; 5234 struct ieee80211com *ic = ifp->if_l2com; 5235 uint32_t tmp; 5236 5237 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 5238 tmp &= ~0xff; 5239 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 5240 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 5241 } 5242 5243 static void 5244 run_update_mcast(struct ifnet *ifp) 5245 { 5246 /* h/w filter supports getting everything or nothing */ 5247 ifp->if_flags |= IFF_ALLMULTI; 5248 } 5249 5250 static int8_t 5251 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 5252 { 5253 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5254 struct ieee80211_channel *c = ic->ic_curchan; 5255 int delta; 5256 5257 if (IEEE80211_IS_CHAN_5GHZ(c)) { 5258 u_int chan = ieee80211_chan2ieee(ic, c); 5259 delta = sc->rssi_5ghz[rxchain]; 5260 5261 /* determine channel group */ 5262 if (chan <= 64) 5263 delta -= sc->lna[1]; 5264 else if (chan <= 128) 5265 delta -= sc->lna[2]; 5266 else 5267 delta -= sc->lna[3]; 5268 } else 5269 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 5270 5271 return (-12 - delta - rssi); 5272 } 5273 5274 static void 5275 run_rt5390_bbp_init(struct run_softc *sc) 5276 { 5277 int i; 5278 uint8_t bbp; 5279 5280 /* Apply maximum likelihood detection for 2 stream case. */ 5281 run_bbp_read(sc, 105, &bbp); 5282 if (sc->nrxchains > 1) 5283 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5284 5285 /* Avoid data lost and CRC error. */ 5286 run_bbp_read(sc, 4, &bbp); 5287 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5288 5289 if (sc->mac_ver == 0x5592) { 5290 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 5291 run_bbp_write(sc, rt5592_def_bbp[i].reg, 5292 rt5592_def_bbp[i].val); 5293 } 5294 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 5295 run_bbp_write(sc, 195, i + 0x80); 5296 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 5297 } 5298 } else { 5299 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 5300 run_bbp_write(sc, rt5390_def_bbp[i].reg, 5301 rt5390_def_bbp[i].val); 5302 } 5303 } 5304 if (sc->mac_ver == 0x5392) { 5305 run_bbp_write(sc, 88, 0x90); 5306 run_bbp_write(sc, 95, 0x9a); 5307 run_bbp_write(sc, 98, 0x12); 5308 run_bbp_write(sc, 106, 0x12); 5309 run_bbp_write(sc, 134, 0xd0); 5310 run_bbp_write(sc, 135, 0xf6); 5311 run_bbp_write(sc, 148, 0x84); 5312 } 5313 5314 run_bbp_read(sc, 152, &bbp); 5315 run_bbp_write(sc, 152, bbp | 0x80); 5316 5317 /* Fix BBP254 for RT5592C. */ 5318 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 5319 run_bbp_read(sc, 254, &bbp); 5320 run_bbp_write(sc, 254, bbp | 0x80); 5321 } 5322 5323 /* Disable hardware antenna diversity. */ 5324 if (sc->mac_ver == 0x5390) 5325 run_bbp_write(sc, 154, 0); 5326 5327 /* Initialize Rx CCK/OFDM frequency offset report. */ 5328 run_bbp_write(sc, 142, 1); 5329 run_bbp_write(sc, 143, 57); 5330 } 5331 5332 static int 5333 run_bbp_init(struct run_softc *sc) 5334 { 5335 int i, error, ntries; 5336 uint8_t bbp0; 5337 5338 /* wait for BBP to wake up */ 5339 for (ntries = 0; ntries < 20; ntries++) { 5340 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 5341 return error; 5342 if (bbp0 != 0 && bbp0 != 0xff) 5343 break; 5344 } 5345 if (ntries == 20) 5346 return (ETIMEDOUT); 5347 5348 /* initialize BBP registers to default values */ 5349 if (sc->mac_ver >= 0x5390) 5350 run_rt5390_bbp_init(sc); 5351 else { 5352 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 5353 run_bbp_write(sc, rt2860_def_bbp[i].reg, 5354 rt2860_def_bbp[i].val); 5355 } 5356 } 5357 5358 if (sc->mac_ver == 0x3593) { 5359 run_bbp_write(sc, 79, 0x13); 5360 run_bbp_write(sc, 80, 0x05); 5361 run_bbp_write(sc, 81, 0x33); 5362 run_bbp_write(sc, 86, 0x46); 5363 run_bbp_write(sc, 137, 0x0f); 5364 } 5365 5366 /* fix BBP84 for RT2860E */ 5367 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 5368 run_bbp_write(sc, 84, 0x19); 5369 5370 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 5371 sc->mac_ver != 0x5592)) { 5372 run_bbp_write(sc, 79, 0x13); 5373 run_bbp_write(sc, 80, 0x05); 5374 run_bbp_write(sc, 81, 0x33); 5375 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 5376 run_bbp_write(sc, 69, 0x16); 5377 run_bbp_write(sc, 73, 0x12); 5378 } 5379 return (0); 5380 } 5381 5382 static int 5383 run_rt3070_rf_init(struct run_softc *sc) 5384 { 5385 uint32_t tmp; 5386 uint8_t bbp4, mingain, rf, target; 5387 int i; 5388 5389 run_rt3070_rf_read(sc, 30, &rf); 5390 /* toggle RF R30 bit 7 */ 5391 run_rt3070_rf_write(sc, 30, rf | 0x80); 5392 run_delay(sc, 10); 5393 run_rt3070_rf_write(sc, 30, rf & ~0x80); 5394 5395 /* initialize RF registers to default value */ 5396 if (sc->mac_ver == 0x3572) { 5397 for (i = 0; i < nitems(rt3572_def_rf); i++) { 5398 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 5399 rt3572_def_rf[i].val); 5400 } 5401 } else { 5402 for (i = 0; i < nitems(rt3070_def_rf); i++) { 5403 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 5404 rt3070_def_rf[i].val); 5405 } 5406 } 5407 5408 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 5409 /* 5410 * Change voltage from 1.2V to 1.35V for RT3070. 5411 * The DAC issue (RT3070_LDO_CFG0) has been fixed 5412 * in RT3070(F). 5413 */ 5414 run_read(sc, RT3070_LDO_CFG0, &tmp); 5415 tmp = (tmp & ~0x0f000000) | 0x0d000000; 5416 run_write(sc, RT3070_LDO_CFG0, tmp); 5417 5418 } else if (sc->mac_ver == 0x3071) { 5419 run_rt3070_rf_read(sc, 6, &rf); 5420 run_rt3070_rf_write(sc, 6, rf | 0x40); 5421 run_rt3070_rf_write(sc, 31, 0x14); 5422 5423 run_read(sc, RT3070_LDO_CFG0, &tmp); 5424 tmp &= ~0x1f000000; 5425 if (sc->mac_rev < 0x0211) 5426 tmp |= 0x0d000000; /* 1.3V */ 5427 else 5428 tmp |= 0x01000000; /* 1.2V */ 5429 run_write(sc, RT3070_LDO_CFG0, tmp); 5430 5431 /* patch LNA_PE_G1 */ 5432 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5433 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 5434 5435 } else if (sc->mac_ver == 0x3572) { 5436 run_rt3070_rf_read(sc, 6, &rf); 5437 run_rt3070_rf_write(sc, 6, rf | 0x40); 5438 5439 /* increase voltage from 1.2V to 1.35V */ 5440 run_read(sc, RT3070_LDO_CFG0, &tmp); 5441 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5442 run_write(sc, RT3070_LDO_CFG0, tmp); 5443 5444 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 5445 run_delay(sc, 1); /* wait for 1msec */ 5446 /* decrease voltage back to 1.2V */ 5447 tmp = (tmp & ~0x1f000000) | 0x01000000; 5448 run_write(sc, RT3070_LDO_CFG0, tmp); 5449 } 5450 } 5451 5452 /* select 20MHz bandwidth */ 5453 run_rt3070_rf_read(sc, 31, &rf); 5454 run_rt3070_rf_write(sc, 31, rf & ~0x20); 5455 5456 /* calibrate filter for 20MHz bandwidth */ 5457 sc->rf24_20mhz = 0x1f; /* default value */ 5458 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 5459 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 5460 5461 /* select 40MHz bandwidth */ 5462 run_bbp_read(sc, 4, &bbp4); 5463 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 5464 run_rt3070_rf_read(sc, 31, &rf); 5465 run_rt3070_rf_write(sc, 31, rf | 0x20); 5466 5467 /* calibrate filter for 40MHz bandwidth */ 5468 sc->rf24_40mhz = 0x2f; /* default value */ 5469 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 5470 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 5471 5472 /* go back to 20MHz bandwidth */ 5473 run_bbp_read(sc, 4, &bbp4); 5474 run_bbp_write(sc, 4, bbp4 & ~0x18); 5475 5476 if (sc->mac_ver == 0x3572) { 5477 /* save default BBP registers 25 and 26 values */ 5478 run_bbp_read(sc, 25, &sc->bbp25); 5479 run_bbp_read(sc, 26, &sc->bbp26); 5480 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 5481 run_rt3070_rf_write(sc, 27, 0x03); 5482 5483 run_read(sc, RT3070_OPT_14, &tmp); 5484 run_write(sc, RT3070_OPT_14, tmp | 1); 5485 5486 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5487 run_rt3070_rf_read(sc, 17, &rf); 5488 rf &= ~RT3070_TX_LO1; 5489 if ((sc->mac_ver == 0x3070 || 5490 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 5491 !sc->ext_2ghz_lna) 5492 rf |= 0x20; /* fix for long range Rx issue */ 5493 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 5494 if (sc->txmixgain_2ghz >= mingain) 5495 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 5496 run_rt3070_rf_write(sc, 17, rf); 5497 } 5498 5499 if (sc->mac_ver == 0x3071) { 5500 run_rt3070_rf_read(sc, 1, &rf); 5501 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 5502 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 5503 run_rt3070_rf_write(sc, 1, rf); 5504 5505 run_rt3070_rf_read(sc, 15, &rf); 5506 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 5507 5508 run_rt3070_rf_read(sc, 20, &rf); 5509 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 5510 5511 run_rt3070_rf_read(sc, 21, &rf); 5512 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 5513 } 5514 5515 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 5516 /* fix Tx to Rx IQ glitch by raising RF voltage */ 5517 run_rt3070_rf_read(sc, 27, &rf); 5518 rf &= ~0x77; 5519 if (sc->mac_rev < 0x0211) 5520 rf |= 0x03; 5521 run_rt3070_rf_write(sc, 27, rf); 5522 } 5523 return (0); 5524 } 5525 5526 static void 5527 run_rt3593_rf_init(struct run_softc *sc) 5528 { 5529 uint32_t tmp; 5530 uint8_t rf; 5531 int i; 5532 5533 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 5534 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 5535 tmp &= ~(1 << 4 | 1 << 7); 5536 run_write(sc, RT3070_GPIO_SWITCH, tmp); 5537 5538 /* Initialize RF registers to default value. */ 5539 for (i = 0; i < nitems(rt3593_def_rf); i++) { 5540 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 5541 rt3593_def_rf[i].val); 5542 } 5543 5544 /* Toggle RF R2 to initiate calibration. */ 5545 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5546 5547 /* Initialize RF frequency offset. */ 5548 run_adjust_freq_offset(sc); 5549 5550 run_rt3070_rf_read(sc, 18, &rf); 5551 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 5552 5553 /* 5554 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 5555 * decrease voltage back to 1.2V. 5556 */ 5557 run_read(sc, RT3070_LDO_CFG0, &tmp); 5558 tmp = (tmp & ~0x1f000000) | 0x0d000000; 5559 run_write(sc, RT3070_LDO_CFG0, tmp); 5560 run_delay(sc, 1); 5561 tmp = (tmp & ~0x1f000000) | 0x01000000; 5562 run_write(sc, RT3070_LDO_CFG0, tmp); 5563 5564 sc->rf24_20mhz = 0x1f; 5565 sc->rf24_40mhz = 0x2f; 5566 5567 /* Save default BBP registers 25 and 26 values. */ 5568 run_bbp_read(sc, 25, &sc->bbp25); 5569 run_bbp_read(sc, 26, &sc->bbp26); 5570 5571 run_read(sc, RT3070_OPT_14, &tmp); 5572 run_write(sc, RT3070_OPT_14, tmp | 1); 5573 } 5574 5575 static void 5576 run_rt5390_rf_init(struct run_softc *sc) 5577 { 5578 uint32_t tmp; 5579 uint8_t rf; 5580 int i; 5581 5582 /* Toggle RF R2 to initiate calibration. */ 5583 if (sc->mac_ver == 0x5390) { 5584 run_rt3070_rf_read(sc, 2, &rf); 5585 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL); 5586 run_delay(sc, 10); 5587 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL); 5588 } else { 5589 run_rt3070_rf_write(sc, 2, RT5390_RESCAL); 5590 run_delay(sc, 10); 5591 } 5592 5593 /* Initialize RF registers to default value. */ 5594 if (sc->mac_ver == 0x5592) { 5595 for (i = 0; i < nitems(rt5592_def_rf); i++) { 5596 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 5597 rt5592_def_rf[i].val); 5598 } 5599 /* Initialize RF frequency offset. */ 5600 run_adjust_freq_offset(sc); 5601 } else if (sc->mac_ver == 0x5392) { 5602 for (i = 0; i < nitems(rt5392_def_rf); i++) { 5603 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 5604 rt5392_def_rf[i].val); 5605 } 5606 if (sc->mac_rev >= 0x0223) { 5607 run_rt3070_rf_write(sc, 23, 0x0f); 5608 run_rt3070_rf_write(sc, 24, 0x3e); 5609 run_rt3070_rf_write(sc, 51, 0x32); 5610 run_rt3070_rf_write(sc, 53, 0x22); 5611 run_rt3070_rf_write(sc, 56, 0xc1); 5612 run_rt3070_rf_write(sc, 59, 0x0f); 5613 } 5614 } else { 5615 for (i = 0; i < nitems(rt5390_def_rf); i++) { 5616 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 5617 rt5390_def_rf[i].val); 5618 } 5619 if (sc->mac_rev >= 0x0502) { 5620 run_rt3070_rf_write(sc, 6, 0xe0); 5621 run_rt3070_rf_write(sc, 25, 0x80); 5622 run_rt3070_rf_write(sc, 46, 0x73); 5623 run_rt3070_rf_write(sc, 53, 0x00); 5624 run_rt3070_rf_write(sc, 56, 0x42); 5625 run_rt3070_rf_write(sc, 61, 0xd1); 5626 } 5627 } 5628 5629 sc->rf24_20mhz = 0x1f; /* default value */ 5630 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 5631 5632 if (sc->mac_rev < 0x0211) 5633 run_rt3070_rf_write(sc, 27, 0x3); 5634 5635 run_read(sc, RT3070_OPT_14, &tmp); 5636 run_write(sc, RT3070_OPT_14, tmp | 1); 5637 } 5638 5639 static int 5640 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 5641 uint8_t *val) 5642 { 5643 uint8_t rf22, rf24; 5644 uint8_t bbp55_pb, bbp55_sb, delta; 5645 int ntries; 5646 5647 /* program filter */ 5648 run_rt3070_rf_read(sc, 24, &rf24); 5649 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 5650 run_rt3070_rf_write(sc, 24, rf24); 5651 5652 /* enable baseband loopback mode */ 5653 run_rt3070_rf_read(sc, 22, &rf22); 5654 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 5655 5656 /* set power and frequency of passband test tone */ 5657 run_bbp_write(sc, 24, 0x00); 5658 for (ntries = 0; ntries < 100; ntries++) { 5659 /* transmit test tone */ 5660 run_bbp_write(sc, 25, 0x90); 5661 run_delay(sc, 10); 5662 /* read received power */ 5663 run_bbp_read(sc, 55, &bbp55_pb); 5664 if (bbp55_pb != 0) 5665 break; 5666 } 5667 if (ntries == 100) 5668 return (ETIMEDOUT); 5669 5670 /* set power and frequency of stopband test tone */ 5671 run_bbp_write(sc, 24, 0x06); 5672 for (ntries = 0; ntries < 100; ntries++) { 5673 /* transmit test tone */ 5674 run_bbp_write(sc, 25, 0x90); 5675 run_delay(sc, 10); 5676 /* read received power */ 5677 run_bbp_read(sc, 55, &bbp55_sb); 5678 5679 delta = bbp55_pb - bbp55_sb; 5680 if (delta > target) 5681 break; 5682 5683 /* reprogram filter */ 5684 rf24++; 5685 run_rt3070_rf_write(sc, 24, rf24); 5686 } 5687 if (ntries < 100) { 5688 if (rf24 != init) 5689 rf24--; /* backtrack */ 5690 *val = rf24; 5691 run_rt3070_rf_write(sc, 24, rf24); 5692 } 5693 5694 /* restore initial state */ 5695 run_bbp_write(sc, 24, 0x00); 5696 5697 /* disable baseband loopback mode */ 5698 run_rt3070_rf_read(sc, 22, &rf22); 5699 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 5700 5701 return (0); 5702 } 5703 5704 static void 5705 run_rt3070_rf_setup(struct run_softc *sc) 5706 { 5707 uint8_t bbp, rf; 5708 int i; 5709 5710 if (sc->mac_ver == 0x3572) { 5711 /* enable DC filter */ 5712 if (sc->mac_rev >= 0x0201) 5713 run_bbp_write(sc, 103, 0xc0); 5714 5715 run_bbp_read(sc, 138, &bbp); 5716 if (sc->ntxchains == 1) 5717 bbp |= 0x20; /* turn off DAC1 */ 5718 if (sc->nrxchains == 1) 5719 bbp &= ~0x02; /* turn off ADC1 */ 5720 run_bbp_write(sc, 138, bbp); 5721 5722 if (sc->mac_rev >= 0x0211) { 5723 /* improve power consumption */ 5724 run_bbp_read(sc, 31, &bbp); 5725 run_bbp_write(sc, 31, bbp & ~0x03); 5726 } 5727 5728 run_rt3070_rf_read(sc, 16, &rf); 5729 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 5730 run_rt3070_rf_write(sc, 16, rf); 5731 5732 } else if (sc->mac_ver == 0x3071) { 5733 if (sc->mac_rev >= 0x0211) { 5734 /* enable DC filter */ 5735 run_bbp_write(sc, 103, 0xc0); 5736 5737 /* improve power consumption */ 5738 run_bbp_read(sc, 31, &bbp); 5739 run_bbp_write(sc, 31, bbp & ~0x03); 5740 } 5741 5742 run_bbp_read(sc, 138, &bbp); 5743 if (sc->ntxchains == 1) 5744 bbp |= 0x20; /* turn off DAC1 */ 5745 if (sc->nrxchains == 1) 5746 bbp &= ~0x02; /* turn off ADC1 */ 5747 run_bbp_write(sc, 138, bbp); 5748 5749 run_write(sc, RT2860_TX_SW_CFG1, 0); 5750 if (sc->mac_rev < 0x0211) { 5751 run_write(sc, RT2860_TX_SW_CFG2, 5752 sc->patch_dac ? 0x2c : 0x0f); 5753 } else 5754 run_write(sc, RT2860_TX_SW_CFG2, 0); 5755 5756 } else if (sc->mac_ver == 0x3070) { 5757 if (sc->mac_rev >= 0x0201) { 5758 /* enable DC filter */ 5759 run_bbp_write(sc, 103, 0xc0); 5760 5761 /* improve power consumption */ 5762 run_bbp_read(sc, 31, &bbp); 5763 run_bbp_write(sc, 31, bbp & ~0x03); 5764 } 5765 5766 if (sc->mac_rev < 0x0201) { 5767 run_write(sc, RT2860_TX_SW_CFG1, 0); 5768 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 5769 } else 5770 run_write(sc, RT2860_TX_SW_CFG2, 0); 5771 } 5772 5773 /* initialize RF registers from ROM for >=RT3071*/ 5774 if (sc->mac_ver >= 0x3071) { 5775 for (i = 0; i < 10; i++) { 5776 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 5777 continue; 5778 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 5779 } 5780 } 5781 } 5782 5783 static void 5784 run_rt3593_rf_setup(struct run_softc *sc) 5785 { 5786 uint8_t bbp, rf; 5787 5788 if (sc->mac_rev >= 0x0211) { 5789 /* Enable DC filter. */ 5790 run_bbp_write(sc, 103, 0xc0); 5791 } 5792 run_write(sc, RT2860_TX_SW_CFG1, 0); 5793 if (sc->mac_rev < 0x0211) { 5794 run_write(sc, RT2860_TX_SW_CFG2, 5795 sc->patch_dac ? 0x2c : 0x0f); 5796 } else 5797 run_write(sc, RT2860_TX_SW_CFG2, 0); 5798 5799 run_rt3070_rf_read(sc, 50, &rf); 5800 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 5801 5802 run_rt3070_rf_read(sc, 51, &rf); 5803 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 5804 ((sc->txmixgain_2ghz & 0x07) << 2); 5805 run_rt3070_rf_write(sc, 51, rf); 5806 5807 run_rt3070_rf_read(sc, 38, &rf); 5808 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5809 5810 run_rt3070_rf_read(sc, 39, &rf); 5811 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5812 5813 run_rt3070_rf_read(sc, 1, &rf); 5814 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 5815 5816 run_rt3070_rf_read(sc, 30, &rf); 5817 rf = (rf & ~0x18) | 0x10; 5818 run_rt3070_rf_write(sc, 30, rf); 5819 5820 /* Apply maximum likelihood detection for 2 stream case. */ 5821 run_bbp_read(sc, 105, &bbp); 5822 if (sc->nrxchains > 1) 5823 run_bbp_write(sc, 105, bbp | RT5390_MLD); 5824 5825 /* Avoid data lost and CRC error. */ 5826 run_bbp_read(sc, 4, &bbp); 5827 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5828 5829 run_bbp_write(sc, 92, 0x02); 5830 run_bbp_write(sc, 82, 0x82); 5831 run_bbp_write(sc, 106, 0x05); 5832 run_bbp_write(sc, 104, 0x92); 5833 run_bbp_write(sc, 88, 0x90); 5834 run_bbp_write(sc, 148, 0xc8); 5835 run_bbp_write(sc, 47, 0x48); 5836 run_bbp_write(sc, 120, 0x50); 5837 5838 run_bbp_write(sc, 163, 0x9d); 5839 5840 /* SNR mapping. */ 5841 run_bbp_write(sc, 142, 0x06); 5842 run_bbp_write(sc, 143, 0xa0); 5843 run_bbp_write(sc, 142, 0x07); 5844 run_bbp_write(sc, 143, 0xa1); 5845 run_bbp_write(sc, 142, 0x08); 5846 run_bbp_write(sc, 143, 0xa2); 5847 5848 run_bbp_write(sc, 31, 0x08); 5849 run_bbp_write(sc, 68, 0x0b); 5850 run_bbp_write(sc, 105, 0x04); 5851 } 5852 5853 static void 5854 run_rt5390_rf_setup(struct run_softc *sc) 5855 { 5856 uint8_t bbp, rf; 5857 5858 if (sc->mac_rev >= 0x0211) { 5859 /* Enable DC filter. */ 5860 run_bbp_write(sc, 103, 0xc0); 5861 5862 if (sc->mac_ver != 0x5592) { 5863 /* Improve power consumption. */ 5864 run_bbp_read(sc, 31, &bbp); 5865 run_bbp_write(sc, 31, bbp & ~0x03); 5866 } 5867 } 5868 5869 run_bbp_read(sc, 138, &bbp); 5870 if (sc->ntxchains == 1) 5871 bbp |= 0x20; /* turn off DAC1 */ 5872 if (sc->nrxchains == 1) 5873 bbp &= ~0x02; /* turn off ADC1 */ 5874 run_bbp_write(sc, 138, bbp); 5875 5876 run_rt3070_rf_read(sc, 38, &rf); 5877 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 5878 5879 run_rt3070_rf_read(sc, 39, &rf); 5880 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 5881 5882 /* Avoid data lost and CRC error. */ 5883 run_bbp_read(sc, 4, &bbp); 5884 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 5885 5886 run_rt3070_rf_read(sc, 30, &rf); 5887 rf = (rf & ~0x18) | 0x10; 5888 run_rt3070_rf_write(sc, 30, rf); 5889 5890 if (sc->mac_ver != 0x5592) { 5891 run_write(sc, RT2860_TX_SW_CFG1, 0); 5892 if (sc->mac_rev < 0x0211) { 5893 run_write(sc, RT2860_TX_SW_CFG2, 5894 sc->patch_dac ? 0x2c : 0x0f); 5895 } else 5896 run_write(sc, RT2860_TX_SW_CFG2, 0); 5897 } 5898 } 5899 5900 static int 5901 run_txrx_enable(struct run_softc *sc) 5902 { 5903 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 5904 uint32_t tmp; 5905 int error, ntries; 5906 5907 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 5908 for (ntries = 0; ntries < 200; ntries++) { 5909 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 5910 return (error); 5911 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 5912 break; 5913 run_delay(sc, 50); 5914 } 5915 if (ntries == 200) 5916 return (ETIMEDOUT); 5917 5918 run_delay(sc, 50); 5919 5920 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 5921 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 5922 5923 /* enable Rx bulk aggregation (set timeout and limit) */ 5924 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 5925 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 5926 run_write(sc, RT2860_USB_DMA_CFG, tmp); 5927 5928 /* set Rx filter */ 5929 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 5930 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 5931 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 5932 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 5933 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 5934 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 5935 if (ic->ic_opmode == IEEE80211_M_STA) 5936 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 5937 } 5938 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 5939 5940 run_write(sc, RT2860_MAC_SYS_CTRL, 5941 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 5942 5943 return (0); 5944 } 5945 5946 static void 5947 run_adjust_freq_offset(struct run_softc *sc) 5948 { 5949 uint8_t rf, tmp; 5950 5951 run_rt3070_rf_read(sc, 17, &rf); 5952 tmp = rf; 5953 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 5954 rf = MIN(rf, 0x5f); 5955 5956 if (tmp != rf) 5957 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 5958 } 5959 5960 static void 5961 run_init_locked(struct run_softc *sc) 5962 { 5963 struct ifnet *ifp = sc->sc_ifp; 5964 struct ieee80211com *ic = ifp->if_l2com; 5965 uint32_t tmp; 5966 uint8_t bbp1, bbp3; 5967 int i; 5968 int ridx; 5969 int ntries; 5970 5971 if (ic->ic_nrunning > 1) 5972 return; 5973 5974 run_stop(sc); 5975 5976 if (run_load_microcode(sc) != 0) { 5977 device_printf(sc->sc_dev, "could not load 8051 microcode\n"); 5978 goto fail; 5979 } 5980 5981 for (ntries = 0; ntries < 100; ntries++) { 5982 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0) 5983 goto fail; 5984 if (tmp != 0 && tmp != 0xffffffff) 5985 break; 5986 run_delay(sc, 10); 5987 } 5988 if (ntries == 100) 5989 goto fail; 5990 5991 for (i = 0; i != RUN_EP_QUEUES; i++) 5992 run_setup_tx_list(sc, &sc->sc_epq[i]); 5993 5994 run_set_macaddr(sc, IF_LLADDR(ifp)); 5995 5996 for (ntries = 0; ntries < 100; ntries++) { 5997 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 5998 goto fail; 5999 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6000 break; 6001 run_delay(sc, 10); 6002 } 6003 if (ntries == 100) { 6004 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6005 goto fail; 6006 } 6007 tmp &= 0xff0; 6008 tmp |= RT2860_TX_WB_DDONE; 6009 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6010 6011 /* turn off PME_OEN to solve high-current issue */ 6012 run_read(sc, RT2860_SYS_CTRL, &tmp); 6013 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 6014 6015 run_write(sc, RT2860_MAC_SYS_CTRL, 6016 RT2860_BBP_HRST | RT2860_MAC_SRST); 6017 run_write(sc, RT2860_USB_DMA_CFG, 0); 6018 6019 if (run_reset(sc) != 0) { 6020 device_printf(sc->sc_dev, "could not reset chipset\n"); 6021 goto fail; 6022 } 6023 6024 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6025 6026 /* init Tx power for all Tx rates (from EEPROM) */ 6027 for (ridx = 0; ridx < 5; ridx++) { 6028 if (sc->txpow20mhz[ridx] == 0xffffffff) 6029 continue; 6030 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 6031 } 6032 6033 for (i = 0; i < nitems(rt2870_def_mac); i++) 6034 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 6035 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 6036 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 6037 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 6038 6039 if (sc->mac_ver >= 0x5390) { 6040 run_write(sc, RT2860_TX_SW_CFG0, 6041 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 6042 if (sc->mac_ver >= 0x5392) { 6043 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 6044 if (sc->mac_ver == 0x5592) { 6045 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 6046 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 6047 } else { 6048 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 6049 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 6050 } 6051 } 6052 } else if (sc->mac_ver == 0x3593) { 6053 run_write(sc, RT2860_TX_SW_CFG0, 6054 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 6055 } else if (sc->mac_ver >= 0x3070) { 6056 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 6057 run_write(sc, RT2860_TX_SW_CFG0, 6058 4 << RT2860_DLY_PAPE_EN_SHIFT); 6059 } 6060 6061 /* wait while MAC is busy */ 6062 for (ntries = 0; ntries < 100; ntries++) { 6063 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0) 6064 goto fail; 6065 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 6066 break; 6067 run_delay(sc, 10); 6068 } 6069 if (ntries == 100) 6070 goto fail; 6071 6072 /* clear Host to MCU mailbox */ 6073 run_write(sc, RT2860_H2M_BBPAGENT, 0); 6074 run_write(sc, RT2860_H2M_MAILBOX, 0); 6075 run_delay(sc, 10); 6076 6077 if (run_bbp_init(sc) != 0) { 6078 device_printf(sc->sc_dev, "could not initialize BBP\n"); 6079 goto fail; 6080 } 6081 6082 /* abort TSF synchronization */ 6083 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 6084 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 6085 RT2860_TBTT_TIMER_EN); 6086 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 6087 6088 /* clear RX WCID search table */ 6089 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 6090 /* clear WCID attribute table */ 6091 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 6092 6093 /* hostapd sets a key before init. So, don't clear it. */ 6094 if (sc->cmdq_key_set != RUN_CMDQ_GO) { 6095 /* clear shared key table */ 6096 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 6097 /* clear shared key mode */ 6098 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 6099 } 6100 6101 run_read(sc, RT2860_US_CYC_CNT, &tmp); 6102 tmp = (tmp & ~0xff) | 0x1e; 6103 run_write(sc, RT2860_US_CYC_CNT, tmp); 6104 6105 if (sc->mac_rev != 0x0101) 6106 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 6107 6108 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 6109 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 6110 6111 /* write vendor-specific BBP values (from EEPROM) */ 6112 if (sc->mac_ver < 0x3593) { 6113 for (i = 0; i < 10; i++) { 6114 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 6115 continue; 6116 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 6117 } 6118 } 6119 6120 /* select Main antenna for 1T1R devices */ 6121 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 6122 run_set_rx_antenna(sc, 0); 6123 6124 /* send LEDs operating mode to microcontroller */ 6125 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 6126 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 6127 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 6128 6129 if (sc->mac_ver >= 0x5390) 6130 run_rt5390_rf_init(sc); 6131 else if (sc->mac_ver == 0x3593) 6132 run_rt3593_rf_init(sc); 6133 else if (sc->mac_ver >= 0x3070) 6134 run_rt3070_rf_init(sc); 6135 6136 /* disable non-existing Rx chains */ 6137 run_bbp_read(sc, 3, &bbp3); 6138 bbp3 &= ~(1 << 3 | 1 << 4); 6139 if (sc->nrxchains == 2) 6140 bbp3 |= 1 << 3; 6141 else if (sc->nrxchains == 3) 6142 bbp3 |= 1 << 4; 6143 run_bbp_write(sc, 3, bbp3); 6144 6145 /* disable non-existing Tx chains */ 6146 run_bbp_read(sc, 1, &bbp1); 6147 if (sc->ntxchains == 1) 6148 bbp1 &= ~(1 << 3 | 1 << 4); 6149 run_bbp_write(sc, 1, bbp1); 6150 6151 if (sc->mac_ver >= 0x5390) 6152 run_rt5390_rf_setup(sc); 6153 else if (sc->mac_ver == 0x3593) 6154 run_rt3593_rf_setup(sc); 6155 else if (sc->mac_ver >= 0x3070) 6156 run_rt3070_rf_setup(sc); 6157 6158 /* select default channel */ 6159 run_set_chan(sc, ic->ic_curchan); 6160 6161 /* setup initial protection mode */ 6162 run_updateprot_cb(ic); 6163 6164 /* turn radio LED on */ 6165 run_set_leds(sc, RT2860_LED_RADIO); 6166 6167 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 6168 ifp->if_drv_flags |= IFF_DRV_RUNNING; 6169 sc->cmdq_run = RUN_CMDQ_GO; 6170 6171 for (i = 0; i != RUN_N_XFER; i++) 6172 usbd_xfer_set_stall(sc->sc_xfer[i]); 6173 6174 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]); 6175 6176 if (run_txrx_enable(sc) != 0) 6177 goto fail; 6178 6179 return; 6180 6181 fail: 6182 run_stop(sc); 6183 } 6184 6185 static void 6186 run_init(void *arg) 6187 { 6188 struct run_softc *sc = arg; 6189 struct ifnet *ifp = sc->sc_ifp; 6190 struct ieee80211com *ic = ifp->if_l2com; 6191 6192 RUN_LOCK(sc); 6193 run_init_locked(sc); 6194 RUN_UNLOCK(sc); 6195 6196 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6197 ieee80211_start_all(ic); 6198 } 6199 6200 static void 6201 run_stop(void *arg) 6202 { 6203 struct run_softc *sc = (struct run_softc *)arg; 6204 struct ifnet *ifp = sc->sc_ifp; 6205 uint32_t tmp; 6206 int i; 6207 int ntries; 6208 6209 RUN_LOCK_ASSERT(sc, MA_OWNED); 6210 6211 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 6212 run_set_leds(sc, 0); /* turn all LEDs off */ 6213 6214 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 6215 6216 sc->ratectl_run = RUN_RATECTL_OFF; 6217 sc->cmdq_run = sc->cmdq_key_set; 6218 6219 RUN_UNLOCK(sc); 6220 6221 for(i = 0; i < RUN_N_XFER; i++) 6222 usbd_transfer_drain(sc->sc_xfer[i]); 6223 6224 RUN_LOCK(sc); 6225 6226 if (sc->rx_m != NULL) { 6227 m_free(sc->rx_m); 6228 sc->rx_m = NULL; 6229 } 6230 6231 /* Disable Tx/Rx DMA. */ 6232 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6233 return; 6234 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 6235 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 6236 6237 for (ntries = 0; ntries < 100; ntries++) { 6238 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 6239 return; 6240 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 6241 break; 6242 run_delay(sc, 10); 6243 } 6244 if (ntries == 100) { 6245 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n"); 6246 return; 6247 } 6248 6249 /* disable Tx/Rx */ 6250 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 6251 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 6252 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 6253 6254 /* wait for pending Tx to complete */ 6255 for (ntries = 0; ntries < 100; ntries++) { 6256 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) { 6257 DPRINTF("Cannot read Tx queue count\n"); 6258 break; 6259 } 6260 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) { 6261 DPRINTF("All Tx cleared\n"); 6262 break; 6263 } 6264 run_delay(sc, 10); 6265 } 6266 if (ntries >= 100) 6267 DPRINTF("There are still pending Tx\n"); 6268 run_delay(sc, 10); 6269 run_write(sc, RT2860_USB_DMA_CFG, 0); 6270 6271 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 6272 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 6273 6274 for (i = 0; i != RUN_EP_QUEUES; i++) 6275 run_unsetup_tx_list(sc, &sc->sc_epq[i]); 6276 } 6277 6278 static void 6279 run_delay(struct run_softc *sc, u_int ms) 6280 { 6281 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ? 6282 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms)); 6283 } 6284 6285 static device_method_t run_methods[] = { 6286 /* Device interface */ 6287 DEVMETHOD(device_probe, run_match), 6288 DEVMETHOD(device_attach, run_attach), 6289 DEVMETHOD(device_detach, run_detach), 6290 DEVMETHOD_END 6291 }; 6292 6293 static driver_t run_driver = { 6294 .name = "run", 6295 .methods = run_methods, 6296 .size = sizeof(struct run_softc) 6297 }; 6298 6299 static devclass_t run_devclass; 6300 6301 DRIVER_MODULE(run, uhub, run_driver, run_devclass, run_driver_loaded, NULL); 6302 MODULE_DEPEND(run, wlan, 1, 1, 1); 6303 MODULE_DEPEND(run, usb, 1, 1, 1); 6304 MODULE_DEPEND(run, firmware, 1, 1, 1); 6305 MODULE_VERSION(run, 1);
Cache object: ff91e5e9daf544245de3d87c7fe46bf2
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]