1 /* $NetBSD: if_run.c,v 1.3 2012/06/01 13:19:39 nonaka Exp $ */ 2 /* $OpenBSD: if_run.c,v 1.90 2012/03/24 15:11:04 jsg Exp $ */ 3 4 /*- 5 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Ralink Technology RT2700U/RT2800U/RT3000U chipset driver. 22 * http://www.ralinktech.com/ 23 */ 24 25 #include <sys/cdefs.h> 26 __KERNEL_RCSID(0, "$NetBSD: if_run.c,v 1.3 2012/06/01 13:19:39 nonaka Exp $"); 27 28 #include <sys/param.h> 29 #include <sys/sockio.h> 30 #include <sys/sysctl.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/callout.h> 37 #include <sys/module.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 41 #include <sys/bus.h> 42 #include <machine/endian.h> 43 #include <sys/intr.h> 44 45 #include <net/bpf.h> 46 #include <net/if.h> 47 #include <net/if_arp.h> 48 #include <net/if_dl.h> 49 #include <net/if_ether.h> 50 #include <net/if_media.h> 51 #include <net/if_types.h> 52 53 #include <net80211/ieee80211_var.h> 54 #include <net80211/ieee80211_amrr.h> 55 #include <net80211/ieee80211_radiotap.h> 56 57 #include <dev/firmload.h> 58 59 #include <dev/usb/usb.h> 60 #include <dev/usb/usbdi.h> 61 #include <dev/usb/usbdivar.h> 62 #include <dev/usb/usbdi_util.h> 63 #include <dev/usb/usbdevs.h> 64 65 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */ 66 #include <dev/usb/if_runvar.h> 67 68 #ifdef USB_DEBUG 69 #define RUN_DEBUG 70 #endif 71 72 #ifdef RUN_DEBUG 73 #define DPRINTF(x) do { if (run_debug) printf x; } while (0) 74 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0) 75 int run_debug = 0; 76 #else 77 #define DPRINTF(x) 78 #define DPRINTFN(n, x) 79 #endif 80 81 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p } 82 static const struct usb_devno run_devs[] = { 83 USB_ID(ABOCOM, RT2770), 84 USB_ID(ABOCOM, RT2870), 85 USB_ID(ABOCOM, RT3070), 86 USB_ID(ABOCOM, RT3071), 87 USB_ID(ABOCOM, RT3072), 88 USB_ID(ABOCOM2, RT2870_1), 89 USB_ID(ACCTON, RT2770), 90 USB_ID(ACCTON, RT2870_1), 91 USB_ID(ACCTON, RT2870_2), 92 USB_ID(ACCTON, RT2870_3), 93 USB_ID(ACCTON, RT2870_4), 94 USB_ID(ACCTON, RT2870_5), 95 USB_ID(ACCTON, RT3070), 96 USB_ID(ACCTON, RT3070_1), 97 USB_ID(ACCTON, RT3070_2), 98 USB_ID(ACCTON, RT3070_3), 99 USB_ID(ACCTON, RT3070_4), 100 USB_ID(ACCTON, RT3070_5), 101 USB_ID(ACCTON, RT3070_6), 102 USB_ID(AIRTIES, RT3070), 103 USB_ID(AIRTIES, RT3070_2), 104 USB_ID(ALLWIN, RT2070), 105 USB_ID(ALLWIN, RT2770), 106 USB_ID(ALLWIN, RT2870), 107 USB_ID(ALLWIN, RT3070), 108 USB_ID(ALLWIN, RT3071), 109 USB_ID(ALLWIN, RT3072), 110 USB_ID(ALLWIN, RT3572), 111 USB_ID(AMIGO, RT2870_1), 112 USB_ID(AMIGO, RT2870_2), 113 USB_ID(AMIT, CGWLUSB2GNR), 114 USB_ID(AMIT, RT2870_1), 115 USB_ID(AMIT2, RT2870), 116 USB_ID(ASUSTEK, RT2870_1), 117 USB_ID(ASUSTEK, RT2870_2), 118 USB_ID(ASUSTEK, RT2870_3), 119 USB_ID(ASUSTEK, RT2870_4), 120 USB_ID(ASUSTEK, RT2870_5), 121 USB_ID(ASUSTEK, RT3070), 122 USB_ID(ASUSTEK, RT3070_1), 123 USB_ID(ASUSTEK2, USBN11), 124 USB_ID(AZUREWAVE, RT2870_1), 125 USB_ID(AZUREWAVE, RT2870_2), 126 USB_ID(AZUREWAVE, RT3070), 127 USB_ID(AZUREWAVE, RT3070_2), 128 USB_ID(AZUREWAVE, RT3070_3), 129 USB_ID(AZUREWAVE, RT3070_4), 130 USB_ID(AZUREWAVE, RT3070_5), 131 USB_ID(BELKIN, F5D8053V3), 132 USB_ID(BELKIN, F5D8055), 133 USB_ID(BELKIN, F5D8055V2), 134 USB_ID(BELKIN, F6D4050V1), 135 USB_ID(BELKIN, F6D4050V2), 136 USB_ID(BELKIN, F7D1101V2), 137 USB_ID(BELKIN, RT2870_1), 138 USB_ID(BELKIN, RT2870_2), 139 USB_ID(BEWAN, RT3070), 140 USB_ID(CISCOLINKSYS, AE1000), 141 USB_ID(CISCOLINKSYS, AM10), 142 USB_ID(CISCOLINKSYS2, RT3070), 143 USB_ID(CISCOLINKSYS3, RT3070), 144 USB_ID(CONCEPTRONIC, RT2870_1), 145 USB_ID(CONCEPTRONIC, RT2870_2), 146 USB_ID(CONCEPTRONIC, RT2870_3), 147 USB_ID(CONCEPTRONIC, RT2870_4), 148 USB_ID(CONCEPTRONIC, RT2870_5), 149 USB_ID(CONCEPTRONIC, RT2870_6), 150 USB_ID(CONCEPTRONIC, RT2870_7), 151 USB_ID(CONCEPTRONIC, RT2870_8), 152 USB_ID(CONCEPTRONIC, RT3070_1), 153 USB_ID(CONCEPTRONIC, RT3070_2), 154 USB_ID(CONCEPTRONIC, RT3070_3), 155 USB_ID(COREGA, CGWLUSB300GNM), 156 USB_ID(COREGA, RT2870_1), 157 USB_ID(COREGA, RT2870_2), 158 USB_ID(COREGA, RT2870_3), 159 USB_ID(COREGA, RT3070), 160 USB_ID(CYBERTAN, RT2870), 161 USB_ID(DLINK, RT2870), 162 USB_ID(DLINK, RT3072), 163 USB_ID(DLINK2, DWA130), 164 USB_ID(DLINK2, RT2870_1), 165 USB_ID(DLINK2, RT2870_2), 166 USB_ID(DLINK2, RT3070_1), 167 USB_ID(DLINK2, RT3070_2), 168 USB_ID(DLINK2, RT3070_3), 169 USB_ID(DLINK2, RT3070_4), 170 USB_ID(DLINK2, RT3070_5), 171 USB_ID(DLINK2, RT3072), 172 USB_ID(DLINK2, RT3072_1), 173 USB_ID(DVICO, RT3070), 174 USB_ID(EDIMAX, EW7717), 175 USB_ID(EDIMAX, EW7718), 176 USB_ID(EDIMAX, EW7722UTN), 177 USB_ID(EDIMAX, RT2870_1), 178 USB_ID(ENCORE, RT3070), 179 USB_ID(ENCORE, RT3070_2), 180 USB_ID(ENCORE, RT3070_3), 181 USB_ID(GIGABYTE, GNWB31N), 182 USB_ID(GIGABYTE, GNWB32L), 183 USB_ID(GIGABYTE, RT2870_1), 184 USB_ID(GIGASET, RT3070_1), 185 USB_ID(GIGASET, RT3070_2), 186 USB_ID(GUILLEMOT, HWNU300), 187 USB_ID(HAWKING, HWUN2), 188 USB_ID(HAWKING, RT2870_1), 189 USB_ID(HAWKING, RT2870_2), 190 USB_ID(HAWKING, RT2870_3), 191 USB_ID(HAWKING, RT2870_4), 192 USB_ID(HAWKING, RT2870_5), 193 USB_ID(HAWKING, RT3070), 194 USB_ID(IODATA, RT3072_1), 195 USB_ID(IODATA, RT3072_2), 196 USB_ID(IODATA, RT3072_3), 197 USB_ID(IODATA, RT3072_4), 198 USB_ID(LINKSYS4, RT3070), 199 USB_ID(LINKSYS4, WUSB100), 200 USB_ID(LINKSYS4, WUSB54GC_3), 201 USB_ID(LINKSYS4, WUSB600N), 202 USB_ID(LINKSYS4, WUSB600NV2), 203 USB_ID(LOGITEC, LANW300NU2), 204 USB_ID(LOGITEC, RT2870_1), 205 USB_ID(LOGITEC, RT2870_2), 206 USB_ID(LOGITEC, RT2870_3), 207 USB_ID(LOGITEC, RT3020), 208 USB_ID(MELCO, RT2870_1), 209 USB_ID(MELCO, RT2870_2), 210 USB_ID(MELCO, WLIUCAG300N), 211 USB_ID(MELCO, WLIUCG300N), 212 USB_ID(MELCO, WLIUCG301N), 213 USB_ID(MELCO, WLIUCGN), 214 USB_ID(MELCO, WLIUCGNHP), 215 USB_ID(MELCO, WLIUCGNM), 216 USB_ID(MELCO, WLIUCGNM2T), 217 USB_ID(MOTOROLA4, RT2770), 218 USB_ID(MOTOROLA4, RT3070), 219 USB_ID(MSI, RT3070), 220 USB_ID(MSI, RT3070_2), 221 USB_ID(MSI, RT3070_3), 222 USB_ID(MSI, RT3070_4), 223 USB_ID(MSI, RT3070_5), 224 USB_ID(MSI, RT3070_6), 225 USB_ID(MSI, RT3070_7), 226 USB_ID(MSI, RT3070_8), 227 USB_ID(MSI, RT3070_9), 228 USB_ID(MSI, RT3070_10), 229 USB_ID(MSI, RT3070_11), 230 USB_ID(MSI, RT3070_12), 231 USB_ID(MSI, RT3070_13), 232 USB_ID(MSI, RT3070_14), 233 USB_ID(MSI, RT3070_15), 234 USB_ID(OVISLINK, RT3071), 235 USB_ID(OVISLINK, RT3072), 236 USB_ID(PARA, RT3070), 237 USB_ID(PEGATRON, RT2870), 238 USB_ID(PEGATRON, RT3070), 239 USB_ID(PEGATRON, RT3070_2), 240 USB_ID(PEGATRON, RT3070_3), 241 USB_ID(PEGATRON, RT3072), 242 USB_ID(PHILIPS, RT2870), 243 USB_ID(PLANEX2, GWUS300MINIS), 244 USB_ID(PLANEX2, GWUSMICRO300), 245 USB_ID(PLANEX2, GWUSMICRON), 246 USB_ID(PLANEX2, GWUS300MINIX), 247 USB_ID(PLANEX2, RT3070), 248 USB_ID(QCOM, RT2870), 249 USB_ID(QUANTA, RT3070), 250 USB_ID(RALINK, RT2070), 251 USB_ID(RALINK, RT2770), 252 USB_ID(RALINK, RT2870), 253 USB_ID(RALINK, RT3070), 254 USB_ID(RALINK, RT3071), 255 USB_ID(RALINK, RT3072), 256 USB_ID(RALINK, RT3370), 257 USB_ID(RALINK, RT3572), 258 USB_ID(RALINK, RT8070), 259 USB_ID(SAMSUNG, RT2870_1), 260 USB_ID(SENAO, RT2870_1), 261 USB_ID(SENAO, RT2870_2), 262 USB_ID(SENAO, RT2870_3), 263 USB_ID(SENAO, RT2870_4), 264 USB_ID(SENAO, RT3070), 265 USB_ID(SENAO, RT3071), 266 USB_ID(SENAO, RT3072), 267 USB_ID(SENAO, RT3072_2), 268 USB_ID(SENAO, RT3072_3), 269 USB_ID(SENAO, RT3072_4), 270 USB_ID(SENAO, RT3072_5), 271 USB_ID(SITECOMEU, RT2870_1), 272 USB_ID(SITECOMEU, RT2870_2), 273 USB_ID(SITECOMEU, RT2870_3), 274 USB_ID(SITECOMEU, RT3070_1), 275 USB_ID(SITECOMEU, RT3072_3), 276 USB_ID(SITECOMEU, RT3072_4), 277 USB_ID(SITECOMEU, RT3072_5), 278 USB_ID(SITECOMEU, WL302), 279 USB_ID(SITECOMEU, WL315), 280 USB_ID(SITECOMEU, WL321), 281 USB_ID(SITECOMEU, WL324), 282 USB_ID(SITECOMEU, WL329), 283 USB_ID(SITECOMEU, WL343), 284 USB_ID(SITECOMEU, WL344), 285 USB_ID(SITECOMEU, WL345), 286 USB_ID(SITECOMEU, WL349V4), 287 USB_ID(SITECOMEU, WL608), 288 USB_ID(SITECOMEU, WLA4000), 289 USB_ID(SITECOMEU, WLA5000), 290 USB_ID(SPARKLAN, RT2870_1), 291 USB_ID(SPARKLAN, RT2870_2), 292 USB_ID(SPARKLAN, RT3070), 293 USB_ID(SWEEX2, LW153), 294 USB_ID(SWEEX2, LW303), 295 USB_ID(SWEEX2, LW313), 296 USB_ID(TOSHIBA, RT3070), 297 USB_ID(UMEDIA, RT2870_1), 298 USB_ID(UMEDIA, TEW645UB), 299 USB_ID(ZCOM, RT2870_1), 300 USB_ID(ZCOM, RT2870_2), 301 USB_ID(ZINWELL, RT2870_1), 302 USB_ID(ZINWELL, RT2870_2), 303 USB_ID(ZINWELL, RT3070), 304 USB_ID(ZINWELL, RT3072), 305 USB_ID(ZINWELL, RT3072_2), 306 USB_ID(ZYXEL, NWD2105), 307 USB_ID(ZYXEL, NWD211AN), 308 USB_ID(ZYXEL, RT2870_1), 309 USB_ID(ZYXEL, RT2870_2), 310 USB_ID(ZYXEL, RT3070), 311 }; 312 313 static int run_match(device_t, cfdata_t, void *); 314 static void run_attach(device_t, device_t, void *); 315 static int run_detach(device_t, int); 316 static int run_activate(device_t, enum devact); 317 318 CFATTACH_DECL_NEW(run, sizeof(struct run_softc), 319 run_match, run_attach, run_detach, run_activate); 320 321 static int run_alloc_rx_ring(struct run_softc *); 322 static void run_free_rx_ring(struct run_softc *); 323 static int run_alloc_tx_ring(struct run_softc *, int); 324 static void run_free_tx_ring(struct run_softc *, int); 325 static int run_load_microcode(struct run_softc *); 326 static int run_reset(struct run_softc *); 327 static int run_read(struct run_softc *, uint16_t, uint32_t *); 328 static int run_read_region_1(struct run_softc *, uint16_t, 329 uint8_t *, int); 330 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 331 static int run_write(struct run_softc *, uint16_t, uint32_t); 332 static int run_write_region_1(struct run_softc *, uint16_t, 333 const uint8_t *, int); 334 static int run_set_region_4(struct run_softc *, uint16_t, 335 uint32_t, int); 336 static int run_efuse_read_2(struct run_softc *, uint16_t, 337 uint16_t *); 338 static int run_eeprom_read_2(struct run_softc *, uint16_t, 339 uint16_t *); 340 static int run_rt2870_rf_write(struct run_softc *, uint8_t, 341 uint32_t); 342 static int run_rt3070_rf_read(struct run_softc *, uint8_t, 343 uint8_t *); 344 static int run_rt3070_rf_write(struct run_softc *, uint8_t, 345 uint8_t); 346 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 347 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 348 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 349 static const char * run_get_rf(int); 350 static int run_read_eeprom(struct run_softc *); 351 static struct ieee80211_node * 352 run_node_alloc(struct ieee80211_node_table *); 353 static int run_media_change(struct ifnet *); 354 static void run_next_scan(void *); 355 static void run_task(void *); 356 static void run_do_async(struct run_softc *, 357 void (*)(struct run_softc *, void *), void *, int); 358 static int run_newstate(struct ieee80211com *, 359 enum ieee80211_state, int); 360 static void run_newstate_cb(struct run_softc *, void *); 361 static int run_updateedca(struct ieee80211com *); 362 static void run_updateedca_cb(struct run_softc *, void *); 363 #ifdef RUN_HWCRYPTO 364 static int run_set_key(struct ieee80211com *, 365 const struct ieee80211_key *, const uint8_t *); 366 static void run_set_key_cb(struct run_softc *, void *); 367 static int run_delete_key(struct ieee80211com *, 368 const struct ieee80211_key *); 369 static void run_delete_key_cb(struct run_softc *, void *); 370 #endif 371 static void run_calibrate_to(void *); 372 static void run_calibrate_cb(struct run_softc *, void *); 373 static void run_newassoc(struct ieee80211_node *, int); 374 static void run_rx_frame(struct run_softc *, uint8_t *, int); 375 static void run_rxeof(usbd_xfer_handle, usbd_private_handle, 376 usbd_status); 377 static void run_txeof(usbd_xfer_handle, usbd_private_handle, 378 usbd_status); 379 static int run_tx(struct run_softc *, struct mbuf *, 380 struct ieee80211_node *); 381 static void run_start(struct ifnet *); 382 static void run_watchdog(struct ifnet *); 383 static int run_ioctl(struct ifnet *, u_long, void *); 384 static void run_select_chan_group(struct run_softc *, int); 385 static void run_set_agc(struct run_softc *, uint8_t); 386 static void run_set_rx_antenna(struct run_softc *, int); 387 static void run_rt2870_set_chan(struct run_softc *, u_int); 388 static void run_rt3070_set_chan(struct run_softc *, u_int); 389 static void run_rt3572_set_chan(struct run_softc *, u_int); 390 static int run_set_chan(struct run_softc *, 391 struct ieee80211_channel *); 392 static void run_enable_tsf_sync(struct run_softc *); 393 static void run_enable_mrr(struct run_softc *); 394 static void run_set_txpreamble(struct run_softc *); 395 static void run_set_basicrates(struct run_softc *); 396 static void run_set_leds(struct run_softc *, uint16_t); 397 static void run_set_bssid(struct run_softc *, const uint8_t *); 398 static void run_set_macaddr(struct run_softc *, const uint8_t *); 399 static void run_updateslot(struct ifnet *); 400 static void run_updateslot_cb(struct run_softc *, void *); 401 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 402 static int run_bbp_init(struct run_softc *); 403 static int run_rt3070_rf_init(struct run_softc *); 404 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, 405 uint8_t, uint8_t *); 406 static void run_rt3070_rf_setup(struct run_softc *); 407 static int run_txrx_enable(struct run_softc *); 408 static int run_init(struct ifnet *); 409 static void run_stop(struct ifnet *, int); 410 #ifndef IEEE80211_STA_ONLY 411 static int run_setup_beacon(struct run_softc *); 412 #endif 413 414 static const struct { 415 uint32_t reg; 416 uint32_t val; 417 } rt2870_def_mac[] = { 418 RT2870_DEF_MAC 419 }; 420 421 static const struct { 422 uint8_t reg; 423 uint8_t val; 424 } rt2860_def_bbp[] = { 425 RT2860_DEF_BBP 426 }; 427 428 static const struct rfprog { 429 uint8_t chan; 430 uint32_t r1, r2, r3, r4; 431 } rt2860_rf2850[] = { 432 RT2860_RF2850 433 }; 434 435 static const struct { 436 uint8_t n, r, k; 437 } rt3070_freqs[] = { 438 RT3070_RF3052 439 }; 440 441 static const struct { 442 uint8_t reg; 443 uint8_t val; 444 } rt3070_def_rf[] = { 445 RT3070_DEF_RF 446 }, rt3572_def_rf[] = { 447 RT3572_DEF_RF 448 }; 449 450 static int 451 firmware_load(const char *dname, const char *iname, uint8_t **ucodep, 452 size_t *sizep) 453 { 454 firmware_handle_t fh; 455 int error; 456 457 if ((error = firmware_open(dname, iname, &fh)) != 0) 458 return (error); 459 *sizep = firmware_get_size(fh); 460 if ((*ucodep = firmware_malloc(*sizep)) == NULL) { 461 firmware_close(fh); 462 return (ENOMEM); 463 } 464 if ((error = firmware_read(fh, 0, *ucodep, *sizep)) != 0) 465 firmware_free(*ucodep, *sizep); 466 firmware_close(fh); 467 468 return (error); 469 } 470 471 static int 472 run_match(device_t parent, cfdata_t match, void *aux) 473 { 474 struct usb_attach_arg *uaa = aux; 475 476 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ? 477 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 478 } 479 480 static void 481 run_attach(device_t parent, device_t self, void *aux) 482 { 483 struct run_softc *sc = device_private(self); 484 struct usb_attach_arg *uaa = aux; 485 struct ieee80211com *ic = &sc->sc_ic; 486 struct ifnet *ifp = &sc->sc_if; 487 usb_interface_descriptor_t *id; 488 usb_endpoint_descriptor_t *ed; 489 char *devinfop; 490 int i, nrx, ntx, ntries, error; 491 uint32_t ver; 492 493 aprint_naive("\n"); 494 aprint_normal("\n"); 495 496 sc->sc_dev = self; 497 sc->sc_udev = uaa->device; 498 499 devinfop = usbd_devinfo_alloc(sc->sc_udev, 0); 500 aprint_normal_dev(sc->sc_dev, "%s\n", devinfop); 501 usbd_devinfo_free(devinfop); 502 503 if (usbd_set_config_no(sc->sc_udev, 1, 0) != 0) { 504 aprint_error_dev(sc->sc_dev, 505 "could not set configuration no\n"); 506 return; 507 } 508 509 /* get the first interface handle */ 510 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 511 if (error != 0) { 512 aprint_error_dev(sc->sc_dev, 513 "could not get interface handle\n"); 514 return; 515 } 516 517 /* 518 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX 519 * and 6 for TX (4 EDCAs + HCCA + Prio). 520 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 521 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 522 */ 523 nrx = ntx = 0; 524 id = usbd_get_interface_descriptor(sc->sc_iface); 525 for (i = 0; i < id->bNumEndpoints; i++) { 526 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 527 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK) 528 continue; 529 530 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) { 531 sc->rxq.pipe_no = ed->bEndpointAddress; 532 nrx++; 533 } else if (ntx < 4) { 534 sc->txq[ntx].pipe_no = ed->bEndpointAddress; 535 ntx++; 536 } 537 } 538 /* make sure we've got them all */ 539 if (nrx < 1 || ntx < 4) { 540 aprint_error_dev(sc->sc_dev, "missing endpoint\n"); 541 return; 542 } 543 544 usb_init_task(&sc->sc_task, run_task, sc); 545 callout_init(&sc->scan_to, 0); 546 callout_setfunc(&sc->scan_to, run_next_scan, sc); 547 callout_init(&sc->calib_to, 0); 548 callout_setfunc(&sc->calib_to, run_calibrate_to, sc); 549 550 sc->amrr.amrr_min_success_threshold = 1; 551 sc->amrr.amrr_max_success_threshold = 10; 552 553 /* wait for the chip to settle */ 554 for (ntries = 0; ntries < 100; ntries++) { 555 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) 556 return; 557 if (ver != 0 && ver != 0xffffffff) 558 break; 559 DELAY(10); 560 } 561 if (ntries == 100) { 562 aprint_error_dev(sc->sc_dev, 563 "timeout waiting for NIC to initialize\n"); 564 return; 565 } 566 sc->mac_ver = ver >> 16; 567 sc->mac_rev = ver & 0xffff; 568 569 /* retrieve RF rev. no and various other things from EEPROM */ 570 run_read_eeprom(sc); 571 572 aprint_error_dev(sc->sc_dev, 573 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 574 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains, 575 sc->nrxchains, ether_sprintf(ic->ic_myaddr)); 576 577 ic->ic_ifp = ifp; 578 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 579 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 580 ic->ic_state = IEEE80211_S_INIT; 581 582 /* set device capabilities */ 583 ic->ic_caps = 584 IEEE80211_C_MONITOR | /* monitor mode supported */ 585 #ifndef IEEE80211_STA_ONLY 586 IEEE80211_C_IBSS | /* IBSS mode supported */ 587 IEEE80211_C_HOSTAP | /* HostAP mode supported */ 588 #endif 589 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 590 IEEE80211_C_SHSLOT | /* short slot time supported */ 591 #ifdef RUN_HWCRYPTO 592 IEEE80211_C_WEP | /* WEP */ 593 IEEE80211_C_TKIP | /* TKIP */ 594 IEEE80211_C_AES_CCM | /* AES CCMP */ 595 IEEE80211_C_TKIPMIC | /* TKIPMIC */ 596 #endif 597 IEEE80211_C_WME | /* WME */ 598 IEEE80211_C_WPA; /* WPA/RSN */ 599 600 if (sc->rf_rev == RT2860_RF_2750 || 601 sc->rf_rev == RT2860_RF_2850 || 602 sc->rf_rev == RT3070_RF_3052) { 603 /* set supported .11a rates */ 604 ic->ic_sup_rates[IEEE80211_MODE_11A] = 605 ieee80211_std_rateset_11a; 606 607 /* set supported .11a channels */ 608 for (i = 14; i < (int)__arraycount(rt2860_rf2850); i++) { 609 uint8_t chan = rt2860_rf2850[i].chan; 610 ic->ic_channels[chan].ic_freq = 611 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 612 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 613 } 614 } 615 616 /* set supported .11b and .11g rates */ 617 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 618 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 619 620 /* set supported .11b and .11g channels (1 through 14) */ 621 for (i = 1; i <= 14; i++) { 622 ic->ic_channels[i].ic_freq = 623 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 624 ic->ic_channels[i].ic_flags = 625 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 626 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 627 } 628 629 ifp->if_softc = sc; 630 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 631 ifp->if_init = run_init; 632 ifp->if_ioctl = run_ioctl; 633 ifp->if_start = run_start; 634 ifp->if_watchdog = run_watchdog; 635 IFQ_SET_READY(&ifp->if_snd); 636 memcpy(ifp->if_xname, device_xname(sc->sc_dev), IFNAMSIZ); 637 638 if_attach(ifp); 639 ieee80211_ifattach(ic); 640 ic->ic_node_alloc = run_node_alloc; 641 ic->ic_newassoc = run_newassoc; 642 ic->ic_updateslot = run_updateslot; 643 ic->ic_wme.wme_update = run_updateedca; 644 #ifdef RUN_HWCRYPTO 645 ic->ic_crypto.cs_key_set = run_set_key; 646 ic->ic_crypto.cs_key_delete = run_delete_key; 647 #endif 648 /* override state transition machine */ 649 sc->sc_newstate = ic->ic_newstate; 650 ic->ic_newstate = run_newstate; 651 ieee80211_media_init(ic, run_media_change, ieee80211_media_status); 652 653 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 654 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 655 &sc->sc_drvbpf); 656 657 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 658 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 659 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT); 660 661 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 662 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 663 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT); 664 665 ieee80211_announce(ic); 666 667 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, sc->sc_dev); 668 } 669 670 static int 671 run_detach(device_t self, int flags) 672 { 673 struct run_softc *sc = device_private(self); 674 struct ifnet *ifp = &sc->sc_if; 675 struct ieee80211com *ic = &sc->sc_ic; 676 int s; 677 678 if (ifp->if_softc == NULL) 679 return (0); 680 681 s = splnet(); 682 683 sc->sc_flags |= RUN_DETACHING; 684 685 if (ifp->if_flags & IFF_RUNNING) { 686 usb_rem_task(sc->sc_udev, &sc->sc_task); 687 run_stop(ifp, 0); 688 } 689 690 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 691 bpf_detach(ifp); 692 ieee80211_ifdetach(ic); 693 if_detach(ifp); 694 695 splx(s); 696 697 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, sc->sc_dev); 698 699 callout_destroy(&sc->scan_to); 700 callout_destroy(&sc->calib_to); 701 702 return (0); 703 } 704 705 static int 706 run_activate(device_t self, enum devact act) 707 { 708 struct run_softc *sc = device_private(self); 709 710 switch (act) { 711 case DVACT_DEACTIVATE: 712 if_deactivate(sc->sc_ic.ic_ifp); 713 return (0); 714 default: 715 return (EOPNOTSUPP); 716 } 717 } 718 719 static int 720 run_alloc_rx_ring(struct run_softc *sc) 721 { 722 struct run_rx_ring *rxq = &sc->rxq; 723 int i, error; 724 725 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh); 726 if (error != 0) 727 goto fail; 728 729 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 730 struct run_rx_data *data = &rxq->data[i]; 731 732 data->sc = sc; /* backpointer for callbacks */ 733 734 data->xfer = usbd_alloc_xfer(sc->sc_udev); 735 if (data->xfer == NULL) { 736 error = ENOMEM; 737 goto fail; 738 } 739 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ); 740 if (data->buf == NULL) { 741 error = ENOMEM; 742 goto fail; 743 } 744 } 745 if (error != 0) 746 fail: run_free_rx_ring(sc); 747 return (error); 748 } 749 750 static void 751 run_free_rx_ring(struct run_softc *sc) 752 { 753 struct run_rx_ring *rxq = &sc->rxq; 754 int i; 755 756 if (rxq->pipeh != NULL) { 757 usbd_abort_pipe(rxq->pipeh); 758 usbd_close_pipe(rxq->pipeh); 759 rxq->pipeh = NULL; 760 } 761 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 762 if (rxq->data[i].xfer != NULL) 763 usbd_free_xfer(rxq->data[i].xfer); 764 rxq->data[i].xfer = NULL; 765 } 766 } 767 768 static int 769 run_alloc_tx_ring(struct run_softc *sc, int qid) 770 { 771 struct run_tx_ring *txq = &sc->txq[qid]; 772 int i, error; 773 774 txq->cur = txq->queued = 0; 775 776 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh); 777 if (error != 0) 778 goto fail; 779 780 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 781 struct run_tx_data *data = &txq->data[i]; 782 783 data->sc = sc; /* backpointer for callbacks */ 784 data->qid = qid; 785 786 data->xfer = usbd_alloc_xfer(sc->sc_udev); 787 if (data->xfer == NULL) { 788 error = ENOMEM; 789 goto fail; 790 } 791 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ); 792 if (data->buf == NULL) { 793 error = ENOMEM; 794 goto fail; 795 } 796 /* zeroize the TXD + TXWI part */ 797 memset(data->buf, 0, sizeof (struct rt2870_txd) + 798 sizeof (struct rt2860_txwi)); 799 } 800 if (error != 0) 801 fail: run_free_tx_ring(sc, qid); 802 return (error); 803 } 804 805 static void 806 run_free_tx_ring(struct run_softc *sc, int qid) 807 { 808 struct run_tx_ring *txq = &sc->txq[qid]; 809 int i; 810 811 if (txq->pipeh != NULL) { 812 usbd_abort_pipe(txq->pipeh); 813 usbd_close_pipe(txq->pipeh); 814 txq->pipeh = NULL; 815 } 816 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 817 if (txq->data[i].xfer != NULL) 818 usbd_free_xfer(txq->data[i].xfer); 819 txq->data[i].xfer = NULL; 820 } 821 } 822 823 static int 824 run_load_microcode(struct run_softc *sc) 825 { 826 usb_device_request_t req; 827 const char *fwname; 828 u_char *ucode; 829 size_t size; 830 uint32_t tmp; 831 int ntries, error; 832 833 /* RT3071/RT3072 use a different firmware */ 834 if (sc->mac_ver != 0x2860 && 835 sc->mac_ver != 0x2872 && 836 sc->mac_ver != 0x3070) 837 fwname = "run-rt3071"; 838 else 839 fwname = "run-rt2870"; 840 841 if ((error = firmware_load("run", fwname, &ucode, &size)) != 0) { 842 aprint_error_dev(sc->sc_dev, 843 "error %d, could not read firmware %s\n", error, fwname); 844 return (error); 845 } 846 if (size != 4096) { 847 aprint_error_dev(sc->sc_dev, 848 "invalid firmware size (should be 4KB)\n"); 849 firmware_free(ucode, size); 850 return (EINVAL); 851 } 852 853 run_read(sc, RT2860_ASIC_VER_ID, &tmp); 854 /* write microcode image */ 855 run_write_region_1(sc, RT2870_FW_BASE, ucode, size); 856 firmware_free(ucode, size); 857 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 858 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 859 860 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 861 req.bRequest = RT2870_RESET; 862 USETW(req.wValue, 8); 863 USETW(req.wIndex, 0); 864 USETW(req.wLength, 0); 865 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0) 866 return (error); 867 868 usbd_delay_ms(sc->sc_udev, 10); 869 run_write(sc, RT2860_H2M_MAILBOX, 0); 870 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 871 return (error); 872 873 /* wait until microcontroller is ready */ 874 for (ntries = 0; ntries < 1000; ntries++) { 875 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 876 return (error); 877 if (tmp & RT2860_MCU_READY) 878 break; 879 DELAY(1000); 880 } 881 if (ntries == 1000) { 882 aprint_error_dev(sc->sc_dev, 883 "timeout waiting for MCU to initialize\n"); 884 return (ETIMEDOUT); 885 } 886 887 sc->sc_flags |= RUN_FWLOADED; 888 889 DPRINTF(("microcode successfully loaded after %d tries\n", ntries)); 890 return (0); 891 } 892 893 static int 894 run_reset(struct run_softc *sc) 895 { 896 usb_device_request_t req; 897 898 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 899 req.bRequest = RT2870_RESET; 900 USETW(req.wValue, 1); 901 USETW(req.wIndex, 0); 902 USETW(req.wLength, 0); 903 return usbd_do_request(sc->sc_udev, &req, NULL); 904 } 905 906 static int 907 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 908 { 909 uint32_t tmp; 910 int error; 911 912 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 913 if (error == 0) 914 *val = le32toh(tmp); 915 else 916 *val = 0xffffffff; 917 return (error); 918 } 919 920 static int 921 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 922 { 923 usb_device_request_t req; 924 925 req.bmRequestType = UT_READ_VENDOR_DEVICE; 926 req.bRequest = RT2870_READ_REGION_1; 927 USETW(req.wValue, 0); 928 USETW(req.wIndex, reg); 929 USETW(req.wLength, len); 930 return usbd_do_request(sc->sc_udev, &req, buf); 931 } 932 933 static int 934 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 935 { 936 usb_device_request_t req; 937 938 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 939 req.bRequest = RT2870_WRITE_2; 940 USETW(req.wValue, val); 941 USETW(req.wIndex, reg); 942 USETW(req.wLength, 0); 943 return usbd_do_request(sc->sc_udev, &req, NULL); 944 } 945 946 static int 947 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 948 { 949 int error; 950 951 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 952 error = run_write_2(sc, reg + 2, val >> 16); 953 return (error); 954 } 955 956 static int 957 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 958 int len) 959 { 960 #if 1 961 int i, error = 0; 962 /* 963 * NB: the WRITE_REGION_1 command is not stable on RT2860. 964 * We thus issue multiple WRITE_2 commands instead. 965 */ 966 KASSERT((len & 1) == 0); 967 for (i = 0; i < len && error == 0; i += 2) 968 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 969 return (error); 970 #else 971 usb_device_request_t req; 972 973 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 974 req.bRequest = RT2870_WRITE_REGION_1; 975 USETW(req.wValue, 0); 976 USETW(req.wIndex, reg); 977 USETW(req.wLength, len); 978 return usbd_do_request(sc->sc_udev, &req, buf); 979 #endif 980 } 981 982 static int 983 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count) 984 { 985 int error = 0; 986 987 for (; count > 0 && error == 0; count--, reg += 4) 988 error = run_write(sc, reg, val); 989 return (error); 990 } 991 992 /* Read 16-bit from eFUSE ROM (RT3070 only.) */ 993 static int 994 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 995 { 996 uint32_t tmp; 997 uint16_t reg; 998 int error, ntries; 999 1000 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1001 return (error); 1002 1003 addr *= 2; 1004 /*- 1005 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1006 * DATA0: F E D C 1007 * DATA1: B A 9 8 1008 * DATA2: 7 6 5 4 1009 * DATA3: 3 2 1 0 1010 */ 1011 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1012 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1013 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1014 for (ntries = 0; ntries < 100; ntries++) { 1015 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1016 return (error); 1017 if (!(tmp & RT3070_EFSROM_KICK)) 1018 break; 1019 DELAY(2); 1020 } 1021 if (ntries == 100) 1022 return (ETIMEDOUT); 1023 1024 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1025 *val = 0xffff; /* address not found */ 1026 return (0); 1027 } 1028 /* determine to which 32-bit register our 16-bit word belongs */ 1029 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1030 if ((error = run_read(sc, reg, &tmp)) != 0) 1031 return (error); 1032 1033 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1034 return (0); 1035 } 1036 1037 static int 1038 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1039 { 1040 usb_device_request_t req; 1041 uint16_t tmp; 1042 int error; 1043 1044 addr *= 2; 1045 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1046 req.bRequest = RT2870_EEPROM_READ; 1047 USETW(req.wValue, 0); 1048 USETW(req.wIndex, addr); 1049 USETW(req.wLength, sizeof tmp); 1050 error = usbd_do_request(sc->sc_udev, &req, &tmp); 1051 if (error == 0) 1052 *val = le16toh(tmp); 1053 else 1054 *val = 0xffff; 1055 return (error); 1056 } 1057 1058 static __inline int 1059 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1060 { 1061 1062 /* either eFUSE ROM or EEPROM */ 1063 return sc->sc_srom_read(sc, addr, val); 1064 } 1065 1066 static int 1067 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 1068 { 1069 uint32_t tmp; 1070 int error, ntries; 1071 1072 for (ntries = 0; ntries < 10; ntries++) { 1073 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1074 return (error); 1075 if (!(tmp & RT2860_RF_REG_CTRL)) 1076 break; 1077 } 1078 if (ntries == 10) 1079 return (ETIMEDOUT); 1080 1081 /* RF registers are 24-bit on the RT2860 */ 1082 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1083 (val & 0x3fffff) << 2 | (reg & 3); 1084 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1085 } 1086 1087 static int 1088 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1089 { 1090 uint32_t tmp; 1091 int error, ntries; 1092 1093 for (ntries = 0; ntries < 100; ntries++) { 1094 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1095 return (error); 1096 if (!(tmp & RT3070_RF_KICK)) 1097 break; 1098 } 1099 if (ntries == 100) 1100 return (ETIMEDOUT); 1101 1102 tmp = RT3070_RF_KICK | reg << 8; 1103 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1104 return (error); 1105 1106 for (ntries = 0; ntries < 100; ntries++) { 1107 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1108 return (error); 1109 if (!(tmp & RT3070_RF_KICK)) 1110 break; 1111 } 1112 if (ntries == 100) 1113 return (ETIMEDOUT); 1114 1115 *val = tmp & 0xff; 1116 return (0); 1117 } 1118 1119 static int 1120 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1121 { 1122 uint32_t tmp; 1123 int error, ntries; 1124 1125 for (ntries = 0; ntries < 10; ntries++) { 1126 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1127 return (error); 1128 if (!(tmp & RT3070_RF_KICK)) 1129 break; 1130 } 1131 if (ntries == 10) 1132 return (ETIMEDOUT); 1133 1134 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1135 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1136 } 1137 1138 static int 1139 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1140 { 1141 uint32_t tmp; 1142 int ntries, error; 1143 1144 for (ntries = 0; ntries < 10; ntries++) { 1145 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1146 return (error); 1147 if (!(tmp & RT2860_BBP_CSR_KICK)) 1148 break; 1149 } 1150 if (ntries == 10) 1151 return (ETIMEDOUT); 1152 1153 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1154 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1155 return (error); 1156 1157 for (ntries = 0; ntries < 10; ntries++) { 1158 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1159 return (error); 1160 if (!(tmp & RT2860_BBP_CSR_KICK)) 1161 break; 1162 } 1163 if (ntries == 10) 1164 return (ETIMEDOUT); 1165 1166 *val = tmp & 0xff; 1167 return (0); 1168 } 1169 1170 static int 1171 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1172 { 1173 uint32_t tmp; 1174 int ntries, error; 1175 1176 for (ntries = 0; ntries < 10; ntries++) { 1177 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1178 return (error); 1179 if (!(tmp & RT2860_BBP_CSR_KICK)) 1180 break; 1181 } 1182 if (ntries == 10) 1183 return (ETIMEDOUT); 1184 1185 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1186 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1187 } 1188 1189 /* 1190 * Send a command to the 8051 microcontroller unit. 1191 */ 1192 static int 1193 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1194 { 1195 uint32_t tmp; 1196 int error, ntries; 1197 1198 for (ntries = 0; ntries < 100; ntries++) { 1199 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1200 return (error); 1201 if (!(tmp & RT2860_H2M_BUSY)) 1202 break; 1203 } 1204 if (ntries == 100) 1205 return (ETIMEDOUT); 1206 1207 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1208 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1209 error = run_write(sc, RT2860_HOST_CMD, cmd); 1210 return (error); 1211 } 1212 1213 /* 1214 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1215 * Used to adjust per-rate Tx power registers. 1216 */ 1217 static __inline uint32_t 1218 b4inc(uint32_t b32, int8_t delta) 1219 { 1220 int8_t i, b4; 1221 1222 for (i = 0; i < 8; i++) { 1223 b4 = b32 & 0xf; 1224 b4 += delta; 1225 if (b4 < 0) 1226 b4 = 0; 1227 else if (b4 > 0xf) 1228 b4 = 0xf; 1229 b32 = b32 >> 4 | b4 << 28; 1230 } 1231 return (b32); 1232 } 1233 1234 static const char * 1235 run_get_rf(int rev) 1236 { 1237 switch (rev) { 1238 case RT2860_RF_2820: return "RT2820"; 1239 case RT2860_RF_2850: return "RT2850"; 1240 case RT2860_RF_2720: return "RT2720"; 1241 case RT2860_RF_2750: return "RT2750"; 1242 case RT3070_RF_3020: return "RT3020"; 1243 case RT3070_RF_2020: return "RT2020"; 1244 case RT3070_RF_3021: return "RT3021"; 1245 case RT3070_RF_3022: return "RT3022"; 1246 case RT3070_RF_3052: return "RT3052"; 1247 } 1248 return "unknown"; 1249 } 1250 1251 static int 1252 run_read_eeprom(struct run_softc *sc) 1253 { 1254 struct ieee80211com *ic = &sc->sc_ic; 1255 int8_t delta_2ghz, delta_5ghz; 1256 uint32_t tmp; 1257 uint16_t val; 1258 int ridx, ant, i; 1259 1260 /* check whether the ROM is eFUSE ROM or EEPROM */ 1261 sc->sc_srom_read = run_eeprom_read_2; 1262 if (sc->mac_ver >= 0x3070) { 1263 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1264 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp)); 1265 if (tmp & RT3070_SEL_EFUSE) 1266 sc->sc_srom_read = run_efuse_read_2; 1267 } 1268 1269 /* read ROM version */ 1270 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1271 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8)); 1272 1273 /* read MAC address */ 1274 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1275 ic->ic_myaddr[0] = val & 0xff; 1276 ic->ic_myaddr[1] = val >> 8; 1277 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1278 ic->ic_myaddr[2] = val & 0xff; 1279 ic->ic_myaddr[3] = val >> 8; 1280 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1281 ic->ic_myaddr[4] = val & 0xff; 1282 ic->ic_myaddr[5] = val >> 8; 1283 1284 /* read vendor BBP settings */ 1285 for (i = 0; i < 10; i++) { 1286 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1287 sc->bbp[i].val = val & 0xff; 1288 sc->bbp[i].reg = val >> 8; 1289 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val)); 1290 } 1291 if (sc->mac_ver >= 0x3071) { 1292 /* read vendor RF settings */ 1293 for (i = 0; i < 10; i++) { 1294 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, &val); 1295 sc->rf[i].val = val & 0xff; 1296 sc->rf[i].reg = val >> 8; 1297 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg, 1298 sc->rf[i].val)); 1299 } 1300 } 1301 1302 /* read RF frequency offset from EEPROM */ 1303 run_srom_read(sc, RT2860_EEPROM_FREQ_LEDS, &val); 1304 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1305 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff)); 1306 1307 if ((val >> 8) != 0xff) { 1308 /* read LEDs operating mode */ 1309 sc->leds = val >> 8; 1310 run_srom_read(sc, RT2860_EEPROM_LED1, &sc->led[0]); 1311 run_srom_read(sc, RT2860_EEPROM_LED2, &sc->led[1]); 1312 run_srom_read(sc, RT2860_EEPROM_LED3, &sc->led[2]); 1313 } else { 1314 /* broken EEPROM, use default settings */ 1315 sc->leds = 0x01; 1316 sc->led[0] = 0x5555; 1317 sc->led[1] = 0x2221; 1318 sc->led[2] = 0x5627; /* differs from RT2860 */ 1319 } 1320 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1321 sc->leds, sc->led[0], sc->led[1], sc->led[2])); 1322 1323 /* read RF information */ 1324 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1325 if (val == 0xffff) { 1326 DPRINTF(("invalid EEPROM antenna info, using default\n")); 1327 if (sc->mac_ver == 0x3572) { 1328 /* default to RF3052 2T2R */ 1329 sc->rf_rev = RT3070_RF_3052; 1330 sc->ntxchains = 2; 1331 sc->nrxchains = 2; 1332 } else if (sc->mac_ver >= 0x3070) { 1333 /* default to RF3020 1T1R */ 1334 sc->rf_rev = RT3070_RF_3020; 1335 sc->ntxchains = 1; 1336 sc->nrxchains = 1; 1337 } else { 1338 /* default to RF2820 1T2R */ 1339 sc->rf_rev = RT2860_RF_2820; 1340 sc->ntxchains = 1; 1341 sc->nrxchains = 2; 1342 } 1343 } else { 1344 sc->rf_rev = (val >> 8) & 0xf; 1345 sc->ntxchains = (val >> 4) & 0xf; 1346 sc->nrxchains = val & 0xf; 1347 } 1348 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1349 sc->rf_rev, sc->ntxchains, sc->nrxchains)); 1350 1351 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1352 DPRINTF(("EEPROM CFG 0x%04x\n", val)); 1353 /* check if driver should patch the DAC issue */ 1354 if ((val >> 8) != 0xff) 1355 sc->patch_dac = (val >> 15) & 1; 1356 if ((val & 0xff) != 0xff) { 1357 sc->ext_5ghz_lna = (val >> 3) & 1; 1358 sc->ext_2ghz_lna = (val >> 2) & 1; 1359 /* check if RF supports automatic Tx access gain control */ 1360 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1361 /* check if we have a hardware radio switch */ 1362 sc->rfswitch = val & 1; 1363 } 1364 1365 /* read power settings for 2GHz channels */ 1366 for (i = 0; i < 14; i += 2) { 1367 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1368 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1369 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1370 1371 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1372 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1373 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1374 } 1375 /* fix broken Tx power entries */ 1376 for (i = 0; i < 14; i++) { 1377 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1378 sc->txpow1[i] = 5; 1379 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1380 sc->txpow2[i] = 5; 1381 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1382 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i])); 1383 } 1384 /* read power settings for 5GHz channels */ 1385 for (i = 0; i < 40; i += 2) { 1386 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1387 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1388 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1389 1390 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1391 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1392 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1393 } 1394 /* fix broken Tx power entries */ 1395 for (i = 0; i < 40; i++) { 1396 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1397 sc->txpow1[14 + i] = 5; 1398 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1399 sc->txpow2[14 + i] = 5; 1400 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1401 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1402 sc->txpow2[14 + i])); 1403 } 1404 1405 /* read Tx power compensation for each Tx rate */ 1406 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1407 delta_2ghz = delta_5ghz = 0; 1408 if ((val & 0xff) != 0xff && (val & 0x80)) { 1409 delta_2ghz = val & 0xf; 1410 if (!(val & 0x40)) /* negative number */ 1411 delta_2ghz = -delta_2ghz; 1412 } 1413 val >>= 8; 1414 if ((val & 0xff) != 0xff && (val & 0x80)) { 1415 delta_5ghz = val & 0xf; 1416 if (!(val & 0x40)) /* negative number */ 1417 delta_5ghz = -delta_5ghz; 1418 } 1419 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n", 1420 delta_2ghz, delta_5ghz)); 1421 1422 for (ridx = 0; ridx < 5; ridx++) { 1423 uint32_t reg; 1424 1425 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1426 reg = val; 1427 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1428 reg |= (uint32_t)val << 16; 1429 1430 sc->txpow20mhz[ridx] = reg; 1431 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1432 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1433 1434 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1435 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1436 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx])); 1437 } 1438 1439 /* read RSSI offsets and LNA gains from EEPROM */ 1440 run_srom_read(sc, RT2860_EEPROM_RSSI1_2GHZ, &val); 1441 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1442 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1443 run_srom_read(sc, RT2860_EEPROM_RSSI2_2GHZ, &val); 1444 if (sc->mac_ver >= 0x3070) { 1445 /* 1446 * On RT3070 chips (limited to 2 Rx chains), this ROM 1447 * field contains the Tx mixer gain for the 2GHz band. 1448 */ 1449 if ((val & 0xff) != 0xff) 1450 sc->txmixgain_2ghz = val & 0x7; 1451 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz)); 1452 } else { 1453 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1454 } 1455 sc->lna[2] = val >> 8; /* channel group 2 */ 1456 1457 run_srom_read(sc, RT2860_EEPROM_RSSI1_5GHZ, &val); 1458 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1459 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1460 run_srom_read(sc, RT2860_EEPROM_RSSI2_5GHZ, &val); 1461 if (sc->mac_ver == 0x3572) { 1462 /* 1463 * On RT3572 chips (limited to 2 Rx chains), this ROM 1464 * field contains the Tx mixer gain for the 5GHz band. 1465 */ 1466 if ((val & 0xff) != 0xff) 1467 sc->txmixgain_5ghz = val & 0x7; 1468 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz)); 1469 } else { 1470 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1471 } 1472 sc->lna[3] = val >> 8; /* channel group 3 */ 1473 1474 run_srom_read(sc, RT2860_EEPROM_LNA, &val); 1475 sc->lna[0] = val & 0xff; /* channel group 0 */ 1476 sc->lna[1] = val >> 8; /* channel group 1 */ 1477 1478 /* fix broken 5GHz LNA entries */ 1479 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1480 DPRINTF(("invalid LNA for channel group %d\n", 2)); 1481 sc->lna[2] = sc->lna[1]; 1482 } 1483 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1484 DPRINTF(("invalid LNA for channel group %d\n", 3)); 1485 sc->lna[3] = sc->lna[1]; 1486 } 1487 1488 /* fix broken RSSI offset entries */ 1489 for (ant = 0; ant < 3; ant++) { 1490 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1491 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n", 1492 ant + 1, sc->rssi_2ghz[ant])); 1493 sc->rssi_2ghz[ant] = 0; 1494 } 1495 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1496 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n", 1497 ant + 1, sc->rssi_5ghz[ant])); 1498 sc->rssi_5ghz[ant] = 0; 1499 } 1500 } 1501 return (0); 1502 } 1503 1504 static struct ieee80211_node * 1505 run_node_alloc(struct ieee80211_node_table *nt) 1506 { 1507 struct run_node *rn = 1508 malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1509 return (rn) ? &rn->ni : NULL; 1510 } 1511 1512 static int 1513 run_media_change(struct ifnet *ifp) 1514 { 1515 struct run_softc *sc = ifp->if_softc; 1516 struct ieee80211com *ic = &sc->sc_ic; 1517 uint8_t rate, ridx; 1518 int error; 1519 1520 error = ieee80211_media_change(ifp); 1521 if (error != ENETRESET) 1522 return (error); 1523 1524 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1525 rate = ic->ic_sup_rates[ic->ic_curmode]. 1526 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1527 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++) 1528 if (rt2860_rates[ridx].rate == rate) 1529 break; 1530 sc->fixed_ridx = ridx; 1531 } 1532 1533 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1534 run_init(ifp); 1535 1536 return (0); 1537 } 1538 1539 static void 1540 run_next_scan(void *arg) 1541 { 1542 struct run_softc *sc = arg; 1543 1544 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1545 ieee80211_next_scan(&sc->sc_ic); 1546 } 1547 1548 static void 1549 run_task(void *arg) 1550 { 1551 struct run_softc *sc = arg; 1552 struct run_host_cmd_ring *ring = &sc->cmdq; 1553 struct run_host_cmd *cmd; 1554 int s; 1555 1556 /* process host commands */ 1557 s = splusb(); 1558 while (ring->next != ring->cur) { 1559 cmd = &ring->cmd[ring->next]; 1560 splx(s); 1561 /* callback */ 1562 cmd->cb(sc, cmd->data); 1563 s = splusb(); 1564 ring->queued--; 1565 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT; 1566 } 1567 wakeup(ring); 1568 splx(s); 1569 } 1570 1571 static void 1572 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *), 1573 void *arg, int len) 1574 { 1575 struct run_host_cmd_ring *ring = &sc->cmdq; 1576 struct run_host_cmd *cmd; 1577 int s; 1578 1579 if (sc->sc_flags & RUN_DETACHING) 1580 return; 1581 1582 s = splusb(); 1583 cmd = &ring->cmd[ring->cur]; 1584 cmd->cb = cb; 1585 KASSERT(len <= sizeof (cmd->data)); 1586 memcpy(cmd->data, arg, len); 1587 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT; 1588 1589 /* if there is no pending command already, schedule a task */ 1590 if (++ring->queued == 1) 1591 usb_add_task(sc->sc_udev, &sc->sc_task, USB_TASKQ_DRIVER); 1592 splx(s); 1593 } 1594 1595 static int 1596 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1597 { 1598 struct run_softc *sc = ic->ic_ifp->if_softc; 1599 struct run_cmd_newstate cmd; 1600 1601 callout_stop(&sc->scan_to); 1602 callout_stop(&sc->calib_to); 1603 1604 /* do it in a process context */ 1605 cmd.state = nstate; 1606 cmd.arg = arg; 1607 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd); 1608 return (0); 1609 } 1610 1611 static void 1612 run_newstate_cb(struct run_softc *sc, void *arg) 1613 { 1614 struct run_cmd_newstate *cmd = arg; 1615 struct ifnet *ifp = &sc->sc_if; 1616 struct ieee80211com *ic = &sc->sc_ic; 1617 enum ieee80211_state ostate; 1618 struct ieee80211_node *ni; 1619 uint32_t tmp, sta[3]; 1620 uint8_t wcid; 1621 int s; 1622 1623 s = splnet(); 1624 ostate = ic->ic_state; 1625 1626 if (ostate == IEEE80211_S_RUN) { 1627 /* turn link LED off */ 1628 run_set_leds(sc, RT2860_LED_RADIO); 1629 } 1630 1631 switch (cmd->state) { 1632 case IEEE80211_S_INIT: 1633 if (ostate == IEEE80211_S_RUN) { 1634 /* abort TSF synchronization */ 1635 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1636 run_write(sc, RT2860_BCN_TIME_CFG, 1637 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1638 RT2860_TBTT_TIMER_EN)); 1639 } 1640 break; 1641 1642 case IEEE80211_S_SCAN: 1643 run_set_chan(sc, ic->ic_curchan); 1644 callout_schedule(&sc->scan_to, hz / 5); 1645 break; 1646 1647 case IEEE80211_S_AUTH: 1648 case IEEE80211_S_ASSOC: 1649 run_set_chan(sc, ic->ic_curchan); 1650 break; 1651 1652 case IEEE80211_S_RUN: 1653 run_set_chan(sc, ic->ic_curchan); 1654 1655 ni = ic->ic_bss; 1656 1657 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1658 run_updateslot(ifp); 1659 run_enable_mrr(sc); 1660 run_set_txpreamble(sc); 1661 run_set_basicrates(sc); 1662 run_set_bssid(sc, ni->ni_bssid); 1663 } 1664 #ifndef IEEE80211_STA_ONLY 1665 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 1666 ic->ic_opmode == IEEE80211_M_IBSS) 1667 (void)run_setup_beacon(sc); 1668 #endif 1669 if (ic->ic_opmode == IEEE80211_M_STA) { 1670 /* add BSS entry to the WCID table */ 1671 wcid = RUN_AID2WCID(ni->ni_associd); 1672 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1673 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1674 1675 /* fake a join to init the tx rate */ 1676 run_newassoc(ni, 1); 1677 } 1678 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1679 run_enable_tsf_sync(sc); 1680 1681 /* clear statistic registers used by AMRR */ 1682 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1683 (uint8_t *)sta, sizeof sta); 1684 /* start calibration timer */ 1685 callout_schedule(&sc->calib_to, hz); 1686 } 1687 1688 /* turn link LED on */ 1689 run_set_leds(sc, RT2860_LED_RADIO | 1690 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 1691 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1692 break; 1693 } 1694 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 1695 splx(s); 1696 } 1697 1698 static int 1699 run_updateedca(struct ieee80211com *ic) 1700 { 1701 1702 /* do it in a process context */ 1703 run_do_async(ic->ic_ifp->if_softc, run_updateedca_cb, NULL, 0); 1704 return (0); 1705 } 1706 1707 /* ARGSUSED */ 1708 static void 1709 run_updateedca_cb(struct run_softc *sc, void *arg) 1710 { 1711 struct ieee80211com *ic = &sc->sc_ic; 1712 int s, aci; 1713 1714 s = splnet(); 1715 /* update MAC TX configuration registers */ 1716 for (aci = 0; aci < WME_NUM_AC; aci++) { 1717 run_write(sc, RT2860_EDCA_AC_CFG(aci), 1718 ic->ic_wme.wme_params[aci].wmep_logcwmax << 16 | 1719 ic->ic_wme.wme_params[aci].wmep_logcwmin << 12 | 1720 ic->ic_wme.wme_params[aci].wmep_aifsn << 8 | 1721 ic->ic_wme.wme_params[aci].wmep_txopLimit); 1722 } 1723 1724 /* update SCH/DMA registers too */ 1725 run_write(sc, RT2860_WMM_AIFSN_CFG, 1726 ic->ic_wme.wme_params[WME_AC_VO].wmep_aifsn << 12 | 1727 ic->ic_wme.wme_params[WME_AC_VI].wmep_aifsn << 8 | 1728 ic->ic_wme.wme_params[WME_AC_BK].wmep_aifsn << 4 | 1729 ic->ic_wme.wme_params[WME_AC_BE].wmep_aifsn); 1730 run_write(sc, RT2860_WMM_CWMIN_CFG, 1731 ic->ic_wme.wme_params[WME_AC_VO].wmep_logcwmin << 12 | 1732 ic->ic_wme.wme_params[WME_AC_VI].wmep_logcwmin << 8 | 1733 ic->ic_wme.wme_params[WME_AC_BK].wmep_logcwmin << 4 | 1734 ic->ic_wme.wme_params[WME_AC_BE].wmep_logcwmin); 1735 run_write(sc, RT2860_WMM_CWMAX_CFG, 1736 ic->ic_wme.wme_params[WME_AC_VO].wmep_logcwmax << 12 | 1737 ic->ic_wme.wme_params[WME_AC_VI].wmep_logcwmax << 8 | 1738 ic->ic_wme.wme_params[WME_AC_BK].wmep_logcwmax << 4 | 1739 ic->ic_wme.wme_params[WME_AC_BE].wmep_logcwmax); 1740 run_write(sc, RT2860_WMM_TXOP0_CFG, 1741 ic->ic_wme.wme_params[WME_AC_BK].wmep_txopLimit << 16 | 1742 ic->ic_wme.wme_params[WME_AC_BE].wmep_txopLimit); 1743 run_write(sc, RT2860_WMM_TXOP1_CFG, 1744 ic->ic_wme.wme_params[WME_AC_VO].wmep_txopLimit << 16 | 1745 ic->ic_wme.wme_params[WME_AC_VI].wmep_txopLimit); 1746 splx(s); 1747 } 1748 1749 #ifdef RUN_HWCRYPTO 1750 static int 1751 run_set_key(struct ieee80211com *ic, const struct ieee80211_key *k, 1752 const uint8_t *mac) 1753 { 1754 struct run_softc *sc = ic->ic_ifp->if_softc; 1755 struct ieee80211_node *ni = ic->ic_bss; 1756 struct run_cmd_key cmd; 1757 1758 /* do it in a process context */ 1759 cmd.key = *k; 1760 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1761 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd); 1762 return 1; 1763 } 1764 1765 static void 1766 run_set_key_cb(struct run_softc *sc, void *arg) 1767 { 1768 #ifndef IEEE80211_STA_ONLY 1769 struct ieee80211com *ic = &sc->sc_ic; 1770 #endif 1771 struct run_cmd_key *cmd = arg; 1772 struct ieee80211_key *k = &cmd->key; 1773 uint32_t attr; 1774 uint16_t base; 1775 uint8_t mode, wcid, iv[8]; 1776 1777 /* map net80211 cipher to RT2860 security mode */ 1778 switch (k->wk_cipher->ic_cipher) { 1779 case IEEE80211_CIPHER_WEP: 1780 k->wk_flags |= IEEE80211_KEY_GROUP; /* XXX */ 1781 if (k->wk_keylen == 5) 1782 mode = RT2860_MODE_WEP40; 1783 else 1784 mode = RT2860_MODE_WEP104; 1785 break; 1786 case IEEE80211_CIPHER_TKIP: 1787 mode = RT2860_MODE_TKIP; 1788 break; 1789 case IEEE80211_CIPHER_AES_CCM: 1790 mode = RT2860_MODE_AES_CCMP; 1791 break; 1792 default: 1793 return; 1794 } 1795 1796 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1797 wcid = 0; /* NB: update WCID0 for group keys */ 1798 base = RT2860_SKEY(0, k->wk_keyix); 1799 } else { 1800 wcid = RUN_AID2WCID(cmd->associd); 1801 base = RT2860_PKEY(wcid); 1802 } 1803 1804 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 1805 run_write_region_1(sc, base, k->wk_key, 16); 1806 #ifndef IEEE80211_STA_ONLY 1807 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 1808 run_write_region_1(sc, base + 16, &k->wk_key[16], 8); 1809 run_write_region_1(sc, base + 24, &k->wk_key[24], 8); 1810 } else 1811 #endif 1812 { 1813 run_write_region_1(sc, base + 16, &k->wk_key[24], 8); 1814 run_write_region_1(sc, base + 24, &k->wk_key[16], 8); 1815 } 1816 } else { 1817 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1818 run_write_region_1(sc, base, k->wk_key, 1819 (k->wk_keylen + 1) & ~1); 1820 } 1821 1822 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 1823 (k->wk_flags & IEEE80211_KEY_XMIT)) { 1824 /* set initial packet number in IV+EIV */ 1825 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_WEP) { 1826 memset(iv, 0, sizeof iv); 1827 iv[3] = sc->sc_ic.ic_crypto.cs_def_txkey << 6; 1828 } else { 1829 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 1830 iv[0] = k->wk_keytsc >> 8; 1831 iv[1] = (iv[0] | 0x20) & 0x7f; 1832 iv[2] = k->wk_keytsc; 1833 } else /* CCMP */ { 1834 iv[0] = k->wk_keytsc; 1835 iv[1] = k->wk_keytsc >> 8; 1836 iv[2] = 0; 1837 } 1838 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 1839 iv[4] = k->wk_keytsc >> 16; 1840 iv[5] = k->wk_keytsc >> 24; 1841 iv[6] = k->wk_keytsc >> 32; 1842 iv[7] = k->wk_keytsc >> 40; 1843 } 1844 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8); 1845 } 1846 1847 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1848 /* install group key */ 1849 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 1850 attr &= ~(0xf << (k->wk_keyix * 4)); 1851 attr |= mode << (k->wk_keyix * 4); 1852 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 1853 } else { 1854 /* install pairwise key */ 1855 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 1856 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 1857 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 1858 } 1859 } 1860 1861 static int 1862 run_delete_key(struct ieee80211com *ic, const struct ieee80211_key *k) 1863 { 1864 struct run_softc *sc = ic->ic_ifp->if_softc; 1865 struct ieee80211_node *ni = ic->ic_bss; 1866 struct run_cmd_key cmd; 1867 1868 /* do it in a process context */ 1869 cmd.key = *k; 1870 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1871 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd); 1872 return 1; 1873 } 1874 1875 static void 1876 run_delete_key_cb(struct run_softc *sc, void *arg) 1877 { 1878 struct run_cmd_key *cmd = arg; 1879 struct ieee80211_key *k = &cmd->key; 1880 uint32_t attr; 1881 uint8_t wcid; 1882 1883 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_WEP) 1884 k->wk_flags |= IEEE80211_KEY_GROUP; /* XXX */ 1885 1886 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1887 /* remove group key */ 1888 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 1889 attr &= ~(0xf << (k->wk_keyix * 4)); 1890 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 1891 1892 } else { 1893 /* remove pairwise key */ 1894 wcid = RUN_AID2WCID(cmd->associd); 1895 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 1896 attr &= ~0xf; 1897 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 1898 } 1899 } 1900 #endif 1901 1902 static void 1903 run_calibrate_to(void *arg) 1904 { 1905 1906 /* do it in a process context */ 1907 run_do_async(arg, run_calibrate_cb, NULL, 0); 1908 /* next timeout will be rescheduled in the calibration task */ 1909 } 1910 1911 /* ARGSUSED */ 1912 static void 1913 run_calibrate_cb(struct run_softc *sc, void *arg) 1914 { 1915 struct ifnet *ifp = &sc->sc_if; 1916 uint32_t sta[3]; 1917 int s, error; 1918 1919 /* read statistic counters (clear on read) and update AMRR state */ 1920 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 1921 sizeof sta); 1922 if (error != 0) 1923 goto skip; 1924 1925 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n", 1926 le32toh(sta[1]) >> 16, le32toh(sta[1]) & 0xffff, 1927 le32toh(sta[0]) & 0xffff)); 1928 1929 s = splnet(); 1930 /* count failed TX as errors */ 1931 ifp->if_oerrors += le32toh(sta[0]) & 0xffff; 1932 1933 sc->amn.amn_retrycnt = 1934 (le32toh(sta[0]) & 0xffff) + /* failed TX count */ 1935 (le32toh(sta[1]) >> 16); /* TX retransmission count */ 1936 1937 sc->amn.amn_txcnt = 1938 sc->amn.amn_retrycnt + 1939 (le32toh(sta[1]) & 0xffff); /* successful TX count */ 1940 1941 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn); 1942 splx(s); 1943 1944 skip: callout_schedule(&sc->calib_to, hz); 1945 } 1946 1947 static void 1948 run_newassoc(struct ieee80211_node *ni, int isnew) 1949 { 1950 struct run_softc *sc = ni->ni_ic->ic_ifp->if_softc; 1951 struct run_node *rn = (void *)ni; 1952 struct ieee80211_rateset *rs = &ni->ni_rates; 1953 uint8_t rate; 1954 int ridx, i, j; 1955 1956 DPRINTF(("new assoc isnew=%d addr=%s\n", 1957 isnew, ether_sprintf(ni->ni_macaddr))); 1958 1959 ieee80211_amrr_node_init(&sc->amrr, &sc->amn); 1960 /* start at lowest available bit-rate, AMRR will raise */ 1961 ni->ni_txrate = 0; 1962 1963 for (i = 0; i < rs->rs_nrates; i++) { 1964 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 1965 /* convert 802.11 rate to hardware rate index */ 1966 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 1967 if (rt2860_rates[ridx].rate == rate) 1968 break; 1969 rn->ridx[i] = ridx; 1970 /* determine rate of control response frames */ 1971 for (j = i; j >= 0; j--) { 1972 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 1973 rt2860_rates[rn->ridx[i]].phy == 1974 rt2860_rates[rn->ridx[j]].phy) 1975 break; 1976 } 1977 if (j >= 0) { 1978 rn->ctl_ridx[i] = rn->ridx[j]; 1979 } else { 1980 /* no basic rate found, use mandatory one */ 1981 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 1982 } 1983 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n", 1984 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i])); 1985 } 1986 } 1987 1988 /* 1989 * Return the Rx chain with the highest RSSI for a given frame. 1990 */ 1991 static __inline uint8_t 1992 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 1993 { 1994 uint8_t rxchain = 0; 1995 1996 if (sc->nrxchains > 1) { 1997 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 1998 rxchain = 1; 1999 if (sc->nrxchains > 2) 2000 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2001 rxchain = 2; 2002 } 2003 return (rxchain); 2004 } 2005 2006 static void 2007 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen) 2008 { 2009 struct ieee80211com *ic = &sc->sc_ic; 2010 struct ifnet *ifp = &sc->sc_if; 2011 struct ieee80211_frame *wh; 2012 struct ieee80211_node *ni; 2013 struct rt2870_rxd *rxd; 2014 struct rt2860_rxwi *rxwi; 2015 struct mbuf *m; 2016 uint32_t flags; 2017 uint16_t len, phy; 2018 uint8_t ant, rssi; 2019 int s; 2020 #ifdef RUN_HWCRYPTO 2021 int decrypted = 0; 2022 #endif 2023 2024 rxwi = (struct rt2860_rxwi *)buf; 2025 len = le16toh(rxwi->len) & 0xfff; 2026 if (__predict_false(len > dmalen)) { 2027 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen)); 2028 return; 2029 } 2030 /* Rx descriptor is located at the end */ 2031 rxd = (struct rt2870_rxd *)(buf + dmalen); 2032 flags = le32toh(rxd->flags); 2033 2034 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2035 ifp->if_ierrors++; 2036 return; 2037 } 2038 2039 wh = (struct ieee80211_frame *)(rxwi + 1); 2040 #ifdef RUN_HWCRYPTO 2041 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2042 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 2043 decrypted = 1; 2044 } 2045 #endif 2046 2047 if (__predict_false((flags & RT2860_RX_MICERR))) { 2048 /* report MIC failures to net80211 for TKIP */ 2049 ieee80211_notify_michael_failure(ic, wh, 0/* XXX */); 2050 ifp->if_ierrors++; 2051 return; 2052 } 2053 2054 if (flags & RT2860_RX_L2PAD) { 2055 u_int hdrlen = ieee80211_hdrspace(ic, wh); 2056 ovbcopy(wh, (uint8_t *)wh + 2, hdrlen); 2057 wh = (struct ieee80211_frame *)((uint8_t *)wh + 2); 2058 } 2059 2060 /* could use m_devget but net80211 wants contig mgmt frames */ 2061 MGETHDR(m, M_DONTWAIT, MT_DATA); 2062 if (__predict_false(m == NULL)) { 2063 ifp->if_ierrors++; 2064 return; 2065 } 2066 if (len > MHLEN) { 2067 MCLGET(m, M_DONTWAIT); 2068 if (__predict_false(!(m->m_flags & M_EXT))) { 2069 ifp->if_ierrors++; 2070 m_freem(m); 2071 return; 2072 } 2073 } 2074 /* finalize mbuf */ 2075 m->m_pkthdr.rcvif = ifp; 2076 memcpy(mtod(m, void *), wh, len); 2077 m->m_pkthdr.len = m->m_len = len; 2078 2079 ant = run_maxrssi_chain(sc, rxwi); 2080 rssi = rxwi->rssi[ant]; 2081 2082 if (__predict_false(sc->sc_drvbpf != NULL)) { 2083 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2084 2085 tap->wr_flags = 0; 2086 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2087 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2088 tap->wr_antsignal = rssi; 2089 tap->wr_antenna = ant; 2090 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2091 tap->wr_rate = 2; /* in case it can't be found below */ 2092 phy = le16toh(rxwi->phy); 2093 switch (phy & RT2860_PHY_MODE) { 2094 case RT2860_PHY_CCK: 2095 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2096 case 0: tap->wr_rate = 2; break; 2097 case 1: tap->wr_rate = 4; break; 2098 case 2: tap->wr_rate = 11; break; 2099 case 3: tap->wr_rate = 22; break; 2100 } 2101 if (phy & RT2860_PHY_SHPRE) 2102 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2103 break; 2104 case RT2860_PHY_OFDM: 2105 switch (phy & RT2860_PHY_MCS) { 2106 case 0: tap->wr_rate = 12; break; 2107 case 1: tap->wr_rate = 18; break; 2108 case 2: tap->wr_rate = 24; break; 2109 case 3: tap->wr_rate = 36; break; 2110 case 4: tap->wr_rate = 48; break; 2111 case 5: tap->wr_rate = 72; break; 2112 case 6: tap->wr_rate = 96; break; 2113 case 7: tap->wr_rate = 108; break; 2114 } 2115 break; 2116 } 2117 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 2118 } 2119 2120 s = splnet(); 2121 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 2122 #ifdef RUN_HWCRYPTO 2123 if (decrypted) { 2124 uint32_t icflags = ic->ic_flags; 2125 2126 ic->ic_flags &= ~IEEE80211_F_DROPUNENC; /* XXX */ 2127 ieee80211_input(ic, m, ni, rssi, 0); 2128 ic->ic_flags = icflags; 2129 } else 2130 #endif 2131 ieee80211_input(ic, m, ni, rssi, 0); 2132 2133 /* node is no longer needed */ 2134 ieee80211_free_node(ni); 2135 2136 /* 2137 * In HostAP mode, ieee80211_input() will enqueue packets in if_snd 2138 * without calling if_start(). 2139 */ 2140 if (!IFQ_IS_EMPTY(&ifp->if_snd) && !(ifp->if_flags & IFF_OACTIVE)) 2141 run_start(ifp); 2142 2143 splx(s); 2144 } 2145 2146 static void 2147 run_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2148 { 2149 struct run_rx_data *data = priv; 2150 struct run_softc *sc = data->sc; 2151 uint8_t *buf; 2152 uint32_t dmalen; 2153 int xferlen; 2154 2155 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2156 DPRINTF(("RX status=%d\n", status)); 2157 if (status == USBD_STALLED) 2158 usbd_clear_endpoint_stall_async(sc->rxq.pipeh); 2159 if (status != USBD_CANCELLED) 2160 goto skip; 2161 return; 2162 } 2163 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL); 2164 2165 if (__predict_false(xferlen < (int)(sizeof(uint32_t) + 2166 sizeof(struct rt2860_rxwi) + sizeof(struct rt2870_rxd)))) { 2167 DPRINTF(("xfer too short %d\n", xferlen)); 2168 goto skip; 2169 } 2170 2171 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2172 buf = data->buf; 2173 while (xferlen > 8) { 2174 dmalen = le32toh(*(uint32_t *)buf) & 0xffff; 2175 2176 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) { 2177 DPRINTF(("bad DMA length %u (%x)\n", dmalen, dmalen)); 2178 break; 2179 } 2180 if (__predict_false(dmalen + 8 > (uint32_t)xferlen)) { 2181 DPRINTF(("bad DMA length %u > %d\n", 2182 dmalen + 8, xferlen)); 2183 break; 2184 } 2185 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen); 2186 buf += dmalen + 8; 2187 xferlen -= dmalen + 8; 2188 } 2189 2190 skip: /* setup a new transfer */ 2191 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ, 2192 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof); 2193 (void)usbd_transfer(data->xfer); 2194 } 2195 2196 static void 2197 run_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2198 { 2199 struct run_tx_data *data = priv; 2200 struct run_softc *sc = data->sc; 2201 struct run_tx_ring *txq = &sc->txq[data->qid]; 2202 struct ifnet *ifp = &sc->sc_if; 2203 int s; 2204 2205 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2206 DPRINTF(("TX status=%d\n", status)); 2207 if (status == USBD_STALLED) 2208 usbd_clear_endpoint_stall_async(txq->pipeh); 2209 ifp->if_oerrors++; 2210 return; 2211 } 2212 2213 s = splnet(); 2214 sc->sc_tx_timer = 0; 2215 ifp->if_opackets++; 2216 if (--txq->queued < RUN_TX_RING_COUNT) { 2217 sc->qfullmsk &= ~(1 << data->qid); 2218 ifp->if_flags &= ~IFF_OACTIVE; 2219 run_start(ifp); 2220 } 2221 splx(s); 2222 } 2223 2224 static int 2225 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2226 { 2227 struct ieee80211com *ic = &sc->sc_ic; 2228 struct run_node *rn = (void *)ni; 2229 struct ieee80211_frame *wh; 2230 #ifndef RUN_HWCRYPTO 2231 struct ieee80211_key *k; 2232 #endif 2233 struct run_tx_ring *ring; 2234 struct run_tx_data *data; 2235 struct rt2870_txd *txd; 2236 struct rt2860_txwi *txwi; 2237 uint16_t dur; 2238 uint8_t type, mcs, tid, qid, qos = 0; 2239 int error, hasqos, ridx, ctl_ridx, xferlen; 2240 2241 wh = mtod(m, struct ieee80211_frame *); 2242 2243 #ifndef RUN_HWCRYPTO 2244 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2245 k = ieee80211_crypto_encap(ic, ni, m); 2246 if (k == NULL) { 2247 m_freem(m); 2248 return (ENOBUFS); 2249 } 2250 2251 /* packet header may have moved, reset our local pointer */ 2252 wh = mtod(m, struct ieee80211_frame *); 2253 } 2254 #endif 2255 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2256 2257 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 2258 qos = ((struct ieee80211_qosframe *)wh)->i_qos[0]; 2259 tid = qos & IEEE80211_QOS_TID; 2260 qid = TID_TO_WME_AC(tid); 2261 } else { 2262 tid = 0; 2263 qid = WME_AC_BE; 2264 } 2265 ring = &sc->txq[qid]; 2266 data = &ring->data[ring->cur]; 2267 2268 /* pickup a rate index */ 2269 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2270 type != IEEE80211_FC0_TYPE_DATA) { 2271 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2272 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2273 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2274 } else if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 2275 ridx = sc->fixed_ridx; 2276 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2277 } else { 2278 ridx = rn->ridx[ni->ni_txrate]; 2279 ctl_ridx = rn->ctl_ridx[ni->ni_txrate]; 2280 } 2281 2282 /* get MCS code from rate index */ 2283 mcs = rt2860_rates[ridx].mcs; 2284 2285 xferlen = sizeof (*txwi) + m->m_pkthdr.len; 2286 /* roundup to 32-bit alignment */ 2287 xferlen = (xferlen + 3) & ~3; 2288 2289 txd = (struct rt2870_txd *)data->buf; 2290 txd->flags = RT2860_TX_QSEL_EDCA; 2291 txd->len = htole16(xferlen); 2292 2293 /* setup TX Wireless Information */ 2294 txwi = (struct rt2860_txwi *)(txd + 1); 2295 txwi->flags = 0; 2296 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ; 2297 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2298 RUN_AID2WCID(ni->ni_associd) : 0xff; 2299 txwi->len = htole16(m->m_pkthdr.len); 2300 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2301 txwi->phy = htole16(RT2860_PHY_CCK); 2302 if (ridx != RT2860_RIDX_CCK1 && 2303 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2304 mcs |= RT2860_PHY_SHPRE; 2305 } else 2306 txwi->phy = htole16(RT2860_PHY_OFDM); 2307 txwi->phy |= htole16(mcs); 2308 2309 txwi->txop = RT2860_TX_TXOP_BACKOFF; 2310 2311 #define IEEE80211_QOS_ACKPOLICY_NOACK 0x20 2312 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2313 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 2314 IEEE80211_QOS_ACKPOLICY_NOACK)) { 2315 txwi->xflags |= RT2860_TX_ACK; 2316 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2317 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 2318 else 2319 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 2320 *(uint16_t *)wh->i_dur = htole16(dur); 2321 } 2322 2323 #ifndef IEEE80211_STA_ONLY 2324 /* ask MAC to insert timestamp into probe responses */ 2325 if ((wh->i_fc[0] & 2326 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 2327 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 2328 /* NOTE: beacons do not pass through tx_data() */ 2329 txwi->flags |= RT2860_TX_TS; 2330 #endif 2331 2332 if (__predict_false(sc->sc_drvbpf != NULL)) { 2333 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2334 2335 tap->wt_flags = 0; 2336 tap->wt_rate = rt2860_rates[ridx].rate; 2337 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 2338 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 2339 tap->wt_hwqueue = qid; 2340 if (mcs & RT2860_PHY_SHPRE) 2341 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2342 2343 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 2344 } 2345 2346 m_copydata(m, 0, m->m_pkthdr.len, (void *)(txwi + 1)); 2347 m_freem(m); 2348 2349 xferlen += sizeof (*txd) + 4; 2350 2351 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen, 2352 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof); 2353 error = usbd_transfer(data->xfer); 2354 if (__predict_false(error != USBD_IN_PROGRESS && 2355 error != USBD_NORMAL_COMPLETION)) 2356 return (error); 2357 2358 ieee80211_free_node(ni); 2359 2360 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT; 2361 if (++ring->queued >= RUN_TX_RING_COUNT) 2362 sc->qfullmsk |= 1 << qid; 2363 2364 return (0); 2365 } 2366 2367 static void 2368 run_start(struct ifnet *ifp) 2369 { 2370 struct run_softc *sc = ifp->if_softc; 2371 struct ieee80211com *ic = &sc->sc_ic; 2372 struct ether_header *eh; 2373 struct ieee80211_node *ni; 2374 struct mbuf *m; 2375 2376 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2377 return; 2378 2379 for (;;) { 2380 if (sc->qfullmsk != 0) { 2381 ifp->if_flags |= IFF_OACTIVE; 2382 break; 2383 } 2384 /* send pending management frames first */ 2385 IF_DEQUEUE(&ic->ic_mgtq, m); 2386 if (m != NULL) { 2387 ni = (void *)m->m_pkthdr.rcvif; 2388 m->m_pkthdr.rcvif = NULL; 2389 goto sendit; 2390 } 2391 if (ic->ic_state != IEEE80211_S_RUN) 2392 break; 2393 2394 /* encapsulate and send data frames */ 2395 IFQ_DEQUEUE(&ifp->if_snd, m); 2396 if (m == NULL) 2397 break; 2398 if (m->m_len < (int)sizeof(*eh) && 2399 (m = m_pullup(m, sizeof(*eh))) == NULL) { 2400 ifp->if_oerrors++; 2401 continue; 2402 } 2403 2404 eh = mtod(m, struct ether_header *); 2405 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2406 if (ni == NULL) { 2407 m_freem(m); 2408 ifp->if_oerrors++; 2409 continue; 2410 } 2411 2412 bpf_mtap(ifp, m); 2413 2414 if ((m = ieee80211_encap(ic, m, ni)) == NULL) { 2415 ieee80211_free_node(ni); 2416 ifp->if_oerrors++; 2417 continue; 2418 } 2419 sendit: 2420 bpf_mtap3(ic->ic_rawbpf, m); 2421 2422 if (run_tx(sc, m, ni) != 0) { 2423 ieee80211_free_node(ni); 2424 ifp->if_oerrors++; 2425 continue; 2426 } 2427 2428 sc->sc_tx_timer = 5; 2429 ifp->if_timer = 1; 2430 } 2431 } 2432 2433 static void 2434 run_watchdog(struct ifnet *ifp) 2435 { 2436 struct run_softc *sc = ifp->if_softc; 2437 struct ieee80211com *ic = &sc->sc_ic; 2438 2439 ifp->if_timer = 0; 2440 2441 if (sc->sc_tx_timer > 0) { 2442 if (--sc->sc_tx_timer == 0) { 2443 aprint_error_dev(sc->sc_dev, "device timeout\n"); 2444 /* run_init(ifp); XXX needs a process context! */ 2445 ifp->if_oerrors++; 2446 return; 2447 } 2448 ifp->if_timer = 1; 2449 } 2450 2451 ieee80211_watchdog(ic); 2452 } 2453 2454 static int 2455 run_ioctl(struct ifnet *ifp, u_long cmd, void *data) 2456 { 2457 struct run_softc *sc = ifp->if_softc; 2458 struct ieee80211com *ic = &sc->sc_ic; 2459 int s, error = 0; 2460 2461 s = splnet(); 2462 2463 switch (cmd) { 2464 case SIOCSIFFLAGS: 2465 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 2466 break; 2467 switch (ifp->if_flags & (IFF_UP|IFF_RUNNING)) { 2468 case IFF_UP|IFF_RUNNING: 2469 break; 2470 case IFF_UP: 2471 run_init(ifp); 2472 break; 2473 case IFF_RUNNING: 2474 run_stop(ifp, 1); 2475 break; 2476 case 0: 2477 break; 2478 } 2479 break; 2480 2481 case SIOCADDMULTI: 2482 case SIOCDELMULTI: 2483 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 2484 /* setup multicast filter, etc */ 2485 error = 0; 2486 } 2487 break; 2488 2489 default: 2490 error = ieee80211_ioctl(ic, cmd, data); 2491 break; 2492 } 2493 2494 if (error == ENETRESET) { 2495 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2496 (IFF_UP | IFF_RUNNING)) { 2497 run_init(ifp); 2498 } 2499 error = 0; 2500 } 2501 2502 splx(s); 2503 2504 return (error); 2505 } 2506 2507 static void 2508 run_select_chan_group(struct run_softc *sc, int group) 2509 { 2510 uint32_t tmp; 2511 uint8_t agc; 2512 2513 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 2514 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 2515 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 2516 run_bbp_write(sc, 86, 0x00); 2517 2518 if (group == 0) { 2519 if (sc->ext_2ghz_lna) { 2520 run_bbp_write(sc, 82, 0x62); 2521 run_bbp_write(sc, 75, 0x46); 2522 } else { 2523 run_bbp_write(sc, 82, 0x84); 2524 run_bbp_write(sc, 75, 0x50); 2525 } 2526 } else { 2527 if (sc->mac_ver == 0x3572) 2528 run_bbp_write(sc, 82, 0x94); 2529 else 2530 run_bbp_write(sc, 82, 0xf2); 2531 if (sc->ext_5ghz_lna) 2532 run_bbp_write(sc, 75, 0x46); 2533 else 2534 run_bbp_write(sc, 75, 0x50); 2535 } 2536 2537 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 2538 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 2539 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 2540 run_write(sc, RT2860_TX_BAND_CFG, tmp); 2541 2542 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 2543 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 2544 if (sc->nrxchains > 1) 2545 tmp |= RT2860_LNA_PE1_EN; 2546 if (group == 0) { /* 2GHz */ 2547 tmp |= RT2860_PA_PE_G0_EN; 2548 if (sc->ntxchains > 1) 2549 tmp |= RT2860_PA_PE_G1_EN; 2550 } else { /* 5GHz */ 2551 tmp |= RT2860_PA_PE_A0_EN; 2552 if (sc->ntxchains > 1) 2553 tmp |= RT2860_PA_PE_A1_EN; 2554 } 2555 if (sc->mac_ver == 0x3572) { 2556 run_rt3070_rf_write(sc, 8, 0x00); 2557 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2558 run_rt3070_rf_write(sc, 8, 0x80); 2559 } else 2560 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2561 2562 /* set initial AGC value */ 2563 if (group == 0) { /* 2GHz band */ 2564 if (sc->mac_ver >= 0x3070) 2565 agc = 0x1c + sc->lna[0] * 2; 2566 else 2567 agc = 0x2e + sc->lna[0]; 2568 } else { /* 5GHz band */ 2569 if (sc->mac_ver == 0x3572) 2570 agc = 0x22 + (sc->lna[group] * 5) / 3; 2571 else 2572 agc = 0x32 + (sc->lna[group] * 5) / 3; 2573 } 2574 run_set_agc(sc, agc); 2575 } 2576 2577 static void 2578 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 2579 { 2580 const struct rfprog *rfprog = rt2860_rf2850; 2581 uint32_t r2, r3, r4; 2582 int8_t txpow1, txpow2; 2583 int i; 2584 2585 /* find the settings for this channel (we know it exists) */ 2586 for (i = 0; rfprog[i].chan != chan; i++); 2587 2588 r2 = rfprog[i].r2; 2589 if (sc->ntxchains == 1) 2590 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 2591 if (sc->nrxchains == 1) 2592 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2593 else if (sc->nrxchains == 2) 2594 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 2595 2596 /* use Tx power values from EEPROM */ 2597 txpow1 = sc->txpow1[i]; 2598 txpow2 = sc->txpow2[i]; 2599 if (chan > 14) { 2600 if (txpow1 >= 0) 2601 txpow1 = txpow1 << 1 | 1; 2602 else 2603 txpow1 = (7 + txpow1) << 1; 2604 if (txpow2 >= 0) 2605 txpow2 = txpow2 << 1 | 1; 2606 else 2607 txpow2 = (7 + txpow2) << 1; 2608 } 2609 r3 = rfprog[i].r3 | txpow1 << 7; 2610 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 2611 2612 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2613 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2614 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2615 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2616 2617 DELAY(200); 2618 2619 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2620 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2621 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 2622 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2623 2624 DELAY(200); 2625 2626 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2627 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2628 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2629 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2630 } 2631 2632 static void 2633 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 2634 { 2635 int8_t txpow1, txpow2; 2636 uint8_t rf; 2637 int i; 2638 2639 KASSERT(chan >= 1 && chan <= 14); /* RT3070 is 2GHz only */ 2640 2641 /* find the settings for this channel (we know it exists) */ 2642 for (i = 0; rt2860_rf2850[i].chan != chan; i++) 2643 continue; 2644 2645 /* use Tx power values from EEPROM */ 2646 txpow1 = sc->txpow1[i]; 2647 txpow2 = sc->txpow2[i]; 2648 2649 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2650 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 2651 run_rt3070_rf_read(sc, 6, &rf); 2652 rf = (rf & ~0x03) | rt3070_freqs[i].r; 2653 run_rt3070_rf_write(sc, 6, rf); 2654 2655 /* set Tx0 power */ 2656 run_rt3070_rf_read(sc, 12, &rf); 2657 rf = (rf & ~0x1f) | txpow1; 2658 run_rt3070_rf_write(sc, 12, rf); 2659 2660 /* set Tx1 power */ 2661 run_rt3070_rf_read(sc, 13, &rf); 2662 rf = (rf & ~0x1f) | txpow2; 2663 run_rt3070_rf_write(sc, 13, rf); 2664 2665 run_rt3070_rf_read(sc, 1, &rf); 2666 rf &= ~0xfc; 2667 if (sc->ntxchains == 1) 2668 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2669 else if (sc->ntxchains == 2) 2670 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2671 if (sc->nrxchains == 1) 2672 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2673 else if (sc->nrxchains == 2) 2674 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2675 run_rt3070_rf_write(sc, 1, rf); 2676 2677 /* set RF offset */ 2678 run_rt3070_rf_read(sc, 23, &rf); 2679 rf = (rf & ~0x7f) | sc->freq; 2680 run_rt3070_rf_write(sc, 23, rf); 2681 2682 /* program RF filter */ 2683 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 2684 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2685 run_rt3070_rf_write(sc, 24, rf); 2686 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 2687 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2688 run_rt3070_rf_write(sc, 31, rf); 2689 2690 /* enable RF tuning */ 2691 run_rt3070_rf_read(sc, 7, &rf); 2692 run_rt3070_rf_write(sc, 7, rf | 0x01); 2693 } 2694 2695 static void 2696 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 2697 { 2698 int8_t txpow1, txpow2; 2699 uint32_t tmp; 2700 uint8_t rf; 2701 int i; 2702 2703 /* find the settings for this channel (we know it exists) */ 2704 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 2705 2706 /* use Tx power values from EEPROM */ 2707 txpow1 = sc->txpow1[i]; 2708 txpow2 = sc->txpow2[i]; 2709 2710 if (chan <= 14) { 2711 run_bbp_write(sc, 25, sc->bbp25); 2712 run_bbp_write(sc, 26, sc->bbp26); 2713 } else { 2714 /* enable IQ phase correction */ 2715 run_bbp_write(sc, 25, 0x09); 2716 run_bbp_write(sc, 26, 0xff); 2717 } 2718 2719 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2720 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 2721 run_rt3070_rf_read(sc, 6, &rf); 2722 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 2723 rf |= (chan <= 14) ? 0x08 : 0x04; 2724 run_rt3070_rf_write(sc, 6, rf); 2725 2726 /* set PLL mode */ 2727 run_rt3070_rf_read(sc, 5, &rf); 2728 rf &= ~(0x08 | 0x04); 2729 rf |= (chan <= 14) ? 0x04 : 0x08; 2730 run_rt3070_rf_write(sc, 5, rf); 2731 2732 /* set Tx power for chain 0 */ 2733 if (chan <= 14) 2734 rf = 0x60 | txpow1; 2735 else 2736 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 2737 run_rt3070_rf_write(sc, 12, rf); 2738 2739 /* set Tx power for chain 1 */ 2740 if (chan <= 14) 2741 rf = 0x60 | txpow2; 2742 else 2743 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 2744 run_rt3070_rf_write(sc, 13, rf); 2745 2746 /* set Tx/Rx streams */ 2747 run_rt3070_rf_read(sc, 1, &rf); 2748 rf &= ~0xfc; 2749 if (sc->ntxchains == 1) 2750 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2751 else if (sc->ntxchains == 2) 2752 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2753 if (sc->nrxchains == 1) 2754 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2755 else if (sc->nrxchains == 2) 2756 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2757 run_rt3070_rf_write(sc, 1, rf); 2758 2759 /* set RF offset */ 2760 run_rt3070_rf_read(sc, 23, &rf); 2761 rf = (rf & ~0x7f) | sc->freq; 2762 run_rt3070_rf_write(sc, 23, rf); 2763 2764 /* program RF filter */ 2765 rf = sc->rf24_20mhz; 2766 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 2767 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 2768 2769 /* enable RF tuning */ 2770 run_rt3070_rf_read(sc, 7, &rf); 2771 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 2772 run_rt3070_rf_write(sc, 7, rf); 2773 2774 /* TSSI */ 2775 rf = (chan <= 14) ? 0xc3 : 0xc0; 2776 run_rt3070_rf_write(sc, 9, rf); 2777 2778 /* set loop filter 1 */ 2779 run_rt3070_rf_write(sc, 10, 0xf1); 2780 /* set loop filter 2 */ 2781 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 2782 2783 /* set tx_mx2_ic */ 2784 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 2785 /* set tx_mx1_ic */ 2786 if (chan <= 14) 2787 rf = 0x48 | sc->txmixgain_2ghz; 2788 else 2789 rf = 0x78 | sc->txmixgain_5ghz; 2790 run_rt3070_rf_write(sc, 16, rf); 2791 2792 /* set tx_lo1 */ 2793 run_rt3070_rf_write(sc, 17, 0x23); 2794 /* set tx_lo2 */ 2795 if (chan <= 14) 2796 rf = 0x93; 2797 else if (chan <= 64) 2798 rf = 0xb7; 2799 else if (chan <= 128) 2800 rf = 0x74; 2801 else 2802 rf = 0x72; 2803 run_rt3070_rf_write(sc, 19, rf); 2804 2805 /* set rx_lo1 */ 2806 if (chan <= 14) 2807 rf = 0xb3; 2808 else if (chan <= 64) 2809 rf = 0xf6; 2810 else if (chan <= 128) 2811 rf = 0xf4; 2812 else 2813 rf = 0xf3; 2814 run_rt3070_rf_write(sc, 20, rf); 2815 2816 /* set pfd_delay */ 2817 if (chan <= 14) 2818 rf = 0x15; 2819 else if (chan <= 64) 2820 rf = 0x3d; 2821 else 2822 rf = 0x01; 2823 run_rt3070_rf_write(sc, 25, rf); 2824 2825 /* set rx_lo2 */ 2826 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 2827 /* set ldo_rf_vc */ 2828 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 2829 /* set drv_cc */ 2830 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 2831 2832 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2833 tmp &= ~0x8080; 2834 if (chan <= 14) 2835 tmp |= 0x80; 2836 run_write(sc, RT2860_GPIO_CTRL, tmp); 2837 2838 /* enable RF tuning */ 2839 run_rt3070_rf_read(sc, 7, &rf); 2840 run_rt3070_rf_write(sc, 7, rf | 0x01); 2841 2842 DELAY(2000); 2843 } 2844 2845 static void 2846 run_set_agc(struct run_softc *sc, uint8_t agc) 2847 { 2848 uint8_t bbp; 2849 2850 if (sc->mac_ver == 0x3572) { 2851 run_bbp_read(sc, 27, &bbp); 2852 bbp &= ~(0x3 << 5); 2853 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 2854 run_bbp_write(sc, 66, agc); 2855 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 2856 run_bbp_write(sc, 66, agc); 2857 } else 2858 run_bbp_write(sc, 66, agc); 2859 } 2860 2861 static void 2862 run_set_rx_antenna(struct run_softc *sc, int aux) 2863 { 2864 uint32_t tmp; 2865 2866 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, !aux); 2867 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2868 tmp &= ~0x0808; 2869 if (aux) 2870 tmp |= 0x08; 2871 run_write(sc, RT2860_GPIO_CTRL, tmp); 2872 } 2873 2874 static int 2875 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 2876 { 2877 struct ieee80211com *ic = &sc->sc_ic; 2878 u_int chan, group; 2879 2880 chan = ieee80211_chan2ieee(ic, c); 2881 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2882 return (EINVAL); 2883 2884 if (sc->mac_ver == 0x3572) 2885 run_rt3572_set_chan(sc, chan); 2886 else if (sc->mac_ver >= 0x3070) 2887 run_rt3070_set_chan(sc, chan); 2888 else 2889 run_rt2870_set_chan(sc, chan); 2890 2891 /* determine channel group */ 2892 if (chan <= 14) 2893 group = 0; 2894 else if (chan <= 64) 2895 group = 1; 2896 else if (chan <= 128) 2897 group = 2; 2898 else 2899 group = 3; 2900 2901 /* XXX necessary only when group has changed! */ 2902 run_select_chan_group(sc, group); 2903 2904 DELAY(1000); 2905 return (0); 2906 } 2907 2908 static void 2909 run_enable_tsf_sync(struct run_softc *sc) 2910 { 2911 struct ieee80211com *ic = &sc->sc_ic; 2912 uint32_t tmp; 2913 2914 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2915 tmp &= ~0x1fffff; 2916 tmp |= ic->ic_bss->ni_intval * 16; 2917 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 2918 if (ic->ic_opmode == IEEE80211_M_STA) { 2919 /* 2920 * Local TSF is always updated with remote TSF on beacon 2921 * reception. 2922 */ 2923 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 2924 } 2925 #ifndef IEEE80211_STA_ONLY 2926 else if (ic->ic_opmode == IEEE80211_M_IBSS) { 2927 tmp |= RT2860_BCN_TX_EN; 2928 /* 2929 * Local TSF is updated with remote TSF on beacon reception 2930 * only if the remote TSF is greater than local TSF. 2931 */ 2932 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 2933 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2934 tmp |= RT2860_BCN_TX_EN; 2935 /* SYNC with nobody */ 2936 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 2937 } 2938 #endif 2939 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 2940 } 2941 2942 static void 2943 run_enable_mrr(struct run_softc *sc) 2944 { 2945 #define CCK(mcs) (mcs) 2946 #define OFDM(mcs) (1 << 3 | (mcs)) 2947 run_write(sc, RT2860_LG_FBK_CFG0, 2948 OFDM(6) << 28 | /* 54->48 */ 2949 OFDM(5) << 24 | /* 48->36 */ 2950 OFDM(4) << 20 | /* 36->24 */ 2951 OFDM(3) << 16 | /* 24->18 */ 2952 OFDM(2) << 12 | /* 18->12 */ 2953 OFDM(1) << 8 | /* 12-> 9 */ 2954 OFDM(0) << 4 | /* 9-> 6 */ 2955 OFDM(0)); /* 6-> 6 */ 2956 2957 run_write(sc, RT2860_LG_FBK_CFG1, 2958 CCK(2) << 12 | /* 11->5.5 */ 2959 CCK(1) << 8 | /* 5.5-> 2 */ 2960 CCK(0) << 4 | /* 2-> 1 */ 2961 CCK(0)); /* 1-> 1 */ 2962 #undef OFDM 2963 #undef CCK 2964 } 2965 2966 static void 2967 run_set_txpreamble(struct run_softc *sc) 2968 { 2969 uint32_t tmp; 2970 2971 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 2972 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2973 tmp |= RT2860_CCK_SHORT_EN; 2974 else 2975 tmp &= ~RT2860_CCK_SHORT_EN; 2976 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 2977 } 2978 2979 static void 2980 run_set_basicrates(struct run_softc *sc) 2981 { 2982 struct ieee80211com *ic = &sc->sc_ic; 2983 2984 /* set basic rates mask */ 2985 if (ic->ic_curmode == IEEE80211_MODE_11B) 2986 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 2987 else if (ic->ic_curmode == IEEE80211_MODE_11A) 2988 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 2989 else /* 11g */ 2990 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 2991 } 2992 2993 static void 2994 run_set_leds(struct run_softc *sc, uint16_t which) 2995 { 2996 2997 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 2998 which | (sc->leds & 0x7f)); 2999 } 3000 3001 static void 3002 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 3003 { 3004 3005 run_write(sc, RT2860_MAC_BSSID_DW0, 3006 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3007 run_write(sc, RT2860_MAC_BSSID_DW1, 3008 bssid[4] | bssid[5] << 8); 3009 } 3010 3011 static void 3012 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 3013 { 3014 3015 run_write(sc, RT2860_MAC_ADDR_DW0, 3016 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3017 run_write(sc, RT2860_MAC_ADDR_DW1, 3018 addr[4] | addr[5] << 8 | 0xff << 16); 3019 } 3020 3021 static void 3022 run_updateslot(struct ifnet *ifp) 3023 { 3024 3025 /* do it in a process context */ 3026 run_do_async(ifp->if_softc, run_updateslot_cb, NULL, 0); 3027 } 3028 3029 /* ARGSUSED */ 3030 static void 3031 run_updateslot_cb(struct run_softc *sc, void *arg) 3032 { 3033 uint32_t tmp; 3034 3035 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 3036 tmp &= ~0xff; 3037 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 3038 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 3039 } 3040 3041 static int8_t 3042 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 3043 { 3044 struct ieee80211com *ic = &sc->sc_ic; 3045 struct ieee80211_channel *c = ic->ic_curchan; 3046 int delta; 3047 3048 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3049 u_int chan = ieee80211_chan2ieee(ic, c); 3050 delta = sc->rssi_5ghz[rxchain]; 3051 3052 /* determine channel group */ 3053 if (chan <= 64) 3054 delta -= sc->lna[1]; 3055 else if (chan <= 128) 3056 delta -= sc->lna[2]; 3057 else 3058 delta -= sc->lna[3]; 3059 } else 3060 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 3061 3062 return (-12 - delta - rssi); 3063 } 3064 3065 static int 3066 run_bbp_init(struct run_softc *sc) 3067 { 3068 int i, error, ntries; 3069 uint8_t bbp0; 3070 3071 /* wait for BBP to wake up */ 3072 for (ntries = 0; ntries < 20; ntries++) { 3073 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 3074 return (error); 3075 if (bbp0 != 0 && bbp0 != 0xff) 3076 break; 3077 } 3078 if (ntries == 20) 3079 return (ETIMEDOUT); 3080 3081 /* initialize BBP registers to default values */ 3082 for (i = 0; i < (int)__arraycount(rt2860_def_bbp); i++) { 3083 run_bbp_write(sc, rt2860_def_bbp[i].reg, 3084 rt2860_def_bbp[i].val); 3085 } 3086 3087 /* fix BBP84 for RT2860E */ 3088 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 3089 run_bbp_write(sc, 84, 0x19); 3090 3091 if (sc->mac_ver >= 0x3070) { 3092 run_bbp_write(sc, 79, 0x13); 3093 run_bbp_write(sc, 80, 0x05); 3094 run_bbp_write(sc, 81, 0x33); 3095 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 3096 run_bbp_write(sc, 69, 0x16); 3097 run_bbp_write(sc, 73, 0x12); 3098 } 3099 return (0); 3100 } 3101 3102 static int 3103 run_rt3070_rf_init(struct run_softc *sc) 3104 { 3105 uint32_t tmp; 3106 uint8_t rf, target, bbp4; 3107 int i; 3108 3109 run_rt3070_rf_read(sc, 30, &rf); 3110 /* toggle RF R30 bit 7 */ 3111 run_rt3070_rf_write(sc, 30, rf | 0x80); 3112 DELAY(1000); 3113 run_rt3070_rf_write(sc, 30, rf & ~0x80); 3114 3115 /* initialize RF registers to default value */ 3116 if (sc->mac_ver == 0x3572) { 3117 for (i = 0; i < (int)__arraycount(rt3572_def_rf); i++) { 3118 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 3119 rt3572_def_rf[i].val); 3120 } 3121 } else { 3122 for (i = 0; i < (int)__arraycount(rt3070_def_rf); i++) { 3123 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3124 rt3070_def_rf[i].val); 3125 } 3126 } 3127 if (sc->mac_ver == 0x3572) { 3128 run_rt3070_rf_read(sc, 6, &rf); 3129 run_rt3070_rf_write(sc, 6, rf | 0x40); 3130 3131 /* increase voltage from 1.2V to 1.35V */ 3132 run_read(sc, RT3070_LDO_CFG0, &tmp); 3133 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3134 run_write(sc, RT3070_LDO_CFG0, tmp); 3135 if (sc->mac_rev >= 0x0211 || !sc->patch_dac) { 3136 /* decrease voltage back to 1.2V */ 3137 DELAY(1000); 3138 tmp = (tmp & ~0x1f000000) | 0x01000000; 3139 run_write(sc, RT3070_LDO_CFG0, tmp); 3140 } 3141 } else if (sc->mac_ver == 0x3071) { 3142 run_rt3070_rf_read(sc, 6, &rf); 3143 run_rt3070_rf_write(sc, 6, rf | 0x40); 3144 run_rt3070_rf_write(sc, 31, 0x14); 3145 3146 run_read(sc, RT3070_LDO_CFG0, &tmp); 3147 tmp &= ~0x1f000000; 3148 if (sc->mac_rev < 0x0211) 3149 tmp |= 0x0d000000; /* 1.35V */ 3150 else 3151 tmp |= 0x01000000; /* 1.2V */ 3152 run_write(sc, RT3070_LDO_CFG0, tmp); 3153 3154 /* patch LNA_PE_G1 */ 3155 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3156 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3157 } else if (sc->mac_ver == 0x3070) { 3158 /* increase voltage from 1.2V to 1.35V */ 3159 run_read(sc, RT3070_LDO_CFG0, &tmp); 3160 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3161 run_write(sc, RT3070_LDO_CFG0, tmp); 3162 } 3163 3164 /* select 20MHz bandwidth */ 3165 run_rt3070_rf_read(sc, 31, &rf); 3166 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3167 3168 /* calibrate filter for 20MHz bandwidth */ 3169 sc->rf24_20mhz = 0x1f; /* default value */ 3170 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 3171 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 3172 3173 /* select 40MHz bandwidth */ 3174 run_bbp_read(sc, 4, &bbp4); 3175 run_bbp_write(sc, 4, (bbp4 & ~0x08) | 0x10); 3176 run_rt3070_rf_read(sc, 31, &rf); 3177 run_rt3070_rf_write(sc, 31, rf | 0x20); 3178 3179 /* calibrate filter for 40MHz bandwidth */ 3180 sc->rf24_40mhz = 0x2f; /* default value */ 3181 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 3182 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 3183 3184 /* go back to 20MHz bandwidth */ 3185 run_bbp_read(sc, 4, &bbp4); 3186 run_bbp_write(sc, 4, bbp4 & ~0x18); 3187 3188 if (sc->mac_ver == 0x3572) { 3189 /* save default BBP registers 25 and 26 values */ 3190 run_bbp_read(sc, 25, &sc->bbp25); 3191 run_bbp_read(sc, 26, &sc->bbp26); 3192 } else if (sc->mac_rev < 0x0211) 3193 run_rt3070_rf_write(sc, 27, 0x03); 3194 3195 run_read(sc, RT3070_OPT_14, &tmp); 3196 run_write(sc, RT3070_OPT_14, tmp | 1); 3197 3198 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 3199 run_rt3070_rf_read(sc, 17, &rf); 3200 rf &= ~RT3070_TX_LO1; 3201 if ((sc->mac_ver == 0x3070 || 3202 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 3203 !sc->ext_2ghz_lna) 3204 rf |= 0x20; /* fix for long range Rx issue */ 3205 if (sc->txmixgain_2ghz >= 1) 3206 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 3207 run_rt3070_rf_write(sc, 17, rf); 3208 } 3209 if (sc->mac_ver == 0x3071) { 3210 run_rt3070_rf_read(sc, 1, &rf); 3211 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 3212 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 3213 run_rt3070_rf_write(sc, 1, rf); 3214 3215 run_rt3070_rf_read(sc, 15, &rf); 3216 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 3217 3218 run_rt3070_rf_read(sc, 20, &rf); 3219 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 3220 3221 run_rt3070_rf_read(sc, 21, &rf); 3222 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 3223 } 3224 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 3225 /* fix Tx to Rx IQ glitch by raising RF voltage */ 3226 run_rt3070_rf_read(sc, 27, &rf); 3227 rf &= ~0x77; 3228 if (sc->mac_rev < 0x0211) 3229 rf |= 0x03; 3230 run_rt3070_rf_write(sc, 27, rf); 3231 } 3232 return (0); 3233 } 3234 3235 static int 3236 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 3237 uint8_t *val) 3238 { 3239 uint8_t rf22, rf24; 3240 uint8_t bbp55_pb, bbp55_sb, delta; 3241 int ntries; 3242 3243 /* program filter */ 3244 run_rt3070_rf_read(sc, 24, &rf24); 3245 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 3246 run_rt3070_rf_write(sc, 24, rf24); 3247 3248 /* enable baseband loopback mode */ 3249 run_rt3070_rf_read(sc, 22, &rf22); 3250 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 3251 3252 /* set power and frequency of passband test tone */ 3253 run_bbp_write(sc, 24, 0x00); 3254 for (ntries = 0; ntries < 100; ntries++) { 3255 /* transmit test tone */ 3256 run_bbp_write(sc, 25, 0x90); 3257 DELAY(1000); 3258 /* read received power */ 3259 run_bbp_read(sc, 55, &bbp55_pb); 3260 if (bbp55_pb != 0) 3261 break; 3262 } 3263 if (ntries == 100) 3264 return (ETIMEDOUT); 3265 3266 /* set power and frequency of stopband test tone */ 3267 run_bbp_write(sc, 24, 0x06); 3268 for (ntries = 0; ntries < 100; ntries++) { 3269 /* transmit test tone */ 3270 run_bbp_write(sc, 25, 0x90); 3271 DELAY(1000); 3272 /* read received power */ 3273 run_bbp_read(sc, 55, &bbp55_sb); 3274 3275 delta = bbp55_pb - bbp55_sb; 3276 if (delta > target) 3277 break; 3278 3279 /* reprogram filter */ 3280 rf24++; 3281 run_rt3070_rf_write(sc, 24, rf24); 3282 } 3283 if (ntries < 100) { 3284 if (rf24 != init) 3285 rf24--; /* backtrack */ 3286 *val = rf24; 3287 run_rt3070_rf_write(sc, 24, rf24); 3288 } 3289 3290 /* restore initial state */ 3291 run_bbp_write(sc, 24, 0x00); 3292 3293 /* disable baseband loopback mode */ 3294 run_rt3070_rf_read(sc, 22, &rf22); 3295 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 3296 3297 return (0); 3298 } 3299 3300 static void 3301 run_rt3070_rf_setup(struct run_softc *sc) 3302 { 3303 uint8_t bbp, rf; 3304 int i; 3305 3306 if (sc->mac_ver == 0x3572) { 3307 /* enable DC filter */ 3308 if (sc->mac_rev >= 0x0201) 3309 run_bbp_write(sc, 103, 0xc0); 3310 3311 run_bbp_read(sc, 138, &bbp); 3312 if (sc->ntxchains == 1) 3313 bbp |= 0x20; /* turn off DAC1 */ 3314 if (sc->nrxchains == 1) 3315 bbp &= ~0x02; /* turn off ADC1 */ 3316 run_bbp_write(sc, 138, bbp); 3317 3318 if (sc->mac_rev >= 0x0211) { 3319 /* improve power consumption */ 3320 run_bbp_read(sc, 31, &bbp); 3321 run_bbp_write(sc, 31, bbp & ~0x03); 3322 } 3323 3324 run_rt3070_rf_read(sc, 16, &rf); 3325 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 3326 run_rt3070_rf_write(sc, 16, rf); 3327 } else if (sc->mac_ver == 0x3071) { 3328 /* enable DC filter */ 3329 if (sc->mac_rev >= 0x0201) 3330 run_bbp_write(sc, 103, 0xc0); 3331 3332 run_bbp_read(sc, 138, &bbp); 3333 if (sc->ntxchains == 1) 3334 bbp |= 0x20; /* turn off DAC1 */ 3335 if (sc->nrxchains == 1) 3336 bbp &= ~0x02; /* turn off ADC1 */ 3337 run_bbp_write(sc, 138, bbp); 3338 3339 if (sc->mac_rev >= 0x0211) { 3340 /* improve power consumption */ 3341 run_bbp_read(sc, 31, &bbp); 3342 run_bbp_write(sc, 31, bbp & ~0x03); 3343 } 3344 3345 run_write(sc, RT2860_TX_SW_CFG1, 0); 3346 if (sc->mac_rev < 0x0211) { 3347 run_write(sc, RT2860_TX_SW_CFG2, 3348 sc->patch_dac ? 0x2c : 0x0f); 3349 } else 3350 run_write(sc, RT2860_TX_SW_CFG2, 0); 3351 } else if (sc->mac_ver == 0x3070) { 3352 if (sc->mac_rev >= 0x0201) { 3353 /* enable DC filter */ 3354 run_bbp_write(sc, 103, 0xc0); 3355 3356 /* improve power consumption */ 3357 run_bbp_read(sc, 31, &bbp); 3358 run_bbp_write(sc, 31, bbp & ~0x03); 3359 } 3360 3361 if (sc->mac_rev < 0x0211) { 3362 run_write(sc, RT2860_TX_SW_CFG1, 0); 3363 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 3364 } else 3365 run_write(sc, RT2860_TX_SW_CFG2, 0); 3366 } 3367 3368 /* initialize RF registers from ROM for >=RT3071*/ 3369 if (sc->mac_ver >= 0x3071) { 3370 for (i = 0; i < 10; i++) { 3371 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 3372 continue; 3373 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 3374 } 3375 } 3376 } 3377 3378 static int 3379 run_txrx_enable(struct run_softc *sc) 3380 { 3381 uint32_t tmp; 3382 int error, ntries; 3383 3384 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 3385 for (ntries = 0; ntries < 200; ntries++) { 3386 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3387 return (error); 3388 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3389 break; 3390 DELAY(1000); 3391 } 3392 if (ntries == 200) 3393 return (ETIMEDOUT); 3394 3395 DELAY(50); 3396 3397 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 3398 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3399 3400 /* enable Rx bulk aggregation (set timeout and limit) */ 3401 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 3402 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 3403 run_write(sc, RT2860_USB_DMA_CFG, tmp); 3404 3405 /* set Rx filter */ 3406 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 3407 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) { 3408 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 3409 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 3410 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 3411 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 3412 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA) 3413 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 3414 } 3415 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 3416 3417 run_write(sc, RT2860_MAC_SYS_CTRL, 3418 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3419 3420 return (0); 3421 } 3422 3423 static int 3424 run_init(struct ifnet *ifp) 3425 { 3426 struct run_softc *sc = ifp->if_softc; 3427 struct ieee80211com *ic = &sc->sc_ic; 3428 uint32_t tmp; 3429 uint8_t bbp1, bbp3; 3430 int i, error, qid, ridx, ntries; 3431 3432 for (ntries = 0; ntries < 100; ntries++) { 3433 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0) 3434 goto fail; 3435 if (tmp != 0 && tmp != 0xffffffff) 3436 break; 3437 DELAY(10); 3438 } 3439 if (ntries == 100) { 3440 error = ETIMEDOUT; 3441 goto fail; 3442 } 3443 3444 if ((sc->sc_flags & RUN_FWLOADED) == 0 && 3445 (error = run_load_microcode(sc)) != 0) { 3446 aprint_error_dev(sc->sc_dev, 3447 "could not load 8051 microcode\n"); 3448 goto fail; 3449 } 3450 3451 if (ifp->if_flags & IFF_RUNNING) 3452 run_stop(ifp, 0); 3453 3454 /* init host command ring */ 3455 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 3456 3457 /* init Tx rings (4 EDCAs) */ 3458 for (qid = 0; qid < 4; qid++) { 3459 if ((error = run_alloc_tx_ring(sc, qid)) != 0) 3460 goto fail; 3461 } 3462 /* init Rx ring */ 3463 if ((error = run_alloc_rx_ring(sc)) != 0) 3464 goto fail; 3465 3466 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 3467 run_set_macaddr(sc, ic->ic_myaddr); 3468 3469 for (ntries = 0; ntries < 100; ntries++) { 3470 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3471 goto fail; 3472 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3473 break; 3474 DELAY(1000); 3475 } 3476 if (ntries == 100) { 3477 aprint_error_dev(sc->sc_dev, 3478 "timeout waiting for DMA engine\n"); 3479 error = ETIMEDOUT; 3480 goto fail; 3481 } 3482 tmp &= 0xff0; 3483 tmp |= RT2860_TX_WB_DDONE; 3484 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3485 3486 /* turn off PME_OEN to solve high-current issue */ 3487 run_read(sc, RT2860_SYS_CTRL, &tmp); 3488 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 3489 3490 run_write(sc, RT2860_MAC_SYS_CTRL, 3491 RT2860_BBP_HRST | RT2860_MAC_SRST); 3492 run_write(sc, RT2860_USB_DMA_CFG, 0); 3493 3494 if ((error = run_reset(sc)) != 0) { 3495 aprint_error_dev(sc->sc_dev, "could not reset chipset\n"); 3496 goto fail; 3497 } 3498 3499 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3500 3501 /* init Tx power for all Tx rates (from EEPROM) */ 3502 for (ridx = 0; ridx < 5; ridx++) { 3503 if (sc->txpow20mhz[ridx] == 0xffffffff) 3504 continue; 3505 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 3506 } 3507 3508 for (i = 0; i < (int)__arraycount(rt2870_def_mac); i++) 3509 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 3510 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 3511 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 3512 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 3513 3514 if (sc->mac_ver >= 0x3070) { 3515 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 3516 run_write(sc, RT2860_TX_SW_CFG0, 3517 4 << RT2860_DLY_PAPE_EN_SHIFT); 3518 } 3519 3520 /* wait while MAC is busy */ 3521 for (ntries = 0; ntries < 100; ntries++) { 3522 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0) 3523 goto fail; 3524 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 3525 break; 3526 DELAY(1000); 3527 } 3528 if (ntries == 100) { 3529 error = ETIMEDOUT; 3530 goto fail; 3531 } 3532 3533 /* clear Host to MCU mailbox */ 3534 run_write(sc, RT2860_H2M_BBPAGENT, 0); 3535 run_write(sc, RT2860_H2M_MAILBOX, 0); 3536 DELAY(1000); 3537 3538 if ((error = run_bbp_init(sc)) != 0) { 3539 aprint_error_dev(sc->sc_dev, "could not initialize BBP\n"); 3540 goto fail; 3541 } 3542 3543 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3544 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 3545 RT2860_TBTT_TIMER_EN); 3546 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3547 3548 /* clear RX WCID search table */ 3549 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 3550 /* clear Pair-wise key table */ 3551 run_set_region_4(sc, RT2860_PKEY(0), 0, 2048); 3552 /* clear IV/EIV table */ 3553 run_set_region_4(sc, RT2860_IVEIV(0), 0, 512); 3554 /* clear WCID attribute table */ 3555 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 3556 /* clear shared key table */ 3557 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 3558 /* clear shared key mode */ 3559 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 3560 3561 run_read(sc, RT2860_US_CYC_CNT, &tmp); 3562 tmp = (tmp & ~0xff) | 0x1e; 3563 run_write(sc, RT2860_US_CYC_CNT, tmp); 3564 3565 if (sc->mac_rev != 0x0101) 3566 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 3567 3568 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 3569 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 3570 3571 /* write vendor-specific BBP values (from EEPROM) */ 3572 for (i = 0; i < 8; i++) { 3573 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 3574 continue; 3575 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 3576 } 3577 3578 /* select Main antenna for 1T1R devices */ 3579 if (sc->rf_rev == RT3070_RF_3020) 3580 run_set_rx_antenna(sc, 0); 3581 3582 /* send LEDs operating mode to microcontroller */ 3583 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 3584 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 3585 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 3586 3587 if (sc->mac_ver >= 0x3070) 3588 run_rt3070_rf_init(sc); 3589 3590 /* disable non-existing Rx chains */ 3591 run_bbp_read(sc, 3, &bbp3); 3592 bbp3 &= ~(1 << 3 | 1 << 4); 3593 if (sc->nrxchains == 2) 3594 bbp3 |= 1 << 3; 3595 else if (sc->nrxchains == 3) 3596 bbp3 |= 1 << 4; 3597 run_bbp_write(sc, 3, bbp3); 3598 3599 /* disable non-existing Tx chains */ 3600 run_bbp_read(sc, 1, &bbp1); 3601 if (sc->ntxchains == 1) 3602 bbp1 &= ~(1 << 3 | 1 << 4); 3603 run_bbp_write(sc, 1, bbp1); 3604 3605 if (sc->mac_ver >= 0x3070) 3606 run_rt3070_rf_setup(sc); 3607 3608 /* select default channel */ 3609 run_set_chan(sc, ic->ic_curchan); 3610 3611 /* turn radio LED on */ 3612 run_set_leds(sc, RT2860_LED_RADIO); 3613 3614 #ifdef RUN_HWCRYPTO 3615 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 3616 /* install WEP keys */ 3617 for (i = 0; i < IEEE80211_WEP_NKID; i++) 3618 (void)run_set_key(ic, &ic->ic_crypto.cs_nw_keys[i], 3619 NULL); 3620 } 3621 #endif 3622 3623 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 3624 struct run_rx_data *data = &sc->rxq.data[i]; 3625 3626 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf, 3627 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 3628 USBD_NO_TIMEOUT, run_rxeof); 3629 error = usbd_transfer(data->xfer); 3630 if (error != USBD_NORMAL_COMPLETION && 3631 error != USBD_IN_PROGRESS) 3632 goto fail; 3633 } 3634 3635 if ((error = run_txrx_enable(sc)) != 0) 3636 goto fail; 3637 3638 ifp->if_flags &= ~IFF_OACTIVE; 3639 ifp->if_flags |= IFF_RUNNING; 3640 3641 if (ic->ic_opmode == IEEE80211_M_MONITOR) 3642 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3643 else 3644 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3645 3646 if (error != 0) 3647 fail: run_stop(ifp, 1); 3648 return (error); 3649 } 3650 3651 static void 3652 run_stop(struct ifnet *ifp, int disable) 3653 { 3654 struct run_softc *sc = ifp->if_softc; 3655 struct ieee80211com *ic = &sc->sc_ic; 3656 uint32_t tmp; 3657 int ntries, qid; 3658 3659 if (ifp->if_flags & IFF_RUNNING) 3660 run_set_leds(sc, 0); /* turn all LEDs off */ 3661 3662 sc->sc_tx_timer = 0; 3663 ifp->if_timer = 0; 3664 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3665 3666 callout_stop(&sc->scan_to); 3667 callout_stop(&sc->calib_to); 3668 3669 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3670 /* wait for all queued asynchronous commands to complete */ 3671 while (sc->cmdq.queued > 0) 3672 tsleep(&sc->cmdq, 0, "cmdq", 0); 3673 3674 /* disable Tx/Rx */ 3675 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 3676 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3677 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 3678 3679 /* wait for pending Tx to complete */ 3680 for (ntries = 0; ntries < 100; ntries++) { 3681 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) 3682 break; 3683 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) 3684 break; 3685 } 3686 DELAY(1000); 3687 run_write(sc, RT2860_USB_DMA_CFG, 0); 3688 3689 /* reset adapter */ 3690 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 3691 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3692 3693 /* reset Tx and Rx rings */ 3694 sc->qfullmsk = 0; 3695 for (qid = 0; qid < 4; qid++) 3696 run_free_tx_ring(sc, qid); 3697 run_free_rx_ring(sc); 3698 } 3699 3700 #ifndef IEEE80211_STA_ONLY 3701 static int 3702 run_setup_beacon(struct run_softc *sc) 3703 { 3704 struct ieee80211com *ic = &sc->sc_ic; 3705 struct rt2860_txwi txwi; 3706 struct mbuf *m; 3707 int ridx; 3708 3709 if ((m = ieee80211_beacon_alloc(ic, ic->ic_bss, &sc->sc_bo)) == NULL) 3710 return (ENOBUFS); 3711 3712 memset(&txwi, 0, sizeof txwi); 3713 txwi.wcid = 0xff; 3714 txwi.len = htole16(m->m_pkthdr.len); 3715 /* send beacons at the lowest available rate */ 3716 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3717 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3718 txwi.phy = htole16(rt2860_rates[ridx].mcs); 3719 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 3720 txwi.phy |= htole16(RT2860_PHY_OFDM); 3721 txwi.txop = RT2860_TX_TXOP_HT; 3722 txwi.flags = RT2860_TX_TS; 3723 3724 run_write_region_1(sc, RT2860_BCN_BASE(0), 3725 (uint8_t *)&txwi, sizeof txwi); 3726 run_write_region_1(sc, RT2860_BCN_BASE(0) + sizeof txwi, 3727 mtod(m, uint8_t *), m->m_pkthdr.len); 3728 3729 m_freem(m); 3730 3731 return (0); 3732 } 3733 #endif 3734 3735 MODULE(MODULE_CLASS_DRIVER, if_run, "bpf"); 3736 3737 #ifdef _MODULE 3738 #include "ioconf.c" 3739 #endif 3740 3741 static int 3742 if_run_modcmd(modcmd_t cmd, void *arg) 3743 { 3744 int error = 0; 3745 3746 switch (cmd) { 3747 case MODULE_CMD_INIT: 3748 #ifdef _MODULE 3749 error = config_init_component(cfdriver_ioconf_run, 3750 cfattach_ioconf_run, cfdata_ioconf_run); 3751 #endif 3752 return (error); 3753 case MODULE_CMD_FINI: 3754 #ifdef _MODULE 3755 error = config_fini_component(cfdriver_ioconf_run, 3756 cfattach_ioconf_run, cfdata_ioconf_run); 3757 #endif 3758 return (error); 3759 default: 3760 return (ENOTTY); 3761 } 3762 } 3763