1 /* $NetBSD: if_run.c,v 1.11 2015/03/13 15:33:04 nonaka Exp $ */ 2 /* $OpenBSD: if_run.c,v 1.90 2012/03/24 15:11:04 jsg Exp $ */ 3 4 /*- 5 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Ralink Technology RT2700U/RT2800U/RT3000U chipset driver. 22 * http://www.ralinktech.com/ 23 */ 24 25 #include <sys/cdefs.h> 26 __KERNEL_RCSID(0, "$NetBSD: if_run.c,v 1.11 2015/03/13 15:33:04 nonaka Exp $"); 27 28 #include <sys/param.h> 29 #include <sys/sockio.h> 30 #include <sys/sysctl.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/callout.h> 37 #include <sys/module.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 41 #include <sys/bus.h> 42 #include <machine/endian.h> 43 #include <sys/intr.h> 44 45 #include <net/bpf.h> 46 #include <net/if.h> 47 #include <net/if_arp.h> 48 #include <net/if_dl.h> 49 #include <net/if_ether.h> 50 #include <net/if_media.h> 51 #include <net/if_types.h> 52 53 #include <net80211/ieee80211_var.h> 54 #include <net80211/ieee80211_amrr.h> 55 #include <net80211/ieee80211_radiotap.h> 56 57 #include <dev/firmload.h> 58 59 #include <dev/usb/usb.h> 60 #include <dev/usb/usbdi.h> 61 #include <dev/usb/usbdivar.h> 62 #include <dev/usb/usbdi_util.h> 63 #include <dev/usb/usbdevs.h> 64 65 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */ 66 #include <dev/usb/if_runvar.h> 67 68 #ifdef RUN_DEBUG 69 #define DPRINTF(x) do { if (run_debug) printf x; } while (0) 70 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0) 71 int run_debug = 0; 72 #else 73 #define DPRINTF(x) 74 #define DPRINTFN(n, x) 75 #endif 76 77 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p } 78 static const struct usb_devno run_devs[] = { 79 USB_ID(ABOCOM, RT2770), 80 USB_ID(ABOCOM, RT2870), 81 USB_ID(ABOCOM, RT3070), 82 USB_ID(ABOCOM, RT3071), 83 USB_ID(ABOCOM, RT3072), 84 USB_ID(ABOCOM2, RT2870_1), 85 USB_ID(ACCTON, RT2770), 86 USB_ID(ACCTON, RT2870_1), 87 USB_ID(ACCTON, RT2870_2), 88 USB_ID(ACCTON, RT2870_3), 89 USB_ID(ACCTON, RT2870_4), 90 USB_ID(ACCTON, RT2870_5), 91 USB_ID(ACCTON, RT3070), 92 USB_ID(ACCTON, RT3070_1), 93 USB_ID(ACCTON, RT3070_2), 94 USB_ID(ACCTON, RT3070_3), 95 USB_ID(ACCTON, RT3070_4), 96 USB_ID(ACCTON, RT3070_5), 97 USB_ID(ACCTON, RT3070_6), 98 USB_ID(AIRTIES, RT3070), 99 USB_ID(AIRTIES, RT3070_2), 100 USB_ID(ALLWIN, RT2070), 101 USB_ID(ALLWIN, RT2770), 102 USB_ID(ALLWIN, RT2870), 103 USB_ID(ALLWIN, RT3070), 104 USB_ID(ALLWIN, RT3071), 105 USB_ID(ALLWIN, RT3072), 106 USB_ID(ALLWIN, RT3572), 107 USB_ID(AMIGO, RT2870_1), 108 USB_ID(AMIGO, RT2870_2), 109 USB_ID(AMIT, CGWLUSB2GNR), 110 USB_ID(AMIT, RT2870_1), 111 USB_ID(AMIT2, RT2870), 112 USB_ID(ASUSTEK, RT2870_1), 113 USB_ID(ASUSTEK, RT2870_2), 114 USB_ID(ASUSTEK, RT2870_3), 115 USB_ID(ASUSTEK, RT2870_4), 116 USB_ID(ASUSTEK, RT2870_5), 117 USB_ID(ASUSTEK, RT3070), 118 USB_ID(ASUSTEK, RT3070_1), 119 USB_ID(ASUSTEK2, USBN11), 120 USB_ID(AZUREWAVE, RT2870_1), 121 USB_ID(AZUREWAVE, RT2870_2), 122 USB_ID(AZUREWAVE, RT3070), 123 USB_ID(AZUREWAVE, RT3070_2), 124 USB_ID(AZUREWAVE, RT3070_3), 125 USB_ID(AZUREWAVE, RT3070_4), 126 USB_ID(AZUREWAVE, RT3070_5), 127 USB_ID(BELKIN, F5D8053V3), 128 USB_ID(BELKIN, F5D8055), 129 USB_ID(BELKIN, F5D8055V2), 130 USB_ID(BELKIN, F6D4050V1), 131 USB_ID(BELKIN, F6D4050V2), 132 USB_ID(BELKIN, F7D1101V2), 133 USB_ID(BELKIN, RT2870_1), 134 USB_ID(BELKIN, RT2870_2), 135 USB_ID(BEWAN, RT3070), 136 USB_ID(CISCOLINKSYS, AE1000), 137 USB_ID(CISCOLINKSYS, AM10), 138 USB_ID(CISCOLINKSYS2, RT3070), 139 USB_ID(CISCOLINKSYS3, RT3070), 140 USB_ID(CONCEPTRONIC, RT2870_1), 141 USB_ID(CONCEPTRONIC, RT2870_2), 142 USB_ID(CONCEPTRONIC, RT2870_3), 143 USB_ID(CONCEPTRONIC, RT2870_4), 144 USB_ID(CONCEPTRONIC, RT2870_5), 145 USB_ID(CONCEPTRONIC, RT2870_6), 146 USB_ID(CONCEPTRONIC, RT2870_7), 147 USB_ID(CONCEPTRONIC, RT2870_8), 148 USB_ID(CONCEPTRONIC, RT3070_1), 149 USB_ID(CONCEPTRONIC, RT3070_2), 150 USB_ID(CONCEPTRONIC, RT3070_3), 151 USB_ID(COREGA, CGWLUSB300GNM), 152 USB_ID(COREGA, RT2870_1), 153 USB_ID(COREGA, RT2870_2), 154 USB_ID(COREGA, RT2870_3), 155 USB_ID(COREGA, RT3070), 156 USB_ID(CYBERTAN, RT2870), 157 USB_ID(DLINK, RT2870), 158 USB_ID(DLINK, RT3072), 159 USB_ID(DLINK2, DWA130), 160 USB_ID(DLINK2, RT2870_1), 161 USB_ID(DLINK2, RT2870_2), 162 USB_ID(DLINK2, RT3070_1), 163 USB_ID(DLINK2, RT3070_2), 164 USB_ID(DLINK2, RT3070_3), 165 USB_ID(DLINK2, RT3070_4), 166 USB_ID(DLINK2, RT3070_5), 167 USB_ID(DLINK2, RT3072), 168 USB_ID(DLINK2, RT3072_1), 169 USB_ID(DVICO, RT3070), 170 USB_ID(EDIMAX, EW7717), 171 USB_ID(EDIMAX, EW7718), 172 USB_ID(EDIMAX, EW7722UTN), 173 USB_ID(EDIMAX, RT2870_1), 174 USB_ID(ENCORE, RT3070), 175 USB_ID(ENCORE, RT3070_2), 176 USB_ID(ENCORE, RT3070_3), 177 USB_ID(GIGABYTE, GNWB31N), 178 USB_ID(GIGABYTE, GNWB32L), 179 USB_ID(GIGABYTE, RT2870_1), 180 USB_ID(GIGASET, RT3070_1), 181 USB_ID(GIGASET, RT3070_2), 182 USB_ID(GUILLEMOT, HWNU300), 183 USB_ID(HAWKING, HWUN2), 184 USB_ID(HAWKING, RT2870_1), 185 USB_ID(HAWKING, RT2870_2), 186 USB_ID(HAWKING, RT2870_3), 187 USB_ID(HAWKING, RT2870_4), 188 USB_ID(HAWKING, RT2870_5), 189 USB_ID(HAWKING, RT3070), 190 USB_ID(IODATA, RT3072_1), 191 USB_ID(IODATA, RT3072_2), 192 USB_ID(IODATA, RT3072_3), 193 USB_ID(IODATA, RT3072_4), 194 USB_ID(LINKSYS4, RT3070), 195 USB_ID(LINKSYS4, WUSB100), 196 USB_ID(LINKSYS4, WUSB54GC_3), 197 USB_ID(LINKSYS4, WUSB600N), 198 USB_ID(LINKSYS4, WUSB600NV2), 199 USB_ID(LOGITEC, LANW300NU2), 200 USB_ID(LOGITEC, RT2870_1), 201 USB_ID(LOGITEC, RT2870_2), 202 USB_ID(LOGITEC, RT2870_3), 203 USB_ID(LOGITEC, RT3020), 204 USB_ID(MELCO, RT2870_1), 205 USB_ID(MELCO, RT2870_2), 206 USB_ID(MELCO, WLIUCAG300N), 207 USB_ID(MELCO, WLIUCG300N), 208 USB_ID(MELCO, WLIUCG301N), 209 USB_ID(MELCO, WLIUCGN), 210 USB_ID(MELCO, WLIUCGNHP), 211 USB_ID(MELCO, WLIUCGNM), 212 USB_ID(MELCO, WLIUCGNM2T), 213 USB_ID(MOTOROLA4, RT2770), 214 USB_ID(MOTOROLA4, RT3070), 215 USB_ID(MSI, RT3070), 216 USB_ID(MSI, RT3070_2), 217 USB_ID(MSI, RT3070_3), 218 USB_ID(MSI, RT3070_4), 219 USB_ID(MSI, RT3070_5), 220 USB_ID(MSI, RT3070_6), 221 USB_ID(MSI, RT3070_7), 222 USB_ID(MSI, RT3070_8), 223 USB_ID(MSI, RT3070_9), 224 USB_ID(MSI, RT3070_10), 225 USB_ID(MSI, RT3070_11), 226 USB_ID(MSI, RT3070_12), 227 USB_ID(MSI, RT3070_13), 228 USB_ID(MSI, RT3070_14), 229 USB_ID(MSI, RT3070_15), 230 USB_ID(OVISLINK, RT3071), 231 USB_ID(OVISLINK, RT3072), 232 USB_ID(PARA, RT3070), 233 USB_ID(PEGATRON, RT2870), 234 USB_ID(PEGATRON, RT3070), 235 USB_ID(PEGATRON, RT3070_2), 236 USB_ID(PEGATRON, RT3070_3), 237 USB_ID(PEGATRON, RT3072), 238 USB_ID(PHILIPS, RT2870), 239 USB_ID(PLANEX2, GWUS300MINIS), 240 USB_ID(PLANEX2, GWUSMICRO300), 241 USB_ID(PLANEX2, GWUSMICRON), 242 USB_ID(PLANEX2, GWUS300MINIX), 243 USB_ID(PLANEX2, RT3070), 244 USB_ID(QCOM, RT2870), 245 USB_ID(QUANTA, RT3070), 246 USB_ID(RALINK, RT2070), 247 USB_ID(RALINK, RT2770), 248 USB_ID(RALINK, RT2870), 249 USB_ID(RALINK, RT3070), 250 USB_ID(RALINK, RT3071), 251 USB_ID(RALINK, RT3072), 252 USB_ID(RALINK, RT3370), 253 USB_ID(RALINK, RT3572), 254 USB_ID(RALINK, RT8070), 255 USB_ID(SAMSUNG, RT2870_1), 256 USB_ID(SENAO, RT2870_1), 257 USB_ID(SENAO, RT2870_2), 258 USB_ID(SENAO, RT2870_3), 259 USB_ID(SENAO, RT2870_4), 260 USB_ID(SENAO, RT3070), 261 USB_ID(SENAO, RT3071), 262 USB_ID(SENAO, RT3072), 263 USB_ID(SENAO, RT3072_2), 264 USB_ID(SENAO, RT3072_3), 265 USB_ID(SENAO, RT3072_4), 266 USB_ID(SENAO, RT3072_5), 267 USB_ID(SITECOMEU, RT2870_1), 268 USB_ID(SITECOMEU, RT2870_2), 269 USB_ID(SITECOMEU, RT2870_3), 270 USB_ID(SITECOMEU, RT3070_1), 271 USB_ID(SITECOMEU, RT3072_3), 272 USB_ID(SITECOMEU, RT3072_4), 273 USB_ID(SITECOMEU, RT3072_5), 274 USB_ID(SITECOMEU, WL302), 275 USB_ID(SITECOMEU, WL315), 276 USB_ID(SITECOMEU, WL321), 277 USB_ID(SITECOMEU, WL324), 278 USB_ID(SITECOMEU, WL329), 279 USB_ID(SITECOMEU, WL343), 280 USB_ID(SITECOMEU, WL344), 281 USB_ID(SITECOMEU, WL345), 282 USB_ID(SITECOMEU, WL349V4), 283 USB_ID(SITECOMEU, WL608), 284 USB_ID(SITECOMEU, WLA4000), 285 USB_ID(SITECOMEU, WLA5000), 286 USB_ID(SPARKLAN, RT2870_1), 287 USB_ID(SPARKLAN, RT2870_2), 288 USB_ID(SPARKLAN, RT3070), 289 USB_ID(SWEEX2, LW153), 290 USB_ID(SWEEX2, LW303), 291 USB_ID(SWEEX2, LW313), 292 USB_ID(TOSHIBA, RT3070), 293 USB_ID(UMEDIA, RT2870_1), 294 USB_ID(UMEDIA, TEW645UB), 295 USB_ID(ZCOM, RT2870_1), 296 USB_ID(ZCOM, RT2870_2), 297 USB_ID(ZINWELL, RT2870_1), 298 USB_ID(ZINWELL, RT2870_2), 299 USB_ID(ZINWELL, RT3070), 300 USB_ID(ZINWELL, RT3072), 301 USB_ID(ZINWELL, RT3072_2), 302 USB_ID(ZYXEL, NWD2105), 303 USB_ID(ZYXEL, NWD211AN), 304 USB_ID(ZYXEL, RT2870_1), 305 USB_ID(ZYXEL, RT2870_2), 306 USB_ID(ZYXEL, RT3070), 307 }; 308 309 static int run_match(device_t, cfdata_t, void *); 310 static void run_attach(device_t, device_t, void *); 311 static int run_detach(device_t, int); 312 static int run_activate(device_t, enum devact); 313 314 CFATTACH_DECL_NEW(run, sizeof(struct run_softc), 315 run_match, run_attach, run_detach, run_activate); 316 317 static int run_alloc_rx_ring(struct run_softc *); 318 static void run_free_rx_ring(struct run_softc *); 319 static int run_alloc_tx_ring(struct run_softc *, int); 320 static void run_free_tx_ring(struct run_softc *, int); 321 static int run_load_microcode(struct run_softc *); 322 static int run_reset(struct run_softc *); 323 static int run_read(struct run_softc *, uint16_t, uint32_t *); 324 static int run_read_region_1(struct run_softc *, uint16_t, 325 uint8_t *, int); 326 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 327 static int run_write(struct run_softc *, uint16_t, uint32_t); 328 static int run_write_region_1(struct run_softc *, uint16_t, 329 const uint8_t *, int); 330 static int run_set_region_4(struct run_softc *, uint16_t, 331 uint32_t, int); 332 static int run_efuse_read_2(struct run_softc *, uint16_t, 333 uint16_t *); 334 static int run_eeprom_read_2(struct run_softc *, uint16_t, 335 uint16_t *); 336 static int run_rt2870_rf_write(struct run_softc *, uint8_t, 337 uint32_t); 338 static int run_rt3070_rf_read(struct run_softc *, uint8_t, 339 uint8_t *); 340 static int run_rt3070_rf_write(struct run_softc *, uint8_t, 341 uint8_t); 342 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 343 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 344 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 345 static const char * run_get_rf(int); 346 static int run_read_eeprom(struct run_softc *); 347 static struct ieee80211_node * 348 run_node_alloc(struct ieee80211_node_table *); 349 static int run_media_change(struct ifnet *); 350 static void run_next_scan(void *); 351 static void run_task(void *); 352 static void run_do_async(struct run_softc *, 353 void (*)(struct run_softc *, void *), void *, int); 354 static int run_newstate(struct ieee80211com *, 355 enum ieee80211_state, int); 356 static void run_newstate_cb(struct run_softc *, void *); 357 static int run_updateedca(struct ieee80211com *); 358 static void run_updateedca_cb(struct run_softc *, void *); 359 #ifdef RUN_HWCRYPTO 360 static int run_set_key(struct ieee80211com *, 361 const struct ieee80211_key *, const uint8_t *); 362 static void run_set_key_cb(struct run_softc *, void *); 363 static int run_delete_key(struct ieee80211com *, 364 const struct ieee80211_key *); 365 static void run_delete_key_cb(struct run_softc *, void *); 366 #endif 367 static void run_calibrate_to(void *); 368 static void run_calibrate_cb(struct run_softc *, void *); 369 static void run_newassoc(struct ieee80211_node *, int); 370 static void run_rx_frame(struct run_softc *, uint8_t *, int); 371 static void run_rxeof(usbd_xfer_handle, usbd_private_handle, 372 usbd_status); 373 static void run_txeof(usbd_xfer_handle, usbd_private_handle, 374 usbd_status); 375 static int run_tx(struct run_softc *, struct mbuf *, 376 struct ieee80211_node *); 377 static void run_start(struct ifnet *); 378 static void run_watchdog(struct ifnet *); 379 static int run_ioctl(struct ifnet *, u_long, void *); 380 static void run_select_chan_group(struct run_softc *, int); 381 static void run_set_agc(struct run_softc *, uint8_t); 382 static void run_set_rx_antenna(struct run_softc *, int); 383 static void run_rt2870_set_chan(struct run_softc *, u_int); 384 static void run_rt3070_set_chan(struct run_softc *, u_int); 385 static void run_rt3572_set_chan(struct run_softc *, u_int); 386 static int run_set_chan(struct run_softc *, 387 struct ieee80211_channel *); 388 static void run_enable_tsf_sync(struct run_softc *); 389 static void run_enable_mrr(struct run_softc *); 390 static void run_set_txpreamble(struct run_softc *); 391 static void run_set_basicrates(struct run_softc *); 392 static void run_set_leds(struct run_softc *, uint16_t); 393 static void run_set_bssid(struct run_softc *, const uint8_t *); 394 static void run_set_macaddr(struct run_softc *, const uint8_t *); 395 static void run_updateslot(struct ifnet *); 396 static void run_updateslot_cb(struct run_softc *, void *); 397 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 398 static int run_bbp_init(struct run_softc *); 399 static int run_rt3070_rf_init(struct run_softc *); 400 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, 401 uint8_t, uint8_t *); 402 static void run_rt3070_rf_setup(struct run_softc *); 403 static int run_txrx_enable(struct run_softc *); 404 static int run_init(struct ifnet *); 405 static void run_stop(struct ifnet *, int); 406 #ifndef IEEE80211_STA_ONLY 407 static int run_setup_beacon(struct run_softc *); 408 #endif 409 410 static const struct { 411 uint32_t reg; 412 uint32_t val; 413 } rt2870_def_mac[] = { 414 RT2870_DEF_MAC 415 }; 416 417 static const struct { 418 uint8_t reg; 419 uint8_t val; 420 } rt2860_def_bbp[] = { 421 RT2860_DEF_BBP 422 }; 423 424 static const struct rfprog { 425 uint8_t chan; 426 uint32_t r1, r2, r3, r4; 427 } rt2860_rf2850[] = { 428 RT2860_RF2850 429 }; 430 431 static const struct { 432 uint8_t n, r, k; 433 } rt3070_freqs[] = { 434 RT3070_RF3052 435 }; 436 437 static const struct { 438 uint8_t reg; 439 uint8_t val; 440 } rt3070_def_rf[] = { 441 RT3070_DEF_RF 442 }, rt3572_def_rf[] = { 443 RT3572_DEF_RF 444 }; 445 446 static int 447 firmware_load(const char *dname, const char *iname, uint8_t **ucodep, 448 size_t *sizep) 449 { 450 firmware_handle_t fh; 451 int error; 452 453 if ((error = firmware_open(dname, iname, &fh)) != 0) 454 return (error); 455 *sizep = firmware_get_size(fh); 456 if ((*ucodep = firmware_malloc(*sizep)) == NULL) { 457 firmware_close(fh); 458 return (ENOMEM); 459 } 460 if ((error = firmware_read(fh, 0, *ucodep, *sizep)) != 0) 461 firmware_free(*ucodep, *sizep); 462 firmware_close(fh); 463 464 return (error); 465 } 466 467 static int 468 run_match(device_t parent, cfdata_t match, void *aux) 469 { 470 struct usb_attach_arg *uaa = aux; 471 472 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ? 473 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 474 } 475 476 static void 477 run_attach(device_t parent, device_t self, void *aux) 478 { 479 struct run_softc *sc = device_private(self); 480 struct usb_attach_arg *uaa = aux; 481 struct ieee80211com *ic = &sc->sc_ic; 482 struct ifnet *ifp = &sc->sc_if; 483 usb_interface_descriptor_t *id; 484 usb_endpoint_descriptor_t *ed; 485 char *devinfop; 486 int i, nrx, ntx, ntries, error; 487 uint32_t ver; 488 489 aprint_naive("\n"); 490 aprint_normal("\n"); 491 492 sc->sc_dev = self; 493 sc->sc_udev = uaa->device; 494 495 devinfop = usbd_devinfo_alloc(sc->sc_udev, 0); 496 aprint_normal_dev(sc->sc_dev, "%s\n", devinfop); 497 usbd_devinfo_free(devinfop); 498 499 error = usbd_set_config_no(sc->sc_udev, 1, 0); 500 if (error != 0) { 501 aprint_error_dev(sc->sc_dev, "failed to set configuration" 502 ", err=%s\n", usbd_errstr(error)); 503 return; 504 } 505 506 /* get the first interface handle */ 507 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 508 if (error != 0) { 509 aprint_error_dev(sc->sc_dev, 510 "could not get interface handle\n"); 511 return; 512 } 513 514 /* 515 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX 516 * and 6 for TX (4 EDCAs + HCCA + Prio). 517 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 518 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 519 */ 520 nrx = ntx = 0; 521 id = usbd_get_interface_descriptor(sc->sc_iface); 522 for (i = 0; i < id->bNumEndpoints; i++) { 523 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 524 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK) 525 continue; 526 527 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) { 528 sc->rxq.pipe_no = ed->bEndpointAddress; 529 nrx++; 530 } else if (ntx < 4) { 531 sc->txq[ntx].pipe_no = ed->bEndpointAddress; 532 ntx++; 533 } 534 } 535 /* make sure we've got them all */ 536 if (nrx < 1 || ntx < 4) { 537 aprint_error_dev(sc->sc_dev, "missing endpoint\n"); 538 return; 539 } 540 541 usb_init_task(&sc->sc_task, run_task, sc, 0); 542 callout_init(&sc->scan_to, 0); 543 callout_setfunc(&sc->scan_to, run_next_scan, sc); 544 callout_init(&sc->calib_to, 0); 545 callout_setfunc(&sc->calib_to, run_calibrate_to, sc); 546 547 sc->amrr.amrr_min_success_threshold = 1; 548 sc->amrr.amrr_max_success_threshold = 10; 549 550 /* wait for the chip to settle */ 551 for (ntries = 0; ntries < 100; ntries++) { 552 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) 553 return; 554 if (ver != 0 && ver != 0xffffffff) 555 break; 556 DELAY(10); 557 } 558 if (ntries == 100) { 559 aprint_error_dev(sc->sc_dev, 560 "timeout waiting for NIC to initialize\n"); 561 return; 562 } 563 sc->mac_ver = ver >> 16; 564 sc->mac_rev = ver & 0xffff; 565 566 /* retrieve RF rev. no and various other things from EEPROM */ 567 run_read_eeprom(sc); 568 569 aprint_error_dev(sc->sc_dev, 570 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 571 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains, 572 sc->nrxchains, ether_sprintf(ic->ic_myaddr)); 573 574 ic->ic_ifp = ifp; 575 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 576 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 577 ic->ic_state = IEEE80211_S_INIT; 578 579 /* set device capabilities */ 580 ic->ic_caps = 581 IEEE80211_C_MONITOR | /* monitor mode supported */ 582 #ifndef IEEE80211_STA_ONLY 583 IEEE80211_C_IBSS | /* IBSS mode supported */ 584 IEEE80211_C_HOSTAP | /* HostAP mode supported */ 585 #endif 586 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 587 IEEE80211_C_SHSLOT | /* short slot time supported */ 588 #ifdef RUN_HWCRYPTO 589 IEEE80211_C_WEP | /* WEP */ 590 IEEE80211_C_TKIP | /* TKIP */ 591 IEEE80211_C_AES_CCM | /* AES CCMP */ 592 IEEE80211_C_TKIPMIC | /* TKIPMIC */ 593 #endif 594 IEEE80211_C_WME | /* WME */ 595 IEEE80211_C_WPA; /* WPA/RSN */ 596 597 if (sc->rf_rev == RT2860_RF_2750 || 598 sc->rf_rev == RT2860_RF_2850 || 599 sc->rf_rev == RT3070_RF_3052) { 600 /* set supported .11a rates */ 601 ic->ic_sup_rates[IEEE80211_MODE_11A] = 602 ieee80211_std_rateset_11a; 603 604 /* set supported .11a channels */ 605 for (i = 14; i < (int)__arraycount(rt2860_rf2850); i++) { 606 uint8_t chan = rt2860_rf2850[i].chan; 607 ic->ic_channels[chan].ic_freq = 608 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 609 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 610 } 611 } 612 613 /* set supported .11b and .11g rates */ 614 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 615 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 616 617 /* set supported .11b and .11g channels (1 through 14) */ 618 for (i = 1; i <= 14; i++) { 619 ic->ic_channels[i].ic_freq = 620 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 621 ic->ic_channels[i].ic_flags = 622 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 623 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 624 } 625 626 ifp->if_softc = sc; 627 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 628 ifp->if_init = run_init; 629 ifp->if_ioctl = run_ioctl; 630 ifp->if_start = run_start; 631 ifp->if_watchdog = run_watchdog; 632 IFQ_SET_READY(&ifp->if_snd); 633 memcpy(ifp->if_xname, device_xname(sc->sc_dev), IFNAMSIZ); 634 635 if_attach(ifp); 636 ieee80211_ifattach(ic); 637 ic->ic_node_alloc = run_node_alloc; 638 ic->ic_newassoc = run_newassoc; 639 ic->ic_updateslot = run_updateslot; 640 ic->ic_wme.wme_update = run_updateedca; 641 #ifdef RUN_HWCRYPTO 642 ic->ic_crypto.cs_key_set = run_set_key; 643 ic->ic_crypto.cs_key_delete = run_delete_key; 644 #endif 645 /* override state transition machine */ 646 sc->sc_newstate = ic->ic_newstate; 647 ic->ic_newstate = run_newstate; 648 ieee80211_media_init(ic, run_media_change, ieee80211_media_status); 649 650 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 651 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 652 &sc->sc_drvbpf); 653 654 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 655 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 656 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT); 657 658 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 659 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 660 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT); 661 662 ieee80211_announce(ic); 663 664 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, sc->sc_dev); 665 666 if (!pmf_device_register(self, NULL, NULL)) 667 aprint_error_dev(self, "couldn't establish power handler\n"); 668 } 669 670 static int 671 run_detach(device_t self, int flags) 672 { 673 struct run_softc *sc = device_private(self); 674 struct ifnet *ifp = &sc->sc_if; 675 struct ieee80211com *ic = &sc->sc_ic; 676 int s; 677 678 if (ifp->if_softc == NULL) 679 return (0); 680 681 pmf_device_deregister(self); 682 683 s = splnet(); 684 685 sc->sc_flags |= RUN_DETACHING; 686 687 if (ifp->if_flags & IFF_RUNNING) { 688 usb_rem_task(sc->sc_udev, &sc->sc_task); 689 run_stop(ifp, 0); 690 } 691 692 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 693 bpf_detach(ifp); 694 ieee80211_ifdetach(ic); 695 if_detach(ifp); 696 697 splx(s); 698 699 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, sc->sc_dev); 700 701 callout_destroy(&sc->scan_to); 702 callout_destroy(&sc->calib_to); 703 704 return (0); 705 } 706 707 static int 708 run_activate(device_t self, enum devact act) 709 { 710 struct run_softc *sc = device_private(self); 711 712 switch (act) { 713 case DVACT_DEACTIVATE: 714 if_deactivate(sc->sc_ic.ic_ifp); 715 return (0); 716 default: 717 return (EOPNOTSUPP); 718 } 719 } 720 721 static int 722 run_alloc_rx_ring(struct run_softc *sc) 723 { 724 struct run_rx_ring *rxq = &sc->rxq; 725 int i, error; 726 727 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh); 728 if (error != 0) 729 goto fail; 730 731 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 732 struct run_rx_data *data = &rxq->data[i]; 733 734 data->sc = sc; /* backpointer for callbacks */ 735 736 data->xfer = usbd_alloc_xfer(sc->sc_udev); 737 if (data->xfer == NULL) { 738 error = ENOMEM; 739 goto fail; 740 } 741 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ); 742 if (data->buf == NULL) { 743 error = ENOMEM; 744 goto fail; 745 } 746 } 747 if (error != 0) 748 fail: run_free_rx_ring(sc); 749 return (error); 750 } 751 752 static void 753 run_free_rx_ring(struct run_softc *sc) 754 { 755 struct run_rx_ring *rxq = &sc->rxq; 756 int i; 757 758 if (rxq->pipeh != NULL) { 759 usbd_abort_pipe(rxq->pipeh); 760 usbd_close_pipe(rxq->pipeh); 761 rxq->pipeh = NULL; 762 } 763 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 764 if (rxq->data[i].xfer != NULL) 765 usbd_free_xfer(rxq->data[i].xfer); 766 rxq->data[i].xfer = NULL; 767 } 768 } 769 770 static int 771 run_alloc_tx_ring(struct run_softc *sc, int qid) 772 { 773 struct run_tx_ring *txq = &sc->txq[qid]; 774 int i, error; 775 776 txq->cur = txq->queued = 0; 777 778 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh); 779 if (error != 0) 780 goto fail; 781 782 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 783 struct run_tx_data *data = &txq->data[i]; 784 785 data->sc = sc; /* backpointer for callbacks */ 786 data->qid = qid; 787 788 data->xfer = usbd_alloc_xfer(sc->sc_udev); 789 if (data->xfer == NULL) { 790 error = ENOMEM; 791 goto fail; 792 } 793 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ); 794 if (data->buf == NULL) { 795 error = ENOMEM; 796 goto fail; 797 } 798 /* zeroize the TXD + TXWI part */ 799 memset(data->buf, 0, sizeof (struct rt2870_txd) + 800 sizeof (struct rt2860_txwi)); 801 } 802 if (error != 0) 803 fail: run_free_tx_ring(sc, qid); 804 return (error); 805 } 806 807 static void 808 run_free_tx_ring(struct run_softc *sc, int qid) 809 { 810 struct run_tx_ring *txq = &sc->txq[qid]; 811 int i; 812 813 if (txq->pipeh != NULL) { 814 usbd_abort_pipe(txq->pipeh); 815 usbd_close_pipe(txq->pipeh); 816 txq->pipeh = NULL; 817 } 818 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 819 if (txq->data[i].xfer != NULL) 820 usbd_free_xfer(txq->data[i].xfer); 821 txq->data[i].xfer = NULL; 822 } 823 } 824 825 static int 826 run_load_microcode(struct run_softc *sc) 827 { 828 usb_device_request_t req; 829 const char *fwname; 830 u_char *ucode = NULL; /* XXX gcc 4.8.3: maybe-uninitialized */ 831 size_t size = 0; /* XXX gcc 4.8.3: maybe-uninitialized */ 832 uint32_t tmp; 833 int ntries, error; 834 835 /* RT3071/RT3072 use a different firmware */ 836 if (sc->mac_ver != 0x2860 && 837 sc->mac_ver != 0x2872 && 838 sc->mac_ver != 0x3070) 839 fwname = "run-rt3071"; 840 else 841 fwname = "run-rt2870"; 842 843 if ((error = firmware_load("run", fwname, &ucode, &size)) != 0) { 844 aprint_error_dev(sc->sc_dev, 845 "error %d, could not read firmware %s\n", error, fwname); 846 return (error); 847 } 848 if (size != 4096) { 849 aprint_error_dev(sc->sc_dev, 850 "invalid firmware size (should be 4KB)\n"); 851 firmware_free(ucode, size); 852 return (EINVAL); 853 } 854 855 run_read(sc, RT2860_ASIC_VER_ID, &tmp); 856 /* write microcode image */ 857 run_write_region_1(sc, RT2870_FW_BASE, ucode, size); 858 firmware_free(ucode, size); 859 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 860 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 861 862 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 863 req.bRequest = RT2870_RESET; 864 USETW(req.wValue, 8); 865 USETW(req.wIndex, 0); 866 USETW(req.wLength, 0); 867 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0) 868 return (error); 869 870 usbd_delay_ms(sc->sc_udev, 10); 871 run_write(sc, RT2860_H2M_MAILBOX, 0); 872 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 873 return (error); 874 875 /* wait until microcontroller is ready */ 876 for (ntries = 0; ntries < 1000; ntries++) { 877 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 878 return (error); 879 if (tmp & RT2860_MCU_READY) 880 break; 881 DELAY(1000); 882 } 883 if (ntries == 1000) { 884 aprint_error_dev(sc->sc_dev, 885 "timeout waiting for MCU to initialize\n"); 886 return (ETIMEDOUT); 887 } 888 889 sc->sc_flags |= RUN_FWLOADED; 890 891 DPRINTF(("microcode successfully loaded after %d tries\n", ntries)); 892 return (0); 893 } 894 895 static int 896 run_reset(struct run_softc *sc) 897 { 898 usb_device_request_t req; 899 900 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 901 req.bRequest = RT2870_RESET; 902 USETW(req.wValue, 1); 903 USETW(req.wIndex, 0); 904 USETW(req.wLength, 0); 905 return usbd_do_request(sc->sc_udev, &req, NULL); 906 } 907 908 static int 909 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 910 { 911 uint32_t tmp; 912 int error; 913 914 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 915 if (error == 0) 916 *val = le32toh(tmp); 917 else 918 *val = 0xffffffff; 919 return (error); 920 } 921 922 static int 923 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 924 { 925 usb_device_request_t req; 926 927 req.bmRequestType = UT_READ_VENDOR_DEVICE; 928 req.bRequest = RT2870_READ_REGION_1; 929 USETW(req.wValue, 0); 930 USETW(req.wIndex, reg); 931 USETW(req.wLength, len); 932 return usbd_do_request(sc->sc_udev, &req, buf); 933 } 934 935 static int 936 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 937 { 938 usb_device_request_t req; 939 940 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 941 req.bRequest = RT2870_WRITE_2; 942 USETW(req.wValue, val); 943 USETW(req.wIndex, reg); 944 USETW(req.wLength, 0); 945 return usbd_do_request(sc->sc_udev, &req, NULL); 946 } 947 948 static int 949 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 950 { 951 int error; 952 953 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 954 error = run_write_2(sc, reg + 2, val >> 16); 955 return (error); 956 } 957 958 static int 959 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 960 int len) 961 { 962 #if 1 963 int i, error = 0; 964 /* 965 * NB: the WRITE_REGION_1 command is not stable on RT2860. 966 * We thus issue multiple WRITE_2 commands instead. 967 */ 968 KASSERT((len & 1) == 0); 969 for (i = 0; i < len && error == 0; i += 2) 970 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 971 return (error); 972 #else 973 usb_device_request_t req; 974 975 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 976 req.bRequest = RT2870_WRITE_REGION_1; 977 USETW(req.wValue, 0); 978 USETW(req.wIndex, reg); 979 USETW(req.wLength, len); 980 return usbd_do_request(sc->sc_udev, &req, buf); 981 #endif 982 } 983 984 static int 985 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count) 986 { 987 int error = 0; 988 989 for (; count > 0 && error == 0; count--, reg += 4) 990 error = run_write(sc, reg, val); 991 return (error); 992 } 993 994 /* Read 16-bit from eFUSE ROM (RT3070 only.) */ 995 static int 996 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 997 { 998 uint32_t tmp; 999 uint16_t reg; 1000 int error, ntries; 1001 1002 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1003 return (error); 1004 1005 addr *= 2; 1006 /*- 1007 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1008 * DATA0: F E D C 1009 * DATA1: B A 9 8 1010 * DATA2: 7 6 5 4 1011 * DATA3: 3 2 1 0 1012 */ 1013 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1014 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1015 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1016 for (ntries = 0; ntries < 100; ntries++) { 1017 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1018 return (error); 1019 if (!(tmp & RT3070_EFSROM_KICK)) 1020 break; 1021 DELAY(2); 1022 } 1023 if (ntries == 100) 1024 return (ETIMEDOUT); 1025 1026 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1027 *val = 0xffff; /* address not found */ 1028 return (0); 1029 } 1030 /* determine to which 32-bit register our 16-bit word belongs */ 1031 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1032 if ((error = run_read(sc, reg, &tmp)) != 0) 1033 return (error); 1034 1035 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1036 return (0); 1037 } 1038 1039 static int 1040 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1041 { 1042 usb_device_request_t req; 1043 uint16_t tmp; 1044 int error; 1045 1046 addr *= 2; 1047 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1048 req.bRequest = RT2870_EEPROM_READ; 1049 USETW(req.wValue, 0); 1050 USETW(req.wIndex, addr); 1051 USETW(req.wLength, sizeof tmp); 1052 error = usbd_do_request(sc->sc_udev, &req, &tmp); 1053 if (error == 0) 1054 *val = le16toh(tmp); 1055 else 1056 *val = 0xffff; 1057 return (error); 1058 } 1059 1060 static __inline int 1061 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1062 { 1063 1064 /* either eFUSE ROM or EEPROM */ 1065 return sc->sc_srom_read(sc, addr, val); 1066 } 1067 1068 static int 1069 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 1070 { 1071 uint32_t tmp; 1072 int error, ntries; 1073 1074 for (ntries = 0; ntries < 10; ntries++) { 1075 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1076 return (error); 1077 if (!(tmp & RT2860_RF_REG_CTRL)) 1078 break; 1079 } 1080 if (ntries == 10) 1081 return (ETIMEDOUT); 1082 1083 /* RF registers are 24-bit on the RT2860 */ 1084 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1085 (val & 0x3fffff) << 2 | (reg & 3); 1086 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1087 } 1088 1089 static int 1090 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1091 { 1092 uint32_t tmp; 1093 int error, ntries; 1094 1095 for (ntries = 0; ntries < 100; ntries++) { 1096 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1097 return (error); 1098 if (!(tmp & RT3070_RF_KICK)) 1099 break; 1100 } 1101 if (ntries == 100) 1102 return (ETIMEDOUT); 1103 1104 tmp = RT3070_RF_KICK | reg << 8; 1105 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1106 return (error); 1107 1108 for (ntries = 0; ntries < 100; ntries++) { 1109 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1110 return (error); 1111 if (!(tmp & RT3070_RF_KICK)) 1112 break; 1113 } 1114 if (ntries == 100) 1115 return (ETIMEDOUT); 1116 1117 *val = tmp & 0xff; 1118 return (0); 1119 } 1120 1121 static int 1122 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1123 { 1124 uint32_t tmp; 1125 int error, ntries; 1126 1127 for (ntries = 0; ntries < 10; ntries++) { 1128 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1129 return (error); 1130 if (!(tmp & RT3070_RF_KICK)) 1131 break; 1132 } 1133 if (ntries == 10) 1134 return (ETIMEDOUT); 1135 1136 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1137 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1138 } 1139 1140 static int 1141 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1142 { 1143 uint32_t tmp; 1144 int ntries, error; 1145 1146 for (ntries = 0; ntries < 10; ntries++) { 1147 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1148 return (error); 1149 if (!(tmp & RT2860_BBP_CSR_KICK)) 1150 break; 1151 } 1152 if (ntries == 10) 1153 return (ETIMEDOUT); 1154 1155 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1156 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1157 return (error); 1158 1159 for (ntries = 0; ntries < 10; ntries++) { 1160 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1161 return (error); 1162 if (!(tmp & RT2860_BBP_CSR_KICK)) 1163 break; 1164 } 1165 if (ntries == 10) 1166 return (ETIMEDOUT); 1167 1168 *val = tmp & 0xff; 1169 return (0); 1170 } 1171 1172 static int 1173 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1174 { 1175 uint32_t tmp; 1176 int ntries, error; 1177 1178 for (ntries = 0; ntries < 10; ntries++) { 1179 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1180 return (error); 1181 if (!(tmp & RT2860_BBP_CSR_KICK)) 1182 break; 1183 } 1184 if (ntries == 10) 1185 return (ETIMEDOUT); 1186 1187 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1188 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1189 } 1190 1191 /* 1192 * Send a command to the 8051 microcontroller unit. 1193 */ 1194 static int 1195 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1196 { 1197 uint32_t tmp; 1198 int error, ntries; 1199 1200 for (ntries = 0; ntries < 100; ntries++) { 1201 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1202 return (error); 1203 if (!(tmp & RT2860_H2M_BUSY)) 1204 break; 1205 } 1206 if (ntries == 100) 1207 return (ETIMEDOUT); 1208 1209 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1210 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1211 error = run_write(sc, RT2860_HOST_CMD, cmd); 1212 return (error); 1213 } 1214 1215 /* 1216 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1217 * Used to adjust per-rate Tx power registers. 1218 */ 1219 static __inline uint32_t 1220 b4inc(uint32_t b32, int8_t delta) 1221 { 1222 int8_t i, b4; 1223 1224 for (i = 0; i < 8; i++) { 1225 b4 = b32 & 0xf; 1226 b4 += delta; 1227 if (b4 < 0) 1228 b4 = 0; 1229 else if (b4 > 0xf) 1230 b4 = 0xf; 1231 b32 = b32 >> 4 | b4 << 28; 1232 } 1233 return (b32); 1234 } 1235 1236 static const char * 1237 run_get_rf(int rev) 1238 { 1239 switch (rev) { 1240 case RT2860_RF_2820: return "RT2820"; 1241 case RT2860_RF_2850: return "RT2850"; 1242 case RT2860_RF_2720: return "RT2720"; 1243 case RT2860_RF_2750: return "RT2750"; 1244 case RT3070_RF_3020: return "RT3020"; 1245 case RT3070_RF_2020: return "RT2020"; 1246 case RT3070_RF_3021: return "RT3021"; 1247 case RT3070_RF_3022: return "RT3022"; 1248 case RT3070_RF_3052: return "RT3052"; 1249 } 1250 return "unknown"; 1251 } 1252 1253 static int 1254 run_read_eeprom(struct run_softc *sc) 1255 { 1256 struct ieee80211com *ic = &sc->sc_ic; 1257 int8_t delta_2ghz, delta_5ghz; 1258 uint32_t tmp; 1259 uint16_t val; 1260 int ridx, ant, i; 1261 1262 /* check whether the ROM is eFUSE ROM or EEPROM */ 1263 sc->sc_srom_read = run_eeprom_read_2; 1264 if (sc->mac_ver >= 0x3070) { 1265 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1266 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp)); 1267 if (tmp & RT3070_SEL_EFUSE) 1268 sc->sc_srom_read = run_efuse_read_2; 1269 } 1270 1271 /* read ROM version */ 1272 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1273 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8)); 1274 1275 /* read MAC address */ 1276 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1277 ic->ic_myaddr[0] = val & 0xff; 1278 ic->ic_myaddr[1] = val >> 8; 1279 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1280 ic->ic_myaddr[2] = val & 0xff; 1281 ic->ic_myaddr[3] = val >> 8; 1282 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1283 ic->ic_myaddr[4] = val & 0xff; 1284 ic->ic_myaddr[5] = val >> 8; 1285 1286 /* read vendor BBP settings */ 1287 for (i = 0; i < 10; i++) { 1288 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1289 sc->bbp[i].val = val & 0xff; 1290 sc->bbp[i].reg = val >> 8; 1291 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val)); 1292 } 1293 if (sc->mac_ver >= 0x3071) { 1294 /* read vendor RF settings */ 1295 for (i = 0; i < 10; i++) { 1296 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, &val); 1297 sc->rf[i].val = val & 0xff; 1298 sc->rf[i].reg = val >> 8; 1299 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg, 1300 sc->rf[i].val)); 1301 } 1302 } 1303 1304 /* read RF frequency offset from EEPROM */ 1305 run_srom_read(sc, RT2860_EEPROM_FREQ_LEDS, &val); 1306 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1307 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff)); 1308 1309 if ((val >> 8) != 0xff) { 1310 /* read LEDs operating mode */ 1311 sc->leds = val >> 8; 1312 run_srom_read(sc, RT2860_EEPROM_LED1, &sc->led[0]); 1313 run_srom_read(sc, RT2860_EEPROM_LED2, &sc->led[1]); 1314 run_srom_read(sc, RT2860_EEPROM_LED3, &sc->led[2]); 1315 } else { 1316 /* broken EEPROM, use default settings */ 1317 sc->leds = 0x01; 1318 sc->led[0] = 0x5555; 1319 sc->led[1] = 0x2221; 1320 sc->led[2] = 0x5627; /* differs from RT2860 */ 1321 } 1322 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1323 sc->leds, sc->led[0], sc->led[1], sc->led[2])); 1324 1325 /* read RF information */ 1326 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1327 if (val == 0xffff) { 1328 DPRINTF(("invalid EEPROM antenna info, using default\n")); 1329 if (sc->mac_ver == 0x3572) { 1330 /* default to RF3052 2T2R */ 1331 sc->rf_rev = RT3070_RF_3052; 1332 sc->ntxchains = 2; 1333 sc->nrxchains = 2; 1334 } else if (sc->mac_ver >= 0x3070) { 1335 /* default to RF3020 1T1R */ 1336 sc->rf_rev = RT3070_RF_3020; 1337 sc->ntxchains = 1; 1338 sc->nrxchains = 1; 1339 } else { 1340 /* default to RF2820 1T2R */ 1341 sc->rf_rev = RT2860_RF_2820; 1342 sc->ntxchains = 1; 1343 sc->nrxchains = 2; 1344 } 1345 } else { 1346 sc->rf_rev = (val >> 8) & 0xf; 1347 sc->ntxchains = (val >> 4) & 0xf; 1348 sc->nrxchains = val & 0xf; 1349 } 1350 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1351 sc->rf_rev, sc->ntxchains, sc->nrxchains)); 1352 1353 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1354 DPRINTF(("EEPROM CFG 0x%04x\n", val)); 1355 /* check if driver should patch the DAC issue */ 1356 if ((val >> 8) != 0xff) 1357 sc->patch_dac = (val >> 15) & 1; 1358 if ((val & 0xff) != 0xff) { 1359 sc->ext_5ghz_lna = (val >> 3) & 1; 1360 sc->ext_2ghz_lna = (val >> 2) & 1; 1361 /* check if RF supports automatic Tx access gain control */ 1362 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1363 /* check if we have a hardware radio switch */ 1364 sc->rfswitch = val & 1; 1365 } 1366 1367 /* read power settings for 2GHz channels */ 1368 for (i = 0; i < 14; i += 2) { 1369 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1370 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1371 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1372 1373 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1374 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1375 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1376 } 1377 /* fix broken Tx power entries */ 1378 for (i = 0; i < 14; i++) { 1379 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1380 sc->txpow1[i] = 5; 1381 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1382 sc->txpow2[i] = 5; 1383 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1384 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i])); 1385 } 1386 /* read power settings for 5GHz channels */ 1387 for (i = 0; i < 40; i += 2) { 1388 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1389 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1390 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1391 1392 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1393 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1394 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1395 } 1396 /* fix broken Tx power entries */ 1397 for (i = 0; i < 40; i++) { 1398 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1399 sc->txpow1[14 + i] = 5; 1400 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1401 sc->txpow2[14 + i] = 5; 1402 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1403 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1404 sc->txpow2[14 + i])); 1405 } 1406 1407 /* read Tx power compensation for each Tx rate */ 1408 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1409 delta_2ghz = delta_5ghz = 0; 1410 if ((val & 0xff) != 0xff && (val & 0x80)) { 1411 delta_2ghz = val & 0xf; 1412 if (!(val & 0x40)) /* negative number */ 1413 delta_2ghz = -delta_2ghz; 1414 } 1415 val >>= 8; 1416 if ((val & 0xff) != 0xff && (val & 0x80)) { 1417 delta_5ghz = val & 0xf; 1418 if (!(val & 0x40)) /* negative number */ 1419 delta_5ghz = -delta_5ghz; 1420 } 1421 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n", 1422 delta_2ghz, delta_5ghz)); 1423 1424 for (ridx = 0; ridx < 5; ridx++) { 1425 uint32_t reg; 1426 1427 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1428 reg = val; 1429 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1430 reg |= (uint32_t)val << 16; 1431 1432 sc->txpow20mhz[ridx] = reg; 1433 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1434 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1435 1436 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1437 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1438 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx])); 1439 } 1440 1441 /* read RSSI offsets and LNA gains from EEPROM */ 1442 run_srom_read(sc, RT2860_EEPROM_RSSI1_2GHZ, &val); 1443 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1444 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1445 run_srom_read(sc, RT2860_EEPROM_RSSI2_2GHZ, &val); 1446 if (sc->mac_ver >= 0x3070) { 1447 /* 1448 * On RT3070 chips (limited to 2 Rx chains), this ROM 1449 * field contains the Tx mixer gain for the 2GHz band. 1450 */ 1451 if ((val & 0xff) != 0xff) 1452 sc->txmixgain_2ghz = val & 0x7; 1453 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz)); 1454 } else { 1455 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1456 } 1457 sc->lna[2] = val >> 8; /* channel group 2 */ 1458 1459 run_srom_read(sc, RT2860_EEPROM_RSSI1_5GHZ, &val); 1460 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1461 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1462 run_srom_read(sc, RT2860_EEPROM_RSSI2_5GHZ, &val); 1463 if (sc->mac_ver == 0x3572) { 1464 /* 1465 * On RT3572 chips (limited to 2 Rx chains), this ROM 1466 * field contains the Tx mixer gain for the 5GHz band. 1467 */ 1468 if ((val & 0xff) != 0xff) 1469 sc->txmixgain_5ghz = val & 0x7; 1470 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz)); 1471 } else { 1472 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1473 } 1474 sc->lna[3] = val >> 8; /* channel group 3 */ 1475 1476 run_srom_read(sc, RT2860_EEPROM_LNA, &val); 1477 sc->lna[0] = val & 0xff; /* channel group 0 */ 1478 sc->lna[1] = val >> 8; /* channel group 1 */ 1479 1480 /* fix broken 5GHz LNA entries */ 1481 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1482 DPRINTF(("invalid LNA for channel group %d\n", 2)); 1483 sc->lna[2] = sc->lna[1]; 1484 } 1485 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1486 DPRINTF(("invalid LNA for channel group %d\n", 3)); 1487 sc->lna[3] = sc->lna[1]; 1488 } 1489 1490 /* fix broken RSSI offset entries */ 1491 for (ant = 0; ant < 3; ant++) { 1492 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1493 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n", 1494 ant + 1, sc->rssi_2ghz[ant])); 1495 sc->rssi_2ghz[ant] = 0; 1496 } 1497 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1498 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n", 1499 ant + 1, sc->rssi_5ghz[ant])); 1500 sc->rssi_5ghz[ant] = 0; 1501 } 1502 } 1503 return (0); 1504 } 1505 1506 static struct ieee80211_node * 1507 run_node_alloc(struct ieee80211_node_table *nt) 1508 { 1509 struct run_node *rn = 1510 malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1511 return (rn) ? &rn->ni : NULL; 1512 } 1513 1514 static int 1515 run_media_change(struct ifnet *ifp) 1516 { 1517 struct run_softc *sc = ifp->if_softc; 1518 struct ieee80211com *ic = &sc->sc_ic; 1519 uint8_t rate, ridx; 1520 int error; 1521 1522 error = ieee80211_media_change(ifp); 1523 if (error != ENETRESET) 1524 return (error); 1525 1526 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1527 rate = ic->ic_sup_rates[ic->ic_curmode]. 1528 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1529 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++) 1530 if (rt2860_rates[ridx].rate == rate) 1531 break; 1532 sc->fixed_ridx = ridx; 1533 } 1534 1535 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1536 run_init(ifp); 1537 1538 return (0); 1539 } 1540 1541 static void 1542 run_next_scan(void *arg) 1543 { 1544 struct run_softc *sc = arg; 1545 1546 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1547 ieee80211_next_scan(&sc->sc_ic); 1548 } 1549 1550 static void 1551 run_task(void *arg) 1552 { 1553 struct run_softc *sc = arg; 1554 struct run_host_cmd_ring *ring = &sc->cmdq; 1555 struct run_host_cmd *cmd; 1556 int s; 1557 1558 /* process host commands */ 1559 s = splusb(); 1560 while (ring->next != ring->cur) { 1561 cmd = &ring->cmd[ring->next]; 1562 splx(s); 1563 /* callback */ 1564 cmd->cb(sc, cmd->data); 1565 s = splusb(); 1566 ring->queued--; 1567 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT; 1568 } 1569 wakeup(ring); 1570 splx(s); 1571 } 1572 1573 static void 1574 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *), 1575 void *arg, int len) 1576 { 1577 struct run_host_cmd_ring *ring = &sc->cmdq; 1578 struct run_host_cmd *cmd; 1579 int s; 1580 1581 if (sc->sc_flags & RUN_DETACHING) 1582 return; 1583 1584 s = splusb(); 1585 cmd = &ring->cmd[ring->cur]; 1586 cmd->cb = cb; 1587 KASSERT(len <= sizeof (cmd->data)); 1588 memcpy(cmd->data, arg, len); 1589 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT; 1590 1591 /* if there is no pending command already, schedule a task */ 1592 if (++ring->queued == 1) 1593 usb_add_task(sc->sc_udev, &sc->sc_task, USB_TASKQ_DRIVER); 1594 splx(s); 1595 } 1596 1597 static int 1598 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1599 { 1600 struct run_softc *sc = ic->ic_ifp->if_softc; 1601 struct run_cmd_newstate cmd; 1602 1603 callout_stop(&sc->scan_to); 1604 callout_stop(&sc->calib_to); 1605 1606 /* do it in a process context */ 1607 cmd.state = nstate; 1608 cmd.arg = arg; 1609 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd); 1610 return (0); 1611 } 1612 1613 static void 1614 run_newstate_cb(struct run_softc *sc, void *arg) 1615 { 1616 struct run_cmd_newstate *cmd = arg; 1617 struct ifnet *ifp = &sc->sc_if; 1618 struct ieee80211com *ic = &sc->sc_ic; 1619 enum ieee80211_state ostate; 1620 struct ieee80211_node *ni; 1621 uint32_t tmp, sta[3]; 1622 uint8_t wcid; 1623 int s; 1624 1625 s = splnet(); 1626 ostate = ic->ic_state; 1627 1628 if (ostate == IEEE80211_S_RUN) { 1629 /* turn link LED off */ 1630 run_set_leds(sc, RT2860_LED_RADIO); 1631 } 1632 1633 switch (cmd->state) { 1634 case IEEE80211_S_INIT: 1635 if (ostate == IEEE80211_S_RUN) { 1636 /* abort TSF synchronization */ 1637 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1638 run_write(sc, RT2860_BCN_TIME_CFG, 1639 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1640 RT2860_TBTT_TIMER_EN)); 1641 } 1642 break; 1643 1644 case IEEE80211_S_SCAN: 1645 run_set_chan(sc, ic->ic_curchan); 1646 callout_schedule(&sc->scan_to, hz / 5); 1647 break; 1648 1649 case IEEE80211_S_AUTH: 1650 case IEEE80211_S_ASSOC: 1651 run_set_chan(sc, ic->ic_curchan); 1652 break; 1653 1654 case IEEE80211_S_RUN: 1655 run_set_chan(sc, ic->ic_curchan); 1656 1657 ni = ic->ic_bss; 1658 1659 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1660 run_updateslot(ifp); 1661 run_enable_mrr(sc); 1662 run_set_txpreamble(sc); 1663 run_set_basicrates(sc); 1664 run_set_bssid(sc, ni->ni_bssid); 1665 } 1666 #ifndef IEEE80211_STA_ONLY 1667 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 1668 ic->ic_opmode == IEEE80211_M_IBSS) 1669 (void)run_setup_beacon(sc); 1670 #endif 1671 if (ic->ic_opmode == IEEE80211_M_STA) { 1672 /* add BSS entry to the WCID table */ 1673 wcid = RUN_AID2WCID(ni->ni_associd); 1674 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1675 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1676 1677 /* fake a join to init the tx rate */ 1678 run_newassoc(ni, 1); 1679 } 1680 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1681 run_enable_tsf_sync(sc); 1682 1683 /* clear statistic registers used by AMRR */ 1684 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1685 (uint8_t *)sta, sizeof sta); 1686 /* start calibration timer */ 1687 callout_schedule(&sc->calib_to, hz); 1688 } 1689 1690 /* turn link LED on */ 1691 run_set_leds(sc, RT2860_LED_RADIO | 1692 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 1693 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1694 break; 1695 } 1696 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 1697 splx(s); 1698 } 1699 1700 static int 1701 run_updateedca(struct ieee80211com *ic) 1702 { 1703 1704 /* do it in a process context */ 1705 run_do_async(ic->ic_ifp->if_softc, run_updateedca_cb, NULL, 0); 1706 return (0); 1707 } 1708 1709 /* ARGSUSED */ 1710 static void 1711 run_updateedca_cb(struct run_softc *sc, void *arg) 1712 { 1713 struct ieee80211com *ic = &sc->sc_ic; 1714 int s, aci; 1715 1716 s = splnet(); 1717 /* update MAC TX configuration registers */ 1718 for (aci = 0; aci < WME_NUM_AC; aci++) { 1719 run_write(sc, RT2860_EDCA_AC_CFG(aci), 1720 ic->ic_wme.wme_params[aci].wmep_logcwmax << 16 | 1721 ic->ic_wme.wme_params[aci].wmep_logcwmin << 12 | 1722 ic->ic_wme.wme_params[aci].wmep_aifsn << 8 | 1723 ic->ic_wme.wme_params[aci].wmep_txopLimit); 1724 } 1725 1726 /* update SCH/DMA registers too */ 1727 run_write(sc, RT2860_WMM_AIFSN_CFG, 1728 ic->ic_wme.wme_params[WME_AC_VO].wmep_aifsn << 12 | 1729 ic->ic_wme.wme_params[WME_AC_VI].wmep_aifsn << 8 | 1730 ic->ic_wme.wme_params[WME_AC_BK].wmep_aifsn << 4 | 1731 ic->ic_wme.wme_params[WME_AC_BE].wmep_aifsn); 1732 run_write(sc, RT2860_WMM_CWMIN_CFG, 1733 ic->ic_wme.wme_params[WME_AC_VO].wmep_logcwmin << 12 | 1734 ic->ic_wme.wme_params[WME_AC_VI].wmep_logcwmin << 8 | 1735 ic->ic_wme.wme_params[WME_AC_BK].wmep_logcwmin << 4 | 1736 ic->ic_wme.wme_params[WME_AC_BE].wmep_logcwmin); 1737 run_write(sc, RT2860_WMM_CWMAX_CFG, 1738 ic->ic_wme.wme_params[WME_AC_VO].wmep_logcwmax << 12 | 1739 ic->ic_wme.wme_params[WME_AC_VI].wmep_logcwmax << 8 | 1740 ic->ic_wme.wme_params[WME_AC_BK].wmep_logcwmax << 4 | 1741 ic->ic_wme.wme_params[WME_AC_BE].wmep_logcwmax); 1742 run_write(sc, RT2860_WMM_TXOP0_CFG, 1743 ic->ic_wme.wme_params[WME_AC_BK].wmep_txopLimit << 16 | 1744 ic->ic_wme.wme_params[WME_AC_BE].wmep_txopLimit); 1745 run_write(sc, RT2860_WMM_TXOP1_CFG, 1746 ic->ic_wme.wme_params[WME_AC_VO].wmep_txopLimit << 16 | 1747 ic->ic_wme.wme_params[WME_AC_VI].wmep_txopLimit); 1748 splx(s); 1749 } 1750 1751 #ifdef RUN_HWCRYPTO 1752 static int 1753 run_set_key(struct ieee80211com *ic, const struct ieee80211_key *k, 1754 const uint8_t *mac) 1755 { 1756 struct run_softc *sc = ic->ic_ifp->if_softc; 1757 struct ieee80211_node *ni = ic->ic_bss; 1758 struct run_cmd_key cmd; 1759 1760 /* do it in a process context */ 1761 cmd.key = *k; 1762 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1763 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd); 1764 return 1; 1765 } 1766 1767 static void 1768 run_set_key_cb(struct run_softc *sc, void *arg) 1769 { 1770 #ifndef IEEE80211_STA_ONLY 1771 struct ieee80211com *ic = &sc->sc_ic; 1772 #endif 1773 struct run_cmd_key *cmd = arg; 1774 struct ieee80211_key *k = &cmd->key; 1775 uint32_t attr; 1776 uint16_t base; 1777 uint8_t mode, wcid, iv[8]; 1778 1779 /* map net80211 cipher to RT2860 security mode */ 1780 switch (k->wk_cipher->ic_cipher) { 1781 case IEEE80211_CIPHER_WEP: 1782 k->wk_flags |= IEEE80211_KEY_GROUP; /* XXX */ 1783 if (k->wk_keylen == 5) 1784 mode = RT2860_MODE_WEP40; 1785 else 1786 mode = RT2860_MODE_WEP104; 1787 break; 1788 case IEEE80211_CIPHER_TKIP: 1789 mode = RT2860_MODE_TKIP; 1790 break; 1791 case IEEE80211_CIPHER_AES_CCM: 1792 mode = RT2860_MODE_AES_CCMP; 1793 break; 1794 default: 1795 return; 1796 } 1797 1798 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1799 wcid = 0; /* NB: update WCID0 for group keys */ 1800 base = RT2860_SKEY(0, k->wk_keyix); 1801 } else { 1802 wcid = RUN_AID2WCID(cmd->associd); 1803 base = RT2860_PKEY(wcid); 1804 } 1805 1806 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 1807 run_write_region_1(sc, base, k->wk_key, 16); 1808 #ifndef IEEE80211_STA_ONLY 1809 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 1810 run_write_region_1(sc, base + 16, &k->wk_key[16], 8); 1811 run_write_region_1(sc, base + 24, &k->wk_key[24], 8); 1812 } else 1813 #endif 1814 { 1815 run_write_region_1(sc, base + 16, &k->wk_key[24], 8); 1816 run_write_region_1(sc, base + 24, &k->wk_key[16], 8); 1817 } 1818 } else { 1819 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1820 run_write_region_1(sc, base, k->wk_key, 1821 (k->wk_keylen + 1) & ~1); 1822 } 1823 1824 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 1825 (k->wk_flags & IEEE80211_KEY_XMIT)) { 1826 /* set initial packet number in IV+EIV */ 1827 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_WEP) { 1828 memset(iv, 0, sizeof iv); 1829 iv[3] = sc->sc_ic.ic_crypto.cs_def_txkey << 6; 1830 } else { 1831 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 1832 iv[0] = k->wk_keytsc >> 8; 1833 iv[1] = (iv[0] | 0x20) & 0x7f; 1834 iv[2] = k->wk_keytsc; 1835 } else /* CCMP */ { 1836 iv[0] = k->wk_keytsc; 1837 iv[1] = k->wk_keytsc >> 8; 1838 iv[2] = 0; 1839 } 1840 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 1841 iv[4] = k->wk_keytsc >> 16; 1842 iv[5] = k->wk_keytsc >> 24; 1843 iv[6] = k->wk_keytsc >> 32; 1844 iv[7] = k->wk_keytsc >> 40; 1845 } 1846 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8); 1847 } 1848 1849 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1850 /* install group key */ 1851 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 1852 attr &= ~(0xf << (k->wk_keyix * 4)); 1853 attr |= mode << (k->wk_keyix * 4); 1854 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 1855 } else { 1856 /* install pairwise key */ 1857 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 1858 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 1859 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 1860 } 1861 } 1862 1863 static int 1864 run_delete_key(struct ieee80211com *ic, const struct ieee80211_key *k) 1865 { 1866 struct run_softc *sc = ic->ic_ifp->if_softc; 1867 struct ieee80211_node *ni = ic->ic_bss; 1868 struct run_cmd_key cmd; 1869 1870 /* do it in a process context */ 1871 cmd.key = *k; 1872 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1873 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd); 1874 return 1; 1875 } 1876 1877 static void 1878 run_delete_key_cb(struct run_softc *sc, void *arg) 1879 { 1880 struct run_cmd_key *cmd = arg; 1881 struct ieee80211_key *k = &cmd->key; 1882 uint32_t attr; 1883 uint8_t wcid; 1884 1885 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_WEP) 1886 k->wk_flags |= IEEE80211_KEY_GROUP; /* XXX */ 1887 1888 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1889 /* remove group key */ 1890 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 1891 attr &= ~(0xf << (k->wk_keyix * 4)); 1892 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 1893 1894 } else { 1895 /* remove pairwise key */ 1896 wcid = RUN_AID2WCID(cmd->associd); 1897 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 1898 attr &= ~0xf; 1899 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 1900 } 1901 } 1902 #endif 1903 1904 static void 1905 run_calibrate_to(void *arg) 1906 { 1907 1908 /* do it in a process context */ 1909 run_do_async(arg, run_calibrate_cb, NULL, 0); 1910 /* next timeout will be rescheduled in the calibration task */ 1911 } 1912 1913 /* ARGSUSED */ 1914 static void 1915 run_calibrate_cb(struct run_softc *sc, void *arg) 1916 { 1917 struct ifnet *ifp = &sc->sc_if; 1918 uint32_t sta[3]; 1919 int s, error; 1920 1921 /* read statistic counters (clear on read) and update AMRR state */ 1922 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 1923 sizeof sta); 1924 if (error != 0) 1925 goto skip; 1926 1927 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n", 1928 le32toh(sta[1]) >> 16, le32toh(sta[1]) & 0xffff, 1929 le32toh(sta[0]) & 0xffff)); 1930 1931 s = splnet(); 1932 /* count failed TX as errors */ 1933 ifp->if_oerrors += le32toh(sta[0]) & 0xffff; 1934 1935 sc->amn.amn_retrycnt = 1936 (le32toh(sta[0]) & 0xffff) + /* failed TX count */ 1937 (le32toh(sta[1]) >> 16); /* TX retransmission count */ 1938 1939 sc->amn.amn_txcnt = 1940 sc->amn.amn_retrycnt + 1941 (le32toh(sta[1]) & 0xffff); /* successful TX count */ 1942 1943 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn); 1944 splx(s); 1945 1946 skip: callout_schedule(&sc->calib_to, hz); 1947 } 1948 1949 static void 1950 run_newassoc(struct ieee80211_node *ni, int isnew) 1951 { 1952 struct run_softc *sc = ni->ni_ic->ic_ifp->if_softc; 1953 struct run_node *rn = (void *)ni; 1954 struct ieee80211_rateset *rs = &ni->ni_rates; 1955 uint8_t rate; 1956 int ridx, i, j; 1957 1958 DPRINTF(("new assoc isnew=%d addr=%s\n", 1959 isnew, ether_sprintf(ni->ni_macaddr))); 1960 1961 ieee80211_amrr_node_init(&sc->amrr, &sc->amn); 1962 /* start at lowest available bit-rate, AMRR will raise */ 1963 ni->ni_txrate = 0; 1964 1965 for (i = 0; i < rs->rs_nrates; i++) { 1966 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 1967 /* convert 802.11 rate to hardware rate index */ 1968 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 1969 if (rt2860_rates[ridx].rate == rate) 1970 break; 1971 rn->ridx[i] = ridx; 1972 /* determine rate of control response frames */ 1973 for (j = i; j >= 0; j--) { 1974 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 1975 rt2860_rates[rn->ridx[i]].phy == 1976 rt2860_rates[rn->ridx[j]].phy) 1977 break; 1978 } 1979 if (j >= 0) { 1980 rn->ctl_ridx[i] = rn->ridx[j]; 1981 } else { 1982 /* no basic rate found, use mandatory one */ 1983 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 1984 } 1985 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n", 1986 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i])); 1987 } 1988 } 1989 1990 /* 1991 * Return the Rx chain with the highest RSSI for a given frame. 1992 */ 1993 static __inline uint8_t 1994 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 1995 { 1996 uint8_t rxchain = 0; 1997 1998 if (sc->nrxchains > 1) { 1999 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2000 rxchain = 1; 2001 if (sc->nrxchains > 2) 2002 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2003 rxchain = 2; 2004 } 2005 return (rxchain); 2006 } 2007 2008 static void 2009 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen) 2010 { 2011 struct ieee80211com *ic = &sc->sc_ic; 2012 struct ifnet *ifp = &sc->sc_if; 2013 struct ieee80211_frame *wh; 2014 struct ieee80211_node *ni; 2015 struct rt2870_rxd *rxd; 2016 struct rt2860_rxwi *rxwi; 2017 struct mbuf *m; 2018 uint32_t flags; 2019 uint16_t len, phy; 2020 uint8_t ant, rssi; 2021 int s; 2022 #ifdef RUN_HWCRYPTO 2023 int decrypted = 0; 2024 #endif 2025 2026 rxwi = (struct rt2860_rxwi *)buf; 2027 len = le16toh(rxwi->len) & 0xfff; 2028 if (__predict_false(len > dmalen)) { 2029 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen)); 2030 return; 2031 } 2032 /* Rx descriptor is located at the end */ 2033 rxd = (struct rt2870_rxd *)(buf + dmalen); 2034 flags = le32toh(rxd->flags); 2035 2036 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2037 ifp->if_ierrors++; 2038 return; 2039 } 2040 2041 wh = (struct ieee80211_frame *)(rxwi + 1); 2042 #ifdef RUN_HWCRYPTO 2043 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2044 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 2045 decrypted = 1; 2046 } 2047 #endif 2048 2049 if (__predict_false((flags & RT2860_RX_MICERR))) { 2050 /* report MIC failures to net80211 for TKIP */ 2051 ieee80211_notify_michael_failure(ic, wh, 0/* XXX */); 2052 ifp->if_ierrors++; 2053 return; 2054 } 2055 2056 if (flags & RT2860_RX_L2PAD) { 2057 u_int hdrlen = ieee80211_hdrspace(ic, wh); 2058 ovbcopy(wh, (uint8_t *)wh + 2, hdrlen); 2059 wh = (struct ieee80211_frame *)((uint8_t *)wh + 2); 2060 } 2061 2062 /* could use m_devget but net80211 wants contig mgmt frames */ 2063 MGETHDR(m, M_DONTWAIT, MT_DATA); 2064 if (__predict_false(m == NULL)) { 2065 ifp->if_ierrors++; 2066 return; 2067 } 2068 if (len > MHLEN) { 2069 MCLGET(m, M_DONTWAIT); 2070 if (__predict_false(!(m->m_flags & M_EXT))) { 2071 ifp->if_ierrors++; 2072 m_freem(m); 2073 return; 2074 } 2075 } 2076 /* finalize mbuf */ 2077 m->m_pkthdr.rcvif = ifp; 2078 memcpy(mtod(m, void *), wh, len); 2079 m->m_pkthdr.len = m->m_len = len; 2080 2081 ant = run_maxrssi_chain(sc, rxwi); 2082 rssi = rxwi->rssi[ant]; 2083 2084 if (__predict_false(sc->sc_drvbpf != NULL)) { 2085 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2086 2087 tap->wr_flags = 0; 2088 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2089 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2090 tap->wr_antsignal = rssi; 2091 tap->wr_antenna = ant; 2092 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2093 tap->wr_rate = 2; /* in case it can't be found below */ 2094 phy = le16toh(rxwi->phy); 2095 switch (phy & RT2860_PHY_MODE) { 2096 case RT2860_PHY_CCK: 2097 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2098 case 0: tap->wr_rate = 2; break; 2099 case 1: tap->wr_rate = 4; break; 2100 case 2: tap->wr_rate = 11; break; 2101 case 3: tap->wr_rate = 22; break; 2102 } 2103 if (phy & RT2860_PHY_SHPRE) 2104 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2105 break; 2106 case RT2860_PHY_OFDM: 2107 switch (phy & RT2860_PHY_MCS) { 2108 case 0: tap->wr_rate = 12; break; 2109 case 1: tap->wr_rate = 18; break; 2110 case 2: tap->wr_rate = 24; break; 2111 case 3: tap->wr_rate = 36; break; 2112 case 4: tap->wr_rate = 48; break; 2113 case 5: tap->wr_rate = 72; break; 2114 case 6: tap->wr_rate = 96; break; 2115 case 7: tap->wr_rate = 108; break; 2116 } 2117 break; 2118 } 2119 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 2120 } 2121 2122 s = splnet(); 2123 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 2124 #ifdef RUN_HWCRYPTO 2125 if (decrypted) { 2126 uint32_t icflags = ic->ic_flags; 2127 2128 ic->ic_flags &= ~IEEE80211_F_DROPUNENC; /* XXX */ 2129 ieee80211_input(ic, m, ni, rssi, 0); 2130 ic->ic_flags = icflags; 2131 } else 2132 #endif 2133 ieee80211_input(ic, m, ni, rssi, 0); 2134 2135 /* node is no longer needed */ 2136 ieee80211_free_node(ni); 2137 2138 /* 2139 * In HostAP mode, ieee80211_input() will enqueue packets in if_snd 2140 * without calling if_start(). 2141 */ 2142 if (!IFQ_IS_EMPTY(&ifp->if_snd) && !(ifp->if_flags & IFF_OACTIVE)) 2143 run_start(ifp); 2144 2145 splx(s); 2146 } 2147 2148 static void 2149 run_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2150 { 2151 struct run_rx_data *data = priv; 2152 struct run_softc *sc = data->sc; 2153 uint8_t *buf; 2154 uint32_t dmalen; 2155 int xferlen; 2156 2157 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2158 DPRINTF(("RX status=%d\n", status)); 2159 if (status == USBD_STALLED) 2160 usbd_clear_endpoint_stall_async(sc->rxq.pipeh); 2161 if (status != USBD_CANCELLED) 2162 goto skip; 2163 return; 2164 } 2165 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL); 2166 2167 if (__predict_false(xferlen < (int)(sizeof(uint32_t) + 2168 sizeof(struct rt2860_rxwi) + sizeof(struct rt2870_rxd)))) { 2169 DPRINTF(("xfer too short %d\n", xferlen)); 2170 goto skip; 2171 } 2172 2173 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2174 buf = data->buf; 2175 while (xferlen > 8) { 2176 dmalen = le32toh(*(uint32_t *)buf) & 0xffff; 2177 2178 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) { 2179 DPRINTF(("bad DMA length %u (%x)\n", dmalen, dmalen)); 2180 break; 2181 } 2182 if (__predict_false(dmalen + 8 > (uint32_t)xferlen)) { 2183 DPRINTF(("bad DMA length %u > %d\n", 2184 dmalen + 8, xferlen)); 2185 break; 2186 } 2187 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen); 2188 buf += dmalen + 8; 2189 xferlen -= dmalen + 8; 2190 } 2191 2192 skip: /* setup a new transfer */ 2193 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ, 2194 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof); 2195 (void)usbd_transfer(data->xfer); 2196 } 2197 2198 static void 2199 run_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2200 { 2201 struct run_tx_data *data = priv; 2202 struct run_softc *sc = data->sc; 2203 struct run_tx_ring *txq = &sc->txq[data->qid]; 2204 struct ifnet *ifp = &sc->sc_if; 2205 int s; 2206 2207 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2208 DPRINTF(("TX status=%d\n", status)); 2209 if (status == USBD_STALLED) 2210 usbd_clear_endpoint_stall_async(txq->pipeh); 2211 ifp->if_oerrors++; 2212 return; 2213 } 2214 2215 s = splnet(); 2216 sc->sc_tx_timer = 0; 2217 ifp->if_opackets++; 2218 if (--txq->queued < RUN_TX_RING_COUNT) { 2219 sc->qfullmsk &= ~(1 << data->qid); 2220 ifp->if_flags &= ~IFF_OACTIVE; 2221 run_start(ifp); 2222 } 2223 splx(s); 2224 } 2225 2226 static int 2227 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2228 { 2229 struct ieee80211com *ic = &sc->sc_ic; 2230 struct run_node *rn = (void *)ni; 2231 struct ieee80211_frame *wh; 2232 #ifndef RUN_HWCRYPTO 2233 struct ieee80211_key *k; 2234 #endif 2235 struct run_tx_ring *ring; 2236 struct run_tx_data *data; 2237 struct rt2870_txd *txd; 2238 struct rt2860_txwi *txwi; 2239 uint16_t dur; 2240 uint8_t type, mcs, tid, qid, qos = 0; 2241 int error, hasqos, ridx, ctl_ridx, xferlen; 2242 2243 wh = mtod(m, struct ieee80211_frame *); 2244 2245 #ifndef RUN_HWCRYPTO 2246 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2247 k = ieee80211_crypto_encap(ic, ni, m); 2248 if (k == NULL) { 2249 m_freem(m); 2250 return (ENOBUFS); 2251 } 2252 2253 /* packet header may have moved, reset our local pointer */ 2254 wh = mtod(m, struct ieee80211_frame *); 2255 } 2256 #endif 2257 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2258 2259 if ((hasqos = ieee80211_has_qos(wh))) { 2260 qos = ((struct ieee80211_qosframe *)wh)->i_qos[0]; 2261 tid = qos & IEEE80211_QOS_TID; 2262 qid = TID_TO_WME_AC(tid); 2263 } else { 2264 tid = 0; 2265 qid = WME_AC_BE; 2266 } 2267 ring = &sc->txq[qid]; 2268 data = &ring->data[ring->cur]; 2269 2270 /* pickup a rate index */ 2271 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2272 type != IEEE80211_FC0_TYPE_DATA) { 2273 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2274 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2275 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2276 } else if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 2277 ridx = sc->fixed_ridx; 2278 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2279 } else { 2280 ridx = rn->ridx[ni->ni_txrate]; 2281 ctl_ridx = rn->ctl_ridx[ni->ni_txrate]; 2282 } 2283 2284 /* get MCS code from rate index */ 2285 mcs = rt2860_rates[ridx].mcs; 2286 2287 xferlen = sizeof (*txwi) + m->m_pkthdr.len; 2288 /* roundup to 32-bit alignment */ 2289 xferlen = (xferlen + 3) & ~3; 2290 2291 txd = (struct rt2870_txd *)data->buf; 2292 txd->flags = RT2860_TX_QSEL_EDCA; 2293 txd->len = htole16(xferlen); 2294 2295 /* setup TX Wireless Information */ 2296 txwi = (struct rt2860_txwi *)(txd + 1); 2297 txwi->flags = 0; 2298 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ; 2299 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2300 RUN_AID2WCID(ni->ni_associd) : 0xff; 2301 txwi->len = htole16(m->m_pkthdr.len); 2302 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2303 txwi->phy = htole16(RT2860_PHY_CCK); 2304 if (ridx != RT2860_RIDX_CCK1 && 2305 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2306 mcs |= RT2860_PHY_SHPRE; 2307 } else 2308 txwi->phy = htole16(RT2860_PHY_OFDM); 2309 txwi->phy |= htole16(mcs); 2310 2311 txwi->txop = RT2860_TX_TXOP_BACKOFF; 2312 2313 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2314 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 2315 IEEE80211_QOS_ACKPOLICY_NOACK)) { 2316 txwi->xflags |= RT2860_TX_ACK; 2317 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2318 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 2319 else 2320 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 2321 *(uint16_t *)wh->i_dur = htole16(dur); 2322 } 2323 2324 #ifndef IEEE80211_STA_ONLY 2325 /* ask MAC to insert timestamp into probe responses */ 2326 if ((wh->i_fc[0] & 2327 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 2328 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 2329 /* NOTE: beacons do not pass through tx_data() */ 2330 txwi->flags |= RT2860_TX_TS; 2331 #endif 2332 2333 if (__predict_false(sc->sc_drvbpf != NULL)) { 2334 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2335 2336 tap->wt_flags = 0; 2337 tap->wt_rate = rt2860_rates[ridx].rate; 2338 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 2339 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 2340 tap->wt_hwqueue = qid; 2341 if (mcs & RT2860_PHY_SHPRE) 2342 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2343 2344 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 2345 } 2346 2347 m_copydata(m, 0, m->m_pkthdr.len, (void *)(txwi + 1)); 2348 m_freem(m); 2349 2350 xferlen += sizeof (*txd) + 4; 2351 2352 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen, 2353 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof); 2354 error = usbd_transfer(data->xfer); 2355 if (__predict_false(error != USBD_IN_PROGRESS && 2356 error != USBD_NORMAL_COMPLETION)) 2357 return (error); 2358 2359 ieee80211_free_node(ni); 2360 2361 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT; 2362 if (++ring->queued >= RUN_TX_RING_COUNT) 2363 sc->qfullmsk |= 1 << qid; 2364 2365 return (0); 2366 } 2367 2368 static void 2369 run_start(struct ifnet *ifp) 2370 { 2371 struct run_softc *sc = ifp->if_softc; 2372 struct ieee80211com *ic = &sc->sc_ic; 2373 struct ether_header *eh; 2374 struct ieee80211_node *ni; 2375 struct mbuf *m; 2376 2377 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2378 return; 2379 2380 for (;;) { 2381 if (sc->qfullmsk != 0) { 2382 ifp->if_flags |= IFF_OACTIVE; 2383 break; 2384 } 2385 /* send pending management frames first */ 2386 IF_DEQUEUE(&ic->ic_mgtq, m); 2387 if (m != NULL) { 2388 ni = (void *)m->m_pkthdr.rcvif; 2389 m->m_pkthdr.rcvif = NULL; 2390 goto sendit; 2391 } 2392 if (ic->ic_state != IEEE80211_S_RUN) 2393 break; 2394 2395 /* encapsulate and send data frames */ 2396 IFQ_DEQUEUE(&ifp->if_snd, m); 2397 if (m == NULL) 2398 break; 2399 if (m->m_len < (int)sizeof(*eh) && 2400 (m = m_pullup(m, sizeof(*eh))) == NULL) { 2401 ifp->if_oerrors++; 2402 continue; 2403 } 2404 2405 eh = mtod(m, struct ether_header *); 2406 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2407 if (ni == NULL) { 2408 m_freem(m); 2409 ifp->if_oerrors++; 2410 continue; 2411 } 2412 2413 bpf_mtap(ifp, m); 2414 2415 if ((m = ieee80211_encap(ic, m, ni)) == NULL) { 2416 ieee80211_free_node(ni); 2417 ifp->if_oerrors++; 2418 continue; 2419 } 2420 sendit: 2421 bpf_mtap3(ic->ic_rawbpf, m); 2422 2423 if (run_tx(sc, m, ni) != 0) { 2424 ieee80211_free_node(ni); 2425 ifp->if_oerrors++; 2426 continue; 2427 } 2428 2429 sc->sc_tx_timer = 5; 2430 ifp->if_timer = 1; 2431 } 2432 } 2433 2434 static void 2435 run_watchdog(struct ifnet *ifp) 2436 { 2437 struct run_softc *sc = ifp->if_softc; 2438 struct ieee80211com *ic = &sc->sc_ic; 2439 2440 ifp->if_timer = 0; 2441 2442 if (sc->sc_tx_timer > 0) { 2443 if (--sc->sc_tx_timer == 0) { 2444 aprint_error_dev(sc->sc_dev, "device timeout\n"); 2445 /* run_init(ifp); XXX needs a process context! */ 2446 ifp->if_oerrors++; 2447 return; 2448 } 2449 ifp->if_timer = 1; 2450 } 2451 2452 ieee80211_watchdog(ic); 2453 } 2454 2455 static int 2456 run_ioctl(struct ifnet *ifp, u_long cmd, void *data) 2457 { 2458 struct run_softc *sc = ifp->if_softc; 2459 struct ieee80211com *ic = &sc->sc_ic; 2460 int s, error = 0; 2461 2462 s = splnet(); 2463 2464 switch (cmd) { 2465 case SIOCSIFFLAGS: 2466 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 2467 break; 2468 switch (ifp->if_flags & (IFF_UP|IFF_RUNNING)) { 2469 case IFF_UP|IFF_RUNNING: 2470 break; 2471 case IFF_UP: 2472 run_init(ifp); 2473 break; 2474 case IFF_RUNNING: 2475 run_stop(ifp, 1); 2476 break; 2477 case 0: 2478 break; 2479 } 2480 break; 2481 2482 case SIOCADDMULTI: 2483 case SIOCDELMULTI: 2484 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 2485 /* setup multicast filter, etc */ 2486 error = 0; 2487 } 2488 break; 2489 2490 default: 2491 error = ieee80211_ioctl(ic, cmd, data); 2492 break; 2493 } 2494 2495 if (error == ENETRESET) { 2496 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2497 (IFF_UP | IFF_RUNNING)) { 2498 run_init(ifp); 2499 } 2500 error = 0; 2501 } 2502 2503 splx(s); 2504 2505 return (error); 2506 } 2507 2508 static void 2509 run_select_chan_group(struct run_softc *sc, int group) 2510 { 2511 uint32_t tmp; 2512 uint8_t agc; 2513 2514 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 2515 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 2516 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 2517 run_bbp_write(sc, 86, 0x00); 2518 2519 if (group == 0) { 2520 if (sc->ext_2ghz_lna) { 2521 run_bbp_write(sc, 82, 0x62); 2522 run_bbp_write(sc, 75, 0x46); 2523 } else { 2524 run_bbp_write(sc, 82, 0x84); 2525 run_bbp_write(sc, 75, 0x50); 2526 } 2527 } else { 2528 if (sc->mac_ver == 0x3572) 2529 run_bbp_write(sc, 82, 0x94); 2530 else 2531 run_bbp_write(sc, 82, 0xf2); 2532 if (sc->ext_5ghz_lna) 2533 run_bbp_write(sc, 75, 0x46); 2534 else 2535 run_bbp_write(sc, 75, 0x50); 2536 } 2537 2538 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 2539 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 2540 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 2541 run_write(sc, RT2860_TX_BAND_CFG, tmp); 2542 2543 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 2544 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 2545 if (sc->nrxchains > 1) 2546 tmp |= RT2860_LNA_PE1_EN; 2547 if (group == 0) { /* 2GHz */ 2548 tmp |= RT2860_PA_PE_G0_EN; 2549 if (sc->ntxchains > 1) 2550 tmp |= RT2860_PA_PE_G1_EN; 2551 } else { /* 5GHz */ 2552 tmp |= RT2860_PA_PE_A0_EN; 2553 if (sc->ntxchains > 1) 2554 tmp |= RT2860_PA_PE_A1_EN; 2555 } 2556 if (sc->mac_ver == 0x3572) { 2557 run_rt3070_rf_write(sc, 8, 0x00); 2558 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2559 run_rt3070_rf_write(sc, 8, 0x80); 2560 } else 2561 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2562 2563 /* set initial AGC value */ 2564 if (group == 0) { /* 2GHz band */ 2565 if (sc->mac_ver >= 0x3070) 2566 agc = 0x1c + sc->lna[0] * 2; 2567 else 2568 agc = 0x2e + sc->lna[0]; 2569 } else { /* 5GHz band */ 2570 if (sc->mac_ver == 0x3572) 2571 agc = 0x22 + (sc->lna[group] * 5) / 3; 2572 else 2573 agc = 0x32 + (sc->lna[group] * 5) / 3; 2574 } 2575 run_set_agc(sc, agc); 2576 } 2577 2578 static void 2579 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 2580 { 2581 const struct rfprog *rfprog = rt2860_rf2850; 2582 uint32_t r2, r3, r4; 2583 int8_t txpow1, txpow2; 2584 int i; 2585 2586 /* find the settings for this channel (we know it exists) */ 2587 for (i = 0; rfprog[i].chan != chan; i++); 2588 2589 r2 = rfprog[i].r2; 2590 if (sc->ntxchains == 1) 2591 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 2592 if (sc->nrxchains == 1) 2593 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2594 else if (sc->nrxchains == 2) 2595 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 2596 2597 /* use Tx power values from EEPROM */ 2598 txpow1 = sc->txpow1[i]; 2599 txpow2 = sc->txpow2[i]; 2600 if (chan > 14) { 2601 if (txpow1 >= 0) 2602 txpow1 = txpow1 << 1 | 1; 2603 else 2604 txpow1 = (7 + txpow1) << 1; 2605 if (txpow2 >= 0) 2606 txpow2 = txpow2 << 1 | 1; 2607 else 2608 txpow2 = (7 + txpow2) << 1; 2609 } 2610 r3 = rfprog[i].r3 | txpow1 << 7; 2611 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 2612 2613 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2614 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2615 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2616 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2617 2618 DELAY(200); 2619 2620 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2621 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2622 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 2623 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2624 2625 DELAY(200); 2626 2627 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2628 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2629 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2630 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2631 } 2632 2633 static void 2634 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 2635 { 2636 int8_t txpow1, txpow2; 2637 uint8_t rf; 2638 int i; 2639 2640 KASSERT(chan >= 1 && chan <= 14); /* RT3070 is 2GHz only */ 2641 2642 /* find the settings for this channel (we know it exists) */ 2643 for (i = 0; rt2860_rf2850[i].chan != chan; i++) 2644 continue; 2645 2646 /* use Tx power values from EEPROM */ 2647 txpow1 = sc->txpow1[i]; 2648 txpow2 = sc->txpow2[i]; 2649 2650 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2651 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 2652 run_rt3070_rf_read(sc, 6, &rf); 2653 rf = (rf & ~0x03) | rt3070_freqs[i].r; 2654 run_rt3070_rf_write(sc, 6, rf); 2655 2656 /* set Tx0 power */ 2657 run_rt3070_rf_read(sc, 12, &rf); 2658 rf = (rf & ~0x1f) | txpow1; 2659 run_rt3070_rf_write(sc, 12, rf); 2660 2661 /* set Tx1 power */ 2662 run_rt3070_rf_read(sc, 13, &rf); 2663 rf = (rf & ~0x1f) | txpow2; 2664 run_rt3070_rf_write(sc, 13, rf); 2665 2666 run_rt3070_rf_read(sc, 1, &rf); 2667 rf &= ~0xfc; 2668 if (sc->ntxchains == 1) 2669 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2670 else if (sc->ntxchains == 2) 2671 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2672 if (sc->nrxchains == 1) 2673 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2674 else if (sc->nrxchains == 2) 2675 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2676 run_rt3070_rf_write(sc, 1, rf); 2677 2678 /* set RF offset */ 2679 run_rt3070_rf_read(sc, 23, &rf); 2680 rf = (rf & ~0x7f) | sc->freq; 2681 run_rt3070_rf_write(sc, 23, rf); 2682 2683 /* program RF filter */ 2684 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 2685 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2686 run_rt3070_rf_write(sc, 24, rf); 2687 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 2688 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2689 run_rt3070_rf_write(sc, 31, rf); 2690 2691 /* enable RF tuning */ 2692 run_rt3070_rf_read(sc, 7, &rf); 2693 run_rt3070_rf_write(sc, 7, rf | 0x01); 2694 } 2695 2696 static void 2697 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 2698 { 2699 int8_t txpow1, txpow2; 2700 uint32_t tmp; 2701 uint8_t rf; 2702 int i; 2703 2704 /* find the settings for this channel (we know it exists) */ 2705 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 2706 2707 /* use Tx power values from EEPROM */ 2708 txpow1 = sc->txpow1[i]; 2709 txpow2 = sc->txpow2[i]; 2710 2711 if (chan <= 14) { 2712 run_bbp_write(sc, 25, sc->bbp25); 2713 run_bbp_write(sc, 26, sc->bbp26); 2714 } else { 2715 /* enable IQ phase correction */ 2716 run_bbp_write(sc, 25, 0x09); 2717 run_bbp_write(sc, 26, 0xff); 2718 } 2719 2720 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2721 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 2722 run_rt3070_rf_read(sc, 6, &rf); 2723 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 2724 rf |= (chan <= 14) ? 0x08 : 0x04; 2725 run_rt3070_rf_write(sc, 6, rf); 2726 2727 /* set PLL mode */ 2728 run_rt3070_rf_read(sc, 5, &rf); 2729 rf &= ~(0x08 | 0x04); 2730 rf |= (chan <= 14) ? 0x04 : 0x08; 2731 run_rt3070_rf_write(sc, 5, rf); 2732 2733 /* set Tx power for chain 0 */ 2734 if (chan <= 14) 2735 rf = 0x60 | txpow1; 2736 else 2737 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 2738 run_rt3070_rf_write(sc, 12, rf); 2739 2740 /* set Tx power for chain 1 */ 2741 if (chan <= 14) 2742 rf = 0x60 | txpow2; 2743 else 2744 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 2745 run_rt3070_rf_write(sc, 13, rf); 2746 2747 /* set Tx/Rx streams */ 2748 run_rt3070_rf_read(sc, 1, &rf); 2749 rf &= ~0xfc; 2750 if (sc->ntxchains == 1) 2751 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2752 else if (sc->ntxchains == 2) 2753 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2754 if (sc->nrxchains == 1) 2755 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2756 else if (sc->nrxchains == 2) 2757 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2758 run_rt3070_rf_write(sc, 1, rf); 2759 2760 /* set RF offset */ 2761 run_rt3070_rf_read(sc, 23, &rf); 2762 rf = (rf & ~0x7f) | sc->freq; 2763 run_rt3070_rf_write(sc, 23, rf); 2764 2765 /* program RF filter */ 2766 rf = sc->rf24_20mhz; 2767 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 2768 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 2769 2770 /* enable RF tuning */ 2771 run_rt3070_rf_read(sc, 7, &rf); 2772 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 2773 run_rt3070_rf_write(sc, 7, rf); 2774 2775 /* TSSI */ 2776 rf = (chan <= 14) ? 0xc3 : 0xc0; 2777 run_rt3070_rf_write(sc, 9, rf); 2778 2779 /* set loop filter 1 */ 2780 run_rt3070_rf_write(sc, 10, 0xf1); 2781 /* set loop filter 2 */ 2782 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 2783 2784 /* set tx_mx2_ic */ 2785 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 2786 /* set tx_mx1_ic */ 2787 if (chan <= 14) 2788 rf = 0x48 | sc->txmixgain_2ghz; 2789 else 2790 rf = 0x78 | sc->txmixgain_5ghz; 2791 run_rt3070_rf_write(sc, 16, rf); 2792 2793 /* set tx_lo1 */ 2794 run_rt3070_rf_write(sc, 17, 0x23); 2795 /* set tx_lo2 */ 2796 if (chan <= 14) 2797 rf = 0x93; 2798 else if (chan <= 64) 2799 rf = 0xb7; 2800 else if (chan <= 128) 2801 rf = 0x74; 2802 else 2803 rf = 0x72; 2804 run_rt3070_rf_write(sc, 19, rf); 2805 2806 /* set rx_lo1 */ 2807 if (chan <= 14) 2808 rf = 0xb3; 2809 else if (chan <= 64) 2810 rf = 0xf6; 2811 else if (chan <= 128) 2812 rf = 0xf4; 2813 else 2814 rf = 0xf3; 2815 run_rt3070_rf_write(sc, 20, rf); 2816 2817 /* set pfd_delay */ 2818 if (chan <= 14) 2819 rf = 0x15; 2820 else if (chan <= 64) 2821 rf = 0x3d; 2822 else 2823 rf = 0x01; 2824 run_rt3070_rf_write(sc, 25, rf); 2825 2826 /* set rx_lo2 */ 2827 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 2828 /* set ldo_rf_vc */ 2829 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 2830 /* set drv_cc */ 2831 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 2832 2833 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2834 tmp &= ~0x8080; 2835 if (chan <= 14) 2836 tmp |= 0x80; 2837 run_write(sc, RT2860_GPIO_CTRL, tmp); 2838 2839 /* enable RF tuning */ 2840 run_rt3070_rf_read(sc, 7, &rf); 2841 run_rt3070_rf_write(sc, 7, rf | 0x01); 2842 2843 DELAY(2000); 2844 } 2845 2846 static void 2847 run_set_agc(struct run_softc *sc, uint8_t agc) 2848 { 2849 uint8_t bbp; 2850 2851 if (sc->mac_ver == 0x3572) { 2852 run_bbp_read(sc, 27, &bbp); 2853 bbp &= ~(0x3 << 5); 2854 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 2855 run_bbp_write(sc, 66, agc); 2856 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 2857 run_bbp_write(sc, 66, agc); 2858 } else 2859 run_bbp_write(sc, 66, agc); 2860 } 2861 2862 static void 2863 run_set_rx_antenna(struct run_softc *sc, int aux) 2864 { 2865 uint32_t tmp; 2866 2867 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, !aux); 2868 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2869 tmp &= ~0x0808; 2870 if (aux) 2871 tmp |= 0x08; 2872 run_write(sc, RT2860_GPIO_CTRL, tmp); 2873 } 2874 2875 static int 2876 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 2877 { 2878 struct ieee80211com *ic = &sc->sc_ic; 2879 u_int chan, group; 2880 2881 chan = ieee80211_chan2ieee(ic, c); 2882 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2883 return (EINVAL); 2884 2885 if (sc->mac_ver == 0x3572) 2886 run_rt3572_set_chan(sc, chan); 2887 else if (sc->mac_ver >= 0x3070) 2888 run_rt3070_set_chan(sc, chan); 2889 else 2890 run_rt2870_set_chan(sc, chan); 2891 2892 /* determine channel group */ 2893 if (chan <= 14) 2894 group = 0; 2895 else if (chan <= 64) 2896 group = 1; 2897 else if (chan <= 128) 2898 group = 2; 2899 else 2900 group = 3; 2901 2902 /* XXX necessary only when group has changed! */ 2903 run_select_chan_group(sc, group); 2904 2905 DELAY(1000); 2906 return (0); 2907 } 2908 2909 static void 2910 run_enable_tsf_sync(struct run_softc *sc) 2911 { 2912 struct ieee80211com *ic = &sc->sc_ic; 2913 uint32_t tmp; 2914 2915 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2916 tmp &= ~0x1fffff; 2917 tmp |= ic->ic_bss->ni_intval * 16; 2918 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 2919 if (ic->ic_opmode == IEEE80211_M_STA) { 2920 /* 2921 * Local TSF is always updated with remote TSF on beacon 2922 * reception. 2923 */ 2924 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 2925 } 2926 #ifndef IEEE80211_STA_ONLY 2927 else if (ic->ic_opmode == IEEE80211_M_IBSS) { 2928 tmp |= RT2860_BCN_TX_EN; 2929 /* 2930 * Local TSF is updated with remote TSF on beacon reception 2931 * only if the remote TSF is greater than local TSF. 2932 */ 2933 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 2934 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2935 tmp |= RT2860_BCN_TX_EN; 2936 /* SYNC with nobody */ 2937 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 2938 } 2939 #endif 2940 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 2941 } 2942 2943 static void 2944 run_enable_mrr(struct run_softc *sc) 2945 { 2946 #define CCK(mcs) (mcs) 2947 #define OFDM(mcs) (1 << 3 | (mcs)) 2948 run_write(sc, RT2860_LG_FBK_CFG0, 2949 OFDM(6) << 28 | /* 54->48 */ 2950 OFDM(5) << 24 | /* 48->36 */ 2951 OFDM(4) << 20 | /* 36->24 */ 2952 OFDM(3) << 16 | /* 24->18 */ 2953 OFDM(2) << 12 | /* 18->12 */ 2954 OFDM(1) << 8 | /* 12-> 9 */ 2955 OFDM(0) << 4 | /* 9-> 6 */ 2956 OFDM(0)); /* 6-> 6 */ 2957 2958 run_write(sc, RT2860_LG_FBK_CFG1, 2959 CCK(2) << 12 | /* 11->5.5 */ 2960 CCK(1) << 8 | /* 5.5-> 2 */ 2961 CCK(0) << 4 | /* 2-> 1 */ 2962 CCK(0)); /* 1-> 1 */ 2963 #undef OFDM 2964 #undef CCK 2965 } 2966 2967 static void 2968 run_set_txpreamble(struct run_softc *sc) 2969 { 2970 uint32_t tmp; 2971 2972 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 2973 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2974 tmp |= RT2860_CCK_SHORT_EN; 2975 else 2976 tmp &= ~RT2860_CCK_SHORT_EN; 2977 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 2978 } 2979 2980 static void 2981 run_set_basicrates(struct run_softc *sc) 2982 { 2983 struct ieee80211com *ic = &sc->sc_ic; 2984 2985 /* set basic rates mask */ 2986 if (ic->ic_curmode == IEEE80211_MODE_11B) 2987 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 2988 else if (ic->ic_curmode == IEEE80211_MODE_11A) 2989 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 2990 else /* 11g */ 2991 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 2992 } 2993 2994 static void 2995 run_set_leds(struct run_softc *sc, uint16_t which) 2996 { 2997 2998 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 2999 which | (sc->leds & 0x7f)); 3000 } 3001 3002 static void 3003 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 3004 { 3005 3006 run_write(sc, RT2860_MAC_BSSID_DW0, 3007 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3008 run_write(sc, RT2860_MAC_BSSID_DW1, 3009 bssid[4] | bssid[5] << 8); 3010 } 3011 3012 static void 3013 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 3014 { 3015 3016 run_write(sc, RT2860_MAC_ADDR_DW0, 3017 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3018 run_write(sc, RT2860_MAC_ADDR_DW1, 3019 addr[4] | addr[5] << 8 | 0xff << 16); 3020 } 3021 3022 static void 3023 run_updateslot(struct ifnet *ifp) 3024 { 3025 3026 /* do it in a process context */ 3027 run_do_async(ifp->if_softc, run_updateslot_cb, NULL, 0); 3028 } 3029 3030 /* ARGSUSED */ 3031 static void 3032 run_updateslot_cb(struct run_softc *sc, void *arg) 3033 { 3034 uint32_t tmp; 3035 3036 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 3037 tmp &= ~0xff; 3038 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 3039 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 3040 } 3041 3042 static int8_t 3043 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 3044 { 3045 struct ieee80211com *ic = &sc->sc_ic; 3046 struct ieee80211_channel *c = ic->ic_curchan; 3047 int delta; 3048 3049 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3050 u_int chan = ieee80211_chan2ieee(ic, c); 3051 delta = sc->rssi_5ghz[rxchain]; 3052 3053 /* determine channel group */ 3054 if (chan <= 64) 3055 delta -= sc->lna[1]; 3056 else if (chan <= 128) 3057 delta -= sc->lna[2]; 3058 else 3059 delta -= sc->lna[3]; 3060 } else 3061 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 3062 3063 return (-12 - delta - rssi); 3064 } 3065 3066 static int 3067 run_bbp_init(struct run_softc *sc) 3068 { 3069 int i, error, ntries; 3070 uint8_t bbp0; 3071 3072 /* wait for BBP to wake up */ 3073 for (ntries = 0; ntries < 20; ntries++) { 3074 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 3075 return (error); 3076 if (bbp0 != 0 && bbp0 != 0xff) 3077 break; 3078 } 3079 if (ntries == 20) 3080 return (ETIMEDOUT); 3081 3082 /* initialize BBP registers to default values */ 3083 for (i = 0; i < (int)__arraycount(rt2860_def_bbp); i++) { 3084 run_bbp_write(sc, rt2860_def_bbp[i].reg, 3085 rt2860_def_bbp[i].val); 3086 } 3087 3088 /* fix BBP84 for RT2860E */ 3089 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 3090 run_bbp_write(sc, 84, 0x19); 3091 3092 if (sc->mac_ver >= 0x3070) { 3093 run_bbp_write(sc, 79, 0x13); 3094 run_bbp_write(sc, 80, 0x05); 3095 run_bbp_write(sc, 81, 0x33); 3096 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 3097 run_bbp_write(sc, 69, 0x16); 3098 run_bbp_write(sc, 73, 0x12); 3099 } 3100 return (0); 3101 } 3102 3103 static int 3104 run_rt3070_rf_init(struct run_softc *sc) 3105 { 3106 uint32_t tmp; 3107 uint8_t rf, target, bbp4; 3108 int i; 3109 3110 run_rt3070_rf_read(sc, 30, &rf); 3111 /* toggle RF R30 bit 7 */ 3112 run_rt3070_rf_write(sc, 30, rf | 0x80); 3113 DELAY(1000); 3114 run_rt3070_rf_write(sc, 30, rf & ~0x80); 3115 3116 /* initialize RF registers to default value */ 3117 if (sc->mac_ver == 0x3572) { 3118 for (i = 0; i < (int)__arraycount(rt3572_def_rf); i++) { 3119 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 3120 rt3572_def_rf[i].val); 3121 } 3122 } else { 3123 for (i = 0; i < (int)__arraycount(rt3070_def_rf); i++) { 3124 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3125 rt3070_def_rf[i].val); 3126 } 3127 } 3128 if (sc->mac_ver == 0x3572) { 3129 run_rt3070_rf_read(sc, 6, &rf); 3130 run_rt3070_rf_write(sc, 6, rf | 0x40); 3131 3132 /* increase voltage from 1.2V to 1.35V */ 3133 run_read(sc, RT3070_LDO_CFG0, &tmp); 3134 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3135 run_write(sc, RT3070_LDO_CFG0, tmp); 3136 if (sc->mac_rev >= 0x0211 || !sc->patch_dac) { 3137 /* decrease voltage back to 1.2V */ 3138 DELAY(1000); 3139 tmp = (tmp & ~0x1f000000) | 0x01000000; 3140 run_write(sc, RT3070_LDO_CFG0, tmp); 3141 } 3142 } else if (sc->mac_ver == 0x3071) { 3143 run_rt3070_rf_read(sc, 6, &rf); 3144 run_rt3070_rf_write(sc, 6, rf | 0x40); 3145 run_rt3070_rf_write(sc, 31, 0x14); 3146 3147 run_read(sc, RT3070_LDO_CFG0, &tmp); 3148 tmp &= ~0x1f000000; 3149 if (sc->mac_rev < 0x0211) 3150 tmp |= 0x0d000000; /* 1.35V */ 3151 else 3152 tmp |= 0x01000000; /* 1.2V */ 3153 run_write(sc, RT3070_LDO_CFG0, tmp); 3154 3155 /* patch LNA_PE_G1 */ 3156 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3157 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3158 } else if (sc->mac_ver == 0x3070) { 3159 /* increase voltage from 1.2V to 1.35V */ 3160 run_read(sc, RT3070_LDO_CFG0, &tmp); 3161 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3162 run_write(sc, RT3070_LDO_CFG0, tmp); 3163 } 3164 3165 /* select 20MHz bandwidth */ 3166 run_rt3070_rf_read(sc, 31, &rf); 3167 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3168 3169 /* calibrate filter for 20MHz bandwidth */ 3170 sc->rf24_20mhz = 0x1f; /* default value */ 3171 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 3172 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 3173 3174 /* select 40MHz bandwidth */ 3175 run_bbp_read(sc, 4, &bbp4); 3176 run_bbp_write(sc, 4, (bbp4 & ~0x08) | 0x10); 3177 run_rt3070_rf_read(sc, 31, &rf); 3178 run_rt3070_rf_write(sc, 31, rf | 0x20); 3179 3180 /* calibrate filter for 40MHz bandwidth */ 3181 sc->rf24_40mhz = 0x2f; /* default value */ 3182 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 3183 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 3184 3185 /* go back to 20MHz bandwidth */ 3186 run_bbp_read(sc, 4, &bbp4); 3187 run_bbp_write(sc, 4, bbp4 & ~0x18); 3188 3189 if (sc->mac_ver == 0x3572) { 3190 /* save default BBP registers 25 and 26 values */ 3191 run_bbp_read(sc, 25, &sc->bbp25); 3192 run_bbp_read(sc, 26, &sc->bbp26); 3193 } else if (sc->mac_rev < 0x0211) 3194 run_rt3070_rf_write(sc, 27, 0x03); 3195 3196 run_read(sc, RT3070_OPT_14, &tmp); 3197 run_write(sc, RT3070_OPT_14, tmp | 1); 3198 3199 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 3200 run_rt3070_rf_read(sc, 17, &rf); 3201 rf &= ~RT3070_TX_LO1; 3202 if ((sc->mac_ver == 0x3070 || 3203 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 3204 !sc->ext_2ghz_lna) 3205 rf |= 0x20; /* fix for long range Rx issue */ 3206 if (sc->txmixgain_2ghz >= 1) 3207 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 3208 run_rt3070_rf_write(sc, 17, rf); 3209 } 3210 if (sc->mac_ver == 0x3071) { 3211 run_rt3070_rf_read(sc, 1, &rf); 3212 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 3213 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 3214 run_rt3070_rf_write(sc, 1, rf); 3215 3216 run_rt3070_rf_read(sc, 15, &rf); 3217 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 3218 3219 run_rt3070_rf_read(sc, 20, &rf); 3220 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 3221 3222 run_rt3070_rf_read(sc, 21, &rf); 3223 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 3224 } 3225 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 3226 /* fix Tx to Rx IQ glitch by raising RF voltage */ 3227 run_rt3070_rf_read(sc, 27, &rf); 3228 rf &= ~0x77; 3229 if (sc->mac_rev < 0x0211) 3230 rf |= 0x03; 3231 run_rt3070_rf_write(sc, 27, rf); 3232 } 3233 return (0); 3234 } 3235 3236 static int 3237 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 3238 uint8_t *val) 3239 { 3240 uint8_t rf22, rf24; 3241 uint8_t bbp55_pb, bbp55_sb, delta; 3242 int ntries; 3243 3244 /* program filter */ 3245 run_rt3070_rf_read(sc, 24, &rf24); 3246 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 3247 run_rt3070_rf_write(sc, 24, rf24); 3248 3249 /* enable baseband loopback mode */ 3250 run_rt3070_rf_read(sc, 22, &rf22); 3251 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 3252 3253 /* set power and frequency of passband test tone */ 3254 run_bbp_write(sc, 24, 0x00); 3255 for (ntries = 0; ntries < 100; ntries++) { 3256 /* transmit test tone */ 3257 run_bbp_write(sc, 25, 0x90); 3258 DELAY(1000); 3259 /* read received power */ 3260 run_bbp_read(sc, 55, &bbp55_pb); 3261 if (bbp55_pb != 0) 3262 break; 3263 } 3264 if (ntries == 100) 3265 return (ETIMEDOUT); 3266 3267 /* set power and frequency of stopband test tone */ 3268 run_bbp_write(sc, 24, 0x06); 3269 for (ntries = 0; ntries < 100; ntries++) { 3270 /* transmit test tone */ 3271 run_bbp_write(sc, 25, 0x90); 3272 DELAY(1000); 3273 /* read received power */ 3274 run_bbp_read(sc, 55, &bbp55_sb); 3275 3276 delta = bbp55_pb - bbp55_sb; 3277 if (delta > target) 3278 break; 3279 3280 /* reprogram filter */ 3281 rf24++; 3282 run_rt3070_rf_write(sc, 24, rf24); 3283 } 3284 if (ntries < 100) { 3285 if (rf24 != init) 3286 rf24--; /* backtrack */ 3287 *val = rf24; 3288 run_rt3070_rf_write(sc, 24, rf24); 3289 } 3290 3291 /* restore initial state */ 3292 run_bbp_write(sc, 24, 0x00); 3293 3294 /* disable baseband loopback mode */ 3295 run_rt3070_rf_read(sc, 22, &rf22); 3296 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 3297 3298 return (0); 3299 } 3300 3301 static void 3302 run_rt3070_rf_setup(struct run_softc *sc) 3303 { 3304 uint8_t bbp, rf; 3305 int i; 3306 3307 if (sc->mac_ver == 0x3572) { 3308 /* enable DC filter */ 3309 if (sc->mac_rev >= 0x0201) 3310 run_bbp_write(sc, 103, 0xc0); 3311 3312 run_bbp_read(sc, 138, &bbp); 3313 if (sc->ntxchains == 1) 3314 bbp |= 0x20; /* turn off DAC1 */ 3315 if (sc->nrxchains == 1) 3316 bbp &= ~0x02; /* turn off ADC1 */ 3317 run_bbp_write(sc, 138, bbp); 3318 3319 if (sc->mac_rev >= 0x0211) { 3320 /* improve power consumption */ 3321 run_bbp_read(sc, 31, &bbp); 3322 run_bbp_write(sc, 31, bbp & ~0x03); 3323 } 3324 3325 run_rt3070_rf_read(sc, 16, &rf); 3326 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 3327 run_rt3070_rf_write(sc, 16, rf); 3328 } else if (sc->mac_ver == 0x3071) { 3329 /* enable DC filter */ 3330 if (sc->mac_rev >= 0x0201) 3331 run_bbp_write(sc, 103, 0xc0); 3332 3333 run_bbp_read(sc, 138, &bbp); 3334 if (sc->ntxchains == 1) 3335 bbp |= 0x20; /* turn off DAC1 */ 3336 if (sc->nrxchains == 1) 3337 bbp &= ~0x02; /* turn off ADC1 */ 3338 run_bbp_write(sc, 138, bbp); 3339 3340 if (sc->mac_rev >= 0x0211) { 3341 /* improve power consumption */ 3342 run_bbp_read(sc, 31, &bbp); 3343 run_bbp_write(sc, 31, bbp & ~0x03); 3344 } 3345 3346 run_write(sc, RT2860_TX_SW_CFG1, 0); 3347 if (sc->mac_rev < 0x0211) { 3348 run_write(sc, RT2860_TX_SW_CFG2, 3349 sc->patch_dac ? 0x2c : 0x0f); 3350 } else 3351 run_write(sc, RT2860_TX_SW_CFG2, 0); 3352 } else if (sc->mac_ver == 0x3070) { 3353 if (sc->mac_rev >= 0x0201) { 3354 /* enable DC filter */ 3355 run_bbp_write(sc, 103, 0xc0); 3356 3357 /* improve power consumption */ 3358 run_bbp_read(sc, 31, &bbp); 3359 run_bbp_write(sc, 31, bbp & ~0x03); 3360 } 3361 3362 if (sc->mac_rev < 0x0211) { 3363 run_write(sc, RT2860_TX_SW_CFG1, 0); 3364 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 3365 } else 3366 run_write(sc, RT2860_TX_SW_CFG2, 0); 3367 } 3368 3369 /* initialize RF registers from ROM for >=RT3071*/ 3370 if (sc->mac_ver >= 0x3071) { 3371 for (i = 0; i < 10; i++) { 3372 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 3373 continue; 3374 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 3375 } 3376 } 3377 } 3378 3379 static int 3380 run_txrx_enable(struct run_softc *sc) 3381 { 3382 uint32_t tmp; 3383 int error, ntries; 3384 3385 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 3386 for (ntries = 0; ntries < 200; ntries++) { 3387 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3388 return (error); 3389 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3390 break; 3391 DELAY(1000); 3392 } 3393 if (ntries == 200) 3394 return (ETIMEDOUT); 3395 3396 DELAY(50); 3397 3398 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 3399 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3400 3401 /* enable Rx bulk aggregation (set timeout and limit) */ 3402 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 3403 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 3404 run_write(sc, RT2860_USB_DMA_CFG, tmp); 3405 3406 /* set Rx filter */ 3407 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 3408 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) { 3409 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 3410 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 3411 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 3412 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 3413 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA) 3414 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 3415 } 3416 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 3417 3418 run_write(sc, RT2860_MAC_SYS_CTRL, 3419 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3420 3421 return (0); 3422 } 3423 3424 static int 3425 run_init(struct ifnet *ifp) 3426 { 3427 struct run_softc *sc = ifp->if_softc; 3428 struct ieee80211com *ic = &sc->sc_ic; 3429 uint32_t tmp; 3430 uint8_t bbp1, bbp3; 3431 int i, error, qid, ridx, ntries; 3432 3433 for (ntries = 0; ntries < 100; ntries++) { 3434 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0) 3435 goto fail; 3436 if (tmp != 0 && tmp != 0xffffffff) 3437 break; 3438 DELAY(10); 3439 } 3440 if (ntries == 100) { 3441 error = ETIMEDOUT; 3442 goto fail; 3443 } 3444 3445 if ((sc->sc_flags & RUN_FWLOADED) == 0 && 3446 (error = run_load_microcode(sc)) != 0) { 3447 aprint_error_dev(sc->sc_dev, 3448 "could not load 8051 microcode\n"); 3449 goto fail; 3450 } 3451 3452 if (ifp->if_flags & IFF_RUNNING) 3453 run_stop(ifp, 0); 3454 3455 /* init host command ring */ 3456 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 3457 3458 /* init Tx rings (4 EDCAs) */ 3459 for (qid = 0; qid < 4; qid++) { 3460 if ((error = run_alloc_tx_ring(sc, qid)) != 0) 3461 goto fail; 3462 } 3463 /* init Rx ring */ 3464 if ((error = run_alloc_rx_ring(sc)) != 0) 3465 goto fail; 3466 3467 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 3468 run_set_macaddr(sc, ic->ic_myaddr); 3469 3470 for (ntries = 0; ntries < 100; ntries++) { 3471 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3472 goto fail; 3473 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3474 break; 3475 DELAY(1000); 3476 } 3477 if (ntries == 100) { 3478 aprint_error_dev(sc->sc_dev, 3479 "timeout waiting for DMA engine\n"); 3480 error = ETIMEDOUT; 3481 goto fail; 3482 } 3483 tmp &= 0xff0; 3484 tmp |= RT2860_TX_WB_DDONE; 3485 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3486 3487 /* turn off PME_OEN to solve high-current issue */ 3488 run_read(sc, RT2860_SYS_CTRL, &tmp); 3489 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 3490 3491 run_write(sc, RT2860_MAC_SYS_CTRL, 3492 RT2860_BBP_HRST | RT2860_MAC_SRST); 3493 run_write(sc, RT2860_USB_DMA_CFG, 0); 3494 3495 if ((error = run_reset(sc)) != 0) { 3496 aprint_error_dev(sc->sc_dev, "could not reset chipset\n"); 3497 goto fail; 3498 } 3499 3500 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3501 3502 /* init Tx power for all Tx rates (from EEPROM) */ 3503 for (ridx = 0; ridx < 5; ridx++) { 3504 if (sc->txpow20mhz[ridx] == 0xffffffff) 3505 continue; 3506 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 3507 } 3508 3509 for (i = 0; i < (int)__arraycount(rt2870_def_mac); i++) 3510 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 3511 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 3512 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 3513 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 3514 3515 if (sc->mac_ver >= 0x3070) { 3516 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 3517 run_write(sc, RT2860_TX_SW_CFG0, 3518 4 << RT2860_DLY_PAPE_EN_SHIFT); 3519 } 3520 3521 /* wait while MAC is busy */ 3522 for (ntries = 0; ntries < 100; ntries++) { 3523 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0) 3524 goto fail; 3525 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 3526 break; 3527 DELAY(1000); 3528 } 3529 if (ntries == 100) { 3530 error = ETIMEDOUT; 3531 goto fail; 3532 } 3533 3534 /* clear Host to MCU mailbox */ 3535 run_write(sc, RT2860_H2M_BBPAGENT, 0); 3536 run_write(sc, RT2860_H2M_MAILBOX, 0); 3537 DELAY(1000); 3538 3539 if ((error = run_bbp_init(sc)) != 0) { 3540 aprint_error_dev(sc->sc_dev, "could not initialize BBP\n"); 3541 goto fail; 3542 } 3543 3544 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3545 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 3546 RT2860_TBTT_TIMER_EN); 3547 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3548 3549 /* clear RX WCID search table */ 3550 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 3551 /* clear Pair-wise key table */ 3552 run_set_region_4(sc, RT2860_PKEY(0), 0, 2048); 3553 /* clear IV/EIV table */ 3554 run_set_region_4(sc, RT2860_IVEIV(0), 0, 512); 3555 /* clear WCID attribute table */ 3556 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 3557 /* clear shared key table */ 3558 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 3559 /* clear shared key mode */ 3560 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 3561 3562 run_read(sc, RT2860_US_CYC_CNT, &tmp); 3563 tmp = (tmp & ~0xff) | 0x1e; 3564 run_write(sc, RT2860_US_CYC_CNT, tmp); 3565 3566 if (sc->mac_rev != 0x0101) 3567 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 3568 3569 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 3570 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 3571 3572 /* write vendor-specific BBP values (from EEPROM) */ 3573 for (i = 0; i < 8; i++) { 3574 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 3575 continue; 3576 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 3577 } 3578 3579 /* select Main antenna for 1T1R devices */ 3580 if (sc->rf_rev == RT3070_RF_3020) 3581 run_set_rx_antenna(sc, 0); 3582 3583 /* send LEDs operating mode to microcontroller */ 3584 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 3585 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 3586 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 3587 3588 if (sc->mac_ver >= 0x3070) 3589 run_rt3070_rf_init(sc); 3590 3591 /* disable non-existing Rx chains */ 3592 run_bbp_read(sc, 3, &bbp3); 3593 bbp3 &= ~(1 << 3 | 1 << 4); 3594 if (sc->nrxchains == 2) 3595 bbp3 |= 1 << 3; 3596 else if (sc->nrxchains == 3) 3597 bbp3 |= 1 << 4; 3598 run_bbp_write(sc, 3, bbp3); 3599 3600 /* disable non-existing Tx chains */ 3601 run_bbp_read(sc, 1, &bbp1); 3602 if (sc->ntxchains == 1) 3603 bbp1 &= ~(1 << 3 | 1 << 4); 3604 run_bbp_write(sc, 1, bbp1); 3605 3606 if (sc->mac_ver >= 0x3070) 3607 run_rt3070_rf_setup(sc); 3608 3609 /* select default channel */ 3610 run_set_chan(sc, ic->ic_curchan); 3611 3612 /* turn radio LED on */ 3613 run_set_leds(sc, RT2860_LED_RADIO); 3614 3615 #ifdef RUN_HWCRYPTO 3616 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 3617 /* install WEP keys */ 3618 for (i = 0; i < IEEE80211_WEP_NKID; i++) 3619 (void)run_set_key(ic, &ic->ic_crypto.cs_nw_keys[i], 3620 NULL); 3621 } 3622 #endif 3623 3624 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 3625 struct run_rx_data *data = &sc->rxq.data[i]; 3626 3627 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf, 3628 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 3629 USBD_NO_TIMEOUT, run_rxeof); 3630 error = usbd_transfer(data->xfer); 3631 if (error != USBD_NORMAL_COMPLETION && 3632 error != USBD_IN_PROGRESS) 3633 goto fail; 3634 } 3635 3636 if ((error = run_txrx_enable(sc)) != 0) 3637 goto fail; 3638 3639 ifp->if_flags &= ~IFF_OACTIVE; 3640 ifp->if_flags |= IFF_RUNNING; 3641 3642 if (ic->ic_opmode == IEEE80211_M_MONITOR) 3643 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3644 else 3645 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3646 3647 if (error != 0) 3648 fail: run_stop(ifp, 1); 3649 return (error); 3650 } 3651 3652 static void 3653 run_stop(struct ifnet *ifp, int disable) 3654 { 3655 struct run_softc *sc = ifp->if_softc; 3656 struct ieee80211com *ic = &sc->sc_ic; 3657 uint32_t tmp; 3658 int ntries, qid; 3659 3660 if (ifp->if_flags & IFF_RUNNING) 3661 run_set_leds(sc, 0); /* turn all LEDs off */ 3662 3663 sc->sc_tx_timer = 0; 3664 ifp->if_timer = 0; 3665 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3666 3667 callout_stop(&sc->scan_to); 3668 callout_stop(&sc->calib_to); 3669 3670 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3671 /* wait for all queued asynchronous commands to complete */ 3672 while (sc->cmdq.queued > 0) 3673 tsleep(&sc->cmdq, 0, "cmdq", 0); 3674 3675 /* disable Tx/Rx */ 3676 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 3677 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3678 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 3679 3680 /* wait for pending Tx to complete */ 3681 for (ntries = 0; ntries < 100; ntries++) { 3682 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) 3683 break; 3684 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) 3685 break; 3686 } 3687 DELAY(1000); 3688 run_write(sc, RT2860_USB_DMA_CFG, 0); 3689 3690 /* reset adapter */ 3691 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 3692 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3693 3694 /* reset Tx and Rx rings */ 3695 sc->qfullmsk = 0; 3696 for (qid = 0; qid < 4; qid++) 3697 run_free_tx_ring(sc, qid); 3698 run_free_rx_ring(sc); 3699 } 3700 3701 #ifndef IEEE80211_STA_ONLY 3702 static int 3703 run_setup_beacon(struct run_softc *sc) 3704 { 3705 struct ieee80211com *ic = &sc->sc_ic; 3706 struct rt2860_txwi txwi; 3707 struct mbuf *m; 3708 int ridx; 3709 3710 if ((m = ieee80211_beacon_alloc(ic, ic->ic_bss, &sc->sc_bo)) == NULL) 3711 return (ENOBUFS); 3712 3713 memset(&txwi, 0, sizeof txwi); 3714 txwi.wcid = 0xff; 3715 txwi.len = htole16(m->m_pkthdr.len); 3716 /* send beacons at the lowest available rate */ 3717 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3718 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3719 txwi.phy = htole16(rt2860_rates[ridx].mcs); 3720 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 3721 txwi.phy |= htole16(RT2860_PHY_OFDM); 3722 txwi.txop = RT2860_TX_TXOP_HT; 3723 txwi.flags = RT2860_TX_TS; 3724 3725 run_write_region_1(sc, RT2860_BCN_BASE(0), 3726 (uint8_t *)&txwi, sizeof txwi); 3727 run_write_region_1(sc, RT2860_BCN_BASE(0) + sizeof txwi, 3728 mtod(m, uint8_t *), m->m_pkthdr.len); 3729 3730 m_freem(m); 3731 3732 return (0); 3733 } 3734 #endif 3735 3736 MODULE(MODULE_CLASS_DRIVER, if_run, "bpf"); 3737 3738 #ifdef _MODULE 3739 #include "ioconf.c" 3740 #endif 3741 3742 static int 3743 if_run_modcmd(modcmd_t cmd, void *arg) 3744 { 3745 int error = 0; 3746 3747 switch (cmd) { 3748 case MODULE_CMD_INIT: 3749 #ifdef _MODULE 3750 error = config_init_component(cfdriver_ioconf_run, 3751 cfattach_ioconf_run, cfdata_ioconf_run); 3752 #endif 3753 return (error); 3754 case MODULE_CMD_FINI: 3755 #ifdef _MODULE 3756 error = config_fini_component(cfdriver_ioconf_run, 3757 cfattach_ioconf_run, cfdata_ioconf_run); 3758 #endif 3759 return (error); 3760 default: 3761 return (ENOTTY); 3762 } 3763 } 3764