1 /* $NetBSD: if_run.c,v 1.8 2013/01/22 12:40:42 jmcneill Exp $ */ 2 /* $OpenBSD: if_run.c,v 1.90 2012/03/24 15:11:04 jsg Exp $ */ 3 4 /*- 5 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Ralink Technology RT2700U/RT2800U/RT3000U chipset driver. 22 * http://www.ralinktech.com/ 23 */ 24 25 #include <sys/cdefs.h> 26 __KERNEL_RCSID(0, "$NetBSD: if_run.c,v 1.8 2013/01/22 12:40:42 jmcneill Exp $"); 27 28 #include <sys/param.h> 29 #include <sys/sockio.h> 30 #include <sys/sysctl.h> 31 #include <sys/mbuf.h> 32 #include <sys/kernel.h> 33 #include <sys/socket.h> 34 #include <sys/systm.h> 35 #include <sys/malloc.h> 36 #include <sys/callout.h> 37 #include <sys/module.h> 38 #include <sys/conf.h> 39 #include <sys/device.h> 40 41 #include <sys/bus.h> 42 #include <machine/endian.h> 43 #include <sys/intr.h> 44 45 #include <net/bpf.h> 46 #include <net/if.h> 47 #include <net/if_arp.h> 48 #include <net/if_dl.h> 49 #include <net/if_ether.h> 50 #include <net/if_media.h> 51 #include <net/if_types.h> 52 53 #include <net80211/ieee80211_var.h> 54 #include <net80211/ieee80211_amrr.h> 55 #include <net80211/ieee80211_radiotap.h> 56 57 #include <dev/firmload.h> 58 59 #include <dev/usb/usb.h> 60 #include <dev/usb/usbdi.h> 61 #include <dev/usb/usbdivar.h> 62 #include <dev/usb/usbdi_util.h> 63 #include <dev/usb/usbdevs.h> 64 65 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */ 66 #include <dev/usb/if_runvar.h> 67 68 #ifdef RUN_DEBUG 69 #define DPRINTF(x) do { if (run_debug) printf x; } while (0) 70 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0) 71 int run_debug = 0; 72 #else 73 #define DPRINTF(x) 74 #define DPRINTFN(n, x) 75 #endif 76 77 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p } 78 static const struct usb_devno run_devs[] = { 79 USB_ID(ABOCOM, RT2770), 80 USB_ID(ABOCOM, RT2870), 81 USB_ID(ABOCOM, RT3070), 82 USB_ID(ABOCOM, RT3071), 83 USB_ID(ABOCOM, RT3072), 84 USB_ID(ABOCOM2, RT2870_1), 85 USB_ID(ACCTON, RT2770), 86 USB_ID(ACCTON, RT2870_1), 87 USB_ID(ACCTON, RT2870_2), 88 USB_ID(ACCTON, RT2870_3), 89 USB_ID(ACCTON, RT2870_4), 90 USB_ID(ACCTON, RT2870_5), 91 USB_ID(ACCTON, RT3070), 92 USB_ID(ACCTON, RT3070_1), 93 USB_ID(ACCTON, RT3070_2), 94 USB_ID(ACCTON, RT3070_3), 95 USB_ID(ACCTON, RT3070_4), 96 USB_ID(ACCTON, RT3070_5), 97 USB_ID(ACCTON, RT3070_6), 98 USB_ID(AIRTIES, RT3070), 99 USB_ID(AIRTIES, RT3070_2), 100 USB_ID(ALLWIN, RT2070), 101 USB_ID(ALLWIN, RT2770), 102 USB_ID(ALLWIN, RT2870), 103 USB_ID(ALLWIN, RT3070), 104 USB_ID(ALLWIN, RT3071), 105 USB_ID(ALLWIN, RT3072), 106 USB_ID(ALLWIN, RT3572), 107 USB_ID(AMIGO, RT2870_1), 108 USB_ID(AMIGO, RT2870_2), 109 USB_ID(AMIT, CGWLUSB2GNR), 110 USB_ID(AMIT, RT2870_1), 111 USB_ID(AMIT2, RT2870), 112 USB_ID(ASUSTEK, RT2870_1), 113 USB_ID(ASUSTEK, RT2870_2), 114 USB_ID(ASUSTEK, RT2870_3), 115 USB_ID(ASUSTEK, RT2870_4), 116 USB_ID(ASUSTEK, RT2870_5), 117 USB_ID(ASUSTEK, RT3070), 118 USB_ID(ASUSTEK, RT3070_1), 119 USB_ID(ASUSTEK2, USBN11), 120 USB_ID(AZUREWAVE, RT2870_1), 121 USB_ID(AZUREWAVE, RT2870_2), 122 USB_ID(AZUREWAVE, RT3070), 123 USB_ID(AZUREWAVE, RT3070_2), 124 USB_ID(AZUREWAVE, RT3070_3), 125 USB_ID(AZUREWAVE, RT3070_4), 126 USB_ID(AZUREWAVE, RT3070_5), 127 USB_ID(BELKIN, F5D8053V3), 128 USB_ID(BELKIN, F5D8055), 129 USB_ID(BELKIN, F5D8055V2), 130 USB_ID(BELKIN, F6D4050V1), 131 USB_ID(BELKIN, F6D4050V2), 132 USB_ID(BELKIN, F7D1101V2), 133 USB_ID(BELKIN, RT2870_1), 134 USB_ID(BELKIN, RT2870_2), 135 USB_ID(BEWAN, RT3070), 136 USB_ID(CISCOLINKSYS, AE1000), 137 USB_ID(CISCOLINKSYS, AM10), 138 USB_ID(CISCOLINKSYS2, RT3070), 139 USB_ID(CISCOLINKSYS3, RT3070), 140 USB_ID(CONCEPTRONIC, RT2870_1), 141 USB_ID(CONCEPTRONIC, RT2870_2), 142 USB_ID(CONCEPTRONIC, RT2870_3), 143 USB_ID(CONCEPTRONIC, RT2870_4), 144 USB_ID(CONCEPTRONIC, RT2870_5), 145 USB_ID(CONCEPTRONIC, RT2870_6), 146 USB_ID(CONCEPTRONIC, RT2870_7), 147 USB_ID(CONCEPTRONIC, RT2870_8), 148 USB_ID(CONCEPTRONIC, RT3070_1), 149 USB_ID(CONCEPTRONIC, RT3070_2), 150 USB_ID(CONCEPTRONIC, RT3070_3), 151 USB_ID(COREGA, CGWLUSB300GNM), 152 USB_ID(COREGA, RT2870_1), 153 USB_ID(COREGA, RT2870_2), 154 USB_ID(COREGA, RT2870_3), 155 USB_ID(COREGA, RT3070), 156 USB_ID(CYBERTAN, RT2870), 157 USB_ID(DLINK, RT2870), 158 USB_ID(DLINK, RT3072), 159 USB_ID(DLINK2, DWA130), 160 USB_ID(DLINK2, RT2870_1), 161 USB_ID(DLINK2, RT2870_2), 162 USB_ID(DLINK2, RT3070_1), 163 USB_ID(DLINK2, RT3070_2), 164 USB_ID(DLINK2, RT3070_3), 165 USB_ID(DLINK2, RT3070_4), 166 USB_ID(DLINK2, RT3070_5), 167 USB_ID(DLINK2, RT3072), 168 USB_ID(DLINK2, RT3072_1), 169 USB_ID(DVICO, RT3070), 170 USB_ID(EDIMAX, EW7717), 171 USB_ID(EDIMAX, EW7718), 172 USB_ID(EDIMAX, EW7722UTN), 173 USB_ID(EDIMAX, RT2870_1), 174 USB_ID(ENCORE, RT3070), 175 USB_ID(ENCORE, RT3070_2), 176 USB_ID(ENCORE, RT3070_3), 177 USB_ID(GIGABYTE, GNWB31N), 178 USB_ID(GIGABYTE, GNWB32L), 179 USB_ID(GIGABYTE, RT2870_1), 180 USB_ID(GIGASET, RT3070_1), 181 USB_ID(GIGASET, RT3070_2), 182 USB_ID(GUILLEMOT, HWNU300), 183 USB_ID(HAWKING, HWUN2), 184 USB_ID(HAWKING, RT2870_1), 185 USB_ID(HAWKING, RT2870_2), 186 USB_ID(HAWKING, RT2870_3), 187 USB_ID(HAWKING, RT2870_4), 188 USB_ID(HAWKING, RT2870_5), 189 USB_ID(HAWKING, RT3070), 190 USB_ID(IODATA, RT3072_1), 191 USB_ID(IODATA, RT3072_2), 192 USB_ID(IODATA, RT3072_3), 193 USB_ID(IODATA, RT3072_4), 194 USB_ID(LINKSYS4, RT3070), 195 USB_ID(LINKSYS4, WUSB100), 196 USB_ID(LINKSYS4, WUSB54GC_3), 197 USB_ID(LINKSYS4, WUSB600N), 198 USB_ID(LINKSYS4, WUSB600NV2), 199 USB_ID(LOGITEC, LANW300NU2), 200 USB_ID(LOGITEC, RT2870_1), 201 USB_ID(LOGITEC, RT2870_2), 202 USB_ID(LOGITEC, RT2870_3), 203 USB_ID(LOGITEC, RT3020), 204 USB_ID(MELCO, RT2870_1), 205 USB_ID(MELCO, RT2870_2), 206 USB_ID(MELCO, WLIUCAG300N), 207 USB_ID(MELCO, WLIUCG300N), 208 USB_ID(MELCO, WLIUCG301N), 209 USB_ID(MELCO, WLIUCGN), 210 USB_ID(MELCO, WLIUCGNHP), 211 USB_ID(MELCO, WLIUCGNM), 212 USB_ID(MELCO, WLIUCGNM2T), 213 USB_ID(MOTOROLA4, RT2770), 214 USB_ID(MOTOROLA4, RT3070), 215 USB_ID(MSI, RT3070), 216 USB_ID(MSI, RT3070_2), 217 USB_ID(MSI, RT3070_3), 218 USB_ID(MSI, RT3070_4), 219 USB_ID(MSI, RT3070_5), 220 USB_ID(MSI, RT3070_6), 221 USB_ID(MSI, RT3070_7), 222 USB_ID(MSI, RT3070_8), 223 USB_ID(MSI, RT3070_9), 224 USB_ID(MSI, RT3070_10), 225 USB_ID(MSI, RT3070_11), 226 USB_ID(MSI, RT3070_12), 227 USB_ID(MSI, RT3070_13), 228 USB_ID(MSI, RT3070_14), 229 USB_ID(MSI, RT3070_15), 230 USB_ID(OVISLINK, RT3071), 231 USB_ID(OVISLINK, RT3072), 232 USB_ID(PARA, RT3070), 233 USB_ID(PEGATRON, RT2870), 234 USB_ID(PEGATRON, RT3070), 235 USB_ID(PEGATRON, RT3070_2), 236 USB_ID(PEGATRON, RT3070_3), 237 USB_ID(PEGATRON, RT3072), 238 USB_ID(PHILIPS, RT2870), 239 USB_ID(PLANEX2, GWUS300MINIS), 240 USB_ID(PLANEX2, GWUSMICRO300), 241 USB_ID(PLANEX2, GWUSMICRON), 242 USB_ID(PLANEX2, GWUS300MINIX), 243 USB_ID(PLANEX2, RT3070), 244 USB_ID(QCOM, RT2870), 245 USB_ID(QUANTA, RT3070), 246 USB_ID(RALINK, RT2070), 247 USB_ID(RALINK, RT2770), 248 USB_ID(RALINK, RT2870), 249 USB_ID(RALINK, RT3070), 250 USB_ID(RALINK, RT3071), 251 USB_ID(RALINK, RT3072), 252 USB_ID(RALINK, RT3370), 253 USB_ID(RALINK, RT3572), 254 USB_ID(RALINK, RT8070), 255 USB_ID(SAMSUNG, RT2870_1), 256 USB_ID(SENAO, RT2870_1), 257 USB_ID(SENAO, RT2870_2), 258 USB_ID(SENAO, RT2870_3), 259 USB_ID(SENAO, RT2870_4), 260 USB_ID(SENAO, RT3070), 261 USB_ID(SENAO, RT3071), 262 USB_ID(SENAO, RT3072), 263 USB_ID(SENAO, RT3072_2), 264 USB_ID(SENAO, RT3072_3), 265 USB_ID(SENAO, RT3072_4), 266 USB_ID(SENAO, RT3072_5), 267 USB_ID(SITECOMEU, RT2870_1), 268 USB_ID(SITECOMEU, RT2870_2), 269 USB_ID(SITECOMEU, RT2870_3), 270 USB_ID(SITECOMEU, RT3070_1), 271 USB_ID(SITECOMEU, RT3072_3), 272 USB_ID(SITECOMEU, RT3072_4), 273 USB_ID(SITECOMEU, RT3072_5), 274 USB_ID(SITECOMEU, WL302), 275 USB_ID(SITECOMEU, WL315), 276 USB_ID(SITECOMEU, WL321), 277 USB_ID(SITECOMEU, WL324), 278 USB_ID(SITECOMEU, WL329), 279 USB_ID(SITECOMEU, WL343), 280 USB_ID(SITECOMEU, WL344), 281 USB_ID(SITECOMEU, WL345), 282 USB_ID(SITECOMEU, WL349V4), 283 USB_ID(SITECOMEU, WL608), 284 USB_ID(SITECOMEU, WLA4000), 285 USB_ID(SITECOMEU, WLA5000), 286 USB_ID(SPARKLAN, RT2870_1), 287 USB_ID(SPARKLAN, RT2870_2), 288 USB_ID(SPARKLAN, RT3070), 289 USB_ID(SWEEX2, LW153), 290 USB_ID(SWEEX2, LW303), 291 USB_ID(SWEEX2, LW313), 292 USB_ID(TOSHIBA, RT3070), 293 USB_ID(UMEDIA, RT2870_1), 294 USB_ID(UMEDIA, TEW645UB), 295 USB_ID(ZCOM, RT2870_1), 296 USB_ID(ZCOM, RT2870_2), 297 USB_ID(ZINWELL, RT2870_1), 298 USB_ID(ZINWELL, RT2870_2), 299 USB_ID(ZINWELL, RT3070), 300 USB_ID(ZINWELL, RT3072), 301 USB_ID(ZINWELL, RT3072_2), 302 USB_ID(ZYXEL, NWD2105), 303 USB_ID(ZYXEL, NWD211AN), 304 USB_ID(ZYXEL, RT2870_1), 305 USB_ID(ZYXEL, RT2870_2), 306 USB_ID(ZYXEL, RT3070), 307 }; 308 309 static int run_match(device_t, cfdata_t, void *); 310 static void run_attach(device_t, device_t, void *); 311 static int run_detach(device_t, int); 312 static int run_activate(device_t, enum devact); 313 314 CFATTACH_DECL_NEW(run, sizeof(struct run_softc), 315 run_match, run_attach, run_detach, run_activate); 316 317 static int run_alloc_rx_ring(struct run_softc *); 318 static void run_free_rx_ring(struct run_softc *); 319 static int run_alloc_tx_ring(struct run_softc *, int); 320 static void run_free_tx_ring(struct run_softc *, int); 321 static int run_load_microcode(struct run_softc *); 322 static int run_reset(struct run_softc *); 323 static int run_read(struct run_softc *, uint16_t, uint32_t *); 324 static int run_read_region_1(struct run_softc *, uint16_t, 325 uint8_t *, int); 326 static int run_write_2(struct run_softc *, uint16_t, uint16_t); 327 static int run_write(struct run_softc *, uint16_t, uint32_t); 328 static int run_write_region_1(struct run_softc *, uint16_t, 329 const uint8_t *, int); 330 static int run_set_region_4(struct run_softc *, uint16_t, 331 uint32_t, int); 332 static int run_efuse_read_2(struct run_softc *, uint16_t, 333 uint16_t *); 334 static int run_eeprom_read_2(struct run_softc *, uint16_t, 335 uint16_t *); 336 static int run_rt2870_rf_write(struct run_softc *, uint8_t, 337 uint32_t); 338 static int run_rt3070_rf_read(struct run_softc *, uint8_t, 339 uint8_t *); 340 static int run_rt3070_rf_write(struct run_softc *, uint8_t, 341 uint8_t); 342 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 343 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 344 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 345 static const char * run_get_rf(int); 346 static int run_read_eeprom(struct run_softc *); 347 static struct ieee80211_node * 348 run_node_alloc(struct ieee80211_node_table *); 349 static int run_media_change(struct ifnet *); 350 static void run_next_scan(void *); 351 static void run_task(void *); 352 static void run_do_async(struct run_softc *, 353 void (*)(struct run_softc *, void *), void *, int); 354 static int run_newstate(struct ieee80211com *, 355 enum ieee80211_state, int); 356 static void run_newstate_cb(struct run_softc *, void *); 357 static int run_updateedca(struct ieee80211com *); 358 static void run_updateedca_cb(struct run_softc *, void *); 359 #ifdef RUN_HWCRYPTO 360 static int run_set_key(struct ieee80211com *, 361 const struct ieee80211_key *, const uint8_t *); 362 static void run_set_key_cb(struct run_softc *, void *); 363 static int run_delete_key(struct ieee80211com *, 364 const struct ieee80211_key *); 365 static void run_delete_key_cb(struct run_softc *, void *); 366 #endif 367 static void run_calibrate_to(void *); 368 static void run_calibrate_cb(struct run_softc *, void *); 369 static void run_newassoc(struct ieee80211_node *, int); 370 static void run_rx_frame(struct run_softc *, uint8_t *, int); 371 static void run_rxeof(usbd_xfer_handle, usbd_private_handle, 372 usbd_status); 373 static void run_txeof(usbd_xfer_handle, usbd_private_handle, 374 usbd_status); 375 static int run_tx(struct run_softc *, struct mbuf *, 376 struct ieee80211_node *); 377 static void run_start(struct ifnet *); 378 static void run_watchdog(struct ifnet *); 379 static int run_ioctl(struct ifnet *, u_long, void *); 380 static void run_select_chan_group(struct run_softc *, int); 381 static void run_set_agc(struct run_softc *, uint8_t); 382 static void run_set_rx_antenna(struct run_softc *, int); 383 static void run_rt2870_set_chan(struct run_softc *, u_int); 384 static void run_rt3070_set_chan(struct run_softc *, u_int); 385 static void run_rt3572_set_chan(struct run_softc *, u_int); 386 static int run_set_chan(struct run_softc *, 387 struct ieee80211_channel *); 388 static void run_enable_tsf_sync(struct run_softc *); 389 static void run_enable_mrr(struct run_softc *); 390 static void run_set_txpreamble(struct run_softc *); 391 static void run_set_basicrates(struct run_softc *); 392 static void run_set_leds(struct run_softc *, uint16_t); 393 static void run_set_bssid(struct run_softc *, const uint8_t *); 394 static void run_set_macaddr(struct run_softc *, const uint8_t *); 395 static void run_updateslot(struct ifnet *); 396 static void run_updateslot_cb(struct run_softc *, void *); 397 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 398 static int run_bbp_init(struct run_softc *); 399 static int run_rt3070_rf_init(struct run_softc *); 400 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, 401 uint8_t, uint8_t *); 402 static void run_rt3070_rf_setup(struct run_softc *); 403 static int run_txrx_enable(struct run_softc *); 404 static int run_init(struct ifnet *); 405 static void run_stop(struct ifnet *, int); 406 #ifndef IEEE80211_STA_ONLY 407 static int run_setup_beacon(struct run_softc *); 408 #endif 409 410 static const struct { 411 uint32_t reg; 412 uint32_t val; 413 } rt2870_def_mac[] = { 414 RT2870_DEF_MAC 415 }; 416 417 static const struct { 418 uint8_t reg; 419 uint8_t val; 420 } rt2860_def_bbp[] = { 421 RT2860_DEF_BBP 422 }; 423 424 static const struct rfprog { 425 uint8_t chan; 426 uint32_t r1, r2, r3, r4; 427 } rt2860_rf2850[] = { 428 RT2860_RF2850 429 }; 430 431 static const struct { 432 uint8_t n, r, k; 433 } rt3070_freqs[] = { 434 RT3070_RF3052 435 }; 436 437 static const struct { 438 uint8_t reg; 439 uint8_t val; 440 } rt3070_def_rf[] = { 441 RT3070_DEF_RF 442 }, rt3572_def_rf[] = { 443 RT3572_DEF_RF 444 }; 445 446 static int 447 firmware_load(const char *dname, const char *iname, uint8_t **ucodep, 448 size_t *sizep) 449 { 450 firmware_handle_t fh; 451 int error; 452 453 if ((error = firmware_open(dname, iname, &fh)) != 0) 454 return (error); 455 *sizep = firmware_get_size(fh); 456 if ((*ucodep = firmware_malloc(*sizep)) == NULL) { 457 firmware_close(fh); 458 return (ENOMEM); 459 } 460 if ((error = firmware_read(fh, 0, *ucodep, *sizep)) != 0) 461 firmware_free(*ucodep, *sizep); 462 firmware_close(fh); 463 464 return (error); 465 } 466 467 static int 468 run_match(device_t parent, cfdata_t match, void *aux) 469 { 470 struct usb_attach_arg *uaa = aux; 471 472 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ? 473 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 474 } 475 476 static void 477 run_attach(device_t parent, device_t self, void *aux) 478 { 479 struct run_softc *sc = device_private(self); 480 struct usb_attach_arg *uaa = aux; 481 struct ieee80211com *ic = &sc->sc_ic; 482 struct ifnet *ifp = &sc->sc_if; 483 usb_interface_descriptor_t *id; 484 usb_endpoint_descriptor_t *ed; 485 char *devinfop; 486 int i, nrx, ntx, ntries, error; 487 uint32_t ver; 488 489 aprint_naive("\n"); 490 aprint_normal("\n"); 491 492 sc->sc_dev = self; 493 sc->sc_udev = uaa->device; 494 495 devinfop = usbd_devinfo_alloc(sc->sc_udev, 0); 496 aprint_normal_dev(sc->sc_dev, "%s\n", devinfop); 497 usbd_devinfo_free(devinfop); 498 499 error = usbd_set_config_no(sc->sc_udev, 1, 0); 500 if (error != 0) { 501 aprint_error_dev(sc->sc_dev, "failed to set configuration" 502 ", err=%s\n", usbd_errstr(error)); 503 return; 504 } 505 506 /* get the first interface handle */ 507 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 508 if (error != 0) { 509 aprint_error_dev(sc->sc_dev, 510 "could not get interface handle\n"); 511 return; 512 } 513 514 /* 515 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX 516 * and 6 for TX (4 EDCAs + HCCA + Prio). 517 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 518 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 519 */ 520 nrx = ntx = 0; 521 id = usbd_get_interface_descriptor(sc->sc_iface); 522 for (i = 0; i < id->bNumEndpoints; i++) { 523 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 524 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK) 525 continue; 526 527 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) { 528 sc->rxq.pipe_no = ed->bEndpointAddress; 529 nrx++; 530 } else if (ntx < 4) { 531 sc->txq[ntx].pipe_no = ed->bEndpointAddress; 532 ntx++; 533 } 534 } 535 /* make sure we've got them all */ 536 if (nrx < 1 || ntx < 4) { 537 aprint_error_dev(sc->sc_dev, "missing endpoint\n"); 538 return; 539 } 540 541 usb_init_task(&sc->sc_task, run_task, sc, 0); 542 callout_init(&sc->scan_to, 0); 543 callout_setfunc(&sc->scan_to, run_next_scan, sc); 544 callout_init(&sc->calib_to, 0); 545 callout_setfunc(&sc->calib_to, run_calibrate_to, sc); 546 547 sc->amrr.amrr_min_success_threshold = 1; 548 sc->amrr.amrr_max_success_threshold = 10; 549 550 /* wait for the chip to settle */ 551 for (ntries = 0; ntries < 100; ntries++) { 552 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) 553 return; 554 if (ver != 0 && ver != 0xffffffff) 555 break; 556 DELAY(10); 557 } 558 if (ntries == 100) { 559 aprint_error_dev(sc->sc_dev, 560 "timeout waiting for NIC to initialize\n"); 561 return; 562 } 563 sc->mac_ver = ver >> 16; 564 sc->mac_rev = ver & 0xffff; 565 566 /* retrieve RF rev. no and various other things from EEPROM */ 567 run_read_eeprom(sc); 568 569 aprint_error_dev(sc->sc_dev, 570 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n", 571 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains, 572 sc->nrxchains, ether_sprintf(ic->ic_myaddr)); 573 574 ic->ic_ifp = ifp; 575 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 576 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 577 ic->ic_state = IEEE80211_S_INIT; 578 579 /* set device capabilities */ 580 ic->ic_caps = 581 IEEE80211_C_MONITOR | /* monitor mode supported */ 582 #ifndef IEEE80211_STA_ONLY 583 IEEE80211_C_IBSS | /* IBSS mode supported */ 584 IEEE80211_C_HOSTAP | /* HostAP mode supported */ 585 #endif 586 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 587 IEEE80211_C_SHSLOT | /* short slot time supported */ 588 #ifdef RUN_HWCRYPTO 589 IEEE80211_C_WEP | /* WEP */ 590 IEEE80211_C_TKIP | /* TKIP */ 591 IEEE80211_C_AES_CCM | /* AES CCMP */ 592 IEEE80211_C_TKIPMIC | /* TKIPMIC */ 593 #endif 594 IEEE80211_C_WME | /* WME */ 595 IEEE80211_C_WPA; /* WPA/RSN */ 596 597 if (sc->rf_rev == RT2860_RF_2750 || 598 sc->rf_rev == RT2860_RF_2850 || 599 sc->rf_rev == RT3070_RF_3052) { 600 /* set supported .11a rates */ 601 ic->ic_sup_rates[IEEE80211_MODE_11A] = 602 ieee80211_std_rateset_11a; 603 604 /* set supported .11a channels */ 605 for (i = 14; i < (int)__arraycount(rt2860_rf2850); i++) { 606 uint8_t chan = rt2860_rf2850[i].chan; 607 ic->ic_channels[chan].ic_freq = 608 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 609 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 610 } 611 } 612 613 /* set supported .11b and .11g rates */ 614 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 615 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 616 617 /* set supported .11b and .11g channels (1 through 14) */ 618 for (i = 1; i <= 14; i++) { 619 ic->ic_channels[i].ic_freq = 620 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 621 ic->ic_channels[i].ic_flags = 622 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 623 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 624 } 625 626 ifp->if_softc = sc; 627 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 628 ifp->if_init = run_init; 629 ifp->if_ioctl = run_ioctl; 630 ifp->if_start = run_start; 631 ifp->if_watchdog = run_watchdog; 632 IFQ_SET_READY(&ifp->if_snd); 633 memcpy(ifp->if_xname, device_xname(sc->sc_dev), IFNAMSIZ); 634 635 if_attach(ifp); 636 ieee80211_ifattach(ic); 637 ic->ic_node_alloc = run_node_alloc; 638 ic->ic_newassoc = run_newassoc; 639 ic->ic_updateslot = run_updateslot; 640 ic->ic_wme.wme_update = run_updateedca; 641 #ifdef RUN_HWCRYPTO 642 ic->ic_crypto.cs_key_set = run_set_key; 643 ic->ic_crypto.cs_key_delete = run_delete_key; 644 #endif 645 /* override state transition machine */ 646 sc->sc_newstate = ic->ic_newstate; 647 ic->ic_newstate = run_newstate; 648 ieee80211_media_init(ic, run_media_change, ieee80211_media_status); 649 650 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 651 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 652 &sc->sc_drvbpf); 653 654 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 655 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 656 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT); 657 658 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 659 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 660 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT); 661 662 ieee80211_announce(ic); 663 664 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, sc->sc_dev); 665 } 666 667 static int 668 run_detach(device_t self, int flags) 669 { 670 struct run_softc *sc = device_private(self); 671 struct ifnet *ifp = &sc->sc_if; 672 struct ieee80211com *ic = &sc->sc_ic; 673 int s; 674 675 if (ifp->if_softc == NULL) 676 return (0); 677 678 s = splnet(); 679 680 sc->sc_flags |= RUN_DETACHING; 681 682 if (ifp->if_flags & IFF_RUNNING) { 683 usb_rem_task(sc->sc_udev, &sc->sc_task); 684 run_stop(ifp, 0); 685 } 686 687 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 688 bpf_detach(ifp); 689 ieee80211_ifdetach(ic); 690 if_detach(ifp); 691 692 splx(s); 693 694 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, sc->sc_dev); 695 696 callout_destroy(&sc->scan_to); 697 callout_destroy(&sc->calib_to); 698 699 return (0); 700 } 701 702 static int 703 run_activate(device_t self, enum devact act) 704 { 705 struct run_softc *sc = device_private(self); 706 707 switch (act) { 708 case DVACT_DEACTIVATE: 709 if_deactivate(sc->sc_ic.ic_ifp); 710 return (0); 711 default: 712 return (EOPNOTSUPP); 713 } 714 } 715 716 static int 717 run_alloc_rx_ring(struct run_softc *sc) 718 { 719 struct run_rx_ring *rxq = &sc->rxq; 720 int i, error; 721 722 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh); 723 if (error != 0) 724 goto fail; 725 726 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 727 struct run_rx_data *data = &rxq->data[i]; 728 729 data->sc = sc; /* backpointer for callbacks */ 730 731 data->xfer = usbd_alloc_xfer(sc->sc_udev); 732 if (data->xfer == NULL) { 733 error = ENOMEM; 734 goto fail; 735 } 736 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ); 737 if (data->buf == NULL) { 738 error = ENOMEM; 739 goto fail; 740 } 741 } 742 if (error != 0) 743 fail: run_free_rx_ring(sc); 744 return (error); 745 } 746 747 static void 748 run_free_rx_ring(struct run_softc *sc) 749 { 750 struct run_rx_ring *rxq = &sc->rxq; 751 int i; 752 753 if (rxq->pipeh != NULL) { 754 usbd_abort_pipe(rxq->pipeh); 755 usbd_close_pipe(rxq->pipeh); 756 rxq->pipeh = NULL; 757 } 758 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 759 if (rxq->data[i].xfer != NULL) 760 usbd_free_xfer(rxq->data[i].xfer); 761 rxq->data[i].xfer = NULL; 762 } 763 } 764 765 static int 766 run_alloc_tx_ring(struct run_softc *sc, int qid) 767 { 768 struct run_tx_ring *txq = &sc->txq[qid]; 769 int i, error; 770 771 txq->cur = txq->queued = 0; 772 773 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh); 774 if (error != 0) 775 goto fail; 776 777 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 778 struct run_tx_data *data = &txq->data[i]; 779 780 data->sc = sc; /* backpointer for callbacks */ 781 data->qid = qid; 782 783 data->xfer = usbd_alloc_xfer(sc->sc_udev); 784 if (data->xfer == NULL) { 785 error = ENOMEM; 786 goto fail; 787 } 788 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ); 789 if (data->buf == NULL) { 790 error = ENOMEM; 791 goto fail; 792 } 793 /* zeroize the TXD + TXWI part */ 794 memset(data->buf, 0, sizeof (struct rt2870_txd) + 795 sizeof (struct rt2860_txwi)); 796 } 797 if (error != 0) 798 fail: run_free_tx_ring(sc, qid); 799 return (error); 800 } 801 802 static void 803 run_free_tx_ring(struct run_softc *sc, int qid) 804 { 805 struct run_tx_ring *txq = &sc->txq[qid]; 806 int i; 807 808 if (txq->pipeh != NULL) { 809 usbd_abort_pipe(txq->pipeh); 810 usbd_close_pipe(txq->pipeh); 811 txq->pipeh = NULL; 812 } 813 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 814 if (txq->data[i].xfer != NULL) 815 usbd_free_xfer(txq->data[i].xfer); 816 txq->data[i].xfer = NULL; 817 } 818 } 819 820 static int 821 run_load_microcode(struct run_softc *sc) 822 { 823 usb_device_request_t req; 824 const char *fwname; 825 u_char *ucode; 826 size_t size; 827 uint32_t tmp; 828 int ntries, error; 829 830 /* RT3071/RT3072 use a different firmware */ 831 if (sc->mac_ver != 0x2860 && 832 sc->mac_ver != 0x2872 && 833 sc->mac_ver != 0x3070) 834 fwname = "run-rt3071"; 835 else 836 fwname = "run-rt2870"; 837 838 if ((error = firmware_load("run", fwname, &ucode, &size)) != 0) { 839 aprint_error_dev(sc->sc_dev, 840 "error %d, could not read firmware %s\n", error, fwname); 841 return (error); 842 } 843 if (size != 4096) { 844 aprint_error_dev(sc->sc_dev, 845 "invalid firmware size (should be 4KB)\n"); 846 firmware_free(ucode, size); 847 return (EINVAL); 848 } 849 850 run_read(sc, RT2860_ASIC_VER_ID, &tmp); 851 /* write microcode image */ 852 run_write_region_1(sc, RT2870_FW_BASE, ucode, size); 853 firmware_free(ucode, size); 854 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 855 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 856 857 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 858 req.bRequest = RT2870_RESET; 859 USETW(req.wValue, 8); 860 USETW(req.wIndex, 0); 861 USETW(req.wLength, 0); 862 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0) 863 return (error); 864 865 usbd_delay_ms(sc->sc_udev, 10); 866 run_write(sc, RT2860_H2M_MAILBOX, 0); 867 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 868 return (error); 869 870 /* wait until microcontroller is ready */ 871 for (ntries = 0; ntries < 1000; ntries++) { 872 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 873 return (error); 874 if (tmp & RT2860_MCU_READY) 875 break; 876 DELAY(1000); 877 } 878 if (ntries == 1000) { 879 aprint_error_dev(sc->sc_dev, 880 "timeout waiting for MCU to initialize\n"); 881 return (ETIMEDOUT); 882 } 883 884 sc->sc_flags |= RUN_FWLOADED; 885 886 DPRINTF(("microcode successfully loaded after %d tries\n", ntries)); 887 return (0); 888 } 889 890 static int 891 run_reset(struct run_softc *sc) 892 { 893 usb_device_request_t req; 894 895 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 896 req.bRequest = RT2870_RESET; 897 USETW(req.wValue, 1); 898 USETW(req.wIndex, 0); 899 USETW(req.wLength, 0); 900 return usbd_do_request(sc->sc_udev, &req, NULL); 901 } 902 903 static int 904 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 905 { 906 uint32_t tmp; 907 int error; 908 909 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 910 if (error == 0) 911 *val = le32toh(tmp); 912 else 913 *val = 0xffffffff; 914 return (error); 915 } 916 917 static int 918 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 919 { 920 usb_device_request_t req; 921 922 req.bmRequestType = UT_READ_VENDOR_DEVICE; 923 req.bRequest = RT2870_READ_REGION_1; 924 USETW(req.wValue, 0); 925 USETW(req.wIndex, reg); 926 USETW(req.wLength, len); 927 return usbd_do_request(sc->sc_udev, &req, buf); 928 } 929 930 static int 931 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 932 { 933 usb_device_request_t req; 934 935 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 936 req.bRequest = RT2870_WRITE_2; 937 USETW(req.wValue, val); 938 USETW(req.wIndex, reg); 939 USETW(req.wLength, 0); 940 return usbd_do_request(sc->sc_udev, &req, NULL); 941 } 942 943 static int 944 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 945 { 946 int error; 947 948 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 949 error = run_write_2(sc, reg + 2, val >> 16); 950 return (error); 951 } 952 953 static int 954 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 955 int len) 956 { 957 #if 1 958 int i, error = 0; 959 /* 960 * NB: the WRITE_REGION_1 command is not stable on RT2860. 961 * We thus issue multiple WRITE_2 commands instead. 962 */ 963 KASSERT((len & 1) == 0); 964 for (i = 0; i < len && error == 0; i += 2) 965 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 966 return (error); 967 #else 968 usb_device_request_t req; 969 970 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 971 req.bRequest = RT2870_WRITE_REGION_1; 972 USETW(req.wValue, 0); 973 USETW(req.wIndex, reg); 974 USETW(req.wLength, len); 975 return usbd_do_request(sc->sc_udev, &req, buf); 976 #endif 977 } 978 979 static int 980 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count) 981 { 982 int error = 0; 983 984 for (; count > 0 && error == 0; count--, reg += 4) 985 error = run_write(sc, reg, val); 986 return (error); 987 } 988 989 /* Read 16-bit from eFUSE ROM (RT3070 only.) */ 990 static int 991 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 992 { 993 uint32_t tmp; 994 uint16_t reg; 995 int error, ntries; 996 997 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 998 return (error); 999 1000 addr *= 2; 1001 /*- 1002 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1003 * DATA0: F E D C 1004 * DATA1: B A 9 8 1005 * DATA2: 7 6 5 4 1006 * DATA3: 3 2 1 0 1007 */ 1008 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1009 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1010 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1011 for (ntries = 0; ntries < 100; ntries++) { 1012 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1013 return (error); 1014 if (!(tmp & RT3070_EFSROM_KICK)) 1015 break; 1016 DELAY(2); 1017 } 1018 if (ntries == 100) 1019 return (ETIMEDOUT); 1020 1021 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1022 *val = 0xffff; /* address not found */ 1023 return (0); 1024 } 1025 /* determine to which 32-bit register our 16-bit word belongs */ 1026 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1027 if ((error = run_read(sc, reg, &tmp)) != 0) 1028 return (error); 1029 1030 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1031 return (0); 1032 } 1033 1034 static int 1035 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1036 { 1037 usb_device_request_t req; 1038 uint16_t tmp; 1039 int error; 1040 1041 addr *= 2; 1042 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1043 req.bRequest = RT2870_EEPROM_READ; 1044 USETW(req.wValue, 0); 1045 USETW(req.wIndex, addr); 1046 USETW(req.wLength, sizeof tmp); 1047 error = usbd_do_request(sc->sc_udev, &req, &tmp); 1048 if (error == 0) 1049 *val = le16toh(tmp); 1050 else 1051 *val = 0xffff; 1052 return (error); 1053 } 1054 1055 static __inline int 1056 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1057 { 1058 1059 /* either eFUSE ROM or EEPROM */ 1060 return sc->sc_srom_read(sc, addr, val); 1061 } 1062 1063 static int 1064 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 1065 { 1066 uint32_t tmp; 1067 int error, ntries; 1068 1069 for (ntries = 0; ntries < 10; ntries++) { 1070 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1071 return (error); 1072 if (!(tmp & RT2860_RF_REG_CTRL)) 1073 break; 1074 } 1075 if (ntries == 10) 1076 return (ETIMEDOUT); 1077 1078 /* RF registers are 24-bit on the RT2860 */ 1079 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1080 (val & 0x3fffff) << 2 | (reg & 3); 1081 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1082 } 1083 1084 static int 1085 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1086 { 1087 uint32_t tmp; 1088 int error, ntries; 1089 1090 for (ntries = 0; ntries < 100; ntries++) { 1091 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1092 return (error); 1093 if (!(tmp & RT3070_RF_KICK)) 1094 break; 1095 } 1096 if (ntries == 100) 1097 return (ETIMEDOUT); 1098 1099 tmp = RT3070_RF_KICK | reg << 8; 1100 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1101 return (error); 1102 1103 for (ntries = 0; ntries < 100; ntries++) { 1104 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1105 return (error); 1106 if (!(tmp & RT3070_RF_KICK)) 1107 break; 1108 } 1109 if (ntries == 100) 1110 return (ETIMEDOUT); 1111 1112 *val = tmp & 0xff; 1113 return (0); 1114 } 1115 1116 static int 1117 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1118 { 1119 uint32_t tmp; 1120 int error, ntries; 1121 1122 for (ntries = 0; ntries < 10; ntries++) { 1123 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1124 return (error); 1125 if (!(tmp & RT3070_RF_KICK)) 1126 break; 1127 } 1128 if (ntries == 10) 1129 return (ETIMEDOUT); 1130 1131 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1132 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1133 } 1134 1135 static int 1136 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1137 { 1138 uint32_t tmp; 1139 int ntries, error; 1140 1141 for (ntries = 0; ntries < 10; ntries++) { 1142 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1143 return (error); 1144 if (!(tmp & RT2860_BBP_CSR_KICK)) 1145 break; 1146 } 1147 if (ntries == 10) 1148 return (ETIMEDOUT); 1149 1150 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1151 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1152 return (error); 1153 1154 for (ntries = 0; ntries < 10; ntries++) { 1155 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1156 return (error); 1157 if (!(tmp & RT2860_BBP_CSR_KICK)) 1158 break; 1159 } 1160 if (ntries == 10) 1161 return (ETIMEDOUT); 1162 1163 *val = tmp & 0xff; 1164 return (0); 1165 } 1166 1167 static int 1168 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1169 { 1170 uint32_t tmp; 1171 int ntries, error; 1172 1173 for (ntries = 0; ntries < 10; ntries++) { 1174 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1175 return (error); 1176 if (!(tmp & RT2860_BBP_CSR_KICK)) 1177 break; 1178 } 1179 if (ntries == 10) 1180 return (ETIMEDOUT); 1181 1182 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1183 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1184 } 1185 1186 /* 1187 * Send a command to the 8051 microcontroller unit. 1188 */ 1189 static int 1190 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1191 { 1192 uint32_t tmp; 1193 int error, ntries; 1194 1195 for (ntries = 0; ntries < 100; ntries++) { 1196 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1197 return (error); 1198 if (!(tmp & RT2860_H2M_BUSY)) 1199 break; 1200 } 1201 if (ntries == 100) 1202 return (ETIMEDOUT); 1203 1204 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1205 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1206 error = run_write(sc, RT2860_HOST_CMD, cmd); 1207 return (error); 1208 } 1209 1210 /* 1211 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1212 * Used to adjust per-rate Tx power registers. 1213 */ 1214 static __inline uint32_t 1215 b4inc(uint32_t b32, int8_t delta) 1216 { 1217 int8_t i, b4; 1218 1219 for (i = 0; i < 8; i++) { 1220 b4 = b32 & 0xf; 1221 b4 += delta; 1222 if (b4 < 0) 1223 b4 = 0; 1224 else if (b4 > 0xf) 1225 b4 = 0xf; 1226 b32 = b32 >> 4 | b4 << 28; 1227 } 1228 return (b32); 1229 } 1230 1231 static const char * 1232 run_get_rf(int rev) 1233 { 1234 switch (rev) { 1235 case RT2860_RF_2820: return "RT2820"; 1236 case RT2860_RF_2850: return "RT2850"; 1237 case RT2860_RF_2720: return "RT2720"; 1238 case RT2860_RF_2750: return "RT2750"; 1239 case RT3070_RF_3020: return "RT3020"; 1240 case RT3070_RF_2020: return "RT2020"; 1241 case RT3070_RF_3021: return "RT3021"; 1242 case RT3070_RF_3022: return "RT3022"; 1243 case RT3070_RF_3052: return "RT3052"; 1244 } 1245 return "unknown"; 1246 } 1247 1248 static int 1249 run_read_eeprom(struct run_softc *sc) 1250 { 1251 struct ieee80211com *ic = &sc->sc_ic; 1252 int8_t delta_2ghz, delta_5ghz; 1253 uint32_t tmp; 1254 uint16_t val; 1255 int ridx, ant, i; 1256 1257 /* check whether the ROM is eFUSE ROM or EEPROM */ 1258 sc->sc_srom_read = run_eeprom_read_2; 1259 if (sc->mac_ver >= 0x3070) { 1260 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1261 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp)); 1262 if (tmp & RT3070_SEL_EFUSE) 1263 sc->sc_srom_read = run_efuse_read_2; 1264 } 1265 1266 /* read ROM version */ 1267 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1268 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8)); 1269 1270 /* read MAC address */ 1271 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1272 ic->ic_myaddr[0] = val & 0xff; 1273 ic->ic_myaddr[1] = val >> 8; 1274 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1275 ic->ic_myaddr[2] = val & 0xff; 1276 ic->ic_myaddr[3] = val >> 8; 1277 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1278 ic->ic_myaddr[4] = val & 0xff; 1279 ic->ic_myaddr[5] = val >> 8; 1280 1281 /* read vendor BBP settings */ 1282 for (i = 0; i < 10; i++) { 1283 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1284 sc->bbp[i].val = val & 0xff; 1285 sc->bbp[i].reg = val >> 8; 1286 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val)); 1287 } 1288 if (sc->mac_ver >= 0x3071) { 1289 /* read vendor RF settings */ 1290 for (i = 0; i < 10; i++) { 1291 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, &val); 1292 sc->rf[i].val = val & 0xff; 1293 sc->rf[i].reg = val >> 8; 1294 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg, 1295 sc->rf[i].val)); 1296 } 1297 } 1298 1299 /* read RF frequency offset from EEPROM */ 1300 run_srom_read(sc, RT2860_EEPROM_FREQ_LEDS, &val); 1301 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1302 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff)); 1303 1304 if ((val >> 8) != 0xff) { 1305 /* read LEDs operating mode */ 1306 sc->leds = val >> 8; 1307 run_srom_read(sc, RT2860_EEPROM_LED1, &sc->led[0]); 1308 run_srom_read(sc, RT2860_EEPROM_LED2, &sc->led[1]); 1309 run_srom_read(sc, RT2860_EEPROM_LED3, &sc->led[2]); 1310 } else { 1311 /* broken EEPROM, use default settings */ 1312 sc->leds = 0x01; 1313 sc->led[0] = 0x5555; 1314 sc->led[1] = 0x2221; 1315 sc->led[2] = 0x5627; /* differs from RT2860 */ 1316 } 1317 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1318 sc->leds, sc->led[0], sc->led[1], sc->led[2])); 1319 1320 /* read RF information */ 1321 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1322 if (val == 0xffff) { 1323 DPRINTF(("invalid EEPROM antenna info, using default\n")); 1324 if (sc->mac_ver == 0x3572) { 1325 /* default to RF3052 2T2R */ 1326 sc->rf_rev = RT3070_RF_3052; 1327 sc->ntxchains = 2; 1328 sc->nrxchains = 2; 1329 } else if (sc->mac_ver >= 0x3070) { 1330 /* default to RF3020 1T1R */ 1331 sc->rf_rev = RT3070_RF_3020; 1332 sc->ntxchains = 1; 1333 sc->nrxchains = 1; 1334 } else { 1335 /* default to RF2820 1T2R */ 1336 sc->rf_rev = RT2860_RF_2820; 1337 sc->ntxchains = 1; 1338 sc->nrxchains = 2; 1339 } 1340 } else { 1341 sc->rf_rev = (val >> 8) & 0xf; 1342 sc->ntxchains = (val >> 4) & 0xf; 1343 sc->nrxchains = val & 0xf; 1344 } 1345 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1346 sc->rf_rev, sc->ntxchains, sc->nrxchains)); 1347 1348 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1349 DPRINTF(("EEPROM CFG 0x%04x\n", val)); 1350 /* check if driver should patch the DAC issue */ 1351 if ((val >> 8) != 0xff) 1352 sc->patch_dac = (val >> 15) & 1; 1353 if ((val & 0xff) != 0xff) { 1354 sc->ext_5ghz_lna = (val >> 3) & 1; 1355 sc->ext_2ghz_lna = (val >> 2) & 1; 1356 /* check if RF supports automatic Tx access gain control */ 1357 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1358 /* check if we have a hardware radio switch */ 1359 sc->rfswitch = val & 1; 1360 } 1361 1362 /* read power settings for 2GHz channels */ 1363 for (i = 0; i < 14; i += 2) { 1364 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1365 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1366 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1367 1368 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1369 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1370 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1371 } 1372 /* fix broken Tx power entries */ 1373 for (i = 0; i < 14; i++) { 1374 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1375 sc->txpow1[i] = 5; 1376 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1377 sc->txpow2[i] = 5; 1378 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1379 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i])); 1380 } 1381 /* read power settings for 5GHz channels */ 1382 for (i = 0; i < 40; i += 2) { 1383 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1384 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1385 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1386 1387 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1388 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1389 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1390 } 1391 /* fix broken Tx power entries */ 1392 for (i = 0; i < 40; i++) { 1393 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1394 sc->txpow1[14 + i] = 5; 1395 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1396 sc->txpow2[14 + i] = 5; 1397 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1398 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1399 sc->txpow2[14 + i])); 1400 } 1401 1402 /* read Tx power compensation for each Tx rate */ 1403 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1404 delta_2ghz = delta_5ghz = 0; 1405 if ((val & 0xff) != 0xff && (val & 0x80)) { 1406 delta_2ghz = val & 0xf; 1407 if (!(val & 0x40)) /* negative number */ 1408 delta_2ghz = -delta_2ghz; 1409 } 1410 val >>= 8; 1411 if ((val & 0xff) != 0xff && (val & 0x80)) { 1412 delta_5ghz = val & 0xf; 1413 if (!(val & 0x40)) /* negative number */ 1414 delta_5ghz = -delta_5ghz; 1415 } 1416 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n", 1417 delta_2ghz, delta_5ghz)); 1418 1419 for (ridx = 0; ridx < 5; ridx++) { 1420 uint32_t reg; 1421 1422 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1423 reg = val; 1424 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1425 reg |= (uint32_t)val << 16; 1426 1427 sc->txpow20mhz[ridx] = reg; 1428 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1429 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1430 1431 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1432 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1433 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx])); 1434 } 1435 1436 /* read RSSI offsets and LNA gains from EEPROM */ 1437 run_srom_read(sc, RT2860_EEPROM_RSSI1_2GHZ, &val); 1438 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1439 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1440 run_srom_read(sc, RT2860_EEPROM_RSSI2_2GHZ, &val); 1441 if (sc->mac_ver >= 0x3070) { 1442 /* 1443 * On RT3070 chips (limited to 2 Rx chains), this ROM 1444 * field contains the Tx mixer gain for the 2GHz band. 1445 */ 1446 if ((val & 0xff) != 0xff) 1447 sc->txmixgain_2ghz = val & 0x7; 1448 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz)); 1449 } else { 1450 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1451 } 1452 sc->lna[2] = val >> 8; /* channel group 2 */ 1453 1454 run_srom_read(sc, RT2860_EEPROM_RSSI1_5GHZ, &val); 1455 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1456 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1457 run_srom_read(sc, RT2860_EEPROM_RSSI2_5GHZ, &val); 1458 if (sc->mac_ver == 0x3572) { 1459 /* 1460 * On RT3572 chips (limited to 2 Rx chains), this ROM 1461 * field contains the Tx mixer gain for the 5GHz band. 1462 */ 1463 if ((val & 0xff) != 0xff) 1464 sc->txmixgain_5ghz = val & 0x7; 1465 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz)); 1466 } else { 1467 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1468 } 1469 sc->lna[3] = val >> 8; /* channel group 3 */ 1470 1471 run_srom_read(sc, RT2860_EEPROM_LNA, &val); 1472 sc->lna[0] = val & 0xff; /* channel group 0 */ 1473 sc->lna[1] = val >> 8; /* channel group 1 */ 1474 1475 /* fix broken 5GHz LNA entries */ 1476 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1477 DPRINTF(("invalid LNA for channel group %d\n", 2)); 1478 sc->lna[2] = sc->lna[1]; 1479 } 1480 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1481 DPRINTF(("invalid LNA for channel group %d\n", 3)); 1482 sc->lna[3] = sc->lna[1]; 1483 } 1484 1485 /* fix broken RSSI offset entries */ 1486 for (ant = 0; ant < 3; ant++) { 1487 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1488 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n", 1489 ant + 1, sc->rssi_2ghz[ant])); 1490 sc->rssi_2ghz[ant] = 0; 1491 } 1492 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1493 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n", 1494 ant + 1, sc->rssi_5ghz[ant])); 1495 sc->rssi_5ghz[ant] = 0; 1496 } 1497 } 1498 return (0); 1499 } 1500 1501 static struct ieee80211_node * 1502 run_node_alloc(struct ieee80211_node_table *nt) 1503 { 1504 struct run_node *rn = 1505 malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1506 return (rn) ? &rn->ni : NULL; 1507 } 1508 1509 static int 1510 run_media_change(struct ifnet *ifp) 1511 { 1512 struct run_softc *sc = ifp->if_softc; 1513 struct ieee80211com *ic = &sc->sc_ic; 1514 uint8_t rate, ridx; 1515 int error; 1516 1517 error = ieee80211_media_change(ifp); 1518 if (error != ENETRESET) 1519 return (error); 1520 1521 if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 1522 rate = ic->ic_sup_rates[ic->ic_curmode]. 1523 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1524 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++) 1525 if (rt2860_rates[ridx].rate == rate) 1526 break; 1527 sc->fixed_ridx = ridx; 1528 } 1529 1530 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1531 run_init(ifp); 1532 1533 return (0); 1534 } 1535 1536 static void 1537 run_next_scan(void *arg) 1538 { 1539 struct run_softc *sc = arg; 1540 1541 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1542 ieee80211_next_scan(&sc->sc_ic); 1543 } 1544 1545 static void 1546 run_task(void *arg) 1547 { 1548 struct run_softc *sc = arg; 1549 struct run_host_cmd_ring *ring = &sc->cmdq; 1550 struct run_host_cmd *cmd; 1551 int s; 1552 1553 /* process host commands */ 1554 s = splusb(); 1555 while (ring->next != ring->cur) { 1556 cmd = &ring->cmd[ring->next]; 1557 splx(s); 1558 /* callback */ 1559 cmd->cb(sc, cmd->data); 1560 s = splusb(); 1561 ring->queued--; 1562 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT; 1563 } 1564 wakeup(ring); 1565 splx(s); 1566 } 1567 1568 static void 1569 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *), 1570 void *arg, int len) 1571 { 1572 struct run_host_cmd_ring *ring = &sc->cmdq; 1573 struct run_host_cmd *cmd; 1574 int s; 1575 1576 if (sc->sc_flags & RUN_DETACHING) 1577 return; 1578 1579 s = splusb(); 1580 cmd = &ring->cmd[ring->cur]; 1581 cmd->cb = cb; 1582 KASSERT(len <= sizeof (cmd->data)); 1583 memcpy(cmd->data, arg, len); 1584 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT; 1585 1586 /* if there is no pending command already, schedule a task */ 1587 if (++ring->queued == 1) 1588 usb_add_task(sc->sc_udev, &sc->sc_task, USB_TASKQ_DRIVER); 1589 splx(s); 1590 } 1591 1592 static int 1593 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1594 { 1595 struct run_softc *sc = ic->ic_ifp->if_softc; 1596 struct run_cmd_newstate cmd; 1597 1598 callout_stop(&sc->scan_to); 1599 callout_stop(&sc->calib_to); 1600 1601 /* do it in a process context */ 1602 cmd.state = nstate; 1603 cmd.arg = arg; 1604 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd); 1605 return (0); 1606 } 1607 1608 static void 1609 run_newstate_cb(struct run_softc *sc, void *arg) 1610 { 1611 struct run_cmd_newstate *cmd = arg; 1612 struct ifnet *ifp = &sc->sc_if; 1613 struct ieee80211com *ic = &sc->sc_ic; 1614 enum ieee80211_state ostate; 1615 struct ieee80211_node *ni; 1616 uint32_t tmp, sta[3]; 1617 uint8_t wcid; 1618 int s; 1619 1620 s = splnet(); 1621 ostate = ic->ic_state; 1622 1623 if (ostate == IEEE80211_S_RUN) { 1624 /* turn link LED off */ 1625 run_set_leds(sc, RT2860_LED_RADIO); 1626 } 1627 1628 switch (cmd->state) { 1629 case IEEE80211_S_INIT: 1630 if (ostate == IEEE80211_S_RUN) { 1631 /* abort TSF synchronization */ 1632 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1633 run_write(sc, RT2860_BCN_TIME_CFG, 1634 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1635 RT2860_TBTT_TIMER_EN)); 1636 } 1637 break; 1638 1639 case IEEE80211_S_SCAN: 1640 run_set_chan(sc, ic->ic_curchan); 1641 callout_schedule(&sc->scan_to, hz / 5); 1642 break; 1643 1644 case IEEE80211_S_AUTH: 1645 case IEEE80211_S_ASSOC: 1646 run_set_chan(sc, ic->ic_curchan); 1647 break; 1648 1649 case IEEE80211_S_RUN: 1650 run_set_chan(sc, ic->ic_curchan); 1651 1652 ni = ic->ic_bss; 1653 1654 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1655 run_updateslot(ifp); 1656 run_enable_mrr(sc); 1657 run_set_txpreamble(sc); 1658 run_set_basicrates(sc); 1659 run_set_bssid(sc, ni->ni_bssid); 1660 } 1661 #ifndef IEEE80211_STA_ONLY 1662 if (ic->ic_opmode == IEEE80211_M_HOSTAP || 1663 ic->ic_opmode == IEEE80211_M_IBSS) 1664 (void)run_setup_beacon(sc); 1665 #endif 1666 if (ic->ic_opmode == IEEE80211_M_STA) { 1667 /* add BSS entry to the WCID table */ 1668 wcid = RUN_AID2WCID(ni->ni_associd); 1669 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1670 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1671 1672 /* fake a join to init the tx rate */ 1673 run_newassoc(ni, 1); 1674 } 1675 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1676 run_enable_tsf_sync(sc); 1677 1678 /* clear statistic registers used by AMRR */ 1679 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1680 (uint8_t *)sta, sizeof sta); 1681 /* start calibration timer */ 1682 callout_schedule(&sc->calib_to, hz); 1683 } 1684 1685 /* turn link LED on */ 1686 run_set_leds(sc, RT2860_LED_RADIO | 1687 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ? 1688 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1689 break; 1690 } 1691 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 1692 splx(s); 1693 } 1694 1695 static int 1696 run_updateedca(struct ieee80211com *ic) 1697 { 1698 1699 /* do it in a process context */ 1700 run_do_async(ic->ic_ifp->if_softc, run_updateedca_cb, NULL, 0); 1701 return (0); 1702 } 1703 1704 /* ARGSUSED */ 1705 static void 1706 run_updateedca_cb(struct run_softc *sc, void *arg) 1707 { 1708 struct ieee80211com *ic = &sc->sc_ic; 1709 int s, aci; 1710 1711 s = splnet(); 1712 /* update MAC TX configuration registers */ 1713 for (aci = 0; aci < WME_NUM_AC; aci++) { 1714 run_write(sc, RT2860_EDCA_AC_CFG(aci), 1715 ic->ic_wme.wme_params[aci].wmep_logcwmax << 16 | 1716 ic->ic_wme.wme_params[aci].wmep_logcwmin << 12 | 1717 ic->ic_wme.wme_params[aci].wmep_aifsn << 8 | 1718 ic->ic_wme.wme_params[aci].wmep_txopLimit); 1719 } 1720 1721 /* update SCH/DMA registers too */ 1722 run_write(sc, RT2860_WMM_AIFSN_CFG, 1723 ic->ic_wme.wme_params[WME_AC_VO].wmep_aifsn << 12 | 1724 ic->ic_wme.wme_params[WME_AC_VI].wmep_aifsn << 8 | 1725 ic->ic_wme.wme_params[WME_AC_BK].wmep_aifsn << 4 | 1726 ic->ic_wme.wme_params[WME_AC_BE].wmep_aifsn); 1727 run_write(sc, RT2860_WMM_CWMIN_CFG, 1728 ic->ic_wme.wme_params[WME_AC_VO].wmep_logcwmin << 12 | 1729 ic->ic_wme.wme_params[WME_AC_VI].wmep_logcwmin << 8 | 1730 ic->ic_wme.wme_params[WME_AC_BK].wmep_logcwmin << 4 | 1731 ic->ic_wme.wme_params[WME_AC_BE].wmep_logcwmin); 1732 run_write(sc, RT2860_WMM_CWMAX_CFG, 1733 ic->ic_wme.wme_params[WME_AC_VO].wmep_logcwmax << 12 | 1734 ic->ic_wme.wme_params[WME_AC_VI].wmep_logcwmax << 8 | 1735 ic->ic_wme.wme_params[WME_AC_BK].wmep_logcwmax << 4 | 1736 ic->ic_wme.wme_params[WME_AC_BE].wmep_logcwmax); 1737 run_write(sc, RT2860_WMM_TXOP0_CFG, 1738 ic->ic_wme.wme_params[WME_AC_BK].wmep_txopLimit << 16 | 1739 ic->ic_wme.wme_params[WME_AC_BE].wmep_txopLimit); 1740 run_write(sc, RT2860_WMM_TXOP1_CFG, 1741 ic->ic_wme.wme_params[WME_AC_VO].wmep_txopLimit << 16 | 1742 ic->ic_wme.wme_params[WME_AC_VI].wmep_txopLimit); 1743 splx(s); 1744 } 1745 1746 #ifdef RUN_HWCRYPTO 1747 static int 1748 run_set_key(struct ieee80211com *ic, const struct ieee80211_key *k, 1749 const uint8_t *mac) 1750 { 1751 struct run_softc *sc = ic->ic_ifp->if_softc; 1752 struct ieee80211_node *ni = ic->ic_bss; 1753 struct run_cmd_key cmd; 1754 1755 /* do it in a process context */ 1756 cmd.key = *k; 1757 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1758 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd); 1759 return 1; 1760 } 1761 1762 static void 1763 run_set_key_cb(struct run_softc *sc, void *arg) 1764 { 1765 #ifndef IEEE80211_STA_ONLY 1766 struct ieee80211com *ic = &sc->sc_ic; 1767 #endif 1768 struct run_cmd_key *cmd = arg; 1769 struct ieee80211_key *k = &cmd->key; 1770 uint32_t attr; 1771 uint16_t base; 1772 uint8_t mode, wcid, iv[8]; 1773 1774 /* map net80211 cipher to RT2860 security mode */ 1775 switch (k->wk_cipher->ic_cipher) { 1776 case IEEE80211_CIPHER_WEP: 1777 k->wk_flags |= IEEE80211_KEY_GROUP; /* XXX */ 1778 if (k->wk_keylen == 5) 1779 mode = RT2860_MODE_WEP40; 1780 else 1781 mode = RT2860_MODE_WEP104; 1782 break; 1783 case IEEE80211_CIPHER_TKIP: 1784 mode = RT2860_MODE_TKIP; 1785 break; 1786 case IEEE80211_CIPHER_AES_CCM: 1787 mode = RT2860_MODE_AES_CCMP; 1788 break; 1789 default: 1790 return; 1791 } 1792 1793 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1794 wcid = 0; /* NB: update WCID0 for group keys */ 1795 base = RT2860_SKEY(0, k->wk_keyix); 1796 } else { 1797 wcid = RUN_AID2WCID(cmd->associd); 1798 base = RT2860_PKEY(wcid); 1799 } 1800 1801 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 1802 run_write_region_1(sc, base, k->wk_key, 16); 1803 #ifndef IEEE80211_STA_ONLY 1804 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 1805 run_write_region_1(sc, base + 16, &k->wk_key[16], 8); 1806 run_write_region_1(sc, base + 24, &k->wk_key[24], 8); 1807 } else 1808 #endif 1809 { 1810 run_write_region_1(sc, base + 16, &k->wk_key[24], 8); 1811 run_write_region_1(sc, base + 24, &k->wk_key[16], 8); 1812 } 1813 } else { 1814 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1815 run_write_region_1(sc, base, k->wk_key, 1816 (k->wk_keylen + 1) & ~1); 1817 } 1818 1819 if (!(k->wk_flags & IEEE80211_KEY_GROUP) || 1820 (k->wk_flags & IEEE80211_KEY_XMIT)) { 1821 /* set initial packet number in IV+EIV */ 1822 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_WEP) { 1823 memset(iv, 0, sizeof iv); 1824 iv[3] = sc->sc_ic.ic_crypto.cs_def_txkey << 6; 1825 } else { 1826 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { 1827 iv[0] = k->wk_keytsc >> 8; 1828 iv[1] = (iv[0] | 0x20) & 0x7f; 1829 iv[2] = k->wk_keytsc; 1830 } else /* CCMP */ { 1831 iv[0] = k->wk_keytsc; 1832 iv[1] = k->wk_keytsc >> 8; 1833 iv[2] = 0; 1834 } 1835 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV; 1836 iv[4] = k->wk_keytsc >> 16; 1837 iv[5] = k->wk_keytsc >> 24; 1838 iv[6] = k->wk_keytsc >> 32; 1839 iv[7] = k->wk_keytsc >> 40; 1840 } 1841 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8); 1842 } 1843 1844 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1845 /* install group key */ 1846 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 1847 attr &= ~(0xf << (k->wk_keyix * 4)); 1848 attr |= mode << (k->wk_keyix * 4); 1849 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 1850 } else { 1851 /* install pairwise key */ 1852 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 1853 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 1854 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 1855 } 1856 } 1857 1858 static int 1859 run_delete_key(struct ieee80211com *ic, const struct ieee80211_key *k) 1860 { 1861 struct run_softc *sc = ic->ic_ifp->if_softc; 1862 struct ieee80211_node *ni = ic->ic_bss; 1863 struct run_cmd_key cmd; 1864 1865 /* do it in a process context */ 1866 cmd.key = *k; 1867 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1868 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd); 1869 return 1; 1870 } 1871 1872 static void 1873 run_delete_key_cb(struct run_softc *sc, void *arg) 1874 { 1875 struct run_cmd_key *cmd = arg; 1876 struct ieee80211_key *k = &cmd->key; 1877 uint32_t attr; 1878 uint8_t wcid; 1879 1880 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_WEP) 1881 k->wk_flags |= IEEE80211_KEY_GROUP; /* XXX */ 1882 1883 if (k->wk_flags & IEEE80211_KEY_GROUP) { 1884 /* remove group key */ 1885 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 1886 attr &= ~(0xf << (k->wk_keyix * 4)); 1887 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 1888 1889 } else { 1890 /* remove pairwise key */ 1891 wcid = RUN_AID2WCID(cmd->associd); 1892 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 1893 attr &= ~0xf; 1894 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 1895 } 1896 } 1897 #endif 1898 1899 static void 1900 run_calibrate_to(void *arg) 1901 { 1902 1903 /* do it in a process context */ 1904 run_do_async(arg, run_calibrate_cb, NULL, 0); 1905 /* next timeout will be rescheduled in the calibration task */ 1906 } 1907 1908 /* ARGSUSED */ 1909 static void 1910 run_calibrate_cb(struct run_softc *sc, void *arg) 1911 { 1912 struct ifnet *ifp = &sc->sc_if; 1913 uint32_t sta[3]; 1914 int s, error; 1915 1916 /* read statistic counters (clear on read) and update AMRR state */ 1917 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 1918 sizeof sta); 1919 if (error != 0) 1920 goto skip; 1921 1922 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n", 1923 le32toh(sta[1]) >> 16, le32toh(sta[1]) & 0xffff, 1924 le32toh(sta[0]) & 0xffff)); 1925 1926 s = splnet(); 1927 /* count failed TX as errors */ 1928 ifp->if_oerrors += le32toh(sta[0]) & 0xffff; 1929 1930 sc->amn.amn_retrycnt = 1931 (le32toh(sta[0]) & 0xffff) + /* failed TX count */ 1932 (le32toh(sta[1]) >> 16); /* TX retransmission count */ 1933 1934 sc->amn.amn_txcnt = 1935 sc->amn.amn_retrycnt + 1936 (le32toh(sta[1]) & 0xffff); /* successful TX count */ 1937 1938 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn); 1939 splx(s); 1940 1941 skip: callout_schedule(&sc->calib_to, hz); 1942 } 1943 1944 static void 1945 run_newassoc(struct ieee80211_node *ni, int isnew) 1946 { 1947 struct run_softc *sc = ni->ni_ic->ic_ifp->if_softc; 1948 struct run_node *rn = (void *)ni; 1949 struct ieee80211_rateset *rs = &ni->ni_rates; 1950 uint8_t rate; 1951 int ridx, i, j; 1952 1953 DPRINTF(("new assoc isnew=%d addr=%s\n", 1954 isnew, ether_sprintf(ni->ni_macaddr))); 1955 1956 ieee80211_amrr_node_init(&sc->amrr, &sc->amn); 1957 /* start at lowest available bit-rate, AMRR will raise */ 1958 ni->ni_txrate = 0; 1959 1960 for (i = 0; i < rs->rs_nrates; i++) { 1961 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 1962 /* convert 802.11 rate to hardware rate index */ 1963 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 1964 if (rt2860_rates[ridx].rate == rate) 1965 break; 1966 rn->ridx[i] = ridx; 1967 /* determine rate of control response frames */ 1968 for (j = i; j >= 0; j--) { 1969 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 1970 rt2860_rates[rn->ridx[i]].phy == 1971 rt2860_rates[rn->ridx[j]].phy) 1972 break; 1973 } 1974 if (j >= 0) { 1975 rn->ctl_ridx[i] = rn->ridx[j]; 1976 } else { 1977 /* no basic rate found, use mandatory one */ 1978 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 1979 } 1980 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n", 1981 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i])); 1982 } 1983 } 1984 1985 /* 1986 * Return the Rx chain with the highest RSSI for a given frame. 1987 */ 1988 static __inline uint8_t 1989 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 1990 { 1991 uint8_t rxchain = 0; 1992 1993 if (sc->nrxchains > 1) { 1994 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 1995 rxchain = 1; 1996 if (sc->nrxchains > 2) 1997 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 1998 rxchain = 2; 1999 } 2000 return (rxchain); 2001 } 2002 2003 static void 2004 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen) 2005 { 2006 struct ieee80211com *ic = &sc->sc_ic; 2007 struct ifnet *ifp = &sc->sc_if; 2008 struct ieee80211_frame *wh; 2009 struct ieee80211_node *ni; 2010 struct rt2870_rxd *rxd; 2011 struct rt2860_rxwi *rxwi; 2012 struct mbuf *m; 2013 uint32_t flags; 2014 uint16_t len, phy; 2015 uint8_t ant, rssi; 2016 int s; 2017 #ifdef RUN_HWCRYPTO 2018 int decrypted = 0; 2019 #endif 2020 2021 rxwi = (struct rt2860_rxwi *)buf; 2022 len = le16toh(rxwi->len) & 0xfff; 2023 if (__predict_false(len > dmalen)) { 2024 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen)); 2025 return; 2026 } 2027 /* Rx descriptor is located at the end */ 2028 rxd = (struct rt2870_rxd *)(buf + dmalen); 2029 flags = le32toh(rxd->flags); 2030 2031 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2032 ifp->if_ierrors++; 2033 return; 2034 } 2035 2036 wh = (struct ieee80211_frame *)(rxwi + 1); 2037 #ifdef RUN_HWCRYPTO 2038 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2039 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 2040 decrypted = 1; 2041 } 2042 #endif 2043 2044 if (__predict_false((flags & RT2860_RX_MICERR))) { 2045 /* report MIC failures to net80211 for TKIP */ 2046 ieee80211_notify_michael_failure(ic, wh, 0/* XXX */); 2047 ifp->if_ierrors++; 2048 return; 2049 } 2050 2051 if (flags & RT2860_RX_L2PAD) { 2052 u_int hdrlen = ieee80211_hdrspace(ic, wh); 2053 ovbcopy(wh, (uint8_t *)wh + 2, hdrlen); 2054 wh = (struct ieee80211_frame *)((uint8_t *)wh + 2); 2055 } 2056 2057 /* could use m_devget but net80211 wants contig mgmt frames */ 2058 MGETHDR(m, M_DONTWAIT, MT_DATA); 2059 if (__predict_false(m == NULL)) { 2060 ifp->if_ierrors++; 2061 return; 2062 } 2063 if (len > MHLEN) { 2064 MCLGET(m, M_DONTWAIT); 2065 if (__predict_false(!(m->m_flags & M_EXT))) { 2066 ifp->if_ierrors++; 2067 m_freem(m); 2068 return; 2069 } 2070 } 2071 /* finalize mbuf */ 2072 m->m_pkthdr.rcvif = ifp; 2073 memcpy(mtod(m, void *), wh, len); 2074 m->m_pkthdr.len = m->m_len = len; 2075 2076 ant = run_maxrssi_chain(sc, rxwi); 2077 rssi = rxwi->rssi[ant]; 2078 2079 if (__predict_false(sc->sc_drvbpf != NULL)) { 2080 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2081 2082 tap->wr_flags = 0; 2083 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2084 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2085 tap->wr_antsignal = rssi; 2086 tap->wr_antenna = ant; 2087 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2088 tap->wr_rate = 2; /* in case it can't be found below */ 2089 phy = le16toh(rxwi->phy); 2090 switch (phy & RT2860_PHY_MODE) { 2091 case RT2860_PHY_CCK: 2092 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2093 case 0: tap->wr_rate = 2; break; 2094 case 1: tap->wr_rate = 4; break; 2095 case 2: tap->wr_rate = 11; break; 2096 case 3: tap->wr_rate = 22; break; 2097 } 2098 if (phy & RT2860_PHY_SHPRE) 2099 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2100 break; 2101 case RT2860_PHY_OFDM: 2102 switch (phy & RT2860_PHY_MCS) { 2103 case 0: tap->wr_rate = 12; break; 2104 case 1: tap->wr_rate = 18; break; 2105 case 2: tap->wr_rate = 24; break; 2106 case 3: tap->wr_rate = 36; break; 2107 case 4: tap->wr_rate = 48; break; 2108 case 5: tap->wr_rate = 72; break; 2109 case 6: tap->wr_rate = 96; break; 2110 case 7: tap->wr_rate = 108; break; 2111 } 2112 break; 2113 } 2114 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 2115 } 2116 2117 s = splnet(); 2118 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 2119 #ifdef RUN_HWCRYPTO 2120 if (decrypted) { 2121 uint32_t icflags = ic->ic_flags; 2122 2123 ic->ic_flags &= ~IEEE80211_F_DROPUNENC; /* XXX */ 2124 ieee80211_input(ic, m, ni, rssi, 0); 2125 ic->ic_flags = icflags; 2126 } else 2127 #endif 2128 ieee80211_input(ic, m, ni, rssi, 0); 2129 2130 /* node is no longer needed */ 2131 ieee80211_free_node(ni); 2132 2133 /* 2134 * In HostAP mode, ieee80211_input() will enqueue packets in if_snd 2135 * without calling if_start(). 2136 */ 2137 if (!IFQ_IS_EMPTY(&ifp->if_snd) && !(ifp->if_flags & IFF_OACTIVE)) 2138 run_start(ifp); 2139 2140 splx(s); 2141 } 2142 2143 static void 2144 run_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2145 { 2146 struct run_rx_data *data = priv; 2147 struct run_softc *sc = data->sc; 2148 uint8_t *buf; 2149 uint32_t dmalen; 2150 int xferlen; 2151 2152 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2153 DPRINTF(("RX status=%d\n", status)); 2154 if (status == USBD_STALLED) 2155 usbd_clear_endpoint_stall_async(sc->rxq.pipeh); 2156 if (status != USBD_CANCELLED) 2157 goto skip; 2158 return; 2159 } 2160 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL); 2161 2162 if (__predict_false(xferlen < (int)(sizeof(uint32_t) + 2163 sizeof(struct rt2860_rxwi) + sizeof(struct rt2870_rxd)))) { 2164 DPRINTF(("xfer too short %d\n", xferlen)); 2165 goto skip; 2166 } 2167 2168 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2169 buf = data->buf; 2170 while (xferlen > 8) { 2171 dmalen = le32toh(*(uint32_t *)buf) & 0xffff; 2172 2173 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) { 2174 DPRINTF(("bad DMA length %u (%x)\n", dmalen, dmalen)); 2175 break; 2176 } 2177 if (__predict_false(dmalen + 8 > (uint32_t)xferlen)) { 2178 DPRINTF(("bad DMA length %u > %d\n", 2179 dmalen + 8, xferlen)); 2180 break; 2181 } 2182 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen); 2183 buf += dmalen + 8; 2184 xferlen -= dmalen + 8; 2185 } 2186 2187 skip: /* setup a new transfer */ 2188 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ, 2189 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof); 2190 (void)usbd_transfer(data->xfer); 2191 } 2192 2193 static void 2194 run_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2195 { 2196 struct run_tx_data *data = priv; 2197 struct run_softc *sc = data->sc; 2198 struct run_tx_ring *txq = &sc->txq[data->qid]; 2199 struct ifnet *ifp = &sc->sc_if; 2200 int s; 2201 2202 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2203 DPRINTF(("TX status=%d\n", status)); 2204 if (status == USBD_STALLED) 2205 usbd_clear_endpoint_stall_async(txq->pipeh); 2206 ifp->if_oerrors++; 2207 return; 2208 } 2209 2210 s = splnet(); 2211 sc->sc_tx_timer = 0; 2212 ifp->if_opackets++; 2213 if (--txq->queued < RUN_TX_RING_COUNT) { 2214 sc->qfullmsk &= ~(1 << data->qid); 2215 ifp->if_flags &= ~IFF_OACTIVE; 2216 run_start(ifp); 2217 } 2218 splx(s); 2219 } 2220 2221 static int 2222 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2223 { 2224 struct ieee80211com *ic = &sc->sc_ic; 2225 struct run_node *rn = (void *)ni; 2226 struct ieee80211_frame *wh; 2227 #ifndef RUN_HWCRYPTO 2228 struct ieee80211_key *k; 2229 #endif 2230 struct run_tx_ring *ring; 2231 struct run_tx_data *data; 2232 struct rt2870_txd *txd; 2233 struct rt2860_txwi *txwi; 2234 uint16_t dur; 2235 uint8_t type, mcs, tid, qid, qos = 0; 2236 int error, hasqos, ridx, ctl_ridx, xferlen; 2237 2238 wh = mtod(m, struct ieee80211_frame *); 2239 2240 #ifndef RUN_HWCRYPTO 2241 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2242 k = ieee80211_crypto_encap(ic, ni, m); 2243 if (k == NULL) { 2244 m_freem(m); 2245 return (ENOBUFS); 2246 } 2247 2248 /* packet header may have moved, reset our local pointer */ 2249 wh = mtod(m, struct ieee80211_frame *); 2250 } 2251 #endif 2252 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2253 2254 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 2255 qos = ((struct ieee80211_qosframe *)wh)->i_qos[0]; 2256 tid = qos & IEEE80211_QOS_TID; 2257 qid = TID_TO_WME_AC(tid); 2258 } else { 2259 tid = 0; 2260 qid = WME_AC_BE; 2261 } 2262 ring = &sc->txq[qid]; 2263 data = &ring->data[ring->cur]; 2264 2265 /* pickup a rate index */ 2266 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2267 type != IEEE80211_FC0_TYPE_DATA) { 2268 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2269 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2270 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2271 } else if (ic->ic_fixed_rate != IEEE80211_FIXED_RATE_NONE) { 2272 ridx = sc->fixed_ridx; 2273 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2274 } else { 2275 ridx = rn->ridx[ni->ni_txrate]; 2276 ctl_ridx = rn->ctl_ridx[ni->ni_txrate]; 2277 } 2278 2279 /* get MCS code from rate index */ 2280 mcs = rt2860_rates[ridx].mcs; 2281 2282 xferlen = sizeof (*txwi) + m->m_pkthdr.len; 2283 /* roundup to 32-bit alignment */ 2284 xferlen = (xferlen + 3) & ~3; 2285 2286 txd = (struct rt2870_txd *)data->buf; 2287 txd->flags = RT2860_TX_QSEL_EDCA; 2288 txd->len = htole16(xferlen); 2289 2290 /* setup TX Wireless Information */ 2291 txwi = (struct rt2860_txwi *)(txd + 1); 2292 txwi->flags = 0; 2293 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ; 2294 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2295 RUN_AID2WCID(ni->ni_associd) : 0xff; 2296 txwi->len = htole16(m->m_pkthdr.len); 2297 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2298 txwi->phy = htole16(RT2860_PHY_CCK); 2299 if (ridx != RT2860_RIDX_CCK1 && 2300 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2301 mcs |= RT2860_PHY_SHPRE; 2302 } else 2303 txwi->phy = htole16(RT2860_PHY_OFDM); 2304 txwi->phy |= htole16(mcs); 2305 2306 txwi->txop = RT2860_TX_TXOP_BACKOFF; 2307 2308 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2309 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) != 2310 IEEE80211_QOS_ACKPOLICY_NOACK)) { 2311 txwi->xflags |= RT2860_TX_ACK; 2312 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2313 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 2314 else 2315 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 2316 *(uint16_t *)wh->i_dur = htole16(dur); 2317 } 2318 2319 #ifndef IEEE80211_STA_ONLY 2320 /* ask MAC to insert timestamp into probe responses */ 2321 if ((wh->i_fc[0] & 2322 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 2323 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 2324 /* NOTE: beacons do not pass through tx_data() */ 2325 txwi->flags |= RT2860_TX_TS; 2326 #endif 2327 2328 if (__predict_false(sc->sc_drvbpf != NULL)) { 2329 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2330 2331 tap->wt_flags = 0; 2332 tap->wt_rate = rt2860_rates[ridx].rate; 2333 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 2334 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 2335 tap->wt_hwqueue = qid; 2336 if (mcs & RT2860_PHY_SHPRE) 2337 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2338 2339 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 2340 } 2341 2342 m_copydata(m, 0, m->m_pkthdr.len, (void *)(txwi + 1)); 2343 m_freem(m); 2344 2345 xferlen += sizeof (*txd) + 4; 2346 2347 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen, 2348 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof); 2349 error = usbd_transfer(data->xfer); 2350 if (__predict_false(error != USBD_IN_PROGRESS && 2351 error != USBD_NORMAL_COMPLETION)) 2352 return (error); 2353 2354 ieee80211_free_node(ni); 2355 2356 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT; 2357 if (++ring->queued >= RUN_TX_RING_COUNT) 2358 sc->qfullmsk |= 1 << qid; 2359 2360 return (0); 2361 } 2362 2363 static void 2364 run_start(struct ifnet *ifp) 2365 { 2366 struct run_softc *sc = ifp->if_softc; 2367 struct ieee80211com *ic = &sc->sc_ic; 2368 struct ether_header *eh; 2369 struct ieee80211_node *ni; 2370 struct mbuf *m; 2371 2372 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2373 return; 2374 2375 for (;;) { 2376 if (sc->qfullmsk != 0) { 2377 ifp->if_flags |= IFF_OACTIVE; 2378 break; 2379 } 2380 /* send pending management frames first */ 2381 IF_DEQUEUE(&ic->ic_mgtq, m); 2382 if (m != NULL) { 2383 ni = (void *)m->m_pkthdr.rcvif; 2384 m->m_pkthdr.rcvif = NULL; 2385 goto sendit; 2386 } 2387 if (ic->ic_state != IEEE80211_S_RUN) 2388 break; 2389 2390 /* encapsulate and send data frames */ 2391 IFQ_DEQUEUE(&ifp->if_snd, m); 2392 if (m == NULL) 2393 break; 2394 if (m->m_len < (int)sizeof(*eh) && 2395 (m = m_pullup(m, sizeof(*eh))) == NULL) { 2396 ifp->if_oerrors++; 2397 continue; 2398 } 2399 2400 eh = mtod(m, struct ether_header *); 2401 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2402 if (ni == NULL) { 2403 m_freem(m); 2404 ifp->if_oerrors++; 2405 continue; 2406 } 2407 2408 bpf_mtap(ifp, m); 2409 2410 if ((m = ieee80211_encap(ic, m, ni)) == NULL) { 2411 ieee80211_free_node(ni); 2412 ifp->if_oerrors++; 2413 continue; 2414 } 2415 sendit: 2416 bpf_mtap3(ic->ic_rawbpf, m); 2417 2418 if (run_tx(sc, m, ni) != 0) { 2419 ieee80211_free_node(ni); 2420 ifp->if_oerrors++; 2421 continue; 2422 } 2423 2424 sc->sc_tx_timer = 5; 2425 ifp->if_timer = 1; 2426 } 2427 } 2428 2429 static void 2430 run_watchdog(struct ifnet *ifp) 2431 { 2432 struct run_softc *sc = ifp->if_softc; 2433 struct ieee80211com *ic = &sc->sc_ic; 2434 2435 ifp->if_timer = 0; 2436 2437 if (sc->sc_tx_timer > 0) { 2438 if (--sc->sc_tx_timer == 0) { 2439 aprint_error_dev(sc->sc_dev, "device timeout\n"); 2440 /* run_init(ifp); XXX needs a process context! */ 2441 ifp->if_oerrors++; 2442 return; 2443 } 2444 ifp->if_timer = 1; 2445 } 2446 2447 ieee80211_watchdog(ic); 2448 } 2449 2450 static int 2451 run_ioctl(struct ifnet *ifp, u_long cmd, void *data) 2452 { 2453 struct run_softc *sc = ifp->if_softc; 2454 struct ieee80211com *ic = &sc->sc_ic; 2455 int s, error = 0; 2456 2457 s = splnet(); 2458 2459 switch (cmd) { 2460 case SIOCSIFFLAGS: 2461 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 2462 break; 2463 switch (ifp->if_flags & (IFF_UP|IFF_RUNNING)) { 2464 case IFF_UP|IFF_RUNNING: 2465 break; 2466 case IFF_UP: 2467 run_init(ifp); 2468 break; 2469 case IFF_RUNNING: 2470 run_stop(ifp, 1); 2471 break; 2472 case 0: 2473 break; 2474 } 2475 break; 2476 2477 case SIOCADDMULTI: 2478 case SIOCDELMULTI: 2479 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 2480 /* setup multicast filter, etc */ 2481 error = 0; 2482 } 2483 break; 2484 2485 default: 2486 error = ieee80211_ioctl(ic, cmd, data); 2487 break; 2488 } 2489 2490 if (error == ENETRESET) { 2491 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2492 (IFF_UP | IFF_RUNNING)) { 2493 run_init(ifp); 2494 } 2495 error = 0; 2496 } 2497 2498 splx(s); 2499 2500 return (error); 2501 } 2502 2503 static void 2504 run_select_chan_group(struct run_softc *sc, int group) 2505 { 2506 uint32_t tmp; 2507 uint8_t agc; 2508 2509 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 2510 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 2511 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 2512 run_bbp_write(sc, 86, 0x00); 2513 2514 if (group == 0) { 2515 if (sc->ext_2ghz_lna) { 2516 run_bbp_write(sc, 82, 0x62); 2517 run_bbp_write(sc, 75, 0x46); 2518 } else { 2519 run_bbp_write(sc, 82, 0x84); 2520 run_bbp_write(sc, 75, 0x50); 2521 } 2522 } else { 2523 if (sc->mac_ver == 0x3572) 2524 run_bbp_write(sc, 82, 0x94); 2525 else 2526 run_bbp_write(sc, 82, 0xf2); 2527 if (sc->ext_5ghz_lna) 2528 run_bbp_write(sc, 75, 0x46); 2529 else 2530 run_bbp_write(sc, 75, 0x50); 2531 } 2532 2533 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 2534 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 2535 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 2536 run_write(sc, RT2860_TX_BAND_CFG, tmp); 2537 2538 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 2539 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 2540 if (sc->nrxchains > 1) 2541 tmp |= RT2860_LNA_PE1_EN; 2542 if (group == 0) { /* 2GHz */ 2543 tmp |= RT2860_PA_PE_G0_EN; 2544 if (sc->ntxchains > 1) 2545 tmp |= RT2860_PA_PE_G1_EN; 2546 } else { /* 5GHz */ 2547 tmp |= RT2860_PA_PE_A0_EN; 2548 if (sc->ntxchains > 1) 2549 tmp |= RT2860_PA_PE_A1_EN; 2550 } 2551 if (sc->mac_ver == 0x3572) { 2552 run_rt3070_rf_write(sc, 8, 0x00); 2553 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2554 run_rt3070_rf_write(sc, 8, 0x80); 2555 } else 2556 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2557 2558 /* set initial AGC value */ 2559 if (group == 0) { /* 2GHz band */ 2560 if (sc->mac_ver >= 0x3070) 2561 agc = 0x1c + sc->lna[0] * 2; 2562 else 2563 agc = 0x2e + sc->lna[0]; 2564 } else { /* 5GHz band */ 2565 if (sc->mac_ver == 0x3572) 2566 agc = 0x22 + (sc->lna[group] * 5) / 3; 2567 else 2568 agc = 0x32 + (sc->lna[group] * 5) / 3; 2569 } 2570 run_set_agc(sc, agc); 2571 } 2572 2573 static void 2574 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 2575 { 2576 const struct rfprog *rfprog = rt2860_rf2850; 2577 uint32_t r2, r3, r4; 2578 int8_t txpow1, txpow2; 2579 int i; 2580 2581 /* find the settings for this channel (we know it exists) */ 2582 for (i = 0; rfprog[i].chan != chan; i++); 2583 2584 r2 = rfprog[i].r2; 2585 if (sc->ntxchains == 1) 2586 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 2587 if (sc->nrxchains == 1) 2588 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2589 else if (sc->nrxchains == 2) 2590 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 2591 2592 /* use Tx power values from EEPROM */ 2593 txpow1 = sc->txpow1[i]; 2594 txpow2 = sc->txpow2[i]; 2595 if (chan > 14) { 2596 if (txpow1 >= 0) 2597 txpow1 = txpow1 << 1 | 1; 2598 else 2599 txpow1 = (7 + txpow1) << 1; 2600 if (txpow2 >= 0) 2601 txpow2 = txpow2 << 1 | 1; 2602 else 2603 txpow2 = (7 + txpow2) << 1; 2604 } 2605 r3 = rfprog[i].r3 | txpow1 << 7; 2606 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 2607 2608 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2609 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2610 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2611 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2612 2613 DELAY(200); 2614 2615 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2616 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2617 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 2618 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2619 2620 DELAY(200); 2621 2622 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2623 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2624 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2625 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2626 } 2627 2628 static void 2629 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 2630 { 2631 int8_t txpow1, txpow2; 2632 uint8_t rf; 2633 int i; 2634 2635 KASSERT(chan >= 1 && chan <= 14); /* RT3070 is 2GHz only */ 2636 2637 /* find the settings for this channel (we know it exists) */ 2638 for (i = 0; rt2860_rf2850[i].chan != chan; i++) 2639 continue; 2640 2641 /* use Tx power values from EEPROM */ 2642 txpow1 = sc->txpow1[i]; 2643 txpow2 = sc->txpow2[i]; 2644 2645 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2646 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 2647 run_rt3070_rf_read(sc, 6, &rf); 2648 rf = (rf & ~0x03) | rt3070_freqs[i].r; 2649 run_rt3070_rf_write(sc, 6, rf); 2650 2651 /* set Tx0 power */ 2652 run_rt3070_rf_read(sc, 12, &rf); 2653 rf = (rf & ~0x1f) | txpow1; 2654 run_rt3070_rf_write(sc, 12, rf); 2655 2656 /* set Tx1 power */ 2657 run_rt3070_rf_read(sc, 13, &rf); 2658 rf = (rf & ~0x1f) | txpow2; 2659 run_rt3070_rf_write(sc, 13, rf); 2660 2661 run_rt3070_rf_read(sc, 1, &rf); 2662 rf &= ~0xfc; 2663 if (sc->ntxchains == 1) 2664 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2665 else if (sc->ntxchains == 2) 2666 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2667 if (sc->nrxchains == 1) 2668 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2669 else if (sc->nrxchains == 2) 2670 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2671 run_rt3070_rf_write(sc, 1, rf); 2672 2673 /* set RF offset */ 2674 run_rt3070_rf_read(sc, 23, &rf); 2675 rf = (rf & ~0x7f) | sc->freq; 2676 run_rt3070_rf_write(sc, 23, rf); 2677 2678 /* program RF filter */ 2679 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 2680 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2681 run_rt3070_rf_write(sc, 24, rf); 2682 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 2683 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2684 run_rt3070_rf_write(sc, 31, rf); 2685 2686 /* enable RF tuning */ 2687 run_rt3070_rf_read(sc, 7, &rf); 2688 run_rt3070_rf_write(sc, 7, rf | 0x01); 2689 } 2690 2691 static void 2692 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 2693 { 2694 int8_t txpow1, txpow2; 2695 uint32_t tmp; 2696 uint8_t rf; 2697 int i; 2698 2699 /* find the settings for this channel (we know it exists) */ 2700 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 2701 2702 /* use Tx power values from EEPROM */ 2703 txpow1 = sc->txpow1[i]; 2704 txpow2 = sc->txpow2[i]; 2705 2706 if (chan <= 14) { 2707 run_bbp_write(sc, 25, sc->bbp25); 2708 run_bbp_write(sc, 26, sc->bbp26); 2709 } else { 2710 /* enable IQ phase correction */ 2711 run_bbp_write(sc, 25, 0x09); 2712 run_bbp_write(sc, 26, 0xff); 2713 } 2714 2715 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2716 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 2717 run_rt3070_rf_read(sc, 6, &rf); 2718 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 2719 rf |= (chan <= 14) ? 0x08 : 0x04; 2720 run_rt3070_rf_write(sc, 6, rf); 2721 2722 /* set PLL mode */ 2723 run_rt3070_rf_read(sc, 5, &rf); 2724 rf &= ~(0x08 | 0x04); 2725 rf |= (chan <= 14) ? 0x04 : 0x08; 2726 run_rt3070_rf_write(sc, 5, rf); 2727 2728 /* set Tx power for chain 0 */ 2729 if (chan <= 14) 2730 rf = 0x60 | txpow1; 2731 else 2732 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 2733 run_rt3070_rf_write(sc, 12, rf); 2734 2735 /* set Tx power for chain 1 */ 2736 if (chan <= 14) 2737 rf = 0x60 | txpow2; 2738 else 2739 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 2740 run_rt3070_rf_write(sc, 13, rf); 2741 2742 /* set Tx/Rx streams */ 2743 run_rt3070_rf_read(sc, 1, &rf); 2744 rf &= ~0xfc; 2745 if (sc->ntxchains == 1) 2746 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2747 else if (sc->ntxchains == 2) 2748 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2749 if (sc->nrxchains == 1) 2750 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2751 else if (sc->nrxchains == 2) 2752 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2753 run_rt3070_rf_write(sc, 1, rf); 2754 2755 /* set RF offset */ 2756 run_rt3070_rf_read(sc, 23, &rf); 2757 rf = (rf & ~0x7f) | sc->freq; 2758 run_rt3070_rf_write(sc, 23, rf); 2759 2760 /* program RF filter */ 2761 rf = sc->rf24_20mhz; 2762 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 2763 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 2764 2765 /* enable RF tuning */ 2766 run_rt3070_rf_read(sc, 7, &rf); 2767 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 2768 run_rt3070_rf_write(sc, 7, rf); 2769 2770 /* TSSI */ 2771 rf = (chan <= 14) ? 0xc3 : 0xc0; 2772 run_rt3070_rf_write(sc, 9, rf); 2773 2774 /* set loop filter 1 */ 2775 run_rt3070_rf_write(sc, 10, 0xf1); 2776 /* set loop filter 2 */ 2777 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 2778 2779 /* set tx_mx2_ic */ 2780 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 2781 /* set tx_mx1_ic */ 2782 if (chan <= 14) 2783 rf = 0x48 | sc->txmixgain_2ghz; 2784 else 2785 rf = 0x78 | sc->txmixgain_5ghz; 2786 run_rt3070_rf_write(sc, 16, rf); 2787 2788 /* set tx_lo1 */ 2789 run_rt3070_rf_write(sc, 17, 0x23); 2790 /* set tx_lo2 */ 2791 if (chan <= 14) 2792 rf = 0x93; 2793 else if (chan <= 64) 2794 rf = 0xb7; 2795 else if (chan <= 128) 2796 rf = 0x74; 2797 else 2798 rf = 0x72; 2799 run_rt3070_rf_write(sc, 19, rf); 2800 2801 /* set rx_lo1 */ 2802 if (chan <= 14) 2803 rf = 0xb3; 2804 else if (chan <= 64) 2805 rf = 0xf6; 2806 else if (chan <= 128) 2807 rf = 0xf4; 2808 else 2809 rf = 0xf3; 2810 run_rt3070_rf_write(sc, 20, rf); 2811 2812 /* set pfd_delay */ 2813 if (chan <= 14) 2814 rf = 0x15; 2815 else if (chan <= 64) 2816 rf = 0x3d; 2817 else 2818 rf = 0x01; 2819 run_rt3070_rf_write(sc, 25, rf); 2820 2821 /* set rx_lo2 */ 2822 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 2823 /* set ldo_rf_vc */ 2824 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 2825 /* set drv_cc */ 2826 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 2827 2828 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2829 tmp &= ~0x8080; 2830 if (chan <= 14) 2831 tmp |= 0x80; 2832 run_write(sc, RT2860_GPIO_CTRL, tmp); 2833 2834 /* enable RF tuning */ 2835 run_rt3070_rf_read(sc, 7, &rf); 2836 run_rt3070_rf_write(sc, 7, rf | 0x01); 2837 2838 DELAY(2000); 2839 } 2840 2841 static void 2842 run_set_agc(struct run_softc *sc, uint8_t agc) 2843 { 2844 uint8_t bbp; 2845 2846 if (sc->mac_ver == 0x3572) { 2847 run_bbp_read(sc, 27, &bbp); 2848 bbp &= ~(0x3 << 5); 2849 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 2850 run_bbp_write(sc, 66, agc); 2851 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 2852 run_bbp_write(sc, 66, agc); 2853 } else 2854 run_bbp_write(sc, 66, agc); 2855 } 2856 2857 static void 2858 run_set_rx_antenna(struct run_softc *sc, int aux) 2859 { 2860 uint32_t tmp; 2861 2862 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, !aux); 2863 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2864 tmp &= ~0x0808; 2865 if (aux) 2866 tmp |= 0x08; 2867 run_write(sc, RT2860_GPIO_CTRL, tmp); 2868 } 2869 2870 static int 2871 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 2872 { 2873 struct ieee80211com *ic = &sc->sc_ic; 2874 u_int chan, group; 2875 2876 chan = ieee80211_chan2ieee(ic, c); 2877 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2878 return (EINVAL); 2879 2880 if (sc->mac_ver == 0x3572) 2881 run_rt3572_set_chan(sc, chan); 2882 else if (sc->mac_ver >= 0x3070) 2883 run_rt3070_set_chan(sc, chan); 2884 else 2885 run_rt2870_set_chan(sc, chan); 2886 2887 /* determine channel group */ 2888 if (chan <= 14) 2889 group = 0; 2890 else if (chan <= 64) 2891 group = 1; 2892 else if (chan <= 128) 2893 group = 2; 2894 else 2895 group = 3; 2896 2897 /* XXX necessary only when group has changed! */ 2898 run_select_chan_group(sc, group); 2899 2900 DELAY(1000); 2901 return (0); 2902 } 2903 2904 static void 2905 run_enable_tsf_sync(struct run_softc *sc) 2906 { 2907 struct ieee80211com *ic = &sc->sc_ic; 2908 uint32_t tmp; 2909 2910 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2911 tmp &= ~0x1fffff; 2912 tmp |= ic->ic_bss->ni_intval * 16; 2913 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 2914 if (ic->ic_opmode == IEEE80211_M_STA) { 2915 /* 2916 * Local TSF is always updated with remote TSF on beacon 2917 * reception. 2918 */ 2919 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 2920 } 2921 #ifndef IEEE80211_STA_ONLY 2922 else if (ic->ic_opmode == IEEE80211_M_IBSS) { 2923 tmp |= RT2860_BCN_TX_EN; 2924 /* 2925 * Local TSF is updated with remote TSF on beacon reception 2926 * only if the remote TSF is greater than local TSF. 2927 */ 2928 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT; 2929 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2930 tmp |= RT2860_BCN_TX_EN; 2931 /* SYNC with nobody */ 2932 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT; 2933 } 2934 #endif 2935 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 2936 } 2937 2938 static void 2939 run_enable_mrr(struct run_softc *sc) 2940 { 2941 #define CCK(mcs) (mcs) 2942 #define OFDM(mcs) (1 << 3 | (mcs)) 2943 run_write(sc, RT2860_LG_FBK_CFG0, 2944 OFDM(6) << 28 | /* 54->48 */ 2945 OFDM(5) << 24 | /* 48->36 */ 2946 OFDM(4) << 20 | /* 36->24 */ 2947 OFDM(3) << 16 | /* 24->18 */ 2948 OFDM(2) << 12 | /* 18->12 */ 2949 OFDM(1) << 8 | /* 12-> 9 */ 2950 OFDM(0) << 4 | /* 9-> 6 */ 2951 OFDM(0)); /* 6-> 6 */ 2952 2953 run_write(sc, RT2860_LG_FBK_CFG1, 2954 CCK(2) << 12 | /* 11->5.5 */ 2955 CCK(1) << 8 | /* 5.5-> 2 */ 2956 CCK(0) << 4 | /* 2-> 1 */ 2957 CCK(0)); /* 1-> 1 */ 2958 #undef OFDM 2959 #undef CCK 2960 } 2961 2962 static void 2963 run_set_txpreamble(struct run_softc *sc) 2964 { 2965 uint32_t tmp; 2966 2967 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 2968 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2969 tmp |= RT2860_CCK_SHORT_EN; 2970 else 2971 tmp &= ~RT2860_CCK_SHORT_EN; 2972 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 2973 } 2974 2975 static void 2976 run_set_basicrates(struct run_softc *sc) 2977 { 2978 struct ieee80211com *ic = &sc->sc_ic; 2979 2980 /* set basic rates mask */ 2981 if (ic->ic_curmode == IEEE80211_MODE_11B) 2982 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 2983 else if (ic->ic_curmode == IEEE80211_MODE_11A) 2984 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 2985 else /* 11g */ 2986 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 2987 } 2988 2989 static void 2990 run_set_leds(struct run_softc *sc, uint16_t which) 2991 { 2992 2993 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 2994 which | (sc->leds & 0x7f)); 2995 } 2996 2997 static void 2998 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 2999 { 3000 3001 run_write(sc, RT2860_MAC_BSSID_DW0, 3002 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3003 run_write(sc, RT2860_MAC_BSSID_DW1, 3004 bssid[4] | bssid[5] << 8); 3005 } 3006 3007 static void 3008 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 3009 { 3010 3011 run_write(sc, RT2860_MAC_ADDR_DW0, 3012 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3013 run_write(sc, RT2860_MAC_ADDR_DW1, 3014 addr[4] | addr[5] << 8 | 0xff << 16); 3015 } 3016 3017 static void 3018 run_updateslot(struct ifnet *ifp) 3019 { 3020 3021 /* do it in a process context */ 3022 run_do_async(ifp->if_softc, run_updateslot_cb, NULL, 0); 3023 } 3024 3025 /* ARGSUSED */ 3026 static void 3027 run_updateslot_cb(struct run_softc *sc, void *arg) 3028 { 3029 uint32_t tmp; 3030 3031 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 3032 tmp &= ~0xff; 3033 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 3034 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 3035 } 3036 3037 static int8_t 3038 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 3039 { 3040 struct ieee80211com *ic = &sc->sc_ic; 3041 struct ieee80211_channel *c = ic->ic_curchan; 3042 int delta; 3043 3044 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3045 u_int chan = ieee80211_chan2ieee(ic, c); 3046 delta = sc->rssi_5ghz[rxchain]; 3047 3048 /* determine channel group */ 3049 if (chan <= 64) 3050 delta -= sc->lna[1]; 3051 else if (chan <= 128) 3052 delta -= sc->lna[2]; 3053 else 3054 delta -= sc->lna[3]; 3055 } else 3056 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 3057 3058 return (-12 - delta - rssi); 3059 } 3060 3061 static int 3062 run_bbp_init(struct run_softc *sc) 3063 { 3064 int i, error, ntries; 3065 uint8_t bbp0; 3066 3067 /* wait for BBP to wake up */ 3068 for (ntries = 0; ntries < 20; ntries++) { 3069 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 3070 return (error); 3071 if (bbp0 != 0 && bbp0 != 0xff) 3072 break; 3073 } 3074 if (ntries == 20) 3075 return (ETIMEDOUT); 3076 3077 /* initialize BBP registers to default values */ 3078 for (i = 0; i < (int)__arraycount(rt2860_def_bbp); i++) { 3079 run_bbp_write(sc, rt2860_def_bbp[i].reg, 3080 rt2860_def_bbp[i].val); 3081 } 3082 3083 /* fix BBP84 for RT2860E */ 3084 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 3085 run_bbp_write(sc, 84, 0x19); 3086 3087 if (sc->mac_ver >= 0x3070) { 3088 run_bbp_write(sc, 79, 0x13); 3089 run_bbp_write(sc, 80, 0x05); 3090 run_bbp_write(sc, 81, 0x33); 3091 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 3092 run_bbp_write(sc, 69, 0x16); 3093 run_bbp_write(sc, 73, 0x12); 3094 } 3095 return (0); 3096 } 3097 3098 static int 3099 run_rt3070_rf_init(struct run_softc *sc) 3100 { 3101 uint32_t tmp; 3102 uint8_t rf, target, bbp4; 3103 int i; 3104 3105 run_rt3070_rf_read(sc, 30, &rf); 3106 /* toggle RF R30 bit 7 */ 3107 run_rt3070_rf_write(sc, 30, rf | 0x80); 3108 DELAY(1000); 3109 run_rt3070_rf_write(sc, 30, rf & ~0x80); 3110 3111 /* initialize RF registers to default value */ 3112 if (sc->mac_ver == 0x3572) { 3113 for (i = 0; i < (int)__arraycount(rt3572_def_rf); i++) { 3114 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 3115 rt3572_def_rf[i].val); 3116 } 3117 } else { 3118 for (i = 0; i < (int)__arraycount(rt3070_def_rf); i++) { 3119 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3120 rt3070_def_rf[i].val); 3121 } 3122 } 3123 if (sc->mac_ver == 0x3572) { 3124 run_rt3070_rf_read(sc, 6, &rf); 3125 run_rt3070_rf_write(sc, 6, rf | 0x40); 3126 3127 /* increase voltage from 1.2V to 1.35V */ 3128 run_read(sc, RT3070_LDO_CFG0, &tmp); 3129 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3130 run_write(sc, RT3070_LDO_CFG0, tmp); 3131 if (sc->mac_rev >= 0x0211 || !sc->patch_dac) { 3132 /* decrease voltage back to 1.2V */ 3133 DELAY(1000); 3134 tmp = (tmp & ~0x1f000000) | 0x01000000; 3135 run_write(sc, RT3070_LDO_CFG0, tmp); 3136 } 3137 } else if (sc->mac_ver == 0x3071) { 3138 run_rt3070_rf_read(sc, 6, &rf); 3139 run_rt3070_rf_write(sc, 6, rf | 0x40); 3140 run_rt3070_rf_write(sc, 31, 0x14); 3141 3142 run_read(sc, RT3070_LDO_CFG0, &tmp); 3143 tmp &= ~0x1f000000; 3144 if (sc->mac_rev < 0x0211) 3145 tmp |= 0x0d000000; /* 1.35V */ 3146 else 3147 tmp |= 0x01000000; /* 1.2V */ 3148 run_write(sc, RT3070_LDO_CFG0, tmp); 3149 3150 /* patch LNA_PE_G1 */ 3151 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3152 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3153 } else if (sc->mac_ver == 0x3070) { 3154 /* increase voltage from 1.2V to 1.35V */ 3155 run_read(sc, RT3070_LDO_CFG0, &tmp); 3156 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3157 run_write(sc, RT3070_LDO_CFG0, tmp); 3158 } 3159 3160 /* select 20MHz bandwidth */ 3161 run_rt3070_rf_read(sc, 31, &rf); 3162 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3163 3164 /* calibrate filter for 20MHz bandwidth */ 3165 sc->rf24_20mhz = 0x1f; /* default value */ 3166 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 3167 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 3168 3169 /* select 40MHz bandwidth */ 3170 run_bbp_read(sc, 4, &bbp4); 3171 run_bbp_write(sc, 4, (bbp4 & ~0x08) | 0x10); 3172 run_rt3070_rf_read(sc, 31, &rf); 3173 run_rt3070_rf_write(sc, 31, rf | 0x20); 3174 3175 /* calibrate filter for 40MHz bandwidth */ 3176 sc->rf24_40mhz = 0x2f; /* default value */ 3177 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 3178 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 3179 3180 /* go back to 20MHz bandwidth */ 3181 run_bbp_read(sc, 4, &bbp4); 3182 run_bbp_write(sc, 4, bbp4 & ~0x18); 3183 3184 if (sc->mac_ver == 0x3572) { 3185 /* save default BBP registers 25 and 26 values */ 3186 run_bbp_read(sc, 25, &sc->bbp25); 3187 run_bbp_read(sc, 26, &sc->bbp26); 3188 } else if (sc->mac_rev < 0x0211) 3189 run_rt3070_rf_write(sc, 27, 0x03); 3190 3191 run_read(sc, RT3070_OPT_14, &tmp); 3192 run_write(sc, RT3070_OPT_14, tmp | 1); 3193 3194 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 3195 run_rt3070_rf_read(sc, 17, &rf); 3196 rf &= ~RT3070_TX_LO1; 3197 if ((sc->mac_ver == 0x3070 || 3198 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 3199 !sc->ext_2ghz_lna) 3200 rf |= 0x20; /* fix for long range Rx issue */ 3201 if (sc->txmixgain_2ghz >= 1) 3202 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 3203 run_rt3070_rf_write(sc, 17, rf); 3204 } 3205 if (sc->mac_ver == 0x3071) { 3206 run_rt3070_rf_read(sc, 1, &rf); 3207 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 3208 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 3209 run_rt3070_rf_write(sc, 1, rf); 3210 3211 run_rt3070_rf_read(sc, 15, &rf); 3212 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 3213 3214 run_rt3070_rf_read(sc, 20, &rf); 3215 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 3216 3217 run_rt3070_rf_read(sc, 21, &rf); 3218 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 3219 } 3220 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 3221 /* fix Tx to Rx IQ glitch by raising RF voltage */ 3222 run_rt3070_rf_read(sc, 27, &rf); 3223 rf &= ~0x77; 3224 if (sc->mac_rev < 0x0211) 3225 rf |= 0x03; 3226 run_rt3070_rf_write(sc, 27, rf); 3227 } 3228 return (0); 3229 } 3230 3231 static int 3232 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 3233 uint8_t *val) 3234 { 3235 uint8_t rf22, rf24; 3236 uint8_t bbp55_pb, bbp55_sb, delta; 3237 int ntries; 3238 3239 /* program filter */ 3240 run_rt3070_rf_read(sc, 24, &rf24); 3241 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 3242 run_rt3070_rf_write(sc, 24, rf24); 3243 3244 /* enable baseband loopback mode */ 3245 run_rt3070_rf_read(sc, 22, &rf22); 3246 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 3247 3248 /* set power and frequency of passband test tone */ 3249 run_bbp_write(sc, 24, 0x00); 3250 for (ntries = 0; ntries < 100; ntries++) { 3251 /* transmit test tone */ 3252 run_bbp_write(sc, 25, 0x90); 3253 DELAY(1000); 3254 /* read received power */ 3255 run_bbp_read(sc, 55, &bbp55_pb); 3256 if (bbp55_pb != 0) 3257 break; 3258 } 3259 if (ntries == 100) 3260 return (ETIMEDOUT); 3261 3262 /* set power and frequency of stopband test tone */ 3263 run_bbp_write(sc, 24, 0x06); 3264 for (ntries = 0; ntries < 100; ntries++) { 3265 /* transmit test tone */ 3266 run_bbp_write(sc, 25, 0x90); 3267 DELAY(1000); 3268 /* read received power */ 3269 run_bbp_read(sc, 55, &bbp55_sb); 3270 3271 delta = bbp55_pb - bbp55_sb; 3272 if (delta > target) 3273 break; 3274 3275 /* reprogram filter */ 3276 rf24++; 3277 run_rt3070_rf_write(sc, 24, rf24); 3278 } 3279 if (ntries < 100) { 3280 if (rf24 != init) 3281 rf24--; /* backtrack */ 3282 *val = rf24; 3283 run_rt3070_rf_write(sc, 24, rf24); 3284 } 3285 3286 /* restore initial state */ 3287 run_bbp_write(sc, 24, 0x00); 3288 3289 /* disable baseband loopback mode */ 3290 run_rt3070_rf_read(sc, 22, &rf22); 3291 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 3292 3293 return (0); 3294 } 3295 3296 static void 3297 run_rt3070_rf_setup(struct run_softc *sc) 3298 { 3299 uint8_t bbp, rf; 3300 int i; 3301 3302 if (sc->mac_ver == 0x3572) { 3303 /* enable DC filter */ 3304 if (sc->mac_rev >= 0x0201) 3305 run_bbp_write(sc, 103, 0xc0); 3306 3307 run_bbp_read(sc, 138, &bbp); 3308 if (sc->ntxchains == 1) 3309 bbp |= 0x20; /* turn off DAC1 */ 3310 if (sc->nrxchains == 1) 3311 bbp &= ~0x02; /* turn off ADC1 */ 3312 run_bbp_write(sc, 138, bbp); 3313 3314 if (sc->mac_rev >= 0x0211) { 3315 /* improve power consumption */ 3316 run_bbp_read(sc, 31, &bbp); 3317 run_bbp_write(sc, 31, bbp & ~0x03); 3318 } 3319 3320 run_rt3070_rf_read(sc, 16, &rf); 3321 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 3322 run_rt3070_rf_write(sc, 16, rf); 3323 } else if (sc->mac_ver == 0x3071) { 3324 /* enable DC filter */ 3325 if (sc->mac_rev >= 0x0201) 3326 run_bbp_write(sc, 103, 0xc0); 3327 3328 run_bbp_read(sc, 138, &bbp); 3329 if (sc->ntxchains == 1) 3330 bbp |= 0x20; /* turn off DAC1 */ 3331 if (sc->nrxchains == 1) 3332 bbp &= ~0x02; /* turn off ADC1 */ 3333 run_bbp_write(sc, 138, bbp); 3334 3335 if (sc->mac_rev >= 0x0211) { 3336 /* improve power consumption */ 3337 run_bbp_read(sc, 31, &bbp); 3338 run_bbp_write(sc, 31, bbp & ~0x03); 3339 } 3340 3341 run_write(sc, RT2860_TX_SW_CFG1, 0); 3342 if (sc->mac_rev < 0x0211) { 3343 run_write(sc, RT2860_TX_SW_CFG2, 3344 sc->patch_dac ? 0x2c : 0x0f); 3345 } else 3346 run_write(sc, RT2860_TX_SW_CFG2, 0); 3347 } else if (sc->mac_ver == 0x3070) { 3348 if (sc->mac_rev >= 0x0201) { 3349 /* enable DC filter */ 3350 run_bbp_write(sc, 103, 0xc0); 3351 3352 /* improve power consumption */ 3353 run_bbp_read(sc, 31, &bbp); 3354 run_bbp_write(sc, 31, bbp & ~0x03); 3355 } 3356 3357 if (sc->mac_rev < 0x0211) { 3358 run_write(sc, RT2860_TX_SW_CFG1, 0); 3359 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 3360 } else 3361 run_write(sc, RT2860_TX_SW_CFG2, 0); 3362 } 3363 3364 /* initialize RF registers from ROM for >=RT3071*/ 3365 if (sc->mac_ver >= 0x3071) { 3366 for (i = 0; i < 10; i++) { 3367 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 3368 continue; 3369 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 3370 } 3371 } 3372 } 3373 3374 static int 3375 run_txrx_enable(struct run_softc *sc) 3376 { 3377 uint32_t tmp; 3378 int error, ntries; 3379 3380 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 3381 for (ntries = 0; ntries < 200; ntries++) { 3382 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3383 return (error); 3384 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3385 break; 3386 DELAY(1000); 3387 } 3388 if (ntries == 200) 3389 return (ETIMEDOUT); 3390 3391 DELAY(50); 3392 3393 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 3394 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3395 3396 /* enable Rx bulk aggregation (set timeout and limit) */ 3397 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 3398 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 3399 run_write(sc, RT2860_USB_DMA_CFG, tmp); 3400 3401 /* set Rx filter */ 3402 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 3403 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) { 3404 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 3405 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 3406 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 3407 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 3408 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA) 3409 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 3410 } 3411 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 3412 3413 run_write(sc, RT2860_MAC_SYS_CTRL, 3414 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3415 3416 return (0); 3417 } 3418 3419 static int 3420 run_init(struct ifnet *ifp) 3421 { 3422 struct run_softc *sc = ifp->if_softc; 3423 struct ieee80211com *ic = &sc->sc_ic; 3424 uint32_t tmp; 3425 uint8_t bbp1, bbp3; 3426 int i, error, qid, ridx, ntries; 3427 3428 for (ntries = 0; ntries < 100; ntries++) { 3429 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0) 3430 goto fail; 3431 if (tmp != 0 && tmp != 0xffffffff) 3432 break; 3433 DELAY(10); 3434 } 3435 if (ntries == 100) { 3436 error = ETIMEDOUT; 3437 goto fail; 3438 } 3439 3440 if ((sc->sc_flags & RUN_FWLOADED) == 0 && 3441 (error = run_load_microcode(sc)) != 0) { 3442 aprint_error_dev(sc->sc_dev, 3443 "could not load 8051 microcode\n"); 3444 goto fail; 3445 } 3446 3447 if (ifp->if_flags & IFF_RUNNING) 3448 run_stop(ifp, 0); 3449 3450 /* init host command ring */ 3451 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 3452 3453 /* init Tx rings (4 EDCAs) */ 3454 for (qid = 0; qid < 4; qid++) { 3455 if ((error = run_alloc_tx_ring(sc, qid)) != 0) 3456 goto fail; 3457 } 3458 /* init Rx ring */ 3459 if ((error = run_alloc_rx_ring(sc)) != 0) 3460 goto fail; 3461 3462 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 3463 run_set_macaddr(sc, ic->ic_myaddr); 3464 3465 for (ntries = 0; ntries < 100; ntries++) { 3466 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3467 goto fail; 3468 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3469 break; 3470 DELAY(1000); 3471 } 3472 if (ntries == 100) { 3473 aprint_error_dev(sc->sc_dev, 3474 "timeout waiting for DMA engine\n"); 3475 error = ETIMEDOUT; 3476 goto fail; 3477 } 3478 tmp &= 0xff0; 3479 tmp |= RT2860_TX_WB_DDONE; 3480 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3481 3482 /* turn off PME_OEN to solve high-current issue */ 3483 run_read(sc, RT2860_SYS_CTRL, &tmp); 3484 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 3485 3486 run_write(sc, RT2860_MAC_SYS_CTRL, 3487 RT2860_BBP_HRST | RT2860_MAC_SRST); 3488 run_write(sc, RT2860_USB_DMA_CFG, 0); 3489 3490 if ((error = run_reset(sc)) != 0) { 3491 aprint_error_dev(sc->sc_dev, "could not reset chipset\n"); 3492 goto fail; 3493 } 3494 3495 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3496 3497 /* init Tx power for all Tx rates (from EEPROM) */ 3498 for (ridx = 0; ridx < 5; ridx++) { 3499 if (sc->txpow20mhz[ridx] == 0xffffffff) 3500 continue; 3501 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 3502 } 3503 3504 for (i = 0; i < (int)__arraycount(rt2870_def_mac); i++) 3505 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 3506 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 3507 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 3508 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 3509 3510 if (sc->mac_ver >= 0x3070) { 3511 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 3512 run_write(sc, RT2860_TX_SW_CFG0, 3513 4 << RT2860_DLY_PAPE_EN_SHIFT); 3514 } 3515 3516 /* wait while MAC is busy */ 3517 for (ntries = 0; ntries < 100; ntries++) { 3518 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0) 3519 goto fail; 3520 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 3521 break; 3522 DELAY(1000); 3523 } 3524 if (ntries == 100) { 3525 error = ETIMEDOUT; 3526 goto fail; 3527 } 3528 3529 /* clear Host to MCU mailbox */ 3530 run_write(sc, RT2860_H2M_BBPAGENT, 0); 3531 run_write(sc, RT2860_H2M_MAILBOX, 0); 3532 DELAY(1000); 3533 3534 if ((error = run_bbp_init(sc)) != 0) { 3535 aprint_error_dev(sc->sc_dev, "could not initialize BBP\n"); 3536 goto fail; 3537 } 3538 3539 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3540 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 3541 RT2860_TBTT_TIMER_EN); 3542 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3543 3544 /* clear RX WCID search table */ 3545 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 3546 /* clear Pair-wise key table */ 3547 run_set_region_4(sc, RT2860_PKEY(0), 0, 2048); 3548 /* clear IV/EIV table */ 3549 run_set_region_4(sc, RT2860_IVEIV(0), 0, 512); 3550 /* clear WCID attribute table */ 3551 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 3552 /* clear shared key table */ 3553 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 3554 /* clear shared key mode */ 3555 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 3556 3557 run_read(sc, RT2860_US_CYC_CNT, &tmp); 3558 tmp = (tmp & ~0xff) | 0x1e; 3559 run_write(sc, RT2860_US_CYC_CNT, tmp); 3560 3561 if (sc->mac_rev != 0x0101) 3562 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 3563 3564 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 3565 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 3566 3567 /* write vendor-specific BBP values (from EEPROM) */ 3568 for (i = 0; i < 8; i++) { 3569 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 3570 continue; 3571 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 3572 } 3573 3574 /* select Main antenna for 1T1R devices */ 3575 if (sc->rf_rev == RT3070_RF_3020) 3576 run_set_rx_antenna(sc, 0); 3577 3578 /* send LEDs operating mode to microcontroller */ 3579 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 3580 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 3581 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 3582 3583 if (sc->mac_ver >= 0x3070) 3584 run_rt3070_rf_init(sc); 3585 3586 /* disable non-existing Rx chains */ 3587 run_bbp_read(sc, 3, &bbp3); 3588 bbp3 &= ~(1 << 3 | 1 << 4); 3589 if (sc->nrxchains == 2) 3590 bbp3 |= 1 << 3; 3591 else if (sc->nrxchains == 3) 3592 bbp3 |= 1 << 4; 3593 run_bbp_write(sc, 3, bbp3); 3594 3595 /* disable non-existing Tx chains */ 3596 run_bbp_read(sc, 1, &bbp1); 3597 if (sc->ntxchains == 1) 3598 bbp1 &= ~(1 << 3 | 1 << 4); 3599 run_bbp_write(sc, 1, bbp1); 3600 3601 if (sc->mac_ver >= 0x3070) 3602 run_rt3070_rf_setup(sc); 3603 3604 /* select default channel */ 3605 run_set_chan(sc, ic->ic_curchan); 3606 3607 /* turn radio LED on */ 3608 run_set_leds(sc, RT2860_LED_RADIO); 3609 3610 #ifdef RUN_HWCRYPTO 3611 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 3612 /* install WEP keys */ 3613 for (i = 0; i < IEEE80211_WEP_NKID; i++) 3614 (void)run_set_key(ic, &ic->ic_crypto.cs_nw_keys[i], 3615 NULL); 3616 } 3617 #endif 3618 3619 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 3620 struct run_rx_data *data = &sc->rxq.data[i]; 3621 3622 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf, 3623 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 3624 USBD_NO_TIMEOUT, run_rxeof); 3625 error = usbd_transfer(data->xfer); 3626 if (error != USBD_NORMAL_COMPLETION && 3627 error != USBD_IN_PROGRESS) 3628 goto fail; 3629 } 3630 3631 if ((error = run_txrx_enable(sc)) != 0) 3632 goto fail; 3633 3634 ifp->if_flags &= ~IFF_OACTIVE; 3635 ifp->if_flags |= IFF_RUNNING; 3636 3637 if (ic->ic_opmode == IEEE80211_M_MONITOR) 3638 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3639 else 3640 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3641 3642 if (error != 0) 3643 fail: run_stop(ifp, 1); 3644 return (error); 3645 } 3646 3647 static void 3648 run_stop(struct ifnet *ifp, int disable) 3649 { 3650 struct run_softc *sc = ifp->if_softc; 3651 struct ieee80211com *ic = &sc->sc_ic; 3652 uint32_t tmp; 3653 int ntries, qid; 3654 3655 if (ifp->if_flags & IFF_RUNNING) 3656 run_set_leds(sc, 0); /* turn all LEDs off */ 3657 3658 sc->sc_tx_timer = 0; 3659 ifp->if_timer = 0; 3660 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3661 3662 callout_stop(&sc->scan_to); 3663 callout_stop(&sc->calib_to); 3664 3665 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3666 /* wait for all queued asynchronous commands to complete */ 3667 while (sc->cmdq.queued > 0) 3668 tsleep(&sc->cmdq, 0, "cmdq", 0); 3669 3670 /* disable Tx/Rx */ 3671 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 3672 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3673 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 3674 3675 /* wait for pending Tx to complete */ 3676 for (ntries = 0; ntries < 100; ntries++) { 3677 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) 3678 break; 3679 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) 3680 break; 3681 } 3682 DELAY(1000); 3683 run_write(sc, RT2860_USB_DMA_CFG, 0); 3684 3685 /* reset adapter */ 3686 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 3687 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3688 3689 /* reset Tx and Rx rings */ 3690 sc->qfullmsk = 0; 3691 for (qid = 0; qid < 4; qid++) 3692 run_free_tx_ring(sc, qid); 3693 run_free_rx_ring(sc); 3694 } 3695 3696 #ifndef IEEE80211_STA_ONLY 3697 static int 3698 run_setup_beacon(struct run_softc *sc) 3699 { 3700 struct ieee80211com *ic = &sc->sc_ic; 3701 struct rt2860_txwi txwi; 3702 struct mbuf *m; 3703 int ridx; 3704 3705 if ((m = ieee80211_beacon_alloc(ic, ic->ic_bss, &sc->sc_bo)) == NULL) 3706 return (ENOBUFS); 3707 3708 memset(&txwi, 0, sizeof txwi); 3709 txwi.wcid = 0xff; 3710 txwi.len = htole16(m->m_pkthdr.len); 3711 /* send beacons at the lowest available rate */ 3712 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3713 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 3714 txwi.phy = htole16(rt2860_rates[ridx].mcs); 3715 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) 3716 txwi.phy |= htole16(RT2860_PHY_OFDM); 3717 txwi.txop = RT2860_TX_TXOP_HT; 3718 txwi.flags = RT2860_TX_TS; 3719 3720 run_write_region_1(sc, RT2860_BCN_BASE(0), 3721 (uint8_t *)&txwi, sizeof txwi); 3722 run_write_region_1(sc, RT2860_BCN_BASE(0) + sizeof txwi, 3723 mtod(m, uint8_t *), m->m_pkthdr.len); 3724 3725 m_freem(m); 3726 3727 return (0); 3728 } 3729 #endif 3730 3731 MODULE(MODULE_CLASS_DRIVER, if_run, "bpf"); 3732 3733 #ifdef _MODULE 3734 #include "ioconf.c" 3735 #endif 3736 3737 static int 3738 if_run_modcmd(modcmd_t cmd, void *arg) 3739 { 3740 int error = 0; 3741 3742 switch (cmd) { 3743 case MODULE_CMD_INIT: 3744 #ifdef _MODULE 3745 error = config_init_component(cfdriver_ioconf_run, 3746 cfattach_ioconf_run, cfdata_ioconf_run); 3747 #endif 3748 return (error); 3749 case MODULE_CMD_FINI: 3750 #ifdef _MODULE 3751 error = config_fini_component(cfdriver_ioconf_run, 3752 cfattach_ioconf_run, cfdata_ioconf_run); 3753 #endif 3754 return (error); 3755 default: 3756 return (ENOTTY); 3757 } 3758 } 3759