1 /* $NetBSD: if_urtwn.c,v 1.19 2013/01/28 23:46:33 christos Exp $ */ 2 /* $OpenBSD: if_urtwn.c,v 1.20 2011/11/26 06:39:33 ckuethe Exp $ */ 3 4 /*- 5 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188RU/RTL8192CU. 22 */ 23 24 #include <sys/cdefs.h> 25 __KERNEL_RCSID(0, "$NetBSD: if_urtwn.c,v 1.19 2013/01/28 23:46:33 christos Exp $"); 26 27 #ifdef _KERNEL_OPT 28 #include "opt_inet.h" 29 #endif 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/sysctl.h> 34 #include <sys/mbuf.h> 35 #include <sys/kernel.h> 36 #include <sys/socket.h> 37 #include <sys/systm.h> 38 #include <sys/malloc.h> 39 #include <sys/module.h> 40 #include <sys/conf.h> 41 #include <sys/device.h> 42 43 #include <sys/bus.h> 44 #include <machine/endian.h> 45 #include <sys/intr.h> 46 47 #include <net/bpf.h> 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_ether.h> 52 #include <net/if_media.h> 53 #include <net/if_types.h> 54 55 #include <netinet/in.h> 56 #include <netinet/in_systm.h> 57 #include <netinet/in_var.h> 58 #include <netinet/ip.h> 59 #include <netinet/if_inarp.h> 60 61 #include <net80211/ieee80211_netbsd.h> 62 #include <net80211/ieee80211_var.h> 63 #include <net80211/ieee80211_radiotap.h> 64 65 #include <dev/firmload.h> 66 67 #include <dev/usb/usb.h> 68 #include <dev/usb/usbdi.h> 69 #include <dev/usb/usbdivar.h> 70 #include <dev/usb/usbdi_util.h> 71 #include <dev/usb/usbdevs.h> 72 73 #include <dev/usb/if_urtwnreg.h> 74 #include <dev/usb/if_urtwnvar.h> 75 #include <dev/usb/if_urtwn_data.h> 76 77 /* 78 * The sc_write_mtx locking is to prevent sequences of writes from 79 * being intermingled with each other. I don't know if this is really 80 * needed. I have added it just to be on the safe side. 81 */ 82 83 #ifdef URTWN_DEBUG 84 #define DBG_INIT __BIT(0) 85 #define DBG_FN __BIT(1) 86 #define DBG_TX __BIT(2) 87 #define DBG_RX __BIT(3) 88 #define DBG_STM __BIT(4) 89 #define DBG_RF __BIT(5) 90 #define DBG_REG __BIT(6) 91 #define DBG_ALL 0xffffffffU 92 u_int urtwn_debug = 0; 93 #define DPRINTFN(n, s) \ 94 do { if (urtwn_debug & (n)) printf s; } while (/*CONSTCOND*/0) 95 #else 96 #define DPRINTFN(n, s) 97 #endif 98 99 static const struct usb_devno urtwn_devs[] = { 100 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RTL8188CU_1 }, 101 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RTL8188CU_2 }, 102 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RTL8192CU }, 103 { USB_VENDOR_ASUSTEK, USB_PRODUCT_ASUSTEK_RTL8192CU }, 104 { USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RTL8188CE_1 }, 105 { USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RTL8188CE_2 }, 106 { USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RTL8188CU }, 107 { USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_RTL8188CU }, 108 { USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_RTL8192CU }, 109 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_1 }, 110 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_2 }, 111 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_3 }, 112 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_4 }, 113 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_5 }, 114 { USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RTL8192CU }, 115 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RTL8188CU }, 116 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RTL8192CU_1 }, 117 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RTL8192CU_2 }, 118 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RTL8192CU_3 }, 119 { USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_RTL8188CU }, 120 { USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_RTL8192CU }, 121 { USB_VENDOR_FEIXUN, USB_PRODUCT_FEIXUN_RTL8188CU }, 122 { USB_VENDOR_FEIXUN, USB_PRODUCT_FEIXUN_RTL8192CU }, 123 { USB_VENDOR_GUILLEMOT, USB_PRODUCT_GUILLEMOT_HWNUP150 }, 124 { USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_RTL8192CU }, 125 { USB_VENDOR_HP3, USB_PRODUCT_HP3_RTL8188CU }, 126 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNA1000M }, 127 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_RTL8192CU }, 128 { USB_VENDOR_NETGEAR4, USB_PRODUCT_NETGEAR4_RTL8188CU }, 129 { USB_VENDOR_NOVATECH, USB_PRODUCT_NOVATECH_RTL8188CU }, 130 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CU_1 }, 131 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CU_2 }, 132 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8192CU }, 133 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CU_3 }, 134 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CU_4 }, 135 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CUS }, 136 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CE_0 }, 137 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CE_1 }, 138 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CTV }, 139 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CU_0 }, 140 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CU_1 }, 141 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CU_2 }, 142 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CU_COMBO }, 143 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CUS }, 144 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188RU }, 145 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188RU_2 }, 146 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8191CU }, 147 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8192CE }, 148 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8192CU }, 149 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RTL8188CU }, 150 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RTL8188CU_2 }, 151 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RTL8192CU }, 152 { USB_VENDOR_TRENDNET, USB_PRODUCT_TRENDNET_RTL8188CU }, 153 { USB_VENDOR_TRENDNET, USB_PRODUCT_TRENDNET_RTL8192CU }, 154 { USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_RTL8192CU } 155 }; 156 157 static int urtwn_match(device_t, cfdata_t, void *); 158 static void urtwn_attach(device_t, device_t, void *); 159 static int urtwn_detach(device_t, int); 160 static int urtwn_activate(device_t, enum devact); 161 162 CFATTACH_DECL_NEW(urtwn, sizeof(struct urtwn_softc), urtwn_match, 163 urtwn_attach, urtwn_detach, urtwn_activate); 164 165 static int urtwn_open_pipes(struct urtwn_softc *); 166 static void urtwn_close_pipes(struct urtwn_softc *); 167 static int urtwn_alloc_rx_list(struct urtwn_softc *); 168 static void urtwn_free_rx_list(struct urtwn_softc *); 169 static int urtwn_alloc_tx_list(struct urtwn_softc *); 170 static void urtwn_free_tx_list(struct urtwn_softc *); 171 static void urtwn_task(void *); 172 static void urtwn_do_async(struct urtwn_softc *, 173 void (*)(struct urtwn_softc *, void *), void *, int); 174 static void urtwn_wait_async(struct urtwn_softc *); 175 static int urtwn_write_region_1(struct urtwn_softc *, uint16_t, uint8_t *, 176 int); 177 static void urtwn_write_1(struct urtwn_softc *, uint16_t, uint8_t); 178 static void urtwn_write_2(struct urtwn_softc *, uint16_t, uint16_t); 179 static void urtwn_write_4(struct urtwn_softc *, uint16_t, uint32_t); 180 static int urtwn_write_region(struct urtwn_softc *, uint16_t, uint8_t *, 181 int); 182 static int urtwn_read_region_1(struct urtwn_softc *, uint16_t, uint8_t *, 183 int); 184 static uint8_t urtwn_read_1(struct urtwn_softc *, uint16_t); 185 static uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t); 186 static uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t); 187 static int urtwn_fw_cmd(struct urtwn_softc *, uint8_t, const void *, int); 188 static void urtwn_rf_write(struct urtwn_softc *, int, uint8_t, uint32_t); 189 static uint32_t urtwn_rf_read(struct urtwn_softc *, int, uint8_t); 190 static int urtwn_llt_write(struct urtwn_softc *, uint32_t, uint32_t); 191 static uint8_t urtwn_efuse_read_1(struct urtwn_softc *, uint16_t); 192 static void urtwn_efuse_read(struct urtwn_softc *); 193 static int urtwn_read_chipid(struct urtwn_softc *); 194 #ifdef URTWN_DEBUG 195 static void urtwn_dump_rom(struct urtwn_softc *, struct r92c_rom *); 196 #endif 197 static void urtwn_read_rom(struct urtwn_softc *); 198 static int urtwn_media_change(struct ifnet *); 199 static int urtwn_ra_init(struct urtwn_softc *); 200 static int urtwn_get_nettype(struct urtwn_softc *); 201 static void urtwn_set_nettype0_msr(struct urtwn_softc *, uint8_t); 202 static void urtwn_tsf_sync_enable(struct urtwn_softc *); 203 static void urtwn_set_led(struct urtwn_softc *, int, int); 204 static void urtwn_calib_to(void *); 205 static void urtwn_calib_to_cb(struct urtwn_softc *, void *); 206 static void urtwn_next_scan(void *); 207 static int urtwn_newstate(struct ieee80211com *, enum ieee80211_state, 208 int); 209 static void urtwn_newstate_cb(struct urtwn_softc *, void *); 210 static int urtwn_wme_update(struct ieee80211com *); 211 static void urtwn_wme_update_cb(struct urtwn_softc *, void *); 212 static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t); 213 static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *); 214 static void urtwn_rx_frame(struct urtwn_softc *, uint8_t *, int); 215 static void urtwn_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 216 static void urtwn_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 217 static int urtwn_tx(struct urtwn_softc *, struct mbuf *, 218 struct ieee80211_node *, struct urtwn_tx_data *); 219 static void urtwn_start(struct ifnet *); 220 static void urtwn_watchdog(struct ifnet *); 221 static int urtwn_ioctl(struct ifnet *, u_long, void *); 222 static int urtwn_power_on(struct urtwn_softc *); 223 static int urtwn_llt_init(struct urtwn_softc *); 224 static void urtwn_fw_reset(struct urtwn_softc *); 225 static int urtwn_fw_loadpage(struct urtwn_softc *, int, uint8_t *, int); 226 static int urtwn_load_firmware(struct urtwn_softc *); 227 static int urtwn_dma_init(struct urtwn_softc *); 228 static void urtwn_mac_init(struct urtwn_softc *); 229 static void urtwn_bb_init(struct urtwn_softc *); 230 static void urtwn_rf_init(struct urtwn_softc *); 231 static void urtwn_cam_init(struct urtwn_softc *); 232 static void urtwn_pa_bias_init(struct urtwn_softc *); 233 static void urtwn_rxfilter_init(struct urtwn_softc *); 234 static void urtwn_edca_init(struct urtwn_softc *); 235 static void urtwn_write_txpower(struct urtwn_softc *, int, uint16_t[]); 236 static void urtwn_get_txpower(struct urtwn_softc *, int, u_int, u_int, 237 uint16_t[]); 238 static void urtwn_set_txpower(struct urtwn_softc *, u_int, u_int); 239 static void urtwn_set_chan(struct urtwn_softc *, struct ieee80211_channel *, 240 u_int); 241 static void urtwn_iq_calib(struct urtwn_softc *, bool); 242 static void urtwn_lc_calib(struct urtwn_softc *); 243 static void urtwn_temp_calib(struct urtwn_softc *); 244 static int urtwn_init(struct ifnet *); 245 static void urtwn_stop(struct ifnet *, int); 246 static int urtwn_reset(struct ifnet *); 247 static void urtwn_chip_stop(struct urtwn_softc *); 248 249 /* Aliases. */ 250 #define urtwn_bb_write urtwn_write_4 251 #define urtwn_bb_read urtwn_read_4 252 253 static int 254 urtwn_match(device_t parent, cfdata_t match, void *aux) 255 { 256 struct usb_attach_arg *uaa = aux; 257 258 return ((usb_lookup(urtwn_devs, uaa->vendor, uaa->product) != NULL) ? 259 UMATCH_VENDOR_PRODUCT : UMATCH_NONE); 260 } 261 262 static void 263 urtwn_attach(device_t parent, device_t self, void *aux) 264 { 265 struct urtwn_softc *sc = device_private(self); 266 struct ieee80211com *ic = &sc->sc_ic; 267 struct ifnet *ifp = &sc->sc_if; 268 struct usb_attach_arg *uaa = aux; 269 char *devinfop; 270 int i, error; 271 272 sc->sc_dev = self; 273 sc->sc_udev = uaa->device; 274 275 aprint_naive("\n"); 276 aprint_normal("\n"); 277 278 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 279 280 devinfop = usbd_devinfo_alloc(sc->sc_udev, 0); 281 aprint_normal_dev(self, "%s\n", devinfop); 282 usbd_devinfo_free(devinfop); 283 284 mutex_init(&sc->sc_task_mtx, MUTEX_DEFAULT, IPL_NET); 285 mutex_init(&sc->sc_tx_mtx, MUTEX_DEFAULT, IPL_NONE); 286 mutex_init(&sc->sc_fwcmd_mtx, MUTEX_DEFAULT, IPL_NONE); 287 mutex_init(&sc->sc_write_mtx, MUTEX_DEFAULT, IPL_NONE); 288 289 usb_init_task(&sc->sc_task, urtwn_task, sc, 0); 290 291 callout_init(&sc->sc_scan_to, 0); 292 callout_setfunc(&sc->sc_scan_to, urtwn_next_scan, sc); 293 callout_init(&sc->sc_calib_to, 0); 294 callout_setfunc(&sc->sc_calib_to, urtwn_calib_to, sc); 295 296 error = usbd_set_config_no(sc->sc_udev, 1, 0); 297 if (error != 0) { 298 aprint_error_dev(self, "failed to set configuration" 299 ", err=%s\n", usbd_errstr(error)); 300 goto fail; 301 } 302 303 /* Get the first interface handle. */ 304 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 305 if (error != 0) { 306 aprint_error_dev(self, "could not get interface handle\n"); 307 goto fail; 308 } 309 310 error = urtwn_read_chipid(sc); 311 if (error != 0) { 312 aprint_error_dev(self, "unsupported test chip\n"); 313 goto fail; 314 } 315 316 /* Determine number of Tx/Rx chains. */ 317 if (sc->chip & URTWN_CHIP_92C) { 318 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2; 319 sc->nrxchains = 2; 320 } else { 321 sc->ntxchains = 1; 322 sc->nrxchains = 1; 323 } 324 urtwn_read_rom(sc); 325 326 aprint_normal_dev(self, "MAC/BB RTL%s, RF 6052 %dT%dR, address %s\n", 327 (sc->chip & URTWN_CHIP_92C) ? "8192CU" : 328 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" : 329 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" : 330 "8188CUS", sc->ntxchains, sc->nrxchains, 331 ether_sprintf(ic->ic_myaddr)); 332 333 error = urtwn_open_pipes(sc); 334 if (error != 0) { 335 aprint_error_dev(sc->sc_dev, "could not open pipes\n"); 336 goto fail; 337 } 338 aprint_normal_dev(self, "%d rx pipe%s, %d tx pipe%s\n", 339 sc->rx_npipe, sc->rx_npipe > 1 ? "s" : "", 340 sc->tx_npipe, sc->tx_npipe > 1 ? "s" : ""); 341 342 /* 343 * Setup the 802.11 device. 344 */ 345 ic->ic_ifp = ifp; 346 ic->ic_phytype = IEEE80211_T_OFDM; /* Not only, but not used. */ 347 ic->ic_opmode = IEEE80211_M_STA; /* Default to BSS mode. */ 348 ic->ic_state = IEEE80211_S_INIT; 349 350 /* Set device capabilities. */ 351 ic->ic_caps = 352 IEEE80211_C_MONITOR | /* Monitor mode supported. */ 353 IEEE80211_C_SHPREAMBLE | /* Short preamble supported. */ 354 IEEE80211_C_SHSLOT | /* Short slot time supported. */ 355 IEEE80211_C_WME | /* 802.11e */ 356 IEEE80211_C_WPA; /* 802.11i */ 357 358 /* Set supported .11b and .11g rates. */ 359 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 360 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 361 362 /* Set supported .11b and .11g channels (1 through 14). */ 363 for (i = 1; i <= 14; i++) { 364 ic->ic_channels[i].ic_freq = 365 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 366 ic->ic_channels[i].ic_flags = 367 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 368 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 369 } 370 371 ifp->if_softc = sc; 372 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 373 ifp->if_init = urtwn_init; 374 ifp->if_ioctl = urtwn_ioctl; 375 ifp->if_start = urtwn_start; 376 ifp->if_watchdog = urtwn_watchdog; 377 IFQ_SET_READY(&ifp->if_snd); 378 memcpy(ifp->if_xname, device_xname(sc->sc_dev), IFNAMSIZ); 379 380 if_attach(ifp); 381 ieee80211_ifattach(ic); 382 383 /* override default methods */ 384 ic->ic_reset = urtwn_reset; 385 ic->ic_wme.wme_update = urtwn_wme_update; 386 387 /* Override state transition machine. */ 388 sc->sc_newstate = ic->ic_newstate; 389 ic->ic_newstate = urtwn_newstate; 390 ieee80211_media_init(ic, urtwn_media_change, ieee80211_media_status); 391 392 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 393 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 394 &sc->sc_drvbpf); 395 396 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 397 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 398 sc->sc_rxtap.wr_ihdr.it_present = htole32(URTWN_RX_RADIOTAP_PRESENT); 399 400 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 401 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 402 sc->sc_txtap.wt_ihdr.it_present = htole32(URTWN_TX_RADIOTAP_PRESENT); 403 404 ieee80211_announce(ic); 405 406 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, sc->sc_dev); 407 408 SET(sc->sc_flags, URTWN_FLAG_ATTACHED); 409 return; 410 411 fail: 412 sc->sc_dying = 1; 413 aprint_error_dev(self, "attach failed\n"); 414 } 415 416 static int 417 urtwn_detach(device_t self, int flags) 418 { 419 struct urtwn_softc *sc = device_private(self); 420 struct ifnet *ifp = &sc->sc_if; 421 int s; 422 423 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 424 425 s = splusb(); 426 427 sc->sc_dying = 1; 428 429 callout_stop(&sc->sc_scan_to); 430 callout_stop(&sc->sc_calib_to); 431 432 if (ISSET(sc->sc_flags, URTWN_FLAG_ATTACHED)) { 433 usb_rem_task(sc->sc_udev, &sc->sc_task); 434 urtwn_stop(ifp, 0); 435 436 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 437 bpf_detach(ifp); 438 ieee80211_ifdetach(&sc->sc_ic); 439 if_detach(ifp); 440 441 /* Abort and close Tx/Rx pipes. */ 442 urtwn_close_pipes(sc); 443 } 444 445 splx(s); 446 447 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, sc->sc_dev); 448 449 callout_destroy(&sc->sc_scan_to); 450 callout_destroy(&sc->sc_calib_to); 451 452 mutex_destroy(&sc->sc_write_mtx); 453 mutex_destroy(&sc->sc_fwcmd_mtx); 454 mutex_destroy(&sc->sc_tx_mtx); 455 mutex_destroy(&sc->sc_task_mtx); 456 457 return (0); 458 } 459 460 static int 461 urtwn_activate(device_t self, enum devact act) 462 { 463 struct urtwn_softc *sc = device_private(self); 464 465 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 466 467 switch (act) { 468 case DVACT_DEACTIVATE: 469 if_deactivate(sc->sc_ic.ic_ifp); 470 return (0); 471 default: 472 return (EOPNOTSUPP); 473 } 474 } 475 476 static int 477 urtwn_open_pipes(struct urtwn_softc *sc) 478 { 479 /* Bulk-out endpoints addresses (from highest to lowest prio). */ 480 static const uint8_t epaddr[] = { 0x02, 0x03, 0x05 }; 481 usb_interface_descriptor_t *id; 482 usb_endpoint_descriptor_t *ed; 483 int i, ntx = 0, error; 484 485 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 486 487 /* Determine the number of bulk-out pipes. */ 488 id = usbd_get_interface_descriptor(sc->sc_iface); 489 for (i = 0; i < id->bNumEndpoints; i++) { 490 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 491 if (ed != NULL && 492 UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK && 493 UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_OUT) 494 ntx++; 495 } 496 DPRINTFN(DBG_INIT, ("%s: %s: found %d bulk-out pipes\n", 497 device_xname(sc->sc_dev), __func__, ntx)); 498 if (ntx == 0 || ntx > R92C_MAX_EPOUT) { 499 aprint_error_dev(sc->sc_dev, 500 "%d: invalid number of Tx bulk pipes\n", ntx); 501 return (EIO); 502 } 503 sc->rx_npipe = 1; 504 sc->tx_npipe = ntx; 505 506 /* Open bulk-in pipe at address 0x81. */ 507 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 508 &sc->rx_pipe); 509 if (error != 0) { 510 aprint_error_dev(sc->sc_dev, "could not open Rx bulk pipe" 511 ": %d\n", error); 512 goto fail; 513 } 514 515 /* Open bulk-out pipes (up to 3). */ 516 for (i = 0; i < ntx; i++) { 517 error = usbd_open_pipe(sc->sc_iface, epaddr[i], 518 USBD_EXCLUSIVE_USE, &sc->tx_pipe[i]); 519 if (error != 0) { 520 aprint_error_dev(sc->sc_dev, 521 "could not open Tx bulk pipe 0x%02x: %d\n", 522 epaddr[i], error); 523 goto fail; 524 } 525 } 526 527 /* Map 802.11 access categories to USB pipes. */ 528 sc->ac2idx[WME_AC_BK] = 529 sc->ac2idx[WME_AC_BE] = (ntx == 3) ? 2 : ((ntx == 2) ? 1 : 0); 530 sc->ac2idx[WME_AC_VI] = (ntx == 3) ? 1 : 0; 531 sc->ac2idx[WME_AC_VO] = 0; /* Always use highest prio. */ 532 533 fail: 534 if (error != 0) 535 urtwn_close_pipes(sc); 536 return (error); 537 } 538 539 static void 540 urtwn_close_pipes(struct urtwn_softc *sc) 541 { 542 int i; 543 544 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 545 546 /* Close Rx pipe. */ 547 if (sc->rx_pipe != NULL) { 548 usbd_abort_pipe(sc->rx_pipe); 549 usbd_close_pipe(sc->rx_pipe); 550 sc->rx_pipe = NULL; 551 } 552 /* Close Tx pipes. */ 553 for (i = 0; i < R92C_MAX_EPOUT; i++) { 554 if (sc->tx_pipe[i] == NULL) 555 continue; 556 usbd_abort_pipe(sc->tx_pipe[i]); 557 usbd_close_pipe(sc->tx_pipe[i]); 558 sc->tx_pipe[i] = NULL; 559 } 560 } 561 562 static int 563 urtwn_alloc_rx_list(struct urtwn_softc *sc) 564 { 565 struct urtwn_rx_data *data; 566 int i, error = 0; 567 568 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 569 570 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) { 571 data = &sc->rx_data[i]; 572 573 data->sc = sc; /* Backpointer for callbacks. */ 574 575 data->xfer = usbd_alloc_xfer(sc->sc_udev); 576 if (data->xfer == NULL) { 577 aprint_error_dev(sc->sc_dev, 578 "could not allocate xfer\n"); 579 error = ENOMEM; 580 break; 581 } 582 583 data->buf = usbd_alloc_buffer(data->xfer, URTWN_RXBUFSZ); 584 if (data->buf == NULL) { 585 aprint_error_dev(sc->sc_dev, 586 "could not allocate xfer buffer\n"); 587 error = ENOMEM; 588 break; 589 } 590 } 591 if (error != 0) 592 urtwn_free_rx_list(sc); 593 return (error); 594 } 595 596 static void 597 urtwn_free_rx_list(struct urtwn_softc *sc) 598 { 599 int i; 600 601 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 602 603 /* NB: Caller must abort pipe first. */ 604 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) { 605 if (sc->rx_data[i].xfer != NULL) { 606 usbd_free_xfer(sc->rx_data[i].xfer); 607 sc->rx_data[i].xfer = NULL; 608 } 609 } 610 } 611 612 static int 613 urtwn_alloc_tx_list(struct urtwn_softc *sc) 614 { 615 struct urtwn_tx_data *data; 616 int i, error = 0; 617 618 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 619 620 mutex_enter(&sc->sc_tx_mtx); 621 TAILQ_INIT(&sc->tx_free_list); 622 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) { 623 data = &sc->tx_data[i]; 624 625 data->sc = sc; /* Backpointer for callbacks. */ 626 627 data->xfer = usbd_alloc_xfer(sc->sc_udev); 628 if (data->xfer == NULL) { 629 aprint_error_dev(sc->sc_dev, 630 "could not allocate xfer\n"); 631 error = ENOMEM; 632 goto fail; 633 } 634 635 data->buf = usbd_alloc_buffer(data->xfer, URTWN_TXBUFSZ); 636 if (data->buf == NULL) { 637 aprint_error_dev(sc->sc_dev, 638 "could not allocate xfer buffer\n"); 639 error = ENOMEM; 640 goto fail; 641 } 642 643 /* Append this Tx buffer to our free list. */ 644 TAILQ_INSERT_TAIL(&sc->tx_free_list, data, next); 645 } 646 mutex_exit(&sc->sc_tx_mtx); 647 return (0); 648 649 fail: 650 urtwn_free_tx_list(sc); 651 mutex_exit(&sc->sc_tx_mtx); 652 return (error); 653 } 654 655 static void 656 urtwn_free_tx_list(struct urtwn_softc *sc) 657 { 658 struct urtwn_tx_data *data; 659 int i; 660 661 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 662 663 /* NB: Caller must abort pipe first. */ 664 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) { 665 data = &sc->tx_data[i]; 666 667 if (data->xfer != NULL) { 668 usbd_free_xfer(data->xfer); 669 data->xfer = NULL; 670 } 671 } 672 } 673 674 static void 675 urtwn_task(void *arg) 676 { 677 struct urtwn_softc *sc = arg; 678 struct urtwn_host_cmd_ring *ring = &sc->cmdq; 679 struct urtwn_host_cmd *cmd; 680 int s; 681 682 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 683 684 /* Process host commands. */ 685 s = splusb(); 686 mutex_spin_enter(&sc->sc_task_mtx); 687 while (ring->next != ring->cur) { 688 cmd = &ring->cmd[ring->next]; 689 mutex_spin_exit(&sc->sc_task_mtx); 690 splx(s); 691 /* Invoke callback with kernel lock held. */ 692 cmd->cb(sc, cmd->data); 693 s = splusb(); 694 mutex_spin_enter(&sc->sc_task_mtx); 695 ring->queued--; 696 ring->next = (ring->next + 1) % URTWN_HOST_CMD_RING_COUNT; 697 } 698 mutex_spin_exit(&sc->sc_task_mtx); 699 wakeup(&sc->cmdq); 700 splx(s); 701 } 702 703 static void 704 urtwn_do_async(struct urtwn_softc *sc, void (*cb)(struct urtwn_softc *, void *), 705 void *arg, int len) 706 { 707 struct urtwn_host_cmd_ring *ring = &sc->cmdq; 708 struct urtwn_host_cmd *cmd; 709 int s; 710 711 DPRINTFN(DBG_FN, ("%s: %s: cb=%p, arg=%p, len=%d\n", 712 device_xname(sc->sc_dev), __func__, cb, arg, len)); 713 714 s = splusb(); 715 mutex_spin_enter(&sc->sc_task_mtx); 716 cmd = &ring->cmd[ring->cur]; 717 cmd->cb = cb; 718 KASSERT(len <= sizeof(cmd->data)); 719 memcpy(cmd->data, arg, len); 720 ring->cur = (ring->cur + 1) % URTWN_HOST_CMD_RING_COUNT; 721 722 /* If there is no pending command already, schedule a task. */ 723 if (!sc->sc_dying && ++ring->queued == 1) { 724 mutex_spin_exit(&sc->sc_task_mtx); 725 usb_add_task(sc->sc_udev, &sc->sc_task, USB_TASKQ_DRIVER); 726 } else 727 mutex_spin_exit(&sc->sc_task_mtx); 728 splx(s); 729 } 730 731 static void 732 urtwn_wait_async(struct urtwn_softc *sc) 733 { 734 735 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 736 737 /* Wait for all queued asynchronous commands to complete. */ 738 while (sc->cmdq.queued > 0) 739 tsleep(&sc->cmdq, 0, "endtask", 0); 740 } 741 742 static int 743 urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 744 int len) 745 { 746 usb_device_request_t req; 747 usbd_status error; 748 749 KASSERT(mutex_owned(&sc->sc_write_mtx)); 750 751 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 752 req.bRequest = R92C_REQ_REGS; 753 USETW(req.wValue, addr); 754 USETW(req.wIndex, 0); 755 USETW(req.wLength, len); 756 error = usbd_do_request(sc->sc_udev, &req, buf); 757 if (error != USBD_NORMAL_COMPLETION) { 758 DPRINTFN(DBG_REG, ("%s: %s: error=%d: addr=0x%x, len=%d\n", 759 device_xname(sc->sc_dev), __func__, error, addr, len)); 760 } 761 return (error); 762 } 763 764 static void 765 urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val) 766 { 767 768 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 769 device_xname(sc->sc_dev), __func__, addr, val)); 770 771 urtwn_write_region_1(sc, addr, &val, 1); 772 } 773 774 static void 775 urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val) 776 { 777 uint8_t buf[2]; 778 779 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 780 device_xname(sc->sc_dev), __func__, addr, val)); 781 782 buf[0] = (uint8_t)val; 783 buf[1] = (uint8_t)(val >> 8); 784 urtwn_write_region_1(sc, addr, buf, 2); 785 } 786 787 static void 788 urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val) 789 { 790 uint8_t buf[4]; 791 792 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 793 device_xname(sc->sc_dev), __func__, addr, val)); 794 795 buf[0] = (uint8_t)val; 796 buf[1] = (uint8_t)(val >> 8); 797 buf[2] = (uint8_t)(val >> 16); 798 buf[3] = (uint8_t)(val >> 24); 799 urtwn_write_region_1(sc, addr, buf, 4); 800 } 801 802 static int 803 urtwn_write_region(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, int len) 804 { 805 806 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, len=0x%x\n", 807 device_xname(sc->sc_dev), __func__, addr, len)); 808 809 return urtwn_write_region_1(sc, addr, buf, len); 810 } 811 812 static int 813 urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 814 int len) 815 { 816 usb_device_request_t req; 817 usbd_status error; 818 819 req.bmRequestType = UT_READ_VENDOR_DEVICE; 820 req.bRequest = R92C_REQ_REGS; 821 USETW(req.wValue, addr); 822 USETW(req.wIndex, 0); 823 USETW(req.wLength, len); 824 error = usbd_do_request(sc->sc_udev, &req, buf); 825 if (error != USBD_NORMAL_COMPLETION) { 826 DPRINTFN(DBG_REG, ("%s: %s: error=%d: addr=0x%x, len=%d\n", 827 device_xname(sc->sc_dev), __func__, error, addr, len)); 828 } 829 return (error); 830 } 831 832 static uint8_t 833 urtwn_read_1(struct urtwn_softc *sc, uint16_t addr) 834 { 835 uint8_t val; 836 837 if (urtwn_read_region_1(sc, addr, &val, 1) != USBD_NORMAL_COMPLETION) 838 return (0xff); 839 840 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 841 device_xname(sc->sc_dev), __func__, addr, val)); 842 return (val); 843 } 844 845 static uint16_t 846 urtwn_read_2(struct urtwn_softc *sc, uint16_t addr) 847 { 848 uint8_t buf[2]; 849 uint16_t val; 850 851 if (urtwn_read_region_1(sc, addr, buf, 2) != USBD_NORMAL_COMPLETION) 852 return (0xffff); 853 854 val = LE_READ_2(&buf[0]); 855 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 856 device_xname(sc->sc_dev), __func__, addr, val)); 857 return (val); 858 } 859 860 static uint32_t 861 urtwn_read_4(struct urtwn_softc *sc, uint16_t addr) 862 { 863 uint8_t buf[4]; 864 uint32_t val; 865 866 if (urtwn_read_region_1(sc, addr, buf, 4) != USBD_NORMAL_COMPLETION) 867 return (0xffffffff); 868 869 val = LE_READ_4(&buf[0]); 870 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 871 device_xname(sc->sc_dev), __func__, addr, val)); 872 return (val); 873 } 874 875 static int 876 urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len) 877 { 878 struct r92c_fw_cmd cmd; 879 uint8_t *cp; 880 int fwcur; 881 int ntries; 882 883 DPRINTFN(DBG_REG, ("%s: %s: id=%d, buf=%p, len=%d\n", 884 device_xname(sc->sc_dev), __func__, id, buf, len)); 885 886 KASSERT(mutex_owned(&sc->sc_write_mtx)); 887 888 mutex_enter(&sc->sc_fwcmd_mtx); 889 fwcur = sc->fwcur; 890 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX; 891 mutex_exit(&sc->sc_fwcmd_mtx); 892 893 /* Wait for current FW box to be empty. */ 894 for (ntries = 0; ntries < 100; ntries++) { 895 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << fwcur))) 896 break; 897 DELAY(1); 898 } 899 if (ntries == 100) { 900 aprint_error_dev(sc->sc_dev, 901 "could not send firmware command %d\n", id); 902 return (ETIMEDOUT); 903 } 904 905 memset(&cmd, 0, sizeof(cmd)); 906 KASSERT(len <= sizeof(cmd.msg)); 907 memcpy(cmd.msg, buf, len); 908 909 /* Write the first word last since that will trigger the FW. */ 910 cp = (uint8_t *)&cmd; 911 if (len >= 4) { 912 cmd.id = id | R92C_CMD_FLAG_EXT; 913 urtwn_write_region(sc, R92C_HMEBOX_EXT(fwcur), &cp[1], 2); 914 urtwn_write_4(sc, R92C_HMEBOX(fwcur), 915 cp[0] + (cp[3] << 8) + (cp[4] << 16) + (cp[5] << 24)); 916 } else { 917 cmd.id = id; 918 urtwn_write_region(sc, R92C_HMEBOX(fwcur), cp, len); 919 } 920 921 return (0); 922 } 923 924 static void 925 urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val) 926 { 927 928 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 929 SM(R92C_LSSI_PARAM_ADDR, addr) | SM(R92C_LSSI_PARAM_DATA, val)); 930 } 931 932 static uint32_t 933 urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr) 934 { 935 uint32_t reg[R92C_MAX_CHAINS], val; 936 937 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)); 938 if (chain != 0) { 939 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain)); 940 } 941 942 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 943 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE); 944 DELAY(1000); 945 946 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain), 947 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) | 948 R92C_HSSI_PARAM2_READ_EDGE); 949 DELAY(1000); 950 951 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 952 reg[0] | R92C_HSSI_PARAM2_READ_EDGE); 953 DELAY(1000); 954 955 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI) { 956 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain)); 957 } else { 958 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain)); 959 } 960 return (MS(val, R92C_LSSI_READBACK_DATA)); 961 } 962 963 static int 964 urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 965 { 966 int ntries; 967 968 KASSERT(mutex_owned(&sc->sc_write_mtx)); 969 970 urtwn_write_4(sc, R92C_LLT_INIT, 971 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) | 972 SM(R92C_LLT_INIT_ADDR, addr) | 973 SM(R92C_LLT_INIT_DATA, data)); 974 /* Wait for write operation to complete. */ 975 for (ntries = 0; ntries < 20; ntries++) { 976 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) == 977 R92C_LLT_INIT_OP_NO_ACTIVE) { 978 /* Done */ 979 return (0); 980 } 981 DELAY(5); 982 } 983 return (ETIMEDOUT); 984 } 985 986 static uint8_t 987 urtwn_efuse_read_1(struct urtwn_softc *sc, uint16_t addr) 988 { 989 uint32_t reg; 990 int ntries; 991 992 KASSERT(mutex_owned(&sc->sc_write_mtx)); 993 994 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 995 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, addr); 996 reg &= ~R92C_EFUSE_CTRL_VALID; 997 urtwn_write_4(sc, R92C_EFUSE_CTRL, reg); 998 999 /* Wait for read operation to complete. */ 1000 for (ntries = 0; ntries < 100; ntries++) { 1001 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1002 if (reg & R92C_EFUSE_CTRL_VALID) { 1003 /* Done */ 1004 return (MS(reg, R92C_EFUSE_CTRL_DATA)); 1005 } 1006 DELAY(5); 1007 } 1008 aprint_error_dev(sc->sc_dev, 1009 "could not read efuse byte at address 0x%04x\n", addr); 1010 return (0xff); 1011 } 1012 1013 static void 1014 urtwn_efuse_read(struct urtwn_softc *sc) 1015 { 1016 uint8_t *rom = (uint8_t *)&sc->rom; 1017 uint32_t reg; 1018 uint16_t addr = 0; 1019 uint8_t off, msk; 1020 int i; 1021 1022 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1023 1024 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1025 1026 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL); 1027 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) { 1028 urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 1029 reg | R92C_SYS_ISO_CTRL_PWC_EV12V); 1030 } 1031 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 1032 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) { 1033 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 1034 reg | R92C_SYS_FUNC_EN_ELDR); 1035 } 1036 reg = urtwn_read_2(sc, R92C_SYS_CLKR); 1037 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) != 1038 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) { 1039 urtwn_write_2(sc, R92C_SYS_CLKR, 1040 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M); 1041 } 1042 memset(&sc->rom, 0xff, sizeof(sc->rom)); 1043 while (addr < 512) { 1044 reg = urtwn_efuse_read_1(sc, addr); 1045 if (reg == 0xff) 1046 break; 1047 addr++; 1048 off = reg >> 4; 1049 msk = reg & 0xf; 1050 for (i = 0; i < 4; i++) { 1051 if (msk & (1U << i)) 1052 continue; 1053 1054 rom[off * 8 + i * 2 + 0] = urtwn_efuse_read_1(sc, addr); 1055 addr++; 1056 rom[off * 8 + i * 2 + 1] = urtwn_efuse_read_1(sc, addr); 1057 addr++; 1058 } 1059 } 1060 #ifdef URTWN_DEBUG 1061 if (urtwn_debug & DBG_INIT) { 1062 /* Dump ROM content. */ 1063 printf("%s: %s", device_xname(sc->sc_dev), __func__); 1064 for (i = 0; i < (int)sizeof(sc->rom); i++) 1065 printf(":%02x", rom[i]); 1066 printf("\n"); 1067 } 1068 #endif 1069 } 1070 1071 static int 1072 urtwn_read_chipid(struct urtwn_softc *sc) 1073 { 1074 uint32_t reg; 1075 1076 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1077 1078 sc->chip = 0; 1079 reg = urtwn_read_4(sc, R92C_SYS_CFG); 1080 if (reg & R92C_SYS_CFG_TRP_VAUX_EN) { 1081 /* test chip, not supported */ 1082 return (EIO); 1083 } 1084 if (reg & R92C_SYS_CFG_TYPE_92C) { 1085 sc->chip |= URTWN_CHIP_92C; 1086 /* Check if it is a castrated 8192C. */ 1087 if (MS(urtwn_read_4(sc, R92C_HPON_FSM), 1088 R92C_HPON_FSM_CHIP_BONDING_ID) == 1089 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R) { 1090 sc->chip |= URTWN_CHIP_92C_1T2R; 1091 } 1092 } 1093 if (reg & R92C_SYS_CFG_VENDOR_UMC) { 1094 sc->chip |= URTWN_CHIP_UMC; 1095 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0) { 1096 sc->chip |= URTWN_CHIP_UMC_A_CUT; 1097 } 1098 } 1099 return (0); 1100 } 1101 1102 #ifdef URTWN_DEBUG 1103 static void 1104 urtwn_dump_rom(struct urtwn_softc *sc, struct r92c_rom *rp) 1105 { 1106 1107 aprint_normal_dev(sc->sc_dev, 1108 "id 0x%04x, dbg_sel 0x%x, vid 0x%x, pid 0x%x\n", 1109 rp->id, rp->dbg_sel, rp->vid, rp->pid); 1110 1111 aprint_normal_dev(sc->sc_dev, 1112 "usb_opt 0x%x, ep_setting 0x%x, usb_phy 0x%x\n", 1113 rp->usb_opt, rp->ep_setting, rp->usb_phy); 1114 1115 aprint_normal_dev(sc->sc_dev, 1116 "macaddr %02x:%02x:%02x:%02x:%02x:%02x\n", 1117 rp->macaddr[0], rp->macaddr[1], 1118 rp->macaddr[2], rp->macaddr[3], 1119 rp->macaddr[4], rp->macaddr[5]); 1120 1121 aprint_normal_dev(sc->sc_dev, 1122 "string %s, subcustomer_id 0x%x\n", 1123 rp->string, rp->subcustomer_id); 1124 1125 aprint_normal_dev(sc->sc_dev, 1126 "cck_tx_pwr c0: %d %d %d, c1: %d %d %d\n", 1127 rp->cck_tx_pwr[0][0], rp->cck_tx_pwr[0][1], rp->cck_tx_pwr[0][2], 1128 rp->cck_tx_pwr[1][0], rp->cck_tx_pwr[1][1], rp->cck_tx_pwr[1][2]); 1129 1130 aprint_normal_dev(sc->sc_dev, 1131 "ht40_1s_tx_pwr c0 %d %d %d, c1 %d %d %d\n", 1132 rp->ht40_1s_tx_pwr[0][0], rp->ht40_1s_tx_pwr[0][1], 1133 rp->ht40_1s_tx_pwr[0][2], 1134 rp->ht40_1s_tx_pwr[1][0], rp->ht40_1s_tx_pwr[1][1], 1135 rp->ht40_1s_tx_pwr[1][2]); 1136 1137 aprint_normal_dev(sc->sc_dev, 1138 "ht40_2s_tx_pwr_diff c0: %d %d %d, c1: %d %d %d\n", 1139 rp->ht40_2s_tx_pwr_diff[0] & 0xf, rp->ht40_2s_tx_pwr_diff[1] & 0xf, 1140 rp->ht40_2s_tx_pwr_diff[2] & 0xf, 1141 rp->ht40_2s_tx_pwr_diff[0] >> 4, rp->ht40_2s_tx_pwr_diff[1] & 0xf, 1142 rp->ht40_2s_tx_pwr_diff[2] >> 4); 1143 1144 aprint_normal_dev(sc->sc_dev, 1145 "ht20_tx_pwr_diff c0: %d %d %d, c1: %d %d %d\n", 1146 rp->ht20_tx_pwr_diff[0] & 0xf, rp->ht20_tx_pwr_diff[1] & 0xf, 1147 rp->ht20_tx_pwr_diff[2] & 0xf, 1148 rp->ht20_tx_pwr_diff[0] >> 4, rp->ht20_tx_pwr_diff[1] >> 4, 1149 rp->ht20_tx_pwr_diff[2] >> 4); 1150 1151 aprint_normal_dev(sc->sc_dev, 1152 "ofdm_tx_pwr_diff c0: %d %d %d, c1: %d %d %d\n", 1153 rp->ofdm_tx_pwr_diff[0] & 0xf, rp->ofdm_tx_pwr_diff[1] & 0xf, 1154 rp->ofdm_tx_pwr_diff[2] & 0xf, 1155 rp->ofdm_tx_pwr_diff[0] >> 4, rp->ofdm_tx_pwr_diff[1] >> 4, 1156 rp->ofdm_tx_pwr_diff[2] >> 4); 1157 1158 aprint_normal_dev(sc->sc_dev, 1159 "ht40_max_pwr_offset c0: %d %d %d, c1: %d %d %d\n", 1160 rp->ht40_max_pwr[0] & 0xf, rp->ht40_max_pwr[1] & 0xf, 1161 rp->ht40_max_pwr[2] & 0xf, 1162 rp->ht40_max_pwr[0] >> 4, rp->ht40_max_pwr[1] >> 4, 1163 rp->ht40_max_pwr[2] >> 4); 1164 1165 aprint_normal_dev(sc->sc_dev, 1166 "ht20_max_pwr_offset c0: %d %d %d, c1: %d %d %d\n", 1167 rp->ht20_max_pwr[0] & 0xf, rp->ht20_max_pwr[1] & 0xf, 1168 rp->ht20_max_pwr[2] & 0xf, 1169 rp->ht20_max_pwr[0] >> 4, rp->ht20_max_pwr[1] >> 4, 1170 rp->ht20_max_pwr[2] >> 4); 1171 1172 aprint_normal_dev(sc->sc_dev, 1173 "xtal_calib %d, tssi %d %d, thermal %d\n", 1174 rp->xtal_calib, rp->tssi[0], rp->tssi[1], rp->thermal_meter); 1175 1176 aprint_normal_dev(sc->sc_dev, 1177 "rf_opt1 0x%x, rf_opt2 0x%x, rf_opt3 0x%x, rf_opt4 0x%x\n", 1178 rp->rf_opt1, rp->rf_opt2, rp->rf_opt3, rp->rf_opt4); 1179 1180 aprint_normal_dev(sc->sc_dev, 1181 "channnel_plan %d, version %d customer_id 0x%x\n", 1182 rp->channel_plan, rp->version, rp->curstomer_id); 1183 } 1184 #endif 1185 1186 static void 1187 urtwn_read_rom(struct urtwn_softc *sc) 1188 { 1189 struct ieee80211com *ic = &sc->sc_ic; 1190 struct r92c_rom *rom = &sc->rom; 1191 1192 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1193 1194 mutex_enter(&sc->sc_write_mtx); 1195 1196 /* Read full ROM image. */ 1197 urtwn_efuse_read(sc); 1198 #ifdef URTWN_DEBUG 1199 if (urtwn_debug & DBG_REG) 1200 urtwn_dump_rom(sc, rom); 1201 #endif 1202 1203 /* XXX Weird but this is what the vendor driver does. */ 1204 sc->pa_setting = urtwn_efuse_read_1(sc, 0x1fa); 1205 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE); 1206 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY); 1207 1208 DPRINTFN(DBG_INIT, 1209 ("%s: %s: PA setting=0x%x, board=0x%x, regulatory=%d\n", 1210 device_xname(sc->sc_dev), __func__, sc->pa_setting, 1211 sc->board_type, sc->regulatory)); 1212 1213 IEEE80211_ADDR_COPY(ic->ic_myaddr, rom->macaddr); 1214 1215 mutex_exit(&sc->sc_write_mtx); 1216 } 1217 1218 static int 1219 urtwn_media_change(struct ifnet *ifp) 1220 { 1221 #ifdef URTWN_DEBUG 1222 struct urtwn_softc *sc = ifp->if_softc; 1223 #endif 1224 int error; 1225 1226 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1227 1228 if ((error = ieee80211_media_change(ifp)) != ENETRESET) 1229 return (error); 1230 1231 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1232 (IFF_UP | IFF_RUNNING)) { 1233 urtwn_init(ifp); 1234 } 1235 return (0); 1236 } 1237 1238 /* 1239 * Initialize rate adaptation in firmware. 1240 */ 1241 static int 1242 urtwn_ra_init(struct urtwn_softc *sc) 1243 { 1244 static const uint8_t map[] = { 1245 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 1246 }; 1247 struct ieee80211com *ic = &sc->sc_ic; 1248 struct ieee80211_node *ni = ic->ic_bss; 1249 struct ieee80211_rateset *rs = &ni->ni_rates; 1250 struct r92c_fw_cmd_macid_cfg cmd; 1251 uint32_t rates, basicrates; 1252 uint32_t mask; 1253 uint8_t mode; 1254 int maxrate, maxbasicrate, error, i, j; 1255 1256 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1257 1258 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1259 1260 /* Get normal and basic rates mask. */ 1261 rates = basicrates = 0; 1262 maxrate = maxbasicrate = 0; 1263 for (i = 0; i < rs->rs_nrates; i++) { 1264 /* Convert 802.11 rate to HW rate index. */ 1265 for (j = 0; j < (int)__arraycount(map); j++) { 1266 if ((rs->rs_rates[i] & IEEE80211_RATE_VAL) == map[j]) { 1267 break; 1268 } 1269 } 1270 if (j == __arraycount(map)) { 1271 /* Unknown rate, skip. */ 1272 continue; 1273 } 1274 1275 rates |= 1U << j; 1276 if (j > maxrate) { 1277 maxrate = j; 1278 } 1279 1280 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) { 1281 basicrates |= 1U << j; 1282 if (j > maxbasicrate) { 1283 maxbasicrate = j; 1284 } 1285 } 1286 } 1287 if (ic->ic_curmode == IEEE80211_MODE_11B) { 1288 mode = R92C_RAID_11B; 1289 } else { 1290 mode = R92C_RAID_11BG; 1291 } 1292 DPRINTFN(DBG_INIT, ("%s: %s: mode=0x%x rates=0x%x, basicrates=0x%x, " 1293 "maxrate=%x, maxbasicrate=%x\n", 1294 device_xname(sc->sc_dev), __func__, mode, rates, basicrates, 1295 maxrate, maxbasicrate)); 1296 if (basicrates == 0) { 1297 basicrates |= 1; /* add 1Mbps */ 1298 } 1299 1300 /* Set rates mask for group addressed frames. */ 1301 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID; 1302 mask = (mode << 28) | basicrates; 1303 cmd.mask[0] = (uint8_t)mask; 1304 cmd.mask[1] = (uint8_t)(mask >> 8); 1305 cmd.mask[2] = (uint8_t)(mask >> 16); 1306 cmd.mask[3] = (uint8_t)(mask >> 24); 1307 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1308 if (error != 0) { 1309 aprint_error_dev(sc->sc_dev, 1310 "could not add broadcast station\n"); 1311 return (error); 1312 } 1313 /* Set initial MRR rate. */ 1314 DPRINTFN(DBG_INIT, ("%s: %s: maxbasicrate=%d\n", 1315 device_xname(sc->sc_dev), __func__, maxbasicrate)); 1316 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC), maxbasicrate); 1317 1318 /* Set rates mask for unicast frames. */ 1319 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID; 1320 mask = (mode << 28) | rates; 1321 cmd.mask[0] = (uint8_t)mask; 1322 cmd.mask[1] = (uint8_t)(mask >> 8); 1323 cmd.mask[2] = (uint8_t)(mask >> 16); 1324 cmd.mask[3] = (uint8_t)(mask >> 24); 1325 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1326 if (error != 0) { 1327 aprint_error_dev(sc->sc_dev, "could not add BSS station\n"); 1328 return (error); 1329 } 1330 /* Set initial MRR rate. */ 1331 DPRINTFN(DBG_INIT, ("%s: %s: maxrate=%d\n", device_xname(sc->sc_dev), 1332 __func__, maxrate)); 1333 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS), maxrate); 1334 1335 /* Indicate highest supported rate. */ 1336 ni->ni_txrate = rs->rs_nrates - 1; 1337 1338 return (0); 1339 } 1340 1341 static int 1342 urtwn_get_nettype(struct urtwn_softc *sc) 1343 { 1344 struct ieee80211com *ic = &sc->sc_ic; 1345 int type; 1346 1347 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1348 1349 switch (ic->ic_opmode) { 1350 case IEEE80211_M_STA: 1351 type = R92C_CR_NETTYPE_INFRA; 1352 break; 1353 1354 case IEEE80211_M_IBSS: 1355 type = R92C_CR_NETTYPE_ADHOC; 1356 break; 1357 1358 default: 1359 type = R92C_CR_NETTYPE_NOLINK; 1360 break; 1361 } 1362 1363 return (type); 1364 } 1365 1366 static void 1367 urtwn_set_nettype0_msr(struct urtwn_softc *sc, uint8_t type) 1368 { 1369 uint8_t reg; 1370 1371 DPRINTFN(DBG_FN, ("%s: %s: type=%d\n", device_xname(sc->sc_dev), 1372 __func__, type)); 1373 1374 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1375 1376 reg = urtwn_read_1(sc, R92C_CR + 2) & 0x0c; 1377 urtwn_write_1(sc, R92C_CR + 2, reg | type); 1378 } 1379 1380 static void 1381 urtwn_tsf_sync_enable(struct urtwn_softc *sc) 1382 { 1383 struct ieee80211_node *ni = sc->sc_ic.ic_bss; 1384 uint64_t tsf; 1385 1386 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1387 1388 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1389 1390 /* Enable TSF synchronization. */ 1391 urtwn_write_1(sc, R92C_BCN_CTRL, 1392 urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_DIS_TSF_UDT0); 1393 1394 /* Correct TSF */ 1395 urtwn_write_1(sc, R92C_BCN_CTRL, 1396 urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN); 1397 1398 /* Set initial TSF. */ 1399 tsf = ni->ni_tstamp.tsf; 1400 tsf = le64toh(tsf); 1401 tsf = tsf - (tsf % (ni->ni_intval * IEEE80211_DUR_TU)); 1402 tsf -= IEEE80211_DUR_TU; 1403 urtwn_write_4(sc, R92C_TSFTR + 0, (uint32_t)tsf); 1404 urtwn_write_4(sc, R92C_TSFTR + 4, (uint32_t)(tsf >> 32)); 1405 1406 urtwn_write_1(sc, R92C_BCN_CTRL, 1407 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN); 1408 } 1409 1410 static void 1411 urtwn_set_led(struct urtwn_softc *sc, int led, int on) 1412 { 1413 uint8_t reg; 1414 1415 DPRINTFN(DBG_FN, ("%s: %s: led=%d, on=%d\n", device_xname(sc->sc_dev), 1416 __func__, led, on)); 1417 1418 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1419 1420 if (led == URTWN_LED_LINK) { 1421 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70; 1422 if (!on) { 1423 reg |= R92C_LEDCFG0_DIS; 1424 } 1425 urtwn_write_1(sc, R92C_LEDCFG0, reg); 1426 sc->ledlink = on; /* Save LED state. */ 1427 } 1428 } 1429 1430 static void 1431 urtwn_calib_to(void *arg) 1432 { 1433 struct urtwn_softc *sc = arg; 1434 1435 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1436 1437 if (sc->sc_dying) 1438 return; 1439 1440 /* Do it in a process context. */ 1441 urtwn_do_async(sc, urtwn_calib_to_cb, NULL, 0); 1442 } 1443 1444 /* ARGSUSED */ 1445 static void 1446 urtwn_calib_to_cb(struct urtwn_softc *sc, void *arg) 1447 { 1448 struct r92c_fw_cmd_rssi cmd; 1449 1450 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1451 1452 if (sc->sc_ic.ic_state != IEEE80211_S_RUN) 1453 goto restart_timer; 1454 1455 mutex_enter(&sc->sc_write_mtx); 1456 if (sc->avg_pwdb != -1) { 1457 /* Indicate Rx signal strength to FW for rate adaptation. */ 1458 memset(&cmd, 0, sizeof(cmd)); 1459 cmd.macid = 0; /* BSS. */ 1460 cmd.pwdb = sc->avg_pwdb; 1461 DPRINTFN(DBG_RF, ("%s: %s: sending RSSI command avg=%d\n", 1462 device_xname(sc->sc_dev), __func__, sc->avg_pwdb)); 1463 urtwn_fw_cmd(sc, R92C_CMD_RSSI_SETTING, &cmd, sizeof(cmd)); 1464 } 1465 1466 /* Do temperature compensation. */ 1467 urtwn_temp_calib(sc); 1468 mutex_exit(&sc->sc_write_mtx); 1469 1470 restart_timer: 1471 if (!sc->sc_dying) { 1472 /* Restart calibration timer. */ 1473 callout_schedule(&sc->sc_calib_to, hz); 1474 } 1475 } 1476 1477 static void 1478 urtwn_next_scan(void *arg) 1479 { 1480 struct urtwn_softc *sc = arg; 1481 int s; 1482 1483 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1484 1485 if (sc->sc_dying) 1486 return; 1487 1488 s = splnet(); 1489 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1490 ieee80211_next_scan(&sc->sc_ic); 1491 splx(s); 1492 } 1493 1494 static int 1495 urtwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1496 { 1497 struct urtwn_softc *sc = ic->ic_ifp->if_softc; 1498 struct urtwn_cmd_newstate cmd; 1499 1500 DPRINTFN(DBG_FN, ("%s: %s: nstate=%s(%d), arg=%d\n", 1501 device_xname(sc->sc_dev), __func__, 1502 ieee80211_state_name[nstate], nstate, arg)); 1503 1504 callout_stop(&sc->sc_scan_to); 1505 callout_stop(&sc->sc_calib_to); 1506 1507 /* Do it in a process context. */ 1508 cmd.state = nstate; 1509 cmd.arg = arg; 1510 urtwn_do_async(sc, urtwn_newstate_cb, &cmd, sizeof(cmd)); 1511 return (0); 1512 } 1513 1514 static void 1515 urtwn_newstate_cb(struct urtwn_softc *sc, void *arg) 1516 { 1517 struct urtwn_cmd_newstate *cmd = arg; 1518 struct ieee80211com *ic = &sc->sc_ic; 1519 struct ieee80211_node *ni; 1520 enum ieee80211_state ostate = ic->ic_state; 1521 enum ieee80211_state nstate = cmd->state; 1522 uint32_t reg; 1523 uint8_t sifs_time; 1524 int s; 1525 1526 DPRINTFN(DBG_FN|DBG_STM, ("%s: %s: %s(%d)->%s(%d)\n", 1527 device_xname(sc->sc_dev), __func__, 1528 ieee80211_state_name[ostate], ostate, 1529 ieee80211_state_name[nstate], nstate)); 1530 1531 s = splnet(); 1532 mutex_enter(&sc->sc_write_mtx); 1533 1534 callout_stop(&sc->sc_scan_to); 1535 callout_stop(&sc->sc_calib_to); 1536 1537 switch (ostate) { 1538 case IEEE80211_S_INIT: 1539 break; 1540 1541 case IEEE80211_S_SCAN: 1542 if (nstate != IEEE80211_S_SCAN) { 1543 /* 1544 * End of scanning 1545 */ 1546 /* flush 4-AC Queue after site_survey */ 1547 urtwn_write_1(sc, R92C_TXPAUSE, 0x0); 1548 1549 /* Allow Rx from our BSSID only. */ 1550 urtwn_write_4(sc, R92C_RCR, 1551 urtwn_read_4(sc, R92C_RCR) | 1552 R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN); 1553 } 1554 break; 1555 1556 case IEEE80211_S_AUTH: 1557 case IEEE80211_S_ASSOC: 1558 break; 1559 1560 case IEEE80211_S_RUN: 1561 /* Turn link LED off. */ 1562 urtwn_set_led(sc, URTWN_LED_LINK, 0); 1563 1564 /* Set media status to 'No Link'. */ 1565 urtwn_set_nettype0_msr(sc, R92C_CR_NETTYPE_NOLINK); 1566 1567 /* Stop Rx of data frames. */ 1568 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 1569 1570 /* Reset TSF. */ 1571 urtwn_write_1(sc, R92C_DUAL_TSF_RST, 0x03); 1572 1573 /* Disable TSF synchronization. */ 1574 urtwn_write_1(sc, R92C_BCN_CTRL, 1575 urtwn_read_1(sc, R92C_BCN_CTRL) | 1576 R92C_BCN_CTRL_DIS_TSF_UDT0); 1577 1578 /* Back to 20MHz mode */ 1579 urtwn_set_chan(sc, ic->ic_curchan, 1580 IEEE80211_HTINFO_2NDCHAN_NONE); 1581 1582 if (ic->ic_opmode == IEEE80211_M_IBSS || 1583 ic->ic_opmode == IEEE80211_M_HOSTAP) { 1584 /* Stop BCN */ 1585 urtwn_write_1(sc, R92C_BCN_CTRL, 1586 urtwn_read_1(sc, R92C_BCN_CTRL) & 1587 ~(R92C_BCN_CTRL_EN_BCN | R92C_BCN_CTRL_TXBCN_RPT)); 1588 } 1589 1590 /* Reset EDCA parameters. */ 1591 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217); 1592 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317); 1593 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320); 1594 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444); 1595 1596 /* flush all cam entries */ 1597 urtwn_cam_init(sc); 1598 break; 1599 } 1600 1601 switch (nstate) { 1602 case IEEE80211_S_INIT: 1603 /* Turn link LED off. */ 1604 urtwn_set_led(sc, URTWN_LED_LINK, 0); 1605 break; 1606 1607 case IEEE80211_S_SCAN: 1608 if (ostate != IEEE80211_S_SCAN) { 1609 /* 1610 * Begin of scanning 1611 */ 1612 1613 /* Set gain for scanning. */ 1614 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 1615 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x20); 1616 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 1617 1618 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 1619 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x20); 1620 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 1621 1622 /* Set media status to 'No Link'. */ 1623 urtwn_set_nettype0_msr(sc, R92C_CR_NETTYPE_NOLINK); 1624 1625 /* Allow Rx from any BSSID. */ 1626 urtwn_write_4(sc, R92C_RCR, 1627 urtwn_read_4(sc, R92C_RCR) & 1628 ~(R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN)); 1629 1630 /* Stop Rx of data frames. */ 1631 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 1632 1633 /* Disable update TSF */ 1634 urtwn_write_1(sc, R92C_BCN_CTRL, 1635 urtwn_read_1(sc, R92C_BCN_CTRL) | 1636 R92C_BCN_CTRL_DIS_TSF_UDT0); 1637 } 1638 1639 /* Make link LED blink during scan. */ 1640 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink); 1641 1642 /* Pause AC Tx queues. */ 1643 urtwn_write_1(sc, R92C_TXPAUSE, 1644 urtwn_read_1(sc, R92C_TXPAUSE) | 0x0f); 1645 1646 urtwn_set_chan(sc, ic->ic_curchan, 1647 IEEE80211_HTINFO_2NDCHAN_NONE); 1648 1649 /* Start periodic scan. */ 1650 if (!sc->sc_dying) 1651 callout_schedule(&sc->sc_scan_to, hz / 5); 1652 break; 1653 1654 case IEEE80211_S_AUTH: 1655 /* Set initial gain under link. */ 1656 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 1657 #ifdef doaslinux 1658 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x32); 1659 #else 1660 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x20); 1661 #endif 1662 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 1663 1664 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 1665 #ifdef doaslinux 1666 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x32); 1667 #else 1668 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x20); 1669 #endif 1670 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 1671 1672 /* Set media status to 'No Link'. */ 1673 urtwn_set_nettype0_msr(sc, R92C_CR_NETTYPE_NOLINK); 1674 1675 /* Allow Rx from any BSSID. */ 1676 urtwn_write_4(sc, R92C_RCR, 1677 urtwn_read_4(sc, R92C_RCR) & 1678 ~(R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN)); 1679 1680 urtwn_set_chan(sc, ic->ic_curchan, 1681 IEEE80211_HTINFO_2NDCHAN_NONE); 1682 break; 1683 1684 case IEEE80211_S_ASSOC: 1685 break; 1686 1687 case IEEE80211_S_RUN: 1688 ni = ic->ic_bss; 1689 1690 /* XXX: Set 20MHz mode */ 1691 urtwn_set_chan(sc, ic->ic_curchan, 1692 IEEE80211_HTINFO_2NDCHAN_NONE); 1693 1694 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 1695 /* Back to 20MHz mode */ 1696 urtwn_set_chan(sc, ic->ic_curchan, 1697 IEEE80211_HTINFO_2NDCHAN_NONE); 1698 1699 /* Set media status to 'No Link'. */ 1700 urtwn_set_nettype0_msr(sc, R92C_CR_NETTYPE_NOLINK); 1701 1702 /* Enable Rx of data frames. */ 1703 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 1704 1705 /* Allow Rx from any BSSID. */ 1706 urtwn_write_4(sc, R92C_RCR, 1707 urtwn_read_4(sc, R92C_RCR) & 1708 ~(R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN)); 1709 1710 /* Accept Rx data/control/management frames */ 1711 urtwn_write_4(sc, R92C_RCR, 1712 urtwn_read_4(sc, R92C_RCR) | 1713 R92C_RCR_ADF | R92C_RCR_ACF | R92C_RCR_AMF); 1714 1715 /* Turn link LED on. */ 1716 urtwn_set_led(sc, URTWN_LED_LINK, 1); 1717 break; 1718 } 1719 1720 /* Set media status to 'Associated'. */ 1721 urtwn_set_nettype0_msr(sc, urtwn_get_nettype(sc)); 1722 1723 /* Set BSSID. */ 1724 urtwn_write_4(sc, R92C_BSSID + 0, LE_READ_4(&ni->ni_bssid[0])); 1725 urtwn_write_4(sc, R92C_BSSID + 4, LE_READ_2(&ni->ni_bssid[4])); 1726 1727 if (ic->ic_curmode == IEEE80211_MODE_11B) { 1728 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0); 1729 } else { 1730 /* 802.11b/g */ 1731 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3); 1732 } 1733 1734 /* Enable Rx of data frames. */ 1735 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 1736 1737 /* Set beacon interval. */ 1738 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval); 1739 1740 if (ic->ic_opmode == IEEE80211_M_STA) { 1741 /* Allow Rx from our BSSID only. */ 1742 urtwn_write_4(sc, R92C_RCR, 1743 urtwn_read_4(sc, R92C_RCR) | 1744 R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN); 1745 1746 /* Enable TSF synchronization. */ 1747 urtwn_tsf_sync_enable(sc); 1748 } 1749 1750 sifs_time = 10; 1751 urtwn_write_1(sc, R92C_SIFS_CCK + 1, sifs_time); 1752 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, sifs_time); 1753 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, sifs_time); 1754 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, sifs_time); 1755 urtwn_write_1(sc, R92C_R2T_SIFS + 1, sifs_time); 1756 urtwn_write_1(sc, R92C_T2T_SIFS + 1, sifs_time); 1757 1758 /* Intialize rate adaptation. */ 1759 urtwn_ra_init(sc); 1760 1761 /* Turn link LED on. */ 1762 urtwn_set_led(sc, URTWN_LED_LINK, 1); 1763 1764 /* Reset average RSSI. */ 1765 sc->avg_pwdb = -1; 1766 1767 /* Reset temperature calibration state machine. */ 1768 sc->thcal_state = 0; 1769 sc->thcal_lctemp = 0; 1770 1771 /* Start periodic calibration. */ 1772 if (!sc->sc_dying) 1773 callout_schedule(&sc->sc_calib_to, hz); 1774 break; 1775 } 1776 1777 (*sc->sc_newstate)(ic, nstate, cmd->arg); 1778 1779 mutex_exit(&sc->sc_write_mtx); 1780 splx(s); 1781 } 1782 1783 static int 1784 urtwn_wme_update(struct ieee80211com *ic) 1785 { 1786 struct urtwn_softc *sc = ic->ic_ifp->if_softc; 1787 1788 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1789 1790 /* don't override default WME values if WME is not actually enabled */ 1791 if (!(ic->ic_flags & IEEE80211_F_WME)) 1792 return (0); 1793 1794 /* Do it in a process context. */ 1795 urtwn_do_async(sc, urtwn_wme_update_cb, NULL, 0); 1796 return (0); 1797 } 1798 1799 static void 1800 urtwn_wme_update_cb(struct urtwn_softc *sc, void *arg) 1801 { 1802 static const uint16_t ac2reg[WME_NUM_AC] = { 1803 R92C_EDCA_BE_PARAM, 1804 R92C_EDCA_BK_PARAM, 1805 R92C_EDCA_VI_PARAM, 1806 R92C_EDCA_VO_PARAM 1807 }; 1808 struct ieee80211com *ic = &sc->sc_ic; 1809 const struct wmeParams *wmep; 1810 int ac, aifs, slottime; 1811 int s; 1812 1813 DPRINTFN(DBG_FN|DBG_STM, ("%s: %s\n", device_xname(sc->sc_dev), 1814 __func__)); 1815 1816 s = splnet(); 1817 mutex_enter(&sc->sc_write_mtx); 1818 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 1819 for (ac = 0; ac < WME_NUM_AC; ac++) { 1820 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1821 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 1822 aifs = wmep->wmep_aifsn * slottime + 10; 1823 urtwn_write_4(sc, ac2reg[ac], 1824 SM(R92C_EDCA_PARAM_TXOP, wmep->wmep_txopLimit) | 1825 SM(R92C_EDCA_PARAM_ECWMIN, wmep->wmep_logcwmin) | 1826 SM(R92C_EDCA_PARAM_ECWMAX, wmep->wmep_logcwmax) | 1827 SM(R92C_EDCA_PARAM_AIFS, aifs)); 1828 } 1829 mutex_exit(&sc->sc_write_mtx); 1830 splx(s); 1831 } 1832 1833 static void 1834 urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi) 1835 { 1836 int pwdb; 1837 1838 DPRINTFN(DBG_FN, ("%s: %s: rate=%d, rsst=%d\n", 1839 device_xname(sc->sc_dev), __func__, rate, rssi)); 1840 1841 /* Convert antenna signal to percentage. */ 1842 if (rssi <= -100 || rssi >= 20) 1843 pwdb = 0; 1844 else if (rssi >= 0) 1845 pwdb = 100; 1846 else 1847 pwdb = 100 + rssi; 1848 if (rate <= 3) { 1849 /* CCK gain is smaller than OFDM/MCS gain. */ 1850 pwdb += 6; 1851 if (pwdb > 100) 1852 pwdb = 100; 1853 if (pwdb <= 14) 1854 pwdb -= 4; 1855 else if (pwdb <= 26) 1856 pwdb -= 8; 1857 else if (pwdb <= 34) 1858 pwdb -= 6; 1859 else if (pwdb <= 42) 1860 pwdb -= 2; 1861 } 1862 if (sc->avg_pwdb == -1) /* Init. */ 1863 sc->avg_pwdb = pwdb; 1864 else if (sc->avg_pwdb < pwdb) 1865 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1; 1866 else 1867 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20); 1868 1869 DPRINTFN(DBG_RF, ("%s: %s: rate=%d rssi=%d PWDB=%d EMA=%d\n", 1870 device_xname(sc->sc_dev), __func__, 1871 rate, rssi, pwdb, sc->avg_pwdb)); 1872 } 1873 1874 static int8_t 1875 urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 1876 { 1877 static const int8_t cckoff[] = { 16, -12, -26, -46 }; 1878 struct r92c_rx_phystat *phy; 1879 struct r92c_rx_cck *cck; 1880 uint8_t rpt; 1881 int8_t rssi; 1882 1883 DPRINTFN(DBG_FN, ("%s: %s: rate=%d\n", device_xname(sc->sc_dev), 1884 __func__, rate)); 1885 1886 if (rate <= 3) { 1887 cck = (struct r92c_rx_cck *)physt; 1888 if (ISSET(sc->sc_flags, URTWN_FLAG_CCK_HIPWR)) { 1889 rpt = (cck->agc_rpt >> 5) & 0x3; 1890 rssi = (cck->agc_rpt & 0x1f) << 1; 1891 } else { 1892 rpt = (cck->agc_rpt >> 6) & 0x3; 1893 rssi = cck->agc_rpt & 0x3e; 1894 } 1895 rssi = cckoff[rpt] - rssi; 1896 } else { /* OFDM/HT. */ 1897 phy = (struct r92c_rx_phystat *)physt; 1898 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 1899 } 1900 return (rssi); 1901 } 1902 1903 static void 1904 urtwn_rx_frame(struct urtwn_softc *sc, uint8_t *buf, int pktlen) 1905 { 1906 struct ieee80211com *ic = &sc->sc_ic; 1907 struct ifnet *ifp = ic->ic_ifp; 1908 struct ieee80211_frame *wh; 1909 struct ieee80211_node *ni; 1910 struct r92c_rx_stat *stat; 1911 uint32_t rxdw0, rxdw3; 1912 struct mbuf *m; 1913 uint8_t rate; 1914 int8_t rssi = 0; 1915 int s, infosz; 1916 1917 DPRINTFN(DBG_FN, ("%s: %s: buf=%p, pktlen=%d\n", 1918 device_xname(sc->sc_dev), __func__, buf, pktlen)); 1919 1920 stat = (struct r92c_rx_stat *)buf; 1921 rxdw0 = le32toh(stat->rxdw0); 1922 rxdw3 = le32toh(stat->rxdw3); 1923 1924 if (__predict_false(rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR))) { 1925 /* 1926 * This should not happen since we setup our Rx filter 1927 * to not receive these frames. 1928 */ 1929 DPRINTFN(DBG_RX, ("%s: %s: CRC error\n", 1930 device_xname(sc->sc_dev), __func__)); 1931 ifp->if_ierrors++; 1932 return; 1933 } 1934 /* 1935 * XXX: This will drop most control packets. Do we really 1936 * want this in IEEE80211_M_MONITOR mode? 1937 */ 1938 if (__predict_false(pktlen < (int)sizeof(*wh))) { 1939 DPRINTFN(DBG_RX, ("%s: %s: packet too short %d\n", 1940 device_xname(sc->sc_dev), __func__, pktlen)); 1941 ic->ic_stats.is_rx_tooshort++; 1942 ifp->if_ierrors++; 1943 return; 1944 } 1945 if (__predict_false(pktlen > MCLBYTES)) { 1946 DPRINTFN(DBG_RX, ("%s: %s: packet too big %d\n", 1947 device_xname(sc->sc_dev), __func__, pktlen)); 1948 ifp->if_ierrors++; 1949 return; 1950 } 1951 1952 rate = MS(rxdw3, R92C_RXDW3_RATE); 1953 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 1954 1955 /* Get RSSI from PHY status descriptor if present. */ 1956 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) { 1957 rssi = urtwn_get_rssi(sc, rate, &stat[1]); 1958 /* Update our average RSSI. */ 1959 urtwn_update_avgrssi(sc, rate, rssi); 1960 } 1961 1962 DPRINTFN(DBG_RX, ("%s: %s: Rx frame len=%d rate=%d infosz=%d rssi=%d\n", 1963 device_xname(sc->sc_dev), __func__, pktlen, rate, infosz, rssi)); 1964 1965 MGETHDR(m, M_DONTWAIT, MT_DATA); 1966 if (__predict_false(m == NULL)) { 1967 aprint_error_dev(sc->sc_dev, "couldn't allocate rx mbuf\n"); 1968 ic->ic_stats.is_rx_nobuf++; 1969 ifp->if_ierrors++; 1970 return; 1971 } 1972 if (pktlen > (int)MHLEN) { 1973 MCLGET(m, M_DONTWAIT); 1974 if (__predict_false(!(m->m_flags & M_EXT))) { 1975 aprint_error_dev(sc->sc_dev, 1976 "couldn't allocate rx mbuf cluster\n"); 1977 m_freem(m); 1978 ic->ic_stats.is_rx_nobuf++; 1979 ifp->if_ierrors++; 1980 return; 1981 } 1982 } 1983 1984 /* Finalize mbuf. */ 1985 m->m_pkthdr.rcvif = ifp; 1986 wh = (struct ieee80211_frame *)((uint8_t *)&stat[1] + infosz); 1987 memcpy(mtod(m, uint8_t *), wh, pktlen); 1988 m->m_pkthdr.len = m->m_len = pktlen; 1989 1990 s = splnet(); 1991 if (__predict_false(sc->sc_drvbpf != NULL)) { 1992 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap; 1993 1994 tap->wr_flags = 0; 1995 if (!(rxdw3 & R92C_RXDW3_HT)) { 1996 switch (rate) { 1997 /* CCK. */ 1998 case 0: tap->wr_rate = 2; break; 1999 case 1: tap->wr_rate = 4; break; 2000 case 2: tap->wr_rate = 11; break; 2001 case 3: tap->wr_rate = 22; break; 2002 /* OFDM. */ 2003 case 4: tap->wr_rate = 12; break; 2004 case 5: tap->wr_rate = 18; break; 2005 case 6: tap->wr_rate = 24; break; 2006 case 7: tap->wr_rate = 36; break; 2007 case 8: tap->wr_rate = 48; break; 2008 case 9: tap->wr_rate = 72; break; 2009 case 10: tap->wr_rate = 96; break; 2010 case 11: tap->wr_rate = 108; break; 2011 } 2012 } else if (rate >= 12) { /* MCS0~15. */ 2013 /* Bit 7 set means HT MCS instead of rate. */ 2014 tap->wr_rate = 0x80 | (rate - 12); 2015 } 2016 tap->wr_dbm_antsignal = rssi; 2017 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2018 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2019 2020 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 2021 } 2022 2023 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 2024 2025 /* push the frame up to the 802.11 stack */ 2026 ieee80211_input(ic, m, ni, rssi, 0); 2027 2028 /* Node is no longer needed. */ 2029 ieee80211_free_node(ni); 2030 2031 splx(s); 2032 } 2033 2034 static void 2035 urtwn_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2036 { 2037 struct urtwn_rx_data *data = priv; 2038 struct urtwn_softc *sc = data->sc; 2039 struct r92c_rx_stat *stat; 2040 uint32_t rxdw0; 2041 uint8_t *buf; 2042 int len, totlen, pktlen, infosz, npkts; 2043 2044 DPRINTFN(DBG_FN|DBG_RX, ("%s: %s: status=%d\n", 2045 device_xname(sc->sc_dev), __func__, status)); 2046 2047 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2048 if (status == USBD_STALLED) 2049 usbd_clear_endpoint_stall_async(sc->rx_pipe); 2050 else if (status != USBD_CANCELLED) 2051 goto resubmit; 2052 return; 2053 } 2054 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 2055 2056 if (__predict_false(len < (int)sizeof(*stat))) { 2057 DPRINTFN(DBG_RX, ("%s: %s: xfer too short %d\n", 2058 device_xname(sc->sc_dev), __func__, len)); 2059 goto resubmit; 2060 } 2061 buf = data->buf; 2062 2063 /* Get the number of encapsulated frames. */ 2064 stat = (struct r92c_rx_stat *)buf; 2065 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT); 2066 DPRINTFN(DBG_RX, ("%s: %s: Rx %d frames in one chunk\n", 2067 device_xname(sc->sc_dev), __func__, npkts)); 2068 2069 /* Process all of them. */ 2070 while (npkts-- > 0) { 2071 if (__predict_false(len < (int)sizeof(*stat))) { 2072 DPRINTFN(DBG_RX, 2073 ("%s: %s: len(%d) is short than header\n", 2074 device_xname(sc->sc_dev), __func__, len)); 2075 break; 2076 } 2077 stat = (struct r92c_rx_stat *)buf; 2078 rxdw0 = le32toh(stat->rxdw0); 2079 2080 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 2081 if (__predict_false(pktlen == 0)) { 2082 DPRINTFN(DBG_RX, ("%s: %s: pktlen is 0 byte\n", 2083 device_xname(sc->sc_dev), __func__)); 2084 break; 2085 } 2086 2087 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 2088 2089 /* Make sure everything fits in xfer. */ 2090 totlen = sizeof(*stat) + infosz + pktlen; 2091 if (__predict_false(totlen > len)) { 2092 DPRINTFN(DBG_RX, ("%s: %s: pktlen %d(%d+%d+%d) > %d\n", 2093 device_xname(sc->sc_dev), __func__, totlen, 2094 (int)sizeof(*stat), infosz, pktlen, len)); 2095 break; 2096 } 2097 2098 /* Process 802.11 frame. */ 2099 urtwn_rx_frame(sc, buf, pktlen); 2100 2101 /* Next chunk is 128-byte aligned. */ 2102 totlen = roundup2(totlen, 128); 2103 buf += totlen; 2104 len -= totlen; 2105 } 2106 2107 resubmit: 2108 /* Setup a new transfer. */ 2109 usbd_setup_xfer(xfer, sc->rx_pipe, data, data->buf, URTWN_RXBUFSZ, 2110 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, urtwn_rxeof); 2111 (void)usbd_transfer(xfer); 2112 } 2113 2114 static void 2115 urtwn_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2116 { 2117 struct urtwn_tx_data *data = priv; 2118 struct urtwn_softc *sc = data->sc; 2119 struct ifnet *ifp = &sc->sc_if; 2120 int s; 2121 2122 DPRINTFN(DBG_FN|DBG_TX, ("%s: %s: status=%d\n", 2123 device_xname(sc->sc_dev), __func__, status)); 2124 2125 mutex_enter(&sc->sc_tx_mtx); 2126 /* Put this Tx buffer back to our free list. */ 2127 TAILQ_INSERT_TAIL(&sc->tx_free_list, data, next); 2128 mutex_exit(&sc->sc_tx_mtx); 2129 2130 s = splnet(); 2131 sc->tx_timer = 0; 2132 ifp->if_flags &= ~IFF_OACTIVE; 2133 ifp->if_opackets++; 2134 2135 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2136 if (status != USBD_NOT_STARTED && status != USBD_CANCELLED) { 2137 if (status == USBD_STALLED) 2138 usbd_clear_endpoint_stall_async(data->pipe); 2139 ifp->if_oerrors++; 2140 } 2141 splx(s); 2142 return; 2143 } 2144 2145 urtwn_start(ifp); 2146 2147 splx(s); 2148 } 2149 2150 static int 2151 urtwn_tx(struct urtwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 2152 struct urtwn_tx_data *data) 2153 { 2154 struct ieee80211com *ic = &sc->sc_ic; 2155 struct ieee80211_frame *wh; 2156 struct ieee80211_key *k = NULL; 2157 struct r92c_tx_desc *txd; 2158 usbd_pipe_handle pipe; 2159 uint16_t seq, sum; 2160 uint8_t raid, type, tid, qid; 2161 int i, s, hasqos, xferlen, padsize, error; 2162 2163 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2164 2165 wh = mtod(m, struct ieee80211_frame *); 2166 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2167 2168 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2169 k = ieee80211_crypto_encap(ic, ni, m); 2170 if (k == NULL) 2171 return ENOBUFS; 2172 2173 /* packet header may have moved, reset our local pointer */ 2174 wh = mtod(m, struct ieee80211_frame *); 2175 } 2176 2177 if (__predict_false(sc->sc_drvbpf != NULL)) { 2178 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 2179 2180 tap->wt_flags = 0; 2181 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 2182 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 2183 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 2184 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2185 2186 /* XXX: set tap->wt_rate? */ 2187 2188 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 2189 } 2190 2191 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) { 2192 /* data frames in 11n mode */ 2193 struct ieee80211_qosframe *qwh = (void *)wh; 2194 tid = qwh->i_qos[0] & IEEE80211_QOS_TID; 2195 qid = TID_TO_WME_AC(tid); 2196 } else if (type != IEEE80211_FC0_TYPE_DATA) { 2197 /* Use AC_VO for management frames. */ 2198 qid = WME_AC_VO; 2199 tid = 0; /* compiler happy */ 2200 } else { 2201 /* non-qos data frames */ 2202 tid = R92C_TXDW1_QSEL_BE; 2203 qid = WME_AC_BE; 2204 } 2205 2206 /* Get the USB pipe to use for this AC. */ 2207 pipe = sc->tx_pipe[sc->ac2idx[qid]]; 2208 2209 if (((sizeof(*txd) + m->m_pkthdr.len) % 64) == 0) /* XXX: 64 */ 2210 padsize = 8; 2211 else 2212 padsize = 0; 2213 2214 /* Fill Tx descriptor. */ 2215 txd = (struct r92c_tx_desc *)data->buf; 2216 memset(txd, 0, sizeof(*txd) + padsize); 2217 2218 txd->txdw0 |= htole32( 2219 SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len) | 2220 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2221 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2222 2223 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 2224 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2225 2226 /* fix pad field */ 2227 if (padsize > 0) { 2228 DPRINTFN(DBG_TX, ("%s: %s: padding: size=%d\n", 2229 device_xname(sc->sc_dev), __func__, padsize)); 2230 txd->txdw1 |= htole32(SM(R92C_TXDW1_PKTOFF, (padsize / 8))); 2231 } 2232 2233 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2234 type == IEEE80211_FC0_TYPE_DATA) { 2235 if (ic->ic_curmode == IEEE80211_MODE_11B) 2236 raid = R92C_RAID_11B; 2237 else 2238 raid = R92C_RAID_11BG; 2239 DPRINTFN(DBG_TX, 2240 ("%s: %s: data packet: tid=%d, raid=%d\n", 2241 device_xname(sc->sc_dev), __func__, tid, raid)); 2242 2243 txd->txdw1 |= htole32( 2244 SM(R92C_TXDW1_MACID, URTWN_MACID_BSS) | 2245 SM(R92C_TXDW1_QSEL, tid) | 2246 SM(R92C_TXDW1_RAID, raid) | 2247 R92C_TXDW1_AGGBK); 2248 2249 if (hasqos) { 2250 txd->txdw4 |= htole32(R92C_TXDW4_QOS); 2251 } 2252 2253 if (ic->ic_flags & IEEE80211_F_USEPROT) { 2254 /* for 11g */ 2255 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) { 2256 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF | 2257 R92C_TXDW4_HWRTSEN); 2258 } else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) { 2259 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN | 2260 R92C_TXDW4_HWRTSEN); 2261 } 2262 } 2263 /* Send RTS at OFDM24. */ 2264 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 8)); 2265 txd->txdw5 |= htole32(0x0001ff00); 2266 /* Send data at OFDM54. */ 2267 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, 11)); 2268 } else if (type == IEEE80211_FC0_TYPE_MGT) { 2269 DPRINTFN(DBG_TX, ("%s: %s: mgmt packet\n", 2270 device_xname(sc->sc_dev), __func__)); 2271 txd->txdw1 |= htole32( 2272 SM(R92C_TXDW1_MACID, URTWN_MACID_BSS) | 2273 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT) | 2274 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 2275 2276 /* Force CCK1. */ 2277 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2278 /* Use 1Mbps */ 2279 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, 0)); 2280 } else { 2281 /* broadcast or multicast packets */ 2282 DPRINTFN(DBG_TX, ("%s: %s: bc or mc packet\n", 2283 device_xname(sc->sc_dev), __func__)); 2284 txd->txdw1 |= htole32( 2285 SM(R92C_TXDW1_MACID, URTWN_MACID_BC) | 2286 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 2287 2288 /* Force CCK1. */ 2289 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2290 /* Use 1Mbps */ 2291 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, 0)); 2292 } 2293 2294 /* Set sequence number */ 2295 seq = LE_READ_2(&wh->i_seq[0]) >> IEEE80211_SEQ_SEQ_SHIFT; 2296 txd->txdseq |= htole16(seq); 2297 2298 if (!hasqos) { 2299 /* Use HW sequence numbering for non-QoS frames. */ 2300 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ); 2301 txd->txdseq |= htole16(0x8000); /* WTF? */ 2302 } 2303 2304 /* Compute Tx descriptor checksum. */ 2305 sum = 0; 2306 for (i = 0; i < (int)sizeof(*txd) / 2; i++) 2307 sum ^= ((uint16_t *)txd)[i]; 2308 txd->txdsum = sum; /* NB: already little endian. */ 2309 2310 xferlen = sizeof(*txd) + m->m_pkthdr.len + padsize; 2311 m_copydata(m, 0, m->m_pkthdr.len, (char *)&txd[1] + padsize); 2312 2313 s = splnet(); 2314 data->pipe = pipe; 2315 usbd_setup_xfer(data->xfer, pipe, data, data->buf, xferlen, 2316 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, URTWN_TX_TIMEOUT, 2317 urtwn_txeof); 2318 error = usbd_transfer(data->xfer); 2319 if (__predict_false(error != USBD_NORMAL_COMPLETION && 2320 error != USBD_IN_PROGRESS)) { 2321 splx(s); 2322 DPRINTFN(DBG_TX, ("%s: %s: transfer failed %d\n", 2323 device_xname(sc->sc_dev), __func__, error)); 2324 return error; 2325 } 2326 splx(s); 2327 return 0; 2328 } 2329 2330 static void 2331 urtwn_start(struct ifnet *ifp) 2332 { 2333 struct urtwn_softc *sc = ifp->if_softc; 2334 struct ieee80211com *ic = &sc->sc_ic; 2335 struct urtwn_tx_data *data; 2336 struct ether_header *eh; 2337 struct ieee80211_node *ni; 2338 struct mbuf *m; 2339 2340 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2341 2342 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2343 return; 2344 2345 data = NULL; 2346 for (;;) { 2347 mutex_enter(&sc->sc_tx_mtx); 2348 if (data == NULL && !TAILQ_EMPTY(&sc->tx_free_list)) { 2349 data = TAILQ_FIRST(&sc->tx_free_list); 2350 TAILQ_REMOVE(&sc->tx_free_list, data, next); 2351 } 2352 mutex_exit(&sc->sc_tx_mtx); 2353 2354 if (data == NULL) { 2355 ifp->if_flags |= IFF_OACTIVE; 2356 DPRINTFN(DBG_TX, ("%s: empty tx_free_list\n", 2357 device_xname(sc->sc_dev))); 2358 return; 2359 } 2360 2361 /* Send pending management frames first. */ 2362 IF_DEQUEUE(&ic->ic_mgtq, m); 2363 if (m != NULL) { 2364 ni = (void *)m->m_pkthdr.rcvif; 2365 m->m_pkthdr.rcvif = NULL; 2366 goto sendit; 2367 } 2368 if (ic->ic_state != IEEE80211_S_RUN) 2369 break; 2370 2371 /* Encapsulate and send data frames. */ 2372 IFQ_DEQUEUE(&ifp->if_snd, m); 2373 if (m == NULL) 2374 break; 2375 2376 if (m->m_len < (int)sizeof(*eh) && 2377 (m = m_pullup(m, sizeof(*eh))) == NULL) { 2378 ifp->if_oerrors++; 2379 continue; 2380 } 2381 eh = mtod(m, struct ether_header *); 2382 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2383 if (ni == NULL) { 2384 m_freem(m); 2385 ifp->if_oerrors++; 2386 continue; 2387 } 2388 2389 bpf_mtap(ifp, m); 2390 2391 if ((m = ieee80211_encap(ic, m, ni)) == NULL) { 2392 ieee80211_free_node(ni); 2393 ifp->if_oerrors++; 2394 continue; 2395 } 2396 sendit: 2397 bpf_mtap3(ic->ic_rawbpf, m); 2398 2399 if (urtwn_tx(sc, m, ni, data) != 0) { 2400 m_freem(m); 2401 ieee80211_free_node(ni); 2402 ifp->if_oerrors++; 2403 continue; 2404 } 2405 data = NULL; 2406 m_freem(m); 2407 ieee80211_free_node(ni); 2408 sc->tx_timer = 5; 2409 ifp->if_timer = 1; 2410 } 2411 2412 /* Return the Tx buffer to the free list */ 2413 mutex_enter(&sc->sc_tx_mtx); 2414 TAILQ_INSERT_TAIL(&sc->tx_free_list, data, next); 2415 mutex_exit(&sc->sc_tx_mtx); 2416 } 2417 2418 static void 2419 urtwn_watchdog(struct ifnet *ifp) 2420 { 2421 struct urtwn_softc *sc = ifp->if_softc; 2422 2423 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2424 2425 ifp->if_timer = 0; 2426 2427 if (sc->tx_timer > 0) { 2428 if (--sc->tx_timer == 0) { 2429 aprint_error_dev(sc->sc_dev, "device timeout\n"); 2430 /* urtwn_init(ifp); XXX needs a process context! */ 2431 ifp->if_oerrors++; 2432 return; 2433 } 2434 ifp->if_timer = 1; 2435 } 2436 ieee80211_watchdog(&sc->sc_ic); 2437 } 2438 2439 static int 2440 urtwn_ioctl(struct ifnet *ifp, u_long cmd, void *data) 2441 { 2442 struct urtwn_softc *sc = ifp->if_softc; 2443 struct ieee80211com *ic = &sc->sc_ic; 2444 int s, error = 0; 2445 2446 DPRINTFN(DBG_FN, ("%s: %s: cmd=0x%08lx, data=%p\n", 2447 device_xname(sc->sc_dev), __func__, cmd, data)); 2448 2449 s = splnet(); 2450 2451 switch (cmd) { 2452 case SIOCSIFFLAGS: 2453 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 2454 break; 2455 switch (ifp->if_flags & (IFF_UP | IFF_RUNNING)) { 2456 case IFF_UP | IFF_RUNNING: 2457 break; 2458 case IFF_UP: 2459 urtwn_init(ifp); 2460 break; 2461 case IFF_RUNNING: 2462 urtwn_stop(ifp, 1); 2463 break; 2464 case 0: 2465 break; 2466 } 2467 break; 2468 2469 case SIOCADDMULTI: 2470 case SIOCDELMULTI: 2471 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 2472 /* setup multicast filter, etc */ 2473 error = 0; 2474 } 2475 break; 2476 2477 default: 2478 error = ieee80211_ioctl(ic, cmd, data); 2479 break; 2480 } 2481 if (error == ENETRESET) { 2482 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2483 (IFF_UP | IFF_RUNNING) && 2484 ic->ic_roaming != IEEE80211_ROAMING_MANUAL) { 2485 urtwn_init(ifp); 2486 } 2487 error = 0; 2488 } 2489 2490 splx(s); 2491 2492 return (error); 2493 } 2494 2495 static int 2496 urtwn_power_on(struct urtwn_softc *sc) 2497 { 2498 uint32_t reg; 2499 int ntries; 2500 2501 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2502 2503 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2504 2505 /* Wait for autoload done bit. */ 2506 for (ntries = 0; ntries < 1000; ntries++) { 2507 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN) 2508 break; 2509 DELAY(5); 2510 } 2511 if (ntries == 1000) { 2512 aprint_error_dev(sc->sc_dev, 2513 "timeout waiting for chip autoload\n"); 2514 return (ETIMEDOUT); 2515 } 2516 2517 /* Unlock ISO/CLK/Power control register. */ 2518 urtwn_write_1(sc, R92C_RSV_CTRL, 0); 2519 /* Move SPS into PWM mode. */ 2520 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b); 2521 DELAY(100); 2522 2523 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL); 2524 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) { 2525 urtwn_write_1(sc, R92C_LDOV12D_CTRL, 2526 reg | R92C_LDOV12D_CTRL_LDV12_EN); 2527 DELAY(100); 2528 urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 2529 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) & 2530 ~R92C_SYS_ISO_CTRL_MD2PP); 2531 } 2532 2533 /* Auto enable WLAN. */ 2534 urtwn_write_2(sc, R92C_APS_FSMCO, 2535 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 2536 for (ntries = 0; ntries < 1000; ntries++) { 2537 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 2538 R92C_APS_FSMCO_APFM_ONMAC)) 2539 break; 2540 DELAY(5); 2541 } 2542 if (ntries == 1000) { 2543 aprint_error_dev(sc->sc_dev, 2544 "timeout waiting for MAC auto ON\n"); 2545 return (ETIMEDOUT); 2546 } 2547 2548 /* Enable radio, GPIO and LED functions. */ 2549 KASSERT((R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_PDN_EN | 2550 R92C_APS_FSMCO_PFM_ALDN) == 0x0812); 2551 urtwn_write_2(sc, R92C_APS_FSMCO, 2552 R92C_APS_FSMCO_AFSM_HSUS | 2553 R92C_APS_FSMCO_PDN_EN | 2554 R92C_APS_FSMCO_PFM_ALDN); 2555 2556 /* Release RF digital isolation. */ 2557 urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 2558 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR); 2559 2560 /* Initialize MAC. */ 2561 urtwn_write_1(sc, R92C_APSD_CTRL, 2562 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF); 2563 for (ntries = 0; ntries < 200; ntries++) { 2564 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) & 2565 R92C_APSD_CTRL_OFF_STATUS)) 2566 break; 2567 DELAY(5); 2568 } 2569 if (ntries == 200) { 2570 aprint_error_dev(sc->sc_dev, 2571 "timeout waiting for MAC initialization\n"); 2572 return (ETIMEDOUT); 2573 } 2574 2575 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 2576 reg = urtwn_read_2(sc, R92C_CR); 2577 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 2578 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 2579 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN | 2580 R92C_CR_ENSEC; 2581 urtwn_write_2(sc, R92C_CR, reg); 2582 2583 urtwn_write_1(sc, 0xfe10, 0x19); 2584 return (0); 2585 } 2586 2587 static int 2588 urtwn_llt_init(struct urtwn_softc *sc) 2589 { 2590 int i, error; 2591 2592 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2593 2594 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2595 2596 /* Reserve pages [0; R92C_TX_PAGE_COUNT]. */ 2597 for (i = 0; i < R92C_TX_PAGE_COUNT; i++) { 2598 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 2599 return (error); 2600 } 2601 /* NB: 0xff indicates end-of-list. */ 2602 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0) 2603 return (error); 2604 /* 2605 * Use pages [R92C_TX_PAGE_COUNT + 1; R92C_TXPKTBUF_COUNT - 1] 2606 * as ring buffer. 2607 */ 2608 for (++i; i < R92C_TXPKTBUF_COUNT - 1; i++) { 2609 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 2610 return (error); 2611 } 2612 /* Make the last page point to the beginning of the ring buffer. */ 2613 error = urtwn_llt_write(sc, i, R92C_TX_PAGE_COUNT + 1); 2614 return (error); 2615 } 2616 2617 static void 2618 urtwn_fw_reset(struct urtwn_softc *sc) 2619 { 2620 uint16_t reg; 2621 int ntries; 2622 2623 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2624 2625 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2626 2627 /* Tell 8051 to reset itself. */ 2628 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20); 2629 2630 /* Wait until 8051 resets by itself. */ 2631 for (ntries = 0; ntries < 100; ntries++) { 2632 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 2633 if (!(reg & R92C_SYS_FUNC_EN_CPUEN)) 2634 return; 2635 DELAY(50); 2636 } 2637 /* Force 8051 reset. */ 2638 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 2639 } 2640 2641 static int 2642 urtwn_fw_loadpage(struct urtwn_softc *sc, int page, uint8_t *buf, int len) 2643 { 2644 uint32_t reg; 2645 int off, mlen, error = 0; 2646 2647 DPRINTFN(DBG_FN, ("%s: %s: page=%d, buf=%p, len=%d\n", 2648 device_xname(sc->sc_dev), __func__, page, buf, len)); 2649 2650 reg = urtwn_read_4(sc, R92C_MCUFWDL); 2651 reg = RW(reg, R92C_MCUFWDL_PAGE, page); 2652 urtwn_write_4(sc, R92C_MCUFWDL, reg); 2653 2654 off = R92C_FW_START_ADDR; 2655 while (len > 0) { 2656 if (len > 196) 2657 mlen = 196; 2658 else if (len > 4) 2659 mlen = 4; 2660 else 2661 mlen = 1; 2662 error = urtwn_write_region(sc, off, buf, mlen); 2663 if (error != 0) 2664 break; 2665 off += mlen; 2666 buf += mlen; 2667 len -= mlen; 2668 } 2669 return (error); 2670 } 2671 2672 static int 2673 urtwn_load_firmware(struct urtwn_softc *sc) 2674 { 2675 firmware_handle_t fwh; 2676 const struct r92c_fw_hdr *hdr; 2677 const char *name; 2678 u_char *fw, *ptr; 2679 size_t len; 2680 uint32_t reg; 2681 int mlen, ntries, page, error; 2682 2683 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2684 2685 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2686 2687 /* Read firmware image from the filesystem. */ 2688 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 2689 URTWN_CHIP_UMC_A_CUT) 2690 name = "rtl8192cfwU.bin"; 2691 else 2692 name = "rtl8192cfw.bin"; 2693 if ((error = firmware_open("if_urtwn", name, &fwh)) != 0) { 2694 aprint_error_dev(sc->sc_dev, 2695 "failed loadfirmware of file %s (error %d)\n", name, error); 2696 return (error); 2697 } 2698 len = firmware_get_size(fwh); 2699 fw = firmware_malloc(len); 2700 if (fw == NULL) { 2701 aprint_error_dev(sc->sc_dev, 2702 "failed to allocate firmware memory\n"); 2703 firmware_close(fwh); 2704 return (ENOMEM); 2705 } 2706 error = firmware_read(fwh, 0, fw, len); 2707 firmware_close(fwh); 2708 if (error != 0) { 2709 aprint_error_dev(sc->sc_dev, 2710 "failed to read firmware (error %d)\n", error); 2711 firmware_free(fw, 0); 2712 return (error); 2713 } 2714 2715 ptr = fw; 2716 hdr = (const struct r92c_fw_hdr *)ptr; 2717 /* Check if there is a valid FW header and skip it. */ 2718 if ((le16toh(hdr->signature) >> 4) == 0x88c || 2719 (le16toh(hdr->signature) >> 4) == 0x92c) { 2720 DPRINTFN(DBG_INIT, ("%s: %s: FW V%d.%d %02d-%02d %02d:%02d\n", 2721 device_xname(sc->sc_dev), __func__, 2722 le16toh(hdr->version), le16toh(hdr->subversion), 2723 hdr->month, hdr->date, hdr->hour, hdr->minute)); 2724 ptr += sizeof(*hdr); 2725 len -= sizeof(*hdr); 2726 } 2727 2728 if (urtwn_read_1(sc, R92C_MCUFWDL) & 0x80) { 2729 urtwn_fw_reset(sc); 2730 urtwn_write_1(sc, R92C_MCUFWDL, 0); 2731 } 2732 2733 /* download enabled */ 2734 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 2735 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 2736 R92C_SYS_FUNC_EN_CPUEN); 2737 urtwn_write_1(sc, R92C_MCUFWDL, 2738 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN); 2739 urtwn_write_1(sc, R92C_MCUFWDL + 2, 2740 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08); 2741 2742 /* download firmware */ 2743 for (page = 0; len > 0; page++) { 2744 mlen = MIN(len, R92C_FW_PAGE_SIZE); 2745 error = urtwn_fw_loadpage(sc, page, ptr, mlen); 2746 if (error != 0) { 2747 aprint_error_dev(sc->sc_dev, 2748 "could not load firmware page %d\n", page); 2749 goto fail; 2750 } 2751 ptr += mlen; 2752 len -= mlen; 2753 } 2754 2755 /* download disable */ 2756 urtwn_write_1(sc, R92C_MCUFWDL, 2757 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN); 2758 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0); 2759 2760 /* Wait for checksum report. */ 2761 for (ntries = 0; ntries < 1000; ntries++) { 2762 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT) 2763 break; 2764 DELAY(5); 2765 } 2766 if (ntries == 1000) { 2767 aprint_error_dev(sc->sc_dev, 2768 "timeout waiting for checksum report\n"); 2769 error = ETIMEDOUT; 2770 goto fail; 2771 } 2772 2773 /* Wait for firmware readiness. */ 2774 reg = urtwn_read_4(sc, R92C_MCUFWDL); 2775 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY; 2776 urtwn_write_4(sc, R92C_MCUFWDL, reg); 2777 for (ntries = 0; ntries < 1000; ntries++) { 2778 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY) 2779 break; 2780 DELAY(5); 2781 } 2782 if (ntries == 1000) { 2783 aprint_error_dev(sc->sc_dev, 2784 "timeout waiting for firmware readiness\n"); 2785 error = ETIMEDOUT; 2786 goto fail; 2787 } 2788 fail: 2789 firmware_free(fw, 0); 2790 return (error); 2791 } 2792 2793 static int 2794 urtwn_dma_init(struct urtwn_softc *sc) 2795 { 2796 int hashq, hasnq, haslq, nqueues, nqpages, nrempages; 2797 uint32_t reg; 2798 int error; 2799 2800 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2801 2802 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2803 2804 /* Initialize LLT table. */ 2805 error = urtwn_llt_init(sc); 2806 if (error != 0) 2807 return (error); 2808 2809 /* Get Tx queues to USB endpoints mapping. */ 2810 hashq = hasnq = haslq = 0; 2811 reg = urtwn_read_2(sc, R92C_USB_EP + 1); 2812 DPRINTFN(DBG_INIT, ("%s: %s: USB endpoints mapping 0x%x\n", 2813 device_xname(sc->sc_dev), __func__, reg)); 2814 if (MS(reg, R92C_USB_EP_HQ) != 0) 2815 hashq = 1; 2816 if (MS(reg, R92C_USB_EP_NQ) != 0) 2817 hasnq = 1; 2818 if (MS(reg, R92C_USB_EP_LQ) != 0) 2819 haslq = 1; 2820 nqueues = hashq + hasnq + haslq; 2821 if (nqueues == 0) 2822 return (EIO); 2823 /* Get the number of pages for each queue. */ 2824 nqpages = (R92C_TX_PAGE_COUNT - R92C_PUBQ_NPAGES) / nqueues; 2825 /* The remaining pages are assigned to the high priority queue. */ 2826 nrempages = (R92C_TX_PAGE_COUNT - R92C_PUBQ_NPAGES) % nqueues; 2827 2828 /* Set number of pages for normal priority queue. */ 2829 urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0); 2830 urtwn_write_4(sc, R92C_RQPN, 2831 /* Set number of pages for public queue. */ 2832 SM(R92C_RQPN_PUBQ, R92C_PUBQ_NPAGES) | 2833 /* Set number of pages for high priority queue. */ 2834 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) | 2835 /* Set number of pages for low priority queue. */ 2836 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) | 2837 /* Load values. */ 2838 R92C_RQPN_LD); 2839 2840 urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, R92C_TX_PAGE_BOUNDARY); 2841 urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, R92C_TX_PAGE_BOUNDARY); 2842 urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, R92C_TX_PAGE_BOUNDARY); 2843 urtwn_write_1(sc, R92C_TRXFF_BNDY, R92C_TX_PAGE_BOUNDARY); 2844 urtwn_write_1(sc, R92C_TDECTRL + 1, R92C_TX_PAGE_BOUNDARY); 2845 2846 /* Set queue to USB pipe mapping. */ 2847 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL); 2848 reg &= ~R92C_TRXDMA_CTRL_QMAP_M; 2849 if (nqueues == 1) { 2850 if (hashq) { 2851 reg |= R92C_TRXDMA_CTRL_QMAP_HQ; 2852 } else if (hasnq) { 2853 reg |= R92C_TRXDMA_CTRL_QMAP_NQ; 2854 } else { 2855 reg |= R92C_TRXDMA_CTRL_QMAP_LQ; 2856 } 2857 } else if (nqueues == 2) { 2858 /* All 2-endpoints configs have a high priority queue. */ 2859 if (!hashq) { 2860 return (EIO); 2861 } 2862 if (hasnq) { 2863 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ; 2864 } else { 2865 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_LQ; 2866 } 2867 } else { 2868 reg |= R92C_TRXDMA_CTRL_QMAP_3EP; 2869 } 2870 urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg); 2871 2872 /* Set Tx/Rx transfer page boundary. */ 2873 urtwn_write_2(sc, R92C_TRXFF_BNDY + 2, 0x27ff); 2874 2875 /* Set Tx/Rx transfer page size. */ 2876 urtwn_write_1(sc, R92C_PBP, 2877 SM(R92C_PBP_PSRX, R92C_PBP_128) | SM(R92C_PBP_PSTX, R92C_PBP_128)); 2878 return (0); 2879 } 2880 2881 static void 2882 urtwn_mac_init(struct urtwn_softc *sc) 2883 { 2884 int i; 2885 2886 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2887 2888 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2889 2890 /* Write MAC initialization values. */ 2891 for (i = 0; i < (int)__arraycount(rtl8192cu_mac); i++) 2892 urtwn_write_1(sc, rtl8192cu_mac[i].reg, rtl8192cu_mac[i].val); 2893 } 2894 2895 static void 2896 urtwn_bb_init(struct urtwn_softc *sc) 2897 { 2898 const struct urtwn_bb_prog *prog; 2899 uint32_t reg; 2900 int i; 2901 2902 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2903 2904 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2905 2906 /* Enable BB and RF. */ 2907 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 2908 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 2909 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST | 2910 R92C_SYS_FUNC_EN_DIO_RF); 2911 2912 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x83); 2913 urtwn_write_1(sc, R92C_AFE_PLL_CTRL + 1, 0xdb); 2914 2915 urtwn_write_1(sc, R92C_RF_CTRL, 2916 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB); 2917 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 2918 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD | 2919 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB); 2920 2921 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f); 2922 urtwn_write_1(sc, 0x15, 0xe9); 2923 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80); 2924 2925 /* Select BB programming based on board type. */ 2926 if (!(sc->chip & URTWN_CHIP_92C)) { 2927 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) { 2928 prog = &rtl8188ce_bb_prog; 2929 } else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) { 2930 prog = &rtl8188ru_bb_prog; 2931 } else { 2932 prog = &rtl8188cu_bb_prog; 2933 } 2934 } else { 2935 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) { 2936 prog = &rtl8192ce_bb_prog; 2937 } else { 2938 prog = &rtl8192cu_bb_prog; 2939 } 2940 } 2941 /* Write BB initialization values. */ 2942 for (i = 0; i < prog->count; i++) { 2943 /* additional delay depend on registers */ 2944 switch (prog->regs[i]) { 2945 case 0xfe: 2946 usbd_delay_ms(sc->sc_udev, 50); 2947 break; 2948 case 0xfd: 2949 usbd_delay_ms(sc->sc_udev, 5); 2950 break; 2951 case 0xfc: 2952 usbd_delay_ms(sc->sc_udev, 1); 2953 break; 2954 case 0xfb: 2955 DELAY(50); 2956 break; 2957 case 0xfa: 2958 DELAY(5); 2959 break; 2960 case 0xf9: 2961 DELAY(1); 2962 break; 2963 } 2964 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]); 2965 DELAY(1); 2966 } 2967 2968 if (sc->chip & URTWN_CHIP_92C_1T2R) { 2969 /* 8192C 1T only configuration. */ 2970 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO); 2971 reg = (reg & ~0x00000003) | 0x2; 2972 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg); 2973 2974 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO); 2975 reg = (reg & ~0x00300033) | 0x00200022; 2976 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg); 2977 2978 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING); 2979 reg = (reg & ~0xff000000) | (0x45 << 24); 2980 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg); 2981 2982 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA); 2983 reg = (reg & ~0x000000ff) | 0x23; 2984 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg); 2985 2986 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1); 2987 reg = (reg & ~0x00000030) | (1 << 4); 2988 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg); 2989 2990 reg = urtwn_bb_read(sc, 0xe74); 2991 reg = (reg & ~0x0c000000) | (2 << 26); 2992 urtwn_bb_write(sc, 0xe74, reg); 2993 reg = urtwn_bb_read(sc, 0xe78); 2994 reg = (reg & ~0x0c000000) | (2 << 26); 2995 urtwn_bb_write(sc, 0xe78, reg); 2996 reg = urtwn_bb_read(sc, 0xe7c); 2997 reg = (reg & ~0x0c000000) | (2 << 26); 2998 urtwn_bb_write(sc, 0xe7c, reg); 2999 reg = urtwn_bb_read(sc, 0xe80); 3000 reg = (reg & ~0x0c000000) | (2 << 26); 3001 urtwn_bb_write(sc, 0xe80, reg); 3002 reg = urtwn_bb_read(sc, 0xe88); 3003 reg = (reg & ~0x0c000000) | (2 << 26); 3004 urtwn_bb_write(sc, 0xe88, reg); 3005 } 3006 3007 /* Write AGC values. */ 3008 for (i = 0; i < prog->agccount; i++) { 3009 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE, prog->agcvals[i]); 3010 DELAY(1); 3011 } 3012 3013 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) & 3014 R92C_HSSI_PARAM2_CCK_HIPWR) { 3015 SET(sc->sc_flags, URTWN_FLAG_CCK_HIPWR); 3016 } 3017 } 3018 3019 static void 3020 urtwn_rf_init(struct urtwn_softc *sc) 3021 { 3022 const struct urtwn_rf_prog *prog; 3023 uint32_t reg, mask, saved; 3024 int i, j, idx; 3025 3026 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3027 3028 /* Select RF programming based on board type. */ 3029 if (!(sc->chip & URTWN_CHIP_92C)) { 3030 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) { 3031 prog = rtl8188ce_rf_prog; 3032 } else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) { 3033 prog = rtl8188ru_rf_prog; 3034 } else { 3035 prog = rtl8188cu_rf_prog; 3036 } 3037 } else { 3038 prog = rtl8192ce_rf_prog; 3039 } 3040 3041 for (i = 0; i < sc->nrxchains; i++) { 3042 /* Save RF_ENV control type. */ 3043 idx = i / 2; 3044 mask = 0xffffU << ((i % 2) * 16); 3045 saved = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)) & mask; 3046 3047 /* Set RF_ENV enable. */ 3048 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3049 reg |= 0x100000; 3050 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3051 DELAY(1); 3052 3053 /* Set RF_ENV output high. */ 3054 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3055 reg |= 0x10; 3056 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3057 DELAY(1); 3058 3059 /* Set address and data lengths of RF registers. */ 3060 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3061 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH; 3062 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3063 DELAY(1); 3064 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3065 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH; 3066 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3067 DELAY(1); 3068 3069 /* Write RF initialization values for this chain. */ 3070 for (j = 0; j < prog[i].count; j++) { 3071 if (prog[i].regs[j] >= 0xf9 && 3072 prog[i].regs[j] <= 0xfe) { 3073 /* 3074 * These are fake RF registers offsets that 3075 * indicate a delay is required. 3076 */ 3077 usbd_delay_ms(sc->sc_udev, 50); 3078 continue; 3079 } 3080 urtwn_rf_write(sc, i, prog[i].regs[j], prog[i].vals[j]); 3081 DELAY(1); 3082 } 3083 3084 /* Restore RF_ENV control type. */ 3085 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)) & ~mask; 3086 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg | saved); 3087 } 3088 3089 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3090 URTWN_CHIP_UMC_A_CUT) { 3091 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255); 3092 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00); 3093 } 3094 3095 /* Cache RF register CHNLBW. */ 3096 for (i = 0; i < 2; i++) { 3097 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW); 3098 } 3099 } 3100 3101 static void 3102 urtwn_cam_init(struct urtwn_softc *sc) 3103 { 3104 uint32_t content, command; 3105 uint8_t idx; 3106 int i; 3107 3108 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3109 3110 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3111 3112 for (idx = 0; idx < R92C_CAM_ENTRY_COUNT; idx++) { 3113 content = (idx & 3) 3114 | (R92C_CAM_ALGO_AES << R92C_CAM_ALGO_S) 3115 | R92C_CAM_VALID; 3116 3117 command = R92C_CAMCMD_POLLING 3118 | R92C_CAMCMD_WRITE 3119 | R92C_CAM_CTL0(idx); 3120 3121 urtwn_write_4(sc, R92C_CAMWRITE, content); 3122 urtwn_write_4(sc, R92C_CAMCMD, command); 3123 } 3124 3125 for (idx = 0; idx < R92C_CAM_ENTRY_COUNT; idx++) { 3126 for (i = 0; i < /* CAM_CONTENT_COUNT */ 8; i++) { 3127 if (i == 0) { 3128 content = (idx & 3) 3129 | (R92C_CAM_ALGO_AES << R92C_CAM_ALGO_S) 3130 | R92C_CAM_VALID; 3131 } else { 3132 content = 0; 3133 } 3134 3135 command = R92C_CAMCMD_POLLING 3136 | R92C_CAMCMD_WRITE 3137 | R92C_CAM_CTL0(idx) 3138 | (u_int)i; 3139 3140 urtwn_write_4(sc, R92C_CAMWRITE, content); 3141 urtwn_write_4(sc, R92C_CAMCMD, command); 3142 } 3143 } 3144 3145 /* Invalidate all CAM entries. */ 3146 urtwn_write_4(sc, R92C_CAMCMD, R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR); 3147 } 3148 3149 static void 3150 urtwn_pa_bias_init(struct urtwn_softc *sc) 3151 { 3152 uint8_t reg; 3153 int i; 3154 3155 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3156 3157 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3158 3159 for (i = 0; i < sc->nrxchains; i++) { 3160 if (sc->pa_setting & (1U << i)) 3161 continue; 3162 3163 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406); 3164 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406); 3165 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406); 3166 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406); 3167 } 3168 if (!(sc->pa_setting & 0x10)) { 3169 reg = urtwn_read_1(sc, 0x16); 3170 reg = (reg & ~0xf0) | 0x90; 3171 urtwn_write_1(sc, 0x16, reg); 3172 } 3173 } 3174 3175 static void 3176 urtwn_rxfilter_init(struct urtwn_softc *sc) 3177 { 3178 3179 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3180 3181 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3182 3183 /* Initialize Rx filter. */ 3184 /* TODO: use better filter for monitor mode. */ 3185 urtwn_write_4(sc, R92C_RCR, 3186 R92C_RCR_AAP | R92C_RCR_APM | R92C_RCR_AM | R92C_RCR_AB | 3187 R92C_RCR_APP_ICV | R92C_RCR_AMF | R92C_RCR_HTC_LOC_CTRL | 3188 R92C_RCR_APP_MIC | R92C_RCR_APP_PHYSTS); 3189 /* Accept all multicast frames. */ 3190 urtwn_write_4(sc, R92C_MAR + 0, 0xffffffff); 3191 urtwn_write_4(sc, R92C_MAR + 4, 0xffffffff); 3192 /* Accept all management frames. */ 3193 urtwn_write_2(sc, R92C_RXFLTMAP0, 0xffff); 3194 /* Reject all control frames. */ 3195 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000); 3196 /* Accept all data frames. */ 3197 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 3198 } 3199 3200 static void 3201 urtwn_edca_init(struct urtwn_softc *sc) 3202 { 3203 3204 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3205 3206 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3207 3208 /* set spec SIFS (used in NAV) */ 3209 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a); 3210 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a); 3211 3212 /* set SIFS CCK/OFDM */ 3213 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a); 3214 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a); 3215 3216 /* TXOP */ 3217 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b); 3218 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f); 3219 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324); 3220 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226); 3221 } 3222 3223 static void 3224 urtwn_write_txpower(struct urtwn_softc *sc, int chain, 3225 uint16_t power[URTWN_RIDX_COUNT]) 3226 { 3227 uint32_t reg; 3228 3229 DPRINTFN(DBG_FN, ("%s: %s: chain=%d\n", device_xname(sc->sc_dev), 3230 __func__, chain)); 3231 3232 /* Write per-CCK rate Tx power. */ 3233 if (chain == 0) { 3234 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32); 3235 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]); 3236 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg); 3237 3238 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3239 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]); 3240 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]); 3241 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]); 3242 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3243 } else { 3244 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32); 3245 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]); 3246 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]); 3247 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]); 3248 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg); 3249 3250 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3251 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]); 3252 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3253 } 3254 /* Write per-OFDM rate Tx power. */ 3255 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain), 3256 SM(R92C_TXAGC_RATE06, power[ 4]) | 3257 SM(R92C_TXAGC_RATE09, power[ 5]) | 3258 SM(R92C_TXAGC_RATE12, power[ 6]) | 3259 SM(R92C_TXAGC_RATE18, power[ 7])); 3260 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain), 3261 SM(R92C_TXAGC_RATE24, power[ 8]) | 3262 SM(R92C_TXAGC_RATE36, power[ 9]) | 3263 SM(R92C_TXAGC_RATE48, power[10]) | 3264 SM(R92C_TXAGC_RATE54, power[11])); 3265 /* Write per-MCS Tx power. */ 3266 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain), 3267 SM(R92C_TXAGC_MCS00, power[12]) | 3268 SM(R92C_TXAGC_MCS01, power[13]) | 3269 SM(R92C_TXAGC_MCS02, power[14]) | 3270 SM(R92C_TXAGC_MCS03, power[15])); 3271 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain), 3272 SM(R92C_TXAGC_MCS04, power[16]) | 3273 SM(R92C_TXAGC_MCS05, power[17]) | 3274 SM(R92C_TXAGC_MCS06, power[18]) | 3275 SM(R92C_TXAGC_MCS07, power[19])); 3276 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain), 3277 SM(R92C_TXAGC_MCS08, power[20]) | 3278 SM(R92C_TXAGC_MCS09, power[21]) | 3279 SM(R92C_TXAGC_MCS10, power[22]) | 3280 SM(R92C_TXAGC_MCS11, power[23])); 3281 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain), 3282 SM(R92C_TXAGC_MCS12, power[24]) | 3283 SM(R92C_TXAGC_MCS13, power[25]) | 3284 SM(R92C_TXAGC_MCS14, power[26]) | 3285 SM(R92C_TXAGC_MCS15, power[27])); 3286 } 3287 3288 static void 3289 urtwn_get_txpower(struct urtwn_softc *sc, int chain, u_int chan, u_int ht40m, 3290 uint16_t power[URTWN_RIDX_COUNT]) 3291 { 3292 struct r92c_rom *rom = &sc->rom; 3293 uint16_t cckpow, ofdmpow, htpow, diff, maxpow; 3294 const struct urtwn_txpwr *base; 3295 int ridx, group; 3296 3297 DPRINTFN(DBG_FN, ("%s: %s: chain=%d, chan=%d\n", 3298 device_xname(sc->sc_dev), __func__, chain, chan)); 3299 3300 /* Determine channel group. */ 3301 if (chan <= 3) { 3302 group = 0; 3303 } else if (chan <= 9) { 3304 group = 1; 3305 } else { 3306 group = 2; 3307 } 3308 3309 /* Get original Tx power based on board type and RF chain. */ 3310 if (!(sc->chip & URTWN_CHIP_92C)) { 3311 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) { 3312 base = &rtl8188ru_txagc[chain]; 3313 } else { 3314 base = &rtl8192cu_txagc[chain]; 3315 } 3316 } else { 3317 base = &rtl8192cu_txagc[chain]; 3318 } 3319 3320 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 3321 if (sc->regulatory == 0) { 3322 for (ridx = 0; ridx <= 3; ridx++) { 3323 power[ridx] = base->pwr[0][ridx]; 3324 } 3325 } 3326 for (ridx = 4; ridx < URTWN_RIDX_COUNT; ridx++) { 3327 if (sc->regulatory == 3) { 3328 power[ridx] = base->pwr[0][ridx]; 3329 /* Apply vendor limits. */ 3330 if (ht40m != IEEE80211_HTINFO_2NDCHAN_NONE) { 3331 maxpow = rom->ht40_max_pwr[group]; 3332 } else { 3333 maxpow = rom->ht20_max_pwr[group]; 3334 } 3335 maxpow = (maxpow >> (chain * 4)) & 0xf; 3336 if (power[ridx] > maxpow) { 3337 power[ridx] = maxpow; 3338 } 3339 } else if (sc->regulatory == 1) { 3340 if (ht40m == IEEE80211_HTINFO_2NDCHAN_NONE) { 3341 power[ridx] = base->pwr[group][ridx]; 3342 } 3343 } else if (sc->regulatory != 2) { 3344 power[ridx] = base->pwr[0][ridx]; 3345 } 3346 } 3347 3348 /* Compute per-CCK rate Tx power. */ 3349 cckpow = rom->cck_tx_pwr[chain][group]; 3350 for (ridx = 0; ridx <= 3; ridx++) { 3351 power[ridx] += cckpow; 3352 if (power[ridx] > R92C_MAX_TX_PWR) { 3353 power[ridx] = R92C_MAX_TX_PWR; 3354 } 3355 } 3356 3357 htpow = rom->ht40_1s_tx_pwr[chain][group]; 3358 if (sc->ntxchains > 1) { 3359 /* Apply reduction for 2 spatial streams. */ 3360 diff = rom->ht40_2s_tx_pwr_diff[group]; 3361 diff = (diff >> (chain * 4)) & 0xf; 3362 htpow = (htpow > diff) ? htpow - diff : 0; 3363 } 3364 3365 /* Compute per-OFDM rate Tx power. */ 3366 diff = rom->ofdm_tx_pwr_diff[group]; 3367 diff = (diff >> (chain * 4)) & 0xf; 3368 ofdmpow = htpow + diff; /* HT->OFDM correction. */ 3369 for (ridx = 4; ridx <= 11; ridx++) { 3370 power[ridx] += ofdmpow; 3371 if (power[ridx] > R92C_MAX_TX_PWR) { 3372 power[ridx] = R92C_MAX_TX_PWR; 3373 } 3374 } 3375 3376 /* Compute per-MCS Tx power. */ 3377 if (ht40m == IEEE80211_HTINFO_2NDCHAN_NONE) { 3378 diff = rom->ht20_tx_pwr_diff[group]; 3379 diff = (diff >> (chain * 4)) & 0xf; 3380 htpow += diff; /* HT40->HT20 correction. */ 3381 } 3382 for (ridx = 12; ridx < URTWN_RIDX_COUNT; ridx++) { 3383 power[ridx] += htpow; 3384 if (power[ridx] > R92C_MAX_TX_PWR) { 3385 power[ridx] = R92C_MAX_TX_PWR; 3386 } 3387 } 3388 #ifdef URTWN_DEBUG 3389 if (urtwn_debug & DBG_RF) { 3390 /* Dump per-rate Tx power values. */ 3391 printf("%s: %s: Tx power for chain %d:\n", 3392 device_xname(sc->sc_dev), __func__, chain); 3393 for (ridx = 0; ridx < URTWN_RIDX_COUNT; ridx++) { 3394 printf("%s: %s: Rate %d = %u\n", 3395 device_xname(sc->sc_dev), __func__, ridx, 3396 power[ridx]); 3397 } 3398 } 3399 #endif 3400 } 3401 3402 static void 3403 urtwn_set_txpower(struct urtwn_softc *sc, u_int chan, u_int ht40m) 3404 { 3405 uint16_t power[URTWN_RIDX_COUNT]; 3406 int i; 3407 3408 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3409 3410 for (i = 0; i < sc->ntxchains; i++) { 3411 /* Compute per-rate Tx power values. */ 3412 urtwn_get_txpower(sc, i, chan, ht40m, power); 3413 /* Write per-rate Tx power values to hardware. */ 3414 urtwn_write_txpower(sc, i, power); 3415 } 3416 } 3417 3418 static void 3419 urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c, u_int ht40m) 3420 { 3421 struct ieee80211com *ic = &sc->sc_ic; 3422 u_int chan; 3423 int i; 3424 3425 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 3426 3427 DPRINTFN(DBG_FN, ("%s: %s: chan=%d\n", device_xname(sc->sc_dev), 3428 __func__, chan)); 3429 3430 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3431 3432 if (ht40m == IEEE80211_HTINFO_2NDCHAN_ABOVE) { 3433 chan += 2; 3434 } else if (ht40m == IEEE80211_HTINFO_2NDCHAN_BELOW){ 3435 chan -= 2; 3436 } 3437 3438 /* Set Tx power for this new channel. */ 3439 urtwn_set_txpower(sc, chan, ht40m); 3440 3441 for (i = 0; i < sc->nrxchains; i++) { 3442 urtwn_rf_write(sc, i, R92C_RF_CHNLBW, 3443 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan)); 3444 } 3445 3446 if (ht40m) { 3447 /* Is secondary channel below or above primary? */ 3448 int prichlo = (ht40m == IEEE80211_HTINFO_2NDCHAN_ABOVE); 3449 uint32_t reg; 3450 3451 urtwn_write_1(sc, R92C_BWOPMODE, 3452 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ); 3453 3454 reg = urtwn_read_1(sc, R92C_RRSR + 2); 3455 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5; 3456 urtwn_write_1(sc, R92C_RRSR + 2, (uint8_t)reg); 3457 3458 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 3459 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ); 3460 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 3461 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ); 3462 3463 /* Set CCK side band. */ 3464 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM); 3465 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4; 3466 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg); 3467 3468 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF); 3469 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10; 3470 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg); 3471 3472 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 3473 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) & 3474 ~R92C_FPGA0_ANAPARAM2_CBW20); 3475 3476 reg = urtwn_bb_read(sc, 0x818); 3477 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26; 3478 urtwn_bb_write(sc, 0x818, reg); 3479 3480 /* Select 40MHz bandwidth. */ 3481 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 3482 (sc->rf_chnlbw[0] & ~0xfff) | chan); 3483 } else { 3484 urtwn_write_1(sc, R92C_BWOPMODE, 3485 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ); 3486 3487 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 3488 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ); 3489 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 3490 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ); 3491 3492 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 3493 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) | 3494 R92C_FPGA0_ANAPARAM2_CBW20); 3495 3496 /* Select 20MHz bandwidth. */ 3497 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 3498 (sc->rf_chnlbw[0] & ~0xfff) | R92C_RF_CHNLBW_BW20 | chan); 3499 } 3500 } 3501 3502 static void 3503 urtwn_iq_calib(struct urtwn_softc *sc, bool inited) 3504 { 3505 3506 DPRINTFN(DBG_FN, ("%s: %s: inited=%d\n", device_xname(sc->sc_dev), 3507 __func__, inited)); 3508 3509 /* TODO */ 3510 } 3511 3512 static void 3513 urtwn_lc_calib(struct urtwn_softc *sc) 3514 { 3515 uint32_t rf_ac[2]; 3516 uint8_t txmode; 3517 int i; 3518 3519 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3520 3521 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3522 3523 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3); 3524 if ((txmode & 0x70) != 0) { 3525 /* Disable all continuous Tx. */ 3526 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70); 3527 3528 /* Set RF mode to standby mode. */ 3529 for (i = 0; i < sc->nrxchains; i++) { 3530 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC); 3531 urtwn_rf_write(sc, i, R92C_RF_AC, 3532 RW(rf_ac[i], R92C_RF_AC_MODE, 3533 R92C_RF_AC_MODE_STANDBY)); 3534 } 3535 } else { 3536 /* Block all Tx queues. */ 3537 urtwn_write_1(sc, R92C_TXPAUSE, 0xff); 3538 } 3539 /* Start calibration. */ 3540 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 3541 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART); 3542 3543 /* Give calibration the time to complete. */ 3544 usbd_delay_ms(sc->sc_udev, 100); 3545 3546 /* Restore configuration. */ 3547 if ((txmode & 0x70) != 0) { 3548 /* Restore Tx mode. */ 3549 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode); 3550 /* Restore RF mode. */ 3551 for (i = 0; i < sc->nrxchains; i++) { 3552 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]); 3553 } 3554 } else { 3555 /* Unblock all Tx queues. */ 3556 urtwn_write_1(sc, R92C_TXPAUSE, 0x00); 3557 } 3558 } 3559 3560 static void 3561 urtwn_temp_calib(struct urtwn_softc *sc) 3562 { 3563 int temp; 3564 3565 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3566 3567 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3568 3569 if (sc->thcal_state == 0) { 3570 /* Start measuring temperature. */ 3571 DPRINTFN(DBG_RF, ("%s: %s: start measuring temperature\n", 3572 device_xname(sc->sc_dev), __func__)); 3573 urtwn_rf_write(sc, 0, R92C_RF_T_METER, 0x60); 3574 sc->thcal_state = 1; 3575 return; 3576 } 3577 sc->thcal_state = 0; 3578 3579 /* Read measured temperature. */ 3580 temp = urtwn_rf_read(sc, 0, R92C_RF_T_METER) & 0x1f; 3581 DPRINTFN(DBG_RF, ("%s: %s: temperature=%d\n", device_xname(sc->sc_dev), 3582 __func__, temp)); 3583 if (temp == 0) /* Read failed, skip. */ 3584 return; 3585 3586 /* 3587 * Redo LC calibration if temperature changed significantly since 3588 * last calibration. 3589 */ 3590 if (sc->thcal_lctemp == 0) { 3591 /* First LC calibration is performed in urtwn_init(). */ 3592 sc->thcal_lctemp = temp; 3593 } else if (abs(temp - sc->thcal_lctemp) > 1) { 3594 DPRINTFN(DBG_RF, 3595 ("%s: %s: LC calib triggered by temp: %d -> %d\n", 3596 device_xname(sc->sc_dev), __func__, sc->thcal_lctemp, 3597 temp)); 3598 urtwn_lc_calib(sc); 3599 /* Record temperature of last LC calibration. */ 3600 sc->thcal_lctemp = temp; 3601 } 3602 } 3603 3604 static int 3605 urtwn_init(struct ifnet *ifp) 3606 { 3607 struct urtwn_softc *sc = ifp->if_softc; 3608 struct ieee80211com *ic = &sc->sc_ic; 3609 struct urtwn_rx_data *data; 3610 uint32_t reg; 3611 int i, error; 3612 3613 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3614 3615 urtwn_stop(ifp, 0); 3616 3617 mutex_enter(&sc->sc_write_mtx); 3618 3619 mutex_enter(&sc->sc_task_mtx); 3620 /* Init host async commands ring. */ 3621 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 3622 mutex_exit(&sc->sc_task_mtx); 3623 3624 mutex_enter(&sc->sc_fwcmd_mtx); 3625 /* Init firmware commands ring. */ 3626 sc->fwcur = 0; 3627 mutex_exit(&sc->sc_fwcmd_mtx); 3628 3629 /* Allocate Tx/Rx buffers. */ 3630 error = urtwn_alloc_rx_list(sc); 3631 if (error != 0) { 3632 aprint_error_dev(sc->sc_dev, 3633 "could not allocate Rx buffers\n"); 3634 goto fail; 3635 } 3636 error = urtwn_alloc_tx_list(sc); 3637 if (error != 0) { 3638 aprint_error_dev(sc->sc_dev, 3639 "could not allocate Tx buffers\n"); 3640 goto fail; 3641 } 3642 3643 /* Power on adapter. */ 3644 error = urtwn_power_on(sc); 3645 if (error != 0) 3646 goto fail; 3647 3648 /* Initialize DMA. */ 3649 error = urtwn_dma_init(sc); 3650 if (error != 0) 3651 goto fail; 3652 3653 /* Set info size in Rx descriptors (in 64-bit words). */ 3654 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4); 3655 3656 /* Init interrupts. */ 3657 urtwn_write_4(sc, R92C_HISR, 0xffffffff); 3658 urtwn_write_4(sc, R92C_HIMR, 0xffffffff); 3659 3660 /* Set MAC address. */ 3661 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 3662 urtwn_write_region(sc, R92C_MACID, ic->ic_myaddr, IEEE80211_ADDR_LEN); 3663 3664 /* Set initial network type. */ 3665 reg = urtwn_read_4(sc, R92C_CR); 3666 switch (ic->ic_opmode) { 3667 case IEEE80211_M_STA: 3668 default: 3669 reg = RW(reg, R92C_CR_NETTYPE, R92C_CR_NETTYPE_INFRA); 3670 break; 3671 3672 case IEEE80211_M_IBSS: 3673 reg = RW(reg, R92C_CR_NETTYPE, R92C_CR_NETTYPE_ADHOC); 3674 break; 3675 } 3676 urtwn_write_4(sc, R92C_CR, reg); 3677 3678 /* Set response rate */ 3679 reg = urtwn_read_4(sc, R92C_RRSR); 3680 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M); 3681 urtwn_write_4(sc, R92C_RRSR, reg); 3682 3683 /* SIFS (used in NAV) */ 3684 urtwn_write_2(sc, R92C_SPEC_SIFS, 3685 SM(R92C_SPEC_SIFS_CCK, 0x10) | SM(R92C_SPEC_SIFS_OFDM, 0x10)); 3686 3687 /* Set short/long retry limits. */ 3688 urtwn_write_2(sc, R92C_RL, 3689 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30)); 3690 3691 /* Initialize EDCA parameters. */ 3692 urtwn_edca_init(sc); 3693 3694 /* Setup rate fallback. */ 3695 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000); 3696 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404); 3697 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201); 3698 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605); 3699 3700 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL, 3701 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) | 3702 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW); 3703 /* Set ACK timeout. */ 3704 urtwn_write_1(sc, R92C_ACKTO, 0x40); 3705 3706 /* Setup USB aggregation. */ 3707 /* Tx */ 3708 reg = urtwn_read_4(sc, R92C_TDECTRL); 3709 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6); 3710 urtwn_write_4(sc, R92C_TDECTRL, reg); 3711 /* Rx */ 3712 urtwn_write_1(sc, R92C_TRXDMA_CTRL, 3713 urtwn_read_1(sc, R92C_TRXDMA_CTRL) | 3714 R92C_TRXDMA_CTRL_RXDMA_AGG_EN); 3715 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 3716 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) & 3717 ~R92C_USB_SPECIAL_OPTION_AGG_EN); 3718 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48); 3719 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4); 3720 3721 /* Initialize beacon parameters. */ 3722 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404); 3723 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05); 3724 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02); 3725 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f); 3726 3727 /* Setup AMPDU aggregation. */ 3728 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */ 3729 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16); 3730 urtwn_write_2(sc, 0x4ca, 0x0708); 3731 3732 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff); 3733 urtwn_write_1(sc, R92C_BCN_CTRL, R92C_BCN_CTRL_DIS_TSF_UDT0); 3734 3735 /* Load 8051 microcode. */ 3736 error = urtwn_load_firmware(sc); 3737 if (error != 0) 3738 goto fail; 3739 SET(sc->sc_flags, URTWN_FLAG_FWREADY); 3740 3741 /* Initialize MAC/BB/RF blocks. */ 3742 /* 3743 * XXX: urtwn_mac_init() sets R92C_RCR[0:15] = R92C_RCR_APM | 3744 * R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_AICV | R92C_RCR_AMF. 3745 * XXX: This setting should be removed from rtl8192cu_mac[]. 3746 */ 3747 urtwn_mac_init(sc); // sets R92C_RCR[0:15] 3748 urtwn_rxfilter_init(sc); // reset R92C_RCR 3749 urtwn_bb_init(sc); 3750 urtwn_rf_init(sc); 3751 3752 /* Turn CCK and OFDM blocks on. */ 3753 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 3754 reg |= R92C_RFMOD_CCK_EN; 3755 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 3756 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 3757 reg |= R92C_RFMOD_OFDM_EN; 3758 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 3759 3760 /* Clear per-station keys table. */ 3761 urtwn_cam_init(sc); 3762 3763 /* Enable hardware sequence numbering. */ 3764 urtwn_write_1(sc, R92C_HWSEQ_CTRL, 0xff); 3765 3766 /* Perform LO and IQ calibrations. */ 3767 urtwn_iq_calib(sc, sc->iqk_inited); 3768 sc->iqk_inited = true; 3769 3770 /* Perform LC calibration. */ 3771 urtwn_lc_calib(sc); 3772 3773 /* Fix USB interference issue. */ 3774 urtwn_write_1(sc, 0xfe40, 0xe0); 3775 urtwn_write_1(sc, 0xfe41, 0x8d); 3776 urtwn_write_1(sc, 0xfe42, 0x80); 3777 urtwn_write_4(sc, 0x20c, 0xfd0320); 3778 3779 urtwn_pa_bias_init(sc); 3780 3781 if (!(sc->chip & (URTWN_CHIP_92C | URTWN_CHIP_92C_1T2R))) { 3782 /* 1T1R */ 3783 urtwn_bb_write(sc, R92C_FPGA0_RFPARAM(0), 3784 urtwn_bb_read(sc, R92C_FPGA0_RFPARAM(0)) | __BIT(13)); 3785 } 3786 3787 /* Initialize GPIO setting. */ 3788 urtwn_write_1(sc, R92C_GPIO_MUXCFG, 3789 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT); 3790 3791 /* Fix for lower temperature. */ 3792 urtwn_write_1(sc, 0x15, 0xe9); 3793 3794 /* Set default channel. */ 3795 urtwn_set_chan(sc, ic->ic_curchan, IEEE80211_HTINFO_2NDCHAN_NONE); 3796 3797 /* Queue Rx xfers. */ 3798 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) { 3799 data = &sc->rx_data[i]; 3800 usbd_setup_xfer(data->xfer, sc->rx_pipe, data, data->buf, 3801 URTWN_RXBUFSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 3802 USBD_NO_TIMEOUT, urtwn_rxeof); 3803 error = usbd_transfer(data->xfer); 3804 if (__predict_false(error != USBD_NORMAL_COMPLETION && 3805 error != USBD_IN_PROGRESS)) 3806 goto fail; 3807 } 3808 3809 /* We're ready to go. */ 3810 ifp->if_flags &= ~IFF_OACTIVE; 3811 ifp->if_flags |= IFF_RUNNING; 3812 3813 mutex_exit(&sc->sc_write_mtx); 3814 3815 if (ic->ic_opmode == IEEE80211_M_MONITOR) 3816 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3817 else if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 3818 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3819 urtwn_wait_async(sc); 3820 3821 return (0); 3822 3823 fail: 3824 mutex_exit(&sc->sc_write_mtx); 3825 3826 urtwn_stop(ifp, 1); 3827 return (error); 3828 } 3829 3830 static void 3831 urtwn_stop(struct ifnet *ifp, int disable) 3832 { 3833 struct urtwn_softc *sc = ifp->if_softc; 3834 struct ieee80211com *ic = &sc->sc_ic; 3835 int i, s; 3836 3837 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3838 3839 s = splusb(); 3840 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3841 urtwn_wait_async(sc); 3842 splx(s); 3843 3844 sc->tx_timer = 0; 3845 ifp->if_timer = 0; 3846 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3847 3848 callout_stop(&sc->sc_scan_to); 3849 callout_stop(&sc->sc_calib_to); 3850 3851 /* Abort Tx. */ 3852 for (i = 0; i < R92C_MAX_EPOUT; i++) { 3853 if (sc->tx_pipe[i] != NULL) 3854 usbd_abort_pipe(sc->tx_pipe[i]); 3855 } 3856 3857 /* Stop Rx pipe. */ 3858 usbd_abort_pipe(sc->rx_pipe); 3859 3860 /* Free Tx/Rx buffers. */ 3861 urtwn_free_tx_list(sc); 3862 urtwn_free_rx_list(sc); 3863 3864 if (disable) 3865 urtwn_chip_stop(sc); 3866 } 3867 3868 static int 3869 urtwn_reset(struct ifnet *ifp) 3870 { 3871 struct urtwn_softc *sc = ifp->if_softc; 3872 struct ieee80211com *ic = &sc->sc_ic; 3873 3874 if (ic->ic_opmode != IEEE80211_M_MONITOR) 3875 return ENETRESET; 3876 3877 urtwn_set_chan(sc, ic->ic_curchan, IEEE80211_HTINFO_2NDCHAN_NONE); 3878 3879 return 0; 3880 } 3881 3882 static void 3883 urtwn_chip_stop(struct urtwn_softc *sc) 3884 { 3885 uint32_t reg; 3886 bool disabled = true; 3887 3888 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3889 3890 mutex_enter(&sc->sc_write_mtx); 3891 3892 /* 3893 * RF Off Sequence 3894 */ 3895 /* Pause MAC TX queue */ 3896 urtwn_write_1(sc, R92C_TXPAUSE, 0xFF); 3897 3898 /* Disable RF */ 3899 urtwn_rf_write(sc, 0, 0, 0); 3900 3901 urtwn_write_1(sc, R92C_APSD_CTRL, R92C_APSD_CTRL_OFF); 3902 3903 /* Reset BB state machine */ 3904 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3905 R92C_SYS_FUNC_EN_USBD | 3906 R92C_SYS_FUNC_EN_USBA | 3907 R92C_SYS_FUNC_EN_BB_GLB_RST); 3908 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3909 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA); 3910 3911 /* 3912 * Reset digital sequence 3913 */ 3914 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) { 3915 /* Reset MCU ready status */ 3916 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3917 /* If firmware in ram code, do reset */ 3918 if (ISSET(sc->sc_flags, URTWN_FLAG_FWREADY)) { 3919 urtwn_fw_reset(sc); 3920 CLR(sc->sc_flags, URTWN_FLAG_FWREADY); 3921 } 3922 } 3923 3924 /* Reset MAC and Enable 8051 */ 3925 urtwn_write_1(sc, R92C_SYS_FUNC_EN + 1, 0x54); 3926 3927 /* Reset MCU ready status */ 3928 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3929 3930 if (disabled) { 3931 /* Disable MAC clock */ 3932 urtwn_write_2(sc, R92C_SYS_CLKR, 0x70A3); 3933 /* Disable AFE PLL */ 3934 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x80); 3935 /* Gated AFE DIG_CLOCK */ 3936 urtwn_write_2(sc, R92C_AFE_XTAL_CTRL, 0x880F); 3937 /* Isolated digital to PON */ 3938 urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 0xF9); 3939 } 3940 3941 /* 3942 * Pull GPIO PIN to balance level and LED control 3943 */ 3944 /* 1. Disable GPIO[7:0] */ 3945 urtwn_write_2(sc, R92C_GPIO_PIN_CTRL + 2, 0x0000); 3946 3947 reg = urtwn_read_4(sc, R92C_GPIO_PIN_CTRL) & ~0x0000ff00; 3948 reg |= ((reg << 8) & 0x0000ff00) | 0x00ff0000; 3949 urtwn_write_4(sc, R92C_GPIO_PIN_CTRL, reg); 3950 3951 /* Disable GPIO[10:8] */ 3952 urtwn_write_1(sc, R92C_GPIO_MUXCFG + 3, 0x00); 3953 3954 reg = urtwn_read_2(sc, R92C_GPIO_MUXCFG + 2) & ~0x00f0; 3955 reg |= (((reg & 0x000f) << 4) | 0x0780); 3956 urtwn_write_2(sc, R92C_GPIO_PIN_CTRL+2, reg); 3957 3958 /* Disable LED0 & 1 */ 3959 urtwn_write_2(sc, R92C_LEDCFG0, 0x8080); 3960 3961 /* 3962 * Reset digital sequence 3963 */ 3964 if (disabled) { 3965 /* Disable ELDR clock */ 3966 urtwn_write_2(sc, R92C_SYS_CLKR, 0x70A3); 3967 /* Isolated ELDR to PON */ 3968 urtwn_write_1(sc, R92C_SYS_ISO_CTRL + 1, 0x82); 3969 } 3970 3971 /* 3972 * Disable analog sequence 3973 */ 3974 if (disabled) { 3975 /* Disable A15 power */ 3976 urtwn_write_1(sc, R92C_LDOA15_CTRL, 0x04); 3977 /* Disable digital core power */ 3978 urtwn_write_1(sc, R92C_LDOV12D_CTRL, 3979 urtwn_read_1(sc, R92C_LDOV12D_CTRL) & 3980 ~R92C_LDOV12D_CTRL_LDV12_EN); 3981 } 3982 3983 /* Enter PFM mode */ 3984 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x23); 3985 3986 /* Set USB suspend */ 3987 urtwn_write_2(sc, R92C_APS_FSMCO, 3988 R92C_APS_FSMCO_APDM_HOST | 3989 R92C_APS_FSMCO_AFSM_HSUS | 3990 R92C_APS_FSMCO_PFM_ALDN); 3991 3992 urtwn_write_1(sc, R92C_RSV_CTRL, 0x0E); 3993 3994 mutex_exit(&sc->sc_write_mtx); 3995 } 3996 3997 MODULE(MODULE_CLASS_DRIVER, if_urtwn, "bpf"); 3998 3999 #ifdef _MODULE 4000 #include "ioconf.c" 4001 #endif 4002 4003 static int 4004 if_urtwn_modcmd(modcmd_t cmd, void *aux) 4005 { 4006 int error = 0; 4007 4008 switch (cmd) { 4009 case MODULE_CMD_INIT: 4010 #ifdef _MODULE 4011 error = config_init_component(cfdriver_ioconf_urtwn, 4012 cfattach_ioconf_urtwn, cfdata_ioconf_urtwn); 4013 #endif 4014 return (error); 4015 case MODULE_CMD_FINI: 4016 #ifdef _MODULE 4017 error = config_fini_component(cfdriver_ioconf_urtwn, 4018 cfattach_ioconf_urtwn, cfdata_ioconf_urtwn); 4019 #endif 4020 return (error); 4021 default: 4022 return (ENOTTY); 4023 } 4024 } 4025