1 /* $NetBSD: if_urtwn.c,v 1.31 2014/07/02 20:17:30 christos Exp $ */ 2 /* $OpenBSD: if_urtwn.c,v 1.20 2011/11/26 06:39:33 ckuethe Exp $ */ 3 4 /*- 5 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188RU/RTL8192CU. 22 */ 23 24 #include <sys/cdefs.h> 25 __KERNEL_RCSID(0, "$NetBSD: if_urtwn.c,v 1.31 2014/07/02 20:17:30 christos Exp $"); 26 27 #ifdef _KERNEL_OPT 28 #include "opt_inet.h" 29 #endif 30 31 #include <sys/param.h> 32 #include <sys/sockio.h> 33 #include <sys/sysctl.h> 34 #include <sys/mbuf.h> 35 #include <sys/kernel.h> 36 #include <sys/socket.h> 37 #include <sys/systm.h> 38 #include <sys/malloc.h> 39 #include <sys/module.h> 40 #include <sys/conf.h> 41 #include <sys/device.h> 42 43 #include <sys/bus.h> 44 #include <machine/endian.h> 45 #include <sys/intr.h> 46 47 #include <net/bpf.h> 48 #include <net/if.h> 49 #include <net/if_arp.h> 50 #include <net/if_dl.h> 51 #include <net/if_ether.h> 52 #include <net/if_media.h> 53 #include <net/if_types.h> 54 55 #include <netinet/in.h> 56 #include <netinet/in_systm.h> 57 #include <netinet/in_var.h> 58 #include <netinet/ip.h> 59 #include <netinet/if_inarp.h> 60 61 #include <net80211/ieee80211_netbsd.h> 62 #include <net80211/ieee80211_var.h> 63 #include <net80211/ieee80211_radiotap.h> 64 65 #include <dev/firmload.h> 66 67 #include <dev/usb/usb.h> 68 #include <dev/usb/usbdi.h> 69 #include <dev/usb/usbdivar.h> 70 #include <dev/usb/usbdi_util.h> 71 #include <dev/usb/usbdevs.h> 72 73 #include <dev/usb/if_urtwnreg.h> 74 #include <dev/usb/if_urtwnvar.h> 75 #include <dev/usb/if_urtwn_data.h> 76 77 /* 78 * The sc_write_mtx locking is to prevent sequences of writes from 79 * being intermingled with each other. I don't know if this is really 80 * needed. I have added it just to be on the safe side. 81 */ 82 83 #ifdef URTWN_DEBUG 84 #define DBG_INIT __BIT(0) 85 #define DBG_FN __BIT(1) 86 #define DBG_TX __BIT(2) 87 #define DBG_RX __BIT(3) 88 #define DBG_STM __BIT(4) 89 #define DBG_RF __BIT(5) 90 #define DBG_REG __BIT(6) 91 #define DBG_ALL 0xffffffffU 92 u_int urtwn_debug = 0; 93 #define DPRINTFN(n, s) \ 94 do { if (urtwn_debug & (n)) printf s; } while (/*CONSTCOND*/0) 95 #else 96 #define DPRINTFN(n, s) 97 #endif 98 99 static const struct usb_devno urtwn_devs[] = { 100 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RTL8188CU_1 }, 101 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RTL8188CU_2 }, 102 { USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RTL8192CU }, 103 { USB_VENDOR_ASUSTEK, USB_PRODUCT_ASUSTEK_RTL8192CU }, 104 { USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RTL8188CE_1 }, 105 { USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RTL8188CE_2 }, 106 { USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RTL8188CU }, 107 { USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_RTL8188CU }, 108 { USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_RTL8192CU }, 109 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_1 }, 110 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_2 }, 111 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_3 }, 112 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_4 }, 113 { USB_VENDOR_CHICONY, USB_PRODUCT_CHICONY_RTL8188CUS_5 }, 114 { USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RTL8192CU }, 115 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RTL8188CU }, 116 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RTL8192CU_1 }, 117 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RTL8192CU_2 }, 118 { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RTL8192CU_3 }, 119 { USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_RTL8188CU }, 120 { USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_RTL8192CU }, 121 { USB_VENDOR_FEIXUN, USB_PRODUCT_FEIXUN_RTL8188CU }, 122 { USB_VENDOR_FEIXUN, USB_PRODUCT_FEIXUN_RTL8192CU }, 123 { USB_VENDOR_GUILLEMOT, USB_PRODUCT_GUILLEMOT_HWNUP150 }, 124 { USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_RTL8192CU }, 125 { USB_VENDOR_HP3, USB_PRODUCT_HP3_RTL8188CU }, 126 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNA1000M }, 127 { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_RTL8192CU }, 128 { USB_VENDOR_NETGEAR4, USB_PRODUCT_NETGEAR4_RTL8188CU }, 129 { USB_VENDOR_NOVATECH, USB_PRODUCT_NOVATECH_RTL8188CU }, 130 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CU_1 }, 131 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CU_2 }, 132 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8192CU }, 133 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CU_3 }, 134 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CU_4 }, 135 { USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RTL8188CUS }, 136 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CE_0 }, 137 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CE_1 }, 138 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CTV }, 139 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CU_0 }, 140 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CU_1 }, 141 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CU_2 }, 142 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CU_COMBO }, 143 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188CUS }, 144 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188RU }, 145 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188RU_2 }, 146 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8191CU }, 147 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8192CE }, 148 { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8192CU }, 149 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RTL8188CU }, 150 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RTL8188CU_2 }, 151 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RTL8192CU }, 152 { USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RTL8192CUR2 }, 153 { USB_VENDOR_TRENDNET, USB_PRODUCT_TRENDNET_RTL8188CU }, 154 { USB_VENDOR_TRENDNET, USB_PRODUCT_TRENDNET_RTL8192CU }, 155 { USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_RTL8192CU } 156 }; 157 158 static int urtwn_match(device_t, cfdata_t, void *); 159 static void urtwn_attach(device_t, device_t, void *); 160 static int urtwn_detach(device_t, int); 161 static int urtwn_activate(device_t, enum devact); 162 163 CFATTACH_DECL_NEW(urtwn, sizeof(struct urtwn_softc), urtwn_match, 164 urtwn_attach, urtwn_detach, urtwn_activate); 165 166 static int urtwn_open_pipes(struct urtwn_softc *); 167 static void urtwn_close_pipes(struct urtwn_softc *); 168 static int urtwn_alloc_rx_list(struct urtwn_softc *); 169 static void urtwn_free_rx_list(struct urtwn_softc *); 170 static int urtwn_alloc_tx_list(struct urtwn_softc *); 171 static void urtwn_free_tx_list(struct urtwn_softc *); 172 static void urtwn_task(void *); 173 static void urtwn_do_async(struct urtwn_softc *, 174 void (*)(struct urtwn_softc *, void *), void *, int); 175 static void urtwn_wait_async(struct urtwn_softc *); 176 static int urtwn_write_region_1(struct urtwn_softc *, uint16_t, uint8_t *, 177 int); 178 static void urtwn_write_1(struct urtwn_softc *, uint16_t, uint8_t); 179 static void urtwn_write_2(struct urtwn_softc *, uint16_t, uint16_t); 180 static void urtwn_write_4(struct urtwn_softc *, uint16_t, uint32_t); 181 static int urtwn_write_region(struct urtwn_softc *, uint16_t, uint8_t *, 182 int); 183 static int urtwn_read_region_1(struct urtwn_softc *, uint16_t, uint8_t *, 184 int); 185 static uint8_t urtwn_read_1(struct urtwn_softc *, uint16_t); 186 static uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t); 187 static uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t); 188 static int urtwn_fw_cmd(struct urtwn_softc *, uint8_t, const void *, int); 189 static void urtwn_rf_write(struct urtwn_softc *, int, uint8_t, uint32_t); 190 static uint32_t urtwn_rf_read(struct urtwn_softc *, int, uint8_t); 191 static int urtwn_llt_write(struct urtwn_softc *, uint32_t, uint32_t); 192 static uint8_t urtwn_efuse_read_1(struct urtwn_softc *, uint16_t); 193 static void urtwn_efuse_read(struct urtwn_softc *); 194 static int urtwn_read_chipid(struct urtwn_softc *); 195 #ifdef URTWN_DEBUG 196 static void urtwn_dump_rom(struct urtwn_softc *, struct r92c_rom *); 197 #endif 198 static void urtwn_read_rom(struct urtwn_softc *); 199 static int urtwn_media_change(struct ifnet *); 200 static int urtwn_ra_init(struct urtwn_softc *); 201 static int urtwn_get_nettype(struct urtwn_softc *); 202 static void urtwn_set_nettype0_msr(struct urtwn_softc *, uint8_t); 203 static void urtwn_tsf_sync_enable(struct urtwn_softc *); 204 static void urtwn_set_led(struct urtwn_softc *, int, int); 205 static void urtwn_calib_to(void *); 206 static void urtwn_calib_to_cb(struct urtwn_softc *, void *); 207 static void urtwn_next_scan(void *); 208 static int urtwn_newstate(struct ieee80211com *, enum ieee80211_state, 209 int); 210 static void urtwn_newstate_cb(struct urtwn_softc *, void *); 211 static int urtwn_wme_update(struct ieee80211com *); 212 static void urtwn_wme_update_cb(struct urtwn_softc *, void *); 213 static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t); 214 static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *); 215 static void urtwn_rx_frame(struct urtwn_softc *, uint8_t *, int); 216 static void urtwn_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 217 static void urtwn_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 218 static int urtwn_tx(struct urtwn_softc *, struct mbuf *, 219 struct ieee80211_node *, struct urtwn_tx_data *); 220 static void urtwn_start(struct ifnet *); 221 static void urtwn_watchdog(struct ifnet *); 222 static int urtwn_ioctl(struct ifnet *, u_long, void *); 223 static int urtwn_power_on(struct urtwn_softc *); 224 static int urtwn_llt_init(struct urtwn_softc *); 225 static void urtwn_fw_reset(struct urtwn_softc *); 226 static int urtwn_fw_loadpage(struct urtwn_softc *, int, uint8_t *, int); 227 static int urtwn_load_firmware(struct urtwn_softc *); 228 static int urtwn_dma_init(struct urtwn_softc *); 229 static void urtwn_mac_init(struct urtwn_softc *); 230 static void urtwn_bb_init(struct urtwn_softc *); 231 static void urtwn_rf_init(struct urtwn_softc *); 232 static void urtwn_cam_init(struct urtwn_softc *); 233 static void urtwn_pa_bias_init(struct urtwn_softc *); 234 static void urtwn_rxfilter_init(struct urtwn_softc *); 235 static void urtwn_edca_init(struct urtwn_softc *); 236 static void urtwn_write_txpower(struct urtwn_softc *, int, uint16_t[]); 237 static void urtwn_get_txpower(struct urtwn_softc *, size_t, u_int, u_int, 238 uint16_t[]); 239 static void urtwn_set_txpower(struct urtwn_softc *, u_int, u_int); 240 static void urtwn_set_chan(struct urtwn_softc *, struct ieee80211_channel *, 241 u_int); 242 static void urtwn_iq_calib(struct urtwn_softc *, bool); 243 static void urtwn_lc_calib(struct urtwn_softc *); 244 static void urtwn_temp_calib(struct urtwn_softc *); 245 static int urtwn_init(struct ifnet *); 246 static void urtwn_stop(struct ifnet *, int); 247 static int urtwn_reset(struct ifnet *); 248 static void urtwn_chip_stop(struct urtwn_softc *); 249 static void urtwn_newassoc(struct ieee80211_node *, int); 250 251 /* Aliases. */ 252 #define urtwn_bb_write urtwn_write_4 253 #define urtwn_bb_read urtwn_read_4 254 255 static int 256 urtwn_match(device_t parent, cfdata_t match, void *aux) 257 { 258 struct usb_attach_arg *uaa = aux; 259 260 return ((usb_lookup(urtwn_devs, uaa->vendor, uaa->product) != NULL) ? 261 UMATCH_VENDOR_PRODUCT : UMATCH_NONE); 262 } 263 264 static void 265 urtwn_attach(device_t parent, device_t self, void *aux) 266 { 267 struct urtwn_softc *sc = device_private(self); 268 struct ieee80211com *ic = &sc->sc_ic; 269 struct ifnet *ifp = &sc->sc_if; 270 struct usb_attach_arg *uaa = aux; 271 char *devinfop; 272 size_t i; 273 int error; 274 275 sc->sc_dev = self; 276 sc->sc_udev = uaa->device; 277 278 aprint_naive("\n"); 279 aprint_normal("\n"); 280 281 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 282 283 devinfop = usbd_devinfo_alloc(sc->sc_udev, 0); 284 aprint_normal_dev(self, "%s\n", devinfop); 285 usbd_devinfo_free(devinfop); 286 287 mutex_init(&sc->sc_task_mtx, MUTEX_DEFAULT, IPL_NET); 288 mutex_init(&sc->sc_tx_mtx, MUTEX_DEFAULT, IPL_NONE); 289 mutex_init(&sc->sc_fwcmd_mtx, MUTEX_DEFAULT, IPL_NONE); 290 mutex_init(&sc->sc_write_mtx, MUTEX_DEFAULT, IPL_NONE); 291 292 usb_init_task(&sc->sc_task, urtwn_task, sc, 0); 293 294 callout_init(&sc->sc_scan_to, 0); 295 callout_setfunc(&sc->sc_scan_to, urtwn_next_scan, sc); 296 callout_init(&sc->sc_calib_to, 0); 297 callout_setfunc(&sc->sc_calib_to, urtwn_calib_to, sc); 298 299 error = usbd_set_config_no(sc->sc_udev, 1, 0); 300 if (error != 0) { 301 aprint_error_dev(self, "failed to set configuration" 302 ", err=%s\n", usbd_errstr(error)); 303 goto fail; 304 } 305 306 /* Get the first interface handle. */ 307 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 308 if (error != 0) { 309 aprint_error_dev(self, "could not get interface handle\n"); 310 goto fail; 311 } 312 313 error = urtwn_read_chipid(sc); 314 if (error != 0) { 315 aprint_error_dev(self, "unsupported test chip\n"); 316 goto fail; 317 } 318 319 /* Determine number of Tx/Rx chains. */ 320 if (sc->chip & URTWN_CHIP_92C) { 321 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2; 322 sc->nrxchains = 2; 323 } else { 324 sc->ntxchains = 1; 325 sc->nrxchains = 1; 326 } 327 urtwn_read_rom(sc); 328 329 aprint_normal_dev(self, "MAC/BB RTL%s, RF 6052 %zdT%zdR, address %s\n", 330 (sc->chip & URTWN_CHIP_92C) ? "8192CU" : 331 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" : 332 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" : 333 "8188CUS", sc->ntxchains, sc->nrxchains, 334 ether_sprintf(ic->ic_myaddr)); 335 336 error = urtwn_open_pipes(sc); 337 if (error != 0) { 338 aprint_error_dev(sc->sc_dev, "could not open pipes\n"); 339 goto fail; 340 } 341 aprint_normal_dev(self, "%d rx pipe%s, %d tx pipe%s\n", 342 sc->rx_npipe, sc->rx_npipe > 1 ? "s" : "", 343 sc->tx_npipe, sc->tx_npipe > 1 ? "s" : ""); 344 345 /* 346 * Setup the 802.11 device. 347 */ 348 ic->ic_ifp = ifp; 349 ic->ic_phytype = IEEE80211_T_OFDM; /* Not only, but not used. */ 350 ic->ic_opmode = IEEE80211_M_STA; /* Default to BSS mode. */ 351 ic->ic_state = IEEE80211_S_INIT; 352 353 /* Set device capabilities. */ 354 ic->ic_caps = 355 IEEE80211_C_MONITOR | /* Monitor mode supported. */ 356 IEEE80211_C_IBSS | /* IBSS mode supported */ 357 IEEE80211_C_HOSTAP | /* HostAp mode supported */ 358 IEEE80211_C_SHPREAMBLE | /* Short preamble supported. */ 359 IEEE80211_C_SHSLOT | /* Short slot time supported. */ 360 IEEE80211_C_WME | /* 802.11e */ 361 IEEE80211_C_WPA; /* 802.11i */ 362 363 /* Set supported .11b and .11g rates. */ 364 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 365 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 366 367 /* Set supported .11b and .11g channels (1 through 14). */ 368 for (i = 1; i <= 14; i++) { 369 ic->ic_channels[i].ic_freq = 370 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 371 ic->ic_channels[i].ic_flags = 372 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 373 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 374 } 375 376 ifp->if_softc = sc; 377 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 378 ifp->if_init = urtwn_init; 379 ifp->if_ioctl = urtwn_ioctl; 380 ifp->if_start = urtwn_start; 381 ifp->if_watchdog = urtwn_watchdog; 382 IFQ_SET_READY(&ifp->if_snd); 383 memcpy(ifp->if_xname, device_xname(sc->sc_dev), IFNAMSIZ); 384 385 if_attach(ifp); 386 ieee80211_ifattach(ic); 387 388 /* override default methods */ 389 ic->ic_newassoc = urtwn_newassoc; 390 ic->ic_reset = urtwn_reset; 391 ic->ic_wme.wme_update = urtwn_wme_update; 392 393 /* Override state transition machine. */ 394 sc->sc_newstate = ic->ic_newstate; 395 ic->ic_newstate = urtwn_newstate; 396 ieee80211_media_init(ic, urtwn_media_change, ieee80211_media_status); 397 398 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 399 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 400 &sc->sc_drvbpf); 401 402 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 403 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 404 sc->sc_rxtap.wr_ihdr.it_present = htole32(URTWN_RX_RADIOTAP_PRESENT); 405 406 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 407 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 408 sc->sc_txtap.wt_ihdr.it_present = htole32(URTWN_TX_RADIOTAP_PRESENT); 409 410 ieee80211_announce(ic); 411 412 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, sc->sc_dev); 413 414 if (!pmf_device_register(self, NULL, NULL)) 415 aprint_error_dev(self, "couldn't establish power handler\n"); 416 417 SET(sc->sc_flags, URTWN_FLAG_ATTACHED); 418 return; 419 420 fail: 421 sc->sc_dying = 1; 422 aprint_error_dev(self, "attach failed\n"); 423 } 424 425 static int 426 urtwn_detach(device_t self, int flags) 427 { 428 struct urtwn_softc *sc = device_private(self); 429 struct ifnet *ifp = &sc->sc_if; 430 int s; 431 432 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 433 434 pmf_device_deregister(self); 435 436 s = splusb(); 437 438 sc->sc_dying = 1; 439 440 callout_stop(&sc->sc_scan_to); 441 callout_stop(&sc->sc_calib_to); 442 443 if (ISSET(sc->sc_flags, URTWN_FLAG_ATTACHED)) { 444 usb_rem_task(sc->sc_udev, &sc->sc_task); 445 urtwn_stop(ifp, 0); 446 447 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 448 bpf_detach(ifp); 449 ieee80211_ifdetach(&sc->sc_ic); 450 if_detach(ifp); 451 452 /* Abort and close Tx/Rx pipes. */ 453 urtwn_close_pipes(sc); 454 } 455 456 splx(s); 457 458 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, sc->sc_dev); 459 460 callout_destroy(&sc->sc_scan_to); 461 callout_destroy(&sc->sc_calib_to); 462 463 mutex_destroy(&sc->sc_write_mtx); 464 mutex_destroy(&sc->sc_fwcmd_mtx); 465 mutex_destroy(&sc->sc_tx_mtx); 466 mutex_destroy(&sc->sc_task_mtx); 467 468 return (0); 469 } 470 471 static int 472 urtwn_activate(device_t self, enum devact act) 473 { 474 struct urtwn_softc *sc = device_private(self); 475 476 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 477 478 switch (act) { 479 case DVACT_DEACTIVATE: 480 if_deactivate(sc->sc_ic.ic_ifp); 481 return (0); 482 default: 483 return (EOPNOTSUPP); 484 } 485 } 486 487 static int 488 urtwn_open_pipes(struct urtwn_softc *sc) 489 { 490 /* Bulk-out endpoints addresses (from highest to lowest prio). */ 491 static const uint8_t epaddr[] = { 0x02, 0x03, 0x05 }; 492 usb_interface_descriptor_t *id; 493 usb_endpoint_descriptor_t *ed; 494 size_t i, ntx = 0; 495 int error; 496 497 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 498 499 /* Determine the number of bulk-out pipes. */ 500 id = usbd_get_interface_descriptor(sc->sc_iface); 501 for (i = 0; i < id->bNumEndpoints; i++) { 502 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 503 if (ed != NULL && 504 UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK && 505 UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_OUT) 506 ntx++; 507 } 508 DPRINTFN(DBG_INIT, ("%s: %s: found %zd bulk-out pipes\n", 509 device_xname(sc->sc_dev), __func__, ntx)); 510 if (ntx == 0 || ntx > R92C_MAX_EPOUT) { 511 aprint_error_dev(sc->sc_dev, 512 "%zd: invalid number of Tx bulk pipes\n", ntx); 513 return (EIO); 514 } 515 sc->rx_npipe = 1; 516 sc->tx_npipe = ntx; 517 518 /* Open bulk-in pipe at address 0x81. */ 519 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 520 &sc->rx_pipe); 521 if (error != 0) { 522 aprint_error_dev(sc->sc_dev, "could not open Rx bulk pipe" 523 ": %d\n", error); 524 goto fail; 525 } 526 527 /* Open bulk-out pipes (up to 3). */ 528 for (i = 0; i < ntx; i++) { 529 error = usbd_open_pipe(sc->sc_iface, epaddr[i], 530 USBD_EXCLUSIVE_USE, &sc->tx_pipe[i]); 531 if (error != 0) { 532 aprint_error_dev(sc->sc_dev, 533 "could not open Tx bulk pipe 0x%02x: %d\n", 534 epaddr[i], error); 535 goto fail; 536 } 537 } 538 539 /* Map 802.11 access categories to USB pipes. */ 540 sc->ac2idx[WME_AC_BK] = 541 sc->ac2idx[WME_AC_BE] = (ntx == 3) ? 2 : ((ntx == 2) ? 1 : 0); 542 sc->ac2idx[WME_AC_VI] = (ntx == 3) ? 1 : 0; 543 sc->ac2idx[WME_AC_VO] = 0; /* Always use highest prio. */ 544 545 fail: 546 if (error != 0) 547 urtwn_close_pipes(sc); 548 return (error); 549 } 550 551 static void 552 urtwn_close_pipes(struct urtwn_softc *sc) 553 { 554 usbd_pipe_handle pipe; 555 size_t i; 556 557 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 558 559 /* Close Rx pipe. */ 560 CTASSERT(sizeof(pipe) == sizeof(void *)); 561 pipe = atomic_swap_ptr(&sc->rx_pipe, NULL); 562 if (pipe != NULL) { 563 usbd_abort_pipe(pipe); 564 usbd_close_pipe(pipe); 565 } 566 /* Close Tx pipes. */ 567 for (i = 0; i < R92C_MAX_EPOUT; i++) { 568 pipe = atomic_swap_ptr(&sc->tx_pipe[i], NULL); 569 if (pipe != NULL) { 570 usbd_abort_pipe(pipe); 571 usbd_close_pipe(pipe); 572 } 573 } 574 } 575 576 static int 577 urtwn_alloc_rx_list(struct urtwn_softc *sc) 578 { 579 struct urtwn_rx_data *data; 580 size_t i; 581 int error = 0; 582 583 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 584 585 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) { 586 data = &sc->rx_data[i]; 587 588 data->sc = sc; /* Backpointer for callbacks. */ 589 590 data->xfer = usbd_alloc_xfer(sc->sc_udev); 591 if (data->xfer == NULL) { 592 aprint_error_dev(sc->sc_dev, 593 "could not allocate xfer\n"); 594 error = ENOMEM; 595 break; 596 } 597 598 data->buf = usbd_alloc_buffer(data->xfer, URTWN_RXBUFSZ); 599 if (data->buf == NULL) { 600 aprint_error_dev(sc->sc_dev, 601 "could not allocate xfer buffer\n"); 602 error = ENOMEM; 603 break; 604 } 605 } 606 if (error != 0) 607 urtwn_free_rx_list(sc); 608 return (error); 609 } 610 611 static void 612 urtwn_free_rx_list(struct urtwn_softc *sc) 613 { 614 usbd_xfer_handle xfer; 615 size_t i; 616 617 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 618 619 /* NB: Caller must abort pipe first. */ 620 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) { 621 CTASSERT(sizeof(xfer) == sizeof(void *)); 622 xfer = atomic_swap_ptr(&sc->rx_data[i].xfer, NULL); 623 if (xfer != NULL) 624 usbd_free_xfer(xfer); 625 } 626 } 627 628 static int 629 urtwn_alloc_tx_list(struct urtwn_softc *sc) 630 { 631 struct urtwn_tx_data *data; 632 size_t i; 633 int error = 0; 634 635 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 636 637 mutex_enter(&sc->sc_tx_mtx); 638 TAILQ_INIT(&sc->tx_free_list); 639 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) { 640 data = &sc->tx_data[i]; 641 642 data->sc = sc; /* Backpointer for callbacks. */ 643 644 data->xfer = usbd_alloc_xfer(sc->sc_udev); 645 if (data->xfer == NULL) { 646 aprint_error_dev(sc->sc_dev, 647 "could not allocate xfer\n"); 648 error = ENOMEM; 649 goto fail; 650 } 651 652 data->buf = usbd_alloc_buffer(data->xfer, URTWN_TXBUFSZ); 653 if (data->buf == NULL) { 654 aprint_error_dev(sc->sc_dev, 655 "could not allocate xfer buffer\n"); 656 error = ENOMEM; 657 goto fail; 658 } 659 660 /* Append this Tx buffer to our free list. */ 661 TAILQ_INSERT_TAIL(&sc->tx_free_list, data, next); 662 } 663 mutex_exit(&sc->sc_tx_mtx); 664 return (0); 665 666 fail: 667 urtwn_free_tx_list(sc); 668 mutex_exit(&sc->sc_tx_mtx); 669 return (error); 670 } 671 672 static void 673 urtwn_free_tx_list(struct urtwn_softc *sc) 674 { 675 usbd_xfer_handle xfer; 676 size_t i; 677 678 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 679 680 /* NB: Caller must abort pipe first. */ 681 for (i = 0; i < URTWN_TX_LIST_COUNT; i++) { 682 CTASSERT(sizeof(xfer) == sizeof(void *)); 683 xfer = atomic_swap_ptr(&sc->tx_data[i].xfer, NULL); 684 if (xfer != NULL) 685 usbd_free_xfer(xfer); 686 } 687 } 688 689 static void 690 urtwn_task(void *arg) 691 { 692 struct urtwn_softc *sc = arg; 693 struct urtwn_host_cmd_ring *ring = &sc->cmdq; 694 struct urtwn_host_cmd *cmd; 695 int s; 696 697 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 698 699 /* Process host commands. */ 700 s = splusb(); 701 mutex_spin_enter(&sc->sc_task_mtx); 702 while (ring->next != ring->cur) { 703 cmd = &ring->cmd[ring->next]; 704 mutex_spin_exit(&sc->sc_task_mtx); 705 splx(s); 706 /* Invoke callback with kernel lock held. */ 707 cmd->cb(sc, cmd->data); 708 s = splusb(); 709 mutex_spin_enter(&sc->sc_task_mtx); 710 ring->queued--; 711 ring->next = (ring->next + 1) % URTWN_HOST_CMD_RING_COUNT; 712 } 713 mutex_spin_exit(&sc->sc_task_mtx); 714 wakeup(&sc->cmdq); 715 splx(s); 716 } 717 718 static void 719 urtwn_do_async(struct urtwn_softc *sc, void (*cb)(struct urtwn_softc *, void *), 720 void *arg, int len) 721 { 722 struct urtwn_host_cmd_ring *ring = &sc->cmdq; 723 struct urtwn_host_cmd *cmd; 724 int s; 725 726 DPRINTFN(DBG_FN, ("%s: %s: cb=%p, arg=%p, len=%d\n", 727 device_xname(sc->sc_dev), __func__, cb, arg, len)); 728 729 s = splusb(); 730 mutex_spin_enter(&sc->sc_task_mtx); 731 cmd = &ring->cmd[ring->cur]; 732 cmd->cb = cb; 733 KASSERT(len <= sizeof(cmd->data)); 734 memcpy(cmd->data, arg, len); 735 ring->cur = (ring->cur + 1) % URTWN_HOST_CMD_RING_COUNT; 736 737 /* If there is no pending command already, schedule a task. */ 738 if (!sc->sc_dying && ++ring->queued == 1) { 739 mutex_spin_exit(&sc->sc_task_mtx); 740 usb_add_task(sc->sc_udev, &sc->sc_task, USB_TASKQ_DRIVER); 741 } else 742 mutex_spin_exit(&sc->sc_task_mtx); 743 splx(s); 744 } 745 746 static void 747 urtwn_wait_async(struct urtwn_softc *sc) 748 { 749 750 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 751 752 /* Wait for all queued asynchronous commands to complete. */ 753 while (sc->cmdq.queued > 0) 754 tsleep(&sc->cmdq, 0, "endtask", 0); 755 } 756 757 static int 758 urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 759 int len) 760 { 761 usb_device_request_t req; 762 usbd_status error; 763 764 KASSERT(mutex_owned(&sc->sc_write_mtx)); 765 766 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 767 req.bRequest = R92C_REQ_REGS; 768 USETW(req.wValue, addr); 769 USETW(req.wIndex, 0); 770 USETW(req.wLength, len); 771 error = usbd_do_request(sc->sc_udev, &req, buf); 772 if (error != USBD_NORMAL_COMPLETION) { 773 DPRINTFN(DBG_REG, ("%s: %s: error=%d: addr=0x%x, len=%d\n", 774 device_xname(sc->sc_dev), __func__, error, addr, len)); 775 } 776 return (error); 777 } 778 779 static void 780 urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val) 781 { 782 783 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 784 device_xname(sc->sc_dev), __func__, addr, val)); 785 786 urtwn_write_region_1(sc, addr, &val, 1); 787 } 788 789 static void 790 urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val) 791 { 792 uint8_t buf[2]; 793 794 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 795 device_xname(sc->sc_dev), __func__, addr, val)); 796 797 buf[0] = (uint8_t)val; 798 buf[1] = (uint8_t)(val >> 8); 799 urtwn_write_region_1(sc, addr, buf, 2); 800 } 801 802 static void 803 urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val) 804 { 805 uint8_t buf[4]; 806 807 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 808 device_xname(sc->sc_dev), __func__, addr, val)); 809 810 buf[0] = (uint8_t)val; 811 buf[1] = (uint8_t)(val >> 8); 812 buf[2] = (uint8_t)(val >> 16); 813 buf[3] = (uint8_t)(val >> 24); 814 urtwn_write_region_1(sc, addr, buf, 4); 815 } 816 817 static int 818 urtwn_write_region(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, int len) 819 { 820 821 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, len=0x%x\n", 822 device_xname(sc->sc_dev), __func__, addr, len)); 823 824 return urtwn_write_region_1(sc, addr, buf, len); 825 } 826 827 static int 828 urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf, 829 int len) 830 { 831 usb_device_request_t req; 832 usbd_status error; 833 834 req.bmRequestType = UT_READ_VENDOR_DEVICE; 835 req.bRequest = R92C_REQ_REGS; 836 USETW(req.wValue, addr); 837 USETW(req.wIndex, 0); 838 USETW(req.wLength, len); 839 error = usbd_do_request(sc->sc_udev, &req, buf); 840 if (error != USBD_NORMAL_COMPLETION) { 841 DPRINTFN(DBG_REG, ("%s: %s: error=%d: addr=0x%x, len=%d\n", 842 device_xname(sc->sc_dev), __func__, error, addr, len)); 843 } 844 return (error); 845 } 846 847 static uint8_t 848 urtwn_read_1(struct urtwn_softc *sc, uint16_t addr) 849 { 850 uint8_t val; 851 852 if (urtwn_read_region_1(sc, addr, &val, 1) != USBD_NORMAL_COMPLETION) 853 return (0xff); 854 855 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 856 device_xname(sc->sc_dev), __func__, addr, val)); 857 return (val); 858 } 859 860 static uint16_t 861 urtwn_read_2(struct urtwn_softc *sc, uint16_t addr) 862 { 863 uint8_t buf[2]; 864 uint16_t val; 865 866 if (urtwn_read_region_1(sc, addr, buf, 2) != USBD_NORMAL_COMPLETION) 867 return (0xffff); 868 869 val = LE_READ_2(&buf[0]); 870 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 871 device_xname(sc->sc_dev), __func__, addr, val)); 872 return (val); 873 } 874 875 static uint32_t 876 urtwn_read_4(struct urtwn_softc *sc, uint16_t addr) 877 { 878 uint8_t buf[4]; 879 uint32_t val; 880 881 if (urtwn_read_region_1(sc, addr, buf, 4) != USBD_NORMAL_COMPLETION) 882 return (0xffffffff); 883 884 val = LE_READ_4(&buf[0]); 885 DPRINTFN(DBG_REG, ("%s: %s: addr=0x%x, val=0x%x\n", 886 device_xname(sc->sc_dev), __func__, addr, val)); 887 return (val); 888 } 889 890 static int 891 urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len) 892 { 893 struct r92c_fw_cmd cmd; 894 uint8_t *cp; 895 int fwcur; 896 int ntries; 897 898 DPRINTFN(DBG_REG, ("%s: %s: id=%d, buf=%p, len=%d\n", 899 device_xname(sc->sc_dev), __func__, id, buf, len)); 900 901 KASSERT(mutex_owned(&sc->sc_write_mtx)); 902 903 mutex_enter(&sc->sc_fwcmd_mtx); 904 fwcur = sc->fwcur; 905 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX; 906 mutex_exit(&sc->sc_fwcmd_mtx); 907 908 /* Wait for current FW box to be empty. */ 909 for (ntries = 0; ntries < 100; ntries++) { 910 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << fwcur))) 911 break; 912 DELAY(1); 913 } 914 if (ntries == 100) { 915 aprint_error_dev(sc->sc_dev, 916 "could not send firmware command %d\n", id); 917 return (ETIMEDOUT); 918 } 919 920 memset(&cmd, 0, sizeof(cmd)); 921 KASSERT(len <= sizeof(cmd.msg)); 922 memcpy(cmd.msg, buf, len); 923 924 /* Write the first word last since that will trigger the FW. */ 925 cp = (uint8_t *)&cmd; 926 if (len >= 4) { 927 cmd.id = id | R92C_CMD_FLAG_EXT; 928 urtwn_write_region(sc, R92C_HMEBOX_EXT(fwcur), &cp[1], 2); 929 urtwn_write_4(sc, R92C_HMEBOX(fwcur), 930 cp[0] + (cp[3] << 8) + (cp[4] << 16) + (cp[5] << 24)); 931 } else { 932 cmd.id = id; 933 urtwn_write_region(sc, R92C_HMEBOX(fwcur), cp, len); 934 } 935 936 return (0); 937 } 938 939 static void 940 urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val) 941 { 942 943 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain), 944 SM(R92C_LSSI_PARAM_ADDR, addr) | SM(R92C_LSSI_PARAM_DATA, val)); 945 } 946 947 static uint32_t 948 urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr) 949 { 950 uint32_t reg[R92C_MAX_CHAINS], val; 951 952 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)); 953 if (chain != 0) { 954 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain)); 955 } 956 957 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 958 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE); 959 DELAY(1000); 960 961 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain), 962 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) | 963 R92C_HSSI_PARAM2_READ_EDGE); 964 DELAY(1000); 965 966 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0), 967 reg[0] | R92C_HSSI_PARAM2_READ_EDGE); 968 DELAY(1000); 969 970 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI) { 971 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain)); 972 } else { 973 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain)); 974 } 975 return (MS(val, R92C_LSSI_READBACK_DATA)); 976 } 977 978 static int 979 urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data) 980 { 981 int ntries; 982 983 KASSERT(mutex_owned(&sc->sc_write_mtx)); 984 985 urtwn_write_4(sc, R92C_LLT_INIT, 986 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) | 987 SM(R92C_LLT_INIT_ADDR, addr) | 988 SM(R92C_LLT_INIT_DATA, data)); 989 /* Wait for write operation to complete. */ 990 for (ntries = 0; ntries < 20; ntries++) { 991 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) == 992 R92C_LLT_INIT_OP_NO_ACTIVE) { 993 /* Done */ 994 return (0); 995 } 996 DELAY(5); 997 } 998 return (ETIMEDOUT); 999 } 1000 1001 static uint8_t 1002 urtwn_efuse_read_1(struct urtwn_softc *sc, uint16_t addr) 1003 { 1004 uint32_t reg; 1005 int ntries; 1006 1007 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1008 1009 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1010 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, addr); 1011 reg &= ~R92C_EFUSE_CTRL_VALID; 1012 urtwn_write_4(sc, R92C_EFUSE_CTRL, reg); 1013 1014 /* Wait for read operation to complete. */ 1015 for (ntries = 0; ntries < 100; ntries++) { 1016 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL); 1017 if (reg & R92C_EFUSE_CTRL_VALID) { 1018 /* Done */ 1019 return (MS(reg, R92C_EFUSE_CTRL_DATA)); 1020 } 1021 DELAY(5); 1022 } 1023 aprint_error_dev(sc->sc_dev, 1024 "could not read efuse byte at address 0x%04x\n", addr); 1025 return (0xff); 1026 } 1027 1028 static void 1029 urtwn_efuse_read(struct urtwn_softc *sc) 1030 { 1031 uint8_t *rom = (uint8_t *)&sc->rom; 1032 uint32_t reg; 1033 uint16_t addr = 0; 1034 uint8_t off, msk; 1035 size_t i; 1036 1037 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1038 1039 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1040 1041 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL); 1042 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) { 1043 urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 1044 reg | R92C_SYS_ISO_CTRL_PWC_EV12V); 1045 } 1046 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 1047 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) { 1048 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 1049 reg | R92C_SYS_FUNC_EN_ELDR); 1050 } 1051 reg = urtwn_read_2(sc, R92C_SYS_CLKR); 1052 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) != 1053 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) { 1054 urtwn_write_2(sc, R92C_SYS_CLKR, 1055 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M); 1056 } 1057 memset(&sc->rom, 0xff, sizeof(sc->rom)); 1058 while (addr < 512) { 1059 reg = urtwn_efuse_read_1(sc, addr); 1060 if (reg == 0xff) 1061 break; 1062 addr++; 1063 off = reg >> 4; 1064 msk = reg & 0xf; 1065 for (i = 0; i < 4; i++) { 1066 if (msk & (1U << i)) 1067 continue; 1068 1069 rom[off * 8 + i * 2 + 0] = urtwn_efuse_read_1(sc, addr); 1070 addr++; 1071 rom[off * 8 + i * 2 + 1] = urtwn_efuse_read_1(sc, addr); 1072 addr++; 1073 } 1074 } 1075 #ifdef URTWN_DEBUG 1076 if (urtwn_debug & DBG_INIT) { 1077 /* Dump ROM content. */ 1078 printf("%s: %s", device_xname(sc->sc_dev), __func__); 1079 for (i = 0; i < (int)sizeof(sc->rom); i++) 1080 printf(":%02x", rom[i]); 1081 printf("\n"); 1082 } 1083 #endif 1084 } 1085 1086 static int 1087 urtwn_read_chipid(struct urtwn_softc *sc) 1088 { 1089 uint32_t reg; 1090 1091 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1092 1093 sc->chip = 0; 1094 reg = urtwn_read_4(sc, R92C_SYS_CFG); 1095 if (reg & R92C_SYS_CFG_TRP_VAUX_EN) { 1096 /* test chip, not supported */ 1097 return (EIO); 1098 } 1099 if (reg & R92C_SYS_CFG_TYPE_92C) { 1100 sc->chip |= URTWN_CHIP_92C; 1101 /* Check if it is a castrated 8192C. */ 1102 if (MS(urtwn_read_4(sc, R92C_HPON_FSM), 1103 R92C_HPON_FSM_CHIP_BONDING_ID) == 1104 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R) { 1105 sc->chip |= URTWN_CHIP_92C_1T2R; 1106 } 1107 } 1108 if (reg & R92C_SYS_CFG_VENDOR_UMC) { 1109 sc->chip |= URTWN_CHIP_UMC; 1110 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0) { 1111 sc->chip |= URTWN_CHIP_UMC_A_CUT; 1112 } 1113 } 1114 return (0); 1115 } 1116 1117 #ifdef URTWN_DEBUG 1118 static void 1119 urtwn_dump_rom(struct urtwn_softc *sc, struct r92c_rom *rp) 1120 { 1121 1122 aprint_normal_dev(sc->sc_dev, 1123 "id 0x%04x, dbg_sel 0x%x, vid 0x%x, pid 0x%x\n", 1124 rp->id, rp->dbg_sel, rp->vid, rp->pid); 1125 1126 aprint_normal_dev(sc->sc_dev, 1127 "usb_opt 0x%x, ep_setting 0x%x, usb_phy 0x%x\n", 1128 rp->usb_opt, rp->ep_setting, rp->usb_phy); 1129 1130 aprint_normal_dev(sc->sc_dev, 1131 "macaddr %02x:%02x:%02x:%02x:%02x:%02x\n", 1132 rp->macaddr[0], rp->macaddr[1], 1133 rp->macaddr[2], rp->macaddr[3], 1134 rp->macaddr[4], rp->macaddr[5]); 1135 1136 aprint_normal_dev(sc->sc_dev, 1137 "string %s, subcustomer_id 0x%x\n", 1138 rp->string, rp->subcustomer_id); 1139 1140 aprint_normal_dev(sc->sc_dev, 1141 "cck_tx_pwr c0: %d %d %d, c1: %d %d %d\n", 1142 rp->cck_tx_pwr[0][0], rp->cck_tx_pwr[0][1], rp->cck_tx_pwr[0][2], 1143 rp->cck_tx_pwr[1][0], rp->cck_tx_pwr[1][1], rp->cck_tx_pwr[1][2]); 1144 1145 aprint_normal_dev(sc->sc_dev, 1146 "ht40_1s_tx_pwr c0 %d %d %d, c1 %d %d %d\n", 1147 rp->ht40_1s_tx_pwr[0][0], rp->ht40_1s_tx_pwr[0][1], 1148 rp->ht40_1s_tx_pwr[0][2], 1149 rp->ht40_1s_tx_pwr[1][0], rp->ht40_1s_tx_pwr[1][1], 1150 rp->ht40_1s_tx_pwr[1][2]); 1151 1152 aprint_normal_dev(sc->sc_dev, 1153 "ht40_2s_tx_pwr_diff c0: %d %d %d, c1: %d %d %d\n", 1154 rp->ht40_2s_tx_pwr_diff[0] & 0xf, rp->ht40_2s_tx_pwr_diff[1] & 0xf, 1155 rp->ht40_2s_tx_pwr_diff[2] & 0xf, 1156 rp->ht40_2s_tx_pwr_diff[0] >> 4, rp->ht40_2s_tx_pwr_diff[1] & 0xf, 1157 rp->ht40_2s_tx_pwr_diff[2] >> 4); 1158 1159 aprint_normal_dev(sc->sc_dev, 1160 "ht20_tx_pwr_diff c0: %d %d %d, c1: %d %d %d\n", 1161 rp->ht20_tx_pwr_diff[0] & 0xf, rp->ht20_tx_pwr_diff[1] & 0xf, 1162 rp->ht20_tx_pwr_diff[2] & 0xf, 1163 rp->ht20_tx_pwr_diff[0] >> 4, rp->ht20_tx_pwr_diff[1] >> 4, 1164 rp->ht20_tx_pwr_diff[2] >> 4); 1165 1166 aprint_normal_dev(sc->sc_dev, 1167 "ofdm_tx_pwr_diff c0: %d %d %d, c1: %d %d %d\n", 1168 rp->ofdm_tx_pwr_diff[0] & 0xf, rp->ofdm_tx_pwr_diff[1] & 0xf, 1169 rp->ofdm_tx_pwr_diff[2] & 0xf, 1170 rp->ofdm_tx_pwr_diff[0] >> 4, rp->ofdm_tx_pwr_diff[1] >> 4, 1171 rp->ofdm_tx_pwr_diff[2] >> 4); 1172 1173 aprint_normal_dev(sc->sc_dev, 1174 "ht40_max_pwr_offset c0: %d %d %d, c1: %d %d %d\n", 1175 rp->ht40_max_pwr[0] & 0xf, rp->ht40_max_pwr[1] & 0xf, 1176 rp->ht40_max_pwr[2] & 0xf, 1177 rp->ht40_max_pwr[0] >> 4, rp->ht40_max_pwr[1] >> 4, 1178 rp->ht40_max_pwr[2] >> 4); 1179 1180 aprint_normal_dev(sc->sc_dev, 1181 "ht20_max_pwr_offset c0: %d %d %d, c1: %d %d %d\n", 1182 rp->ht20_max_pwr[0] & 0xf, rp->ht20_max_pwr[1] & 0xf, 1183 rp->ht20_max_pwr[2] & 0xf, 1184 rp->ht20_max_pwr[0] >> 4, rp->ht20_max_pwr[1] >> 4, 1185 rp->ht20_max_pwr[2] >> 4); 1186 1187 aprint_normal_dev(sc->sc_dev, 1188 "xtal_calib %d, tssi %d %d, thermal %d\n", 1189 rp->xtal_calib, rp->tssi[0], rp->tssi[1], rp->thermal_meter); 1190 1191 aprint_normal_dev(sc->sc_dev, 1192 "rf_opt1 0x%x, rf_opt2 0x%x, rf_opt3 0x%x, rf_opt4 0x%x\n", 1193 rp->rf_opt1, rp->rf_opt2, rp->rf_opt3, rp->rf_opt4); 1194 1195 aprint_normal_dev(sc->sc_dev, 1196 "channnel_plan %d, version %d customer_id 0x%x\n", 1197 rp->channel_plan, rp->version, rp->curstomer_id); 1198 } 1199 #endif 1200 1201 static void 1202 urtwn_read_rom(struct urtwn_softc *sc) 1203 { 1204 struct ieee80211com *ic = &sc->sc_ic; 1205 struct r92c_rom *rom = &sc->rom; 1206 1207 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1208 1209 mutex_enter(&sc->sc_write_mtx); 1210 1211 /* Read full ROM image. */ 1212 urtwn_efuse_read(sc); 1213 #ifdef URTWN_DEBUG 1214 if (urtwn_debug & DBG_REG) 1215 urtwn_dump_rom(sc, rom); 1216 #endif 1217 1218 /* XXX Weird but this is what the vendor driver does. */ 1219 sc->pa_setting = urtwn_efuse_read_1(sc, 0x1fa); 1220 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE); 1221 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY); 1222 1223 DPRINTFN(DBG_INIT, 1224 ("%s: %s: PA setting=0x%x, board=0x%x, regulatory=%d\n", 1225 device_xname(sc->sc_dev), __func__, sc->pa_setting, 1226 sc->board_type, sc->regulatory)); 1227 1228 IEEE80211_ADDR_COPY(ic->ic_myaddr, rom->macaddr); 1229 1230 mutex_exit(&sc->sc_write_mtx); 1231 } 1232 1233 static int 1234 urtwn_media_change(struct ifnet *ifp) 1235 { 1236 #ifdef URTWN_DEBUG 1237 struct urtwn_softc *sc = ifp->if_softc; 1238 #endif 1239 int error; 1240 1241 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1242 1243 if ((error = ieee80211_media_change(ifp)) != ENETRESET) 1244 return (error); 1245 1246 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1247 (IFF_UP | IFF_RUNNING)) { 1248 urtwn_init(ifp); 1249 } 1250 return (0); 1251 } 1252 1253 /* 1254 * Initialize rate adaptation in firmware. 1255 */ 1256 static int 1257 urtwn_ra_init(struct urtwn_softc *sc) 1258 { 1259 static const uint8_t map[] = { 1260 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 1261 }; 1262 struct ieee80211com *ic = &sc->sc_ic; 1263 struct ieee80211_node *ni = ic->ic_bss; 1264 struct ieee80211_rateset *rs = &ni->ni_rates; 1265 struct r92c_fw_cmd_macid_cfg cmd; 1266 uint32_t rates, basicrates; 1267 uint32_t mask; 1268 uint8_t mode; 1269 size_t maxrate, maxbasicrate, i, j; 1270 int error; 1271 1272 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1273 1274 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1275 1276 /* Get normal and basic rates mask. */ 1277 rates = basicrates = 0; 1278 maxrate = maxbasicrate = 0; 1279 for (i = 0; i < rs->rs_nrates; i++) { 1280 /* Convert 802.11 rate to HW rate index. */ 1281 for (j = 0; j < __arraycount(map); j++) { 1282 if ((rs->rs_rates[i] & IEEE80211_RATE_VAL) == map[j]) { 1283 break; 1284 } 1285 } 1286 if (j == __arraycount(map)) { 1287 /* Unknown rate, skip. */ 1288 continue; 1289 } 1290 1291 rates |= 1U << j; 1292 if (j > maxrate) { 1293 maxrate = j; 1294 } 1295 1296 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) { 1297 basicrates |= 1U << j; 1298 if (j > maxbasicrate) { 1299 maxbasicrate = j; 1300 } 1301 } 1302 } 1303 if (ic->ic_curmode == IEEE80211_MODE_11B) { 1304 mode = R92C_RAID_11B; 1305 } else { 1306 mode = R92C_RAID_11BG; 1307 } 1308 DPRINTFN(DBG_INIT, ("%s: %s: mode=0x%x rates=0x%x, basicrates=0x%x, " 1309 "maxrate=%zx, maxbasicrate=%zx\n", 1310 device_xname(sc->sc_dev), __func__, mode, rates, basicrates, 1311 maxrate, maxbasicrate)); 1312 if (basicrates == 0) { 1313 basicrates |= 1; /* add 1Mbps */ 1314 } 1315 1316 /* Set rates mask for group addressed frames. */ 1317 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID; 1318 mask = (mode << 28) | basicrates; 1319 cmd.mask[0] = (uint8_t)mask; 1320 cmd.mask[1] = (uint8_t)(mask >> 8); 1321 cmd.mask[2] = (uint8_t)(mask >> 16); 1322 cmd.mask[3] = (uint8_t)(mask >> 24); 1323 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1324 if (error != 0) { 1325 aprint_error_dev(sc->sc_dev, 1326 "could not add broadcast station\n"); 1327 return (error); 1328 } 1329 /* Set initial MRR rate. */ 1330 DPRINTFN(DBG_INIT, ("%s: %s: maxbasicrate=%zd\n", 1331 device_xname(sc->sc_dev), __func__, maxbasicrate)); 1332 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC), maxbasicrate); 1333 1334 /* Set rates mask for unicast frames. */ 1335 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID; 1336 mask = (mode << 28) | rates; 1337 cmd.mask[0] = (uint8_t)mask; 1338 cmd.mask[1] = (uint8_t)(mask >> 8); 1339 cmd.mask[2] = (uint8_t)(mask >> 16); 1340 cmd.mask[3] = (uint8_t)(mask >> 24); 1341 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd)); 1342 if (error != 0) { 1343 aprint_error_dev(sc->sc_dev, "could not add BSS station\n"); 1344 return (error); 1345 } 1346 /* Set initial MRR rate. */ 1347 DPRINTFN(DBG_INIT, ("%s: %s: maxrate=%zd\n", device_xname(sc->sc_dev), 1348 __func__, maxrate)); 1349 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS), maxrate); 1350 1351 /* Indicate highest supported rate. */ 1352 ni->ni_txrate = rs->rs_nrates - 1; 1353 1354 return (0); 1355 } 1356 1357 static int 1358 urtwn_get_nettype(struct urtwn_softc *sc) 1359 { 1360 struct ieee80211com *ic = &sc->sc_ic; 1361 int type; 1362 1363 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1364 1365 switch (ic->ic_opmode) { 1366 case IEEE80211_M_STA: 1367 type = R92C_CR_NETTYPE_INFRA; 1368 break; 1369 1370 case IEEE80211_M_IBSS: 1371 type = R92C_CR_NETTYPE_ADHOC; 1372 break; 1373 1374 default: 1375 type = R92C_CR_NETTYPE_NOLINK; 1376 break; 1377 } 1378 1379 return (type); 1380 } 1381 1382 static void 1383 urtwn_set_nettype0_msr(struct urtwn_softc *sc, uint8_t type) 1384 { 1385 uint8_t reg; 1386 1387 DPRINTFN(DBG_FN, ("%s: %s: type=%d\n", device_xname(sc->sc_dev), 1388 __func__, type)); 1389 1390 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1391 1392 reg = urtwn_read_1(sc, R92C_CR + 2) & 0x0c; 1393 urtwn_write_1(sc, R92C_CR + 2, reg | type); 1394 } 1395 1396 static void 1397 urtwn_tsf_sync_enable(struct urtwn_softc *sc) 1398 { 1399 struct ieee80211_node *ni = sc->sc_ic.ic_bss; 1400 uint64_t tsf; 1401 1402 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1403 1404 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1405 1406 /* Enable TSF synchronization. */ 1407 urtwn_write_1(sc, R92C_BCN_CTRL, 1408 urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_DIS_TSF_UDT0); 1409 1410 /* Correct TSF */ 1411 urtwn_write_1(sc, R92C_BCN_CTRL, 1412 urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN); 1413 1414 /* Set initial TSF. */ 1415 tsf = ni->ni_tstamp.tsf; 1416 tsf = le64toh(tsf); 1417 tsf = tsf - (tsf % (ni->ni_intval * IEEE80211_DUR_TU)); 1418 tsf -= IEEE80211_DUR_TU; 1419 urtwn_write_4(sc, R92C_TSFTR + 0, (uint32_t)tsf); 1420 urtwn_write_4(sc, R92C_TSFTR + 4, (uint32_t)(tsf >> 32)); 1421 1422 urtwn_write_1(sc, R92C_BCN_CTRL, 1423 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN); 1424 } 1425 1426 static void 1427 urtwn_set_led(struct urtwn_softc *sc, int led, int on) 1428 { 1429 uint8_t reg; 1430 1431 DPRINTFN(DBG_FN, ("%s: %s: led=%d, on=%d\n", device_xname(sc->sc_dev), 1432 __func__, led, on)); 1433 1434 KASSERT(mutex_owned(&sc->sc_write_mtx)); 1435 1436 if (led == URTWN_LED_LINK) { 1437 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70; 1438 if (!on) { 1439 reg |= R92C_LEDCFG0_DIS; 1440 } 1441 urtwn_write_1(sc, R92C_LEDCFG0, reg); 1442 sc->ledlink = on; /* Save LED state. */ 1443 } 1444 } 1445 1446 static void 1447 urtwn_calib_to(void *arg) 1448 { 1449 struct urtwn_softc *sc = arg; 1450 1451 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1452 1453 if (sc->sc_dying) 1454 return; 1455 1456 /* Do it in a process context. */ 1457 urtwn_do_async(sc, urtwn_calib_to_cb, NULL, 0); 1458 } 1459 1460 /* ARGSUSED */ 1461 static void 1462 urtwn_calib_to_cb(struct urtwn_softc *sc, void *arg) 1463 { 1464 struct r92c_fw_cmd_rssi cmd; 1465 1466 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1467 1468 if (sc->sc_ic.ic_state != IEEE80211_S_RUN) 1469 goto restart_timer; 1470 1471 mutex_enter(&sc->sc_write_mtx); 1472 if (sc->avg_pwdb != -1) { 1473 /* Indicate Rx signal strength to FW for rate adaptation. */ 1474 memset(&cmd, 0, sizeof(cmd)); 1475 cmd.macid = 0; /* BSS. */ 1476 cmd.pwdb = sc->avg_pwdb; 1477 DPRINTFN(DBG_RF, ("%s: %s: sending RSSI command avg=%d\n", 1478 device_xname(sc->sc_dev), __func__, sc->avg_pwdb)); 1479 urtwn_fw_cmd(sc, R92C_CMD_RSSI_SETTING, &cmd, sizeof(cmd)); 1480 } 1481 1482 /* Do temperature compensation. */ 1483 urtwn_temp_calib(sc); 1484 mutex_exit(&sc->sc_write_mtx); 1485 1486 restart_timer: 1487 if (!sc->sc_dying) { 1488 /* Restart calibration timer. */ 1489 callout_schedule(&sc->sc_calib_to, hz); 1490 } 1491 } 1492 1493 static void 1494 urtwn_next_scan(void *arg) 1495 { 1496 struct urtwn_softc *sc = arg; 1497 int s; 1498 1499 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1500 1501 if (sc->sc_dying) 1502 return; 1503 1504 s = splnet(); 1505 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1506 ieee80211_next_scan(&sc->sc_ic); 1507 splx(s); 1508 } 1509 1510 static void 1511 urtwn_newassoc(struct ieee80211_node *ni, int isnew) 1512 { 1513 DPRINTFN(DBG_FN, ("%s: new node %s\n", __func__, 1514 ether_sprintf(ni->ni_macaddr))); 1515 /* start with lowest Tx rate */ 1516 ni->ni_txrate = 0; 1517 } 1518 1519 static int 1520 urtwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1521 { 1522 struct urtwn_softc *sc = ic->ic_ifp->if_softc; 1523 struct urtwn_cmd_newstate cmd; 1524 1525 DPRINTFN(DBG_FN, ("%s: %s: nstate=%s(%d), arg=%d\n", 1526 device_xname(sc->sc_dev), __func__, 1527 ieee80211_state_name[nstate], nstate, arg)); 1528 1529 callout_stop(&sc->sc_scan_to); 1530 callout_stop(&sc->sc_calib_to); 1531 1532 /* Do it in a process context. */ 1533 cmd.state = nstate; 1534 cmd.arg = arg; 1535 urtwn_do_async(sc, urtwn_newstate_cb, &cmd, sizeof(cmd)); 1536 return (0); 1537 } 1538 1539 static void 1540 urtwn_newstate_cb(struct urtwn_softc *sc, void *arg) 1541 { 1542 struct urtwn_cmd_newstate *cmd = arg; 1543 struct ieee80211com *ic = &sc->sc_ic; 1544 struct ieee80211_node *ni; 1545 enum ieee80211_state ostate = ic->ic_state; 1546 enum ieee80211_state nstate = cmd->state; 1547 uint32_t reg; 1548 uint8_t sifs_time, msr; 1549 int s; 1550 1551 DPRINTFN(DBG_FN|DBG_STM, ("%s: %s: %s(%d)->%s(%d)\n", 1552 device_xname(sc->sc_dev), __func__, 1553 ieee80211_state_name[ostate], ostate, 1554 ieee80211_state_name[nstate], nstate)); 1555 1556 s = splnet(); 1557 mutex_enter(&sc->sc_write_mtx); 1558 1559 callout_stop(&sc->sc_scan_to); 1560 callout_stop(&sc->sc_calib_to); 1561 1562 switch (ostate) { 1563 case IEEE80211_S_INIT: 1564 break; 1565 1566 case IEEE80211_S_SCAN: 1567 if (nstate != IEEE80211_S_SCAN) { 1568 /* 1569 * End of scanning 1570 */ 1571 /* flush 4-AC Queue after site_survey */ 1572 urtwn_write_1(sc, R92C_TXPAUSE, 0x0); 1573 1574 /* Allow Rx from our BSSID only. */ 1575 urtwn_write_4(sc, R92C_RCR, 1576 urtwn_read_4(sc, R92C_RCR) | 1577 R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN); 1578 } 1579 break; 1580 1581 case IEEE80211_S_AUTH: 1582 case IEEE80211_S_ASSOC: 1583 break; 1584 1585 case IEEE80211_S_RUN: 1586 /* Turn link LED off. */ 1587 urtwn_set_led(sc, URTWN_LED_LINK, 0); 1588 1589 /* Set media status to 'No Link'. */ 1590 urtwn_set_nettype0_msr(sc, R92C_CR_NETTYPE_NOLINK); 1591 1592 /* Stop Rx of data frames. */ 1593 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 1594 1595 /* Reset TSF. */ 1596 urtwn_write_1(sc, R92C_DUAL_TSF_RST, 0x03); 1597 1598 /* Disable TSF synchronization. */ 1599 urtwn_write_1(sc, R92C_BCN_CTRL, 1600 urtwn_read_1(sc, R92C_BCN_CTRL) | 1601 R92C_BCN_CTRL_DIS_TSF_UDT0); 1602 1603 /* Back to 20MHz mode */ 1604 urtwn_set_chan(sc, ic->ic_curchan, 1605 IEEE80211_HTINFO_2NDCHAN_NONE); 1606 1607 if (ic->ic_opmode == IEEE80211_M_IBSS || 1608 ic->ic_opmode == IEEE80211_M_HOSTAP) { 1609 /* Stop BCN */ 1610 urtwn_write_1(sc, R92C_BCN_CTRL, 1611 urtwn_read_1(sc, R92C_BCN_CTRL) & 1612 ~(R92C_BCN_CTRL_EN_BCN | R92C_BCN_CTRL_TXBCN_RPT)); 1613 } 1614 1615 /* Reset EDCA parameters. */ 1616 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217); 1617 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317); 1618 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320); 1619 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444); 1620 1621 /* flush all cam entries */ 1622 urtwn_cam_init(sc); 1623 break; 1624 } 1625 1626 switch (nstate) { 1627 case IEEE80211_S_INIT: 1628 /* Turn link LED off. */ 1629 urtwn_set_led(sc, URTWN_LED_LINK, 0); 1630 break; 1631 1632 case IEEE80211_S_SCAN: 1633 if (ostate != IEEE80211_S_SCAN) { 1634 /* 1635 * Begin of scanning 1636 */ 1637 1638 /* Set gain for scanning. */ 1639 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 1640 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x20); 1641 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 1642 1643 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 1644 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x20); 1645 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 1646 1647 /* Set media status to 'No Link'. */ 1648 urtwn_set_nettype0_msr(sc, R92C_CR_NETTYPE_NOLINK); 1649 1650 /* Allow Rx from any BSSID. */ 1651 urtwn_write_4(sc, R92C_RCR, 1652 urtwn_read_4(sc, R92C_RCR) & 1653 ~(R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN)); 1654 1655 /* Stop Rx of data frames. */ 1656 urtwn_write_2(sc, R92C_RXFLTMAP2, 0); 1657 1658 /* Disable update TSF */ 1659 urtwn_write_1(sc, R92C_BCN_CTRL, 1660 urtwn_read_1(sc, R92C_BCN_CTRL) | 1661 R92C_BCN_CTRL_DIS_TSF_UDT0); 1662 } 1663 1664 /* Make link LED blink during scan. */ 1665 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink); 1666 1667 /* Pause AC Tx queues. */ 1668 urtwn_write_1(sc, R92C_TXPAUSE, 1669 urtwn_read_1(sc, R92C_TXPAUSE) | 0x0f); 1670 1671 urtwn_set_chan(sc, ic->ic_curchan, 1672 IEEE80211_HTINFO_2NDCHAN_NONE); 1673 1674 /* Start periodic scan. */ 1675 if (!sc->sc_dying) 1676 callout_schedule(&sc->sc_scan_to, hz / 5); 1677 break; 1678 1679 case IEEE80211_S_AUTH: 1680 /* Set initial gain under link. */ 1681 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0)); 1682 #ifdef doaslinux 1683 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x32); 1684 #else 1685 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x20); 1686 #endif 1687 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg); 1688 1689 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1)); 1690 #ifdef doaslinux 1691 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x32); 1692 #else 1693 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, 0x20); 1694 #endif 1695 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg); 1696 1697 /* Set media status to 'No Link'. */ 1698 urtwn_set_nettype0_msr(sc, R92C_CR_NETTYPE_NOLINK); 1699 1700 /* Allow Rx from any BSSID. */ 1701 urtwn_write_4(sc, R92C_RCR, 1702 urtwn_read_4(sc, R92C_RCR) & 1703 ~(R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN)); 1704 1705 urtwn_set_chan(sc, ic->ic_curchan, 1706 IEEE80211_HTINFO_2NDCHAN_NONE); 1707 break; 1708 1709 case IEEE80211_S_ASSOC: 1710 break; 1711 1712 case IEEE80211_S_RUN: 1713 ni = ic->ic_bss; 1714 1715 /* XXX: Set 20MHz mode */ 1716 urtwn_set_chan(sc, ic->ic_curchan, 1717 IEEE80211_HTINFO_2NDCHAN_NONE); 1718 1719 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 1720 /* Back to 20MHz mode */ 1721 urtwn_set_chan(sc, ic->ic_curchan, 1722 IEEE80211_HTINFO_2NDCHAN_NONE); 1723 1724 /* Set media status to 'No Link'. */ 1725 urtwn_set_nettype0_msr(sc, R92C_CR_NETTYPE_NOLINK); 1726 1727 /* Enable Rx of data frames. */ 1728 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 1729 1730 /* Allow Rx from any BSSID. */ 1731 urtwn_write_4(sc, R92C_RCR, 1732 urtwn_read_4(sc, R92C_RCR) & 1733 ~(R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN)); 1734 1735 /* Accept Rx data/control/management frames */ 1736 urtwn_write_4(sc, R92C_RCR, 1737 urtwn_read_4(sc, R92C_RCR) | 1738 R92C_RCR_ADF | R92C_RCR_ACF | R92C_RCR_AMF); 1739 1740 /* Turn link LED on. */ 1741 urtwn_set_led(sc, URTWN_LED_LINK, 1); 1742 break; 1743 } 1744 1745 /* Set media status to 'Associated'. */ 1746 urtwn_set_nettype0_msr(sc, urtwn_get_nettype(sc)); 1747 1748 /* Set BSSID. */ 1749 urtwn_write_4(sc, R92C_BSSID + 0, LE_READ_4(&ni->ni_bssid[0])); 1750 urtwn_write_4(sc, R92C_BSSID + 4, LE_READ_2(&ni->ni_bssid[4])); 1751 1752 if (ic->ic_curmode == IEEE80211_MODE_11B) { 1753 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0); 1754 } else { 1755 /* 802.11b/g */ 1756 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3); 1757 } 1758 1759 /* Enable Rx of data frames. */ 1760 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 1761 1762 /* Set beacon interval. */ 1763 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval); 1764 1765 msr = urtwn_read_1(sc, R92C_MSR); 1766 msr &= R92C_MSR_MASK; 1767 switch (ic->ic_opmode) { 1768 case IEEE80211_M_STA: 1769 /* Allow Rx from our BSSID only. */ 1770 urtwn_write_4(sc, R92C_RCR, 1771 urtwn_read_4(sc, R92C_RCR) | 1772 R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN); 1773 1774 /* Enable TSF synchronization. */ 1775 urtwn_tsf_sync_enable(sc); 1776 1777 msr |= R92C_MSR_INFRA; 1778 break; 1779 case IEEE80211_M_HOSTAP: 1780 urtwn_write_2(sc, R92C_BCNTCFG, 0x000f); 1781 1782 /* Allow Rx from any BSSID. */ 1783 urtwn_write_4(sc, R92C_RCR, 1784 urtwn_read_4(sc, R92C_RCR) & 1785 ~(R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN)); 1786 1787 /* Reset TSF timer to zero. */ 1788 reg = urtwn_read_4(sc, R92C_TCR); 1789 reg &= ~0x01; 1790 urtwn_write_4(sc, R92C_TCR, reg); 1791 reg |= 0x01; 1792 urtwn_write_4(sc, R92C_TCR, reg); 1793 1794 msr |= R92C_MSR_AP; 1795 break; 1796 default: 1797 msr |= R92C_MSR_ADHOC; 1798 break; 1799 } 1800 urtwn_write_1(sc, R92C_MSR, msr); 1801 1802 sifs_time = 10; 1803 urtwn_write_1(sc, R92C_SIFS_CCK + 1, sifs_time); 1804 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, sifs_time); 1805 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, sifs_time); 1806 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, sifs_time); 1807 urtwn_write_1(sc, R92C_R2T_SIFS + 1, sifs_time); 1808 urtwn_write_1(sc, R92C_T2T_SIFS + 1, sifs_time); 1809 1810 /* Intialize rate adaptation. */ 1811 urtwn_ra_init(sc); 1812 1813 /* Turn link LED on. */ 1814 urtwn_set_led(sc, URTWN_LED_LINK, 1); 1815 1816 /* Reset average RSSI. */ 1817 sc->avg_pwdb = -1; 1818 1819 /* Reset temperature calibration state machine. */ 1820 sc->thcal_state = 0; 1821 sc->thcal_lctemp = 0; 1822 1823 /* Start periodic calibration. */ 1824 if (!sc->sc_dying) 1825 callout_schedule(&sc->sc_calib_to, hz); 1826 break; 1827 } 1828 1829 (*sc->sc_newstate)(ic, nstate, cmd->arg); 1830 1831 mutex_exit(&sc->sc_write_mtx); 1832 splx(s); 1833 } 1834 1835 static int 1836 urtwn_wme_update(struct ieee80211com *ic) 1837 { 1838 struct urtwn_softc *sc = ic->ic_ifp->if_softc; 1839 1840 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 1841 1842 /* don't override default WME values if WME is not actually enabled */ 1843 if (!(ic->ic_flags & IEEE80211_F_WME)) 1844 return (0); 1845 1846 /* Do it in a process context. */ 1847 urtwn_do_async(sc, urtwn_wme_update_cb, NULL, 0); 1848 return (0); 1849 } 1850 1851 static void 1852 urtwn_wme_update_cb(struct urtwn_softc *sc, void *arg) 1853 { 1854 static const uint16_t ac2reg[WME_NUM_AC] = { 1855 R92C_EDCA_BE_PARAM, 1856 R92C_EDCA_BK_PARAM, 1857 R92C_EDCA_VI_PARAM, 1858 R92C_EDCA_VO_PARAM 1859 }; 1860 struct ieee80211com *ic = &sc->sc_ic; 1861 const struct wmeParams *wmep; 1862 int ac, aifs, slottime; 1863 int s; 1864 1865 DPRINTFN(DBG_FN|DBG_STM, ("%s: %s\n", device_xname(sc->sc_dev), 1866 __func__)); 1867 1868 s = splnet(); 1869 mutex_enter(&sc->sc_write_mtx); 1870 slottime = (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 1871 for (ac = 0; ac < WME_NUM_AC; ac++) { 1872 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1873 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */ 1874 aifs = wmep->wmep_aifsn * slottime + 10; 1875 urtwn_write_4(sc, ac2reg[ac], 1876 SM(R92C_EDCA_PARAM_TXOP, wmep->wmep_txopLimit) | 1877 SM(R92C_EDCA_PARAM_ECWMIN, wmep->wmep_logcwmin) | 1878 SM(R92C_EDCA_PARAM_ECWMAX, wmep->wmep_logcwmax) | 1879 SM(R92C_EDCA_PARAM_AIFS, aifs)); 1880 } 1881 mutex_exit(&sc->sc_write_mtx); 1882 splx(s); 1883 } 1884 1885 static void 1886 urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi) 1887 { 1888 int pwdb; 1889 1890 DPRINTFN(DBG_FN, ("%s: %s: rate=%d, rsst=%d\n", 1891 device_xname(sc->sc_dev), __func__, rate, rssi)); 1892 1893 /* Convert antenna signal to percentage. */ 1894 if (rssi <= -100 || rssi >= 20) 1895 pwdb = 0; 1896 else if (rssi >= 0) 1897 pwdb = 100; 1898 else 1899 pwdb = 100 + rssi; 1900 if (rate <= 3) { 1901 /* CCK gain is smaller than OFDM/MCS gain. */ 1902 pwdb += 6; 1903 if (pwdb > 100) 1904 pwdb = 100; 1905 if (pwdb <= 14) 1906 pwdb -= 4; 1907 else if (pwdb <= 26) 1908 pwdb -= 8; 1909 else if (pwdb <= 34) 1910 pwdb -= 6; 1911 else if (pwdb <= 42) 1912 pwdb -= 2; 1913 } 1914 if (sc->avg_pwdb == -1) /* Init. */ 1915 sc->avg_pwdb = pwdb; 1916 else if (sc->avg_pwdb < pwdb) 1917 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1; 1918 else 1919 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20); 1920 1921 DPRINTFN(DBG_RF, ("%s: %s: rate=%d rssi=%d PWDB=%d EMA=%d\n", 1922 device_xname(sc->sc_dev), __func__, 1923 rate, rssi, pwdb, sc->avg_pwdb)); 1924 } 1925 1926 static int8_t 1927 urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt) 1928 { 1929 static const int8_t cckoff[] = { 16, -12, -26, -46 }; 1930 struct r92c_rx_phystat *phy; 1931 struct r92c_rx_cck *cck; 1932 uint8_t rpt; 1933 int8_t rssi; 1934 1935 DPRINTFN(DBG_FN, ("%s: %s: rate=%d\n", device_xname(sc->sc_dev), 1936 __func__, rate)); 1937 1938 if (rate <= 3) { 1939 cck = (struct r92c_rx_cck *)physt; 1940 if (ISSET(sc->sc_flags, URTWN_FLAG_CCK_HIPWR)) { 1941 rpt = (cck->agc_rpt >> 5) & 0x3; 1942 rssi = (cck->agc_rpt & 0x1f) << 1; 1943 } else { 1944 rpt = (cck->agc_rpt >> 6) & 0x3; 1945 rssi = cck->agc_rpt & 0x3e; 1946 } 1947 rssi = cckoff[rpt] - rssi; 1948 } else { /* OFDM/HT. */ 1949 phy = (struct r92c_rx_phystat *)physt; 1950 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110; 1951 } 1952 return (rssi); 1953 } 1954 1955 static void 1956 urtwn_rx_frame(struct urtwn_softc *sc, uint8_t *buf, int pktlen) 1957 { 1958 struct ieee80211com *ic = &sc->sc_ic; 1959 struct ifnet *ifp = ic->ic_ifp; 1960 struct ieee80211_frame *wh; 1961 struct ieee80211_node *ni; 1962 struct r92c_rx_stat *stat; 1963 uint32_t rxdw0, rxdw3; 1964 struct mbuf *m; 1965 uint8_t rate; 1966 int8_t rssi = 0; 1967 int s, infosz; 1968 1969 DPRINTFN(DBG_FN, ("%s: %s: buf=%p, pktlen=%d\n", 1970 device_xname(sc->sc_dev), __func__, buf, pktlen)); 1971 1972 stat = (struct r92c_rx_stat *)buf; 1973 rxdw0 = le32toh(stat->rxdw0); 1974 rxdw3 = le32toh(stat->rxdw3); 1975 1976 if (__predict_false(rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR))) { 1977 /* 1978 * This should not happen since we setup our Rx filter 1979 * to not receive these frames. 1980 */ 1981 DPRINTFN(DBG_RX, ("%s: %s: CRC error\n", 1982 device_xname(sc->sc_dev), __func__)); 1983 ifp->if_ierrors++; 1984 return; 1985 } 1986 /* 1987 * XXX: This will drop most control packets. Do we really 1988 * want this in IEEE80211_M_MONITOR mode? 1989 */ 1990 // if (__predict_false(pktlen < (int)sizeof(*wh))) { 1991 if (__predict_false(pktlen < (int)sizeof(struct ieee80211_frame_ack))) { 1992 DPRINTFN(DBG_RX, ("%s: %s: packet too short %d\n", 1993 device_xname(sc->sc_dev), __func__, pktlen)); 1994 ic->ic_stats.is_rx_tooshort++; 1995 ifp->if_ierrors++; 1996 return; 1997 } 1998 if (__predict_false(pktlen > MCLBYTES)) { 1999 DPRINTFN(DBG_RX, ("%s: %s: packet too big %d\n", 2000 device_xname(sc->sc_dev), __func__, pktlen)); 2001 ifp->if_ierrors++; 2002 return; 2003 } 2004 2005 rate = MS(rxdw3, R92C_RXDW3_RATE); 2006 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 2007 2008 /* Get RSSI from PHY status descriptor if present. */ 2009 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) { 2010 rssi = urtwn_get_rssi(sc, rate, &stat[1]); 2011 /* Update our average RSSI. */ 2012 urtwn_update_avgrssi(sc, rate, rssi); 2013 } 2014 2015 DPRINTFN(DBG_RX, ("%s: %s: Rx frame len=%d rate=%d infosz=%d rssi=%d\n", 2016 device_xname(sc->sc_dev), __func__, pktlen, rate, infosz, rssi)); 2017 2018 MGETHDR(m, M_DONTWAIT, MT_DATA); 2019 if (__predict_false(m == NULL)) { 2020 aprint_error_dev(sc->sc_dev, "couldn't allocate rx mbuf\n"); 2021 ic->ic_stats.is_rx_nobuf++; 2022 ifp->if_ierrors++; 2023 return; 2024 } 2025 if (pktlen > (int)MHLEN) { 2026 MCLGET(m, M_DONTWAIT); 2027 if (__predict_false(!(m->m_flags & M_EXT))) { 2028 aprint_error_dev(sc->sc_dev, 2029 "couldn't allocate rx mbuf cluster\n"); 2030 m_freem(m); 2031 ic->ic_stats.is_rx_nobuf++; 2032 ifp->if_ierrors++; 2033 return; 2034 } 2035 } 2036 2037 /* Finalize mbuf. */ 2038 m->m_pkthdr.rcvif = ifp; 2039 wh = (struct ieee80211_frame *)((uint8_t *)&stat[1] + infosz); 2040 memcpy(mtod(m, uint8_t *), wh, pktlen); 2041 m->m_pkthdr.len = m->m_len = pktlen; 2042 2043 s = splnet(); 2044 if (__predict_false(sc->sc_drvbpf != NULL)) { 2045 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap; 2046 2047 tap->wr_flags = 0; 2048 if (!(rxdw3 & R92C_RXDW3_HT)) { 2049 switch (rate) { 2050 /* CCK. */ 2051 case 0: tap->wr_rate = 2; break; 2052 case 1: tap->wr_rate = 4; break; 2053 case 2: tap->wr_rate = 11; break; 2054 case 3: tap->wr_rate = 22; break; 2055 /* OFDM. */ 2056 case 4: tap->wr_rate = 12; break; 2057 case 5: tap->wr_rate = 18; break; 2058 case 6: tap->wr_rate = 24; break; 2059 case 7: tap->wr_rate = 36; break; 2060 case 8: tap->wr_rate = 48; break; 2061 case 9: tap->wr_rate = 72; break; 2062 case 10: tap->wr_rate = 96; break; 2063 case 11: tap->wr_rate = 108; break; 2064 } 2065 } else if (rate >= 12) { /* MCS0~15. */ 2066 /* Bit 7 set means HT MCS instead of rate. */ 2067 tap->wr_rate = 0x80 | (rate - 12); 2068 } 2069 tap->wr_dbm_antsignal = rssi; 2070 tap->wr_chan_freq = htole16(ic->ic_curchan->ic_freq); 2071 tap->wr_chan_flags = htole16(ic->ic_curchan->ic_flags); 2072 2073 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 2074 } 2075 2076 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 2077 2078 /* push the frame up to the 802.11 stack */ 2079 ieee80211_input(ic, m, ni, rssi, 0); 2080 2081 /* Node is no longer needed. */ 2082 ieee80211_free_node(ni); 2083 2084 splx(s); 2085 } 2086 2087 static void 2088 urtwn_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2089 { 2090 struct urtwn_rx_data *data = priv; 2091 struct urtwn_softc *sc = data->sc; 2092 struct r92c_rx_stat *stat; 2093 uint32_t rxdw0; 2094 uint8_t *buf; 2095 int len, totlen, pktlen, infosz, npkts; 2096 2097 DPRINTFN(DBG_FN|DBG_RX, ("%s: %s: status=%d\n", 2098 device_xname(sc->sc_dev), __func__, status)); 2099 2100 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2101 if (status == USBD_STALLED) 2102 usbd_clear_endpoint_stall_async(sc->rx_pipe); 2103 else if (status != USBD_CANCELLED) 2104 goto resubmit; 2105 return; 2106 } 2107 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 2108 2109 if (__predict_false(len < (int)sizeof(*stat))) { 2110 DPRINTFN(DBG_RX, ("%s: %s: xfer too short %d\n", 2111 device_xname(sc->sc_dev), __func__, len)); 2112 goto resubmit; 2113 } 2114 buf = data->buf; 2115 2116 /* Get the number of encapsulated frames. */ 2117 stat = (struct r92c_rx_stat *)buf; 2118 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT); 2119 DPRINTFN(DBG_RX, ("%s: %s: Rx %d frames in one chunk\n", 2120 device_xname(sc->sc_dev), __func__, npkts)); 2121 2122 /* Process all of them. */ 2123 while (npkts-- > 0) { 2124 if (__predict_false(len < (int)sizeof(*stat))) { 2125 DPRINTFN(DBG_RX, 2126 ("%s: %s: len(%d) is short than header\n", 2127 device_xname(sc->sc_dev), __func__, len)); 2128 break; 2129 } 2130 stat = (struct r92c_rx_stat *)buf; 2131 rxdw0 = le32toh(stat->rxdw0); 2132 2133 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN); 2134 if (__predict_false(pktlen == 0)) { 2135 DPRINTFN(DBG_RX, ("%s: %s: pktlen is 0 byte\n", 2136 device_xname(sc->sc_dev), __func__)); 2137 break; 2138 } 2139 2140 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8; 2141 2142 /* Make sure everything fits in xfer. */ 2143 totlen = sizeof(*stat) + infosz + pktlen; 2144 if (__predict_false(totlen > len)) { 2145 DPRINTFN(DBG_RX, ("%s: %s: pktlen %d(%d+%d+%d) > %d\n", 2146 device_xname(sc->sc_dev), __func__, totlen, 2147 (int)sizeof(*stat), infosz, pktlen, len)); 2148 break; 2149 } 2150 2151 /* Process 802.11 frame. */ 2152 urtwn_rx_frame(sc, buf, pktlen); 2153 2154 /* Next chunk is 128-byte aligned. */ 2155 totlen = roundup2(totlen, 128); 2156 buf += totlen; 2157 len -= totlen; 2158 } 2159 2160 resubmit: 2161 /* Setup a new transfer. */ 2162 usbd_setup_xfer(xfer, sc->rx_pipe, data, data->buf, URTWN_RXBUFSZ, 2163 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, urtwn_rxeof); 2164 (void)usbd_transfer(xfer); 2165 } 2166 2167 static void 2168 urtwn_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2169 { 2170 struct urtwn_tx_data *data = priv; 2171 struct urtwn_softc *sc = data->sc; 2172 struct ifnet *ifp = &sc->sc_if; 2173 usbd_pipe_handle pipe = data->pipe; 2174 int s; 2175 2176 DPRINTFN(DBG_FN|DBG_TX, ("%s: %s: status=%d\n", 2177 device_xname(sc->sc_dev), __func__, status)); 2178 2179 mutex_enter(&sc->sc_tx_mtx); 2180 /* Put this Tx buffer back to our free list. */ 2181 TAILQ_INSERT_TAIL(&sc->tx_free_list, data, next); 2182 mutex_exit(&sc->sc_tx_mtx); 2183 2184 s = splnet(); 2185 sc->tx_timer = 0; 2186 ifp->if_flags &= ~IFF_OACTIVE; 2187 2188 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2189 if (status != USBD_NOT_STARTED && status != USBD_CANCELLED) { 2190 if (status == USBD_STALLED) 2191 usbd_clear_endpoint_stall_async(pipe); 2192 ifp->if_oerrors++; 2193 } 2194 splx(s); 2195 return; 2196 } 2197 2198 ifp->if_opackets++; 2199 urtwn_start(ifp); 2200 2201 splx(s); 2202 } 2203 2204 static int 2205 urtwn_tx(struct urtwn_softc *sc, struct mbuf *m, struct ieee80211_node *ni, 2206 struct urtwn_tx_data *data) 2207 { 2208 struct ieee80211com *ic = &sc->sc_ic; 2209 struct ieee80211_frame *wh; 2210 struct ieee80211_key *k = NULL; 2211 struct r92c_tx_desc *txd; 2212 usbd_pipe_handle pipe; 2213 size_t i, padsize, xferlen; 2214 uint16_t seq, sum; 2215 uint8_t raid, type, tid, qid; 2216 int s, hasqos, error; 2217 2218 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2219 2220 wh = mtod(m, struct ieee80211_frame *); 2221 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2222 2223 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 2224 k = ieee80211_crypto_encap(ic, ni, m); 2225 if (k == NULL) 2226 return ENOBUFS; 2227 2228 /* packet header may have moved, reset our local pointer */ 2229 wh = mtod(m, struct ieee80211_frame *); 2230 } 2231 2232 if (__predict_false(sc->sc_drvbpf != NULL)) { 2233 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap; 2234 2235 tap->wt_flags = 0; 2236 tap->wt_chan_freq = htole16(ic->ic_curchan->ic_freq); 2237 tap->wt_chan_flags = htole16(ic->ic_curchan->ic_flags); 2238 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 2239 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2240 2241 /* XXX: set tap->wt_rate? */ 2242 2243 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m); 2244 } 2245 2246 if ((hasqos = ieee80211_has_qos(wh))) { 2247 /* data frames in 11n mode */ 2248 struct ieee80211_qosframe *qwh = (void *)wh; 2249 tid = qwh->i_qos[0] & IEEE80211_QOS_TID; 2250 qid = TID_TO_WME_AC(tid); 2251 } else if (type != IEEE80211_FC0_TYPE_DATA) { 2252 /* Use AC_VO for management frames. */ 2253 qid = WME_AC_VO; 2254 tid = 0; /* compiler happy */ 2255 } else { 2256 /* non-qos data frames */ 2257 tid = R92C_TXDW1_QSEL_BE; 2258 qid = WME_AC_BE; 2259 } 2260 2261 /* Get the USB pipe to use for this AC. */ 2262 pipe = sc->tx_pipe[sc->ac2idx[qid]]; 2263 2264 if (((sizeof(*txd) + m->m_pkthdr.len) % 64) == 0) /* XXX: 64 */ 2265 padsize = 8; 2266 else 2267 padsize = 0; 2268 2269 /* Fill Tx descriptor. */ 2270 txd = (struct r92c_tx_desc *)data->buf; 2271 memset(txd, 0, sizeof(*txd) + padsize); 2272 2273 txd->txdw0 |= htole32( 2274 SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len) | 2275 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | 2276 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG); 2277 2278 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) 2279 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST); 2280 2281 /* fix pad field */ 2282 if (padsize > 0) { 2283 DPRINTFN(DBG_TX, ("%s: %s: padding: size=%zd\n", 2284 device_xname(sc->sc_dev), __func__, padsize)); 2285 txd->txdw1 |= htole32(SM(R92C_TXDW1_PKTOFF, (padsize / 8))); 2286 } 2287 2288 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2289 type == IEEE80211_FC0_TYPE_DATA) { 2290 if (ic->ic_curmode == IEEE80211_MODE_11B) 2291 raid = R92C_RAID_11B; 2292 else 2293 raid = R92C_RAID_11BG; 2294 DPRINTFN(DBG_TX, 2295 ("%s: %s: data packet: tid=%d, raid=%d\n", 2296 device_xname(sc->sc_dev), __func__, tid, raid)); 2297 2298 txd->txdw1 |= htole32( 2299 SM(R92C_TXDW1_MACID, URTWN_MACID_BSS) | 2300 SM(R92C_TXDW1_QSEL, tid) | 2301 SM(R92C_TXDW1_RAID, raid) | 2302 R92C_TXDW1_AGGBK); 2303 2304 if (hasqos) { 2305 txd->txdw4 |= htole32(R92C_TXDW4_QOS); 2306 } 2307 2308 if (ic->ic_flags & IEEE80211_F_USEPROT) { 2309 /* for 11g */ 2310 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) { 2311 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF | 2312 R92C_TXDW4_HWRTSEN); 2313 } else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) { 2314 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN | 2315 R92C_TXDW4_HWRTSEN); 2316 } 2317 } 2318 /* Send RTS at OFDM24. */ 2319 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 8)); 2320 txd->txdw5 |= htole32(0x0001ff00); 2321 /* Send data at OFDM54. */ 2322 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, 11)); 2323 } else if (type == IEEE80211_FC0_TYPE_MGT) { 2324 DPRINTFN(DBG_TX, ("%s: %s: mgmt packet\n", 2325 device_xname(sc->sc_dev), __func__)); 2326 txd->txdw1 |= htole32( 2327 SM(R92C_TXDW1_MACID, URTWN_MACID_BSS) | 2328 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT) | 2329 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 2330 2331 /* Force CCK1. */ 2332 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2333 /* Use 1Mbps */ 2334 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, 0)); 2335 } else { 2336 /* broadcast or multicast packets */ 2337 DPRINTFN(DBG_TX, ("%s: %s: bc or mc packet\n", 2338 device_xname(sc->sc_dev), __func__)); 2339 txd->txdw1 |= htole32( 2340 SM(R92C_TXDW1_MACID, URTWN_MACID_BC) | 2341 SM(R92C_TXDW1_RAID, R92C_RAID_11B)); 2342 2343 /* Force CCK1. */ 2344 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE); 2345 /* Use 1Mbps */ 2346 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, 0)); 2347 } 2348 2349 /* Set sequence number */ 2350 seq = LE_READ_2(&wh->i_seq[0]) >> IEEE80211_SEQ_SEQ_SHIFT; 2351 txd->txdseq |= htole16(seq); 2352 2353 if (!hasqos) { 2354 /* Use HW sequence numbering for non-QoS frames. */ 2355 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ); 2356 txd->txdseq |= htole16(0x8000); /* WTF? */ 2357 } 2358 2359 /* Compute Tx descriptor checksum. */ 2360 sum = 0; 2361 for (i = 0; i < sizeof(*txd) / 2; i++) 2362 sum ^= ((uint16_t *)txd)[i]; 2363 txd->txdsum = sum; /* NB: already little endian. */ 2364 2365 xferlen = sizeof(*txd) + m->m_pkthdr.len + padsize; 2366 m_copydata(m, 0, m->m_pkthdr.len, (char *)&txd[1] + padsize); 2367 2368 s = splnet(); 2369 data->pipe = pipe; 2370 usbd_setup_xfer(data->xfer, pipe, data, data->buf, xferlen, 2371 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, URTWN_TX_TIMEOUT, 2372 urtwn_txeof); 2373 error = usbd_transfer(data->xfer); 2374 if (__predict_false(error != USBD_NORMAL_COMPLETION && 2375 error != USBD_IN_PROGRESS)) { 2376 splx(s); 2377 DPRINTFN(DBG_TX, ("%s: %s: transfer failed %d\n", 2378 device_xname(sc->sc_dev), __func__, error)); 2379 return error; 2380 } 2381 splx(s); 2382 return 0; 2383 } 2384 2385 static void 2386 urtwn_start(struct ifnet *ifp) 2387 { 2388 struct urtwn_softc *sc = ifp->if_softc; 2389 struct ieee80211com *ic = &sc->sc_ic; 2390 struct urtwn_tx_data *data; 2391 struct ether_header *eh; 2392 struct ieee80211_node *ni; 2393 struct mbuf *m; 2394 2395 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2396 2397 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2398 return; 2399 2400 data = NULL; 2401 for (;;) { 2402 mutex_enter(&sc->sc_tx_mtx); 2403 if (data == NULL && !TAILQ_EMPTY(&sc->tx_free_list)) { 2404 data = TAILQ_FIRST(&sc->tx_free_list); 2405 TAILQ_REMOVE(&sc->tx_free_list, data, next); 2406 } 2407 mutex_exit(&sc->sc_tx_mtx); 2408 2409 if (data == NULL) { 2410 ifp->if_flags |= IFF_OACTIVE; 2411 DPRINTFN(DBG_TX, ("%s: empty tx_free_list\n", 2412 device_xname(sc->sc_dev))); 2413 return; 2414 } 2415 2416 /* Send pending management frames first. */ 2417 IF_DEQUEUE(&ic->ic_mgtq, m); 2418 if (m != NULL) { 2419 ni = (void *)m->m_pkthdr.rcvif; 2420 m->m_pkthdr.rcvif = NULL; 2421 goto sendit; 2422 } 2423 if (ic->ic_state != IEEE80211_S_RUN) 2424 break; 2425 2426 /* Encapsulate and send data frames. */ 2427 IFQ_DEQUEUE(&ifp->if_snd, m); 2428 if (m == NULL) 2429 break; 2430 2431 if (m->m_len < (int)sizeof(*eh) && 2432 (m = m_pullup(m, sizeof(*eh))) == NULL) { 2433 ifp->if_oerrors++; 2434 continue; 2435 } 2436 eh = mtod(m, struct ether_header *); 2437 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2438 if (ni == NULL) { 2439 m_freem(m); 2440 ifp->if_oerrors++; 2441 continue; 2442 } 2443 2444 bpf_mtap(ifp, m); 2445 2446 if ((m = ieee80211_encap(ic, m, ni)) == NULL) { 2447 ieee80211_free_node(ni); 2448 ifp->if_oerrors++; 2449 continue; 2450 } 2451 sendit: 2452 bpf_mtap3(ic->ic_rawbpf, m); 2453 2454 if (urtwn_tx(sc, m, ni, data) != 0) { 2455 m_freem(m); 2456 ieee80211_free_node(ni); 2457 ifp->if_oerrors++; 2458 continue; 2459 } 2460 data = NULL; 2461 m_freem(m); 2462 ieee80211_free_node(ni); 2463 sc->tx_timer = 5; 2464 ifp->if_timer = 1; 2465 } 2466 2467 /* Return the Tx buffer to the free list */ 2468 mutex_enter(&sc->sc_tx_mtx); 2469 TAILQ_INSERT_TAIL(&sc->tx_free_list, data, next); 2470 mutex_exit(&sc->sc_tx_mtx); 2471 } 2472 2473 static void 2474 urtwn_watchdog(struct ifnet *ifp) 2475 { 2476 struct urtwn_softc *sc = ifp->if_softc; 2477 2478 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2479 2480 ifp->if_timer = 0; 2481 2482 if (sc->tx_timer > 0) { 2483 if (--sc->tx_timer == 0) { 2484 aprint_error_dev(sc->sc_dev, "device timeout\n"); 2485 /* urtwn_init(ifp); XXX needs a process context! */ 2486 ifp->if_oerrors++; 2487 return; 2488 } 2489 ifp->if_timer = 1; 2490 } 2491 ieee80211_watchdog(&sc->sc_ic); 2492 } 2493 2494 static int 2495 urtwn_ioctl(struct ifnet *ifp, u_long cmd, void *data) 2496 { 2497 struct urtwn_softc *sc = ifp->if_softc; 2498 struct ieee80211com *ic = &sc->sc_ic; 2499 int s, error = 0; 2500 2501 DPRINTFN(DBG_FN, ("%s: %s: cmd=0x%08lx, data=%p\n", 2502 device_xname(sc->sc_dev), __func__, cmd, data)); 2503 2504 s = splnet(); 2505 2506 switch (cmd) { 2507 case SIOCSIFFLAGS: 2508 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 2509 break; 2510 switch (ifp->if_flags & (IFF_UP | IFF_RUNNING)) { 2511 case IFF_UP | IFF_RUNNING: 2512 break; 2513 case IFF_UP: 2514 urtwn_init(ifp); 2515 break; 2516 case IFF_RUNNING: 2517 urtwn_stop(ifp, 1); 2518 break; 2519 case 0: 2520 break; 2521 } 2522 break; 2523 2524 case SIOCADDMULTI: 2525 case SIOCDELMULTI: 2526 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 2527 /* setup multicast filter, etc */ 2528 error = 0; 2529 } 2530 break; 2531 2532 default: 2533 error = ieee80211_ioctl(ic, cmd, data); 2534 break; 2535 } 2536 if (error == ENETRESET) { 2537 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2538 (IFF_UP | IFF_RUNNING) && 2539 ic->ic_roaming != IEEE80211_ROAMING_MANUAL) { 2540 urtwn_init(ifp); 2541 } 2542 error = 0; 2543 } 2544 2545 splx(s); 2546 2547 return (error); 2548 } 2549 2550 static int 2551 urtwn_power_on(struct urtwn_softc *sc) 2552 { 2553 uint32_t reg; 2554 int ntries; 2555 2556 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2557 2558 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2559 2560 /* Wait for autoload done bit. */ 2561 for (ntries = 0; ntries < 1000; ntries++) { 2562 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN) 2563 break; 2564 DELAY(5); 2565 } 2566 if (ntries == 1000) { 2567 aprint_error_dev(sc->sc_dev, 2568 "timeout waiting for chip autoload\n"); 2569 return (ETIMEDOUT); 2570 } 2571 2572 /* Unlock ISO/CLK/Power control register. */ 2573 urtwn_write_1(sc, R92C_RSV_CTRL, 0); 2574 /* Move SPS into PWM mode. */ 2575 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b); 2576 DELAY(100); 2577 2578 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL); 2579 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) { 2580 urtwn_write_1(sc, R92C_LDOV12D_CTRL, 2581 reg | R92C_LDOV12D_CTRL_LDV12_EN); 2582 DELAY(100); 2583 urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 2584 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) & 2585 ~R92C_SYS_ISO_CTRL_MD2PP); 2586 } 2587 2588 /* Auto enable WLAN. */ 2589 urtwn_write_2(sc, R92C_APS_FSMCO, 2590 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC); 2591 for (ntries = 0; ntries < 1000; ntries++) { 2592 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) & 2593 R92C_APS_FSMCO_APFM_ONMAC)) 2594 break; 2595 DELAY(5); 2596 } 2597 if (ntries == 1000) { 2598 aprint_error_dev(sc->sc_dev, 2599 "timeout waiting for MAC auto ON\n"); 2600 return (ETIMEDOUT); 2601 } 2602 2603 /* Enable radio, GPIO and LED functions. */ 2604 KASSERT((R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_PDN_EN | 2605 R92C_APS_FSMCO_PFM_ALDN) == 0x0812); 2606 urtwn_write_2(sc, R92C_APS_FSMCO, 2607 R92C_APS_FSMCO_AFSM_HSUS | 2608 R92C_APS_FSMCO_PDN_EN | 2609 R92C_APS_FSMCO_PFM_ALDN); 2610 2611 /* Release RF digital isolation. */ 2612 urtwn_write_2(sc, R92C_SYS_ISO_CTRL, 2613 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR); 2614 2615 /* Initialize MAC. */ 2616 urtwn_write_1(sc, R92C_APSD_CTRL, 2617 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF); 2618 for (ntries = 0; ntries < 200; ntries++) { 2619 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) & 2620 R92C_APSD_CTRL_OFF_STATUS)) 2621 break; 2622 DELAY(5); 2623 } 2624 if (ntries == 200) { 2625 aprint_error_dev(sc->sc_dev, 2626 "timeout waiting for MAC initialization\n"); 2627 return (ETIMEDOUT); 2628 } 2629 2630 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */ 2631 reg = urtwn_read_2(sc, R92C_CR); 2632 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN | 2633 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN | 2634 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN | 2635 R92C_CR_ENSEC; 2636 urtwn_write_2(sc, R92C_CR, reg); 2637 2638 urtwn_write_1(sc, 0xfe10, 0x19); 2639 return (0); 2640 } 2641 2642 static int 2643 urtwn_llt_init(struct urtwn_softc *sc) 2644 { 2645 size_t i; 2646 int error; 2647 2648 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2649 2650 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2651 2652 /* Reserve pages [0; R92C_TX_PAGE_COUNT]. */ 2653 for (i = 0; i < R92C_TX_PAGE_COUNT; i++) { 2654 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 2655 return (error); 2656 } 2657 /* NB: 0xff indicates end-of-list. */ 2658 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0) 2659 return (error); 2660 /* 2661 * Use pages [R92C_TX_PAGE_COUNT + 1; R92C_TXPKTBUF_COUNT - 1] 2662 * as ring buffer. 2663 */ 2664 for (++i; i < R92C_TXPKTBUF_COUNT - 1; i++) { 2665 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0) 2666 return (error); 2667 } 2668 /* Make the last page point to the beginning of the ring buffer. */ 2669 error = urtwn_llt_write(sc, i, R92C_TX_PAGE_COUNT + 1); 2670 return (error); 2671 } 2672 2673 static void 2674 urtwn_fw_reset(struct urtwn_softc *sc) 2675 { 2676 uint16_t reg; 2677 int ntries; 2678 2679 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2680 2681 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2682 2683 /* Tell 8051 to reset itself. */ 2684 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20); 2685 2686 /* Wait until 8051 resets by itself. */ 2687 for (ntries = 0; ntries < 100; ntries++) { 2688 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN); 2689 if (!(reg & R92C_SYS_FUNC_EN_CPUEN)) 2690 return; 2691 DELAY(50); 2692 } 2693 /* Force 8051 reset. */ 2694 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN); 2695 } 2696 2697 static int 2698 urtwn_fw_loadpage(struct urtwn_softc *sc, int page, uint8_t *buf, int len) 2699 { 2700 uint32_t reg; 2701 int off, mlen, error = 0; 2702 2703 DPRINTFN(DBG_FN, ("%s: %s: page=%d, buf=%p, len=%d\n", 2704 device_xname(sc->sc_dev), __func__, page, buf, len)); 2705 2706 reg = urtwn_read_4(sc, R92C_MCUFWDL); 2707 reg = RW(reg, R92C_MCUFWDL_PAGE, page); 2708 urtwn_write_4(sc, R92C_MCUFWDL, reg); 2709 2710 off = R92C_FW_START_ADDR; 2711 while (len > 0) { 2712 if (len > 196) 2713 mlen = 196; 2714 else if (len > 4) 2715 mlen = 4; 2716 else 2717 mlen = 1; 2718 error = urtwn_write_region(sc, off, buf, mlen); 2719 if (error != 0) 2720 break; 2721 off += mlen; 2722 buf += mlen; 2723 len -= mlen; 2724 } 2725 return (error); 2726 } 2727 2728 static int 2729 urtwn_load_firmware(struct urtwn_softc *sc) 2730 { 2731 firmware_handle_t fwh; 2732 const struct r92c_fw_hdr *hdr; 2733 const char *name; 2734 u_char *fw, *ptr; 2735 size_t len; 2736 uint32_t reg; 2737 int mlen, ntries, page, error; 2738 2739 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2740 2741 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2742 2743 /* Read firmware image from the filesystem. */ 2744 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 2745 URTWN_CHIP_UMC_A_CUT) 2746 name = "rtl8192cfwU.bin"; 2747 else 2748 name = "rtl8192cfw.bin"; 2749 if ((error = firmware_open("if_urtwn", name, &fwh)) != 0) { 2750 aprint_error_dev(sc->sc_dev, 2751 "failed loadfirmware of file %s (error %d)\n", name, error); 2752 return (error); 2753 } 2754 len = firmware_get_size(fwh); 2755 fw = firmware_malloc(len); 2756 if (fw == NULL) { 2757 aprint_error_dev(sc->sc_dev, 2758 "failed to allocate firmware memory\n"); 2759 firmware_close(fwh); 2760 return (ENOMEM); 2761 } 2762 error = firmware_read(fwh, 0, fw, len); 2763 firmware_close(fwh); 2764 if (error != 0) { 2765 aprint_error_dev(sc->sc_dev, 2766 "failed to read firmware (error %d)\n", error); 2767 firmware_free(fw, 0); 2768 return (error); 2769 } 2770 2771 ptr = fw; 2772 hdr = (const struct r92c_fw_hdr *)ptr; 2773 /* Check if there is a valid FW header and skip it. */ 2774 if ((le16toh(hdr->signature) >> 4) == 0x88c || 2775 (le16toh(hdr->signature) >> 4) == 0x92c) { 2776 DPRINTFN(DBG_INIT, ("%s: %s: FW V%d.%d %02d-%02d %02d:%02d\n", 2777 device_xname(sc->sc_dev), __func__, 2778 le16toh(hdr->version), le16toh(hdr->subversion), 2779 hdr->month, hdr->date, hdr->hour, hdr->minute)); 2780 ptr += sizeof(*hdr); 2781 len -= sizeof(*hdr); 2782 } 2783 2784 if (urtwn_read_1(sc, R92C_MCUFWDL) & 0x80) { 2785 urtwn_fw_reset(sc); 2786 urtwn_write_1(sc, R92C_MCUFWDL, 0); 2787 } 2788 2789 /* download enabled */ 2790 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 2791 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 2792 R92C_SYS_FUNC_EN_CPUEN); 2793 urtwn_write_1(sc, R92C_MCUFWDL, 2794 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN); 2795 urtwn_write_1(sc, R92C_MCUFWDL + 2, 2796 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08); 2797 2798 /* download firmware */ 2799 for (page = 0; len > 0; page++) { 2800 mlen = MIN(len, R92C_FW_PAGE_SIZE); 2801 error = urtwn_fw_loadpage(sc, page, ptr, mlen); 2802 if (error != 0) { 2803 aprint_error_dev(sc->sc_dev, 2804 "could not load firmware page %d\n", page); 2805 goto fail; 2806 } 2807 ptr += mlen; 2808 len -= mlen; 2809 } 2810 2811 /* download disable */ 2812 urtwn_write_1(sc, R92C_MCUFWDL, 2813 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN); 2814 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0); 2815 2816 /* Wait for checksum report. */ 2817 for (ntries = 0; ntries < 1000; ntries++) { 2818 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT) 2819 break; 2820 DELAY(5); 2821 } 2822 if (ntries == 1000) { 2823 aprint_error_dev(sc->sc_dev, 2824 "timeout waiting for checksum report\n"); 2825 error = ETIMEDOUT; 2826 goto fail; 2827 } 2828 2829 /* Wait for firmware readiness. */ 2830 reg = urtwn_read_4(sc, R92C_MCUFWDL); 2831 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY; 2832 urtwn_write_4(sc, R92C_MCUFWDL, reg); 2833 for (ntries = 0; ntries < 1000; ntries++) { 2834 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY) 2835 break; 2836 DELAY(5); 2837 } 2838 if (ntries == 1000) { 2839 aprint_error_dev(sc->sc_dev, 2840 "timeout waiting for firmware readiness\n"); 2841 error = ETIMEDOUT; 2842 goto fail; 2843 } 2844 fail: 2845 firmware_free(fw, 0); 2846 return (error); 2847 } 2848 2849 static int 2850 urtwn_dma_init(struct urtwn_softc *sc) 2851 { 2852 int hashq, hasnq, haslq, nqueues, nqpages, nrempages; 2853 uint32_t reg; 2854 int error; 2855 2856 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2857 2858 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2859 2860 /* Initialize LLT table. */ 2861 error = urtwn_llt_init(sc); 2862 if (error != 0) 2863 return (error); 2864 2865 /* Get Tx queues to USB endpoints mapping. */ 2866 hashq = hasnq = haslq = 0; 2867 reg = urtwn_read_2(sc, R92C_USB_EP + 1); 2868 DPRINTFN(DBG_INIT, ("%s: %s: USB endpoints mapping 0x%x\n", 2869 device_xname(sc->sc_dev), __func__, reg)); 2870 if (MS(reg, R92C_USB_EP_HQ) != 0) 2871 hashq = 1; 2872 if (MS(reg, R92C_USB_EP_NQ) != 0) 2873 hasnq = 1; 2874 if (MS(reg, R92C_USB_EP_LQ) != 0) 2875 haslq = 1; 2876 nqueues = hashq + hasnq + haslq; 2877 if (nqueues == 0) 2878 return (EIO); 2879 /* Get the number of pages for each queue. */ 2880 nqpages = (R92C_TX_PAGE_COUNT - R92C_PUBQ_NPAGES) / nqueues; 2881 /* The remaining pages are assigned to the high priority queue. */ 2882 nrempages = (R92C_TX_PAGE_COUNT - R92C_PUBQ_NPAGES) % nqueues; 2883 2884 /* Set number of pages for normal priority queue. */ 2885 urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0); 2886 urtwn_write_4(sc, R92C_RQPN, 2887 /* Set number of pages for public queue. */ 2888 SM(R92C_RQPN_PUBQ, R92C_PUBQ_NPAGES) | 2889 /* Set number of pages for high priority queue. */ 2890 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) | 2891 /* Set number of pages for low priority queue. */ 2892 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) | 2893 /* Load values. */ 2894 R92C_RQPN_LD); 2895 2896 urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, R92C_TX_PAGE_BOUNDARY); 2897 urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, R92C_TX_PAGE_BOUNDARY); 2898 urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, R92C_TX_PAGE_BOUNDARY); 2899 urtwn_write_1(sc, R92C_TRXFF_BNDY, R92C_TX_PAGE_BOUNDARY); 2900 urtwn_write_1(sc, R92C_TDECTRL + 1, R92C_TX_PAGE_BOUNDARY); 2901 2902 /* Set queue to USB pipe mapping. */ 2903 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL); 2904 reg &= ~R92C_TRXDMA_CTRL_QMAP_M; 2905 if (nqueues == 1) { 2906 if (hashq) { 2907 reg |= R92C_TRXDMA_CTRL_QMAP_HQ; 2908 } else if (hasnq) { 2909 reg |= R92C_TRXDMA_CTRL_QMAP_NQ; 2910 } else { 2911 reg |= R92C_TRXDMA_CTRL_QMAP_LQ; 2912 } 2913 } else if (nqueues == 2) { 2914 /* All 2-endpoints configs have a high priority queue. */ 2915 if (!hashq) { 2916 return (EIO); 2917 } 2918 if (hasnq) { 2919 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ; 2920 } else { 2921 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_LQ; 2922 } 2923 } else { 2924 reg |= R92C_TRXDMA_CTRL_QMAP_3EP; 2925 } 2926 urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg); 2927 2928 /* Set Tx/Rx transfer page boundary. */ 2929 urtwn_write_2(sc, R92C_TRXFF_BNDY + 2, 0x27ff); 2930 2931 /* Set Tx/Rx transfer page size. */ 2932 urtwn_write_1(sc, R92C_PBP, 2933 SM(R92C_PBP_PSRX, R92C_PBP_128) | SM(R92C_PBP_PSTX, R92C_PBP_128)); 2934 return (0); 2935 } 2936 2937 static void 2938 urtwn_mac_init(struct urtwn_softc *sc) 2939 { 2940 size_t i; 2941 2942 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2943 2944 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2945 2946 /* Write MAC initialization values. */ 2947 for (i = 0; i < __arraycount(rtl8192cu_mac); i++) 2948 urtwn_write_1(sc, rtl8192cu_mac[i].reg, rtl8192cu_mac[i].val); 2949 } 2950 2951 static void 2952 urtwn_bb_init(struct urtwn_softc *sc) 2953 { 2954 const struct urtwn_bb_prog *prog; 2955 uint32_t reg; 2956 size_t i; 2957 2958 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 2959 2960 KASSERT(mutex_owned(&sc->sc_write_mtx)); 2961 2962 /* Enable BB and RF. */ 2963 urtwn_write_2(sc, R92C_SYS_FUNC_EN, 2964 urtwn_read_2(sc, R92C_SYS_FUNC_EN) | 2965 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST | 2966 R92C_SYS_FUNC_EN_DIO_RF); 2967 2968 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x83); 2969 urtwn_write_1(sc, R92C_AFE_PLL_CTRL + 1, 0xdb); 2970 2971 urtwn_write_1(sc, R92C_RF_CTRL, 2972 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB); 2973 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 2974 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD | 2975 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB); 2976 2977 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f); 2978 urtwn_write_1(sc, 0x15, 0xe9); 2979 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80); 2980 2981 /* Select BB programming based on board type. */ 2982 if (!(sc->chip & URTWN_CHIP_92C)) { 2983 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) { 2984 prog = &rtl8188ce_bb_prog; 2985 } else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) { 2986 prog = &rtl8188ru_bb_prog; 2987 } else { 2988 prog = &rtl8188cu_bb_prog; 2989 } 2990 } else { 2991 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) { 2992 prog = &rtl8192ce_bb_prog; 2993 } else { 2994 prog = &rtl8192cu_bb_prog; 2995 } 2996 } 2997 /* Write BB initialization values. */ 2998 for (i = 0; i < prog->count; i++) { 2999 /* additional delay depend on registers */ 3000 switch (prog->regs[i]) { 3001 case 0xfe: 3002 usbd_delay_ms(sc->sc_udev, 50); 3003 break; 3004 case 0xfd: 3005 usbd_delay_ms(sc->sc_udev, 5); 3006 break; 3007 case 0xfc: 3008 usbd_delay_ms(sc->sc_udev, 1); 3009 break; 3010 case 0xfb: 3011 DELAY(50); 3012 break; 3013 case 0xfa: 3014 DELAY(5); 3015 break; 3016 case 0xf9: 3017 DELAY(1); 3018 break; 3019 } 3020 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]); 3021 DELAY(1); 3022 } 3023 3024 if (sc->chip & URTWN_CHIP_92C_1T2R) { 3025 /* 8192C 1T only configuration. */ 3026 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO); 3027 reg = (reg & ~0x00000003) | 0x2; 3028 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg); 3029 3030 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO); 3031 reg = (reg & ~0x00300033) | 0x00200022; 3032 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg); 3033 3034 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING); 3035 reg = (reg & ~0xff000000) | (0x45 << 24); 3036 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg); 3037 3038 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA); 3039 reg = (reg & ~0x000000ff) | 0x23; 3040 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg); 3041 3042 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1); 3043 reg = (reg & ~0x00000030) | (1 << 4); 3044 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg); 3045 3046 reg = urtwn_bb_read(sc, 0xe74); 3047 reg = (reg & ~0x0c000000) | (2 << 26); 3048 urtwn_bb_write(sc, 0xe74, reg); 3049 reg = urtwn_bb_read(sc, 0xe78); 3050 reg = (reg & ~0x0c000000) | (2 << 26); 3051 urtwn_bb_write(sc, 0xe78, reg); 3052 reg = urtwn_bb_read(sc, 0xe7c); 3053 reg = (reg & ~0x0c000000) | (2 << 26); 3054 urtwn_bb_write(sc, 0xe7c, reg); 3055 reg = urtwn_bb_read(sc, 0xe80); 3056 reg = (reg & ~0x0c000000) | (2 << 26); 3057 urtwn_bb_write(sc, 0xe80, reg); 3058 reg = urtwn_bb_read(sc, 0xe88); 3059 reg = (reg & ~0x0c000000) | (2 << 26); 3060 urtwn_bb_write(sc, 0xe88, reg); 3061 } 3062 3063 /* Write AGC values. */ 3064 for (i = 0; i < prog->agccount; i++) { 3065 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE, prog->agcvals[i]); 3066 DELAY(1); 3067 } 3068 3069 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) & 3070 R92C_HSSI_PARAM2_CCK_HIPWR) { 3071 SET(sc->sc_flags, URTWN_FLAG_CCK_HIPWR); 3072 } 3073 } 3074 3075 static void 3076 urtwn_rf_init(struct urtwn_softc *sc) 3077 { 3078 const struct urtwn_rf_prog *prog; 3079 uint32_t reg, mask, saved; 3080 size_t i, j, idx; 3081 3082 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3083 3084 /* Select RF programming based on board type. */ 3085 if (!(sc->chip & URTWN_CHIP_92C)) { 3086 if (sc->board_type == R92C_BOARD_TYPE_MINICARD) { 3087 prog = rtl8188ce_rf_prog; 3088 } else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) { 3089 prog = rtl8188ru_rf_prog; 3090 } else { 3091 prog = rtl8188cu_rf_prog; 3092 } 3093 } else { 3094 prog = rtl8192ce_rf_prog; 3095 } 3096 3097 for (i = 0; i < sc->nrxchains; i++) { 3098 /* Save RF_ENV control type. */ 3099 idx = i / 2; 3100 mask = 0xffffU << ((i % 2) * 16); 3101 saved = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)) & mask; 3102 3103 /* Set RF_ENV enable. */ 3104 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3105 reg |= 0x100000; 3106 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3107 DELAY(1); 3108 3109 /* Set RF_ENV output high. */ 3110 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i)); 3111 reg |= 0x10; 3112 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg); 3113 DELAY(1); 3114 3115 /* Set address and data lengths of RF registers. */ 3116 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3117 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH; 3118 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3119 DELAY(1); 3120 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i)); 3121 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH; 3122 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg); 3123 DELAY(1); 3124 3125 /* Write RF initialization values for this chain. */ 3126 for (j = 0; j < prog[i].count; j++) { 3127 if (prog[i].regs[j] >= 0xf9 && 3128 prog[i].regs[j] <= 0xfe) { 3129 /* 3130 * These are fake RF registers offsets that 3131 * indicate a delay is required. 3132 */ 3133 usbd_delay_ms(sc->sc_udev, 50); 3134 continue; 3135 } 3136 urtwn_rf_write(sc, i, prog[i].regs[j], prog[i].vals[j]); 3137 DELAY(1); 3138 } 3139 3140 /* Restore RF_ENV control type. */ 3141 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx)) & ~mask; 3142 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg | saved); 3143 } 3144 3145 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) == 3146 URTWN_CHIP_UMC_A_CUT) { 3147 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255); 3148 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00); 3149 } 3150 3151 /* Cache RF register CHNLBW. */ 3152 for (i = 0; i < 2; i++) { 3153 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW); 3154 } 3155 } 3156 3157 static void 3158 urtwn_cam_init(struct urtwn_softc *sc) 3159 { 3160 uint32_t content, command; 3161 uint8_t idx; 3162 size_t i; 3163 3164 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3165 3166 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3167 3168 for (idx = 0; idx < R92C_CAM_ENTRY_COUNT; idx++) { 3169 content = (idx & 3) 3170 | (R92C_CAM_ALGO_AES << R92C_CAM_ALGO_S) 3171 | R92C_CAM_VALID; 3172 3173 command = R92C_CAMCMD_POLLING 3174 | R92C_CAMCMD_WRITE 3175 | R92C_CAM_CTL0(idx); 3176 3177 urtwn_write_4(sc, R92C_CAMWRITE, content); 3178 urtwn_write_4(sc, R92C_CAMCMD, command); 3179 } 3180 3181 for (idx = 0; idx < R92C_CAM_ENTRY_COUNT; idx++) { 3182 for (i = 0; i < /* CAM_CONTENT_COUNT */ 8; i++) { 3183 if (i == 0) { 3184 content = (idx & 3) 3185 | (R92C_CAM_ALGO_AES << R92C_CAM_ALGO_S) 3186 | R92C_CAM_VALID; 3187 } else { 3188 content = 0; 3189 } 3190 3191 command = R92C_CAMCMD_POLLING 3192 | R92C_CAMCMD_WRITE 3193 | R92C_CAM_CTL0(idx) 3194 | i; 3195 3196 urtwn_write_4(sc, R92C_CAMWRITE, content); 3197 urtwn_write_4(sc, R92C_CAMCMD, command); 3198 } 3199 } 3200 3201 /* Invalidate all CAM entries. */ 3202 urtwn_write_4(sc, R92C_CAMCMD, R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR); 3203 } 3204 3205 static void 3206 urtwn_pa_bias_init(struct urtwn_softc *sc) 3207 { 3208 uint8_t reg; 3209 size_t i; 3210 3211 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3212 3213 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3214 3215 for (i = 0; i < sc->nrxchains; i++) { 3216 if (sc->pa_setting & (1U << i)) 3217 continue; 3218 3219 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406); 3220 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406); 3221 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406); 3222 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406); 3223 } 3224 if (!(sc->pa_setting & 0x10)) { 3225 reg = urtwn_read_1(sc, 0x16); 3226 reg = (reg & ~0xf0) | 0x90; 3227 urtwn_write_1(sc, 0x16, reg); 3228 } 3229 } 3230 3231 static void 3232 urtwn_rxfilter_init(struct urtwn_softc *sc) 3233 { 3234 3235 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3236 3237 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3238 3239 /* Initialize Rx filter. */ 3240 /* TODO: use better filter for monitor mode. */ 3241 urtwn_write_4(sc, R92C_RCR, 3242 R92C_RCR_AAP | R92C_RCR_APM | R92C_RCR_AM | R92C_RCR_AB | 3243 R92C_RCR_APP_ICV | R92C_RCR_AMF | R92C_RCR_HTC_LOC_CTRL | 3244 R92C_RCR_APP_MIC | R92C_RCR_APP_PHYSTS); 3245 /* Accept all multicast frames. */ 3246 urtwn_write_4(sc, R92C_MAR + 0, 0xffffffff); 3247 urtwn_write_4(sc, R92C_MAR + 4, 0xffffffff); 3248 /* Accept all management frames. */ 3249 urtwn_write_2(sc, R92C_RXFLTMAP0, 0xffff); 3250 /* Reject all control frames. */ 3251 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000); 3252 /* Accept all data frames. */ 3253 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff); 3254 } 3255 3256 static void 3257 urtwn_edca_init(struct urtwn_softc *sc) 3258 { 3259 3260 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3261 3262 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3263 3264 /* set spec SIFS (used in NAV) */ 3265 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a); 3266 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a); 3267 3268 /* set SIFS CCK/OFDM */ 3269 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a); 3270 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a); 3271 3272 /* TXOP */ 3273 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b); 3274 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f); 3275 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324); 3276 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226); 3277 } 3278 3279 static void 3280 urtwn_write_txpower(struct urtwn_softc *sc, int chain, 3281 uint16_t power[URTWN_RIDX_COUNT]) 3282 { 3283 uint32_t reg; 3284 3285 DPRINTFN(DBG_FN, ("%s: %s: chain=%d\n", device_xname(sc->sc_dev), 3286 __func__, chain)); 3287 3288 /* Write per-CCK rate Tx power. */ 3289 if (chain == 0) { 3290 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32); 3291 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]); 3292 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg); 3293 3294 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3295 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]); 3296 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]); 3297 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]); 3298 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3299 } else { 3300 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32); 3301 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]); 3302 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]); 3303 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]); 3304 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg); 3305 3306 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11); 3307 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]); 3308 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg); 3309 } 3310 /* Write per-OFDM rate Tx power. */ 3311 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain), 3312 SM(R92C_TXAGC_RATE06, power[ 4]) | 3313 SM(R92C_TXAGC_RATE09, power[ 5]) | 3314 SM(R92C_TXAGC_RATE12, power[ 6]) | 3315 SM(R92C_TXAGC_RATE18, power[ 7])); 3316 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain), 3317 SM(R92C_TXAGC_RATE24, power[ 8]) | 3318 SM(R92C_TXAGC_RATE36, power[ 9]) | 3319 SM(R92C_TXAGC_RATE48, power[10]) | 3320 SM(R92C_TXAGC_RATE54, power[11])); 3321 /* Write per-MCS Tx power. */ 3322 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain), 3323 SM(R92C_TXAGC_MCS00, power[12]) | 3324 SM(R92C_TXAGC_MCS01, power[13]) | 3325 SM(R92C_TXAGC_MCS02, power[14]) | 3326 SM(R92C_TXAGC_MCS03, power[15])); 3327 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain), 3328 SM(R92C_TXAGC_MCS04, power[16]) | 3329 SM(R92C_TXAGC_MCS05, power[17]) | 3330 SM(R92C_TXAGC_MCS06, power[18]) | 3331 SM(R92C_TXAGC_MCS07, power[19])); 3332 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain), 3333 SM(R92C_TXAGC_MCS08, power[20]) | 3334 SM(R92C_TXAGC_MCS09, power[21]) | 3335 SM(R92C_TXAGC_MCS10, power[22]) | 3336 SM(R92C_TXAGC_MCS11, power[23])); 3337 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain), 3338 SM(R92C_TXAGC_MCS12, power[24]) | 3339 SM(R92C_TXAGC_MCS13, power[25]) | 3340 SM(R92C_TXAGC_MCS14, power[26]) | 3341 SM(R92C_TXAGC_MCS15, power[27])); 3342 } 3343 3344 static void 3345 urtwn_get_txpower(struct urtwn_softc *sc, size_t chain, u_int chan, u_int ht40m, 3346 uint16_t power[URTWN_RIDX_COUNT]) 3347 { 3348 struct r92c_rom *rom = &sc->rom; 3349 uint16_t cckpow, ofdmpow, htpow, diff, maxpow; 3350 const struct urtwn_txpwr *base; 3351 int ridx, group; 3352 3353 DPRINTFN(DBG_FN, ("%s: %s: chain=%zd, chan=%d\n", 3354 device_xname(sc->sc_dev), __func__, chain, chan)); 3355 3356 /* Determine channel group. */ 3357 if (chan <= 3) { 3358 group = 0; 3359 } else if (chan <= 9) { 3360 group = 1; 3361 } else { 3362 group = 2; 3363 } 3364 3365 /* Get original Tx power based on board type and RF chain. */ 3366 if (!(sc->chip & URTWN_CHIP_92C)) { 3367 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA) { 3368 base = &rtl8188ru_txagc[chain]; 3369 } else { 3370 base = &rtl8192cu_txagc[chain]; 3371 } 3372 } else { 3373 base = &rtl8192cu_txagc[chain]; 3374 } 3375 3376 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0])); 3377 if (sc->regulatory == 0) { 3378 for (ridx = 0; ridx <= 3; ridx++) { 3379 power[ridx] = base->pwr[0][ridx]; 3380 } 3381 } 3382 for (ridx = 4; ridx < URTWN_RIDX_COUNT; ridx++) { 3383 if (sc->regulatory == 3) { 3384 power[ridx] = base->pwr[0][ridx]; 3385 /* Apply vendor limits. */ 3386 if (ht40m != IEEE80211_HTINFO_2NDCHAN_NONE) { 3387 maxpow = rom->ht40_max_pwr[group]; 3388 } else { 3389 maxpow = rom->ht20_max_pwr[group]; 3390 } 3391 maxpow = (maxpow >> (chain * 4)) & 0xf; 3392 if (power[ridx] > maxpow) { 3393 power[ridx] = maxpow; 3394 } 3395 } else if (sc->regulatory == 1) { 3396 if (ht40m == IEEE80211_HTINFO_2NDCHAN_NONE) { 3397 power[ridx] = base->pwr[group][ridx]; 3398 } 3399 } else if (sc->regulatory != 2) { 3400 power[ridx] = base->pwr[0][ridx]; 3401 } 3402 } 3403 3404 /* Compute per-CCK rate Tx power. */ 3405 cckpow = rom->cck_tx_pwr[chain][group]; 3406 for (ridx = 0; ridx <= 3; ridx++) { 3407 power[ridx] += cckpow; 3408 if (power[ridx] > R92C_MAX_TX_PWR) { 3409 power[ridx] = R92C_MAX_TX_PWR; 3410 } 3411 } 3412 3413 htpow = rom->ht40_1s_tx_pwr[chain][group]; 3414 if (sc->ntxchains > 1) { 3415 /* Apply reduction for 2 spatial streams. */ 3416 diff = rom->ht40_2s_tx_pwr_diff[group]; 3417 diff = (diff >> (chain * 4)) & 0xf; 3418 htpow = (htpow > diff) ? htpow - diff : 0; 3419 } 3420 3421 /* Compute per-OFDM rate Tx power. */ 3422 diff = rom->ofdm_tx_pwr_diff[group]; 3423 diff = (diff >> (chain * 4)) & 0xf; 3424 ofdmpow = htpow + diff; /* HT->OFDM correction. */ 3425 for (ridx = 4; ridx <= 11; ridx++) { 3426 power[ridx] += ofdmpow; 3427 if (power[ridx] > R92C_MAX_TX_PWR) { 3428 power[ridx] = R92C_MAX_TX_PWR; 3429 } 3430 } 3431 3432 /* Compute per-MCS Tx power. */ 3433 if (ht40m == IEEE80211_HTINFO_2NDCHAN_NONE) { 3434 diff = rom->ht20_tx_pwr_diff[group]; 3435 diff = (diff >> (chain * 4)) & 0xf; 3436 htpow += diff; /* HT40->HT20 correction. */ 3437 } 3438 for (ridx = 12; ridx < URTWN_RIDX_COUNT; ridx++) { 3439 power[ridx] += htpow; 3440 if (power[ridx] > R92C_MAX_TX_PWR) { 3441 power[ridx] = R92C_MAX_TX_PWR; 3442 } 3443 } 3444 #ifdef URTWN_DEBUG 3445 if (urtwn_debug & DBG_RF) { 3446 /* Dump per-rate Tx power values. */ 3447 printf("%s: %s: Tx power for chain %zd:\n", 3448 device_xname(sc->sc_dev), __func__, chain); 3449 for (ridx = 0; ridx < URTWN_RIDX_COUNT; ridx++) { 3450 printf("%s: %s: Rate %d = %u\n", 3451 device_xname(sc->sc_dev), __func__, ridx, 3452 power[ridx]); 3453 } 3454 } 3455 #endif 3456 } 3457 3458 static void 3459 urtwn_set_txpower(struct urtwn_softc *sc, u_int chan, u_int ht40m) 3460 { 3461 uint16_t power[URTWN_RIDX_COUNT]; 3462 size_t i; 3463 3464 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3465 3466 for (i = 0; i < sc->ntxchains; i++) { 3467 /* Compute per-rate Tx power values. */ 3468 urtwn_get_txpower(sc, i, chan, ht40m, power); 3469 /* Write per-rate Tx power values to hardware. */ 3470 urtwn_write_txpower(sc, i, power); 3471 } 3472 } 3473 3474 static void 3475 urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c, u_int ht40m) 3476 { 3477 struct ieee80211com *ic = &sc->sc_ic; 3478 u_int chan; 3479 size_t i; 3480 3481 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */ 3482 3483 DPRINTFN(DBG_FN, ("%s: %s: chan=%d\n", device_xname(sc->sc_dev), 3484 __func__, chan)); 3485 3486 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3487 3488 if (ht40m == IEEE80211_HTINFO_2NDCHAN_ABOVE) { 3489 chan += 2; 3490 } else if (ht40m == IEEE80211_HTINFO_2NDCHAN_BELOW){ 3491 chan -= 2; 3492 } 3493 3494 /* Set Tx power for this new channel. */ 3495 urtwn_set_txpower(sc, chan, ht40m); 3496 3497 for (i = 0; i < sc->nrxchains; i++) { 3498 urtwn_rf_write(sc, i, R92C_RF_CHNLBW, 3499 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan)); 3500 } 3501 3502 if (ht40m) { 3503 /* Is secondary channel below or above primary? */ 3504 int prichlo = (ht40m == IEEE80211_HTINFO_2NDCHAN_ABOVE); 3505 uint32_t reg; 3506 3507 urtwn_write_1(sc, R92C_BWOPMODE, 3508 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ); 3509 3510 reg = urtwn_read_1(sc, R92C_RRSR + 2); 3511 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5; 3512 urtwn_write_1(sc, R92C_RRSR + 2, (uint8_t)reg); 3513 3514 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 3515 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ); 3516 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 3517 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ); 3518 3519 /* Set CCK side band. */ 3520 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM); 3521 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4; 3522 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg); 3523 3524 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF); 3525 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10; 3526 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg); 3527 3528 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 3529 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) & 3530 ~R92C_FPGA0_ANAPARAM2_CBW20); 3531 3532 reg = urtwn_bb_read(sc, 0x818); 3533 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26; 3534 urtwn_bb_write(sc, 0x818, reg); 3535 3536 /* Select 40MHz bandwidth. */ 3537 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 3538 (sc->rf_chnlbw[0] & ~0xfff) | chan); 3539 } else { 3540 urtwn_write_1(sc, R92C_BWOPMODE, 3541 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ); 3542 3543 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, 3544 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ); 3545 urtwn_bb_write(sc, R92C_FPGA1_RFMOD, 3546 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ); 3547 3548 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2, 3549 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) | 3550 R92C_FPGA0_ANAPARAM2_CBW20); 3551 3552 /* Select 20MHz bandwidth. */ 3553 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 3554 (sc->rf_chnlbw[0] & ~0xfff) | R92C_RF_CHNLBW_BW20 | chan); 3555 } 3556 } 3557 3558 static void 3559 urtwn_iq_calib(struct urtwn_softc *sc, bool inited) 3560 { 3561 3562 DPRINTFN(DBG_FN, ("%s: %s: inited=%d\n", device_xname(sc->sc_dev), 3563 __func__, inited)); 3564 3565 /* TODO */ 3566 } 3567 3568 static void 3569 urtwn_lc_calib(struct urtwn_softc *sc) 3570 { 3571 uint32_t rf_ac[2]; 3572 uint8_t txmode; 3573 size_t i; 3574 3575 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3576 3577 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3578 3579 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3); 3580 if ((txmode & 0x70) != 0) { 3581 /* Disable all continuous Tx. */ 3582 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70); 3583 3584 /* Set RF mode to standby mode. */ 3585 for (i = 0; i < sc->nrxchains; i++) { 3586 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC); 3587 urtwn_rf_write(sc, i, R92C_RF_AC, 3588 RW(rf_ac[i], R92C_RF_AC_MODE, 3589 R92C_RF_AC_MODE_STANDBY)); 3590 } 3591 } else { 3592 /* Block all Tx queues. */ 3593 urtwn_write_1(sc, R92C_TXPAUSE, 0xff); 3594 } 3595 /* Start calibration. */ 3596 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW, 3597 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART); 3598 3599 /* Give calibration the time to complete. */ 3600 usbd_delay_ms(sc->sc_udev, 100); 3601 3602 /* Restore configuration. */ 3603 if ((txmode & 0x70) != 0) { 3604 /* Restore Tx mode. */ 3605 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode); 3606 /* Restore RF mode. */ 3607 for (i = 0; i < sc->nrxchains; i++) { 3608 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]); 3609 } 3610 } else { 3611 /* Unblock all Tx queues. */ 3612 urtwn_write_1(sc, R92C_TXPAUSE, 0x00); 3613 } 3614 } 3615 3616 static void 3617 urtwn_temp_calib(struct urtwn_softc *sc) 3618 { 3619 int temp; 3620 3621 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3622 3623 KASSERT(mutex_owned(&sc->sc_write_mtx)); 3624 3625 if (sc->thcal_state == 0) { 3626 /* Start measuring temperature. */ 3627 DPRINTFN(DBG_RF, ("%s: %s: start measuring temperature\n", 3628 device_xname(sc->sc_dev), __func__)); 3629 urtwn_rf_write(sc, 0, R92C_RF_T_METER, 0x60); 3630 sc->thcal_state = 1; 3631 return; 3632 } 3633 sc->thcal_state = 0; 3634 3635 /* Read measured temperature. */ 3636 temp = urtwn_rf_read(sc, 0, R92C_RF_T_METER) & 0x1f; 3637 DPRINTFN(DBG_RF, ("%s: %s: temperature=%d\n", device_xname(sc->sc_dev), 3638 __func__, temp)); 3639 if (temp == 0) /* Read failed, skip. */ 3640 return; 3641 3642 /* 3643 * Redo LC calibration if temperature changed significantly since 3644 * last calibration. 3645 */ 3646 if (sc->thcal_lctemp == 0) { 3647 /* First LC calibration is performed in urtwn_init(). */ 3648 sc->thcal_lctemp = temp; 3649 } else if (abs(temp - sc->thcal_lctemp) > 1) { 3650 DPRINTFN(DBG_RF, 3651 ("%s: %s: LC calib triggered by temp: %d -> %d\n", 3652 device_xname(sc->sc_dev), __func__, sc->thcal_lctemp, 3653 temp)); 3654 urtwn_lc_calib(sc); 3655 /* Record temperature of last LC calibration. */ 3656 sc->thcal_lctemp = temp; 3657 } 3658 } 3659 3660 static int 3661 urtwn_init(struct ifnet *ifp) 3662 { 3663 struct urtwn_softc *sc = ifp->if_softc; 3664 struct ieee80211com *ic = &sc->sc_ic; 3665 struct urtwn_rx_data *data; 3666 uint32_t reg; 3667 size_t i; 3668 int error; 3669 3670 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3671 3672 urtwn_stop(ifp, 0); 3673 3674 mutex_enter(&sc->sc_write_mtx); 3675 3676 mutex_enter(&sc->sc_task_mtx); 3677 /* Init host async commands ring. */ 3678 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 3679 mutex_exit(&sc->sc_task_mtx); 3680 3681 mutex_enter(&sc->sc_fwcmd_mtx); 3682 /* Init firmware commands ring. */ 3683 sc->fwcur = 0; 3684 mutex_exit(&sc->sc_fwcmd_mtx); 3685 3686 /* Allocate Tx/Rx buffers. */ 3687 error = urtwn_alloc_rx_list(sc); 3688 if (error != 0) { 3689 aprint_error_dev(sc->sc_dev, 3690 "could not allocate Rx buffers\n"); 3691 goto fail; 3692 } 3693 error = urtwn_alloc_tx_list(sc); 3694 if (error != 0) { 3695 aprint_error_dev(sc->sc_dev, 3696 "could not allocate Tx buffers\n"); 3697 goto fail; 3698 } 3699 3700 /* Power on adapter. */ 3701 error = urtwn_power_on(sc); 3702 if (error != 0) 3703 goto fail; 3704 3705 /* Initialize DMA. */ 3706 error = urtwn_dma_init(sc); 3707 if (error != 0) 3708 goto fail; 3709 3710 /* Set info size in Rx descriptors (in 64-bit words). */ 3711 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4); 3712 3713 /* Init interrupts. */ 3714 urtwn_write_4(sc, R92C_HISR, 0xffffffff); 3715 urtwn_write_4(sc, R92C_HIMR, 0xffffffff); 3716 3717 /* Set MAC address. */ 3718 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 3719 urtwn_write_region(sc, R92C_MACID, ic->ic_myaddr, IEEE80211_ADDR_LEN); 3720 3721 /* Set initial network type. */ 3722 reg = urtwn_read_4(sc, R92C_CR); 3723 switch (ic->ic_opmode) { 3724 case IEEE80211_M_STA: 3725 default: 3726 reg = RW(reg, R92C_CR_NETTYPE, R92C_CR_NETTYPE_INFRA); 3727 break; 3728 3729 case IEEE80211_M_IBSS: 3730 reg = RW(reg, R92C_CR_NETTYPE, R92C_CR_NETTYPE_ADHOC); 3731 break; 3732 } 3733 urtwn_write_4(sc, R92C_CR, reg); 3734 3735 /* Set response rate */ 3736 reg = urtwn_read_4(sc, R92C_RRSR); 3737 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M); 3738 urtwn_write_4(sc, R92C_RRSR, reg); 3739 3740 /* SIFS (used in NAV) */ 3741 urtwn_write_2(sc, R92C_SPEC_SIFS, 3742 SM(R92C_SPEC_SIFS_CCK, 0x10) | SM(R92C_SPEC_SIFS_OFDM, 0x10)); 3743 3744 /* Set short/long retry limits. */ 3745 urtwn_write_2(sc, R92C_RL, 3746 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30)); 3747 3748 /* Initialize EDCA parameters. */ 3749 urtwn_edca_init(sc); 3750 3751 /* Setup rate fallback. */ 3752 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000); 3753 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404); 3754 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201); 3755 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605); 3756 3757 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL, 3758 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) | 3759 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW); 3760 /* Set ACK timeout. */ 3761 urtwn_write_1(sc, R92C_ACKTO, 0x40); 3762 3763 /* Setup USB aggregation. */ 3764 /* Tx */ 3765 reg = urtwn_read_4(sc, R92C_TDECTRL); 3766 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6); 3767 urtwn_write_4(sc, R92C_TDECTRL, reg); 3768 /* Rx */ 3769 urtwn_write_1(sc, R92C_TRXDMA_CTRL, 3770 urtwn_read_1(sc, R92C_TRXDMA_CTRL) | 3771 R92C_TRXDMA_CTRL_RXDMA_AGG_EN); 3772 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION, 3773 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) & 3774 ~R92C_USB_SPECIAL_OPTION_AGG_EN); 3775 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48); 3776 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4); 3777 3778 /* Initialize beacon parameters. */ 3779 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404); 3780 urtwn_write_1(sc, R92C_DRVERLYINT, R92C_DRIVER_EARLY_INT_TIME); 3781 urtwn_write_1(sc, R92C_BCNDMATIM, R92C_DMA_ATIME_INT_TIME); 3782 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f); 3783 3784 /* Setup AMPDU aggregation. */ 3785 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */ 3786 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16); 3787 urtwn_write_2(sc, 0x4ca, 0x0708); 3788 3789 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff); 3790 urtwn_write_1(sc, R92C_BCN_CTRL, R92C_BCN_CTRL_DIS_TSF_UDT0); 3791 3792 /* Load 8051 microcode. */ 3793 error = urtwn_load_firmware(sc); 3794 if (error != 0) 3795 goto fail; 3796 SET(sc->sc_flags, URTWN_FLAG_FWREADY); 3797 3798 /* Initialize MAC/BB/RF blocks. */ 3799 /* 3800 * XXX: urtwn_mac_init() sets R92C_RCR[0:15] = R92C_RCR_APM | 3801 * R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_AICV | R92C_RCR_AMF. 3802 * XXX: This setting should be removed from rtl8192cu_mac[]. 3803 */ 3804 urtwn_mac_init(sc); // sets R92C_RCR[0:15] 3805 urtwn_rxfilter_init(sc); // reset R92C_RCR 3806 urtwn_bb_init(sc); 3807 urtwn_rf_init(sc); 3808 3809 /* Turn CCK and OFDM blocks on. */ 3810 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 3811 reg |= R92C_RFMOD_CCK_EN; 3812 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 3813 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD); 3814 reg |= R92C_RFMOD_OFDM_EN; 3815 urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg); 3816 3817 /* Clear per-station keys table. */ 3818 urtwn_cam_init(sc); 3819 3820 /* Enable hardware sequence numbering. */ 3821 urtwn_write_1(sc, R92C_HWSEQ_CTRL, 0xff); 3822 3823 /* Perform LO and IQ calibrations. */ 3824 urtwn_iq_calib(sc, sc->iqk_inited); 3825 sc->iqk_inited = true; 3826 3827 /* Perform LC calibration. */ 3828 urtwn_lc_calib(sc); 3829 3830 /* Fix USB interference issue. */ 3831 urtwn_write_1(sc, 0xfe40, 0xe0); 3832 urtwn_write_1(sc, 0xfe41, 0x8d); 3833 urtwn_write_1(sc, 0xfe42, 0x80); 3834 urtwn_write_4(sc, 0x20c, 0xfd0320); 3835 3836 urtwn_pa_bias_init(sc); 3837 3838 if (!(sc->chip & (URTWN_CHIP_92C | URTWN_CHIP_92C_1T2R))) { 3839 /* 1T1R */ 3840 urtwn_bb_write(sc, R92C_FPGA0_RFPARAM(0), 3841 urtwn_bb_read(sc, R92C_FPGA0_RFPARAM(0)) | __BIT(13)); 3842 } 3843 3844 /* Initialize GPIO setting. */ 3845 urtwn_write_1(sc, R92C_GPIO_MUXCFG, 3846 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT); 3847 3848 /* Fix for lower temperature. */ 3849 urtwn_write_1(sc, 0x15, 0xe9); 3850 3851 /* Set default channel. */ 3852 urtwn_set_chan(sc, ic->ic_curchan, IEEE80211_HTINFO_2NDCHAN_NONE); 3853 3854 /* Queue Rx xfers. */ 3855 for (i = 0; i < URTWN_RX_LIST_COUNT; i++) { 3856 data = &sc->rx_data[i]; 3857 usbd_setup_xfer(data->xfer, sc->rx_pipe, data, data->buf, 3858 URTWN_RXBUFSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 3859 USBD_NO_TIMEOUT, urtwn_rxeof); 3860 error = usbd_transfer(data->xfer); 3861 if (__predict_false(error != USBD_NORMAL_COMPLETION && 3862 error != USBD_IN_PROGRESS)) 3863 goto fail; 3864 } 3865 3866 /* We're ready to go. */ 3867 ifp->if_flags &= ~IFF_OACTIVE; 3868 ifp->if_flags |= IFF_RUNNING; 3869 3870 mutex_exit(&sc->sc_write_mtx); 3871 3872 if (ic->ic_opmode == IEEE80211_M_MONITOR) 3873 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3874 else if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 3875 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3876 urtwn_wait_async(sc); 3877 3878 return (0); 3879 3880 fail: 3881 mutex_exit(&sc->sc_write_mtx); 3882 3883 urtwn_stop(ifp, 1); 3884 return (error); 3885 } 3886 3887 static void 3888 urtwn_stop(struct ifnet *ifp, int disable) 3889 { 3890 struct urtwn_softc *sc = ifp->if_softc; 3891 struct ieee80211com *ic = &sc->sc_ic; 3892 size_t i; 3893 int s; 3894 3895 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3896 3897 s = splusb(); 3898 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3899 urtwn_wait_async(sc); 3900 splx(s); 3901 3902 sc->tx_timer = 0; 3903 ifp->if_timer = 0; 3904 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3905 3906 callout_stop(&sc->sc_scan_to); 3907 callout_stop(&sc->sc_calib_to); 3908 3909 /* Abort Tx. */ 3910 for (i = 0; i < R92C_MAX_EPOUT; i++) { 3911 if (sc->tx_pipe[i] != NULL) 3912 usbd_abort_pipe(sc->tx_pipe[i]); 3913 } 3914 3915 /* Stop Rx pipe. */ 3916 usbd_abort_pipe(sc->rx_pipe); 3917 3918 /* Free Tx/Rx buffers. */ 3919 urtwn_free_tx_list(sc); 3920 urtwn_free_rx_list(sc); 3921 3922 if (disable) 3923 urtwn_chip_stop(sc); 3924 } 3925 3926 static int 3927 urtwn_reset(struct ifnet *ifp) 3928 { 3929 struct urtwn_softc *sc = ifp->if_softc; 3930 struct ieee80211com *ic = &sc->sc_ic; 3931 3932 if (ic->ic_opmode != IEEE80211_M_MONITOR) 3933 return ENETRESET; 3934 3935 urtwn_set_chan(sc, ic->ic_curchan, IEEE80211_HTINFO_2NDCHAN_NONE); 3936 3937 return 0; 3938 } 3939 3940 static void 3941 urtwn_chip_stop(struct urtwn_softc *sc) 3942 { 3943 uint32_t reg; 3944 bool disabled = true; 3945 3946 DPRINTFN(DBG_FN, ("%s: %s\n", device_xname(sc->sc_dev), __func__)); 3947 3948 mutex_enter(&sc->sc_write_mtx); 3949 3950 /* 3951 * RF Off Sequence 3952 */ 3953 /* Pause MAC TX queue */ 3954 urtwn_write_1(sc, R92C_TXPAUSE, 0xFF); 3955 3956 /* Disable RF */ 3957 urtwn_rf_write(sc, 0, 0, 0); 3958 3959 urtwn_write_1(sc, R92C_APSD_CTRL, R92C_APSD_CTRL_OFF); 3960 3961 /* Reset BB state machine */ 3962 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3963 R92C_SYS_FUNC_EN_USBD | 3964 R92C_SYS_FUNC_EN_USBA | 3965 R92C_SYS_FUNC_EN_BB_GLB_RST); 3966 urtwn_write_1(sc, R92C_SYS_FUNC_EN, 3967 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA); 3968 3969 /* 3970 * Reset digital sequence 3971 */ 3972 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) { 3973 /* Reset MCU ready status */ 3974 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3975 /* If firmware in ram code, do reset */ 3976 if (ISSET(sc->sc_flags, URTWN_FLAG_FWREADY)) { 3977 urtwn_fw_reset(sc); 3978 CLR(sc->sc_flags, URTWN_FLAG_FWREADY); 3979 } 3980 } 3981 3982 /* Reset MAC and Enable 8051 */ 3983 urtwn_write_1(sc, R92C_SYS_FUNC_EN + 1, 0x54); 3984 3985 /* Reset MCU ready status */ 3986 urtwn_write_1(sc, R92C_MCUFWDL, 0); 3987 3988 if (disabled) { 3989 /* Disable MAC clock */ 3990 urtwn_write_2(sc, R92C_SYS_CLKR, 0x70A3); 3991 /* Disable AFE PLL */ 3992 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x80); 3993 /* Gated AFE DIG_CLOCK */ 3994 urtwn_write_2(sc, R92C_AFE_XTAL_CTRL, 0x880F); 3995 /* Isolated digital to PON */ 3996 urtwn_write_1(sc, R92C_SYS_ISO_CTRL, 0xF9); 3997 } 3998 3999 /* 4000 * Pull GPIO PIN to balance level and LED control 4001 */ 4002 /* 1. Disable GPIO[7:0] */ 4003 urtwn_write_2(sc, R92C_GPIO_PIN_CTRL + 2, 0x0000); 4004 4005 reg = urtwn_read_4(sc, R92C_GPIO_PIN_CTRL) & ~0x0000ff00; 4006 reg |= ((reg << 8) & 0x0000ff00) | 0x00ff0000; 4007 urtwn_write_4(sc, R92C_GPIO_PIN_CTRL, reg); 4008 4009 /* Disable GPIO[10:8] */ 4010 urtwn_write_1(sc, R92C_GPIO_MUXCFG + 3, 0x00); 4011 4012 reg = urtwn_read_2(sc, R92C_GPIO_MUXCFG + 2) & ~0x00f0; 4013 reg |= (((reg & 0x000f) << 4) | 0x0780); 4014 urtwn_write_2(sc, R92C_GPIO_PIN_CTRL+2, reg); 4015 4016 /* Disable LED0 & 1 */ 4017 urtwn_write_2(sc, R92C_LEDCFG0, 0x8080); 4018 4019 /* 4020 * Reset digital sequence 4021 */ 4022 if (disabled) { 4023 /* Disable ELDR clock */ 4024 urtwn_write_2(sc, R92C_SYS_CLKR, 0x70A3); 4025 /* Isolated ELDR to PON */ 4026 urtwn_write_1(sc, R92C_SYS_ISO_CTRL + 1, 0x82); 4027 } 4028 4029 /* 4030 * Disable analog sequence 4031 */ 4032 if (disabled) { 4033 /* Disable A15 power */ 4034 urtwn_write_1(sc, R92C_LDOA15_CTRL, 0x04); 4035 /* Disable digital core power */ 4036 urtwn_write_1(sc, R92C_LDOV12D_CTRL, 4037 urtwn_read_1(sc, R92C_LDOV12D_CTRL) & 4038 ~R92C_LDOV12D_CTRL_LDV12_EN); 4039 } 4040 4041 /* Enter PFM mode */ 4042 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x23); 4043 4044 /* Set USB suspend */ 4045 urtwn_write_2(sc, R92C_APS_FSMCO, 4046 R92C_APS_FSMCO_APDM_HOST | 4047 R92C_APS_FSMCO_AFSM_HSUS | 4048 R92C_APS_FSMCO_PFM_ALDN); 4049 4050 urtwn_write_1(sc, R92C_RSV_CTRL, 0x0E); 4051 4052 mutex_exit(&sc->sc_write_mtx); 4053 } 4054 4055 MODULE(MODULE_CLASS_DRIVER, if_urtwn, "bpf"); 4056 4057 #ifdef _MODULE 4058 #include "ioconf.c" 4059 #endif 4060 4061 static int 4062 if_urtwn_modcmd(modcmd_t cmd, void *aux) 4063 { 4064 int error = 0; 4065 4066 switch (cmd) { 4067 case MODULE_CMD_INIT: 4068 #ifdef _MODULE 4069 error = config_init_component(cfdriver_ioconf_urtwn, 4070 cfattach_ioconf_urtwn, cfdata_ioconf_urtwn); 4071 #endif 4072 return (error); 4073 case MODULE_CMD_FINI: 4074 #ifdef _MODULE 4075 error = config_fini_component(cfdriver_ioconf_urtwn, 4076 cfattach_ioconf_urtwn, cfdata_ioconf_urtwn); 4077 #endif 4078 return (error); 4079 default: 4080 return (ENOTTY); 4081 } 4082 } 4083