1 /* $OpenBSD: if_run.c,v 1.130 2020/07/31 10:49:32 mglocker Exp $ */ 2 3 /*- 4 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 22 * http://www.ralinktech.com/ 23 */ 24 25 #include "bpfilter.h" 26 27 #include <sys/param.h> 28 #include <sys/sockio.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/timeout.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 #include <sys/endian.h> 37 38 #include <machine/intr.h> 39 40 #if NBPFILTER > 0 41 #include <net/bpf.h> 42 #endif 43 #include <net/if.h> 44 #include <net/if_dl.h> 45 #include <net/if_media.h> 46 47 #include <netinet/in.h> 48 #include <netinet/if_ether.h> 49 50 #include <net80211/ieee80211_var.h> 51 #include <net80211/ieee80211_amrr.h> 52 #include <net80211/ieee80211_radiotap.h> 53 54 #include <dev/usb/usb.h> 55 #include <dev/usb/usbdi.h> 56 #include <dev/usb/usbdi_util.h> 57 #include <dev/usb/usbdevs.h> 58 59 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */ 60 #include <dev/usb/if_runvar.h> 61 62 #ifdef RUN_DEBUG 63 #define DPRINTF(x) do { if (run_debug) printf x; } while (0) 64 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0) 65 int run_debug = 0; 66 #else 67 #define DPRINTF(x) 68 #define DPRINTFN(n, x) 69 #endif 70 71 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p } 72 static const struct usb_devno run_devs[] = { 73 USB_ID(ABOCOM, RT2770), 74 USB_ID(ABOCOM, RT2870), 75 USB_ID(ABOCOM, RT3070), 76 USB_ID(ABOCOM, RT3071), 77 USB_ID(ABOCOM, RT3072), 78 USB_ID(ABOCOM2, RT2870_1), 79 USB_ID(ACCTON, RT2770), 80 USB_ID(ACCTON, RT2870_1), 81 USB_ID(ACCTON, RT2870_2), 82 USB_ID(ACCTON, RT2870_3), 83 USB_ID(ACCTON, RT2870_4), 84 USB_ID(ACCTON, RT2870_5), 85 USB_ID(ACCTON, RT3070), 86 USB_ID(ACCTON, RT3070_1), 87 USB_ID(ACCTON, RT3070_2), 88 USB_ID(ACCTON, RT3070_3), 89 USB_ID(ACCTON, RT3070_4), 90 USB_ID(ACCTON, RT3070_5), 91 USB_ID(ACCTON, RT3070_6), 92 USB_ID(AIRTIES, RT3070), 93 USB_ID(AIRTIES, RT3070_2), 94 USB_ID(ALLWIN, RT2070), 95 USB_ID(ALLWIN, RT2770), 96 USB_ID(ALLWIN, RT2870), 97 USB_ID(ALLWIN, RT3070), 98 USB_ID(ALLWIN, RT3071), 99 USB_ID(ALLWIN, RT3072), 100 USB_ID(ALLWIN, RT3572), 101 USB_ID(AMIGO, RT2870_1), 102 USB_ID(AMIGO, RT2870_2), 103 USB_ID(AMIT, CGWLUSB2GNR), 104 USB_ID(AMIT, RT2870_1), 105 USB_ID(AMIT2, RT2870), 106 USB_ID(ASUS, RT2870_1), 107 USB_ID(ASUS, RT2870_2), 108 USB_ID(ASUS, RT2870_3), 109 USB_ID(ASUS, RT2870_4), 110 USB_ID(ASUS, RT2870_5), 111 USB_ID(ASUS, RT3070_1), 112 USB_ID(ASUS, USBN13), 113 USB_ID(ASUS, USBN53), 114 USB_ID(ASUS, USBN66), 115 USB_ID(ASUS2, USBN11), 116 USB_ID(AZUREWAVE, RT2870_1), 117 USB_ID(AZUREWAVE, RT2870_2), 118 USB_ID(AZUREWAVE, RT3070_1), 119 USB_ID(AZUREWAVE, RT3070_2), 120 USB_ID(AZUREWAVE, RT3070_3), 121 USB_ID(AZUREWAVE, RT3070_4), 122 USB_ID(AZUREWAVE, RT3070_5), 123 USB_ID(BELKIN, F9L1103), 124 USB_ID(BELKIN, F5D8053V3), 125 USB_ID(BELKIN, F5D8055), 126 USB_ID(BELKIN, F5D8055V2), 127 USB_ID(BELKIN, F6D4050V1), 128 USB_ID(BELKIN, F6D4050V2), 129 USB_ID(BELKIN, F7D1101V2), 130 USB_ID(BELKIN, RT2870_1), 131 USB_ID(BELKIN, RT2870_2), 132 USB_ID(BEWAN, RT3070), 133 USB_ID(CISCOLINKSYS, AE1000), 134 USB_ID(CISCOLINKSYS, AM10), 135 USB_ID(CISCOLINKSYS2, RT3070), 136 USB_ID(CISCOLINKSYS3, RT3070), 137 USB_ID(CONCEPTRONIC2, RT2870_1), 138 USB_ID(CONCEPTRONIC2, RT2870_2), 139 USB_ID(CONCEPTRONIC2, RT2870_3), 140 USB_ID(CONCEPTRONIC2, RT2870_5), 141 USB_ID(CONCEPTRONIC2, RT2870_6), 142 USB_ID(CONCEPTRONIC2, RT2870_7), 143 USB_ID(CONCEPTRONIC2, RT2870_8), 144 USB_ID(CONCEPTRONIC2, RT3070_1), 145 USB_ID(CONCEPTRONIC2, RT3070_2), 146 USB_ID(CONCEPTRONIC2, RT3070_3), 147 USB_ID(CONCEPTRONIC2, VIGORN61), 148 USB_ID(COREGA, CGWLUSB300GNM), 149 USB_ID(COREGA, RT2870_1), 150 USB_ID(COREGA, RT2870_2), 151 USB_ID(COREGA, RT2870_3), 152 USB_ID(COREGA, RT3070), 153 USB_ID(CYBERTAN, RT2870), 154 USB_ID(DLINK, DWA125B2), 155 USB_ID(DLINK, DWA127), 156 USB_ID(DLINK, DWA130F1), 157 USB_ID(DLINK, DWA137A1), 158 USB_ID(DLINK, DWA140B3), 159 USB_ID(DLINK, DWA140D1), 160 USB_ID(DLINK, DWA160B2), 161 USB_ID(DLINK, DWA162), 162 USB_ID(DLINK, RT2870), 163 USB_ID(DLINK, RT3072), 164 USB_ID(DLINK2, DWA130), 165 USB_ID(DLINK2, RT2870_1), 166 USB_ID(DLINK2, RT2870_2), 167 USB_ID(DLINK2, RT3070_1), 168 USB_ID(DLINK2, RT3070_2), 169 USB_ID(DLINK2, RT3070_3), 170 USB_ID(DLINK2, RT3070_4), 171 USB_ID(DLINK2, RT3070_5), 172 USB_ID(DLINK2, RT3072), 173 USB_ID(DLINK2, RT3072_1), 174 USB_ID(DVICO, RT3070), 175 USB_ID(EDIMAX, EW7717), 176 USB_ID(EDIMAX, EW7718), 177 USB_ID(EDIMAX, EW7722UTN), 178 USB_ID(EDIMAX, RT2870_1), 179 USB_ID(ENCORE, RT3070_1), 180 USB_ID(ENCORE, RT3070_2), 181 USB_ID(ENCORE, RT3070_3), 182 USB_ID(GIGABYTE, GNWB31N), 183 USB_ID(GIGABYTE, GNWB32L), 184 USB_ID(GIGABYTE, RT2870_1), 185 USB_ID(GIGASET, RT3070_1), 186 USB_ID(GIGASET, RT3070_2), 187 USB_ID(GUILLEMOT, HWNU300), 188 USB_ID(HAWKING, HWDN2), 189 USB_ID(HAWKING, HWUN2), 190 USB_ID(HAWKING, RT2870_1), 191 USB_ID(HAWKING, RT2870_2), 192 USB_ID(HAWKING, RT2870_3), 193 USB_ID(HAWKING, RT2870_4), 194 USB_ID(HAWKING, RT2870_5), 195 USB_ID(IODATA, RT3072_1), 196 USB_ID(IODATA, RT3072_2), 197 USB_ID(IODATA, RT3072_3), 198 USB_ID(IODATA, RT3072_4), 199 USB_ID(LINKSYS4, RT3070), 200 USB_ID(LINKSYS4, WUSB100), 201 USB_ID(LINKSYS4, WUSB54GCV3), 202 USB_ID(LINKSYS4, WUSB600N), 203 USB_ID(LINKSYS4, WUSB600NV2), 204 USB_ID(LOGITEC, LANW150NU2), 205 USB_ID(LOGITEC, LANW300NU2), 206 USB_ID(LOGITEC, LANW300NU2S), 207 USB_ID(LOGITEC, RT2870_1), 208 USB_ID(LOGITEC, RT2870_2), 209 USB_ID(LOGITEC, RT2870_3), 210 USB_ID(MELCO, RT2870_1), 211 USB_ID(MELCO, RT2870_2), 212 USB_ID(MELCO, WLIUCAG300N), 213 USB_ID(MELCO, WLIUCG300N), 214 USB_ID(MELCO, WLIUCG301N), 215 USB_ID(MELCO, WLIUCGN), 216 USB_ID(MELCO, WLIUCGNHP), 217 USB_ID(MELCO, WLIUCGNM), 218 USB_ID(MELCO, WLIUCGNM2), 219 USB_ID(MOTOROLA4, RT2770), 220 USB_ID(MOTOROLA4, RT3070), 221 USB_ID(MSI, RT3070_1), 222 USB_ID(MSI, RT3070_2), 223 USB_ID(MSI, RT3070_3), 224 USB_ID(MSI, RT3070_4), 225 USB_ID(MSI, RT3070_5), 226 USB_ID(MSI, RT3070_6), 227 USB_ID(MSI, RT3070_7), 228 USB_ID(MSI, RT3070_8), 229 USB_ID(MSI, RT3070_9), 230 USB_ID(MSI, RT3070_10), 231 USB_ID(MSI, RT3070_11), 232 USB_ID(MSI, RT3070_12), 233 USB_ID(MSI, RT3070_13), 234 USB_ID(MSI, RT3070_14), 235 USB_ID(MSI, RT3070_15), 236 USB_ID(OVISLINK, RT3071), 237 USB_ID(OVISLINK, RT3072), 238 USB_ID(PARA, RT3070), 239 USB_ID(PEGATRON, RT2870), 240 USB_ID(PEGATRON, RT3070), 241 USB_ID(PEGATRON, RT3070_2), 242 USB_ID(PEGATRON, RT3070_3), 243 USB_ID(PEGATRON, RT3072), 244 USB_ID(PHILIPS, RT2870), 245 USB_ID(PLANEX2, GWUS300MINIS), 246 USB_ID(PLANEX2, GWUSMICRO300), 247 USB_ID(PLANEX2, GWUSMICRON), 248 USB_ID(PLANEX2, RT2870), 249 USB_ID(PLANEX2, RT3070), 250 USB_ID(QCOM, RT2870), 251 USB_ID(QUANTA, RT3070), 252 USB_ID(RALINK, RT2070), 253 USB_ID(RALINK, RT2770), 254 USB_ID(RALINK, RT2870), 255 USB_ID(RALINK, RT3070), 256 USB_ID(RALINK, RT3071), 257 USB_ID(RALINK, RT3072), 258 USB_ID(RALINK, RT3370), 259 USB_ID(RALINK, RT3572), 260 USB_ID(RALINK, RT3573), 261 USB_ID(RALINK, RT5370), 262 USB_ID(RALINK, RT5572), 263 USB_ID(RALINK, RT8070), 264 USB_ID(SAMSUNG, WIS09ABGN), 265 USB_ID(SAMSUNG2, RT2870_1), 266 USB_ID(SENAO, RT2870_1), 267 USB_ID(SENAO, RT2870_2), 268 USB_ID(SENAO, RT2870_3), 269 USB_ID(SENAO, RT2870_4), 270 USB_ID(SENAO, RT3070), 271 USB_ID(SENAO, RT3071), 272 USB_ID(SENAO, RT3072_1), 273 USB_ID(SENAO, RT3072_2), 274 USB_ID(SENAO, RT3072_3), 275 USB_ID(SENAO, RT3072_4), 276 USB_ID(SENAO, RT3072_5), 277 USB_ID(SITECOMEU, WL302), 278 USB_ID(SITECOMEU, WL315), 279 USB_ID(SITECOMEU, WL321), 280 USB_ID(SITECOMEU, RT3070_3), 281 USB_ID(SITECOMEU, WL302), 282 USB_ID(SITECOMEU, WL344), 283 USB_ID(SITECOMEU, WL329), 284 USB_ID(SITECOMEU, WL345), 285 USB_ID(SITECOMEU, RT2870_1), 286 USB_ID(SITECOMEU, RT2870_2), 287 USB_ID(SITECOMEU, RT2870_3), 288 USB_ID(SITECOMEU, RT3070_1), 289 USB_ID(SITECOMEU, RT3072_3), 290 USB_ID(SITECOMEU, RT3072_4), 291 USB_ID(SITECOMEU, RT3072_5), 292 USB_ID(SITECOMEU, RT3072_6), 293 USB_ID(SITECOMEU, WL302), 294 USB_ID(SITECOMEU, WL315), 295 USB_ID(SITECOMEU, WL321), 296 USB_ID(SITECOMEU, WL324), 297 USB_ID(SITECOMEU, WL329), 298 USB_ID(SITECOMEU, WL343), 299 USB_ID(SITECOMEU, WL344), 300 USB_ID(SITECOMEU, WL345), 301 USB_ID(SITECOMEU, WL349V4), 302 USB_ID(SITECOMEU, WL608), 303 USB_ID(SITECOMEU, WLA4000), 304 USB_ID(SITECOMEU, WLA5000), 305 USB_ID(SPARKLAN, RT2870_1), 306 USB_ID(SPARKLAN, RT2870_2), 307 USB_ID(SPARKLAN, RT3070), 308 USB_ID(SWEEX2, LW153), 309 USB_ID(SWEEX2, LW303), 310 USB_ID(SWEEX2, LW313), 311 USB_ID(TOSHIBA, RT3070), 312 USB_ID(UMEDIA, RT2870_1), 313 USB_ID(UMEDIA, TEW645UB), 314 USB_ID(ZCOM, RT2870_1), 315 USB_ID(ZCOM, RT2870_2), 316 USB_ID(ZINWELL, RT2870_1), 317 USB_ID(ZINWELL, RT2870_2), 318 USB_ID(ZINWELL, RT3070), 319 USB_ID(ZINWELL, RT3072_1), 320 USB_ID(ZINWELL, RT3072_2), 321 USB_ID(ZYXEL, NWD2105), 322 USB_ID(ZYXEL, NWD211AN), 323 USB_ID(ZYXEL, RT2870_1), 324 USB_ID(ZYXEL, RT2870_2), 325 USB_ID(ZYXEL, RT3070) 326 }; 327 328 int run_match(struct device *, void *, void *); 329 void run_attach(struct device *, struct device *, void *); 330 int run_detach(struct device *, int); 331 int run_alloc_rx_ring(struct run_softc *); 332 void run_free_rx_ring(struct run_softc *); 333 int run_alloc_tx_ring(struct run_softc *, int); 334 void run_free_tx_ring(struct run_softc *, int); 335 int run_load_microcode(struct run_softc *); 336 int run_reset(struct run_softc *); 337 int run_read(struct run_softc *, uint16_t, uint32_t *); 338 int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, 339 int); 340 int run_write_2(struct run_softc *, uint16_t, uint16_t); 341 int run_write(struct run_softc *, uint16_t, uint32_t); 342 int run_write_region_1(struct run_softc *, uint16_t, 343 const uint8_t *, int); 344 int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 345 int run_efuse_read(struct run_softc *, uint16_t, uint16_t *); 346 int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 347 int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 348 int run_rt2870_rf_write(struct run_softc *, uint8_t, uint32_t); 349 int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 350 int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 351 int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 352 int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 353 int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 354 const char * run_get_rf(int); 355 void run_get_txpower(struct run_softc *); 356 void run_rt3593_get_txpower(struct run_softc *); 357 int run_read_eeprom(struct run_softc *); 358 struct ieee80211_node *run_node_alloc(struct ieee80211com *); 359 int run_media_change(struct ifnet *); 360 void run_next_scan(void *); 361 void run_task(void *); 362 void run_do_async(struct run_softc *, void (*)(struct run_softc *, 363 void *), void *, int); 364 int run_newstate(struct ieee80211com *, enum ieee80211_state, int); 365 void run_newstate_cb(struct run_softc *, void *); 366 void run_updateedca(struct ieee80211com *); 367 void run_updateedca_cb(struct run_softc *, void *); 368 int run_set_key(struct ieee80211com *, struct ieee80211_node *, 369 struct ieee80211_key *); 370 void run_set_key_cb(struct run_softc *, void *); 371 void run_delete_key(struct ieee80211com *, struct ieee80211_node *, 372 struct ieee80211_key *); 373 void run_delete_key_cb(struct run_softc *, void *); 374 void run_calibrate_to(void *); 375 void run_calibrate_cb(struct run_softc *, void *); 376 void run_newassoc(struct ieee80211com *, struct ieee80211_node *, 377 int); 378 void run_rx_frame(struct run_softc *, uint8_t *, int, 379 struct mbuf_list *); 380 void run_rxeof(struct usbd_xfer *, void *, usbd_status); 381 void run_txeof(struct usbd_xfer *, void *, usbd_status); 382 int run_tx(struct run_softc *, struct mbuf *, 383 struct ieee80211_node *); 384 void run_start(struct ifnet *); 385 void run_watchdog(struct ifnet *); 386 int run_ioctl(struct ifnet *, u_long, caddr_t); 387 void run_iq_calib(struct run_softc *, u_int); 388 void run_select_chan_group(struct run_softc *, int); 389 void run_set_agc(struct run_softc *, uint8_t); 390 void run_set_rx_antenna(struct run_softc *, int); 391 void run_rt2870_set_chan(struct run_softc *, u_int); 392 void run_rt3070_set_chan(struct run_softc *, u_int); 393 void run_rt3572_set_chan(struct run_softc *, u_int); 394 void run_rt3593_set_chan(struct run_softc *, u_int); 395 void run_rt5390_set_chan(struct run_softc *, u_int); 396 void run_rt5592_set_chan(struct run_softc *, u_int); 397 int run_set_chan(struct run_softc *, struct ieee80211_channel *); 398 void run_enable_tsf_sync(struct run_softc *); 399 void run_enable_mrr(struct run_softc *); 400 void run_set_txpreamble(struct run_softc *); 401 void run_set_basicrates(struct run_softc *); 402 void run_set_leds(struct run_softc *, uint16_t); 403 void run_set_bssid(struct run_softc *, const uint8_t *); 404 void run_set_macaddr(struct run_softc *, const uint8_t *); 405 void run_updateslot(struct ieee80211com *); 406 void run_updateslot_cb(struct run_softc *, void *); 407 #if NBPFILTER > 0 408 int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 409 #endif 410 void run_rt5390_bbp_init(struct run_softc *); 411 int run_bbp_init(struct run_softc *); 412 int run_rt3070_rf_init(struct run_softc *); 413 void run_rt3593_rf_init(struct run_softc *); 414 void run_rt5390_rf_init(struct run_softc *); 415 int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 416 uint8_t *); 417 void run_rt3070_rf_setup(struct run_softc *); 418 void run_rt3593_rf_setup(struct run_softc *); 419 void run_rt5390_rf_setup(struct run_softc *); 420 int run_txrx_enable(struct run_softc *); 421 void run_adjust_freq_offset(struct run_softc *); 422 int run_init(struct ifnet *); 423 void run_stop(struct ifnet *, int); 424 425 struct cfdriver run_cd = { 426 NULL, "run", DV_IFNET 427 }; 428 429 const struct cfattach run_ca = { 430 sizeof (struct run_softc), run_match, run_attach, run_detach 431 }; 432 433 static const struct { 434 uint32_t reg; 435 uint32_t val; 436 } rt2870_def_mac[] = { 437 RT2870_DEF_MAC 438 }; 439 440 static const struct { 441 uint8_t reg; 442 uint8_t val; 443 } rt2860_def_bbp[] = { 444 RT2860_DEF_BBP 445 },rt5390_def_bbp[] = { 446 RT5390_DEF_BBP 447 },rt5592_def_bbp[] = { 448 RT5592_DEF_BBP 449 }; 450 451 /* 452 * Default values for BBP register R196 for RT5592. 453 */ 454 static const uint8_t rt5592_bbp_r196[] = { 455 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 456 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 457 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 458 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 459 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 460 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 461 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 462 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 463 0x2e, 0x36, 0x30, 0x6e 464 }; 465 466 static const struct rfprog { 467 uint8_t chan; 468 uint32_t r1, r2, r3, r4; 469 } rt2860_rf2850[] = { 470 RT2860_RF2850 471 }; 472 473 struct { 474 uint8_t n, r, k; 475 } rt3070_freqs[] = { 476 RT3070_RF3052 477 }; 478 479 static const struct rt5592_freqs { 480 uint16_t n; 481 uint8_t k, m, r; 482 } rt5592_freqs_20mhz[] = { 483 RT5592_RF5592_20MHZ 484 },rt5592_freqs_40mhz[] = { 485 RT5592_RF5592_40MHZ 486 }; 487 488 static const struct { 489 uint8_t reg; 490 uint8_t val; 491 } rt3070_def_rf[] = { 492 RT3070_DEF_RF 493 },rt3572_def_rf[] = { 494 RT3572_DEF_RF 495 },rt3593_def_rf[] = { 496 RT3593_DEF_RF 497 },rt5390_def_rf[] = { 498 RT5390_DEF_RF 499 },rt5392_def_rf[] = { 500 RT5392_DEF_RF 501 },rt5592_def_rf[] = { 502 RT5592_DEF_RF 503 },rt5592_2ghz_def_rf[] = { 504 RT5592_2GHZ_DEF_RF 505 },rt5592_5ghz_def_rf[] = { 506 RT5592_5GHZ_DEF_RF 507 }; 508 509 static const struct { 510 u_int firstchan; 511 u_int lastchan; 512 uint8_t reg; 513 uint8_t val; 514 } rt5592_chan_5ghz[] = { 515 RT5592_CHAN_5GHZ 516 }; 517 518 int 519 run_match(struct device *parent, void *match, void *aux) 520 { 521 struct usb_attach_arg *uaa = aux; 522 523 if (uaa->iface == NULL || uaa->configno != 1) 524 return UMATCH_NONE; 525 526 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ? 527 UMATCH_VENDOR_PRODUCT_CONF_IFACE : UMATCH_NONE; 528 } 529 530 void 531 run_attach(struct device *parent, struct device *self, void *aux) 532 { 533 struct run_softc *sc = (struct run_softc *)self; 534 struct usb_attach_arg *uaa = aux; 535 struct ieee80211com *ic = &sc->sc_ic; 536 struct ifnet *ifp = &ic->ic_if; 537 usb_interface_descriptor_t *id; 538 usb_endpoint_descriptor_t *ed; 539 int i, nrx, ntx, ntries; 540 uint32_t ver; 541 542 sc->sc_udev = uaa->device; 543 sc->sc_iface = uaa->iface; 544 545 /* 546 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX 547 * and 6 for TX (4 EDCAs + HCCA + Prio). 548 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 549 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 550 */ 551 nrx = ntx = 0; 552 id = usbd_get_interface_descriptor(sc->sc_iface); 553 for (i = 0; i < id->bNumEndpoints; i++) { 554 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 555 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK) 556 continue; 557 558 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) { 559 sc->rxq.pipe_no = ed->bEndpointAddress; 560 nrx++; 561 } else if (ntx < 4) { 562 sc->txq[ntx].pipe_no = ed->bEndpointAddress; 563 ntx++; 564 } 565 } 566 /* make sure we've got them all */ 567 if (nrx < 1 || ntx < 4) { 568 printf("%s: missing endpoint\n", sc->sc_dev.dv_xname); 569 return; 570 } 571 572 usb_init_task(&sc->sc_task, run_task, sc, USB_TASK_TYPE_GENERIC); 573 timeout_set(&sc->scan_to, run_next_scan, sc); 574 timeout_set(&sc->calib_to, run_calibrate_to, sc); 575 576 sc->amrr.amrr_min_success_threshold = 1; 577 sc->amrr.amrr_max_success_threshold = 10; 578 579 /* wait for the chip to settle */ 580 for (ntries = 0; ntries < 100; ntries++) { 581 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) 582 return; 583 if (ver != 0 && ver != 0xffffffff) 584 break; 585 DELAY(10); 586 } 587 if (ntries == 100) { 588 printf("%s: timeout waiting for NIC to initialize\n", 589 sc->sc_dev.dv_xname); 590 return; 591 } 592 sc->mac_ver = ver >> 16; 593 sc->mac_rev = ver & 0xffff; 594 595 /* retrieve RF rev. no and various other things from EEPROM */ 596 run_read_eeprom(sc); 597 598 printf("%s: MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), " 599 "address %s\n", sc->sc_dev.dv_xname, sc->mac_ver, 600 sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains, 601 sc->nrxchains, ether_sprintf(ic->ic_myaddr)); 602 603 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 604 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 605 ic->ic_state = IEEE80211_S_INIT; 606 607 /* set device capabilities */ 608 ic->ic_caps = 609 IEEE80211_C_MONITOR | /* monitor mode supported */ 610 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 611 IEEE80211_C_SHSLOT | /* short slot time supported */ 612 IEEE80211_C_WEP | /* WEP */ 613 IEEE80211_C_RSN; /* WPA/RSN */ 614 615 if (sc->rf_rev == RT2860_RF_2750 || 616 sc->rf_rev == RT2860_RF_2850 || 617 sc->rf_rev == RT3070_RF_3052 || 618 sc->rf_rev == RT3070_RF_3053 || 619 sc->rf_rev == RT5592_RF_5592) { 620 /* set supported .11a rates */ 621 ic->ic_sup_rates[IEEE80211_MODE_11A] = 622 ieee80211_std_rateset_11a; 623 624 /* set supported .11a channels */ 625 for (i = 14; i < nitems(rt2860_rf2850); i++) { 626 uint8_t chan = rt2860_rf2850[i].chan; 627 ic->ic_channels[chan].ic_freq = 628 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 629 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 630 } 631 } 632 633 /* set supported .11b and .11g rates */ 634 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 635 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 636 637 /* set supported .11b and .11g channels (1 through 14) */ 638 for (i = 1; i <= 14; i++) { 639 ic->ic_channels[i].ic_freq = 640 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 641 ic->ic_channels[i].ic_flags = 642 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 643 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 644 } 645 646 ifp->if_softc = sc; 647 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 648 ifp->if_ioctl = run_ioctl; 649 ifp->if_start = run_start; 650 ifp->if_watchdog = run_watchdog; 651 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 652 653 if_attach(ifp); 654 ieee80211_ifattach(ifp); 655 ic->ic_node_alloc = run_node_alloc; 656 ic->ic_newassoc = run_newassoc; 657 ic->ic_updateslot = run_updateslot; 658 ic->ic_updateedca = run_updateedca; 659 ic->ic_set_key = run_set_key; 660 ic->ic_delete_key = run_delete_key; 661 /* override state transition machine */ 662 sc->sc_newstate = ic->ic_newstate; 663 ic->ic_newstate = run_newstate; 664 ieee80211_media_init(ifp, run_media_change, ieee80211_media_status); 665 666 #if NBPFILTER > 0 667 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 668 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 669 670 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 671 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 672 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT); 673 674 sc->sc_txtap_len = sizeof sc->sc_txtapu; 675 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 676 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT); 677 #endif 678 } 679 680 int 681 run_detach(struct device *self, int flags) 682 { 683 struct run_softc *sc = (struct run_softc *)self; 684 struct ifnet *ifp = &sc->sc_ic.ic_if; 685 int qid, s; 686 687 s = splusb(); 688 689 if (timeout_initialized(&sc->scan_to)) 690 timeout_del(&sc->scan_to); 691 if (timeout_initialized(&sc->calib_to)) 692 timeout_del(&sc->calib_to); 693 694 /* wait for all queued asynchronous commands to complete */ 695 usb_rem_wait_task(sc->sc_udev, &sc->sc_task); 696 697 usbd_ref_wait(sc->sc_udev); 698 699 if (ifp->if_softc != NULL) { 700 ifp->if_flags &= ~IFF_RUNNING; 701 ifq_clr_oactive(&ifp->if_snd); 702 ieee80211_ifdetach(ifp); 703 if_detach(ifp); 704 } 705 706 for (qid = 0; qid < 4; qid++) 707 run_free_tx_ring(sc, qid); 708 run_free_rx_ring(sc); 709 710 splx(s); 711 712 return 0; 713 } 714 715 int 716 run_alloc_rx_ring(struct run_softc *sc) 717 { 718 struct run_rx_ring *rxq = &sc->rxq; 719 int i, error; 720 721 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh); 722 if (error != 0) 723 goto fail; 724 725 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 726 struct run_rx_data *data = &rxq->data[i]; 727 728 data->sc = sc; /* backpointer for callbacks */ 729 730 data->xfer = usbd_alloc_xfer(sc->sc_udev); 731 if (data->xfer == NULL) { 732 error = ENOMEM; 733 goto fail; 734 } 735 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ); 736 if (data->buf == NULL) { 737 error = ENOMEM; 738 goto fail; 739 } 740 } 741 if (error != 0) 742 fail: run_free_rx_ring(sc); 743 return error; 744 } 745 746 void 747 run_free_rx_ring(struct run_softc *sc) 748 { 749 struct run_rx_ring *rxq = &sc->rxq; 750 int i; 751 752 if (rxq->pipeh != NULL) { 753 usbd_close_pipe(rxq->pipeh); 754 rxq->pipeh = NULL; 755 } 756 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 757 if (rxq->data[i].xfer != NULL) 758 usbd_free_xfer(rxq->data[i].xfer); 759 rxq->data[i].xfer = NULL; 760 } 761 } 762 763 int 764 run_alloc_tx_ring(struct run_softc *sc, int qid) 765 { 766 struct run_tx_ring *txq = &sc->txq[qid]; 767 int i, error; 768 uint16_t txwisize; 769 770 txwisize = sizeof(struct rt2860_txwi); 771 if (sc->mac_ver == 0x5592) 772 txwisize += sizeof(uint32_t); 773 774 txq->cur = txq->queued = 0; 775 776 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh); 777 if (error != 0) 778 goto fail; 779 780 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 781 struct run_tx_data *data = &txq->data[i]; 782 783 data->sc = sc; /* backpointer for callbacks */ 784 data->qid = qid; 785 786 data->xfer = usbd_alloc_xfer(sc->sc_udev); 787 if (data->xfer == NULL) { 788 error = ENOMEM; 789 goto fail; 790 } 791 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ); 792 if (data->buf == NULL) { 793 error = ENOMEM; 794 goto fail; 795 } 796 /* zeroize the TXD + TXWI part */ 797 memset(data->buf, 0, sizeof(struct rt2870_txd) + txwisize); 798 } 799 if (error != 0) 800 fail: run_free_tx_ring(sc, qid); 801 return error; 802 } 803 804 void 805 run_free_tx_ring(struct run_softc *sc, int qid) 806 { 807 struct run_tx_ring *txq = &sc->txq[qid]; 808 int i; 809 810 if (txq->pipeh != NULL) { 811 usbd_close_pipe(txq->pipeh); 812 txq->pipeh = NULL; 813 } 814 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 815 if (txq->data[i].xfer != NULL) 816 usbd_free_xfer(txq->data[i].xfer); 817 txq->data[i].xfer = NULL; 818 } 819 } 820 821 int 822 run_load_microcode(struct run_softc *sc) 823 { 824 usb_device_request_t req; 825 const char *fwname; 826 u_char *ucode; 827 size_t size; 828 uint32_t tmp; 829 int ntries, error; 830 831 /* RT3071/RT3072 use a different firmware */ 832 if (sc->mac_ver != 0x2860 && 833 sc->mac_ver != 0x2872 && 834 sc->mac_ver != 0x3070) 835 fwname = "run-rt3071"; 836 else 837 fwname = "run-rt2870"; 838 839 if ((error = loadfirmware(fwname, &ucode, &size)) != 0) { 840 printf("%s: failed loadfirmware of file %s (error %d)\n", 841 sc->sc_dev.dv_xname, fwname, error); 842 return error; 843 } 844 if (size != 4096) { 845 printf("%s: invalid firmware size (should be 4KB)\n", 846 sc->sc_dev.dv_xname); 847 free(ucode, M_DEVBUF, size); 848 return EINVAL; 849 } 850 851 /* write microcode image */ 852 run_write_region_1(sc, RT2870_FW_BASE, ucode, size); 853 free(ucode, M_DEVBUF, size); 854 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 855 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 856 857 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 858 req.bRequest = RT2870_RESET; 859 USETW(req.wValue, 8); 860 USETW(req.wIndex, 0); 861 USETW(req.wLength, 0); 862 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0) 863 return error; 864 865 usbd_delay_ms(sc->sc_udev, 10); 866 run_write(sc, RT2860_H2M_BBPAGENT, 0); 867 run_write(sc, RT2860_H2M_MAILBOX, 0); 868 run_write(sc, RT2860_H2M_INTSRC, 0); 869 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 870 return error; 871 872 /* wait until microcontroller is ready */ 873 for (ntries = 0; ntries < 1000; ntries++) { 874 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 875 return error; 876 if (tmp & RT2860_MCU_READY) 877 break; 878 DELAY(1000); 879 } 880 if (ntries == 1000) { 881 printf("%s: timeout waiting for MCU to initialize\n", 882 sc->sc_dev.dv_xname); 883 return ETIMEDOUT; 884 } 885 DPRINTF(("microcode successfully loaded after %d tries\n", ntries)); 886 return 0; 887 } 888 889 int 890 run_reset(struct run_softc *sc) 891 { 892 usb_device_request_t req; 893 894 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 895 req.bRequest = RT2870_RESET; 896 USETW(req.wValue, 1); 897 USETW(req.wIndex, 0); 898 USETW(req.wLength, 0); 899 return usbd_do_request(sc->sc_udev, &req, NULL); 900 } 901 902 int 903 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 904 { 905 uint32_t tmp; 906 int error; 907 908 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 909 if (error == 0) 910 *val = letoh32(tmp); 911 else 912 *val = 0xffffffff; 913 return error; 914 } 915 916 int 917 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 918 { 919 usb_device_request_t req; 920 921 req.bmRequestType = UT_READ_VENDOR_DEVICE; 922 req.bRequest = RT2870_READ_REGION_1; 923 USETW(req.wValue, 0); 924 USETW(req.wIndex, reg); 925 USETW(req.wLength, len); 926 return usbd_do_request(sc->sc_udev, &req, buf); 927 } 928 929 int 930 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 931 { 932 usb_device_request_t req; 933 934 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 935 req.bRequest = RT2870_WRITE_2; 936 USETW(req.wValue, val); 937 USETW(req.wIndex, reg); 938 USETW(req.wLength, 0); 939 return usbd_do_request(sc->sc_udev, &req, NULL); 940 } 941 942 int 943 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 944 { 945 int error; 946 947 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 948 error = run_write_2(sc, reg + 2, val >> 16); 949 return error; 950 } 951 952 int 953 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 954 int len) 955 { 956 #if 1 957 int i, error = 0; 958 /* 959 * NB: the WRITE_REGION_1 command is not stable on RT2860. 960 * We thus issue multiple WRITE_2 commands instead. 961 */ 962 KASSERT((len & 1) == 0); 963 for (i = 0; i < len && error == 0; i += 2) 964 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 965 return error; 966 #else 967 usb_device_request_t req; 968 969 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 970 req.bRequest = RT2870_WRITE_REGION_1; 971 USETW(req.wValue, 0); 972 USETW(req.wIndex, reg); 973 USETW(req.wLength, len); 974 return usbd_do_request(sc->sc_udev, &req, buf); 975 #endif 976 } 977 978 int 979 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count) 980 { 981 int error = 0; 982 983 for (; count > 0 && error == 0; count--, reg += 4) 984 error = run_write(sc, reg, val); 985 return error; 986 } 987 988 /* Read 16-bit from eFUSE ROM. */ 989 int 990 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 991 { 992 uint32_t tmp; 993 uint16_t reg; 994 int error, ntries; 995 996 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 997 return error; 998 999 /*- 1000 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1001 * DATA0: F E D C 1002 * DATA1: B A 9 8 1003 * DATA2: 7 6 5 4 1004 * DATA3: 3 2 1 0 1005 */ 1006 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1007 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1008 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1009 for (ntries = 0; ntries < 100; ntries++) { 1010 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1011 return error; 1012 if (!(tmp & RT3070_EFSROM_KICK)) 1013 break; 1014 DELAY(2); 1015 } 1016 if (ntries == 100) 1017 return ETIMEDOUT; 1018 1019 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1020 *val = 0xffff; /* address not found */ 1021 return 0; 1022 } 1023 /* determine to which 32-bit register our 16-bit word belongs */ 1024 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1025 if ((error = run_read(sc, reg, &tmp)) != 0) 1026 return error; 1027 1028 tmp >>= (8 * (addr & 0x3)); 1029 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1030 return 0; 1031 } 1032 1033 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1034 int 1035 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1036 { 1037 uint32_t tmp; 1038 uint16_t reg; 1039 int error, ntries; 1040 1041 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1042 return error; 1043 1044 addr *= 2; 1045 /*- 1046 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1047 * DATA0: F E D C 1048 * DATA1: B A 9 8 1049 * DATA2: 7 6 5 4 1050 * DATA3: 3 2 1 0 1051 */ 1052 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1053 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1054 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1055 for (ntries = 0; ntries < 100; ntries++) { 1056 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1057 return error; 1058 if (!(tmp & RT3070_EFSROM_KICK)) 1059 break; 1060 DELAY(2); 1061 } 1062 if (ntries == 100) 1063 return ETIMEDOUT; 1064 1065 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1066 *val = 0xffff; /* address not found */ 1067 return 0; 1068 } 1069 /* determine to which 32-bit register our 16-bit word belongs */ 1070 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1071 if ((error = run_read(sc, reg, &tmp)) != 0) 1072 return error; 1073 1074 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1075 return 0; 1076 } 1077 1078 int 1079 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1080 { 1081 usb_device_request_t req; 1082 uint16_t tmp; 1083 int error; 1084 1085 addr *= 2; 1086 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1087 req.bRequest = RT2870_EEPROM_READ; 1088 USETW(req.wValue, 0); 1089 USETW(req.wIndex, addr); 1090 USETW(req.wLength, sizeof tmp); 1091 error = usbd_do_request(sc->sc_udev, &req, &tmp); 1092 if (error == 0) 1093 *val = letoh16(tmp); 1094 else 1095 *val = 0xffff; 1096 return error; 1097 } 1098 1099 static __inline int 1100 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1101 { 1102 /* either eFUSE ROM or EEPROM */ 1103 return sc->sc_srom_read(sc, addr, val); 1104 } 1105 1106 int 1107 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 1108 { 1109 uint32_t tmp; 1110 int error, ntries; 1111 1112 for (ntries = 0; ntries < 10; ntries++) { 1113 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1114 return error; 1115 if (!(tmp & RT2860_RF_REG_CTRL)) 1116 break; 1117 } 1118 if (ntries == 10) 1119 return ETIMEDOUT; 1120 1121 /* RF registers are 24-bit on the RT2860 */ 1122 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1123 (val & 0x3fffff) << 2 | (reg & 3); 1124 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1125 } 1126 1127 int 1128 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1129 { 1130 uint32_t tmp; 1131 int error, ntries; 1132 1133 for (ntries = 0; ntries < 100; ntries++) { 1134 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1135 return error; 1136 if (!(tmp & RT3070_RF_KICK)) 1137 break; 1138 } 1139 if (ntries == 100) 1140 return ETIMEDOUT; 1141 1142 tmp = RT3070_RF_KICK | reg << 8; 1143 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1144 return error; 1145 1146 for (ntries = 0; ntries < 100; ntries++) { 1147 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1148 return error; 1149 if (!(tmp & RT3070_RF_KICK)) 1150 break; 1151 } 1152 if (ntries == 100) 1153 return ETIMEDOUT; 1154 1155 *val = tmp & 0xff; 1156 return 0; 1157 } 1158 1159 int 1160 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1161 { 1162 uint32_t tmp; 1163 int error, ntries; 1164 1165 for (ntries = 0; ntries < 10; ntries++) { 1166 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1167 return error; 1168 if (!(tmp & RT3070_RF_KICK)) 1169 break; 1170 } 1171 if (ntries == 10) 1172 return ETIMEDOUT; 1173 1174 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1175 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1176 } 1177 1178 int 1179 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1180 { 1181 uint32_t tmp; 1182 int ntries, error; 1183 1184 for (ntries = 0; ntries < 10; ntries++) { 1185 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1186 return error; 1187 if (!(tmp & RT2860_BBP_CSR_KICK)) 1188 break; 1189 } 1190 if (ntries == 10) 1191 return ETIMEDOUT; 1192 1193 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1194 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1195 return error; 1196 1197 for (ntries = 0; ntries < 10; ntries++) { 1198 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1199 return error; 1200 if (!(tmp & RT2860_BBP_CSR_KICK)) 1201 break; 1202 } 1203 if (ntries == 10) 1204 return ETIMEDOUT; 1205 1206 *val = tmp & 0xff; 1207 return 0; 1208 } 1209 1210 int 1211 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1212 { 1213 uint32_t tmp; 1214 int ntries, error; 1215 1216 for (ntries = 0; ntries < 10; ntries++) { 1217 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1218 return error; 1219 if (!(tmp & RT2860_BBP_CSR_KICK)) 1220 break; 1221 } 1222 if (ntries == 10) 1223 return ETIMEDOUT; 1224 1225 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1226 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1227 } 1228 1229 /* 1230 * Send a command to the 8051 microcontroller unit. 1231 */ 1232 int 1233 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1234 { 1235 uint32_t tmp; 1236 int error, ntries; 1237 1238 for (ntries = 0; ntries < 100; ntries++) { 1239 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1240 return error; 1241 if (!(tmp & RT2860_H2M_BUSY)) 1242 break; 1243 } 1244 if (ntries == 100) 1245 return ETIMEDOUT; 1246 1247 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1248 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1249 error = run_write(sc, RT2860_HOST_CMD, cmd); 1250 return error; 1251 } 1252 1253 /* 1254 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1255 * Used to adjust per-rate Tx power registers. 1256 */ 1257 static __inline uint32_t 1258 b4inc(uint32_t b32, int8_t delta) 1259 { 1260 int8_t i, b4; 1261 1262 for (i = 0; i < 8; i++) { 1263 b4 = b32 & 0xf; 1264 b4 += delta; 1265 if (b4 < 0) 1266 b4 = 0; 1267 else if (b4 > 0xf) 1268 b4 = 0xf; 1269 b32 = b32 >> 4 | b4 << 28; 1270 } 1271 return b32; 1272 } 1273 1274 const char * 1275 run_get_rf(int rev) 1276 { 1277 switch (rev) { 1278 case RT2860_RF_2820: return "RT2820"; 1279 case RT2860_RF_2850: return "RT2850"; 1280 case RT2860_RF_2720: return "RT2720"; 1281 case RT2860_RF_2750: return "RT2750"; 1282 case RT3070_RF_3020: return "RT3020"; 1283 case RT3070_RF_2020: return "RT2020"; 1284 case RT3070_RF_3021: return "RT3021"; 1285 case RT3070_RF_3022: return "RT3022"; 1286 case RT3070_RF_3052: return "RT3052"; 1287 case RT3070_RF_3053: return "RT3053"; 1288 case RT5592_RF_5592: return "RT5592"; 1289 case RT5390_RF_5370: return "RT5370"; 1290 case RT5390_RF_5372: return "RT5372"; 1291 } 1292 return "unknown"; 1293 } 1294 1295 void 1296 run_rt3593_get_txpower(struct run_softc *sc) 1297 { 1298 uint16_t addr, val; 1299 int i; 1300 1301 /* Read power settings for 2GHz channels. */ 1302 for (i = 0; i < 14; i += 2) { 1303 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1304 RT2860_EEPROM_PWR2GHZ_BASE1; 1305 run_srom_read(sc, addr + i / 2, &val); 1306 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1307 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1308 1309 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1310 RT2860_EEPROM_PWR2GHZ_BASE2; 1311 run_srom_read(sc, addr + i / 2, &val); 1312 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1313 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1314 1315 if (sc->ntxchains == 3) { 1316 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1317 &val); 1318 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1319 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1320 } 1321 } 1322 /* Fix broken Tx power entries. */ 1323 for (i = 0; i < 14; i++) { 1324 if (sc->txpow1[i] > 31) 1325 sc->txpow1[i] = 5; 1326 if (sc->txpow2[i] > 31) 1327 sc->txpow2[i] = 5; 1328 if (sc->ntxchains == 3) { 1329 if (sc->txpow3[i] > 31) 1330 sc->txpow3[i] = 5; 1331 } 1332 } 1333 /* Read power settings for 5GHz channels. */ 1334 for (i = 0; i < 40; i += 2) { 1335 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1336 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1337 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1338 1339 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1340 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1341 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1342 1343 if (sc->ntxchains == 3) { 1344 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1345 &val); 1346 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1347 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1348 } 1349 } 1350 } 1351 1352 void 1353 run_get_txpower(struct run_softc *sc) 1354 { 1355 uint16_t val; 1356 int i; 1357 1358 /* Read power settings for 2GHz channels. */ 1359 for (i = 0; i < 14; i += 2) { 1360 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1361 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1362 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1363 1364 if (sc->mac_ver != 0x5390) { 1365 run_srom_read(sc, 1366 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1367 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1368 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1369 } 1370 } 1371 /* Fix broken Tx power entries. */ 1372 for (i = 0; i < 14; i++) { 1373 if (sc->mac_ver >= 0x5390) { 1374 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1375 sc->txpow1[i] = 5; 1376 } else { 1377 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1378 sc->txpow1[i] = 5; 1379 } 1380 if (sc->mac_ver > 0x5390) { 1381 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1382 sc->txpow2[i] = 5; 1383 } else if (sc->mac_ver < 0x5390) { 1384 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1385 sc->txpow2[i] = 5; 1386 } 1387 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1388 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i])); 1389 } 1390 /* Read power settings for 5GHz channels. */ 1391 for (i = 0; i < 40; i += 2) { 1392 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1393 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1394 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1395 1396 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1397 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1398 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1399 } 1400 /* Fix broken Tx power entries. */ 1401 for (i = 0; i < 40; i++ ) { 1402 if (sc->mac_ver != 0x5592) { 1403 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1404 sc->txpow1[14 + i] = 5; 1405 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1406 sc->txpow2[14 + i] = 5; 1407 } 1408 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1409 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1410 sc->txpow2[14 + i])); 1411 } 1412 } 1413 1414 int 1415 run_read_eeprom(struct run_softc *sc) 1416 { 1417 struct ieee80211com *ic = &sc->sc_ic; 1418 int8_t delta_2ghz, delta_5ghz; 1419 uint32_t tmp; 1420 uint16_t val; 1421 int ridx, ant, i; 1422 1423 /* check whether the ROM is eFUSE ROM or EEPROM */ 1424 sc->sc_srom_read = run_eeprom_read_2; 1425 if (sc->mac_ver >= 0x3070) { 1426 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1427 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp)); 1428 if (tmp & RT3070_SEL_EFUSE || sc->mac_ver == 0x3593) 1429 sc->sc_srom_read = run_efuse_read_2; 1430 } 1431 1432 /* read ROM version */ 1433 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1434 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8)); 1435 1436 /* read MAC address */ 1437 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1438 ic->ic_myaddr[0] = val & 0xff; 1439 ic->ic_myaddr[1] = val >> 8; 1440 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1441 ic->ic_myaddr[2] = val & 0xff; 1442 ic->ic_myaddr[3] = val >> 8; 1443 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1444 ic->ic_myaddr[4] = val & 0xff; 1445 ic->ic_myaddr[5] = val >> 8; 1446 1447 if (sc->mac_ver < 0x3593) { 1448 /* read vendor BBP settings */ 1449 for (i = 0; i < 10; i++) { 1450 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1451 sc->bbp[i].val = val & 0xff; 1452 sc->bbp[i].reg = val >> 8; 1453 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, 1454 sc->bbp[i].val)); 1455 } 1456 if (sc->mac_ver >= 0x3071) { 1457 /* read vendor RF settings */ 1458 for (i = 0; i < 10; i++) { 1459 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1460 &val); 1461 sc->rf[i].val = val & 0xff; 1462 sc->rf[i].reg = val >> 8; 1463 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg, 1464 sc->rf[i].val)); 1465 } 1466 } 1467 } 1468 1469 /* read RF frequency offset from EEPROM */ 1470 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1471 RT3593_EEPROM_FREQ, &val); 1472 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1473 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff)); 1474 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1475 RT3593_EEPROM_FREQ_LEDS, &val); 1476 if ((val >> 8) != 0xff) { 1477 /* read LEDs operating mode */ 1478 sc->leds = val >> 8; 1479 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1480 RT3593_EEPROM_LED1, &sc->led[0]); 1481 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1482 RT3593_EEPROM_LED2, &sc->led[1]); 1483 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1484 RT3593_EEPROM_LED3, &sc->led[2]); 1485 } else { 1486 /* broken EEPROM, use default settings */ 1487 sc->leds = 0x01; 1488 sc->led[0] = 0x5555; 1489 sc->led[1] = 0x2221; 1490 sc->led[2] = 0x5627; /* differs from RT2860 */ 1491 } 1492 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1493 sc->leds, sc->led[0], sc->led[1], sc->led[2])); 1494 1495 /* read RF information */ 1496 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) 1497 run_srom_read(sc, 0x00, &val); 1498 else 1499 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1500 if (val == 0xffff) { 1501 DPRINTF(("invalid EEPROM antenna info, using default\n")); 1502 if (sc->mac_ver == 0x3572) { 1503 /* default to RF3052 2T2R */ 1504 sc->rf_rev = RT3070_RF_3052; 1505 sc->ntxchains = 2; 1506 sc->nrxchains = 2; 1507 } else if (sc->mac_ver >= 0x3070) { 1508 /* default to RF3020 1T1R */ 1509 sc->rf_rev = RT3070_RF_3020; 1510 sc->ntxchains = 1; 1511 sc->nrxchains = 1; 1512 } else { 1513 /* default to RF2820 1T2R */ 1514 sc->rf_rev = RT2860_RF_2820; 1515 sc->ntxchains = 1; 1516 sc->nrxchains = 2; 1517 } 1518 } else { 1519 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) { 1520 sc->rf_rev = val; 1521 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1522 } else 1523 sc->rf_rev = (val >> 8) & 0xf; 1524 sc->ntxchains = (val >> 4) & 0xf; 1525 sc->nrxchains = val & 0xf; 1526 } 1527 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1528 sc->rf_rev, sc->ntxchains, sc->nrxchains)); 1529 1530 /* check if RF supports automatic Tx access gain control */ 1531 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1532 DPRINTF(("EEPROM CFG 0x%04x\n", val)); 1533 /* check if driver should patch the DAC issue */ 1534 if ((val >> 8) != 0xff) 1535 sc->patch_dac = (val >> 15) & 1; 1536 if ((val & 0xff) != 0xff) { 1537 sc->ext_5ghz_lna = (val >> 3) & 1; 1538 sc->ext_2ghz_lna = (val >> 2) & 1; 1539 /* check if RF supports automatic Tx access gain control */ 1540 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1541 /* check if we have a hardware radio switch */ 1542 sc->rfswitch = val & 1; 1543 } 1544 1545 /* Read Tx power settings. */ 1546 if (sc->mac_ver == 0x3593) 1547 run_rt3593_get_txpower(sc); 1548 else 1549 run_get_txpower(sc); 1550 1551 /* read Tx power compensation for each Tx rate */ 1552 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1553 delta_2ghz = delta_5ghz = 0; 1554 if ((val & 0xff) != 0xff && (val & 0x80)) { 1555 delta_2ghz = val & 0xf; 1556 if (!(val & 0x40)) /* negative number */ 1557 delta_2ghz = -delta_2ghz; 1558 } 1559 val >>= 8; 1560 if ((val & 0xff) != 0xff && (val & 0x80)) { 1561 delta_5ghz = val & 0xf; 1562 if (!(val & 0x40)) /* negative number */ 1563 delta_5ghz = -delta_5ghz; 1564 } 1565 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n", 1566 delta_2ghz, delta_5ghz)); 1567 1568 for (ridx = 0; ridx < 5; ridx++) { 1569 uint32_t reg; 1570 1571 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1572 reg = val; 1573 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1574 reg |= (uint32_t)val << 16; 1575 1576 sc->txpow20mhz[ridx] = reg; 1577 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1578 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1579 1580 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1581 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1582 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx])); 1583 } 1584 1585 /* read RSSI offsets and LNA gains from EEPROM */ 1586 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1587 RT3593_EEPROM_RSSI1_2GHZ, &val); 1588 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1589 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1590 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1591 RT3593_EEPROM_RSSI2_2GHZ, &val); 1592 if (sc->mac_ver >= 0x3070) { 1593 if (sc->mac_ver == 0x3593) { 1594 sc->txmixgain_2ghz = 0; 1595 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1596 } else { 1597 /* 1598 * On RT3070 chips (limited to 2 Rx chains), this ROM 1599 * field contains the Tx mixer gain for the 2GHz band. 1600 */ 1601 if ((val & 0xff) != 0xff) 1602 sc->txmixgain_2ghz = val & 0x7; 1603 } 1604 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz)); 1605 } else 1606 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1607 if (sc->mac_ver == 0x3593) 1608 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1609 sc->lna[2] = val >> 8; /* channel group 2 */ 1610 1611 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1612 RT3593_EEPROM_RSSI1_5GHZ, &val); 1613 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1614 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1615 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1616 RT3593_EEPROM_RSSI2_5GHZ, &val); 1617 if (sc->mac_ver == 0x3572) { 1618 /* 1619 * On RT3572 chips (limited to 2 Rx chains), this ROM 1620 * field contains the Tx mixer gain for the 5GHz band. 1621 */ 1622 if ((val & 0xff) != 0xff) 1623 sc->txmixgain_5ghz = val & 0x7; 1624 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz)); 1625 } else 1626 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1627 if (sc->mac_ver == 0x3593) { 1628 sc->txmixgain_5ghz = 0; 1629 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1630 } 1631 sc->lna[3] = val >> 8; /* channel group 3 */ 1632 1633 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1634 RT3593_EEPROM_LNA, &val); 1635 sc->lna[0] = val & 0xff; /* channel group 0 */ 1636 sc->lna[1] = val >> 8; /* channel group 1 */ 1637 1638 /* fix broken 5GHz LNA entries */ 1639 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1640 DPRINTF(("invalid LNA for channel group %d\n", 2)); 1641 sc->lna[2] = sc->lna[1]; 1642 } 1643 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1644 DPRINTF(("invalid LNA for channel group %d\n", 3)); 1645 sc->lna[3] = sc->lna[1]; 1646 } 1647 1648 /* fix broken RSSI offset entries */ 1649 for (ant = 0; ant < 3; ant++) { 1650 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1651 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n", 1652 ant + 1, sc->rssi_2ghz[ant])); 1653 sc->rssi_2ghz[ant] = 0; 1654 } 1655 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1656 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n", 1657 ant + 1, sc->rssi_5ghz[ant])); 1658 sc->rssi_5ghz[ant] = 0; 1659 } 1660 } 1661 return 0; 1662 } 1663 1664 struct ieee80211_node * 1665 run_node_alloc(struct ieee80211com *ic) 1666 { 1667 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1668 } 1669 1670 int 1671 run_media_change(struct ifnet *ifp) 1672 { 1673 struct run_softc *sc = ifp->if_softc; 1674 struct ieee80211com *ic = &sc->sc_ic; 1675 uint8_t rate, ridx; 1676 int error; 1677 1678 error = ieee80211_media_change(ifp); 1679 if (error != ENETRESET) 1680 return error; 1681 1682 if (ic->ic_fixed_rate != -1) { 1683 rate = ic->ic_sup_rates[ic->ic_curmode]. 1684 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1685 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++) 1686 if (rt2860_rates[ridx].rate == rate) 1687 break; 1688 sc->fixed_ridx = ridx; 1689 } 1690 1691 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1692 (IFF_UP | IFF_RUNNING)) { 1693 run_stop(ifp, 0); 1694 error = run_init(ifp); 1695 } 1696 1697 return error; 1698 } 1699 1700 void 1701 run_next_scan(void *arg) 1702 { 1703 struct run_softc *sc = arg; 1704 1705 if (usbd_is_dying(sc->sc_udev)) 1706 return; 1707 1708 usbd_ref_incr(sc->sc_udev); 1709 1710 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1711 ieee80211_next_scan(&sc->sc_ic.ic_if); 1712 1713 usbd_ref_decr(sc->sc_udev); 1714 } 1715 1716 void 1717 run_task(void *arg) 1718 { 1719 struct run_softc *sc = arg; 1720 struct run_host_cmd_ring *ring = &sc->cmdq; 1721 struct run_host_cmd *cmd; 1722 int s; 1723 1724 if (usbd_is_dying(sc->sc_udev)) 1725 return; 1726 1727 /* process host commands */ 1728 s = splusb(); 1729 while (ring->next != ring->cur) { 1730 cmd = &ring->cmd[ring->next]; 1731 splx(s); 1732 /* callback */ 1733 cmd->cb(sc, cmd->data); 1734 s = splusb(); 1735 ring->queued--; 1736 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT; 1737 } 1738 splx(s); 1739 } 1740 1741 void 1742 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *), 1743 void *arg, int len) 1744 { 1745 struct run_host_cmd_ring *ring = &sc->cmdq; 1746 struct run_host_cmd *cmd; 1747 int s; 1748 1749 if (usbd_is_dying(sc->sc_udev)) 1750 return; 1751 1752 s = splusb(); 1753 cmd = &ring->cmd[ring->cur]; 1754 cmd->cb = cb; 1755 KASSERT(len <= sizeof (cmd->data)); 1756 memcpy(cmd->data, arg, len); 1757 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT; 1758 1759 /* if there is no pending command already, schedule a task */ 1760 if (++ring->queued == 1) 1761 usb_add_task(sc->sc_udev, &sc->sc_task); 1762 splx(s); 1763 } 1764 1765 int 1766 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1767 { 1768 struct run_softc *sc = ic->ic_softc; 1769 struct run_cmd_newstate cmd; 1770 1771 /* do it in a process context */ 1772 cmd.state = nstate; 1773 cmd.arg = arg; 1774 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd); 1775 return 0; 1776 } 1777 1778 void 1779 run_newstate_cb(struct run_softc *sc, void *arg) 1780 { 1781 struct run_cmd_newstate *cmd = arg; 1782 struct ieee80211com *ic = &sc->sc_ic; 1783 enum ieee80211_state ostate; 1784 struct ieee80211_node *ni; 1785 uint32_t tmp, sta[3]; 1786 uint8_t wcid; 1787 int s; 1788 1789 s = splnet(); 1790 ostate = ic->ic_state; 1791 1792 if (ostate == IEEE80211_S_RUN) { 1793 /* turn link LED off */ 1794 run_set_leds(sc, RT2860_LED_RADIO); 1795 } 1796 1797 switch (cmd->state) { 1798 case IEEE80211_S_INIT: 1799 if (ostate == IEEE80211_S_RUN) { 1800 /* abort TSF synchronization */ 1801 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1802 run_write(sc, RT2860_BCN_TIME_CFG, 1803 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1804 RT2860_TBTT_TIMER_EN)); 1805 } 1806 break; 1807 1808 case IEEE80211_S_SCAN: 1809 run_set_chan(sc, ic->ic_bss->ni_chan); 1810 if (!usbd_is_dying(sc->sc_udev)) 1811 timeout_add_msec(&sc->scan_to, 200); 1812 break; 1813 1814 case IEEE80211_S_AUTH: 1815 case IEEE80211_S_ASSOC: 1816 run_set_chan(sc, ic->ic_bss->ni_chan); 1817 break; 1818 1819 case IEEE80211_S_RUN: 1820 run_set_chan(sc, ic->ic_bss->ni_chan); 1821 1822 ni = ic->ic_bss; 1823 1824 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1825 run_updateslot(ic); 1826 run_enable_mrr(sc); 1827 run_set_txpreamble(sc); 1828 run_set_basicrates(sc); 1829 run_set_bssid(sc, ni->ni_bssid); 1830 } 1831 if (ic->ic_opmode == IEEE80211_M_STA) { 1832 /* add BSS entry to the WCID table */ 1833 wcid = RUN_AID2WCID(ni->ni_associd); 1834 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1835 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1836 1837 /* fake a join to init the tx rate */ 1838 run_newassoc(ic, ni, 1); 1839 } 1840 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1841 run_enable_tsf_sync(sc); 1842 1843 /* clear statistic registers used by AMRR */ 1844 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1845 (uint8_t *)sta, sizeof sta); 1846 /* start calibration timer */ 1847 if (!usbd_is_dying(sc->sc_udev)) 1848 timeout_add_sec(&sc->calib_to, 1); 1849 } 1850 1851 /* turn link LED on */ 1852 run_set_leds(sc, RT2860_LED_RADIO | 1853 (IEEE80211_IS_CHAN_2GHZ(ic->ic_bss->ni_chan) ? 1854 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1855 break; 1856 } 1857 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 1858 splx(s); 1859 } 1860 1861 void 1862 run_updateedca(struct ieee80211com *ic) 1863 { 1864 /* do it in a process context */ 1865 run_do_async(ic->ic_softc, run_updateedca_cb, NULL, 0); 1866 } 1867 1868 /* ARGSUSED */ 1869 void 1870 run_updateedca_cb(struct run_softc *sc, void *arg) 1871 { 1872 struct ieee80211com *ic = &sc->sc_ic; 1873 int s, aci; 1874 1875 s = splnet(); 1876 /* update MAC TX configuration registers */ 1877 for (aci = 0; aci < EDCA_NUM_AC; aci++) { 1878 run_write(sc, RT2860_EDCA_AC_CFG(aci), 1879 ic->ic_edca_ac[aci].ac_ecwmax << 16 | 1880 ic->ic_edca_ac[aci].ac_ecwmin << 12 | 1881 ic->ic_edca_ac[aci].ac_aifsn << 8 | 1882 ic->ic_edca_ac[aci].ac_txoplimit); 1883 } 1884 1885 /* update SCH/DMA registers too */ 1886 run_write(sc, RT2860_WMM_AIFSN_CFG, 1887 ic->ic_edca_ac[EDCA_AC_VO].ac_aifsn << 12 | 1888 ic->ic_edca_ac[EDCA_AC_VI].ac_aifsn << 8 | 1889 ic->ic_edca_ac[EDCA_AC_BK].ac_aifsn << 4 | 1890 ic->ic_edca_ac[EDCA_AC_BE].ac_aifsn); 1891 run_write(sc, RT2860_WMM_CWMIN_CFG, 1892 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmin << 12 | 1893 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmin << 8 | 1894 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmin << 4 | 1895 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmin); 1896 run_write(sc, RT2860_WMM_CWMAX_CFG, 1897 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmax << 12 | 1898 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmax << 8 | 1899 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmax << 4 | 1900 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmax); 1901 run_write(sc, RT2860_WMM_TXOP0_CFG, 1902 ic->ic_edca_ac[EDCA_AC_BK].ac_txoplimit << 16 | 1903 ic->ic_edca_ac[EDCA_AC_BE].ac_txoplimit); 1904 run_write(sc, RT2860_WMM_TXOP1_CFG, 1905 ic->ic_edca_ac[EDCA_AC_VO].ac_txoplimit << 16 | 1906 ic->ic_edca_ac[EDCA_AC_VI].ac_txoplimit); 1907 splx(s); 1908 } 1909 1910 int 1911 run_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 1912 struct ieee80211_key *k) 1913 { 1914 struct run_softc *sc = ic->ic_softc; 1915 struct run_cmd_key cmd; 1916 1917 /* defer setting of WEP keys until interface is brought up */ 1918 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) != 1919 (IFF_UP | IFF_RUNNING)) 1920 return 0; 1921 1922 /* do it in a process context */ 1923 cmd.key = *k; 1924 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1925 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd); 1926 return 0; 1927 } 1928 1929 void 1930 run_set_key_cb(struct run_softc *sc, void *arg) 1931 { 1932 struct run_cmd_key *cmd = arg; 1933 struct ieee80211_key *k = &cmd->key; 1934 uint32_t attr; 1935 uint16_t base; 1936 uint8_t mode, wcid, iv[8]; 1937 1938 /* map net80211 cipher to RT2860 security mode */ 1939 switch (k->k_cipher) { 1940 case IEEE80211_CIPHER_WEP40: 1941 mode = RT2860_MODE_WEP40; 1942 break; 1943 case IEEE80211_CIPHER_WEP104: 1944 mode = RT2860_MODE_WEP104; 1945 break; 1946 case IEEE80211_CIPHER_TKIP: 1947 mode = RT2860_MODE_TKIP; 1948 break; 1949 case IEEE80211_CIPHER_CCMP: 1950 mode = RT2860_MODE_AES_CCMP; 1951 break; 1952 default: 1953 return; 1954 } 1955 1956 if (k->k_flags & IEEE80211_KEY_GROUP) { 1957 wcid = 0; /* NB: update WCID0 for group keys */ 1958 base = RT2860_SKEY(0, k->k_id); 1959 } else { 1960 wcid = RUN_AID2WCID(cmd->associd); 1961 base = RT2860_PKEY(wcid); 1962 } 1963 1964 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1965 run_write_region_1(sc, base, k->k_key, 16); 1966 run_write_region_1(sc, base + 16, &k->k_key[24], 8); 1967 run_write_region_1(sc, base + 24, &k->k_key[16], 8); 1968 } else { 1969 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1970 run_write_region_1(sc, base, k->k_key, (k->k_len + 1) & ~1); 1971 } 1972 1973 if (!(k->k_flags & IEEE80211_KEY_GROUP) || 1974 (k->k_flags & IEEE80211_KEY_TX)) { 1975 /* set initial packet number in IV+EIV */ 1976 if (k->k_cipher == IEEE80211_CIPHER_WEP40 || 1977 k->k_cipher == IEEE80211_CIPHER_WEP104) { 1978 memset(iv, 0, sizeof iv); 1979 iv[3] = sc->sc_ic.ic_def_txkey << 6; 1980 } else { 1981 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1982 iv[0] = k->k_tsc >> 8; 1983 iv[1] = (iv[0] | 0x20) & 0x7f; 1984 iv[2] = k->k_tsc; 1985 } else /* CCMP */ { 1986 iv[0] = k->k_tsc; 1987 iv[1] = k->k_tsc >> 8; 1988 iv[2] = 0; 1989 } 1990 iv[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV; 1991 iv[4] = k->k_tsc >> 16; 1992 iv[5] = k->k_tsc >> 24; 1993 iv[6] = k->k_tsc >> 32; 1994 iv[7] = k->k_tsc >> 40; 1995 } 1996 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8); 1997 } 1998 1999 if (k->k_flags & IEEE80211_KEY_GROUP) { 2000 /* install group key */ 2001 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2002 attr &= ~(0xf << (k->k_id * 4)); 2003 attr |= mode << (k->k_id * 4); 2004 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2005 } else { 2006 /* install pairwise key */ 2007 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2008 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2009 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2010 } 2011 } 2012 2013 void 2014 run_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2015 struct ieee80211_key *k) 2016 { 2017 struct run_softc *sc = ic->ic_softc; 2018 struct run_cmd_key cmd; 2019 2020 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2021 ic->ic_state != IEEE80211_S_RUN) 2022 return; /* nothing to do */ 2023 2024 /* do it in a process context */ 2025 cmd.key = *k; 2026 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 2027 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd); 2028 } 2029 2030 void 2031 run_delete_key_cb(struct run_softc *sc, void *arg) 2032 { 2033 struct run_cmd_key *cmd = arg; 2034 struct ieee80211_key *k = &cmd->key; 2035 uint32_t attr; 2036 uint8_t wcid; 2037 2038 if (k->k_flags & IEEE80211_KEY_GROUP) { 2039 /* remove group key */ 2040 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2041 attr &= ~(0xf << (k->k_id * 4)); 2042 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2043 2044 } else { 2045 /* remove pairwise key */ 2046 wcid = RUN_AID2WCID(cmd->associd); 2047 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2048 attr &= ~0xf; 2049 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2050 } 2051 } 2052 2053 void 2054 run_calibrate_to(void *arg) 2055 { 2056 /* do it in a process context */ 2057 run_do_async(arg, run_calibrate_cb, NULL, 0); 2058 /* next timeout will be rescheduled in the calibration task */ 2059 } 2060 2061 /* ARGSUSED */ 2062 void 2063 run_calibrate_cb(struct run_softc *sc, void *arg) 2064 { 2065 struct ifnet *ifp = &sc->sc_ic.ic_if; 2066 uint32_t sta[3]; 2067 int s, error; 2068 2069 /* read statistic counters (clear on read) and update AMRR state */ 2070 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2071 sizeof sta); 2072 if (error != 0) 2073 goto skip; 2074 2075 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n", 2076 letoh32(sta[1]) >> 16, letoh32(sta[1]) & 0xffff, 2077 letoh32(sta[0]) & 0xffff)); 2078 2079 s = splnet(); 2080 /* count failed TX as errors */ 2081 ifp->if_oerrors += letoh32(sta[0]) & 0xffff; 2082 2083 sc->amn.amn_retrycnt = 2084 (letoh32(sta[0]) & 0xffff) + /* failed TX count */ 2085 (letoh32(sta[1]) >> 16); /* TX retransmission count */ 2086 2087 sc->amn.amn_txcnt = 2088 sc->amn.amn_retrycnt + 2089 (letoh32(sta[1]) & 0xffff); /* successful TX count */ 2090 2091 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn); 2092 splx(s); 2093 2094 skip: 2095 if (!usbd_is_dying(sc->sc_udev)) 2096 timeout_add_sec(&sc->calib_to, 1); 2097 } 2098 2099 void 2100 run_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2101 { 2102 struct run_softc *sc = ic->ic_softc; 2103 struct run_node *rn = (void *)ni; 2104 struct ieee80211_rateset *rs = &ni->ni_rates; 2105 uint8_t rate; 2106 int ridx, i, j; 2107 2108 DPRINTF(("new assoc isnew=%d addr=%s\n", 2109 isnew, ether_sprintf(ni->ni_macaddr))); 2110 2111 ieee80211_amrr_node_init(&sc->amrr, &sc->amn); 2112 /* start at lowest available bit-rate, AMRR will raise */ 2113 ni->ni_txrate = 0; 2114 2115 for (i = 0; i < rs->rs_nrates; i++) { 2116 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2117 /* convert 802.11 rate to hardware rate index */ 2118 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2119 if (rt2860_rates[ridx].rate == rate) 2120 break; 2121 rn->ridx[i] = ridx; 2122 /* determine rate of control response frames */ 2123 for (j = i; j >= 0; j--) { 2124 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2125 rt2860_rates[rn->ridx[i]].phy == 2126 rt2860_rates[rn->ridx[j]].phy) 2127 break; 2128 } 2129 if (j >= 0) { 2130 rn->ctl_ridx[i] = rn->ridx[j]; 2131 } else { 2132 /* no basic rate found, use mandatory one */ 2133 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2134 } 2135 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2136 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i])); 2137 } 2138 } 2139 2140 /* 2141 * Return the Rx chain with the highest RSSI for a given frame. 2142 */ 2143 static __inline uint8_t 2144 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2145 { 2146 uint8_t rxchain = 0; 2147 2148 if (sc->nrxchains > 1) { 2149 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2150 rxchain = 1; 2151 if (sc->nrxchains > 2) 2152 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2153 rxchain = 2; 2154 } 2155 return rxchain; 2156 } 2157 2158 void 2159 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen, 2160 struct mbuf_list *ml) 2161 { 2162 struct ieee80211com *ic = &sc->sc_ic; 2163 struct ifnet *ifp = &ic->ic_if; 2164 struct ieee80211_frame *wh; 2165 struct ieee80211_rxinfo rxi; 2166 struct ieee80211_node *ni; 2167 struct rt2870_rxd *rxd; 2168 struct rt2860_rxwi *rxwi; 2169 struct mbuf *m; 2170 uint32_t flags; 2171 uint16_t len; 2172 #if NBPFILTER > 0 2173 uint16_t phy; 2174 #endif 2175 uint16_t rxwisize; 2176 uint8_t ant, rssi; 2177 int s; 2178 2179 rxwi = (struct rt2860_rxwi *)buf; 2180 rxwisize = sizeof(struct rt2860_rxwi); 2181 if (sc->mac_ver == 0x5592) 2182 rxwisize += sizeof(uint64_t); 2183 else if (sc->mac_ver == 0x3593) 2184 rxwisize += sizeof(uint32_t); 2185 len = letoh16(rxwi->len) & 0xfff; 2186 if (__predict_false(len > dmalen)) { 2187 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen)); 2188 return; 2189 } 2190 if (len > MCLBYTES) { 2191 DPRINTF(("frame too large (length=%d)\n", len)); 2192 ifp->if_ierrors++; 2193 return; 2194 } 2195 /* Rx descriptor is located at the end */ 2196 rxd = (struct rt2870_rxd *)(buf + dmalen); 2197 flags = letoh32(rxd->flags); 2198 2199 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2200 ifp->if_ierrors++; 2201 return; 2202 } 2203 2204 if (__predict_false((flags & RT2860_RX_MICERR))) { 2205 /* report MIC failures to net80211 for TKIP */ 2206 ic->ic_stats.is_rx_locmicfail++; 2207 ieee80211_michael_mic_failure(ic, 0/* XXX */); 2208 ifp->if_ierrors++; 2209 return; 2210 } 2211 2212 wh = (struct ieee80211_frame *)(buf + rxwisize); 2213 rxi.rxi_flags = 0; 2214 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2215 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2216 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 2217 } 2218 2219 if (flags & RT2860_RX_L2PAD) { 2220 u_int hdrlen = ieee80211_get_hdrlen(wh); 2221 memmove((caddr_t)wh + 2, wh, hdrlen); 2222 wh = (struct ieee80211_frame *)((caddr_t)wh + 2); 2223 } 2224 2225 /* could use m_devget but net80211 wants contig mgmt frames */ 2226 MGETHDR(m, M_DONTWAIT, MT_DATA); 2227 if (__predict_false(m == NULL)) { 2228 ifp->if_ierrors++; 2229 return; 2230 } 2231 if (len > MHLEN) { 2232 MCLGET(m, M_DONTWAIT); 2233 if (__predict_false(!(m->m_flags & M_EXT))) { 2234 ifp->if_ierrors++; 2235 m_freem(m); 2236 return; 2237 } 2238 } 2239 /* finalize mbuf */ 2240 memcpy(mtod(m, caddr_t), wh, len); 2241 m->m_pkthdr.len = m->m_len = len; 2242 2243 ant = run_maxrssi_chain(sc, rxwi); 2244 rssi = rxwi->rssi[ant]; 2245 2246 #if NBPFILTER > 0 2247 if (__predict_false(sc->sc_drvbpf != NULL)) { 2248 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2249 struct mbuf mb; 2250 2251 tap->wr_flags = 0; 2252 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 2253 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 2254 tap->wr_antsignal = rssi; 2255 tap->wr_antenna = ant; 2256 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2257 tap->wr_rate = 2; /* in case it can't be found below */ 2258 phy = letoh16(rxwi->phy); 2259 switch (phy & RT2860_PHY_MODE) { 2260 case RT2860_PHY_CCK: 2261 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2262 case 0: tap->wr_rate = 2; break; 2263 case 1: tap->wr_rate = 4; break; 2264 case 2: tap->wr_rate = 11; break; 2265 case 3: tap->wr_rate = 22; break; 2266 } 2267 if (phy & RT2860_PHY_SHPRE) 2268 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2269 break; 2270 case RT2860_PHY_OFDM: 2271 switch (phy & RT2860_PHY_MCS) { 2272 case 0: tap->wr_rate = 12; break; 2273 case 1: tap->wr_rate = 18; break; 2274 case 2: tap->wr_rate = 24; break; 2275 case 3: tap->wr_rate = 36; break; 2276 case 4: tap->wr_rate = 48; break; 2277 case 5: tap->wr_rate = 72; break; 2278 case 6: tap->wr_rate = 96; break; 2279 case 7: tap->wr_rate = 108; break; 2280 } 2281 break; 2282 } 2283 mb.m_data = (caddr_t)tap; 2284 mb.m_len = sc->sc_rxtap_len; 2285 mb.m_next = m; 2286 mb.m_nextpkt = NULL; 2287 mb.m_type = 0; 2288 mb.m_flags = 0; 2289 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 2290 } 2291 #endif 2292 2293 s = splnet(); 2294 ni = ieee80211_find_rxnode(ic, wh); 2295 rxi.rxi_rssi = rssi; 2296 rxi.rxi_tstamp = 0; /* unused */ 2297 ieee80211_inputm(ifp, m, ni, &rxi, ml); 2298 2299 /* node is no longer needed */ 2300 ieee80211_release_node(ic, ni); 2301 splx(s); 2302 } 2303 2304 void 2305 run_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 2306 { 2307 struct mbuf_list ml = MBUF_LIST_INITIALIZER(); 2308 struct run_rx_data *data = priv; 2309 struct run_softc *sc = data->sc; 2310 uint8_t *buf; 2311 uint32_t dmalen; 2312 int xferlen; 2313 uint16_t rxwisize; 2314 2315 rxwisize = sizeof(struct rt2860_rxwi); 2316 if (sc->mac_ver == 0x5592) 2317 rxwisize += sizeof(uint64_t); 2318 else if (sc->mac_ver == 0x3593) 2319 rxwisize += sizeof(uint32_t); 2320 2321 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2322 DPRINTF(("RX status=%d\n", status)); 2323 if (status == USBD_STALLED) 2324 usbd_clear_endpoint_stall_async(sc->rxq.pipeh); 2325 if (status != USBD_CANCELLED) 2326 goto skip; 2327 return; 2328 } 2329 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL); 2330 2331 if (__predict_false(xferlen < sizeof (uint32_t) + rxwisize + 2332 sizeof(struct rt2870_rxd))) { 2333 DPRINTF(("xfer too short %d\n", xferlen)); 2334 goto skip; 2335 } 2336 2337 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2338 buf = data->buf; 2339 while (xferlen > 8) { 2340 dmalen = letoh32(*(uint32_t *)buf) & 0xffff; 2341 2342 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) { 2343 DPRINTF(("bad DMA length %u\n", dmalen)); 2344 break; 2345 } 2346 if (__predict_false(dmalen + 8 > xferlen)) { 2347 DPRINTF(("bad DMA length %u > %d\n", 2348 dmalen + 8, xferlen)); 2349 break; 2350 } 2351 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen, &ml); 2352 buf += dmalen + 8; 2353 xferlen -= dmalen + 8; 2354 } 2355 if_input(&sc->sc_ic.ic_if, &ml); 2356 2357 skip: /* setup a new transfer */ 2358 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ, 2359 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof); 2360 (void)usbd_transfer(data->xfer); 2361 } 2362 2363 void 2364 run_txeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 2365 { 2366 struct run_tx_data *data = priv; 2367 struct run_softc *sc = data->sc; 2368 struct run_tx_ring *txq = &sc->txq[data->qid]; 2369 struct ifnet *ifp = &sc->sc_ic.ic_if; 2370 int s; 2371 2372 s = splnet(); 2373 txq->queued--; 2374 sc->qfullmsk &= ~(1 << data->qid); 2375 2376 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2377 DPRINTF(("TX status=%d\n", status)); 2378 if (status == USBD_STALLED) 2379 usbd_clear_endpoint_stall_async(txq->pipeh); 2380 ifp->if_oerrors++; 2381 splx(s); 2382 return; 2383 } 2384 2385 sc->sc_tx_timer = 0; 2386 ifq_clr_oactive(&ifp->if_snd); 2387 run_start(ifp); 2388 splx(s); 2389 } 2390 2391 int 2392 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2393 { 2394 struct ieee80211com *ic = &sc->sc_ic; 2395 struct run_node *rn = (void *)ni; 2396 struct ieee80211_frame *wh; 2397 struct run_tx_ring *ring; 2398 struct run_tx_data *data; 2399 struct rt2870_txd *txd; 2400 struct rt2860_txwi *txwi; 2401 uint16_t qos, dur; 2402 uint16_t txwisize; 2403 uint8_t type, mcs, tid, qid; 2404 int error, hasqos, ridx, ctl_ridx, xferlen; 2405 2406 wh = mtod(m, struct ieee80211_frame *); 2407 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2408 2409 if ((hasqos = ieee80211_has_qos(wh))) { 2410 qos = ieee80211_get_qos(wh); 2411 tid = qos & IEEE80211_QOS_TID; 2412 qid = ieee80211_up_to_ac(ic, tid); 2413 } else { 2414 qos = 0; 2415 tid = 0; 2416 qid = EDCA_AC_BE; 2417 } 2418 ring = &sc->txq[qid]; 2419 data = &ring->data[ring->cur]; 2420 2421 /* pickup a rate index */ 2422 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2423 type != IEEE80211_FC0_TYPE_DATA) { 2424 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2425 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2426 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2427 } else if (ic->ic_fixed_rate != -1) { 2428 ridx = sc->fixed_ridx; 2429 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2430 } else { 2431 ridx = rn->ridx[ni->ni_txrate]; 2432 ctl_ridx = rn->ctl_ridx[ni->ni_txrate]; 2433 } 2434 2435 /* get MCS code from rate index */ 2436 mcs = rt2860_rates[ridx].mcs; 2437 2438 txwisize = sizeof(struct rt2860_txwi); 2439 if (sc->mac_ver == 0x5592) 2440 txwisize += sizeof(uint32_t); 2441 xferlen = txwisize + m->m_pkthdr.len; 2442 2443 /* roundup to 32-bit alignment */ 2444 xferlen = (xferlen + 3) & ~3; 2445 2446 txd = (struct rt2870_txd *)data->buf; 2447 txd->flags = RT2860_TX_QSEL_EDCA; 2448 txd->len = htole16(xferlen); 2449 2450 /* setup TX Wireless Information */ 2451 txwi = (struct rt2860_txwi *)(txd + 1); 2452 txwi->flags = 0; 2453 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ; 2454 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2455 RUN_AID2WCID(ni->ni_associd) : 0xff; 2456 txwi->len = htole16(m->m_pkthdr.len); 2457 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2458 txwi->phy = htole16(RT2860_PHY_CCK); 2459 if (ridx != RT2860_RIDX_CCK1 && 2460 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2461 mcs |= RT2860_PHY_SHPRE; 2462 } else 2463 txwi->phy = htole16(RT2860_PHY_OFDM); 2464 txwi->phy |= htole16(mcs); 2465 2466 txwi->txop = RT2860_TX_TXOP_BACKOFF; 2467 2468 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2469 (!hasqos || (qos & IEEE80211_QOS_ACK_POLICY_MASK) != 2470 IEEE80211_QOS_ACK_POLICY_NOACK)) { 2471 txwi->xflags |= RT2860_TX_ACK; 2472 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2473 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 2474 else 2475 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 2476 *(uint16_t *)wh->i_dur = htole16(dur); 2477 } 2478 2479 #if NBPFILTER > 0 2480 if (__predict_false(sc->sc_drvbpf != NULL)) { 2481 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2482 struct mbuf mb; 2483 2484 tap->wt_flags = 0; 2485 tap->wt_rate = rt2860_rates[ridx].rate; 2486 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 2487 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 2488 tap->wt_hwqueue = qid; 2489 if (mcs & RT2860_PHY_SHPRE) 2490 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2491 2492 mb.m_data = (caddr_t)tap; 2493 mb.m_len = sc->sc_txtap_len; 2494 mb.m_next = m; 2495 mb.m_nextpkt = NULL; 2496 mb.m_type = 0; 2497 mb.m_flags = 0; 2498 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 2499 } 2500 #endif 2501 2502 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)txwi + txwisize); 2503 m_freem(m); 2504 2505 xferlen += sizeof (*txd) + 4; 2506 2507 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen, 2508 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof); 2509 error = usbd_transfer(data->xfer); 2510 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 2511 return error; 2512 2513 ieee80211_release_node(ic, ni); 2514 2515 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT; 2516 if (++ring->queued >= RUN_TX_RING_COUNT) 2517 sc->qfullmsk |= 1 << qid; 2518 2519 return 0; 2520 } 2521 2522 void 2523 run_start(struct ifnet *ifp) 2524 { 2525 struct run_softc *sc = ifp->if_softc; 2526 struct ieee80211com *ic = &sc->sc_ic; 2527 struct ieee80211_node *ni; 2528 struct mbuf *m; 2529 2530 if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(&ifp->if_snd)) 2531 return; 2532 2533 for (;;) { 2534 if (sc->qfullmsk != 0) { 2535 ifq_set_oactive(&ifp->if_snd); 2536 break; 2537 } 2538 /* send pending management frames first */ 2539 m = mq_dequeue(&ic->ic_mgtq); 2540 if (m != NULL) { 2541 ni = m->m_pkthdr.ph_cookie; 2542 goto sendit; 2543 } 2544 if (ic->ic_state != IEEE80211_S_RUN) 2545 break; 2546 2547 /* encapsulate and send data frames */ 2548 m = ifq_dequeue(&ifp->if_snd); 2549 if (m == NULL) 2550 break; 2551 #if NBPFILTER > 0 2552 if (ifp->if_bpf != NULL) 2553 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 2554 #endif 2555 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 2556 continue; 2557 sendit: 2558 #if NBPFILTER > 0 2559 if (ic->ic_rawbpf != NULL) 2560 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 2561 #endif 2562 if (run_tx(sc, m, ni) != 0) { 2563 ieee80211_release_node(ic, ni); 2564 ifp->if_oerrors++; 2565 continue; 2566 } 2567 2568 sc->sc_tx_timer = 5; 2569 ifp->if_timer = 1; 2570 } 2571 } 2572 2573 void 2574 run_watchdog(struct ifnet *ifp) 2575 { 2576 struct run_softc *sc = ifp->if_softc; 2577 2578 ifp->if_timer = 0; 2579 2580 if (sc->sc_tx_timer > 0) { 2581 if (--sc->sc_tx_timer == 0) { 2582 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 2583 /* run_init(ifp); XXX needs a process context! */ 2584 ifp->if_oerrors++; 2585 return; 2586 } 2587 ifp->if_timer = 1; 2588 } 2589 2590 ieee80211_watchdog(ifp); 2591 } 2592 2593 int 2594 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2595 { 2596 struct run_softc *sc = ifp->if_softc; 2597 struct ieee80211com *ic = &sc->sc_ic; 2598 int s, error = 0; 2599 2600 if (usbd_is_dying(sc->sc_udev)) 2601 return ENXIO; 2602 2603 usbd_ref_incr(sc->sc_udev); 2604 2605 s = splnet(); 2606 2607 switch (cmd) { 2608 case SIOCSIFADDR: 2609 ifp->if_flags |= IFF_UP; 2610 /* FALLTHROUGH */ 2611 case SIOCSIFFLAGS: 2612 if (ifp->if_flags & IFF_UP) { 2613 if (!(ifp->if_flags & IFF_RUNNING)) 2614 run_init(ifp); 2615 } else { 2616 if (ifp->if_flags & IFF_RUNNING) 2617 run_stop(ifp, 1); 2618 } 2619 break; 2620 2621 case SIOCS80211CHANNEL: 2622 /* 2623 * This allows for fast channel switching in monitor mode 2624 * (used by kismet). 2625 */ 2626 error = ieee80211_ioctl(ifp, cmd, data); 2627 if (error == ENETRESET && 2628 ic->ic_opmode == IEEE80211_M_MONITOR) { 2629 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2630 (IFF_UP | IFF_RUNNING)) 2631 run_set_chan(sc, ic->ic_ibss_chan); 2632 error = 0; 2633 } 2634 break; 2635 2636 default: 2637 error = ieee80211_ioctl(ifp, cmd, data); 2638 } 2639 2640 if (error == ENETRESET) { 2641 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2642 (IFF_UP | IFF_RUNNING)) { 2643 run_stop(ifp, 0); 2644 run_init(ifp); 2645 } 2646 error = 0; 2647 } 2648 2649 splx(s); 2650 2651 usbd_ref_decr(sc->sc_udev); 2652 2653 return error; 2654 } 2655 2656 void 2657 run_iq_calib(struct run_softc *sc, u_int chan) 2658 { 2659 uint16_t val; 2660 2661 /* Tx0 IQ gain. */ 2662 run_bbp_write(sc, 158, 0x2c); 2663 if (chan <= 14) 2664 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val); 2665 else if (chan <= 64) { 2666 run_efuse_read(sc, 2667 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, &val); 2668 } else if (chan <= 138) { 2669 run_efuse_read(sc, 2670 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, &val); 2671 } else if (chan <= 165) { 2672 run_efuse_read(sc, 2673 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 2674 &val); 2675 } else 2676 val = 0; 2677 run_bbp_write(sc, 159, val); 2678 2679 /* Tx0 IQ phase. */ 2680 run_bbp_write(sc, 158, 0x2d); 2681 if (chan <= 14) { 2682 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, &val); 2683 } else if (chan <= 64) { 2684 run_efuse_read(sc, 2685 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, &val); 2686 } else if (chan <= 138) { 2687 run_efuse_read(sc, 2688 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, &val); 2689 } else if (chan <= 165) { 2690 run_efuse_read(sc, 2691 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, &val); 2692 } else 2693 val = 0; 2694 run_bbp_write(sc, 159, val); 2695 2696 /* Tx1 IQ gain. */ 2697 run_bbp_write(sc, 158, 0x4a); 2698 if (chan <= 14) { 2699 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, &val); 2700 } else if (chan <= 64) { 2701 run_efuse_read(sc, 2702 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, &val); 2703 } else if (chan <= 138) { 2704 run_efuse_read(sc, 2705 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, &val); 2706 } else if (chan <= 165) { 2707 run_efuse_read(sc, 2708 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, &val); 2709 } else 2710 val = 0; 2711 run_bbp_write(sc, 159, val); 2712 2713 /* Tx1 IQ phase. */ 2714 run_bbp_write(sc, 158, 0x4b); 2715 if (chan <= 14) { 2716 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, &val); 2717 } else if (chan <= 64) { 2718 run_efuse_read(sc, 2719 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, &val); 2720 } else if (chan <= 138) { 2721 run_efuse_read(sc, 2722 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, &val); 2723 } else if (chan <= 165) { 2724 run_efuse_read(sc, 2725 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, &val); 2726 } else 2727 val = 0; 2728 run_bbp_write(sc, 159, val); 2729 2730 /* RF IQ compensation control. */ 2731 run_bbp_write(sc, 158, 0x04); 2732 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, &val); 2733 run_bbp_write(sc, 159, val); 2734 2735 /* RF IQ imbalance compensation control. */ 2736 run_bbp_write(sc, 158, 0x03); 2737 run_efuse_read(sc, 2738 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val); 2739 run_bbp_write(sc, 159, val); 2740 } 2741 2742 void 2743 run_select_chan_group(struct run_softc *sc, int group) 2744 { 2745 uint32_t tmp; 2746 uint8_t agc; 2747 2748 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 2749 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 2750 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 2751 if (sc->mac_ver < 0x3572) 2752 run_bbp_write(sc, 86, 0x00); 2753 2754 if (sc->mac_ver == 0x3593) { 2755 run_bbp_write(sc, 77, 0x98); 2756 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 2757 } 2758 2759 if (group == 0) { 2760 if (sc->ext_2ghz_lna) { 2761 if (sc->mac_ver >= 0x5390) 2762 run_bbp_write(sc, 75, 0x52); 2763 else { 2764 run_bbp_write(sc, 82, 0x62); 2765 run_bbp_write(sc, 75, 0x46); 2766 } 2767 } else { 2768 if (sc->mac_ver == 0x5592) { 2769 run_bbp_write(sc, 79, 0x1c); 2770 run_bbp_write(sc, 80, 0x0e); 2771 run_bbp_write(sc, 81, 0x3a); 2772 run_bbp_write(sc, 82, 0x62); 2773 2774 run_bbp_write(sc, 195, 0x80); 2775 run_bbp_write(sc, 196, 0xe0); 2776 run_bbp_write(sc, 195, 0x81); 2777 run_bbp_write(sc, 196, 0x1f); 2778 run_bbp_write(sc, 195, 0x82); 2779 run_bbp_write(sc, 196, 0x38); 2780 run_bbp_write(sc, 195, 0x83); 2781 run_bbp_write(sc, 196, 0x32); 2782 run_bbp_write(sc, 195, 0x85); 2783 run_bbp_write(sc, 196, 0x28); 2784 run_bbp_write(sc, 195, 0x86); 2785 run_bbp_write(sc, 196, 0x19); 2786 } else if (sc->mac_ver >= 0x5390) 2787 run_bbp_write(sc, 75, 0x50); 2788 else { 2789 run_bbp_write(sc, 82, 2790 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 2791 run_bbp_write(sc, 75, 0x50); 2792 } 2793 } 2794 } else { 2795 if (sc->mac_ver == 0x5592) { 2796 run_bbp_write(sc, 79, 0x18); 2797 run_bbp_write(sc, 80, 0x08); 2798 run_bbp_write(sc, 81, 0x38); 2799 run_bbp_write(sc, 82, 0x92); 2800 2801 run_bbp_write(sc, 195, 0x80); 2802 run_bbp_write(sc, 196, 0xf0); 2803 run_bbp_write(sc, 195, 0x81); 2804 run_bbp_write(sc, 196, 0x1e); 2805 run_bbp_write(sc, 195, 0x82); 2806 run_bbp_write(sc, 196, 0x28); 2807 run_bbp_write(sc, 195, 0x83); 2808 run_bbp_write(sc, 196, 0x20); 2809 run_bbp_write(sc, 195, 0x85); 2810 run_bbp_write(sc, 196, 0x7f); 2811 run_bbp_write(sc, 195, 0x86); 2812 run_bbp_write(sc, 196, 0x7f); 2813 } else if (sc->mac_ver == 0x3572) 2814 run_bbp_write(sc, 82, 0x94); 2815 else 2816 run_bbp_write(sc, 82, 2817 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 2818 if (sc->ext_5ghz_lna) 2819 run_bbp_write(sc, 75, 0x46); 2820 else 2821 run_bbp_write(sc, 75, 0x50); 2822 } 2823 2824 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 2825 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 2826 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 2827 run_write(sc, RT2860_TX_BAND_CFG, tmp); 2828 2829 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 2830 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 2831 if (sc->mac_ver == 0x3593) 2832 tmp |= 1 << 29 | 1 << 28; 2833 if (sc->nrxchains > 1) 2834 tmp |= RT2860_LNA_PE1_EN; 2835 if (group == 0) { /* 2GHz */ 2836 tmp |= RT2860_PA_PE_G0_EN; 2837 if (sc->ntxchains > 1) 2838 tmp |= RT2860_PA_PE_G1_EN; 2839 if (sc->mac_ver == 0x3593) { 2840 if (sc->ntxchains > 2) 2841 tmp |= 1 << 25; 2842 } 2843 } else { /* 5GHz */ 2844 tmp |= RT2860_PA_PE_A0_EN; 2845 if (sc->ntxchains > 1) 2846 tmp |= RT2860_PA_PE_A1_EN; 2847 } 2848 if (sc->mac_ver == 0x3572) { 2849 run_rt3070_rf_write(sc, 8, 0x00); 2850 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2851 run_rt3070_rf_write(sc, 8, 0x80); 2852 } else 2853 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2854 2855 if (sc->mac_ver == 0x5592) { 2856 run_bbp_write(sc, 195, 0x8d); 2857 run_bbp_write(sc, 196, 0x1a); 2858 } 2859 2860 if (sc->mac_ver == 0x3593) { 2861 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2862 tmp &= ~0x01010000; 2863 if (group == 0) 2864 tmp |= 0x00010000; 2865 tmp = (tmp & ~0x00009090) | 0x00000090; 2866 run_write(sc, RT2860_GPIO_CTRL, tmp); 2867 } 2868 2869 /* set initial AGC value */ 2870 if (group == 0) { /* 2GHz band */ 2871 if (sc->mac_ver >= 0x3070) 2872 agc = 0x1c + sc->lna[0] * 2; 2873 else 2874 agc = 0x2e + sc->lna[0]; 2875 } else { /* 5GHz band */ 2876 if (sc->mac_ver == 0x5592) 2877 agc = 0x24 + sc->lna[group] * 2; 2878 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 2879 agc = 0x22 + (sc->lna[group] * 5) / 3; 2880 else 2881 agc = 0x32 + (sc->lna[group] * 5) / 3; 2882 } 2883 run_set_agc(sc, agc); 2884 } 2885 2886 void 2887 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 2888 { 2889 const struct rfprog *rfprog = rt2860_rf2850; 2890 uint32_t r2, r3, r4; 2891 int8_t txpow1, txpow2; 2892 int i; 2893 2894 /* find the settings for this channel (we know it exists) */ 2895 for (i = 0; rfprog[i].chan != chan; i++); 2896 2897 r2 = rfprog[i].r2; 2898 if (sc->ntxchains == 1) 2899 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 2900 if (sc->nrxchains == 1) 2901 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2902 else if (sc->nrxchains == 2) 2903 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 2904 2905 /* use Tx power values from EEPROM */ 2906 txpow1 = sc->txpow1[i]; 2907 txpow2 = sc->txpow2[i]; 2908 if (chan > 14) { 2909 if (txpow1 >= 0) 2910 txpow1 = txpow1 << 1 | 1; 2911 else 2912 txpow1 = (7 + txpow1) << 1; 2913 if (txpow2 >= 0) 2914 txpow2 = txpow2 << 1 | 1; 2915 else 2916 txpow2 = (7 + txpow2) << 1; 2917 } 2918 r3 = rfprog[i].r3 | txpow1 << 7; 2919 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 2920 2921 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2922 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2923 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2924 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2925 2926 DELAY(200); 2927 2928 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2929 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2930 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 2931 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2932 2933 DELAY(200); 2934 2935 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2936 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2937 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2938 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2939 } 2940 2941 void 2942 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 2943 { 2944 int8_t txpow1, txpow2; 2945 uint8_t rf; 2946 int i; 2947 2948 /* find the settings for this channel (we know it exists) */ 2949 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 2950 2951 /* use Tx power values from EEPROM */ 2952 txpow1 = sc->txpow1[i]; 2953 txpow2 = sc->txpow2[i]; 2954 2955 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2956 2957 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 2958 run_rt3070_rf_read(sc, 3, &rf); 2959 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 2960 run_rt3070_rf_write(sc, 3, rf); 2961 2962 run_rt3070_rf_read(sc, 6, &rf); 2963 rf = (rf & ~0x03) | rt3070_freqs[i].r; 2964 run_rt3070_rf_write(sc, 6, rf); 2965 2966 /* set Tx0 power */ 2967 run_rt3070_rf_read(sc, 12, &rf); 2968 rf = (rf & ~0x1f) | txpow1; 2969 run_rt3070_rf_write(sc, 12, rf); 2970 2971 /* set Tx1 power */ 2972 run_rt3070_rf_read(sc, 13, &rf); 2973 rf = (rf & ~0x1f) | txpow2; 2974 run_rt3070_rf_write(sc, 13, rf); 2975 2976 run_rt3070_rf_read(sc, 1, &rf); 2977 rf &= ~0xfc; 2978 if (sc->ntxchains == 1) 2979 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2980 else if (sc->ntxchains == 2) 2981 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2982 if (sc->nrxchains == 1) 2983 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2984 else if (sc->nrxchains == 2) 2985 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2986 run_rt3070_rf_write(sc, 1, rf); 2987 2988 /* set RF offset */ 2989 run_rt3070_rf_read(sc, 23, &rf); 2990 rf = (rf & ~0x7f) | sc->freq; 2991 run_rt3070_rf_write(sc, 23, rf); 2992 2993 /* program RF filter */ 2994 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 2995 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2996 run_rt3070_rf_write(sc, 24, rf); 2997 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 2998 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2999 run_rt3070_rf_write(sc, 31, rf); 3000 3001 /* enable RF tuning */ 3002 run_rt3070_rf_read(sc, 7, &rf); 3003 run_rt3070_rf_write(sc, 7, rf | 0x01); 3004 } 3005 3006 void 3007 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 3008 { 3009 int8_t txpow1, txpow2; 3010 uint32_t tmp; 3011 uint8_t rf; 3012 int i; 3013 3014 /* find the settings for this channel (we know it exists) */ 3015 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3016 3017 /* use Tx power values from EEPROM */ 3018 txpow1 = sc->txpow1[i]; 3019 txpow2 = sc->txpow2[i]; 3020 3021 if (chan <= 14) { 3022 run_bbp_write(sc, 25, sc->bbp25); 3023 run_bbp_write(sc, 26, sc->bbp26); 3024 } else { 3025 /* enable IQ phase correction */ 3026 run_bbp_write(sc, 25, 0x09); 3027 run_bbp_write(sc, 26, 0xff); 3028 } 3029 3030 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 3031 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 3032 run_rt3070_rf_read(sc, 6, &rf); 3033 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 3034 rf |= (chan <= 14) ? 0x08 : 0x04; 3035 run_rt3070_rf_write(sc, 6, rf); 3036 3037 /* set PLL mode */ 3038 run_rt3070_rf_read(sc, 5, &rf); 3039 rf &= ~(0x08 | 0x04); 3040 rf |= (chan <= 14) ? 0x04 : 0x08; 3041 run_rt3070_rf_write(sc, 5, rf); 3042 3043 /* set Tx power for chain 0 */ 3044 if (chan <= 14) 3045 rf = 0x60 | txpow1; 3046 else 3047 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 3048 run_rt3070_rf_write(sc, 12, rf); 3049 3050 /* set Tx power for chain 1 */ 3051 if (chan <= 14) 3052 rf = 0x60 | txpow2; 3053 else 3054 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 3055 run_rt3070_rf_write(sc, 13, rf); 3056 3057 /* set Tx/Rx streams */ 3058 run_rt3070_rf_read(sc, 1, &rf); 3059 rf &= ~0xfc; 3060 if (sc->ntxchains == 1) 3061 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 3062 else if (sc->ntxchains == 2) 3063 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 3064 if (sc->nrxchains == 1) 3065 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 3066 else if (sc->nrxchains == 2) 3067 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 3068 run_rt3070_rf_write(sc, 1, rf); 3069 3070 /* set RF offset */ 3071 run_rt3070_rf_read(sc, 23, &rf); 3072 rf = (rf & ~0x7f) | sc->freq; 3073 run_rt3070_rf_write(sc, 23, rf); 3074 3075 /* program RF filter */ 3076 rf = sc->rf24_20mhz; 3077 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 3078 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 3079 3080 /* enable RF tuning */ 3081 run_rt3070_rf_read(sc, 7, &rf); 3082 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 3083 run_rt3070_rf_write(sc, 7, rf); 3084 3085 /* TSSI */ 3086 rf = (chan <= 14) ? 0xc3 : 0xc0; 3087 run_rt3070_rf_write(sc, 9, rf); 3088 3089 /* set loop filter 1 */ 3090 run_rt3070_rf_write(sc, 10, 0xf1); 3091 /* set loop filter 2 */ 3092 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 3093 3094 /* set tx_mx2_ic */ 3095 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 3096 /* set tx_mx1_ic */ 3097 if (chan <= 14) 3098 rf = 0x48 | sc->txmixgain_2ghz; 3099 else 3100 rf = 0x78 | sc->txmixgain_5ghz; 3101 run_rt3070_rf_write(sc, 16, rf); 3102 3103 /* set tx_lo1 */ 3104 run_rt3070_rf_write(sc, 17, 0x23); 3105 /* set tx_lo2 */ 3106 if (chan <= 14) 3107 rf = 0x93; 3108 else if (chan <= 64) 3109 rf = 0xb7; 3110 else if (chan <= 128) 3111 rf = 0x74; 3112 else 3113 rf = 0x72; 3114 run_rt3070_rf_write(sc, 19, rf); 3115 3116 /* set rx_lo1 */ 3117 if (chan <= 14) 3118 rf = 0xb3; 3119 else if (chan <= 64) 3120 rf = 0xf6; 3121 else if (chan <= 128) 3122 rf = 0xf4; 3123 else 3124 rf = 0xf3; 3125 run_rt3070_rf_write(sc, 20, rf); 3126 3127 /* set pfd_delay */ 3128 if (chan <= 14) 3129 rf = 0x15; 3130 else if (chan <= 64) 3131 rf = 0x3d; 3132 else 3133 rf = 0x01; 3134 run_rt3070_rf_write(sc, 25, rf); 3135 3136 /* set rx_lo2 */ 3137 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 3138 /* set ldo_rf_vc */ 3139 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 3140 /* set drv_cc */ 3141 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 3142 3143 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3144 tmp &= ~0x8080; 3145 if (chan <= 14) 3146 tmp |= 0x80; 3147 run_write(sc, RT2860_GPIO_CTRL, tmp); 3148 3149 /* enable RF tuning */ 3150 run_rt3070_rf_read(sc, 7, &rf); 3151 run_rt3070_rf_write(sc, 7, rf | 0x01); 3152 3153 DELAY(2000); 3154 } 3155 3156 void 3157 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 3158 { 3159 int8_t txpow1, txpow2, txpow3; 3160 uint8_t h20mhz, rf; 3161 int i; 3162 3163 /* find the settings for this channel (we know it exists) */ 3164 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3165 3166 /* use Tx power values from EEPROM */ 3167 txpow1 = sc->txpow1[i]; 3168 txpow2 = sc->txpow2[i]; 3169 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 3170 3171 if (chan <= 14) { 3172 run_bbp_write(sc, 25, sc->bbp25); 3173 run_bbp_write(sc, 26, sc->bbp26); 3174 } else { 3175 /* Enable IQ phase correction. */ 3176 run_bbp_write(sc, 25, 0x09); 3177 run_bbp_write(sc, 26, 0xff); 3178 } 3179 3180 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 3181 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 3182 run_rt3070_rf_read(sc, 11, &rf); 3183 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 3184 run_rt3070_rf_write(sc, 11, rf); 3185 3186 /* Set pll_idoh. */ 3187 run_rt3070_rf_read(sc, 11, &rf); 3188 rf &= ~0x4c; 3189 rf |= (chan <= 14) ? 0x44 : 0x48; 3190 run_rt3070_rf_write(sc, 11, rf); 3191 3192 if (chan <= 14) 3193 rf = txpow1 & 0x1f; 3194 else 3195 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 3196 run_rt3070_rf_write(sc, 53, rf); 3197 3198 if (chan <= 14) 3199 rf = txpow2 & 0x1f; 3200 else 3201 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 3202 run_rt3070_rf_write(sc, 55, rf); 3203 3204 if (chan <= 14) 3205 rf = txpow3 & 0x1f; 3206 else 3207 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 3208 run_rt3070_rf_write(sc, 54, rf); 3209 3210 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 3211 if (sc->ntxchains == 3) 3212 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 3213 else 3214 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 3215 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 3216 run_rt3070_rf_write(sc, 1, rf); 3217 3218 run_adjust_freq_offset(sc); 3219 3220 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 3221 3222 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 3223 run_rt3070_rf_read(sc, 30, &rf); 3224 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 3225 run_rt3070_rf_write(sc, 30, rf); 3226 3227 run_rt3070_rf_read(sc, 36, &rf); 3228 if (chan <= 14) 3229 rf |= 0x80; 3230 else 3231 rf &= ~0x80; 3232 run_rt3070_rf_write(sc, 36, rf); 3233 3234 /* Set vcolo_bs. */ 3235 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 3236 /* Set pfd_delay. */ 3237 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 3238 3239 /* Set vco bias current control. */ 3240 run_rt3070_rf_read(sc, 6, &rf); 3241 rf &= ~0xc0; 3242 if (chan <= 14) 3243 rf |= 0x40; 3244 else if (chan <= 128) 3245 rf |= 0x80; 3246 else 3247 rf |= 0x40; 3248 run_rt3070_rf_write(sc, 6, rf); 3249 3250 run_rt3070_rf_read(sc, 30, &rf); 3251 rf = (rf & ~0x18) | 0x10; 3252 run_rt3070_rf_write(sc, 30, rf); 3253 3254 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 3255 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 3256 3257 run_rt3070_rf_read(sc, 51, &rf); 3258 rf = (rf & ~0x03) | 0x01; 3259 run_rt3070_rf_write(sc, 51, rf); 3260 /* Set tx_mx1_cc. */ 3261 run_rt3070_rf_read(sc, 51, &rf); 3262 rf &= ~0x1c; 3263 rf |= (chan <= 14) ? 0x14 : 0x10; 3264 run_rt3070_rf_write(sc, 51, rf); 3265 /* Set tx_mx1_ic. */ 3266 run_rt3070_rf_read(sc, 51, &rf); 3267 rf &= ~0xe0; 3268 rf |= (chan <= 14) ? 0x60 : 0x40; 3269 run_rt3070_rf_write(sc, 51, rf); 3270 /* Set tx_lo1_ic. */ 3271 run_rt3070_rf_read(sc, 49, &rf); 3272 rf &= ~0x1c; 3273 rf |= (chan <= 14) ? 0x0c : 0x08; 3274 run_rt3070_rf_write(sc, 49, rf); 3275 /* Set tx_lo1_en. */ 3276 run_rt3070_rf_read(sc, 50, &rf); 3277 run_rt3070_rf_write(sc, 50, rf & ~0x20); 3278 /* Set drv_cc. */ 3279 run_rt3070_rf_read(sc, 57, &rf); 3280 rf &= ~0xfc; 3281 rf |= (chan <= 14) ? 0x6c : 0x3c; 3282 run_rt3070_rf_write(sc, 57, rf); 3283 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 3284 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 3285 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 3286 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 3287 /* Enable VCO calibration. */ 3288 run_rt3070_rf_read(sc, 3, &rf); 3289 rf &= ~RT3593_VCOCAL; 3290 rf |= (chan <= 14) ? RT3593_VCOCAL : 0xbe; 3291 run_rt3070_rf_write(sc, 3, rf); 3292 3293 if (chan <= 14) 3294 rf = 0x23; 3295 else if (chan <= 64) 3296 rf = 0x36; 3297 else if (chan <= 128) 3298 rf = 0x32; 3299 else 3300 rf = 0x30; 3301 run_rt3070_rf_write(sc, 39, rf); 3302 if (chan <= 14) 3303 rf = 0xbb; 3304 else if (chan <= 64) 3305 rf = 0xeb; 3306 else if (chan <= 128) 3307 rf = 0xb3; 3308 else 3309 rf = 0x9b; 3310 run_rt3070_rf_write(sc, 45, rf); 3311 3312 /* Set FEQ/AEQ control. */ 3313 run_bbp_write(sc, 105, 0x34); 3314 } 3315 3316 void 3317 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 3318 { 3319 int8_t txpow1, txpow2; 3320 uint8_t rf; 3321 int i; 3322 3323 /* find the settings for this channel (we know it exists) */ 3324 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3325 3326 /* use Tx power values from EEPROM */ 3327 txpow1 = sc->txpow1[i]; 3328 txpow2 = sc->txpow2[i]; 3329 3330 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 3331 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 3332 run_rt3070_rf_read(sc, 11, &rf); 3333 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 3334 run_rt3070_rf_write(sc, 11, rf); 3335 3336 run_rt3070_rf_read(sc, 49, &rf); 3337 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 3338 /* The valid range of the RF R49 is 0x00 to 0x27. */ 3339 if ((rf & 0x3f) > 0x27) 3340 rf = (rf & ~0x3f) | 0x27; 3341 run_rt3070_rf_write(sc, 49, rf); 3342 3343 if (sc->mac_ver == 0x5392) { 3344 run_rt3070_rf_read(sc, 50, &rf); 3345 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 3346 /* The valid range of the RF R50 is 0x00 to 0x27. */ 3347 if ((rf & 0x3f) > 0x27) 3348 rf = (rf & ~0x3f) | 0x27; 3349 run_rt3070_rf_write(sc, 50, rf); 3350 } 3351 3352 run_rt3070_rf_read(sc, 1, &rf); 3353 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 3354 if (sc->mac_ver == 0x5392) 3355 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 3356 run_rt3070_rf_write(sc, 1, rf); 3357 3358 if (sc->mac_ver != 0x5392) { 3359 run_rt3070_rf_read(sc, 2, &rf); 3360 rf |= 0x80; 3361 run_rt3070_rf_write(sc, 2, rf); 3362 DELAY(10); 3363 rf &= 0x7f; 3364 run_rt3070_rf_write(sc, 2, rf); 3365 } 3366 3367 run_adjust_freq_offset(sc); 3368 3369 if (sc->mac_ver == 0x5392) { 3370 /* Fix for RT5392C. */ 3371 if (sc->mac_rev >= 0x0223) { 3372 if (chan <= 4) 3373 rf = 0x0f; 3374 else if (chan >= 5 && chan <= 7) 3375 rf = 0x0e; 3376 else 3377 rf = 0x0d; 3378 run_rt3070_rf_write(sc, 23, rf); 3379 3380 if (chan <= 4) 3381 rf = 0x0c; 3382 else if (chan == 5) 3383 rf = 0x0b; 3384 else if (chan >= 6 && chan <= 7) 3385 rf = 0x0a; 3386 else if (chan >= 8 && chan <= 10) 3387 rf = 0x09; 3388 else 3389 rf = 0x08; 3390 run_rt3070_rf_write(sc, 59, rf); 3391 } else { 3392 if (chan <= 11) 3393 rf = 0x0f; 3394 else 3395 rf = 0x0b; 3396 run_rt3070_rf_write(sc, 59, rf); 3397 } 3398 } else { 3399 /* Fix for RT5390F. */ 3400 if (sc->mac_rev >= 0x0502) { 3401 if (chan <= 11) 3402 rf = 0x43; 3403 else 3404 rf = 0x23; 3405 run_rt3070_rf_write(sc, 55, rf); 3406 3407 if (chan <= 11) 3408 rf = 0x0f; 3409 else if (chan == 12) 3410 rf = 0x0d; 3411 else 3412 rf = 0x0b; 3413 run_rt3070_rf_write(sc, 59, rf); 3414 } else { 3415 run_rt3070_rf_write(sc, 55, 0x44); 3416 run_rt3070_rf_write(sc, 59, 0x8f); 3417 } 3418 } 3419 3420 /* Enable VCO calibration. */ 3421 run_rt3070_rf_read(sc, 3, &rf); 3422 rf |= RT3593_VCOCAL; 3423 run_rt3070_rf_write(sc, 3, rf); 3424 } 3425 3426 void 3427 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 3428 { 3429 const struct rt5592_freqs *freqs; 3430 uint32_t tmp; 3431 uint8_t reg, rf, txpow_bound; 3432 int8_t txpow1, txpow2; 3433 int i; 3434 3435 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 3436 freqs = (tmp & RT5592_SEL_XTAL) ? 3437 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 3438 3439 /* find the settings for this channel (we know it exists) */ 3440 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 3441 3442 /* use Tx power values from EEPROM */ 3443 txpow1 = sc->txpow1[i]; 3444 txpow2 = sc->txpow2[i]; 3445 3446 run_read(sc, RT3070_LDO_CFG0, &tmp); 3447 tmp &= ~0x1c000000; 3448 if (chan > 14) 3449 tmp |= 0x14000000; 3450 run_write(sc, RT3070_LDO_CFG0, tmp); 3451 3452 /* N setting. */ 3453 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 3454 run_rt3070_rf_read(sc, 9, &rf); 3455 rf &= ~(1 << 4); 3456 rf |= ((freqs->n & 0x0100) >> 8) << 4; 3457 run_rt3070_rf_write(sc, 9, rf); 3458 3459 /* K setting. */ 3460 run_rt3070_rf_read(sc, 9, &rf); 3461 rf &= ~0x0f; 3462 rf |= (freqs->k & 0x0f); 3463 run_rt3070_rf_write(sc, 9, rf); 3464 3465 /* Mode setting. */ 3466 run_rt3070_rf_read(sc, 11, &rf); 3467 rf &= ~0x0c; 3468 rf |= ((freqs->m - 0x8) & 0x3) << 2; 3469 run_rt3070_rf_write(sc, 11, rf); 3470 run_rt3070_rf_read(sc, 9, &rf); 3471 rf &= ~(1 << 7); 3472 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 3473 run_rt3070_rf_write(sc, 9, rf); 3474 3475 /* R setting. */ 3476 run_rt3070_rf_read(sc, 11, &rf); 3477 rf &= ~0x03; 3478 rf |= (freqs->r - 0x1); 3479 run_rt3070_rf_write(sc, 11, rf); 3480 3481 if (chan <= 14) { 3482 /* Initialize RF registers for 2GHZ. */ 3483 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 3484 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 3485 rt5592_2ghz_def_rf[i].val); 3486 } 3487 3488 rf = (chan <= 10) ? 0x07 : 0x06; 3489 run_rt3070_rf_write(sc, 23, rf); 3490 run_rt3070_rf_write(sc, 59, rf); 3491 3492 run_rt3070_rf_write(sc, 55, 0x43); 3493 3494 /* 3495 * RF R49/R50 Tx power ALC code. 3496 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 3497 */ 3498 reg = 2; 3499 txpow_bound = 0x27; 3500 } else { 3501 /* Initialize RF registers for 5GHZ. */ 3502 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 3503 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 3504 rt5592_5ghz_def_rf[i].val); 3505 } 3506 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 3507 if (chan >= rt5592_chan_5ghz[i].firstchan && 3508 chan <= rt5592_chan_5ghz[i].lastchan) { 3509 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 3510 rt5592_chan_5ghz[i].val); 3511 } 3512 } 3513 3514 /* 3515 * RF R49/R50 Tx power ALC code. 3516 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 3517 */ 3518 reg = 3; 3519 txpow_bound = 0x2b; 3520 } 3521 3522 /* RF R49 ch0 Tx power ALC code. */ 3523 run_rt3070_rf_read(sc, 49, &rf); 3524 rf &= ~0xc0; 3525 rf |= (reg << 6); 3526 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 3527 if ((rf & 0x3f) > txpow_bound) 3528 rf = (rf & ~0x3f) | txpow_bound; 3529 run_rt3070_rf_write(sc, 49, rf); 3530 3531 /* RF R50 ch1 Tx power ALC code. */ 3532 run_rt3070_rf_read(sc, 50, &rf); 3533 rf &= ~(1 << 7 | 1 << 6); 3534 rf |= (reg << 6); 3535 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 3536 if ((rf & 0x3f) > txpow_bound) 3537 rf = (rf & ~0x3f) | txpow_bound; 3538 run_rt3070_rf_write(sc, 50, rf); 3539 3540 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 3541 run_rt3070_rf_read(sc, 1, &rf); 3542 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 3543 if (sc->ntxchains > 1) 3544 rf |= RT3070_TX1_PD; 3545 if (sc->nrxchains > 1) 3546 rf |= RT3070_RX1_PD; 3547 run_rt3070_rf_write(sc, 1, rf); 3548 3549 run_rt3070_rf_write(sc, 6, 0xe4); 3550 3551 run_rt3070_rf_write(sc, 30, 0x10); 3552 run_rt3070_rf_write(sc, 31, 0x80); 3553 run_rt3070_rf_write(sc, 32, 0x80); 3554 3555 run_adjust_freq_offset(sc); 3556 3557 /* Enable VCO calibration. */ 3558 run_rt3070_rf_read(sc, 3, &rf); 3559 rf |= RT3593_VCOCAL; 3560 run_rt3070_rf_write(sc, 3, rf); 3561 } 3562 3563 void 3564 run_set_agc(struct run_softc *sc, uint8_t agc) 3565 { 3566 uint8_t bbp; 3567 3568 if (sc->mac_ver == 0x3572) { 3569 run_bbp_read(sc, 27, &bbp); 3570 bbp &= ~(0x3 << 5); 3571 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3572 run_bbp_write(sc, 66, agc); 3573 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3574 run_bbp_write(sc, 66, agc); 3575 } else 3576 run_bbp_write(sc, 66, agc); 3577 } 3578 3579 void 3580 run_set_rx_antenna(struct run_softc *sc, int aux) 3581 { 3582 uint32_t tmp; 3583 uint8_t bbp152; 3584 3585 if (aux) { 3586 if (sc->rf_rev == RT5390_RF_5370) { 3587 run_bbp_read(sc, 152, &bbp152); 3588 run_bbp_write(sc, 152, bbp152 & ~0x80); 3589 } else { 3590 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 3591 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3592 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 3593 } 3594 } else { 3595 if (sc->rf_rev == RT5390_RF_5370) { 3596 run_bbp_read(sc, 152, &bbp152); 3597 run_bbp_write(sc, 152, bbp152 | 0x80); 3598 } else { 3599 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 3600 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3601 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 3602 } 3603 } 3604 } 3605 3606 int 3607 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 3608 { 3609 struct ieee80211com *ic = &sc->sc_ic; 3610 u_int chan, group; 3611 3612 chan = ieee80211_chan2ieee(ic, c); 3613 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 3614 return EINVAL; 3615 3616 if (sc->mac_ver == 0x5592) 3617 run_rt5592_set_chan(sc, chan); 3618 else if (sc->mac_ver >= 0x5390) 3619 run_rt5390_set_chan(sc, chan); 3620 else if (sc->mac_ver == 0x3593) 3621 run_rt3593_set_chan(sc, chan); 3622 else if (sc->mac_ver == 0x3572) 3623 run_rt3572_set_chan(sc, chan); 3624 else if (sc->mac_ver >= 0x3070) 3625 run_rt3070_set_chan(sc, chan); 3626 else 3627 run_rt2870_set_chan(sc, chan); 3628 3629 /* determine channel group */ 3630 if (chan <= 14) 3631 group = 0; 3632 else if (chan <= 64) 3633 group = 1; 3634 else if (chan <= 128) 3635 group = 2; 3636 else 3637 group = 3; 3638 3639 /* XXX necessary only when group has changed! */ 3640 run_select_chan_group(sc, group); 3641 3642 DELAY(1000); 3643 3644 /* Perform IQ calibration. */ 3645 if (sc->mac_ver >= 0x5392) 3646 run_iq_calib(sc, chan); 3647 3648 return 0; 3649 } 3650 3651 void 3652 run_enable_tsf_sync(struct run_softc *sc) 3653 { 3654 struct ieee80211com *ic = &sc->sc_ic; 3655 uint32_t tmp; 3656 3657 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3658 tmp &= ~0x1fffff; 3659 tmp |= ic->ic_bss->ni_intval * 16; 3660 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 3661 /* local TSF is always updated with remote TSF on beacon reception */ 3662 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 3663 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3664 } 3665 3666 void 3667 run_enable_mrr(struct run_softc *sc) 3668 { 3669 #define CCK(mcs) (mcs) 3670 #define OFDM(mcs) (1 << 3 | (mcs)) 3671 run_write(sc, RT2860_LG_FBK_CFG0, 3672 OFDM(6) << 28 | /* 54->48 */ 3673 OFDM(5) << 24 | /* 48->36 */ 3674 OFDM(4) << 20 | /* 36->24 */ 3675 OFDM(3) << 16 | /* 24->18 */ 3676 OFDM(2) << 12 | /* 18->12 */ 3677 OFDM(1) << 8 | /* 12-> 9 */ 3678 OFDM(0) << 4 | /* 9-> 6 */ 3679 OFDM(0)); /* 6-> 6 */ 3680 3681 run_write(sc, RT2860_LG_FBK_CFG1, 3682 CCK(2) << 12 | /* 11->5.5 */ 3683 CCK(1) << 8 | /* 5.5-> 2 */ 3684 CCK(0) << 4 | /* 2-> 1 */ 3685 CCK(0)); /* 1-> 1 */ 3686 #undef OFDM 3687 #undef CCK 3688 } 3689 3690 void 3691 run_set_txpreamble(struct run_softc *sc) 3692 { 3693 uint32_t tmp; 3694 3695 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 3696 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 3697 tmp |= RT2860_CCK_SHORT_EN; 3698 else 3699 tmp &= ~RT2860_CCK_SHORT_EN; 3700 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 3701 } 3702 3703 void 3704 run_set_basicrates(struct run_softc *sc) 3705 { 3706 struct ieee80211com *ic = &sc->sc_ic; 3707 3708 /* set basic rates mask */ 3709 if (ic->ic_curmode == IEEE80211_MODE_11B) 3710 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 3711 else if (ic->ic_curmode == IEEE80211_MODE_11A) 3712 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 3713 else /* 11g */ 3714 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 3715 } 3716 3717 void 3718 run_set_leds(struct run_softc *sc, uint16_t which) 3719 { 3720 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 3721 which | (sc->leds & 0x7f)); 3722 } 3723 3724 void 3725 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 3726 { 3727 run_write(sc, RT2860_MAC_BSSID_DW0, 3728 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3729 run_write(sc, RT2860_MAC_BSSID_DW1, 3730 bssid[4] | bssid[5] << 8); 3731 } 3732 3733 void 3734 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 3735 { 3736 run_write(sc, RT2860_MAC_ADDR_DW0, 3737 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3738 run_write(sc, RT2860_MAC_ADDR_DW1, 3739 addr[4] | addr[5] << 8 | 0xff << 16); 3740 } 3741 3742 void 3743 run_updateslot(struct ieee80211com *ic) 3744 { 3745 /* do it in a process context */ 3746 run_do_async(ic->ic_softc, run_updateslot_cb, NULL, 0); 3747 } 3748 3749 /* ARGSUSED */ 3750 void 3751 run_updateslot_cb(struct run_softc *sc, void *arg) 3752 { 3753 uint32_t tmp; 3754 3755 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 3756 tmp &= ~0xff; 3757 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 3758 IEEE80211_DUR_DS_SHSLOT : IEEE80211_DUR_DS_SLOT; 3759 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 3760 } 3761 3762 #if NBPFILTER > 0 3763 int8_t 3764 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 3765 { 3766 struct ieee80211com *ic = &sc->sc_ic; 3767 struct ieee80211_channel *c = ic->ic_ibss_chan; 3768 int delta; 3769 3770 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3771 u_int chan = ieee80211_chan2ieee(ic, c); 3772 delta = sc->rssi_5ghz[rxchain]; 3773 3774 /* determine channel group */ 3775 if (chan <= 64) 3776 delta -= sc->lna[1]; 3777 else if (chan <= 128) 3778 delta -= sc->lna[2]; 3779 else 3780 delta -= sc->lna[3]; 3781 } else 3782 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 3783 3784 return -12 - delta - rssi; 3785 } 3786 #endif 3787 3788 void 3789 run_rt5390_bbp_init(struct run_softc *sc) 3790 { 3791 int i; 3792 uint8_t bbp; 3793 3794 /* Apply maximum likelihood detection for 2 stream case. */ 3795 run_bbp_read(sc, 105, &bbp); 3796 if (sc->nrxchains > 1) 3797 run_bbp_write(sc, 105, bbp | RT5390_MLD); 3798 3799 /* Avoid data lost and CRC error. */ 3800 run_bbp_read(sc, 4, &bbp); 3801 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 3802 3803 if (sc->mac_ver == 0x5592) { 3804 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 3805 run_bbp_write(sc, rt5592_def_bbp[i].reg, 3806 rt5592_def_bbp[i].val); 3807 } 3808 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 3809 run_bbp_write(sc, 195, i + 0x80); 3810 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 3811 } 3812 } else { 3813 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 3814 run_bbp_write(sc, rt5390_def_bbp[i].reg, 3815 rt5390_def_bbp[i].val); 3816 } 3817 } 3818 if (sc->mac_ver == 0x5392) { 3819 run_bbp_write(sc, 88, 0x90); 3820 run_bbp_write(sc, 95, 0x9a); 3821 run_bbp_write(sc, 98, 0x12); 3822 run_bbp_write(sc, 106, 0x12); 3823 run_bbp_write(sc, 134, 0xd0); 3824 run_bbp_write(sc, 135, 0xf6); 3825 run_bbp_write(sc, 148, 0x84); 3826 } 3827 3828 run_bbp_read(sc, 152, &bbp); 3829 run_bbp_write(sc, 152, bbp | 0x80); 3830 3831 /* Fix BBP254 for RT5592C. */ 3832 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 3833 run_bbp_read(sc, 254, &bbp); 3834 run_bbp_write(sc, 254, bbp | 0x80); 3835 } 3836 3837 /* Disable hardware antenna diversity. */ 3838 if (sc->mac_ver == 0x5390) 3839 run_bbp_write(sc, 154, 0); 3840 3841 /* Initialize Rx CCK/OFDM frequency offset report. */ 3842 run_bbp_write(sc, 142, 1); 3843 run_bbp_write(sc, 143, 57); 3844 } 3845 3846 int 3847 run_bbp_init(struct run_softc *sc) 3848 { 3849 int i, error, ntries; 3850 uint8_t bbp0; 3851 3852 /* wait for BBP to wake up */ 3853 for (ntries = 0; ntries < 20; ntries++) { 3854 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 3855 return error; 3856 if (bbp0 != 0 && bbp0 != 0xff) 3857 break; 3858 } 3859 if (ntries == 20) 3860 return ETIMEDOUT; 3861 3862 /* initialize BBP registers to default values */ 3863 if (sc->mac_ver >= 0x5390) 3864 run_rt5390_bbp_init(sc); 3865 else { 3866 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 3867 run_bbp_write(sc, rt2860_def_bbp[i].reg, 3868 rt2860_def_bbp[i].val); 3869 } 3870 } 3871 3872 if (sc->mac_ver == 0x3593) { 3873 run_bbp_write(sc, 79, 0x13); 3874 run_bbp_write(sc, 80, 0x05); 3875 run_bbp_write(sc, 81, 0x33); 3876 run_bbp_write(sc, 86, 0x46); 3877 run_bbp_write(sc, 137, 0x0f); 3878 } 3879 3880 /* fix BBP84 for RT2860E */ 3881 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 3882 run_bbp_write(sc, 84, 0x19); 3883 3884 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 3885 sc->mac_ver != 0x5592)) { 3886 run_bbp_write(sc, 79, 0x13); 3887 run_bbp_write(sc, 80, 0x05); 3888 run_bbp_write(sc, 81, 0x33); 3889 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 3890 run_bbp_write(sc, 69, 0x16); 3891 run_bbp_write(sc, 73, 0x12); 3892 } 3893 return 0; 3894 } 3895 3896 int 3897 run_rt3070_rf_init(struct run_softc *sc) 3898 { 3899 uint32_t tmp; 3900 uint8_t bbp4, mingain, rf, target; 3901 int i; 3902 3903 run_rt3070_rf_read(sc, 30, &rf); 3904 /* toggle RF R30 bit 7 */ 3905 run_rt3070_rf_write(sc, 30, rf | 0x80); 3906 DELAY(1000); 3907 run_rt3070_rf_write(sc, 30, rf & ~0x80); 3908 3909 /* initialize RF registers to default value */ 3910 if (sc->mac_ver == 0x3572) { 3911 for (i = 0; i < nitems(rt3572_def_rf); i++) { 3912 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 3913 rt3572_def_rf[i].val); 3914 } 3915 } else { 3916 for (i = 0; i < nitems(rt3070_def_rf); i++) { 3917 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3918 rt3070_def_rf[i].val); 3919 } 3920 } 3921 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 3922 /* 3923 * Change voltage from 1.2V to 1.35V for RT3070. 3924 * The DAC issue (RT3070_LDO_CFG0) has been fixed 3925 * in RT3070(F). 3926 */ 3927 run_read(sc, RT3070_LDO_CFG0, &tmp); 3928 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3929 run_write(sc, RT3070_LDO_CFG0, tmp); 3930 3931 } else if (sc->mac_ver == 0x3071) { 3932 run_rt3070_rf_read(sc, 6, &rf); 3933 run_rt3070_rf_write(sc, 6, rf | 0x40); 3934 run_rt3070_rf_write(sc, 31, 0x14); 3935 3936 run_read(sc, RT3070_LDO_CFG0, &tmp); 3937 tmp &= ~0x1f000000; 3938 if (sc->mac_rev < 0x0211) 3939 tmp |= 0x0d000000; /* 1.35V */ 3940 else 3941 tmp |= 0x01000000; /* 1.2V */ 3942 run_write(sc, RT3070_LDO_CFG0, tmp); 3943 3944 /* patch LNA_PE_G1 */ 3945 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3946 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3947 3948 } else if (sc->mac_ver == 0x3572) { 3949 run_rt3070_rf_read(sc, 6, &rf); 3950 run_rt3070_rf_write(sc, 6, rf | 0x40); 3951 /* increase voltage from 1.2V to 1.35V */ 3952 run_read(sc, RT3070_LDO_CFG0, &tmp); 3953 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3954 run_write(sc, RT3070_LDO_CFG0, tmp); 3955 3956 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 3957 DELAY(1); /* wait for 1msec */ 3958 /* decrease voltage back to 1.2V */ 3959 tmp = (tmp & ~0x1f000000) | 0x01000000; 3960 run_write(sc, RT3070_LDO_CFG0, tmp); 3961 } 3962 } 3963 3964 /* select 20MHz bandwidth */ 3965 run_rt3070_rf_read(sc, 31, &rf); 3966 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3967 3968 /* calibrate filter for 20MHz bandwidth */ 3969 sc->rf24_20mhz = 0x1f; /* default value */ 3970 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 3971 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 3972 3973 /* select 40MHz bandwidth */ 3974 run_bbp_read(sc, 4, &bbp4); 3975 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 3976 run_rt3070_rf_read(sc, 31, &rf); 3977 run_rt3070_rf_write(sc, 31, rf | 0x20); 3978 3979 /* calibrate filter for 40MHz bandwidth */ 3980 sc->rf24_40mhz = 0x2f; /* default value */ 3981 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 3982 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 3983 3984 /* go back to 20MHz bandwidth */ 3985 run_bbp_read(sc, 4, &bbp4); 3986 run_bbp_write(sc, 4, bbp4 & ~0x18); 3987 3988 if (sc->mac_ver == 0x3572) { 3989 /* save default BBP registers 25 and 26 values */ 3990 run_bbp_read(sc, 25, &sc->bbp25); 3991 run_bbp_read(sc, 26, &sc->bbp26); 3992 3993 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 3994 run_rt3070_rf_write(sc, 27, 0x03); 3995 3996 run_read(sc, RT3070_OPT_14, &tmp); 3997 run_write(sc, RT3070_OPT_14, tmp | 1); 3998 3999 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 4000 run_rt3070_rf_read(sc, 17, &rf); 4001 rf &= ~RT3070_TX_LO1; 4002 if ((sc->mac_ver == 0x3070 || 4003 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 4004 !sc->ext_2ghz_lna) 4005 rf |= 0x20; /* fix for long range Rx issue */ 4006 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 4007 if (sc->txmixgain_2ghz >= mingain) 4008 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 4009 run_rt3070_rf_write(sc, 17, rf); 4010 } 4011 if (sc->mac_ver == 0x3071) { 4012 run_rt3070_rf_read(sc, 1, &rf); 4013 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 4014 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 4015 run_rt3070_rf_write(sc, 1, rf); 4016 4017 run_rt3070_rf_read(sc, 15, &rf); 4018 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 4019 4020 run_rt3070_rf_read(sc, 20, &rf); 4021 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 4022 4023 run_rt3070_rf_read(sc, 21, &rf); 4024 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 4025 } 4026 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 4027 /* fix Tx to Rx IQ glitch by raising RF voltage */ 4028 run_rt3070_rf_read(sc, 27, &rf); 4029 rf &= ~0x77; 4030 if (sc->mac_rev < 0x0211) 4031 rf |= 0x03; 4032 run_rt3070_rf_write(sc, 27, rf); 4033 } 4034 return 0; 4035 } 4036 4037 void 4038 run_rt3593_rf_init(struct run_softc *sc) 4039 { 4040 uint32_t tmp; 4041 uint8_t rf; 4042 int i; 4043 4044 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 4045 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 4046 tmp &= ~(1 << 4 | 1 << 7); 4047 run_write(sc, RT3070_GPIO_SWITCH, tmp); 4048 4049 /* Initialize RF registers to default value. */ 4050 for (i = 0; i < nitems(rt3593_def_rf); i++) { 4051 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 4052 rt3593_def_rf[i].val); 4053 } 4054 4055 /* Toggle RF R2 to initiate calibration. */ 4056 run_rt3070_rf_write(sc, 2, RT3593_RESCAL); 4057 4058 /* Initialize RF frequency offset. */ 4059 run_adjust_freq_offset(sc); 4060 4061 run_rt3070_rf_read(sc, 18, &rf); 4062 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 4063 4064 /* 4065 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 4066 * decrease voltage back to 1.2V. 4067 */ 4068 run_read(sc, RT3070_LDO_CFG0, &tmp); 4069 tmp = (tmp & ~0x1f000000) | 0x0d000000; 4070 run_write(sc, RT3070_LDO_CFG0, tmp); 4071 DELAY(1); 4072 tmp = (tmp & ~0x1f000000) | 0x01000000; 4073 run_write(sc, RT3070_LDO_CFG0, tmp); 4074 4075 sc->rf24_20mhz = 0x1f; 4076 sc->rf24_40mhz = 0x2f; 4077 4078 /* Save default BBP registers 25 and 26 values. */ 4079 run_bbp_read(sc, 25, &sc->bbp25); 4080 run_bbp_read(sc, 26, &sc->bbp26); 4081 4082 run_read(sc, RT3070_OPT_14, &tmp); 4083 run_write(sc, RT3070_OPT_14, tmp | 1); 4084 } 4085 4086 void 4087 run_rt5390_rf_init(struct run_softc *sc) 4088 { 4089 uint32_t tmp; 4090 uint8_t rf; 4091 int i; 4092 4093 /* Toggle RF R2 to initiate calibration. */ 4094 if (sc->mac_ver == 0x5390) { 4095 run_rt3070_rf_read(sc, 2, &rf); 4096 run_rt3070_rf_write(sc, 2, rf | RT3593_RESCAL); 4097 DELAY(10); 4098 run_rt3070_rf_write(sc, 2, rf & ~RT3593_RESCAL); 4099 } else { 4100 run_rt3070_rf_write(sc, 2, RT3593_RESCAL); 4101 DELAY(10); 4102 } 4103 4104 /* Initialize RF registers to default value. */ 4105 if (sc->mac_ver == 0x5592) { 4106 for (i = 0; i < nitems(rt5592_def_rf); i++) { 4107 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 4108 rt5592_def_rf[i].val); 4109 } 4110 /* Initialize RF frequency offset. */ 4111 run_adjust_freq_offset(sc); 4112 } else if (sc->mac_ver == 0x5392) { 4113 for (i = 0; i < nitems(rt5392_def_rf); i++) { 4114 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 4115 rt5392_def_rf[i].val); 4116 } 4117 if (sc->mac_rev >= 0x0223) { 4118 run_rt3070_rf_write(sc, 23, 0x0f); 4119 run_rt3070_rf_write(sc, 24, 0x3e); 4120 run_rt3070_rf_write(sc, 51, 0x32); 4121 run_rt3070_rf_write(sc, 53, 0x22); 4122 run_rt3070_rf_write(sc, 56, 0xc1); 4123 run_rt3070_rf_write(sc, 59, 0x0f); 4124 } 4125 } else { 4126 for (i = 0; i < nitems(rt5390_def_rf); i++) { 4127 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 4128 rt5390_def_rf[i].val); 4129 } 4130 if (sc->mac_rev >= 0x0502) { 4131 run_rt3070_rf_write(sc, 6, 0xe0); 4132 run_rt3070_rf_write(sc, 25, 0x80); 4133 run_rt3070_rf_write(sc, 46, 0x73); 4134 run_rt3070_rf_write(sc, 53, 0x00); 4135 run_rt3070_rf_write(sc, 56, 0x42); 4136 run_rt3070_rf_write(sc, 61, 0xd1); 4137 } 4138 } 4139 4140 sc->rf24_20mhz = 0x1f; /* default value */ 4141 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 4142 4143 if (sc->mac_rev < 0x0211) 4144 run_rt3070_rf_write(sc, 27, 0x3); 4145 4146 run_read(sc, RT3070_OPT_14, &tmp); 4147 run_write(sc, RT3070_OPT_14, tmp | 1); 4148 } 4149 4150 int 4151 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 4152 uint8_t *val) 4153 { 4154 uint8_t rf22, rf24; 4155 uint8_t bbp55_pb, bbp55_sb, delta; 4156 int ntries; 4157 4158 /* program filter */ 4159 run_rt3070_rf_read(sc, 24, &rf24); 4160 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 4161 run_rt3070_rf_write(sc, 24, rf24); 4162 4163 /* enable baseband loopback mode */ 4164 run_rt3070_rf_read(sc, 22, &rf22); 4165 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 4166 4167 /* set power and frequency of passband test tone */ 4168 run_bbp_write(sc, 24, 0x00); 4169 for (ntries = 0; ntries < 100; ntries++) { 4170 /* transmit test tone */ 4171 run_bbp_write(sc, 25, 0x90); 4172 DELAY(1000); 4173 /* read received power */ 4174 run_bbp_read(sc, 55, &bbp55_pb); 4175 if (bbp55_pb != 0) 4176 break; 4177 } 4178 if (ntries == 100) 4179 return ETIMEDOUT; 4180 4181 /* set power and frequency of stopband test tone */ 4182 run_bbp_write(sc, 24, 0x06); 4183 for (ntries = 0; ntries < 100; ntries++) { 4184 /* transmit test tone */ 4185 run_bbp_write(sc, 25, 0x90); 4186 DELAY(1000); 4187 /* read received power */ 4188 run_bbp_read(sc, 55, &bbp55_sb); 4189 4190 delta = bbp55_pb - bbp55_sb; 4191 if (delta > target) 4192 break; 4193 4194 /* reprogram filter */ 4195 rf24++; 4196 run_rt3070_rf_write(sc, 24, rf24); 4197 } 4198 if (ntries < 100) { 4199 if (rf24 != init) 4200 rf24--; /* backtrack */ 4201 *val = rf24; 4202 run_rt3070_rf_write(sc, 24, rf24); 4203 } 4204 4205 /* restore initial state */ 4206 run_bbp_write(sc, 24, 0x00); 4207 4208 /* disable baseband loopback mode */ 4209 run_rt3070_rf_read(sc, 22, &rf22); 4210 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 4211 4212 return 0; 4213 } 4214 4215 void 4216 run_rt3070_rf_setup(struct run_softc *sc) 4217 { 4218 uint8_t bbp, rf; 4219 int i; 4220 4221 if (sc->mac_ver == 0x3572) { 4222 /* enable DC filter */ 4223 if (sc->mac_rev >= 0x0201) 4224 run_bbp_write(sc, 103, 0xc0); 4225 4226 run_bbp_read(sc, 138, &bbp); 4227 if (sc->ntxchains == 1) 4228 bbp |= 0x20; /* turn off DAC1 */ 4229 if (sc->nrxchains == 1) 4230 bbp &= ~0x02; /* turn off ADC1 */ 4231 run_bbp_write(sc, 138, bbp); 4232 4233 if (sc->mac_rev >= 0x0211) { 4234 /* improve power consumption */ 4235 run_bbp_read(sc, 31, &bbp); 4236 run_bbp_write(sc, 31, bbp & ~0x03); 4237 } 4238 4239 run_rt3070_rf_read(sc, 16, &rf); 4240 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 4241 run_rt3070_rf_write(sc, 16, rf); 4242 4243 } else if (sc->mac_ver == 0x3071) { 4244 /* enable DC filter */ 4245 if (sc->mac_rev >= 0x0211) { 4246 run_bbp_write(sc, 103, 0xc0); 4247 4248 /* improve power consumption */ 4249 run_bbp_read(sc, 31, &bbp); 4250 run_bbp_write(sc, 31, bbp & ~0x03); 4251 } 4252 4253 run_bbp_read(sc, 138, &bbp); 4254 if (sc->ntxchains == 1) 4255 bbp |= 0x20; /* turn off DAC1 */ 4256 if (sc->nrxchains == 1) 4257 bbp &= ~0x02; /* turn off ADC1 */ 4258 run_bbp_write(sc, 138, bbp); 4259 4260 run_write(sc, RT2860_TX_SW_CFG1, 0); 4261 if (sc->mac_rev < 0x0211) { 4262 run_write(sc, RT2860_TX_SW_CFG2, 4263 sc->patch_dac ? 0x2c : 0x0f); 4264 } else 4265 run_write(sc, RT2860_TX_SW_CFG2, 0); 4266 4267 } else if (sc->mac_ver == 0x3070) { 4268 if (sc->mac_rev >= 0x0201) { 4269 /* enable DC filter */ 4270 run_bbp_write(sc, 103, 0xc0); 4271 4272 /* improve power consumption */ 4273 run_bbp_read(sc, 31, &bbp); 4274 run_bbp_write(sc, 31, bbp & ~0x03); 4275 } 4276 4277 if (sc->mac_rev < 0x0201) { 4278 run_write(sc, RT2860_TX_SW_CFG1, 0); 4279 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 4280 } else 4281 run_write(sc, RT2860_TX_SW_CFG2, 0); 4282 } 4283 4284 /* initialize RF registers from ROM for >=RT3071*/ 4285 if (sc->mac_ver >= 0x3071) { 4286 for (i = 0; i < 10; i++) { 4287 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 4288 continue; 4289 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 4290 } 4291 } 4292 } 4293 4294 void 4295 run_rt3593_rf_setup(struct run_softc *sc) 4296 { 4297 uint8_t bbp, rf; 4298 4299 if (sc->mac_rev >= 0x0211) { 4300 /* Enable DC filter. */ 4301 run_bbp_write(sc, 103, 0xc0); 4302 } 4303 run_write(sc, RT2860_TX_SW_CFG1, 0); 4304 if (sc->mac_rev < 0x0211) { 4305 run_write(sc, RT2860_TX_SW_CFG2, 4306 sc->patch_dac ? 0x2c : 0x0f); 4307 } else 4308 run_write(sc, RT2860_TX_SW_CFG2, 0); 4309 4310 run_rt3070_rf_read(sc, 50, &rf); 4311 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 4312 4313 run_rt3070_rf_read(sc, 51, &rf); 4314 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 4315 ((sc->txmixgain_2ghz & 0x07) << 2); 4316 run_rt3070_rf_write(sc, 51, rf); 4317 4318 run_rt3070_rf_read(sc, 38, &rf); 4319 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 4320 4321 run_rt3070_rf_read(sc, 39, &rf); 4322 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 4323 4324 run_rt3070_rf_read(sc, 1, &rf); 4325 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 4326 4327 run_rt3070_rf_read(sc, 30, &rf); 4328 rf = (rf & ~0x18) | 0x10; 4329 run_rt3070_rf_write(sc, 30, rf); 4330 4331 /* Apply maximum likelihood detection for 2 stream case. */ 4332 run_bbp_read(sc, 105, &bbp); 4333 if (sc->nrxchains > 1) 4334 run_bbp_write(sc, 105, bbp | RT5390_MLD); 4335 4336 /* Avoid data lost and CRC error. */ 4337 run_bbp_read(sc, 4, &bbp); 4338 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 4339 4340 run_bbp_write(sc, 92, 0x02); 4341 run_bbp_write(sc, 82, 0x82); 4342 run_bbp_write(sc, 106, 0x05); 4343 run_bbp_write(sc, 104, 0x92); 4344 run_bbp_write(sc, 88, 0x90); 4345 run_bbp_write(sc, 148, 0xc8); 4346 run_bbp_write(sc, 47, 0x48); 4347 run_bbp_write(sc, 120, 0x50); 4348 4349 run_bbp_write(sc, 163, 0x9d); 4350 4351 /* SNR mapping. */ 4352 run_bbp_write(sc, 142, 0x06); 4353 run_bbp_write(sc, 143, 0xa0); 4354 run_bbp_write(sc, 142, 0x07); 4355 run_bbp_write(sc, 143, 0xa1); 4356 run_bbp_write(sc, 142, 0x08); 4357 run_bbp_write(sc, 143, 0xa2); 4358 4359 run_bbp_write(sc, 31, 0x08); 4360 run_bbp_write(sc, 68, 0x0b); 4361 run_bbp_write(sc, 105, 0x04); 4362 } 4363 4364 void 4365 run_rt5390_rf_setup(struct run_softc *sc) 4366 { 4367 uint8_t bbp, rf; 4368 4369 if (sc->mac_rev >= 0x0211) { 4370 /* Enable DC filter. */ 4371 run_bbp_write(sc, 103, 0xc0); 4372 4373 if (sc->mac_ver != 0x5592) { 4374 /* Improve power consumption. */ 4375 run_bbp_read(sc, 31, &bbp); 4376 run_bbp_write(sc, 31, bbp & ~0x03); 4377 } 4378 } 4379 4380 run_bbp_read(sc, 138, &bbp); 4381 if (sc->ntxchains == 1) 4382 bbp |= 0x20; /* turn off DAC1 */ 4383 if (sc->nrxchains == 1) 4384 bbp &= ~0x02; /* turn off ADC1 */ 4385 run_bbp_write(sc, 138, bbp); 4386 4387 run_rt3070_rf_read(sc, 38, &rf); 4388 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 4389 4390 run_rt3070_rf_read(sc, 39, &rf); 4391 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 4392 4393 /* Avoid data lost and CRC error. */ 4394 run_bbp_read(sc, 4, &bbp); 4395 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 4396 4397 run_rt3070_rf_read(sc, 30, &rf); 4398 rf = (rf & ~0x18) | 0x10; 4399 run_rt3070_rf_write(sc, 30, rf); 4400 4401 if (sc->mac_ver != 0x5592) { 4402 run_write(sc, RT2860_TX_SW_CFG1, 0); 4403 if (sc->mac_rev < 0x0211) { 4404 run_write(sc, RT2860_TX_SW_CFG2, 4405 sc->patch_dac ? 0x2c : 0x0f); 4406 } else 4407 run_write(sc, RT2860_TX_SW_CFG2, 0); 4408 } 4409 } 4410 4411 int 4412 run_txrx_enable(struct run_softc *sc) 4413 { 4414 uint32_t tmp; 4415 int error, ntries; 4416 4417 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 4418 for (ntries = 0; ntries < 200; ntries++) { 4419 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 4420 return error; 4421 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4422 break; 4423 DELAY(1000); 4424 } 4425 if (ntries == 200) 4426 return ETIMEDOUT; 4427 4428 DELAY(50); 4429 4430 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 4431 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4432 4433 /* enable Rx bulk aggregation (set timeout and limit) */ 4434 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 4435 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 4436 run_write(sc, RT2860_USB_DMA_CFG, tmp); 4437 4438 /* set Rx filter */ 4439 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 4440 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) { 4441 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 4442 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 4443 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 4444 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 4445 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA) 4446 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 4447 } 4448 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 4449 4450 run_write(sc, RT2860_MAC_SYS_CTRL, 4451 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4452 4453 return 0; 4454 } 4455 4456 void 4457 run_adjust_freq_offset(struct run_softc *sc) 4458 { 4459 uint8_t rf, tmp; 4460 4461 run_rt3070_rf_read(sc, 17, &rf); 4462 tmp = rf; 4463 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 4464 rf = MIN(rf, 0x5f); 4465 4466 if (tmp != rf) 4467 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 4468 } 4469 4470 int 4471 run_init(struct ifnet *ifp) 4472 { 4473 struct run_softc *sc = ifp->if_softc; 4474 struct ieee80211com *ic = &sc->sc_ic; 4475 uint32_t tmp; 4476 uint8_t bbp1, bbp3; 4477 int i, error, qid, ridx, ntries; 4478 4479 if (usbd_is_dying(sc->sc_udev)) 4480 return ENXIO; 4481 4482 for (ntries = 0; ntries < 100; ntries++) { 4483 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0) 4484 goto fail; 4485 if (tmp != 0 && tmp != 0xffffffff) 4486 break; 4487 DELAY(10); 4488 } 4489 if (ntries == 100) { 4490 error = ETIMEDOUT; 4491 goto fail; 4492 } 4493 4494 if ((error = run_load_microcode(sc)) != 0) { 4495 printf("%s: could not load 8051 microcode\n", 4496 sc->sc_dev.dv_xname); 4497 goto fail; 4498 } 4499 4500 /* init host command ring */ 4501 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 4502 4503 /* init Tx rings (4 EDCAs) */ 4504 for (qid = 0; qid < 4; qid++) { 4505 if ((error = run_alloc_tx_ring(sc, qid)) != 0) 4506 goto fail; 4507 } 4508 /* init Rx ring */ 4509 if ((error = run_alloc_rx_ring(sc)) != 0) 4510 goto fail; 4511 4512 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 4513 run_set_macaddr(sc, ic->ic_myaddr); 4514 4515 for (ntries = 0; ntries < 100; ntries++) { 4516 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 4517 goto fail; 4518 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4519 break; 4520 DELAY(1000); 4521 } 4522 if (ntries == 100) { 4523 printf("%s: timeout waiting for DMA engine\n", 4524 sc->sc_dev.dv_xname); 4525 error = ETIMEDOUT; 4526 goto fail; 4527 } 4528 tmp &= 0xff0; 4529 tmp |= RT2860_TX_WB_DDONE; 4530 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4531 4532 /* turn off PME_OEN to solve high-current issue */ 4533 run_read(sc, RT2860_SYS_CTRL, &tmp); 4534 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 4535 4536 run_write(sc, RT2860_MAC_SYS_CTRL, 4537 RT2860_BBP_HRST | RT2860_MAC_SRST); 4538 run_write(sc, RT2860_USB_DMA_CFG, 0); 4539 4540 if ((error = run_reset(sc)) != 0) { 4541 printf("%s: could not reset chipset\n", sc->sc_dev.dv_xname); 4542 goto fail; 4543 } 4544 4545 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4546 4547 /* init Tx power for all Tx rates (from EEPROM) */ 4548 for (ridx = 0; ridx < 5; ridx++) { 4549 if (sc->txpow20mhz[ridx] == 0xffffffff) 4550 continue; 4551 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 4552 } 4553 4554 for (i = 0; i < nitems(rt2870_def_mac); i++) 4555 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 4556 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 4557 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 4558 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 4559 4560 if (sc->mac_ver >= 0x5390) { 4561 run_write(sc, RT2860_TX_SW_CFG0, 4562 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 4563 if (sc->mac_ver >= 0x5392) { 4564 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 4565 if (sc->mac_ver == 0x5592) { 4566 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 4567 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 4568 } else { 4569 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 4570 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 4571 } 4572 } 4573 } else if (sc->mac_ver == 0x3593) { 4574 run_write(sc, RT2860_TX_SW_CFG0, 4575 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 4576 } else if (sc->mac_ver >= 0x3070) { 4577 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 4578 run_write(sc, RT2860_TX_SW_CFG0, 4579 4 << RT2860_DLY_PAPE_EN_SHIFT); 4580 } 4581 4582 /* wait while MAC is busy */ 4583 for (ntries = 0; ntries < 100; ntries++) { 4584 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0) 4585 goto fail; 4586 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 4587 break; 4588 DELAY(1000); 4589 } 4590 if (ntries == 100) { 4591 error = ETIMEDOUT; 4592 goto fail; 4593 } 4594 4595 /* clear Host to MCU mailbox */ 4596 run_write(sc, RT2860_H2M_BBPAGENT, 0); 4597 run_write(sc, RT2860_H2M_MAILBOX, 0); 4598 DELAY(1000); 4599 4600 if ((error = run_bbp_init(sc)) != 0) { 4601 printf("%s: could not initialize BBP\n", sc->sc_dev.dv_xname); 4602 goto fail; 4603 } 4604 4605 /* abort TSF synchronization */ 4606 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4607 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4608 RT2860_TBTT_TIMER_EN); 4609 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 4610 4611 /* clear RX WCID search table */ 4612 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 4613 /* clear WCID attribute table */ 4614 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 4615 /* clear shared key table */ 4616 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 4617 /* clear shared key mode */ 4618 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 4619 4620 run_read(sc, RT2860_US_CYC_CNT, &tmp); 4621 tmp = (tmp & ~0xff) | 0x1e; 4622 run_write(sc, RT2860_US_CYC_CNT, tmp); 4623 4624 if (sc->mac_rev != 0x0101) 4625 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 4626 4627 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 4628 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 4629 4630 /* write vendor-specific BBP values (from EEPROM) */ 4631 if (sc->mac_ver < 0x3593) { 4632 for (i = 0; i < 8; i++) { 4633 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 4634 continue; 4635 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 4636 } 4637 } 4638 4639 /* select Main antenna for 1T1R devices */ 4640 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 4641 run_set_rx_antenna(sc, 0); 4642 4643 /* send LEDs operating mode to microcontroller */ 4644 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 4645 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 4646 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 4647 4648 if (sc->mac_ver >= 0x5390) 4649 run_rt5390_rf_init(sc); 4650 else if (sc->mac_ver == 0x3593) 4651 run_rt3593_rf_init(sc); 4652 else if (sc->mac_ver >= 0x3070) 4653 run_rt3070_rf_init(sc); 4654 4655 /* disable non-existing Rx chains */ 4656 run_bbp_read(sc, 3, &bbp3); 4657 bbp3 &= ~(1 << 3 | 1 << 4); 4658 if (sc->nrxchains == 2) 4659 bbp3 |= 1 << 3; 4660 else if (sc->nrxchains == 3) 4661 bbp3 |= 1 << 4; 4662 run_bbp_write(sc, 3, bbp3); 4663 4664 /* disable non-existing Tx chains */ 4665 run_bbp_read(sc, 1, &bbp1); 4666 if (sc->ntxchains == 1) 4667 bbp1 &= ~(1 << 3 | 1 << 4); 4668 run_bbp_write(sc, 1, bbp1); 4669 4670 if (sc->mac_ver >= 0x5390) 4671 run_rt5390_rf_setup(sc); 4672 else if (sc->mac_ver == 0x3593) 4673 run_rt3593_rf_setup(sc); 4674 else if (sc->mac_ver >= 0x3070) 4675 run_rt3070_rf_setup(sc); 4676 4677 /* select default channel */ 4678 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 4679 run_set_chan(sc, ic->ic_ibss_chan); 4680 4681 /* turn radio LED on */ 4682 run_set_leds(sc, RT2860_LED_RADIO); 4683 4684 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 4685 struct run_rx_data *data = &sc->rxq.data[i]; 4686 4687 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf, 4688 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 4689 USBD_NO_TIMEOUT, run_rxeof); 4690 error = usbd_transfer(data->xfer); 4691 if (error != 0 && error != USBD_IN_PROGRESS) 4692 goto fail; 4693 } 4694 4695 if ((error = run_txrx_enable(sc)) != 0) 4696 goto fail; 4697 4698 ifp->if_flags |= IFF_RUNNING; 4699 ifq_clr_oactive(&ifp->if_snd); 4700 4701 if (ic->ic_flags & IEEE80211_F_WEPON) { 4702 /* install WEP keys */ 4703 for (i = 0; i < IEEE80211_WEP_NKID; i++) 4704 (void)run_set_key(ic, NULL, &ic->ic_nw_keys[i]); 4705 } 4706 4707 if (ic->ic_opmode == IEEE80211_M_MONITOR) 4708 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 4709 else 4710 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 4711 4712 if (error != 0) 4713 fail: run_stop(ifp, 1); 4714 return error; 4715 } 4716 4717 void 4718 run_stop(struct ifnet *ifp, int disable) 4719 { 4720 struct run_softc *sc = ifp->if_softc; 4721 struct ieee80211com *ic = &sc->sc_ic; 4722 uint32_t tmp; 4723 int s, ntries, qid; 4724 4725 if (ifp->if_flags & IFF_RUNNING) 4726 run_set_leds(sc, 0); /* turn all LEDs off */ 4727 4728 sc->sc_tx_timer = 0; 4729 ifp->if_timer = 0; 4730 ifp->if_flags &= ~IFF_RUNNING; 4731 ifq_clr_oactive(&ifp->if_snd); 4732 4733 timeout_del(&sc->scan_to); 4734 timeout_del(&sc->calib_to); 4735 4736 s = splusb(); 4737 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 4738 /* wait for all queued asynchronous commands to complete */ 4739 usb_wait_task(sc->sc_udev, &sc->sc_task); 4740 splx(s); 4741 4742 /* Disable Tx/Rx DMA. */ 4743 run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp); 4744 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 4745 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4746 4747 for (ntries = 0; ntries < 100; ntries++) { 4748 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 4749 break; 4750 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4751 break; 4752 DELAY(10); 4753 } 4754 if (ntries == 100) { 4755 printf("%s: timeout waiting for DMA engine\n", 4756 sc->sc_dev.dv_xname); 4757 } 4758 4759 /* disable Tx/Rx */ 4760 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 4761 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4762 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 4763 4764 /* wait for pending Tx to complete */ 4765 for (ntries = 0; ntries < 100; ntries++) { 4766 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) 4767 break; 4768 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) 4769 break; 4770 } 4771 DELAY(1000); 4772 run_write(sc, RT2860_USB_DMA_CFG, 0); 4773 4774 /* reset adapter */ 4775 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 4776 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4777 4778 /* reset Tx and Rx rings */ 4779 sc->qfullmsk = 0; 4780 for (qid = 0; qid < 4; qid++) 4781 run_free_tx_ring(sc, qid); 4782 run_free_rx_ring(sc); 4783 } 4784