1 /* $OpenBSD: if_run.c,v 1.90 2012/03/24 15:11:04 jsg Exp $ */ 2 3 /*- 4 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 /*- 20 * Ralink Technology RT2700U/RT2800U/RT3000U chipset driver. 21 * http://www.ralinktech.com/ 22 */ 23 24 #include "bpfilter.h" 25 26 #include <sys/param.h> 27 #include <sys/sockio.h> 28 #include <sys/mbuf.h> 29 #include <sys/kernel.h> 30 #include <sys/socket.h> 31 #include <sys/systm.h> 32 #include <sys/timeout.h> 33 #include <sys/conf.h> 34 #include <sys/device.h> 35 36 #include <machine/bus.h> 37 #include <machine/endian.h> 38 #include <machine/intr.h> 39 40 #if NBPFILTER > 0 41 #include <net/bpf.h> 42 #endif 43 #include <net/if.h> 44 #include <net/if_arp.h> 45 #include <net/if_dl.h> 46 #include <net/if_media.h> 47 #include <net/if_types.h> 48 49 #include <netinet/in.h> 50 #include <netinet/in_systm.h> 51 #include <netinet/in_var.h> 52 #include <netinet/if_ether.h> 53 #include <netinet/ip.h> 54 55 #include <net80211/ieee80211_var.h> 56 #include <net80211/ieee80211_amrr.h> 57 #include <net80211/ieee80211_radiotap.h> 58 59 #include <dev/usb/usb.h> 60 #include <dev/usb/usbdi.h> 61 #include <dev/usb/usbdi_util.h> 62 #include <dev/usb/usbdevs.h> 63 64 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */ 65 #include <dev/usb/if_runvar.h> 66 67 #ifdef USB_DEBUG 68 #define RUN_DEBUG 69 #endif 70 71 #ifdef RUN_DEBUG 72 #define DPRINTF(x) do { if (run_debug) printf x; } while (0) 73 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0) 74 int run_debug = 0; 75 #else 76 #define DPRINTF(x) 77 #define DPRINTFN(n, x) 78 #endif 79 80 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p } 81 static const struct usb_devno run_devs[] = { 82 USB_ID(ABOCOM, RT2770), 83 USB_ID(ABOCOM, RT2870), 84 USB_ID(ABOCOM, RT3070), 85 USB_ID(ABOCOM, RT3071), 86 USB_ID(ABOCOM, RT3072), 87 USB_ID(ABOCOM2, RT2870_1), 88 USB_ID(ACCTON, RT2770), 89 USB_ID(ACCTON, RT2870_1), 90 USB_ID(ACCTON, RT2870_2), 91 USB_ID(ACCTON, RT2870_3), 92 USB_ID(ACCTON, RT2870_4), 93 USB_ID(ACCTON, RT2870_5), 94 USB_ID(ACCTON, RT3070), 95 USB_ID(ACCTON, RT3070_1), 96 USB_ID(ACCTON, RT3070_2), 97 USB_ID(ACCTON, RT3070_3), 98 USB_ID(ACCTON, RT3070_4), 99 USB_ID(ACCTON, RT3070_5), 100 USB_ID(ACCTON, RT3070_6), 101 USB_ID(AIRTIES, RT3070), 102 USB_ID(AIRTIES, RT3070_2), 103 USB_ID(ALLWIN, RT2070), 104 USB_ID(ALLWIN, RT2770), 105 USB_ID(ALLWIN, RT2870), 106 USB_ID(ALLWIN, RT3070), 107 USB_ID(ALLWIN, RT3071), 108 USB_ID(ALLWIN, RT3072), 109 USB_ID(ALLWIN, RT3572), 110 USB_ID(AMIGO, RT2870_1), 111 USB_ID(AMIGO, RT2870_2), 112 USB_ID(AMIT, CGWLUSB2GNR), 113 USB_ID(AMIT, RT2870_1), 114 USB_ID(AMIT2, RT2870), 115 USB_ID(ASUS, RT2870_1), 116 USB_ID(ASUS, RT2870_2), 117 USB_ID(ASUS, RT2870_3), 118 USB_ID(ASUS, RT2870_4), 119 USB_ID(ASUS, RT2870_5), 120 USB_ID(ASUS, RT3070), 121 USB_ID(ASUS, RT3070_1), 122 USB_ID(ASUS2, USBN11), 123 USB_ID(AZUREWAVE, RT2870_1), 124 USB_ID(AZUREWAVE, RT2870_2), 125 USB_ID(AZUREWAVE, RT3070_1), 126 USB_ID(AZUREWAVE, RT3070_2), 127 USB_ID(AZUREWAVE, RT3070_3), 128 USB_ID(AZUREWAVE, RT3070_4), 129 USB_ID(AZUREWAVE, RT3070_5), 130 USB_ID(BELKIN, F5D8053V3), 131 USB_ID(BELKIN, F5D8055), 132 USB_ID(BELKIN, F5D8055V2), 133 USB_ID(BELKIN, F6D4050V1), 134 USB_ID(BELKIN, F6D4050V2), 135 USB_ID(BELKIN, F7D1101V2), 136 USB_ID(BELKIN, RT2870_1), 137 USB_ID(BELKIN, RT2870_2), 138 USB_ID(BEWAN, RT3070), 139 USB_ID(CISCOLINKSYS, AE1000), 140 USB_ID(CISCOLINKSYS, AM10), 141 USB_ID(CISCOLINKSYS2, RT3070), 142 USB_ID(CISCOLINKSYS3, RT3070), 143 USB_ID(CONCEPTRONIC2, RT2870_1), 144 USB_ID(CONCEPTRONIC2, RT2870_2), 145 USB_ID(CONCEPTRONIC2, RT2870_3), 146 USB_ID(CONCEPTRONIC2, RT2870_4), 147 USB_ID(CONCEPTRONIC2, RT2870_5), 148 USB_ID(CONCEPTRONIC2, RT2870_6), 149 USB_ID(CONCEPTRONIC2, RT2870_7), 150 USB_ID(CONCEPTRONIC2, RT2870_8), 151 USB_ID(CONCEPTRONIC2, RT3070_1), 152 USB_ID(CONCEPTRONIC2, RT3070_2), 153 USB_ID(CONCEPTRONIC2, RT3070_3), 154 USB_ID(CONCEPTRONIC2, VIGORN61), 155 USB_ID(COREGA, CGWLUSB300GNM), 156 USB_ID(COREGA, RT2870_1), 157 USB_ID(COREGA, RT2870_2), 158 USB_ID(COREGA, RT2870_3), 159 USB_ID(COREGA, RT3070), 160 USB_ID(CYBERTAN, RT2870), 161 USB_ID(DLINK, RT2870), 162 USB_ID(DLINK, RT3072), 163 USB_ID(DLINK2, DWA130), 164 USB_ID(DLINK2, RT2870_1), 165 USB_ID(DLINK2, RT2870_2), 166 USB_ID(DLINK2, RT3070_1), 167 USB_ID(DLINK2, RT3070_2), 168 USB_ID(DLINK2, RT3070_3), 169 USB_ID(DLINK2, RT3070_4), 170 USB_ID(DLINK2, RT3070_5), 171 USB_ID(DLINK2, RT3072), 172 USB_ID(DLINK2, RT3072_1), 173 USB_ID(DVICO, RT3070), 174 USB_ID(EDIMAX, EW7717), 175 USB_ID(EDIMAX, EW7718), 176 USB_ID(EDIMAX, EW7722UTN), 177 USB_ID(EDIMAX, RT2870_1), 178 USB_ID(ENCORE, RT3070_1), 179 USB_ID(ENCORE, RT3070_2), 180 USB_ID(ENCORE, RT3070_3), 181 USB_ID(GIGABYTE, GNWB31N), 182 USB_ID(GIGABYTE, GNWB32L), 183 USB_ID(GIGABYTE, RT2870_1), 184 USB_ID(GIGASET, RT3070_1), 185 USB_ID(GIGASET, RT3070_2), 186 USB_ID(GUILLEMOT, HWNU300), 187 USB_ID(HAWKING, HWDN2), 188 USB_ID(HAWKING, HWUN2), 189 USB_ID(HAWKING, RT2870_1), 190 USB_ID(HAWKING, RT2870_2), 191 USB_ID(HAWKING, RT2870_3), 192 USB_ID(HAWKING, RT2870_4), 193 USB_ID(HAWKING, RT2870_5), 194 USB_ID(IODATA, RT3072_1), 195 USB_ID(IODATA, RT3072_2), 196 USB_ID(IODATA, RT3072_3), 197 USB_ID(IODATA, RT3072_4), 198 USB_ID(LINKSYS4, RT3070), 199 USB_ID(LINKSYS4, WUSB100), 200 USB_ID(LINKSYS4, WUSB54GCV3), 201 USB_ID(LINKSYS4, WUSB600N), 202 USB_ID(LINKSYS4, WUSB600NV2), 203 USB_ID(LOGITEC, LANW300NU2), 204 USB_ID(LOGITEC, RT2870_1), 205 USB_ID(LOGITEC, RT2870_2), 206 USB_ID(LOGITEC, RT2870_3), 207 USB_ID(LOGITEC, RT3020), 208 USB_ID(MELCO, RT2870_1), 209 USB_ID(MELCO, RT2870_2), 210 USB_ID(MELCO, WLIUCAG300N), 211 USB_ID(MELCO, WLIUCG300N), 212 USB_ID(MELCO, WLIUCG301N), 213 USB_ID(MELCO, WLIUCGN), 214 USB_ID(MELCO, WLIUCGNHP), 215 USB_ID(MELCO, WLIUCGNM), 216 USB_ID(MOTOROLA4, RT2770), 217 USB_ID(MOTOROLA4, RT3070), 218 USB_ID(MSI, RT3070_1), 219 USB_ID(MSI, RT3070_2), 220 USB_ID(MSI, RT3070_3), 221 USB_ID(MSI, RT3070_4), 222 USB_ID(MSI, RT3070_5), 223 USB_ID(MSI, RT3070_6), 224 USB_ID(MSI, RT3070_7), 225 USB_ID(MSI, RT3070_8), 226 USB_ID(MSI, RT3070_9), 227 USB_ID(MSI, RT3070_10), 228 USB_ID(MSI, RT3070_11), 229 USB_ID(MSI, RT3070_12), 230 USB_ID(MSI, RT3070_13), 231 USB_ID(MSI, RT3070_14), 232 USB_ID(MSI, RT3070_15), 233 USB_ID(OVISLINK, RT3071), 234 USB_ID(OVISLINK, RT3072), 235 USB_ID(PARA, RT3070), 236 USB_ID(PEGATRON, RT2870), 237 USB_ID(PEGATRON, RT3070), 238 USB_ID(PEGATRON, RT3070_2), 239 USB_ID(PEGATRON, RT3070_3), 240 USB_ID(PEGATRON, RT3072), 241 USB_ID(PHILIPS, RT2870), 242 USB_ID(PLANEX2, GWUS300MINIS), 243 USB_ID(PLANEX2, GWUSMICRO300), 244 USB_ID(PLANEX2, GWUSMICRON), 245 USB_ID(PLANEX2, RT2870), 246 USB_ID(PLANEX2, RT3070), 247 USB_ID(QCOM, RT2870), 248 USB_ID(QUANTA, RT3070), 249 USB_ID(RALINK, RT2070), 250 USB_ID(RALINK, RT2770), 251 USB_ID(RALINK, RT2870), 252 USB_ID(RALINK, RT3070), 253 USB_ID(RALINK, RT3071), 254 USB_ID(RALINK, RT3072), 255 USB_ID(RALINK, RT3370), 256 USB_ID(RALINK, RT3572), 257 USB_ID(RALINK, RT8070), 258 USB_ID(SAMSUNG2, RT2870_1), 259 USB_ID(SENAO, RT2870_1), 260 USB_ID(SENAO, RT2870_2), 261 USB_ID(SENAO, RT2870_3), 262 USB_ID(SENAO, RT2870_4), 263 USB_ID(SENAO, RT3070), 264 USB_ID(SENAO, RT3071), 265 USB_ID(SENAO, RT3072_1), 266 USB_ID(SENAO, RT3072_2), 267 USB_ID(SENAO, RT3072_3), 268 USB_ID(SENAO, RT3072_4), 269 USB_ID(SENAO, RT3072_5), 270 USB_ID(SITECOMEU, RT2870_1), 271 USB_ID(SITECOMEU, RT2870_2), 272 USB_ID(SITECOMEU, RT2870_3), 273 USB_ID(SITECOMEU, RT3070_1), 274 USB_ID(SITECOMEU, RT3072_3), 275 USB_ID(SITECOMEU, RT3072_4), 276 USB_ID(SITECOMEU, RT3072_5), 277 USB_ID(SITECOMEU, WL302), 278 USB_ID(SITECOMEU, WL315), 279 USB_ID(SITECOMEU, WL321), 280 USB_ID(SITECOMEU, WL324), 281 USB_ID(SITECOMEU, WL329), 282 USB_ID(SITECOMEU, WL343), 283 USB_ID(SITECOMEU, WL344), 284 USB_ID(SITECOMEU, WL345), 285 USB_ID(SITECOMEU, WL349V4), 286 USB_ID(SITECOMEU, WL608), 287 USB_ID(SITECOMEU, WLA4000), 288 USB_ID(SITECOMEU, WLA5000), 289 USB_ID(SPARKLAN, RT2870_1), 290 USB_ID(SPARKLAN, RT2870_2), 291 USB_ID(SPARKLAN, RT3070), 292 USB_ID(SWEEX2, LW153), 293 USB_ID(SWEEX2, LW303), 294 USB_ID(SWEEX2, LW313), 295 USB_ID(TOSHIBA, RT3070), 296 USB_ID(UMEDIA, RT2870_1), 297 USB_ID(UMEDIA, TEW645UB), 298 USB_ID(ZCOM, RT2870_1), 299 USB_ID(ZCOM, RT2870_2), 300 USB_ID(ZINWELL, RT2870_1), 301 USB_ID(ZINWELL, RT2870_2), 302 USB_ID(ZINWELL, RT3070), 303 USB_ID(ZINWELL, RT3072_1), 304 USB_ID(ZINWELL, RT3072_2), 305 USB_ID(ZYXEL, NWD2105), 306 USB_ID(ZYXEL, NWD211AN), 307 USB_ID(ZYXEL, RT2870_1), 308 USB_ID(ZYXEL, RT2870_2), 309 USB_ID(ZYXEL, RT3070) 310 }; 311 312 int run_match(struct device *, void *, void *); 313 void run_attach(struct device *, struct device *, void *); 314 int run_detach(struct device *, int); 315 int run_activate(struct device *, int); 316 int run_alloc_rx_ring(struct run_softc *); 317 void run_free_rx_ring(struct run_softc *); 318 int run_alloc_tx_ring(struct run_softc *, int); 319 void run_free_tx_ring(struct run_softc *, int); 320 int run_load_microcode(struct run_softc *); 321 int run_reset(struct run_softc *); 322 int run_read(struct run_softc *, uint16_t, uint32_t *); 323 int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, 324 int); 325 int run_write_2(struct run_softc *, uint16_t, uint16_t); 326 int run_write(struct run_softc *, uint16_t, uint32_t); 327 int run_write_region_1(struct run_softc *, uint16_t, 328 const uint8_t *, int); 329 int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 330 int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 331 int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 332 int run_rt2870_rf_write(struct run_softc *, uint8_t, uint32_t); 333 int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 334 int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 335 int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 336 int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 337 int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 338 const char * run_get_rf(int); 339 int run_read_eeprom(struct run_softc *); 340 struct ieee80211_node *run_node_alloc(struct ieee80211com *); 341 int run_media_change(struct ifnet *); 342 void run_next_scan(void *); 343 void run_task(void *); 344 void run_do_async(struct run_softc *, void (*)(struct run_softc *, 345 void *), void *, int); 346 int run_newstate(struct ieee80211com *, enum ieee80211_state, int); 347 void run_newstate_cb(struct run_softc *, void *); 348 void run_updateedca(struct ieee80211com *); 349 void run_updateedca_cb(struct run_softc *, void *); 350 int run_set_key(struct ieee80211com *, struct ieee80211_node *, 351 struct ieee80211_key *); 352 void run_set_key_cb(struct run_softc *, void *); 353 void run_delete_key(struct ieee80211com *, struct ieee80211_node *, 354 struct ieee80211_key *); 355 void run_delete_key_cb(struct run_softc *, void *); 356 void run_calibrate_to(void *); 357 void run_calibrate_cb(struct run_softc *, void *); 358 void run_newassoc(struct ieee80211com *, struct ieee80211_node *, 359 int); 360 void run_rx_frame(struct run_softc *, uint8_t *, int); 361 void run_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 362 void run_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 363 int run_tx(struct run_softc *, struct mbuf *, 364 struct ieee80211_node *); 365 void run_start(struct ifnet *); 366 void run_watchdog(struct ifnet *); 367 int run_ioctl(struct ifnet *, u_long, caddr_t); 368 void run_select_chan_group(struct run_softc *, int); 369 void run_set_agc(struct run_softc *, uint8_t); 370 void run_set_rx_antenna(struct run_softc *, int); 371 void run_rt2870_set_chan(struct run_softc *, u_int); 372 void run_rt3070_set_chan(struct run_softc *, u_int); 373 void run_rt3572_set_chan(struct run_softc *, u_int); 374 int run_set_chan(struct run_softc *, struct ieee80211_channel *); 375 void run_enable_tsf_sync(struct run_softc *); 376 void run_enable_mrr(struct run_softc *); 377 void run_set_txpreamble(struct run_softc *); 378 void run_set_basicrates(struct run_softc *); 379 void run_set_leds(struct run_softc *, uint16_t); 380 void run_set_bssid(struct run_softc *, const uint8_t *); 381 void run_set_macaddr(struct run_softc *, const uint8_t *); 382 void run_updateslot(struct ieee80211com *); 383 void run_updateslot_cb(struct run_softc *, void *); 384 #if NBPFILTER > 0 385 int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 386 #endif 387 int run_bbp_init(struct run_softc *); 388 int run_rt3070_rf_init(struct run_softc *); 389 int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 390 uint8_t *); 391 void run_rt3070_rf_setup(struct run_softc *); 392 int run_txrx_enable(struct run_softc *); 393 int run_init(struct ifnet *); 394 void run_stop(struct ifnet *, int); 395 396 struct cfdriver run_cd = { 397 NULL, "run", DV_IFNET 398 }; 399 400 const struct cfattach run_ca = { 401 sizeof (struct run_softc), run_match, run_attach, run_detach, 402 run_activate 403 }; 404 405 static const struct { 406 uint32_t reg; 407 uint32_t val; 408 } rt2870_def_mac[] = { 409 RT2870_DEF_MAC 410 }; 411 412 static const struct { 413 uint8_t reg; 414 uint8_t val; 415 } rt2860_def_bbp[] = { 416 RT2860_DEF_BBP 417 }; 418 419 static const struct rfprog { 420 uint8_t chan; 421 uint32_t r1, r2, r3, r4; 422 } rt2860_rf2850[] = { 423 RT2860_RF2850 424 }; 425 426 struct { 427 uint8_t n, r, k; 428 } rt3070_freqs[] = { 429 RT3070_RF3052 430 }; 431 432 static const struct { 433 uint8_t reg; 434 uint8_t val; 435 } rt3070_def_rf[] = { 436 RT3070_DEF_RF 437 }, rt3572_def_rf[] = { 438 RT3572_DEF_RF 439 }; 440 441 int 442 run_match(struct device *parent, void *match, void *aux) 443 { 444 struct usb_attach_arg *uaa = aux; 445 446 if (uaa->iface != NULL) 447 return UMATCH_NONE; 448 449 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ? 450 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 451 } 452 453 void 454 run_attach(struct device *parent, struct device *self, void *aux) 455 { 456 struct run_softc *sc = (struct run_softc *)self; 457 struct usb_attach_arg *uaa = aux; 458 struct ieee80211com *ic = &sc->sc_ic; 459 struct ifnet *ifp = &ic->ic_if; 460 usb_interface_descriptor_t *id; 461 usb_endpoint_descriptor_t *ed; 462 int i, nrx, ntx, ntries, error; 463 uint32_t ver; 464 465 sc->sc_udev = uaa->device; 466 467 if (usbd_set_config_no(sc->sc_udev, 1, 0) != 0) { 468 printf("%s: could not set configuration no\n", 469 sc->sc_dev.dv_xname); 470 return; 471 } 472 473 /* get the first interface handle */ 474 error = usbd_device2interface_handle(sc->sc_udev, 0, &sc->sc_iface); 475 if (error != 0) { 476 printf("%s: could not get interface handle\n", 477 sc->sc_dev.dv_xname); 478 return; 479 } 480 481 /* 482 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX 483 * and 6 for TX (4 EDCAs + HCCA + Prio). 484 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 485 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 486 */ 487 nrx = ntx = 0; 488 id = usbd_get_interface_descriptor(sc->sc_iface); 489 for (i = 0; i < id->bNumEndpoints; i++) { 490 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 491 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK) 492 continue; 493 494 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) { 495 sc->rxq.pipe_no = ed->bEndpointAddress; 496 nrx++; 497 } else if (ntx < 4) { 498 sc->txq[ntx].pipe_no = ed->bEndpointAddress; 499 ntx++; 500 } 501 } 502 /* make sure we've got them all */ 503 if (nrx < 1 || ntx < 4) { 504 printf("%s: missing endpoint\n", sc->sc_dev.dv_xname); 505 return; 506 } 507 508 usb_init_task(&sc->sc_task, run_task, sc, USB_TASK_TYPE_GENERIC); 509 timeout_set(&sc->scan_to, run_next_scan, sc); 510 timeout_set(&sc->calib_to, run_calibrate_to, sc); 511 512 sc->amrr.amrr_min_success_threshold = 1; 513 sc->amrr.amrr_max_success_threshold = 10; 514 515 /* wait for the chip to settle */ 516 for (ntries = 0; ntries < 100; ntries++) { 517 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) 518 return; 519 if (ver != 0 && ver != 0xffffffff) 520 break; 521 DELAY(10); 522 } 523 if (ntries == 100) { 524 printf("%s: timeout waiting for NIC to initialize\n", 525 sc->sc_dev.dv_xname); 526 return; 527 } 528 sc->mac_ver = ver >> 16; 529 sc->mac_rev = ver & 0xffff; 530 531 /* retrieve RF rev. no and various other things from EEPROM */ 532 run_read_eeprom(sc); 533 534 printf("%s: MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), " 535 "address %s\n", sc->sc_dev.dv_xname, sc->mac_ver, 536 sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains, 537 sc->nrxchains, ether_sprintf(ic->ic_myaddr)); 538 539 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 540 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 541 ic->ic_state = IEEE80211_S_INIT; 542 543 /* set device capabilities */ 544 ic->ic_caps = 545 IEEE80211_C_MONITOR | /* monitor mode supported */ 546 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 547 IEEE80211_C_SHSLOT | /* short slot time supported */ 548 IEEE80211_C_WEP | /* WEP */ 549 IEEE80211_C_RSN; /* WPA/RSN */ 550 551 if (sc->rf_rev == RT2860_RF_2750 || 552 sc->rf_rev == RT2860_RF_2850 || 553 sc->rf_rev == RT3070_RF_3052) { 554 /* set supported .11a rates */ 555 ic->ic_sup_rates[IEEE80211_MODE_11A] = 556 ieee80211_std_rateset_11a; 557 558 /* set supported .11a channels */ 559 for (i = 14; i < nitems(rt2860_rf2850); i++) { 560 uint8_t chan = rt2860_rf2850[i].chan; 561 ic->ic_channels[chan].ic_freq = 562 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 563 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 564 } 565 } 566 567 /* set supported .11b and .11g rates */ 568 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 569 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 570 571 /* set supported .11b and .11g channels (1 through 14) */ 572 for (i = 1; i <= 14; i++) { 573 ic->ic_channels[i].ic_freq = 574 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 575 ic->ic_channels[i].ic_flags = 576 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 577 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 578 } 579 580 ifp->if_softc = sc; 581 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 582 ifp->if_ioctl = run_ioctl; 583 ifp->if_start = run_start; 584 ifp->if_watchdog = run_watchdog; 585 IFQ_SET_READY(&ifp->if_snd); 586 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 587 588 if_attach(ifp); 589 ieee80211_ifattach(ifp); 590 ic->ic_node_alloc = run_node_alloc; 591 ic->ic_newassoc = run_newassoc; 592 ic->ic_updateslot = run_updateslot; 593 ic->ic_updateedca = run_updateedca; 594 ic->ic_set_key = run_set_key; 595 ic->ic_delete_key = run_delete_key; 596 /* override state transition machine */ 597 sc->sc_newstate = ic->ic_newstate; 598 ic->ic_newstate = run_newstate; 599 ieee80211_media_init(ifp, run_media_change, ieee80211_media_status); 600 601 #if NBPFILTER > 0 602 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 603 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 604 605 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 606 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 607 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT); 608 609 sc->sc_txtap_len = sizeof sc->sc_txtapu; 610 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 611 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT); 612 #endif 613 } 614 615 int 616 run_detach(struct device *self, int flags) 617 { 618 struct run_softc *sc = (struct run_softc *)self; 619 struct ifnet *ifp = &sc->sc_ic.ic_if; 620 int qid, s; 621 622 s = splusb(); 623 624 if (timeout_initialized(&sc->scan_to)) 625 timeout_del(&sc->scan_to); 626 if (timeout_initialized(&sc->calib_to)) 627 timeout_del(&sc->calib_to); 628 629 /* wait for all queued asynchronous commands to complete */ 630 usb_rem_wait_task(sc->sc_udev, &sc->sc_task); 631 632 usbd_ref_wait(sc->sc_udev); 633 634 if (ifp->if_softc != NULL) { 635 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 636 ieee80211_ifdetach(ifp); 637 if_detach(ifp); 638 } 639 640 for (qid = 0; qid < 4; qid++) 641 run_free_tx_ring(sc, qid); 642 run_free_rx_ring(sc); 643 644 splx(s); 645 646 return 0; 647 } 648 649 int 650 run_alloc_rx_ring(struct run_softc *sc) 651 { 652 struct run_rx_ring *rxq = &sc->rxq; 653 int i, error; 654 655 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh); 656 if (error != 0) 657 goto fail; 658 659 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 660 struct run_rx_data *data = &rxq->data[i]; 661 662 data->sc = sc; /* backpointer for callbacks */ 663 664 data->xfer = usbd_alloc_xfer(sc->sc_udev); 665 if (data->xfer == NULL) { 666 error = ENOMEM; 667 goto fail; 668 } 669 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ); 670 if (data->buf == NULL) { 671 error = ENOMEM; 672 goto fail; 673 } 674 } 675 if (error != 0) 676 fail: run_free_rx_ring(sc); 677 return error; 678 } 679 680 void 681 run_free_rx_ring(struct run_softc *sc) 682 { 683 struct run_rx_ring *rxq = &sc->rxq; 684 int i; 685 686 if (rxq->pipeh != NULL) { 687 usbd_abort_pipe(rxq->pipeh); 688 usbd_close_pipe(rxq->pipeh); 689 rxq->pipeh = NULL; 690 } 691 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 692 if (rxq->data[i].xfer != NULL) 693 usbd_free_xfer(rxq->data[i].xfer); 694 rxq->data[i].xfer = NULL; 695 } 696 } 697 698 int 699 run_alloc_tx_ring(struct run_softc *sc, int qid) 700 { 701 struct run_tx_ring *txq = &sc->txq[qid]; 702 int i, error; 703 704 txq->cur = txq->queued = 0; 705 706 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh); 707 if (error != 0) 708 goto fail; 709 710 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 711 struct run_tx_data *data = &txq->data[i]; 712 713 data->sc = sc; /* backpointer for callbacks */ 714 data->qid = qid; 715 716 data->xfer = usbd_alloc_xfer(sc->sc_udev); 717 if (data->xfer == NULL) { 718 error = ENOMEM; 719 goto fail; 720 } 721 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ); 722 if (data->buf == NULL) { 723 error = ENOMEM; 724 goto fail; 725 } 726 /* zeroize the TXD + TXWI part */ 727 memset(data->buf, 0, sizeof (struct rt2870_txd) + 728 sizeof (struct rt2860_txwi)); 729 } 730 if (error != 0) 731 fail: run_free_tx_ring(sc, qid); 732 return error; 733 } 734 735 void 736 run_free_tx_ring(struct run_softc *sc, int qid) 737 { 738 struct run_tx_ring *txq = &sc->txq[qid]; 739 int i; 740 741 if (txq->pipeh != NULL) { 742 usbd_abort_pipe(txq->pipeh); 743 usbd_close_pipe(txq->pipeh); 744 txq->pipeh = NULL; 745 } 746 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 747 if (txq->data[i].xfer != NULL) 748 usbd_free_xfer(txq->data[i].xfer); 749 txq->data[i].xfer = NULL; 750 } 751 } 752 753 int 754 run_load_microcode(struct run_softc *sc) 755 { 756 usb_device_request_t req; 757 const char *fwname; 758 u_char *ucode; 759 size_t size; 760 uint32_t tmp; 761 int ntries, error; 762 763 /* RT3071/RT3072 use a different firmware */ 764 if (sc->mac_ver != 0x2860 && 765 sc->mac_ver != 0x2872 && 766 sc->mac_ver != 0x3070) 767 fwname = "run-rt3071"; 768 else 769 fwname = "run-rt2870"; 770 771 if ((error = loadfirmware(fwname, &ucode, &size)) != 0) { 772 printf("%s: failed loadfirmware of file %s (error %d)\n", 773 sc->sc_dev.dv_xname, fwname, error); 774 return error; 775 } 776 if (size != 4096) { 777 printf("%s: invalid firmware size (should be 4KB)\n", 778 sc->sc_dev.dv_xname); 779 free(ucode, M_DEVBUF); 780 return EINVAL; 781 } 782 783 run_read(sc, RT2860_ASIC_VER_ID, &tmp); 784 /* write microcode image */ 785 run_write_region_1(sc, RT2870_FW_BASE, ucode, size); 786 free(ucode, M_DEVBUF); 787 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 788 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 789 790 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 791 req.bRequest = RT2870_RESET; 792 USETW(req.wValue, 8); 793 USETW(req.wIndex, 0); 794 USETW(req.wLength, 0); 795 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0) 796 return error; 797 798 usbd_delay_ms(sc->sc_udev, 10); 799 run_write(sc, RT2860_H2M_MAILBOX, 0); 800 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 801 return error; 802 803 /* wait until microcontroller is ready */ 804 for (ntries = 0; ntries < 1000; ntries++) { 805 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 806 return error; 807 if (tmp & RT2860_MCU_READY) 808 break; 809 DELAY(1000); 810 } 811 if (ntries == 1000) { 812 printf("%s: timeout waiting for MCU to initialize\n", 813 sc->sc_dev.dv_xname); 814 return ETIMEDOUT; 815 } 816 DPRINTF(("microcode successfully loaded after %d tries\n", ntries)); 817 return 0; 818 } 819 820 int 821 run_reset(struct run_softc *sc) 822 { 823 usb_device_request_t req; 824 825 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 826 req.bRequest = RT2870_RESET; 827 USETW(req.wValue, 1); 828 USETW(req.wIndex, 0); 829 USETW(req.wLength, 0); 830 return usbd_do_request(sc->sc_udev, &req, NULL); 831 } 832 833 int 834 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 835 { 836 uint32_t tmp; 837 int error; 838 839 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 840 if (error == 0) 841 *val = letoh32(tmp); 842 else 843 *val = 0xffffffff; 844 return error; 845 } 846 847 int 848 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 849 { 850 usb_device_request_t req; 851 852 req.bmRequestType = UT_READ_VENDOR_DEVICE; 853 req.bRequest = RT2870_READ_REGION_1; 854 USETW(req.wValue, 0); 855 USETW(req.wIndex, reg); 856 USETW(req.wLength, len); 857 return usbd_do_request(sc->sc_udev, &req, buf); 858 } 859 860 int 861 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 862 { 863 usb_device_request_t req; 864 865 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 866 req.bRequest = RT2870_WRITE_2; 867 USETW(req.wValue, val); 868 USETW(req.wIndex, reg); 869 USETW(req.wLength, 0); 870 return usbd_do_request(sc->sc_udev, &req, NULL); 871 } 872 873 int 874 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 875 { 876 int error; 877 878 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 879 error = run_write_2(sc, reg + 2, val >> 16); 880 return error; 881 } 882 883 int 884 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 885 int len) 886 { 887 #if 1 888 int i, error = 0; 889 /* 890 * NB: the WRITE_REGION_1 command is not stable on RT2860. 891 * We thus issue multiple WRITE_2 commands instead. 892 */ 893 KASSERT((len & 1) == 0); 894 for (i = 0; i < len && error == 0; i += 2) 895 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 896 return error; 897 #else 898 usb_device_request_t req; 899 900 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 901 req.bRequest = RT2870_WRITE_REGION_1; 902 USETW(req.wValue, 0); 903 USETW(req.wIndex, reg); 904 USETW(req.wLength, len); 905 return usbd_do_request(sc->sc_udev, &req, buf); 906 #endif 907 } 908 909 int 910 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count) 911 { 912 int error = 0; 913 914 for (; count > 0 && error == 0; count--, reg += 4) 915 error = run_write(sc, reg, val); 916 return error; 917 } 918 919 /* Read 16-bit from eFUSE ROM (RT3070 only.) */ 920 int 921 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 922 { 923 uint32_t tmp; 924 uint16_t reg; 925 int error, ntries; 926 927 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 928 return error; 929 930 addr *= 2; 931 /*- 932 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 933 * DATA0: F E D C 934 * DATA1: B A 9 8 935 * DATA2: 7 6 5 4 936 * DATA3: 3 2 1 0 937 */ 938 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 939 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 940 run_write(sc, RT3070_EFUSE_CTRL, tmp); 941 for (ntries = 0; ntries < 100; ntries++) { 942 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 943 return error; 944 if (!(tmp & RT3070_EFSROM_KICK)) 945 break; 946 DELAY(2); 947 } 948 if (ntries == 100) 949 return ETIMEDOUT; 950 951 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 952 *val = 0xffff; /* address not found */ 953 return 0; 954 } 955 /* determine to which 32-bit register our 16-bit word belongs */ 956 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 957 if ((error = run_read(sc, reg, &tmp)) != 0) 958 return error; 959 960 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 961 return 0; 962 } 963 964 int 965 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 966 { 967 usb_device_request_t req; 968 uint16_t tmp; 969 int error; 970 971 addr *= 2; 972 req.bmRequestType = UT_READ_VENDOR_DEVICE; 973 req.bRequest = RT2870_EEPROM_READ; 974 USETW(req.wValue, 0); 975 USETW(req.wIndex, addr); 976 USETW(req.wLength, sizeof tmp); 977 error = usbd_do_request(sc->sc_udev, &req, &tmp); 978 if (error == 0) 979 *val = letoh16(tmp); 980 else 981 *val = 0xffff; 982 return error; 983 } 984 985 static __inline int 986 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 987 { 988 /* either eFUSE ROM or EEPROM */ 989 return sc->sc_srom_read(sc, addr, val); 990 } 991 992 int 993 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 994 { 995 uint32_t tmp; 996 int error, ntries; 997 998 for (ntries = 0; ntries < 10; ntries++) { 999 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1000 return error; 1001 if (!(tmp & RT2860_RF_REG_CTRL)) 1002 break; 1003 } 1004 if (ntries == 10) 1005 return ETIMEDOUT; 1006 1007 /* RF registers are 24-bit on the RT2860 */ 1008 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1009 (val & 0x3fffff) << 2 | (reg & 3); 1010 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1011 } 1012 1013 int 1014 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1015 { 1016 uint32_t tmp; 1017 int error, ntries; 1018 1019 for (ntries = 0; ntries < 100; ntries++) { 1020 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1021 return error; 1022 if (!(tmp & RT3070_RF_KICK)) 1023 break; 1024 } 1025 if (ntries == 100) 1026 return ETIMEDOUT; 1027 1028 tmp = RT3070_RF_KICK | reg << 8; 1029 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1030 return error; 1031 1032 for (ntries = 0; ntries < 100; ntries++) { 1033 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1034 return error; 1035 if (!(tmp & RT3070_RF_KICK)) 1036 break; 1037 } 1038 if (ntries == 100) 1039 return ETIMEDOUT; 1040 1041 *val = tmp & 0xff; 1042 return 0; 1043 } 1044 1045 int 1046 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1047 { 1048 uint32_t tmp; 1049 int error, ntries; 1050 1051 for (ntries = 0; ntries < 10; ntries++) { 1052 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1053 return error; 1054 if (!(tmp & RT3070_RF_KICK)) 1055 break; 1056 } 1057 if (ntries == 10) 1058 return ETIMEDOUT; 1059 1060 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1061 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1062 } 1063 1064 int 1065 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1066 { 1067 uint32_t tmp; 1068 int ntries, error; 1069 1070 for (ntries = 0; ntries < 10; ntries++) { 1071 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1072 return error; 1073 if (!(tmp & RT2860_BBP_CSR_KICK)) 1074 break; 1075 } 1076 if (ntries == 10) 1077 return ETIMEDOUT; 1078 1079 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1080 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1081 return error; 1082 1083 for (ntries = 0; ntries < 10; ntries++) { 1084 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1085 return error; 1086 if (!(tmp & RT2860_BBP_CSR_KICK)) 1087 break; 1088 } 1089 if (ntries == 10) 1090 return ETIMEDOUT; 1091 1092 *val = tmp & 0xff; 1093 return 0; 1094 } 1095 1096 int 1097 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1098 { 1099 uint32_t tmp; 1100 int ntries, error; 1101 1102 for (ntries = 0; ntries < 10; ntries++) { 1103 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1104 return error; 1105 if (!(tmp & RT2860_BBP_CSR_KICK)) 1106 break; 1107 } 1108 if (ntries == 10) 1109 return ETIMEDOUT; 1110 1111 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1112 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1113 } 1114 1115 /* 1116 * Send a command to the 8051 microcontroller unit. 1117 */ 1118 int 1119 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1120 { 1121 uint32_t tmp; 1122 int error, ntries; 1123 1124 for (ntries = 0; ntries < 100; ntries++) { 1125 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1126 return error; 1127 if (!(tmp & RT2860_H2M_BUSY)) 1128 break; 1129 } 1130 if (ntries == 100) 1131 return ETIMEDOUT; 1132 1133 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1134 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1135 error = run_write(sc, RT2860_HOST_CMD, cmd); 1136 return error; 1137 } 1138 1139 /* 1140 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1141 * Used to adjust per-rate Tx power registers. 1142 */ 1143 static __inline uint32_t 1144 b4inc(uint32_t b32, int8_t delta) 1145 { 1146 int8_t i, b4; 1147 1148 for (i = 0; i < 8; i++) { 1149 b4 = b32 & 0xf; 1150 b4 += delta; 1151 if (b4 < 0) 1152 b4 = 0; 1153 else if (b4 > 0xf) 1154 b4 = 0xf; 1155 b32 = b32 >> 4 | b4 << 28; 1156 } 1157 return b32; 1158 } 1159 1160 const char * 1161 run_get_rf(int rev) 1162 { 1163 switch (rev) { 1164 case RT2860_RF_2820: return "RT2820"; 1165 case RT2860_RF_2850: return "RT2850"; 1166 case RT2860_RF_2720: return "RT2720"; 1167 case RT2860_RF_2750: return "RT2750"; 1168 case RT3070_RF_3020: return "RT3020"; 1169 case RT3070_RF_2020: return "RT2020"; 1170 case RT3070_RF_3021: return "RT3021"; 1171 case RT3070_RF_3022: return "RT3022"; 1172 case RT3070_RF_3052: return "RT3052"; 1173 } 1174 return "unknown"; 1175 } 1176 1177 int 1178 run_read_eeprom(struct run_softc *sc) 1179 { 1180 struct ieee80211com *ic = &sc->sc_ic; 1181 int8_t delta_2ghz, delta_5ghz; 1182 uint32_t tmp; 1183 uint16_t val; 1184 int ridx, ant, i; 1185 1186 /* check whether the ROM is eFUSE ROM or EEPROM */ 1187 sc->sc_srom_read = run_eeprom_read_2; 1188 if (sc->mac_ver >= 0x3070) { 1189 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1190 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp)); 1191 if (tmp & RT3070_SEL_EFUSE) 1192 sc->sc_srom_read = run_efuse_read_2; 1193 } 1194 1195 /* read ROM version */ 1196 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1197 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8)); 1198 1199 /* read MAC address */ 1200 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1201 ic->ic_myaddr[0] = val & 0xff; 1202 ic->ic_myaddr[1] = val >> 8; 1203 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1204 ic->ic_myaddr[2] = val & 0xff; 1205 ic->ic_myaddr[3] = val >> 8; 1206 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1207 ic->ic_myaddr[4] = val & 0xff; 1208 ic->ic_myaddr[5] = val >> 8; 1209 1210 /* read vendor BBP settings */ 1211 for (i = 0; i < 10; i++) { 1212 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1213 sc->bbp[i].val = val & 0xff; 1214 sc->bbp[i].reg = val >> 8; 1215 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val)); 1216 } 1217 if (sc->mac_ver >= 0x3071) { 1218 /* read vendor RF settings */ 1219 for (i = 0; i < 10; i++) { 1220 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, &val); 1221 sc->rf[i].val = val & 0xff; 1222 sc->rf[i].reg = val >> 8; 1223 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg, 1224 sc->rf[i].val)); 1225 } 1226 } 1227 1228 /* read RF frequency offset from EEPROM */ 1229 run_srom_read(sc, RT2860_EEPROM_FREQ_LEDS, &val); 1230 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1231 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff)); 1232 if ((val >> 8) != 0xff) { 1233 /* read LEDs operating mode */ 1234 sc->leds = val >> 8; 1235 run_srom_read(sc, RT2860_EEPROM_LED1, &sc->led[0]); 1236 run_srom_read(sc, RT2860_EEPROM_LED2, &sc->led[1]); 1237 run_srom_read(sc, RT2860_EEPROM_LED3, &sc->led[2]); 1238 } else { 1239 /* broken EEPROM, use default settings */ 1240 sc->leds = 0x01; 1241 sc->led[0] = 0x5555; 1242 sc->led[1] = 0x2221; 1243 sc->led[2] = 0x5627; /* differs from RT2860 */ 1244 } 1245 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1246 sc->leds, sc->led[0], sc->led[1], sc->led[2])); 1247 1248 /* read RF information */ 1249 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1250 if (val == 0xffff) { 1251 DPRINTF(("invalid EEPROM antenna info, using default\n")); 1252 if (sc->mac_ver == 0x3572) { 1253 /* default to RF3052 2T2R */ 1254 sc->rf_rev = RT3070_RF_3052; 1255 sc->ntxchains = 2; 1256 sc->nrxchains = 2; 1257 } else if (sc->mac_ver >= 0x3070) { 1258 /* default to RF3020 1T1R */ 1259 sc->rf_rev = RT3070_RF_3020; 1260 sc->ntxchains = 1; 1261 sc->nrxchains = 1; 1262 } else { 1263 /* default to RF2820 1T2R */ 1264 sc->rf_rev = RT2860_RF_2820; 1265 sc->ntxchains = 1; 1266 sc->nrxchains = 2; 1267 } 1268 } else { 1269 sc->rf_rev = (val >> 8) & 0xf; 1270 sc->ntxchains = (val >> 4) & 0xf; 1271 sc->nrxchains = val & 0xf; 1272 } 1273 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1274 sc->rf_rev, sc->ntxchains, sc->nrxchains)); 1275 1276 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1277 DPRINTF(("EEPROM CFG 0x%04x\n", val)); 1278 /* check if driver should patch the DAC issue */ 1279 if ((val >> 8) != 0xff) 1280 sc->patch_dac = (val >> 15) & 1; 1281 if ((val & 0xff) != 0xff) { 1282 sc->ext_5ghz_lna = (val >> 3) & 1; 1283 sc->ext_2ghz_lna = (val >> 2) & 1; 1284 /* check if RF supports automatic Tx access gain control */ 1285 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1286 /* check if we have a hardware radio switch */ 1287 sc->rfswitch = val & 1; 1288 } 1289 1290 /* read power settings for 2GHz channels */ 1291 for (i = 0; i < 14; i += 2) { 1292 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1293 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1294 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1295 1296 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1297 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1298 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1299 } 1300 /* fix broken Tx power entries */ 1301 for (i = 0; i < 14; i++) { 1302 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1303 sc->txpow1[i] = 5; 1304 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1305 sc->txpow2[i] = 5; 1306 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1307 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i])); 1308 } 1309 /* read power settings for 5GHz channels */ 1310 for (i = 0; i < 40; i += 2) { 1311 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1312 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1313 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1314 1315 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1316 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1317 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1318 } 1319 /* fix broken Tx power entries */ 1320 for (i = 0; i < 40; i++) { 1321 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1322 sc->txpow1[14 + i] = 5; 1323 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1324 sc->txpow2[14 + i] = 5; 1325 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1326 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1327 sc->txpow2[14 + i])); 1328 } 1329 1330 /* read Tx power compensation for each Tx rate */ 1331 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1332 delta_2ghz = delta_5ghz = 0; 1333 if ((val & 0xff) != 0xff && (val & 0x80)) { 1334 delta_2ghz = val & 0xf; 1335 if (!(val & 0x40)) /* negative number */ 1336 delta_2ghz = -delta_2ghz; 1337 } 1338 val >>= 8; 1339 if ((val & 0xff) != 0xff && (val & 0x80)) { 1340 delta_5ghz = val & 0xf; 1341 if (!(val & 0x40)) /* negative number */ 1342 delta_5ghz = -delta_5ghz; 1343 } 1344 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n", 1345 delta_2ghz, delta_5ghz)); 1346 1347 for (ridx = 0; ridx < 5; ridx++) { 1348 uint32_t reg; 1349 1350 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1351 reg = val; 1352 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1353 reg |= (uint32_t)val << 16; 1354 1355 sc->txpow20mhz[ridx] = reg; 1356 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1357 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1358 1359 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1360 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1361 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx])); 1362 } 1363 1364 /* read RSSI offsets and LNA gains from EEPROM */ 1365 run_srom_read(sc, RT2860_EEPROM_RSSI1_2GHZ, &val); 1366 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1367 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1368 run_srom_read(sc, RT2860_EEPROM_RSSI2_2GHZ, &val); 1369 if (sc->mac_ver >= 0x3070) { 1370 /* 1371 * On RT3070 chips (limited to 2 Rx chains), this ROM 1372 * field contains the Tx mixer gain for the 2GHz band. 1373 */ 1374 if ((val & 0xff) != 0xff) 1375 sc->txmixgain_2ghz = val & 0x7; 1376 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz)); 1377 } else 1378 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1379 sc->lna[2] = val >> 8; /* channel group 2 */ 1380 1381 run_srom_read(sc, RT2860_EEPROM_RSSI1_5GHZ, &val); 1382 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1383 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1384 run_srom_read(sc, RT2860_EEPROM_RSSI2_5GHZ, &val); 1385 if (sc->mac_ver == 0x3572) { 1386 /* 1387 * On RT3572 chips (limited to 2 Rx chains), this ROM 1388 * field contains the Tx mixer gain for the 5GHz band. 1389 */ 1390 if ((val & 0xff) != 0xff) 1391 sc->txmixgain_5ghz = val & 0x7; 1392 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz)); 1393 } else 1394 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1395 sc->lna[3] = val >> 8; /* channel group 3 */ 1396 1397 run_srom_read(sc, RT2860_EEPROM_LNA, &val); 1398 sc->lna[0] = val & 0xff; /* channel group 0 */ 1399 sc->lna[1] = val >> 8; /* channel group 1 */ 1400 1401 /* fix broken 5GHz LNA entries */ 1402 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1403 DPRINTF(("invalid LNA for channel group %d\n", 2)); 1404 sc->lna[2] = sc->lna[1]; 1405 } 1406 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1407 DPRINTF(("invalid LNA for channel group %d\n", 3)); 1408 sc->lna[3] = sc->lna[1]; 1409 } 1410 1411 /* fix broken RSSI offset entries */ 1412 for (ant = 0; ant < 3; ant++) { 1413 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1414 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n", 1415 ant + 1, sc->rssi_2ghz[ant])); 1416 sc->rssi_2ghz[ant] = 0; 1417 } 1418 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1419 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n", 1420 ant + 1, sc->rssi_5ghz[ant])); 1421 sc->rssi_5ghz[ant] = 0; 1422 } 1423 } 1424 return 0; 1425 } 1426 1427 struct ieee80211_node * 1428 run_node_alloc(struct ieee80211com *ic) 1429 { 1430 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO); 1431 } 1432 1433 int 1434 run_media_change(struct ifnet *ifp) 1435 { 1436 struct run_softc *sc = ifp->if_softc; 1437 struct ieee80211com *ic = &sc->sc_ic; 1438 uint8_t rate, ridx; 1439 int error; 1440 1441 error = ieee80211_media_change(ifp); 1442 if (error != ENETRESET) 1443 return error; 1444 1445 if (ic->ic_fixed_rate != -1) { 1446 rate = ic->ic_sup_rates[ic->ic_curmode]. 1447 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1448 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++) 1449 if (rt2860_rates[ridx].rate == rate) 1450 break; 1451 sc->fixed_ridx = ridx; 1452 } 1453 1454 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1455 (IFF_UP | IFF_RUNNING)) { 1456 run_stop(ifp, 0); 1457 run_init(ifp); 1458 } 1459 1460 return 0; 1461 } 1462 1463 void 1464 run_next_scan(void *arg) 1465 { 1466 struct run_softc *sc = arg; 1467 1468 if (usbd_is_dying(sc->sc_udev)) 1469 return; 1470 1471 usbd_ref_incr(sc->sc_udev); 1472 1473 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1474 ieee80211_next_scan(&sc->sc_ic.ic_if); 1475 1476 usbd_ref_decr(sc->sc_udev); 1477 } 1478 1479 void 1480 run_task(void *arg) 1481 { 1482 struct run_softc *sc = arg; 1483 struct run_host_cmd_ring *ring = &sc->cmdq; 1484 struct run_host_cmd *cmd; 1485 int s; 1486 1487 if (usbd_is_dying(sc->sc_udev)) 1488 return; 1489 1490 /* process host commands */ 1491 s = splusb(); 1492 while (ring->next != ring->cur) { 1493 cmd = &ring->cmd[ring->next]; 1494 splx(s); 1495 /* callback */ 1496 cmd->cb(sc, cmd->data); 1497 s = splusb(); 1498 ring->queued--; 1499 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT; 1500 } 1501 splx(s); 1502 } 1503 1504 void 1505 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *), 1506 void *arg, int len) 1507 { 1508 struct run_host_cmd_ring *ring = &sc->cmdq; 1509 struct run_host_cmd *cmd; 1510 int s; 1511 1512 if (usbd_is_dying(sc->sc_udev)) 1513 return; 1514 1515 s = splusb(); 1516 cmd = &ring->cmd[ring->cur]; 1517 cmd->cb = cb; 1518 KASSERT(len <= sizeof (cmd->data)); 1519 memcpy(cmd->data, arg, len); 1520 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT; 1521 1522 /* if there is no pending command already, schedule a task */ 1523 if (++ring->queued == 1) 1524 usb_add_task(sc->sc_udev, &sc->sc_task); 1525 splx(s); 1526 } 1527 1528 int 1529 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1530 { 1531 struct run_softc *sc = ic->ic_softc; 1532 struct run_cmd_newstate cmd; 1533 1534 /* do it in a process context */ 1535 cmd.state = nstate; 1536 cmd.arg = arg; 1537 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd); 1538 return 0; 1539 } 1540 1541 void 1542 run_newstate_cb(struct run_softc *sc, void *arg) 1543 { 1544 struct run_cmd_newstate *cmd = arg; 1545 struct ieee80211com *ic = &sc->sc_ic; 1546 enum ieee80211_state ostate; 1547 struct ieee80211_node *ni; 1548 uint32_t tmp, sta[3]; 1549 uint8_t wcid; 1550 int s; 1551 1552 s = splnet(); 1553 ostate = ic->ic_state; 1554 1555 if (ostate == IEEE80211_S_RUN) { 1556 /* turn link LED off */ 1557 run_set_leds(sc, RT2860_LED_RADIO); 1558 } 1559 1560 switch (cmd->state) { 1561 case IEEE80211_S_INIT: 1562 if (ostate == IEEE80211_S_RUN) { 1563 /* abort TSF synchronization */ 1564 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1565 run_write(sc, RT2860_BCN_TIME_CFG, 1566 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1567 RT2860_TBTT_TIMER_EN)); 1568 } 1569 break; 1570 1571 case IEEE80211_S_SCAN: 1572 run_set_chan(sc, ic->ic_bss->ni_chan); 1573 if (!usbd_is_dying(sc->sc_udev)) 1574 timeout_add_msec(&sc->scan_to, 200); 1575 break; 1576 1577 case IEEE80211_S_AUTH: 1578 case IEEE80211_S_ASSOC: 1579 run_set_chan(sc, ic->ic_bss->ni_chan); 1580 break; 1581 1582 case IEEE80211_S_RUN: 1583 run_set_chan(sc, ic->ic_bss->ni_chan); 1584 1585 ni = ic->ic_bss; 1586 1587 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1588 run_updateslot(ic); 1589 run_enable_mrr(sc); 1590 run_set_txpreamble(sc); 1591 run_set_basicrates(sc); 1592 run_set_bssid(sc, ni->ni_bssid); 1593 } 1594 if (ic->ic_opmode == IEEE80211_M_STA) { 1595 /* add BSS entry to the WCID table */ 1596 wcid = RUN_AID2WCID(ni->ni_associd); 1597 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1598 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1599 1600 /* fake a join to init the tx rate */ 1601 run_newassoc(ic, ni, 1); 1602 } 1603 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1604 run_enable_tsf_sync(sc); 1605 1606 /* clear statistic registers used by AMRR */ 1607 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1608 (uint8_t *)sta, sizeof sta); 1609 /* start calibration timer */ 1610 if (!usbd_is_dying(sc->sc_udev)) 1611 timeout_add_sec(&sc->calib_to, 1); 1612 } 1613 1614 /* turn link LED on */ 1615 run_set_leds(sc, RT2860_LED_RADIO | 1616 (IEEE80211_IS_CHAN_2GHZ(ic->ic_bss->ni_chan) ? 1617 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1618 break; 1619 } 1620 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 1621 splx(s); 1622 } 1623 1624 void 1625 run_updateedca(struct ieee80211com *ic) 1626 { 1627 /* do it in a process context */ 1628 run_do_async(ic->ic_softc, run_updateedca_cb, NULL, 0); 1629 } 1630 1631 /* ARGSUSED */ 1632 void 1633 run_updateedca_cb(struct run_softc *sc, void *arg) 1634 { 1635 struct ieee80211com *ic = &sc->sc_ic; 1636 int s, aci; 1637 1638 s = splnet(); 1639 /* update MAC TX configuration registers */ 1640 for (aci = 0; aci < EDCA_NUM_AC; aci++) { 1641 run_write(sc, RT2860_EDCA_AC_CFG(aci), 1642 ic->ic_edca_ac[aci].ac_ecwmax << 16 | 1643 ic->ic_edca_ac[aci].ac_ecwmin << 12 | 1644 ic->ic_edca_ac[aci].ac_aifsn << 8 | 1645 ic->ic_edca_ac[aci].ac_txoplimit); 1646 } 1647 1648 /* update SCH/DMA registers too */ 1649 run_write(sc, RT2860_WMM_AIFSN_CFG, 1650 ic->ic_edca_ac[EDCA_AC_VO].ac_aifsn << 12 | 1651 ic->ic_edca_ac[EDCA_AC_VI].ac_aifsn << 8 | 1652 ic->ic_edca_ac[EDCA_AC_BK].ac_aifsn << 4 | 1653 ic->ic_edca_ac[EDCA_AC_BE].ac_aifsn); 1654 run_write(sc, RT2860_WMM_CWMIN_CFG, 1655 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmin << 12 | 1656 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmin << 8 | 1657 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmin << 4 | 1658 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmin); 1659 run_write(sc, RT2860_WMM_CWMAX_CFG, 1660 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmax << 12 | 1661 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmax << 8 | 1662 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmax << 4 | 1663 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmax); 1664 run_write(sc, RT2860_WMM_TXOP0_CFG, 1665 ic->ic_edca_ac[EDCA_AC_BK].ac_txoplimit << 16 | 1666 ic->ic_edca_ac[EDCA_AC_BE].ac_txoplimit); 1667 run_write(sc, RT2860_WMM_TXOP1_CFG, 1668 ic->ic_edca_ac[EDCA_AC_VO].ac_txoplimit << 16 | 1669 ic->ic_edca_ac[EDCA_AC_VI].ac_txoplimit); 1670 splx(s); 1671 } 1672 1673 int 1674 run_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 1675 struct ieee80211_key *k) 1676 { 1677 struct run_softc *sc = ic->ic_softc; 1678 struct run_cmd_key cmd; 1679 1680 /* defer setting of WEP keys until interface is brought up */ 1681 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) != 1682 (IFF_UP | IFF_RUNNING)) 1683 return 0; 1684 1685 /* do it in a process context */ 1686 cmd.key = *k; 1687 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1688 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd); 1689 return 0; 1690 } 1691 1692 void 1693 run_set_key_cb(struct run_softc *sc, void *arg) 1694 { 1695 struct run_cmd_key *cmd = arg; 1696 struct ieee80211_key *k = &cmd->key; 1697 uint32_t attr; 1698 uint16_t base; 1699 uint8_t mode, wcid, iv[8]; 1700 1701 /* map net80211 cipher to RT2860 security mode */ 1702 switch (k->k_cipher) { 1703 case IEEE80211_CIPHER_WEP40: 1704 mode = RT2860_MODE_WEP40; 1705 break; 1706 case IEEE80211_CIPHER_WEP104: 1707 mode = RT2860_MODE_WEP104; 1708 break; 1709 case IEEE80211_CIPHER_TKIP: 1710 mode = RT2860_MODE_TKIP; 1711 break; 1712 case IEEE80211_CIPHER_CCMP: 1713 mode = RT2860_MODE_AES_CCMP; 1714 break; 1715 default: 1716 return; 1717 } 1718 1719 if (k->k_flags & IEEE80211_KEY_GROUP) { 1720 wcid = 0; /* NB: update WCID0 for group keys */ 1721 base = RT2860_SKEY(0, k->k_id); 1722 } else { 1723 wcid = RUN_AID2WCID(cmd->associd); 1724 base = RT2860_PKEY(wcid); 1725 } 1726 1727 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1728 run_write_region_1(sc, base, k->k_key, 16); 1729 run_write_region_1(sc, base + 16, &k->k_key[24], 8); 1730 run_write_region_1(sc, base + 24, &k->k_key[16], 8); 1731 } else { 1732 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1733 run_write_region_1(sc, base, k->k_key, (k->k_len + 1) & ~1); 1734 } 1735 1736 if (!(k->k_flags & IEEE80211_KEY_GROUP) || 1737 (k->k_flags & IEEE80211_KEY_TX)) { 1738 /* set initial packet number in IV+EIV */ 1739 if (k->k_cipher == IEEE80211_CIPHER_WEP40 || 1740 k->k_cipher == IEEE80211_CIPHER_WEP104) { 1741 memset(iv, 0, sizeof iv); 1742 iv[3] = sc->sc_ic.ic_def_txkey << 6; 1743 } else { 1744 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1745 iv[0] = k->k_tsc >> 8; 1746 iv[1] = (iv[0] | 0x20) & 0x7f; 1747 iv[2] = k->k_tsc; 1748 } else /* CCMP */ { 1749 iv[0] = k->k_tsc; 1750 iv[1] = k->k_tsc >> 8; 1751 iv[2] = 0; 1752 } 1753 iv[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV; 1754 iv[4] = k->k_tsc >> 16; 1755 iv[5] = k->k_tsc >> 24; 1756 iv[6] = k->k_tsc >> 32; 1757 iv[7] = k->k_tsc >> 40; 1758 } 1759 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8); 1760 } 1761 1762 if (k->k_flags & IEEE80211_KEY_GROUP) { 1763 /* install group key */ 1764 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 1765 attr &= ~(0xf << (k->k_id * 4)); 1766 attr |= mode << (k->k_id * 4); 1767 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 1768 } else { 1769 /* install pairwise key */ 1770 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 1771 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 1772 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 1773 } 1774 } 1775 1776 void 1777 run_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 1778 struct ieee80211_key *k) 1779 { 1780 struct run_softc *sc = ic->ic_softc; 1781 struct run_cmd_key cmd; 1782 1783 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 1784 ic->ic_state != IEEE80211_S_RUN) 1785 return; /* nothing to do */ 1786 1787 /* do it in a process context */ 1788 cmd.key = *k; 1789 cmd.associd = (ni != NULL) ? ni->ni_associd : 0; 1790 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd); 1791 } 1792 1793 void 1794 run_delete_key_cb(struct run_softc *sc, void *arg) 1795 { 1796 struct run_cmd_key *cmd = arg; 1797 struct ieee80211_key *k = &cmd->key; 1798 uint32_t attr; 1799 uint8_t wcid; 1800 1801 if (k->k_flags & IEEE80211_KEY_GROUP) { 1802 /* remove group key */ 1803 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 1804 attr &= ~(0xf << (k->k_id * 4)); 1805 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 1806 1807 } else { 1808 /* remove pairwise key */ 1809 wcid = RUN_AID2WCID(cmd->associd); 1810 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 1811 attr &= ~0xf; 1812 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 1813 } 1814 } 1815 1816 void 1817 run_calibrate_to(void *arg) 1818 { 1819 /* do it in a process context */ 1820 run_do_async(arg, run_calibrate_cb, NULL, 0); 1821 /* next timeout will be rescheduled in the calibration task */ 1822 } 1823 1824 /* ARGSUSED */ 1825 void 1826 run_calibrate_cb(struct run_softc *sc, void *arg) 1827 { 1828 struct ifnet *ifp = &sc->sc_ic.ic_if; 1829 uint32_t sta[3]; 1830 int s, error; 1831 1832 /* read statistic counters (clear on read) and update AMRR state */ 1833 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 1834 sizeof sta); 1835 if (error != 0) 1836 goto skip; 1837 1838 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n", 1839 letoh32(sta[1]) >> 16, letoh32(sta[1]) & 0xffff, 1840 letoh32(sta[0]) & 0xffff)); 1841 1842 s = splnet(); 1843 /* count failed TX as errors */ 1844 ifp->if_oerrors += letoh32(sta[0]) & 0xffff; 1845 1846 sc->amn.amn_retrycnt = 1847 (letoh32(sta[0]) & 0xffff) + /* failed TX count */ 1848 (letoh32(sta[1]) >> 16); /* TX retransmission count */ 1849 1850 sc->amn.amn_txcnt = 1851 sc->amn.amn_retrycnt + 1852 (letoh32(sta[1]) & 0xffff); /* successful TX count */ 1853 1854 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn); 1855 splx(s); 1856 1857 skip: 1858 if (!usbd_is_dying(sc->sc_udev)) 1859 timeout_add_sec(&sc->calib_to, 1); 1860 } 1861 1862 void 1863 run_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 1864 { 1865 struct run_softc *sc = ic->ic_softc; 1866 struct run_node *rn = (void *)ni; 1867 struct ieee80211_rateset *rs = &ni->ni_rates; 1868 uint8_t rate; 1869 int ridx, i, j; 1870 1871 DPRINTF(("new assoc isnew=%d addr=%s\n", 1872 isnew, ether_sprintf(ni->ni_macaddr))); 1873 1874 ieee80211_amrr_node_init(&sc->amrr, &sc->amn); 1875 /* start at lowest available bit-rate, AMRR will raise */ 1876 ni->ni_txrate = 0; 1877 1878 for (i = 0; i < rs->rs_nrates; i++) { 1879 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 1880 /* convert 802.11 rate to hardware rate index */ 1881 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 1882 if (rt2860_rates[ridx].rate == rate) 1883 break; 1884 rn->ridx[i] = ridx; 1885 /* determine rate of control response frames */ 1886 for (j = i; j >= 0; j--) { 1887 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 1888 rt2860_rates[rn->ridx[i]].phy == 1889 rt2860_rates[rn->ridx[j]].phy) 1890 break; 1891 } 1892 if (j >= 0) { 1893 rn->ctl_ridx[i] = rn->ridx[j]; 1894 } else { 1895 /* no basic rate found, use mandatory one */ 1896 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 1897 } 1898 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n", 1899 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i])); 1900 } 1901 } 1902 1903 /* 1904 * Return the Rx chain with the highest RSSI for a given frame. 1905 */ 1906 static __inline uint8_t 1907 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 1908 { 1909 uint8_t rxchain = 0; 1910 1911 if (sc->nrxchains > 1) { 1912 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 1913 rxchain = 1; 1914 if (sc->nrxchains > 2) 1915 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 1916 rxchain = 2; 1917 } 1918 return rxchain; 1919 } 1920 1921 void 1922 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen) 1923 { 1924 struct ieee80211com *ic = &sc->sc_ic; 1925 struct ifnet *ifp = &ic->ic_if; 1926 struct ieee80211_frame *wh; 1927 struct ieee80211_rxinfo rxi; 1928 struct ieee80211_node *ni; 1929 struct rt2870_rxd *rxd; 1930 struct rt2860_rxwi *rxwi; 1931 struct mbuf *m; 1932 uint32_t flags; 1933 uint16_t len, phy; 1934 uint8_t ant, rssi; 1935 int s; 1936 1937 rxwi = (struct rt2860_rxwi *)buf; 1938 len = letoh16(rxwi->len) & 0xfff; 1939 if (__predict_false(len > dmalen)) { 1940 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen)); 1941 return; 1942 } 1943 /* Rx descriptor is located at the end */ 1944 rxd = (struct rt2870_rxd *)(buf + dmalen); 1945 flags = letoh32(rxd->flags); 1946 1947 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 1948 ifp->if_ierrors++; 1949 return; 1950 } 1951 1952 if (__predict_false((flags & RT2860_RX_MICERR))) { 1953 /* report MIC failures to net80211 for TKIP */ 1954 ic->ic_stats.is_rx_locmicfail++; 1955 ieee80211_michael_mic_failure(ic, 0/* XXX */); 1956 ifp->if_ierrors++; 1957 return; 1958 } 1959 1960 wh = (struct ieee80211_frame *)(rxwi + 1); 1961 rxi.rxi_flags = 0; 1962 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 1963 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 1964 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1965 } 1966 1967 if (flags & RT2860_RX_L2PAD) { 1968 u_int hdrlen = ieee80211_get_hdrlen(wh); 1969 ovbcopy(wh, (caddr_t)wh + 2, hdrlen); 1970 wh = (struct ieee80211_frame *)((caddr_t)wh + 2); 1971 } 1972 1973 /* could use m_devget but net80211 wants contig mgmt frames */ 1974 MGETHDR(m, M_DONTWAIT, MT_DATA); 1975 if (__predict_false(m == NULL)) { 1976 ifp->if_ierrors++; 1977 return; 1978 } 1979 if (len > MHLEN) { 1980 MCLGET(m, M_DONTWAIT); 1981 if (__predict_false(!(m->m_flags & M_EXT))) { 1982 ifp->if_ierrors++; 1983 m_freem(m); 1984 return; 1985 } 1986 } 1987 /* finalize mbuf */ 1988 m->m_pkthdr.rcvif = ifp; 1989 memcpy(mtod(m, caddr_t), wh, len); 1990 m->m_pkthdr.len = m->m_len = len; 1991 1992 ant = run_maxrssi_chain(sc, rxwi); 1993 rssi = rxwi->rssi[ant]; 1994 1995 #if NBPFILTER > 0 1996 if (__predict_false(sc->sc_drvbpf != NULL)) { 1997 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 1998 struct mbuf mb; 1999 2000 tap->wr_flags = 0; 2001 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 2002 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 2003 tap->wr_antsignal = rssi; 2004 tap->wr_antenna = ant; 2005 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2006 tap->wr_rate = 2; /* in case it can't be found below */ 2007 phy = letoh16(rxwi->phy); 2008 switch (phy & RT2860_PHY_MODE) { 2009 case RT2860_PHY_CCK: 2010 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2011 case 0: tap->wr_rate = 2; break; 2012 case 1: tap->wr_rate = 4; break; 2013 case 2: tap->wr_rate = 11; break; 2014 case 3: tap->wr_rate = 22; break; 2015 } 2016 if (phy & RT2860_PHY_SHPRE) 2017 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2018 break; 2019 case RT2860_PHY_OFDM: 2020 switch (phy & RT2860_PHY_MCS) { 2021 case 0: tap->wr_rate = 12; break; 2022 case 1: tap->wr_rate = 18; break; 2023 case 2: tap->wr_rate = 24; break; 2024 case 3: tap->wr_rate = 36; break; 2025 case 4: tap->wr_rate = 48; break; 2026 case 5: tap->wr_rate = 72; break; 2027 case 6: tap->wr_rate = 96; break; 2028 case 7: tap->wr_rate = 108; break; 2029 } 2030 break; 2031 } 2032 mb.m_data = (caddr_t)tap; 2033 mb.m_len = sc->sc_rxtap_len; 2034 mb.m_next = m; 2035 mb.m_nextpkt = NULL; 2036 mb.m_type = 0; 2037 mb.m_flags = 0; 2038 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 2039 } 2040 #endif 2041 2042 s = splnet(); 2043 ni = ieee80211_find_rxnode(ic, wh); 2044 rxi.rxi_rssi = rssi; 2045 rxi.rxi_tstamp = 0; /* unused */ 2046 ieee80211_input(ifp, m, ni, &rxi); 2047 2048 /* node is no longer needed */ 2049 ieee80211_release_node(ic, ni); 2050 splx(s); 2051 } 2052 2053 void 2054 run_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2055 { 2056 struct run_rx_data *data = priv; 2057 struct run_softc *sc = data->sc; 2058 uint8_t *buf; 2059 uint32_t dmalen; 2060 int xferlen; 2061 2062 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2063 DPRINTF(("RX status=%d\n", status)); 2064 if (status == USBD_STALLED) 2065 usbd_clear_endpoint_stall_async(sc->rxq.pipeh); 2066 if (status != USBD_CANCELLED) 2067 goto skip; 2068 return; 2069 } 2070 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL); 2071 2072 if (__predict_false(xferlen < sizeof (uint32_t) + 2073 sizeof (struct rt2860_rxwi) + sizeof (struct rt2870_rxd))) { 2074 DPRINTF(("xfer too short %d\n", xferlen)); 2075 goto skip; 2076 } 2077 2078 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2079 buf = data->buf; 2080 while (xferlen > 8) { 2081 dmalen = letoh32(*(uint32_t *)buf) & 0xffff; 2082 2083 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) { 2084 DPRINTF(("bad DMA length %u\n", dmalen)); 2085 break; 2086 } 2087 if (__predict_false(dmalen + 8 > xferlen)) { 2088 DPRINTF(("bad DMA length %u > %d\n", 2089 dmalen + 8, xferlen)); 2090 break; 2091 } 2092 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen); 2093 buf += dmalen + 8; 2094 xferlen -= dmalen + 8; 2095 } 2096 2097 skip: /* setup a new transfer */ 2098 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ, 2099 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof); 2100 (void)usbd_transfer(data->xfer); 2101 } 2102 2103 void 2104 run_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, usbd_status status) 2105 { 2106 struct run_tx_data *data = priv; 2107 struct run_softc *sc = data->sc; 2108 struct run_tx_ring *txq = &sc->txq[data->qid]; 2109 struct ifnet *ifp = &sc->sc_ic.ic_if; 2110 int s; 2111 2112 s = splnet(); 2113 txq->queued--; 2114 sc->qfullmsk &= ~(1 << data->qid); 2115 2116 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2117 DPRINTF(("TX status=%d\n", status)); 2118 if (status == USBD_STALLED) 2119 usbd_clear_endpoint_stall_async(txq->pipeh); 2120 ifp->if_oerrors++; 2121 splx(s); 2122 return; 2123 } 2124 2125 sc->sc_tx_timer = 0; 2126 ifp->if_opackets++; 2127 ifp->if_flags &= ~IFF_OACTIVE; 2128 run_start(ifp); 2129 splx(s); 2130 } 2131 2132 int 2133 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2134 { 2135 struct ieee80211com *ic = &sc->sc_ic; 2136 struct run_node *rn = (void *)ni; 2137 struct ieee80211_frame *wh; 2138 struct run_tx_ring *ring; 2139 struct run_tx_data *data; 2140 struct rt2870_txd *txd; 2141 struct rt2860_txwi *txwi; 2142 uint16_t qos, dur; 2143 uint8_t type, mcs, tid, qid; 2144 int error, hasqos, ridx, ctl_ridx, xferlen; 2145 2146 wh = mtod(m, struct ieee80211_frame *); 2147 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2148 2149 if ((hasqos = ieee80211_has_qos(wh))) { 2150 qos = ieee80211_get_qos(wh); 2151 tid = qos & IEEE80211_QOS_TID; 2152 qid = ieee80211_up_to_ac(ic, tid); 2153 } else { 2154 tid = 0; 2155 qid = EDCA_AC_BE; 2156 } 2157 ring = &sc->txq[qid]; 2158 data = &ring->data[ring->cur]; 2159 2160 /* pickup a rate index */ 2161 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2162 type != IEEE80211_FC0_TYPE_DATA) { 2163 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2164 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2165 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2166 } else if (ic->ic_fixed_rate != -1) { 2167 ridx = sc->fixed_ridx; 2168 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2169 } else { 2170 ridx = rn->ridx[ni->ni_txrate]; 2171 ctl_ridx = rn->ctl_ridx[ni->ni_txrate]; 2172 } 2173 2174 /* get MCS code from rate index */ 2175 mcs = rt2860_rates[ridx].mcs; 2176 2177 xferlen = sizeof (*txwi) + m->m_pkthdr.len; 2178 /* roundup to 32-bit alignment */ 2179 xferlen = (xferlen + 3) & ~3; 2180 2181 txd = (struct rt2870_txd *)data->buf; 2182 txd->flags = RT2860_TX_QSEL_EDCA; 2183 txd->len = htole16(xferlen); 2184 2185 /* setup TX Wireless Information */ 2186 txwi = (struct rt2860_txwi *)(txd + 1); 2187 txwi->flags = 0; 2188 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ; 2189 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2190 RUN_AID2WCID(ni->ni_associd) : 0xff; 2191 txwi->len = htole16(m->m_pkthdr.len); 2192 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2193 txwi->phy = htole16(RT2860_PHY_CCK); 2194 if (ridx != RT2860_RIDX_CCK1 && 2195 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2196 mcs |= RT2860_PHY_SHPRE; 2197 } else 2198 txwi->phy = htole16(RT2860_PHY_OFDM); 2199 txwi->phy |= htole16(mcs); 2200 2201 txwi->txop = RT2860_TX_TXOP_BACKOFF; 2202 2203 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2204 (!hasqos || (qos & IEEE80211_QOS_ACK_POLICY_MASK) != 2205 IEEE80211_QOS_ACK_POLICY_NOACK)) { 2206 txwi->xflags |= RT2860_TX_ACK; 2207 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2208 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 2209 else 2210 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 2211 *(uint16_t *)wh->i_dur = htole16(dur); 2212 } 2213 2214 #if NBPFILTER > 0 2215 if (__predict_false(sc->sc_drvbpf != NULL)) { 2216 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2217 struct mbuf mb; 2218 2219 tap->wt_flags = 0; 2220 tap->wt_rate = rt2860_rates[ridx].rate; 2221 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 2222 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 2223 tap->wt_hwqueue = qid; 2224 if (mcs & RT2860_PHY_SHPRE) 2225 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2226 2227 mb.m_data = (caddr_t)tap; 2228 mb.m_len = sc->sc_txtap_len; 2229 mb.m_next = m; 2230 mb.m_nextpkt = NULL; 2231 mb.m_type = 0; 2232 mb.m_flags = 0; 2233 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 2234 } 2235 #endif 2236 2237 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)(txwi + 1)); 2238 m_freem(m); 2239 2240 xferlen += sizeof (*txd) + 4; 2241 2242 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen, 2243 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof); 2244 error = usbd_transfer(data->xfer); 2245 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 2246 return error; 2247 2248 ieee80211_release_node(ic, ni); 2249 2250 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT; 2251 if (++ring->queued >= RUN_TX_RING_COUNT) 2252 sc->qfullmsk |= 1 << qid; 2253 2254 return 0; 2255 } 2256 2257 void 2258 run_start(struct ifnet *ifp) 2259 { 2260 struct run_softc *sc = ifp->if_softc; 2261 struct ieee80211com *ic = &sc->sc_ic; 2262 struct ieee80211_node *ni; 2263 struct mbuf *m; 2264 2265 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2266 return; 2267 2268 for (;;) { 2269 if (sc->qfullmsk != 0) { 2270 ifp->if_flags |= IFF_OACTIVE; 2271 break; 2272 } 2273 /* send pending management frames first */ 2274 IF_DEQUEUE(&ic->ic_mgtq, m); 2275 if (m != NULL) { 2276 ni = (void *)m->m_pkthdr.rcvif; 2277 goto sendit; 2278 } 2279 if (ic->ic_state != IEEE80211_S_RUN) 2280 break; 2281 2282 /* encapsulate and send data frames */ 2283 IFQ_DEQUEUE(&ifp->if_snd, m); 2284 if (m == NULL) 2285 break; 2286 #if NBPFILTER > 0 2287 if (ifp->if_bpf != NULL) 2288 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 2289 #endif 2290 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 2291 continue; 2292 sendit: 2293 #if NBPFILTER > 0 2294 if (ic->ic_rawbpf != NULL) 2295 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 2296 #endif 2297 if (run_tx(sc, m, ni) != 0) { 2298 ieee80211_release_node(ic, ni); 2299 ifp->if_oerrors++; 2300 continue; 2301 } 2302 2303 sc->sc_tx_timer = 5; 2304 ifp->if_timer = 1; 2305 } 2306 } 2307 2308 void 2309 run_watchdog(struct ifnet *ifp) 2310 { 2311 struct run_softc *sc = ifp->if_softc; 2312 2313 ifp->if_timer = 0; 2314 2315 if (sc->sc_tx_timer > 0) { 2316 if (--sc->sc_tx_timer == 0) { 2317 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 2318 /* run_init(ifp); XXX needs a process context! */ 2319 ifp->if_oerrors++; 2320 return; 2321 } 2322 ifp->if_timer = 1; 2323 } 2324 2325 ieee80211_watchdog(ifp); 2326 } 2327 2328 int 2329 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2330 { 2331 struct run_softc *sc = ifp->if_softc; 2332 struct ieee80211com *ic = &sc->sc_ic; 2333 struct ifaddr *ifa; 2334 struct ifreq *ifr; 2335 int s, error = 0; 2336 2337 if (usbd_is_dying(sc->sc_udev)) 2338 return ENXIO; 2339 2340 usbd_ref_incr(sc->sc_udev); 2341 2342 s = splnet(); 2343 2344 switch (cmd) { 2345 case SIOCSIFADDR: 2346 ifa = (struct ifaddr *)data; 2347 ifp->if_flags |= IFF_UP; 2348 #ifdef INET 2349 if (ifa->ifa_addr->sa_family == AF_INET) 2350 arp_ifinit(&ic->ic_ac, ifa); 2351 #endif 2352 /* FALLTHROUGH */ 2353 case SIOCSIFFLAGS: 2354 if (ifp->if_flags & IFF_UP) { 2355 if (!(ifp->if_flags & IFF_RUNNING)) 2356 run_init(ifp); 2357 } else { 2358 if (ifp->if_flags & IFF_RUNNING) 2359 run_stop(ifp, 1); 2360 } 2361 break; 2362 2363 case SIOCADDMULTI: 2364 case SIOCDELMULTI: 2365 ifr = (struct ifreq *)data; 2366 error = (cmd == SIOCADDMULTI) ? 2367 ether_addmulti(ifr, &ic->ic_ac) : 2368 ether_delmulti(ifr, &ic->ic_ac); 2369 2370 if (error == ENETRESET) 2371 error = 0; 2372 break; 2373 2374 case SIOCS80211CHANNEL: 2375 /* 2376 * This allows for fast channel switching in monitor mode 2377 * (used by kismet). 2378 */ 2379 error = ieee80211_ioctl(ifp, cmd, data); 2380 if (error == ENETRESET && 2381 ic->ic_opmode == IEEE80211_M_MONITOR) { 2382 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2383 (IFF_UP | IFF_RUNNING)) 2384 run_set_chan(sc, ic->ic_ibss_chan); 2385 error = 0; 2386 } 2387 break; 2388 2389 default: 2390 error = ieee80211_ioctl(ifp, cmd, data); 2391 } 2392 2393 if (error == ENETRESET) { 2394 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2395 (IFF_UP | IFF_RUNNING)) { 2396 run_stop(ifp, 0); 2397 run_init(ifp); 2398 } 2399 error = 0; 2400 } 2401 2402 splx(s); 2403 2404 usbd_ref_decr(sc->sc_udev); 2405 2406 return error; 2407 } 2408 2409 void 2410 run_select_chan_group(struct run_softc *sc, int group) 2411 { 2412 uint32_t tmp; 2413 uint8_t agc; 2414 2415 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 2416 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 2417 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 2418 run_bbp_write(sc, 86, 0x00); 2419 2420 if (group == 0) { 2421 if (sc->ext_2ghz_lna) { 2422 run_bbp_write(sc, 82, 0x62); 2423 run_bbp_write(sc, 75, 0x46); 2424 } else { 2425 run_bbp_write(sc, 82, 0x84); 2426 run_bbp_write(sc, 75, 0x50); 2427 } 2428 } else { 2429 if (sc->mac_ver == 0x3572) 2430 run_bbp_write(sc, 82, 0x94); 2431 else 2432 run_bbp_write(sc, 82, 0xf2); 2433 if (sc->ext_5ghz_lna) 2434 run_bbp_write(sc, 75, 0x46); 2435 else 2436 run_bbp_write(sc, 75, 0x50); 2437 } 2438 2439 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 2440 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 2441 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 2442 run_write(sc, RT2860_TX_BAND_CFG, tmp); 2443 2444 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 2445 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 2446 if (sc->nrxchains > 1) 2447 tmp |= RT2860_LNA_PE1_EN; 2448 if (group == 0) { /* 2GHz */ 2449 tmp |= RT2860_PA_PE_G0_EN; 2450 if (sc->ntxchains > 1) 2451 tmp |= RT2860_PA_PE_G1_EN; 2452 } else { /* 5GHz */ 2453 tmp |= RT2860_PA_PE_A0_EN; 2454 if (sc->ntxchains > 1) 2455 tmp |= RT2860_PA_PE_A1_EN; 2456 } 2457 if (sc->mac_ver == 0x3572) { 2458 run_rt3070_rf_write(sc, 8, 0x00); 2459 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2460 run_rt3070_rf_write(sc, 8, 0x80); 2461 } else 2462 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2463 2464 /* set initial AGC value */ 2465 if (group == 0) { /* 2GHz band */ 2466 if (sc->mac_ver >= 0x3070) 2467 agc = 0x1c + sc->lna[0] * 2; 2468 else 2469 agc = 0x2e + sc->lna[0]; 2470 } else { /* 5GHz band */ 2471 if (sc->mac_ver == 0x3572) 2472 agc = 0x22 + (sc->lna[group] * 5) / 3; 2473 else 2474 agc = 0x32 + (sc->lna[group] * 5) / 3; 2475 } 2476 run_set_agc(sc, agc); 2477 } 2478 2479 void 2480 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 2481 { 2482 const struct rfprog *rfprog = rt2860_rf2850; 2483 uint32_t r2, r3, r4; 2484 int8_t txpow1, txpow2; 2485 int i; 2486 2487 /* find the settings for this channel (we know it exists) */ 2488 for (i = 0; rfprog[i].chan != chan; i++); 2489 2490 r2 = rfprog[i].r2; 2491 if (sc->ntxchains == 1) 2492 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 2493 if (sc->nrxchains == 1) 2494 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2495 else if (sc->nrxchains == 2) 2496 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 2497 2498 /* use Tx power values from EEPROM */ 2499 txpow1 = sc->txpow1[i]; 2500 txpow2 = sc->txpow2[i]; 2501 if (chan > 14) { 2502 if (txpow1 >= 0) 2503 txpow1 = txpow1 << 1 | 1; 2504 else 2505 txpow1 = (7 + txpow1) << 1; 2506 if (txpow2 >= 0) 2507 txpow2 = txpow2 << 1 | 1; 2508 else 2509 txpow2 = (7 + txpow2) << 1; 2510 } 2511 r3 = rfprog[i].r3 | txpow1 << 7; 2512 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 2513 2514 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2515 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2516 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2517 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2518 2519 DELAY(200); 2520 2521 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2522 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2523 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 2524 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2525 2526 DELAY(200); 2527 2528 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2529 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2530 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2531 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2532 } 2533 2534 void 2535 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 2536 { 2537 int8_t txpow1, txpow2; 2538 uint8_t rf; 2539 int i; 2540 2541 KASSERT(chan >= 1 && chan <= 14); /* RT3070 is 2GHz only */ 2542 2543 /* find the settings for this channel (we know it exists) */ 2544 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 2545 2546 /* use Tx power values from EEPROM */ 2547 txpow1 = sc->txpow1[i]; 2548 txpow2 = sc->txpow2[i]; 2549 2550 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2551 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 2552 run_rt3070_rf_read(sc, 6, &rf); 2553 rf = (rf & ~0x03) | rt3070_freqs[i].r; 2554 run_rt3070_rf_write(sc, 6, rf); 2555 2556 /* set Tx0 power */ 2557 run_rt3070_rf_read(sc, 12, &rf); 2558 rf = (rf & ~0x1f) | txpow1; 2559 run_rt3070_rf_write(sc, 12, rf); 2560 2561 /* set Tx1 power */ 2562 run_rt3070_rf_read(sc, 13, &rf); 2563 rf = (rf & ~0x1f) | txpow2; 2564 run_rt3070_rf_write(sc, 13, rf); 2565 2566 run_rt3070_rf_read(sc, 1, &rf); 2567 rf &= ~0xfc; 2568 if (sc->ntxchains == 1) 2569 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2570 else if (sc->ntxchains == 2) 2571 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2572 if (sc->nrxchains == 1) 2573 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2574 else if (sc->nrxchains == 2) 2575 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2576 run_rt3070_rf_write(sc, 1, rf); 2577 2578 /* set RF offset */ 2579 run_rt3070_rf_read(sc, 23, &rf); 2580 rf = (rf & ~0x7f) | sc->freq; 2581 run_rt3070_rf_write(sc, 23, rf); 2582 2583 /* program RF filter */ 2584 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 2585 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2586 run_rt3070_rf_write(sc, 24, rf); 2587 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 2588 rf = (rf & ~0x3f) | sc->rf24_20mhz; 2589 run_rt3070_rf_write(sc, 31, rf); 2590 2591 /* enable RF tuning */ 2592 run_rt3070_rf_read(sc, 7, &rf); 2593 run_rt3070_rf_write(sc, 7, rf | 0x01); 2594 } 2595 2596 void 2597 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 2598 { 2599 int8_t txpow1, txpow2; 2600 uint32_t tmp; 2601 uint8_t rf; 2602 int i; 2603 2604 /* find the settings for this channel (we know it exists) */ 2605 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 2606 2607 /* use Tx power values from EEPROM */ 2608 txpow1 = sc->txpow1[i]; 2609 txpow2 = sc->txpow2[i]; 2610 2611 if (chan <= 14) { 2612 run_bbp_write(sc, 25, sc->bbp25); 2613 run_bbp_write(sc, 26, sc->bbp26); 2614 } else { 2615 /* enable IQ phase correction */ 2616 run_bbp_write(sc, 25, 0x09); 2617 run_bbp_write(sc, 26, 0xff); 2618 } 2619 2620 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2621 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 2622 run_rt3070_rf_read(sc, 6, &rf); 2623 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 2624 rf |= (chan <= 14) ? 0x08 : 0x04; 2625 run_rt3070_rf_write(sc, 6, rf); 2626 2627 /* set PLL mode */ 2628 run_rt3070_rf_read(sc, 5, &rf); 2629 rf &= ~(0x08 | 0x04); 2630 rf |= (chan <= 14) ? 0x04 : 0x08; 2631 run_rt3070_rf_write(sc, 5, rf); 2632 2633 /* set Tx power for chain 0 */ 2634 if (chan <= 14) 2635 rf = 0x60 | txpow1; 2636 else 2637 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 2638 run_rt3070_rf_write(sc, 12, rf); 2639 2640 /* set Tx power for chain 1 */ 2641 if (chan <= 14) 2642 rf = 0x60 | txpow2; 2643 else 2644 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 2645 run_rt3070_rf_write(sc, 13, rf); 2646 2647 /* set Tx/Rx streams */ 2648 run_rt3070_rf_read(sc, 1, &rf); 2649 rf &= ~0xfc; 2650 if (sc->ntxchains == 1) 2651 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2652 else if (sc->ntxchains == 2) 2653 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2654 if (sc->nrxchains == 1) 2655 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2656 else if (sc->nrxchains == 2) 2657 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 2658 run_rt3070_rf_write(sc, 1, rf); 2659 2660 /* set RF offset */ 2661 run_rt3070_rf_read(sc, 23, &rf); 2662 rf = (rf & ~0x7f) | sc->freq; 2663 run_rt3070_rf_write(sc, 23, rf); 2664 2665 /* program RF filter */ 2666 rf = sc->rf24_20mhz; 2667 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 2668 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 2669 2670 /* enable RF tuning */ 2671 run_rt3070_rf_read(sc, 7, &rf); 2672 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 2673 run_rt3070_rf_write(sc, 7, rf); 2674 2675 /* TSSI */ 2676 rf = (chan <= 14) ? 0xc3 : 0xc0; 2677 run_rt3070_rf_write(sc, 9, rf); 2678 2679 /* set loop filter 1 */ 2680 run_rt3070_rf_write(sc, 10, 0xf1); 2681 /* set loop filter 2 */ 2682 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 2683 2684 /* set tx_mx2_ic */ 2685 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 2686 /* set tx_mx1_ic */ 2687 if (chan <= 14) 2688 rf = 0x48 | sc->txmixgain_2ghz; 2689 else 2690 rf = 0x78 | sc->txmixgain_5ghz; 2691 run_rt3070_rf_write(sc, 16, rf); 2692 2693 /* set tx_lo1 */ 2694 run_rt3070_rf_write(sc, 17, 0x23); 2695 /* set tx_lo2 */ 2696 if (chan <= 14) 2697 rf = 0x93; 2698 else if (chan <= 64) 2699 rf = 0xb7; 2700 else if (chan <= 128) 2701 rf = 0x74; 2702 else 2703 rf = 0x72; 2704 run_rt3070_rf_write(sc, 19, rf); 2705 2706 /* set rx_lo1 */ 2707 if (chan <= 14) 2708 rf = 0xb3; 2709 else if (chan <= 64) 2710 rf = 0xf6; 2711 else if (chan <= 128) 2712 rf = 0xf4; 2713 else 2714 rf = 0xf3; 2715 run_rt3070_rf_write(sc, 20, rf); 2716 2717 /* set pfd_delay */ 2718 if (chan <= 14) 2719 rf = 0x15; 2720 else if (chan <= 64) 2721 rf = 0x3d; 2722 else 2723 rf = 0x01; 2724 run_rt3070_rf_write(sc, 25, rf); 2725 2726 /* set rx_lo2 */ 2727 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 2728 /* set ldo_rf_vc */ 2729 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 2730 /* set drv_cc */ 2731 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 2732 2733 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2734 tmp &= ~0x8080; 2735 if (chan <= 14) 2736 tmp |= 0x80; 2737 run_write(sc, RT2860_GPIO_CTRL, tmp); 2738 2739 /* enable RF tuning */ 2740 run_rt3070_rf_read(sc, 7, &rf); 2741 run_rt3070_rf_write(sc, 7, rf | 0x01); 2742 2743 DELAY(2000); 2744 } 2745 2746 void 2747 run_set_agc(struct run_softc *sc, uint8_t agc) 2748 { 2749 uint8_t bbp; 2750 2751 if (sc->mac_ver == 0x3572) { 2752 run_bbp_read(sc, 27, &bbp); 2753 bbp &= ~(0x3 << 5); 2754 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 2755 run_bbp_write(sc, 66, agc); 2756 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 2757 run_bbp_write(sc, 66, agc); 2758 } else 2759 run_bbp_write(sc, 66, agc); 2760 } 2761 2762 void 2763 run_set_rx_antenna(struct run_softc *sc, int aux) 2764 { 2765 uint32_t tmp; 2766 2767 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, !aux); 2768 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2769 tmp &= ~0x0808; 2770 if (aux) 2771 tmp |= 0x08; 2772 run_write(sc, RT2860_GPIO_CTRL, tmp); 2773 } 2774 2775 int 2776 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 2777 { 2778 struct ieee80211com *ic = &sc->sc_ic; 2779 u_int chan, group; 2780 2781 chan = ieee80211_chan2ieee(ic, c); 2782 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 2783 return EINVAL; 2784 2785 if (sc->mac_ver == 0x3572) 2786 run_rt3572_set_chan(sc, chan); 2787 else if (sc->mac_ver >= 0x3070) 2788 run_rt3070_set_chan(sc, chan); 2789 else 2790 run_rt2870_set_chan(sc, chan); 2791 2792 /* determine channel group */ 2793 if (chan <= 14) 2794 group = 0; 2795 else if (chan <= 64) 2796 group = 1; 2797 else if (chan <= 128) 2798 group = 2; 2799 else 2800 group = 3; 2801 2802 /* XXX necessary only when group has changed! */ 2803 run_select_chan_group(sc, group); 2804 2805 DELAY(1000); 2806 return 0; 2807 } 2808 2809 void 2810 run_enable_tsf_sync(struct run_softc *sc) 2811 { 2812 struct ieee80211com *ic = &sc->sc_ic; 2813 uint32_t tmp; 2814 2815 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 2816 tmp &= ~0x1fffff; 2817 tmp |= ic->ic_bss->ni_intval * 16; 2818 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 2819 /* local TSF is always updated with remote TSF on beacon reception */ 2820 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 2821 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 2822 } 2823 2824 void 2825 run_enable_mrr(struct run_softc *sc) 2826 { 2827 #define CCK(mcs) (mcs) 2828 #define OFDM(mcs) (1 << 3 | (mcs)) 2829 run_write(sc, RT2860_LG_FBK_CFG0, 2830 OFDM(6) << 28 | /* 54->48 */ 2831 OFDM(5) << 24 | /* 48->36 */ 2832 OFDM(4) << 20 | /* 36->24 */ 2833 OFDM(3) << 16 | /* 24->18 */ 2834 OFDM(2) << 12 | /* 18->12 */ 2835 OFDM(1) << 8 | /* 12-> 9 */ 2836 OFDM(0) << 4 | /* 9-> 6 */ 2837 OFDM(0)); /* 6-> 6 */ 2838 2839 run_write(sc, RT2860_LG_FBK_CFG1, 2840 CCK(2) << 12 | /* 11->5.5 */ 2841 CCK(1) << 8 | /* 5.5-> 2 */ 2842 CCK(0) << 4 | /* 2-> 1 */ 2843 CCK(0)); /* 1-> 1 */ 2844 #undef OFDM 2845 #undef CCK 2846 } 2847 2848 void 2849 run_set_txpreamble(struct run_softc *sc) 2850 { 2851 uint32_t tmp; 2852 2853 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 2854 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 2855 tmp |= RT2860_CCK_SHORT_EN; 2856 else 2857 tmp &= ~RT2860_CCK_SHORT_EN; 2858 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 2859 } 2860 2861 void 2862 run_set_basicrates(struct run_softc *sc) 2863 { 2864 struct ieee80211com *ic = &sc->sc_ic; 2865 2866 /* set basic rates mask */ 2867 if (ic->ic_curmode == IEEE80211_MODE_11B) 2868 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 2869 else if (ic->ic_curmode == IEEE80211_MODE_11A) 2870 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 2871 else /* 11g */ 2872 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 2873 } 2874 2875 void 2876 run_set_leds(struct run_softc *sc, uint16_t which) 2877 { 2878 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 2879 which | (sc->leds & 0x7f)); 2880 } 2881 2882 void 2883 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 2884 { 2885 run_write(sc, RT2860_MAC_BSSID_DW0, 2886 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 2887 run_write(sc, RT2860_MAC_BSSID_DW1, 2888 bssid[4] | bssid[5] << 8); 2889 } 2890 2891 void 2892 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 2893 { 2894 run_write(sc, RT2860_MAC_ADDR_DW0, 2895 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 2896 run_write(sc, RT2860_MAC_ADDR_DW1, 2897 addr[4] | addr[5] << 8 | 0xff << 16); 2898 } 2899 2900 void 2901 run_updateslot(struct ieee80211com *ic) 2902 { 2903 /* do it in a process context */ 2904 run_do_async(ic->ic_softc, run_updateslot_cb, NULL, 0); 2905 } 2906 2907 /* ARGSUSED */ 2908 void 2909 run_updateslot_cb(struct run_softc *sc, void *arg) 2910 { 2911 uint32_t tmp; 2912 2913 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 2914 tmp &= ~0xff; 2915 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20; 2916 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 2917 } 2918 2919 #if NBPFILTER > 0 2920 int8_t 2921 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 2922 { 2923 struct ieee80211com *ic = &sc->sc_ic; 2924 struct ieee80211_channel *c = ic->ic_ibss_chan; 2925 int delta; 2926 2927 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2928 u_int chan = ieee80211_chan2ieee(ic, c); 2929 delta = sc->rssi_5ghz[rxchain]; 2930 2931 /* determine channel group */ 2932 if (chan <= 64) 2933 delta -= sc->lna[1]; 2934 else if (chan <= 128) 2935 delta -= sc->lna[2]; 2936 else 2937 delta -= sc->lna[3]; 2938 } else 2939 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 2940 2941 return -12 - delta - rssi; 2942 } 2943 #endif 2944 2945 int 2946 run_bbp_init(struct run_softc *sc) 2947 { 2948 int i, error, ntries; 2949 uint8_t bbp0; 2950 2951 /* wait for BBP to wake up */ 2952 for (ntries = 0; ntries < 20; ntries++) { 2953 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 2954 return error; 2955 if (bbp0 != 0 && bbp0 != 0xff) 2956 break; 2957 } 2958 if (ntries == 20) 2959 return ETIMEDOUT; 2960 2961 /* initialize BBP registers to default values */ 2962 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 2963 run_bbp_write(sc, rt2860_def_bbp[i].reg, 2964 rt2860_def_bbp[i].val); 2965 } 2966 2967 /* fix BBP84 for RT2860E */ 2968 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 2969 run_bbp_write(sc, 84, 0x19); 2970 2971 if (sc->mac_ver >= 0x3070) { 2972 run_bbp_write(sc, 79, 0x13); 2973 run_bbp_write(sc, 80, 0x05); 2974 run_bbp_write(sc, 81, 0x33); 2975 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 2976 run_bbp_write(sc, 69, 0x16); 2977 run_bbp_write(sc, 73, 0x12); 2978 } 2979 return 0; 2980 } 2981 2982 int 2983 run_rt3070_rf_init(struct run_softc *sc) 2984 { 2985 uint32_t tmp; 2986 uint8_t rf, target, bbp4; 2987 int i; 2988 2989 run_rt3070_rf_read(sc, 30, &rf); 2990 /* toggle RF R30 bit 7 */ 2991 run_rt3070_rf_write(sc, 30, rf | 0x80); 2992 DELAY(1000); 2993 run_rt3070_rf_write(sc, 30, rf & ~0x80); 2994 2995 /* initialize RF registers to default value */ 2996 if (sc->mac_ver == 0x3572) { 2997 for (i = 0; i < nitems(rt3572_def_rf); i++) { 2998 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 2999 rt3572_def_rf[i].val); 3000 } 3001 } else { 3002 for (i = 0; i < nitems(rt3070_def_rf); i++) { 3003 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3004 rt3070_def_rf[i].val); 3005 } 3006 } 3007 if (sc->mac_ver == 0x3572) { 3008 run_rt3070_rf_read(sc, 6, &rf); 3009 run_rt3070_rf_write(sc, 6, rf | 0x40); 3010 3011 /* increase voltage from 1.2V to 1.35V */ 3012 run_read(sc, RT3070_LDO_CFG0, &tmp); 3013 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3014 run_write(sc, RT3070_LDO_CFG0, tmp); 3015 if (sc->mac_rev >= 0x0211 || !sc->patch_dac) { 3016 /* decrease voltage back to 1.2V */ 3017 DELAY(1000); 3018 tmp = (tmp & ~0x1f000000) | 0x01000000; 3019 run_write(sc, RT3070_LDO_CFG0, tmp); 3020 } 3021 3022 } else if (sc->mac_ver == 0x3071) { 3023 run_rt3070_rf_read(sc, 6, &rf); 3024 run_rt3070_rf_write(sc, 6, rf | 0x40); 3025 run_rt3070_rf_write(sc, 31, 0x14); 3026 3027 run_read(sc, RT3070_LDO_CFG0, &tmp); 3028 tmp &= ~0x1f000000; 3029 if (sc->mac_rev < 0x0211) 3030 tmp |= 0x0d000000; /* 1.35V */ 3031 else 3032 tmp |= 0x01000000; /* 1.2V */ 3033 run_write(sc, RT3070_LDO_CFG0, tmp); 3034 3035 /* patch LNA_PE_G1 */ 3036 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3037 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3038 3039 } else if (sc->mac_ver == 0x3070) { 3040 /* increase voltage from 1.2V to 1.35V */ 3041 run_read(sc, RT3070_LDO_CFG0, &tmp); 3042 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3043 run_write(sc, RT3070_LDO_CFG0, tmp); 3044 } 3045 3046 /* select 20MHz bandwidth */ 3047 run_rt3070_rf_read(sc, 31, &rf); 3048 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3049 3050 /* calibrate filter for 20MHz bandwidth */ 3051 sc->rf24_20mhz = 0x1f; /* default value */ 3052 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 3053 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 3054 3055 /* select 40MHz bandwidth */ 3056 run_bbp_read(sc, 4, &bbp4); 3057 run_bbp_write(sc, 4, (bbp4 & ~0x08) | 0x10); 3058 run_rt3070_rf_read(sc, 31, &rf); 3059 run_rt3070_rf_write(sc, 31, rf | 0x20); 3060 3061 /* calibrate filter for 40MHz bandwidth */ 3062 sc->rf24_40mhz = 0x2f; /* default value */ 3063 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 3064 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 3065 3066 /* go back to 20MHz bandwidth */ 3067 run_bbp_read(sc, 4, &bbp4); 3068 run_bbp_write(sc, 4, bbp4 & ~0x18); 3069 3070 if (sc->mac_ver == 0x3572) { 3071 /* save default BBP registers 25 and 26 values */ 3072 run_bbp_read(sc, 25, &sc->bbp25); 3073 run_bbp_read(sc, 26, &sc->bbp26); 3074 3075 } else if (sc->mac_rev < 0x0211) 3076 run_rt3070_rf_write(sc, 27, 0x03); 3077 3078 run_read(sc, RT3070_OPT_14, &tmp); 3079 run_write(sc, RT3070_OPT_14, tmp | 1); 3080 3081 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 3082 run_rt3070_rf_read(sc, 17, &rf); 3083 rf &= ~RT3070_TX_LO1; 3084 if ((sc->mac_ver == 0x3070 || 3085 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 3086 !sc->ext_2ghz_lna) 3087 rf |= 0x20; /* fix for long range Rx issue */ 3088 if (sc->txmixgain_2ghz >= 1) 3089 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 3090 run_rt3070_rf_write(sc, 17, rf); 3091 } 3092 if (sc->mac_ver == 0x3071) { 3093 run_rt3070_rf_read(sc, 1, &rf); 3094 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 3095 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 3096 run_rt3070_rf_write(sc, 1, rf); 3097 3098 run_rt3070_rf_read(sc, 15, &rf); 3099 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 3100 3101 run_rt3070_rf_read(sc, 20, &rf); 3102 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 3103 3104 run_rt3070_rf_read(sc, 21, &rf); 3105 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 3106 } 3107 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 3108 /* fix Tx to Rx IQ glitch by raising RF voltage */ 3109 run_rt3070_rf_read(sc, 27, &rf); 3110 rf &= ~0x77; 3111 if (sc->mac_rev < 0x0211) 3112 rf |= 0x03; 3113 run_rt3070_rf_write(sc, 27, rf); 3114 } 3115 return 0; 3116 } 3117 3118 int 3119 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 3120 uint8_t *val) 3121 { 3122 uint8_t rf22, rf24; 3123 uint8_t bbp55_pb, bbp55_sb, delta; 3124 int ntries; 3125 3126 /* program filter */ 3127 run_rt3070_rf_read(sc, 24, &rf24); 3128 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 3129 run_rt3070_rf_write(sc, 24, rf24); 3130 3131 /* enable baseband loopback mode */ 3132 run_rt3070_rf_read(sc, 22, &rf22); 3133 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 3134 3135 /* set power and frequency of passband test tone */ 3136 run_bbp_write(sc, 24, 0x00); 3137 for (ntries = 0; ntries < 100; ntries++) { 3138 /* transmit test tone */ 3139 run_bbp_write(sc, 25, 0x90); 3140 DELAY(1000); 3141 /* read received power */ 3142 run_bbp_read(sc, 55, &bbp55_pb); 3143 if (bbp55_pb != 0) 3144 break; 3145 } 3146 if (ntries == 100) 3147 return ETIMEDOUT; 3148 3149 /* set power and frequency of stopband test tone */ 3150 run_bbp_write(sc, 24, 0x06); 3151 for (ntries = 0; ntries < 100; ntries++) { 3152 /* transmit test tone */ 3153 run_bbp_write(sc, 25, 0x90); 3154 DELAY(1000); 3155 /* read received power */ 3156 run_bbp_read(sc, 55, &bbp55_sb); 3157 3158 delta = bbp55_pb - bbp55_sb; 3159 if (delta > target) 3160 break; 3161 3162 /* reprogram filter */ 3163 rf24++; 3164 run_rt3070_rf_write(sc, 24, rf24); 3165 } 3166 if (ntries < 100) { 3167 if (rf24 != init) 3168 rf24--; /* backtrack */ 3169 *val = rf24; 3170 run_rt3070_rf_write(sc, 24, rf24); 3171 } 3172 3173 /* restore initial state */ 3174 run_bbp_write(sc, 24, 0x00); 3175 3176 /* disable baseband loopback mode */ 3177 run_rt3070_rf_read(sc, 22, &rf22); 3178 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 3179 3180 return 0; 3181 } 3182 3183 void 3184 run_rt3070_rf_setup(struct run_softc *sc) 3185 { 3186 uint8_t bbp, rf; 3187 int i; 3188 3189 if (sc->mac_ver == 0x3572) { 3190 /* enable DC filter */ 3191 if (sc->mac_rev >= 0x0201) 3192 run_bbp_write(sc, 103, 0xc0); 3193 3194 run_bbp_read(sc, 138, &bbp); 3195 if (sc->ntxchains == 1) 3196 bbp |= 0x20; /* turn off DAC1 */ 3197 if (sc->nrxchains == 1) 3198 bbp &= ~0x02; /* turn off ADC1 */ 3199 run_bbp_write(sc, 138, bbp); 3200 3201 if (sc->mac_rev >= 0x0211) { 3202 /* improve power consumption */ 3203 run_bbp_read(sc, 31, &bbp); 3204 run_bbp_write(sc, 31, bbp & ~0x03); 3205 } 3206 3207 run_rt3070_rf_read(sc, 16, &rf); 3208 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 3209 run_rt3070_rf_write(sc, 16, rf); 3210 3211 } else if (sc->mac_ver == 0x3071) { 3212 /* enable DC filter */ 3213 if (sc->mac_rev >= 0x0201) 3214 run_bbp_write(sc, 103, 0xc0); 3215 3216 run_bbp_read(sc, 138, &bbp); 3217 if (sc->ntxchains == 1) 3218 bbp |= 0x20; /* turn off DAC1 */ 3219 if (sc->nrxchains == 1) 3220 bbp &= ~0x02; /* turn off ADC1 */ 3221 run_bbp_write(sc, 138, bbp); 3222 3223 if (sc->mac_rev >= 0x0211) { 3224 /* improve power consumption */ 3225 run_bbp_read(sc, 31, &bbp); 3226 run_bbp_write(sc, 31, bbp & ~0x03); 3227 } 3228 3229 run_write(sc, RT2860_TX_SW_CFG1, 0); 3230 if (sc->mac_rev < 0x0211) { 3231 run_write(sc, RT2860_TX_SW_CFG2, 3232 sc->patch_dac ? 0x2c : 0x0f); 3233 } else 3234 run_write(sc, RT2860_TX_SW_CFG2, 0); 3235 3236 } else if (sc->mac_ver == 0x3070) { 3237 if (sc->mac_rev >= 0x0201) { 3238 /* enable DC filter */ 3239 run_bbp_write(sc, 103, 0xc0); 3240 3241 /* improve power consumption */ 3242 run_bbp_read(sc, 31, &bbp); 3243 run_bbp_write(sc, 31, bbp & ~0x03); 3244 } 3245 3246 if (sc->mac_rev < 0x0211) { 3247 run_write(sc, RT2860_TX_SW_CFG1, 0); 3248 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 3249 } else 3250 run_write(sc, RT2860_TX_SW_CFG2, 0); 3251 } 3252 3253 /* initialize RF registers from ROM for >=RT3071*/ 3254 if (sc->mac_ver >= 0x3071) { 3255 for (i = 0; i < 10; i++) { 3256 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 3257 continue; 3258 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 3259 } 3260 } 3261 } 3262 3263 int 3264 run_txrx_enable(struct run_softc *sc) 3265 { 3266 uint32_t tmp; 3267 int error, ntries; 3268 3269 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 3270 for (ntries = 0; ntries < 200; ntries++) { 3271 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3272 return error; 3273 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3274 break; 3275 DELAY(1000); 3276 } 3277 if (ntries == 200) 3278 return ETIMEDOUT; 3279 3280 DELAY(50); 3281 3282 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 3283 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3284 3285 /* enable Rx bulk aggregation (set timeout and limit) */ 3286 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 3287 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 3288 run_write(sc, RT2860_USB_DMA_CFG, tmp); 3289 3290 /* set Rx filter */ 3291 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 3292 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) { 3293 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 3294 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 3295 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 3296 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 3297 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA) 3298 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 3299 } 3300 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 3301 3302 run_write(sc, RT2860_MAC_SYS_CTRL, 3303 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3304 3305 return 0; 3306 } 3307 3308 int 3309 run_init(struct ifnet *ifp) 3310 { 3311 struct run_softc *sc = ifp->if_softc; 3312 struct ieee80211com *ic = &sc->sc_ic; 3313 uint32_t tmp; 3314 uint8_t bbp1, bbp3; 3315 int i, error, qid, ridx, ntries; 3316 3317 if (usbd_is_dying(sc->sc_udev)) 3318 return ENXIO; 3319 3320 for (ntries = 0; ntries < 100; ntries++) { 3321 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0) 3322 goto fail; 3323 if (tmp != 0 && tmp != 0xffffffff) 3324 break; 3325 DELAY(10); 3326 } 3327 if (ntries == 100) { 3328 error = ETIMEDOUT; 3329 goto fail; 3330 } 3331 3332 if ((error = run_load_microcode(sc)) != 0) { 3333 printf("%s: could not load 8051 microcode\n", 3334 sc->sc_dev.dv_xname); 3335 goto fail; 3336 } 3337 3338 /* init host command ring */ 3339 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 3340 3341 /* init Tx rings (4 EDCAs) */ 3342 for (qid = 0; qid < 4; qid++) { 3343 if ((error = run_alloc_tx_ring(sc, qid)) != 0) 3344 goto fail; 3345 } 3346 /* init Rx ring */ 3347 if ((error = run_alloc_rx_ring(sc)) != 0) 3348 goto fail; 3349 3350 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 3351 run_set_macaddr(sc, ic->ic_myaddr); 3352 3353 for (ntries = 0; ntries < 100; ntries++) { 3354 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 3355 goto fail; 3356 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 3357 break; 3358 DELAY(1000); 3359 } 3360 if (ntries == 100) { 3361 printf("%s: timeout waiting for DMA engine\n", 3362 sc->sc_dev.dv_xname); 3363 error = ETIMEDOUT; 3364 goto fail; 3365 } 3366 tmp &= 0xff0; 3367 tmp |= RT2860_TX_WB_DDONE; 3368 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 3369 3370 /* turn off PME_OEN to solve high-current issue */ 3371 run_read(sc, RT2860_SYS_CTRL, &tmp); 3372 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 3373 3374 run_write(sc, RT2860_MAC_SYS_CTRL, 3375 RT2860_BBP_HRST | RT2860_MAC_SRST); 3376 run_write(sc, RT2860_USB_DMA_CFG, 0); 3377 3378 if ((error = run_reset(sc)) != 0) { 3379 printf("%s: could not reset chipset\n", sc->sc_dev.dv_xname); 3380 goto fail; 3381 } 3382 3383 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3384 3385 /* init Tx power for all Tx rates (from EEPROM) */ 3386 for (ridx = 0; ridx < 5; ridx++) { 3387 if (sc->txpow20mhz[ridx] == 0xffffffff) 3388 continue; 3389 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 3390 } 3391 3392 for (i = 0; i < nitems(rt2870_def_mac); i++) 3393 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 3394 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 3395 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 3396 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 3397 3398 if (sc->mac_ver >= 0x3070) { 3399 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 3400 run_write(sc, RT2860_TX_SW_CFG0, 3401 4 << RT2860_DLY_PAPE_EN_SHIFT); 3402 } 3403 3404 /* wait while MAC is busy */ 3405 for (ntries = 0; ntries < 100; ntries++) { 3406 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0) 3407 goto fail; 3408 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 3409 break; 3410 DELAY(1000); 3411 } 3412 if (ntries == 100) { 3413 error = ETIMEDOUT; 3414 goto fail; 3415 } 3416 3417 /* clear Host to MCU mailbox */ 3418 run_write(sc, RT2860_H2M_BBPAGENT, 0); 3419 run_write(sc, RT2860_H2M_MAILBOX, 0); 3420 DELAY(1000); 3421 3422 if ((error = run_bbp_init(sc)) != 0) { 3423 printf("%s: could not initialize BBP\n", sc->sc_dev.dv_xname); 3424 goto fail; 3425 } 3426 3427 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3428 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 3429 RT2860_TBTT_TIMER_EN); 3430 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3431 3432 /* clear RX WCID search table */ 3433 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 3434 /* clear WCID attribute table */ 3435 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 3436 /* clear shared key table */ 3437 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 3438 /* clear shared key mode */ 3439 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 3440 3441 run_read(sc, RT2860_US_CYC_CNT, &tmp); 3442 tmp = (tmp & ~0xff) | 0x1e; 3443 run_write(sc, RT2860_US_CYC_CNT, tmp); 3444 3445 if (sc->mac_rev != 0x0101) 3446 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 3447 3448 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 3449 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 3450 3451 /* write vendor-specific BBP values (from EEPROM) */ 3452 for (i = 0; i < 8; i++) { 3453 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 3454 continue; 3455 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 3456 } 3457 3458 /* select Main antenna for 1T1R devices */ 3459 if (sc->rf_rev == RT3070_RF_3020) 3460 run_set_rx_antenna(sc, 0); 3461 3462 /* send LEDs operating mode to microcontroller */ 3463 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 3464 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 3465 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 3466 3467 if (sc->mac_ver >= 0x3070) 3468 run_rt3070_rf_init(sc); 3469 3470 /* disable non-existing Rx chains */ 3471 run_bbp_read(sc, 3, &bbp3); 3472 bbp3 &= ~(1 << 3 | 1 << 4); 3473 if (sc->nrxchains == 2) 3474 bbp3 |= 1 << 3; 3475 else if (sc->nrxchains == 3) 3476 bbp3 |= 1 << 4; 3477 run_bbp_write(sc, 3, bbp3); 3478 3479 /* disable non-existing Tx chains */ 3480 run_bbp_read(sc, 1, &bbp1); 3481 if (sc->ntxchains == 1) 3482 bbp1 &= ~(1 << 3 | 1 << 4); 3483 run_bbp_write(sc, 1, bbp1); 3484 3485 if (sc->mac_ver >= 0x3070) 3486 run_rt3070_rf_setup(sc); 3487 3488 /* select default channel */ 3489 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 3490 run_set_chan(sc, ic->ic_ibss_chan); 3491 3492 /* turn radio LED on */ 3493 run_set_leds(sc, RT2860_LED_RADIO); 3494 3495 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 3496 struct run_rx_data *data = &sc->rxq.data[i]; 3497 3498 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf, 3499 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 3500 USBD_NO_TIMEOUT, run_rxeof); 3501 error = usbd_transfer(data->xfer); 3502 if (error != 0 && error != USBD_IN_PROGRESS) 3503 goto fail; 3504 } 3505 3506 if ((error = run_txrx_enable(sc)) != 0) 3507 goto fail; 3508 3509 ifp->if_flags &= ~IFF_OACTIVE; 3510 ifp->if_flags |= IFF_RUNNING; 3511 3512 if (ic->ic_flags & IEEE80211_F_WEPON) { 3513 /* install WEP keys */ 3514 for (i = 0; i < IEEE80211_WEP_NKID; i++) 3515 (void)run_set_key(ic, NULL, &ic->ic_nw_keys[i]); 3516 } 3517 3518 if (ic->ic_opmode == IEEE80211_M_MONITOR) 3519 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3520 else 3521 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3522 3523 if (error != 0) 3524 fail: run_stop(ifp, 1); 3525 return error; 3526 } 3527 3528 void 3529 run_stop(struct ifnet *ifp, int disable) 3530 { 3531 struct run_softc *sc = ifp->if_softc; 3532 struct ieee80211com *ic = &sc->sc_ic; 3533 uint32_t tmp; 3534 int s, ntries, qid; 3535 3536 if (ifp->if_flags & IFF_RUNNING) 3537 run_set_leds(sc, 0); /* turn all LEDs off */ 3538 3539 sc->sc_tx_timer = 0; 3540 ifp->if_timer = 0; 3541 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3542 3543 timeout_del(&sc->scan_to); 3544 timeout_del(&sc->calib_to); 3545 3546 s = splusb(); 3547 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3548 /* wait for all queued asynchronous commands to complete */ 3549 usb_wait_task(sc->sc_udev, &sc->sc_task); 3550 splx(s); 3551 3552 /* disable Tx/Rx */ 3553 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 3554 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 3555 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 3556 3557 /* wait for pending Tx to complete */ 3558 for (ntries = 0; ntries < 100; ntries++) { 3559 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) 3560 break; 3561 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) 3562 break; 3563 } 3564 DELAY(1000); 3565 run_write(sc, RT2860_USB_DMA_CFG, 0); 3566 3567 /* reset adapter */ 3568 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 3569 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 3570 3571 /* reset Tx and Rx rings */ 3572 sc->qfullmsk = 0; 3573 for (qid = 0; qid < 4; qid++) 3574 run_free_tx_ring(sc, qid); 3575 run_free_rx_ring(sc); 3576 } 3577 3578 int 3579 run_activate(struct device *self, int act) 3580 { 3581 struct run_softc *sc = (struct run_softc *)self; 3582 3583 switch (act) { 3584 case DVACT_DEACTIVATE: 3585 usbd_deactivate(sc->sc_udev); 3586 break; 3587 } 3588 3589 return 0; 3590 } 3591