1 /* $OpenBSD: if_run.c,v 1.136 2022/04/21 21:03:03 stsp Exp $ */ 2 3 /*- 4 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 22 * http://www.ralinktech.com/ 23 */ 24 25 #include "bpfilter.h" 26 27 #include <sys/param.h> 28 #include <sys/sockio.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/timeout.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 #include <sys/endian.h> 37 38 #include <machine/intr.h> 39 40 #if NBPFILTER > 0 41 #include <net/bpf.h> 42 #endif 43 #include <net/if.h> 44 #include <net/if_dl.h> 45 #include <net/if_media.h> 46 47 #include <netinet/in.h> 48 #include <netinet/if_ether.h> 49 50 #include <net80211/ieee80211_var.h> 51 #include <net80211/ieee80211_amrr.h> 52 #include <net80211/ieee80211_radiotap.h> 53 54 #include <dev/usb/usb.h> 55 #include <dev/usb/usbdi.h> 56 #include <dev/usb/usbdi_util.h> 57 #include <dev/usb/usbdevs.h> 58 59 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */ 60 #include <dev/usb/if_runvar.h> 61 62 #ifdef RUN_DEBUG 63 #define DPRINTF(x) do { if (run_debug) printf x; } while (0) 64 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0) 65 int run_debug = 0; 66 #else 67 #define DPRINTF(x) 68 #define DPRINTFN(n, x) 69 #endif 70 71 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p } 72 static const struct usb_devno run_devs[] = { 73 USB_ID(ABOCOM, RT2770), 74 USB_ID(ABOCOM, RT2870), 75 USB_ID(ABOCOM, RT3070), 76 USB_ID(ABOCOM, RT3071), 77 USB_ID(ABOCOM, RT3072), 78 USB_ID(ABOCOM2, RT2870_1), 79 USB_ID(ACCTON, RT2770), 80 USB_ID(ACCTON, RT2870_1), 81 USB_ID(ACCTON, RT2870_2), 82 USB_ID(ACCTON, RT2870_3), 83 USB_ID(ACCTON, RT2870_4), 84 USB_ID(ACCTON, RT2870_5), 85 USB_ID(ACCTON, RT3070), 86 USB_ID(ACCTON, RT3070_1), 87 USB_ID(ACCTON, RT3070_2), 88 USB_ID(ACCTON, RT3070_3), 89 USB_ID(ACCTON, RT3070_4), 90 USB_ID(ACCTON, RT3070_5), 91 USB_ID(ACCTON, RT3070_6), 92 USB_ID(AIRTIES, RT3070), 93 USB_ID(AIRTIES, RT3070_2), 94 USB_ID(ALLWIN, RT2070), 95 USB_ID(ALLWIN, RT2770), 96 USB_ID(ALLWIN, RT2870), 97 USB_ID(ALLWIN, RT3070), 98 USB_ID(ALLWIN, RT3071), 99 USB_ID(ALLWIN, RT3072), 100 USB_ID(ALLWIN, RT3572), 101 USB_ID(AMIGO, RT2870_1), 102 USB_ID(AMIGO, RT2870_2), 103 USB_ID(AMIT, CGWLUSB2GNR), 104 USB_ID(AMIT, RT2870_1), 105 USB_ID(AMIT2, RT2870), 106 USB_ID(ASUS, RT2870_1), 107 USB_ID(ASUS, RT2870_2), 108 USB_ID(ASUS, RT2870_3), 109 USB_ID(ASUS, RT2870_4), 110 USB_ID(ASUS, RT2870_5), 111 USB_ID(ASUS, RT3070_1), 112 USB_ID(ASUS, USBN13), 113 USB_ID(ASUS, USBN53), 114 USB_ID(ASUS, USBN66), 115 USB_ID(ASUS2, USBN11), 116 USB_ID(AZUREWAVE, RT2870_1), 117 USB_ID(AZUREWAVE, RT2870_2), 118 USB_ID(AZUREWAVE, RT3070_1), 119 USB_ID(AZUREWAVE, RT3070_2), 120 USB_ID(AZUREWAVE, RT3070_3), 121 USB_ID(AZUREWAVE, RT3070_4), 122 USB_ID(AZUREWAVE, RT3070_5), 123 USB_ID(BELKIN, F9L1103), 124 USB_ID(BELKIN, F5D8053V3), 125 USB_ID(BELKIN, F5D8055), 126 USB_ID(BELKIN, F5D8055V2), 127 USB_ID(BELKIN, F6D4050V1), 128 USB_ID(BELKIN, F6D4050V2), 129 USB_ID(BELKIN, F7D1101V2), 130 USB_ID(BELKIN, RT2870_1), 131 USB_ID(BELKIN, RT2870_2), 132 USB_ID(BEWAN, RT3070), 133 USB_ID(CISCOLINKSYS, AE1000), 134 USB_ID(CISCOLINKSYS, AM10), 135 USB_ID(CISCOLINKSYS2, RT3070), 136 USB_ID(CISCOLINKSYS3, RT3070), 137 USB_ID(CONCEPTRONIC2, RT2870_1), 138 USB_ID(CONCEPTRONIC2, RT2870_2), 139 USB_ID(CONCEPTRONIC2, RT2870_3), 140 USB_ID(CONCEPTRONIC2, RT2870_5), 141 USB_ID(CONCEPTRONIC2, RT2870_6), 142 USB_ID(CONCEPTRONIC2, RT2870_7), 143 USB_ID(CONCEPTRONIC2, RT2870_8), 144 USB_ID(CONCEPTRONIC2, RT3070_1), 145 USB_ID(CONCEPTRONIC2, RT3070_2), 146 USB_ID(CONCEPTRONIC2, RT3070_3), 147 USB_ID(CONCEPTRONIC2, VIGORN61), 148 USB_ID(COREGA, CGWLUSB300GNM), 149 USB_ID(COREGA, RT2870_1), 150 USB_ID(COREGA, RT2870_2), 151 USB_ID(COREGA, RT2870_3), 152 USB_ID(COREGA, RT3070), 153 USB_ID(CYBERTAN, RT2870), 154 USB_ID(DLINK, DWA125B2), 155 USB_ID(DLINK, DWA127), 156 USB_ID(DLINK, DWA130F1), 157 USB_ID(DLINK, DWA137A1), 158 USB_ID(DLINK, DWA140B3), 159 USB_ID(DLINK, DWA140D1), 160 USB_ID(DLINK, DWA160B2), 161 USB_ID(DLINK, DWA162), 162 USB_ID(DLINK, RT2870), 163 USB_ID(DLINK, RT3072), 164 USB_ID(DLINK2, DWA130), 165 USB_ID(DLINK2, RT2870_1), 166 USB_ID(DLINK2, RT2870_2), 167 USB_ID(DLINK2, RT3070_1), 168 USB_ID(DLINK2, RT3070_2), 169 USB_ID(DLINK2, RT3070_3), 170 USB_ID(DLINK2, RT3070_4), 171 USB_ID(DLINK2, RT3070_5), 172 USB_ID(DLINK2, RT3072), 173 USB_ID(DLINK2, RT3072_1), 174 USB_ID(DVICO, RT3070), 175 USB_ID(EDIMAX, EW7717), 176 USB_ID(EDIMAX, EW7718), 177 USB_ID(EDIMAX, EW7722UTN), 178 USB_ID(EDIMAX, RT2870_1), 179 USB_ID(ENCORE, RT3070_1), 180 USB_ID(ENCORE, RT3070_2), 181 USB_ID(ENCORE, RT3070_3), 182 USB_ID(GIGABYTE, GNWB31N), 183 USB_ID(GIGABYTE, GNWB32L), 184 USB_ID(GIGABYTE, RT2870_1), 185 USB_ID(GIGASET, RT3070_1), 186 USB_ID(GIGASET, RT3070_2), 187 USB_ID(GUILLEMOT, HWNU300), 188 USB_ID(HAWKING, HWDN2), 189 USB_ID(HAWKING, HWUN2), 190 USB_ID(HAWKING, RT2870_1), 191 USB_ID(HAWKING, RT2870_2), 192 USB_ID(HAWKING, RT2870_3), 193 USB_ID(HAWKING, RT2870_4), 194 USB_ID(HAWKING, RT2870_5), 195 USB_ID(IODATA, RT3072_1), 196 USB_ID(IODATA, RT3072_2), 197 USB_ID(IODATA, RT3072_3), 198 USB_ID(IODATA, RT3072_4), 199 USB_ID(LINKSYS4, RT3070), 200 USB_ID(LINKSYS4, WUSB100), 201 USB_ID(LINKSYS4, WUSB54GCV3), 202 USB_ID(LINKSYS4, WUSB600N), 203 USB_ID(LINKSYS4, WUSB600NV2), 204 USB_ID(LOGITEC, LANW150NU2), 205 USB_ID(LOGITEC, LANW300NU2), 206 USB_ID(LOGITEC, LANW300NU2S), 207 USB_ID(LOGITEC, RT2870_1), 208 USB_ID(LOGITEC, RT2870_2), 209 USB_ID(LOGITEC, RT2870_3), 210 USB_ID(MELCO, RT2870_1), 211 USB_ID(MELCO, RT2870_2), 212 USB_ID(MELCO, WLIUCAG300N), 213 USB_ID(MELCO, WLIUCG300N), 214 USB_ID(MELCO, WLIUCG301N), 215 USB_ID(MELCO, WLIUCGN), 216 USB_ID(MELCO, WLIUCGNHP), 217 USB_ID(MELCO, WLIUCGNM), 218 USB_ID(MELCO, WLIUCGNM2), 219 USB_ID(MOTOROLA4, RT2770), 220 USB_ID(MOTOROLA4, RT3070), 221 USB_ID(MSI, RT3070_1), 222 USB_ID(MSI, RT3070_2), 223 USB_ID(MSI, RT3070_3), 224 USB_ID(MSI, RT3070_4), 225 USB_ID(MSI, RT3070_5), 226 USB_ID(MSI, RT3070_6), 227 USB_ID(MSI, RT3070_7), 228 USB_ID(MSI, RT3070_8), 229 USB_ID(MSI, RT3070_9), 230 USB_ID(MSI, RT3070_10), 231 USB_ID(MSI, RT3070_11), 232 USB_ID(MSI, RT3070_12), 233 USB_ID(MSI, RT3070_13), 234 USB_ID(MSI, RT3070_14), 235 USB_ID(MSI, RT3070_15), 236 USB_ID(OVISLINK, RT3071), 237 USB_ID(OVISLINK, RT3072), 238 USB_ID(PARA, RT3070), 239 USB_ID(PEGATRON, RT2870), 240 USB_ID(PEGATRON, RT3070), 241 USB_ID(PEGATRON, RT3070_2), 242 USB_ID(PEGATRON, RT3070_3), 243 USB_ID(PEGATRON, RT3072), 244 USB_ID(PHILIPS, RT2870), 245 USB_ID(PLANEX2, GWUS300MINIS), 246 USB_ID(PLANEX2, GWUSMICRO300), 247 USB_ID(PLANEX2, GWUSMICRON), 248 USB_ID(PLANEX2, RT2870), 249 USB_ID(PLANEX2, RT3070), 250 USB_ID(QCOM, RT2870), 251 USB_ID(QUANTA, RT3070), 252 USB_ID(RALINK, RT2070), 253 USB_ID(RALINK, RT2770), 254 USB_ID(RALINK, RT2870), 255 USB_ID(RALINK, RT3070), 256 USB_ID(RALINK, RT3071), 257 USB_ID(RALINK, RT3072), 258 USB_ID(RALINK, RT3370), 259 USB_ID(RALINK, RT3572), 260 USB_ID(RALINK, RT3573), 261 USB_ID(RALINK, RT5370), 262 USB_ID(RALINK, RT5572), 263 USB_ID(RALINK, RT8070), 264 USB_ID(SAMSUNG, WIS09ABGN), 265 USB_ID(SAMSUNG2, RT2870_1), 266 USB_ID(SENAO, RT2870_1), 267 USB_ID(SENAO, RT2870_2), 268 USB_ID(SENAO, RT2870_3), 269 USB_ID(SENAO, RT2870_4), 270 USB_ID(SENAO, RT3070), 271 USB_ID(SENAO, RT3071), 272 USB_ID(SENAO, RT3072_1), 273 USB_ID(SENAO, RT3072_2), 274 USB_ID(SENAO, RT3072_3), 275 USB_ID(SENAO, RT3072_4), 276 USB_ID(SENAO, RT3072_5), 277 USB_ID(SITECOMEU, WL302), 278 USB_ID(SITECOMEU, WL315), 279 USB_ID(SITECOMEU, WL321), 280 USB_ID(SITECOMEU, RT3070_3), 281 USB_ID(SITECOMEU, WL302), 282 USB_ID(SITECOMEU, WL344), 283 USB_ID(SITECOMEU, WL329), 284 USB_ID(SITECOMEU, WL345), 285 USB_ID(SITECOMEU, RT2870_1), 286 USB_ID(SITECOMEU, RT2870_2), 287 USB_ID(SITECOMEU, RT2870_3), 288 USB_ID(SITECOMEU, RT3070_1), 289 USB_ID(SITECOMEU, RT3072_3), 290 USB_ID(SITECOMEU, RT3072_4), 291 USB_ID(SITECOMEU, RT3072_5), 292 USB_ID(SITECOMEU, RT3072_6), 293 USB_ID(SITECOMEU, WL302), 294 USB_ID(SITECOMEU, WL315), 295 USB_ID(SITECOMEU, WL321), 296 USB_ID(SITECOMEU, WL324), 297 USB_ID(SITECOMEU, WL329), 298 USB_ID(SITECOMEU, WL343), 299 USB_ID(SITECOMEU, WL344), 300 USB_ID(SITECOMEU, WL345), 301 USB_ID(SITECOMEU, WL349V4), 302 USB_ID(SITECOMEU, WL608), 303 USB_ID(SITECOMEU, WLA4000), 304 USB_ID(SITECOMEU, WLA5000), 305 USB_ID(SPARKLAN, RT2870_1), 306 USB_ID(SPARKLAN, RT2870_2), 307 USB_ID(SPARKLAN, RT3070), 308 USB_ID(SWEEX2, LW153), 309 USB_ID(SWEEX2, LW303), 310 USB_ID(SWEEX2, LW313), 311 USB_ID(TOSHIBA, RT3070), 312 USB_ID(UMEDIA, RT2870_1), 313 USB_ID(UMEDIA, TEW645UB), 314 USB_ID(ZCOM, RT2870_1), 315 USB_ID(ZCOM, RT2870_2), 316 USB_ID(ZINWELL, RT2870_1), 317 USB_ID(ZINWELL, RT2870_2), 318 USB_ID(ZINWELL, RT3070), 319 USB_ID(ZINWELL, RT3072_1), 320 USB_ID(ZINWELL, RT3072_2), 321 USB_ID(ZYXEL, NWD2105), 322 USB_ID(ZYXEL, NWD211AN), 323 USB_ID(ZYXEL, RT2870_1), 324 USB_ID(ZYXEL, RT2870_2), 325 USB_ID(ZYXEL, RT3070) 326 }; 327 328 int run_match(struct device *, void *, void *); 329 void run_attach(struct device *, struct device *, void *); 330 int run_detach(struct device *, int); 331 int run_alloc_rx_ring(struct run_softc *); 332 void run_free_rx_ring(struct run_softc *); 333 int run_alloc_tx_ring(struct run_softc *, int); 334 void run_free_tx_ring(struct run_softc *, int); 335 int run_load_microcode(struct run_softc *); 336 int run_reset(struct run_softc *); 337 int run_read(struct run_softc *, uint16_t, uint32_t *); 338 int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, 339 int); 340 int run_write_2(struct run_softc *, uint16_t, uint16_t); 341 int run_write(struct run_softc *, uint16_t, uint32_t); 342 int run_write_region_1(struct run_softc *, uint16_t, 343 const uint8_t *, int); 344 int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 345 int run_efuse_read(struct run_softc *, uint16_t, uint16_t *); 346 int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 347 int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 348 int run_rt2870_rf_write(struct run_softc *, uint8_t, uint32_t); 349 int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 350 int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 351 int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 352 int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 353 int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 354 const char * run_get_rf(int); 355 void run_get_txpower(struct run_softc *); 356 void run_rt3593_get_txpower(struct run_softc *); 357 int run_read_eeprom(struct run_softc *); 358 struct ieee80211_node *run_node_alloc(struct ieee80211com *); 359 int run_media_change(struct ifnet *); 360 void run_next_scan(void *); 361 void run_task(void *); 362 void run_do_async(struct run_softc *, void (*)(struct run_softc *, 363 void *), void *, int); 364 int run_newstate(struct ieee80211com *, enum ieee80211_state, int); 365 void run_newstate_cb(struct run_softc *, void *); 366 void run_updateedca(struct ieee80211com *); 367 void run_updateedca_cb(struct run_softc *, void *); 368 int run_set_key(struct ieee80211com *, struct ieee80211_node *, 369 struct ieee80211_key *); 370 void run_set_key_cb(struct run_softc *, void *); 371 void run_delete_key(struct ieee80211com *, struct ieee80211_node *, 372 struct ieee80211_key *); 373 void run_delete_key_cb(struct run_softc *, void *); 374 void run_calibrate_to(void *); 375 void run_calibrate_cb(struct run_softc *, void *); 376 void run_newassoc(struct ieee80211com *, struct ieee80211_node *, 377 int); 378 void run_rx_frame(struct run_softc *, uint8_t *, int, 379 struct mbuf_list *); 380 void run_rxeof(struct usbd_xfer *, void *, usbd_status); 381 void run_txeof(struct usbd_xfer *, void *, usbd_status); 382 int run_tx(struct run_softc *, struct mbuf *, 383 struct ieee80211_node *); 384 void run_start(struct ifnet *); 385 void run_watchdog(struct ifnet *); 386 int run_ioctl(struct ifnet *, u_long, caddr_t); 387 void run_iq_calib(struct run_softc *, u_int); 388 void run_select_chan_group(struct run_softc *, int); 389 void run_set_agc(struct run_softc *, uint8_t); 390 void run_set_rx_antenna(struct run_softc *, int); 391 void run_rt2870_set_chan(struct run_softc *, u_int); 392 void run_rt3070_set_chan(struct run_softc *, u_int); 393 void run_rt3572_set_chan(struct run_softc *, u_int); 394 void run_rt3593_set_chan(struct run_softc *, u_int); 395 void run_rt5390_set_chan(struct run_softc *, u_int); 396 void run_rt5592_set_chan(struct run_softc *, u_int); 397 int run_set_chan(struct run_softc *, struct ieee80211_channel *); 398 void run_enable_tsf_sync(struct run_softc *); 399 void run_enable_mrr(struct run_softc *); 400 void run_set_txpreamble(struct run_softc *); 401 void run_set_basicrates(struct run_softc *); 402 void run_set_leds(struct run_softc *, uint16_t); 403 void run_set_bssid(struct run_softc *, const uint8_t *); 404 void run_set_macaddr(struct run_softc *, const uint8_t *); 405 void run_updateslot(struct ieee80211com *); 406 void run_updateslot_cb(struct run_softc *, void *); 407 #if NBPFILTER > 0 408 int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 409 #endif 410 void run_rt5390_bbp_init(struct run_softc *); 411 int run_bbp_init(struct run_softc *); 412 int run_rt3070_rf_init(struct run_softc *); 413 void run_rt3593_rf_init(struct run_softc *); 414 void run_rt5390_rf_init(struct run_softc *); 415 int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 416 uint8_t *); 417 void run_rt3070_rf_setup(struct run_softc *); 418 void run_rt3593_rf_setup(struct run_softc *); 419 void run_rt5390_rf_setup(struct run_softc *); 420 int run_txrx_enable(struct run_softc *); 421 void run_adjust_freq_offset(struct run_softc *); 422 int run_init(struct ifnet *); 423 void run_stop(struct ifnet *, int); 424 425 struct cfdriver run_cd = { 426 NULL, "run", DV_IFNET 427 }; 428 429 const struct cfattach run_ca = { 430 sizeof (struct run_softc), run_match, run_attach, run_detach 431 }; 432 433 static const struct { 434 uint32_t reg; 435 uint32_t val; 436 } rt2870_def_mac[] = { 437 RT2870_DEF_MAC 438 }; 439 440 static const struct { 441 uint8_t reg; 442 uint8_t val; 443 } rt2860_def_bbp[] = { 444 RT2860_DEF_BBP 445 },rt5390_def_bbp[] = { 446 RT5390_DEF_BBP 447 },rt5592_def_bbp[] = { 448 RT5592_DEF_BBP 449 }; 450 451 /* 452 * Default values for BBP register R196 for RT5592. 453 */ 454 static const uint8_t rt5592_bbp_r196[] = { 455 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 456 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 457 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 458 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 459 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 460 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 461 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 462 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 463 0x2e, 0x36, 0x30, 0x6e 464 }; 465 466 static const struct rfprog { 467 uint8_t chan; 468 uint32_t r1, r2, r3, r4; 469 } rt2860_rf2850[] = { 470 RT2860_RF2850 471 }; 472 473 struct { 474 uint8_t n, r, k; 475 } rt3070_freqs[] = { 476 RT3070_RF3052 477 }; 478 479 static const struct rt5592_freqs { 480 uint16_t n; 481 uint8_t k, m, r; 482 } rt5592_freqs_20mhz[] = { 483 RT5592_RF5592_20MHZ 484 },rt5592_freqs_40mhz[] = { 485 RT5592_RF5592_40MHZ 486 }; 487 488 static const struct { 489 uint8_t reg; 490 uint8_t val; 491 } rt3070_def_rf[] = { 492 RT3070_DEF_RF 493 },rt3572_def_rf[] = { 494 RT3572_DEF_RF 495 },rt3593_def_rf[] = { 496 RT3593_DEF_RF 497 },rt5390_def_rf[] = { 498 RT5390_DEF_RF 499 },rt5392_def_rf[] = { 500 RT5392_DEF_RF 501 },rt5592_def_rf[] = { 502 RT5592_DEF_RF 503 },rt5592_2ghz_def_rf[] = { 504 RT5592_2GHZ_DEF_RF 505 },rt5592_5ghz_def_rf[] = { 506 RT5592_5GHZ_DEF_RF 507 }; 508 509 static const struct { 510 u_int firstchan; 511 u_int lastchan; 512 uint8_t reg; 513 uint8_t val; 514 } rt5592_chan_5ghz[] = { 515 RT5592_CHAN_5GHZ 516 }; 517 518 int 519 run_match(struct device *parent, void *match, void *aux) 520 { 521 struct usb_attach_arg *uaa = aux; 522 523 if (uaa->iface == NULL || uaa->configno != 1) 524 return UMATCH_NONE; 525 526 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ? 527 UMATCH_VENDOR_PRODUCT_CONF_IFACE : UMATCH_NONE; 528 } 529 530 void 531 run_attach(struct device *parent, struct device *self, void *aux) 532 { 533 struct run_softc *sc = (struct run_softc *)self; 534 struct usb_attach_arg *uaa = aux; 535 struct ieee80211com *ic = &sc->sc_ic; 536 struct ifnet *ifp = &ic->ic_if; 537 usb_interface_descriptor_t *id; 538 usb_endpoint_descriptor_t *ed; 539 int i, nrx, ntx, ntries; 540 uint32_t ver; 541 542 sc->sc_udev = uaa->device; 543 sc->sc_iface = uaa->iface; 544 545 /* 546 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX 547 * and 6 for TX (4 EDCAs + HCCA + Prio). 548 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 549 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 550 */ 551 nrx = ntx = 0; 552 id = usbd_get_interface_descriptor(sc->sc_iface); 553 for (i = 0; i < id->bNumEndpoints; i++) { 554 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 555 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK) 556 continue; 557 558 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) { 559 sc->rxq.pipe_no = ed->bEndpointAddress; 560 nrx++; 561 } else if (ntx < 4) { 562 sc->txq[ntx].pipe_no = ed->bEndpointAddress; 563 ntx++; 564 } 565 } 566 /* make sure we've got them all */ 567 if (nrx < 1 || ntx < 4) { 568 printf("%s: missing endpoint\n", sc->sc_dev.dv_xname); 569 return; 570 } 571 572 usb_init_task(&sc->sc_task, run_task, sc, USB_TASK_TYPE_GENERIC); 573 timeout_set(&sc->scan_to, run_next_scan, sc); 574 timeout_set(&sc->calib_to, run_calibrate_to, sc); 575 576 sc->amrr.amrr_min_success_threshold = 1; 577 sc->amrr.amrr_max_success_threshold = 10; 578 579 /* wait for the chip to settle */ 580 for (ntries = 0; ntries < 100; ntries++) { 581 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) 582 return; 583 if (ver != 0 && ver != 0xffffffff) 584 break; 585 DELAY(10); 586 } 587 if (ntries == 100) { 588 printf("%s: timeout waiting for NIC to initialize\n", 589 sc->sc_dev.dv_xname); 590 return; 591 } 592 sc->mac_ver = ver >> 16; 593 sc->mac_rev = ver & 0xffff; 594 595 /* retrieve RF rev. no and various other things from EEPROM */ 596 run_read_eeprom(sc); 597 598 printf("%s: MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), " 599 "address %s\n", sc->sc_dev.dv_xname, sc->mac_ver, 600 sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains, 601 sc->nrxchains, ether_sprintf(ic->ic_myaddr)); 602 603 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 604 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 605 ic->ic_state = IEEE80211_S_INIT; 606 607 /* set device capabilities */ 608 ic->ic_caps = 609 IEEE80211_C_MONITOR | /* monitor mode supported */ 610 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 611 IEEE80211_C_SHSLOT | /* short slot time supported */ 612 IEEE80211_C_WEP | /* WEP */ 613 IEEE80211_C_RSN; /* WPA/RSN */ 614 615 if (sc->rf_rev == RT2860_RF_2750 || 616 sc->rf_rev == RT2860_RF_2850 || 617 sc->rf_rev == RT3070_RF_3052 || 618 sc->rf_rev == RT3070_RF_3053 || 619 sc->rf_rev == RT5592_RF_5592) { 620 /* set supported .11a rates */ 621 ic->ic_sup_rates[IEEE80211_MODE_11A] = 622 ieee80211_std_rateset_11a; 623 624 /* set supported .11a channels */ 625 for (i = 14; i < nitems(rt2860_rf2850); i++) { 626 uint8_t chan = rt2860_rf2850[i].chan; 627 ic->ic_channels[chan].ic_freq = 628 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 629 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 630 } 631 } 632 633 /* set supported .11b and .11g rates */ 634 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 635 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 636 637 /* set supported .11b and .11g channels (1 through 14) */ 638 for (i = 1; i <= 14; i++) { 639 ic->ic_channels[i].ic_freq = 640 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 641 ic->ic_channels[i].ic_flags = 642 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 643 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 644 } 645 646 ifp->if_softc = sc; 647 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 648 ifp->if_ioctl = run_ioctl; 649 ifp->if_start = run_start; 650 ifp->if_watchdog = run_watchdog; 651 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 652 653 if_attach(ifp); 654 ieee80211_ifattach(ifp); 655 ic->ic_node_alloc = run_node_alloc; 656 ic->ic_newassoc = run_newassoc; 657 ic->ic_updateslot = run_updateslot; 658 ic->ic_updateedca = run_updateedca; 659 ic->ic_set_key = run_set_key; 660 ic->ic_delete_key = run_delete_key; 661 /* override state transition machine */ 662 sc->sc_newstate = ic->ic_newstate; 663 ic->ic_newstate = run_newstate; 664 ieee80211_media_init(ifp, run_media_change, ieee80211_media_status); 665 666 #if NBPFILTER > 0 667 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 668 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 669 670 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 671 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 672 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT); 673 674 sc->sc_txtap_len = sizeof sc->sc_txtapu; 675 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 676 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT); 677 #endif 678 } 679 680 int 681 run_detach(struct device *self, int flags) 682 { 683 struct run_softc *sc = (struct run_softc *)self; 684 struct ifnet *ifp = &sc->sc_ic.ic_if; 685 int qid, s; 686 687 s = splusb(); 688 689 if (timeout_initialized(&sc->scan_to)) 690 timeout_del(&sc->scan_to); 691 if (timeout_initialized(&sc->calib_to)) 692 timeout_del(&sc->calib_to); 693 694 /* wait for all queued asynchronous commands to complete */ 695 usb_rem_wait_task(sc->sc_udev, &sc->sc_task); 696 697 usbd_ref_wait(sc->sc_udev); 698 699 if (ifp->if_softc != NULL) { 700 ifp->if_flags &= ~IFF_RUNNING; 701 ifq_clr_oactive(&ifp->if_snd); 702 ieee80211_ifdetach(ifp); 703 if_detach(ifp); 704 } 705 706 for (qid = 0; qid < 4; qid++) 707 run_free_tx_ring(sc, qid); 708 run_free_rx_ring(sc); 709 710 splx(s); 711 712 return 0; 713 } 714 715 int 716 run_alloc_rx_ring(struct run_softc *sc) 717 { 718 struct run_rx_ring *rxq = &sc->rxq; 719 int i, error; 720 721 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh); 722 if (error != 0) 723 goto fail; 724 725 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 726 struct run_rx_data *data = &rxq->data[i]; 727 728 data->sc = sc; /* backpointer for callbacks */ 729 730 data->xfer = usbd_alloc_xfer(sc->sc_udev); 731 if (data->xfer == NULL) { 732 error = ENOMEM; 733 goto fail; 734 } 735 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ); 736 if (data->buf == NULL) { 737 error = ENOMEM; 738 goto fail; 739 } 740 } 741 if (error != 0) 742 fail: run_free_rx_ring(sc); 743 return error; 744 } 745 746 void 747 run_free_rx_ring(struct run_softc *sc) 748 { 749 struct run_rx_ring *rxq = &sc->rxq; 750 int i; 751 752 if (rxq->pipeh != NULL) { 753 usbd_close_pipe(rxq->pipeh); 754 rxq->pipeh = NULL; 755 } 756 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 757 if (rxq->data[i].xfer != NULL) 758 usbd_free_xfer(rxq->data[i].xfer); 759 rxq->data[i].xfer = NULL; 760 } 761 } 762 763 int 764 run_alloc_tx_ring(struct run_softc *sc, int qid) 765 { 766 struct run_tx_ring *txq = &sc->txq[qid]; 767 int i, error; 768 uint16_t txwisize; 769 770 txwisize = sizeof(struct rt2860_txwi); 771 if (sc->mac_ver == 0x5592) 772 txwisize += sizeof(uint32_t); 773 774 txq->cur = txq->queued = 0; 775 776 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh); 777 if (error != 0) 778 goto fail; 779 780 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 781 struct run_tx_data *data = &txq->data[i]; 782 783 data->sc = sc; /* backpointer for callbacks */ 784 data->qid = qid; 785 786 data->xfer = usbd_alloc_xfer(sc->sc_udev); 787 if (data->xfer == NULL) { 788 error = ENOMEM; 789 goto fail; 790 } 791 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ); 792 if (data->buf == NULL) { 793 error = ENOMEM; 794 goto fail; 795 } 796 /* zeroize the TXD + TXWI part */ 797 memset(data->buf, 0, sizeof(struct rt2870_txd) + txwisize); 798 } 799 if (error != 0) 800 fail: run_free_tx_ring(sc, qid); 801 return error; 802 } 803 804 void 805 run_free_tx_ring(struct run_softc *sc, int qid) 806 { 807 struct run_tx_ring *txq = &sc->txq[qid]; 808 int i; 809 810 if (txq->pipeh != NULL) { 811 usbd_close_pipe(txq->pipeh); 812 txq->pipeh = NULL; 813 } 814 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 815 if (txq->data[i].xfer != NULL) 816 usbd_free_xfer(txq->data[i].xfer); 817 txq->data[i].xfer = NULL; 818 } 819 } 820 821 int 822 run_load_microcode(struct run_softc *sc) 823 { 824 usb_device_request_t req; 825 const char *fwname; 826 u_char *ucode; 827 size_t size; 828 uint32_t tmp; 829 int ntries, error; 830 831 /* RT3071/RT3072 use a different firmware */ 832 if (sc->mac_ver != 0x2860 && 833 sc->mac_ver != 0x2872 && 834 sc->mac_ver != 0x3070) 835 fwname = "run-rt3071"; 836 else 837 fwname = "run-rt2870"; 838 839 if ((error = loadfirmware(fwname, &ucode, &size)) != 0) { 840 printf("%s: failed loadfirmware of file %s (error %d)\n", 841 sc->sc_dev.dv_xname, fwname, error); 842 return error; 843 } 844 if (size != 4096) { 845 printf("%s: invalid firmware size (should be 4KB)\n", 846 sc->sc_dev.dv_xname); 847 free(ucode, M_DEVBUF, size); 848 return EINVAL; 849 } 850 851 /* write microcode image */ 852 run_write_region_1(sc, RT2870_FW_BASE, ucode, size); 853 free(ucode, M_DEVBUF, size); 854 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 855 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 856 857 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 858 req.bRequest = RT2870_RESET; 859 USETW(req.wValue, 8); 860 USETW(req.wIndex, 0); 861 USETW(req.wLength, 0); 862 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0) 863 return error; 864 865 usbd_delay_ms(sc->sc_udev, 10); 866 run_write(sc, RT2860_H2M_BBPAGENT, 0); 867 run_write(sc, RT2860_H2M_MAILBOX, 0); 868 run_write(sc, RT2860_H2M_INTSRC, 0); 869 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 870 return error; 871 872 /* wait until microcontroller is ready */ 873 for (ntries = 0; ntries < 1000; ntries++) { 874 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 875 return error; 876 if (tmp & RT2860_MCU_READY) 877 break; 878 DELAY(1000); 879 } 880 if (ntries == 1000) { 881 printf("%s: timeout waiting for MCU to initialize\n", 882 sc->sc_dev.dv_xname); 883 return ETIMEDOUT; 884 } 885 DPRINTF(("microcode successfully loaded after %d tries\n", ntries)); 886 return 0; 887 } 888 889 int 890 run_reset(struct run_softc *sc) 891 { 892 usb_device_request_t req; 893 894 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 895 req.bRequest = RT2870_RESET; 896 USETW(req.wValue, 1); 897 USETW(req.wIndex, 0); 898 USETW(req.wLength, 0); 899 return usbd_do_request(sc->sc_udev, &req, NULL); 900 } 901 902 int 903 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 904 { 905 uint32_t tmp; 906 int error; 907 908 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 909 if (error == 0) 910 *val = letoh32(tmp); 911 else 912 *val = 0xffffffff; 913 return error; 914 } 915 916 int 917 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 918 { 919 usb_device_request_t req; 920 921 req.bmRequestType = UT_READ_VENDOR_DEVICE; 922 req.bRequest = RT2870_READ_REGION_1; 923 USETW(req.wValue, 0); 924 USETW(req.wIndex, reg); 925 USETW(req.wLength, len); 926 return usbd_do_request(sc->sc_udev, &req, buf); 927 } 928 929 int 930 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 931 { 932 usb_device_request_t req; 933 934 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 935 req.bRequest = RT2870_WRITE_2; 936 USETW(req.wValue, val); 937 USETW(req.wIndex, reg); 938 USETW(req.wLength, 0); 939 return usbd_do_request(sc->sc_udev, &req, NULL); 940 } 941 942 int 943 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 944 { 945 int error; 946 947 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 948 error = run_write_2(sc, reg + 2, val >> 16); 949 return error; 950 } 951 952 int 953 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 954 int len) 955 { 956 #if 1 957 int i, error = 0; 958 /* 959 * NB: the WRITE_REGION_1 command is not stable on RT2860. 960 * We thus issue multiple WRITE_2 commands instead. 961 */ 962 KASSERT((len & 1) == 0); 963 for (i = 0; i < len && error == 0; i += 2) 964 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 965 return error; 966 #else 967 usb_device_request_t req; 968 969 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 970 req.bRequest = RT2870_WRITE_REGION_1; 971 USETW(req.wValue, 0); 972 USETW(req.wIndex, reg); 973 USETW(req.wLength, len); 974 return usbd_do_request(sc->sc_udev, &req, buf); 975 #endif 976 } 977 978 int 979 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count) 980 { 981 int error = 0; 982 983 for (; count > 0 && error == 0; count--, reg += 4) 984 error = run_write(sc, reg, val); 985 return error; 986 } 987 988 /* Read 16-bit from eFUSE ROM. */ 989 int 990 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 991 { 992 uint32_t tmp; 993 uint16_t reg; 994 int error, ntries; 995 996 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 997 return error; 998 999 /*- 1000 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1001 * DATA0: F E D C 1002 * DATA1: B A 9 8 1003 * DATA2: 7 6 5 4 1004 * DATA3: 3 2 1 0 1005 */ 1006 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1007 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1008 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1009 for (ntries = 0; ntries < 100; ntries++) { 1010 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1011 return error; 1012 if (!(tmp & RT3070_EFSROM_KICK)) 1013 break; 1014 DELAY(2); 1015 } 1016 if (ntries == 100) 1017 return ETIMEDOUT; 1018 1019 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1020 *val = 0xffff; /* address not found */ 1021 return 0; 1022 } 1023 /* determine to which 32-bit register our 16-bit word belongs */ 1024 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1025 if ((error = run_read(sc, reg, &tmp)) != 0) 1026 return error; 1027 1028 tmp >>= (8 * (addr & 0x3)); 1029 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1030 return 0; 1031 } 1032 1033 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1034 int 1035 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1036 { 1037 uint32_t tmp; 1038 uint16_t reg; 1039 int error, ntries; 1040 1041 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1042 return error; 1043 1044 addr *= 2; 1045 /*- 1046 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1047 * DATA0: F E D C 1048 * DATA1: B A 9 8 1049 * DATA2: 7 6 5 4 1050 * DATA3: 3 2 1 0 1051 */ 1052 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1053 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1054 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1055 for (ntries = 0; ntries < 100; ntries++) { 1056 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1057 return error; 1058 if (!(tmp & RT3070_EFSROM_KICK)) 1059 break; 1060 DELAY(2); 1061 } 1062 if (ntries == 100) 1063 return ETIMEDOUT; 1064 1065 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1066 *val = 0xffff; /* address not found */ 1067 return 0; 1068 } 1069 /* determine to which 32-bit register our 16-bit word belongs */ 1070 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1071 if ((error = run_read(sc, reg, &tmp)) != 0) 1072 return error; 1073 1074 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1075 return 0; 1076 } 1077 1078 int 1079 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1080 { 1081 usb_device_request_t req; 1082 uint16_t tmp; 1083 int error; 1084 1085 addr *= 2; 1086 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1087 req.bRequest = RT2870_EEPROM_READ; 1088 USETW(req.wValue, 0); 1089 USETW(req.wIndex, addr); 1090 USETW(req.wLength, sizeof tmp); 1091 error = usbd_do_request(sc->sc_udev, &req, &tmp); 1092 if (error == 0) 1093 *val = letoh16(tmp); 1094 else 1095 *val = 0xffff; 1096 return error; 1097 } 1098 1099 static __inline int 1100 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1101 { 1102 /* either eFUSE ROM or EEPROM */ 1103 return sc->sc_srom_read(sc, addr, val); 1104 } 1105 1106 int 1107 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 1108 { 1109 uint32_t tmp; 1110 int error, ntries; 1111 1112 for (ntries = 0; ntries < 10; ntries++) { 1113 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1114 return error; 1115 if (!(tmp & RT2860_RF_REG_CTRL)) 1116 break; 1117 } 1118 if (ntries == 10) 1119 return ETIMEDOUT; 1120 1121 /* RF registers are 24-bit on the RT2860 */ 1122 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1123 (val & 0x3fffff) << 2 | (reg & 3); 1124 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1125 } 1126 1127 int 1128 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1129 { 1130 uint32_t tmp; 1131 int error, ntries; 1132 1133 for (ntries = 0; ntries < 100; ntries++) { 1134 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1135 return error; 1136 if (!(tmp & RT3070_RF_KICK)) 1137 break; 1138 } 1139 if (ntries == 100) 1140 return ETIMEDOUT; 1141 1142 tmp = RT3070_RF_KICK | reg << 8; 1143 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1144 return error; 1145 1146 for (ntries = 0; ntries < 100; ntries++) { 1147 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1148 return error; 1149 if (!(tmp & RT3070_RF_KICK)) 1150 break; 1151 } 1152 if (ntries == 100) 1153 return ETIMEDOUT; 1154 1155 *val = tmp & 0xff; 1156 return 0; 1157 } 1158 1159 int 1160 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1161 { 1162 uint32_t tmp; 1163 int error, ntries; 1164 1165 for (ntries = 0; ntries < 10; ntries++) { 1166 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1167 return error; 1168 if (!(tmp & RT3070_RF_KICK)) 1169 break; 1170 } 1171 if (ntries == 10) 1172 return ETIMEDOUT; 1173 1174 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1175 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1176 } 1177 1178 int 1179 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1180 { 1181 uint32_t tmp; 1182 int ntries, error; 1183 1184 for (ntries = 0; ntries < 10; ntries++) { 1185 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1186 return error; 1187 if (!(tmp & RT2860_BBP_CSR_KICK)) 1188 break; 1189 } 1190 if (ntries == 10) 1191 return ETIMEDOUT; 1192 1193 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1194 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1195 return error; 1196 1197 for (ntries = 0; ntries < 10; ntries++) { 1198 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1199 return error; 1200 if (!(tmp & RT2860_BBP_CSR_KICK)) 1201 break; 1202 } 1203 if (ntries == 10) 1204 return ETIMEDOUT; 1205 1206 *val = tmp & 0xff; 1207 return 0; 1208 } 1209 1210 int 1211 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1212 { 1213 uint32_t tmp; 1214 int ntries, error; 1215 1216 for (ntries = 0; ntries < 10; ntries++) { 1217 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1218 return error; 1219 if (!(tmp & RT2860_BBP_CSR_KICK)) 1220 break; 1221 } 1222 if (ntries == 10) 1223 return ETIMEDOUT; 1224 1225 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1226 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1227 } 1228 1229 /* 1230 * Send a command to the 8051 microcontroller unit. 1231 */ 1232 int 1233 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1234 { 1235 uint32_t tmp; 1236 int error, ntries; 1237 1238 for (ntries = 0; ntries < 100; ntries++) { 1239 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1240 return error; 1241 if (!(tmp & RT2860_H2M_BUSY)) 1242 break; 1243 } 1244 if (ntries == 100) 1245 return ETIMEDOUT; 1246 1247 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1248 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1249 error = run_write(sc, RT2860_HOST_CMD, cmd); 1250 return error; 1251 } 1252 1253 /* 1254 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1255 * Used to adjust per-rate Tx power registers. 1256 */ 1257 static __inline uint32_t 1258 b4inc(uint32_t b32, int8_t delta) 1259 { 1260 int8_t i, b4; 1261 1262 for (i = 0; i < 8; i++) { 1263 b4 = b32 & 0xf; 1264 b4 += delta; 1265 if (b4 < 0) 1266 b4 = 0; 1267 else if (b4 > 0xf) 1268 b4 = 0xf; 1269 b32 = b32 >> 4 | b4 << 28; 1270 } 1271 return b32; 1272 } 1273 1274 const char * 1275 run_get_rf(int rev) 1276 { 1277 switch (rev) { 1278 case RT2860_RF_2820: return "RT2820"; 1279 case RT2860_RF_2850: return "RT2850"; 1280 case RT2860_RF_2720: return "RT2720"; 1281 case RT2860_RF_2750: return "RT2750"; 1282 case RT3070_RF_3020: return "RT3020"; 1283 case RT3070_RF_2020: return "RT2020"; 1284 case RT3070_RF_3021: return "RT3021"; 1285 case RT3070_RF_3022: return "RT3022"; 1286 case RT3070_RF_3052: return "RT3052"; 1287 case RT3070_RF_3053: return "RT3053"; 1288 case RT5592_RF_5592: return "RT5592"; 1289 case RT5390_RF_5370: return "RT5370"; 1290 case RT5390_RF_5372: return "RT5372"; 1291 } 1292 return "unknown"; 1293 } 1294 1295 void 1296 run_rt3593_get_txpower(struct run_softc *sc) 1297 { 1298 uint16_t addr, val; 1299 int i; 1300 1301 /* Read power settings for 2GHz channels. */ 1302 for (i = 0; i < 14; i += 2) { 1303 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1304 RT2860_EEPROM_PWR2GHZ_BASE1; 1305 run_srom_read(sc, addr + i / 2, &val); 1306 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1307 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1308 1309 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1310 RT2860_EEPROM_PWR2GHZ_BASE2; 1311 run_srom_read(sc, addr + i / 2, &val); 1312 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1313 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1314 1315 if (sc->ntxchains == 3) { 1316 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1317 &val); 1318 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1319 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1320 } 1321 } 1322 /* Fix broken Tx power entries. */ 1323 for (i = 0; i < 14; i++) { 1324 if (sc->txpow1[i] > 31) 1325 sc->txpow1[i] = 5; 1326 if (sc->txpow2[i] > 31) 1327 sc->txpow2[i] = 5; 1328 if (sc->ntxchains == 3) { 1329 if (sc->txpow3[i] > 31) 1330 sc->txpow3[i] = 5; 1331 } 1332 } 1333 /* Read power settings for 5GHz channels. */ 1334 for (i = 0; i < 40; i += 2) { 1335 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1336 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1337 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1338 1339 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1340 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1341 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1342 1343 if (sc->ntxchains == 3) { 1344 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1345 &val); 1346 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1347 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1348 } 1349 } 1350 } 1351 1352 void 1353 run_get_txpower(struct run_softc *sc) 1354 { 1355 uint16_t val; 1356 int i; 1357 1358 /* Read power settings for 2GHz channels. */ 1359 for (i = 0; i < 14; i += 2) { 1360 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1361 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1362 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1363 1364 if (sc->mac_ver != 0x5390) { 1365 run_srom_read(sc, 1366 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1367 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1368 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1369 } 1370 } 1371 /* Fix broken Tx power entries. */ 1372 for (i = 0; i < 14; i++) { 1373 if (sc->mac_ver >= 0x5390) { 1374 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1375 sc->txpow1[i] = 5; 1376 } else { 1377 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1378 sc->txpow1[i] = 5; 1379 } 1380 if (sc->mac_ver > 0x5390) { 1381 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1382 sc->txpow2[i] = 5; 1383 } else if (sc->mac_ver < 0x5390) { 1384 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1385 sc->txpow2[i] = 5; 1386 } 1387 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1388 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i])); 1389 } 1390 /* Read power settings for 5GHz channels. */ 1391 for (i = 0; i < 40; i += 2) { 1392 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1393 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1394 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1395 1396 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1397 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1398 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1399 } 1400 /* Fix broken Tx power entries. */ 1401 for (i = 0; i < 40; i++ ) { 1402 if (sc->mac_ver != 0x5592) { 1403 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1404 sc->txpow1[14 + i] = 5; 1405 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1406 sc->txpow2[14 + i] = 5; 1407 } 1408 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1409 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1410 sc->txpow2[14 + i])); 1411 } 1412 } 1413 1414 int 1415 run_read_eeprom(struct run_softc *sc) 1416 { 1417 struct ieee80211com *ic = &sc->sc_ic; 1418 int8_t delta_2ghz, delta_5ghz; 1419 uint32_t tmp; 1420 uint16_t val; 1421 int ridx, ant, i; 1422 1423 /* check whether the ROM is eFUSE ROM or EEPROM */ 1424 sc->sc_srom_read = run_eeprom_read_2; 1425 if (sc->mac_ver >= 0x3070) { 1426 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1427 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp)); 1428 if (tmp & RT3070_SEL_EFUSE || sc->mac_ver == 0x3593) 1429 sc->sc_srom_read = run_efuse_read_2; 1430 } 1431 1432 /* read ROM version */ 1433 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1434 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8)); 1435 1436 /* read MAC address */ 1437 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1438 ic->ic_myaddr[0] = val & 0xff; 1439 ic->ic_myaddr[1] = val >> 8; 1440 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1441 ic->ic_myaddr[2] = val & 0xff; 1442 ic->ic_myaddr[3] = val >> 8; 1443 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1444 ic->ic_myaddr[4] = val & 0xff; 1445 ic->ic_myaddr[5] = val >> 8; 1446 1447 if (sc->mac_ver < 0x3593) { 1448 /* read vendor BBP settings */ 1449 for (i = 0; i < 10; i++) { 1450 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1451 sc->bbp[i].val = val & 0xff; 1452 sc->bbp[i].reg = val >> 8; 1453 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, 1454 sc->bbp[i].val)); 1455 } 1456 if (sc->mac_ver >= 0x3071) { 1457 /* read vendor RF settings */ 1458 for (i = 0; i < 10; i++) { 1459 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1460 &val); 1461 sc->rf[i].val = val & 0xff; 1462 sc->rf[i].reg = val >> 8; 1463 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg, 1464 sc->rf[i].val)); 1465 } 1466 } 1467 } 1468 1469 /* read RF frequency offset from EEPROM */ 1470 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1471 RT3593_EEPROM_FREQ, &val); 1472 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1473 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff)); 1474 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1475 RT3593_EEPROM_FREQ_LEDS, &val); 1476 if ((val >> 8) != 0xff) { 1477 /* read LEDs operating mode */ 1478 sc->leds = val >> 8; 1479 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1480 RT3593_EEPROM_LED1, &sc->led[0]); 1481 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1482 RT3593_EEPROM_LED2, &sc->led[1]); 1483 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1484 RT3593_EEPROM_LED3, &sc->led[2]); 1485 } else { 1486 /* broken EEPROM, use default settings */ 1487 sc->leds = 0x01; 1488 sc->led[0] = 0x5555; 1489 sc->led[1] = 0x2221; 1490 sc->led[2] = 0x5627; /* differs from RT2860 */ 1491 } 1492 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1493 sc->leds, sc->led[0], sc->led[1], sc->led[2])); 1494 1495 /* read RF information */ 1496 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) 1497 run_srom_read(sc, 0x00, &val); 1498 else 1499 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1500 if (val == 0xffff) { 1501 DPRINTF(("invalid EEPROM antenna info, using default\n")); 1502 if (sc->mac_ver == 0x3572) { 1503 /* default to RF3052 2T2R */ 1504 sc->rf_rev = RT3070_RF_3052; 1505 sc->ntxchains = 2; 1506 sc->nrxchains = 2; 1507 } else if (sc->mac_ver >= 0x3070) { 1508 /* default to RF3020 1T1R */ 1509 sc->rf_rev = RT3070_RF_3020; 1510 sc->ntxchains = 1; 1511 sc->nrxchains = 1; 1512 } else { 1513 /* default to RF2820 1T2R */ 1514 sc->rf_rev = RT2860_RF_2820; 1515 sc->ntxchains = 1; 1516 sc->nrxchains = 2; 1517 } 1518 } else { 1519 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) { 1520 sc->rf_rev = val; 1521 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1522 } else 1523 sc->rf_rev = (val >> 8) & 0xf; 1524 sc->ntxchains = (val >> 4) & 0xf; 1525 sc->nrxchains = val & 0xf; 1526 } 1527 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1528 sc->rf_rev, sc->ntxchains, sc->nrxchains)); 1529 1530 /* check if RF supports automatic Tx access gain control */ 1531 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1532 DPRINTF(("EEPROM CFG 0x%04x\n", val)); 1533 /* check if driver should patch the DAC issue */ 1534 if ((val >> 8) != 0xff) 1535 sc->patch_dac = (val >> 15) & 1; 1536 if ((val & 0xff) != 0xff) { 1537 sc->ext_5ghz_lna = (val >> 3) & 1; 1538 sc->ext_2ghz_lna = (val >> 2) & 1; 1539 /* check if RF supports automatic Tx access gain control */ 1540 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1541 /* check if we have a hardware radio switch */ 1542 sc->rfswitch = val & 1; 1543 } 1544 1545 /* Read Tx power settings. */ 1546 if (sc->mac_ver == 0x3593) 1547 run_rt3593_get_txpower(sc); 1548 else 1549 run_get_txpower(sc); 1550 1551 /* read Tx power compensation for each Tx rate */ 1552 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1553 delta_2ghz = delta_5ghz = 0; 1554 if ((val & 0xff) != 0xff && (val & 0x80)) { 1555 delta_2ghz = val & 0xf; 1556 if (!(val & 0x40)) /* negative number */ 1557 delta_2ghz = -delta_2ghz; 1558 } 1559 val >>= 8; 1560 if ((val & 0xff) != 0xff && (val & 0x80)) { 1561 delta_5ghz = val & 0xf; 1562 if (!(val & 0x40)) /* negative number */ 1563 delta_5ghz = -delta_5ghz; 1564 } 1565 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n", 1566 delta_2ghz, delta_5ghz)); 1567 1568 for (ridx = 0; ridx < 5; ridx++) { 1569 uint32_t reg; 1570 1571 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1572 reg = val; 1573 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1574 reg |= (uint32_t)val << 16; 1575 1576 sc->txpow20mhz[ridx] = reg; 1577 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1578 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1579 1580 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1581 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1582 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx])); 1583 } 1584 1585 /* read RSSI offsets and LNA gains from EEPROM */ 1586 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1587 RT3593_EEPROM_RSSI1_2GHZ, &val); 1588 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1589 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1590 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1591 RT3593_EEPROM_RSSI2_2GHZ, &val); 1592 if (sc->mac_ver >= 0x3070) { 1593 if (sc->mac_ver == 0x3593) { 1594 sc->txmixgain_2ghz = 0; 1595 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1596 } else { 1597 /* 1598 * On RT3070 chips (limited to 2 Rx chains), this ROM 1599 * field contains the Tx mixer gain for the 2GHz band. 1600 */ 1601 if ((val & 0xff) != 0xff) 1602 sc->txmixgain_2ghz = val & 0x7; 1603 } 1604 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz)); 1605 } else 1606 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1607 if (sc->mac_ver == 0x3593) 1608 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1609 sc->lna[2] = val >> 8; /* channel group 2 */ 1610 1611 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1612 RT3593_EEPROM_RSSI1_5GHZ, &val); 1613 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1614 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1615 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1616 RT3593_EEPROM_RSSI2_5GHZ, &val); 1617 if (sc->mac_ver == 0x3572) { 1618 /* 1619 * On RT3572 chips (limited to 2 Rx chains), this ROM 1620 * field contains the Tx mixer gain for the 5GHz band. 1621 */ 1622 if ((val & 0xff) != 0xff) 1623 sc->txmixgain_5ghz = val & 0x7; 1624 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz)); 1625 } else 1626 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1627 if (sc->mac_ver == 0x3593) { 1628 sc->txmixgain_5ghz = 0; 1629 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1630 } 1631 sc->lna[3] = val >> 8; /* channel group 3 */ 1632 1633 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1634 RT3593_EEPROM_LNA, &val); 1635 sc->lna[0] = val & 0xff; /* channel group 0 */ 1636 sc->lna[1] = val >> 8; /* channel group 1 */ 1637 1638 /* fix broken 5GHz LNA entries */ 1639 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1640 DPRINTF(("invalid LNA for channel group %d\n", 2)); 1641 sc->lna[2] = sc->lna[1]; 1642 } 1643 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1644 DPRINTF(("invalid LNA for channel group %d\n", 3)); 1645 sc->lna[3] = sc->lna[1]; 1646 } 1647 1648 /* fix broken RSSI offset entries */ 1649 for (ant = 0; ant < 3; ant++) { 1650 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1651 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n", 1652 ant + 1, sc->rssi_2ghz[ant])); 1653 sc->rssi_2ghz[ant] = 0; 1654 } 1655 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1656 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n", 1657 ant + 1, sc->rssi_5ghz[ant])); 1658 sc->rssi_5ghz[ant] = 0; 1659 } 1660 } 1661 return 0; 1662 } 1663 1664 struct ieee80211_node * 1665 run_node_alloc(struct ieee80211com *ic) 1666 { 1667 return malloc(sizeof (struct run_node), M_USBDEV, M_NOWAIT | M_ZERO); 1668 } 1669 1670 int 1671 run_media_change(struct ifnet *ifp) 1672 { 1673 struct run_softc *sc = ifp->if_softc; 1674 struct ieee80211com *ic = &sc->sc_ic; 1675 uint8_t rate, ridx; 1676 int error; 1677 1678 error = ieee80211_media_change(ifp); 1679 if (error != ENETRESET) 1680 return error; 1681 1682 if (ic->ic_fixed_rate != -1) { 1683 rate = ic->ic_sup_rates[ic->ic_curmode]. 1684 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1685 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++) 1686 if (rt2860_rates[ridx].rate == rate) 1687 break; 1688 sc->fixed_ridx = ridx; 1689 } 1690 1691 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1692 (IFF_UP | IFF_RUNNING)) { 1693 run_stop(ifp, 0); 1694 error = run_init(ifp); 1695 } 1696 1697 return error; 1698 } 1699 1700 void 1701 run_next_scan(void *arg) 1702 { 1703 struct run_softc *sc = arg; 1704 int s; 1705 1706 if (usbd_is_dying(sc->sc_udev)) 1707 return; 1708 1709 usbd_ref_incr(sc->sc_udev); 1710 1711 s = splnet(); 1712 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1713 ieee80211_next_scan(&sc->sc_ic.ic_if); 1714 splx(s); 1715 1716 usbd_ref_decr(sc->sc_udev); 1717 } 1718 1719 void 1720 run_task(void *arg) 1721 { 1722 struct run_softc *sc = arg; 1723 struct run_host_cmd_ring *ring = &sc->cmdq; 1724 struct run_host_cmd *cmd; 1725 int s; 1726 1727 if (usbd_is_dying(sc->sc_udev)) 1728 return; 1729 1730 /* process host commands */ 1731 s = splusb(); 1732 while (ring->next != ring->cur) { 1733 cmd = &ring->cmd[ring->next]; 1734 splx(s); 1735 /* callback */ 1736 cmd->cb(sc, cmd->data); 1737 s = splusb(); 1738 ring->queued--; 1739 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT; 1740 } 1741 splx(s); 1742 } 1743 1744 void 1745 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *), 1746 void *arg, int len) 1747 { 1748 struct run_host_cmd_ring *ring = &sc->cmdq; 1749 struct run_host_cmd *cmd; 1750 int s; 1751 1752 if (usbd_is_dying(sc->sc_udev)) 1753 return; 1754 1755 s = splusb(); 1756 cmd = &ring->cmd[ring->cur]; 1757 cmd->cb = cb; 1758 KASSERT(len <= sizeof (cmd->data)); 1759 memcpy(cmd->data, arg, len); 1760 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT; 1761 1762 /* if there is no pending command already, schedule a task */ 1763 if (++ring->queued == 1) 1764 usb_add_task(sc->sc_udev, &sc->sc_task); 1765 splx(s); 1766 } 1767 1768 int 1769 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1770 { 1771 struct run_softc *sc = ic->ic_softc; 1772 struct run_cmd_newstate cmd; 1773 1774 /* do it in a process context */ 1775 cmd.state = nstate; 1776 cmd.arg = arg; 1777 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd); 1778 return 0; 1779 } 1780 1781 void 1782 run_newstate_cb(struct run_softc *sc, void *arg) 1783 { 1784 struct run_cmd_newstate *cmd = arg; 1785 struct ieee80211com *ic = &sc->sc_ic; 1786 enum ieee80211_state ostate; 1787 struct ieee80211_node *ni; 1788 uint32_t tmp, sta[3]; 1789 uint8_t wcid; 1790 int s; 1791 1792 s = splnet(); 1793 ostate = ic->ic_state; 1794 1795 if (ostate == IEEE80211_S_RUN) { 1796 /* turn link LED off */ 1797 run_set_leds(sc, RT2860_LED_RADIO); 1798 } 1799 1800 switch (cmd->state) { 1801 case IEEE80211_S_INIT: 1802 if (ostate == IEEE80211_S_RUN) { 1803 /* abort TSF synchronization */ 1804 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1805 run_write(sc, RT2860_BCN_TIME_CFG, 1806 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1807 RT2860_TBTT_TIMER_EN)); 1808 } 1809 break; 1810 1811 case IEEE80211_S_SCAN: 1812 run_set_chan(sc, ic->ic_bss->ni_chan); 1813 if (!usbd_is_dying(sc->sc_udev)) 1814 timeout_add_msec(&sc->scan_to, 200); 1815 break; 1816 1817 case IEEE80211_S_AUTH: 1818 case IEEE80211_S_ASSOC: 1819 run_set_chan(sc, ic->ic_bss->ni_chan); 1820 break; 1821 1822 case IEEE80211_S_RUN: 1823 run_set_chan(sc, ic->ic_bss->ni_chan); 1824 1825 ni = ic->ic_bss; 1826 1827 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1828 run_updateslot(ic); 1829 run_enable_mrr(sc); 1830 run_set_txpreamble(sc); 1831 run_set_basicrates(sc); 1832 run_set_bssid(sc, ni->ni_bssid); 1833 } 1834 if (ic->ic_opmode == IEEE80211_M_STA) { 1835 /* add BSS entry to the WCID table */ 1836 wcid = RUN_AID2WCID(ni->ni_associd); 1837 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1838 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1839 1840 /* fake a join to init the tx rate */ 1841 run_newassoc(ic, ni, 1); 1842 } 1843 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1844 run_enable_tsf_sync(sc); 1845 1846 /* clear statistic registers used by AMRR */ 1847 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1848 (uint8_t *)sta, sizeof sta); 1849 /* start calibration timer */ 1850 if (!usbd_is_dying(sc->sc_udev)) 1851 timeout_add_sec(&sc->calib_to, 1); 1852 } 1853 1854 /* turn link LED on */ 1855 run_set_leds(sc, RT2860_LED_RADIO | 1856 (IEEE80211_IS_CHAN_2GHZ(ic->ic_bss->ni_chan) ? 1857 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1858 break; 1859 } 1860 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 1861 splx(s); 1862 } 1863 1864 void 1865 run_updateedca(struct ieee80211com *ic) 1866 { 1867 /* do it in a process context */ 1868 run_do_async(ic->ic_softc, run_updateedca_cb, NULL, 0); 1869 } 1870 1871 /* ARGSUSED */ 1872 void 1873 run_updateedca_cb(struct run_softc *sc, void *arg) 1874 { 1875 struct ieee80211com *ic = &sc->sc_ic; 1876 int s, aci; 1877 1878 s = splnet(); 1879 /* update MAC TX configuration registers */ 1880 for (aci = 0; aci < EDCA_NUM_AC; aci++) { 1881 run_write(sc, RT2860_EDCA_AC_CFG(aci), 1882 ic->ic_edca_ac[aci].ac_ecwmax << 16 | 1883 ic->ic_edca_ac[aci].ac_ecwmin << 12 | 1884 ic->ic_edca_ac[aci].ac_aifsn << 8 | 1885 ic->ic_edca_ac[aci].ac_txoplimit); 1886 } 1887 1888 /* update SCH/DMA registers too */ 1889 run_write(sc, RT2860_WMM_AIFSN_CFG, 1890 ic->ic_edca_ac[EDCA_AC_VO].ac_aifsn << 12 | 1891 ic->ic_edca_ac[EDCA_AC_VI].ac_aifsn << 8 | 1892 ic->ic_edca_ac[EDCA_AC_BK].ac_aifsn << 4 | 1893 ic->ic_edca_ac[EDCA_AC_BE].ac_aifsn); 1894 run_write(sc, RT2860_WMM_CWMIN_CFG, 1895 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmin << 12 | 1896 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmin << 8 | 1897 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmin << 4 | 1898 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmin); 1899 run_write(sc, RT2860_WMM_CWMAX_CFG, 1900 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmax << 12 | 1901 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmax << 8 | 1902 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmax << 4 | 1903 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmax); 1904 run_write(sc, RT2860_WMM_TXOP0_CFG, 1905 ic->ic_edca_ac[EDCA_AC_BK].ac_txoplimit << 16 | 1906 ic->ic_edca_ac[EDCA_AC_BE].ac_txoplimit); 1907 run_write(sc, RT2860_WMM_TXOP1_CFG, 1908 ic->ic_edca_ac[EDCA_AC_VO].ac_txoplimit << 16 | 1909 ic->ic_edca_ac[EDCA_AC_VI].ac_txoplimit); 1910 splx(s); 1911 } 1912 1913 int 1914 run_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 1915 struct ieee80211_key *k) 1916 { 1917 struct run_softc *sc = ic->ic_softc; 1918 struct run_cmd_key cmd; 1919 1920 /* defer setting of WEP keys until interface is brought up */ 1921 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) != 1922 (IFF_UP | IFF_RUNNING)) 1923 return 0; 1924 1925 /* do it in a process context */ 1926 cmd.key = *k; 1927 cmd.ni = ni; 1928 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd); 1929 sc->sc_key_tasks++; 1930 1931 return EBUSY; 1932 } 1933 1934 void 1935 run_set_key_cb(struct run_softc *sc, void *arg) 1936 { 1937 struct ieee80211com *ic = &sc->sc_ic; 1938 struct run_cmd_key *cmd = arg; 1939 struct ieee80211_key *k = &cmd->key; 1940 uint32_t attr; 1941 uint16_t base; 1942 uint8_t mode, wcid, iv[8]; 1943 1944 sc->sc_key_tasks--; 1945 1946 /* map net80211 cipher to RT2860 security mode */ 1947 switch (k->k_cipher) { 1948 case IEEE80211_CIPHER_WEP40: 1949 mode = RT2860_MODE_WEP40; 1950 break; 1951 case IEEE80211_CIPHER_WEP104: 1952 mode = RT2860_MODE_WEP104; 1953 break; 1954 case IEEE80211_CIPHER_TKIP: 1955 mode = RT2860_MODE_TKIP; 1956 break; 1957 case IEEE80211_CIPHER_CCMP: 1958 mode = RT2860_MODE_AES_CCMP; 1959 break; 1960 default: 1961 IEEE80211_SEND_MGMT(ic, cmd->ni, IEEE80211_FC0_SUBTYPE_DEAUTH, 1962 IEEE80211_REASON_AUTH_LEAVE); 1963 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1964 return; 1965 } 1966 1967 if (k->k_flags & IEEE80211_KEY_GROUP) { 1968 wcid = 0; /* NB: update WCID0 for group keys */ 1969 base = RT2860_SKEY(0, k->k_id); 1970 } else { 1971 wcid = (cmd->ni != NULL) ? RUN_AID2WCID(cmd->ni->ni_associd) : 0; 1972 base = RT2860_PKEY(wcid); 1973 } 1974 1975 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1976 run_write_region_1(sc, base, k->k_key, 16); 1977 run_write_region_1(sc, base + 16, &k->k_key[24], 8); 1978 run_write_region_1(sc, base + 24, &k->k_key[16], 8); 1979 } else { 1980 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1981 run_write_region_1(sc, base, k->k_key, (k->k_len + 1) & ~1); 1982 } 1983 1984 if (!(k->k_flags & IEEE80211_KEY_GROUP) || 1985 (k->k_flags & IEEE80211_KEY_TX)) { 1986 /* set initial packet number in IV+EIV */ 1987 if (k->k_cipher == IEEE80211_CIPHER_WEP40 || 1988 k->k_cipher == IEEE80211_CIPHER_WEP104) { 1989 memset(iv, 0, sizeof iv); 1990 iv[3] = sc->sc_ic.ic_def_txkey << 6; 1991 } else { 1992 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1993 iv[0] = k->k_tsc >> 8; 1994 iv[1] = (iv[0] | 0x20) & 0x7f; 1995 iv[2] = k->k_tsc; 1996 } else /* CCMP */ { 1997 iv[0] = k->k_tsc; 1998 iv[1] = k->k_tsc >> 8; 1999 iv[2] = 0; 2000 } 2001 iv[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV; 2002 iv[4] = k->k_tsc >> 16; 2003 iv[5] = k->k_tsc >> 24; 2004 iv[6] = k->k_tsc >> 32; 2005 iv[7] = k->k_tsc >> 40; 2006 } 2007 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8); 2008 } 2009 2010 if (k->k_flags & IEEE80211_KEY_GROUP) { 2011 /* install group key */ 2012 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2013 attr &= ~(0xf << (k->k_id * 4)); 2014 attr |= mode << (k->k_id * 4); 2015 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2016 } else { 2017 /* install pairwise key */ 2018 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2019 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2020 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2021 } 2022 2023 if (sc->sc_key_tasks == 0) { 2024 if (cmd->ni != NULL) 2025 cmd->ni->ni_port_valid = 1; 2026 ieee80211_set_link_state(ic, LINK_STATE_UP); 2027 } 2028 } 2029 2030 void 2031 run_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2032 struct ieee80211_key *k) 2033 { 2034 struct run_softc *sc = ic->ic_softc; 2035 struct run_cmd_key cmd; 2036 2037 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2038 ic->ic_state != IEEE80211_S_RUN) 2039 return; /* nothing to do */ 2040 2041 /* do it in a process context */ 2042 cmd.key = *k; 2043 cmd.ni = ni; 2044 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd); 2045 } 2046 2047 void 2048 run_delete_key_cb(struct run_softc *sc, void *arg) 2049 { 2050 struct run_cmd_key *cmd = arg; 2051 struct ieee80211_key *k = &cmd->key; 2052 uint32_t attr; 2053 uint8_t wcid; 2054 2055 if (k->k_flags & IEEE80211_KEY_GROUP) { 2056 /* remove group key */ 2057 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2058 attr &= ~(0xf << (k->k_id * 4)); 2059 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2060 2061 } else { 2062 /* remove pairwise key */ 2063 wcid = (cmd->ni != NULL) ? RUN_AID2WCID(cmd->ni->ni_associd) : 0; 2064 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2065 attr &= ~0xf; 2066 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2067 } 2068 } 2069 2070 void 2071 run_calibrate_to(void *arg) 2072 { 2073 /* do it in a process context */ 2074 run_do_async(arg, run_calibrate_cb, NULL, 0); 2075 /* next timeout will be rescheduled in the calibration task */ 2076 } 2077 2078 /* ARGSUSED */ 2079 void 2080 run_calibrate_cb(struct run_softc *sc, void *arg) 2081 { 2082 struct ifnet *ifp = &sc->sc_ic.ic_if; 2083 uint32_t sta[3]; 2084 int s, error; 2085 2086 /* read statistic counters (clear on read) and update AMRR state */ 2087 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2088 sizeof sta); 2089 if (error != 0) 2090 goto skip; 2091 2092 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n", 2093 letoh32(sta[1]) >> 16, letoh32(sta[1]) & 0xffff, 2094 letoh32(sta[0]) & 0xffff)); 2095 2096 s = splnet(); 2097 /* count failed TX as errors */ 2098 ifp->if_oerrors += letoh32(sta[0]) & 0xffff; 2099 2100 sc->amn.amn_retrycnt = 2101 (letoh32(sta[0]) & 0xffff) + /* failed TX count */ 2102 (letoh32(sta[1]) >> 16); /* TX retransmission count */ 2103 2104 sc->amn.amn_txcnt = 2105 sc->amn.amn_retrycnt + 2106 (letoh32(sta[1]) & 0xffff); /* successful TX count */ 2107 2108 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn); 2109 splx(s); 2110 2111 skip: 2112 if (!usbd_is_dying(sc->sc_udev)) 2113 timeout_add_sec(&sc->calib_to, 1); 2114 } 2115 2116 void 2117 run_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2118 { 2119 struct run_softc *sc = ic->ic_softc; 2120 struct run_node *rn = (void *)ni; 2121 struct ieee80211_rateset *rs = &ni->ni_rates; 2122 uint8_t rate; 2123 int ridx, i, j; 2124 2125 DPRINTF(("new assoc isnew=%d addr=%s\n", 2126 isnew, ether_sprintf(ni->ni_macaddr))); 2127 2128 ieee80211_amrr_node_init(&sc->amrr, &sc->amn); 2129 /* start at lowest available bit-rate, AMRR will raise */ 2130 ni->ni_txrate = 0; 2131 2132 for (i = 0; i < rs->rs_nrates; i++) { 2133 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2134 /* convert 802.11 rate to hardware rate index */ 2135 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2136 if (rt2860_rates[ridx].rate == rate) 2137 break; 2138 rn->ridx[i] = ridx; 2139 /* determine rate of control response frames */ 2140 for (j = i; j >= 0; j--) { 2141 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2142 rt2860_rates[rn->ridx[i]].phy == 2143 rt2860_rates[rn->ridx[j]].phy) 2144 break; 2145 } 2146 if (j >= 0) { 2147 rn->ctl_ridx[i] = rn->ridx[j]; 2148 } else { 2149 /* no basic rate found, use mandatory one */ 2150 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2151 } 2152 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2153 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i])); 2154 } 2155 } 2156 2157 /* 2158 * Return the Rx chain with the highest RSSI for a given frame. 2159 */ 2160 static __inline uint8_t 2161 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2162 { 2163 uint8_t rxchain = 0; 2164 2165 if (sc->nrxchains > 1) { 2166 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2167 rxchain = 1; 2168 if (sc->nrxchains > 2) 2169 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2170 rxchain = 2; 2171 } 2172 return rxchain; 2173 } 2174 2175 void 2176 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen, 2177 struct mbuf_list *ml) 2178 { 2179 struct ieee80211com *ic = &sc->sc_ic; 2180 struct ifnet *ifp = &ic->ic_if; 2181 struct ieee80211_frame *wh; 2182 struct ieee80211_rxinfo rxi; 2183 struct ieee80211_node *ni; 2184 struct rt2870_rxd *rxd; 2185 struct rt2860_rxwi *rxwi; 2186 struct mbuf *m; 2187 uint32_t flags; 2188 uint16_t len; 2189 #if NBPFILTER > 0 2190 uint16_t phy; 2191 #endif 2192 uint16_t rxwisize; 2193 uint8_t ant, rssi; 2194 int s; 2195 2196 rxwi = (struct rt2860_rxwi *)buf; 2197 rxwisize = sizeof(struct rt2860_rxwi); 2198 if (sc->mac_ver == 0x5592) 2199 rxwisize += sizeof(uint64_t); 2200 else if (sc->mac_ver == 0x3593) 2201 rxwisize += sizeof(uint32_t); 2202 len = letoh16(rxwi->len) & 0xfff; 2203 if (__predict_false(len > dmalen)) { 2204 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen)); 2205 return; 2206 } 2207 if (len > MCLBYTES) { 2208 DPRINTF(("frame too large (length=%d)\n", len)); 2209 ifp->if_ierrors++; 2210 return; 2211 } 2212 /* Rx descriptor is located at the end */ 2213 rxd = (struct rt2870_rxd *)(buf + dmalen); 2214 flags = letoh32(rxd->flags); 2215 2216 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2217 ifp->if_ierrors++; 2218 return; 2219 } 2220 2221 if (__predict_false((flags & RT2860_RX_MICERR))) { 2222 /* report MIC failures to net80211 for TKIP */ 2223 ic->ic_stats.is_rx_locmicfail++; 2224 ieee80211_michael_mic_failure(ic, 0/* XXX */); 2225 ifp->if_ierrors++; 2226 return; 2227 } 2228 2229 wh = (struct ieee80211_frame *)(buf + rxwisize); 2230 memset(&rxi, 0, sizeof(rxi)); 2231 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2232 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2233 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 2234 } 2235 2236 if (flags & RT2860_RX_L2PAD) { 2237 u_int hdrlen = ieee80211_get_hdrlen(wh); 2238 memmove((caddr_t)wh + 2, wh, hdrlen); 2239 wh = (struct ieee80211_frame *)((caddr_t)wh + 2); 2240 } 2241 2242 /* could use m_devget but net80211 wants contig mgmt frames */ 2243 MGETHDR(m, M_DONTWAIT, MT_DATA); 2244 if (__predict_false(m == NULL)) { 2245 ifp->if_ierrors++; 2246 return; 2247 } 2248 if (len > MHLEN) { 2249 MCLGET(m, M_DONTWAIT); 2250 if (__predict_false(!(m->m_flags & M_EXT))) { 2251 ifp->if_ierrors++; 2252 m_freem(m); 2253 return; 2254 } 2255 } 2256 /* finalize mbuf */ 2257 memcpy(mtod(m, caddr_t), wh, len); 2258 m->m_pkthdr.len = m->m_len = len; 2259 2260 ant = run_maxrssi_chain(sc, rxwi); 2261 rssi = rxwi->rssi[ant]; 2262 2263 #if NBPFILTER > 0 2264 if (__predict_false(sc->sc_drvbpf != NULL)) { 2265 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2266 struct mbuf mb; 2267 2268 tap->wr_flags = 0; 2269 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 2270 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 2271 tap->wr_antsignal = rssi; 2272 tap->wr_antenna = ant; 2273 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2274 tap->wr_rate = 2; /* in case it can't be found below */ 2275 phy = letoh16(rxwi->phy); 2276 switch (phy & RT2860_PHY_MODE) { 2277 case RT2860_PHY_CCK: 2278 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2279 case 0: tap->wr_rate = 2; break; 2280 case 1: tap->wr_rate = 4; break; 2281 case 2: tap->wr_rate = 11; break; 2282 case 3: tap->wr_rate = 22; break; 2283 } 2284 if (phy & RT2860_PHY_SHPRE) 2285 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2286 break; 2287 case RT2860_PHY_OFDM: 2288 switch (phy & RT2860_PHY_MCS) { 2289 case 0: tap->wr_rate = 12; break; 2290 case 1: tap->wr_rate = 18; break; 2291 case 2: tap->wr_rate = 24; break; 2292 case 3: tap->wr_rate = 36; break; 2293 case 4: tap->wr_rate = 48; break; 2294 case 5: tap->wr_rate = 72; break; 2295 case 6: tap->wr_rate = 96; break; 2296 case 7: tap->wr_rate = 108; break; 2297 } 2298 break; 2299 } 2300 mb.m_data = (caddr_t)tap; 2301 mb.m_len = sc->sc_rxtap_len; 2302 mb.m_next = m; 2303 mb.m_nextpkt = NULL; 2304 mb.m_type = 0; 2305 mb.m_flags = 0; 2306 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 2307 } 2308 #endif 2309 2310 s = splnet(); 2311 ni = ieee80211_find_rxnode(ic, wh); 2312 rxi.rxi_rssi = rssi; 2313 ieee80211_inputm(ifp, m, ni, &rxi, ml); 2314 2315 /* node is no longer needed */ 2316 ieee80211_release_node(ic, ni); 2317 splx(s); 2318 } 2319 2320 void 2321 run_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 2322 { 2323 struct mbuf_list ml = MBUF_LIST_INITIALIZER(); 2324 struct run_rx_data *data = priv; 2325 struct run_softc *sc = data->sc; 2326 uint8_t *buf; 2327 uint32_t dmalen; 2328 int xferlen; 2329 uint16_t rxwisize; 2330 2331 rxwisize = sizeof(struct rt2860_rxwi); 2332 if (sc->mac_ver == 0x5592) 2333 rxwisize += sizeof(uint64_t); 2334 else if (sc->mac_ver == 0x3593) 2335 rxwisize += sizeof(uint32_t); 2336 2337 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2338 DPRINTF(("RX status=%d\n", status)); 2339 if (status == USBD_STALLED) 2340 usbd_clear_endpoint_stall_async(sc->rxq.pipeh); 2341 if (status != USBD_CANCELLED) 2342 goto skip; 2343 return; 2344 } 2345 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL); 2346 2347 if (__predict_false(xferlen < sizeof (uint32_t) + rxwisize + 2348 sizeof(struct rt2870_rxd))) { 2349 DPRINTF(("xfer too short %d\n", xferlen)); 2350 goto skip; 2351 } 2352 2353 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2354 buf = data->buf; 2355 while (xferlen > 8) { 2356 dmalen = letoh32(*(uint32_t *)buf) & 0xffff; 2357 2358 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) { 2359 DPRINTF(("bad DMA length %u\n", dmalen)); 2360 break; 2361 } 2362 if (__predict_false(dmalen + 8 > xferlen)) { 2363 DPRINTF(("bad DMA length %u > %d\n", 2364 dmalen + 8, xferlen)); 2365 break; 2366 } 2367 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen, &ml); 2368 buf += dmalen + 8; 2369 xferlen -= dmalen + 8; 2370 } 2371 if_input(&sc->sc_ic.ic_if, &ml); 2372 2373 skip: /* setup a new transfer */ 2374 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ, 2375 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof); 2376 (void)usbd_transfer(data->xfer); 2377 } 2378 2379 void 2380 run_txeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 2381 { 2382 struct run_tx_data *data = priv; 2383 struct run_softc *sc = data->sc; 2384 struct run_tx_ring *txq = &sc->txq[data->qid]; 2385 struct ifnet *ifp = &sc->sc_ic.ic_if; 2386 int s; 2387 2388 s = splnet(); 2389 txq->queued--; 2390 sc->qfullmsk &= ~(1 << data->qid); 2391 2392 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2393 DPRINTF(("TX status=%d\n", status)); 2394 if (status == USBD_STALLED) 2395 usbd_clear_endpoint_stall_async(txq->pipeh); 2396 ifp->if_oerrors++; 2397 splx(s); 2398 return; 2399 } 2400 2401 sc->sc_tx_timer = 0; 2402 ifq_clr_oactive(&ifp->if_snd); 2403 run_start(ifp); 2404 splx(s); 2405 } 2406 2407 int 2408 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2409 { 2410 struct ieee80211com *ic = &sc->sc_ic; 2411 struct run_node *rn = (void *)ni; 2412 struct ieee80211_frame *wh; 2413 struct run_tx_ring *ring; 2414 struct run_tx_data *data; 2415 struct rt2870_txd *txd; 2416 struct rt2860_txwi *txwi; 2417 uint16_t qos, dur; 2418 uint16_t txwisize; 2419 uint8_t type, mcs, tid, qid; 2420 int error, hasqos, ridx, ctl_ridx, xferlen; 2421 2422 wh = mtod(m, struct ieee80211_frame *); 2423 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2424 2425 if ((hasqos = ieee80211_has_qos(wh))) { 2426 qos = ieee80211_get_qos(wh); 2427 tid = qos & IEEE80211_QOS_TID; 2428 qid = ieee80211_up_to_ac(ic, tid); 2429 } else { 2430 qos = 0; 2431 tid = 0; 2432 qid = EDCA_AC_BE; 2433 } 2434 ring = &sc->txq[qid]; 2435 data = &ring->data[ring->cur]; 2436 2437 /* pickup a rate index */ 2438 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2439 type != IEEE80211_FC0_TYPE_DATA) { 2440 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2441 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2442 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2443 } else if (ic->ic_fixed_rate != -1) { 2444 ridx = sc->fixed_ridx; 2445 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2446 } else { 2447 ridx = rn->ridx[ni->ni_txrate]; 2448 ctl_ridx = rn->ctl_ridx[ni->ni_txrate]; 2449 } 2450 2451 /* get MCS code from rate index */ 2452 mcs = rt2860_rates[ridx].mcs; 2453 2454 txwisize = sizeof(struct rt2860_txwi); 2455 if (sc->mac_ver == 0x5592) 2456 txwisize += sizeof(uint32_t); 2457 xferlen = txwisize + m->m_pkthdr.len; 2458 2459 /* roundup to 32-bit alignment */ 2460 xferlen = (xferlen + 3) & ~3; 2461 2462 txd = (struct rt2870_txd *)data->buf; 2463 txd->flags = RT2860_TX_QSEL_EDCA; 2464 txd->len = htole16(xferlen); 2465 2466 /* setup TX Wireless Information */ 2467 txwi = (struct rt2860_txwi *)(txd + 1); 2468 txwi->flags = 0; 2469 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ; 2470 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2471 RUN_AID2WCID(ni->ni_associd) : 0xff; 2472 txwi->len = htole16(m->m_pkthdr.len); 2473 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2474 txwi->phy = htole16(RT2860_PHY_CCK); 2475 if (ridx != RT2860_RIDX_CCK1 && 2476 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2477 mcs |= RT2860_PHY_SHPRE; 2478 } else 2479 txwi->phy = htole16(RT2860_PHY_OFDM); 2480 txwi->phy |= htole16(mcs); 2481 2482 txwi->txop = RT2860_TX_TXOP_BACKOFF; 2483 2484 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2485 (!hasqos || (qos & IEEE80211_QOS_ACK_POLICY_MASK) != 2486 IEEE80211_QOS_ACK_POLICY_NOACK)) { 2487 txwi->xflags |= RT2860_TX_ACK; 2488 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2489 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 2490 else 2491 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 2492 *(uint16_t *)wh->i_dur = htole16(dur); 2493 } 2494 2495 #if NBPFILTER > 0 2496 if (__predict_false(sc->sc_drvbpf != NULL)) { 2497 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2498 struct mbuf mb; 2499 2500 tap->wt_flags = 0; 2501 tap->wt_rate = rt2860_rates[ridx].rate; 2502 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 2503 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 2504 if (mcs & RT2860_PHY_SHPRE) 2505 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2506 2507 mb.m_data = (caddr_t)tap; 2508 mb.m_len = sc->sc_txtap_len; 2509 mb.m_next = m; 2510 mb.m_nextpkt = NULL; 2511 mb.m_type = 0; 2512 mb.m_flags = 0; 2513 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 2514 } 2515 #endif 2516 2517 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)txwi + txwisize); 2518 m_freem(m); 2519 2520 xferlen += sizeof (*txd) + 4; 2521 2522 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen, 2523 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof); 2524 error = usbd_transfer(data->xfer); 2525 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 2526 return error; 2527 2528 ieee80211_release_node(ic, ni); 2529 2530 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT; 2531 if (++ring->queued >= RUN_TX_RING_COUNT) 2532 sc->qfullmsk |= 1 << qid; 2533 2534 return 0; 2535 } 2536 2537 void 2538 run_start(struct ifnet *ifp) 2539 { 2540 struct run_softc *sc = ifp->if_softc; 2541 struct ieee80211com *ic = &sc->sc_ic; 2542 struct ieee80211_node *ni; 2543 struct mbuf *m; 2544 2545 if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(&ifp->if_snd)) 2546 return; 2547 2548 for (;;) { 2549 if (sc->qfullmsk != 0) { 2550 ifq_set_oactive(&ifp->if_snd); 2551 break; 2552 } 2553 /* send pending management frames first */ 2554 m = mq_dequeue(&ic->ic_mgtq); 2555 if (m != NULL) { 2556 ni = m->m_pkthdr.ph_cookie; 2557 goto sendit; 2558 } 2559 if (ic->ic_state != IEEE80211_S_RUN) 2560 break; 2561 2562 /* encapsulate and send data frames */ 2563 m = ifq_dequeue(&ifp->if_snd); 2564 if (m == NULL) 2565 break; 2566 #if NBPFILTER > 0 2567 if (ifp->if_bpf != NULL) 2568 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 2569 #endif 2570 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 2571 continue; 2572 sendit: 2573 #if NBPFILTER > 0 2574 if (ic->ic_rawbpf != NULL) 2575 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 2576 #endif 2577 if (run_tx(sc, m, ni) != 0) { 2578 ieee80211_release_node(ic, ni); 2579 ifp->if_oerrors++; 2580 continue; 2581 } 2582 2583 sc->sc_tx_timer = 5; 2584 ifp->if_timer = 1; 2585 } 2586 } 2587 2588 void 2589 run_watchdog(struct ifnet *ifp) 2590 { 2591 struct run_softc *sc = ifp->if_softc; 2592 2593 ifp->if_timer = 0; 2594 2595 if (sc->sc_tx_timer > 0) { 2596 if (--sc->sc_tx_timer == 0) { 2597 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 2598 /* run_init(ifp); XXX needs a process context! */ 2599 ifp->if_oerrors++; 2600 return; 2601 } 2602 ifp->if_timer = 1; 2603 } 2604 2605 ieee80211_watchdog(ifp); 2606 } 2607 2608 int 2609 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2610 { 2611 struct run_softc *sc = ifp->if_softc; 2612 struct ieee80211com *ic = &sc->sc_ic; 2613 int s, error = 0; 2614 2615 if (usbd_is_dying(sc->sc_udev)) 2616 return ENXIO; 2617 2618 usbd_ref_incr(sc->sc_udev); 2619 2620 s = splnet(); 2621 2622 switch (cmd) { 2623 case SIOCSIFADDR: 2624 ifp->if_flags |= IFF_UP; 2625 /* FALLTHROUGH */ 2626 case SIOCSIFFLAGS: 2627 if (ifp->if_flags & IFF_UP) { 2628 if (!(ifp->if_flags & IFF_RUNNING)) 2629 run_init(ifp); 2630 } else { 2631 if (ifp->if_flags & IFF_RUNNING) 2632 run_stop(ifp, 1); 2633 } 2634 break; 2635 2636 case SIOCS80211CHANNEL: 2637 /* 2638 * This allows for fast channel switching in monitor mode 2639 * (used by kismet). 2640 */ 2641 error = ieee80211_ioctl(ifp, cmd, data); 2642 if (error == ENETRESET && 2643 ic->ic_opmode == IEEE80211_M_MONITOR) { 2644 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2645 (IFF_UP | IFF_RUNNING)) 2646 run_set_chan(sc, ic->ic_ibss_chan); 2647 error = 0; 2648 } 2649 break; 2650 2651 default: 2652 error = ieee80211_ioctl(ifp, cmd, data); 2653 } 2654 2655 if (error == ENETRESET) { 2656 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2657 (IFF_UP | IFF_RUNNING)) { 2658 run_stop(ifp, 0); 2659 run_init(ifp); 2660 } 2661 error = 0; 2662 } 2663 2664 splx(s); 2665 2666 usbd_ref_decr(sc->sc_udev); 2667 2668 return error; 2669 } 2670 2671 void 2672 run_iq_calib(struct run_softc *sc, u_int chan) 2673 { 2674 uint16_t val; 2675 2676 /* Tx0 IQ gain. */ 2677 run_bbp_write(sc, 158, 0x2c); 2678 if (chan <= 14) 2679 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val); 2680 else if (chan <= 64) { 2681 run_efuse_read(sc, 2682 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, &val); 2683 } else if (chan <= 138) { 2684 run_efuse_read(sc, 2685 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, &val); 2686 } else if (chan <= 165) { 2687 run_efuse_read(sc, 2688 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 2689 &val); 2690 } else 2691 val = 0; 2692 run_bbp_write(sc, 159, val); 2693 2694 /* Tx0 IQ phase. */ 2695 run_bbp_write(sc, 158, 0x2d); 2696 if (chan <= 14) { 2697 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, &val); 2698 } else if (chan <= 64) { 2699 run_efuse_read(sc, 2700 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, &val); 2701 } else if (chan <= 138) { 2702 run_efuse_read(sc, 2703 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, &val); 2704 } else if (chan <= 165) { 2705 run_efuse_read(sc, 2706 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, &val); 2707 } else 2708 val = 0; 2709 run_bbp_write(sc, 159, val); 2710 2711 /* Tx1 IQ gain. */ 2712 run_bbp_write(sc, 158, 0x4a); 2713 if (chan <= 14) { 2714 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, &val); 2715 } else if (chan <= 64) { 2716 run_efuse_read(sc, 2717 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, &val); 2718 } else if (chan <= 138) { 2719 run_efuse_read(sc, 2720 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, &val); 2721 } else if (chan <= 165) { 2722 run_efuse_read(sc, 2723 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, &val); 2724 } else 2725 val = 0; 2726 run_bbp_write(sc, 159, val); 2727 2728 /* Tx1 IQ phase. */ 2729 run_bbp_write(sc, 158, 0x4b); 2730 if (chan <= 14) { 2731 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, &val); 2732 } else if (chan <= 64) { 2733 run_efuse_read(sc, 2734 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, &val); 2735 } else if (chan <= 138) { 2736 run_efuse_read(sc, 2737 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, &val); 2738 } else if (chan <= 165) { 2739 run_efuse_read(sc, 2740 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, &val); 2741 } else 2742 val = 0; 2743 run_bbp_write(sc, 159, val); 2744 2745 /* RF IQ compensation control. */ 2746 run_bbp_write(sc, 158, 0x04); 2747 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, &val); 2748 run_bbp_write(sc, 159, val); 2749 2750 /* RF IQ imbalance compensation control. */ 2751 run_bbp_write(sc, 158, 0x03); 2752 run_efuse_read(sc, 2753 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val); 2754 run_bbp_write(sc, 159, val); 2755 } 2756 2757 void 2758 run_select_chan_group(struct run_softc *sc, int group) 2759 { 2760 uint32_t tmp; 2761 uint8_t agc; 2762 2763 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 2764 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 2765 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 2766 if (sc->mac_ver < 0x3572) 2767 run_bbp_write(sc, 86, 0x00); 2768 2769 if (sc->mac_ver == 0x3593) { 2770 run_bbp_write(sc, 77, 0x98); 2771 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 2772 } 2773 2774 if (group == 0) { 2775 if (sc->ext_2ghz_lna) { 2776 if (sc->mac_ver >= 0x5390) 2777 run_bbp_write(sc, 75, 0x52); 2778 else { 2779 run_bbp_write(sc, 82, 0x62); 2780 run_bbp_write(sc, 75, 0x46); 2781 } 2782 } else { 2783 if (sc->mac_ver == 0x5592) { 2784 run_bbp_write(sc, 79, 0x1c); 2785 run_bbp_write(sc, 80, 0x0e); 2786 run_bbp_write(sc, 81, 0x3a); 2787 run_bbp_write(sc, 82, 0x62); 2788 2789 run_bbp_write(sc, 195, 0x80); 2790 run_bbp_write(sc, 196, 0xe0); 2791 run_bbp_write(sc, 195, 0x81); 2792 run_bbp_write(sc, 196, 0x1f); 2793 run_bbp_write(sc, 195, 0x82); 2794 run_bbp_write(sc, 196, 0x38); 2795 run_bbp_write(sc, 195, 0x83); 2796 run_bbp_write(sc, 196, 0x32); 2797 run_bbp_write(sc, 195, 0x85); 2798 run_bbp_write(sc, 196, 0x28); 2799 run_bbp_write(sc, 195, 0x86); 2800 run_bbp_write(sc, 196, 0x19); 2801 } else if (sc->mac_ver >= 0x5390) 2802 run_bbp_write(sc, 75, 0x50); 2803 else { 2804 run_bbp_write(sc, 82, 2805 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 2806 run_bbp_write(sc, 75, 0x50); 2807 } 2808 } 2809 } else { 2810 if (sc->mac_ver == 0x5592) { 2811 run_bbp_write(sc, 79, 0x18); 2812 run_bbp_write(sc, 80, 0x08); 2813 run_bbp_write(sc, 81, 0x38); 2814 run_bbp_write(sc, 82, 0x92); 2815 2816 run_bbp_write(sc, 195, 0x80); 2817 run_bbp_write(sc, 196, 0xf0); 2818 run_bbp_write(sc, 195, 0x81); 2819 run_bbp_write(sc, 196, 0x1e); 2820 run_bbp_write(sc, 195, 0x82); 2821 run_bbp_write(sc, 196, 0x28); 2822 run_bbp_write(sc, 195, 0x83); 2823 run_bbp_write(sc, 196, 0x20); 2824 run_bbp_write(sc, 195, 0x85); 2825 run_bbp_write(sc, 196, 0x7f); 2826 run_bbp_write(sc, 195, 0x86); 2827 run_bbp_write(sc, 196, 0x7f); 2828 } else if (sc->mac_ver == 0x3572) 2829 run_bbp_write(sc, 82, 0x94); 2830 else 2831 run_bbp_write(sc, 82, 2832 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 2833 if (sc->ext_5ghz_lna) 2834 run_bbp_write(sc, 75, 0x46); 2835 else 2836 run_bbp_write(sc, 75, 0x50); 2837 } 2838 2839 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 2840 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 2841 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 2842 run_write(sc, RT2860_TX_BAND_CFG, tmp); 2843 2844 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 2845 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 2846 if (sc->mac_ver == 0x3593) 2847 tmp |= 1 << 29 | 1 << 28; 2848 if (sc->nrxchains > 1) 2849 tmp |= RT2860_LNA_PE1_EN; 2850 if (group == 0) { /* 2GHz */ 2851 tmp |= RT2860_PA_PE_G0_EN; 2852 if (sc->ntxchains > 1) 2853 tmp |= RT2860_PA_PE_G1_EN; 2854 if (sc->mac_ver == 0x3593) { 2855 if (sc->ntxchains > 2) 2856 tmp |= 1 << 25; 2857 } 2858 } else { /* 5GHz */ 2859 tmp |= RT2860_PA_PE_A0_EN; 2860 if (sc->ntxchains > 1) 2861 tmp |= RT2860_PA_PE_A1_EN; 2862 } 2863 if (sc->mac_ver == 0x3572) { 2864 run_rt3070_rf_write(sc, 8, 0x00); 2865 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2866 run_rt3070_rf_write(sc, 8, 0x80); 2867 } else 2868 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2869 2870 if (sc->mac_ver == 0x5592) { 2871 run_bbp_write(sc, 195, 0x8d); 2872 run_bbp_write(sc, 196, 0x1a); 2873 } 2874 2875 if (sc->mac_ver == 0x3593) { 2876 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2877 tmp &= ~0x01010000; 2878 if (group == 0) 2879 tmp |= 0x00010000; 2880 tmp = (tmp & ~0x00009090) | 0x00000090; 2881 run_write(sc, RT2860_GPIO_CTRL, tmp); 2882 } 2883 2884 /* set initial AGC value */ 2885 if (group == 0) { /* 2GHz band */ 2886 if (sc->mac_ver >= 0x3070) 2887 agc = 0x1c + sc->lna[0] * 2; 2888 else 2889 agc = 0x2e + sc->lna[0]; 2890 } else { /* 5GHz band */ 2891 if (sc->mac_ver == 0x5592) 2892 agc = 0x24 + sc->lna[group] * 2; 2893 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 2894 agc = 0x22 + (sc->lna[group] * 5) / 3; 2895 else 2896 agc = 0x32 + (sc->lna[group] * 5) / 3; 2897 } 2898 run_set_agc(sc, agc); 2899 } 2900 2901 void 2902 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 2903 { 2904 const struct rfprog *rfprog = rt2860_rf2850; 2905 uint32_t r2, r3, r4; 2906 int8_t txpow1, txpow2; 2907 int i; 2908 2909 /* find the settings for this channel (we know it exists) */ 2910 for (i = 0; rfprog[i].chan != chan; i++); 2911 2912 r2 = rfprog[i].r2; 2913 if (sc->ntxchains == 1) 2914 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 2915 if (sc->nrxchains == 1) 2916 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2917 else if (sc->nrxchains == 2) 2918 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 2919 2920 /* use Tx power values from EEPROM */ 2921 txpow1 = sc->txpow1[i]; 2922 txpow2 = sc->txpow2[i]; 2923 if (chan > 14) { 2924 if (txpow1 >= 0) 2925 txpow1 = txpow1 << 1 | 1; 2926 else 2927 txpow1 = (7 + txpow1) << 1; 2928 if (txpow2 >= 0) 2929 txpow2 = txpow2 << 1 | 1; 2930 else 2931 txpow2 = (7 + txpow2) << 1; 2932 } 2933 r3 = rfprog[i].r3 | txpow1 << 7; 2934 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 2935 2936 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2937 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2938 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2939 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2940 2941 DELAY(200); 2942 2943 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2944 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2945 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 2946 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2947 2948 DELAY(200); 2949 2950 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2951 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2952 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2953 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2954 } 2955 2956 void 2957 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 2958 { 2959 int8_t txpow1, txpow2; 2960 uint8_t rf; 2961 int i; 2962 2963 /* find the settings for this channel (we know it exists) */ 2964 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 2965 2966 /* use Tx power values from EEPROM */ 2967 txpow1 = sc->txpow1[i]; 2968 txpow2 = sc->txpow2[i]; 2969 2970 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2971 2972 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 2973 run_rt3070_rf_read(sc, 3, &rf); 2974 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 2975 run_rt3070_rf_write(sc, 3, rf); 2976 2977 run_rt3070_rf_read(sc, 6, &rf); 2978 rf = (rf & ~0x03) | rt3070_freqs[i].r; 2979 run_rt3070_rf_write(sc, 6, rf); 2980 2981 /* set Tx0 power */ 2982 run_rt3070_rf_read(sc, 12, &rf); 2983 rf = (rf & ~0x1f) | txpow1; 2984 run_rt3070_rf_write(sc, 12, rf); 2985 2986 /* set Tx1 power */ 2987 run_rt3070_rf_read(sc, 13, &rf); 2988 rf = (rf & ~0x1f) | txpow2; 2989 run_rt3070_rf_write(sc, 13, rf); 2990 2991 run_rt3070_rf_read(sc, 1, &rf); 2992 rf &= ~0xfc; 2993 if (sc->ntxchains == 1) 2994 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2995 else if (sc->ntxchains == 2) 2996 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2997 if (sc->nrxchains == 1) 2998 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2999 else if (sc->nrxchains == 2) 3000 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 3001 run_rt3070_rf_write(sc, 1, rf); 3002 3003 /* set RF offset */ 3004 run_rt3070_rf_read(sc, 23, &rf); 3005 rf = (rf & ~0x7f) | sc->freq; 3006 run_rt3070_rf_write(sc, 23, rf); 3007 3008 /* program RF filter */ 3009 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 3010 rf = (rf & ~0x3f) | sc->rf24_20mhz; 3011 run_rt3070_rf_write(sc, 24, rf); 3012 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 3013 rf = (rf & ~0x3f) | sc->rf24_20mhz; 3014 run_rt3070_rf_write(sc, 31, rf); 3015 3016 /* enable RF tuning */ 3017 run_rt3070_rf_read(sc, 7, &rf); 3018 run_rt3070_rf_write(sc, 7, rf | 0x01); 3019 } 3020 3021 void 3022 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 3023 { 3024 int8_t txpow1, txpow2; 3025 uint32_t tmp; 3026 uint8_t rf; 3027 int i; 3028 3029 /* find the settings for this channel (we know it exists) */ 3030 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3031 3032 /* use Tx power values from EEPROM */ 3033 txpow1 = sc->txpow1[i]; 3034 txpow2 = sc->txpow2[i]; 3035 3036 if (chan <= 14) { 3037 run_bbp_write(sc, 25, sc->bbp25); 3038 run_bbp_write(sc, 26, sc->bbp26); 3039 } else { 3040 /* enable IQ phase correction */ 3041 run_bbp_write(sc, 25, 0x09); 3042 run_bbp_write(sc, 26, 0xff); 3043 } 3044 3045 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 3046 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 3047 run_rt3070_rf_read(sc, 6, &rf); 3048 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 3049 rf |= (chan <= 14) ? 0x08 : 0x04; 3050 run_rt3070_rf_write(sc, 6, rf); 3051 3052 /* set PLL mode */ 3053 run_rt3070_rf_read(sc, 5, &rf); 3054 rf &= ~(0x08 | 0x04); 3055 rf |= (chan <= 14) ? 0x04 : 0x08; 3056 run_rt3070_rf_write(sc, 5, rf); 3057 3058 /* set Tx power for chain 0 */ 3059 if (chan <= 14) 3060 rf = 0x60 | txpow1; 3061 else 3062 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 3063 run_rt3070_rf_write(sc, 12, rf); 3064 3065 /* set Tx power for chain 1 */ 3066 if (chan <= 14) 3067 rf = 0x60 | txpow2; 3068 else 3069 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 3070 run_rt3070_rf_write(sc, 13, rf); 3071 3072 /* set Tx/Rx streams */ 3073 run_rt3070_rf_read(sc, 1, &rf); 3074 rf &= ~0xfc; 3075 if (sc->ntxchains == 1) 3076 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 3077 else if (sc->ntxchains == 2) 3078 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 3079 if (sc->nrxchains == 1) 3080 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 3081 else if (sc->nrxchains == 2) 3082 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 3083 run_rt3070_rf_write(sc, 1, rf); 3084 3085 /* set RF offset */ 3086 run_rt3070_rf_read(sc, 23, &rf); 3087 rf = (rf & ~0x7f) | sc->freq; 3088 run_rt3070_rf_write(sc, 23, rf); 3089 3090 /* program RF filter */ 3091 rf = sc->rf24_20mhz; 3092 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 3093 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 3094 3095 /* enable RF tuning */ 3096 run_rt3070_rf_read(sc, 7, &rf); 3097 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 3098 run_rt3070_rf_write(sc, 7, rf); 3099 3100 /* TSSI */ 3101 rf = (chan <= 14) ? 0xc3 : 0xc0; 3102 run_rt3070_rf_write(sc, 9, rf); 3103 3104 /* set loop filter 1 */ 3105 run_rt3070_rf_write(sc, 10, 0xf1); 3106 /* set loop filter 2 */ 3107 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 3108 3109 /* set tx_mx2_ic */ 3110 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 3111 /* set tx_mx1_ic */ 3112 if (chan <= 14) 3113 rf = 0x48 | sc->txmixgain_2ghz; 3114 else 3115 rf = 0x78 | sc->txmixgain_5ghz; 3116 run_rt3070_rf_write(sc, 16, rf); 3117 3118 /* set tx_lo1 */ 3119 run_rt3070_rf_write(sc, 17, 0x23); 3120 /* set tx_lo2 */ 3121 if (chan <= 14) 3122 rf = 0x93; 3123 else if (chan <= 64) 3124 rf = 0xb7; 3125 else if (chan <= 128) 3126 rf = 0x74; 3127 else 3128 rf = 0x72; 3129 run_rt3070_rf_write(sc, 19, rf); 3130 3131 /* set rx_lo1 */ 3132 if (chan <= 14) 3133 rf = 0xb3; 3134 else if (chan <= 64) 3135 rf = 0xf6; 3136 else if (chan <= 128) 3137 rf = 0xf4; 3138 else 3139 rf = 0xf3; 3140 run_rt3070_rf_write(sc, 20, rf); 3141 3142 /* set pfd_delay */ 3143 if (chan <= 14) 3144 rf = 0x15; 3145 else if (chan <= 64) 3146 rf = 0x3d; 3147 else 3148 rf = 0x01; 3149 run_rt3070_rf_write(sc, 25, rf); 3150 3151 /* set rx_lo2 */ 3152 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 3153 /* set ldo_rf_vc */ 3154 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 3155 /* set drv_cc */ 3156 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 3157 3158 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3159 tmp &= ~0x8080; 3160 if (chan <= 14) 3161 tmp |= 0x80; 3162 run_write(sc, RT2860_GPIO_CTRL, tmp); 3163 3164 /* enable RF tuning */ 3165 run_rt3070_rf_read(sc, 7, &rf); 3166 run_rt3070_rf_write(sc, 7, rf | 0x01); 3167 3168 DELAY(2000); 3169 } 3170 3171 void 3172 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 3173 { 3174 int8_t txpow1, txpow2, txpow3; 3175 uint8_t h20mhz, rf; 3176 int i; 3177 3178 /* find the settings for this channel (we know it exists) */ 3179 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3180 3181 /* use Tx power values from EEPROM */ 3182 txpow1 = sc->txpow1[i]; 3183 txpow2 = sc->txpow2[i]; 3184 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 3185 3186 if (chan <= 14) { 3187 run_bbp_write(sc, 25, sc->bbp25); 3188 run_bbp_write(sc, 26, sc->bbp26); 3189 } else { 3190 /* Enable IQ phase correction. */ 3191 run_bbp_write(sc, 25, 0x09); 3192 run_bbp_write(sc, 26, 0xff); 3193 } 3194 3195 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 3196 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 3197 run_rt3070_rf_read(sc, 11, &rf); 3198 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 3199 run_rt3070_rf_write(sc, 11, rf); 3200 3201 /* Set pll_idoh. */ 3202 run_rt3070_rf_read(sc, 11, &rf); 3203 rf &= ~0x4c; 3204 rf |= (chan <= 14) ? 0x44 : 0x48; 3205 run_rt3070_rf_write(sc, 11, rf); 3206 3207 if (chan <= 14) 3208 rf = txpow1 & 0x1f; 3209 else 3210 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 3211 run_rt3070_rf_write(sc, 53, rf); 3212 3213 if (chan <= 14) 3214 rf = txpow2 & 0x1f; 3215 else 3216 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 3217 run_rt3070_rf_write(sc, 55, rf); 3218 3219 if (chan <= 14) 3220 rf = txpow3 & 0x1f; 3221 else 3222 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 3223 run_rt3070_rf_write(sc, 54, rf); 3224 3225 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 3226 if (sc->ntxchains == 3) 3227 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 3228 else 3229 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 3230 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 3231 run_rt3070_rf_write(sc, 1, rf); 3232 3233 run_adjust_freq_offset(sc); 3234 3235 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 3236 3237 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 3238 run_rt3070_rf_read(sc, 30, &rf); 3239 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 3240 run_rt3070_rf_write(sc, 30, rf); 3241 3242 run_rt3070_rf_read(sc, 36, &rf); 3243 if (chan <= 14) 3244 rf |= 0x80; 3245 else 3246 rf &= ~0x80; 3247 run_rt3070_rf_write(sc, 36, rf); 3248 3249 /* Set vcolo_bs. */ 3250 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 3251 /* Set pfd_delay. */ 3252 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 3253 3254 /* Set vco bias current control. */ 3255 run_rt3070_rf_read(sc, 6, &rf); 3256 rf &= ~0xc0; 3257 if (chan <= 14) 3258 rf |= 0x40; 3259 else if (chan <= 128) 3260 rf |= 0x80; 3261 else 3262 rf |= 0x40; 3263 run_rt3070_rf_write(sc, 6, rf); 3264 3265 run_rt3070_rf_read(sc, 30, &rf); 3266 rf = (rf & ~0x18) | 0x10; 3267 run_rt3070_rf_write(sc, 30, rf); 3268 3269 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 3270 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 3271 3272 run_rt3070_rf_read(sc, 51, &rf); 3273 rf = (rf & ~0x03) | 0x01; 3274 run_rt3070_rf_write(sc, 51, rf); 3275 /* Set tx_mx1_cc. */ 3276 run_rt3070_rf_read(sc, 51, &rf); 3277 rf &= ~0x1c; 3278 rf |= (chan <= 14) ? 0x14 : 0x10; 3279 run_rt3070_rf_write(sc, 51, rf); 3280 /* Set tx_mx1_ic. */ 3281 run_rt3070_rf_read(sc, 51, &rf); 3282 rf &= ~0xe0; 3283 rf |= (chan <= 14) ? 0x60 : 0x40; 3284 run_rt3070_rf_write(sc, 51, rf); 3285 /* Set tx_lo1_ic. */ 3286 run_rt3070_rf_read(sc, 49, &rf); 3287 rf &= ~0x1c; 3288 rf |= (chan <= 14) ? 0x0c : 0x08; 3289 run_rt3070_rf_write(sc, 49, rf); 3290 /* Set tx_lo1_en. */ 3291 run_rt3070_rf_read(sc, 50, &rf); 3292 run_rt3070_rf_write(sc, 50, rf & ~0x20); 3293 /* Set drv_cc. */ 3294 run_rt3070_rf_read(sc, 57, &rf); 3295 rf &= ~0xfc; 3296 rf |= (chan <= 14) ? 0x6c : 0x3c; 3297 run_rt3070_rf_write(sc, 57, rf); 3298 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 3299 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 3300 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 3301 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 3302 /* Enable VCO calibration. */ 3303 run_rt3070_rf_read(sc, 3, &rf); 3304 rf &= ~RT3593_VCOCAL; 3305 rf |= (chan <= 14) ? RT3593_VCOCAL : 0xbe; 3306 run_rt3070_rf_write(sc, 3, rf); 3307 3308 if (chan <= 14) 3309 rf = 0x23; 3310 else if (chan <= 64) 3311 rf = 0x36; 3312 else if (chan <= 128) 3313 rf = 0x32; 3314 else 3315 rf = 0x30; 3316 run_rt3070_rf_write(sc, 39, rf); 3317 if (chan <= 14) 3318 rf = 0xbb; 3319 else if (chan <= 64) 3320 rf = 0xeb; 3321 else if (chan <= 128) 3322 rf = 0xb3; 3323 else 3324 rf = 0x9b; 3325 run_rt3070_rf_write(sc, 45, rf); 3326 3327 /* Set FEQ/AEQ control. */ 3328 run_bbp_write(sc, 105, 0x34); 3329 } 3330 3331 void 3332 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 3333 { 3334 int8_t txpow1, txpow2; 3335 uint8_t rf; 3336 int i; 3337 3338 /* find the settings for this channel (we know it exists) */ 3339 for (i = 0; rt2860_rf2850[i].chan != chan; i++); 3340 3341 /* use Tx power values from EEPROM */ 3342 txpow1 = sc->txpow1[i]; 3343 txpow2 = sc->txpow2[i]; 3344 3345 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 3346 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 3347 run_rt3070_rf_read(sc, 11, &rf); 3348 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 3349 run_rt3070_rf_write(sc, 11, rf); 3350 3351 run_rt3070_rf_read(sc, 49, &rf); 3352 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 3353 /* The valid range of the RF R49 is 0x00 to 0x27. */ 3354 if ((rf & 0x3f) > 0x27) 3355 rf = (rf & ~0x3f) | 0x27; 3356 run_rt3070_rf_write(sc, 49, rf); 3357 3358 if (sc->mac_ver == 0x5392) { 3359 run_rt3070_rf_read(sc, 50, &rf); 3360 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 3361 /* The valid range of the RF R50 is 0x00 to 0x27. */ 3362 if ((rf & 0x3f) > 0x27) 3363 rf = (rf & ~0x3f) | 0x27; 3364 run_rt3070_rf_write(sc, 50, rf); 3365 } 3366 3367 run_rt3070_rf_read(sc, 1, &rf); 3368 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 3369 if (sc->mac_ver == 0x5392) 3370 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 3371 run_rt3070_rf_write(sc, 1, rf); 3372 3373 if (sc->mac_ver != 0x5392) { 3374 run_rt3070_rf_read(sc, 2, &rf); 3375 rf |= 0x80; 3376 run_rt3070_rf_write(sc, 2, rf); 3377 DELAY(10); 3378 rf &= 0x7f; 3379 run_rt3070_rf_write(sc, 2, rf); 3380 } 3381 3382 run_adjust_freq_offset(sc); 3383 3384 if (sc->mac_ver == 0x5392) { 3385 /* Fix for RT5392C. */ 3386 if (sc->mac_rev >= 0x0223) { 3387 if (chan <= 4) 3388 rf = 0x0f; 3389 else if (chan >= 5 && chan <= 7) 3390 rf = 0x0e; 3391 else 3392 rf = 0x0d; 3393 run_rt3070_rf_write(sc, 23, rf); 3394 3395 if (chan <= 4) 3396 rf = 0x0c; 3397 else if (chan == 5) 3398 rf = 0x0b; 3399 else if (chan >= 6 && chan <= 7) 3400 rf = 0x0a; 3401 else if (chan >= 8 && chan <= 10) 3402 rf = 0x09; 3403 else 3404 rf = 0x08; 3405 run_rt3070_rf_write(sc, 59, rf); 3406 } else { 3407 if (chan <= 11) 3408 rf = 0x0f; 3409 else 3410 rf = 0x0b; 3411 run_rt3070_rf_write(sc, 59, rf); 3412 } 3413 } else { 3414 /* Fix for RT5390F. */ 3415 if (sc->mac_rev >= 0x0502) { 3416 if (chan <= 11) 3417 rf = 0x43; 3418 else 3419 rf = 0x23; 3420 run_rt3070_rf_write(sc, 55, rf); 3421 3422 if (chan <= 11) 3423 rf = 0x0f; 3424 else if (chan == 12) 3425 rf = 0x0d; 3426 else 3427 rf = 0x0b; 3428 run_rt3070_rf_write(sc, 59, rf); 3429 } else { 3430 run_rt3070_rf_write(sc, 55, 0x44); 3431 run_rt3070_rf_write(sc, 59, 0x8f); 3432 } 3433 } 3434 3435 /* Enable VCO calibration. */ 3436 run_rt3070_rf_read(sc, 3, &rf); 3437 rf |= RT3593_VCOCAL; 3438 run_rt3070_rf_write(sc, 3, rf); 3439 } 3440 3441 void 3442 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 3443 { 3444 const struct rt5592_freqs *freqs; 3445 uint32_t tmp; 3446 uint8_t reg, rf, txpow_bound; 3447 int8_t txpow1, txpow2; 3448 int i; 3449 3450 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 3451 freqs = (tmp & RT5592_SEL_XTAL) ? 3452 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 3453 3454 /* find the settings for this channel (we know it exists) */ 3455 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++); 3456 3457 /* use Tx power values from EEPROM */ 3458 txpow1 = sc->txpow1[i]; 3459 txpow2 = sc->txpow2[i]; 3460 3461 run_read(sc, RT3070_LDO_CFG0, &tmp); 3462 tmp &= ~0x1c000000; 3463 if (chan > 14) 3464 tmp |= 0x14000000; 3465 run_write(sc, RT3070_LDO_CFG0, tmp); 3466 3467 /* N setting. */ 3468 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 3469 run_rt3070_rf_read(sc, 9, &rf); 3470 rf &= ~(1 << 4); 3471 rf |= ((freqs->n & 0x0100) >> 8) << 4; 3472 run_rt3070_rf_write(sc, 9, rf); 3473 3474 /* K setting. */ 3475 run_rt3070_rf_read(sc, 9, &rf); 3476 rf &= ~0x0f; 3477 rf |= (freqs->k & 0x0f); 3478 run_rt3070_rf_write(sc, 9, rf); 3479 3480 /* Mode setting. */ 3481 run_rt3070_rf_read(sc, 11, &rf); 3482 rf &= ~0x0c; 3483 rf |= ((freqs->m - 0x8) & 0x3) << 2; 3484 run_rt3070_rf_write(sc, 11, rf); 3485 run_rt3070_rf_read(sc, 9, &rf); 3486 rf &= ~(1 << 7); 3487 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 3488 run_rt3070_rf_write(sc, 9, rf); 3489 3490 /* R setting. */ 3491 run_rt3070_rf_read(sc, 11, &rf); 3492 rf &= ~0x03; 3493 rf |= (freqs->r - 0x1); 3494 run_rt3070_rf_write(sc, 11, rf); 3495 3496 if (chan <= 14) { 3497 /* Initialize RF registers for 2GHZ. */ 3498 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 3499 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 3500 rt5592_2ghz_def_rf[i].val); 3501 } 3502 3503 rf = (chan <= 10) ? 0x07 : 0x06; 3504 run_rt3070_rf_write(sc, 23, rf); 3505 run_rt3070_rf_write(sc, 59, rf); 3506 3507 run_rt3070_rf_write(sc, 55, 0x43); 3508 3509 /* 3510 * RF R49/R50 Tx power ALC code. 3511 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 3512 */ 3513 reg = 2; 3514 txpow_bound = 0x27; 3515 } else { 3516 /* Initialize RF registers for 5GHZ. */ 3517 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 3518 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 3519 rt5592_5ghz_def_rf[i].val); 3520 } 3521 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 3522 if (chan >= rt5592_chan_5ghz[i].firstchan && 3523 chan <= rt5592_chan_5ghz[i].lastchan) { 3524 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 3525 rt5592_chan_5ghz[i].val); 3526 } 3527 } 3528 3529 /* 3530 * RF R49/R50 Tx power ALC code. 3531 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 3532 */ 3533 reg = 3; 3534 txpow_bound = 0x2b; 3535 } 3536 3537 /* RF R49 ch0 Tx power ALC code. */ 3538 run_rt3070_rf_read(sc, 49, &rf); 3539 rf &= ~0xc0; 3540 rf |= (reg << 6); 3541 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 3542 if ((rf & 0x3f) > txpow_bound) 3543 rf = (rf & ~0x3f) | txpow_bound; 3544 run_rt3070_rf_write(sc, 49, rf); 3545 3546 /* RF R50 ch1 Tx power ALC code. */ 3547 run_rt3070_rf_read(sc, 50, &rf); 3548 rf &= ~(1 << 7 | 1 << 6); 3549 rf |= (reg << 6); 3550 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 3551 if ((rf & 0x3f) > txpow_bound) 3552 rf = (rf & ~0x3f) | txpow_bound; 3553 run_rt3070_rf_write(sc, 50, rf); 3554 3555 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 3556 run_rt3070_rf_read(sc, 1, &rf); 3557 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 3558 if (sc->ntxchains > 1) 3559 rf |= RT3070_TX1_PD; 3560 if (sc->nrxchains > 1) 3561 rf |= RT3070_RX1_PD; 3562 run_rt3070_rf_write(sc, 1, rf); 3563 3564 run_rt3070_rf_write(sc, 6, 0xe4); 3565 3566 run_rt3070_rf_write(sc, 30, 0x10); 3567 run_rt3070_rf_write(sc, 31, 0x80); 3568 run_rt3070_rf_write(sc, 32, 0x80); 3569 3570 run_adjust_freq_offset(sc); 3571 3572 /* Enable VCO calibration. */ 3573 run_rt3070_rf_read(sc, 3, &rf); 3574 rf |= RT3593_VCOCAL; 3575 run_rt3070_rf_write(sc, 3, rf); 3576 } 3577 3578 void 3579 run_set_agc(struct run_softc *sc, uint8_t agc) 3580 { 3581 uint8_t bbp; 3582 3583 if (sc->mac_ver == 0x3572) { 3584 run_bbp_read(sc, 27, &bbp); 3585 bbp &= ~(0x3 << 5); 3586 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3587 run_bbp_write(sc, 66, agc); 3588 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3589 run_bbp_write(sc, 66, agc); 3590 } else 3591 run_bbp_write(sc, 66, agc); 3592 } 3593 3594 void 3595 run_set_rx_antenna(struct run_softc *sc, int aux) 3596 { 3597 uint32_t tmp; 3598 uint8_t bbp152; 3599 3600 if (aux) { 3601 if (sc->rf_rev == RT5390_RF_5370) { 3602 run_bbp_read(sc, 152, &bbp152); 3603 run_bbp_write(sc, 152, bbp152 & ~0x80); 3604 } else { 3605 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 3606 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3607 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 3608 } 3609 } else { 3610 if (sc->rf_rev == RT5390_RF_5370) { 3611 run_bbp_read(sc, 152, &bbp152); 3612 run_bbp_write(sc, 152, bbp152 | 0x80); 3613 } else { 3614 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 3615 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3616 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 3617 } 3618 } 3619 } 3620 3621 int 3622 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 3623 { 3624 struct ieee80211com *ic = &sc->sc_ic; 3625 u_int chan, group; 3626 3627 chan = ieee80211_chan2ieee(ic, c); 3628 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 3629 return EINVAL; 3630 3631 if (sc->mac_ver == 0x5592) 3632 run_rt5592_set_chan(sc, chan); 3633 else if (sc->mac_ver >= 0x5390) 3634 run_rt5390_set_chan(sc, chan); 3635 else if (sc->mac_ver == 0x3593) 3636 run_rt3593_set_chan(sc, chan); 3637 else if (sc->mac_ver == 0x3572) 3638 run_rt3572_set_chan(sc, chan); 3639 else if (sc->mac_ver >= 0x3070) 3640 run_rt3070_set_chan(sc, chan); 3641 else 3642 run_rt2870_set_chan(sc, chan); 3643 3644 /* determine channel group */ 3645 if (chan <= 14) 3646 group = 0; 3647 else if (chan <= 64) 3648 group = 1; 3649 else if (chan <= 128) 3650 group = 2; 3651 else 3652 group = 3; 3653 3654 /* XXX necessary only when group has changed! */ 3655 run_select_chan_group(sc, group); 3656 3657 DELAY(1000); 3658 3659 /* Perform IQ calibration. */ 3660 if (sc->mac_ver >= 0x5392) 3661 run_iq_calib(sc, chan); 3662 3663 return 0; 3664 } 3665 3666 void 3667 run_enable_tsf_sync(struct run_softc *sc) 3668 { 3669 struct ieee80211com *ic = &sc->sc_ic; 3670 uint32_t tmp; 3671 3672 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3673 tmp &= ~0x1fffff; 3674 tmp |= ic->ic_bss->ni_intval * 16; 3675 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 3676 /* local TSF is always updated with remote TSF on beacon reception */ 3677 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 3678 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3679 } 3680 3681 void 3682 run_enable_mrr(struct run_softc *sc) 3683 { 3684 #define CCK(mcs) (mcs) 3685 #define OFDM(mcs) (1 << 3 | (mcs)) 3686 run_write(sc, RT2860_LG_FBK_CFG0, 3687 OFDM(6) << 28 | /* 54->48 */ 3688 OFDM(5) << 24 | /* 48->36 */ 3689 OFDM(4) << 20 | /* 36->24 */ 3690 OFDM(3) << 16 | /* 24->18 */ 3691 OFDM(2) << 12 | /* 18->12 */ 3692 OFDM(1) << 8 | /* 12-> 9 */ 3693 OFDM(0) << 4 | /* 9-> 6 */ 3694 OFDM(0)); /* 6-> 6 */ 3695 3696 run_write(sc, RT2860_LG_FBK_CFG1, 3697 CCK(2) << 12 | /* 11->5.5 */ 3698 CCK(1) << 8 | /* 5.5-> 2 */ 3699 CCK(0) << 4 | /* 2-> 1 */ 3700 CCK(0)); /* 1-> 1 */ 3701 #undef OFDM 3702 #undef CCK 3703 } 3704 3705 void 3706 run_set_txpreamble(struct run_softc *sc) 3707 { 3708 uint32_t tmp; 3709 3710 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 3711 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 3712 tmp |= RT2860_CCK_SHORT_EN; 3713 else 3714 tmp &= ~RT2860_CCK_SHORT_EN; 3715 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 3716 } 3717 3718 void 3719 run_set_basicrates(struct run_softc *sc) 3720 { 3721 struct ieee80211com *ic = &sc->sc_ic; 3722 3723 /* set basic rates mask */ 3724 if (ic->ic_curmode == IEEE80211_MODE_11B) 3725 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 3726 else if (ic->ic_curmode == IEEE80211_MODE_11A) 3727 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 3728 else /* 11g */ 3729 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 3730 } 3731 3732 void 3733 run_set_leds(struct run_softc *sc, uint16_t which) 3734 { 3735 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 3736 which | (sc->leds & 0x7f)); 3737 } 3738 3739 void 3740 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 3741 { 3742 run_write(sc, RT2860_MAC_BSSID_DW0, 3743 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3744 run_write(sc, RT2860_MAC_BSSID_DW1, 3745 bssid[4] | bssid[5] << 8); 3746 } 3747 3748 void 3749 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 3750 { 3751 run_write(sc, RT2860_MAC_ADDR_DW0, 3752 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3753 run_write(sc, RT2860_MAC_ADDR_DW1, 3754 addr[4] | addr[5] << 8 | 0xff << 16); 3755 } 3756 3757 void 3758 run_updateslot(struct ieee80211com *ic) 3759 { 3760 /* do it in a process context */ 3761 run_do_async(ic->ic_softc, run_updateslot_cb, NULL, 0); 3762 } 3763 3764 /* ARGSUSED */ 3765 void 3766 run_updateslot_cb(struct run_softc *sc, void *arg) 3767 { 3768 uint32_t tmp; 3769 3770 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 3771 tmp &= ~0xff; 3772 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 3773 IEEE80211_DUR_DS_SHSLOT : IEEE80211_DUR_DS_SLOT; 3774 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 3775 } 3776 3777 #if NBPFILTER > 0 3778 int8_t 3779 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 3780 { 3781 struct ieee80211com *ic = &sc->sc_ic; 3782 struct ieee80211_channel *c = ic->ic_ibss_chan; 3783 int delta; 3784 3785 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3786 u_int chan = ieee80211_chan2ieee(ic, c); 3787 delta = sc->rssi_5ghz[rxchain]; 3788 3789 /* determine channel group */ 3790 if (chan <= 64) 3791 delta -= sc->lna[1]; 3792 else if (chan <= 128) 3793 delta -= sc->lna[2]; 3794 else 3795 delta -= sc->lna[3]; 3796 } else 3797 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 3798 3799 return -12 - delta - rssi; 3800 } 3801 #endif 3802 3803 void 3804 run_rt5390_bbp_init(struct run_softc *sc) 3805 { 3806 int i; 3807 uint8_t bbp; 3808 3809 /* Apply maximum likelihood detection for 2 stream case. */ 3810 run_bbp_read(sc, 105, &bbp); 3811 if (sc->nrxchains > 1) 3812 run_bbp_write(sc, 105, bbp | RT5390_MLD); 3813 3814 /* Avoid data lost and CRC error. */ 3815 run_bbp_read(sc, 4, &bbp); 3816 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 3817 3818 if (sc->mac_ver == 0x5592) { 3819 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 3820 run_bbp_write(sc, rt5592_def_bbp[i].reg, 3821 rt5592_def_bbp[i].val); 3822 } 3823 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 3824 run_bbp_write(sc, 195, i + 0x80); 3825 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 3826 } 3827 } else { 3828 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 3829 run_bbp_write(sc, rt5390_def_bbp[i].reg, 3830 rt5390_def_bbp[i].val); 3831 } 3832 } 3833 if (sc->mac_ver == 0x5392) { 3834 run_bbp_write(sc, 88, 0x90); 3835 run_bbp_write(sc, 95, 0x9a); 3836 run_bbp_write(sc, 98, 0x12); 3837 run_bbp_write(sc, 106, 0x12); 3838 run_bbp_write(sc, 134, 0xd0); 3839 run_bbp_write(sc, 135, 0xf6); 3840 run_bbp_write(sc, 148, 0x84); 3841 } 3842 3843 run_bbp_read(sc, 152, &bbp); 3844 run_bbp_write(sc, 152, bbp | 0x80); 3845 3846 /* Fix BBP254 for RT5592C. */ 3847 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 3848 run_bbp_read(sc, 254, &bbp); 3849 run_bbp_write(sc, 254, bbp | 0x80); 3850 } 3851 3852 /* Disable hardware antenna diversity. */ 3853 if (sc->mac_ver == 0x5390) 3854 run_bbp_write(sc, 154, 0); 3855 3856 /* Initialize Rx CCK/OFDM frequency offset report. */ 3857 run_bbp_write(sc, 142, 1); 3858 run_bbp_write(sc, 143, 57); 3859 } 3860 3861 int 3862 run_bbp_init(struct run_softc *sc) 3863 { 3864 int i, error, ntries; 3865 uint8_t bbp0; 3866 3867 /* wait for BBP to wake up */ 3868 for (ntries = 0; ntries < 20; ntries++) { 3869 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 3870 return error; 3871 if (bbp0 != 0 && bbp0 != 0xff) 3872 break; 3873 } 3874 if (ntries == 20) 3875 return ETIMEDOUT; 3876 3877 /* initialize BBP registers to default values */ 3878 if (sc->mac_ver >= 0x5390) 3879 run_rt5390_bbp_init(sc); 3880 else { 3881 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 3882 run_bbp_write(sc, rt2860_def_bbp[i].reg, 3883 rt2860_def_bbp[i].val); 3884 } 3885 } 3886 3887 if (sc->mac_ver == 0x3593) { 3888 run_bbp_write(sc, 79, 0x13); 3889 run_bbp_write(sc, 80, 0x05); 3890 run_bbp_write(sc, 81, 0x33); 3891 run_bbp_write(sc, 86, 0x46); 3892 run_bbp_write(sc, 137, 0x0f); 3893 } 3894 3895 /* fix BBP84 for RT2860E */ 3896 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 3897 run_bbp_write(sc, 84, 0x19); 3898 3899 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 3900 sc->mac_ver != 0x5592)) { 3901 run_bbp_write(sc, 79, 0x13); 3902 run_bbp_write(sc, 80, 0x05); 3903 run_bbp_write(sc, 81, 0x33); 3904 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 3905 run_bbp_write(sc, 69, 0x16); 3906 run_bbp_write(sc, 73, 0x12); 3907 } 3908 return 0; 3909 } 3910 3911 int 3912 run_rt3070_rf_init(struct run_softc *sc) 3913 { 3914 uint32_t tmp; 3915 uint8_t bbp4, mingain, rf, target; 3916 int i; 3917 3918 run_rt3070_rf_read(sc, 30, &rf); 3919 /* toggle RF R30 bit 7 */ 3920 run_rt3070_rf_write(sc, 30, rf | 0x80); 3921 DELAY(1000); 3922 run_rt3070_rf_write(sc, 30, rf & ~0x80); 3923 3924 /* initialize RF registers to default value */ 3925 if (sc->mac_ver == 0x3572) { 3926 for (i = 0; i < nitems(rt3572_def_rf); i++) { 3927 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 3928 rt3572_def_rf[i].val); 3929 } 3930 } else { 3931 for (i = 0; i < nitems(rt3070_def_rf); i++) { 3932 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3933 rt3070_def_rf[i].val); 3934 } 3935 } 3936 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 3937 /* 3938 * Change voltage from 1.2V to 1.35V for RT3070. 3939 * The DAC issue (RT3070_LDO_CFG0) has been fixed 3940 * in RT3070(F). 3941 */ 3942 run_read(sc, RT3070_LDO_CFG0, &tmp); 3943 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3944 run_write(sc, RT3070_LDO_CFG0, tmp); 3945 3946 } else if (sc->mac_ver == 0x3071) { 3947 run_rt3070_rf_read(sc, 6, &rf); 3948 run_rt3070_rf_write(sc, 6, rf | 0x40); 3949 run_rt3070_rf_write(sc, 31, 0x14); 3950 3951 run_read(sc, RT3070_LDO_CFG0, &tmp); 3952 tmp &= ~0x1f000000; 3953 if (sc->mac_rev < 0x0211) 3954 tmp |= 0x0d000000; /* 1.35V */ 3955 else 3956 tmp |= 0x01000000; /* 1.2V */ 3957 run_write(sc, RT3070_LDO_CFG0, tmp); 3958 3959 /* patch LNA_PE_G1 */ 3960 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3961 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3962 3963 } else if (sc->mac_ver == 0x3572) { 3964 run_rt3070_rf_read(sc, 6, &rf); 3965 run_rt3070_rf_write(sc, 6, rf | 0x40); 3966 /* increase voltage from 1.2V to 1.35V */ 3967 run_read(sc, RT3070_LDO_CFG0, &tmp); 3968 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3969 run_write(sc, RT3070_LDO_CFG0, tmp); 3970 3971 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 3972 DELAY(1); /* wait for 1msec */ 3973 /* decrease voltage back to 1.2V */ 3974 tmp = (tmp & ~0x1f000000) | 0x01000000; 3975 run_write(sc, RT3070_LDO_CFG0, tmp); 3976 } 3977 } 3978 3979 /* select 20MHz bandwidth */ 3980 run_rt3070_rf_read(sc, 31, &rf); 3981 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3982 3983 /* calibrate filter for 20MHz bandwidth */ 3984 sc->rf24_20mhz = 0x1f; /* default value */ 3985 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 3986 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 3987 3988 /* select 40MHz bandwidth */ 3989 run_bbp_read(sc, 4, &bbp4); 3990 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 3991 run_rt3070_rf_read(sc, 31, &rf); 3992 run_rt3070_rf_write(sc, 31, rf | 0x20); 3993 3994 /* calibrate filter for 40MHz bandwidth */ 3995 sc->rf24_40mhz = 0x2f; /* default value */ 3996 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 3997 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 3998 3999 /* go back to 20MHz bandwidth */ 4000 run_bbp_read(sc, 4, &bbp4); 4001 run_bbp_write(sc, 4, bbp4 & ~0x18); 4002 4003 if (sc->mac_ver == 0x3572) { 4004 /* save default BBP registers 25 and 26 values */ 4005 run_bbp_read(sc, 25, &sc->bbp25); 4006 run_bbp_read(sc, 26, &sc->bbp26); 4007 4008 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 4009 run_rt3070_rf_write(sc, 27, 0x03); 4010 4011 run_read(sc, RT3070_OPT_14, &tmp); 4012 run_write(sc, RT3070_OPT_14, tmp | 1); 4013 4014 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 4015 run_rt3070_rf_read(sc, 17, &rf); 4016 rf &= ~RT3070_TX_LO1; 4017 if ((sc->mac_ver == 0x3070 || 4018 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 4019 !sc->ext_2ghz_lna) 4020 rf |= 0x20; /* fix for long range Rx issue */ 4021 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 4022 if (sc->txmixgain_2ghz >= mingain) 4023 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 4024 run_rt3070_rf_write(sc, 17, rf); 4025 } 4026 if (sc->mac_ver == 0x3071) { 4027 run_rt3070_rf_read(sc, 1, &rf); 4028 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 4029 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 4030 run_rt3070_rf_write(sc, 1, rf); 4031 4032 run_rt3070_rf_read(sc, 15, &rf); 4033 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 4034 4035 run_rt3070_rf_read(sc, 20, &rf); 4036 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 4037 4038 run_rt3070_rf_read(sc, 21, &rf); 4039 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 4040 } 4041 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 4042 /* fix Tx to Rx IQ glitch by raising RF voltage */ 4043 run_rt3070_rf_read(sc, 27, &rf); 4044 rf &= ~0x77; 4045 if (sc->mac_rev < 0x0211) 4046 rf |= 0x03; 4047 run_rt3070_rf_write(sc, 27, rf); 4048 } 4049 return 0; 4050 } 4051 4052 void 4053 run_rt3593_rf_init(struct run_softc *sc) 4054 { 4055 uint32_t tmp; 4056 uint8_t rf; 4057 int i; 4058 4059 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 4060 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 4061 tmp &= ~(1 << 4 | 1 << 7); 4062 run_write(sc, RT3070_GPIO_SWITCH, tmp); 4063 4064 /* Initialize RF registers to default value. */ 4065 for (i = 0; i < nitems(rt3593_def_rf); i++) { 4066 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 4067 rt3593_def_rf[i].val); 4068 } 4069 4070 /* Toggle RF R2 to initiate calibration. */ 4071 run_rt3070_rf_write(sc, 2, RT3593_RESCAL); 4072 4073 /* Initialize RF frequency offset. */ 4074 run_adjust_freq_offset(sc); 4075 4076 run_rt3070_rf_read(sc, 18, &rf); 4077 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 4078 4079 /* 4080 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 4081 * decrease voltage back to 1.2V. 4082 */ 4083 run_read(sc, RT3070_LDO_CFG0, &tmp); 4084 tmp = (tmp & ~0x1f000000) | 0x0d000000; 4085 run_write(sc, RT3070_LDO_CFG0, tmp); 4086 DELAY(1); 4087 tmp = (tmp & ~0x1f000000) | 0x01000000; 4088 run_write(sc, RT3070_LDO_CFG0, tmp); 4089 4090 sc->rf24_20mhz = 0x1f; 4091 sc->rf24_40mhz = 0x2f; 4092 4093 /* Save default BBP registers 25 and 26 values. */ 4094 run_bbp_read(sc, 25, &sc->bbp25); 4095 run_bbp_read(sc, 26, &sc->bbp26); 4096 4097 run_read(sc, RT3070_OPT_14, &tmp); 4098 run_write(sc, RT3070_OPT_14, tmp | 1); 4099 } 4100 4101 void 4102 run_rt5390_rf_init(struct run_softc *sc) 4103 { 4104 uint32_t tmp; 4105 uint8_t rf; 4106 int i; 4107 4108 /* Toggle RF R2 to initiate calibration. */ 4109 if (sc->mac_ver == 0x5390) { 4110 run_rt3070_rf_read(sc, 2, &rf); 4111 run_rt3070_rf_write(sc, 2, rf | RT3593_RESCAL); 4112 DELAY(10); 4113 run_rt3070_rf_write(sc, 2, rf & ~RT3593_RESCAL); 4114 } else { 4115 run_rt3070_rf_write(sc, 2, RT3593_RESCAL); 4116 DELAY(10); 4117 } 4118 4119 /* Initialize RF registers to default value. */ 4120 if (sc->mac_ver == 0x5592) { 4121 for (i = 0; i < nitems(rt5592_def_rf); i++) { 4122 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 4123 rt5592_def_rf[i].val); 4124 } 4125 /* Initialize RF frequency offset. */ 4126 run_adjust_freq_offset(sc); 4127 } else if (sc->mac_ver == 0x5392) { 4128 for (i = 0; i < nitems(rt5392_def_rf); i++) { 4129 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 4130 rt5392_def_rf[i].val); 4131 } 4132 if (sc->mac_rev >= 0x0223) { 4133 run_rt3070_rf_write(sc, 23, 0x0f); 4134 run_rt3070_rf_write(sc, 24, 0x3e); 4135 run_rt3070_rf_write(sc, 51, 0x32); 4136 run_rt3070_rf_write(sc, 53, 0x22); 4137 run_rt3070_rf_write(sc, 56, 0xc1); 4138 run_rt3070_rf_write(sc, 59, 0x0f); 4139 } 4140 } else { 4141 for (i = 0; i < nitems(rt5390_def_rf); i++) { 4142 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 4143 rt5390_def_rf[i].val); 4144 } 4145 if (sc->mac_rev >= 0x0502) { 4146 run_rt3070_rf_write(sc, 6, 0xe0); 4147 run_rt3070_rf_write(sc, 25, 0x80); 4148 run_rt3070_rf_write(sc, 46, 0x73); 4149 run_rt3070_rf_write(sc, 53, 0x00); 4150 run_rt3070_rf_write(sc, 56, 0x42); 4151 run_rt3070_rf_write(sc, 61, 0xd1); 4152 } 4153 } 4154 4155 sc->rf24_20mhz = 0x1f; /* default value */ 4156 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 4157 4158 if (sc->mac_rev < 0x0211) 4159 run_rt3070_rf_write(sc, 27, 0x3); 4160 4161 run_read(sc, RT3070_OPT_14, &tmp); 4162 run_write(sc, RT3070_OPT_14, tmp | 1); 4163 } 4164 4165 int 4166 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 4167 uint8_t *val) 4168 { 4169 uint8_t rf22, rf24; 4170 uint8_t bbp55_pb, bbp55_sb, delta; 4171 int ntries; 4172 4173 /* program filter */ 4174 run_rt3070_rf_read(sc, 24, &rf24); 4175 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 4176 run_rt3070_rf_write(sc, 24, rf24); 4177 4178 /* enable baseband loopback mode */ 4179 run_rt3070_rf_read(sc, 22, &rf22); 4180 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 4181 4182 /* set power and frequency of passband test tone */ 4183 run_bbp_write(sc, 24, 0x00); 4184 for (ntries = 0; ntries < 100; ntries++) { 4185 /* transmit test tone */ 4186 run_bbp_write(sc, 25, 0x90); 4187 DELAY(1000); 4188 /* read received power */ 4189 run_bbp_read(sc, 55, &bbp55_pb); 4190 if (bbp55_pb != 0) 4191 break; 4192 } 4193 if (ntries == 100) 4194 return ETIMEDOUT; 4195 4196 /* set power and frequency of stopband test tone */ 4197 run_bbp_write(sc, 24, 0x06); 4198 for (ntries = 0; ntries < 100; ntries++) { 4199 /* transmit test tone */ 4200 run_bbp_write(sc, 25, 0x90); 4201 DELAY(1000); 4202 /* read received power */ 4203 run_bbp_read(sc, 55, &bbp55_sb); 4204 4205 delta = bbp55_pb - bbp55_sb; 4206 if (delta > target) 4207 break; 4208 4209 /* reprogram filter */ 4210 rf24++; 4211 run_rt3070_rf_write(sc, 24, rf24); 4212 } 4213 if (ntries < 100) { 4214 if (rf24 != init) 4215 rf24--; /* backtrack */ 4216 *val = rf24; 4217 run_rt3070_rf_write(sc, 24, rf24); 4218 } 4219 4220 /* restore initial state */ 4221 run_bbp_write(sc, 24, 0x00); 4222 4223 /* disable baseband loopback mode */ 4224 run_rt3070_rf_read(sc, 22, &rf22); 4225 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 4226 4227 return 0; 4228 } 4229 4230 void 4231 run_rt3070_rf_setup(struct run_softc *sc) 4232 { 4233 uint8_t bbp, rf; 4234 int i; 4235 4236 if (sc->mac_ver == 0x3572) { 4237 /* enable DC filter */ 4238 if (sc->mac_rev >= 0x0201) 4239 run_bbp_write(sc, 103, 0xc0); 4240 4241 run_bbp_read(sc, 138, &bbp); 4242 if (sc->ntxchains == 1) 4243 bbp |= 0x20; /* turn off DAC1 */ 4244 if (sc->nrxchains == 1) 4245 bbp &= ~0x02; /* turn off ADC1 */ 4246 run_bbp_write(sc, 138, bbp); 4247 4248 if (sc->mac_rev >= 0x0211) { 4249 /* improve power consumption */ 4250 run_bbp_read(sc, 31, &bbp); 4251 run_bbp_write(sc, 31, bbp & ~0x03); 4252 } 4253 4254 run_rt3070_rf_read(sc, 16, &rf); 4255 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 4256 run_rt3070_rf_write(sc, 16, rf); 4257 4258 } else if (sc->mac_ver == 0x3071) { 4259 /* enable DC filter */ 4260 if (sc->mac_rev >= 0x0211) { 4261 run_bbp_write(sc, 103, 0xc0); 4262 4263 /* improve power consumption */ 4264 run_bbp_read(sc, 31, &bbp); 4265 run_bbp_write(sc, 31, bbp & ~0x03); 4266 } 4267 4268 run_bbp_read(sc, 138, &bbp); 4269 if (sc->ntxchains == 1) 4270 bbp |= 0x20; /* turn off DAC1 */ 4271 if (sc->nrxchains == 1) 4272 bbp &= ~0x02; /* turn off ADC1 */ 4273 run_bbp_write(sc, 138, bbp); 4274 4275 run_write(sc, RT2860_TX_SW_CFG1, 0); 4276 if (sc->mac_rev < 0x0211) { 4277 run_write(sc, RT2860_TX_SW_CFG2, 4278 sc->patch_dac ? 0x2c : 0x0f); 4279 } else 4280 run_write(sc, RT2860_TX_SW_CFG2, 0); 4281 4282 } else if (sc->mac_ver == 0x3070) { 4283 if (sc->mac_rev >= 0x0201) { 4284 /* enable DC filter */ 4285 run_bbp_write(sc, 103, 0xc0); 4286 4287 /* improve power consumption */ 4288 run_bbp_read(sc, 31, &bbp); 4289 run_bbp_write(sc, 31, bbp & ~0x03); 4290 } 4291 4292 if (sc->mac_rev < 0x0201) { 4293 run_write(sc, RT2860_TX_SW_CFG1, 0); 4294 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 4295 } else 4296 run_write(sc, RT2860_TX_SW_CFG2, 0); 4297 } 4298 4299 /* initialize RF registers from ROM for >=RT3071*/ 4300 if (sc->mac_ver >= 0x3071) { 4301 for (i = 0; i < 10; i++) { 4302 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 4303 continue; 4304 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 4305 } 4306 } 4307 } 4308 4309 void 4310 run_rt3593_rf_setup(struct run_softc *sc) 4311 { 4312 uint8_t bbp, rf; 4313 4314 if (sc->mac_rev >= 0x0211) { 4315 /* Enable DC filter. */ 4316 run_bbp_write(sc, 103, 0xc0); 4317 } 4318 run_write(sc, RT2860_TX_SW_CFG1, 0); 4319 if (sc->mac_rev < 0x0211) { 4320 run_write(sc, RT2860_TX_SW_CFG2, 4321 sc->patch_dac ? 0x2c : 0x0f); 4322 } else 4323 run_write(sc, RT2860_TX_SW_CFG2, 0); 4324 4325 run_rt3070_rf_read(sc, 50, &rf); 4326 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 4327 4328 run_rt3070_rf_read(sc, 51, &rf); 4329 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 4330 ((sc->txmixgain_2ghz & 0x07) << 2); 4331 run_rt3070_rf_write(sc, 51, rf); 4332 4333 run_rt3070_rf_read(sc, 38, &rf); 4334 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 4335 4336 run_rt3070_rf_read(sc, 39, &rf); 4337 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 4338 4339 run_rt3070_rf_read(sc, 1, &rf); 4340 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 4341 4342 run_rt3070_rf_read(sc, 30, &rf); 4343 rf = (rf & ~0x18) | 0x10; 4344 run_rt3070_rf_write(sc, 30, rf); 4345 4346 /* Apply maximum likelihood detection for 2 stream case. */ 4347 run_bbp_read(sc, 105, &bbp); 4348 if (sc->nrxchains > 1) 4349 run_bbp_write(sc, 105, bbp | RT5390_MLD); 4350 4351 /* Avoid data lost and CRC error. */ 4352 run_bbp_read(sc, 4, &bbp); 4353 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 4354 4355 run_bbp_write(sc, 92, 0x02); 4356 run_bbp_write(sc, 82, 0x82); 4357 run_bbp_write(sc, 106, 0x05); 4358 run_bbp_write(sc, 104, 0x92); 4359 run_bbp_write(sc, 88, 0x90); 4360 run_bbp_write(sc, 148, 0xc8); 4361 run_bbp_write(sc, 47, 0x48); 4362 run_bbp_write(sc, 120, 0x50); 4363 4364 run_bbp_write(sc, 163, 0x9d); 4365 4366 /* SNR mapping. */ 4367 run_bbp_write(sc, 142, 0x06); 4368 run_bbp_write(sc, 143, 0xa0); 4369 run_bbp_write(sc, 142, 0x07); 4370 run_bbp_write(sc, 143, 0xa1); 4371 run_bbp_write(sc, 142, 0x08); 4372 run_bbp_write(sc, 143, 0xa2); 4373 4374 run_bbp_write(sc, 31, 0x08); 4375 run_bbp_write(sc, 68, 0x0b); 4376 run_bbp_write(sc, 105, 0x04); 4377 } 4378 4379 void 4380 run_rt5390_rf_setup(struct run_softc *sc) 4381 { 4382 uint8_t bbp, rf; 4383 4384 if (sc->mac_rev >= 0x0211) { 4385 /* Enable DC filter. */ 4386 run_bbp_write(sc, 103, 0xc0); 4387 4388 if (sc->mac_ver != 0x5592) { 4389 /* Improve power consumption. */ 4390 run_bbp_read(sc, 31, &bbp); 4391 run_bbp_write(sc, 31, bbp & ~0x03); 4392 } 4393 } 4394 4395 run_bbp_read(sc, 138, &bbp); 4396 if (sc->ntxchains == 1) 4397 bbp |= 0x20; /* turn off DAC1 */ 4398 if (sc->nrxchains == 1) 4399 bbp &= ~0x02; /* turn off ADC1 */ 4400 run_bbp_write(sc, 138, bbp); 4401 4402 run_rt3070_rf_read(sc, 38, &rf); 4403 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 4404 4405 run_rt3070_rf_read(sc, 39, &rf); 4406 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 4407 4408 /* Avoid data lost and CRC error. */ 4409 run_bbp_read(sc, 4, &bbp); 4410 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 4411 4412 run_rt3070_rf_read(sc, 30, &rf); 4413 rf = (rf & ~0x18) | 0x10; 4414 run_rt3070_rf_write(sc, 30, rf); 4415 4416 if (sc->mac_ver != 0x5592) { 4417 run_write(sc, RT2860_TX_SW_CFG1, 0); 4418 if (sc->mac_rev < 0x0211) { 4419 run_write(sc, RT2860_TX_SW_CFG2, 4420 sc->patch_dac ? 0x2c : 0x0f); 4421 } else 4422 run_write(sc, RT2860_TX_SW_CFG2, 0); 4423 } 4424 } 4425 4426 int 4427 run_txrx_enable(struct run_softc *sc) 4428 { 4429 uint32_t tmp; 4430 int error, ntries; 4431 4432 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 4433 for (ntries = 0; ntries < 200; ntries++) { 4434 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 4435 return error; 4436 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4437 break; 4438 DELAY(1000); 4439 } 4440 if (ntries == 200) 4441 return ETIMEDOUT; 4442 4443 DELAY(50); 4444 4445 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 4446 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4447 4448 /* enable Rx bulk aggregation (set timeout and limit) */ 4449 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 4450 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 4451 run_write(sc, RT2860_USB_DMA_CFG, tmp); 4452 4453 /* set Rx filter */ 4454 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 4455 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) { 4456 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 4457 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 4458 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 4459 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 4460 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA) 4461 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 4462 } 4463 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 4464 4465 run_write(sc, RT2860_MAC_SYS_CTRL, 4466 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4467 4468 return 0; 4469 } 4470 4471 void 4472 run_adjust_freq_offset(struct run_softc *sc) 4473 { 4474 uint8_t rf, tmp; 4475 4476 run_rt3070_rf_read(sc, 17, &rf); 4477 tmp = rf; 4478 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 4479 rf = MIN(rf, 0x5f); 4480 4481 if (tmp != rf) 4482 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 4483 } 4484 4485 int 4486 run_init(struct ifnet *ifp) 4487 { 4488 struct run_softc *sc = ifp->if_softc; 4489 struct ieee80211com *ic = &sc->sc_ic; 4490 uint32_t tmp; 4491 uint8_t bbp1, bbp3; 4492 int i, error, qid, ridx, ntries; 4493 4494 if (usbd_is_dying(sc->sc_udev)) 4495 return ENXIO; 4496 4497 for (ntries = 0; ntries < 100; ntries++) { 4498 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0) 4499 goto fail; 4500 if (tmp != 0 && tmp != 0xffffffff) 4501 break; 4502 DELAY(10); 4503 } 4504 if (ntries == 100) { 4505 error = ETIMEDOUT; 4506 goto fail; 4507 } 4508 4509 if ((error = run_load_microcode(sc)) != 0) { 4510 printf("%s: could not load 8051 microcode\n", 4511 sc->sc_dev.dv_xname); 4512 goto fail; 4513 } 4514 4515 /* init host command ring */ 4516 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 4517 4518 /* init Tx rings (4 EDCAs) */ 4519 for (qid = 0; qid < 4; qid++) { 4520 if ((error = run_alloc_tx_ring(sc, qid)) != 0) 4521 goto fail; 4522 } 4523 /* init Rx ring */ 4524 if ((error = run_alloc_rx_ring(sc)) != 0) 4525 goto fail; 4526 4527 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 4528 run_set_macaddr(sc, ic->ic_myaddr); 4529 4530 for (ntries = 0; ntries < 100; ntries++) { 4531 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 4532 goto fail; 4533 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4534 break; 4535 DELAY(1000); 4536 } 4537 if (ntries == 100) { 4538 printf("%s: timeout waiting for DMA engine\n", 4539 sc->sc_dev.dv_xname); 4540 error = ETIMEDOUT; 4541 goto fail; 4542 } 4543 tmp &= 0xff0; 4544 tmp |= RT2860_TX_WB_DDONE; 4545 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4546 4547 /* turn off PME_OEN to solve high-current issue */ 4548 run_read(sc, RT2860_SYS_CTRL, &tmp); 4549 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 4550 4551 run_write(sc, RT2860_MAC_SYS_CTRL, 4552 RT2860_BBP_HRST | RT2860_MAC_SRST); 4553 run_write(sc, RT2860_USB_DMA_CFG, 0); 4554 4555 if ((error = run_reset(sc)) != 0) { 4556 printf("%s: could not reset chipset\n", sc->sc_dev.dv_xname); 4557 goto fail; 4558 } 4559 4560 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4561 4562 /* init Tx power for all Tx rates (from EEPROM) */ 4563 for (ridx = 0; ridx < 5; ridx++) { 4564 if (sc->txpow20mhz[ridx] == 0xffffffff) 4565 continue; 4566 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 4567 } 4568 4569 for (i = 0; i < nitems(rt2870_def_mac); i++) 4570 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 4571 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 4572 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 4573 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 4574 4575 if (sc->mac_ver >= 0x5390) { 4576 run_write(sc, RT2860_TX_SW_CFG0, 4577 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 4578 if (sc->mac_ver >= 0x5392) { 4579 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 4580 if (sc->mac_ver == 0x5592) { 4581 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 4582 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 4583 } else { 4584 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 4585 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 4586 } 4587 } 4588 } else if (sc->mac_ver == 0x3593) { 4589 run_write(sc, RT2860_TX_SW_CFG0, 4590 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 4591 } else if (sc->mac_ver >= 0x3070) { 4592 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 4593 run_write(sc, RT2860_TX_SW_CFG0, 4594 4 << RT2860_DLY_PAPE_EN_SHIFT); 4595 } 4596 4597 /* wait while MAC is busy */ 4598 for (ntries = 0; ntries < 100; ntries++) { 4599 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0) 4600 goto fail; 4601 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 4602 break; 4603 DELAY(1000); 4604 } 4605 if (ntries == 100) { 4606 error = ETIMEDOUT; 4607 goto fail; 4608 } 4609 4610 /* clear Host to MCU mailbox */ 4611 run_write(sc, RT2860_H2M_BBPAGENT, 0); 4612 run_write(sc, RT2860_H2M_MAILBOX, 0); 4613 DELAY(1000); 4614 4615 if ((error = run_bbp_init(sc)) != 0) { 4616 printf("%s: could not initialize BBP\n", sc->sc_dev.dv_xname); 4617 goto fail; 4618 } 4619 4620 /* abort TSF synchronization */ 4621 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4622 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4623 RT2860_TBTT_TIMER_EN); 4624 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 4625 4626 /* clear RX WCID search table */ 4627 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 4628 /* clear WCID attribute table */ 4629 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 4630 /* clear shared key table */ 4631 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 4632 /* clear shared key mode */ 4633 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 4634 4635 run_read(sc, RT2860_US_CYC_CNT, &tmp); 4636 tmp = (tmp & ~0xff) | 0x1e; 4637 run_write(sc, RT2860_US_CYC_CNT, tmp); 4638 4639 if (sc->mac_rev != 0x0101) 4640 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 4641 4642 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 4643 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 4644 4645 /* write vendor-specific BBP values (from EEPROM) */ 4646 if (sc->mac_ver < 0x3593) { 4647 for (i = 0; i < 8; i++) { 4648 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 4649 continue; 4650 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 4651 } 4652 } 4653 4654 /* select Main antenna for 1T1R devices */ 4655 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 4656 run_set_rx_antenna(sc, 0); 4657 4658 /* send LEDs operating mode to microcontroller */ 4659 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 4660 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 4661 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 4662 4663 if (sc->mac_ver >= 0x5390) 4664 run_rt5390_rf_init(sc); 4665 else if (sc->mac_ver == 0x3593) 4666 run_rt3593_rf_init(sc); 4667 else if (sc->mac_ver >= 0x3070) 4668 run_rt3070_rf_init(sc); 4669 4670 /* disable non-existing Rx chains */ 4671 run_bbp_read(sc, 3, &bbp3); 4672 bbp3 &= ~(1 << 3 | 1 << 4); 4673 if (sc->nrxchains == 2) 4674 bbp3 |= 1 << 3; 4675 else if (sc->nrxchains == 3) 4676 bbp3 |= 1 << 4; 4677 run_bbp_write(sc, 3, bbp3); 4678 4679 /* disable non-existing Tx chains */ 4680 run_bbp_read(sc, 1, &bbp1); 4681 if (sc->ntxchains == 1) 4682 bbp1 &= ~(1 << 3 | 1 << 4); 4683 run_bbp_write(sc, 1, bbp1); 4684 4685 if (sc->mac_ver >= 0x5390) 4686 run_rt5390_rf_setup(sc); 4687 else if (sc->mac_ver == 0x3593) 4688 run_rt3593_rf_setup(sc); 4689 else if (sc->mac_ver >= 0x3070) 4690 run_rt3070_rf_setup(sc); 4691 4692 /* select default channel */ 4693 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 4694 run_set_chan(sc, ic->ic_ibss_chan); 4695 4696 /* turn radio LED on */ 4697 run_set_leds(sc, RT2860_LED_RADIO); 4698 4699 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 4700 struct run_rx_data *data = &sc->rxq.data[i]; 4701 4702 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf, 4703 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 4704 USBD_NO_TIMEOUT, run_rxeof); 4705 error = usbd_transfer(data->xfer); 4706 if (error != 0 && error != USBD_IN_PROGRESS) 4707 goto fail; 4708 } 4709 4710 if ((error = run_txrx_enable(sc)) != 0) 4711 goto fail; 4712 4713 ifp->if_flags |= IFF_RUNNING; 4714 ifq_clr_oactive(&ifp->if_snd); 4715 4716 if (ic->ic_flags & IEEE80211_F_WEPON) { 4717 /* install WEP keys */ 4718 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 4719 if (ic->ic_nw_keys[i].k_cipher != IEEE80211_CIPHER_NONE) 4720 (void)run_set_key(ic, NULL, &ic->ic_nw_keys[i]); 4721 } 4722 } 4723 4724 if (ic->ic_opmode == IEEE80211_M_MONITOR) 4725 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 4726 else 4727 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 4728 4729 if (error != 0) 4730 fail: run_stop(ifp, 1); 4731 return error; 4732 } 4733 4734 void 4735 run_stop(struct ifnet *ifp, int disable) 4736 { 4737 struct run_softc *sc = ifp->if_softc; 4738 struct ieee80211com *ic = &sc->sc_ic; 4739 uint32_t tmp; 4740 int s, ntries, qid; 4741 4742 if (ifp->if_flags & IFF_RUNNING) 4743 run_set_leds(sc, 0); /* turn all LEDs off */ 4744 4745 sc->sc_tx_timer = 0; 4746 ifp->if_timer = 0; 4747 ifp->if_flags &= ~IFF_RUNNING; 4748 ifq_clr_oactive(&ifp->if_snd); 4749 4750 timeout_del(&sc->scan_to); 4751 timeout_del(&sc->calib_to); 4752 4753 s = splusb(); 4754 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 4755 /* wait for all queued asynchronous commands to complete */ 4756 usb_wait_task(sc->sc_udev, &sc->sc_task); 4757 splx(s); 4758 4759 /* Disable Tx/Rx DMA. */ 4760 run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp); 4761 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 4762 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4763 4764 for (ntries = 0; ntries < 100; ntries++) { 4765 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 4766 break; 4767 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4768 break; 4769 DELAY(10); 4770 } 4771 if (ntries == 100) { 4772 printf("%s: timeout waiting for DMA engine\n", 4773 sc->sc_dev.dv_xname); 4774 } 4775 4776 /* disable Tx/Rx */ 4777 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 4778 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4779 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 4780 4781 /* wait for pending Tx to complete */ 4782 for (ntries = 0; ntries < 100; ntries++) { 4783 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) 4784 break; 4785 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) 4786 break; 4787 } 4788 DELAY(1000); 4789 run_write(sc, RT2860_USB_DMA_CFG, 0); 4790 4791 /* reset adapter */ 4792 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 4793 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4794 4795 /* reset Tx and Rx rings */ 4796 sc->qfullmsk = 0; 4797 for (qid = 0; qid < 4; qid++) 4798 run_free_tx_ring(sc, qid); 4799 run_free_rx_ring(sc); 4800 } 4801