1 /* $OpenBSD: if_run.c,v 1.139 2024/04/14 03:26:25 jsg Exp $ */ 2 3 /*- 4 * Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr> 5 * Copyright (c) 2013-2014 Kevin Lo 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver. 22 * http://www.ralinktech.com/ 23 */ 24 25 #include "bpfilter.h" 26 27 #include <sys/param.h> 28 #include <sys/sockio.h> 29 #include <sys/mbuf.h> 30 #include <sys/kernel.h> 31 #include <sys/socket.h> 32 #include <sys/systm.h> 33 #include <sys/timeout.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 #include <sys/endian.h> 37 38 #include <machine/intr.h> 39 40 #if NBPFILTER > 0 41 #include <net/bpf.h> 42 #endif 43 #include <net/if.h> 44 #include <net/if_dl.h> 45 #include <net/if_media.h> 46 47 #include <netinet/in.h> 48 #include <netinet/if_ether.h> 49 50 #include <net80211/ieee80211_var.h> 51 #include <net80211/ieee80211_amrr.h> 52 #include <net80211/ieee80211_radiotap.h> 53 54 #include <dev/usb/usb.h> 55 #include <dev/usb/usbdi.h> 56 #include <dev/usb/usbdi_util.h> 57 #include <dev/usb/usbdevs.h> 58 59 #include <dev/ic/rt2860reg.h> /* shared with ral(4) */ 60 #include <dev/usb/if_runvar.h> 61 62 #ifdef RUN_DEBUG 63 #define DPRINTF(x) do { if (run_debug) printf x; } while (0) 64 #define DPRINTFN(n, x) do { if (run_debug >= (n)) printf x; } while (0) 65 int run_debug = 0; 66 #else 67 #define DPRINTF(x) 68 #define DPRINTFN(n, x) 69 #endif 70 71 #define USB_ID(v, p) { USB_VENDOR_##v, USB_PRODUCT_##v##_##p } 72 static const struct usb_devno run_devs[] = { 73 USB_ID(ABOCOM, RT2770), 74 USB_ID(ABOCOM, RT2870), 75 USB_ID(ABOCOM, RT3070), 76 USB_ID(ABOCOM, RT3071), 77 USB_ID(ABOCOM, RT3072), 78 USB_ID(ABOCOM2, RT2870_1), 79 USB_ID(ACCTON, RT2770), 80 USB_ID(ACCTON, RT2870_1), 81 USB_ID(ACCTON, RT2870_2), 82 USB_ID(ACCTON, RT2870_3), 83 USB_ID(ACCTON, RT2870_4), 84 USB_ID(ACCTON, RT2870_5), 85 USB_ID(ACCTON, RT3070), 86 USB_ID(ACCTON, RT3070_1), 87 USB_ID(ACCTON, RT3070_2), 88 USB_ID(ACCTON, RT3070_3), 89 USB_ID(ACCTON, RT3070_4), 90 USB_ID(ACCTON, RT3070_5), 91 USB_ID(ACCTON, RT3070_6), 92 USB_ID(AIRTIES, RT3070), 93 USB_ID(AIRTIES, RT3070_2), 94 USB_ID(ALLWIN, RT2070), 95 USB_ID(ALLWIN, RT2770), 96 USB_ID(ALLWIN, RT2870), 97 USB_ID(ALLWIN, RT3070), 98 USB_ID(ALLWIN, RT3071), 99 USB_ID(ALLWIN, RT3072), 100 USB_ID(ALLWIN, RT3572), 101 USB_ID(AMIGO, RT2870_1), 102 USB_ID(AMIGO, RT2870_2), 103 USB_ID(AMIT, CGWLUSB2GNR), 104 USB_ID(AMIT, RT2870_1), 105 USB_ID(AMIT2, RT2870), 106 USB_ID(ASUS, RT2870_1), 107 USB_ID(ASUS, RT2870_2), 108 USB_ID(ASUS, RT2870_3), 109 USB_ID(ASUS, RT2870_4), 110 USB_ID(ASUS, RT2870_5), 111 USB_ID(ASUS, RT3070_1), 112 USB_ID(ASUS, USBN13), 113 USB_ID(ASUS, USBN53), 114 USB_ID(ASUS, USBN66), 115 USB_ID(ASUS2, USBN11), 116 USB_ID(AZUREWAVE, RT2870_1), 117 USB_ID(AZUREWAVE, RT2870_2), 118 USB_ID(AZUREWAVE, RT3070_1), 119 USB_ID(AZUREWAVE, RT3070_2), 120 USB_ID(AZUREWAVE, RT3070_3), 121 USB_ID(AZUREWAVE, RT3070_4), 122 USB_ID(AZUREWAVE, RT3070_5), 123 USB_ID(BELKIN, F9L1103), 124 USB_ID(BELKIN, F5D8053V3), 125 USB_ID(BELKIN, F5D8055), 126 USB_ID(BELKIN, F5D8055V2), 127 USB_ID(BELKIN, F6D4050V1), 128 USB_ID(BELKIN, F6D4050V2), 129 USB_ID(BELKIN, F7D1101V2), 130 USB_ID(BELKIN, RT2870_1), 131 USB_ID(BELKIN, RT2870_2), 132 USB_ID(BEWAN, RT3070), 133 USB_ID(CISCOLINKSYS, AE1000), 134 USB_ID(CISCOLINKSYS, AM10), 135 USB_ID(CISCOLINKSYS2, RT3070), 136 USB_ID(CISCOLINKSYS3, RT3070), 137 USB_ID(CONCEPTRONIC2, RT2870_1), 138 USB_ID(CONCEPTRONIC2, RT2870_2), 139 USB_ID(CONCEPTRONIC2, RT2870_3), 140 USB_ID(CONCEPTRONIC2, RT2870_5), 141 USB_ID(CONCEPTRONIC2, RT2870_6), 142 USB_ID(CONCEPTRONIC2, RT2870_7), 143 USB_ID(CONCEPTRONIC2, RT2870_8), 144 USB_ID(CONCEPTRONIC2, RT3070_1), 145 USB_ID(CONCEPTRONIC2, RT3070_2), 146 USB_ID(CONCEPTRONIC2, RT3070_3), 147 USB_ID(CONCEPTRONIC2, VIGORN61), 148 USB_ID(COREGA, CGWLUSB300GNM), 149 USB_ID(COREGA, RT2870_1), 150 USB_ID(COREGA, RT2870_2), 151 USB_ID(COREGA, RT2870_3), 152 USB_ID(COREGA, RT3070), 153 USB_ID(CYBERTAN, RT2870), 154 USB_ID(DLINK, DWA125B2), 155 USB_ID(DLINK, DWA127), 156 USB_ID(DLINK, DWA130F1), 157 USB_ID(DLINK, DWA137A1), 158 USB_ID(DLINK, DWA140B3), 159 USB_ID(DLINK, DWA140D1), 160 USB_ID(DLINK, DWA160B2), 161 USB_ID(DLINK, DWA162), 162 USB_ID(DLINK, RT2870), 163 USB_ID(DLINK, RT3072), 164 USB_ID(DLINK2, DWA130), 165 USB_ID(DLINK2, RT2870_1), 166 USB_ID(DLINK2, RT2870_2), 167 USB_ID(DLINK2, RT3070_1), 168 USB_ID(DLINK2, RT3070_2), 169 USB_ID(DLINK2, RT3070_3), 170 USB_ID(DLINK2, RT3070_4), 171 USB_ID(DLINK2, RT3070_5), 172 USB_ID(DLINK2, RT3072), 173 USB_ID(DLINK2, RT3072_1), 174 USB_ID(DVICO, RT3070), 175 USB_ID(EDIMAX, EW7717), 176 USB_ID(EDIMAX, EW7718), 177 USB_ID(EDIMAX, EW7722UTN), 178 USB_ID(EDIMAX, RT2870_1), 179 USB_ID(ENCORE, RT3070_1), 180 USB_ID(ENCORE, RT3070_2), 181 USB_ID(ENCORE, RT3070_3), 182 USB_ID(GIGABYTE, GNWB31N), 183 USB_ID(GIGABYTE, GNWB32L), 184 USB_ID(GIGABYTE, RT2870_1), 185 USB_ID(GIGASET, RT3070_1), 186 USB_ID(GIGASET, RT3070_2), 187 USB_ID(GUILLEMOT, HWNU300), 188 USB_ID(HAWKING, HWDN2), 189 USB_ID(HAWKING, HWUN2), 190 USB_ID(HAWKING, RT2870_1), 191 USB_ID(HAWKING, RT2870_2), 192 USB_ID(HAWKING, RT2870_3), 193 USB_ID(HAWKING, RT2870_4), 194 USB_ID(HAWKING, RT2870_5), 195 USB_ID(IODATA, RT3072_1), 196 USB_ID(IODATA, RT3072_2), 197 USB_ID(IODATA, RT3072_3), 198 USB_ID(IODATA, RT3072_4), 199 USB_ID(LINKSYS4, RT3070), 200 USB_ID(LINKSYS4, WUSB100), 201 USB_ID(LINKSYS4, WUSB54GCV3), 202 USB_ID(LINKSYS4, WUSB600N), 203 USB_ID(LINKSYS4, WUSB600NV2), 204 USB_ID(LOGITEC, LANW150NU2), 205 USB_ID(LOGITEC, LANW300NU2), 206 USB_ID(LOGITEC, LANW300NU2S), 207 USB_ID(LOGITEC, RT2870_1), 208 USB_ID(LOGITEC, RT2870_2), 209 USB_ID(LOGITEC, RT2870_3), 210 USB_ID(MELCO, RT2870_1), 211 USB_ID(MELCO, RT2870_2), 212 USB_ID(MELCO, WLIUCAG300N), 213 USB_ID(MELCO, WLIUCG300N), 214 USB_ID(MELCO, WLIUCG301N), 215 USB_ID(MELCO, WLIUCGN), 216 USB_ID(MELCO, WLIUCGNHP), 217 USB_ID(MELCO, WLIUCGNM), 218 USB_ID(MELCO, WLIUCGNM2), 219 USB_ID(MOTOROLA4, RT2770), 220 USB_ID(MOTOROLA4, RT3070), 221 USB_ID(MSI, RT3070_1), 222 USB_ID(MSI, RT3070_2), 223 USB_ID(MSI, RT3070_3), 224 USB_ID(MSI, RT3070_4), 225 USB_ID(MSI, RT3070_5), 226 USB_ID(MSI, RT3070_6), 227 USB_ID(MSI, RT3070_7), 228 USB_ID(MSI, RT3070_8), 229 USB_ID(MSI, RT3070_9), 230 USB_ID(MSI, RT3070_10), 231 USB_ID(MSI, RT3070_11), 232 USB_ID(MSI, RT3070_12), 233 USB_ID(MSI, RT3070_13), 234 USB_ID(MSI, RT3070_14), 235 USB_ID(MSI, RT3070_15), 236 USB_ID(OVISLINK, RT3071), 237 USB_ID(OVISLINK, RT3072), 238 USB_ID(PARA, RT3070), 239 USB_ID(PEGATRON, RT2870), 240 USB_ID(PEGATRON, RT3070), 241 USB_ID(PEGATRON, RT3070_2), 242 USB_ID(PEGATRON, RT3070_3), 243 USB_ID(PEGATRON, RT3072), 244 USB_ID(PHILIPS, RT2870), 245 USB_ID(PLANEX2, GWUS300MINIS), 246 USB_ID(PLANEX2, GWUSMICRO300), 247 USB_ID(PLANEX2, GWUSMICRON), 248 USB_ID(PLANEX2, RT2870), 249 USB_ID(PLANEX2, RT3070), 250 USB_ID(QCOM, RT2870), 251 USB_ID(QUANTA, RT3070), 252 USB_ID(RALINK, RT2070), 253 USB_ID(RALINK, RT2770), 254 USB_ID(RALINK, RT2870), 255 USB_ID(RALINK, RT3070), 256 USB_ID(RALINK, RT3071), 257 USB_ID(RALINK, RT3072), 258 USB_ID(RALINK, RT3370), 259 USB_ID(RALINK, RT3572), 260 USB_ID(RALINK, RT3573), 261 USB_ID(RALINK, RT5370), 262 USB_ID(RALINK, RT5372), 263 USB_ID(RALINK, RT5572), 264 USB_ID(RALINK, RT8070), 265 USB_ID(SAMSUNG, WIS09ABGN), 266 USB_ID(SAMSUNG2, RT2870_1), 267 USB_ID(SENAO, RT2870_1), 268 USB_ID(SENAO, RT2870_2), 269 USB_ID(SENAO, RT2870_3), 270 USB_ID(SENAO, RT2870_4), 271 USB_ID(SENAO, RT3070), 272 USB_ID(SENAO, RT3071), 273 USB_ID(SENAO, RT3072_1), 274 USB_ID(SENAO, RT3072_2), 275 USB_ID(SENAO, RT3072_3), 276 USB_ID(SENAO, RT3072_4), 277 USB_ID(SENAO, RT3072_5), 278 USB_ID(SITECOMEU, WL302), 279 USB_ID(SITECOMEU, WL315), 280 USB_ID(SITECOMEU, WL321), 281 USB_ID(SITECOMEU, RT3070_3), 282 USB_ID(SITECOMEU, WL302), 283 USB_ID(SITECOMEU, WL344), 284 USB_ID(SITECOMEU, WL329), 285 USB_ID(SITECOMEU, WL345), 286 USB_ID(SITECOMEU, RT2870_1), 287 USB_ID(SITECOMEU, RT2870_2), 288 USB_ID(SITECOMEU, RT2870_3), 289 USB_ID(SITECOMEU, RT3070_1), 290 USB_ID(SITECOMEU, RT3072_3), 291 USB_ID(SITECOMEU, RT3072_4), 292 USB_ID(SITECOMEU, RT3072_5), 293 USB_ID(SITECOMEU, RT3072_6), 294 USB_ID(SITECOMEU, WL302), 295 USB_ID(SITECOMEU, WL315), 296 USB_ID(SITECOMEU, WL321), 297 USB_ID(SITECOMEU, WL324), 298 USB_ID(SITECOMEU, WL329), 299 USB_ID(SITECOMEU, WL343), 300 USB_ID(SITECOMEU, WL344), 301 USB_ID(SITECOMEU, WL345), 302 USB_ID(SITECOMEU, WL349V4), 303 USB_ID(SITECOMEU, WL608), 304 USB_ID(SITECOMEU, WLA4000), 305 USB_ID(SITECOMEU, WLA5000), 306 USB_ID(SPARKLAN, RT2870_1), 307 USB_ID(SPARKLAN, RT2870_2), 308 USB_ID(SPARKLAN, RT3070), 309 USB_ID(SWEEX2, LW153), 310 USB_ID(SWEEX2, LW303), 311 USB_ID(SWEEX2, LW313), 312 USB_ID(TOSHIBA, RT3070), 313 USB_ID(UMEDIA, RT2870_1), 314 USB_ID(UMEDIA, TEW645UB), 315 USB_ID(ZCOM, RT2870_1), 316 USB_ID(ZCOM, RT2870_2), 317 USB_ID(ZINWELL, RT2870_1), 318 USB_ID(ZINWELL, RT2870_2), 319 USB_ID(ZINWELL, RT3070), 320 USB_ID(ZINWELL, RT3072_1), 321 USB_ID(ZINWELL, RT3072_2), 322 USB_ID(ZYXEL, NWD2105), 323 USB_ID(ZYXEL, NWD211AN), 324 USB_ID(ZYXEL, RT2870_1), 325 USB_ID(ZYXEL, RT2870_2), 326 USB_ID(ZYXEL, RT3070) 327 }; 328 329 int run_match(struct device *, void *, void *); 330 void run_attach(struct device *, struct device *, void *); 331 int run_detach(struct device *, int); 332 int run_alloc_rx_ring(struct run_softc *); 333 void run_free_rx_ring(struct run_softc *); 334 int run_alloc_tx_ring(struct run_softc *, int); 335 void run_free_tx_ring(struct run_softc *, int); 336 int run_load_microcode(struct run_softc *); 337 int run_reset(struct run_softc *); 338 int run_read(struct run_softc *, uint16_t, uint32_t *); 339 int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, 340 int); 341 int run_write_2(struct run_softc *, uint16_t, uint16_t); 342 int run_write(struct run_softc *, uint16_t, uint32_t); 343 int run_write_region_1(struct run_softc *, uint16_t, 344 const uint8_t *, int); 345 int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int); 346 int run_efuse_read(struct run_softc *, uint16_t, uint16_t *); 347 int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *); 348 int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *); 349 int run_rt2870_rf_write(struct run_softc *, uint8_t, uint32_t); 350 int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *); 351 int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t); 352 int run_bbp_read(struct run_softc *, uint8_t, uint8_t *); 353 int run_bbp_write(struct run_softc *, uint8_t, uint8_t); 354 int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t); 355 const char * run_get_rf(int); 356 void run_get_txpower(struct run_softc *); 357 void run_rt3593_get_txpower(struct run_softc *); 358 int run_read_eeprom(struct run_softc *); 359 struct ieee80211_node *run_node_alloc(struct ieee80211com *); 360 int run_media_change(struct ifnet *); 361 void run_next_scan(void *); 362 void run_task(void *); 363 void run_do_async(struct run_softc *, void (*)(struct run_softc *, 364 void *), void *, int); 365 int run_newstate(struct ieee80211com *, enum ieee80211_state, int); 366 void run_newstate_cb(struct run_softc *, void *); 367 void run_updateedca(struct ieee80211com *); 368 void run_updateedca_cb(struct run_softc *, void *); 369 int run_set_key(struct ieee80211com *, struct ieee80211_node *, 370 struct ieee80211_key *); 371 void run_set_key_cb(struct run_softc *, void *); 372 void run_delete_key(struct ieee80211com *, struct ieee80211_node *, 373 struct ieee80211_key *); 374 void run_delete_key_cb(struct run_softc *, void *); 375 void run_calibrate_to(void *); 376 void run_calibrate_cb(struct run_softc *, void *); 377 void run_newassoc(struct ieee80211com *, struct ieee80211_node *, 378 int); 379 void run_rx_frame(struct run_softc *, uint8_t *, int, 380 struct mbuf_list *); 381 void run_rxeof(struct usbd_xfer *, void *, usbd_status); 382 void run_txeof(struct usbd_xfer *, void *, usbd_status); 383 int run_tx(struct run_softc *, struct mbuf *, 384 struct ieee80211_node *); 385 void run_start(struct ifnet *); 386 void run_watchdog(struct ifnet *); 387 int run_ioctl(struct ifnet *, u_long, caddr_t); 388 void run_iq_calib(struct run_softc *, u_int); 389 void run_select_chan_group(struct run_softc *, int); 390 void run_set_agc(struct run_softc *, uint8_t); 391 void run_set_rx_antenna(struct run_softc *, int); 392 void run_rt2870_set_chan(struct run_softc *, u_int); 393 void run_rt3070_set_chan(struct run_softc *, u_int); 394 void run_rt3572_set_chan(struct run_softc *, u_int); 395 void run_rt3593_set_chan(struct run_softc *, u_int); 396 void run_rt5390_set_chan(struct run_softc *, u_int); 397 void run_rt5592_set_chan(struct run_softc *, u_int); 398 int run_set_chan(struct run_softc *, struct ieee80211_channel *); 399 void run_enable_tsf_sync(struct run_softc *); 400 void run_enable_mrr(struct run_softc *); 401 void run_set_txpreamble(struct run_softc *); 402 void run_set_basicrates(struct run_softc *); 403 void run_set_leds(struct run_softc *, uint16_t); 404 void run_set_bssid(struct run_softc *, const uint8_t *); 405 void run_set_macaddr(struct run_softc *, const uint8_t *); 406 void run_updateslot(struct ieee80211com *); 407 void run_updateslot_cb(struct run_softc *, void *); 408 #if NBPFILTER > 0 409 int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t); 410 #endif 411 void run_rt5390_bbp_init(struct run_softc *); 412 int run_bbp_init(struct run_softc *); 413 int run_rt3070_rf_init(struct run_softc *); 414 void run_rt3593_rf_init(struct run_softc *); 415 void run_rt5390_rf_init(struct run_softc *); 416 int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t, 417 uint8_t *); 418 void run_rt3070_rf_setup(struct run_softc *); 419 void run_rt3593_rf_setup(struct run_softc *); 420 void run_rt5390_rf_setup(struct run_softc *); 421 int run_txrx_enable(struct run_softc *); 422 void run_adjust_freq_offset(struct run_softc *); 423 int run_init(struct ifnet *); 424 void run_stop(struct ifnet *, int); 425 426 struct cfdriver run_cd = { 427 NULL, "run", DV_IFNET 428 }; 429 430 const struct cfattach run_ca = { 431 sizeof (struct run_softc), run_match, run_attach, run_detach 432 }; 433 434 static const struct { 435 uint32_t reg; 436 uint32_t val; 437 } rt2870_def_mac[] = { 438 RT2870_DEF_MAC 439 }; 440 441 static const struct { 442 uint8_t reg; 443 uint8_t val; 444 } rt2860_def_bbp[] = { 445 RT2860_DEF_BBP 446 },rt5390_def_bbp[] = { 447 RT5390_DEF_BBP 448 },rt5592_def_bbp[] = { 449 RT5592_DEF_BBP 450 }; 451 452 /* 453 * Default values for BBP register R196 for RT5592. 454 */ 455 static const uint8_t rt5592_bbp_r196[] = { 456 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00, 457 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36, 458 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40, 459 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41, 460 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16, 461 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00, 462 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 463 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c, 464 0x2e, 0x36, 0x30, 0x6e 465 }; 466 467 static const struct rfprog { 468 uint8_t chan; 469 uint32_t r1, r2, r3, r4; 470 } rt2860_rf2850[] = { 471 RT2860_RF2850 472 }; 473 474 struct { 475 uint8_t n, r, k; 476 } rt3070_freqs[] = { 477 RT3070_RF3052 478 }; 479 480 static const struct rt5592_freqs { 481 uint16_t n; 482 uint8_t k, m, r; 483 } rt5592_freqs_20mhz[] = { 484 RT5592_RF5592_20MHZ 485 },rt5592_freqs_40mhz[] = { 486 RT5592_RF5592_40MHZ 487 }; 488 489 static const struct { 490 uint8_t reg; 491 uint8_t val; 492 } rt3070_def_rf[] = { 493 RT3070_DEF_RF 494 },rt3572_def_rf[] = { 495 RT3572_DEF_RF 496 },rt3593_def_rf[] = { 497 RT3593_DEF_RF 498 },rt5390_def_rf[] = { 499 RT5390_DEF_RF 500 },rt5392_def_rf[] = { 501 RT5392_DEF_RF 502 },rt5592_def_rf[] = { 503 RT5592_DEF_RF 504 },rt5592_2ghz_def_rf[] = { 505 RT5592_2GHZ_DEF_RF 506 },rt5592_5ghz_def_rf[] = { 507 RT5592_5GHZ_DEF_RF 508 }; 509 510 static const struct { 511 u_int firstchan; 512 u_int lastchan; 513 uint8_t reg; 514 uint8_t val; 515 } rt5592_chan_5ghz[] = { 516 RT5592_CHAN_5GHZ 517 }; 518 519 int 520 run_match(struct device *parent, void *match, void *aux) 521 { 522 struct usb_attach_arg *uaa = aux; 523 524 if (uaa->iface == NULL || uaa->configno != 1) 525 return UMATCH_NONE; 526 527 return (usb_lookup(run_devs, uaa->vendor, uaa->product) != NULL) ? 528 UMATCH_VENDOR_PRODUCT_CONF_IFACE : UMATCH_NONE; 529 } 530 531 void 532 run_attach(struct device *parent, struct device *self, void *aux) 533 { 534 struct run_softc *sc = (struct run_softc *)self; 535 struct usb_attach_arg *uaa = aux; 536 struct ieee80211com *ic = &sc->sc_ic; 537 struct ifnet *ifp = &ic->ic_if; 538 usb_interface_descriptor_t *id; 539 usb_endpoint_descriptor_t *ed; 540 int i, nrx, ntx, ntries; 541 uint32_t ver; 542 543 sc->sc_udev = uaa->device; 544 sc->sc_iface = uaa->iface; 545 546 /* 547 * Find all bulk endpoints. There are 7 bulk endpoints: 1 for RX 548 * and 6 for TX (4 EDCAs + HCCA + Prio). 549 * Update 03-14-2009: some devices like the Planex GW-US300MiniS 550 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki). 551 */ 552 nrx = ntx = 0; 553 id = usbd_get_interface_descriptor(sc->sc_iface); 554 for (i = 0; i < id->bNumEndpoints; i++) { 555 ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i); 556 if (ed == NULL || UE_GET_XFERTYPE(ed->bmAttributes) != UE_BULK) 557 continue; 558 559 if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN) { 560 sc->rxq.pipe_no = ed->bEndpointAddress; 561 nrx++; 562 } else if (ntx < 4) { 563 sc->txq[ntx].pipe_no = ed->bEndpointAddress; 564 ntx++; 565 } 566 } 567 /* make sure we've got them all */ 568 if (nrx < 1 || ntx < 4) { 569 printf("%s: missing endpoint\n", sc->sc_dev.dv_xname); 570 return; 571 } 572 573 usb_init_task(&sc->sc_task, run_task, sc, USB_TASK_TYPE_GENERIC); 574 timeout_set(&sc->scan_to, run_next_scan, sc); 575 timeout_set(&sc->calib_to, run_calibrate_to, sc); 576 577 sc->amrr.amrr_min_success_threshold = 1; 578 sc->amrr.amrr_max_success_threshold = 10; 579 580 /* wait for the chip to settle */ 581 for (ntries = 0; ntries < 100; ntries++) { 582 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) 583 return; 584 if (ver != 0 && ver != 0xffffffff) 585 break; 586 DELAY(10); 587 } 588 if (ntries == 100) { 589 printf("%s: timeout waiting for NIC to initialize\n", 590 sc->sc_dev.dv_xname); 591 return; 592 } 593 sc->mac_ver = ver >> 16; 594 sc->mac_rev = ver & 0xffff; 595 596 /* retrieve RF rev. no and various other things from EEPROM */ 597 run_read_eeprom(sc); 598 599 printf("%s: MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), " 600 "address %s\n", sc->sc_dev.dv_xname, sc->mac_ver, 601 sc->mac_rev, run_get_rf(sc->rf_rev), sc->ntxchains, 602 sc->nrxchains, ether_sprintf(ic->ic_myaddr)); 603 604 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 605 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 606 ic->ic_state = IEEE80211_S_INIT; 607 608 /* set device capabilities */ 609 ic->ic_caps = 610 IEEE80211_C_MONITOR | /* monitor mode supported */ 611 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 612 IEEE80211_C_SHSLOT | /* short slot time supported */ 613 IEEE80211_C_WEP | /* WEP */ 614 IEEE80211_C_RSN; /* WPA/RSN */ 615 616 if (sc->rf_rev == RT2860_RF_2750 || 617 sc->rf_rev == RT2860_RF_2850 || 618 sc->rf_rev == RT3070_RF_3052 || 619 sc->rf_rev == RT3070_RF_3053 || 620 sc->rf_rev == RT5592_RF_5592) { 621 /* set supported .11a rates */ 622 ic->ic_sup_rates[IEEE80211_MODE_11A] = 623 ieee80211_std_rateset_11a; 624 625 /* set supported .11a channels */ 626 for (i = 14; i < nitems(rt2860_rf2850); i++) { 627 uint8_t chan = rt2860_rf2850[i].chan; 628 ic->ic_channels[chan].ic_freq = 629 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 630 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 631 } 632 } 633 634 /* set supported .11b and .11g rates */ 635 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 636 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 637 638 /* set supported .11b and .11g channels (1 through 14) */ 639 for (i = 1; i <= 14; i++) { 640 ic->ic_channels[i].ic_freq = 641 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 642 ic->ic_channels[i].ic_flags = 643 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 644 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 645 } 646 647 ifp->if_softc = sc; 648 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 649 ifp->if_ioctl = run_ioctl; 650 ifp->if_start = run_start; 651 ifp->if_watchdog = run_watchdog; 652 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 653 654 if_attach(ifp); 655 ieee80211_ifattach(ifp); 656 ic->ic_node_alloc = run_node_alloc; 657 ic->ic_newassoc = run_newassoc; 658 ic->ic_updateslot = run_updateslot; 659 ic->ic_updateedca = run_updateedca; 660 ic->ic_set_key = run_set_key; 661 ic->ic_delete_key = run_delete_key; 662 /* override state transition machine */ 663 sc->sc_newstate = ic->ic_newstate; 664 ic->ic_newstate = run_newstate; 665 ieee80211_media_init(ifp, run_media_change, ieee80211_media_status); 666 667 #if NBPFILTER > 0 668 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 669 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 670 671 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 672 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 673 sc->sc_rxtap.wr_ihdr.it_present = htole32(RUN_RX_RADIOTAP_PRESENT); 674 675 sc->sc_txtap_len = sizeof sc->sc_txtapu; 676 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 677 sc->sc_txtap.wt_ihdr.it_present = htole32(RUN_TX_RADIOTAP_PRESENT); 678 #endif 679 } 680 681 int 682 run_detach(struct device *self, int flags) 683 { 684 struct run_softc *sc = (struct run_softc *)self; 685 struct ifnet *ifp = &sc->sc_ic.ic_if; 686 int qid, s; 687 688 s = splusb(); 689 690 if (timeout_initialized(&sc->scan_to)) 691 timeout_del(&sc->scan_to); 692 if (timeout_initialized(&sc->calib_to)) 693 timeout_del(&sc->calib_to); 694 695 /* wait for all queued asynchronous commands to complete */ 696 usb_rem_wait_task(sc->sc_udev, &sc->sc_task); 697 698 usbd_ref_wait(sc->sc_udev); 699 700 if (ifp->if_softc != NULL) { 701 ifp->if_flags &= ~IFF_RUNNING; 702 ifq_clr_oactive(&ifp->if_snd); 703 ieee80211_ifdetach(ifp); 704 if_detach(ifp); 705 } 706 707 for (qid = 0; qid < 4; qid++) 708 run_free_tx_ring(sc, qid); 709 run_free_rx_ring(sc); 710 711 splx(s); 712 713 return 0; 714 } 715 716 int 717 run_alloc_rx_ring(struct run_softc *sc) 718 { 719 struct run_rx_ring *rxq = &sc->rxq; 720 int i, error; 721 722 error = usbd_open_pipe(sc->sc_iface, rxq->pipe_no, 0, &rxq->pipeh); 723 if (error != 0) 724 goto fail; 725 726 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 727 struct run_rx_data *data = &rxq->data[i]; 728 729 data->sc = sc; /* backpointer for callbacks */ 730 731 data->xfer = usbd_alloc_xfer(sc->sc_udev); 732 if (data->xfer == NULL) { 733 error = ENOMEM; 734 goto fail; 735 } 736 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_RXSZ); 737 if (data->buf == NULL) { 738 error = ENOMEM; 739 goto fail; 740 } 741 } 742 if (error != 0) 743 fail: run_free_rx_ring(sc); 744 return error; 745 } 746 747 void 748 run_free_rx_ring(struct run_softc *sc) 749 { 750 struct run_rx_ring *rxq = &sc->rxq; 751 int i; 752 753 if (rxq->pipeh != NULL) { 754 usbd_close_pipe(rxq->pipeh); 755 rxq->pipeh = NULL; 756 } 757 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 758 if (rxq->data[i].xfer != NULL) 759 usbd_free_xfer(rxq->data[i].xfer); 760 rxq->data[i].xfer = NULL; 761 } 762 } 763 764 int 765 run_alloc_tx_ring(struct run_softc *sc, int qid) 766 { 767 struct run_tx_ring *txq = &sc->txq[qid]; 768 int i, error; 769 uint16_t txwisize; 770 771 txwisize = sizeof(struct rt2860_txwi); 772 if (sc->mac_ver == 0x5592) 773 txwisize += sizeof(uint32_t); 774 775 txq->cur = txq->queued = 0; 776 777 error = usbd_open_pipe(sc->sc_iface, txq->pipe_no, 0, &txq->pipeh); 778 if (error != 0) 779 goto fail; 780 781 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 782 struct run_tx_data *data = &txq->data[i]; 783 784 data->sc = sc; /* backpointer for callbacks */ 785 data->qid = qid; 786 787 data->xfer = usbd_alloc_xfer(sc->sc_udev); 788 if (data->xfer == NULL) { 789 error = ENOMEM; 790 goto fail; 791 } 792 data->buf = usbd_alloc_buffer(data->xfer, RUN_MAX_TXSZ); 793 if (data->buf == NULL) { 794 error = ENOMEM; 795 goto fail; 796 } 797 /* zeroize the TXD + TXWI part */ 798 memset(data->buf, 0, sizeof(struct rt2870_txd) + txwisize); 799 } 800 if (error != 0) 801 fail: run_free_tx_ring(sc, qid); 802 return error; 803 } 804 805 void 806 run_free_tx_ring(struct run_softc *sc, int qid) 807 { 808 struct run_tx_ring *txq = &sc->txq[qid]; 809 int i; 810 811 if (txq->pipeh != NULL) { 812 usbd_close_pipe(txq->pipeh); 813 txq->pipeh = NULL; 814 } 815 for (i = 0; i < RUN_TX_RING_COUNT; i++) { 816 if (txq->data[i].xfer != NULL) 817 usbd_free_xfer(txq->data[i].xfer); 818 txq->data[i].xfer = NULL; 819 } 820 } 821 822 int 823 run_load_microcode(struct run_softc *sc) 824 { 825 usb_device_request_t req; 826 const char *fwname; 827 u_char *ucode; 828 size_t size; 829 uint32_t tmp; 830 int ntries, error; 831 832 /* RT3071/RT3072 use a different firmware */ 833 if (sc->mac_ver != 0x2860 && 834 sc->mac_ver != 0x2872 && 835 sc->mac_ver != 0x3070) 836 fwname = "run-rt3071"; 837 else 838 fwname = "run-rt2870"; 839 840 if ((error = loadfirmware(fwname, &ucode, &size)) != 0) { 841 printf("%s: failed loadfirmware of file %s (error %d)\n", 842 sc->sc_dev.dv_xname, fwname, error); 843 return error; 844 } 845 if (size != 4096) { 846 printf("%s: invalid firmware size (should be 4KB)\n", 847 sc->sc_dev.dv_xname); 848 free(ucode, M_DEVBUF, size); 849 return EINVAL; 850 } 851 852 /* write microcode image */ 853 run_write_region_1(sc, RT2870_FW_BASE, ucode, size); 854 free(ucode, M_DEVBUF, size); 855 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff); 856 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff); 857 858 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 859 req.bRequest = RT2870_RESET; 860 USETW(req.wValue, 8); 861 USETW(req.wIndex, 0); 862 USETW(req.wLength, 0); 863 if ((error = usbd_do_request(sc->sc_udev, &req, NULL)) != 0) 864 return error; 865 866 usbd_delay_ms(sc->sc_udev, 10); 867 run_write(sc, RT2860_H2M_BBPAGENT, 0); 868 run_write(sc, RT2860_H2M_MAILBOX, 0); 869 run_write(sc, RT2860_H2M_INTSRC, 0); 870 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0) 871 return error; 872 873 /* wait until microcontroller is ready */ 874 for (ntries = 0; ntries < 1000; ntries++) { 875 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) 876 return error; 877 if (tmp & RT2860_MCU_READY) 878 break; 879 DELAY(1000); 880 } 881 if (ntries == 1000) { 882 printf("%s: timeout waiting for MCU to initialize\n", 883 sc->sc_dev.dv_xname); 884 return ETIMEDOUT; 885 } 886 DPRINTF(("microcode successfully loaded after %d tries\n", ntries)); 887 return 0; 888 } 889 890 int 891 run_reset(struct run_softc *sc) 892 { 893 usb_device_request_t req; 894 895 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 896 req.bRequest = RT2870_RESET; 897 USETW(req.wValue, 1); 898 USETW(req.wIndex, 0); 899 USETW(req.wLength, 0); 900 return usbd_do_request(sc->sc_udev, &req, NULL); 901 } 902 903 int 904 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val) 905 { 906 uint32_t tmp; 907 int error; 908 909 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp); 910 if (error == 0) 911 *val = letoh32(tmp); 912 else 913 *val = 0xffffffff; 914 return error; 915 } 916 917 int 918 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len) 919 { 920 usb_device_request_t req; 921 922 req.bmRequestType = UT_READ_VENDOR_DEVICE; 923 req.bRequest = RT2870_READ_REGION_1; 924 USETW(req.wValue, 0); 925 USETW(req.wIndex, reg); 926 USETW(req.wLength, len); 927 return usbd_do_request(sc->sc_udev, &req, buf); 928 } 929 930 int 931 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val) 932 { 933 usb_device_request_t req; 934 935 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 936 req.bRequest = RT2870_WRITE_2; 937 USETW(req.wValue, val); 938 USETW(req.wIndex, reg); 939 USETW(req.wLength, 0); 940 return usbd_do_request(sc->sc_udev, &req, NULL); 941 } 942 943 int 944 run_write(struct run_softc *sc, uint16_t reg, uint32_t val) 945 { 946 int error; 947 948 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0) 949 error = run_write_2(sc, reg + 2, val >> 16); 950 return error; 951 } 952 953 int 954 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf, 955 int len) 956 { 957 #if 1 958 int i, error = 0; 959 /* 960 * NB: the WRITE_REGION_1 command is not stable on RT2860. 961 * We thus issue multiple WRITE_2 commands instead. 962 */ 963 KASSERT((len & 1) == 0); 964 for (i = 0; i < len && error == 0; i += 2) 965 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8); 966 return error; 967 #else 968 usb_device_request_t req; 969 970 req.bmRequestType = UT_WRITE_VENDOR_DEVICE; 971 req.bRequest = RT2870_WRITE_REGION_1; 972 USETW(req.wValue, 0); 973 USETW(req.wIndex, reg); 974 USETW(req.wLength, len); 975 return usbd_do_request(sc->sc_udev, &req, buf); 976 #endif 977 } 978 979 int 980 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int count) 981 { 982 int error = 0; 983 984 for (; count > 0 && error == 0; count--, reg += 4) 985 error = run_write(sc, reg, val); 986 return error; 987 } 988 989 /* Read 16-bit from eFUSE ROM. */ 990 int 991 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 992 { 993 uint32_t tmp; 994 uint16_t reg; 995 int error, ntries; 996 997 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 998 return error; 999 1000 /*- 1001 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1002 * DATA0: F E D C 1003 * DATA1: B A 9 8 1004 * DATA2: 7 6 5 4 1005 * DATA3: 3 2 1 0 1006 */ 1007 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1008 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1009 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1010 for (ntries = 0; ntries < 100; ntries++) { 1011 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1012 return error; 1013 if (!(tmp & RT3070_EFSROM_KICK)) 1014 break; 1015 DELAY(2); 1016 } 1017 if (ntries == 100) 1018 return ETIMEDOUT; 1019 1020 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1021 *val = 0xffff; /* address not found */ 1022 return 0; 1023 } 1024 /* determine to which 32-bit register our 16-bit word belongs */ 1025 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1026 if ((error = run_read(sc, reg, &tmp)) != 0) 1027 return error; 1028 1029 tmp >>= (8 * (addr & 0x3)); 1030 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff; 1031 return 0; 1032 } 1033 1034 /* Read 16-bit from eFUSE ROM for RT3xxx. */ 1035 int 1036 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1037 { 1038 uint32_t tmp; 1039 uint16_t reg; 1040 int error, ntries; 1041 1042 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1043 return error; 1044 1045 addr *= 2; 1046 /*- 1047 * Read one 16-byte block into registers EFUSE_DATA[0-3]: 1048 * DATA0: F E D C 1049 * DATA1: B A 9 8 1050 * DATA2: 7 6 5 4 1051 * DATA3: 3 2 1 0 1052 */ 1053 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK); 1054 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK; 1055 run_write(sc, RT3070_EFUSE_CTRL, tmp); 1056 for (ntries = 0; ntries < 100; ntries++) { 1057 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0) 1058 return error; 1059 if (!(tmp & RT3070_EFSROM_KICK)) 1060 break; 1061 DELAY(2); 1062 } 1063 if (ntries == 100) 1064 return ETIMEDOUT; 1065 1066 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) { 1067 *val = 0xffff; /* address not found */ 1068 return 0; 1069 } 1070 /* determine to which 32-bit register our 16-bit word belongs */ 1071 reg = RT3070_EFUSE_DATA3 - (addr & 0xc); 1072 if ((error = run_read(sc, reg, &tmp)) != 0) 1073 return error; 1074 1075 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff; 1076 return 0; 1077 } 1078 1079 int 1080 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val) 1081 { 1082 usb_device_request_t req; 1083 uint16_t tmp; 1084 int error; 1085 1086 addr *= 2; 1087 req.bmRequestType = UT_READ_VENDOR_DEVICE; 1088 req.bRequest = RT2870_EEPROM_READ; 1089 USETW(req.wValue, 0); 1090 USETW(req.wIndex, addr); 1091 USETW(req.wLength, sizeof tmp); 1092 error = usbd_do_request(sc->sc_udev, &req, &tmp); 1093 if (error == 0) 1094 *val = letoh16(tmp); 1095 else 1096 *val = 0xffff; 1097 return error; 1098 } 1099 1100 static __inline int 1101 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val) 1102 { 1103 /* either eFUSE ROM or EEPROM */ 1104 return sc->sc_srom_read(sc, addr, val); 1105 } 1106 1107 int 1108 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val) 1109 { 1110 uint32_t tmp; 1111 int error, ntries; 1112 1113 for (ntries = 0; ntries < 10; ntries++) { 1114 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0) 1115 return error; 1116 if (!(tmp & RT2860_RF_REG_CTRL)) 1117 break; 1118 } 1119 if (ntries == 10) 1120 return ETIMEDOUT; 1121 1122 /* RF registers are 24-bit on the RT2860 */ 1123 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT | 1124 (val & 0x3fffff) << 2 | (reg & 3); 1125 return run_write(sc, RT2860_RF_CSR_CFG0, tmp); 1126 } 1127 1128 int 1129 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1130 { 1131 uint32_t tmp; 1132 int error, ntries; 1133 1134 for (ntries = 0; ntries < 100; ntries++) { 1135 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1136 return error; 1137 if (!(tmp & RT3070_RF_KICK)) 1138 break; 1139 } 1140 if (ntries == 100) 1141 return ETIMEDOUT; 1142 1143 tmp = RT3070_RF_KICK | reg << 8; 1144 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0) 1145 return error; 1146 1147 for (ntries = 0; ntries < 100; ntries++) { 1148 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1149 return error; 1150 if (!(tmp & RT3070_RF_KICK)) 1151 break; 1152 } 1153 if (ntries == 100) 1154 return ETIMEDOUT; 1155 1156 *val = tmp & 0xff; 1157 return 0; 1158 } 1159 1160 int 1161 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1162 { 1163 uint32_t tmp; 1164 int error, ntries; 1165 1166 for (ntries = 0; ntries < 10; ntries++) { 1167 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0) 1168 return error; 1169 if (!(tmp & RT3070_RF_KICK)) 1170 break; 1171 } 1172 if (ntries == 10) 1173 return ETIMEDOUT; 1174 1175 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val; 1176 return run_write(sc, RT3070_RF_CSR_CFG, tmp); 1177 } 1178 1179 int 1180 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val) 1181 { 1182 uint32_t tmp; 1183 int ntries, error; 1184 1185 for (ntries = 0; ntries < 10; ntries++) { 1186 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1187 return error; 1188 if (!(tmp & RT2860_BBP_CSR_KICK)) 1189 break; 1190 } 1191 if (ntries == 10) 1192 return ETIMEDOUT; 1193 1194 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8; 1195 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0) 1196 return error; 1197 1198 for (ntries = 0; ntries < 10; ntries++) { 1199 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1200 return error; 1201 if (!(tmp & RT2860_BBP_CSR_KICK)) 1202 break; 1203 } 1204 if (ntries == 10) 1205 return ETIMEDOUT; 1206 1207 *val = tmp & 0xff; 1208 return 0; 1209 } 1210 1211 int 1212 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val) 1213 { 1214 uint32_t tmp; 1215 int ntries, error; 1216 1217 for (ntries = 0; ntries < 10; ntries++) { 1218 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0) 1219 return error; 1220 if (!(tmp & RT2860_BBP_CSR_KICK)) 1221 break; 1222 } 1223 if (ntries == 10) 1224 return ETIMEDOUT; 1225 1226 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val; 1227 return run_write(sc, RT2860_BBP_CSR_CFG, tmp); 1228 } 1229 1230 /* 1231 * Send a command to the 8051 microcontroller unit. 1232 */ 1233 int 1234 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg) 1235 { 1236 uint32_t tmp; 1237 int error, ntries; 1238 1239 for (ntries = 0; ntries < 100; ntries++) { 1240 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0) 1241 return error; 1242 if (!(tmp & RT2860_H2M_BUSY)) 1243 break; 1244 } 1245 if (ntries == 100) 1246 return ETIMEDOUT; 1247 1248 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg; 1249 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0) 1250 error = run_write(sc, RT2860_HOST_CMD, cmd); 1251 return error; 1252 } 1253 1254 /* 1255 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word. 1256 * Used to adjust per-rate Tx power registers. 1257 */ 1258 static __inline uint32_t 1259 b4inc(uint32_t b32, int8_t delta) 1260 { 1261 int8_t i, b4; 1262 1263 for (i = 0; i < 8; i++) { 1264 b4 = b32 & 0xf; 1265 b4 += delta; 1266 if (b4 < 0) 1267 b4 = 0; 1268 else if (b4 > 0xf) 1269 b4 = 0xf; 1270 b32 = b32 >> 4 | b4 << 28; 1271 } 1272 return b32; 1273 } 1274 1275 const char * 1276 run_get_rf(int rev) 1277 { 1278 switch (rev) { 1279 case RT2860_RF_2820: return "RT2820"; 1280 case RT2860_RF_2850: return "RT2850"; 1281 case RT2860_RF_2720: return "RT2720"; 1282 case RT2860_RF_2750: return "RT2750"; 1283 case RT3070_RF_3020: return "RT3020"; 1284 case RT3070_RF_2020: return "RT2020"; 1285 case RT3070_RF_3021: return "RT3021"; 1286 case RT3070_RF_3022: return "RT3022"; 1287 case RT3070_RF_3052: return "RT3052"; 1288 case RT3070_RF_3053: return "RT3053"; 1289 case RT5592_RF_5592: return "RT5592"; 1290 case RT5390_RF_5370: return "RT5370"; 1291 case RT5390_RF_5372: return "RT5372"; 1292 } 1293 return "unknown"; 1294 } 1295 1296 void 1297 run_rt3593_get_txpower(struct run_softc *sc) 1298 { 1299 uint16_t addr, val; 1300 int i; 1301 1302 /* Read power settings for 2GHz channels. */ 1303 for (i = 0; i < 14; i += 2) { 1304 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 : 1305 RT2860_EEPROM_PWR2GHZ_BASE1; 1306 run_srom_read(sc, addr + i / 2, &val); 1307 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1308 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1309 1310 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 : 1311 RT2860_EEPROM_PWR2GHZ_BASE2; 1312 run_srom_read(sc, addr + i / 2, &val); 1313 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1314 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1315 1316 if (sc->ntxchains == 3) { 1317 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2, 1318 &val); 1319 sc->txpow3[i + 0] = (int8_t)(val & 0xff); 1320 sc->txpow3[i + 1] = (int8_t)(val >> 8); 1321 } 1322 } 1323 /* Fix broken Tx power entries. */ 1324 for (i = 0; i < 14; i++) { 1325 if (sc->txpow1[i] > 31) 1326 sc->txpow1[i] = 5; 1327 if (sc->txpow2[i] > 31) 1328 sc->txpow2[i] = 5; 1329 if (sc->ntxchains == 3) { 1330 if (sc->txpow3[i] > 31) 1331 sc->txpow3[i] = 5; 1332 } 1333 } 1334 /* Read power settings for 5GHz channels. */ 1335 for (i = 0; i < 40; i += 2) { 1336 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1337 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1338 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1339 1340 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1341 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1342 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1343 1344 if (sc->ntxchains == 3) { 1345 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2, 1346 &val); 1347 sc->txpow3[i + 14] = (int8_t)(val & 0xff); 1348 sc->txpow3[i + 15] = (int8_t)(val >> 8); 1349 } 1350 } 1351 } 1352 1353 void 1354 run_get_txpower(struct run_softc *sc) 1355 { 1356 uint16_t val; 1357 int i; 1358 1359 /* Read power settings for 2GHz channels. */ 1360 for (i = 0; i < 14; i += 2) { 1361 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val); 1362 sc->txpow1[i + 0] = (int8_t)(val & 0xff); 1363 sc->txpow1[i + 1] = (int8_t)(val >> 8); 1364 1365 if (sc->mac_ver != 0x5390) { 1366 run_srom_read(sc, 1367 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val); 1368 sc->txpow2[i + 0] = (int8_t)(val & 0xff); 1369 sc->txpow2[i + 1] = (int8_t)(val >> 8); 1370 } 1371 } 1372 /* Fix broken Tx power entries. */ 1373 for (i = 0; i < 14; i++) { 1374 if (sc->mac_ver >= 0x5390) { 1375 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 27) 1376 sc->txpow1[i] = 5; 1377 } else { 1378 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31) 1379 sc->txpow1[i] = 5; 1380 } 1381 if (sc->mac_ver > 0x5390) { 1382 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 27) 1383 sc->txpow2[i] = 5; 1384 } else if (sc->mac_ver < 0x5390) { 1385 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31) 1386 sc->txpow2[i] = 5; 1387 } 1388 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1389 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i])); 1390 } 1391 /* Read power settings for 5GHz channels. */ 1392 for (i = 0; i < 40; i += 2) { 1393 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val); 1394 sc->txpow1[i + 14] = (int8_t)(val & 0xff); 1395 sc->txpow1[i + 15] = (int8_t)(val >> 8); 1396 1397 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val); 1398 sc->txpow2[i + 14] = (int8_t)(val & 0xff); 1399 sc->txpow2[i + 15] = (int8_t)(val >> 8); 1400 } 1401 /* Fix broken Tx power entries. */ 1402 for (i = 0; i < 40; i++ ) { 1403 if (sc->mac_ver != 0x5592) { 1404 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15) 1405 sc->txpow1[14 + i] = 5; 1406 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15) 1407 sc->txpow2[14 + i] = 5; 1408 } 1409 DPRINTF(("chan %d: power1=%d, power2=%d\n", 1410 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i], 1411 sc->txpow2[14 + i])); 1412 } 1413 } 1414 1415 int 1416 run_read_eeprom(struct run_softc *sc) 1417 { 1418 struct ieee80211com *ic = &sc->sc_ic; 1419 int8_t delta_2ghz, delta_5ghz; 1420 uint32_t tmp; 1421 uint16_t val; 1422 int ridx, ant, i; 1423 1424 /* check whether the ROM is eFUSE ROM or EEPROM */ 1425 sc->sc_srom_read = run_eeprom_read_2; 1426 if (sc->mac_ver >= 0x3070) { 1427 run_read(sc, RT3070_EFUSE_CTRL, &tmp); 1428 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp)); 1429 if (tmp & RT3070_SEL_EFUSE || sc->mac_ver == 0x3593) 1430 sc->sc_srom_read = run_efuse_read_2; 1431 } 1432 1433 /* read ROM version */ 1434 run_srom_read(sc, RT2860_EEPROM_VERSION, &val); 1435 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8)); 1436 1437 /* read MAC address */ 1438 run_srom_read(sc, RT2860_EEPROM_MAC01, &val); 1439 ic->ic_myaddr[0] = val & 0xff; 1440 ic->ic_myaddr[1] = val >> 8; 1441 run_srom_read(sc, RT2860_EEPROM_MAC23, &val); 1442 ic->ic_myaddr[2] = val & 0xff; 1443 ic->ic_myaddr[3] = val >> 8; 1444 run_srom_read(sc, RT2860_EEPROM_MAC45, &val); 1445 ic->ic_myaddr[4] = val & 0xff; 1446 ic->ic_myaddr[5] = val >> 8; 1447 1448 if (sc->mac_ver < 0x3593) { 1449 /* read vendor BBP settings */ 1450 for (i = 0; i < 10; i++) { 1451 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val); 1452 sc->bbp[i].val = val & 0xff; 1453 sc->bbp[i].reg = val >> 8; 1454 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, 1455 sc->bbp[i].val)); 1456 } 1457 if (sc->mac_ver >= 0x3071) { 1458 /* read vendor RF settings */ 1459 for (i = 0; i < 10; i++) { 1460 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i, 1461 &val); 1462 sc->rf[i].val = val & 0xff; 1463 sc->rf[i].reg = val >> 8; 1464 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg, 1465 sc->rf[i].val)); 1466 } 1467 } 1468 } 1469 1470 /* read RF frequency offset from EEPROM */ 1471 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1472 RT3593_EEPROM_FREQ, &val); 1473 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0; 1474 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff)); 1475 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS : 1476 RT3593_EEPROM_FREQ_LEDS, &val); 1477 if ((val >> 8) != 0xff) { 1478 /* read LEDs operating mode */ 1479 sc->leds = val >> 8; 1480 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 : 1481 RT3593_EEPROM_LED1, &sc->led[0]); 1482 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 : 1483 RT3593_EEPROM_LED2, &sc->led[1]); 1484 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 : 1485 RT3593_EEPROM_LED3, &sc->led[2]); 1486 } else { 1487 /* broken EEPROM, use default settings */ 1488 sc->leds = 0x01; 1489 sc->led[0] = 0x5555; 1490 sc->led[1] = 0x2221; 1491 sc->led[2] = 0x5627; /* differs from RT2860 */ 1492 } 1493 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n", 1494 sc->leds, sc->led[0], sc->led[1], sc->led[2])); 1495 1496 /* read RF information */ 1497 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) 1498 run_srom_read(sc, 0x00, &val); 1499 else 1500 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1501 if (val == 0xffff) { 1502 DPRINTF(("invalid EEPROM antenna info, using default\n")); 1503 if (sc->mac_ver == 0x3572) { 1504 /* default to RF3052 2T2R */ 1505 sc->rf_rev = RT3070_RF_3052; 1506 sc->ntxchains = 2; 1507 sc->nrxchains = 2; 1508 } else if (sc->mac_ver >= 0x3070) { 1509 /* default to RF3020 1T1R */ 1510 sc->rf_rev = RT3070_RF_3020; 1511 sc->ntxchains = 1; 1512 sc->nrxchains = 1; 1513 } else { 1514 /* default to RF2820 1T2R */ 1515 sc->rf_rev = RT2860_RF_2820; 1516 sc->ntxchains = 1; 1517 sc->nrxchains = 2; 1518 } 1519 } else { 1520 if (sc->mac_ver == 0x5390 || sc->mac_ver == 0x5392) { 1521 sc->rf_rev = val; 1522 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val); 1523 } else 1524 sc->rf_rev = (val >> 8) & 0xf; 1525 sc->ntxchains = (val >> 4) & 0xf; 1526 sc->nrxchains = val & 0xf; 1527 } 1528 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n", 1529 sc->rf_rev, sc->ntxchains, sc->nrxchains)); 1530 1531 /* check if RF supports automatic Tx access gain control */ 1532 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val); 1533 DPRINTF(("EEPROM CFG 0x%04x\n", val)); 1534 /* check if driver should patch the DAC issue */ 1535 if ((val >> 8) != 0xff) 1536 sc->patch_dac = (val >> 15) & 1; 1537 if ((val & 0xff) != 0xff) { 1538 sc->ext_5ghz_lna = (val >> 3) & 1; 1539 sc->ext_2ghz_lna = (val >> 2) & 1; 1540 /* check if RF supports automatic Tx access gain control */ 1541 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1; 1542 /* check if we have a hardware radio switch */ 1543 sc->rfswitch = val & 1; 1544 } 1545 1546 /* Read Tx power settings. */ 1547 if (sc->mac_ver == 0x3593) 1548 run_rt3593_get_txpower(sc); 1549 else 1550 run_get_txpower(sc); 1551 1552 /* read Tx power compensation for each Tx rate */ 1553 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val); 1554 delta_2ghz = delta_5ghz = 0; 1555 if ((val & 0xff) != 0xff && (val & 0x80)) { 1556 delta_2ghz = val & 0xf; 1557 if (!(val & 0x40)) /* negative number */ 1558 delta_2ghz = -delta_2ghz; 1559 } 1560 val >>= 8; 1561 if ((val & 0xff) != 0xff && (val & 0x80)) { 1562 delta_5ghz = val & 0xf; 1563 if (!(val & 0x40)) /* negative number */ 1564 delta_5ghz = -delta_5ghz; 1565 } 1566 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n", 1567 delta_2ghz, delta_5ghz)); 1568 1569 for (ridx = 0; ridx < 5; ridx++) { 1570 uint32_t reg; 1571 1572 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val); 1573 reg = val; 1574 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val); 1575 reg |= (uint32_t)val << 16; 1576 1577 sc->txpow20mhz[ridx] = reg; 1578 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz); 1579 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz); 1580 1581 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, " 1582 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx], 1583 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx])); 1584 } 1585 1586 /* read RSSI offsets and LNA gains from EEPROM */ 1587 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ : 1588 RT3593_EEPROM_RSSI1_2GHZ, &val); 1589 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */ 1590 sc->rssi_2ghz[1] = val >> 8; /* Ant B */ 1591 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ : 1592 RT3593_EEPROM_RSSI2_2GHZ, &val); 1593 if (sc->mac_ver >= 0x3070) { 1594 if (sc->mac_ver == 0x3593) { 1595 sc->txmixgain_2ghz = 0; 1596 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1597 } else { 1598 /* 1599 * On RT3070 chips (limited to 2 Rx chains), this ROM 1600 * field contains the Tx mixer gain for the 2GHz band. 1601 */ 1602 if ((val & 0xff) != 0xff) 1603 sc->txmixgain_2ghz = val & 0x7; 1604 } 1605 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz)); 1606 } else 1607 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */ 1608 if (sc->mac_ver == 0x3593) 1609 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1610 sc->lna[2] = val >> 8; /* channel group 2 */ 1611 1612 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ : 1613 RT3593_EEPROM_RSSI1_5GHZ, &val); 1614 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */ 1615 sc->rssi_5ghz[1] = val >> 8; /* Ant B */ 1616 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ : 1617 RT3593_EEPROM_RSSI2_5GHZ, &val); 1618 if (sc->mac_ver == 0x3572) { 1619 /* 1620 * On RT3572 chips (limited to 2 Rx chains), this ROM 1621 * field contains the Tx mixer gain for the 5GHz band. 1622 */ 1623 if ((val & 0xff) != 0xff) 1624 sc->txmixgain_5ghz = val & 0x7; 1625 DPRINTF(("tx mixer gain=%u (5GHz)\n", sc->txmixgain_5ghz)); 1626 } else 1627 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */ 1628 if (sc->mac_ver == 0x3593) { 1629 sc->txmixgain_5ghz = 0; 1630 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val); 1631 } 1632 sc->lna[3] = val >> 8; /* channel group 3 */ 1633 1634 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA : 1635 RT3593_EEPROM_LNA, &val); 1636 sc->lna[0] = val & 0xff; /* channel group 0 */ 1637 sc->lna[1] = val >> 8; /* channel group 1 */ 1638 1639 /* fix broken 5GHz LNA entries */ 1640 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) { 1641 DPRINTF(("invalid LNA for channel group %d\n", 2)); 1642 sc->lna[2] = sc->lna[1]; 1643 } 1644 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) { 1645 DPRINTF(("invalid LNA for channel group %d\n", 3)); 1646 sc->lna[3] = sc->lna[1]; 1647 } 1648 1649 /* fix broken RSSI offset entries */ 1650 for (ant = 0; ant < 3; ant++) { 1651 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) { 1652 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n", 1653 ant + 1, sc->rssi_2ghz[ant])); 1654 sc->rssi_2ghz[ant] = 0; 1655 } 1656 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) { 1657 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n", 1658 ant + 1, sc->rssi_5ghz[ant])); 1659 sc->rssi_5ghz[ant] = 0; 1660 } 1661 } 1662 return 0; 1663 } 1664 1665 struct ieee80211_node * 1666 run_node_alloc(struct ieee80211com *ic) 1667 { 1668 return malloc(sizeof (struct run_node), M_USBDEV, M_NOWAIT | M_ZERO); 1669 } 1670 1671 int 1672 run_media_change(struct ifnet *ifp) 1673 { 1674 struct run_softc *sc = ifp->if_softc; 1675 struct ieee80211com *ic = &sc->sc_ic; 1676 uint8_t rate, ridx; 1677 int error; 1678 1679 error = ieee80211_media_change(ifp); 1680 if (error != ENETRESET) 1681 return error; 1682 1683 if (ic->ic_fixed_rate != -1) { 1684 rate = ic->ic_sup_rates[ic->ic_curmode]. 1685 rs_rates[ic->ic_fixed_rate] & IEEE80211_RATE_VAL; 1686 for (ridx = 0; ridx <= RT2860_RIDX_MAX; ridx++) 1687 if (rt2860_rates[ridx].rate == rate) 1688 break; 1689 sc->fixed_ridx = ridx; 1690 } 1691 1692 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1693 (IFF_UP | IFF_RUNNING)) { 1694 run_stop(ifp, 0); 1695 error = run_init(ifp); 1696 } 1697 1698 return error; 1699 } 1700 1701 void 1702 run_next_scan(void *arg) 1703 { 1704 struct run_softc *sc = arg; 1705 int s; 1706 1707 if (usbd_is_dying(sc->sc_udev)) 1708 return; 1709 1710 usbd_ref_incr(sc->sc_udev); 1711 1712 s = splnet(); 1713 if (sc->sc_ic.ic_state == IEEE80211_S_SCAN) 1714 ieee80211_next_scan(&sc->sc_ic.ic_if); 1715 splx(s); 1716 1717 usbd_ref_decr(sc->sc_udev); 1718 } 1719 1720 void 1721 run_task(void *arg) 1722 { 1723 struct run_softc *sc = arg; 1724 struct run_host_cmd_ring *ring = &sc->cmdq; 1725 struct run_host_cmd *cmd; 1726 int s; 1727 1728 if (usbd_is_dying(sc->sc_udev)) 1729 return; 1730 1731 /* process host commands */ 1732 s = splusb(); 1733 while (ring->next != ring->cur) { 1734 cmd = &ring->cmd[ring->next]; 1735 splx(s); 1736 /* callback */ 1737 cmd->cb(sc, cmd->data); 1738 s = splusb(); 1739 ring->queued--; 1740 ring->next = (ring->next + 1) % RUN_HOST_CMD_RING_COUNT; 1741 } 1742 splx(s); 1743 } 1744 1745 void 1746 run_do_async(struct run_softc *sc, void (*cb)(struct run_softc *, void *), 1747 void *arg, int len) 1748 { 1749 struct run_host_cmd_ring *ring = &sc->cmdq; 1750 struct run_host_cmd *cmd; 1751 int s; 1752 1753 if (usbd_is_dying(sc->sc_udev)) 1754 return; 1755 1756 s = splusb(); 1757 cmd = &ring->cmd[ring->cur]; 1758 cmd->cb = cb; 1759 KASSERT(len <= sizeof (cmd->data)); 1760 memcpy(cmd->data, arg, len); 1761 ring->cur = (ring->cur + 1) % RUN_HOST_CMD_RING_COUNT; 1762 1763 /* if there is no pending command already, schedule a task */ 1764 if (++ring->queued == 1) 1765 usb_add_task(sc->sc_udev, &sc->sc_task); 1766 splx(s); 1767 } 1768 1769 int 1770 run_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1771 { 1772 struct run_softc *sc = ic->ic_softc; 1773 struct run_cmd_newstate cmd; 1774 1775 /* do it in a process context */ 1776 cmd.state = nstate; 1777 cmd.arg = arg; 1778 run_do_async(sc, run_newstate_cb, &cmd, sizeof cmd); 1779 return 0; 1780 } 1781 1782 void 1783 run_newstate_cb(struct run_softc *sc, void *arg) 1784 { 1785 struct run_cmd_newstate *cmd = arg; 1786 struct ieee80211com *ic = &sc->sc_ic; 1787 enum ieee80211_state ostate; 1788 struct ieee80211_node *ni; 1789 uint32_t tmp, sta[3]; 1790 uint8_t wcid; 1791 int s; 1792 1793 s = splnet(); 1794 ostate = ic->ic_state; 1795 1796 if (ostate == IEEE80211_S_RUN) { 1797 /* turn link LED off */ 1798 run_set_leds(sc, RT2860_LED_RADIO); 1799 } 1800 1801 switch (cmd->state) { 1802 case IEEE80211_S_INIT: 1803 if (ostate == IEEE80211_S_RUN) { 1804 /* abort TSF synchronization */ 1805 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 1806 run_write(sc, RT2860_BCN_TIME_CFG, 1807 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 1808 RT2860_TBTT_TIMER_EN)); 1809 } 1810 break; 1811 1812 case IEEE80211_S_SCAN: 1813 run_set_chan(sc, ic->ic_bss->ni_chan); 1814 if (!usbd_is_dying(sc->sc_udev)) 1815 timeout_add_msec(&sc->scan_to, 200); 1816 break; 1817 1818 case IEEE80211_S_AUTH: 1819 case IEEE80211_S_ASSOC: 1820 run_set_chan(sc, ic->ic_bss->ni_chan); 1821 break; 1822 1823 case IEEE80211_S_RUN: 1824 run_set_chan(sc, ic->ic_bss->ni_chan); 1825 1826 ni = ic->ic_bss; 1827 1828 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1829 run_updateslot(ic); 1830 run_enable_mrr(sc); 1831 run_set_txpreamble(sc); 1832 run_set_basicrates(sc); 1833 run_set_bssid(sc, ni->ni_bssid); 1834 } 1835 if (ic->ic_opmode == IEEE80211_M_STA) { 1836 /* add BSS entry to the WCID table */ 1837 wcid = RUN_AID2WCID(ni->ni_associd); 1838 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid), 1839 ni->ni_macaddr, IEEE80211_ADDR_LEN); 1840 1841 /* fake a join to init the tx rate */ 1842 run_newassoc(ic, ni, 1); 1843 } 1844 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 1845 run_enable_tsf_sync(sc); 1846 1847 /* clear statistic registers used by AMRR */ 1848 run_read_region_1(sc, RT2860_TX_STA_CNT0, 1849 (uint8_t *)sta, sizeof sta); 1850 /* start calibration timer */ 1851 if (!usbd_is_dying(sc->sc_udev)) 1852 timeout_add_sec(&sc->calib_to, 1); 1853 } 1854 1855 /* turn link LED on */ 1856 run_set_leds(sc, RT2860_LED_RADIO | 1857 (IEEE80211_IS_CHAN_2GHZ(ic->ic_bss->ni_chan) ? 1858 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ)); 1859 break; 1860 } 1861 (void)sc->sc_newstate(ic, cmd->state, cmd->arg); 1862 splx(s); 1863 } 1864 1865 void 1866 run_updateedca(struct ieee80211com *ic) 1867 { 1868 /* do it in a process context */ 1869 run_do_async(ic->ic_softc, run_updateedca_cb, NULL, 0); 1870 } 1871 1872 void 1873 run_updateedca_cb(struct run_softc *sc, void *arg) 1874 { 1875 struct ieee80211com *ic = &sc->sc_ic; 1876 int s, aci; 1877 1878 s = splnet(); 1879 /* update MAC TX configuration registers */ 1880 for (aci = 0; aci < EDCA_NUM_AC; aci++) { 1881 run_write(sc, RT2860_EDCA_AC_CFG(aci), 1882 ic->ic_edca_ac[aci].ac_ecwmax << 16 | 1883 ic->ic_edca_ac[aci].ac_ecwmin << 12 | 1884 ic->ic_edca_ac[aci].ac_aifsn << 8 | 1885 ic->ic_edca_ac[aci].ac_txoplimit); 1886 } 1887 1888 /* update SCH/DMA registers too */ 1889 run_write(sc, RT2860_WMM_AIFSN_CFG, 1890 ic->ic_edca_ac[EDCA_AC_VO].ac_aifsn << 12 | 1891 ic->ic_edca_ac[EDCA_AC_VI].ac_aifsn << 8 | 1892 ic->ic_edca_ac[EDCA_AC_BK].ac_aifsn << 4 | 1893 ic->ic_edca_ac[EDCA_AC_BE].ac_aifsn); 1894 run_write(sc, RT2860_WMM_CWMIN_CFG, 1895 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmin << 12 | 1896 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmin << 8 | 1897 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmin << 4 | 1898 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmin); 1899 run_write(sc, RT2860_WMM_CWMAX_CFG, 1900 ic->ic_edca_ac[EDCA_AC_VO].ac_ecwmax << 12 | 1901 ic->ic_edca_ac[EDCA_AC_VI].ac_ecwmax << 8 | 1902 ic->ic_edca_ac[EDCA_AC_BK].ac_ecwmax << 4 | 1903 ic->ic_edca_ac[EDCA_AC_BE].ac_ecwmax); 1904 run_write(sc, RT2860_WMM_TXOP0_CFG, 1905 ic->ic_edca_ac[EDCA_AC_BK].ac_txoplimit << 16 | 1906 ic->ic_edca_ac[EDCA_AC_BE].ac_txoplimit); 1907 run_write(sc, RT2860_WMM_TXOP1_CFG, 1908 ic->ic_edca_ac[EDCA_AC_VO].ac_txoplimit << 16 | 1909 ic->ic_edca_ac[EDCA_AC_VI].ac_txoplimit); 1910 splx(s); 1911 } 1912 1913 int 1914 run_set_key(struct ieee80211com *ic, struct ieee80211_node *ni, 1915 struct ieee80211_key *k) 1916 { 1917 struct run_softc *sc = ic->ic_softc; 1918 struct run_cmd_key cmd; 1919 1920 /* defer setting of WEP keys until interface is brought up */ 1921 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) != 1922 (IFF_UP | IFF_RUNNING)) 1923 return 0; 1924 1925 /* do it in a process context */ 1926 cmd.key = *k; 1927 cmd.ni = ni; 1928 run_do_async(sc, run_set_key_cb, &cmd, sizeof cmd); 1929 sc->sc_key_tasks++; 1930 1931 return EBUSY; 1932 } 1933 1934 void 1935 run_set_key_cb(struct run_softc *sc, void *arg) 1936 { 1937 struct ieee80211com *ic = &sc->sc_ic; 1938 struct run_cmd_key *cmd = arg; 1939 struct ieee80211_key *k = &cmd->key; 1940 uint32_t attr; 1941 uint16_t base; 1942 uint8_t mode, wcid, iv[8]; 1943 1944 sc->sc_key_tasks--; 1945 1946 /* map net80211 cipher to RT2860 security mode */ 1947 switch (k->k_cipher) { 1948 case IEEE80211_CIPHER_WEP40: 1949 mode = RT2860_MODE_WEP40; 1950 break; 1951 case IEEE80211_CIPHER_WEP104: 1952 mode = RT2860_MODE_WEP104; 1953 break; 1954 case IEEE80211_CIPHER_TKIP: 1955 mode = RT2860_MODE_TKIP; 1956 break; 1957 case IEEE80211_CIPHER_CCMP: 1958 mode = RT2860_MODE_AES_CCMP; 1959 break; 1960 default: 1961 IEEE80211_SEND_MGMT(ic, cmd->ni, IEEE80211_FC0_SUBTYPE_DEAUTH, 1962 IEEE80211_REASON_AUTH_LEAVE); 1963 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1964 return; 1965 } 1966 1967 if (k->k_flags & IEEE80211_KEY_GROUP) { 1968 wcid = 0; /* NB: update WCID0 for group keys */ 1969 base = RT2860_SKEY(0, k->k_id); 1970 } else { 1971 wcid = (cmd->ni != NULL) ? RUN_AID2WCID(cmd->ni->ni_associd) : 0; 1972 base = RT2860_PKEY(wcid); 1973 } 1974 1975 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1976 run_write_region_1(sc, base, k->k_key, 16); 1977 run_write_region_1(sc, base + 16, &k->k_key[24], 8); 1978 run_write_region_1(sc, base + 24, &k->k_key[16], 8); 1979 } else { 1980 /* roundup len to 16-bit: XXX fix write_region_1() instead */ 1981 run_write_region_1(sc, base, k->k_key, (k->k_len + 1) & ~1); 1982 } 1983 1984 if (!(k->k_flags & IEEE80211_KEY_GROUP) || 1985 (k->k_flags & IEEE80211_KEY_TX)) { 1986 /* set initial packet number in IV+EIV */ 1987 if (k->k_cipher == IEEE80211_CIPHER_WEP40 || 1988 k->k_cipher == IEEE80211_CIPHER_WEP104) { 1989 memset(iv, 0, sizeof iv); 1990 iv[3] = sc->sc_ic.ic_def_txkey << 6; 1991 } else { 1992 if (k->k_cipher == IEEE80211_CIPHER_TKIP) { 1993 iv[0] = k->k_tsc >> 8; 1994 iv[1] = (iv[0] | 0x20) & 0x7f; 1995 iv[2] = k->k_tsc; 1996 } else /* CCMP */ { 1997 iv[0] = k->k_tsc; 1998 iv[1] = k->k_tsc >> 8; 1999 iv[2] = 0; 2000 } 2001 iv[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV; 2002 iv[4] = k->k_tsc >> 16; 2003 iv[5] = k->k_tsc >> 24; 2004 iv[6] = k->k_tsc >> 32; 2005 iv[7] = k->k_tsc >> 40; 2006 } 2007 run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8); 2008 } 2009 2010 if (k->k_flags & IEEE80211_KEY_GROUP) { 2011 /* install group key */ 2012 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2013 attr &= ~(0xf << (k->k_id * 4)); 2014 attr |= mode << (k->k_id * 4); 2015 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2016 } else { 2017 /* install pairwise key */ 2018 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2019 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN; 2020 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2021 } 2022 2023 if (sc->sc_key_tasks == 0) { 2024 if (cmd->ni != NULL) 2025 cmd->ni->ni_port_valid = 1; 2026 ieee80211_set_link_state(ic, LINK_STATE_UP); 2027 } 2028 } 2029 2030 void 2031 run_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni, 2032 struct ieee80211_key *k) 2033 { 2034 struct run_softc *sc = ic->ic_softc; 2035 struct run_cmd_key cmd; 2036 2037 if (!(ic->ic_if.if_flags & IFF_RUNNING) || 2038 ic->ic_state != IEEE80211_S_RUN) 2039 return; /* nothing to do */ 2040 2041 /* do it in a process context */ 2042 cmd.key = *k; 2043 cmd.ni = ni; 2044 run_do_async(sc, run_delete_key_cb, &cmd, sizeof cmd); 2045 } 2046 2047 void 2048 run_delete_key_cb(struct run_softc *sc, void *arg) 2049 { 2050 struct run_cmd_key *cmd = arg; 2051 struct ieee80211_key *k = &cmd->key; 2052 uint32_t attr; 2053 uint8_t wcid; 2054 2055 if (k->k_flags & IEEE80211_KEY_GROUP) { 2056 /* remove group key */ 2057 run_read(sc, RT2860_SKEY_MODE_0_7, &attr); 2058 attr &= ~(0xf << (k->k_id * 4)); 2059 run_write(sc, RT2860_SKEY_MODE_0_7, attr); 2060 2061 } else { 2062 /* remove pairwise key */ 2063 wcid = (cmd->ni != NULL) ? RUN_AID2WCID(cmd->ni->ni_associd) : 0; 2064 run_read(sc, RT2860_WCID_ATTR(wcid), &attr); 2065 attr &= ~0xf; 2066 run_write(sc, RT2860_WCID_ATTR(wcid), attr); 2067 } 2068 } 2069 2070 void 2071 run_calibrate_to(void *arg) 2072 { 2073 /* do it in a process context */ 2074 run_do_async(arg, run_calibrate_cb, NULL, 0); 2075 /* next timeout will be rescheduled in the calibration task */ 2076 } 2077 2078 void 2079 run_calibrate_cb(struct run_softc *sc, void *arg) 2080 { 2081 struct ifnet *ifp = &sc->sc_ic.ic_if; 2082 uint32_t sta[3]; 2083 int s, error; 2084 2085 /* read statistic counters (clear on read) and update AMRR state */ 2086 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta, 2087 sizeof sta); 2088 if (error != 0) 2089 goto skip; 2090 2091 DPRINTF(("retrycnt=%d txcnt=%d failcnt=%d\n", 2092 letoh32(sta[1]) >> 16, letoh32(sta[1]) & 0xffff, 2093 letoh32(sta[0]) & 0xffff)); 2094 2095 s = splnet(); 2096 /* count failed TX as errors */ 2097 ifp->if_oerrors += letoh32(sta[0]) & 0xffff; 2098 2099 sc->amn.amn_retrycnt = 2100 (letoh32(sta[0]) & 0xffff) + /* failed TX count */ 2101 (letoh32(sta[1]) >> 16); /* TX retransmission count */ 2102 2103 sc->amn.amn_txcnt = 2104 sc->amn.amn_retrycnt + 2105 (letoh32(sta[1]) & 0xffff); /* successful TX count */ 2106 2107 ieee80211_amrr_choose(&sc->amrr, sc->sc_ic.ic_bss, &sc->amn); 2108 splx(s); 2109 2110 skip: 2111 if (!usbd_is_dying(sc->sc_udev)) 2112 timeout_add_sec(&sc->calib_to, 1); 2113 } 2114 2115 void 2116 run_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew) 2117 { 2118 struct run_softc *sc = ic->ic_softc; 2119 struct run_node *rn = (void *)ni; 2120 struct ieee80211_rateset *rs = &ni->ni_rates; 2121 uint8_t rate; 2122 int ridx, i, j; 2123 2124 DPRINTF(("new assoc isnew=%d addr=%s\n", 2125 isnew, ether_sprintf(ni->ni_macaddr))); 2126 2127 ieee80211_amrr_node_init(&sc->amrr, &sc->amn); 2128 /* start at lowest available bit-rate, AMRR will raise */ 2129 ni->ni_txrate = 0; 2130 2131 for (i = 0; i < rs->rs_nrates; i++) { 2132 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL; 2133 /* convert 802.11 rate to hardware rate index */ 2134 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++) 2135 if (rt2860_rates[ridx].rate == rate) 2136 break; 2137 rn->ridx[i] = ridx; 2138 /* determine rate of control response frames */ 2139 for (j = i; j >= 0; j--) { 2140 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) && 2141 rt2860_rates[rn->ridx[i]].phy == 2142 rt2860_rates[rn->ridx[j]].phy) 2143 break; 2144 } 2145 if (j >= 0) { 2146 rn->ctl_ridx[i] = rn->ridx[j]; 2147 } else { 2148 /* no basic rate found, use mandatory one */ 2149 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx; 2150 } 2151 DPRINTF(("rate=0x%02x ridx=%d ctl_ridx=%d\n", 2152 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i])); 2153 } 2154 } 2155 2156 /* 2157 * Return the Rx chain with the highest RSSI for a given frame. 2158 */ 2159 static __inline uint8_t 2160 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi) 2161 { 2162 uint8_t rxchain = 0; 2163 2164 if (sc->nrxchains > 1) { 2165 if (rxwi->rssi[1] > rxwi->rssi[rxchain]) 2166 rxchain = 1; 2167 if (sc->nrxchains > 2) 2168 if (rxwi->rssi[2] > rxwi->rssi[rxchain]) 2169 rxchain = 2; 2170 } 2171 return rxchain; 2172 } 2173 2174 void 2175 run_rx_frame(struct run_softc *sc, uint8_t *buf, int dmalen, 2176 struct mbuf_list *ml) 2177 { 2178 struct ieee80211com *ic = &sc->sc_ic; 2179 struct ifnet *ifp = &ic->ic_if; 2180 struct ieee80211_frame *wh; 2181 struct ieee80211_rxinfo rxi; 2182 struct ieee80211_node *ni; 2183 struct rt2870_rxd *rxd; 2184 struct rt2860_rxwi *rxwi; 2185 struct mbuf *m; 2186 uint32_t flags; 2187 uint16_t len; 2188 #if NBPFILTER > 0 2189 uint16_t phy; 2190 #endif 2191 uint16_t rxwisize; 2192 uint8_t ant, rssi; 2193 int s; 2194 2195 rxwi = (struct rt2860_rxwi *)buf; 2196 rxwisize = sizeof(struct rt2860_rxwi); 2197 if (sc->mac_ver == 0x5592) 2198 rxwisize += sizeof(uint64_t); 2199 else if (sc->mac_ver == 0x3593) 2200 rxwisize += sizeof(uint32_t); 2201 len = letoh16(rxwi->len) & 0xfff; 2202 if (__predict_false(len > dmalen)) { 2203 DPRINTF(("bad RXWI length %u > %u\n", len, dmalen)); 2204 return; 2205 } 2206 if (len > MCLBYTES) { 2207 DPRINTF(("frame too large (length=%d)\n", len)); 2208 ifp->if_ierrors++; 2209 return; 2210 } 2211 /* Rx descriptor is located at the end */ 2212 rxd = (struct rt2870_rxd *)(buf + dmalen); 2213 flags = letoh32(rxd->flags); 2214 2215 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) { 2216 ifp->if_ierrors++; 2217 return; 2218 } 2219 2220 if (__predict_false((flags & RT2860_RX_MICERR))) { 2221 /* report MIC failures to net80211 for TKIP */ 2222 ic->ic_stats.is_rx_locmicfail++; 2223 ieee80211_michael_mic_failure(ic, 0/* XXX */); 2224 ifp->if_ierrors++; 2225 return; 2226 } 2227 2228 wh = (struct ieee80211_frame *)(buf + rxwisize); 2229 memset(&rxi, 0, sizeof(rxi)); 2230 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2231 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED; 2232 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 2233 } 2234 2235 if (flags & RT2860_RX_L2PAD) { 2236 u_int hdrlen = ieee80211_get_hdrlen(wh); 2237 memmove((caddr_t)wh + 2, wh, hdrlen); 2238 wh = (struct ieee80211_frame *)((caddr_t)wh + 2); 2239 } 2240 2241 /* could use m_devget but net80211 wants contig mgmt frames */ 2242 MGETHDR(m, M_DONTWAIT, MT_DATA); 2243 if (__predict_false(m == NULL)) { 2244 ifp->if_ierrors++; 2245 return; 2246 } 2247 if (len > MHLEN) { 2248 MCLGET(m, M_DONTWAIT); 2249 if (__predict_false(!(m->m_flags & M_EXT))) { 2250 ifp->if_ierrors++; 2251 m_freem(m); 2252 return; 2253 } 2254 } 2255 /* finalize mbuf */ 2256 memcpy(mtod(m, caddr_t), wh, len); 2257 m->m_pkthdr.len = m->m_len = len; 2258 2259 ant = run_maxrssi_chain(sc, rxwi); 2260 rssi = rxwi->rssi[ant]; 2261 2262 #if NBPFILTER > 0 2263 if (__predict_false(sc->sc_drvbpf != NULL)) { 2264 struct run_rx_radiotap_header *tap = &sc->sc_rxtap; 2265 struct mbuf mb; 2266 2267 tap->wr_flags = 0; 2268 tap->wr_chan_freq = htole16(ic->ic_ibss_chan->ic_freq); 2269 tap->wr_chan_flags = htole16(ic->ic_ibss_chan->ic_flags); 2270 tap->wr_antsignal = rssi; 2271 tap->wr_antenna = ant; 2272 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant); 2273 tap->wr_rate = 2; /* in case it can't be found below */ 2274 phy = letoh16(rxwi->phy); 2275 switch (phy & RT2860_PHY_MODE) { 2276 case RT2860_PHY_CCK: 2277 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) { 2278 case 0: tap->wr_rate = 2; break; 2279 case 1: tap->wr_rate = 4; break; 2280 case 2: tap->wr_rate = 11; break; 2281 case 3: tap->wr_rate = 22; break; 2282 } 2283 if (phy & RT2860_PHY_SHPRE) 2284 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2285 break; 2286 case RT2860_PHY_OFDM: 2287 switch (phy & RT2860_PHY_MCS) { 2288 case 0: tap->wr_rate = 12; break; 2289 case 1: tap->wr_rate = 18; break; 2290 case 2: tap->wr_rate = 24; break; 2291 case 3: tap->wr_rate = 36; break; 2292 case 4: tap->wr_rate = 48; break; 2293 case 5: tap->wr_rate = 72; break; 2294 case 6: tap->wr_rate = 96; break; 2295 case 7: tap->wr_rate = 108; break; 2296 } 2297 break; 2298 } 2299 mb.m_data = (caddr_t)tap; 2300 mb.m_len = sc->sc_rxtap_len; 2301 mb.m_next = m; 2302 mb.m_nextpkt = NULL; 2303 mb.m_type = 0; 2304 mb.m_flags = 0; 2305 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 2306 } 2307 #endif 2308 2309 s = splnet(); 2310 ni = ieee80211_find_rxnode(ic, wh); 2311 rxi.rxi_rssi = rssi; 2312 ieee80211_inputm(ifp, m, ni, &rxi, ml); 2313 2314 /* node is no longer needed */ 2315 ieee80211_release_node(ic, ni); 2316 splx(s); 2317 } 2318 2319 void 2320 run_rxeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 2321 { 2322 struct mbuf_list ml = MBUF_LIST_INITIALIZER(); 2323 struct run_rx_data *data = priv; 2324 struct run_softc *sc = data->sc; 2325 uint8_t *buf; 2326 uint32_t dmalen; 2327 int xferlen; 2328 uint16_t rxwisize; 2329 2330 rxwisize = sizeof(struct rt2860_rxwi); 2331 if (sc->mac_ver == 0x5592) 2332 rxwisize += sizeof(uint64_t); 2333 else if (sc->mac_ver == 0x3593) 2334 rxwisize += sizeof(uint32_t); 2335 2336 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2337 DPRINTF(("RX status=%d\n", status)); 2338 if (status == USBD_STALLED) 2339 usbd_clear_endpoint_stall_async(sc->rxq.pipeh); 2340 if (status != USBD_CANCELLED) 2341 goto skip; 2342 return; 2343 } 2344 usbd_get_xfer_status(xfer, NULL, NULL, &xferlen, NULL); 2345 2346 if (__predict_false(xferlen < sizeof (uint32_t) + rxwisize + 2347 sizeof(struct rt2870_rxd))) { 2348 DPRINTF(("xfer too short %d\n", xferlen)); 2349 goto skip; 2350 } 2351 2352 /* HW can aggregate multiple 802.11 frames in a single USB xfer */ 2353 buf = data->buf; 2354 while (xferlen > 8) { 2355 dmalen = letoh32(*(uint32_t *)buf) & 0xffff; 2356 2357 if (__predict_false(dmalen == 0 || (dmalen & 3) != 0)) { 2358 DPRINTF(("bad DMA length %u\n", dmalen)); 2359 break; 2360 } 2361 if (__predict_false(dmalen + 8 > xferlen)) { 2362 DPRINTF(("bad DMA length %u > %d\n", 2363 dmalen + 8, xferlen)); 2364 break; 2365 } 2366 run_rx_frame(sc, buf + sizeof (uint32_t), dmalen, &ml); 2367 buf += dmalen + 8; 2368 xferlen -= dmalen + 8; 2369 } 2370 if_input(&sc->sc_ic.ic_if, &ml); 2371 2372 skip: /* setup a new transfer */ 2373 usbd_setup_xfer(xfer, sc->rxq.pipeh, data, data->buf, RUN_MAX_RXSZ, 2374 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, run_rxeof); 2375 (void)usbd_transfer(data->xfer); 2376 } 2377 2378 void 2379 run_txeof(struct usbd_xfer *xfer, void *priv, usbd_status status) 2380 { 2381 struct run_tx_data *data = priv; 2382 struct run_softc *sc = data->sc; 2383 struct run_tx_ring *txq = &sc->txq[data->qid]; 2384 struct ifnet *ifp = &sc->sc_ic.ic_if; 2385 int s; 2386 2387 s = splnet(); 2388 txq->queued--; 2389 sc->qfullmsk &= ~(1 << data->qid); 2390 2391 if (__predict_false(status != USBD_NORMAL_COMPLETION)) { 2392 DPRINTF(("TX status=%d\n", status)); 2393 if (status == USBD_STALLED) 2394 usbd_clear_endpoint_stall_async(txq->pipeh); 2395 ifp->if_oerrors++; 2396 splx(s); 2397 return; 2398 } 2399 2400 sc->sc_tx_timer = 0; 2401 ifq_clr_oactive(&ifp->if_snd); 2402 run_start(ifp); 2403 splx(s); 2404 } 2405 2406 int 2407 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2408 { 2409 struct ieee80211com *ic = &sc->sc_ic; 2410 struct run_node *rn = (void *)ni; 2411 struct ieee80211_frame *wh; 2412 struct run_tx_ring *ring; 2413 struct run_tx_data *data; 2414 struct rt2870_txd *txd; 2415 struct rt2860_txwi *txwi; 2416 uint16_t qos, dur; 2417 uint16_t txwisize; 2418 uint8_t type, mcs, tid, qid; 2419 int error, hasqos, ridx, ctl_ridx, xferlen; 2420 2421 wh = mtod(m, struct ieee80211_frame *); 2422 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2423 2424 if ((hasqos = ieee80211_has_qos(wh))) { 2425 qos = ieee80211_get_qos(wh); 2426 tid = qos & IEEE80211_QOS_TID; 2427 qid = ieee80211_up_to_ac(ic, tid); 2428 } else { 2429 qos = 0; 2430 tid = 0; 2431 qid = EDCA_AC_BE; 2432 } 2433 ring = &sc->txq[qid]; 2434 data = &ring->data[ring->cur]; 2435 2436 /* pickup a rate index */ 2437 if (IEEE80211_IS_MULTICAST(wh->i_addr1) || 2438 type != IEEE80211_FC0_TYPE_DATA) { 2439 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2440 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1; 2441 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2442 } else if (ic->ic_fixed_rate != -1) { 2443 ridx = sc->fixed_ridx; 2444 ctl_ridx = rt2860_rates[ridx].ctl_ridx; 2445 } else { 2446 ridx = rn->ridx[ni->ni_txrate]; 2447 ctl_ridx = rn->ctl_ridx[ni->ni_txrate]; 2448 } 2449 2450 /* get MCS code from rate index */ 2451 mcs = rt2860_rates[ridx].mcs; 2452 2453 txwisize = sizeof(struct rt2860_txwi); 2454 if (sc->mac_ver == 0x5592) 2455 txwisize += sizeof(uint32_t); 2456 xferlen = txwisize + m->m_pkthdr.len; 2457 2458 /* roundup to 32-bit alignment */ 2459 xferlen = (xferlen + 3) & ~3; 2460 2461 txd = (struct rt2870_txd *)data->buf; 2462 txd->flags = RT2860_TX_QSEL_EDCA; 2463 txd->len = htole16(xferlen); 2464 2465 /* setup TX Wireless Information */ 2466 txwi = (struct rt2860_txwi *)(txd + 1); 2467 txwi->flags = 0; 2468 txwi->xflags = hasqos ? 0 : RT2860_TX_NSEQ; 2469 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ? 2470 RUN_AID2WCID(ni->ni_associd) : 0xff; 2471 txwi->len = htole16(m->m_pkthdr.len); 2472 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) { 2473 txwi->phy = htole16(RT2860_PHY_CCK); 2474 if (ridx != RT2860_RIDX_CCK1 && 2475 (ic->ic_flags & IEEE80211_F_SHPREAMBLE)) 2476 mcs |= RT2860_PHY_SHPRE; 2477 } else 2478 txwi->phy = htole16(RT2860_PHY_OFDM); 2479 txwi->phy |= htole16(mcs); 2480 2481 txwi->txop = RT2860_TX_TXOP_BACKOFF; 2482 2483 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) && 2484 (!hasqos || (qos & IEEE80211_QOS_ACK_POLICY_MASK) != 2485 IEEE80211_QOS_ACK_POLICY_NOACK)) { 2486 txwi->xflags |= RT2860_TX_ACK; 2487 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 2488 dur = rt2860_rates[ctl_ridx].sp_ack_dur; 2489 else 2490 dur = rt2860_rates[ctl_ridx].lp_ack_dur; 2491 *(uint16_t *)wh->i_dur = htole16(dur); 2492 } 2493 2494 #if NBPFILTER > 0 2495 if (__predict_false(sc->sc_drvbpf != NULL)) { 2496 struct run_tx_radiotap_header *tap = &sc->sc_txtap; 2497 struct mbuf mb; 2498 2499 tap->wt_flags = 0; 2500 tap->wt_rate = rt2860_rates[ridx].rate; 2501 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 2502 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 2503 if (mcs & RT2860_PHY_SHPRE) 2504 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 2505 2506 mb.m_data = (caddr_t)tap; 2507 mb.m_len = sc->sc_txtap_len; 2508 mb.m_next = m; 2509 mb.m_nextpkt = NULL; 2510 mb.m_type = 0; 2511 mb.m_flags = 0; 2512 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 2513 } 2514 #endif 2515 2516 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)txwi + txwisize); 2517 m_freem(m); 2518 2519 xferlen += sizeof (*txd) + 4; 2520 2521 usbd_setup_xfer(data->xfer, ring->pipeh, data, data->buf, xferlen, 2522 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, RUN_TX_TIMEOUT, run_txeof); 2523 error = usbd_transfer(data->xfer); 2524 if (__predict_false(error != USBD_IN_PROGRESS && error != 0)) 2525 return error; 2526 2527 ieee80211_release_node(ic, ni); 2528 2529 ring->cur = (ring->cur + 1) % RUN_TX_RING_COUNT; 2530 if (++ring->queued >= RUN_TX_RING_COUNT) 2531 sc->qfullmsk |= 1 << qid; 2532 2533 return 0; 2534 } 2535 2536 void 2537 run_start(struct ifnet *ifp) 2538 { 2539 struct run_softc *sc = ifp->if_softc; 2540 struct ieee80211com *ic = &sc->sc_ic; 2541 struct ieee80211_node *ni; 2542 struct mbuf *m; 2543 2544 if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(&ifp->if_snd)) 2545 return; 2546 2547 for (;;) { 2548 if (sc->qfullmsk != 0) { 2549 ifq_set_oactive(&ifp->if_snd); 2550 break; 2551 } 2552 /* send pending management frames first */ 2553 m = mq_dequeue(&ic->ic_mgtq); 2554 if (m != NULL) { 2555 ni = m->m_pkthdr.ph_cookie; 2556 goto sendit; 2557 } 2558 if (ic->ic_state != IEEE80211_S_RUN) 2559 break; 2560 2561 /* encapsulate and send data frames */ 2562 m = ifq_dequeue(&ifp->if_snd); 2563 if (m == NULL) 2564 break; 2565 #if NBPFILTER > 0 2566 if (ifp->if_bpf != NULL) 2567 bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); 2568 #endif 2569 if ((m = ieee80211_encap(ifp, m, &ni)) == NULL) 2570 continue; 2571 sendit: 2572 #if NBPFILTER > 0 2573 if (ic->ic_rawbpf != NULL) 2574 bpf_mtap(ic->ic_rawbpf, m, BPF_DIRECTION_OUT); 2575 #endif 2576 if (run_tx(sc, m, ni) != 0) { 2577 ieee80211_release_node(ic, ni); 2578 ifp->if_oerrors++; 2579 continue; 2580 } 2581 2582 sc->sc_tx_timer = 5; 2583 ifp->if_timer = 1; 2584 } 2585 } 2586 2587 void 2588 run_watchdog(struct ifnet *ifp) 2589 { 2590 struct run_softc *sc = ifp->if_softc; 2591 2592 ifp->if_timer = 0; 2593 2594 if (sc->sc_tx_timer > 0) { 2595 if (--sc->sc_tx_timer == 0) { 2596 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 2597 /* run_init(ifp); XXX needs a process context! */ 2598 ifp->if_oerrors++; 2599 return; 2600 } 2601 ifp->if_timer = 1; 2602 } 2603 2604 ieee80211_watchdog(ifp); 2605 } 2606 2607 int 2608 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2609 { 2610 struct run_softc *sc = ifp->if_softc; 2611 struct ieee80211com *ic = &sc->sc_ic; 2612 int s, error = 0; 2613 2614 if (usbd_is_dying(sc->sc_udev)) 2615 return ENXIO; 2616 2617 usbd_ref_incr(sc->sc_udev); 2618 2619 s = splnet(); 2620 2621 switch (cmd) { 2622 case SIOCSIFADDR: 2623 ifp->if_flags |= IFF_UP; 2624 /* FALLTHROUGH */ 2625 case SIOCSIFFLAGS: 2626 if (ifp->if_flags & IFF_UP) { 2627 if (!(ifp->if_flags & IFF_RUNNING)) 2628 run_init(ifp); 2629 } else { 2630 if (ifp->if_flags & IFF_RUNNING) 2631 run_stop(ifp, 1); 2632 } 2633 break; 2634 2635 case SIOCS80211CHANNEL: 2636 /* 2637 * This allows for fast channel switching in monitor mode 2638 * (used by kismet). 2639 */ 2640 error = ieee80211_ioctl(ifp, cmd, data); 2641 if (error == ENETRESET && 2642 ic->ic_opmode == IEEE80211_M_MONITOR) { 2643 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2644 (IFF_UP | IFF_RUNNING)) 2645 run_set_chan(sc, ic->ic_ibss_chan); 2646 error = 0; 2647 } 2648 break; 2649 2650 default: 2651 error = ieee80211_ioctl(ifp, cmd, data); 2652 } 2653 2654 if (error == ENETRESET) { 2655 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 2656 (IFF_UP | IFF_RUNNING)) { 2657 run_stop(ifp, 0); 2658 run_init(ifp); 2659 } 2660 error = 0; 2661 } 2662 2663 splx(s); 2664 2665 usbd_ref_decr(sc->sc_udev); 2666 2667 return error; 2668 } 2669 2670 void 2671 run_iq_calib(struct run_softc *sc, u_int chan) 2672 { 2673 uint16_t val; 2674 2675 /* Tx0 IQ gain. */ 2676 run_bbp_write(sc, 158, 0x2c); 2677 if (chan <= 14) 2678 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val); 2679 else if (chan <= 64) { 2680 run_efuse_read(sc, 2681 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ, &val); 2682 } else if (chan <= 138) { 2683 run_efuse_read(sc, 2684 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ, &val); 2685 } else if (chan <= 165) { 2686 run_efuse_read(sc, 2687 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ, 2688 &val); 2689 } else 2690 val = 0; 2691 run_bbp_write(sc, 159, val); 2692 2693 /* Tx0 IQ phase. */ 2694 run_bbp_write(sc, 158, 0x2d); 2695 if (chan <= 14) { 2696 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ, &val); 2697 } else if (chan <= 64) { 2698 run_efuse_read(sc, 2699 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ, &val); 2700 } else if (chan <= 138) { 2701 run_efuse_read(sc, 2702 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ, &val); 2703 } else if (chan <= 165) { 2704 run_efuse_read(sc, 2705 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ, &val); 2706 } else 2707 val = 0; 2708 run_bbp_write(sc, 159, val); 2709 2710 /* Tx1 IQ gain. */ 2711 run_bbp_write(sc, 158, 0x4a); 2712 if (chan <= 14) { 2713 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ, &val); 2714 } else if (chan <= 64) { 2715 run_efuse_read(sc, 2716 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ, &val); 2717 } else if (chan <= 138) { 2718 run_efuse_read(sc, 2719 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ, &val); 2720 } else if (chan <= 165) { 2721 run_efuse_read(sc, 2722 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ, &val); 2723 } else 2724 val = 0; 2725 run_bbp_write(sc, 159, val); 2726 2727 /* Tx1 IQ phase. */ 2728 run_bbp_write(sc, 158, 0x4b); 2729 if (chan <= 14) { 2730 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ, &val); 2731 } else if (chan <= 64) { 2732 run_efuse_read(sc, 2733 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ, &val); 2734 } else if (chan <= 138) { 2735 run_efuse_read(sc, 2736 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ, &val); 2737 } else if (chan <= 165) { 2738 run_efuse_read(sc, 2739 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ, &val); 2740 } else 2741 val = 0; 2742 run_bbp_write(sc, 159, val); 2743 2744 /* RF IQ compensation control. */ 2745 run_bbp_write(sc, 158, 0x04); 2746 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL, &val); 2747 run_bbp_write(sc, 159, val); 2748 2749 /* RF IQ imbalance compensation control. */ 2750 run_bbp_write(sc, 158, 0x03); 2751 run_efuse_read(sc, 2752 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val); 2753 run_bbp_write(sc, 159, val); 2754 } 2755 2756 void 2757 run_select_chan_group(struct run_softc *sc, int group) 2758 { 2759 uint32_t tmp; 2760 uint8_t agc; 2761 2762 run_bbp_write(sc, 62, 0x37 - sc->lna[group]); 2763 run_bbp_write(sc, 63, 0x37 - sc->lna[group]); 2764 run_bbp_write(sc, 64, 0x37 - sc->lna[group]); 2765 if (sc->mac_ver < 0x3572) 2766 run_bbp_write(sc, 86, 0x00); 2767 2768 if (sc->mac_ver == 0x3593) { 2769 run_bbp_write(sc, 77, 0x98); 2770 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a); 2771 } 2772 2773 if (group == 0) { 2774 if (sc->ext_2ghz_lna) { 2775 if (sc->mac_ver >= 0x5390) 2776 run_bbp_write(sc, 75, 0x52); 2777 else { 2778 run_bbp_write(sc, 82, 0x62); 2779 run_bbp_write(sc, 75, 0x46); 2780 } 2781 } else { 2782 if (sc->mac_ver == 0x5592) { 2783 run_bbp_write(sc, 79, 0x1c); 2784 run_bbp_write(sc, 80, 0x0e); 2785 run_bbp_write(sc, 81, 0x3a); 2786 run_bbp_write(sc, 82, 0x62); 2787 2788 run_bbp_write(sc, 195, 0x80); 2789 run_bbp_write(sc, 196, 0xe0); 2790 run_bbp_write(sc, 195, 0x81); 2791 run_bbp_write(sc, 196, 0x1f); 2792 run_bbp_write(sc, 195, 0x82); 2793 run_bbp_write(sc, 196, 0x38); 2794 run_bbp_write(sc, 195, 0x83); 2795 run_bbp_write(sc, 196, 0x32); 2796 run_bbp_write(sc, 195, 0x85); 2797 run_bbp_write(sc, 196, 0x28); 2798 run_bbp_write(sc, 195, 0x86); 2799 run_bbp_write(sc, 196, 0x19); 2800 } else if (sc->mac_ver >= 0x5390) 2801 run_bbp_write(sc, 75, 0x50); 2802 else { 2803 run_bbp_write(sc, 82, 2804 (sc->mac_ver == 0x3593) ? 0x62 : 0x84); 2805 run_bbp_write(sc, 75, 0x50); 2806 } 2807 } 2808 } else { 2809 if (sc->mac_ver == 0x5592) { 2810 run_bbp_write(sc, 79, 0x18); 2811 run_bbp_write(sc, 80, 0x08); 2812 run_bbp_write(sc, 81, 0x38); 2813 run_bbp_write(sc, 82, 0x92); 2814 2815 run_bbp_write(sc, 195, 0x80); 2816 run_bbp_write(sc, 196, 0xf0); 2817 run_bbp_write(sc, 195, 0x81); 2818 run_bbp_write(sc, 196, 0x1e); 2819 run_bbp_write(sc, 195, 0x82); 2820 run_bbp_write(sc, 196, 0x28); 2821 run_bbp_write(sc, 195, 0x83); 2822 run_bbp_write(sc, 196, 0x20); 2823 run_bbp_write(sc, 195, 0x85); 2824 run_bbp_write(sc, 196, 0x7f); 2825 run_bbp_write(sc, 195, 0x86); 2826 run_bbp_write(sc, 196, 0x7f); 2827 } else if (sc->mac_ver == 0x3572) 2828 run_bbp_write(sc, 82, 0x94); 2829 else 2830 run_bbp_write(sc, 82, 2831 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2); 2832 if (sc->ext_5ghz_lna) 2833 run_bbp_write(sc, 75, 0x46); 2834 else 2835 run_bbp_write(sc, 75, 0x50); 2836 } 2837 2838 run_read(sc, RT2860_TX_BAND_CFG, &tmp); 2839 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P); 2840 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P; 2841 run_write(sc, RT2860_TX_BAND_CFG, tmp); 2842 2843 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */ 2844 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN; 2845 if (sc->mac_ver == 0x3593) 2846 tmp |= 1 << 29 | 1 << 28; 2847 if (sc->nrxchains > 1) 2848 tmp |= RT2860_LNA_PE1_EN; 2849 if (group == 0) { /* 2GHz */ 2850 tmp |= RT2860_PA_PE_G0_EN; 2851 if (sc->ntxchains > 1) 2852 tmp |= RT2860_PA_PE_G1_EN; 2853 if (sc->mac_ver == 0x3593) { 2854 if (sc->ntxchains > 2) 2855 tmp |= 1 << 25; 2856 } 2857 } else { /* 5GHz */ 2858 tmp |= RT2860_PA_PE_A0_EN; 2859 if (sc->ntxchains > 1) 2860 tmp |= RT2860_PA_PE_A1_EN; 2861 } 2862 if (sc->mac_ver == 0x3572) { 2863 run_rt3070_rf_write(sc, 8, 0x00); 2864 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2865 run_rt3070_rf_write(sc, 8, 0x80); 2866 } else 2867 run_write(sc, RT2860_TX_PIN_CFG, tmp); 2868 2869 if (sc->mac_ver == 0x5592) { 2870 run_bbp_write(sc, 195, 0x8d); 2871 run_bbp_write(sc, 196, 0x1a); 2872 } 2873 2874 if (sc->mac_ver == 0x3593) { 2875 run_read(sc, RT2860_GPIO_CTRL, &tmp); 2876 tmp &= ~0x01010000; 2877 if (group == 0) 2878 tmp |= 0x00010000; 2879 tmp = (tmp & ~0x00009090) | 0x00000090; 2880 run_write(sc, RT2860_GPIO_CTRL, tmp); 2881 } 2882 2883 /* set initial AGC value */ 2884 if (group == 0) { /* 2GHz band */ 2885 if (sc->mac_ver >= 0x3070) 2886 agc = 0x1c + sc->lna[0] * 2; 2887 else 2888 agc = 0x2e + sc->lna[0]; 2889 } else { /* 5GHz band */ 2890 if (sc->mac_ver == 0x5592) 2891 agc = 0x24 + sc->lna[group] * 2; 2892 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593) 2893 agc = 0x22 + (sc->lna[group] * 5) / 3; 2894 else 2895 agc = 0x32 + (sc->lna[group] * 5) / 3; 2896 } 2897 run_set_agc(sc, agc); 2898 } 2899 2900 void 2901 run_rt2870_set_chan(struct run_softc *sc, u_int chan) 2902 { 2903 const struct rfprog *rfprog = rt2860_rf2850; 2904 uint32_t r2, r3, r4; 2905 int8_t txpow1, txpow2; 2906 int i; 2907 2908 /* find the settings for this channel (we know it exists) */ 2909 for (i = 0; rfprog[i].chan != chan; i++) 2910 ; 2911 2912 r2 = rfprog[i].r2; 2913 if (sc->ntxchains == 1) 2914 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */ 2915 if (sc->nrxchains == 1) 2916 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 2917 else if (sc->nrxchains == 2) 2918 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */ 2919 2920 /* use Tx power values from EEPROM */ 2921 txpow1 = sc->txpow1[i]; 2922 txpow2 = sc->txpow2[i]; 2923 if (chan > 14) { 2924 if (txpow1 >= 0) 2925 txpow1 = txpow1 << 1 | 1; 2926 else 2927 txpow1 = (7 + txpow1) << 1; 2928 if (txpow2 >= 0) 2929 txpow2 = txpow2 << 1 | 1; 2930 else 2931 txpow2 = (7 + txpow2) << 1; 2932 } 2933 r3 = rfprog[i].r3 | txpow1 << 7; 2934 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4; 2935 2936 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2937 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2938 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2939 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2940 2941 DELAY(200); 2942 2943 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2944 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2945 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1); 2946 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2947 2948 DELAY(200); 2949 2950 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1); 2951 run_rt2870_rf_write(sc, RT2860_RF2, r2); 2952 run_rt2870_rf_write(sc, RT2860_RF3, r3); 2953 run_rt2870_rf_write(sc, RT2860_RF4, r4); 2954 } 2955 2956 void 2957 run_rt3070_set_chan(struct run_softc *sc, u_int chan) 2958 { 2959 int8_t txpow1, txpow2; 2960 uint8_t rf; 2961 int i; 2962 2963 /* find the settings for this channel (we know it exists) */ 2964 for (i = 0; rt2860_rf2850[i].chan != chan; i++) 2965 ; 2966 2967 /* use Tx power values from EEPROM */ 2968 txpow1 = sc->txpow1[i]; 2969 txpow2 = sc->txpow2[i]; 2970 2971 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 2972 2973 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */ 2974 run_rt3070_rf_read(sc, 3, &rf); 2975 rf = (rf & ~0x0f) | rt3070_freqs[i].k; 2976 run_rt3070_rf_write(sc, 3, rf); 2977 2978 run_rt3070_rf_read(sc, 6, &rf); 2979 rf = (rf & ~0x03) | rt3070_freqs[i].r; 2980 run_rt3070_rf_write(sc, 6, rf); 2981 2982 /* set Tx0 power */ 2983 run_rt3070_rf_read(sc, 12, &rf); 2984 rf = (rf & ~0x1f) | txpow1; 2985 run_rt3070_rf_write(sc, 12, rf); 2986 2987 /* set Tx1 power */ 2988 run_rt3070_rf_read(sc, 13, &rf); 2989 rf = (rf & ~0x1f) | txpow2; 2990 run_rt3070_rf_write(sc, 13, rf); 2991 2992 run_rt3070_rf_read(sc, 1, &rf); 2993 rf &= ~0xfc; 2994 if (sc->ntxchains == 1) 2995 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 2996 else if (sc->ntxchains == 2) 2997 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 2998 if (sc->nrxchains == 1) 2999 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 3000 else if (sc->nrxchains == 2) 3001 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 3002 run_rt3070_rf_write(sc, 1, rf); 3003 3004 /* set RF offset */ 3005 run_rt3070_rf_read(sc, 23, &rf); 3006 rf = (rf & ~0x7f) | sc->freq; 3007 run_rt3070_rf_write(sc, 23, rf); 3008 3009 /* program RF filter */ 3010 run_rt3070_rf_read(sc, 24, &rf); /* Tx */ 3011 rf = (rf & ~0x3f) | sc->rf24_20mhz; 3012 run_rt3070_rf_write(sc, 24, rf); 3013 run_rt3070_rf_read(sc, 31, &rf); /* Rx */ 3014 rf = (rf & ~0x3f) | sc->rf24_20mhz; 3015 run_rt3070_rf_write(sc, 31, rf); 3016 3017 /* enable RF tuning */ 3018 run_rt3070_rf_read(sc, 7, &rf); 3019 run_rt3070_rf_write(sc, 7, rf | 0x01); 3020 } 3021 3022 void 3023 run_rt3572_set_chan(struct run_softc *sc, u_int chan) 3024 { 3025 int8_t txpow1, txpow2; 3026 uint32_t tmp; 3027 uint8_t rf; 3028 int i; 3029 3030 /* find the settings for this channel (we know it exists) */ 3031 for (i = 0; rt2860_rf2850[i].chan != chan; i++) 3032 ; 3033 3034 /* use Tx power values from EEPROM */ 3035 txpow1 = sc->txpow1[i]; 3036 txpow2 = sc->txpow2[i]; 3037 3038 if (chan <= 14) { 3039 run_bbp_write(sc, 25, sc->bbp25); 3040 run_bbp_write(sc, 26, sc->bbp26); 3041 } else { 3042 /* enable IQ phase correction */ 3043 run_bbp_write(sc, 25, 0x09); 3044 run_bbp_write(sc, 26, 0xff); 3045 } 3046 3047 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n); 3048 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k); 3049 run_rt3070_rf_read(sc, 6, &rf); 3050 rf = (rf & ~0x0f) | rt3070_freqs[i].r; 3051 rf |= (chan <= 14) ? 0x08 : 0x04; 3052 run_rt3070_rf_write(sc, 6, rf); 3053 3054 /* set PLL mode */ 3055 run_rt3070_rf_read(sc, 5, &rf); 3056 rf &= ~(0x08 | 0x04); 3057 rf |= (chan <= 14) ? 0x04 : 0x08; 3058 run_rt3070_rf_write(sc, 5, rf); 3059 3060 /* set Tx power for chain 0 */ 3061 if (chan <= 14) 3062 rf = 0x60 | txpow1; 3063 else 3064 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3); 3065 run_rt3070_rf_write(sc, 12, rf); 3066 3067 /* set Tx power for chain 1 */ 3068 if (chan <= 14) 3069 rf = 0x60 | txpow2; 3070 else 3071 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3); 3072 run_rt3070_rf_write(sc, 13, rf); 3073 3074 /* set Tx/Rx streams */ 3075 run_rt3070_rf_read(sc, 1, &rf); 3076 rf &= ~0xfc; 3077 if (sc->ntxchains == 1) 3078 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */ 3079 else if (sc->ntxchains == 2) 3080 rf |= 1 << 7; /* 2T: disable Tx chain 3 */ 3081 if (sc->nrxchains == 1) 3082 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */ 3083 else if (sc->nrxchains == 2) 3084 rf |= 1 << 6; /* 2R: disable Rx chain 3 */ 3085 run_rt3070_rf_write(sc, 1, rf); 3086 3087 /* set RF offset */ 3088 run_rt3070_rf_read(sc, 23, &rf); 3089 rf = (rf & ~0x7f) | sc->freq; 3090 run_rt3070_rf_write(sc, 23, rf); 3091 3092 /* program RF filter */ 3093 rf = sc->rf24_20mhz; 3094 run_rt3070_rf_write(sc, 24, rf); /* Tx */ 3095 run_rt3070_rf_write(sc, 31, rf); /* Rx */ 3096 3097 /* enable RF tuning */ 3098 run_rt3070_rf_read(sc, 7, &rf); 3099 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14); 3100 run_rt3070_rf_write(sc, 7, rf); 3101 3102 /* TSSI */ 3103 rf = (chan <= 14) ? 0xc3 : 0xc0; 3104 run_rt3070_rf_write(sc, 9, rf); 3105 3106 /* set loop filter 1 */ 3107 run_rt3070_rf_write(sc, 10, 0xf1); 3108 /* set loop filter 2 */ 3109 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00); 3110 3111 /* set tx_mx2_ic */ 3112 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43); 3113 /* set tx_mx1_ic */ 3114 if (chan <= 14) 3115 rf = 0x48 | sc->txmixgain_2ghz; 3116 else 3117 rf = 0x78 | sc->txmixgain_5ghz; 3118 run_rt3070_rf_write(sc, 16, rf); 3119 3120 /* set tx_lo1 */ 3121 run_rt3070_rf_write(sc, 17, 0x23); 3122 /* set tx_lo2 */ 3123 if (chan <= 14) 3124 rf = 0x93; 3125 else if (chan <= 64) 3126 rf = 0xb7; 3127 else if (chan <= 128) 3128 rf = 0x74; 3129 else 3130 rf = 0x72; 3131 run_rt3070_rf_write(sc, 19, rf); 3132 3133 /* set rx_lo1 */ 3134 if (chan <= 14) 3135 rf = 0xb3; 3136 else if (chan <= 64) 3137 rf = 0xf6; 3138 else if (chan <= 128) 3139 rf = 0xf4; 3140 else 3141 rf = 0xf3; 3142 run_rt3070_rf_write(sc, 20, rf); 3143 3144 /* set pfd_delay */ 3145 if (chan <= 14) 3146 rf = 0x15; 3147 else if (chan <= 64) 3148 rf = 0x3d; 3149 else 3150 rf = 0x01; 3151 run_rt3070_rf_write(sc, 25, rf); 3152 3153 /* set rx_lo2 */ 3154 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87); 3155 /* set ldo_rf_vc */ 3156 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01); 3157 /* set drv_cc */ 3158 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f); 3159 3160 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3161 tmp &= ~0x8080; 3162 if (chan <= 14) 3163 tmp |= 0x80; 3164 run_write(sc, RT2860_GPIO_CTRL, tmp); 3165 3166 /* enable RF tuning */ 3167 run_rt3070_rf_read(sc, 7, &rf); 3168 run_rt3070_rf_write(sc, 7, rf | 0x01); 3169 3170 DELAY(2000); 3171 } 3172 3173 void 3174 run_rt3593_set_chan(struct run_softc *sc, u_int chan) 3175 { 3176 int8_t txpow1, txpow2, txpow3; 3177 uint8_t h20mhz, rf; 3178 int i; 3179 3180 /* find the settings for this channel (we know it exists) */ 3181 for (i = 0; rt2860_rf2850[i].chan != chan; i++) 3182 ; 3183 3184 /* use Tx power values from EEPROM */ 3185 txpow1 = sc->txpow1[i]; 3186 txpow2 = sc->txpow2[i]; 3187 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0; 3188 3189 if (chan <= 14) { 3190 run_bbp_write(sc, 25, sc->bbp25); 3191 run_bbp_write(sc, 26, sc->bbp26); 3192 } else { 3193 /* Enable IQ phase correction. */ 3194 run_bbp_write(sc, 25, 0x09); 3195 run_bbp_write(sc, 26, 0xff); 3196 } 3197 3198 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 3199 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 3200 run_rt3070_rf_read(sc, 11, &rf); 3201 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 3202 run_rt3070_rf_write(sc, 11, rf); 3203 3204 /* Set pll_idoh. */ 3205 run_rt3070_rf_read(sc, 11, &rf); 3206 rf &= ~0x4c; 3207 rf |= (chan <= 14) ? 0x44 : 0x48; 3208 run_rt3070_rf_write(sc, 11, rf); 3209 3210 if (chan <= 14) 3211 rf = txpow1 & 0x1f; 3212 else 3213 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07); 3214 run_rt3070_rf_write(sc, 53, rf); 3215 3216 if (chan <= 14) 3217 rf = txpow2 & 0x1f; 3218 else 3219 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07); 3220 run_rt3070_rf_write(sc, 55, rf); 3221 3222 if (chan <= 14) 3223 rf = txpow3 & 0x1f; 3224 else 3225 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07); 3226 run_rt3070_rf_write(sc, 54, rf); 3227 3228 rf = RT3070_RF_BLOCK | RT3070_PLL_PD; 3229 if (sc->ntxchains == 3) 3230 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD; 3231 else 3232 rf |= RT3070_TX0_PD | RT3070_TX1_PD; 3233 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD; 3234 run_rt3070_rf_write(sc, 1, rf); 3235 3236 run_adjust_freq_offset(sc); 3237 3238 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80); 3239 3240 h20mhz = (sc->rf24_20mhz & 0x20) >> 5; 3241 run_rt3070_rf_read(sc, 30, &rf); 3242 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2); 3243 run_rt3070_rf_write(sc, 30, rf); 3244 3245 run_rt3070_rf_read(sc, 36, &rf); 3246 if (chan <= 14) 3247 rf |= 0x80; 3248 else 3249 rf &= ~0x80; 3250 run_rt3070_rf_write(sc, 36, rf); 3251 3252 /* Set vcolo_bs. */ 3253 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20); 3254 /* Set pfd_delay. */ 3255 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12); 3256 3257 /* Set vco bias current control. */ 3258 run_rt3070_rf_read(sc, 6, &rf); 3259 rf &= ~0xc0; 3260 if (chan <= 14) 3261 rf |= 0x40; 3262 else if (chan <= 128) 3263 rf |= 0x80; 3264 else 3265 rf |= 0x40; 3266 run_rt3070_rf_write(sc, 6, rf); 3267 3268 run_rt3070_rf_read(sc, 30, &rf); 3269 rf = (rf & ~0x18) | 0x10; 3270 run_rt3070_rf_write(sc, 30, rf); 3271 3272 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8); 3273 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23); 3274 3275 run_rt3070_rf_read(sc, 51, &rf); 3276 rf = (rf & ~0x03) | 0x01; 3277 run_rt3070_rf_write(sc, 51, rf); 3278 /* Set tx_mx1_cc. */ 3279 run_rt3070_rf_read(sc, 51, &rf); 3280 rf &= ~0x1c; 3281 rf |= (chan <= 14) ? 0x14 : 0x10; 3282 run_rt3070_rf_write(sc, 51, rf); 3283 /* Set tx_mx1_ic. */ 3284 run_rt3070_rf_read(sc, 51, &rf); 3285 rf &= ~0xe0; 3286 rf |= (chan <= 14) ? 0x60 : 0x40; 3287 run_rt3070_rf_write(sc, 51, rf); 3288 /* Set tx_lo1_ic. */ 3289 run_rt3070_rf_read(sc, 49, &rf); 3290 rf &= ~0x1c; 3291 rf |= (chan <= 14) ? 0x0c : 0x08; 3292 run_rt3070_rf_write(sc, 49, rf); 3293 /* Set tx_lo1_en. */ 3294 run_rt3070_rf_read(sc, 50, &rf); 3295 run_rt3070_rf_write(sc, 50, rf & ~0x20); 3296 /* Set drv_cc. */ 3297 run_rt3070_rf_read(sc, 57, &rf); 3298 rf &= ~0xfc; 3299 rf |= (chan <= 14) ? 0x6c : 0x3c; 3300 run_rt3070_rf_write(sc, 57, rf); 3301 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */ 3302 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b); 3303 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */ 3304 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05); 3305 /* Enable VCO calibration. */ 3306 run_rt3070_rf_read(sc, 3, &rf); 3307 rf &= ~RT3593_VCOCAL; 3308 rf |= (chan <= 14) ? RT3593_VCOCAL : 0xbe; 3309 run_rt3070_rf_write(sc, 3, rf); 3310 3311 if (chan <= 14) 3312 rf = 0x23; 3313 else if (chan <= 64) 3314 rf = 0x36; 3315 else if (chan <= 128) 3316 rf = 0x32; 3317 else 3318 rf = 0x30; 3319 run_rt3070_rf_write(sc, 39, rf); 3320 if (chan <= 14) 3321 rf = 0xbb; 3322 else if (chan <= 64) 3323 rf = 0xeb; 3324 else if (chan <= 128) 3325 rf = 0xb3; 3326 else 3327 rf = 0x9b; 3328 run_rt3070_rf_write(sc, 45, rf); 3329 3330 /* Set FEQ/AEQ control. */ 3331 run_bbp_write(sc, 105, 0x34); 3332 } 3333 3334 void 3335 run_rt5390_set_chan(struct run_softc *sc, u_int chan) 3336 { 3337 int8_t txpow1, txpow2; 3338 uint8_t rf; 3339 int i; 3340 3341 /* find the settings for this channel (we know it exists) */ 3342 for (i = 0; rt2860_rf2850[i].chan != chan; i++) 3343 ; 3344 3345 /* use Tx power values from EEPROM */ 3346 txpow1 = sc->txpow1[i]; 3347 txpow2 = sc->txpow2[i]; 3348 3349 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n); 3350 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f); 3351 run_rt3070_rf_read(sc, 11, &rf); 3352 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03); 3353 run_rt3070_rf_write(sc, 11, rf); 3354 3355 run_rt3070_rf_read(sc, 49, &rf); 3356 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 3357 /* The valid range of the RF R49 is 0x00 to 0x27. */ 3358 if ((rf & 0x3f) > 0x27) 3359 rf = (rf & ~0x3f) | 0x27; 3360 run_rt3070_rf_write(sc, 49, rf); 3361 3362 if (sc->mac_ver == 0x5392) { 3363 run_rt3070_rf_read(sc, 50, &rf); 3364 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 3365 /* The valid range of the RF R50 is 0x00 to 0x27. */ 3366 if ((rf & 0x3f) > 0x27) 3367 rf = (rf & ~0x3f) | 0x27; 3368 run_rt3070_rf_write(sc, 50, rf); 3369 } 3370 3371 run_rt3070_rf_read(sc, 1, &rf); 3372 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD; 3373 if (sc->mac_ver == 0x5392) 3374 rf |= RT3070_RX1_PD | RT3070_TX1_PD; 3375 run_rt3070_rf_write(sc, 1, rf); 3376 3377 if (sc->mac_ver != 0x5392) { 3378 run_rt3070_rf_read(sc, 2, &rf); 3379 rf |= 0x80; 3380 run_rt3070_rf_write(sc, 2, rf); 3381 DELAY(10); 3382 rf &= 0x7f; 3383 run_rt3070_rf_write(sc, 2, rf); 3384 } 3385 3386 run_adjust_freq_offset(sc); 3387 3388 if (sc->mac_ver == 0x5392) { 3389 /* Fix for RT5392C. */ 3390 if (sc->mac_rev >= 0x0223) { 3391 if (chan <= 4) 3392 rf = 0x0f; 3393 else if (chan >= 5 && chan <= 7) 3394 rf = 0x0e; 3395 else 3396 rf = 0x0d; 3397 run_rt3070_rf_write(sc, 23, rf); 3398 3399 if (chan <= 4) 3400 rf = 0x0c; 3401 else if (chan == 5) 3402 rf = 0x0b; 3403 else if (chan >= 6 && chan <= 7) 3404 rf = 0x0a; 3405 else if (chan >= 8 && chan <= 10) 3406 rf = 0x09; 3407 else 3408 rf = 0x08; 3409 run_rt3070_rf_write(sc, 59, rf); 3410 } else { 3411 if (chan <= 11) 3412 rf = 0x0f; 3413 else 3414 rf = 0x0b; 3415 run_rt3070_rf_write(sc, 59, rf); 3416 } 3417 } else { 3418 /* Fix for RT5390F. */ 3419 if (sc->mac_rev >= 0x0502) { 3420 if (chan <= 11) 3421 rf = 0x43; 3422 else 3423 rf = 0x23; 3424 run_rt3070_rf_write(sc, 55, rf); 3425 3426 if (chan <= 11) 3427 rf = 0x0f; 3428 else if (chan == 12) 3429 rf = 0x0d; 3430 else 3431 rf = 0x0b; 3432 run_rt3070_rf_write(sc, 59, rf); 3433 } else { 3434 run_rt3070_rf_write(sc, 55, 0x44); 3435 run_rt3070_rf_write(sc, 59, 0x8f); 3436 } 3437 } 3438 3439 /* Enable VCO calibration. */ 3440 run_rt3070_rf_read(sc, 3, &rf); 3441 rf |= RT3593_VCOCAL; 3442 run_rt3070_rf_write(sc, 3, rf); 3443 } 3444 3445 void 3446 run_rt5592_set_chan(struct run_softc *sc, u_int chan) 3447 { 3448 const struct rt5592_freqs *freqs; 3449 uint32_t tmp; 3450 uint8_t reg, rf, txpow_bound; 3451 int8_t txpow1, txpow2; 3452 int i; 3453 3454 run_read(sc, RT5592_DEBUG_INDEX, &tmp); 3455 freqs = (tmp & RT5592_SEL_XTAL) ? 3456 rt5592_freqs_40mhz : rt5592_freqs_20mhz; 3457 3458 /* find the settings for this channel (we know it exists) */ 3459 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++) 3460 ; 3461 3462 /* use Tx power values from EEPROM */ 3463 txpow1 = sc->txpow1[i]; 3464 txpow2 = sc->txpow2[i]; 3465 3466 run_read(sc, RT3070_LDO_CFG0, &tmp); 3467 tmp &= ~0x1c000000; 3468 if (chan > 14) 3469 tmp |= 0x14000000; 3470 run_write(sc, RT3070_LDO_CFG0, tmp); 3471 3472 /* N setting. */ 3473 run_rt3070_rf_write(sc, 8, freqs->n & 0xff); 3474 run_rt3070_rf_read(sc, 9, &rf); 3475 rf &= ~(1 << 4); 3476 rf |= ((freqs->n & 0x0100) >> 8) << 4; 3477 run_rt3070_rf_write(sc, 9, rf); 3478 3479 /* K setting. */ 3480 run_rt3070_rf_read(sc, 9, &rf); 3481 rf &= ~0x0f; 3482 rf |= (freqs->k & 0x0f); 3483 run_rt3070_rf_write(sc, 9, rf); 3484 3485 /* Mode setting. */ 3486 run_rt3070_rf_read(sc, 11, &rf); 3487 rf &= ~0x0c; 3488 rf |= ((freqs->m - 0x8) & 0x3) << 2; 3489 run_rt3070_rf_write(sc, 11, rf); 3490 run_rt3070_rf_read(sc, 9, &rf); 3491 rf &= ~(1 << 7); 3492 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7; 3493 run_rt3070_rf_write(sc, 9, rf); 3494 3495 /* R setting. */ 3496 run_rt3070_rf_read(sc, 11, &rf); 3497 rf &= ~0x03; 3498 rf |= (freqs->r - 0x1); 3499 run_rt3070_rf_write(sc, 11, rf); 3500 3501 if (chan <= 14) { 3502 /* Initialize RF registers for 2GHZ. */ 3503 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) { 3504 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg, 3505 rt5592_2ghz_def_rf[i].val); 3506 } 3507 3508 rf = (chan <= 10) ? 0x07 : 0x06; 3509 run_rt3070_rf_write(sc, 23, rf); 3510 run_rt3070_rf_write(sc, 59, rf); 3511 3512 run_rt3070_rf_write(sc, 55, 0x43); 3513 3514 /* 3515 * RF R49/R50 Tx power ALC code. 3516 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27. 3517 */ 3518 reg = 2; 3519 txpow_bound = 0x27; 3520 } else { 3521 /* Initialize RF registers for 5GHZ. */ 3522 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) { 3523 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg, 3524 rt5592_5ghz_def_rf[i].val); 3525 } 3526 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) { 3527 if (chan >= rt5592_chan_5ghz[i].firstchan && 3528 chan <= rt5592_chan_5ghz[i].lastchan) { 3529 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg, 3530 rt5592_chan_5ghz[i].val); 3531 } 3532 } 3533 3534 /* 3535 * RF R49/R50 Tx power ALC code. 3536 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b. 3537 */ 3538 reg = 3; 3539 txpow_bound = 0x2b; 3540 } 3541 3542 /* RF R49 ch0 Tx power ALC code. */ 3543 run_rt3070_rf_read(sc, 49, &rf); 3544 rf &= ~0xc0; 3545 rf |= (reg << 6); 3546 rf = (rf & ~0x3f) | (txpow1 & 0x3f); 3547 if ((rf & 0x3f) > txpow_bound) 3548 rf = (rf & ~0x3f) | txpow_bound; 3549 run_rt3070_rf_write(sc, 49, rf); 3550 3551 /* RF R50 ch1 Tx power ALC code. */ 3552 run_rt3070_rf_read(sc, 50, &rf); 3553 rf &= ~(1 << 7 | 1 << 6); 3554 rf |= (reg << 6); 3555 rf = (rf & ~0x3f) | (txpow2 & 0x3f); 3556 if ((rf & 0x3f) > txpow_bound) 3557 rf = (rf & ~0x3f) | txpow_bound; 3558 run_rt3070_rf_write(sc, 50, rf); 3559 3560 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */ 3561 run_rt3070_rf_read(sc, 1, &rf); 3562 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD); 3563 if (sc->ntxchains > 1) 3564 rf |= RT3070_TX1_PD; 3565 if (sc->nrxchains > 1) 3566 rf |= RT3070_RX1_PD; 3567 run_rt3070_rf_write(sc, 1, rf); 3568 3569 run_rt3070_rf_write(sc, 6, 0xe4); 3570 3571 run_rt3070_rf_write(sc, 30, 0x10); 3572 run_rt3070_rf_write(sc, 31, 0x80); 3573 run_rt3070_rf_write(sc, 32, 0x80); 3574 3575 run_adjust_freq_offset(sc); 3576 3577 /* Enable VCO calibration. */ 3578 run_rt3070_rf_read(sc, 3, &rf); 3579 rf |= RT3593_VCOCAL; 3580 run_rt3070_rf_write(sc, 3, rf); 3581 } 3582 3583 void 3584 run_set_agc(struct run_softc *sc, uint8_t agc) 3585 { 3586 uint8_t bbp; 3587 3588 if (sc->mac_ver == 0x3572) { 3589 run_bbp_read(sc, 27, &bbp); 3590 bbp &= ~(0x3 << 5); 3591 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */ 3592 run_bbp_write(sc, 66, agc); 3593 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */ 3594 run_bbp_write(sc, 66, agc); 3595 } else 3596 run_bbp_write(sc, 66, agc); 3597 } 3598 3599 void 3600 run_set_rx_antenna(struct run_softc *sc, int aux) 3601 { 3602 uint32_t tmp; 3603 uint8_t bbp152; 3604 3605 if (aux) { 3606 if (sc->rf_rev == RT5390_RF_5370) { 3607 run_bbp_read(sc, 152, &bbp152); 3608 run_bbp_write(sc, 152, bbp152 & ~0x80); 3609 } else { 3610 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0); 3611 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3612 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08); 3613 } 3614 } else { 3615 if (sc->rf_rev == RT5390_RF_5370) { 3616 run_bbp_read(sc, 152, &bbp152); 3617 run_bbp_write(sc, 152, bbp152 | 0x80); 3618 } else { 3619 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1); 3620 run_read(sc, RT2860_GPIO_CTRL, &tmp); 3621 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808); 3622 } 3623 } 3624 } 3625 3626 int 3627 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c) 3628 { 3629 struct ieee80211com *ic = &sc->sc_ic; 3630 u_int chan, group; 3631 3632 chan = ieee80211_chan2ieee(ic, c); 3633 if (chan == 0 || chan == IEEE80211_CHAN_ANY) 3634 return EINVAL; 3635 3636 if (sc->mac_ver == 0x5592) 3637 run_rt5592_set_chan(sc, chan); 3638 else if (sc->mac_ver >= 0x5390) 3639 run_rt5390_set_chan(sc, chan); 3640 else if (sc->mac_ver == 0x3593) 3641 run_rt3593_set_chan(sc, chan); 3642 else if (sc->mac_ver == 0x3572) 3643 run_rt3572_set_chan(sc, chan); 3644 else if (sc->mac_ver >= 0x3070) 3645 run_rt3070_set_chan(sc, chan); 3646 else 3647 run_rt2870_set_chan(sc, chan); 3648 3649 /* determine channel group */ 3650 if (chan <= 14) 3651 group = 0; 3652 else if (chan <= 64) 3653 group = 1; 3654 else if (chan <= 128) 3655 group = 2; 3656 else 3657 group = 3; 3658 3659 /* XXX necessary only when group has changed! */ 3660 run_select_chan_group(sc, group); 3661 3662 DELAY(1000); 3663 3664 /* Perform IQ calibration. */ 3665 if (sc->mac_ver >= 0x5392) 3666 run_iq_calib(sc, chan); 3667 3668 return 0; 3669 } 3670 3671 void 3672 run_enable_tsf_sync(struct run_softc *sc) 3673 { 3674 struct ieee80211com *ic = &sc->sc_ic; 3675 uint32_t tmp; 3676 3677 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 3678 tmp &= ~0x1fffff; 3679 tmp |= ic->ic_bss->ni_intval * 16; 3680 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN; 3681 /* local TSF is always updated with remote TSF on beacon reception */ 3682 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT; 3683 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 3684 } 3685 3686 void 3687 run_enable_mrr(struct run_softc *sc) 3688 { 3689 #define CCK(mcs) (mcs) 3690 #define OFDM(mcs) (1 << 3 | (mcs)) 3691 run_write(sc, RT2860_LG_FBK_CFG0, 3692 OFDM(6) << 28 | /* 54->48 */ 3693 OFDM(5) << 24 | /* 48->36 */ 3694 OFDM(4) << 20 | /* 36->24 */ 3695 OFDM(3) << 16 | /* 24->18 */ 3696 OFDM(2) << 12 | /* 18->12 */ 3697 OFDM(1) << 8 | /* 12-> 9 */ 3698 OFDM(0) << 4 | /* 9-> 6 */ 3699 OFDM(0)); /* 6-> 6 */ 3700 3701 run_write(sc, RT2860_LG_FBK_CFG1, 3702 CCK(2) << 12 | /* 11->5.5 */ 3703 CCK(1) << 8 | /* 5.5-> 2 */ 3704 CCK(0) << 4 | /* 2-> 1 */ 3705 CCK(0)); /* 1-> 1 */ 3706 #undef OFDM 3707 #undef CCK 3708 } 3709 3710 void 3711 run_set_txpreamble(struct run_softc *sc) 3712 { 3713 uint32_t tmp; 3714 3715 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp); 3716 if (sc->sc_ic.ic_flags & IEEE80211_F_SHPREAMBLE) 3717 tmp |= RT2860_CCK_SHORT_EN; 3718 else 3719 tmp &= ~RT2860_CCK_SHORT_EN; 3720 run_write(sc, RT2860_AUTO_RSP_CFG, tmp); 3721 } 3722 3723 void 3724 run_set_basicrates(struct run_softc *sc) 3725 { 3726 struct ieee80211com *ic = &sc->sc_ic; 3727 3728 /* set basic rates mask */ 3729 if (ic->ic_curmode == IEEE80211_MODE_11B) 3730 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003); 3731 else if (ic->ic_curmode == IEEE80211_MODE_11A) 3732 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150); 3733 else /* 11g */ 3734 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f); 3735 } 3736 3737 void 3738 run_set_leds(struct run_softc *sc, uint16_t which) 3739 { 3740 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS, 3741 which | (sc->leds & 0x7f)); 3742 } 3743 3744 void 3745 run_set_bssid(struct run_softc *sc, const uint8_t *bssid) 3746 { 3747 run_write(sc, RT2860_MAC_BSSID_DW0, 3748 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24); 3749 run_write(sc, RT2860_MAC_BSSID_DW1, 3750 bssid[4] | bssid[5] << 8); 3751 } 3752 3753 void 3754 run_set_macaddr(struct run_softc *sc, const uint8_t *addr) 3755 { 3756 run_write(sc, RT2860_MAC_ADDR_DW0, 3757 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24); 3758 run_write(sc, RT2860_MAC_ADDR_DW1, 3759 addr[4] | addr[5] << 8 | 0xff << 16); 3760 } 3761 3762 void 3763 run_updateslot(struct ieee80211com *ic) 3764 { 3765 /* do it in a process context */ 3766 run_do_async(ic->ic_softc, run_updateslot_cb, NULL, 0); 3767 } 3768 3769 void 3770 run_updateslot_cb(struct run_softc *sc, void *arg) 3771 { 3772 uint32_t tmp; 3773 3774 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp); 3775 tmp &= ~0xff; 3776 tmp |= (sc->sc_ic.ic_flags & IEEE80211_F_SHSLOT) ? 3777 IEEE80211_DUR_DS_SHSLOT : IEEE80211_DUR_DS_SLOT; 3778 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp); 3779 } 3780 3781 #if NBPFILTER > 0 3782 int8_t 3783 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain) 3784 { 3785 struct ieee80211com *ic = &sc->sc_ic; 3786 struct ieee80211_channel *c = ic->ic_ibss_chan; 3787 int delta; 3788 3789 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3790 u_int chan = ieee80211_chan2ieee(ic, c); 3791 delta = sc->rssi_5ghz[rxchain]; 3792 3793 /* determine channel group */ 3794 if (chan <= 64) 3795 delta -= sc->lna[1]; 3796 else if (chan <= 128) 3797 delta -= sc->lna[2]; 3798 else 3799 delta -= sc->lna[3]; 3800 } else 3801 delta = sc->rssi_2ghz[rxchain] - sc->lna[0]; 3802 3803 return -12 - delta - rssi; 3804 } 3805 #endif 3806 3807 void 3808 run_rt5390_bbp_init(struct run_softc *sc) 3809 { 3810 int i; 3811 uint8_t bbp; 3812 3813 /* Apply maximum likelihood detection for 2 stream case. */ 3814 run_bbp_read(sc, 105, &bbp); 3815 if (sc->nrxchains > 1) 3816 run_bbp_write(sc, 105, bbp | RT5390_MLD); 3817 3818 /* Avoid data lost and CRC error. */ 3819 run_bbp_read(sc, 4, &bbp); 3820 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 3821 3822 if (sc->mac_ver == 0x5592) { 3823 for (i = 0; i < nitems(rt5592_def_bbp); i++) { 3824 run_bbp_write(sc, rt5592_def_bbp[i].reg, 3825 rt5592_def_bbp[i].val); 3826 } 3827 for (i = 0; i < nitems(rt5592_bbp_r196); i++) { 3828 run_bbp_write(sc, 195, i + 0x80); 3829 run_bbp_write(sc, 196, rt5592_bbp_r196[i]); 3830 } 3831 } else { 3832 for (i = 0; i < nitems(rt5390_def_bbp); i++) { 3833 run_bbp_write(sc, rt5390_def_bbp[i].reg, 3834 rt5390_def_bbp[i].val); 3835 } 3836 } 3837 if (sc->mac_ver == 0x5392) { 3838 run_bbp_write(sc, 88, 0x90); 3839 run_bbp_write(sc, 95, 0x9a); 3840 run_bbp_write(sc, 98, 0x12); 3841 run_bbp_write(sc, 106, 0x12); 3842 run_bbp_write(sc, 134, 0xd0); 3843 run_bbp_write(sc, 135, 0xf6); 3844 run_bbp_write(sc, 148, 0x84); 3845 } 3846 3847 run_bbp_read(sc, 152, &bbp); 3848 run_bbp_write(sc, 152, bbp | 0x80); 3849 3850 /* Fix BBP254 for RT5592C. */ 3851 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) { 3852 run_bbp_read(sc, 254, &bbp); 3853 run_bbp_write(sc, 254, bbp | 0x80); 3854 } 3855 3856 /* Disable hardware antenna diversity. */ 3857 if (sc->mac_ver == 0x5390) 3858 run_bbp_write(sc, 154, 0); 3859 3860 /* Initialize Rx CCK/OFDM frequency offset report. */ 3861 run_bbp_write(sc, 142, 1); 3862 run_bbp_write(sc, 143, 57); 3863 } 3864 3865 int 3866 run_bbp_init(struct run_softc *sc) 3867 { 3868 int i, error, ntries; 3869 uint8_t bbp0; 3870 3871 /* wait for BBP to wake up */ 3872 for (ntries = 0; ntries < 20; ntries++) { 3873 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0) 3874 return error; 3875 if (bbp0 != 0 && bbp0 != 0xff) 3876 break; 3877 } 3878 if (ntries == 20) 3879 return ETIMEDOUT; 3880 3881 /* initialize BBP registers to default values */ 3882 if (sc->mac_ver >= 0x5390) 3883 run_rt5390_bbp_init(sc); 3884 else { 3885 for (i = 0; i < nitems(rt2860_def_bbp); i++) { 3886 run_bbp_write(sc, rt2860_def_bbp[i].reg, 3887 rt2860_def_bbp[i].val); 3888 } 3889 } 3890 3891 if (sc->mac_ver == 0x3593) { 3892 run_bbp_write(sc, 79, 0x13); 3893 run_bbp_write(sc, 80, 0x05); 3894 run_bbp_write(sc, 81, 0x33); 3895 run_bbp_write(sc, 86, 0x46); 3896 run_bbp_write(sc, 137, 0x0f); 3897 } 3898 3899 /* fix BBP84 for RT2860E */ 3900 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101) 3901 run_bbp_write(sc, 84, 0x19); 3902 3903 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 && 3904 sc->mac_ver != 0x5592)) { 3905 run_bbp_write(sc, 79, 0x13); 3906 run_bbp_write(sc, 80, 0x05); 3907 run_bbp_write(sc, 81, 0x33); 3908 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) { 3909 run_bbp_write(sc, 69, 0x16); 3910 run_bbp_write(sc, 73, 0x12); 3911 } 3912 return 0; 3913 } 3914 3915 int 3916 run_rt3070_rf_init(struct run_softc *sc) 3917 { 3918 uint32_t tmp; 3919 uint8_t bbp4, mingain, rf, target; 3920 int i; 3921 3922 run_rt3070_rf_read(sc, 30, &rf); 3923 /* toggle RF R30 bit 7 */ 3924 run_rt3070_rf_write(sc, 30, rf | 0x80); 3925 DELAY(1000); 3926 run_rt3070_rf_write(sc, 30, rf & ~0x80); 3927 3928 /* initialize RF registers to default value */ 3929 if (sc->mac_ver == 0x3572) { 3930 for (i = 0; i < nitems(rt3572_def_rf); i++) { 3931 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg, 3932 rt3572_def_rf[i].val); 3933 } 3934 } else { 3935 for (i = 0; i < nitems(rt3070_def_rf); i++) { 3936 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg, 3937 rt3070_def_rf[i].val); 3938 } 3939 } 3940 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) { 3941 /* 3942 * Change voltage from 1.2V to 1.35V for RT3070. 3943 * The DAC issue (RT3070_LDO_CFG0) has been fixed 3944 * in RT3070(F). 3945 */ 3946 run_read(sc, RT3070_LDO_CFG0, &tmp); 3947 tmp = (tmp & ~0x0f000000) | 0x0d000000; 3948 run_write(sc, RT3070_LDO_CFG0, tmp); 3949 3950 } else if (sc->mac_ver == 0x3071) { 3951 run_rt3070_rf_read(sc, 6, &rf); 3952 run_rt3070_rf_write(sc, 6, rf | 0x40); 3953 run_rt3070_rf_write(sc, 31, 0x14); 3954 3955 run_read(sc, RT3070_LDO_CFG0, &tmp); 3956 tmp &= ~0x1f000000; 3957 if (sc->mac_rev < 0x0211) 3958 tmp |= 0x0d000000; /* 1.35V */ 3959 else 3960 tmp |= 0x01000000; /* 1.2V */ 3961 run_write(sc, RT3070_LDO_CFG0, tmp); 3962 3963 /* patch LNA_PE_G1 */ 3964 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 3965 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20); 3966 3967 } else if (sc->mac_ver == 0x3572) { 3968 run_rt3070_rf_read(sc, 6, &rf); 3969 run_rt3070_rf_write(sc, 6, rf | 0x40); 3970 /* increase voltage from 1.2V to 1.35V */ 3971 run_read(sc, RT3070_LDO_CFG0, &tmp); 3972 tmp = (tmp & ~0x1f000000) | 0x0d000000; 3973 run_write(sc, RT3070_LDO_CFG0, tmp); 3974 3975 if (sc->mac_rev < 0x0211 || !sc->patch_dac) { 3976 DELAY(1); /* wait for 1msec */ 3977 /* decrease voltage back to 1.2V */ 3978 tmp = (tmp & ~0x1f000000) | 0x01000000; 3979 run_write(sc, RT3070_LDO_CFG0, tmp); 3980 } 3981 } 3982 3983 /* select 20MHz bandwidth */ 3984 run_rt3070_rf_read(sc, 31, &rf); 3985 run_rt3070_rf_write(sc, 31, rf & ~0x20); 3986 3987 /* calibrate filter for 20MHz bandwidth */ 3988 sc->rf24_20mhz = 0x1f; /* default value */ 3989 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13; 3990 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz); 3991 3992 /* select 40MHz bandwidth */ 3993 run_bbp_read(sc, 4, &bbp4); 3994 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10); 3995 run_rt3070_rf_read(sc, 31, &rf); 3996 run_rt3070_rf_write(sc, 31, rf | 0x20); 3997 3998 /* calibrate filter for 40MHz bandwidth */ 3999 sc->rf24_40mhz = 0x2f; /* default value */ 4000 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15; 4001 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz); 4002 4003 /* go back to 20MHz bandwidth */ 4004 run_bbp_read(sc, 4, &bbp4); 4005 run_bbp_write(sc, 4, bbp4 & ~0x18); 4006 4007 if (sc->mac_ver == 0x3572) { 4008 /* save default BBP registers 25 and 26 values */ 4009 run_bbp_read(sc, 25, &sc->bbp25); 4010 run_bbp_read(sc, 26, &sc->bbp26); 4011 4012 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211) 4013 run_rt3070_rf_write(sc, 27, 0x03); 4014 4015 run_read(sc, RT3070_OPT_14, &tmp); 4016 run_write(sc, RT3070_OPT_14, tmp | 1); 4017 4018 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 4019 run_rt3070_rf_read(sc, 17, &rf); 4020 rf &= ~RT3070_TX_LO1; 4021 if ((sc->mac_ver == 0x3070 || 4022 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) && 4023 !sc->ext_2ghz_lna) 4024 rf |= 0x20; /* fix for long range Rx issue */ 4025 mingain = (sc->mac_ver == 0x3070) ? 1 : 2; 4026 if (sc->txmixgain_2ghz >= mingain) 4027 rf = (rf & ~0x7) | sc->txmixgain_2ghz; 4028 run_rt3070_rf_write(sc, 17, rf); 4029 } 4030 if (sc->mac_ver == 0x3071) { 4031 run_rt3070_rf_read(sc, 1, &rf); 4032 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD); 4033 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD; 4034 run_rt3070_rf_write(sc, 1, rf); 4035 4036 run_rt3070_rf_read(sc, 15, &rf); 4037 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2); 4038 4039 run_rt3070_rf_read(sc, 20, &rf); 4040 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1); 4041 4042 run_rt3070_rf_read(sc, 21, &rf); 4043 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2); 4044 } 4045 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) { 4046 /* fix Tx to Rx IQ glitch by raising RF voltage */ 4047 run_rt3070_rf_read(sc, 27, &rf); 4048 rf &= ~0x77; 4049 if (sc->mac_rev < 0x0211) 4050 rf |= 0x03; 4051 run_rt3070_rf_write(sc, 27, rf); 4052 } 4053 return 0; 4054 } 4055 4056 void 4057 run_rt3593_rf_init(struct run_softc *sc) 4058 { 4059 uint32_t tmp; 4060 uint8_t rf; 4061 int i; 4062 4063 /* Disable the GPIO bits 4 and 7 for LNA PE control. */ 4064 run_read(sc, RT3070_GPIO_SWITCH, &tmp); 4065 tmp &= ~(1 << 4 | 1 << 7); 4066 run_write(sc, RT3070_GPIO_SWITCH, tmp); 4067 4068 /* Initialize RF registers to default value. */ 4069 for (i = 0; i < nitems(rt3593_def_rf); i++) { 4070 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg, 4071 rt3593_def_rf[i].val); 4072 } 4073 4074 /* Toggle RF R2 to initiate calibration. */ 4075 run_rt3070_rf_write(sc, 2, RT3593_RESCAL); 4076 4077 /* Initialize RF frequency offset. */ 4078 run_adjust_freq_offset(sc); 4079 4080 run_rt3070_rf_read(sc, 18, &rf); 4081 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS); 4082 4083 /* 4084 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to 4085 * decrease voltage back to 1.2V. 4086 */ 4087 run_read(sc, RT3070_LDO_CFG0, &tmp); 4088 tmp = (tmp & ~0x1f000000) | 0x0d000000; 4089 run_write(sc, RT3070_LDO_CFG0, tmp); 4090 DELAY(1); 4091 tmp = (tmp & ~0x1f000000) | 0x01000000; 4092 run_write(sc, RT3070_LDO_CFG0, tmp); 4093 4094 sc->rf24_20mhz = 0x1f; 4095 sc->rf24_40mhz = 0x2f; 4096 4097 /* Save default BBP registers 25 and 26 values. */ 4098 run_bbp_read(sc, 25, &sc->bbp25); 4099 run_bbp_read(sc, 26, &sc->bbp26); 4100 4101 run_read(sc, RT3070_OPT_14, &tmp); 4102 run_write(sc, RT3070_OPT_14, tmp | 1); 4103 } 4104 4105 void 4106 run_rt5390_rf_init(struct run_softc *sc) 4107 { 4108 uint32_t tmp; 4109 uint8_t rf; 4110 int i; 4111 4112 /* Toggle RF R2 to initiate calibration. */ 4113 if (sc->mac_ver == 0x5390) { 4114 run_rt3070_rf_read(sc, 2, &rf); 4115 run_rt3070_rf_write(sc, 2, rf | RT3593_RESCAL); 4116 DELAY(10); 4117 run_rt3070_rf_write(sc, 2, rf & ~RT3593_RESCAL); 4118 } else { 4119 run_rt3070_rf_write(sc, 2, RT3593_RESCAL); 4120 DELAY(10); 4121 } 4122 4123 /* Initialize RF registers to default value. */ 4124 if (sc->mac_ver == 0x5592) { 4125 for (i = 0; i < nitems(rt5592_def_rf); i++) { 4126 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg, 4127 rt5592_def_rf[i].val); 4128 } 4129 /* Initialize RF frequency offset. */ 4130 run_adjust_freq_offset(sc); 4131 } else if (sc->mac_ver == 0x5392) { 4132 for (i = 0; i < nitems(rt5392_def_rf); i++) { 4133 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg, 4134 rt5392_def_rf[i].val); 4135 } 4136 if (sc->mac_rev >= 0x0223) { 4137 run_rt3070_rf_write(sc, 23, 0x0f); 4138 run_rt3070_rf_write(sc, 24, 0x3e); 4139 run_rt3070_rf_write(sc, 51, 0x32); 4140 run_rt3070_rf_write(sc, 53, 0x22); 4141 run_rt3070_rf_write(sc, 56, 0xc1); 4142 run_rt3070_rf_write(sc, 59, 0x0f); 4143 } 4144 } else { 4145 for (i = 0; i < nitems(rt5390_def_rf); i++) { 4146 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg, 4147 rt5390_def_rf[i].val); 4148 } 4149 if (sc->mac_rev >= 0x0502) { 4150 run_rt3070_rf_write(sc, 6, 0xe0); 4151 run_rt3070_rf_write(sc, 25, 0x80); 4152 run_rt3070_rf_write(sc, 46, 0x73); 4153 run_rt3070_rf_write(sc, 53, 0x00); 4154 run_rt3070_rf_write(sc, 56, 0x42); 4155 run_rt3070_rf_write(sc, 61, 0xd1); 4156 } 4157 } 4158 4159 sc->rf24_20mhz = 0x1f; /* default value */ 4160 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f; 4161 4162 if (sc->mac_rev < 0x0211) 4163 run_rt3070_rf_write(sc, 27, 0x3); 4164 4165 run_read(sc, RT3070_OPT_14, &tmp); 4166 run_write(sc, RT3070_OPT_14, tmp | 1); 4167 } 4168 4169 int 4170 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target, 4171 uint8_t *val) 4172 { 4173 uint8_t rf22, rf24; 4174 uint8_t bbp55_pb, bbp55_sb, delta; 4175 int ntries; 4176 4177 /* program filter */ 4178 run_rt3070_rf_read(sc, 24, &rf24); 4179 rf24 = (rf24 & 0xc0) | init; /* initial filter value */ 4180 run_rt3070_rf_write(sc, 24, rf24); 4181 4182 /* enable baseband loopback mode */ 4183 run_rt3070_rf_read(sc, 22, &rf22); 4184 run_rt3070_rf_write(sc, 22, rf22 | 0x01); 4185 4186 /* set power and frequency of passband test tone */ 4187 run_bbp_write(sc, 24, 0x00); 4188 for (ntries = 0; ntries < 100; ntries++) { 4189 /* transmit test tone */ 4190 run_bbp_write(sc, 25, 0x90); 4191 DELAY(1000); 4192 /* read received power */ 4193 run_bbp_read(sc, 55, &bbp55_pb); 4194 if (bbp55_pb != 0) 4195 break; 4196 } 4197 if (ntries == 100) 4198 return ETIMEDOUT; 4199 4200 /* set power and frequency of stopband test tone */ 4201 run_bbp_write(sc, 24, 0x06); 4202 for (ntries = 0; ntries < 100; ntries++) { 4203 /* transmit test tone */ 4204 run_bbp_write(sc, 25, 0x90); 4205 DELAY(1000); 4206 /* read received power */ 4207 run_bbp_read(sc, 55, &bbp55_sb); 4208 4209 delta = bbp55_pb - bbp55_sb; 4210 if (delta > target) 4211 break; 4212 4213 /* reprogram filter */ 4214 rf24++; 4215 run_rt3070_rf_write(sc, 24, rf24); 4216 } 4217 if (ntries < 100) { 4218 if (rf24 != init) 4219 rf24--; /* backtrack */ 4220 *val = rf24; 4221 run_rt3070_rf_write(sc, 24, rf24); 4222 } 4223 4224 /* restore initial state */ 4225 run_bbp_write(sc, 24, 0x00); 4226 4227 /* disable baseband loopback mode */ 4228 run_rt3070_rf_read(sc, 22, &rf22); 4229 run_rt3070_rf_write(sc, 22, rf22 & ~0x01); 4230 4231 return 0; 4232 } 4233 4234 void 4235 run_rt3070_rf_setup(struct run_softc *sc) 4236 { 4237 uint8_t bbp, rf; 4238 int i; 4239 4240 if (sc->mac_ver == 0x3572) { 4241 /* enable DC filter */ 4242 if (sc->mac_rev >= 0x0201) 4243 run_bbp_write(sc, 103, 0xc0); 4244 4245 run_bbp_read(sc, 138, &bbp); 4246 if (sc->ntxchains == 1) 4247 bbp |= 0x20; /* turn off DAC1 */ 4248 if (sc->nrxchains == 1) 4249 bbp &= ~0x02; /* turn off ADC1 */ 4250 run_bbp_write(sc, 138, bbp); 4251 4252 if (sc->mac_rev >= 0x0211) { 4253 /* improve power consumption */ 4254 run_bbp_read(sc, 31, &bbp); 4255 run_bbp_write(sc, 31, bbp & ~0x03); 4256 } 4257 4258 run_rt3070_rf_read(sc, 16, &rf); 4259 rf = (rf & ~0x07) | sc->txmixgain_2ghz; 4260 run_rt3070_rf_write(sc, 16, rf); 4261 4262 } else if (sc->mac_ver == 0x3071) { 4263 /* enable DC filter */ 4264 if (sc->mac_rev >= 0x0211) { 4265 run_bbp_write(sc, 103, 0xc0); 4266 4267 /* improve power consumption */ 4268 run_bbp_read(sc, 31, &bbp); 4269 run_bbp_write(sc, 31, bbp & ~0x03); 4270 } 4271 4272 run_bbp_read(sc, 138, &bbp); 4273 if (sc->ntxchains == 1) 4274 bbp |= 0x20; /* turn off DAC1 */ 4275 if (sc->nrxchains == 1) 4276 bbp &= ~0x02; /* turn off ADC1 */ 4277 run_bbp_write(sc, 138, bbp); 4278 4279 run_write(sc, RT2860_TX_SW_CFG1, 0); 4280 if (sc->mac_rev < 0x0211) { 4281 run_write(sc, RT2860_TX_SW_CFG2, 4282 sc->patch_dac ? 0x2c : 0x0f); 4283 } else 4284 run_write(sc, RT2860_TX_SW_CFG2, 0); 4285 4286 } else if (sc->mac_ver == 0x3070) { 4287 if (sc->mac_rev >= 0x0201) { 4288 /* enable DC filter */ 4289 run_bbp_write(sc, 103, 0xc0); 4290 4291 /* improve power consumption */ 4292 run_bbp_read(sc, 31, &bbp); 4293 run_bbp_write(sc, 31, bbp & ~0x03); 4294 } 4295 4296 if (sc->mac_rev < 0x0201) { 4297 run_write(sc, RT2860_TX_SW_CFG1, 0); 4298 run_write(sc, RT2860_TX_SW_CFG2, 0x2c); 4299 } else 4300 run_write(sc, RT2860_TX_SW_CFG2, 0); 4301 } 4302 4303 /* initialize RF registers from ROM for >=RT3071*/ 4304 if (sc->mac_ver >= 0x3071) { 4305 for (i = 0; i < 10; i++) { 4306 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff) 4307 continue; 4308 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val); 4309 } 4310 } 4311 } 4312 4313 void 4314 run_rt3593_rf_setup(struct run_softc *sc) 4315 { 4316 uint8_t bbp, rf; 4317 4318 if (sc->mac_rev >= 0x0211) { 4319 /* Enable DC filter. */ 4320 run_bbp_write(sc, 103, 0xc0); 4321 } 4322 run_write(sc, RT2860_TX_SW_CFG1, 0); 4323 if (sc->mac_rev < 0x0211) { 4324 run_write(sc, RT2860_TX_SW_CFG2, 4325 sc->patch_dac ? 0x2c : 0x0f); 4326 } else 4327 run_write(sc, RT2860_TX_SW_CFG2, 0); 4328 4329 run_rt3070_rf_read(sc, 50, &rf); 4330 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2); 4331 4332 run_rt3070_rf_read(sc, 51, &rf); 4333 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) | 4334 ((sc->txmixgain_2ghz & 0x07) << 2); 4335 run_rt3070_rf_write(sc, 51, rf); 4336 4337 run_rt3070_rf_read(sc, 38, &rf); 4338 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 4339 4340 run_rt3070_rf_read(sc, 39, &rf); 4341 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 4342 4343 run_rt3070_rf_read(sc, 1, &rf); 4344 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD)); 4345 4346 run_rt3070_rf_read(sc, 30, &rf); 4347 rf = (rf & ~0x18) | 0x10; 4348 run_rt3070_rf_write(sc, 30, rf); 4349 4350 /* Apply maximum likelihood detection for 2 stream case. */ 4351 run_bbp_read(sc, 105, &bbp); 4352 if (sc->nrxchains > 1) 4353 run_bbp_write(sc, 105, bbp | RT5390_MLD); 4354 4355 /* Avoid data lost and CRC error. */ 4356 run_bbp_read(sc, 4, &bbp); 4357 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 4358 4359 run_bbp_write(sc, 92, 0x02); 4360 run_bbp_write(sc, 82, 0x82); 4361 run_bbp_write(sc, 106, 0x05); 4362 run_bbp_write(sc, 104, 0x92); 4363 run_bbp_write(sc, 88, 0x90); 4364 run_bbp_write(sc, 148, 0xc8); 4365 run_bbp_write(sc, 47, 0x48); 4366 run_bbp_write(sc, 120, 0x50); 4367 4368 run_bbp_write(sc, 163, 0x9d); 4369 4370 /* SNR mapping. */ 4371 run_bbp_write(sc, 142, 0x06); 4372 run_bbp_write(sc, 143, 0xa0); 4373 run_bbp_write(sc, 142, 0x07); 4374 run_bbp_write(sc, 143, 0xa1); 4375 run_bbp_write(sc, 142, 0x08); 4376 run_bbp_write(sc, 143, 0xa2); 4377 4378 run_bbp_write(sc, 31, 0x08); 4379 run_bbp_write(sc, 68, 0x0b); 4380 run_bbp_write(sc, 105, 0x04); 4381 } 4382 4383 void 4384 run_rt5390_rf_setup(struct run_softc *sc) 4385 { 4386 uint8_t bbp, rf; 4387 4388 if (sc->mac_rev >= 0x0211) { 4389 /* Enable DC filter. */ 4390 run_bbp_write(sc, 103, 0xc0); 4391 4392 if (sc->mac_ver != 0x5592) { 4393 /* Improve power consumption. */ 4394 run_bbp_read(sc, 31, &bbp); 4395 run_bbp_write(sc, 31, bbp & ~0x03); 4396 } 4397 } 4398 4399 run_bbp_read(sc, 138, &bbp); 4400 if (sc->ntxchains == 1) 4401 bbp |= 0x20; /* turn off DAC1 */ 4402 if (sc->nrxchains == 1) 4403 bbp &= ~0x02; /* turn off ADC1 */ 4404 run_bbp_write(sc, 138, bbp); 4405 4406 run_rt3070_rf_read(sc, 38, &rf); 4407 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1); 4408 4409 run_rt3070_rf_read(sc, 39, &rf); 4410 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2); 4411 4412 /* Avoid data lost and CRC error. */ 4413 run_bbp_read(sc, 4, &bbp); 4414 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL); 4415 4416 run_rt3070_rf_read(sc, 30, &rf); 4417 rf = (rf & ~0x18) | 0x10; 4418 run_rt3070_rf_write(sc, 30, rf); 4419 4420 if (sc->mac_ver != 0x5592) { 4421 run_write(sc, RT2860_TX_SW_CFG1, 0); 4422 if (sc->mac_rev < 0x0211) { 4423 run_write(sc, RT2860_TX_SW_CFG2, 4424 sc->patch_dac ? 0x2c : 0x0f); 4425 } else 4426 run_write(sc, RT2860_TX_SW_CFG2, 0); 4427 } 4428 } 4429 4430 int 4431 run_txrx_enable(struct run_softc *sc) 4432 { 4433 uint32_t tmp; 4434 int error, ntries; 4435 4436 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN); 4437 for (ntries = 0; ntries < 200; ntries++) { 4438 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 4439 return error; 4440 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4441 break; 4442 DELAY(1000); 4443 } 4444 if (ntries == 200) 4445 return ETIMEDOUT; 4446 4447 DELAY(50); 4448 4449 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE; 4450 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4451 4452 /* enable Rx bulk aggregation (set timeout and limit) */ 4453 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN | 4454 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2); 4455 run_write(sc, RT2860_USB_DMA_CFG, tmp); 4456 4457 /* set Rx filter */ 4458 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR; 4459 if (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR) { 4460 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL | 4461 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK | 4462 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV | 4463 RT2860_DROP_CFACK | RT2860_DROP_CFEND; 4464 if (sc->sc_ic.ic_opmode == IEEE80211_M_STA) 4465 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL; 4466 } 4467 run_write(sc, RT2860_RX_FILTR_CFG, tmp); 4468 4469 run_write(sc, RT2860_MAC_SYS_CTRL, 4470 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4471 4472 return 0; 4473 } 4474 4475 void 4476 run_adjust_freq_offset(struct run_softc *sc) 4477 { 4478 uint8_t rf, tmp; 4479 4480 run_rt3070_rf_read(sc, 17, &rf); 4481 tmp = rf; 4482 rf = (rf & ~0x7f) | (sc->freq & 0x7f); 4483 rf = MIN(rf, 0x5f); 4484 4485 if (tmp != rf) 4486 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf); 4487 } 4488 4489 int 4490 run_init(struct ifnet *ifp) 4491 { 4492 struct run_softc *sc = ifp->if_softc; 4493 struct ieee80211com *ic = &sc->sc_ic; 4494 uint32_t tmp; 4495 uint8_t bbp1, bbp3; 4496 int i, error, qid, ridx, ntries; 4497 4498 if (usbd_is_dying(sc->sc_udev)) 4499 return ENXIO; 4500 4501 for (ntries = 0; ntries < 100; ntries++) { 4502 if ((error = run_read(sc, RT2860_ASIC_VER_ID, &tmp)) != 0) 4503 goto fail; 4504 if (tmp != 0 && tmp != 0xffffffff) 4505 break; 4506 DELAY(10); 4507 } 4508 if (ntries == 100) { 4509 error = ETIMEDOUT; 4510 goto fail; 4511 } 4512 4513 if ((error = run_load_microcode(sc)) != 0) { 4514 printf("%s: could not load 8051 microcode\n", 4515 sc->sc_dev.dv_xname); 4516 goto fail; 4517 } 4518 4519 /* init host command ring */ 4520 sc->cmdq.cur = sc->cmdq.next = sc->cmdq.queued = 0; 4521 4522 /* init Tx rings (4 EDCAs) */ 4523 for (qid = 0; qid < 4; qid++) { 4524 if ((error = run_alloc_tx_ring(sc, qid)) != 0) 4525 goto fail; 4526 } 4527 /* init Rx ring */ 4528 if ((error = run_alloc_rx_ring(sc)) != 0) 4529 goto fail; 4530 4531 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 4532 run_set_macaddr(sc, ic->ic_myaddr); 4533 4534 for (ntries = 0; ntries < 100; ntries++) { 4535 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0) 4536 goto fail; 4537 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4538 break; 4539 DELAY(1000); 4540 } 4541 if (ntries == 100) { 4542 printf("%s: timeout waiting for DMA engine\n", 4543 sc->sc_dev.dv_xname); 4544 error = ETIMEDOUT; 4545 goto fail; 4546 } 4547 tmp &= 0xff0; 4548 tmp |= RT2860_TX_WB_DDONE; 4549 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4550 4551 /* turn off PME_OEN to solve high-current issue */ 4552 run_read(sc, RT2860_SYS_CTRL, &tmp); 4553 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN); 4554 4555 run_write(sc, RT2860_MAC_SYS_CTRL, 4556 RT2860_BBP_HRST | RT2860_MAC_SRST); 4557 run_write(sc, RT2860_USB_DMA_CFG, 0); 4558 4559 if ((error = run_reset(sc)) != 0) { 4560 printf("%s: could not reset chipset\n", sc->sc_dev.dv_xname); 4561 goto fail; 4562 } 4563 4564 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4565 4566 /* init Tx power for all Tx rates (from EEPROM) */ 4567 for (ridx = 0; ridx < 5; ridx++) { 4568 if (sc->txpow20mhz[ridx] == 0xffffffff) 4569 continue; 4570 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]); 4571 } 4572 4573 for (i = 0; i < nitems(rt2870_def_mac); i++) 4574 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val); 4575 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273); 4576 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344); 4577 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa); 4578 4579 if (sc->mac_ver >= 0x5390) { 4580 run_write(sc, RT2860_TX_SW_CFG0, 4581 4 << RT2860_DLY_PAPE_EN_SHIFT | 4); 4582 if (sc->mac_ver >= 0x5392) { 4583 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff); 4584 if (sc->mac_ver == 0x5592) { 4585 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980); 4586 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082); 4587 } else { 4588 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980); 4589 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322); 4590 } 4591 } 4592 } else if (sc->mac_ver == 0x3593) { 4593 run_write(sc, RT2860_TX_SW_CFG0, 4594 4 << RT2860_DLY_PAPE_EN_SHIFT | 2); 4595 } else if (sc->mac_ver >= 0x3070) { 4596 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */ 4597 run_write(sc, RT2860_TX_SW_CFG0, 4598 4 << RT2860_DLY_PAPE_EN_SHIFT); 4599 } 4600 4601 /* wait while MAC is busy */ 4602 for (ntries = 0; ntries < 100; ntries++) { 4603 if ((error = run_read(sc, RT2860_MAC_STATUS_REG, &tmp)) != 0) 4604 goto fail; 4605 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY))) 4606 break; 4607 DELAY(1000); 4608 } 4609 if (ntries == 100) { 4610 error = ETIMEDOUT; 4611 goto fail; 4612 } 4613 4614 /* clear Host to MCU mailbox */ 4615 run_write(sc, RT2860_H2M_BBPAGENT, 0); 4616 run_write(sc, RT2860_H2M_MAILBOX, 0); 4617 DELAY(1000); 4618 4619 if ((error = run_bbp_init(sc)) != 0) { 4620 printf("%s: could not initialize BBP\n", sc->sc_dev.dv_xname); 4621 goto fail; 4622 } 4623 4624 /* abort TSF synchronization */ 4625 run_read(sc, RT2860_BCN_TIME_CFG, &tmp); 4626 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN | 4627 RT2860_TBTT_TIMER_EN); 4628 run_write(sc, RT2860_BCN_TIME_CFG, tmp); 4629 4630 /* clear RX WCID search table */ 4631 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512); 4632 /* clear WCID attribute table */ 4633 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32); 4634 /* clear shared key table */ 4635 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32); 4636 /* clear shared key mode */ 4637 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4); 4638 4639 run_read(sc, RT2860_US_CYC_CNT, &tmp); 4640 tmp = (tmp & ~0xff) | 0x1e; 4641 run_write(sc, RT2860_US_CYC_CNT, tmp); 4642 4643 if (sc->mac_rev != 0x0101) 4644 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f); 4645 4646 run_write(sc, RT2860_WMM_TXOP0_CFG, 0); 4647 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96); 4648 4649 /* write vendor-specific BBP values (from EEPROM) */ 4650 if (sc->mac_ver < 0x3593) { 4651 for (i = 0; i < 8; i++) { 4652 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff) 4653 continue; 4654 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val); 4655 } 4656 } 4657 4658 /* select Main antenna for 1T1R devices */ 4659 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370) 4660 run_set_rx_antenna(sc, 0); 4661 4662 /* send LEDs operating mode to microcontroller */ 4663 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]); 4664 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]); 4665 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]); 4666 4667 if (sc->mac_ver >= 0x5390) 4668 run_rt5390_rf_init(sc); 4669 else if (sc->mac_ver == 0x3593) 4670 run_rt3593_rf_init(sc); 4671 else if (sc->mac_ver >= 0x3070) 4672 run_rt3070_rf_init(sc); 4673 4674 /* disable non-existing Rx chains */ 4675 run_bbp_read(sc, 3, &bbp3); 4676 bbp3 &= ~(1 << 3 | 1 << 4); 4677 if (sc->nrxchains == 2) 4678 bbp3 |= 1 << 3; 4679 else if (sc->nrxchains == 3) 4680 bbp3 |= 1 << 4; 4681 run_bbp_write(sc, 3, bbp3); 4682 4683 /* disable non-existing Tx chains */ 4684 run_bbp_read(sc, 1, &bbp1); 4685 if (sc->ntxchains == 1) 4686 bbp1 &= ~(1 << 3 | 1 << 4); 4687 run_bbp_write(sc, 1, bbp1); 4688 4689 if (sc->mac_ver >= 0x5390) 4690 run_rt5390_rf_setup(sc); 4691 else if (sc->mac_ver == 0x3593) 4692 run_rt3593_rf_setup(sc); 4693 else if (sc->mac_ver >= 0x3070) 4694 run_rt3070_rf_setup(sc); 4695 4696 /* select default channel */ 4697 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 4698 run_set_chan(sc, ic->ic_ibss_chan); 4699 4700 /* turn radio LED on */ 4701 run_set_leds(sc, RT2860_LED_RADIO); 4702 4703 for (i = 0; i < RUN_RX_RING_COUNT; i++) { 4704 struct run_rx_data *data = &sc->rxq.data[i]; 4705 4706 usbd_setup_xfer(data->xfer, sc->rxq.pipeh, data, data->buf, 4707 RUN_MAX_RXSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 4708 USBD_NO_TIMEOUT, run_rxeof); 4709 error = usbd_transfer(data->xfer); 4710 if (error != 0 && error != USBD_IN_PROGRESS) 4711 goto fail; 4712 } 4713 4714 if ((error = run_txrx_enable(sc)) != 0) 4715 goto fail; 4716 4717 ifp->if_flags |= IFF_RUNNING; 4718 ifq_clr_oactive(&ifp->if_snd); 4719 4720 if (ic->ic_flags & IEEE80211_F_WEPON) { 4721 /* install WEP keys */ 4722 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 4723 if (ic->ic_nw_keys[i].k_cipher != IEEE80211_CIPHER_NONE) 4724 (void)run_set_key(ic, NULL, &ic->ic_nw_keys[i]); 4725 } 4726 } 4727 4728 if (ic->ic_opmode == IEEE80211_M_MONITOR) 4729 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 4730 else 4731 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 4732 4733 if (error != 0) 4734 fail: run_stop(ifp, 1); 4735 return error; 4736 } 4737 4738 void 4739 run_stop(struct ifnet *ifp, int disable) 4740 { 4741 struct run_softc *sc = ifp->if_softc; 4742 struct ieee80211com *ic = &sc->sc_ic; 4743 uint32_t tmp; 4744 int s, ntries, qid; 4745 4746 if (ifp->if_flags & IFF_RUNNING) 4747 run_set_leds(sc, 0); /* turn all LEDs off */ 4748 4749 sc->sc_tx_timer = 0; 4750 ifp->if_timer = 0; 4751 ifp->if_flags &= ~IFF_RUNNING; 4752 ifq_clr_oactive(&ifp->if_snd); 4753 4754 timeout_del(&sc->scan_to); 4755 timeout_del(&sc->calib_to); 4756 4757 s = splusb(); 4758 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 4759 /* wait for all queued asynchronous commands to complete */ 4760 usb_wait_task(sc->sc_udev, &sc->sc_task); 4761 splx(s); 4762 4763 /* Disable Tx/Rx DMA. */ 4764 run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp); 4765 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN); 4766 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp); 4767 4768 for (ntries = 0; ntries < 100; ntries++) { 4769 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0) 4770 break; 4771 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0) 4772 break; 4773 DELAY(10); 4774 } 4775 if (ntries == 100) { 4776 printf("%s: timeout waiting for DMA engine\n", 4777 sc->sc_dev.dv_xname); 4778 } 4779 4780 /* disable Tx/Rx */ 4781 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp); 4782 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN); 4783 run_write(sc, RT2860_MAC_SYS_CTRL, tmp); 4784 4785 /* wait for pending Tx to complete */ 4786 for (ntries = 0; ntries < 100; ntries++) { 4787 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) 4788 break; 4789 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) 4790 break; 4791 } 4792 DELAY(1000); 4793 run_write(sc, RT2860_USB_DMA_CFG, 0); 4794 4795 /* reset adapter */ 4796 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST); 4797 run_write(sc, RT2860_MAC_SYS_CTRL, 0); 4798 4799 /* reset Tx and Rx rings */ 4800 sc->qfullmsk = 0; 4801 for (qid = 0; qid < 4; qid++) 4802 run_free_tx_ring(sc, qid); 4803 run_free_rx_ring(sc); 4804 } 4805