1 /*-
2 * Copyright (c) 2008,2010 Damien Bergamini <damien.bergamini@free.fr>
3 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca>
4 * USB Consulting, Hans Petter Selasky <hselasky@freebsd.org>
5 * Copyright (c) 2013-2014 Kevin Lo
6 *
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
10 *
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 */
19
20 /*-
21 * Ralink Technology RT2700U/RT2800U/RT3000U/RT3900E chipset driver.
22 * http://www.ralinktech.com/
23 */
24
25 #include "opt_wlan.h"
26
27 #include <sys/param.h>
28 #include <sys/eventhandler.h>
29 #include <sys/sockio.h>
30 #include <sys/sysctl.h>
31 #include <sys/lock.h>
32 #include <sys/mutex.h>
33 #include <sys/mbuf.h>
34 #include <sys/kernel.h>
35 #include <sys/socket.h>
36 #include <sys/systm.h>
37 #include <sys/malloc.h>
38 #include <sys/module.h>
39 #include <sys/bus.h>
40 #include <sys/endian.h>
41 #include <sys/linker.h>
42 #include <sys/firmware.h>
43 #include <sys/kdb.h>
44
45 #include <net/bpf.h>
46 #include <net/if.h>
47 #include <net/if_var.h>
48 #include <net/if_arp.h>
49 #include <net/ethernet.h>
50 #include <net/if_dl.h>
51 #include <net/if_media.h>
52 #include <net/if_types.h>
53
54 #include <netinet/in.h>
55 #include <netinet/in_systm.h>
56 #include <netinet/in_var.h>
57 #include <netinet/if_ether.h>
58 #include <netinet/ip.h>
59
60 #include <net80211/ieee80211_var.h>
61 #include <net80211/ieee80211_regdomain.h>
62 #include <net80211/ieee80211_radiotap.h>
63 #include <net80211/ieee80211_ratectl.h>
64 #ifdef IEEE80211_SUPPORT_SUPERG
65 #include <net80211/ieee80211_superg.h>
66 #endif
67
68 #include <dev/usb/usb.h>
69 #include <dev/usb/usbdi.h>
70 #include "usbdevs.h"
71
72 #define USB_DEBUG_VAR run_debug
73 #include <dev/usb/usb_debug.h>
74 #include <dev/usb/usb_msctest.h>
75
76 #include <dev/usb/wlan/if_runreg.h>
77 #include <dev/usb/wlan/if_runvar.h>
78
79 #ifdef USB_DEBUG
80 #define RUN_DEBUG
81 #endif
82
83 #ifdef RUN_DEBUG
84 int run_debug = 0;
85 static SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
86 "USB run");
87 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RWTUN, &run_debug, 0,
88 "run debug level");
89
90 enum {
91 RUN_DEBUG_XMIT = 0x00000001, /* basic xmit operation */
92 RUN_DEBUG_XMIT_DESC = 0x00000002, /* xmit descriptors */
93 RUN_DEBUG_RECV = 0x00000004, /* basic recv operation */
94 RUN_DEBUG_RECV_DESC = 0x00000008, /* recv descriptors */
95 RUN_DEBUG_STATE = 0x00000010, /* 802.11 state transitions */
96 RUN_DEBUG_RATE = 0x00000020, /* rate adaptation */
97 RUN_DEBUG_USB = 0x00000040, /* usb requests */
98 RUN_DEBUG_FIRMWARE = 0x00000080, /* firmware(9) loading debug */
99 RUN_DEBUG_BEACON = 0x00000100, /* beacon handling */
100 RUN_DEBUG_INTR = 0x00000200, /* ISR */
101 RUN_DEBUG_TEMP = 0x00000400, /* temperature calibration */
102 RUN_DEBUG_ROM = 0x00000800, /* various ROM info */
103 RUN_DEBUG_KEY = 0x00001000, /* crypto keys management */
104 RUN_DEBUG_TXPWR = 0x00002000, /* dump Tx power values */
105 RUN_DEBUG_RSSI = 0x00004000, /* dump RSSI lookups */
106 RUN_DEBUG_RESET = 0x00008000, /* initialization progress */
107 RUN_DEBUG_CALIB = 0x00010000, /* calibration progress */
108 RUN_DEBUG_CMD = 0x00020000, /* command queue */
109 RUN_DEBUG_ANY = 0xffffffff
110 };
111
112 #define RUN_DPRINTF(_sc, _m, ...) do { \
113 if (run_debug & (_m)) \
114 device_printf((_sc)->sc_dev, __VA_ARGS__); \
115 } while(0)
116 #else
117 #define RUN_DPRINTF(_sc, _m, ...) do { (void) _sc; } while (0)
118 #endif
119
120 #define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh)
121
122 /*
123 * Because of LOR in run_key_delete(), use atomic instead.
124 * '& RUN_CMDQ_MASQ' is to loop cmdq[].
125 */
126 #define RUN_CMDQ_GET(c) (atomic_fetchadd_32((c), 1) & RUN_CMDQ_MASQ)
127
128 static const STRUCT_USB_HOST_ID run_devs[] = {
129 #define RUN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) }
130 #define RUN_DEV_EJECT(v,p) \
131 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, RUN_EJECT) }
132 #define RUN_EJECT 1
133 RUN_DEV(ABOCOM, RT2770),
134 RUN_DEV(ABOCOM, RT2870),
135 RUN_DEV(ABOCOM, RT3070),
136 RUN_DEV(ABOCOM, RT3071),
137 RUN_DEV(ABOCOM, RT3072),
138 RUN_DEV(ABOCOM2, RT2870_1),
139 RUN_DEV(ACCTON, RT2770),
140 RUN_DEV(ACCTON, RT2870_1),
141 RUN_DEV(ACCTON, RT2870_2),
142 RUN_DEV(ACCTON, RT2870_3),
143 RUN_DEV(ACCTON, RT2870_4),
144 RUN_DEV(ACCTON, RT2870_5),
145 RUN_DEV(ACCTON, RT3070),
146 RUN_DEV(ACCTON, RT3070_1),
147 RUN_DEV(ACCTON, RT3070_2),
148 RUN_DEV(ACCTON, RT3070_3),
149 RUN_DEV(ACCTON, RT3070_4),
150 RUN_DEV(ACCTON, RT3070_5),
151 RUN_DEV(AIRTIES, RT3070),
152 RUN_DEV(ALLWIN, RT2070),
153 RUN_DEV(ALLWIN, RT2770),
154 RUN_DEV(ALLWIN, RT2870),
155 RUN_DEV(ALLWIN, RT3070),
156 RUN_DEV(ALLWIN, RT3071),
157 RUN_DEV(ALLWIN, RT3072),
158 RUN_DEV(ALLWIN, RT3572),
159 RUN_DEV(AMIGO, RT2870_1),
160 RUN_DEV(AMIGO, RT2870_2),
161 RUN_DEV(AMIT, CGWLUSB2GNR),
162 RUN_DEV(AMIT, RT2870_1),
163 RUN_DEV(AMIT2, RT2870),
164 RUN_DEV(ASUS, RT2870_1),
165 RUN_DEV(ASUS, RT2870_2),
166 RUN_DEV(ASUS, RT2870_3),
167 RUN_DEV(ASUS, RT2870_4),
168 RUN_DEV(ASUS, RT2870_5),
169 RUN_DEV(ASUS, USBN13),
170 RUN_DEV(ASUS, RT3070_1),
171 RUN_DEV(ASUS, USBN66),
172 RUN_DEV(ASUS, USB_N53),
173 RUN_DEV(ASUS, USBN14),
174 RUN_DEV(ASUS2, USBN11),
175 RUN_DEV(AZUREWAVE, RT2870_1),
176 RUN_DEV(AZUREWAVE, RT2870_2),
177 RUN_DEV(AZUREWAVE, RT3070_1),
178 RUN_DEV(AZUREWAVE, RT3070_2),
179 RUN_DEV(AZUREWAVE, RT3070_3),
180 RUN_DEV(BELKIN, F9L1103),
181 RUN_DEV(BELKIN, F5D8053V3),
182 RUN_DEV(BELKIN, F5D8055),
183 RUN_DEV(BELKIN, F5D8055V2),
184 RUN_DEV(BELKIN, F6D4050V1),
185 RUN_DEV(BELKIN, F6D4050V2),
186 RUN_DEV(BELKIN, RT2870_1),
187 RUN_DEV(BELKIN, RT2870_2),
188 RUN_DEV(CISCOLINKSYS, AE1000),
189 RUN_DEV(CISCOLINKSYS2, RT3070),
190 RUN_DEV(CISCOLINKSYS3, RT3070),
191 RUN_DEV(CONCEPTRONIC2, RT2870_1),
192 RUN_DEV(CONCEPTRONIC2, RT2870_2),
193 RUN_DEV(CONCEPTRONIC2, RT2870_3),
194 RUN_DEV(CONCEPTRONIC2, RT2870_4),
195 RUN_DEV(CONCEPTRONIC2, RT2870_5),
196 RUN_DEV(CONCEPTRONIC2, RT2870_6),
197 RUN_DEV(CONCEPTRONIC2, RT2870_7),
198 RUN_DEV(CONCEPTRONIC2, RT2870_8),
199 RUN_DEV(CONCEPTRONIC2, RT3070_1),
200 RUN_DEV(CONCEPTRONIC2, RT3070_2),
201 RUN_DEV(CONCEPTRONIC2, VIGORN61),
202 RUN_DEV(COREGA, CGWLUSB300GNM),
203 RUN_DEV(COREGA, RT2870_1),
204 RUN_DEV(COREGA, RT2870_2),
205 RUN_DEV(COREGA, RT2870_3),
206 RUN_DEV(COREGA, RT3070),
207 RUN_DEV(CYBERTAN, RT2870),
208 RUN_DEV(DLINK, RT2870),
209 RUN_DEV(DLINK, RT3072),
210 RUN_DEV(DLINK, DWA125A3),
211 RUN_DEV(DLINK, DWA127),
212 RUN_DEV(DLINK, DWA140B3),
213 RUN_DEV(DLINK, DWA160B2),
214 RUN_DEV(DLINK, DWA140D1),
215 RUN_DEV(DLINK, DWA130F1),
216 RUN_DEV(DLINK, DWA162),
217 RUN_DEV(DLINK2, DWA130),
218 RUN_DEV(DLINK2, RT2870_1),
219 RUN_DEV(DLINK2, RT2870_2),
220 RUN_DEV(DLINK2, RT3070_1),
221 RUN_DEV(DLINK2, RT3070_2),
222 RUN_DEV(DLINK2, RT3070_3),
223 RUN_DEV(DLINK2, RT3070_4),
224 RUN_DEV(DLINK2, RT3070_5),
225 RUN_DEV(DLINK2, RT3072),
226 RUN_DEV(DLINK2, RT3072_1),
227 RUN_DEV(EDIMAX, EW7717),
228 RUN_DEV(EDIMAX, EW7718),
229 RUN_DEV(EDIMAX, EW7733UND),
230 RUN_DEV(EDIMAX, RT2870_1),
231 RUN_DEV(ENCORE, RT3070_1),
232 RUN_DEV(ENCORE, RT3070_2),
233 RUN_DEV(ENCORE, RT3070_3),
234 RUN_DEV(GIGABYTE, GNWB31N),
235 RUN_DEV(GIGABYTE, GNWB32L),
236 RUN_DEV(GIGABYTE, RT2870_1),
237 RUN_DEV(GIGASET, RT3070_1),
238 RUN_DEV(GIGASET, RT3070_2),
239 RUN_DEV(GUILLEMOT, HWNU300),
240 RUN_DEV(HAWKING, HWUN2),
241 RUN_DEV(HAWKING, RT2870_1),
242 RUN_DEV(HAWKING, RT2870_2),
243 RUN_DEV(HAWKING, RT3070),
244 RUN_DEV(IODATA, RT3072_1),
245 RUN_DEV(IODATA, RT3072_2),
246 RUN_DEV(IODATA, RT3072_3),
247 RUN_DEV(IODATA, RT3072_4),
248 RUN_DEV(LINKSYS4, RT3070),
249 RUN_DEV(LINKSYS4, WUSB100),
250 RUN_DEV(LINKSYS4, WUSB54GCV3),
251 RUN_DEV(LINKSYS4, WUSB600N),
252 RUN_DEV(LINKSYS4, WUSB600NV2),
253 RUN_DEV(LOGITEC, RT2870_1),
254 RUN_DEV(LOGITEC, RT2870_2),
255 RUN_DEV(LOGITEC, RT2870_3),
256 RUN_DEV(LOGITEC, LANW300NU2),
257 RUN_DEV(LOGITEC, LANW150NU2),
258 RUN_DEV(LOGITEC, LANW300NU2S),
259 RUN_DEV(MELCO, WLIUCG300HP),
260 RUN_DEV(MELCO, RT2870_2),
261 RUN_DEV(MELCO, WLIUCAG300N),
262 RUN_DEV(MELCO, WLIUCG300N),
263 RUN_DEV(MELCO, WLIUCG301N),
264 RUN_DEV(MELCO, WLIUCGN),
265 RUN_DEV(MELCO, WLIUCGNM),
266 RUN_DEV(MELCO, WLIUCG300HPV1),
267 RUN_DEV(MELCO, WLIUCGNM2),
268 RUN_DEV(MOTOROLA4, RT2770),
269 RUN_DEV(MOTOROLA4, RT3070),
270 RUN_DEV(MSI, RT3070_1),
271 RUN_DEV(MSI, RT3070_2),
272 RUN_DEV(MSI, RT3070_3),
273 RUN_DEV(MSI, RT3070_4),
274 RUN_DEV(MSI, RT3070_5),
275 RUN_DEV(MSI, RT3070_6),
276 RUN_DEV(MSI, RT3070_7),
277 RUN_DEV(MSI, RT3070_8),
278 RUN_DEV(MSI, RT3070_9),
279 RUN_DEV(MSI, RT3070_10),
280 RUN_DEV(MSI, RT3070_11),
281 RUN_DEV(NETGEAR, WNDA4100),
282 RUN_DEV(OVISLINK, RT3072),
283 RUN_DEV(PARA, RT3070),
284 RUN_DEV(PEGATRON, RT2870),
285 RUN_DEV(PEGATRON, RT3070),
286 RUN_DEV(PEGATRON, RT3070_2),
287 RUN_DEV(PEGATRON, RT3070_3),
288 RUN_DEV(PHILIPS, RT2870),
289 RUN_DEV(PLANEX2, GWUS300MINIS),
290 RUN_DEV(PLANEX2, GWUSMICRON),
291 RUN_DEV(PLANEX2, RT2870),
292 RUN_DEV(PLANEX2, RT3070),
293 RUN_DEV(QCOM, RT2870),
294 RUN_DEV(QUANTA, RT3070),
295 RUN_DEV(RALINK, RT2070),
296 RUN_DEV(RALINK, RT2770),
297 RUN_DEV(RALINK, RT2870),
298 RUN_DEV(RALINK, RT3070),
299 RUN_DEV(RALINK, RT3071),
300 RUN_DEV(RALINK, RT3072),
301 RUN_DEV(RALINK, RT3370),
302 RUN_DEV(RALINK, RT3572),
303 RUN_DEV(RALINK, RT3573),
304 RUN_DEV(RALINK, RT5370),
305 RUN_DEV(RALINK, RT5372),
306 RUN_DEV(RALINK, RT5572),
307 RUN_DEV(RALINK, RT8070),
308 RUN_DEV(SAMSUNG, WIS09ABGN),
309 RUN_DEV(SAMSUNG2, RT2870_1),
310 RUN_DEV(SENAO, RT2870_1),
311 RUN_DEV(SENAO, RT2870_2),
312 RUN_DEV(SENAO, RT2870_3),
313 RUN_DEV(SENAO, RT2870_4),
314 RUN_DEV(SENAO, RT3070),
315 RUN_DEV(SENAO, RT3071),
316 RUN_DEV(SENAO, RT3072_1),
317 RUN_DEV(SENAO, RT3072_2),
318 RUN_DEV(SENAO, RT3072_3),
319 RUN_DEV(SENAO, RT3072_4),
320 RUN_DEV(SENAO, RT3072_5),
321 RUN_DEV(SITECOMEU, RT2770),
322 RUN_DEV(SITECOMEU, RT2870_1),
323 RUN_DEV(SITECOMEU, RT2870_2),
324 RUN_DEV(SITECOMEU, RT2870_3),
325 RUN_DEV(SITECOMEU, RT2870_4),
326 RUN_DEV(SITECOMEU, RT3070),
327 RUN_DEV(SITECOMEU, RT3070_1),
328 RUN_DEV(SITECOMEU, RT3070_2),
329 RUN_DEV(SITECOMEU, RT3070_3),
330 RUN_DEV(SITECOMEU, RT3070_4),
331 RUN_DEV(SITECOMEU, RT3071),
332 RUN_DEV(SITECOMEU, RT3072_1),
333 RUN_DEV(SITECOMEU, RT3072_2),
334 RUN_DEV(SITECOMEU, RT3072_3),
335 RUN_DEV(SITECOMEU, RT3072_4),
336 RUN_DEV(SITECOMEU, RT3072_5),
337 RUN_DEV(SITECOMEU, RT3072_6),
338 RUN_DEV(SITECOMEU, WL608),
339 RUN_DEV(SPARKLAN, RT2870_1),
340 RUN_DEV(SPARKLAN, RT3070),
341 RUN_DEV(SWEEX2, LW153),
342 RUN_DEV(SWEEX2, LW303),
343 RUN_DEV(SWEEX2, LW313),
344 RUN_DEV(TOSHIBA, RT3070),
345 RUN_DEV(UMEDIA, RT2870_1),
346 RUN_DEV(ZCOM, RT2870_1),
347 RUN_DEV(ZCOM, RT2870_2),
348 RUN_DEV(ZINWELL, RT2870_1),
349 RUN_DEV(ZINWELL, RT2870_2),
350 RUN_DEV(ZINWELL, RT3070),
351 RUN_DEV(ZINWELL, RT3072_1),
352 RUN_DEV(ZINWELL, RT3072_2),
353 RUN_DEV(ZYXEL, RT2870_1),
354 RUN_DEV(ZYXEL, RT2870_2),
355 RUN_DEV(ZYXEL, RT3070),
356 RUN_DEV_EJECT(ZYXEL, NWD2705),
357 RUN_DEV_EJECT(RALINK, RT_STOR),
358 #undef RUN_DEV_EJECT
359 #undef RUN_DEV
360 };
361
362 static device_probe_t run_match;
363 static device_attach_t run_attach;
364 static device_detach_t run_detach;
365
366 static usb_callback_t run_bulk_rx_callback;
367 static usb_callback_t run_bulk_tx_callback0;
368 static usb_callback_t run_bulk_tx_callback1;
369 static usb_callback_t run_bulk_tx_callback2;
370 static usb_callback_t run_bulk_tx_callback3;
371 static usb_callback_t run_bulk_tx_callback4;
372 static usb_callback_t run_bulk_tx_callback5;
373
374 static void run_autoinst(void *, struct usb_device *,
375 struct usb_attach_arg *);
376 static int run_driver_loaded(struct module *, int, void *);
377 static void run_bulk_tx_callbackN(struct usb_xfer *xfer,
378 usb_error_t error, u_int index);
379 static struct ieee80211vap *run_vap_create(struct ieee80211com *,
380 const char [IFNAMSIZ], int, enum ieee80211_opmode, int,
381 const uint8_t [IEEE80211_ADDR_LEN],
382 const uint8_t [IEEE80211_ADDR_LEN]);
383 static void run_vap_delete(struct ieee80211vap *);
384 static void run_cmdq_cb(void *, int);
385 static void run_setup_tx_list(struct run_softc *,
386 struct run_endpoint_queue *);
387 static void run_unsetup_tx_list(struct run_softc *,
388 struct run_endpoint_queue *);
389 static int run_load_microcode(struct run_softc *);
390 static int run_reset(struct run_softc *);
391 static usb_error_t run_do_request(struct run_softc *,
392 struct usb_device_request *, void *);
393 static int run_read(struct run_softc *, uint16_t, uint32_t *);
394 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int);
395 static int run_write_2(struct run_softc *, uint16_t, uint16_t);
396 static int run_write(struct run_softc *, uint16_t, uint32_t);
397 static int run_write_region_1(struct run_softc *, uint16_t,
398 const uint8_t *, int);
399 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int);
400 static int run_efuse_read(struct run_softc *, uint16_t, uint16_t *, int);
401 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *);
402 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *);
403 static int run_rt2870_rf_write(struct run_softc *, uint32_t);
404 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *);
405 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t);
406 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *);
407 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t);
408 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t);
409 static const char *run_get_rf(uint16_t);
410 static void run_rt3593_get_txpower(struct run_softc *);
411 static void run_get_txpower(struct run_softc *);
412 static int run_read_eeprom(struct run_softc *);
413 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *,
414 const uint8_t mac[IEEE80211_ADDR_LEN]);
415 static int run_media_change(if_t);
416 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int);
417 static int run_wme_update(struct ieee80211com *);
418 static void run_key_set_cb(void *);
419 static int run_key_set(struct ieee80211vap *, struct ieee80211_key *);
420 static void run_key_delete_cb(void *);
421 static int run_key_delete(struct ieee80211vap *, struct ieee80211_key *);
422 static void run_ratectl_to(void *);
423 static void run_ratectl_cb(void *, int);
424 static void run_drain_fifo(void *);
425 static void run_iter_func(void *, struct ieee80211_node *);
426 static void run_newassoc_cb(void *);
427 static void run_newassoc(struct ieee80211_node *, int);
428 static void run_recv_mgmt(struct ieee80211_node *, struct mbuf *, int,
429 const struct ieee80211_rx_stats *, int, int);
430 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t);
431 static void run_tx_free(struct run_endpoint_queue *pq,
432 struct run_tx_data *, int);
433 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *);
434 static int run_tx(struct run_softc *, struct mbuf *,
435 struct ieee80211_node *);
436 static int run_tx_mgt(struct run_softc *, struct mbuf *,
437 struct ieee80211_node *);
438 static int run_sendprot(struct run_softc *, const struct mbuf *,
439 struct ieee80211_node *, int, int);
440 static int run_tx_param(struct run_softc *, struct mbuf *,
441 struct ieee80211_node *,
442 const struct ieee80211_bpf_params *);
443 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *,
444 const struct ieee80211_bpf_params *);
445 static int run_transmit(struct ieee80211com *, struct mbuf *);
446 static void run_start(struct run_softc *);
447 static void run_parent(struct ieee80211com *);
448 static void run_iq_calib(struct run_softc *, u_int);
449 static void run_set_agc(struct run_softc *, uint8_t);
450 static void run_select_chan_group(struct run_softc *, int);
451 static void run_set_rx_antenna(struct run_softc *, int);
452 static void run_rt2870_set_chan(struct run_softc *, u_int);
453 static void run_rt3070_set_chan(struct run_softc *, u_int);
454 static void run_rt3572_set_chan(struct run_softc *, u_int);
455 static void run_rt3593_set_chan(struct run_softc *, u_int);
456 static void run_rt5390_set_chan(struct run_softc *, u_int);
457 static void run_rt5592_set_chan(struct run_softc *, u_int);
458 static int run_set_chan(struct run_softc *, struct ieee80211_channel *);
459 static void run_set_channel(struct ieee80211com *);
460 static void run_getradiocaps(struct ieee80211com *, int, int *,
461 struct ieee80211_channel[]);
462 static void run_scan_start(struct ieee80211com *);
463 static void run_scan_end(struct ieee80211com *);
464 static void run_update_beacon(struct ieee80211vap *, int);
465 static void run_update_beacon_cb(void *);
466 static void run_updateprot(struct ieee80211com *);
467 static void run_updateprot_cb(void *);
468 static void run_usb_timeout_cb(void *);
469 static void run_reset_livelock(struct run_softc *);
470 static void run_enable_tsf_sync(struct run_softc *);
471 static void run_enable_tsf(struct run_softc *);
472 static void run_disable_tsf(struct run_softc *);
473 static void run_get_tsf(struct run_softc *, uint64_t *);
474 static void run_enable_mrr(struct run_softc *);
475 static void run_set_txpreamble(struct run_softc *);
476 static void run_set_basicrates(struct run_softc *);
477 static void run_set_leds(struct run_softc *, uint16_t);
478 static void run_set_bssid(struct run_softc *, const uint8_t *);
479 static void run_set_macaddr(struct run_softc *, const uint8_t *);
480 static void run_updateslot(struct ieee80211com *);
481 static void run_updateslot_cb(void *);
482 static void run_update_mcast(struct ieee80211com *);
483 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t);
484 static void run_update_promisc_locked(struct run_softc *);
485 static void run_update_promisc(struct ieee80211com *);
486 static void run_rt5390_bbp_init(struct run_softc *);
487 static int run_bbp_init(struct run_softc *);
488 static int run_rt3070_rf_init(struct run_softc *);
489 static void run_rt3593_rf_init(struct run_softc *);
490 static void run_rt5390_rf_init(struct run_softc *);
491 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t,
492 uint8_t *);
493 static void run_rt3070_rf_setup(struct run_softc *);
494 static void run_rt3593_rf_setup(struct run_softc *);
495 static void run_rt5390_rf_setup(struct run_softc *);
496 static int run_txrx_enable(struct run_softc *);
497 static void run_adjust_freq_offset(struct run_softc *);
498 static void run_init_locked(struct run_softc *);
499 static void run_stop(void *);
500 static void run_delay(struct run_softc *, u_int);
501 static void run_update_chw(struct ieee80211com *ic);
502 static int run_ampdu_enable(struct ieee80211_node *ni,
503 struct ieee80211_tx_ampdu *tap);
504
505 static eventhandler_tag run_etag;
506
507 static const struct rt2860_rate {
508 uint8_t rate;
509 uint8_t mcs;
510 enum ieee80211_phytype phy;
511 uint8_t ctl_ridx;
512 uint16_t sp_ack_dur;
513 uint16_t lp_ack_dur;
514 } rt2860_rates[] = {
515 /* CCK rates (11b) */
516 { 2, 0, IEEE80211_T_DS, 0, 314, 314 },
517 { 4, 1, IEEE80211_T_DS, 1, 258, 162 },
518 { 11, 2, IEEE80211_T_DS, 2, 223, 127 },
519 { 22, 3, IEEE80211_T_DS, 3, 213, 117 },
520
521 /* OFDM rates (11a / 11g) */
522 { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 },
523 { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 },
524 { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 },
525 { 36, 3, IEEE80211_T_OFDM, 6, 44, 44 },
526 { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 },
527 { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 },
528 { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 },
529 { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 },
530
531 /* MCS - single stream */
532 { 0x80, 0, IEEE80211_T_HT, 4, 60, 60 },
533 { 0x81, 1, IEEE80211_T_HT, 4, 60, 60 },
534 { 0x82, 2, IEEE80211_T_HT, 4, 60, 60 },
535 { 0x83, 3, IEEE80211_T_HT, 4, 60, 60 },
536 { 0x84, 4, IEEE80211_T_HT, 4, 60, 60 },
537 { 0x85, 5, IEEE80211_T_HT, 4, 60, 60 },
538 { 0x86, 6, IEEE80211_T_HT, 4, 60, 60 },
539 { 0x87, 7, IEEE80211_T_HT, 4, 60, 60 },
540
541 /* MCS - 2 streams */
542 { 0x88, 8, IEEE80211_T_HT, 4, 60, 60 },
543 { 0x89, 9, IEEE80211_T_HT, 4, 60, 60 },
544 { 0x8a, 10, IEEE80211_T_HT, 4, 60, 60 },
545 { 0x8b, 11, IEEE80211_T_HT, 4, 60, 60 },
546 { 0x8c, 12, IEEE80211_T_HT, 4, 60, 60 },
547 { 0x8d, 13, IEEE80211_T_HT, 4, 60, 60 },
548 { 0x8e, 14, IEEE80211_T_HT, 4, 60, 60 },
549 { 0x8f, 15, IEEE80211_T_HT, 4, 60, 60 },
550
551 /* MCS - 3 streams */
552 { 0x90, 16, IEEE80211_T_HT, 4, 60, 60 },
553 { 0x91, 17, IEEE80211_T_HT, 4, 60, 60 },
554 { 0x92, 18, IEEE80211_T_HT, 4, 60, 60 },
555 { 0x93, 19, IEEE80211_T_HT, 4, 60, 60 },
556 { 0x94, 20, IEEE80211_T_HT, 4, 60, 60 },
557 { 0x95, 21, IEEE80211_T_HT, 4, 60, 60 },
558 { 0x96, 22, IEEE80211_T_HT, 4, 60, 60 },
559 { 0x97, 23, IEEE80211_T_HT, 4, 60, 60 },
560 };
561
562 /* These are indexes into the above rt2860_rates[] array */
563 #define RT2860_RIDX_CCK1 0
564 #define RT2860_RIDX_CCK11 3
565 #define RT2860_RIDX_OFDM6 4
566 #define RT2860_RIDX_MCS0 12
567 #define RT2860_RIDX_MAX 36
568
569 static const struct {
570 uint16_t reg;
571 uint32_t val;
572 } rt2870_def_mac[] = {
573 RT2870_DEF_MAC
574 };
575
576 static const struct {
577 uint8_t reg;
578 uint8_t val;
579 } rt2860_def_bbp[] = {
580 RT2860_DEF_BBP
581 },rt5390_def_bbp[] = {
582 RT5390_DEF_BBP
583 },rt5592_def_bbp[] = {
584 RT5592_DEF_BBP
585 };
586
587 /*
588 * Default values for BBP register R196 for RT5592.
589 */
590 static const uint8_t rt5592_bbp_r196[] = {
591 0xe0, 0x1f, 0x38, 0x32, 0x08, 0x28, 0x19, 0x0a, 0xff, 0x00,
592 0x16, 0x10, 0x10, 0x0b, 0x36, 0x2c, 0x26, 0x24, 0x42, 0x36,
593 0x30, 0x2d, 0x4c, 0x46, 0x3d, 0x40, 0x3e, 0x42, 0x3d, 0x40,
594 0x3c, 0x34, 0x2c, 0x2f, 0x3c, 0x35, 0x2e, 0x2a, 0x49, 0x41,
595 0x36, 0x31, 0x30, 0x30, 0x0e, 0x0d, 0x28, 0x21, 0x1c, 0x16,
596 0x50, 0x4a, 0x43, 0x40, 0x10, 0x10, 0x10, 0x10, 0x00, 0x00,
597 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
598 0x00, 0x00, 0x7d, 0x14, 0x32, 0x2c, 0x36, 0x4c, 0x43, 0x2c,
599 0x2e, 0x36, 0x30, 0x6e
600 };
601
602 static const struct rfprog {
603 uint8_t chan;
604 uint32_t r1, r2, r3, r4;
605 } rt2860_rf2850[] = {
606 RT2860_RF2850
607 };
608
609 struct {
610 uint8_t n, r, k;
611 } rt3070_freqs[] = {
612 RT3070_RF3052
613 };
614
615 static const struct rt5592_freqs {
616 uint16_t n;
617 uint8_t k, m, r;
618 } rt5592_freqs_20mhz[] = {
619 RT5592_RF5592_20MHZ
620 },rt5592_freqs_40mhz[] = {
621 RT5592_RF5592_40MHZ
622 };
623
624 static const struct {
625 uint8_t reg;
626 uint8_t val;
627 } rt3070_def_rf[] = {
628 RT3070_DEF_RF
629 },rt3572_def_rf[] = {
630 RT3572_DEF_RF
631 },rt3593_def_rf[] = {
632 RT3593_DEF_RF
633 },rt5390_def_rf[] = {
634 RT5390_DEF_RF
635 },rt5392_def_rf[] = {
636 RT5392_DEF_RF
637 },rt5592_def_rf[] = {
638 RT5592_DEF_RF
639 },rt5592_2ghz_def_rf[] = {
640 RT5592_2GHZ_DEF_RF
641 },rt5592_5ghz_def_rf[] = {
642 RT5592_5GHZ_DEF_RF
643 };
644
645 static const struct {
646 u_int firstchan;
647 u_int lastchan;
648 uint8_t reg;
649 uint8_t val;
650 } rt5592_chan_5ghz[] = {
651 RT5592_CHAN_5GHZ
652 };
653
654 static const struct usb_config run_config[RUN_N_XFER] = {
655 [RUN_BULK_TX_BE] = {
656 .type = UE_BULK,
657 .endpoint = UE_ADDR_ANY,
658 .ep_index = 0,
659 .direction = UE_DIR_OUT,
660 .bufsize = RUN_MAX_TXSZ,
661 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
662 .callback = run_bulk_tx_callback0,
663 .timeout = 5000, /* ms */
664 },
665 [RUN_BULK_TX_BK] = {
666 .type = UE_BULK,
667 .endpoint = UE_ADDR_ANY,
668 .direction = UE_DIR_OUT,
669 .ep_index = 1,
670 .bufsize = RUN_MAX_TXSZ,
671 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
672 .callback = run_bulk_tx_callback1,
673 .timeout = 5000, /* ms */
674 },
675 [RUN_BULK_TX_VI] = {
676 .type = UE_BULK,
677 .endpoint = UE_ADDR_ANY,
678 .direction = UE_DIR_OUT,
679 .ep_index = 2,
680 .bufsize = RUN_MAX_TXSZ,
681 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
682 .callback = run_bulk_tx_callback2,
683 .timeout = 5000, /* ms */
684 },
685 [RUN_BULK_TX_VO] = {
686 .type = UE_BULK,
687 .endpoint = UE_ADDR_ANY,
688 .direction = UE_DIR_OUT,
689 .ep_index = 3,
690 .bufsize = RUN_MAX_TXSZ,
691 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
692 .callback = run_bulk_tx_callback3,
693 .timeout = 5000, /* ms */
694 },
695 [RUN_BULK_TX_HCCA] = {
696 .type = UE_BULK,
697 .endpoint = UE_ADDR_ANY,
698 .direction = UE_DIR_OUT,
699 .ep_index = 4,
700 .bufsize = RUN_MAX_TXSZ,
701 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,},
702 .callback = run_bulk_tx_callback4,
703 .timeout = 5000, /* ms */
704 },
705 [RUN_BULK_TX_PRIO] = {
706 .type = UE_BULK,
707 .endpoint = UE_ADDR_ANY,
708 .direction = UE_DIR_OUT,
709 .ep_index = 5,
710 .bufsize = RUN_MAX_TXSZ,
711 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,},
712 .callback = run_bulk_tx_callback5,
713 .timeout = 5000, /* ms */
714 },
715 [RUN_BULK_RX] = {
716 .type = UE_BULK,
717 .endpoint = UE_ADDR_ANY,
718 .direction = UE_DIR_IN,
719 .bufsize = RUN_MAX_RXSZ,
720 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,},
721 .callback = run_bulk_rx_callback,
722 }
723 };
724
725 static void
run_autoinst(void * arg,struct usb_device * udev,struct usb_attach_arg * uaa)726 run_autoinst(void *arg, struct usb_device *udev,
727 struct usb_attach_arg *uaa)
728 {
729 struct usb_interface *iface;
730 struct usb_interface_descriptor *id;
731
732 if (uaa->dev_state != UAA_DEV_READY)
733 return;
734
735 iface = usbd_get_iface(udev, 0);
736 if (iface == NULL)
737 return;
738 id = iface->idesc;
739 if (id == NULL || id->bInterfaceClass != UICLASS_MASS)
740 return;
741 if (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa))
742 return;
743
744 if (usb_msc_eject(udev, 0, MSC_EJECT_STOPUNIT) == 0)
745 uaa->dev_state = UAA_DEV_EJECTING;
746 }
747
748 static int
run_driver_loaded(struct module * mod,int what,void * arg)749 run_driver_loaded(struct module *mod, int what, void *arg)
750 {
751 switch (what) {
752 case MOD_LOAD:
753 run_etag = EVENTHANDLER_REGISTER(usb_dev_configured,
754 run_autoinst, NULL, EVENTHANDLER_PRI_ANY);
755 break;
756 case MOD_UNLOAD:
757 EVENTHANDLER_DEREGISTER(usb_dev_configured, run_etag);
758 break;
759 default:
760 return (EOPNOTSUPP);
761 }
762 return (0);
763 }
764
765 static int
run_match(device_t self)766 run_match(device_t self)
767 {
768 struct usb_attach_arg *uaa = device_get_ivars(self);
769
770 if (uaa->usb_mode != USB_MODE_HOST)
771 return (ENXIO);
772 if (uaa->info.bConfigIndex != 0)
773 return (ENXIO);
774 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX)
775 return (ENXIO);
776
777 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa));
778 }
779
780 static int
run_attach(device_t self)781 run_attach(device_t self)
782 {
783 struct run_softc *sc = device_get_softc(self);
784 struct usb_attach_arg *uaa = device_get_ivars(self);
785 struct ieee80211com *ic = &sc->sc_ic;
786 uint32_t ver;
787 uint8_t iface_index;
788 int ntries, error;
789
790 device_set_usb_desc(self);
791 sc->sc_udev = uaa->device;
792 sc->sc_dev = self;
793 if (USB_GET_DRIVER_INFO(uaa) != RUN_EJECT)
794 sc->sc_flags |= RUN_FLAG_FWLOAD_NEEDED;
795
796 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev),
797 MTX_NETWORK_LOCK, MTX_DEF);
798 mbufq_init(&sc->sc_snd, ifqmaxlen);
799
800 iface_index = RT2860_IFACE_INDEX;
801
802 error = usbd_transfer_setup(uaa->device, &iface_index,
803 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx);
804 if (error) {
805 device_printf(self, "could not allocate USB transfers, "
806 "err=%s\n", usbd_errstr(error));
807 goto detach;
808 }
809
810 RUN_LOCK(sc);
811
812 /* wait for the chip to settle */
813 for (ntries = 0; ntries < 100; ntries++) {
814 if (run_read(sc, RT2860_ASIC_VER_ID, &ver) != 0) {
815 RUN_UNLOCK(sc);
816 goto detach;
817 }
818 if (ver != 0 && ver != 0xffffffff)
819 break;
820 run_delay(sc, 10);
821 }
822 if (ntries == 100) {
823 device_printf(sc->sc_dev,
824 "timeout waiting for NIC to initialize\n");
825 RUN_UNLOCK(sc);
826 goto detach;
827 }
828 sc->mac_ver = ver >> 16;
829 sc->mac_rev = ver & 0xffff;
830
831 /* retrieve RF rev. no and various other things from EEPROM */
832 run_read_eeprom(sc);
833
834 device_printf(sc->sc_dev,
835 "MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), address %s\n",
836 sc->mac_ver, sc->mac_rev, run_get_rf(sc->rf_rev),
837 sc->ntxchains, sc->nrxchains, ether_sprintf(ic->ic_macaddr));
838
839 RUN_UNLOCK(sc);
840
841 ic->ic_softc = sc;
842 ic->ic_name = device_get_nameunit(self);
843 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
844 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
845
846 /* set device capabilities */
847 ic->ic_caps =
848 IEEE80211_C_STA | /* station mode supported */
849 IEEE80211_C_MONITOR | /* monitor mode supported */
850 IEEE80211_C_IBSS |
851 IEEE80211_C_HOSTAP |
852 IEEE80211_C_WDS | /* 4-address traffic works */
853 IEEE80211_C_MBSS |
854 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
855 IEEE80211_C_SHSLOT | /* short slot time supported */
856 IEEE80211_C_SWAMSDUTX | /* Do software A-MSDU TX */
857 IEEE80211_C_FF | /* Atheros fast-frames */
858 IEEE80211_C_WME | /* WME */
859 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */
860
861 /*
862 * RF2020 is not an 11n device.
863 */
864 if (sc->rf_rev != RT3070_RF_2020) {
865 device_printf(sc->sc_dev, "[HT] Enabling 802.11n\n");
866 ic->ic_htcaps =
867 IEEE80211_HTC_HT |
868 IEEE80211_HTC_AMPDU |
869 IEEE80211_HTC_AMSDU |
870 IEEE80211_HTCAP_MAXAMSDU_3839 |
871 IEEE80211_HTCAP_SMPS_OFF;
872
873 ic->ic_rxstream = sc->nrxchains;
874 ic->ic_txstream = sc->ntxchains;
875 }
876
877 ic->ic_cryptocaps =
878 IEEE80211_CRYPTO_WEP |
879 IEEE80211_CRYPTO_AES_CCM |
880 IEEE80211_CRYPTO_TKIPMIC |
881 IEEE80211_CRYPTO_TKIP;
882
883 ic->ic_flags |= IEEE80211_F_DATAPAD;
884 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
885 ic->ic_flags_ext |= IEEE80211_FEXT_SEQNO_OFFLOAD;
886
887 run_getradiocaps(ic, IEEE80211_CHAN_MAX, &ic->ic_nchans,
888 ic->ic_channels);
889
890 ieee80211_ifattach(ic);
891
892 ic->ic_scan_start = run_scan_start;
893 ic->ic_scan_end = run_scan_end;
894 ic->ic_set_channel = run_set_channel;
895 ic->ic_getradiocaps = run_getradiocaps;
896 ic->ic_node_alloc = run_node_alloc;
897 ic->ic_newassoc = run_newassoc;
898 ic->ic_updateslot = run_updateslot;
899 ic->ic_update_mcast = run_update_mcast;
900 ic->ic_wme.wme_update = run_wme_update;
901 ic->ic_raw_xmit = run_raw_xmit;
902 ic->ic_update_promisc = run_update_promisc;
903 ic->ic_vap_create = run_vap_create;
904 ic->ic_vap_delete = run_vap_delete;
905 ic->ic_transmit = run_transmit;
906 ic->ic_parent = run_parent;
907 ic->ic_update_chw = run_update_chw;
908 ic->ic_ampdu_enable = run_ampdu_enable;
909
910 ieee80211_radiotap_attach(ic,
911 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap),
912 RUN_TX_RADIOTAP_PRESENT,
913 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap),
914 RUN_RX_RADIOTAP_PRESENT);
915
916 TASK_INIT(&sc->cmdq_task, 0, run_cmdq_cb, sc);
917 TASK_INIT(&sc->ratectl_task, 0, run_ratectl_cb, sc);
918 usb_callout_init_mtx(&sc->ratectl_ch, &sc->sc_mtx, 0);
919
920 if (bootverbose)
921 ieee80211_announce(ic);
922
923 return (0);
924
925 detach:
926 run_detach(self);
927 return (ENXIO);
928 }
929
930 static void
run_drain_mbufq(struct run_softc * sc)931 run_drain_mbufq(struct run_softc *sc)
932 {
933 struct mbuf *m;
934 struct ieee80211_node *ni;
935
936 RUN_LOCK_ASSERT(sc, MA_OWNED);
937 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
938 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
939 m->m_pkthdr.rcvif = NULL;
940 ieee80211_free_node(ni);
941 m_freem(m);
942 }
943 }
944
945 static int
run_detach(device_t self)946 run_detach(device_t self)
947 {
948 struct run_softc *sc = device_get_softc(self);
949 struct ieee80211com *ic = &sc->sc_ic;
950 int i;
951
952 RUN_LOCK(sc);
953 sc->sc_detached = 1;
954 RUN_UNLOCK(sc);
955
956 /* stop all USB transfers */
957 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER);
958
959 RUN_LOCK(sc);
960 sc->ratectl_run = RUN_RATECTL_OFF;
961 sc->cmdq_run = sc->cmdq_key_set = RUN_CMDQ_ABORT;
962
963 /* free TX list, if any */
964 for (i = 0; i != RUN_EP_QUEUES; i++)
965 run_unsetup_tx_list(sc, &sc->sc_epq[i]);
966
967 /* Free TX queue */
968 run_drain_mbufq(sc);
969 RUN_UNLOCK(sc);
970
971 if (sc->sc_ic.ic_softc == sc) {
972 /* drain tasks */
973 usb_callout_drain(&sc->ratectl_ch);
974 ieee80211_draintask(ic, &sc->cmdq_task);
975 ieee80211_draintask(ic, &sc->ratectl_task);
976 ieee80211_ifdetach(ic);
977 }
978
979 mtx_destroy(&sc->sc_mtx);
980
981 return (0);
982 }
983
984 static struct ieee80211vap *
run_vap_create(struct ieee80211com * ic,const char name[IFNAMSIZ],int unit,enum ieee80211_opmode opmode,int flags,const uint8_t bssid[IEEE80211_ADDR_LEN],const uint8_t mac[IEEE80211_ADDR_LEN])985 run_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit,
986 enum ieee80211_opmode opmode, int flags,
987 const uint8_t bssid[IEEE80211_ADDR_LEN],
988 const uint8_t mac[IEEE80211_ADDR_LEN])
989 {
990 struct run_softc *sc = ic->ic_softc;
991 struct run_vap *rvp;
992 struct ieee80211vap *vap;
993 int i;
994
995 if (sc->rvp_cnt >= RUN_VAP_MAX) {
996 device_printf(sc->sc_dev, "number of VAPs maxed out\n");
997 return (NULL);
998 }
999
1000 switch (opmode) {
1001 case IEEE80211_M_STA:
1002 /* enable s/w bmiss handling for sta mode */
1003 flags |= IEEE80211_CLONE_NOBEACONS;
1004 /* fall though */
1005 case IEEE80211_M_IBSS:
1006 case IEEE80211_M_MONITOR:
1007 case IEEE80211_M_HOSTAP:
1008 case IEEE80211_M_MBSS:
1009 /* other than WDS vaps, only one at a time */
1010 if (!TAILQ_EMPTY(&ic->ic_vaps))
1011 return (NULL);
1012 break;
1013 case IEEE80211_M_WDS:
1014 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next){
1015 if(vap->iv_opmode != IEEE80211_M_HOSTAP)
1016 continue;
1017 /* WDS vap's always share the local mac address. */
1018 flags &= ~IEEE80211_CLONE_BSSID;
1019 break;
1020 }
1021 if (vap == NULL) {
1022 device_printf(sc->sc_dev,
1023 "wds only supported in ap mode\n");
1024 return (NULL);
1025 }
1026 break;
1027 default:
1028 device_printf(sc->sc_dev, "unknown opmode %d\n", opmode);
1029 return (NULL);
1030 }
1031
1032 rvp = malloc(sizeof(struct run_vap), M_80211_VAP, M_WAITOK | M_ZERO);
1033 vap = &rvp->vap;
1034
1035 if (ieee80211_vap_setup(ic, vap, name, unit, opmode, flags,
1036 bssid) != 0) {
1037 /* out of memory */
1038 free(rvp, M_80211_VAP);
1039 return (NULL);
1040 }
1041
1042 vap->iv_update_beacon = run_update_beacon;
1043 vap->iv_max_aid = RT2870_WCID_MAX;
1044
1045 /*
1046 * The linux rt2800 driver limits 1 stream devices to a 32KB
1047 * RX AMPDU.
1048 */
1049 if (ic->ic_rxstream > 1)
1050 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K;
1051 else
1052 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_32K;
1053 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_2; /* 2uS */
1054
1055 /*
1056 * To delete the right key from h/w, we need wcid.
1057 * Luckily, there is unused space in ieee80211_key{}, wk_pad,
1058 * and matching wcid will be written into there. So, cast
1059 * some spells to remove 'const' from ieee80211_key{}
1060 */
1061 vap->iv_key_delete = (void *)run_key_delete;
1062 vap->iv_key_set = (void *)run_key_set;
1063
1064 /* override state transition machine */
1065 rvp->newstate = vap->iv_newstate;
1066 vap->iv_newstate = run_newstate;
1067 if (opmode == IEEE80211_M_IBSS) {
1068 rvp->recv_mgmt = vap->iv_recv_mgmt;
1069 vap->iv_recv_mgmt = run_recv_mgmt;
1070 }
1071
1072 ieee80211_ratectl_init(vap);
1073 ieee80211_ratectl_setinterval(vap, 1000 /* 1 sec */);
1074
1075 /* complete setup */
1076 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status,
1077 mac);
1078
1079 /* make sure id is always unique */
1080 for (i = 0; i < RUN_VAP_MAX; i++) {
1081 if((sc->rvp_bmap & 1 << i) == 0){
1082 sc->rvp_bmap |= 1 << i;
1083 rvp->rvp_id = i;
1084 break;
1085 }
1086 }
1087 if (sc->rvp_cnt++ == 0)
1088 ic->ic_opmode = opmode;
1089
1090 if (opmode == IEEE80211_M_HOSTAP)
1091 sc->cmdq_run = RUN_CMDQ_GO;
1092
1093 RUN_DPRINTF(sc, RUN_DEBUG_STATE, "rvp_id=%d bmap=%x rvp_cnt=%d\n",
1094 rvp->rvp_id, sc->rvp_bmap, sc->rvp_cnt);
1095
1096 return (vap);
1097 }
1098
1099 static void
run_vap_delete(struct ieee80211vap * vap)1100 run_vap_delete(struct ieee80211vap *vap)
1101 {
1102 struct run_vap *rvp = RUN_VAP(vap);
1103 struct ieee80211com *ic;
1104 struct run_softc *sc;
1105 uint8_t rvp_id;
1106
1107 if (vap == NULL)
1108 return;
1109
1110 ic = vap->iv_ic;
1111 sc = ic->ic_softc;
1112
1113 RUN_LOCK(sc);
1114
1115 m_freem(rvp->beacon_mbuf);
1116 rvp->beacon_mbuf = NULL;
1117
1118 rvp_id = rvp->rvp_id;
1119 sc->ratectl_run &= ~(1 << rvp_id);
1120 sc->rvp_bmap &= ~(1 << rvp_id);
1121 run_set_region_4(sc, RT2860_SKEY(rvp_id, 0), 0, 128);
1122 run_set_region_4(sc, RT2860_BCN_BASE(rvp_id), 0, 512);
1123 --sc->rvp_cnt;
1124
1125 RUN_DPRINTF(sc, RUN_DEBUG_STATE,
1126 "vap=%p rvp_id=%d bmap=%x rvp_cnt=%d\n",
1127 vap, rvp_id, sc->rvp_bmap, sc->rvp_cnt);
1128
1129 RUN_UNLOCK(sc);
1130
1131 ieee80211_ratectl_deinit(vap);
1132 ieee80211_vap_detach(vap);
1133 free(rvp, M_80211_VAP);
1134 }
1135
1136 /*
1137 * There are numbers of functions need to be called in context thread.
1138 * Rather than creating taskqueue event for each of those functions,
1139 * here is all-for-one taskqueue callback function. This function
1140 * guarantees deferred functions are executed in the same order they
1141 * were enqueued.
1142 * '& RUN_CMDQ_MASQ' is to loop cmdq[].
1143 */
1144 static void
run_cmdq_cb(void * arg,int pending)1145 run_cmdq_cb(void *arg, int pending)
1146 {
1147 struct run_softc *sc = arg;
1148 uint8_t i;
1149
1150 /* call cmdq[].func locked */
1151 RUN_LOCK(sc);
1152 for (i = sc->cmdq_exec; sc->cmdq[i].func && pending;
1153 i = sc->cmdq_exec, pending--) {
1154 RUN_DPRINTF(sc, RUN_DEBUG_CMD, "cmdq_exec=%d pending=%d\n",
1155 i, pending);
1156 if (sc->cmdq_run == RUN_CMDQ_GO) {
1157 /*
1158 * If arg0 is NULL, callback func needs more
1159 * than one arg. So, pass ptr to cmdq struct.
1160 */
1161 if (sc->cmdq[i].arg0)
1162 sc->cmdq[i].func(sc->cmdq[i].arg0);
1163 else
1164 sc->cmdq[i].func(&sc->cmdq[i]);
1165 }
1166 sc->cmdq[i].arg0 = NULL;
1167 sc->cmdq[i].func = NULL;
1168 sc->cmdq_exec++;
1169 sc->cmdq_exec &= RUN_CMDQ_MASQ;
1170 }
1171 RUN_UNLOCK(sc);
1172 }
1173
1174 static void
run_setup_tx_list(struct run_softc * sc,struct run_endpoint_queue * pq)1175 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq)
1176 {
1177 struct run_tx_data *data;
1178
1179 memset(pq, 0, sizeof(*pq));
1180
1181 STAILQ_INIT(&pq->tx_qh);
1182 STAILQ_INIT(&pq->tx_fh);
1183
1184 for (data = &pq->tx_data[0];
1185 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) {
1186 data->sc = sc;
1187 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next);
1188 }
1189 pq->tx_nfree = RUN_TX_RING_COUNT;
1190 }
1191
1192 static void
run_unsetup_tx_list(struct run_softc * sc,struct run_endpoint_queue * pq)1193 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq)
1194 {
1195 struct run_tx_data *data;
1196
1197 /* make sure any subsequent use of the queues will fail */
1198 pq->tx_nfree = 0;
1199 STAILQ_INIT(&pq->tx_fh);
1200 STAILQ_INIT(&pq->tx_qh);
1201
1202 /* free up all node references and mbufs */
1203 for (data = &pq->tx_data[0];
1204 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) {
1205 if (data->m != NULL) {
1206 m_freem(data->m);
1207 data->m = NULL;
1208 }
1209 if (data->ni != NULL) {
1210 ieee80211_free_node(data->ni);
1211 data->ni = NULL;
1212 }
1213 }
1214 }
1215
1216 static int
run_load_microcode(struct run_softc * sc)1217 run_load_microcode(struct run_softc *sc)
1218 {
1219 usb_device_request_t req;
1220 const struct firmware *fw;
1221 const u_char *base;
1222 uint32_t tmp;
1223 int ntries, error;
1224 const uint64_t *temp;
1225 uint64_t bytes;
1226
1227 RUN_UNLOCK(sc);
1228 fw = firmware_get("runfw");
1229 RUN_LOCK(sc);
1230 if (fw == NULL) {
1231 device_printf(sc->sc_dev,
1232 "failed loadfirmware of file %s\n", "runfw");
1233 return ENOENT;
1234 }
1235
1236 if (fw->datasize != 8192) {
1237 device_printf(sc->sc_dev,
1238 "invalid firmware size (should be 8KB)\n");
1239 error = EINVAL;
1240 goto fail;
1241 }
1242
1243 /*
1244 * RT3071/RT3072 use a different firmware
1245 * run-rt2870 (8KB) contains both,
1246 * first half (4KB) is for rt2870,
1247 * last half is for rt3071.
1248 */
1249 base = fw->data;
1250 if ((sc->mac_ver) != 0x2860 &&
1251 (sc->mac_ver) != 0x2872 &&
1252 (sc->mac_ver) != 0x3070) {
1253 base += 4096;
1254 }
1255
1256 /* cheap sanity check */
1257 temp = fw->data;
1258 bytes = *temp;
1259 if (bytes != be64toh(0xffffff0210280210ULL)) {
1260 device_printf(sc->sc_dev, "firmware checksum failed\n");
1261 error = EINVAL;
1262 goto fail;
1263 }
1264
1265 /* write microcode image */
1266 if (sc->sc_flags & RUN_FLAG_FWLOAD_NEEDED) {
1267 run_write_region_1(sc, RT2870_FW_BASE, base, 4096);
1268 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff);
1269 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff);
1270 }
1271
1272 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1273 req.bRequest = RT2870_RESET;
1274 USETW(req.wValue, 8);
1275 USETW(req.wIndex, 0);
1276 USETW(req.wLength, 0);
1277 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL))
1278 != 0) {
1279 device_printf(sc->sc_dev, "firmware reset failed\n");
1280 goto fail;
1281 }
1282
1283 run_delay(sc, 10);
1284
1285 run_write(sc, RT2860_H2M_BBPAGENT, 0);
1286 run_write(sc, RT2860_H2M_MAILBOX, 0);
1287 run_write(sc, RT2860_H2M_INTSRC, 0);
1288 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0)) != 0)
1289 goto fail;
1290
1291 /* wait until microcontroller is ready */
1292 for (ntries = 0; ntries < 1000; ntries++) {
1293 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0)
1294 goto fail;
1295 if (tmp & RT2860_MCU_READY)
1296 break;
1297 run_delay(sc, 10);
1298 }
1299 if (ntries == 1000) {
1300 device_printf(sc->sc_dev,
1301 "timeout waiting for MCU to initialize\n");
1302 error = ETIMEDOUT;
1303 goto fail;
1304 }
1305 device_printf(sc->sc_dev, "firmware %s ver. %u.%u loaded\n",
1306 (base == fw->data) ? "RT2870" : "RT3071",
1307 *(base + 4092), *(base + 4093));
1308
1309 fail:
1310 firmware_put(fw, FIRMWARE_UNLOAD);
1311 return (error);
1312 }
1313
1314 static int
run_reset(struct run_softc * sc)1315 run_reset(struct run_softc *sc)
1316 {
1317 usb_device_request_t req;
1318
1319 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1320 req.bRequest = RT2870_RESET;
1321 USETW(req.wValue, 1);
1322 USETW(req.wIndex, 0);
1323 USETW(req.wLength, 0);
1324 return (usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL));
1325 }
1326
1327 static usb_error_t
run_do_request(struct run_softc * sc,struct usb_device_request * req,void * data)1328 run_do_request(struct run_softc *sc,
1329 struct usb_device_request *req, void *data)
1330 {
1331 usb_error_t err;
1332 int ntries = 10;
1333
1334 RUN_LOCK_ASSERT(sc, MA_OWNED);
1335
1336 while (ntries--) {
1337 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx,
1338 req, data, 0, NULL, 250 /* ms */);
1339 if (err == 0)
1340 break;
1341 RUN_DPRINTF(sc, RUN_DEBUG_USB,
1342 "Control request failed, %s (retrying)\n",
1343 usbd_errstr(err));
1344 run_delay(sc, 10);
1345 }
1346 return (err);
1347 }
1348
1349 static int
run_read(struct run_softc * sc,uint16_t reg,uint32_t * val)1350 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val)
1351 {
1352 uint32_t tmp;
1353 int error;
1354
1355 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp);
1356 if (error == 0)
1357 *val = le32toh(tmp);
1358 else
1359 *val = 0xffffffff;
1360 return (error);
1361 }
1362
1363 static int
run_read_region_1(struct run_softc * sc,uint16_t reg,uint8_t * buf,int len)1364 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len)
1365 {
1366 usb_device_request_t req;
1367
1368 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1369 req.bRequest = RT2870_READ_REGION_1;
1370 USETW(req.wValue, 0);
1371 USETW(req.wIndex, reg);
1372 USETW(req.wLength, len);
1373
1374 return (run_do_request(sc, &req, buf));
1375 }
1376
1377 static int
run_write_2(struct run_softc * sc,uint16_t reg,uint16_t val)1378 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val)
1379 {
1380 usb_device_request_t req;
1381
1382 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1383 req.bRequest = RT2870_WRITE_2;
1384 USETW(req.wValue, val);
1385 USETW(req.wIndex, reg);
1386 USETW(req.wLength, 0);
1387
1388 return (run_do_request(sc, &req, NULL));
1389 }
1390
1391 static int
run_write(struct run_softc * sc,uint16_t reg,uint32_t val)1392 run_write(struct run_softc *sc, uint16_t reg, uint32_t val)
1393 {
1394 int error;
1395
1396 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0)
1397 error = run_write_2(sc, reg + 2, val >> 16);
1398 return (error);
1399 }
1400
1401 static int
run_write_region_1(struct run_softc * sc,uint16_t reg,const uint8_t * buf,int len)1402 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf,
1403 int len)
1404 {
1405 #if 1
1406 int i, error = 0;
1407 /*
1408 * NB: the WRITE_REGION_1 command is not stable on RT2860.
1409 * We thus issue multiple WRITE_2 commands instead.
1410 */
1411 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n"));
1412 for (i = 0; i < len && error == 0; i += 2)
1413 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8);
1414 return (error);
1415 #else
1416 usb_device_request_t req;
1417 int error = 0;
1418
1419 /*
1420 * NOTE: It appears the WRITE_REGION_1 command cannot be
1421 * passed a huge amount of data, which will crash the
1422 * firmware. Limit amount of data passed to 64-bytes at a
1423 * time.
1424 */
1425 while (len > 0) {
1426 int delta = 64;
1427 if (delta > len)
1428 delta = len;
1429
1430 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1431 req.bRequest = RT2870_WRITE_REGION_1;
1432 USETW(req.wValue, 0);
1433 USETW(req.wIndex, reg);
1434 USETW(req.wLength, delta);
1435 error = run_do_request(sc, &req, __DECONST(uint8_t *, buf));
1436 if (error != 0)
1437 break;
1438 reg += delta;
1439 buf += delta;
1440 len -= delta;
1441 }
1442 return (error);
1443 #endif
1444 }
1445
1446 static int
run_set_region_4(struct run_softc * sc,uint16_t reg,uint32_t val,int len)1447 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len)
1448 {
1449 int i, error = 0;
1450
1451 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n"));
1452 for (i = 0; i < len && error == 0; i += 4)
1453 error = run_write(sc, reg + i, val);
1454 return (error);
1455 }
1456
1457 static int
run_efuse_read(struct run_softc * sc,uint16_t addr,uint16_t * val,int count)1458 run_efuse_read(struct run_softc *sc, uint16_t addr, uint16_t *val, int count)
1459 {
1460 uint32_t tmp;
1461 uint16_t reg;
1462 int error, ntries;
1463
1464 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1465 return (error);
1466
1467 if (count == 2)
1468 addr *= 2;
1469 /*-
1470 * Read one 16-byte block into registers EFUSE_DATA[0-3]:
1471 * DATA0: F E D C
1472 * DATA1: B A 9 8
1473 * DATA2: 7 6 5 4
1474 * DATA3: 3 2 1 0
1475 */
1476 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK);
1477 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK;
1478 run_write(sc, RT3070_EFUSE_CTRL, tmp);
1479 for (ntries = 0; ntries < 100; ntries++) {
1480 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1481 return (error);
1482 if (!(tmp & RT3070_EFSROM_KICK))
1483 break;
1484 run_delay(sc, 2);
1485 }
1486 if (ntries == 100)
1487 return (ETIMEDOUT);
1488
1489 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) {
1490 *val = 0xffff; /* address not found */
1491 return (0);
1492 }
1493 /* determine to which 32-bit register our 16-bit word belongs */
1494 reg = RT3070_EFUSE_DATA3 - (addr & 0xc);
1495 if ((error = run_read(sc, reg, &tmp)) != 0)
1496 return (error);
1497
1498 tmp >>= (8 * (addr & 0x3));
1499 *val = (addr & 1) ? tmp >> 16 : tmp & 0xffff;
1500
1501 return (0);
1502 }
1503
1504 /* Read 16-bit from eFUSE ROM for RT3xxx. */
1505 static int
run_efuse_read_2(struct run_softc * sc,uint16_t addr,uint16_t * val)1506 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val)
1507 {
1508 return (run_efuse_read(sc, addr, val, 2));
1509 }
1510
1511 static int
run_eeprom_read_2(struct run_softc * sc,uint16_t addr,uint16_t * val)1512 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val)
1513 {
1514 usb_device_request_t req;
1515 uint16_t tmp;
1516 int error;
1517
1518 addr *= 2;
1519 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1520 req.bRequest = RT2870_EEPROM_READ;
1521 USETW(req.wValue, 0);
1522 USETW(req.wIndex, addr);
1523 USETW(req.wLength, sizeof(tmp));
1524
1525 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp);
1526 if (error == 0)
1527 *val = le16toh(tmp);
1528 else
1529 *val = 0xffff;
1530 return (error);
1531 }
1532
1533 static __inline int
run_srom_read(struct run_softc * sc,uint16_t addr,uint16_t * val)1534 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val)
1535 {
1536 /* either eFUSE ROM or EEPROM */
1537 return sc->sc_srom_read(sc, addr, val);
1538 }
1539
1540 static int
run_rt2870_rf_write(struct run_softc * sc,uint32_t val)1541 run_rt2870_rf_write(struct run_softc *sc, uint32_t val)
1542 {
1543 uint32_t tmp;
1544 int error, ntries;
1545
1546 for (ntries = 0; ntries < 10; ntries++) {
1547 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0)
1548 return (error);
1549 if (!(tmp & RT2860_RF_REG_CTRL))
1550 break;
1551 }
1552 if (ntries == 10)
1553 return (ETIMEDOUT);
1554
1555 return (run_write(sc, RT2860_RF_CSR_CFG0, val));
1556 }
1557
1558 static int
run_rt3070_rf_read(struct run_softc * sc,uint8_t reg,uint8_t * val)1559 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val)
1560 {
1561 uint32_t tmp;
1562 int error, ntries;
1563
1564 for (ntries = 0; ntries < 100; ntries++) {
1565 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1566 return (error);
1567 if (!(tmp & RT3070_RF_KICK))
1568 break;
1569 }
1570 if (ntries == 100)
1571 return (ETIMEDOUT);
1572
1573 tmp = RT3070_RF_KICK | reg << 8;
1574 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0)
1575 return (error);
1576
1577 for (ntries = 0; ntries < 100; ntries++) {
1578 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1579 return (error);
1580 if (!(tmp & RT3070_RF_KICK))
1581 break;
1582 }
1583 if (ntries == 100)
1584 return (ETIMEDOUT);
1585
1586 *val = tmp & 0xff;
1587 return (0);
1588 }
1589
1590 static int
run_rt3070_rf_write(struct run_softc * sc,uint8_t reg,uint8_t val)1591 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val)
1592 {
1593 uint32_t tmp;
1594 int error, ntries;
1595
1596 for (ntries = 0; ntries < 10; ntries++) {
1597 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1598 return (error);
1599 if (!(tmp & RT3070_RF_KICK))
1600 break;
1601 }
1602 if (ntries == 10)
1603 return (ETIMEDOUT);
1604
1605 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val;
1606 return (run_write(sc, RT3070_RF_CSR_CFG, tmp));
1607 }
1608
1609 static int
run_bbp_read(struct run_softc * sc,uint8_t reg,uint8_t * val)1610 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val)
1611 {
1612 uint32_t tmp;
1613 int ntries, error;
1614
1615 for (ntries = 0; ntries < 10; ntries++) {
1616 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1617 return (error);
1618 if (!(tmp & RT2860_BBP_CSR_KICK))
1619 break;
1620 }
1621 if (ntries == 10)
1622 return (ETIMEDOUT);
1623
1624 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8;
1625 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0)
1626 return (error);
1627
1628 for (ntries = 0; ntries < 10; ntries++) {
1629 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1630 return (error);
1631 if (!(tmp & RT2860_BBP_CSR_KICK))
1632 break;
1633 }
1634 if (ntries == 10)
1635 return (ETIMEDOUT);
1636
1637 *val = tmp & 0xff;
1638 return (0);
1639 }
1640
1641 static int
run_bbp_write(struct run_softc * sc,uint8_t reg,uint8_t val)1642 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val)
1643 {
1644 uint32_t tmp;
1645 int ntries, error;
1646
1647 for (ntries = 0; ntries < 10; ntries++) {
1648 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1649 return (error);
1650 if (!(tmp & RT2860_BBP_CSR_KICK))
1651 break;
1652 }
1653 if (ntries == 10)
1654 return (ETIMEDOUT);
1655
1656 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val;
1657 return (run_write(sc, RT2860_BBP_CSR_CFG, tmp));
1658 }
1659
1660 /*
1661 * Send a command to the 8051 microcontroller unit.
1662 */
1663 static int
run_mcu_cmd(struct run_softc * sc,uint8_t cmd,uint16_t arg)1664 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg)
1665 {
1666 uint32_t tmp;
1667 int error, ntries;
1668
1669 for (ntries = 0; ntries < 100; ntries++) {
1670 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0)
1671 return error;
1672 if (!(tmp & RT2860_H2M_BUSY))
1673 break;
1674 }
1675 if (ntries == 100)
1676 return ETIMEDOUT;
1677
1678 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg;
1679 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0)
1680 error = run_write(sc, RT2860_HOST_CMD, cmd);
1681 return (error);
1682 }
1683
1684 /*
1685 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word.
1686 * Used to adjust per-rate Tx power registers.
1687 */
1688 static __inline uint32_t
b4inc(uint32_t b32,int8_t delta)1689 b4inc(uint32_t b32, int8_t delta)
1690 {
1691 int8_t i, b4;
1692
1693 for (i = 0; i < 8; i++) {
1694 b4 = b32 & 0xf;
1695 b4 += delta;
1696 if (b4 < 0)
1697 b4 = 0;
1698 else if (b4 > 0xf)
1699 b4 = 0xf;
1700 b32 = b32 >> 4 | b4 << 28;
1701 }
1702 return (b32);
1703 }
1704
1705 static const char *
run_get_rf(uint16_t rev)1706 run_get_rf(uint16_t rev)
1707 {
1708 switch (rev) {
1709 case RT2860_RF_2820: return "RT2820";
1710 case RT2860_RF_2850: return "RT2850";
1711 case RT2860_RF_2720: return "RT2720";
1712 case RT2860_RF_2750: return "RT2750";
1713 case RT3070_RF_3020: return "RT3020";
1714 case RT3070_RF_2020: return "RT2020";
1715 case RT3070_RF_3021: return "RT3021";
1716 case RT3070_RF_3022: return "RT3022";
1717 case RT3070_RF_3052: return "RT3052";
1718 case RT3593_RF_3053: return "RT3053";
1719 case RT5592_RF_5592: return "RT5592";
1720 case RT5390_RF_5370: return "RT5370";
1721 case RT5390_RF_5372: return "RT5372";
1722 }
1723 return ("unknown");
1724 }
1725
1726 static void
run_rt3593_get_txpower(struct run_softc * sc)1727 run_rt3593_get_txpower(struct run_softc *sc)
1728 {
1729 uint16_t addr, val;
1730 int i;
1731
1732 /* Read power settings for 2GHz channels. */
1733 for (i = 0; i < 14; i += 2) {
1734 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE1 :
1735 RT2860_EEPROM_PWR2GHZ_BASE1;
1736 run_srom_read(sc, addr + i / 2, &val);
1737 sc->txpow1[i + 0] = (int8_t)(val & 0xff);
1738 sc->txpow1[i + 1] = (int8_t)(val >> 8);
1739
1740 addr = (sc->ntxchains == 3) ? RT3593_EEPROM_PWR2GHZ_BASE2 :
1741 RT2860_EEPROM_PWR2GHZ_BASE2;
1742 run_srom_read(sc, addr + i / 2, &val);
1743 sc->txpow2[i + 0] = (int8_t)(val & 0xff);
1744 sc->txpow2[i + 1] = (int8_t)(val >> 8);
1745
1746 if (sc->ntxchains == 3) {
1747 run_srom_read(sc, RT3593_EEPROM_PWR2GHZ_BASE3 + i / 2,
1748 &val);
1749 sc->txpow3[i + 0] = (int8_t)(val & 0xff);
1750 sc->txpow3[i + 1] = (int8_t)(val >> 8);
1751 }
1752 }
1753 /* Fix broken Tx power entries. */
1754 for (i = 0; i < 14; i++) {
1755 if (sc->txpow1[i] > 31)
1756 sc->txpow1[i] = 5;
1757 if (sc->txpow2[i] > 31)
1758 sc->txpow2[i] = 5;
1759 if (sc->ntxchains == 3) {
1760 if (sc->txpow3[i] > 31)
1761 sc->txpow3[i] = 5;
1762 }
1763 }
1764 /* Read power settings for 5GHz channels. */
1765 for (i = 0; i < 40; i += 2) {
1766 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE1 + i / 2, &val);
1767 sc->txpow1[i + 14] = (int8_t)(val & 0xff);
1768 sc->txpow1[i + 15] = (int8_t)(val >> 8);
1769
1770 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE2 + i / 2, &val);
1771 sc->txpow2[i + 14] = (int8_t)(val & 0xff);
1772 sc->txpow2[i + 15] = (int8_t)(val >> 8);
1773
1774 if (sc->ntxchains == 3) {
1775 run_srom_read(sc, RT3593_EEPROM_PWR5GHZ_BASE3 + i / 2,
1776 &val);
1777 sc->txpow3[i + 14] = (int8_t)(val & 0xff);
1778 sc->txpow3[i + 15] = (int8_t)(val >> 8);
1779 }
1780 }
1781 }
1782
1783 static void
run_get_txpower(struct run_softc * sc)1784 run_get_txpower(struct run_softc *sc)
1785 {
1786 uint16_t val;
1787 int i;
1788
1789 /* Read power settings for 2GHz channels. */
1790 for (i = 0; i < 14; i += 2) {
1791 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val);
1792 sc->txpow1[i + 0] = (int8_t)(val & 0xff);
1793 sc->txpow1[i + 1] = (int8_t)(val >> 8);
1794
1795 if (sc->mac_ver != 0x5390) {
1796 run_srom_read(sc,
1797 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val);
1798 sc->txpow2[i + 0] = (int8_t)(val & 0xff);
1799 sc->txpow2[i + 1] = (int8_t)(val >> 8);
1800 }
1801 }
1802 /* Fix broken Tx power entries. */
1803 for (i = 0; i < 14; i++) {
1804 if (sc->mac_ver >= 0x5390) {
1805 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 39)
1806 sc->txpow1[i] = 5;
1807 } else {
1808 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31)
1809 sc->txpow1[i] = 5;
1810 }
1811 if (sc->mac_ver > 0x5390) {
1812 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 39)
1813 sc->txpow2[i] = 5;
1814 } else if (sc->mac_ver < 0x5390) {
1815 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31)
1816 sc->txpow2[i] = 5;
1817 }
1818 RUN_DPRINTF(sc, RUN_DEBUG_TXPWR,
1819 "chan %d: power1=%d, power2=%d\n",
1820 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]);
1821 }
1822 /* Read power settings for 5GHz channels. */
1823 for (i = 0; i < 40; i += 2) {
1824 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val);
1825 sc->txpow1[i + 14] = (int8_t)(val & 0xff);
1826 sc->txpow1[i + 15] = (int8_t)(val >> 8);
1827
1828 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val);
1829 sc->txpow2[i + 14] = (int8_t)(val & 0xff);
1830 sc->txpow2[i + 15] = (int8_t)(val >> 8);
1831 }
1832 /* Fix broken Tx power entries. */
1833 for (i = 0; i < 40; i++ ) {
1834 if (sc->mac_ver != 0x5592) {
1835 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15)
1836 sc->txpow1[14 + i] = 5;
1837 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15)
1838 sc->txpow2[14 + i] = 5;
1839 }
1840 RUN_DPRINTF(sc, RUN_DEBUG_TXPWR,
1841 "chan %d: power1=%d, power2=%d\n",
1842 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i],
1843 sc->txpow2[14 + i]);
1844 }
1845 }
1846
1847 static int
run_read_eeprom(struct run_softc * sc)1848 run_read_eeprom(struct run_softc *sc)
1849 {
1850 struct ieee80211com *ic = &sc->sc_ic;
1851 int8_t delta_2ghz, delta_5ghz;
1852 uint32_t tmp;
1853 uint16_t val;
1854 int ridx, ant, i;
1855
1856 /* check whether the ROM is eFUSE ROM or EEPROM */
1857 sc->sc_srom_read = run_eeprom_read_2;
1858 if (sc->mac_ver >= 0x3070) {
1859 run_read(sc, RT3070_EFUSE_CTRL, &tmp);
1860 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "EFUSE_CTRL=0x%08x\n", tmp);
1861 if ((tmp & RT3070_SEL_EFUSE) || sc->mac_ver == 0x3593)
1862 sc->sc_srom_read = run_efuse_read_2;
1863 }
1864
1865 /* read ROM version */
1866 run_srom_read(sc, RT2860_EEPROM_VERSION, &val);
1867 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
1868 "EEPROM rev=%d, FAE=%d\n", val >> 8, val & 0xff);
1869
1870 /* read MAC address */
1871 run_srom_read(sc, RT2860_EEPROM_MAC01, &val);
1872 ic->ic_macaddr[0] = val & 0xff;
1873 ic->ic_macaddr[1] = val >> 8;
1874 run_srom_read(sc, RT2860_EEPROM_MAC23, &val);
1875 ic->ic_macaddr[2] = val & 0xff;
1876 ic->ic_macaddr[3] = val >> 8;
1877 run_srom_read(sc, RT2860_EEPROM_MAC45, &val);
1878 ic->ic_macaddr[4] = val & 0xff;
1879 ic->ic_macaddr[5] = val >> 8;
1880
1881 if (sc->mac_ver < 0x3593) {
1882 /* read vender BBP settings */
1883 for (i = 0; i < 10; i++) {
1884 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val);
1885 sc->bbp[i].val = val & 0xff;
1886 sc->bbp[i].reg = val >> 8;
1887 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
1888 "BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val);
1889 }
1890 if (sc->mac_ver >= 0x3071) {
1891 /* read vendor RF settings */
1892 for (i = 0; i < 10; i++) {
1893 run_srom_read(sc, RT3071_EEPROM_RF_BASE + i,
1894 &val);
1895 sc->rf[i].val = val & 0xff;
1896 sc->rf[i].reg = val >> 8;
1897 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "RF%d=0x%02x\n",
1898 sc->rf[i].reg, sc->rf[i].val);
1899 }
1900 }
1901 }
1902
1903 /* read RF frequency offset from EEPROM */
1904 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS :
1905 RT3593_EEPROM_FREQ, &val);
1906 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0;
1907 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "EEPROM freq offset %d\n",
1908 sc->freq & 0xff);
1909
1910 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_FREQ_LEDS :
1911 RT3593_EEPROM_FREQ_LEDS, &val);
1912 if (val >> 8 != 0xff) {
1913 /* read LEDs operating mode */
1914 sc->leds = val >> 8;
1915 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED1 :
1916 RT3593_EEPROM_LED1, &sc->led[0]);
1917 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED2 :
1918 RT3593_EEPROM_LED2, &sc->led[1]);
1919 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LED3 :
1920 RT3593_EEPROM_LED3, &sc->led[2]);
1921 } else {
1922 /* broken EEPROM, use default settings */
1923 sc->leds = 0x01;
1924 sc->led[0] = 0x5555;
1925 sc->led[1] = 0x2221;
1926 sc->led[2] = 0x5627; /* differs from RT2860 */
1927 }
1928 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
1929 "EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n",
1930 sc->leds, sc->led[0], sc->led[1], sc->led[2]);
1931
1932 /* read RF information */
1933 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392)
1934 run_srom_read(sc, 0x00, &val);
1935 else
1936 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val);
1937
1938 if (val == 0xffff) {
1939 device_printf(sc->sc_dev,
1940 "invalid EEPROM antenna info, using default\n");
1941 if (sc->mac_ver == 0x3572) {
1942 /* default to RF3052 2T2R */
1943 sc->rf_rev = RT3070_RF_3052;
1944 sc->ntxchains = 2;
1945 sc->nrxchains = 2;
1946 } else if (sc->mac_ver >= 0x3070) {
1947 /* default to RF3020 1T1R */
1948 sc->rf_rev = RT3070_RF_3020;
1949 sc->ntxchains = 1;
1950 sc->nrxchains = 1;
1951 } else {
1952 /* default to RF2820 1T2R */
1953 sc->rf_rev = RT2860_RF_2820;
1954 sc->ntxchains = 1;
1955 sc->nrxchains = 2;
1956 }
1957 } else {
1958 if (sc->mac_ver == 0x5390 || sc->mac_ver ==0x5392) {
1959 sc->rf_rev = val;
1960 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val);
1961 } else
1962 sc->rf_rev = (val >> 8) & 0xf;
1963 sc->ntxchains = (val >> 4) & 0xf;
1964 sc->nrxchains = val & 0xf;
1965 }
1966 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "EEPROM RF rev=0x%04x chains=%dT%dR\n",
1967 sc->rf_rev, sc->ntxchains, sc->nrxchains);
1968
1969 /* check if RF supports automatic Tx access gain control */
1970 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val);
1971 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "EEPROM CFG 0x%04x\n", val);
1972 /* check if driver should patch the DAC issue */
1973 if ((val >> 8) != 0xff)
1974 sc->patch_dac = (val >> 15) & 1;
1975 if ((val & 0xff) != 0xff) {
1976 sc->ext_5ghz_lna = (val >> 3) & 1;
1977 sc->ext_2ghz_lna = (val >> 2) & 1;
1978 /* check if RF supports automatic Tx access gain control */
1979 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1;
1980 /* check if we have a hardware radio switch */
1981 sc->rfswitch = val & 1;
1982 }
1983
1984 /* Read Tx power settings. */
1985 if (sc->mac_ver == 0x3593)
1986 run_rt3593_get_txpower(sc);
1987 else
1988 run_get_txpower(sc);
1989
1990 /* read Tx power compensation for each Tx rate */
1991 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val);
1992 delta_2ghz = delta_5ghz = 0;
1993 if ((val & 0xff) != 0xff && (val & 0x80)) {
1994 delta_2ghz = val & 0xf;
1995 if (!(val & 0x40)) /* negative number */
1996 delta_2ghz = -delta_2ghz;
1997 }
1998 val >>= 8;
1999 if ((val & 0xff) != 0xff && (val & 0x80)) {
2000 delta_5ghz = val & 0xf;
2001 if (!(val & 0x40)) /* negative number */
2002 delta_5ghz = -delta_5ghz;
2003 }
2004 RUN_DPRINTF(sc, RUN_DEBUG_ROM | RUN_DEBUG_TXPWR,
2005 "power compensation=%d (2GHz), %d (5GHz)\n", delta_2ghz, delta_5ghz);
2006
2007 for (ridx = 0; ridx < 5; ridx++) {
2008 uint32_t reg;
2009
2010 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2, &val);
2011 reg = val;
2012 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1, &val);
2013 reg |= (uint32_t)val << 16;
2014
2015 sc->txpow20mhz[ridx] = reg;
2016 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz);
2017 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz);
2018
2019 RUN_DPRINTF(sc, RUN_DEBUG_ROM | RUN_DEBUG_TXPWR,
2020 "ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, "
2021 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx],
2022 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]);
2023 }
2024
2025 /* Read RSSI offsets and LNA gains from EEPROM. */
2026 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_2GHZ :
2027 RT3593_EEPROM_RSSI1_2GHZ, &val);
2028 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */
2029 sc->rssi_2ghz[1] = val >> 8; /* Ant B */
2030 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_2GHZ :
2031 RT3593_EEPROM_RSSI2_2GHZ, &val);
2032 if (sc->mac_ver >= 0x3070) {
2033 if (sc->mac_ver == 0x3593) {
2034 sc->txmixgain_2ghz = 0;
2035 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */
2036 } else {
2037 /*
2038 * On RT3070 chips (limited to 2 Rx chains), this ROM
2039 * field contains the Tx mixer gain for the 2GHz band.
2040 */
2041 if ((val & 0xff) != 0xff)
2042 sc->txmixgain_2ghz = val & 0x7;
2043 }
2044 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "tx mixer gain=%u (2GHz)\n",
2045 sc->txmixgain_2ghz);
2046 } else
2047 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */
2048 if (sc->mac_ver == 0x3593)
2049 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val);
2050 sc->lna[2] = val >> 8; /* channel group 2 */
2051
2052 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI1_5GHZ :
2053 RT3593_EEPROM_RSSI1_5GHZ, &val);
2054 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */
2055 sc->rssi_5ghz[1] = val >> 8; /* Ant B */
2056 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_RSSI2_5GHZ :
2057 RT3593_EEPROM_RSSI2_5GHZ, &val);
2058 if (sc->mac_ver == 0x3572) {
2059 /*
2060 * On RT3572 chips (limited to 2 Rx chains), this ROM
2061 * field contains the Tx mixer gain for the 5GHz band.
2062 */
2063 if ((val & 0xff) != 0xff)
2064 sc->txmixgain_5ghz = val & 0x7;
2065 RUN_DPRINTF(sc, RUN_DEBUG_ROM, "tx mixer gain=%u (5GHz)\n",
2066 sc->txmixgain_5ghz);
2067 } else
2068 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */
2069 if (sc->mac_ver == 0x3593) {
2070 sc->txmixgain_5ghz = 0;
2071 run_srom_read(sc, RT3593_EEPROM_LNA_5GHZ, &val);
2072 }
2073 sc->lna[3] = val >> 8; /* channel group 3 */
2074
2075 run_srom_read(sc, (sc->mac_ver != 0x3593) ? RT2860_EEPROM_LNA :
2076 RT3593_EEPROM_LNA, &val);
2077 sc->lna[0] = val & 0xff; /* channel group 0 */
2078 sc->lna[1] = val >> 8; /* channel group 1 */
2079
2080 /* fix broken 5GHz LNA entries */
2081 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) {
2082 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
2083 "invalid LNA for channel group %d\n", 2);
2084 sc->lna[2] = sc->lna[1];
2085 }
2086 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) {
2087 RUN_DPRINTF(sc, RUN_DEBUG_ROM,
2088 "invalid LNA for channel group %d\n", 3);
2089 sc->lna[3] = sc->lna[1];
2090 }
2091
2092 /* fix broken RSSI offset entries */
2093 for (ant = 0; ant < 3; ant++) {
2094 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) {
2095 RUN_DPRINTF(sc, RUN_DEBUG_ROM | RUN_DEBUG_RSSI,
2096 "invalid RSSI%d offset: %d (2GHz)\n",
2097 ant + 1, sc->rssi_2ghz[ant]);
2098 sc->rssi_2ghz[ant] = 0;
2099 }
2100 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) {
2101 RUN_DPRINTF(sc, RUN_DEBUG_ROM | RUN_DEBUG_RSSI,
2102 "invalid RSSI%d offset: %d (5GHz)\n",
2103 ant + 1, sc->rssi_5ghz[ant]);
2104 sc->rssi_5ghz[ant] = 0;
2105 }
2106 }
2107 return (0);
2108 }
2109
2110 static struct ieee80211_node *
run_node_alloc(struct ieee80211vap * vap,const uint8_t mac[IEEE80211_ADDR_LEN])2111 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN])
2112 {
2113 return malloc(sizeof (struct run_node), M_80211_NODE,
2114 M_NOWAIT | M_ZERO);
2115 }
2116
2117 static int
run_media_change(if_t ifp)2118 run_media_change(if_t ifp)
2119 {
2120 struct ieee80211vap *vap = if_getsoftc(ifp);
2121 struct ieee80211com *ic = vap->iv_ic;
2122 const struct ieee80211_txparam *tp;
2123 struct run_softc *sc = ic->ic_softc;
2124 uint8_t rate, ridx;
2125 int error;
2126
2127 RUN_LOCK(sc);
2128
2129 error = ieee80211_media_change(ifp);
2130 if (error != 0) {
2131 RUN_UNLOCK(sc);
2132 return (error);
2133 }
2134
2135 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)];
2136 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) {
2137 struct ieee80211_node *ni;
2138 struct run_node *rn;
2139
2140 /* XXX TODO: methodize with MCS rates */
2141 rate = ic->ic_sup_rates[ic->ic_curmode].
2142 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL;
2143 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2144 if (rt2860_rates[ridx].rate == rate)
2145 break;
2146
2147 ni = ieee80211_ref_node(vap->iv_bss);
2148 rn = RUN_NODE(ni);
2149 rn->fix_ridx = ridx;
2150 RUN_DPRINTF(sc, RUN_DEBUG_RATE, "rate=%d, fix_ridx=%d\n",
2151 rate, rn->fix_ridx);
2152 ieee80211_free_node(ni);
2153 }
2154
2155 #if 0
2156 if ((if_getflags(ifp) & IFF_UP) &&
2157 (if_getdrvflags(ifp) & RUN_RUNNING)){
2158 run_init_locked(sc);
2159 }
2160 #endif
2161
2162 RUN_UNLOCK(sc);
2163
2164 return (0);
2165 }
2166
2167 static int
run_newstate(struct ieee80211vap * vap,enum ieee80211_state nstate,int arg)2168 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
2169 {
2170 const struct ieee80211_txparam *tp;
2171 struct ieee80211com *ic = vap->iv_ic;
2172 struct run_softc *sc = ic->ic_softc;
2173 struct run_vap *rvp = RUN_VAP(vap);
2174 enum ieee80211_state ostate;
2175 uint32_t sta[3];
2176 uint8_t ratectl;
2177 uint8_t restart_ratectl = 0;
2178 uint8_t bid = 1 << rvp->rvp_id;
2179
2180 ostate = vap->iv_state;
2181 RUN_DPRINTF(sc, RUN_DEBUG_STATE, "%s -> %s\n",
2182 ieee80211_state_name[ostate],
2183 ieee80211_state_name[nstate]);
2184
2185 IEEE80211_UNLOCK(ic);
2186 RUN_LOCK(sc);
2187
2188 ratectl = sc->ratectl_run; /* remember current state */
2189 sc->ratectl_run = RUN_RATECTL_OFF;
2190 usb_callout_stop(&sc->ratectl_ch);
2191
2192 if (ostate == IEEE80211_S_RUN) {
2193 /* turn link LED off */
2194 run_set_leds(sc, RT2860_LED_RADIO);
2195 }
2196
2197 switch (nstate) {
2198 case IEEE80211_S_INIT:
2199 restart_ratectl = 1;
2200
2201 if (ostate != IEEE80211_S_RUN)
2202 break;
2203
2204 ratectl &= ~bid;
2205 sc->runbmap &= ~bid;
2206
2207 /* abort TSF synchronization if there is no vap running */
2208 if (--sc->running == 0)
2209 run_disable_tsf(sc);
2210 break;
2211
2212 case IEEE80211_S_RUN:
2213 if (!(sc->runbmap & bid)) {
2214 if(sc->running++)
2215 restart_ratectl = 1;
2216 sc->runbmap |= bid;
2217 }
2218
2219 m_freem(rvp->beacon_mbuf);
2220 rvp->beacon_mbuf = NULL;
2221
2222 switch (vap->iv_opmode) {
2223 case IEEE80211_M_HOSTAP:
2224 case IEEE80211_M_MBSS:
2225 sc->ap_running |= bid;
2226 ic->ic_opmode = vap->iv_opmode;
2227 run_update_beacon_cb(vap);
2228 break;
2229 case IEEE80211_M_IBSS:
2230 sc->adhoc_running |= bid;
2231 if (!sc->ap_running)
2232 ic->ic_opmode = vap->iv_opmode;
2233 run_update_beacon_cb(vap);
2234 break;
2235 case IEEE80211_M_STA:
2236 sc->sta_running |= bid;
2237 if (!sc->ap_running && !sc->adhoc_running)
2238 ic->ic_opmode = vap->iv_opmode;
2239
2240 /* read statistic counters (clear on read) */
2241 run_read_region_1(sc, RT2860_TX_STA_CNT0,
2242 (uint8_t *)sta, sizeof sta);
2243
2244 break;
2245 default:
2246 ic->ic_opmode = vap->iv_opmode;
2247 break;
2248 }
2249
2250 if (vap->iv_opmode != IEEE80211_M_MONITOR) {
2251 struct ieee80211_node *ni;
2252
2253 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC) {
2254 RUN_UNLOCK(sc);
2255 IEEE80211_LOCK(ic);
2256 return (-1);
2257 }
2258 run_updateslot(ic);
2259 run_enable_mrr(sc);
2260 run_set_txpreamble(sc);
2261 run_set_basicrates(sc);
2262 ni = ieee80211_ref_node(vap->iv_bss);
2263 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid);
2264 run_set_bssid(sc, sc->sc_bssid);
2265 ieee80211_free_node(ni);
2266 run_enable_tsf_sync(sc);
2267
2268 /* enable automatic rate adaptation */
2269 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)];
2270 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE)
2271 ratectl |= bid;
2272 } else
2273 run_enable_tsf(sc);
2274
2275 /* turn link LED on */
2276 run_set_leds(sc, RT2860_LED_RADIO |
2277 (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan) ?
2278 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ));
2279
2280 break;
2281 default:
2282 RUN_DPRINTF(sc, RUN_DEBUG_STATE, "undefined state\n");
2283 break;
2284 }
2285
2286 /* restart amrr for running VAPs */
2287 if ((sc->ratectl_run = ratectl) && restart_ratectl)
2288 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc);
2289
2290 RUN_UNLOCK(sc);
2291 IEEE80211_LOCK(ic);
2292
2293 return(rvp->newstate(vap, nstate, arg));
2294 }
2295
2296 static int
run_wme_update(struct ieee80211com * ic)2297 run_wme_update(struct ieee80211com *ic)
2298 {
2299 struct chanAccParams chp;
2300 struct run_softc *sc = ic->ic_softc;
2301 const struct wmeParams *ac;
2302 int aci, error = 0;
2303
2304 ieee80211_wme_ic_getparams(ic, &chp);
2305 ac = chp.cap_wmeParams;
2306
2307 /* update MAC TX configuration registers */
2308 RUN_LOCK(sc);
2309 for (aci = 0; aci < WME_NUM_AC; aci++) {
2310 error = run_write(sc, RT2860_EDCA_AC_CFG(aci),
2311 ac[aci].wmep_logcwmax << 16 |
2312 ac[aci].wmep_logcwmin << 12 |
2313 ac[aci].wmep_aifsn << 8 |
2314 ac[aci].wmep_txopLimit);
2315 if (error) goto err;
2316 }
2317
2318 /* update SCH/DMA registers too */
2319 error = run_write(sc, RT2860_WMM_AIFSN_CFG,
2320 ac[WME_AC_VO].wmep_aifsn << 12 |
2321 ac[WME_AC_VI].wmep_aifsn << 8 |
2322 ac[WME_AC_BK].wmep_aifsn << 4 |
2323 ac[WME_AC_BE].wmep_aifsn);
2324 if (error) goto err;
2325 error = run_write(sc, RT2860_WMM_CWMIN_CFG,
2326 ac[WME_AC_VO].wmep_logcwmin << 12 |
2327 ac[WME_AC_VI].wmep_logcwmin << 8 |
2328 ac[WME_AC_BK].wmep_logcwmin << 4 |
2329 ac[WME_AC_BE].wmep_logcwmin);
2330 if (error) goto err;
2331 error = run_write(sc, RT2860_WMM_CWMAX_CFG,
2332 ac[WME_AC_VO].wmep_logcwmax << 12 |
2333 ac[WME_AC_VI].wmep_logcwmax << 8 |
2334 ac[WME_AC_BK].wmep_logcwmax << 4 |
2335 ac[WME_AC_BE].wmep_logcwmax);
2336 if (error) goto err;
2337 error = run_write(sc, RT2860_WMM_TXOP0_CFG,
2338 ac[WME_AC_BK].wmep_txopLimit << 16 |
2339 ac[WME_AC_BE].wmep_txopLimit);
2340 if (error) goto err;
2341 error = run_write(sc, RT2860_WMM_TXOP1_CFG,
2342 ac[WME_AC_VO].wmep_txopLimit << 16 |
2343 ac[WME_AC_VI].wmep_txopLimit);
2344
2345 err:
2346 RUN_UNLOCK(sc);
2347 if (error)
2348 RUN_DPRINTF(sc, RUN_DEBUG_USB, "WME update failed\n");
2349
2350 return (error);
2351 }
2352
2353 static void
run_key_set_cb(void * arg)2354 run_key_set_cb(void *arg)
2355 {
2356 struct run_cmdq *cmdq = arg;
2357 struct ieee80211vap *vap = cmdq->arg1;
2358 struct ieee80211_key *k = cmdq->k;
2359 struct ieee80211com *ic = vap->iv_ic;
2360 struct run_softc *sc = ic->ic_softc;
2361 struct ieee80211_node *ni;
2362 u_int cipher = k->wk_cipher->ic_cipher;
2363 uint32_t attr;
2364 uint16_t base, associd;
2365 uint8_t mode, wcid, iv[8];
2366
2367 RUN_LOCK_ASSERT(sc, MA_OWNED);
2368
2369 if (vap->iv_opmode == IEEE80211_M_HOSTAP)
2370 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, cmdq->mac);
2371 else
2372 ni = vap->iv_bss;
2373 associd = (ni != NULL) ? ni->ni_associd : 0;
2374
2375 /* map net80211 cipher to RT2860 security mode */
2376 switch (cipher) {
2377 case IEEE80211_CIPHER_WEP:
2378 if(ieee80211_crypto_get_key_len(k) < 8) /* TODO: add a specific WEP40/WEP104 call! */
2379 mode = RT2860_MODE_WEP40;
2380 else
2381 mode = RT2860_MODE_WEP104;
2382 break;
2383 case IEEE80211_CIPHER_TKIP:
2384 mode = RT2860_MODE_TKIP;
2385 break;
2386 case IEEE80211_CIPHER_AES_CCM:
2387 mode = RT2860_MODE_AES_CCMP;
2388 break;
2389 default:
2390 RUN_DPRINTF(sc, RUN_DEBUG_KEY, "undefined case\n");
2391 return;
2392 }
2393
2394 RUN_DPRINTF(sc, RUN_DEBUG_KEY,
2395 "associd=%x, keyix=%d, mode=%x, type=%s, tx=%s, rx=%s\n",
2396 associd, k->wk_keyix, mode,
2397 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise",
2398 (k->wk_flags & IEEE80211_KEY_XMIT) ? "on" : "off",
2399 (k->wk_flags & IEEE80211_KEY_RECV) ? "on" : "off");
2400
2401 if (k->wk_flags & IEEE80211_KEY_GROUP) {
2402 wcid = 0; /* NB: update WCID0 for group keys */
2403 base = RT2860_SKEY(RUN_VAP(vap)->rvp_id, k->wk_keyix);
2404 } else {
2405 wcid = (vap->iv_opmode == IEEE80211_M_STA) ?
2406 1 : RUN_AID2WCID(associd);
2407 base = RT2860_PKEY(wcid);
2408 }
2409
2410 if (cipher == IEEE80211_CIPHER_TKIP) {
2411 if (run_write_region_1(sc, base,
2412 ieee80211_crypto_get_key_data(k), 16))
2413 return;
2414 if (run_write_region_1(sc, base + 16,
2415 ieee80211_crypto_get_key_txmic_data(k), 8)) /* wk_txmic */
2416 return;
2417 if (run_write_region_1(sc, base + 24,
2418 ieee80211_crypto_get_key_rxmic_data(k), 8)) /* wk_rxmic */
2419 return;
2420 } else {
2421 /* roundup len to 16-bit: XXX fix write_region_1() instead */
2422 if (run_write_region_1(sc, base,
2423 ieee80211_crypto_get_key_data(k),
2424 (ieee80211_crypto_get_key_len(k) + 1) & ~1))
2425 return;
2426 }
2427
2428 if (!(k->wk_flags & IEEE80211_KEY_GROUP) ||
2429 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) {
2430 /* set initial packet number in IV+EIV */
2431 if (cipher == IEEE80211_CIPHER_WEP) {
2432 memset(iv, 0, sizeof iv);
2433 iv[3] = vap->iv_def_txkey << 6;
2434 } else {
2435 if (cipher == IEEE80211_CIPHER_TKIP) {
2436 iv[0] = k->wk_keytsc >> 8;
2437 iv[1] = (iv[0] | 0x20) & 0x7f;
2438 iv[2] = k->wk_keytsc;
2439 } else /* CCMP */ {
2440 iv[0] = k->wk_keytsc;
2441 iv[1] = k->wk_keytsc >> 8;
2442 iv[2] = 0;
2443 }
2444 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV;
2445 iv[4] = k->wk_keytsc >> 16;
2446 iv[5] = k->wk_keytsc >> 24;
2447 iv[6] = k->wk_keytsc >> 32;
2448 iv[7] = k->wk_keytsc >> 40;
2449 }
2450 if (run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8))
2451 return;
2452 }
2453
2454 if (k->wk_flags & IEEE80211_KEY_GROUP) {
2455 /* install group key */
2456 if (run_read(sc, RT2860_SKEY_MODE_0_7, &attr))
2457 return;
2458 attr &= ~(0xf << (k->wk_keyix * 4));
2459 attr |= mode << (k->wk_keyix * 4);
2460 if (run_write(sc, RT2860_SKEY_MODE_0_7, attr))
2461 return;
2462 } else {
2463 /* install pairwise key */
2464 if (run_read(sc, RT2860_WCID_ATTR(wcid), &attr))
2465 return;
2466 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN;
2467 if (run_write(sc, RT2860_WCID_ATTR(wcid), attr))
2468 return;
2469 }
2470
2471 /* TODO create a pass-thru key entry? */
2472
2473 /* need wcid to delete the right key later */
2474 k->wk_pad = wcid;
2475 }
2476
2477 /*
2478 * Don't have to be deferred, but in order to keep order of
2479 * execution, i.e. with run_key_delete(), defer this and let
2480 * run_cmdq_cb() maintain the order.
2481 *
2482 * return 0 on error
2483 */
2484 static int
run_key_set(struct ieee80211vap * vap,struct ieee80211_key * k)2485 run_key_set(struct ieee80211vap *vap, struct ieee80211_key *k)
2486 {
2487 struct ieee80211com *ic = vap->iv_ic;
2488 struct run_softc *sc = ic->ic_softc;
2489 uint32_t i;
2490
2491 i = RUN_CMDQ_GET(&sc->cmdq_store);
2492 RUN_DPRINTF(sc, RUN_DEBUG_KEY, "cmdq_store=%d\n", i);
2493 sc->cmdq[i].func = run_key_set_cb;
2494 sc->cmdq[i].arg0 = NULL;
2495 sc->cmdq[i].arg1 = vap;
2496 sc->cmdq[i].k = k;
2497 IEEE80211_ADDR_COPY(sc->cmdq[i].mac, k->wk_macaddr);
2498 ieee80211_runtask(ic, &sc->cmdq_task);
2499
2500 /*
2501 * To make sure key will be set when hostapd
2502 * calls iv_key_set() before if_init().
2503 */
2504 if (vap->iv_opmode == IEEE80211_M_HOSTAP) {
2505 RUN_LOCK(sc);
2506 sc->cmdq_key_set = RUN_CMDQ_GO;
2507 RUN_UNLOCK(sc);
2508 }
2509
2510 return (1);
2511 }
2512
2513 /*
2514 * If wlan is destroyed without being brought down i.e. without
2515 * wlan down or wpa_cli terminate, this function is called after
2516 * vap is gone. Don't refer it.
2517 */
2518 static void
run_key_delete_cb(void * arg)2519 run_key_delete_cb(void *arg)
2520 {
2521 struct run_cmdq *cmdq = arg;
2522 struct run_softc *sc = cmdq->arg1;
2523 struct ieee80211_key *k = &cmdq->key;
2524 uint32_t attr;
2525 uint8_t wcid;
2526
2527 RUN_LOCK_ASSERT(sc, MA_OWNED);
2528
2529 if (k->wk_flags & IEEE80211_KEY_GROUP) {
2530 /* remove group key */
2531 RUN_DPRINTF(sc, RUN_DEBUG_KEY, "removing group key\n");
2532 run_read(sc, RT2860_SKEY_MODE_0_7, &attr);
2533 attr &= ~(0xf << (k->wk_keyix * 4));
2534 run_write(sc, RT2860_SKEY_MODE_0_7, attr);
2535 } else {
2536 /* remove pairwise key */
2537 RUN_DPRINTF(sc, RUN_DEBUG_KEY,
2538 "removing key for wcid %x\n", k->wk_pad);
2539 /* matching wcid was written to wk_pad in run_key_set() */
2540 wcid = k->wk_pad;
2541 run_read(sc, RT2860_WCID_ATTR(wcid), &attr);
2542 attr &= ~0xf;
2543 run_write(sc, RT2860_WCID_ATTR(wcid), attr);
2544 run_set_region_4(sc, RT2860_WCID_ENTRY(wcid), 0, 8);
2545 }
2546
2547 k->wk_pad = 0;
2548 }
2549
2550 /*
2551 * return 0 on error
2552 */
2553 static int
run_key_delete(struct ieee80211vap * vap,struct ieee80211_key * k)2554 run_key_delete(struct ieee80211vap *vap, struct ieee80211_key *k)
2555 {
2556 struct ieee80211com *ic = vap->iv_ic;
2557 struct run_softc *sc = ic->ic_softc;
2558 struct ieee80211_key *k0;
2559 uint32_t i;
2560
2561 /*
2562 * When called back, key might be gone. So, make a copy
2563 * of some values need to delete keys before deferring.
2564 * But, because of LOR with node lock, cannot use lock here.
2565 * So, use atomic instead.
2566 */
2567 i = RUN_CMDQ_GET(&sc->cmdq_store);
2568 RUN_DPRINTF(sc, RUN_DEBUG_KEY, "cmdq_store=%d\n", i);
2569 sc->cmdq[i].func = run_key_delete_cb;
2570 sc->cmdq[i].arg0 = NULL;
2571 sc->cmdq[i].arg1 = sc;
2572 k0 = &sc->cmdq[i].key;
2573 k0->wk_flags = k->wk_flags;
2574 k0->wk_keyix = k->wk_keyix;
2575 /* matching wcid was written to wk_pad in run_key_set() */
2576 k0->wk_pad = k->wk_pad;
2577 ieee80211_runtask(ic, &sc->cmdq_task);
2578 return (1); /* return fake success */
2579
2580 }
2581
2582 static void
run_ratectl_to(void * arg)2583 run_ratectl_to(void *arg)
2584 {
2585 struct run_softc *sc = arg;
2586
2587 /* do it in a process context, so it can go sleep */
2588 ieee80211_runtask(&sc->sc_ic, &sc->ratectl_task);
2589 /* next timeout will be rescheduled in the callback task */
2590 }
2591
2592 /* ARGSUSED */
2593 static void
run_ratectl_cb(void * arg,int pending)2594 run_ratectl_cb(void *arg, int pending)
2595 {
2596 struct run_softc *sc = arg;
2597 struct ieee80211com *ic = &sc->sc_ic;
2598 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
2599
2600 if (vap == NULL)
2601 return;
2602
2603 if (sc->rvp_cnt > 1 || vap->iv_opmode != IEEE80211_M_STA) {
2604 /*
2605 * run_reset_livelock() doesn't do anything with AMRR,
2606 * but Ralink wants us to call it every 1 sec. So, we
2607 * piggyback here rather than creating another callout.
2608 * Livelock may occur only in HOSTAP or IBSS mode
2609 * (when h/w is sending beacons).
2610 */
2611 RUN_LOCK(sc);
2612 run_reset_livelock(sc);
2613 /* just in case, there are some stats to drain */
2614 run_drain_fifo(sc);
2615 RUN_UNLOCK(sc);
2616 }
2617
2618 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, sc);
2619
2620 RUN_LOCK(sc);
2621 if(sc->ratectl_run != RUN_RATECTL_OFF)
2622 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc);
2623 RUN_UNLOCK(sc);
2624 }
2625
2626 static void
run_drain_fifo(void * arg)2627 run_drain_fifo(void *arg)
2628 {
2629 struct run_softc *sc = arg;
2630 uint32_t stat;
2631 uint16_t (*wstat)[3];
2632 uint8_t wcid, mcs, pid;
2633 int8_t retry;
2634
2635 RUN_LOCK_ASSERT(sc, MA_OWNED);
2636
2637 for (;;) {
2638 /* drain Tx status FIFO (maxsize = 16) */
2639 run_read(sc, RT2860_TX_STAT_FIFO, &stat);
2640 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "tx stat 0x%08x\n", stat);
2641 if (!(stat & RT2860_TXQ_VLD))
2642 break;
2643
2644 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff;
2645
2646 /* if no ACK was requested, no feedback is available */
2647 if (!(stat & RT2860_TXQ_ACKREQ) || wcid > RT2870_WCID_MAX ||
2648 wcid == 0)
2649 continue;
2650
2651 /*
2652 * Even though each stat is Tx-complete-status like format,
2653 * the device can poll stats. Because there is no guarantee
2654 * that the referring node is still around when read the stats.
2655 * So that, if we use ieee80211_ratectl_tx_update(), we will
2656 * have hard time not to refer already freed node.
2657 *
2658 * To eliminate such page faults, we poll stats in softc.
2659 * Then, update the rates later with ieee80211_ratectl_tx_update().
2660 */
2661 wstat = &(sc->wcid_stats[wcid]);
2662 (*wstat)[RUN_TXCNT]++;
2663 if (stat & RT2860_TXQ_OK)
2664 (*wstat)[RUN_SUCCESS]++;
2665 else
2666 counter_u64_add(sc->sc_ic.ic_oerrors, 1);
2667 /*
2668 * Check if there were retries, ie if the Tx success rate is
2669 * different from the requested rate. Note that it works only
2670 * because we do not allow rate fallback from OFDM to CCK.
2671 */
2672 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f;
2673 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf;
2674 if ((retry = pid -1 - mcs) > 0) {
2675 (*wstat)[RUN_TXCNT] += retry;
2676 (*wstat)[RUN_RETRY] += retry;
2677 }
2678 }
2679 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "count=%d\n", sc->fifo_cnt);
2680
2681 sc->fifo_cnt = 0;
2682 }
2683
2684 static void
run_iter_func(void * arg,struct ieee80211_node * ni)2685 run_iter_func(void *arg, struct ieee80211_node *ni)
2686 {
2687 struct run_softc *sc = arg;
2688 struct ieee80211_ratectl_tx_stats *txs = &sc->sc_txs;
2689 struct ieee80211vap *vap = ni->ni_vap;
2690 struct run_node *rn = RUN_NODE(ni);
2691 union run_stats sta[2];
2692 uint16_t (*wstat)[3];
2693 int error, ridx;
2694 uint8_t dot11rate;
2695
2696 RUN_LOCK(sc);
2697
2698 /* Check for special case */
2699 if (sc->rvp_cnt <= 1 && vap->iv_opmode == IEEE80211_M_STA &&
2700 ni != vap->iv_bss)
2701 goto fail;
2702
2703 txs->flags = IEEE80211_RATECTL_TX_STATS_NODE |
2704 IEEE80211_RATECTL_TX_STATS_RETRIES;
2705 txs->ni = ni;
2706 if (sc->rvp_cnt <= 1 && (vap->iv_opmode == IEEE80211_M_IBSS ||
2707 vap->iv_opmode == IEEE80211_M_STA)) {
2708 /* read statistic counters (clear on read) and update AMRR state */
2709 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta,
2710 sizeof sta);
2711 if (error != 0)
2712 goto fail;
2713
2714 /* count failed TX as errors */
2715 if_inc_counter(vap->iv_ifp, IFCOUNTER_OERRORS,
2716 le16toh(sta[0].error.fail));
2717
2718 txs->nretries = le16toh(sta[1].tx.retry);
2719 txs->nsuccess = le16toh(sta[1].tx.success);
2720 /* nretries??? */
2721 txs->nframes = txs->nretries + txs->nsuccess +
2722 le16toh(sta[0].error.fail);
2723
2724 RUN_DPRINTF(sc, RUN_DEBUG_RATE,
2725 "retrycnt=%d success=%d failcnt=%d\n",
2726 txs->nretries, txs->nsuccess, le16toh(sta[0].error.fail));
2727 } else {
2728 wstat = &(sc->wcid_stats[RUN_AID2WCID(ni->ni_associd)]);
2729
2730 if (wstat == &(sc->wcid_stats[0]) ||
2731 wstat > &(sc->wcid_stats[RT2870_WCID_MAX]))
2732 goto fail;
2733
2734 txs->nretries = (*wstat)[RUN_RETRY];
2735 txs->nsuccess = (*wstat)[RUN_SUCCESS];
2736 txs->nframes = (*wstat)[RUN_TXCNT];
2737 RUN_DPRINTF(sc, RUN_DEBUG_RATE,
2738 "retrycnt=%d txcnt=%d success=%d\n",
2739 txs->nretries, txs->nframes, txs->nsuccess);
2740
2741 memset(wstat, 0, sizeof(*wstat));
2742 }
2743
2744 ieee80211_ratectl_tx_update(vap, txs);
2745 ieee80211_ratectl_rate(ni, NULL, 0);
2746 /* XXX TODO: methodize with MCS rates */
2747 dot11rate = ieee80211_node_get_txrate_dot11rate(ni);
2748 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2749 if (rt2860_rates[ridx].rate == dot11rate)
2750 break;
2751 rn->amrr_ridx = ridx;
2752
2753 fail:
2754 RUN_UNLOCK(sc);
2755
2756 RUN_DPRINTF(sc, RUN_DEBUG_RATE, "rate=0x%02x, ridx=%d\n",
2757 ieee80211_node_get_txrate_dot11rate(ni), rn->amrr_ridx);
2758 }
2759
2760 static void
run_newassoc_cb(void * arg)2761 run_newassoc_cb(void *arg)
2762 {
2763 struct run_cmdq *cmdq = arg;
2764 struct ieee80211_node *ni = cmdq->arg1;
2765 struct run_softc *sc = ni->ni_vap->iv_ic->ic_softc;
2766 uint8_t wcid = cmdq->wcid;
2767
2768 RUN_LOCK_ASSERT(sc, MA_OWNED);
2769
2770 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid),
2771 ni->ni_macaddr, IEEE80211_ADDR_LEN);
2772
2773 memset(&(sc->wcid_stats[wcid]), 0, sizeof(sc->wcid_stats[wcid]));
2774 }
2775
2776 static void
run_newassoc(struct ieee80211_node * ni,int isnew)2777 run_newassoc(struct ieee80211_node *ni, int isnew)
2778 {
2779 struct run_node *rn = RUN_NODE(ni);
2780 struct ieee80211vap *vap = ni->ni_vap;
2781 struct ieee80211com *ic = vap->iv_ic;
2782 struct run_softc *sc = ic->ic_softc;
2783 uint8_t rate;
2784 uint8_t ridx;
2785 uint8_t wcid;
2786
2787 wcid = (vap->iv_opmode == IEEE80211_M_STA) ?
2788 1 : RUN_AID2WCID(ni->ni_associd);
2789
2790 if (wcid > RT2870_WCID_MAX) {
2791 device_printf(sc->sc_dev, "wcid=%d out of range\n", wcid);
2792 return;
2793 }
2794
2795 /* only interested in true associations */
2796 if (isnew && ni->ni_associd != 0) {
2797 /*
2798 * This function could is called though timeout function.
2799 * Need to defer.
2800 */
2801 uint32_t cnt = RUN_CMDQ_GET(&sc->cmdq_store);
2802 RUN_DPRINTF(sc, RUN_DEBUG_STATE, "cmdq_store=%d\n", cnt);
2803 sc->cmdq[cnt].func = run_newassoc_cb;
2804 sc->cmdq[cnt].arg0 = NULL;
2805 sc->cmdq[cnt].arg1 = ni;
2806 sc->cmdq[cnt].wcid = wcid;
2807 ieee80211_runtask(ic, &sc->cmdq_task);
2808 }
2809
2810 RUN_DPRINTF(sc, RUN_DEBUG_STATE,
2811 "new assoc isnew=%d associd=%x addr=%s\n",
2812 isnew, ni->ni_associd, ether_sprintf(ni->ni_macaddr));
2813
2814 rate = vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)].mgmtrate;
2815 /* XXX TODO: methodize with MCS rates */
2816 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2817 if (rt2860_rates[ridx].rate == rate)
2818 break;
2819 rn->mgt_ridx = ridx;
2820 RUN_DPRINTF(sc, RUN_DEBUG_STATE | RUN_DEBUG_RATE,
2821 "rate=%d, mgmt_ridx=%d\n", rate, rn->mgt_ridx);
2822
2823 RUN_LOCK(sc);
2824 if(sc->ratectl_run != RUN_RATECTL_OFF)
2825 usb_callout_reset(&sc->ratectl_ch, hz, run_ratectl_to, sc);
2826 RUN_UNLOCK(sc);
2827 }
2828
2829 /*
2830 * Return the Rx chain with the highest RSSI for a given frame.
2831 */
2832 static __inline uint8_t
run_maxrssi_chain(struct run_softc * sc,const struct rt2860_rxwi * rxwi)2833 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi)
2834 {
2835 uint8_t rxchain = 0;
2836
2837 if (sc->nrxchains > 1) {
2838 if (rxwi->rssi[1] > rxwi->rssi[rxchain])
2839 rxchain = 1;
2840 if (sc->nrxchains > 2)
2841 if (rxwi->rssi[2] > rxwi->rssi[rxchain])
2842 rxchain = 2;
2843 }
2844 return (rxchain);
2845 }
2846
2847 static void
run_recv_mgmt(struct ieee80211_node * ni,struct mbuf * m,int subtype,const struct ieee80211_rx_stats * rxs,int rssi,int nf)2848 run_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype,
2849 const struct ieee80211_rx_stats *rxs, int rssi, int nf)
2850 {
2851 struct ieee80211vap *vap = ni->ni_vap;
2852 struct run_softc *sc = vap->iv_ic->ic_softc;
2853 struct run_vap *rvp = RUN_VAP(vap);
2854 uint64_t ni_tstamp, rx_tstamp;
2855
2856 rvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf);
2857
2858 if (vap->iv_state == IEEE80211_S_RUN &&
2859 (subtype == IEEE80211_FC0_SUBTYPE_BEACON ||
2860 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) {
2861 ni_tstamp = le64toh(ni->ni_tstamp.tsf);
2862 RUN_LOCK(sc);
2863 run_get_tsf(sc, &rx_tstamp);
2864 RUN_UNLOCK(sc);
2865 rx_tstamp = le64toh(rx_tstamp);
2866
2867 if (ni_tstamp >= rx_tstamp) {
2868 RUN_DPRINTF(sc, RUN_DEBUG_RECV | RUN_DEBUG_BEACON,
2869 "ibss merge, tsf %ju tstamp %ju\n",
2870 (uintmax_t)rx_tstamp, (uintmax_t)ni_tstamp);
2871 (void) ieee80211_ibss_merge(ni);
2872 }
2873 }
2874 }
2875
2876 static void
run_rx_frame(struct run_softc * sc,struct mbuf * m,uint32_t dmalen)2877 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen)
2878 {
2879 struct ieee80211com *ic = &sc->sc_ic;
2880 struct ieee80211_frame *wh;
2881 struct ieee80211_node *ni;
2882 struct rt2870_rxd *rxd;
2883 struct rt2860_rxwi *rxwi;
2884 uint32_t flags;
2885 uint16_t len, rxwisize;
2886 uint8_t ant, rssi;
2887 int8_t nf;
2888
2889 rxwisize = sizeof(struct rt2860_rxwi);
2890 if (sc->mac_ver == 0x5592)
2891 rxwisize += sizeof(uint64_t);
2892 else if (sc->mac_ver == 0x3593)
2893 rxwisize += sizeof(uint32_t);
2894
2895 if (__predict_false(dmalen <
2896 rxwisize + sizeof(struct ieee80211_frame_ack))) {
2897 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
2898 "payload is too short: dma length %u < %zu\n",
2899 dmalen, rxwisize + sizeof(struct ieee80211_frame_ack));
2900 goto fail;
2901 }
2902
2903 rxwi = mtod(m, struct rt2860_rxwi *);
2904 len = le16toh(rxwi->len) & 0xfff;
2905
2906 if (__predict_false(len > dmalen - rxwisize)) {
2907 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
2908 "bad RXWI length %u > %u\n", len, dmalen);
2909 goto fail;
2910 }
2911
2912 /* Rx descriptor is located at the end */
2913 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen);
2914 flags = le32toh(rxd->flags);
2915
2916 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) {
2917 RUN_DPRINTF(sc, RUN_DEBUG_RECV, "%s error.\n",
2918 (flags & RT2860_RX_CRCERR)?"CRC":"ICV");
2919 goto fail;
2920 }
2921
2922 if (flags & RT2860_RX_L2PAD) {
2923 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
2924 "received RT2860_RX_L2PAD frame\n");
2925 len += 2;
2926 }
2927
2928 m->m_data += rxwisize;
2929 m->m_pkthdr.len = m->m_len = len;
2930
2931 wh = mtod(m, struct ieee80211_frame *);
2932
2933 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) != 0 &&
2934 (flags & RT2860_RX_DEC) != 0) {
2935 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED;
2936 m->m_flags |= M_WEP;
2937 }
2938
2939 if (len >= sizeof(struct ieee80211_frame_min)) {
2940 ni = ieee80211_find_rxnode(ic,
2941 mtod(m, struct ieee80211_frame_min *));
2942 } else
2943 ni = NULL;
2944
2945 if(ni && ni->ni_flags & IEEE80211_NODE_HT) {
2946 m->m_flags |= M_AMPDU;
2947 }
2948
2949 if (__predict_false(flags & RT2860_RX_MICERR)) {
2950 /* report MIC failures to net80211 for TKIP */
2951 if (ni != NULL)
2952 ieee80211_notify_michael_failure(ni->ni_vap, wh,
2953 rxwi->keyidx);
2954 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
2955 "MIC error. Someone is lying.\n");
2956 goto fail;
2957 }
2958
2959 ant = run_maxrssi_chain(sc, rxwi);
2960 rssi = rxwi->rssi[ant];
2961 nf = run_rssi2dbm(sc, rssi, ant);
2962
2963 if (__predict_false(ieee80211_radiotap_active(ic))) {
2964 struct run_rx_radiotap_header *tap = &sc->sc_rxtap;
2965 uint16_t phy;
2966
2967 tap->wr_flags = 0;
2968 if (flags & RT2860_RX_L2PAD)
2969 tap->wr_flags |= IEEE80211_RADIOTAP_F_DATAPAD;
2970 tap->wr_antsignal = rssi;
2971 tap->wr_antenna = ant;
2972 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant);
2973 tap->wr_rate = 2; /* in case it can't be found below */
2974 RUN_LOCK(sc);
2975 run_get_tsf(sc, &tap->wr_tsf);
2976 RUN_UNLOCK(sc);
2977 phy = le16toh(rxwi->phy);
2978 switch (phy & RT2860_PHY_MODE) {
2979 case RT2860_PHY_CCK:
2980 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) {
2981 case 0: tap->wr_rate = 2; break;
2982 case 1: tap->wr_rate = 4; break;
2983 case 2: tap->wr_rate = 11; break;
2984 case 3: tap->wr_rate = 22; break;
2985 }
2986 if (phy & RT2860_PHY_SHPRE)
2987 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
2988 break;
2989 case RT2860_PHY_OFDM:
2990 switch (phy & RT2860_PHY_MCS) {
2991 case 0: tap->wr_rate = 12; break;
2992 case 1: tap->wr_rate = 18; break;
2993 case 2: tap->wr_rate = 24; break;
2994 case 3: tap->wr_rate = 36; break;
2995 case 4: tap->wr_rate = 48; break;
2996 case 5: tap->wr_rate = 72; break;
2997 case 6: tap->wr_rate = 96; break;
2998 case 7: tap->wr_rate = 108; break;
2999 }
3000 break;
3001 }
3002 }
3003
3004 if (ni != NULL) {
3005 (void)ieee80211_input(ni, m, rssi, nf);
3006 ieee80211_free_node(ni);
3007 } else {
3008 (void)ieee80211_input_all(ic, m, rssi, nf);
3009 }
3010
3011 return;
3012
3013 fail:
3014 m_freem(m);
3015 counter_u64_add(ic->ic_ierrors, 1);
3016 }
3017
3018 static void
run_bulk_rx_callback(struct usb_xfer * xfer,usb_error_t error)3019 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error)
3020 {
3021 struct run_softc *sc = usbd_xfer_softc(xfer);
3022 struct ieee80211com *ic = &sc->sc_ic;
3023 struct mbuf *m = NULL;
3024 struct mbuf *m0;
3025 uint32_t dmalen, mbuf_len;
3026 uint16_t rxwisize;
3027 int xferlen;
3028
3029 rxwisize = sizeof(struct rt2860_rxwi);
3030 if (sc->mac_ver == 0x5592)
3031 rxwisize += sizeof(uint64_t);
3032 else if (sc->mac_ver == 0x3593)
3033 rxwisize += sizeof(uint32_t);
3034
3035 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL);
3036
3037 switch (USB_GET_STATE(xfer)) {
3038 case USB_ST_TRANSFERRED:
3039
3040 RUN_DPRINTF(sc, RUN_DEBUG_RECV,
3041 "rx done, actlen=%d\n", xferlen);
3042
3043 if (xferlen < (int)(sizeof(uint32_t) + rxwisize +
3044 sizeof(struct rt2870_rxd))) {
3045 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3046 "xfer too short %d\n", xferlen);
3047 goto tr_setup;
3048 }
3049
3050 m = sc->rx_m;
3051 sc->rx_m = NULL;
3052
3053 /* FALLTHROUGH */
3054 case USB_ST_SETUP:
3055 tr_setup:
3056 if (sc->rx_m == NULL) {
3057 sc->rx_m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR,
3058 RUN_MAX_RXSZ);
3059 }
3060 if (sc->rx_m == NULL) {
3061 RUN_DPRINTF(sc, RUN_DEBUG_RECV |
3062 RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3063 "could not allocate mbuf - idle with stall\n");
3064 counter_u64_add(ic->ic_ierrors, 1);
3065 usbd_xfer_set_stall(xfer);
3066 usbd_xfer_set_frames(xfer, 0);
3067 } else {
3068 /*
3069 * Directly loading a mbuf cluster into DMA to
3070 * save some data copying. This works because
3071 * there is only one cluster.
3072 */
3073 usbd_xfer_set_frame_data(xfer, 0,
3074 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ);
3075 usbd_xfer_set_frames(xfer, 1);
3076 }
3077 usbd_transfer_submit(xfer);
3078 break;
3079
3080 default: /* Error */
3081 if (error != USB_ERR_CANCELLED) {
3082 /* try to clear stall first */
3083 usbd_xfer_set_stall(xfer);
3084 if (error == USB_ERR_TIMEOUT)
3085 device_printf(sc->sc_dev, "device timeout\n");
3086 counter_u64_add(ic->ic_ierrors, 1);
3087 goto tr_setup;
3088 }
3089 if (sc->rx_m != NULL) {
3090 m_freem(sc->rx_m);
3091 sc->rx_m = NULL;
3092 }
3093 break;
3094 }
3095
3096 if (m == NULL)
3097 return;
3098
3099 /* inputting all the frames must be last */
3100
3101 RUN_UNLOCK(sc);
3102
3103 m->m_pkthdr.len = m->m_len = xferlen;
3104
3105 /* HW can aggregate multiple 802.11 frames in a single USB xfer */
3106 for(;;) {
3107 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff;
3108
3109 if ((dmalen >= (uint32_t)-8) || (dmalen == 0) ||
3110 ((dmalen & 3) != 0)) {
3111 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3112 "bad DMA length %u\n", dmalen);
3113 break;
3114 }
3115 if ((dmalen + 8) > (uint32_t)xferlen) {
3116 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3117 "bad DMA length %u > %d\n",
3118 dmalen + 8, xferlen);
3119 break;
3120 }
3121
3122 /* If it is the last one or a single frame, we won't copy. */
3123 if ((xferlen -= dmalen + 8) <= 8) {
3124 /* trim 32-bit DMA-len header */
3125 m->m_data += 4;
3126 m->m_pkthdr.len = m->m_len -= 4;
3127 run_rx_frame(sc, m, dmalen);
3128 m = NULL; /* don't free source buffer */
3129 break;
3130 }
3131
3132 mbuf_len = dmalen + sizeof(struct rt2870_rxd);
3133 if (__predict_false(mbuf_len > MCLBYTES)) {
3134 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC | RUN_DEBUG_USB,
3135 "payload is too big: mbuf_len %u\n", mbuf_len);
3136 counter_u64_add(ic->ic_ierrors, 1);
3137 break;
3138 }
3139
3140 /* copy aggregated frames to another mbuf */
3141 m0 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
3142 if (__predict_false(m0 == NULL)) {
3143 RUN_DPRINTF(sc, RUN_DEBUG_RECV_DESC,
3144 "could not allocate mbuf\n");
3145 counter_u64_add(ic->ic_ierrors, 1);
3146 break;
3147 }
3148 m_copydata(m, 4 /* skip 32-bit DMA-len header */,
3149 mbuf_len, mtod(m0, caddr_t));
3150 m0->m_pkthdr.len = m0->m_len = mbuf_len;
3151 run_rx_frame(sc, m0, dmalen);
3152
3153 /* update data ptr */
3154 m->m_data += mbuf_len + 4;
3155 m->m_pkthdr.len = m->m_len -= mbuf_len + 4;
3156 }
3157
3158 /* make sure we free the source buffer, if any */
3159 m_freem(m);
3160
3161 #ifdef IEEE80211_SUPPORT_SUPERG
3162 ieee80211_ff_age_all(ic, 100);
3163 #endif
3164 RUN_LOCK(sc);
3165 }
3166
3167 static void
run_tx_free(struct run_endpoint_queue * pq,struct run_tx_data * data,int txerr)3168 run_tx_free(struct run_endpoint_queue *pq,
3169 struct run_tx_data *data, int txerr)
3170 {
3171
3172 ieee80211_tx_complete(data->ni, data->m, txerr);
3173
3174 data->m = NULL;
3175 data->ni = NULL;
3176
3177 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next);
3178 pq->tx_nfree++;
3179 }
3180
3181 static void
run_bulk_tx_callbackN(struct usb_xfer * xfer,usb_error_t error,u_int index)3182 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, u_int index)
3183 {
3184 struct run_softc *sc = usbd_xfer_softc(xfer);
3185 struct ieee80211com *ic = &sc->sc_ic;
3186 struct run_tx_data *data;
3187 struct ieee80211vap *vap = NULL;
3188 struct usb_page_cache *pc;
3189 struct run_endpoint_queue *pq = &sc->sc_epq[index];
3190 struct mbuf *m;
3191 usb_frlength_t size;
3192 int actlen;
3193 int sumlen;
3194
3195 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
3196
3197 switch (USB_GET_STATE(xfer)) {
3198 case USB_ST_TRANSFERRED:
3199 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_USB,
3200 "transfer complete: %d bytes @ index %d\n", actlen, index);
3201
3202 data = usbd_xfer_get_priv(xfer);
3203 run_tx_free(pq, data, 0);
3204 usbd_xfer_set_priv(xfer, NULL);
3205
3206 /* FALLTHROUGH */
3207 case USB_ST_SETUP:
3208 tr_setup:
3209 data = STAILQ_FIRST(&pq->tx_qh);
3210 if (data == NULL)
3211 break;
3212
3213 STAILQ_REMOVE_HEAD(&pq->tx_qh, next);
3214
3215 m = data->m;
3216 size = (sc->mac_ver == 0x5592) ?
3217 sizeof(data->desc) + sizeof(uint32_t) : sizeof(data->desc);
3218 if ((m->m_pkthdr.len +
3219 size + 3 + 8) > RUN_MAX_TXSZ) {
3220 RUN_DPRINTF(sc, RUN_DEBUG_XMIT_DESC | RUN_DEBUG_USB,
3221 "data overflow, %u bytes\n", m->m_pkthdr.len);
3222 run_tx_free(pq, data, 1);
3223 goto tr_setup;
3224 }
3225
3226 pc = usbd_xfer_get_frame(xfer, 0);
3227 usbd_copy_in(pc, 0, &data->desc, size);
3228 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len);
3229 size += m->m_pkthdr.len;
3230 /*
3231 * Align end on a 4-byte boundary, pad 8 bytes (CRC +
3232 * 4-byte padding), and be sure to zero those trailing
3233 * bytes:
3234 */
3235 usbd_frame_zero(pc, size, ((-size) & 3) + 8);
3236 size += ((-size) & 3) + 8;
3237
3238 vap = data->ni->ni_vap;
3239 if (ieee80211_radiotap_active_vap(vap)) {
3240 const struct ieee80211_frame *wh;
3241 struct run_tx_radiotap_header *tap = &sc->sc_txtap;
3242 struct rt2860_txwi *txwi =
3243 (struct rt2860_txwi *)(&data->desc + sizeof(struct rt2870_txd));
3244 int has_l2pad;
3245
3246 wh = mtod(m, struct ieee80211_frame *);
3247 has_l2pad = IEEE80211_HAS_ADDR4(wh) !=
3248 IEEE80211_QOS_HAS_SEQ(wh);
3249
3250 tap->wt_flags = 0;
3251 tap->wt_rate = rt2860_rates[data->ridx].rate;
3252 tap->wt_hwqueue = index;
3253 if (le16toh(txwi->phy) & RT2860_PHY_SHPRE)
3254 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
3255 if (has_l2pad)
3256 tap->wt_flags |= IEEE80211_RADIOTAP_F_DATAPAD;
3257
3258 ieee80211_radiotap_tx(vap, m);
3259 }
3260
3261 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_USB,
3262 "sending frame len=%u/%u @ index %d\n",
3263 m->m_pkthdr.len, size, index);
3264
3265 usbd_xfer_set_frame_len(xfer, 0, size);
3266 usbd_xfer_set_priv(xfer, data);
3267 usbd_transfer_submit(xfer);
3268 run_start(sc);
3269
3270 break;
3271
3272 default:
3273 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_USB,
3274 "USB transfer error, %s\n", usbd_errstr(error));
3275
3276 data = usbd_xfer_get_priv(xfer);
3277
3278 if (data != NULL) {
3279 if(data->ni != NULL)
3280 vap = data->ni->ni_vap;
3281 run_tx_free(pq, data, error);
3282 usbd_xfer_set_priv(xfer, NULL);
3283 }
3284
3285 if (vap == NULL)
3286 vap = TAILQ_FIRST(&ic->ic_vaps);
3287
3288 if (error != USB_ERR_CANCELLED) {
3289 if (error == USB_ERR_TIMEOUT) {
3290 device_printf(sc->sc_dev, "device timeout\n");
3291 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store);
3292 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_USB,
3293 "cmdq_store=%d\n", i);
3294 sc->cmdq[i].func = run_usb_timeout_cb;
3295 sc->cmdq[i].arg0 = vap;
3296 ieee80211_runtask(ic, &sc->cmdq_task);
3297 }
3298
3299 /*
3300 * Try to clear stall first, also if other
3301 * errors occur, hence clearing stall
3302 * introduces a 50 ms delay:
3303 */
3304 usbd_xfer_set_stall(xfer);
3305 goto tr_setup;
3306 }
3307 break;
3308 }
3309 #ifdef IEEE80211_SUPPORT_SUPERG
3310 /* XXX TODO: make this deferred rather than unlock/relock */
3311 /* XXX TODO: should only do the QoS AC this belongs to */
3312 if (pq->tx_nfree >= RUN_TX_RING_COUNT) {
3313 RUN_UNLOCK(sc);
3314 ieee80211_ff_flush_all(ic);
3315 RUN_LOCK(sc);
3316 }
3317 #endif
3318 }
3319
3320 static void
run_bulk_tx_callback0(struct usb_xfer * xfer,usb_error_t error)3321 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error)
3322 {
3323 run_bulk_tx_callbackN(xfer, error, 0);
3324 }
3325
3326 static void
run_bulk_tx_callback1(struct usb_xfer * xfer,usb_error_t error)3327 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error)
3328 {
3329 run_bulk_tx_callbackN(xfer, error, 1);
3330 }
3331
3332 static void
run_bulk_tx_callback2(struct usb_xfer * xfer,usb_error_t error)3333 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error)
3334 {
3335 run_bulk_tx_callbackN(xfer, error, 2);
3336 }
3337
3338 static void
run_bulk_tx_callback3(struct usb_xfer * xfer,usb_error_t error)3339 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error)
3340 {
3341 run_bulk_tx_callbackN(xfer, error, 3);
3342 }
3343
3344 static void
run_bulk_tx_callback4(struct usb_xfer * xfer,usb_error_t error)3345 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error)
3346 {
3347 run_bulk_tx_callbackN(xfer, error, 4);
3348 }
3349
3350 static void
run_bulk_tx_callback5(struct usb_xfer * xfer,usb_error_t error)3351 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error)
3352 {
3353 run_bulk_tx_callbackN(xfer, error, 5);
3354 }
3355
3356 static void
run_set_tx_desc(struct run_softc * sc,struct run_tx_data * data)3357 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data)
3358 {
3359 struct mbuf *m = data->m;
3360 struct ieee80211com *ic = &sc->sc_ic;
3361 struct ieee80211vap *vap = data->ni->ni_vap;
3362 struct ieee80211_frame *wh;
3363 struct rt2870_txd *txd;
3364 struct rt2860_txwi *txwi;
3365 uint16_t xferlen, txwisize;
3366 uint16_t mcs;
3367 uint8_t ridx = data->ridx;
3368 uint8_t pad;
3369
3370 /* get MCS code from rate index */
3371 mcs = rt2860_rates[ridx].mcs;
3372
3373 txwisize = (sc->mac_ver == 0x5592) ?
3374 sizeof(*txwi) + sizeof(uint32_t) : sizeof(*txwi);
3375 xferlen = txwisize + m->m_pkthdr.len;
3376
3377 /* roundup to 32-bit alignment */
3378 xferlen = (xferlen + 3) & ~3;
3379
3380 txd = (struct rt2870_txd *)&data->desc;
3381 txd->len = htole16(xferlen);
3382
3383 wh = mtod(m, struct ieee80211_frame *);
3384
3385 /*
3386 * Ether both are true or both are false, the header
3387 * are nicely aligned to 32-bit. So, no L2 padding.
3388 */
3389 if(IEEE80211_HAS_ADDR4(wh) == IEEE80211_QOS_HAS_SEQ(wh))
3390 pad = 0;
3391 else
3392 pad = 2;
3393
3394 /* setup TX Wireless Information */
3395 txwi = (struct rt2860_txwi *)(txd + 1);
3396 txwi->len = htole16(m->m_pkthdr.len - pad);
3397 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) {
3398 mcs |= RT2860_PHY_CCK;
3399 if (ridx != RT2860_RIDX_CCK1 &&
3400 (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
3401 mcs |= RT2860_PHY_SHPRE;
3402 } else if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM) {
3403 mcs |= RT2860_PHY_OFDM;
3404 } else if (rt2860_rates[ridx].phy == IEEE80211_T_HT) {
3405 /* XXX TODO: [adrian] set short preamble for MCS? */
3406 mcs |= RT2860_PHY_HT_MIX; /* Mixed, not greenfield */
3407 }
3408 txwi->phy = htole16(mcs);
3409
3410 /* check if RTS/CTS or CTS-to-self protection is required */
3411 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
3412 ((m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold) ||
3413 ((ic->ic_flags & IEEE80211_F_USEPROT) &&
3414 rt2860_rates[ridx].phy == IEEE80211_T_OFDM) ||
3415 ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) &&
3416 rt2860_rates[ridx].phy == IEEE80211_T_HT)))
3417 txwi->txop |= RT2860_TX_TXOP_HT;
3418 else
3419 txwi->txop |= RT2860_TX_TXOP_BACKOFF;
3420
3421 if (vap->iv_opmode != IEEE80211_M_STA && !IEEE80211_QOS_HAS_SEQ(wh))
3422 txwi->xflags |= RT2860_TX_NSEQ;
3423 }
3424
3425 /* This function must be called locked */
3426 static int
run_tx(struct run_softc * sc,struct mbuf * m,struct ieee80211_node * ni)3427 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni)
3428 {
3429 struct ieee80211com *ic = &sc->sc_ic;
3430 struct ieee80211vap *vap = ni->ni_vap;
3431 struct ieee80211_frame *wh;
3432 const struct ieee80211_txparam *tp = ni->ni_txparms;
3433 struct run_node *rn = RUN_NODE(ni);
3434 struct run_tx_data *data;
3435 struct rt2870_txd *txd;
3436 struct rt2860_txwi *txwi;
3437 uint16_t qos;
3438 uint16_t dur;
3439 uint16_t qid;
3440 uint8_t type;
3441 uint8_t tid;
3442 uint8_t ridx;
3443 uint8_t ctl_ridx;
3444 uint8_t qflags;
3445 uint8_t xflags = 0;
3446 int hasqos;
3447
3448 RUN_LOCK_ASSERT(sc, MA_OWNED);
3449
3450 wh = mtod(m, struct ieee80211_frame *);
3451
3452 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
3453
3454 /*
3455 * There are 7 bulk endpoints: 1 for RX
3456 * and 6 for TX (4 EDCAs + HCCA + Prio).
3457 * Update 03-14-2009: some devices like the Planex GW-US300MiniS
3458 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki).
3459 */
3460 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) {
3461 uint8_t *frm;
3462
3463 frm = ieee80211_getqos(wh);
3464 qos = le16toh(*(const uint16_t *)frm);
3465 tid = qos & IEEE80211_QOS_TID;
3466 qid = TID_TO_WME_AC(tid);
3467 } else {
3468 qos = 0;
3469 tid = 0;
3470 qid = WME_AC_BE;
3471 }
3472 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA;
3473
3474 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "qos %d\tqid %d\ttid %d\tqflags %x\n",
3475 qos, qid, tid, qflags);
3476
3477 /* pickup a rate index */
3478 if (IEEE80211_IS_MULTICAST(wh->i_addr1) ||
3479 type != IEEE80211_FC0_TYPE_DATA || m->m_flags & M_EAPOL) {
3480 /* XXX TODO: methodize for 11n; use MCS0 for 11NA/11NG */
3481 ridx = (ic->ic_curmode == IEEE80211_MODE_11A || ic->ic_curmode == IEEE80211_MODE_11NA) ?
3482 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1;
3483 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
3484 } else {
3485 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE)
3486 ridx = rn->fix_ridx;
3487 else
3488 ridx = rn->amrr_ridx;
3489 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
3490 }
3491
3492 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
3493 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) !=
3494 IEEE80211_QOS_ACKPOLICY_NOACK)) {
3495 xflags |= RT2860_TX_ACK;
3496 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
3497 dur = rt2860_rates[ctl_ridx].sp_ack_dur;
3498 else
3499 dur = rt2860_rates[ctl_ridx].lp_ack_dur;
3500 USETW(wh->i_dur, dur);
3501 }
3502
3503 /* reserve slots for mgmt packets, just in case */
3504 if (sc->sc_epq[qid].tx_nfree < 3) {
3505 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "tx ring %d is full\n", qid);
3506 return (-1);
3507 }
3508
3509 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh);
3510 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next);
3511 sc->sc_epq[qid].tx_nfree--;
3512
3513 txd = (struct rt2870_txd *)&data->desc;
3514 txd->flags = qflags;
3515 txwi = (struct rt2860_txwi *)(txd + 1);
3516 txwi->xflags = xflags;
3517 if (IEEE80211_IS_MULTICAST(wh->i_addr1))
3518 txwi->wcid = 0;
3519 else
3520 txwi->wcid = (vap->iv_opmode == IEEE80211_M_STA) ?
3521 1 : RUN_AID2WCID(ni->ni_associd);
3522
3523 /* clear leftover garbage bits */
3524 txwi->flags = 0;
3525 txwi->txop = 0;
3526
3527 data->m = m;
3528 data->ni = ni;
3529 data->ridx = ridx;
3530
3531 /* Assign sequence number now, regardless of A-MPDU TX or otherwise (for now) */
3532 ieee80211_output_seqno_assign(ni, -1, m);
3533
3534 run_set_tx_desc(sc, data);
3535
3536 /*
3537 * The chip keeps track of 2 kind of Tx stats,
3538 * * TX_STAT_FIFO, for per WCID stats, and
3539 * * TX_STA_CNT0 for all-TX-in-one stats.
3540 *
3541 * To use FIFO stats, we need to store MCS into the driver-private
3542 * PacketID field. So that, we can tell whose stats when we read them.
3543 * We add 1 to the MCS because setting the PacketID field to 0 means
3544 * that we don't want feedback in TX_STAT_FIFO.
3545 * And, that's what we want for STA mode, since TX_STA_CNT0 does the job.
3546 *
3547 * FIFO stats doesn't count Tx with WCID 0xff, so we do this in run_tx().
3548 */
3549 if (sc->rvp_cnt > 1 || vap->iv_opmode == IEEE80211_M_HOSTAP ||
3550 vap->iv_opmode == IEEE80211_M_MBSS) {
3551 uint16_t pid = (rt2860_rates[ridx].mcs + 1) & 0xf;
3552 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT);
3553
3554 /*
3555 * Unlike PCI based devices, we don't get any interrupt from
3556 * USB devices, so we simulate FIFO-is-full interrupt here.
3557 * Ralink recommends to drain FIFO stats every 100 ms, but 16 slots
3558 * quickly get fulled. To prevent overflow, increment a counter on
3559 * every FIFO stat request, so we know how many slots are left.
3560 * We do this only in HOSTAP or multiple vap mode since FIFO stats
3561 * are used only in those modes.
3562 * We just drain stats. AMRR gets updated every 1 sec by
3563 * run_ratectl_cb() via callout.
3564 * Call it early. Otherwise overflow.
3565 */
3566 if (sc->fifo_cnt++ == 10) {
3567 /*
3568 * With multiple vaps or if_bridge, if_start() is called
3569 * with a non-sleepable lock, tcpinp. So, need to defer.
3570 */
3571 uint32_t i = RUN_CMDQ_GET(&sc->cmdq_store);
3572 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "cmdq_store=%d\n", i);
3573 sc->cmdq[i].func = run_drain_fifo;
3574 sc->cmdq[i].arg0 = sc;
3575 ieee80211_runtask(ic, &sc->cmdq_task);
3576 }
3577 }
3578
3579 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next);
3580
3581 usbd_transfer_start(sc->sc_xfer[qid]);
3582
3583 RUN_DPRINTF(sc, RUN_DEBUG_XMIT,
3584 "sending data frame len=%d rate=%d qid=%d\n",
3585 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) +
3586 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate, qid);
3587
3588 return (0);
3589 }
3590
3591 static int
run_tx_mgt(struct run_softc * sc,struct mbuf * m,struct ieee80211_node * ni)3592 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni)
3593 {
3594 struct ieee80211com *ic = &sc->sc_ic;
3595 struct run_node *rn = RUN_NODE(ni);
3596 struct run_tx_data *data;
3597 struct ieee80211_frame *wh;
3598 struct rt2870_txd *txd;
3599 struct rt2860_txwi *txwi;
3600 uint16_t dur;
3601 uint8_t ridx = rn->mgt_ridx;
3602 uint8_t xflags = 0;
3603 uint8_t wflags = 0;
3604
3605 RUN_LOCK_ASSERT(sc, MA_OWNED);
3606
3607 wh = mtod(m, struct ieee80211_frame *);
3608
3609 /* tell hardware to add timestamp for probe responses */
3610 if (IEEE80211_IS_MGMT_PROBE_RESP(wh))
3611 wflags |= RT2860_TX_TS;
3612 else if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
3613 xflags |= RT2860_TX_ACK;
3614
3615 dur = ieee80211_ack_duration(ic->ic_rt, rt2860_rates[ridx].rate,
3616 ic->ic_flags & IEEE80211_F_SHPREAMBLE);
3617 USETW(wh->i_dur, dur);
3618 }
3619
3620 if (sc->sc_epq[0].tx_nfree == 0)
3621 /* let caller free mbuf */
3622 return (EIO);
3623 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
3624 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
3625 sc->sc_epq[0].tx_nfree--;
3626
3627 txd = (struct rt2870_txd *)&data->desc;
3628 txd->flags = RT2860_TX_QSEL_EDCA;
3629 txwi = (struct rt2860_txwi *)(txd + 1);
3630 txwi->wcid = 0xff;
3631 txwi->flags = wflags;
3632 txwi->xflags = xflags;
3633 txwi->txop = 0; /* clear leftover garbage bits */
3634
3635 data->m = m;
3636 data->ni = ni;
3637 data->ridx = ridx;
3638
3639 /* Assign sequence number now, regardless of A-MPDU TX or otherwise (for now) */
3640 ieee80211_output_seqno_assign(ni, -1, m);
3641
3642 run_set_tx_desc(sc, data);
3643
3644 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "sending mgt frame len=%d rate=%d\n",
3645 m->m_pkthdr.len + (int)(sizeof(struct rt2870_txd) +
3646 sizeof(struct rt2860_txwi)), rt2860_rates[ridx].rate);
3647
3648 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
3649
3650 usbd_transfer_start(sc->sc_xfer[0]);
3651
3652 return (0);
3653 }
3654
3655 static int
run_sendprot(struct run_softc * sc,const struct mbuf * m,struct ieee80211_node * ni,int prot,int rate)3656 run_sendprot(struct run_softc *sc,
3657 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate)
3658 {
3659 struct ieee80211com *ic = ni->ni_ic;
3660 struct run_tx_data *data;
3661 struct rt2870_txd *txd;
3662 struct rt2860_txwi *txwi;
3663 struct mbuf *mprot;
3664 int ridx;
3665 int protrate;
3666 uint8_t wflags = 0;
3667 uint8_t xflags = 0;
3668
3669 RUN_LOCK_ASSERT(sc, MA_OWNED);
3670
3671 /* check that there are free slots before allocating the mbuf */
3672 if (sc->sc_epq[0].tx_nfree == 0)
3673 /* let caller free mbuf */
3674 return (ENOBUFS);
3675
3676 mprot = ieee80211_alloc_prot(ni, m, rate, prot);
3677 if (mprot == NULL) {
3678 if_inc_counter(ni->ni_vap->iv_ifp, IFCOUNTER_OERRORS, 1);
3679 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "could not allocate mbuf\n");
3680 return (ENOBUFS);
3681 }
3682
3683 protrate = ieee80211_ctl_rate(ic->ic_rt, rate);
3684 wflags = RT2860_TX_FRAG;
3685 xflags = 0;
3686 if (prot == IEEE80211_PROT_RTSCTS)
3687 xflags |= RT2860_TX_ACK;
3688
3689 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
3690 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
3691 sc->sc_epq[0].tx_nfree--;
3692
3693 txd = (struct rt2870_txd *)&data->desc;
3694 txd->flags = RT2860_TX_QSEL_EDCA;
3695 txwi = (struct rt2860_txwi *)(txd + 1);
3696 txwi->wcid = 0xff;
3697 txwi->flags = wflags;
3698 txwi->xflags = xflags;
3699 txwi->txop = 0; /* clear leftover garbage bits */
3700
3701 data->m = mprot;
3702 data->ni = ieee80211_ref_node(ni);
3703
3704 /* XXX TODO: methodize with MCS rates */
3705 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
3706 if (rt2860_rates[ridx].rate == protrate)
3707 break;
3708 data->ridx = ridx;
3709
3710 run_set_tx_desc(sc, data);
3711
3712 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "sending prot len=%u rate=%u\n",
3713 m->m_pkthdr.len, rate);
3714
3715 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
3716
3717 usbd_transfer_start(sc->sc_xfer[0]);
3718
3719 return (0);
3720 }
3721
3722 static int
run_tx_param(struct run_softc * sc,struct mbuf * m,struct ieee80211_node * ni,const struct ieee80211_bpf_params * params)3723 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni,
3724 const struct ieee80211_bpf_params *params)
3725 {
3726 struct ieee80211com *ic = ni->ni_ic;
3727 struct run_tx_data *data;
3728 struct rt2870_txd *txd;
3729 struct rt2860_txwi *txwi;
3730 uint8_t ridx;
3731 uint8_t rate;
3732 uint8_t opflags = 0;
3733 uint8_t xflags = 0;
3734 int error;
3735
3736 RUN_LOCK_ASSERT(sc, MA_OWNED);
3737
3738 KASSERT(params != NULL, ("no raw xmit params"));
3739
3740 rate = params->ibp_rate0;
3741 if (!ieee80211_isratevalid(ic->ic_rt, rate)) {
3742 /* let caller free mbuf */
3743 return (EINVAL);
3744 }
3745
3746 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0)
3747 xflags |= RT2860_TX_ACK;
3748 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) {
3749 error = run_sendprot(sc, m, ni,
3750 params->ibp_flags & IEEE80211_BPF_RTS ?
3751 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY,
3752 rate);
3753 if (error) {
3754 /* let caller free mbuf */
3755 return error;
3756 }
3757 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS;
3758 }
3759
3760 if (sc->sc_epq[0].tx_nfree == 0) {
3761 /* let caller free mbuf */
3762 RUN_DPRINTF(sc, RUN_DEBUG_XMIT,
3763 "sending raw frame, but tx ring is full\n");
3764 return (EIO);
3765 }
3766 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
3767 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
3768 sc->sc_epq[0].tx_nfree--;
3769
3770 txd = (struct rt2870_txd *)&data->desc;
3771 txd->flags = RT2860_TX_QSEL_EDCA;
3772 txwi = (struct rt2860_txwi *)(txd + 1);
3773 txwi->wcid = 0xff;
3774 txwi->xflags = xflags;
3775 txwi->txop = opflags;
3776 txwi->flags = 0; /* clear leftover garbage bits */
3777
3778 data->m = m;
3779 data->ni = ni;
3780 /* XXX TODO: methodize with MCS rates */
3781 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
3782 if (rt2860_rates[ridx].rate == rate)
3783 break;
3784 data->ridx = ridx;
3785
3786 /* Assign sequence number now, regardless of A-MPDU TX or otherwise (for now) */
3787 ieee80211_output_seqno_assign(ni, -1, m);
3788
3789 run_set_tx_desc(sc, data);
3790
3791 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "sending raw frame len=%u rate=%u\n",
3792 m->m_pkthdr.len, rate);
3793
3794 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
3795
3796 usbd_transfer_start(sc->sc_xfer[0]);
3797
3798 return (0);
3799 }
3800
3801 static int
run_raw_xmit(struct ieee80211_node * ni,struct mbuf * m,const struct ieee80211_bpf_params * params)3802 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
3803 const struct ieee80211_bpf_params *params)
3804 {
3805 struct run_softc *sc = ni->ni_ic->ic_softc;
3806 int error = 0;
3807
3808 RUN_LOCK(sc);
3809
3810 /* prevent management frames from being sent if we're not ready */
3811 if (!(sc->sc_flags & RUN_RUNNING)) {
3812 error = ENETDOWN;
3813 goto done;
3814 }
3815
3816 if (params == NULL) {
3817 /* tx mgt packet */
3818 if ((error = run_tx_mgt(sc, m, ni)) != 0) {
3819 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "mgt tx failed\n");
3820 goto done;
3821 }
3822 } else {
3823 /* tx raw packet with param */
3824 if ((error = run_tx_param(sc, m, ni, params)) != 0) {
3825 RUN_DPRINTF(sc, RUN_DEBUG_XMIT, "tx with param failed\n");
3826 goto done;
3827 }
3828 }
3829
3830 done:
3831 RUN_UNLOCK(sc);
3832
3833 if (error != 0) {
3834 if(m != NULL)
3835 m_freem(m);
3836 }
3837
3838 return (error);
3839 }
3840
3841 static int
run_transmit(struct ieee80211com * ic,struct mbuf * m)3842 run_transmit(struct ieee80211com *ic, struct mbuf *m)
3843 {
3844 struct run_softc *sc = ic->ic_softc;
3845 int error;
3846
3847 RUN_LOCK(sc);
3848 if ((sc->sc_flags & RUN_RUNNING) == 0) {
3849 RUN_UNLOCK(sc);
3850 return (ENXIO);
3851 }
3852 error = mbufq_enqueue(&sc->sc_snd, m);
3853 if (error) {
3854 RUN_UNLOCK(sc);
3855 return (error);
3856 }
3857 run_start(sc);
3858 RUN_UNLOCK(sc);
3859
3860 return (0);
3861 }
3862
3863 static void
run_start(struct run_softc * sc)3864 run_start(struct run_softc *sc)
3865 {
3866 struct ieee80211_node *ni;
3867 struct mbuf *m;
3868
3869 RUN_LOCK_ASSERT(sc, MA_OWNED);
3870
3871 if ((sc->sc_flags & RUN_RUNNING) == 0)
3872 return;
3873
3874 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
3875 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
3876 if (run_tx(sc, m, ni) != 0) {
3877 mbufq_prepend(&sc->sc_snd, m);
3878 break;
3879 }
3880 }
3881 }
3882
3883 static void
run_parent(struct ieee80211com * ic)3884 run_parent(struct ieee80211com *ic)
3885 {
3886 struct run_softc *sc = ic->ic_softc;
3887 int startall = 0;
3888
3889 RUN_LOCK(sc);
3890 if (sc->sc_detached) {
3891 RUN_UNLOCK(sc);
3892 return;
3893 }
3894
3895 if (ic->ic_nrunning > 0) {
3896 if (!(sc->sc_flags & RUN_RUNNING)) {
3897 startall = 1;
3898 run_init_locked(sc);
3899 } else
3900 run_update_promisc_locked(sc);
3901 } else if ((sc->sc_flags & RUN_RUNNING) && sc->rvp_cnt <= 1)
3902 run_stop(sc);
3903 RUN_UNLOCK(sc);
3904 if (startall)
3905 ieee80211_start_all(ic);
3906 }
3907
3908 static void
run_iq_calib(struct run_softc * sc,u_int chan)3909 run_iq_calib(struct run_softc *sc, u_int chan)
3910 {
3911 uint16_t val;
3912
3913 /* Tx0 IQ gain. */
3914 run_bbp_write(sc, 158, 0x2c);
3915 if (chan <= 14)
3916 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX0_2GHZ, &val, 1);
3917 else if (chan <= 64) {
3918 run_efuse_read(sc,
3919 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH36_TO_CH64_5GHZ,
3920 &val, 1);
3921 } else if (chan <= 138) {
3922 run_efuse_read(sc,
3923 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH100_TO_CH138_5GHZ,
3924 &val, 1);
3925 } else if (chan <= 165) {
3926 run_efuse_read(sc,
3927 RT5390_EEPROM_IQ_GAIN_CAL_TX0_CH140_TO_CH165_5GHZ,
3928 &val, 1);
3929 } else
3930 val = 0;
3931 run_bbp_write(sc, 159, val);
3932
3933 /* Tx0 IQ phase. */
3934 run_bbp_write(sc, 158, 0x2d);
3935 if (chan <= 14) {
3936 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX0_2GHZ,
3937 &val, 1);
3938 } else if (chan <= 64) {
3939 run_efuse_read(sc,
3940 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH36_TO_CH64_5GHZ,
3941 &val, 1);
3942 } else if (chan <= 138) {
3943 run_efuse_read(sc,
3944 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH100_TO_CH138_5GHZ,
3945 &val, 1);
3946 } else if (chan <= 165) {
3947 run_efuse_read(sc,
3948 RT5390_EEPROM_IQ_PHASE_CAL_TX0_CH140_TO_CH165_5GHZ,
3949 &val, 1);
3950 } else
3951 val = 0;
3952 run_bbp_write(sc, 159, val);
3953
3954 /* Tx1 IQ gain. */
3955 run_bbp_write(sc, 158, 0x4a);
3956 if (chan <= 14) {
3957 run_efuse_read(sc, RT5390_EEPROM_IQ_GAIN_CAL_TX1_2GHZ,
3958 &val, 1);
3959 } else if (chan <= 64) {
3960 run_efuse_read(sc,
3961 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH36_TO_CH64_5GHZ,
3962 &val, 1);
3963 } else if (chan <= 138) {
3964 run_efuse_read(sc,
3965 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH100_TO_CH138_5GHZ,
3966 &val, 1);
3967 } else if (chan <= 165) {
3968 run_efuse_read(sc,
3969 RT5390_EEPROM_IQ_GAIN_CAL_TX1_CH140_TO_CH165_5GHZ,
3970 &val, 1);
3971 } else
3972 val = 0;
3973 run_bbp_write(sc, 159, val);
3974
3975 /* Tx1 IQ phase. */
3976 run_bbp_write(sc, 158, 0x4b);
3977 if (chan <= 14) {
3978 run_efuse_read(sc, RT5390_EEPROM_IQ_PHASE_CAL_TX1_2GHZ,
3979 &val, 1);
3980 } else if (chan <= 64) {
3981 run_efuse_read(sc,
3982 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH36_TO_CH64_5GHZ,
3983 &val, 1);
3984 } else if (chan <= 138) {
3985 run_efuse_read(sc,
3986 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH100_TO_CH138_5GHZ,
3987 &val, 1);
3988 } else if (chan <= 165) {
3989 run_efuse_read(sc,
3990 RT5390_EEPROM_IQ_PHASE_CAL_TX1_CH140_TO_CH165_5GHZ,
3991 &val, 1);
3992 } else
3993 val = 0;
3994 run_bbp_write(sc, 159, val);
3995
3996 /* RF IQ compensation control. */
3997 run_bbp_write(sc, 158, 0x04);
3998 run_efuse_read(sc, RT5390_EEPROM_RF_IQ_COMPENSATION_CTL,
3999 &val, 1);
4000 run_bbp_write(sc, 159, val);
4001
4002 /* RF IQ imbalance compensation control. */
4003 run_bbp_write(sc, 158, 0x03);
4004 run_efuse_read(sc,
4005 RT5390_EEPROM_RF_IQ_IMBALANCE_COMPENSATION_CTL, &val, 1);
4006 run_bbp_write(sc, 159, val);
4007 }
4008
4009 static void
run_set_agc(struct run_softc * sc,uint8_t agc)4010 run_set_agc(struct run_softc *sc, uint8_t agc)
4011 {
4012 uint8_t bbp;
4013
4014 if (sc->mac_ver == 0x3572) {
4015 run_bbp_read(sc, 27, &bbp);
4016 bbp &= ~(0x3 << 5);
4017 run_bbp_write(sc, 27, bbp | 0 << 5); /* select Rx0 */
4018 run_bbp_write(sc, 66, agc);
4019 run_bbp_write(sc, 27, bbp | 1 << 5); /* select Rx1 */
4020 run_bbp_write(sc, 66, agc);
4021 } else
4022 run_bbp_write(sc, 66, agc);
4023 }
4024
4025 static void
run_select_chan_group(struct run_softc * sc,int group)4026 run_select_chan_group(struct run_softc *sc, int group)
4027 {
4028 uint32_t tmp;
4029 uint8_t agc;
4030
4031 run_bbp_write(sc, 62, 0x37 - sc->lna[group]);
4032 run_bbp_write(sc, 63, 0x37 - sc->lna[group]);
4033 run_bbp_write(sc, 64, 0x37 - sc->lna[group]);
4034 if (sc->mac_ver < 0x3572)
4035 run_bbp_write(sc, 86, 0x00);
4036
4037 if (sc->mac_ver == 0x3593) {
4038 run_bbp_write(sc, 77, 0x98);
4039 run_bbp_write(sc, 83, (group == 0) ? 0x8a : 0x9a);
4040 }
4041
4042 if (group == 0) {
4043 if (sc->ext_2ghz_lna) {
4044 if (sc->mac_ver >= 0x5390)
4045 run_bbp_write(sc, 75, 0x52);
4046 else {
4047 run_bbp_write(sc, 82, 0x62);
4048 run_bbp_write(sc, 75, 0x46);
4049 }
4050 } else {
4051 if (sc->mac_ver == 0x5592) {
4052 run_bbp_write(sc, 79, 0x1c);
4053 run_bbp_write(sc, 80, 0x0e);
4054 run_bbp_write(sc, 81, 0x3a);
4055 run_bbp_write(sc, 82, 0x62);
4056
4057 run_bbp_write(sc, 195, 0x80);
4058 run_bbp_write(sc, 196, 0xe0);
4059 run_bbp_write(sc, 195, 0x81);
4060 run_bbp_write(sc, 196, 0x1f);
4061 run_bbp_write(sc, 195, 0x82);
4062 run_bbp_write(sc, 196, 0x38);
4063 run_bbp_write(sc, 195, 0x83);
4064 run_bbp_write(sc, 196, 0x32);
4065 run_bbp_write(sc, 195, 0x85);
4066 run_bbp_write(sc, 196, 0x28);
4067 run_bbp_write(sc, 195, 0x86);
4068 run_bbp_write(sc, 196, 0x19);
4069 } else if (sc->mac_ver >= 0x5390)
4070 run_bbp_write(sc, 75, 0x50);
4071 else {
4072 run_bbp_write(sc, 82,
4073 (sc->mac_ver == 0x3593) ? 0x62 : 0x84);
4074 run_bbp_write(sc, 75, 0x50);
4075 }
4076 }
4077 } else {
4078 if (sc->mac_ver == 0x5592) {
4079 run_bbp_write(sc, 79, 0x18);
4080 run_bbp_write(sc, 80, 0x08);
4081 run_bbp_write(sc, 81, 0x38);
4082 run_bbp_write(sc, 82, 0x92);
4083
4084 run_bbp_write(sc, 195, 0x80);
4085 run_bbp_write(sc, 196, 0xf0);
4086 run_bbp_write(sc, 195, 0x81);
4087 run_bbp_write(sc, 196, 0x1e);
4088 run_bbp_write(sc, 195, 0x82);
4089 run_bbp_write(sc, 196, 0x28);
4090 run_bbp_write(sc, 195, 0x83);
4091 run_bbp_write(sc, 196, 0x20);
4092 run_bbp_write(sc, 195, 0x85);
4093 run_bbp_write(sc, 196, 0x7f);
4094 run_bbp_write(sc, 195, 0x86);
4095 run_bbp_write(sc, 196, 0x7f);
4096 } else if (sc->mac_ver == 0x3572)
4097 run_bbp_write(sc, 82, 0x94);
4098 else
4099 run_bbp_write(sc, 82,
4100 (sc->mac_ver == 0x3593) ? 0x82 : 0xf2);
4101 if (sc->ext_5ghz_lna)
4102 run_bbp_write(sc, 75, 0x46);
4103 else
4104 run_bbp_write(sc, 75, 0x50);
4105 }
4106
4107 run_read(sc, RT2860_TX_BAND_CFG, &tmp);
4108 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P);
4109 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P;
4110 run_write(sc, RT2860_TX_BAND_CFG, tmp);
4111
4112 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */
4113 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN;
4114 if (sc->mac_ver == 0x3593)
4115 tmp |= 1 << 29 | 1 << 28;
4116 if (sc->nrxchains > 1)
4117 tmp |= RT2860_LNA_PE1_EN;
4118 if (group == 0) { /* 2GHz */
4119 tmp |= RT2860_PA_PE_G0_EN;
4120 if (sc->ntxchains > 1)
4121 tmp |= RT2860_PA_PE_G1_EN;
4122 if (sc->mac_ver == 0x3593) {
4123 if (sc->ntxchains > 2)
4124 tmp |= 1 << 25;
4125 }
4126 } else { /* 5GHz */
4127 tmp |= RT2860_PA_PE_A0_EN;
4128 if (sc->ntxchains > 1)
4129 tmp |= RT2860_PA_PE_A1_EN;
4130 }
4131 if (sc->mac_ver == 0x3572) {
4132 run_rt3070_rf_write(sc, 8, 0x00);
4133 run_write(sc, RT2860_TX_PIN_CFG, tmp);
4134 run_rt3070_rf_write(sc, 8, 0x80);
4135 } else
4136 run_write(sc, RT2860_TX_PIN_CFG, tmp);
4137
4138 if (sc->mac_ver == 0x5592) {
4139 run_bbp_write(sc, 195, 0x8d);
4140 run_bbp_write(sc, 196, 0x1a);
4141 }
4142
4143 if (sc->mac_ver == 0x3593) {
4144 run_read(sc, RT2860_GPIO_CTRL, &tmp);
4145 tmp &= ~0x01010000;
4146 if (group == 0)
4147 tmp |= 0x00010000;
4148 tmp = (tmp & ~0x00009090) | 0x00000090;
4149 run_write(sc, RT2860_GPIO_CTRL, tmp);
4150 }
4151
4152 /* set initial AGC value */
4153 if (group == 0) { /* 2GHz band */
4154 if (sc->mac_ver >= 0x3070)
4155 agc = 0x1c + sc->lna[0] * 2;
4156 else
4157 agc = 0x2e + sc->lna[0];
4158 } else { /* 5GHz band */
4159 if (sc->mac_ver == 0x5592)
4160 agc = 0x24 + sc->lna[group] * 2;
4161 else if (sc->mac_ver == 0x3572 || sc->mac_ver == 0x3593)
4162 agc = 0x22 + (sc->lna[group] * 5) / 3;
4163 else
4164 agc = 0x32 + (sc->lna[group] * 5) / 3;
4165 }
4166 run_set_agc(sc, agc);
4167 }
4168
4169 static void
run_rt2870_set_chan(struct run_softc * sc,u_int chan)4170 run_rt2870_set_chan(struct run_softc *sc, u_int chan)
4171 {
4172 const struct rfprog *rfprog = rt2860_rf2850;
4173 uint32_t r2, r3, r4;
4174 int8_t txpow1, txpow2;
4175 int i;
4176
4177 /* find the settings for this channel (we know it exists) */
4178 for (i = 0; rfprog[i].chan != chan; i++);
4179
4180 r2 = rfprog[i].r2;
4181 if (sc->ntxchains == 1)
4182 r2 |= 1 << 14; /* 1T: disable Tx chain 2 */
4183 if (sc->nrxchains == 1)
4184 r2 |= 1 << 17 | 1 << 6; /* 1R: disable Rx chains 2 & 3 */
4185 else if (sc->nrxchains == 2)
4186 r2 |= 1 << 6; /* 2R: disable Rx chain 3 */
4187
4188 /* use Tx power values from EEPROM */
4189 txpow1 = sc->txpow1[i];
4190 txpow2 = sc->txpow2[i];
4191
4192 /* Initialize RF R3 and R4. */
4193 r3 = rfprog[i].r3 & 0xffffc1ff;
4194 r4 = (rfprog[i].r4 & ~(0x001f87c0)) | (sc->freq << 15);
4195 if (chan > 14) {
4196 if (txpow1 >= 0) {
4197 txpow1 = (txpow1 > 0xf) ? (0xf) : (txpow1);
4198 r3 |= (txpow1 << 10) | (1 << 9);
4199 } else {
4200 txpow1 += 7;
4201
4202 /* txpow1 is not possible larger than 15. */
4203 r3 |= (txpow1 << 10);
4204 }
4205 if (txpow2 >= 0) {
4206 txpow2 = (txpow2 > 0xf) ? (0xf) : (txpow2);
4207 r4 |= (txpow2 << 7) | (1 << 6);
4208 } else {
4209 txpow2 += 7;
4210 r4 |= (txpow2 << 7);
4211 }
4212 } else {
4213 /* Set Tx0 power. */
4214 r3 |= (txpow1 << 9);
4215
4216 /* Set frequency offset and Tx1 power. */
4217 r4 |= (txpow2 << 6);
4218 }
4219
4220 run_rt2870_rf_write(sc, rfprog[i].r1);
4221 run_rt2870_rf_write(sc, r2);
4222 run_rt2870_rf_write(sc, r3 & ~(1 << 2));
4223 run_rt2870_rf_write(sc, r4);
4224
4225 run_delay(sc, 10);
4226
4227 run_rt2870_rf_write(sc, rfprog[i].r1);
4228 run_rt2870_rf_write(sc, r2);
4229 run_rt2870_rf_write(sc, r3 | (1 << 2));
4230 run_rt2870_rf_write(sc, r4);
4231
4232 run_delay(sc, 10);
4233
4234 run_rt2870_rf_write(sc, rfprog[i].r1);
4235 run_rt2870_rf_write(sc, r2);
4236 run_rt2870_rf_write(sc, r3 & ~(1 << 2));
4237 run_rt2870_rf_write(sc, r4);
4238 }
4239
4240 static void
run_rt3070_set_chan(struct run_softc * sc,u_int chan)4241 run_rt3070_set_chan(struct run_softc *sc, u_int chan)
4242 {
4243 int8_t txpow1, txpow2;
4244 uint8_t rf;
4245 int i;
4246
4247 /* find the settings for this channel (we know it exists) */
4248 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
4249
4250 /* use Tx power values from EEPROM */
4251 txpow1 = sc->txpow1[i];
4252 txpow2 = sc->txpow2[i];
4253
4254 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n);
4255
4256 /* RT3370/RT3390: RF R3 [7:4] is not reserved bits. */
4257 run_rt3070_rf_read(sc, 3, &rf);
4258 rf = (rf & ~0x0f) | rt3070_freqs[i].k;
4259 run_rt3070_rf_write(sc, 3, rf);
4260
4261 run_rt3070_rf_read(sc, 6, &rf);
4262 rf = (rf & ~0x03) | rt3070_freqs[i].r;
4263 run_rt3070_rf_write(sc, 6, rf);
4264
4265 /* set Tx0 power */
4266 run_rt3070_rf_read(sc, 12, &rf);
4267 rf = (rf & ~0x1f) | txpow1;
4268 run_rt3070_rf_write(sc, 12, rf);
4269
4270 /* set Tx1 power */
4271 run_rt3070_rf_read(sc, 13, &rf);
4272 rf = (rf & ~0x1f) | txpow2;
4273 run_rt3070_rf_write(sc, 13, rf);
4274
4275 run_rt3070_rf_read(sc, 1, &rf);
4276 rf &= ~0xfc;
4277 if (sc->ntxchains == 1)
4278 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */
4279 else if (sc->ntxchains == 2)
4280 rf |= 1 << 7; /* 2T: disable Tx chain 3 */
4281 if (sc->nrxchains == 1)
4282 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
4283 else if (sc->nrxchains == 2)
4284 rf |= 1 << 6; /* 2R: disable Rx chain 3 */
4285 run_rt3070_rf_write(sc, 1, rf);
4286
4287 /* set RF offset */
4288 run_rt3070_rf_read(sc, 23, &rf);
4289 rf = (rf & ~0x7f) | sc->freq;
4290 run_rt3070_rf_write(sc, 23, rf);
4291
4292 /* program RF filter */
4293 run_rt3070_rf_read(sc, 24, &rf); /* Tx */
4294 rf = (rf & ~0x3f) | sc->rf24_20mhz;
4295 run_rt3070_rf_write(sc, 24, rf);
4296 run_rt3070_rf_read(sc, 31, &rf); /* Rx */
4297 rf = (rf & ~0x3f) | sc->rf24_20mhz;
4298 run_rt3070_rf_write(sc, 31, rf);
4299
4300 /* enable RF tuning */
4301 run_rt3070_rf_read(sc, 7, &rf);
4302 run_rt3070_rf_write(sc, 7, rf | 0x01);
4303 }
4304
4305 static void
run_rt3572_set_chan(struct run_softc * sc,u_int chan)4306 run_rt3572_set_chan(struct run_softc *sc, u_int chan)
4307 {
4308 int8_t txpow1, txpow2;
4309 uint32_t tmp;
4310 uint8_t rf;
4311 int i;
4312
4313 /* find the settings for this channel (we know it exists) */
4314 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
4315
4316 /* use Tx power values from EEPROM */
4317 txpow1 = sc->txpow1[i];
4318 txpow2 = sc->txpow2[i];
4319
4320 if (chan <= 14) {
4321 run_bbp_write(sc, 25, sc->bbp25);
4322 run_bbp_write(sc, 26, sc->bbp26);
4323 } else {
4324 /* enable IQ phase correction */
4325 run_bbp_write(sc, 25, 0x09);
4326 run_bbp_write(sc, 26, 0xff);
4327 }
4328
4329 run_rt3070_rf_write(sc, 2, rt3070_freqs[i].n);
4330 run_rt3070_rf_write(sc, 3, rt3070_freqs[i].k);
4331 run_rt3070_rf_read(sc, 6, &rf);
4332 rf = (rf & ~0x0f) | rt3070_freqs[i].r;
4333 rf |= (chan <= 14) ? 0x08 : 0x04;
4334 run_rt3070_rf_write(sc, 6, rf);
4335
4336 /* set PLL mode */
4337 run_rt3070_rf_read(sc, 5, &rf);
4338 rf &= ~(0x08 | 0x04);
4339 rf |= (chan <= 14) ? 0x04 : 0x08;
4340 run_rt3070_rf_write(sc, 5, rf);
4341
4342 /* set Tx power for chain 0 */
4343 if (chan <= 14)
4344 rf = 0x60 | txpow1;
4345 else
4346 rf = 0xe0 | (txpow1 & 0xc) << 1 | (txpow1 & 0x3);
4347 run_rt3070_rf_write(sc, 12, rf);
4348
4349 /* set Tx power for chain 1 */
4350 if (chan <= 14)
4351 rf = 0x60 | txpow2;
4352 else
4353 rf = 0xe0 | (txpow2 & 0xc) << 1 | (txpow2 & 0x3);
4354 run_rt3070_rf_write(sc, 13, rf);
4355
4356 /* set Tx/Rx streams */
4357 run_rt3070_rf_read(sc, 1, &rf);
4358 rf &= ~0xfc;
4359 if (sc->ntxchains == 1)
4360 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */
4361 else if (sc->ntxchains == 2)
4362 rf |= 1 << 7; /* 2T: disable Tx chain 3 */
4363 if (sc->nrxchains == 1)
4364 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
4365 else if (sc->nrxchains == 2)
4366 rf |= 1 << 6; /* 2R: disable Rx chain 3 */
4367 run_rt3070_rf_write(sc, 1, rf);
4368
4369 /* set RF offset */
4370 run_rt3070_rf_read(sc, 23, &rf);
4371 rf = (rf & ~0x7f) | sc->freq;
4372 run_rt3070_rf_write(sc, 23, rf);
4373
4374 /* program RF filter */
4375 rf = sc->rf24_20mhz;
4376 run_rt3070_rf_write(sc, 24, rf); /* Tx */
4377 run_rt3070_rf_write(sc, 31, rf); /* Rx */
4378
4379 /* enable RF tuning */
4380 run_rt3070_rf_read(sc, 7, &rf);
4381 rf = (chan <= 14) ? 0xd8 : ((rf & ~0xc8) | 0x14);
4382 run_rt3070_rf_write(sc, 7, rf);
4383
4384 /* TSSI */
4385 rf = (chan <= 14) ? 0xc3 : 0xc0;
4386 run_rt3070_rf_write(sc, 9, rf);
4387
4388 /* set loop filter 1 */
4389 run_rt3070_rf_write(sc, 10, 0xf1);
4390 /* set loop filter 2 */
4391 run_rt3070_rf_write(sc, 11, (chan <= 14) ? 0xb9 : 0x00);
4392
4393 /* set tx_mx2_ic */
4394 run_rt3070_rf_write(sc, 15, (chan <= 14) ? 0x53 : 0x43);
4395 /* set tx_mx1_ic */
4396 if (chan <= 14)
4397 rf = 0x48 | sc->txmixgain_2ghz;
4398 else
4399 rf = 0x78 | sc->txmixgain_5ghz;
4400 run_rt3070_rf_write(sc, 16, rf);
4401
4402 /* set tx_lo1 */
4403 run_rt3070_rf_write(sc, 17, 0x23);
4404 /* set tx_lo2 */
4405 if (chan <= 14)
4406 rf = 0x93;
4407 else if (chan <= 64)
4408 rf = 0xb7;
4409 else if (chan <= 128)
4410 rf = 0x74;
4411 else
4412 rf = 0x72;
4413 run_rt3070_rf_write(sc, 19, rf);
4414
4415 /* set rx_lo1 */
4416 if (chan <= 14)
4417 rf = 0xb3;
4418 else if (chan <= 64)
4419 rf = 0xf6;
4420 else if (chan <= 128)
4421 rf = 0xf4;
4422 else
4423 rf = 0xf3;
4424 run_rt3070_rf_write(sc, 20, rf);
4425
4426 /* set pfd_delay */
4427 if (chan <= 14)
4428 rf = 0x15;
4429 else if (chan <= 64)
4430 rf = 0x3d;
4431 else
4432 rf = 0x01;
4433 run_rt3070_rf_write(sc, 25, rf);
4434
4435 /* set rx_lo2 */
4436 run_rt3070_rf_write(sc, 26, (chan <= 14) ? 0x85 : 0x87);
4437 /* set ldo_rf_vc */
4438 run_rt3070_rf_write(sc, 27, (chan <= 14) ? 0x00 : 0x01);
4439 /* set drv_cc */
4440 run_rt3070_rf_write(sc, 29, (chan <= 14) ? 0x9b : 0x9f);
4441
4442 run_read(sc, RT2860_GPIO_CTRL, &tmp);
4443 tmp &= ~0x8080;
4444 if (chan <= 14)
4445 tmp |= 0x80;
4446 run_write(sc, RT2860_GPIO_CTRL, tmp);
4447
4448 /* enable RF tuning */
4449 run_rt3070_rf_read(sc, 7, &rf);
4450 run_rt3070_rf_write(sc, 7, rf | 0x01);
4451
4452 run_delay(sc, 2);
4453 }
4454
4455 static void
run_rt3593_set_chan(struct run_softc * sc,u_int chan)4456 run_rt3593_set_chan(struct run_softc *sc, u_int chan)
4457 {
4458 int8_t txpow1, txpow2, txpow3;
4459 uint8_t h20mhz, rf;
4460 int i;
4461
4462 /* find the settings for this channel (we know it exists) */
4463 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
4464
4465 /* use Tx power values from EEPROM */
4466 txpow1 = sc->txpow1[i];
4467 txpow2 = sc->txpow2[i];
4468 txpow3 = (sc->ntxchains == 3) ? sc->txpow3[i] : 0;
4469
4470 if (chan <= 14) {
4471 run_bbp_write(sc, 25, sc->bbp25);
4472 run_bbp_write(sc, 26, sc->bbp26);
4473 } else {
4474 /* Enable IQ phase correction. */
4475 run_bbp_write(sc, 25, 0x09);
4476 run_bbp_write(sc, 26, 0xff);
4477 }
4478
4479 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n);
4480 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f);
4481 run_rt3070_rf_read(sc, 11, &rf);
4482 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03);
4483 run_rt3070_rf_write(sc, 11, rf);
4484
4485 /* Set pll_idoh. */
4486 run_rt3070_rf_read(sc, 11, &rf);
4487 rf &= ~0x4c;
4488 rf |= (chan <= 14) ? 0x44 : 0x48;
4489 run_rt3070_rf_write(sc, 11, rf);
4490
4491 if (chan <= 14)
4492 rf = txpow1 & 0x1f;
4493 else
4494 rf = 0x40 | ((txpow1 & 0x18) << 1) | (txpow1 & 0x07);
4495 run_rt3070_rf_write(sc, 53, rf);
4496
4497 if (chan <= 14)
4498 rf = txpow2 & 0x1f;
4499 else
4500 rf = 0x40 | ((txpow2 & 0x18) << 1) | (txpow2 & 0x07);
4501 run_rt3070_rf_write(sc, 55, rf);
4502
4503 if (chan <= 14)
4504 rf = txpow3 & 0x1f;
4505 else
4506 rf = 0x40 | ((txpow3 & 0x18) << 1) | (txpow3 & 0x07);
4507 run_rt3070_rf_write(sc, 54, rf);
4508
4509 rf = RT3070_RF_BLOCK | RT3070_PLL_PD;
4510 if (sc->ntxchains == 3)
4511 rf |= RT3070_TX0_PD | RT3070_TX1_PD | RT3070_TX2_PD;
4512 else
4513 rf |= RT3070_TX0_PD | RT3070_TX1_PD;
4514 rf |= RT3070_RX0_PD | RT3070_RX1_PD | RT3070_RX2_PD;
4515 run_rt3070_rf_write(sc, 1, rf);
4516
4517 run_adjust_freq_offset(sc);
4518
4519 run_rt3070_rf_write(sc, 31, (chan <= 14) ? 0xa0 : 0x80);
4520
4521 h20mhz = (sc->rf24_20mhz & 0x20) >> 5;
4522 run_rt3070_rf_read(sc, 30, &rf);
4523 rf = (rf & ~0x06) | (h20mhz << 1) | (h20mhz << 2);
4524 run_rt3070_rf_write(sc, 30, rf);
4525
4526 run_rt3070_rf_read(sc, 36, &rf);
4527 if (chan <= 14)
4528 rf |= 0x80;
4529 else
4530 rf &= ~0x80;
4531 run_rt3070_rf_write(sc, 36, rf);
4532
4533 /* Set vcolo_bs. */
4534 run_rt3070_rf_write(sc, 34, (chan <= 14) ? 0x3c : 0x20);
4535 /* Set pfd_delay. */
4536 run_rt3070_rf_write(sc, 12, (chan <= 14) ? 0x1a : 0x12);
4537
4538 /* Set vco bias current control. */
4539 run_rt3070_rf_read(sc, 6, &rf);
4540 rf &= ~0xc0;
4541 if (chan <= 14)
4542 rf |= 0x40;
4543 else if (chan <= 128)
4544 rf |= 0x80;
4545 else
4546 rf |= 0x40;
4547 run_rt3070_rf_write(sc, 6, rf);
4548
4549 run_rt3070_rf_read(sc, 30, &rf);
4550 rf = (rf & ~0x18) | 0x10;
4551 run_rt3070_rf_write(sc, 30, rf);
4552
4553 run_rt3070_rf_write(sc, 10, (chan <= 14) ? 0xd3 : 0xd8);
4554 run_rt3070_rf_write(sc, 13, (chan <= 14) ? 0x12 : 0x23);
4555
4556 run_rt3070_rf_read(sc, 51, &rf);
4557 rf = (rf & ~0x03) | 0x01;
4558 run_rt3070_rf_write(sc, 51, rf);
4559 /* Set tx_mx1_cc. */
4560 run_rt3070_rf_read(sc, 51, &rf);
4561 rf &= ~0x1c;
4562 rf |= (chan <= 14) ? 0x14 : 0x10;
4563 run_rt3070_rf_write(sc, 51, rf);
4564 /* Set tx_mx1_ic. */
4565 run_rt3070_rf_read(sc, 51, &rf);
4566 rf &= ~0xe0;
4567 rf |= (chan <= 14) ? 0x60 : 0x40;
4568 run_rt3070_rf_write(sc, 51, rf);
4569 /* Set tx_lo1_ic. */
4570 run_rt3070_rf_read(sc, 49, &rf);
4571 rf &= ~0x1c;
4572 rf |= (chan <= 14) ? 0x0c : 0x08;
4573 run_rt3070_rf_write(sc, 49, rf);
4574 /* Set tx_lo1_en. */
4575 run_rt3070_rf_read(sc, 50, &rf);
4576 run_rt3070_rf_write(sc, 50, rf & ~0x20);
4577 /* Set drv_cc. */
4578 run_rt3070_rf_read(sc, 57, &rf);
4579 rf &= ~0xfc;
4580 rf |= (chan <= 14) ? 0x6c : 0x3c;
4581 run_rt3070_rf_write(sc, 57, rf);
4582 /* Set rx_mix1_ic, rxa_lnactr, lna_vc, lna_inbias_en and lna_en. */
4583 run_rt3070_rf_write(sc, 44, (chan <= 14) ? 0x93 : 0x9b);
4584 /* Set drv_gnd_a, tx_vga_cc_a and tx_mx2_gain. */
4585 run_rt3070_rf_write(sc, 52, (chan <= 14) ? 0x45 : 0x05);
4586 /* Enable VCO calibration. */
4587 run_rt3070_rf_read(sc, 3, &rf);
4588 rf &= ~RT5390_VCOCAL;
4589 rf |= (chan <= 14) ? RT5390_VCOCAL : 0xbe;
4590 run_rt3070_rf_write(sc, 3, rf);
4591
4592 if (chan <= 14)
4593 rf = 0x23;
4594 else if (chan <= 64)
4595 rf = 0x36;
4596 else if (chan <= 128)
4597 rf = 0x32;
4598 else
4599 rf = 0x30;
4600 run_rt3070_rf_write(sc, 39, rf);
4601 if (chan <= 14)
4602 rf = 0xbb;
4603 else if (chan <= 64)
4604 rf = 0xeb;
4605 else if (chan <= 128)
4606 rf = 0xb3;
4607 else
4608 rf = 0x9b;
4609 run_rt3070_rf_write(sc, 45, rf);
4610
4611 /* Set FEQ/AEQ control. */
4612 run_bbp_write(sc, 105, 0x34);
4613 }
4614
4615 static void
run_rt5390_set_chan(struct run_softc * sc,u_int chan)4616 run_rt5390_set_chan(struct run_softc *sc, u_int chan)
4617 {
4618 int8_t txpow1, txpow2;
4619 uint8_t rf;
4620 int i;
4621
4622 /* find the settings for this channel (we know it exists) */
4623 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
4624
4625 /* use Tx power values from EEPROM */
4626 txpow1 = sc->txpow1[i];
4627 txpow2 = sc->txpow2[i];
4628
4629 run_rt3070_rf_write(sc, 8, rt3070_freqs[i].n);
4630 run_rt3070_rf_write(sc, 9, rt3070_freqs[i].k & 0x0f);
4631 run_rt3070_rf_read(sc, 11, &rf);
4632 rf = (rf & ~0x03) | (rt3070_freqs[i].r & 0x03);
4633 run_rt3070_rf_write(sc, 11, rf);
4634
4635 run_rt3070_rf_read(sc, 49, &rf);
4636 rf = (rf & ~0x3f) | (txpow1 & 0x3f);
4637 /* The valid range of the RF R49 is 0x00 to 0x27. */
4638 if ((rf & 0x3f) > 0x27)
4639 rf = (rf & ~0x3f) | 0x27;
4640 run_rt3070_rf_write(sc, 49, rf);
4641
4642 if (sc->mac_ver == 0x5392) {
4643 run_rt3070_rf_read(sc, 50, &rf);
4644 rf = (rf & ~0x3f) | (txpow2 & 0x3f);
4645 /* The valid range of the RF R50 is 0x00 to 0x27. */
4646 if ((rf & 0x3f) > 0x27)
4647 rf = (rf & ~0x3f) | 0x27;
4648 run_rt3070_rf_write(sc, 50, rf);
4649 }
4650
4651 run_rt3070_rf_read(sc, 1, &rf);
4652 rf |= RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD;
4653 if (sc->mac_ver == 0x5392)
4654 rf |= RT3070_RX1_PD | RT3070_TX1_PD;
4655 run_rt3070_rf_write(sc, 1, rf);
4656
4657 if (sc->mac_ver != 0x5392) {
4658 run_rt3070_rf_read(sc, 2, &rf);
4659 rf |= 0x80;
4660 run_rt3070_rf_write(sc, 2, rf);
4661 run_delay(sc, 10);
4662 rf &= 0x7f;
4663 run_rt3070_rf_write(sc, 2, rf);
4664 }
4665
4666 run_adjust_freq_offset(sc);
4667
4668 if (sc->mac_ver == 0x5392) {
4669 /* Fix for RT5392C. */
4670 if (sc->mac_rev >= 0x0223) {
4671 if (chan <= 4)
4672 rf = 0x0f;
4673 else if (chan >= 5 && chan <= 7)
4674 rf = 0x0e;
4675 else
4676 rf = 0x0d;
4677 run_rt3070_rf_write(sc, 23, rf);
4678
4679 if (chan <= 4)
4680 rf = 0x0c;
4681 else if (chan == 5)
4682 rf = 0x0b;
4683 else if (chan >= 6 && chan <= 7)
4684 rf = 0x0a;
4685 else if (chan >= 8 && chan <= 10)
4686 rf = 0x09;
4687 else
4688 rf = 0x08;
4689 run_rt3070_rf_write(sc, 59, rf);
4690 } else {
4691 if (chan <= 11)
4692 rf = 0x0f;
4693 else
4694 rf = 0x0b;
4695 run_rt3070_rf_write(sc, 59, rf);
4696 }
4697 } else {
4698 /* Fix for RT5390F. */
4699 if (sc->mac_rev >= 0x0502) {
4700 if (chan <= 11)
4701 rf = 0x43;
4702 else
4703 rf = 0x23;
4704 run_rt3070_rf_write(sc, 55, rf);
4705
4706 if (chan <= 11)
4707 rf = 0x0f;
4708 else if (chan == 12)
4709 rf = 0x0d;
4710 else
4711 rf = 0x0b;
4712 run_rt3070_rf_write(sc, 59, rf);
4713 } else {
4714 run_rt3070_rf_write(sc, 55, 0x44);
4715 run_rt3070_rf_write(sc, 59, 0x8f);
4716 }
4717 }
4718
4719 /* Enable VCO calibration. */
4720 run_rt3070_rf_read(sc, 3, &rf);
4721 rf |= RT5390_VCOCAL;
4722 run_rt3070_rf_write(sc, 3, rf);
4723 }
4724
4725 static void
run_rt5592_set_chan(struct run_softc * sc,u_int chan)4726 run_rt5592_set_chan(struct run_softc *sc, u_int chan)
4727 {
4728 const struct rt5592_freqs *freqs;
4729 uint32_t tmp;
4730 uint8_t reg, rf, txpow_bound;
4731 int8_t txpow1, txpow2;
4732 int i;
4733
4734 run_read(sc, RT5592_DEBUG_INDEX, &tmp);
4735 freqs = (tmp & RT5592_SEL_XTAL) ?
4736 rt5592_freqs_40mhz : rt5592_freqs_20mhz;
4737
4738 /* find the settings for this channel (we know it exists) */
4739 for (i = 0; rt2860_rf2850[i].chan != chan; i++, freqs++);
4740
4741 /* use Tx power values from EEPROM */
4742 txpow1 = sc->txpow1[i];
4743 txpow2 = sc->txpow2[i];
4744
4745 run_read(sc, RT3070_LDO_CFG0, &tmp);
4746 tmp &= ~0x1c000000;
4747 if (chan > 14)
4748 tmp |= 0x14000000;
4749 run_write(sc, RT3070_LDO_CFG0, tmp);
4750
4751 /* N setting. */
4752 run_rt3070_rf_write(sc, 8, freqs->n & 0xff);
4753 run_rt3070_rf_read(sc, 9, &rf);
4754 rf &= ~(1 << 4);
4755 rf |= ((freqs->n & 0x0100) >> 8) << 4;
4756 run_rt3070_rf_write(sc, 9, rf);
4757
4758 /* K setting. */
4759 run_rt3070_rf_read(sc, 9, &rf);
4760 rf &= ~0x0f;
4761 rf |= (freqs->k & 0x0f);
4762 run_rt3070_rf_write(sc, 9, rf);
4763
4764 /* Mode setting. */
4765 run_rt3070_rf_read(sc, 11, &rf);
4766 rf &= ~0x0c;
4767 rf |= ((freqs->m - 0x8) & 0x3) << 2;
4768 run_rt3070_rf_write(sc, 11, rf);
4769 run_rt3070_rf_read(sc, 9, &rf);
4770 rf &= ~(1 << 7);
4771 rf |= (((freqs->m - 0x8) & 0x4) >> 2) << 7;
4772 run_rt3070_rf_write(sc, 9, rf);
4773
4774 /* R setting. */
4775 run_rt3070_rf_read(sc, 11, &rf);
4776 rf &= ~0x03;
4777 rf |= (freqs->r - 0x1);
4778 run_rt3070_rf_write(sc, 11, rf);
4779
4780 if (chan <= 14) {
4781 /* Initialize RF registers for 2GHZ. */
4782 for (i = 0; i < nitems(rt5592_2ghz_def_rf); i++) {
4783 run_rt3070_rf_write(sc, rt5592_2ghz_def_rf[i].reg,
4784 rt5592_2ghz_def_rf[i].val);
4785 }
4786
4787 rf = (chan <= 10) ? 0x07 : 0x06;
4788 run_rt3070_rf_write(sc, 23, rf);
4789 run_rt3070_rf_write(sc, 59, rf);
4790
4791 run_rt3070_rf_write(sc, 55, 0x43);
4792
4793 /*
4794 * RF R49/R50 Tx power ALC code.
4795 * G-band bit<7:6>=1:0, bit<5:0> range from 0x0 ~ 0x27.
4796 */
4797 reg = 2;
4798 txpow_bound = 0x27;
4799 } else {
4800 /* Initialize RF registers for 5GHZ. */
4801 for (i = 0; i < nitems(rt5592_5ghz_def_rf); i++) {
4802 run_rt3070_rf_write(sc, rt5592_5ghz_def_rf[i].reg,
4803 rt5592_5ghz_def_rf[i].val);
4804 }
4805 for (i = 0; i < nitems(rt5592_chan_5ghz); i++) {
4806 if (chan >= rt5592_chan_5ghz[i].firstchan &&
4807 chan <= rt5592_chan_5ghz[i].lastchan) {
4808 run_rt3070_rf_write(sc, rt5592_chan_5ghz[i].reg,
4809 rt5592_chan_5ghz[i].val);
4810 }
4811 }
4812
4813 /*
4814 * RF R49/R50 Tx power ALC code.
4815 * A-band bit<7:6>=1:1, bit<5:0> range from 0x0 ~ 0x2b.
4816 */
4817 reg = 3;
4818 txpow_bound = 0x2b;
4819 }
4820
4821 /* RF R49 ch0 Tx power ALC code. */
4822 run_rt3070_rf_read(sc, 49, &rf);
4823 rf &= ~0xc0;
4824 rf |= (reg << 6);
4825 rf = (rf & ~0x3f) | (txpow1 & 0x3f);
4826 if ((rf & 0x3f) > txpow_bound)
4827 rf = (rf & ~0x3f) | txpow_bound;
4828 run_rt3070_rf_write(sc, 49, rf);
4829
4830 /* RF R50 ch1 Tx power ALC code. */
4831 run_rt3070_rf_read(sc, 50, &rf);
4832 rf &= ~(1 << 7 | 1 << 6);
4833 rf |= (reg << 6);
4834 rf = (rf & ~0x3f) | (txpow2 & 0x3f);
4835 if ((rf & 0x3f) > txpow_bound)
4836 rf = (rf & ~0x3f) | txpow_bound;
4837 run_rt3070_rf_write(sc, 50, rf);
4838
4839 /* Enable RF_BLOCK, PLL_PD, RX0_PD, and TX0_PD. */
4840 run_rt3070_rf_read(sc, 1, &rf);
4841 rf |= (RT3070_RF_BLOCK | RT3070_PLL_PD | RT3070_RX0_PD | RT3070_TX0_PD);
4842 if (sc->ntxchains > 1)
4843 rf |= RT3070_TX1_PD;
4844 if (sc->nrxchains > 1)
4845 rf |= RT3070_RX1_PD;
4846 run_rt3070_rf_write(sc, 1, rf);
4847
4848 run_rt3070_rf_write(sc, 6, 0xe4);
4849
4850 run_rt3070_rf_write(sc, 30, 0x10);
4851 run_rt3070_rf_write(sc, 31, 0x80);
4852 run_rt3070_rf_write(sc, 32, 0x80);
4853
4854 run_adjust_freq_offset(sc);
4855
4856 /* Enable VCO calibration. */
4857 run_rt3070_rf_read(sc, 3, &rf);
4858 rf |= RT5390_VCOCAL;
4859 run_rt3070_rf_write(sc, 3, rf);
4860 }
4861
4862 static void
run_set_rx_antenna(struct run_softc * sc,int aux)4863 run_set_rx_antenna(struct run_softc *sc, int aux)
4864 {
4865 uint32_t tmp;
4866 uint8_t bbp152;
4867
4868 if (aux) {
4869 if (sc->rf_rev == RT5390_RF_5370) {
4870 run_bbp_read(sc, 152, &bbp152);
4871 run_bbp_write(sc, 152, bbp152 & ~0x80);
4872 } else {
4873 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 0);
4874 run_read(sc, RT2860_GPIO_CTRL, &tmp);
4875 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08);
4876 }
4877 } else {
4878 if (sc->rf_rev == RT5390_RF_5370) {
4879 run_bbp_read(sc, 152, &bbp152);
4880 run_bbp_write(sc, 152, bbp152 | 0x80);
4881 } else {
4882 run_mcu_cmd(sc, RT2860_MCU_CMD_ANTSEL, 1);
4883 run_read(sc, RT2860_GPIO_CTRL, &tmp);
4884 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808);
4885 }
4886 }
4887 }
4888
4889 static int
run_set_chan(struct run_softc * sc,struct ieee80211_channel * c)4890 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c)
4891 {
4892 struct ieee80211com *ic = &sc->sc_ic;
4893 u_int chan, group;
4894
4895 chan = ieee80211_chan2ieee(ic, c);
4896 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
4897 return (EINVAL);
4898
4899 if (sc->mac_ver == 0x5592)
4900 run_rt5592_set_chan(sc, chan);
4901 else if (sc->mac_ver >= 0x5390)
4902 run_rt5390_set_chan(sc, chan);
4903 else if (sc->mac_ver == 0x3593)
4904 run_rt3593_set_chan(sc, chan);
4905 else if (sc->mac_ver == 0x3572)
4906 run_rt3572_set_chan(sc, chan);
4907 else if (sc->mac_ver >= 0x3070)
4908 run_rt3070_set_chan(sc, chan);
4909 else
4910 run_rt2870_set_chan(sc, chan);
4911
4912 /* determine channel group */
4913 if (chan <= 14)
4914 group = 0;
4915 else if (chan <= 64)
4916 group = 1;
4917 else if (chan <= 128)
4918 group = 2;
4919 else
4920 group = 3;
4921
4922 /* XXX necessary only when group has changed! */
4923 run_select_chan_group(sc, group);
4924
4925 run_delay(sc, 10);
4926
4927 /* Perform IQ calibration. */
4928 if (sc->mac_ver >= 0x5392)
4929 run_iq_calib(sc, chan);
4930
4931 return (0);
4932 }
4933
4934 static void
run_set_channel(struct ieee80211com * ic)4935 run_set_channel(struct ieee80211com *ic)
4936 {
4937 struct run_softc *sc = ic->ic_softc;
4938
4939 RUN_LOCK(sc);
4940 run_set_chan(sc, ic->ic_curchan);
4941 RUN_UNLOCK(sc);
4942
4943 return;
4944 }
4945
4946 static void
run_getradiocaps(struct ieee80211com * ic,int maxchans,int * nchans,struct ieee80211_channel chans[])4947 run_getradiocaps(struct ieee80211com *ic,
4948 int maxchans, int *nchans, struct ieee80211_channel chans[])
4949 {
4950 struct run_softc *sc = ic->ic_softc;
4951 uint8_t bands[IEEE80211_MODE_BYTES];
4952
4953 memset(bands, 0, sizeof(bands));
4954 setbit(bands, IEEE80211_MODE_11B);
4955 setbit(bands, IEEE80211_MODE_11G);
4956 if (sc->rf_rev != RT3070_RF_2020)
4957 setbit(bands, IEEE80211_MODE_11NG);
4958
4959 /* Note: for now, only support HT20 channels */
4960 ieee80211_add_channels_default_2ghz(chans, maxchans, nchans, bands, 0);
4961
4962 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850 ||
4963 sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 ||
4964 sc->rf_rev == RT5592_RF_5592) {
4965 setbit(bands, IEEE80211_MODE_11A);
4966 if (sc->rf_rev != RT3070_RF_2020)
4967 setbit(bands, IEEE80211_MODE_11NA);
4968 /* Note: for now, only support HT20 channels */
4969 ieee80211_add_channel_list_5ghz(chans, maxchans, nchans,
4970 run_chan_5ghz, nitems(run_chan_5ghz), bands, 0);
4971 }
4972 }
4973
4974 static void
run_scan_start(struct ieee80211com * ic)4975 run_scan_start(struct ieee80211com *ic)
4976 {
4977 struct run_softc *sc = ic->ic_softc;
4978
4979 RUN_LOCK(sc);
4980
4981 /* abort TSF synchronization */
4982 run_disable_tsf(sc);
4983 run_set_bssid(sc, ieee80211broadcastaddr);
4984
4985 RUN_UNLOCK(sc);
4986
4987 return;
4988 }
4989
4990 static void
run_scan_end(struct ieee80211com * ic)4991 run_scan_end(struct ieee80211com *ic)
4992 {
4993 struct run_softc *sc = ic->ic_softc;
4994
4995 RUN_LOCK(sc);
4996
4997 run_enable_tsf_sync(sc);
4998 run_set_bssid(sc, sc->sc_bssid);
4999
5000 RUN_UNLOCK(sc);
5001
5002 return;
5003 }
5004
5005 /*
5006 * Could be called from ieee80211_node_timeout()
5007 * (non-sleepable thread)
5008 */
5009 static void
run_update_beacon(struct ieee80211vap * vap,int item)5010 run_update_beacon(struct ieee80211vap *vap, int item)
5011 {
5012 struct ieee80211com *ic = vap->iv_ic;
5013 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off;
5014 struct ieee80211_node *ni = vap->iv_bss;
5015 struct run_softc *sc = ic->ic_softc;
5016 struct run_vap *rvp = RUN_VAP(vap);
5017 int mcast = 0;
5018 uint32_t i;
5019
5020 switch (item) {
5021 case IEEE80211_BEACON_ERP:
5022 run_updateslot(ic);
5023 break;
5024 case IEEE80211_BEACON_HTINFO:
5025 run_updateprot(ic);
5026 break;
5027 case IEEE80211_BEACON_TIM:
5028 mcast = 1; /*TODO*/
5029 break;
5030 default:
5031 break;
5032 }
5033
5034 setbit(bo->bo_flags, item);
5035 if (rvp->beacon_mbuf == NULL) {
5036 rvp->beacon_mbuf = ieee80211_beacon_alloc(ni);
5037 if (rvp->beacon_mbuf == NULL)
5038 return;
5039 }
5040 ieee80211_beacon_update(ni, rvp->beacon_mbuf, mcast);
5041
5042 i = RUN_CMDQ_GET(&sc->cmdq_store);
5043 RUN_DPRINTF(sc, RUN_DEBUG_BEACON, "cmdq_store=%d\n", i);
5044 sc->cmdq[i].func = run_update_beacon_cb;
5045 sc->cmdq[i].arg0 = vap;
5046 ieee80211_runtask(ic, &sc->cmdq_task);
5047
5048 return;
5049 }
5050
5051 static void
run_update_beacon_cb(void * arg)5052 run_update_beacon_cb(void *arg)
5053 {
5054 struct ieee80211vap *vap = arg;
5055 struct ieee80211_node *ni = vap->iv_bss;
5056 struct run_vap *rvp = RUN_VAP(vap);
5057 struct ieee80211com *ic = vap->iv_ic;
5058 struct run_softc *sc = ic->ic_softc;
5059 struct rt2860_txwi txwi;
5060 struct mbuf *m;
5061 uint16_t txwisize;
5062 uint8_t ridx;
5063
5064 if (ni->ni_chan == IEEE80211_CHAN_ANYC)
5065 return;
5066 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC)
5067 return;
5068
5069 /*
5070 * No need to call ieee80211_beacon_update(), run_update_beacon()
5071 * is taking care of appropriate calls.
5072 */
5073 if (rvp->beacon_mbuf == NULL) {
5074 rvp->beacon_mbuf = ieee80211_beacon_alloc(ni);
5075 if (rvp->beacon_mbuf == NULL)
5076 return;
5077 }
5078 m = rvp->beacon_mbuf;
5079
5080 memset(&txwi, 0, sizeof(txwi));
5081 txwi.wcid = 0xff;
5082 txwi.len = htole16(m->m_pkthdr.len);
5083
5084 /* send beacons at the lowest available rate */
5085 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ?
5086 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1;
5087 txwi.phy = htole16(rt2860_rates[ridx].mcs);
5088 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM)
5089 txwi.phy |= htole16(RT2860_PHY_OFDM);
5090 txwi.txop = RT2860_TX_TXOP_HT;
5091 txwi.flags = RT2860_TX_TS;
5092 txwi.xflags = RT2860_TX_NSEQ;
5093
5094 txwisize = (sc->mac_ver == 0x5592) ?
5095 sizeof(txwi) + sizeof(uint32_t) : sizeof(txwi);
5096 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id), (uint8_t *)&txwi,
5097 txwisize);
5098 run_write_region_1(sc, RT2860_BCN_BASE(rvp->rvp_id) + txwisize,
5099 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1);
5100 }
5101
5102 static void
run_updateprot(struct ieee80211com * ic)5103 run_updateprot(struct ieee80211com *ic)
5104 {
5105 struct run_softc *sc = ic->ic_softc;
5106 uint32_t i;
5107
5108 i = RUN_CMDQ_GET(&sc->cmdq_store);
5109 RUN_DPRINTF(sc, RUN_DEBUG_BEACON, "cmdq_store=%d\n", i);
5110 sc->cmdq[i].func = run_updateprot_cb;
5111 sc->cmdq[i].arg0 = ic;
5112 ieee80211_runtask(ic, &sc->cmdq_task);
5113 }
5114
5115 static void
run_updateprot_cb(void * arg)5116 run_updateprot_cb(void *arg)
5117 {
5118 struct ieee80211com *ic = arg;
5119 struct run_softc *sc = ic->ic_softc;
5120 uint32_t tmp;
5121
5122 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL;
5123 /* setup protection frame rate (MCS code) */
5124 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ?
5125 rt2860_rates[RT2860_RIDX_OFDM6].mcs | RT2860_PHY_OFDM :
5126 rt2860_rates[RT2860_RIDX_CCK11].mcs;
5127
5128 /* CCK frames don't require protection */
5129 run_write(sc, RT2860_CCK_PROT_CFG, tmp);
5130 if (ic->ic_flags & IEEE80211_F_USEPROT) {
5131 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS)
5132 tmp |= RT2860_PROT_CTRL_RTS_CTS;
5133 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY)
5134 tmp |= RT2860_PROT_CTRL_CTS;
5135 }
5136 run_write(sc, RT2860_OFDM_PROT_CFG, tmp);
5137 }
5138
5139 static void
run_usb_timeout_cb(void * arg)5140 run_usb_timeout_cb(void *arg)
5141 {
5142 struct ieee80211vap *vap = arg;
5143 struct run_softc *sc = vap->iv_ic->ic_softc;
5144
5145 RUN_LOCK_ASSERT(sc, MA_OWNED);
5146
5147 if(vap->iv_state == IEEE80211_S_RUN &&
5148 vap->iv_opmode != IEEE80211_M_STA)
5149 run_reset_livelock(sc);
5150 else if (vap->iv_state == IEEE80211_S_SCAN) {
5151 RUN_DPRINTF(sc, RUN_DEBUG_USB | RUN_DEBUG_STATE,
5152 "timeout caused by scan\n");
5153 /* cancel bgscan */
5154 ieee80211_cancel_scan(vap);
5155 } else
5156 RUN_DPRINTF(sc, RUN_DEBUG_USB | RUN_DEBUG_STATE,
5157 "timeout by unknown cause\n");
5158 }
5159
5160 static void
run_reset_livelock(struct run_softc * sc)5161 run_reset_livelock(struct run_softc *sc)
5162 {
5163 uint32_t tmp;
5164
5165 RUN_LOCK_ASSERT(sc, MA_OWNED);
5166
5167 /*
5168 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC
5169 * can run into a livelock and start sending CTS-to-self frames like
5170 * crazy if protection is enabled. Reset MAC/BBP for a while
5171 */
5172 run_read(sc, RT2860_DEBUG, &tmp);
5173 RUN_DPRINTF(sc, RUN_DEBUG_RESET, "debug reg %08x\n", tmp);
5174 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) {
5175 RUN_DPRINTF(sc, RUN_DEBUG_RESET,
5176 "CTS-to-self livelock detected\n");
5177 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST);
5178 run_delay(sc, 1);
5179 run_write(sc, RT2860_MAC_SYS_CTRL,
5180 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
5181 }
5182 }
5183
5184 static void
run_update_promisc_locked(struct run_softc * sc)5185 run_update_promisc_locked(struct run_softc *sc)
5186 {
5187 uint32_t tmp;
5188
5189 run_read(sc, RT2860_RX_FILTR_CFG, &tmp);
5190
5191 tmp |= RT2860_DROP_UC_NOME;
5192 if (sc->sc_ic.ic_promisc > 0)
5193 tmp &= ~RT2860_DROP_UC_NOME;
5194
5195 run_write(sc, RT2860_RX_FILTR_CFG, tmp);
5196
5197 RUN_DPRINTF(sc, RUN_DEBUG_RECV, "%s promiscuous mode\n",
5198 (sc->sc_ic.ic_promisc > 0) ? "entering" : "leaving");
5199 }
5200
5201 static void
run_update_promisc(struct ieee80211com * ic)5202 run_update_promisc(struct ieee80211com *ic)
5203 {
5204 struct run_softc *sc = ic->ic_softc;
5205
5206 if ((sc->sc_flags & RUN_RUNNING) == 0)
5207 return;
5208
5209 RUN_LOCK(sc);
5210 run_update_promisc_locked(sc);
5211 RUN_UNLOCK(sc);
5212 }
5213
5214 static void
run_enable_tsf_sync(struct run_softc * sc)5215 run_enable_tsf_sync(struct run_softc *sc)
5216 {
5217 struct ieee80211com *ic = &sc->sc_ic;
5218 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
5219 uint32_t tmp;
5220
5221 RUN_DPRINTF(sc, RUN_DEBUG_BEACON, "rvp_id=%d ic_opmode=%d\n",
5222 RUN_VAP(vap)->rvp_id, ic->ic_opmode);
5223
5224 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
5225 tmp &= ~0x1fffff;
5226 tmp |= vap->iv_bss->ni_intval * 16;
5227 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN;
5228
5229 if (ic->ic_opmode == IEEE80211_M_STA) {
5230 /*
5231 * Local TSF is always updated with remote TSF on beacon
5232 * reception.
5233 */
5234 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT;
5235 } else if (ic->ic_opmode == IEEE80211_M_IBSS) {
5236 tmp |= RT2860_BCN_TX_EN;
5237 /*
5238 * Local TSF is updated with remote TSF on beacon reception
5239 * only if the remote TSF is greater than local TSF.
5240 */
5241 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT;
5242 } else if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
5243 ic->ic_opmode == IEEE80211_M_MBSS) {
5244 tmp |= RT2860_BCN_TX_EN;
5245 /* SYNC with nobody */
5246 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT;
5247 } else {
5248 RUN_DPRINTF(sc, RUN_DEBUG_BEACON,
5249 "Enabling TSF failed. undefined opmode\n");
5250 return;
5251 }
5252
5253 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
5254 }
5255
5256 static void
run_enable_tsf(struct run_softc * sc)5257 run_enable_tsf(struct run_softc *sc)
5258 {
5259 uint32_t tmp;
5260
5261 if (run_read(sc, RT2860_BCN_TIME_CFG, &tmp) == 0) {
5262 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TBTT_TIMER_EN);
5263 tmp |= RT2860_TSF_TIMER_EN;
5264 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
5265 }
5266 }
5267
5268 static void
run_disable_tsf(struct run_softc * sc)5269 run_disable_tsf(struct run_softc *sc)
5270 {
5271 uint32_t tmp;
5272
5273 if (run_read(sc, RT2860_BCN_TIME_CFG, &tmp) == 0) {
5274 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
5275 RT2860_TBTT_TIMER_EN);
5276 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
5277 }
5278 }
5279
5280 static void
run_get_tsf(struct run_softc * sc,uint64_t * buf)5281 run_get_tsf(struct run_softc *sc, uint64_t *buf)
5282 {
5283 run_read_region_1(sc, RT2860_TSF_TIMER_DW0, (uint8_t *)buf,
5284 sizeof(*buf));
5285 }
5286
5287 static void
run_enable_mrr(struct run_softc * sc)5288 run_enable_mrr(struct run_softc *sc)
5289 {
5290 #define CCK(mcs) (mcs)
5291 #define OFDM(mcs) (1 << 3 | (mcs))
5292 run_write(sc, RT2860_LG_FBK_CFG0,
5293 OFDM(6) << 28 | /* 54->48 */
5294 OFDM(5) << 24 | /* 48->36 */
5295 OFDM(4) << 20 | /* 36->24 */
5296 OFDM(3) << 16 | /* 24->18 */
5297 OFDM(2) << 12 | /* 18->12 */
5298 OFDM(1) << 8 | /* 12-> 9 */
5299 OFDM(0) << 4 | /* 9-> 6 */
5300 OFDM(0)); /* 6-> 6 */
5301
5302 run_write(sc, RT2860_LG_FBK_CFG1,
5303 CCK(2) << 12 | /* 11->5.5 */
5304 CCK(1) << 8 | /* 5.5-> 2 */
5305 CCK(0) << 4 | /* 2-> 1 */
5306 CCK(0)); /* 1-> 1 */
5307 #undef OFDM
5308 #undef CCK
5309 }
5310
5311 static void
run_set_txpreamble(struct run_softc * sc)5312 run_set_txpreamble(struct run_softc *sc)
5313 {
5314 struct ieee80211com *ic = &sc->sc_ic;
5315 uint32_t tmp;
5316
5317 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp);
5318 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
5319 tmp |= RT2860_CCK_SHORT_EN;
5320 else
5321 tmp &= ~RT2860_CCK_SHORT_EN;
5322 run_write(sc, RT2860_AUTO_RSP_CFG, tmp);
5323 }
5324
5325 static void
run_set_basicrates(struct run_softc * sc)5326 run_set_basicrates(struct run_softc *sc)
5327 {
5328 struct ieee80211com *ic = &sc->sc_ic;
5329
5330 /* set basic rates mask */
5331 if (ic->ic_curmode == IEEE80211_MODE_11B)
5332 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003);
5333 else if (ic->ic_curmode == IEEE80211_MODE_11A)
5334 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150);
5335 else /* 11g */
5336 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f);
5337 }
5338
5339 static void
run_set_leds(struct run_softc * sc,uint16_t which)5340 run_set_leds(struct run_softc *sc, uint16_t which)
5341 {
5342 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS,
5343 which | (sc->leds & 0x7f));
5344 }
5345
5346 static void
run_set_bssid(struct run_softc * sc,const uint8_t * bssid)5347 run_set_bssid(struct run_softc *sc, const uint8_t *bssid)
5348 {
5349 run_write(sc, RT2860_MAC_BSSID_DW0,
5350 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24);
5351 run_write(sc, RT2860_MAC_BSSID_DW1,
5352 bssid[4] | bssid[5] << 8);
5353 }
5354
5355 static void
run_set_macaddr(struct run_softc * sc,const uint8_t * addr)5356 run_set_macaddr(struct run_softc *sc, const uint8_t *addr)
5357 {
5358 run_write(sc, RT2860_MAC_ADDR_DW0,
5359 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24);
5360 run_write(sc, RT2860_MAC_ADDR_DW1,
5361 addr[4] | addr[5] << 8 | 0xff << 16);
5362 }
5363
5364 static void
run_updateslot(struct ieee80211com * ic)5365 run_updateslot(struct ieee80211com *ic)
5366 {
5367 struct run_softc *sc = ic->ic_softc;
5368 uint32_t i;
5369
5370 i = RUN_CMDQ_GET(&sc->cmdq_store);
5371 RUN_DPRINTF(sc, RUN_DEBUG_BEACON, "cmdq_store=%d\n", i);
5372 sc->cmdq[i].func = run_updateslot_cb;
5373 sc->cmdq[i].arg0 = ic;
5374 ieee80211_runtask(ic, &sc->cmdq_task);
5375
5376 return;
5377 }
5378
5379 /* ARGSUSED */
5380 static void
run_updateslot_cb(void * arg)5381 run_updateslot_cb(void *arg)
5382 {
5383 struct ieee80211com *ic = arg;
5384 struct run_softc *sc = ic->ic_softc;
5385 uint32_t tmp;
5386
5387 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp);
5388 tmp &= ~0xff;
5389 tmp |= IEEE80211_GET_SLOTTIME(ic);
5390 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp);
5391 }
5392
5393 static void
run_update_mcast(struct ieee80211com * ic)5394 run_update_mcast(struct ieee80211com *ic)
5395 {
5396 }
5397
5398 static int8_t
run_rssi2dbm(struct run_softc * sc,uint8_t rssi,uint8_t rxchain)5399 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain)
5400 {
5401 struct ieee80211com *ic = &sc->sc_ic;
5402 struct ieee80211_channel *c = ic->ic_curchan;
5403 int delta;
5404
5405 if (IEEE80211_IS_CHAN_5GHZ(c)) {
5406 u_int chan = ieee80211_chan2ieee(ic, c);
5407 delta = sc->rssi_5ghz[rxchain];
5408
5409 /* determine channel group */
5410 if (chan <= 64)
5411 delta -= sc->lna[1];
5412 else if (chan <= 128)
5413 delta -= sc->lna[2];
5414 else
5415 delta -= sc->lna[3];
5416 } else
5417 delta = sc->rssi_2ghz[rxchain] - sc->lna[0];
5418
5419 return (-12 - delta - rssi);
5420 }
5421
5422 static void
run_rt5390_bbp_init(struct run_softc * sc)5423 run_rt5390_bbp_init(struct run_softc *sc)
5424 {
5425 u_int i;
5426 uint8_t bbp;
5427
5428 /* Apply maximum likelihood detection for 2 stream case. */
5429 run_bbp_read(sc, 105, &bbp);
5430 if (sc->nrxchains > 1)
5431 run_bbp_write(sc, 105, bbp | RT5390_MLD);
5432
5433 /* Avoid data lost and CRC error. */
5434 run_bbp_read(sc, 4, &bbp);
5435 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
5436
5437 if (sc->mac_ver == 0x5592) {
5438 for (i = 0; i < nitems(rt5592_def_bbp); i++) {
5439 run_bbp_write(sc, rt5592_def_bbp[i].reg,
5440 rt5592_def_bbp[i].val);
5441 }
5442 for (i = 0; i < nitems(rt5592_bbp_r196); i++) {
5443 run_bbp_write(sc, 195, i + 0x80);
5444 run_bbp_write(sc, 196, rt5592_bbp_r196[i]);
5445 }
5446 } else {
5447 for (i = 0; i < nitems(rt5390_def_bbp); i++) {
5448 run_bbp_write(sc, rt5390_def_bbp[i].reg,
5449 rt5390_def_bbp[i].val);
5450 }
5451 }
5452 if (sc->mac_ver == 0x5392) {
5453 run_bbp_write(sc, 88, 0x90);
5454 run_bbp_write(sc, 95, 0x9a);
5455 run_bbp_write(sc, 98, 0x12);
5456 run_bbp_write(sc, 106, 0x12);
5457 run_bbp_write(sc, 134, 0xd0);
5458 run_bbp_write(sc, 135, 0xf6);
5459 run_bbp_write(sc, 148, 0x84);
5460 }
5461
5462 run_bbp_read(sc, 152, &bbp);
5463 run_bbp_write(sc, 152, bbp | 0x80);
5464
5465 /* Fix BBP254 for RT5592C. */
5466 if (sc->mac_ver == 0x5592 && sc->mac_rev >= 0x0221) {
5467 run_bbp_read(sc, 254, &bbp);
5468 run_bbp_write(sc, 254, bbp | 0x80);
5469 }
5470
5471 /* Disable hardware antenna diversity. */
5472 if (sc->mac_ver == 0x5390)
5473 run_bbp_write(sc, 154, 0);
5474
5475 /* Initialize Rx CCK/OFDM frequency offset report. */
5476 run_bbp_write(sc, 142, 1);
5477 run_bbp_write(sc, 143, 57);
5478 }
5479
5480 static int
run_bbp_init(struct run_softc * sc)5481 run_bbp_init(struct run_softc *sc)
5482 {
5483 int i, error, ntries;
5484 uint8_t bbp0;
5485
5486 /* wait for BBP to wake up */
5487 for (ntries = 0; ntries < 20; ntries++) {
5488 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0)
5489 return error;
5490 if (bbp0 != 0 && bbp0 != 0xff)
5491 break;
5492 }
5493 if (ntries == 20)
5494 return (ETIMEDOUT);
5495
5496 /* initialize BBP registers to default values */
5497 if (sc->mac_ver >= 0x5390)
5498 run_rt5390_bbp_init(sc);
5499 else {
5500 for (i = 0; i < nitems(rt2860_def_bbp); i++) {
5501 run_bbp_write(sc, rt2860_def_bbp[i].reg,
5502 rt2860_def_bbp[i].val);
5503 }
5504 }
5505
5506 if (sc->mac_ver == 0x3593) {
5507 run_bbp_write(sc, 79, 0x13);
5508 run_bbp_write(sc, 80, 0x05);
5509 run_bbp_write(sc, 81, 0x33);
5510 run_bbp_write(sc, 86, 0x46);
5511 run_bbp_write(sc, 137, 0x0f);
5512 }
5513
5514 /* fix BBP84 for RT2860E */
5515 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101)
5516 run_bbp_write(sc, 84, 0x19);
5517
5518 if (sc->mac_ver >= 0x3070 && (sc->mac_ver != 0x3593 &&
5519 sc->mac_ver != 0x5592)) {
5520 run_bbp_write(sc, 79, 0x13);
5521 run_bbp_write(sc, 80, 0x05);
5522 run_bbp_write(sc, 81, 0x33);
5523 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) {
5524 run_bbp_write(sc, 69, 0x16);
5525 run_bbp_write(sc, 73, 0x12);
5526 }
5527 return (0);
5528 }
5529
5530 static int
run_rt3070_rf_init(struct run_softc * sc)5531 run_rt3070_rf_init(struct run_softc *sc)
5532 {
5533 uint32_t tmp;
5534 uint8_t bbp4, mingain, rf, target;
5535 u_int i;
5536
5537 run_rt3070_rf_read(sc, 30, &rf);
5538 /* toggle RF R30 bit 7 */
5539 run_rt3070_rf_write(sc, 30, rf | 0x80);
5540 run_delay(sc, 10);
5541 run_rt3070_rf_write(sc, 30, rf & ~0x80);
5542
5543 /* initialize RF registers to default value */
5544 if (sc->mac_ver == 0x3572) {
5545 for (i = 0; i < nitems(rt3572_def_rf); i++) {
5546 run_rt3070_rf_write(sc, rt3572_def_rf[i].reg,
5547 rt3572_def_rf[i].val);
5548 }
5549 } else {
5550 for (i = 0; i < nitems(rt3070_def_rf); i++) {
5551 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg,
5552 rt3070_def_rf[i].val);
5553 }
5554 }
5555
5556 if (sc->mac_ver == 0x3070 && sc->mac_rev < 0x0201) {
5557 /*
5558 * Change voltage from 1.2V to 1.35V for RT3070.
5559 * The DAC issue (RT3070_LDO_CFG0) has been fixed
5560 * in RT3070(F).
5561 */
5562 run_read(sc, RT3070_LDO_CFG0, &tmp);
5563 tmp = (tmp & ~0x0f000000) | 0x0d000000;
5564 run_write(sc, RT3070_LDO_CFG0, tmp);
5565
5566 } else if (sc->mac_ver == 0x3071) {
5567 run_rt3070_rf_read(sc, 6, &rf);
5568 run_rt3070_rf_write(sc, 6, rf | 0x40);
5569 run_rt3070_rf_write(sc, 31, 0x14);
5570
5571 run_read(sc, RT3070_LDO_CFG0, &tmp);
5572 tmp &= ~0x1f000000;
5573 if (sc->mac_rev < 0x0211)
5574 tmp |= 0x0d000000; /* 1.3V */
5575 else
5576 tmp |= 0x01000000; /* 1.2V */
5577 run_write(sc, RT3070_LDO_CFG0, tmp);
5578
5579 /* patch LNA_PE_G1 */
5580 run_read(sc, RT3070_GPIO_SWITCH, &tmp);
5581 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20);
5582
5583 } else if (sc->mac_ver == 0x3572) {
5584 run_rt3070_rf_read(sc, 6, &rf);
5585 run_rt3070_rf_write(sc, 6, rf | 0x40);
5586
5587 /* increase voltage from 1.2V to 1.35V */
5588 run_read(sc, RT3070_LDO_CFG0, &tmp);
5589 tmp = (tmp & ~0x1f000000) | 0x0d000000;
5590 run_write(sc, RT3070_LDO_CFG0, tmp);
5591
5592 if (sc->mac_rev < 0x0211 || !sc->patch_dac) {
5593 run_delay(sc, 1); /* wait for 1msec */
5594 /* decrease voltage back to 1.2V */
5595 tmp = (tmp & ~0x1f000000) | 0x01000000;
5596 run_write(sc, RT3070_LDO_CFG0, tmp);
5597 }
5598 }
5599
5600 /* select 20MHz bandwidth */
5601 run_rt3070_rf_read(sc, 31, &rf);
5602 run_rt3070_rf_write(sc, 31, rf & ~0x20);
5603
5604 /* calibrate filter for 20MHz bandwidth */
5605 sc->rf24_20mhz = 0x1f; /* default value */
5606 target = (sc->mac_ver < 0x3071) ? 0x16 : 0x13;
5607 run_rt3070_filter_calib(sc, 0x07, target, &sc->rf24_20mhz);
5608
5609 /* select 40MHz bandwidth */
5610 run_bbp_read(sc, 4, &bbp4);
5611 run_bbp_write(sc, 4, (bbp4 & ~0x18) | 0x10);
5612 run_rt3070_rf_read(sc, 31, &rf);
5613 run_rt3070_rf_write(sc, 31, rf | 0x20);
5614
5615 /* calibrate filter for 40MHz bandwidth */
5616 sc->rf24_40mhz = 0x2f; /* default value */
5617 target = (sc->mac_ver < 0x3071) ? 0x19 : 0x15;
5618 run_rt3070_filter_calib(sc, 0x27, target, &sc->rf24_40mhz);
5619
5620 /* go back to 20MHz bandwidth */
5621 run_bbp_read(sc, 4, &bbp4);
5622 run_bbp_write(sc, 4, bbp4 & ~0x18);
5623
5624 if (sc->mac_ver == 0x3572) {
5625 /* save default BBP registers 25 and 26 values */
5626 run_bbp_read(sc, 25, &sc->bbp25);
5627 run_bbp_read(sc, 26, &sc->bbp26);
5628 } else if (sc->mac_rev < 0x0201 || sc->mac_rev < 0x0211)
5629 run_rt3070_rf_write(sc, 27, 0x03);
5630
5631 run_read(sc, RT3070_OPT_14, &tmp);
5632 run_write(sc, RT3070_OPT_14, tmp | 1);
5633
5634 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) {
5635 run_rt3070_rf_read(sc, 17, &rf);
5636 rf &= ~RT3070_TX_LO1;
5637 if ((sc->mac_ver == 0x3070 ||
5638 (sc->mac_ver == 0x3071 && sc->mac_rev >= 0x0211)) &&
5639 !sc->ext_2ghz_lna)
5640 rf |= 0x20; /* fix for long range Rx issue */
5641 mingain = (sc->mac_ver == 0x3070) ? 1 : 2;
5642 if (sc->txmixgain_2ghz >= mingain)
5643 rf = (rf & ~0x7) | sc->txmixgain_2ghz;
5644 run_rt3070_rf_write(sc, 17, rf);
5645 }
5646
5647 if (sc->mac_ver == 0x3071) {
5648 run_rt3070_rf_read(sc, 1, &rf);
5649 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD);
5650 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD;
5651 run_rt3070_rf_write(sc, 1, rf);
5652
5653 run_rt3070_rf_read(sc, 15, &rf);
5654 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2);
5655
5656 run_rt3070_rf_read(sc, 20, &rf);
5657 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1);
5658
5659 run_rt3070_rf_read(sc, 21, &rf);
5660 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2);
5661 }
5662
5663 if (sc->mac_ver == 0x3070 || sc->mac_ver == 0x3071) {
5664 /* fix Tx to Rx IQ glitch by raising RF voltage */
5665 run_rt3070_rf_read(sc, 27, &rf);
5666 rf &= ~0x77;
5667 if (sc->mac_rev < 0x0211)
5668 rf |= 0x03;
5669 run_rt3070_rf_write(sc, 27, rf);
5670 }
5671 return (0);
5672 }
5673
5674 static void
run_rt3593_rf_init(struct run_softc * sc)5675 run_rt3593_rf_init(struct run_softc *sc)
5676 {
5677 uint32_t tmp;
5678 uint8_t rf;
5679 u_int i;
5680
5681 /* Disable the GPIO bits 4 and 7 for LNA PE control. */
5682 run_read(sc, RT3070_GPIO_SWITCH, &tmp);
5683 tmp &= ~(1 << 4 | 1 << 7);
5684 run_write(sc, RT3070_GPIO_SWITCH, tmp);
5685
5686 /* Initialize RF registers to default value. */
5687 for (i = 0; i < nitems(rt3593_def_rf); i++) {
5688 run_rt3070_rf_write(sc, rt3593_def_rf[i].reg,
5689 rt3593_def_rf[i].val);
5690 }
5691
5692 /* Toggle RF R2 to initiate calibration. */
5693 run_rt3070_rf_write(sc, 2, RT5390_RESCAL);
5694
5695 /* Initialize RF frequency offset. */
5696 run_adjust_freq_offset(sc);
5697
5698 run_rt3070_rf_read(sc, 18, &rf);
5699 run_rt3070_rf_write(sc, 18, rf | RT3593_AUTOTUNE_BYPASS);
5700
5701 /*
5702 * Increase voltage from 1.2V to 1.35V, wait for 1 msec to
5703 * decrease voltage back to 1.2V.
5704 */
5705 run_read(sc, RT3070_LDO_CFG0, &tmp);
5706 tmp = (tmp & ~0x1f000000) | 0x0d000000;
5707 run_write(sc, RT3070_LDO_CFG0, tmp);
5708 run_delay(sc, 1);
5709 tmp = (tmp & ~0x1f000000) | 0x01000000;
5710 run_write(sc, RT3070_LDO_CFG0, tmp);
5711
5712 sc->rf24_20mhz = 0x1f;
5713 sc->rf24_40mhz = 0x2f;
5714
5715 /* Save default BBP registers 25 and 26 values. */
5716 run_bbp_read(sc, 25, &sc->bbp25);
5717 run_bbp_read(sc, 26, &sc->bbp26);
5718
5719 run_read(sc, RT3070_OPT_14, &tmp);
5720 run_write(sc, RT3070_OPT_14, tmp | 1);
5721 }
5722
5723 static void
run_rt5390_rf_init(struct run_softc * sc)5724 run_rt5390_rf_init(struct run_softc *sc)
5725 {
5726 uint32_t tmp;
5727 uint8_t rf;
5728 u_int i;
5729
5730 /* Toggle RF R2 to initiate calibration. */
5731 if (sc->mac_ver == 0x5390) {
5732 run_rt3070_rf_read(sc, 2, &rf);
5733 run_rt3070_rf_write(sc, 2, rf | RT5390_RESCAL);
5734 run_delay(sc, 10);
5735 run_rt3070_rf_write(sc, 2, rf & ~RT5390_RESCAL);
5736 } else {
5737 run_rt3070_rf_write(sc, 2, RT5390_RESCAL);
5738 run_delay(sc, 10);
5739 }
5740
5741 /* Initialize RF registers to default value. */
5742 if (sc->mac_ver == 0x5592) {
5743 for (i = 0; i < nitems(rt5592_def_rf); i++) {
5744 run_rt3070_rf_write(sc, rt5592_def_rf[i].reg,
5745 rt5592_def_rf[i].val);
5746 }
5747 /* Initialize RF frequency offset. */
5748 run_adjust_freq_offset(sc);
5749 } else if (sc->mac_ver == 0x5392) {
5750 for (i = 0; i < nitems(rt5392_def_rf); i++) {
5751 run_rt3070_rf_write(sc, rt5392_def_rf[i].reg,
5752 rt5392_def_rf[i].val);
5753 }
5754 if (sc->mac_rev >= 0x0223) {
5755 run_rt3070_rf_write(sc, 23, 0x0f);
5756 run_rt3070_rf_write(sc, 24, 0x3e);
5757 run_rt3070_rf_write(sc, 51, 0x32);
5758 run_rt3070_rf_write(sc, 53, 0x22);
5759 run_rt3070_rf_write(sc, 56, 0xc1);
5760 run_rt3070_rf_write(sc, 59, 0x0f);
5761 }
5762 } else {
5763 for (i = 0; i < nitems(rt5390_def_rf); i++) {
5764 run_rt3070_rf_write(sc, rt5390_def_rf[i].reg,
5765 rt5390_def_rf[i].val);
5766 }
5767 if (sc->mac_rev >= 0x0502) {
5768 run_rt3070_rf_write(sc, 6, 0xe0);
5769 run_rt3070_rf_write(sc, 25, 0x80);
5770 run_rt3070_rf_write(sc, 46, 0x73);
5771 run_rt3070_rf_write(sc, 53, 0x00);
5772 run_rt3070_rf_write(sc, 56, 0x42);
5773 run_rt3070_rf_write(sc, 61, 0xd1);
5774 }
5775 }
5776
5777 sc->rf24_20mhz = 0x1f; /* default value */
5778 sc->rf24_40mhz = (sc->mac_ver == 0x5592) ? 0 : 0x2f;
5779
5780 if (sc->mac_rev < 0x0211)
5781 run_rt3070_rf_write(sc, 27, 0x3);
5782
5783 run_read(sc, RT3070_OPT_14, &tmp);
5784 run_write(sc, RT3070_OPT_14, tmp | 1);
5785 }
5786
5787 static int
run_rt3070_filter_calib(struct run_softc * sc,uint8_t init,uint8_t target,uint8_t * val)5788 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target,
5789 uint8_t *val)
5790 {
5791 uint8_t rf22, rf24;
5792 uint8_t bbp55_pb, bbp55_sb, delta;
5793 int ntries;
5794
5795 /* program filter */
5796 run_rt3070_rf_read(sc, 24, &rf24);
5797 rf24 = (rf24 & 0xc0) | init; /* initial filter value */
5798 run_rt3070_rf_write(sc, 24, rf24);
5799
5800 /* enable baseband loopback mode */
5801 run_rt3070_rf_read(sc, 22, &rf22);
5802 run_rt3070_rf_write(sc, 22, rf22 | 0x01);
5803
5804 /* set power and frequency of passband test tone */
5805 run_bbp_write(sc, 24, 0x00);
5806 for (ntries = 0; ntries < 100; ntries++) {
5807 /* transmit test tone */
5808 run_bbp_write(sc, 25, 0x90);
5809 run_delay(sc, 10);
5810 /* read received power */
5811 run_bbp_read(sc, 55, &bbp55_pb);
5812 if (bbp55_pb != 0)
5813 break;
5814 }
5815 if (ntries == 100)
5816 return (ETIMEDOUT);
5817
5818 /* set power and frequency of stopband test tone */
5819 run_bbp_write(sc, 24, 0x06);
5820 for (ntries = 0; ntries < 100; ntries++) {
5821 /* transmit test tone */
5822 run_bbp_write(sc, 25, 0x90);
5823 run_delay(sc, 10);
5824 /* read received power */
5825 run_bbp_read(sc, 55, &bbp55_sb);
5826
5827 delta = bbp55_pb - bbp55_sb;
5828 if (delta > target)
5829 break;
5830
5831 /* reprogram filter */
5832 rf24++;
5833 run_rt3070_rf_write(sc, 24, rf24);
5834 }
5835 if (ntries < 100) {
5836 if (rf24 != init)
5837 rf24--; /* backtrack */
5838 *val = rf24;
5839 run_rt3070_rf_write(sc, 24, rf24);
5840 }
5841
5842 /* restore initial state */
5843 run_bbp_write(sc, 24, 0x00);
5844
5845 /* disable baseband loopback mode */
5846 run_rt3070_rf_read(sc, 22, &rf22);
5847 run_rt3070_rf_write(sc, 22, rf22 & ~0x01);
5848
5849 return (0);
5850 }
5851
5852 static void
run_rt3070_rf_setup(struct run_softc * sc)5853 run_rt3070_rf_setup(struct run_softc *sc)
5854 {
5855 uint8_t bbp, rf;
5856 int i;
5857
5858 if (sc->mac_ver == 0x3572) {
5859 /* enable DC filter */
5860 if (sc->mac_rev >= 0x0201)
5861 run_bbp_write(sc, 103, 0xc0);
5862
5863 run_bbp_read(sc, 138, &bbp);
5864 if (sc->ntxchains == 1)
5865 bbp |= 0x20; /* turn off DAC1 */
5866 if (sc->nrxchains == 1)
5867 bbp &= ~0x02; /* turn off ADC1 */
5868 run_bbp_write(sc, 138, bbp);
5869
5870 if (sc->mac_rev >= 0x0211) {
5871 /* improve power consumption */
5872 run_bbp_read(sc, 31, &bbp);
5873 run_bbp_write(sc, 31, bbp & ~0x03);
5874 }
5875
5876 run_rt3070_rf_read(sc, 16, &rf);
5877 rf = (rf & ~0x07) | sc->txmixgain_2ghz;
5878 run_rt3070_rf_write(sc, 16, rf);
5879
5880 } else if (sc->mac_ver == 0x3071) {
5881 if (sc->mac_rev >= 0x0211) {
5882 /* enable DC filter */
5883 run_bbp_write(sc, 103, 0xc0);
5884
5885 /* improve power consumption */
5886 run_bbp_read(sc, 31, &bbp);
5887 run_bbp_write(sc, 31, bbp & ~0x03);
5888 }
5889
5890 run_bbp_read(sc, 138, &bbp);
5891 if (sc->ntxchains == 1)
5892 bbp |= 0x20; /* turn off DAC1 */
5893 if (sc->nrxchains == 1)
5894 bbp &= ~0x02; /* turn off ADC1 */
5895 run_bbp_write(sc, 138, bbp);
5896
5897 run_write(sc, RT2860_TX_SW_CFG1, 0);
5898 if (sc->mac_rev < 0x0211) {
5899 run_write(sc, RT2860_TX_SW_CFG2,
5900 sc->patch_dac ? 0x2c : 0x0f);
5901 } else
5902 run_write(sc, RT2860_TX_SW_CFG2, 0);
5903
5904 } else if (sc->mac_ver == 0x3070) {
5905 if (sc->mac_rev >= 0x0201) {
5906 /* enable DC filter */
5907 run_bbp_write(sc, 103, 0xc0);
5908
5909 /* improve power consumption */
5910 run_bbp_read(sc, 31, &bbp);
5911 run_bbp_write(sc, 31, bbp & ~0x03);
5912 }
5913
5914 if (sc->mac_rev < 0x0201) {
5915 run_write(sc, RT2860_TX_SW_CFG1, 0);
5916 run_write(sc, RT2860_TX_SW_CFG2, 0x2c);
5917 } else
5918 run_write(sc, RT2860_TX_SW_CFG2, 0);
5919 }
5920
5921 /* initialize RF registers from ROM for >=RT3071*/
5922 if (sc->mac_ver >= 0x3071) {
5923 for (i = 0; i < 10; i++) {
5924 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff)
5925 continue;
5926 run_rt3070_rf_write(sc, sc->rf[i].reg, sc->rf[i].val);
5927 }
5928 }
5929 }
5930
5931 static void
run_rt3593_rf_setup(struct run_softc * sc)5932 run_rt3593_rf_setup(struct run_softc *sc)
5933 {
5934 uint8_t bbp, rf;
5935
5936 if (sc->mac_rev >= 0x0211) {
5937 /* Enable DC filter. */
5938 run_bbp_write(sc, 103, 0xc0);
5939 }
5940 run_write(sc, RT2860_TX_SW_CFG1, 0);
5941 if (sc->mac_rev < 0x0211) {
5942 run_write(sc, RT2860_TX_SW_CFG2,
5943 sc->patch_dac ? 0x2c : 0x0f);
5944 } else
5945 run_write(sc, RT2860_TX_SW_CFG2, 0);
5946
5947 run_rt3070_rf_read(sc, 50, &rf);
5948 run_rt3070_rf_write(sc, 50, rf & ~RT3593_TX_LO2);
5949
5950 run_rt3070_rf_read(sc, 51, &rf);
5951 rf = (rf & ~(RT3593_TX_LO1 | 0x0c)) |
5952 ((sc->txmixgain_2ghz & 0x07) << 2);
5953 run_rt3070_rf_write(sc, 51, rf);
5954
5955 run_rt3070_rf_read(sc, 38, &rf);
5956 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1);
5957
5958 run_rt3070_rf_read(sc, 39, &rf);
5959 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2);
5960
5961 run_rt3070_rf_read(sc, 1, &rf);
5962 run_rt3070_rf_write(sc, 1, rf & ~(RT3070_RF_BLOCK | RT3070_PLL_PD));
5963
5964 run_rt3070_rf_read(sc, 30, &rf);
5965 rf = (rf & ~0x18) | 0x10;
5966 run_rt3070_rf_write(sc, 30, rf);
5967
5968 /* Apply maximum likelihood detection for 2 stream case. */
5969 run_bbp_read(sc, 105, &bbp);
5970 if (sc->nrxchains > 1)
5971 run_bbp_write(sc, 105, bbp | RT5390_MLD);
5972
5973 /* Avoid data lost and CRC error. */
5974 run_bbp_read(sc, 4, &bbp);
5975 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
5976
5977 run_bbp_write(sc, 92, 0x02);
5978 run_bbp_write(sc, 82, 0x82);
5979 run_bbp_write(sc, 106, 0x05);
5980 run_bbp_write(sc, 104, 0x92);
5981 run_bbp_write(sc, 88, 0x90);
5982 run_bbp_write(sc, 148, 0xc8);
5983 run_bbp_write(sc, 47, 0x48);
5984 run_bbp_write(sc, 120, 0x50);
5985
5986 run_bbp_write(sc, 163, 0x9d);
5987
5988 /* SNR mapping. */
5989 run_bbp_write(sc, 142, 0x06);
5990 run_bbp_write(sc, 143, 0xa0);
5991 run_bbp_write(sc, 142, 0x07);
5992 run_bbp_write(sc, 143, 0xa1);
5993 run_bbp_write(sc, 142, 0x08);
5994 run_bbp_write(sc, 143, 0xa2);
5995
5996 run_bbp_write(sc, 31, 0x08);
5997 run_bbp_write(sc, 68, 0x0b);
5998 run_bbp_write(sc, 105, 0x04);
5999 }
6000
6001 static void
run_rt5390_rf_setup(struct run_softc * sc)6002 run_rt5390_rf_setup(struct run_softc *sc)
6003 {
6004 uint8_t bbp, rf;
6005
6006 if (sc->mac_rev >= 0x0211) {
6007 /* Enable DC filter. */
6008 run_bbp_write(sc, 103, 0xc0);
6009
6010 if (sc->mac_ver != 0x5592) {
6011 /* Improve power consumption. */
6012 run_bbp_read(sc, 31, &bbp);
6013 run_bbp_write(sc, 31, bbp & ~0x03);
6014 }
6015 }
6016
6017 run_bbp_read(sc, 138, &bbp);
6018 if (sc->ntxchains == 1)
6019 bbp |= 0x20; /* turn off DAC1 */
6020 if (sc->nrxchains == 1)
6021 bbp &= ~0x02; /* turn off ADC1 */
6022 run_bbp_write(sc, 138, bbp);
6023
6024 run_rt3070_rf_read(sc, 38, &rf);
6025 run_rt3070_rf_write(sc, 38, rf & ~RT5390_RX_LO1);
6026
6027 run_rt3070_rf_read(sc, 39, &rf);
6028 run_rt3070_rf_write(sc, 39, rf & ~RT5390_RX_LO2);
6029
6030 /* Avoid data lost and CRC error. */
6031 run_bbp_read(sc, 4, &bbp);
6032 run_bbp_write(sc, 4, bbp | RT5390_MAC_IF_CTRL);
6033
6034 run_rt3070_rf_read(sc, 30, &rf);
6035 rf = (rf & ~0x18) | 0x10;
6036 run_rt3070_rf_write(sc, 30, rf);
6037
6038 if (sc->mac_ver != 0x5592) {
6039 run_write(sc, RT2860_TX_SW_CFG1, 0);
6040 if (sc->mac_rev < 0x0211) {
6041 run_write(sc, RT2860_TX_SW_CFG2,
6042 sc->patch_dac ? 0x2c : 0x0f);
6043 } else
6044 run_write(sc, RT2860_TX_SW_CFG2, 0);
6045 }
6046 }
6047
6048 static int
run_txrx_enable(struct run_softc * sc)6049 run_txrx_enable(struct run_softc *sc)
6050 {
6051 struct ieee80211com *ic = &sc->sc_ic;
6052 uint32_t tmp;
6053 int error, ntries;
6054
6055 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN);
6056 for (ntries = 0; ntries < 200; ntries++) {
6057 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0)
6058 return (error);
6059 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
6060 break;
6061 run_delay(sc, 50);
6062 }
6063 if (ntries == 200)
6064 return (ETIMEDOUT);
6065
6066 run_delay(sc, 50);
6067
6068 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE;
6069 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
6070
6071 /* enable Rx bulk aggregation (set timeout and limit) */
6072 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN |
6073 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2);
6074 run_write(sc, RT2860_USB_DMA_CFG, tmp);
6075
6076 /* set Rx filter */
6077 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR;
6078 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
6079 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL |
6080 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK |
6081 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV |
6082 RT2860_DROP_CFACK | RT2860_DROP_CFEND;
6083 if (ic->ic_opmode == IEEE80211_M_STA)
6084 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL;
6085 }
6086 run_write(sc, RT2860_RX_FILTR_CFG, tmp);
6087
6088 run_write(sc, RT2860_MAC_SYS_CTRL,
6089 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
6090
6091 return (0);
6092 }
6093
6094 static void
run_adjust_freq_offset(struct run_softc * sc)6095 run_adjust_freq_offset(struct run_softc *sc)
6096 {
6097 uint8_t rf, tmp;
6098
6099 run_rt3070_rf_read(sc, 17, &rf);
6100 tmp = rf;
6101 rf = (rf & ~0x7f) | (sc->freq & 0x7f);
6102 rf = MIN(rf, 0x5f);
6103
6104 if (tmp != rf)
6105 run_mcu_cmd(sc, 0x74, (tmp << 8 ) | rf);
6106 }
6107
6108 static void
run_init_locked(struct run_softc * sc)6109 run_init_locked(struct run_softc *sc)
6110 {
6111 struct ieee80211com *ic = &sc->sc_ic;
6112 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
6113 uint32_t tmp;
6114 uint8_t bbp1, bbp3;
6115 int i;
6116 int ridx;
6117 int ntries;
6118
6119 if (ic->ic_nrunning > 1)
6120 return;
6121
6122 run_stop(sc);
6123
6124 if (run_load_microcode(sc) != 0) {
6125 device_printf(sc->sc_dev, "could not load 8051 microcode\n");
6126 goto fail;
6127 }
6128
6129 for (ntries = 0; ntries < 100; ntries++) {
6130 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0)
6131 goto fail;
6132 if (tmp != 0 && tmp != 0xffffffff)
6133 break;
6134 run_delay(sc, 10);
6135 }
6136 if (ntries == 100)
6137 goto fail;
6138
6139 for (i = 0; i != RUN_EP_QUEUES; i++)
6140 run_setup_tx_list(sc, &sc->sc_epq[i]);
6141
6142 run_set_macaddr(sc, vap ? vap->iv_myaddr : ic->ic_macaddr);
6143
6144 for (ntries = 0; ntries < 100; ntries++) {
6145 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0)
6146 goto fail;
6147 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
6148 break;
6149 run_delay(sc, 10);
6150 }
6151 if (ntries == 100) {
6152 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n");
6153 goto fail;
6154 }
6155 tmp &= 0xff0;
6156 tmp |= RT2860_TX_WB_DDONE;
6157 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
6158
6159 /* turn off PME_OEN to solve high-current issue */
6160 run_read(sc, RT2860_SYS_CTRL, &tmp);
6161 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN);
6162
6163 run_write(sc, RT2860_MAC_SYS_CTRL,
6164 RT2860_BBP_HRST | RT2860_MAC_SRST);
6165 run_write(sc, RT2860_USB_DMA_CFG, 0);
6166
6167 if (run_reset(sc) != 0) {
6168 device_printf(sc->sc_dev, "could not reset chipset\n");
6169 goto fail;
6170 }
6171
6172 run_write(sc, RT2860_MAC_SYS_CTRL, 0);
6173
6174 /* init Tx power for all Tx rates (from EEPROM) */
6175 for (ridx = 0; ridx < 5; ridx++) {
6176 if (sc->txpow20mhz[ridx] == 0xffffffff)
6177 continue;
6178 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]);
6179 }
6180
6181 for (i = 0; i < nitems(rt2870_def_mac); i++)
6182 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val);
6183 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273);
6184 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344);
6185 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa);
6186
6187 if (sc->mac_ver >= 0x5390) {
6188 run_write(sc, RT2860_TX_SW_CFG0,
6189 4 << RT2860_DLY_PAPE_EN_SHIFT | 4);
6190 if (sc->mac_ver >= 0x5392) {
6191 run_write(sc, RT2860_MAX_LEN_CFG, 0x00002fff);
6192 if (sc->mac_ver == 0x5592) {
6193 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcba980);
6194 run_write(sc, RT2860_TXOP_HLDR_ET, 0x00000082);
6195 } else {
6196 run_write(sc, RT2860_HT_FBK_CFG1, 0xedcb4980);
6197 run_write(sc, RT2860_LG_FBK_CFG0, 0xedcba322);
6198 }
6199 }
6200 } else if (sc->mac_ver == 0x3593) {
6201 run_write(sc, RT2860_TX_SW_CFG0,
6202 4 << RT2860_DLY_PAPE_EN_SHIFT | 2);
6203 } else if (sc->mac_ver >= 0x3070) {
6204 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */
6205 run_write(sc, RT2860_TX_SW_CFG0,
6206 4 << RT2860_DLY_PAPE_EN_SHIFT);
6207 }
6208
6209 /* wait while MAC is busy */
6210 for (ntries = 0; ntries < 100; ntries++) {
6211 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0)
6212 goto fail;
6213 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY)))
6214 break;
6215 run_delay(sc, 10);
6216 }
6217 if (ntries == 100)
6218 goto fail;
6219
6220 /* clear Host to MCU mailbox */
6221 run_write(sc, RT2860_H2M_BBPAGENT, 0);
6222 run_write(sc, RT2860_H2M_MAILBOX, 0);
6223 run_delay(sc, 10);
6224
6225 if (run_bbp_init(sc) != 0) {
6226 device_printf(sc->sc_dev, "could not initialize BBP\n");
6227 goto fail;
6228 }
6229
6230 /* abort TSF synchronization */
6231 run_disable_tsf(sc);
6232
6233 /* clear RX WCID search table */
6234 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512);
6235 /* clear WCID attribute table */
6236 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32);
6237
6238 /* hostapd sets a key before init. So, don't clear it. */
6239 if (sc->cmdq_key_set != RUN_CMDQ_GO) {
6240 /* clear shared key table */
6241 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32);
6242 /* clear shared key mode */
6243 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4);
6244 }
6245
6246 run_read(sc, RT2860_US_CYC_CNT, &tmp);
6247 tmp = (tmp & ~0xff) | 0x1e;
6248 run_write(sc, RT2860_US_CYC_CNT, tmp);
6249
6250 if (sc->mac_rev != 0x0101)
6251 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f);
6252
6253 run_write(sc, RT2860_WMM_TXOP0_CFG, 0);
6254 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96);
6255
6256 /* write vendor-specific BBP values (from EEPROM) */
6257 if (sc->mac_ver < 0x3593) {
6258 for (i = 0; i < 10; i++) {
6259 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff)
6260 continue;
6261 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val);
6262 }
6263 }
6264
6265 /* select Main antenna for 1T1R devices */
6266 if (sc->rf_rev == RT3070_RF_3020 || sc->rf_rev == RT5390_RF_5370)
6267 run_set_rx_antenna(sc, 0);
6268
6269 /* send LEDs operating mode to microcontroller */
6270 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]);
6271 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]);
6272 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]);
6273
6274 if (sc->mac_ver >= 0x5390)
6275 run_rt5390_rf_init(sc);
6276 else if (sc->mac_ver == 0x3593)
6277 run_rt3593_rf_init(sc);
6278 else if (sc->mac_ver >= 0x3070)
6279 run_rt3070_rf_init(sc);
6280
6281 /* disable non-existing Rx chains */
6282 run_bbp_read(sc, 3, &bbp3);
6283 bbp3 &= ~(1 << 3 | 1 << 4);
6284 if (sc->nrxchains == 2)
6285 bbp3 |= 1 << 3;
6286 else if (sc->nrxchains == 3)
6287 bbp3 |= 1 << 4;
6288 run_bbp_write(sc, 3, bbp3);
6289
6290 /* disable non-existing Tx chains */
6291 run_bbp_read(sc, 1, &bbp1);
6292 if (sc->ntxchains == 1)
6293 bbp1 &= ~(1 << 3 | 1 << 4);
6294 run_bbp_write(sc, 1, bbp1);
6295
6296 if (sc->mac_ver >= 0x5390)
6297 run_rt5390_rf_setup(sc);
6298 else if (sc->mac_ver == 0x3593)
6299 run_rt3593_rf_setup(sc);
6300 else if (sc->mac_ver >= 0x3070)
6301 run_rt3070_rf_setup(sc);
6302
6303 /* select default channel */
6304 run_set_chan(sc, ic->ic_curchan);
6305
6306 /* setup initial protection mode */
6307 run_updateprot_cb(ic);
6308
6309 /* turn radio LED on */
6310 run_set_leds(sc, RT2860_LED_RADIO);
6311
6312 /* Set up AUTO_RSP_CFG register for auto response */
6313 run_write(sc, RT2860_AUTO_RSP_CFG, RT2860_AUTO_RSP_EN |
6314 RT2860_BAC_ACKPOLICY_EN | RT2860_CTS_40M_MODE_EN);
6315
6316 sc->sc_flags |= RUN_RUNNING;
6317 sc->cmdq_run = RUN_CMDQ_GO;
6318
6319 for (i = 0; i != RUN_N_XFER; i++)
6320 usbd_xfer_set_stall(sc->sc_xfer[i]);
6321
6322 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]);
6323
6324 if (run_txrx_enable(sc) != 0)
6325 goto fail;
6326
6327 return;
6328
6329 fail:
6330 run_stop(sc);
6331 }
6332
6333 static void
run_stop(void * arg)6334 run_stop(void *arg)
6335 {
6336 struct run_softc *sc = (struct run_softc *)arg;
6337 uint32_t tmp;
6338 int i;
6339 int ntries;
6340
6341 RUN_LOCK_ASSERT(sc, MA_OWNED);
6342
6343 if (sc->sc_flags & RUN_RUNNING)
6344 run_set_leds(sc, 0); /* turn all LEDs off */
6345
6346 sc->sc_flags &= ~RUN_RUNNING;
6347
6348 sc->ratectl_run = RUN_RATECTL_OFF;
6349 sc->cmdq_run = sc->cmdq_key_set;
6350
6351 RUN_UNLOCK(sc);
6352
6353 for(i = 0; i < RUN_N_XFER; i++)
6354 usbd_transfer_drain(sc->sc_xfer[i]);
6355
6356 RUN_LOCK(sc);
6357
6358 run_drain_mbufq(sc);
6359
6360 if (sc->rx_m != NULL) {
6361 m_free(sc->rx_m);
6362 sc->rx_m = NULL;
6363 }
6364
6365 /* Disable Tx/Rx DMA. */
6366 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0)
6367 return;
6368 tmp &= ~(RT2860_RX_DMA_EN | RT2860_TX_DMA_EN);
6369 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
6370
6371 for (ntries = 0; ntries < 100; ntries++) {
6372 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0)
6373 return;
6374 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
6375 break;
6376 run_delay(sc, 10);
6377 }
6378 if (ntries == 100) {
6379 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n");
6380 return;
6381 }
6382
6383 /* disable Tx/Rx */
6384 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp);
6385 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
6386 run_write(sc, RT2860_MAC_SYS_CTRL, tmp);
6387
6388 /* wait for pending Tx to complete */
6389 for (ntries = 0; ntries < 100; ntries++) {
6390 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0) {
6391 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_RESET,
6392 "Cannot read Tx queue count\n");
6393 break;
6394 }
6395 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0) {
6396 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_RESET,
6397 "All Tx cleared\n");
6398 break;
6399 }
6400 run_delay(sc, 10);
6401 }
6402 if (ntries >= 100)
6403 RUN_DPRINTF(sc, RUN_DEBUG_XMIT | RUN_DEBUG_RESET,
6404 "There are still pending Tx\n");
6405 run_delay(sc, 10);
6406 run_write(sc, RT2860_USB_DMA_CFG, 0);
6407
6408 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST);
6409 run_write(sc, RT2860_MAC_SYS_CTRL, 0);
6410
6411 for (i = 0; i != RUN_EP_QUEUES; i++)
6412 run_unsetup_tx_list(sc, &sc->sc_epq[i]);
6413 }
6414
6415 static void
run_delay(struct run_softc * sc,u_int ms)6416 run_delay(struct run_softc *sc, u_int ms)
6417 {
6418 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ?
6419 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms));
6420 }
6421
6422 static void
run_update_chw(struct ieee80211com * ic)6423 run_update_chw(struct ieee80211com *ic)
6424 {
6425
6426 printf("%s: TODO\n", __func__);
6427 }
6428
6429 static int
run_ampdu_enable(struct ieee80211_node * ni,struct ieee80211_tx_ampdu * tap)6430 run_ampdu_enable(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap)
6431 {
6432
6433 /* For now, no A-MPDU TX support in the driver */
6434 /*
6435 * TODO: maybe we needed to enable seqno generation too?
6436 * What other TX desc bits are missing/needed?
6437 */
6438 return (0);
6439 }
6440
6441 static device_method_t run_methods[] = {
6442 /* Device interface */
6443 DEVMETHOD(device_probe, run_match),
6444 DEVMETHOD(device_attach, run_attach),
6445 DEVMETHOD(device_detach, run_detach),
6446 DEVMETHOD_END
6447 };
6448
6449 static driver_t run_driver = {
6450 .name = "run",
6451 .methods = run_methods,
6452 .size = sizeof(struct run_softc)
6453 };
6454
6455 DRIVER_MODULE(run, uhub, run_driver, run_driver_loaded, NULL);
6456 MODULE_DEPEND(run, wlan, 1, 1, 1);
6457 MODULE_DEPEND(run, usb, 1, 1, 1);
6458 MODULE_DEPEND(run, firmware, 1, 1, 1);
6459 MODULE_VERSION(run, 1);
6460 USB_PNP_HOST_INFO(run_devs);
6461