sys/dev/rtwn/if_rtwn.c

   1 /*      $OpenBSD: if_urtwn.c,v 1.16 2011/02/10 17:26:40 jakemsr Exp $   */
   2
   3 /*-
   4  * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr>
   5  * Copyright (c) 2014 Kevin Lo <kevlo@FreeBSD.org>
   6  * Copyright (c) 2015-2016 Andriy Voskoboinyk <avos@FreeBSD.org>
   7  *
   8  * Permission to use, copy, modify, and distribute this software for any
   9  * purpose with or without fee is hereby granted, provided that the above
  10  * copyright notice and this permission notice appear in all copies.
  11  *
  12  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  13  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  14  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  15  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  16  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  17  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  18  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  19  */
  20
  21 #include <sys/cdefs.h>
  22 __FBSDID("$FreeBSD$");
  23
  24 /*
  25  * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188EU/RTL8188RU/RTL8192CU/RTL8812AU/RTL8821AU.
  26  */
  27 #include "opt_wlan.h"
  28
  29 #include <sys/param.h>
  30 #include <sys/sockio.h>
  31 #include <sys/sysctl.h>
  32 #include <sys/lock.h>
  33 #include <sys/mutex.h>
  34 #include <sys/mbuf.h>
  35 #include <sys/kernel.h>
  36 #include <sys/socket.h>
  37 #include <sys/systm.h>
  38 #include <sys/malloc.h>
  39 #include <sys/module.h>
  40 #include <sys/bus.h>
  41 #include <sys/endian.h>
  42 #include <sys/linker.h>
  43 #include <sys/firmware.h>
  44 #include <sys/kdb.h>
  45
  46 #include <net/bpf.h>
  47 #include <net/if.h>
  48 #include <net/if_var.h>
  49 #include <net/if_arp.h>
  50 #include <net/ethernet.h>
  51 #include <net/if_dl.h>
  52 #include <net/if_media.h>
  53 #include <net/if_types.h>
  54
  55 #include <netinet/in.h>
  56 #include <netinet/in_systm.h>
  57 #include <netinet/in_var.h>
  58 #include <netinet/if_ether.h>
  59 #include <netinet/ip.h>
  60
  61 #include <net80211/ieee80211_var.h>
  62 #include <net80211/ieee80211_regdomain.h>
  63 #include <net80211/ieee80211_radiotap.h>
  64 #include <net80211/ieee80211_ratectl.h>
  65
  66 #include <dev/rtwn/if_rtwnreg.h>
  67 #include <dev/rtwn/if_rtwnvar.h>
  68
  69 #include <dev/rtwn/if_rtwn_beacon.h>
  70 #include <dev/rtwn/if_rtwn_calib.h>
  71 #include <dev/rtwn/if_rtwn_cam.h>
  72 #include <dev/rtwn/if_rtwn_debug.h>
  73 #include <dev/rtwn/if_rtwn_efuse.h>
  74 #include <dev/rtwn/if_rtwn_fw.h>
  75 #include <dev/rtwn/if_rtwn_ridx.h>
  76 #include <dev/rtwn/if_rtwn_rx.h>
  77 #include <dev/rtwn/if_rtwn_task.h>
  78 #include <dev/rtwn/if_rtwn_tx.h>
  79
  80 #include <dev/rtwn/rtl8192c/r92c_reg.h>
  81
  82
  83 static void             rtwn_radiotap_attach(struct rtwn_softc *);
  84 static void             rtwn_vap_decrement_counters(struct rtwn_softc *,
  85                             enum ieee80211_opmode, int);
  86 static void             rtwn_set_ic_opmode(struct rtwn_softc *);
  87 static struct ieee80211vap *rtwn_vap_create(struct ieee80211com *,
  88                             const char [IFNAMSIZ], int, enum ieee80211_opmode,
  89                             int, const uint8_t [IEEE80211_ADDR_LEN],
  90                             const uint8_t [IEEE80211_ADDR_LEN]);
  91 static void             rtwn_vap_delete(struct ieee80211vap *);
  92 static int              rtwn_read_chipid(struct rtwn_softc *);
  93 static int              rtwn_ioctl_reset(struct ieee80211vap *, u_long);
  94 static void             rtwn_set_media_status(struct rtwn_softc *,
  95                             union sec_param *);
  96 #ifndef RTWN_WITHOUT_UCODE
  97 static int              rtwn_tx_fwpkt_check(struct rtwn_softc *,
  98                             struct ieee80211vap *);
  99 static int              rtwn_construct_nulldata(struct rtwn_softc *,
 100                             struct ieee80211vap *, uint8_t *, int);
 101 static int              rtwn_push_nulldata(struct rtwn_softc *,
 102                             struct ieee80211vap *);
 103 static void             rtwn_pwrmode_init(void *);
 104 static void             rtwn_set_pwrmode_cb(struct rtwn_softc *,
 105                             union sec_param *);
 106 #endif
 107 static void             rtwn_tsf_sync_adhoc(void *);
 108 static void             rtwn_tsf_sync_adhoc_task(void *, int);
 109 static void             rtwn_tsf_sync_enable(struct rtwn_softc *,
 110                             struct ieee80211vap *);
 111 static void             rtwn_set_ack_preamble(struct rtwn_softc *);
 112 static void             rtwn_set_mode(struct rtwn_softc *, uint8_t, int);
 113 static int              rtwn_monitor_newstate(struct ieee80211vap *,
 114                             enum ieee80211_state, int);
 115 static int              rtwn_newstate(struct ieee80211vap *,
 116                             enum ieee80211_state, int);
 117 static void             rtwn_calc_basicrates(struct rtwn_softc *);
 118 static int              rtwn_run(struct rtwn_softc *,
 119                             struct ieee80211vap *);
 120 #ifndef D4054
 121 static void             rtwn_watchdog(void *);
 122 #endif
 123 static void             rtwn_parent(struct ieee80211com *);
 124 static int              rtwn_dma_init(struct rtwn_softc *);
 125 static int              rtwn_mac_init(struct rtwn_softc *);
 126 static void             rtwn_mrr_init(struct rtwn_softc *);
 127 static void             rtwn_scan_start(struct ieee80211com *);
 128 static void             rtwn_scan_curchan(struct ieee80211_scan_state *,
 129                             unsigned long);
 130 static void             rtwn_scan_end(struct ieee80211com *);
 131 static void             rtwn_getradiocaps(struct ieee80211com *, int, int *,
 132                             struct ieee80211_channel[]);
 133 static void             rtwn_update_chw(struct ieee80211com *);
 134 static void             rtwn_set_channel(struct ieee80211com *);
 135 static int              rtwn_wme_update(struct ieee80211com *);
 136 static void             rtwn_update_slot(struct ieee80211com *);
 137 static void             rtwn_update_slot_cb(struct rtwn_softc *,
 138                             union sec_param *);
 139 static void             rtwn_update_aifs(struct rtwn_softc *, uint8_t);
 140 static void             rtwn_update_promisc(struct ieee80211com *);
 141 static void             rtwn_update_mcast(struct ieee80211com *);
 142 static int              rtwn_set_bssid(struct rtwn_softc *,
 143                             const uint8_t *, int);
 144 static int              rtwn_set_macaddr(struct rtwn_softc *,
 145                             const uint8_t *, int);
 146 static struct ieee80211_node *rtwn_node_alloc(struct ieee80211vap *,
 147                             const uint8_t mac[IEEE80211_ADDR_LEN]);
 148 static void             rtwn_newassoc(struct ieee80211_node *, int);
 149 static void             rtwn_node_free(struct ieee80211_node *);
 150 static void             rtwn_init_beacon_reg(struct rtwn_softc *);
 151 static int              rtwn_init(struct rtwn_softc *);
 152 static void             rtwn_stop(struct rtwn_softc *);
 153
 154 MALLOC_DEFINE(M_RTWN_PRIV, "rtwn_priv", "rtwn driver private state");
 155
 156 static const uint16_t wme2reg[] =
 157         { R92C_EDCA_BE_PARAM, R92C_EDCA_BK_PARAM,
 158           R92C_EDCA_VI_PARAM, R92C_EDCA_VO_PARAM };
 159
 160 int
 161 rtwn_attach(struct rtwn_softc *sc)
 162 {
 163         struct ieee80211com *ic = &sc->sc_ic;
 164         int error;
 165
 166         sc->cur_bcnq_id = RTWN_VAP_ID_INVALID;
 167
 168         RTWN_NT_LOCK_INIT(sc);
 169         rtwn_cmdq_init(sc);
 170 #ifndef D4054
 171         callout_init_mtx(&sc->sc_watchdog_to, &sc->sc_mtx, 0);
 172 #endif
 173         callout_init(&sc->sc_calib_to, 0);
 174         callout_init(&sc->sc_pwrmode_init, 0);
 175         mbufq_init(&sc->sc_snd, ifqmaxlen);
 176
 177         RTWN_LOCK(sc);
 178         error = rtwn_read_chipid(sc);
 179         RTWN_UNLOCK(sc);
 180         if (error != 0) {
 181                 device_printf(sc->sc_dev, "unsupported test chip\n");
 182                 goto detach;
 183         }
 184
 185         error = rtwn_read_rom(sc);
 186         if (error != 0) {
 187                 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n",
 188                     __func__, error);
 189                 goto detach;
 190         }
 191
 192         if (sc->macid_limit > RTWN_MACID_LIMIT) {
 193                 device_printf(sc->sc_dev,
 194                     "macid limit will be reduced from %d to %d\n",
 195                     sc->macid_limit, RTWN_MACID_LIMIT);
 196                 sc->macid_limit = RTWN_MACID_LIMIT;
 197         }
 198         if (sc->cam_entry_limit > RTWN_CAM_ENTRY_LIMIT) {
 199                 device_printf(sc->sc_dev,
 200                     "cam entry limit will be reduced from %d to %d\n",
 201                     sc->cam_entry_limit, RTWN_CAM_ENTRY_LIMIT);
 202                 sc->cam_entry_limit = RTWN_CAM_ENTRY_LIMIT;
 203         }
 204         if (sc->txdesc_len > RTWN_TX_DESC_SIZE) {
 205                 device_printf(sc->sc_dev,
 206                     "adjust size for Tx descriptor (current %d, needed %d)\n",
 207                     RTWN_TX_DESC_SIZE, sc->txdesc_len);
 208                 goto detach;
 209         }
 210
 211         device_printf(sc->sc_dev, "MAC/BB %s, RF 6052 %dT%dR\n",
 212             sc->name, sc->ntxchains, sc->nrxchains);
 213
 214         ic->ic_softc = sc;
 215         ic->ic_phytype = IEEE80211_T_OFDM;      /* not only, but not used */
 216         ic->ic_opmode = IEEE80211_M_STA;        /* default to BSS mode */
 217
 218         /* set device capabilities */
 219         ic->ic_caps =
 220                   IEEE80211_C_STA               /* station mode */
 221                 | IEEE80211_C_MONITOR           /* monitor mode */
 222                 | IEEE80211_C_IBSS              /* adhoc mode */
 223                 | IEEE80211_C_HOSTAP            /* hostap mode */
 224 #if 0   /* TODO: HRPWM register setup */
 225 #ifndef RTWN_WITHOUT_UCODE
 226                 | IEEE80211_C_PMGT              /* Station-side power mgmt */
 227 #endif
 228 #endif
 229                 | IEEE80211_C_SHPREAMBLE        /* short preamble supported */
 230                 | IEEE80211_C_SHSLOT            /* short slot time supported */
 231 #if 0
 232                 | IEEE80211_C_BGSCAN            /* capable of bg scanning */
 233 #endif
 234                 | IEEE80211_C_WPA               /* 802.11i */
 235                 | IEEE80211_C_WME               /* 802.11e */
 236                 | IEEE80211_C_SWAMSDUTX         /* Do software A-MSDU TX */
 237                 | IEEE80211_C_FF                /* Atheros fast-frames */
 238                 ;
 239
 240         if (sc->sc_hwcrypto != RTWN_CRYPTO_SW) {
 241                 ic->ic_cryptocaps =
 242                     IEEE80211_CRYPTO_WEP |
 243                     IEEE80211_CRYPTO_TKIP |
 244                     IEEE80211_CRYPTO_AES_CCM;
 245         }
 246
 247         ic->ic_htcaps =
 248               IEEE80211_HTCAP_SHORTGI20         /* short GI in 20MHz */
 249             | IEEE80211_HTCAP_MAXAMSDU_3839     /* max A-MSDU length */
 250             | IEEE80211_HTCAP_SMPS_OFF          /* SM PS mode disabled */
 251             /* s/w capabilities */
 252             | IEEE80211_HTC_HT                  /* HT operation */
 253             | IEEE80211_HTC_AMPDU               /* A-MPDU tx */
 254             | IEEE80211_HTC_AMSDU               /* A-MSDU tx */
 255             ;
 256
 257         if (sc->sc_ht40) {
 258                 ic->ic_htcaps |=
 259                       IEEE80211_HTCAP_CHWIDTH40 /* 40 MHz channel width */
 260                     | IEEE80211_HTCAP_SHORTGI40 /* short GI in 40MHz */
 261                     ;
 262         }
 263
 264         ic->ic_txstream = sc->ntxchains;
 265         ic->ic_rxstream = sc->nrxchains;
 266
 267         /* Enable TX watchdog */
 268 #ifdef D4054
 269         ic->ic_flags_ext |= IEEE80211_FEXT_WATCHDOG;
 270 #endif
 271
 272         /* Adjust capabilities. */
 273         rtwn_adj_devcaps(sc);
 274
 275         rtwn_getradiocaps(ic, IEEE80211_CHAN_MAX, &ic->ic_nchans,
 276             ic->ic_channels);
 277
 278         /* XXX TODO: setup regdomain if R92C_CHANNEL_PLAN_BY_HW bit is set. */
 279
 280         ieee80211_ifattach(ic);
 281         ic->ic_raw_xmit = rtwn_raw_xmit;
 282         ic->ic_scan_start = rtwn_scan_start;
 283         sc->sc_scan_curchan = ic->ic_scan_curchan;
 284         ic->ic_scan_curchan = rtwn_scan_curchan;
 285         ic->ic_scan_end = rtwn_scan_end;
 286         ic->ic_getradiocaps = rtwn_getradiocaps;
 287         ic->ic_update_chw = rtwn_update_chw;
 288         ic->ic_set_channel = rtwn_set_channel;
 289         ic->ic_transmit = rtwn_transmit;
 290         ic->ic_parent = rtwn_parent;
 291         ic->ic_vap_create = rtwn_vap_create;
 292         ic->ic_vap_delete = rtwn_vap_delete;
 293         ic->ic_wme.wme_update = rtwn_wme_update;
 294         ic->ic_updateslot = rtwn_update_slot;
 295         ic->ic_update_promisc = rtwn_update_promisc;
 296         ic->ic_update_mcast = rtwn_update_mcast;
 297         ic->ic_node_alloc = rtwn_node_alloc;
 298         ic->ic_newassoc = rtwn_newassoc;
 299         sc->sc_node_free = ic->ic_node_free;
 300         ic->ic_node_free = rtwn_node_free;
 301
 302         rtwn_postattach(sc);
 303         rtwn_radiotap_attach(sc);
 304
 305         if (bootverbose)
 306                 ieee80211_announce(ic);
 307
 308         return (0);
 309
 310 detach:
 311         return (ENXIO);                 /* failure */
 312 }
 313
 314 static void
 315 rtwn_radiotap_attach(struct rtwn_softc *sc)
 316 {
 317         struct rtwn_rx_radiotap_header *rxtap = &sc->sc_rxtap;
 318         struct rtwn_tx_radiotap_header *txtap = &sc->sc_txtap;
 319
 320         ieee80211_radiotap_attach(&sc->sc_ic,
 321             &txtap->wt_ihdr, sizeof(*txtap), RTWN_TX_RADIOTAP_PRESENT,
 322             &rxtap->wr_ihdr, sizeof(*rxtap), RTWN_RX_RADIOTAP_PRESENT);
 323 }
 324
 325 void
 326 rtwn_sysctlattach(struct rtwn_softc *sc)
 327 {
 328         struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev);
 329         struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev);
 330
 331 #if 1
 332         sc->sc_ht40 = 0;
 333         SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
 334             "ht40", CTLFLAG_RDTUN, &sc->sc_ht40,
 335             sc->sc_ht40, "Enable 40 MHz mode support");
 336 #endif
 337
 338 #ifdef RTWN_DEBUG
 339         SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
 340             "debug", CTLFLAG_RWTUN, &sc->sc_debug, sc->sc_debug,
 341             "Control debugging printfs");
 342 #endif
 343
 344         sc->sc_hwcrypto = RTWN_CRYPTO_PAIR;
 345         SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
 346             "hwcrypto", CTLFLAG_RDTUN, &sc->sc_hwcrypto,
 347             sc->sc_hwcrypto, "Enable h/w crypto: "
 348             "0 - disable, 1 - pairwise keys, 2 - all keys");
 349         if (sc->sc_hwcrypto >= RTWN_CRYPTO_MAX)
 350                 sc->sc_hwcrypto = RTWN_CRYPTO_FULL;
 351
 352         sc->sc_ratectl_sysctl = RTWN_RATECTL_NET80211;
 353         SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
 354             "ratectl", CTLFLAG_RDTUN, &sc->sc_ratectl_sysctl,
 355             sc->sc_ratectl_sysctl, "Select rate control mechanism: "
 356             "0 - disabled, 1 - via net80211, 2 - via firmware");
 357         if (sc->sc_ratectl_sysctl >= RTWN_RATECTL_MAX)
 358                 sc->sc_ratectl_sysctl = RTWN_RATECTL_FW;
 359
 360         sc->sc_ratectl = sc->sc_ratectl_sysctl;
 361         SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
 362             "ratectl_selected", CTLFLAG_RD, &sc->sc_ratectl,
 363             sc->sc_ratectl,
 364             "Currently selected rate control mechanism (by the driver)");
 365 }
 366
 367 void
 368 rtwn_detach(struct rtwn_softc *sc)
 369 {
 370         struct ieee80211com *ic = &sc->sc_ic;
 371
 372         if (ic->ic_softc == sc) {
 373                 /* Stop command queue. */
 374                 RTWN_CMDQ_LOCK(sc);
 375                 sc->sc_detached = 1;
 376                 RTWN_CMDQ_UNLOCK(sc);
 377
 378                 ieee80211_draintask(ic, &sc->cmdq_task);
 379                 ieee80211_ifdetach(ic);
 380         }
 381
 382         rtwn_cmdq_destroy(sc);
 383         if (RTWN_NT_LOCK_INITIALIZED(sc))
 384                 RTWN_NT_LOCK_DESTROY(sc);
 385 }
 386
 387 void
 388 rtwn_suspend(struct rtwn_softc *sc)
 389 {
 390         struct ieee80211com *ic = &sc->sc_ic;
 391
 392         ieee80211_suspend_all(ic);
 393 }
 394
 395 void
 396 rtwn_resume(struct rtwn_softc *sc)
 397 {
 398         struct ieee80211com *ic = &sc->sc_ic;
 399
 400         ieee80211_resume_all(ic);
 401 }
 402
 403 static void
 404 rtwn_vap_decrement_counters(struct rtwn_softc *sc,
 405     enum ieee80211_opmode opmode, int id)
 406 {
 407
 408         RTWN_ASSERT_LOCKED(sc);
 409
 410         if (id != RTWN_VAP_ID_INVALID) {
 411                 KASSERT(id == 0 || id == 1, ("wrong vap id %d!\n", id));
 412                 KASSERT(sc->vaps[id] != NULL, ("vap pointer is NULL\n"));
 413                 sc->vaps[id] = NULL;
 414         }
 415
 416         switch (opmode) {
 417         case IEEE80211_M_HOSTAP:
 418                 sc->ap_vaps--;
 419                 /* FALLTHROUGH */
 420         case IEEE80211_M_IBSS:
 421                 sc->bcn_vaps--;
 422                 /* FALLTHROUGH */
 423         case IEEE80211_M_STA:
 424                 sc->nvaps--;
 425                 break;
 426         case IEEE80211_M_MONITOR:
 427                 sc->mon_vaps--;
 428                 break;
 429         default:
 430                 KASSERT(0, ("wrong opmode %d\n", opmode));
 431                 break;
 432         }
 433
 434         KASSERT(sc->vaps_running >= 0 && sc->monvaps_running >= 0,
 435             ("number of running vaps is negative (vaps %d, monvaps %d)\n",
 436             sc->vaps_running, sc->monvaps_running));
 437         KASSERT(sc->vaps_running - sc->monvaps_running <= RTWN_PORT_COUNT,
 438             ("number of running vaps is too big (vaps %d, monvaps %d)\n",
 439             sc->vaps_running, sc->monvaps_running));
 440
 441         KASSERT(sc->nvaps >= 0 && sc->nvaps <= RTWN_PORT_COUNT,
 442             ("wrong value %d for nvaps\n", sc->nvaps));
 443         KASSERT(sc->mon_vaps >= 0, ("mon_vaps is negative (%d)\n",
 444             sc->mon_vaps));
 445         KASSERT(sc->bcn_vaps >= 0 && ((RTWN_CHIP_HAS_BCNQ1(sc) &&
 446             sc->bcn_vaps <= RTWN_PORT_COUNT) || sc->bcn_vaps <= 1),
 447             ("bcn_vaps value %d is wrong\n", sc->bcn_vaps));
 448         KASSERT(sc->ap_vaps >= 0 && ((RTWN_CHIP_HAS_BCNQ1(sc) &&
 449             sc->ap_vaps <= RTWN_PORT_COUNT) || sc->ap_vaps <= 1),
 450             ("ap_vaps value %d is wrong\n", sc->ap_vaps));
 451 }
 452
 453 static void
 454 rtwn_set_ic_opmode(struct rtwn_softc *sc)
 455 {
 456         struct ieee80211com *ic = &sc->sc_ic;
 457
 458         RTWN_ASSERT_LOCKED(sc);
 459
 460         /* for ieee80211_reset_erp() */
 461         if (sc->bcn_vaps - sc->ap_vaps > 0)
 462                 ic->ic_opmode = IEEE80211_M_IBSS;
 463         else if (sc->ap_vaps > 0)
 464                 ic->ic_opmode = IEEE80211_M_HOSTAP;
 465         else if (sc->nvaps > 0)
 466                 ic->ic_opmode = IEEE80211_M_STA;
 467         else
 468                 ic->ic_opmode = IEEE80211_M_MONITOR;
 469 }
 470
 471 static struct ieee80211vap *
 472 rtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit,
 473     enum ieee80211_opmode opmode, int flags,
 474     const uint8_t bssid[IEEE80211_ADDR_LEN],
 475     const uint8_t mac[IEEE80211_ADDR_LEN])
 476 {
 477         struct rtwn_softc *sc = ic->ic_softc;
 478         struct rtwn_vap *uvp;
 479         struct ieee80211vap *vap;
 480         int id = RTWN_VAP_ID_INVALID;
 481
 482         RTWN_LOCK(sc);
 483         KASSERT(sc->nvaps <= RTWN_PORT_COUNT,
 484             ("nvaps overflow (%d > %d)\n", sc->nvaps, RTWN_PORT_COUNT));
 485         KASSERT(sc->ap_vaps <= RTWN_PORT_COUNT,
 486             ("ap_vaps overflow (%d > %d)\n", sc->ap_vaps, RTWN_PORT_COUNT));
 487         KASSERT(sc->bcn_vaps <= RTWN_PORT_COUNT,
 488             ("bcn_vaps overflow (%d > %d)\n", sc->bcn_vaps, RTWN_PORT_COUNT));
 489
 490         if (opmode != IEEE80211_M_MONITOR) {
 491                 switch (sc->nvaps) {
 492                 case 0:
 493                         id = 0;
 494                         break;
 495                 case 1:
 496                         if (sc->vaps[1] == NULL)
 497                                 id = 1;
 498                         else if (sc->vaps[0] == NULL)
 499                                 id = 0;
 500                         KASSERT(id != RTWN_VAP_ID_INVALID,
 501                             ("no free ports left\n"));
 502                         break;
 503                 case 2:
 504                 default:
 505                         goto fail;
 506                 }
 507
 508                 if (opmode == IEEE80211_M_IBSS ||
 509                     opmode == IEEE80211_M_HOSTAP) {
 510                         if ((sc->bcn_vaps == 1 && !RTWN_CHIP_HAS_BCNQ1(sc)) ||
 511                             sc->bcn_vaps == RTWN_PORT_COUNT)
 512                                 goto fail;
 513                 }
 514         }
 515
 516         switch (opmode) {
 517         case IEEE80211_M_HOSTAP:
 518                 sc->ap_vaps++;
 519                 /* FALLTHROUGH */
 520         case IEEE80211_M_IBSS:
 521                 sc->bcn_vaps++;
 522                 /* FALLTHROUGH */
 523         case IEEE80211_M_STA:
 524                 sc->nvaps++;
 525                 break;
 526         case IEEE80211_M_MONITOR:
 527                 sc->mon_vaps++;
 528                 break;
 529         default:
 530                 KASSERT(0, ("unknown opmode %d\n", opmode));
 531                 goto fail;
 532         }
 533         RTWN_UNLOCK(sc);
 534
 535         uvp = malloc(sizeof(struct rtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO);
 536         uvp->id = id;
 537         if (id != RTWN_VAP_ID_INVALID) {
 538                 RTWN_LOCK(sc);
 539                 sc->vaps[id] = uvp;
 540                 RTWN_UNLOCK(sc);
 541         }
 542         vap = &uvp->vap;
 543         /* enable s/w bmiss handling for sta mode */
 544
 545         if (ieee80211_vap_setup(ic, vap, name, unit, opmode,
 546             flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) {
 547                 /* out of memory */
 548                 free(uvp, M_80211_VAP);
 549
 550                 RTWN_LOCK(sc);
 551                 rtwn_vap_decrement_counters(sc, opmode, id);
 552                 RTWN_UNLOCK(sc);
 553
 554                 return (NULL);
 555         }
 556
 557         rtwn_beacon_init(sc, &uvp->bcn_desc.txd[0], uvp->id);
 558         rtwn_vap_preattach(sc, vap);
 559
 560         /* override state transition machine */
 561         uvp->newstate = vap->iv_newstate;
 562         if (opmode == IEEE80211_M_MONITOR)
 563                 vap->iv_newstate = rtwn_monitor_newstate;
 564         else
 565                 vap->iv_newstate = rtwn_newstate;
 566         vap->iv_update_beacon = rtwn_update_beacon;
 567         vap->iv_reset = rtwn_ioctl_reset;
 568         vap->iv_key_alloc = rtwn_key_alloc;
 569         vap->iv_key_set = rtwn_key_set;
 570         vap->iv_key_delete = rtwn_key_delete;
 571         vap->iv_max_aid = sc->macid_limit;
 572
 573         /* 802.11n parameters */
 574         vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_16;
 575         vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K;
 576
 577         TIMEOUT_TASK_INIT(taskqueue_thread, &uvp->tx_beacon_csa, 0,
 578             rtwn_tx_beacon_csa, vap);
 579         if (opmode == IEEE80211_M_IBSS) {
 580                 uvp->recv_mgmt = vap->iv_recv_mgmt;
 581                 vap->iv_recv_mgmt = rtwn_adhoc_recv_mgmt;
 582                 TASK_INIT(&uvp->tsf_sync_adhoc_task, 0,
 583                     rtwn_tsf_sync_adhoc_task, vap);
 584                 callout_init(&uvp->tsf_sync_adhoc, 0);
 585         }
 586
 587         /*
 588          * NB: driver can select net80211 RA even when user requests
 589          * another mechanism.
 590          */
 591         ieee80211_ratectl_init(vap);
 592
 593         /* complete setup */
 594         ieee80211_vap_attach(vap, ieee80211_media_change,
 595             ieee80211_media_status, mac);
 596
 597         RTWN_LOCK(sc);
 598         rtwn_set_ic_opmode(sc);
 599         if (sc->sc_flags & RTWN_RUNNING) {
 600                 if (uvp->id != RTWN_VAP_ID_INVALID)
 601                         rtwn_set_macaddr(sc, vap->iv_myaddr, uvp->id);
 602
 603                 rtwn_rxfilter_update(sc);
 604         }
 605         RTWN_UNLOCK(sc);
 606
 607         return (vap);
 608
 609 fail:
 610         RTWN_UNLOCK(sc);
 611         return (NULL);
 612 }
 613
 614 static void
 615 rtwn_vap_delete(struct ieee80211vap *vap)
 616 {
 617         struct ieee80211com *ic = vap->iv_ic;
 618         struct rtwn_softc *sc = ic->ic_softc;
 619         struct rtwn_vap *uvp = RTWN_VAP(vap);
 620
 621         /* Put vap into INIT state + stop device if needed. */
 622         ieee80211_stop(vap);
 623         ieee80211_draintask(ic, &vap->iv_nstate_task);
 624         ieee80211_draintask(ic, &ic->ic_parent_task);
 625
 626         RTWN_LOCK(sc);
 627         /* Cancel any unfinished Tx. */
 628         rtwn_reset_lists(sc, vap);
 629         if (uvp->bcn_mbuf != NULL)
 630                 m_freem(uvp->bcn_mbuf);
 631         rtwn_vap_decrement_counters(sc, vap->iv_opmode, uvp->id);
 632         rtwn_set_ic_opmode(sc);
 633         if (sc->sc_flags & RTWN_RUNNING)
 634                 rtwn_rxfilter_update(sc);
 635         RTWN_UNLOCK(sc);
 636
 637         if (vap->iv_opmode == IEEE80211_M_IBSS) {
 638                 ieee80211_draintask(ic, &uvp->tsf_sync_adhoc_task);
 639                 callout_drain(&uvp->tsf_sync_adhoc);
 640         }
 641
 642         ieee80211_ratectl_deinit(vap);
 643         ieee80211_vap_detach(vap);
 644         free(uvp, M_80211_VAP);
 645 }
 646
 647 static int
 648 rtwn_read_chipid(struct rtwn_softc *sc)
 649 {
 650         uint32_t reg;
 651
 652         reg = rtwn_read_4(sc, R92C_SYS_CFG);
 653         if (reg & R92C_SYS_CFG_TRP_VAUX_EN)     /* test chip */
 654                 return (EOPNOTSUPP);
 655
 656         rtwn_read_chipid_vendor(sc, reg);
 657
 658         return (0);
 659 }
 660
 661 static int
 662 rtwn_ioctl_reset(struct ieee80211vap *vap, u_long cmd)
 663 {
 664         int error;
 665
 666         switch (cmd) {
 667 #ifndef RTWN_WITHOUT_UCODE
 668         case IEEE80211_IOC_POWERSAVE:
 669         case IEEE80211_IOC_POWERSAVESLEEP:
 670         {
 671                 struct rtwn_softc *sc = vap->iv_ic->ic_softc;
 672                 struct rtwn_vap *uvp = RTWN_VAP(vap);
 673
 674                 if (vap->iv_opmode == IEEE80211_M_STA && uvp->id == 0) {
 675                         RTWN_LOCK(sc);
 676                         if (sc->sc_flags & RTWN_RUNNING)
 677                                 error = rtwn_set_pwrmode(sc, vap, 1);
 678                         else
 679                                 error = 0;
 680                         RTWN_UNLOCK(sc);
 681                         if (error != 0)
 682                                 error = ENETRESET;
 683                 } else
 684                         error = EOPNOTSUPP;
 685                 break;
 686         }
 687 #endif
 688         case IEEE80211_IOC_SHORTGI:
 689         case IEEE80211_IOC_RTSTHRESHOLD:
 690         case IEEE80211_IOC_PROTMODE:
 691         case IEEE80211_IOC_HTPROTMODE:
 692         case IEEE80211_IOC_LDPC:
 693                 error = 0;
 694                 break;
 695         default:
 696                 error = ENETRESET;
 697                 break;
 698         }
 699
 700         return (error);
 701 }
 702
 703 static void
 704 rtwn_set_media_status(struct rtwn_softc *sc, union sec_param *data)
 705 {
 706         sc->sc_set_media_status(sc, data->macid);
 707 }
 708
 709 #ifndef RTWN_WITHOUT_UCODE
 710 static int
 711 rtwn_tx_fwpkt_check(struct rtwn_softc *sc, struct ieee80211vap *vap)
 712 {
 713         int ntries, error;
 714
 715         for (ntries = 0; ntries < 5; ntries++) {
 716                 error = rtwn_push_nulldata(sc, vap);
 717                 if (error == 0)
 718                         break;
 719         }
 720         if (ntries == 5) {
 721                 device_printf(sc->sc_dev,
 722                     "%s: cannot push f/w frames into chip, error %d!\n",
 723                     __func__, error);
 724                 return (error);
 725         }
 726
 727         return (0);
 728 }
 729
 730 static int
 731 rtwn_construct_nulldata(struct rtwn_softc *sc, struct ieee80211vap *vap,
 732     uint8_t *ptr, int qos)
 733 {
 734         struct rtwn_vap *uvp = RTWN_VAP(vap);
 735         struct ieee80211com *ic = &sc->sc_ic;
 736         struct rtwn_tx_desc_common *txd;
 737         struct ieee80211_frame *wh;
 738         int pktlen;
 739
 740         /* XXX obtain from net80211 */
 741         wh = (struct ieee80211_frame *)(ptr + sc->txdesc_len);
 742         wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_DATA;
 743         wh->i_fc[1] = IEEE80211_FC1_DIR_TODS;
 744         IEEE80211_ADDR_COPY(wh->i_addr1, vap->iv_bss->ni_bssid);
 745         IEEE80211_ADDR_COPY(wh->i_addr2, vap->iv_myaddr);
 746         IEEE80211_ADDR_COPY(wh->i_addr3, vap->iv_bss->ni_macaddr);
 747
 748         txd = (struct rtwn_tx_desc_common *)ptr;
 749         txd->offset = sc->txdesc_len;
 750         pktlen = sc->txdesc_len;
 751         if (qos) {
 752                 struct ieee80211_qosframe *qwh;
 753                 const int tid = WME_AC_TO_TID(WME_AC_BE);
 754
 755                 qwh = (struct ieee80211_qosframe *)wh;
 756                 qwh->i_fc[0] |= IEEE80211_FC0_SUBTYPE_QOS_NULL;
 757                 qwh->i_qos[0] = tid & IEEE80211_QOS_TID;
 758
 759                 txd->pktlen = htole16(sizeof(struct ieee80211_qosframe));
 760                 pktlen += sizeof(struct ieee80211_qosframe);
 761         } else {
 762                 wh->i_fc[0] |= IEEE80211_FC0_SUBTYPE_NODATA;
 763
 764                 txd->pktlen = htole16(sizeof(struct ieee80211_frame));
 765                 pktlen += sizeof(struct ieee80211_frame);
 766         }
 767
 768         rtwn_fill_tx_desc_null(sc, ptr,
 769             ic->ic_curmode == IEEE80211_MODE_11B, qos, uvp->id);
 770
 771         return (pktlen);
 772 }
 773
 774 static int
 775 rtwn_push_nulldata(struct rtwn_softc *sc, struct ieee80211vap *vap)
 776 {
 777         struct rtwn_vap *uvp = RTWN_VAP(vap);
 778         struct ieee80211com *ic = vap->iv_ic;
 779         struct ieee80211_channel *c = ic->ic_curchan;
 780         struct mbuf *m;
 781         uint8_t *ptr;
 782         int required_size, bcn_size, null_size, null_data, error;
 783
 784         if (!(sc->sc_flags & RTWN_FW_LOADED))
 785                 return (0);     /* requires firmware */
 786
 787         KASSERT(sc->page_size > 0, ("page size was not set!\n"));
 788
 789         /* Leave some space for beacon (multi-vap) */
 790         bcn_size = roundup(RTWN_BCN_MAX_SIZE, sc->page_size);
 791         /* 1 page for Null Data + 1 page for Qos Null Data frames. */
 792         required_size = bcn_size + sc->page_size * 2;
 793
 794         m = m_get2(required_size, M_NOWAIT, MT_DATA, M_PKTHDR);
 795         if (m == NULL)
 796                 return (ENOMEM);
 797
 798         /* Setup beacon descriptor. */
 799         rtwn_beacon_set_rate(sc, &uvp->bcn_desc.txd[0],
 800             IEEE80211_IS_CHAN_5GHZ(c));
 801
 802         ptr = mtod(m, uint8_t *);
 803         memset(ptr, 0, required_size - sc->txdesc_len);
 804
 805         /* Construct Null Data frame. */
 806         ptr += bcn_size - sc->txdesc_len;
 807         null_size = rtwn_construct_nulldata(sc, vap, ptr, 0);
 808         KASSERT(null_size < sc->page_size,
 809             ("recalculate size for Null Data frame\n"));
 810
 811         /* Construct Qos Null Data frame. */
 812         ptr += roundup(null_size, sc->page_size);
 813         null_size = rtwn_construct_nulldata(sc, vap, ptr, 1);
 814         KASSERT(null_size < sc->page_size,
 815             ("recalculate size for Qos Null Data frame\n"));
 816
 817         /* Do not try to detect a beacon here. */
 818         rtwn_setbits_1_shift(sc, R92C_CR, 0, R92C_CR_ENSWBCN, 1);
 819         rtwn_setbits_1_shift(sc, R92C_FWHW_TXQ_CTRL,
 820             R92C_FWHW_TXQ_CTRL_REAL_BEACON, 0, 2);
 821
 822         if (uvp->bcn_mbuf != NULL) {
 823                 rtwn_beacon_unload(sc, uvp->id);
 824                 m_freem(uvp->bcn_mbuf);
 825         }
 826
 827         m->m_pkthdr.len = m->m_len = required_size - sc->txdesc_len;
 828         uvp->bcn_mbuf = m;
 829
 830         error = rtwn_tx_beacon_check(sc, uvp);
 831         if (error != 0) {
 832                 RTWN_DPRINTF(sc, RTWN_DEBUG_BEACON,
 833                     "%s: frame was not recognized!\n", __func__);
 834                 goto fail;
 835         }
 836
 837         /* Setup addresses in firmware. */
 838         null_data = howmany(bcn_size, sc->page_size);
 839         error = rtwn_set_rsvd_page(sc, 0, null_data, null_data + 1);
 840         if (error != 0) {
 841                 device_printf(sc->sc_dev,
 842                     "%s: CMD_RSVD_PAGE was not sent, error %d\n",
 843                     __func__, error);
 844                 goto fail;
 845         }
 846
 847 fail:
 848         /* Re-enable beacon detection. */
 849         rtwn_setbits_1_shift(sc, R92C_FWHW_TXQ_CTRL,
 850             0, R92C_FWHW_TXQ_CTRL_REAL_BEACON, 2);
 851         rtwn_setbits_1_shift(sc, R92C_CR, R92C_CR_ENSWBCN, 0, 1);
 852
 853         /* Restore beacon (if present). */
 854         if (sc->bcn_vaps > 0 && sc->vaps[!uvp->id] != NULL) {
 855                 struct rtwn_vap *uvp2 = sc->vaps[!uvp->id];
 856
 857                 if (uvp2->curr_mode != R92C_MSR_NOLINK)
 858                         error = rtwn_tx_beacon_check(sc, uvp2);
 859         }
 860
 861         return (error);
 862 }
 863
 864 static void
 865 rtwn_pwrmode_init(void *arg)
 866 {
 867         struct rtwn_softc *sc = arg;
 868
 869         rtwn_cmd_sleepable(sc, NULL, 0, rtwn_set_pwrmode_cb);
 870 }
 871
 872 static void
 873 rtwn_set_pwrmode_cb(struct rtwn_softc *sc, union sec_param *data)
 874 {
 875         struct ieee80211vap *vap = &sc->vaps[0]->vap;
 876
 877         if (vap != NULL)
 878                 rtwn_set_pwrmode(sc, vap, 1);
 879 }
 880 #endif
 881
 882 static void
 883 rtwn_tsf_sync_adhoc(void *arg)
 884 {
 885         struct ieee80211vap *vap = arg;
 886         struct ieee80211com *ic = vap->iv_ic;
 887         struct rtwn_vap *uvp = RTWN_VAP(vap);
 888
 889         if (uvp->curr_mode != R92C_MSR_NOLINK) {
 890                 /* Do it in process context. */
 891                 ieee80211_runtask(ic, &uvp->tsf_sync_adhoc_task);
 892         }
 893 }
 894
 895 /*
 896  * Workaround for TSF synchronization:
 897  * when BSSID filter in IBSS mode is not set
 898  * (and TSF synchronization is enabled), then any beacon may update it.
 899  * This routine synchronizes it when BSSID matching is enabled (IBSS merge
 900  * is not possible during this period).
 901  *
 902  * NOTE: there is no race with rtwn_newstate(), since it uses the same
 903  * taskqueue.
 904  */
 905 static void
 906 rtwn_tsf_sync_adhoc_task(void *arg, int pending)
 907 {
 908         struct ieee80211vap *vap = arg;
 909         struct rtwn_vap *uvp = RTWN_VAP(vap);
 910         struct rtwn_softc *sc = vap->iv_ic->ic_softc;
 911         struct ieee80211_node *ni;
 912
 913         RTWN_LOCK(sc);
 914         ni = ieee80211_ref_node(vap->iv_bss);
 915
 916         /* Accept beacons with the same BSSID. */
 917         rtwn_set_rx_bssid_all(sc, 0);
 918
 919         /* Deny RCR updates. */
 920         sc->sc_flags |= RTWN_RCR_LOCKED;
 921
 922         /* Enable synchronization. */
 923         rtwn_setbits_1(sc, R92C_BCN_CTRL(uvp->id),
 924             R92C_BCN_CTRL_DIS_TSF_UDT0, 0);
 925
 926         /* Synchronize. */
 927         rtwn_delay(sc, ni->ni_intval * 5 * 1000);
 928
 929         /* Disable synchronization. */
 930         rtwn_setbits_1(sc, R92C_BCN_CTRL(uvp->id),
 931             0, R92C_BCN_CTRL_DIS_TSF_UDT0);
 932
 933         /* Accept all beacons. */
 934         sc->sc_flags &= ~RTWN_RCR_LOCKED;
 935         rtwn_set_rx_bssid_all(sc, 1);
 936
 937         /* Schedule next TSF synchronization. */
 938         callout_reset(&uvp->tsf_sync_adhoc, 60*hz, rtwn_tsf_sync_adhoc, vap);
 939
 940         ieee80211_free_node(ni);
 941         RTWN_UNLOCK(sc);
 942 }
 943
 944 static void
 945 rtwn_tsf_sync_enable(struct rtwn_softc *sc, struct ieee80211vap *vap)
 946 {
 947         struct ieee80211com *ic = &sc->sc_ic;
 948         struct rtwn_vap *uvp = RTWN_VAP(vap);
 949
 950         /* Reset TSF. */
 951         rtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RESET(uvp->id));
 952
 953         switch (vap->iv_opmode) {
 954         case IEEE80211_M_STA:
 955                 /* Enable TSF synchronization. */
 956                 rtwn_setbits_1(sc, R92C_BCN_CTRL(uvp->id),
 957                     R92C_BCN_CTRL_DIS_TSF_UDT0, 0);
 958                 break;
 959         case IEEE80211_M_IBSS:
 960                 ieee80211_runtask(ic, &uvp->tsf_sync_adhoc_task);
 961                 /* FALLTHROUGH */
 962         case IEEE80211_M_HOSTAP:
 963                 /* Enable beaconing. */
 964                 rtwn_beacon_enable(sc, uvp->id, 1);
 965                 break;
 966         default:
 967                 device_printf(sc->sc_dev, "undefined opmode %d\n",
 968                     vap->iv_opmode);
 969                 return;
 970         }
 971 }
 972
 973 static void
 974 rtwn_set_ack_preamble(struct rtwn_softc *sc)
 975 {
 976         struct ieee80211com *ic = &sc->sc_ic;
 977         uint32_t reg;
 978
 979         reg = rtwn_read_4(sc, R92C_WMAC_TRXPTCL_CTL);
 980         if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
 981                 reg |= R92C_WMAC_TRXPTCL_SHPRE;
 982         else
 983                 reg &= ~R92C_WMAC_TRXPTCL_SHPRE;
 984         rtwn_write_4(sc, R92C_WMAC_TRXPTCL_CTL, reg);
 985 }
 986
 987 static void
 988 rtwn_set_mode(struct rtwn_softc *sc, uint8_t mode, int id)
 989 {
 990
 991         rtwn_setbits_1(sc, R92C_MSR, R92C_MSR_MASK << id * 2, mode << id * 2);
 992         if (sc->vaps[id] != NULL)
 993                 sc->vaps[id]->curr_mode = mode;
 994 }
 995
 996 static int
 997 rtwn_monitor_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate,
 998     int arg)
 999 {
1000         struct ieee80211com *ic = vap->iv_ic;
1001         struct rtwn_softc *sc = ic->ic_softc;
1002         struct rtwn_vap *uvp = RTWN_VAP(vap);
1003
1004         RTWN_DPRINTF(sc, RTWN_DEBUG_STATE, "%s -> %s\n",
1005             ieee80211_state_name[vap->iv_state],
1006             ieee80211_state_name[nstate]);
1007
1008         if (vap->iv_state != nstate) {
1009                 IEEE80211_UNLOCK(ic);
1010                 RTWN_LOCK(sc);
1011
1012                 switch (nstate) {
1013                 case IEEE80211_S_INIT:
1014                         sc->vaps_running--;
1015                         sc->monvaps_running--;
1016
1017                         if (sc->vaps_running == 0) {
1018                                 /* Turn link LED off. */
1019                                 rtwn_set_led(sc, RTWN_LED_LINK, 0);
1020                         }
1021                         break;
1022                 case IEEE80211_S_RUN:
1023                         sc->vaps_running++;
1024                         sc->monvaps_running++;
1025
1026                         if (sc->vaps_running == 1) {
1027                                 /* Turn link LED on. */
1028                                 rtwn_set_led(sc, RTWN_LED_LINK, 1);
1029                         }
1030                         break;
1031                 default:
1032                         /* NOTREACHED */
1033                         break;
1034                 }
1035
1036                 RTWN_UNLOCK(sc);
1037                 IEEE80211_LOCK(ic);
1038         }
1039
1040         return (uvp->newstate(vap, nstate, arg));
1041 }
1042
1043 static int
1044 rtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
1045 {
1046         struct rtwn_vap *uvp = RTWN_VAP(vap);
1047         struct ieee80211com *ic = vap->iv_ic;
1048         struct rtwn_softc *sc = ic->ic_softc;
1049         enum ieee80211_state ostate;
1050         int error, early_newstate;
1051
1052         ostate = vap->iv_state;
1053         RTWN_DPRINTF(sc, RTWN_DEBUG_STATE, "%s -> %s\n",
1054             ieee80211_state_name[ostate], ieee80211_state_name[nstate]);
1055
1056         if (vap->iv_bss->ni_chan == IEEE80211_CHAN_ANYC &&
1057             ostate == IEEE80211_S_INIT && nstate == IEEE80211_S_RUN) {
1058                 /* need to call iv_newstate() firstly */
1059                 error = uvp->newstate(vap, nstate, arg);
1060                 if (error != 0)
1061                         return (error);
1062
1063                 early_newstate = 1;
1064         } else
1065                 early_newstate = 0;
1066
1067         if (ostate == IEEE80211_S_CSA) {
1068                 taskqueue_cancel_timeout(taskqueue_thread,
1069                     &uvp->tx_beacon_csa, NULL);
1070
1071                 /*
1072                  * In multi-vap case second counter may not be cleared
1073                  * properly.
1074                  */
1075                 vap->iv_csa_count = 0;
1076         }
1077         IEEE80211_UNLOCK(ic);
1078         RTWN_LOCK(sc);
1079
1080         if (ostate == IEEE80211_S_CSA) {
1081                 /* Unblock all queues (multi-vap case). */
1082                 rtwn_write_1(sc, R92C_TXPAUSE, 0);
1083         }
1084
1085         if ((ostate == IEEE80211_S_RUN && nstate != IEEE80211_S_CSA) ||
1086             ostate == IEEE80211_S_CSA) {
1087                 sc->vaps_running--;
1088
1089                 /* Set media status to 'No Link'. */
1090                 rtwn_set_mode(sc, R92C_MSR_NOLINK, uvp->id);
1091
1092                 if (vap->iv_opmode == IEEE80211_M_IBSS) {
1093                         /* Stop periodical TSF synchronization. */
1094                         callout_stop(&uvp->tsf_sync_adhoc);
1095                 }
1096
1097                 /* Disable TSF synchronization / beaconing. */
1098                 rtwn_beacon_enable(sc, uvp->id, 0);
1099                 rtwn_setbits_1(sc, R92C_BCN_CTRL(uvp->id),
1100                     0, R92C_BCN_CTRL_DIS_TSF_UDT0);
1101
1102                 /* NB: monitor mode vaps are using port 0. */
1103                 if (uvp->id != 0 || sc->monvaps_running == 0) {
1104                         /* Reset TSF. */
1105                         rtwn_write_1(sc, R92C_DUAL_TSF_RST,
1106                             R92C_DUAL_TSF_RESET(uvp->id));
1107                 }
1108
1109 #ifndef RTWN_WITHOUT_UCODE
1110                 if ((ic->ic_caps & IEEE80211_C_PMGT) != 0 && uvp->id == 0) {
1111                         /* Disable power management. */
1112                         callout_stop(&sc->sc_pwrmode_init);
1113                         rtwn_set_pwrmode(sc, vap, 0);
1114                 }
1115 #endif
1116                 if (sc->vaps_running - sc->monvaps_running > 0) {
1117                         /* Recalculate basic rates bitmap. */
1118                         rtwn_calc_basicrates(sc);
1119                 }
1120
1121                 if (sc->vaps_running == sc->monvaps_running) {
1122                         /* Stop calibration. */
1123                         callout_stop(&sc->sc_calib_to);
1124
1125                         /* Stop Rx of data frames. */
1126                         rtwn_write_2(sc, R92C_RXFLTMAP2, 0);
1127
1128                         /* Reset EDCA parameters. */
1129                         rtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217);
1130                         rtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317);
1131                         rtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320);
1132                         rtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444);
1133
1134                         if (sc->vaps_running == 0) {
1135                                 /* Turn link LED off. */
1136                                 rtwn_set_led(sc, RTWN_LED_LINK, 0);
1137                         }
1138                 }
1139         }
1140
1141         error = 0;
1142         switch (nstate) {
1143         case IEEE80211_S_SCAN:
1144                 /* Pause AC Tx queues. */
1145                 if (sc->vaps_running == 0)
1146                         rtwn_setbits_1(sc, R92C_TXPAUSE, 0, R92C_TX_QUEUE_AC);
1147                 break;
1148         case IEEE80211_S_RUN:
1149                 error = rtwn_run(sc, vap);
1150                 if (error != 0) {
1151                         device_printf(sc->sc_dev,
1152                             "%s: could not move to RUN state\n", __func__);
1153                         break;
1154                 }
1155
1156                 sc->vaps_running++;
1157                 break;
1158         case IEEE80211_S_CSA:
1159                 /* Block all Tx queues (except beacon queue). */
1160                 rtwn_setbits_1(sc, R92C_TXPAUSE, 0,
1161                     R92C_TX_QUEUE_AC | R92C_TX_QUEUE_MGT | R92C_TX_QUEUE_HIGH);
1162                 break;
1163         default:
1164                 break;
1165         }
1166
1167         RTWN_UNLOCK(sc);
1168         IEEE80211_LOCK(ic);
1169         if (error != 0)
1170                 return (error);
1171
1172         return (early_newstate ? 0 : uvp->newstate(vap, nstate, arg));
1173 }
1174
1175 static void
1176 rtwn_calc_basicrates(struct rtwn_softc *sc)
1177 {
1178         struct ieee80211com *ic = &sc->sc_ic;
1179         uint32_t basicrates;
1180         int i;
1181
1182         RTWN_ASSERT_LOCKED(sc);
1183
1184         if (ic->ic_flags & IEEE80211_F_SCAN)
1185                 return;         /* will be done by rtwn_scan_end(). */
1186
1187         basicrates = 0;
1188         for (i = 0; i < nitems(sc->vaps); i++) {
1189                 struct rtwn_vap *rvp;
1190                 struct ieee80211vap *vap;
1191                 struct ieee80211_node *ni;
1192                 uint32_t rates;
1193
1194                 rvp = sc->vaps[i];
1195                 if (rvp == NULL || rvp->curr_mode == R92C_MSR_NOLINK)
1196                         continue;
1197
1198                 vap = &rvp->vap;
1199                 if (vap->iv_bss == NULL)
1200                         continue;
1201
1202                 ni = ieee80211_ref_node(vap->iv_bss);
1203                 rtwn_get_rates(sc, &ni->ni_rates, NULL, &rates, NULL, 1);
1204                 basicrates |= rates;
1205                 ieee80211_free_node(ni);
1206         }
1207
1208         if (basicrates == 0)
1209                 return;
1210
1211         /* XXX initial RTS rate? */
1212         rtwn_set_basicrates(sc, basicrates);
1213 }
1214
1215 static int
1216 rtwn_run(struct rtwn_softc *sc, struct ieee80211vap *vap)
1217 {
1218         struct ieee80211com *ic = vap->iv_ic;
1219         struct rtwn_vap *uvp = RTWN_VAP(vap);
1220         struct ieee80211_node *ni;
1221         uint8_t mode;
1222         int error;
1223
1224         RTWN_ASSERT_LOCKED(sc);
1225
1226         error = 0;
1227         ni = ieee80211_ref_node(vap->iv_bss);
1228
1229         if (ic->ic_bsschan == IEEE80211_CHAN_ANYC ||
1230             ni->ni_chan == IEEE80211_CHAN_ANYC) {
1231                 error = EINVAL;
1232                 goto fail;
1233         }
1234
1235         switch (vap->iv_opmode) {
1236         case IEEE80211_M_STA:
1237                 mode = R92C_MSR_INFRA;
1238                 break;
1239         case IEEE80211_M_IBSS:
1240                 mode = R92C_MSR_ADHOC;
1241                 break;
1242         case IEEE80211_M_HOSTAP:
1243                 mode = R92C_MSR_AP;
1244                 break;
1245         default:
1246                 KASSERT(0, ("undefined opmode %d\n", vap->iv_opmode));
1247                 error = EINVAL;
1248                 goto fail;
1249         }
1250
1251         /* Set media status to 'Associated'. */
1252         rtwn_set_mode(sc, mode, uvp->id);
1253
1254         /* Set AssocID. */
1255         /* XXX multi-vap? */
1256         rtwn_write_2(sc, R92C_BCN_PSR_RPT,
1257             0xc000 | IEEE80211_NODE_AID(ni));
1258
1259         /* Set BSSID. */
1260         rtwn_set_bssid(sc, ni->ni_bssid, uvp->id);
1261
1262         /* Set beacon interval. */
1263         rtwn_write_2(sc, R92C_BCN_INTERVAL(uvp->id), ni->ni_intval);
1264
1265         if (sc->vaps_running == sc->monvaps_running) {
1266                 /* Enable Rx of data frames. */
1267                 rtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff);
1268
1269                 /* Flush all AC queues. */
1270                 rtwn_write_1(sc, R92C_TXPAUSE, 0);
1271         }
1272
1273 #ifndef RTWN_WITHOUT_UCODE
1274         /* Upload (QoS) Null Data frame to firmware. */
1275         /* Note: do this for port 0 only. */
1276         if ((ic->ic_caps & IEEE80211_C_PMGT) != 0 &&
1277             vap->iv_opmode == IEEE80211_M_STA && uvp->id == 0) {
1278                 error = rtwn_tx_fwpkt_check(sc, vap);
1279                 if (error != 0)
1280                         goto fail;
1281
1282                 /* Setup power management. */
1283                 /*
1284                  * NB: it will be enabled immediately - delay it,
1285                  * so 4-Way handshake will not be interrupted.
1286                  */
1287                 callout_reset(&sc->sc_pwrmode_init, 5*hz,
1288                     rtwn_pwrmode_init, sc);
1289         }
1290 #endif
1291
1292         /* Enable TSF synchronization. */
1293         rtwn_tsf_sync_enable(sc, vap);
1294
1295         if (vap->iv_opmode == IEEE80211_M_HOSTAP ||
1296             vap->iv_opmode == IEEE80211_M_IBSS) {
1297                 error = rtwn_setup_beacon(sc, ni);
1298                 if (error != 0) {
1299                         device_printf(sc->sc_dev,
1300                             "unable to push beacon into the chip, "
1301                             "error %d\n", error);
1302                         goto fail;
1303                 }
1304         }
1305
1306         /* Set ACK preamble type. */
1307         rtwn_set_ack_preamble(sc);
1308
1309         /* Set basic rates mask. */
1310         rtwn_calc_basicrates(sc);
1311
1312 #ifdef RTWN_TODO
1313         rtwn_write_1(sc, R92C_SIFS_CCK + 1, 10);
1314         rtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10);
1315         rtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10);
1316         rtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10);
1317         rtwn_write_1(sc, R92C_R2T_SIFS + 1, 10);
1318         rtwn_write_1(sc, R92C_T2T_SIFS + 1, 10);
1319 #endif
1320
1321         if (sc->vaps_running == sc->monvaps_running) {
1322                 /* Reset temperature calibration state machine. */
1323                 sc->sc_flags &= ~RTWN_TEMP_MEASURED;
1324                 sc->thcal_temp = sc->thermal_meter;
1325
1326                 /* Start periodic calibration. */
1327                 callout_reset(&sc->sc_calib_to, 2*hz, rtwn_calib_to,
1328                     sc);
1329
1330                 if (sc->vaps_running == 0) {
1331                         /* Turn link LED on. */
1332                         rtwn_set_led(sc, RTWN_LED_LINK, 1);
1333                 }
1334         }
1335
1336 fail:
1337         ieee80211_free_node(ni);
1338
1339         return (error);
1340 }
1341
1342 #ifndef D4054
1343 static void
1344 rtwn_watchdog(void *arg)
1345 {
1346         struct rtwn_softc *sc = arg;
1347         struct ieee80211com *ic = &sc->sc_ic;
1348
1349         RTWN_ASSERT_LOCKED(sc);
1350
1351         KASSERT(sc->sc_flags & RTWN_RUNNING, ("not running"));
1352
1353         if (sc->sc_tx_timer != 0 && --sc->sc_tx_timer == 0) {
1354                 ic_printf(ic, "device timeout\n");
1355                 ieee80211_restart_all(ic);
1356                 return;
1357         }
1358         callout_reset(&sc->sc_watchdog_to, hz, rtwn_watchdog, sc);
1359 }
1360 #endif
1361
1362 static void
1363 rtwn_parent(struct ieee80211com *ic)
1364 {
1365         struct rtwn_softc *sc = ic->ic_softc;
1366         struct ieee80211vap *vap;
1367
1368         if (ic->ic_nrunning > 0) {
1369                 if (rtwn_init(sc) != 0) {
1370                         IEEE80211_LOCK(ic);
1371                         TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next)
1372                                 ieee80211_stop_locked(vap);
1373                         IEEE80211_UNLOCK(ic);
1374                 } else
1375                         ieee80211_start_all(ic);
1376         } else
1377                 rtwn_stop(sc);
1378 }
1379
1380 static int
1381 rtwn_dma_init(struct rtwn_softc *sc)
1382 {
1383 #define RTWN_CHK(res) do {      \
1384         if (res != 0)           \
1385                 return (EIO);   \
1386 } while(0)
1387         uint16_t reg;
1388         uint8_t tx_boundary;
1389         int error;
1390
1391         /* Initialize LLT table. */
1392         error = rtwn_llt_init(sc);
1393         if (error != 0)
1394                 return (error);
1395
1396         /* Set the number of pages for each queue. */
1397         RTWN_DPRINTF(sc, RTWN_DEBUG_RESET,
1398             "%s: pages per queue: high %d, normal %d, low %d, public %d\n",
1399             __func__, sc->nhqpages, sc->nnqpages, sc->nlqpages,
1400             sc->npubqpages);
1401
1402         RTWN_CHK(rtwn_write_1(sc, R92C_RQPN_NPQ, sc->nnqpages));
1403         RTWN_CHK(rtwn_write_4(sc, R92C_RQPN,
1404             /* Set number of pages for public queue. */
1405             SM(R92C_RQPN_PUBQ, sc->npubqpages) |
1406             /* Set number of pages for high priority queue. */
1407             SM(R92C_RQPN_HPQ, sc->nhqpages) |
1408             /* Set number of pages for low priority queue. */
1409             SM(R92C_RQPN_LPQ, sc->nlqpages) |
1410             /* Load values. */
1411             R92C_RQPN_LD));
1412
1413         /* Initialize TX buffer boundary. */
1414         KASSERT(sc->page_count < 255 && sc->page_count > 0,
1415             ("page_count is %d\n", sc->page_count));
1416         tx_boundary = sc->page_count + 1;
1417         RTWN_CHK(rtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary));
1418         RTWN_CHK(rtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary));
1419         RTWN_CHK(rtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary));
1420         RTWN_CHK(rtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary));
1421         RTWN_CHK(rtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary));
1422
1423         error = rtwn_init_bcnq1_boundary(sc);
1424         if (error != 0)
1425                 return (error);
1426
1427         /* Set queue to USB pipe mapping. */
1428         /* Note: PCIe devices are using some magic number here. */
1429         reg = rtwn_get_qmap(sc);
1430         RTWN_CHK(rtwn_setbits_2(sc, R92C_TRXDMA_CTRL,
1431             R92C_TRXDMA_CTRL_QMAP_M, reg));
1432
1433         /* Configure Tx/Rx DMA (PCIe). */
1434         rtwn_set_desc_addr(sc);
1435
1436         /* Set Tx/Rx transfer page boundary. */
1437         RTWN_CHK(rtwn_write_2(sc, R92C_TRXFF_BNDY + 2,
1438             sc->rx_dma_size - 1));
1439
1440         /* Set Tx/Rx transfer page size. */
1441         rtwn_set_page_size(sc);
1442
1443         return (0);
1444 }
1445
1446 static int
1447 rtwn_mac_init(struct rtwn_softc *sc)
1448 {
1449         int i, error;
1450
1451         /* Write MAC initialization values. */
1452         for (i = 0; i < sc->mac_size; i++) {
1453                 error = rtwn_write_1(sc, sc->mac_prog[i].reg,
1454                     sc->mac_prog[i].val);
1455                 if (error != 0)
1456                         return (error);
1457         }
1458
1459         return (0);
1460 }
1461
1462 static void
1463 rtwn_mrr_init(struct rtwn_softc *sc)
1464 {
1465         int i;
1466
1467         /* Drop rate index by 1 per retry. */
1468         for (i = 0; i < R92C_DARFRC_SIZE; i++) {
1469                 rtwn_write_1(sc, R92C_DARFRC + i, i + 1);
1470                 rtwn_write_1(sc, R92C_RARFRC + i, i + 1);
1471         }
1472 }
1473
1474 static void
1475 rtwn_scan_start(struct ieee80211com *ic)
1476 {
1477         struct rtwn_softc *sc = ic->ic_softc;
1478
1479         RTWN_LOCK(sc);
1480         /* Pause beaconing. */
1481         rtwn_setbits_1(sc, R92C_TXPAUSE, 0, R92C_TX_QUEUE_BCN);
1482         /* Receive beacons / probe responses from any BSSID. */
1483         if (sc->bcn_vaps == 0)
1484                 rtwn_set_rx_bssid_all(sc, 1);
1485         RTWN_UNLOCK(sc);
1486 }
1487
1488 static void
1489 rtwn_scan_curchan(struct ieee80211_scan_state *ss, unsigned long maxdwell)
1490 {
1491         struct rtwn_softc *sc = ss->ss_ic->ic_softc;
1492
1493         /* Make link LED blink during scan. */
1494         RTWN_LOCK(sc);
1495         rtwn_set_led(sc, RTWN_LED_LINK, !sc->ledlink);
1496         RTWN_UNLOCK(sc);
1497
1498         sc->sc_scan_curchan(ss, maxdwell);
1499 }
1500
1501 static void
1502 rtwn_scan_end(struct ieee80211com *ic)
1503 {
1504         struct rtwn_softc *sc = ic->ic_softc;
1505
1506         RTWN_LOCK(sc);
1507         /* Restore limitations. */
1508         if (ic->ic_promisc == 0 && sc->bcn_vaps == 0)
1509                 rtwn_set_rx_bssid_all(sc, 0);
1510
1511         /* Restore LED state. */
1512         rtwn_set_led(sc, RTWN_LED_LINK, (sc->vaps_running != 0));
1513
1514         /* Restore basic rates mask. */
1515         rtwn_calc_basicrates(sc);
1516
1517         /* Resume beaconing. */
1518         rtwn_setbits_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_BCN, 0);
1519         RTWN_UNLOCK(sc);
1520 }
1521
1522 static void
1523 rtwn_getradiocaps(struct ieee80211com *ic,
1524     int maxchans, int *nchans, struct ieee80211_channel chans[])
1525 {
1526         struct rtwn_softc *sc = ic->ic_softc;
1527         uint8_t bands[IEEE80211_MODE_BYTES];
1528         int i;
1529
1530         memset(bands, 0, sizeof(bands));
1531         setbit(bands, IEEE80211_MODE_11B);
1532         setbit(bands, IEEE80211_MODE_11G);
1533         setbit(bands, IEEE80211_MODE_11NG);
1534         ieee80211_add_channels_default_2ghz(chans, maxchans, nchans,
1535             bands, !!(ic->ic_htcaps & IEEE80211_HTCAP_CHWIDTH40));
1536
1537         /* XXX workaround add_channel_list() limitations */
1538         setbit(bands, IEEE80211_MODE_11A);
1539         setbit(bands, IEEE80211_MODE_11NA);
1540         for (i = 0; i < nitems(sc->chan_num_5ghz); i++) {
1541                 if (sc->chan_num_5ghz[i] == 0)
1542                         continue;
1543
1544                 ieee80211_add_channel_list_5ghz(chans, maxchans, nchans,
1545                     sc->chan_list_5ghz[i], sc->chan_num_5ghz[i], bands,
1546                     !!(ic->ic_htcaps & IEEE80211_HTCAP_CHWIDTH40));
1547         }
1548 }
1549
1550 static void
1551 rtwn_update_chw(struct ieee80211com *ic)
1552 {
1553 }
1554
1555 static void
1556 rtwn_set_channel(struct ieee80211com *ic)
1557 {
1558         struct rtwn_softc *sc = ic->ic_softc;
1559         struct ieee80211_channel *c = ic->ic_curchan;
1560
1561         RTWN_LOCK(sc);
1562         rtwn_set_chan(sc, c);
1563         RTWN_UNLOCK(sc);
1564 }
1565
1566 static int
1567 rtwn_wme_update(struct ieee80211com *ic)
1568 {
1569         struct chanAccParams chp;
1570         struct ieee80211_channel *c = ic->ic_curchan;
1571         struct rtwn_softc *sc = ic->ic_softc;
1572         struct wmeParams *wmep = sc->cap_wmeParams;
1573         uint8_t aifs, acm, slottime;
1574         int ac;
1575
1576         ieee80211_wme_ic_getparams(ic, &chp);
1577
1578         /* Prevent possible races. */
1579         IEEE80211_LOCK(ic);     /* XXX */
1580         RTWN_LOCK(sc);
1581         memcpy(wmep, chp.cap_wmeParams, sizeof(sc->cap_wmeParams));
1582         RTWN_UNLOCK(sc);
1583         IEEE80211_UNLOCK(ic);
1584
1585         acm = 0;
1586         slottime = IEEE80211_GET_SLOTTIME(ic);
1587
1588         RTWN_LOCK(sc);
1589         for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
1590                 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
1591                 aifs = wmep[ac].wmep_aifsn * slottime +
1592                     (IEEE80211_IS_CHAN_5GHZ(c) ?
1593                         IEEE80211_DUR_OFDM_SIFS : IEEE80211_DUR_SIFS);
1594                 rtwn_write_4(sc, wme2reg[ac],
1595                     SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) |
1596                     SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) |
1597                     SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) |
1598                     SM(R92C_EDCA_PARAM_AIFS, aifs));
1599                 if (ac != WME_AC_BE)
1600                         acm |= wmep[ac].wmep_acm << ac;
1601         }
1602
1603         if (acm != 0)
1604                 acm |= R92C_ACMHWCTRL_EN;
1605         rtwn_setbits_1(sc, R92C_ACMHWCTRL, R92C_ACMHWCTRL_ACM_MASK, acm);
1606         RTWN_UNLOCK(sc);
1607
1608         return 0;
1609 }
1610
1611 static void
1612 rtwn_update_slot(struct ieee80211com *ic)
1613 {
1614         rtwn_cmd_sleepable(ic->ic_softc, NULL, 0, rtwn_update_slot_cb);
1615 }
1616
1617 static void
1618 rtwn_update_slot_cb(struct rtwn_softc *sc, union sec_param *data)
1619 {
1620         struct ieee80211com *ic = &sc->sc_ic;
1621         uint8_t slottime;
1622
1623         slottime = IEEE80211_GET_SLOTTIME(ic);
1624
1625         RTWN_DPRINTF(sc, RTWN_DEBUG_STATE, "%s: setting slot time to %uus\n",
1626             __func__, slottime);
1627
1628         rtwn_write_1(sc, R92C_SLOT, slottime);
1629         rtwn_update_aifs(sc, slottime);
1630 }
1631
1632 static void
1633 rtwn_update_aifs(struct rtwn_softc *sc, uint8_t slottime)
1634 {
1635         struct ieee80211_channel *c = sc->sc_ic.ic_curchan;
1636         const struct wmeParams *wmep = sc->cap_wmeParams;
1637         uint8_t aifs, ac;
1638
1639         for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
1640                 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
1641                 aifs = wmep[ac].wmep_aifsn * slottime +
1642                     (IEEE80211_IS_CHAN_5GHZ(c) ?
1643                         IEEE80211_DUR_OFDM_SIFS : IEEE80211_DUR_SIFS);
1644                 rtwn_write_1(sc, wme2reg[ac], aifs);
1645         }
1646 }
1647
1648 static void
1649 rtwn_update_promisc(struct ieee80211com *ic)
1650 {
1651         struct rtwn_softc *sc = ic->ic_softc;
1652
1653         RTWN_LOCK(sc);
1654         if (sc->sc_flags & RTWN_RUNNING)
1655                 rtwn_set_promisc(sc);
1656         RTWN_UNLOCK(sc);
1657 }
1658
1659 static void
1660 rtwn_update_mcast(struct ieee80211com *ic)
1661 {
1662         struct rtwn_softc *sc = ic->ic_softc;
1663
1664         RTWN_LOCK(sc);
1665         if (sc->sc_flags & RTWN_RUNNING)
1666                 rtwn_set_multi(sc);
1667         RTWN_UNLOCK(sc);
1668 }
1669
1670 static int
1671 rtwn_set_bssid(struct rtwn_softc *sc, const uint8_t *bssid, int id)
1672 {
1673         int error;
1674
1675         error = rtwn_write_4(sc, R92C_BSSID(id), le32dec(&bssid[0]));
1676         if (error != 0)
1677                 return (error);
1678         error = rtwn_write_2(sc, R92C_BSSID(id) + 4, le16dec(&bssid[4]));
1679
1680         return (error);
1681 }
1682
1683 static int
1684 rtwn_set_macaddr(struct rtwn_softc *sc, const uint8_t *addr, int id)
1685 {
1686         int error;
1687
1688         error = rtwn_write_4(sc, R92C_MACID(id), le32dec(&addr[0]));
1689         if (error != 0)
1690                 return (error);
1691         error = rtwn_write_2(sc, R92C_MACID(id) + 4, le16dec(&addr[4]));
1692
1693         return (error);
1694 }
1695
1696 static struct ieee80211_node *
1697 rtwn_node_alloc(struct ieee80211vap *vap,
1698     const uint8_t mac[IEEE80211_ADDR_LEN])
1699 {
1700         struct rtwn_node *un;
1701
1702         un = malloc(sizeof (struct rtwn_node), M_80211_NODE,
1703             M_NOWAIT | M_ZERO);
1704
1705         if (un == NULL)
1706                 return NULL;
1707
1708         un->id = RTWN_MACID_UNDEFINED;
1709         un->avg_pwdb = -1;
1710
1711         return &un->ni;
1712 }
1713
1714 static void
1715 rtwn_newassoc(struct ieee80211_node *ni, int isnew __unused)
1716 {
1717         struct rtwn_softc *sc = ni->ni_ic->ic_softc;
1718         struct rtwn_node *un = RTWN_NODE(ni);
1719         int id;
1720
1721         if (un->id != RTWN_MACID_UNDEFINED)
1722                 return;
1723
1724         RTWN_NT_LOCK(sc);
1725         for (id = 0; id <= sc->macid_limit; id++) {
1726                 if (id != RTWN_MACID_BC && sc->node_list[id] == NULL) {
1727                         un->id = id;
1728                         sc->node_list[id] = ni;
1729                         break;
1730                 }
1731         }
1732         RTWN_NT_UNLOCK(sc);
1733
1734         if (id > sc->macid_limit) {
1735                 device_printf(sc->sc_dev, "%s: node table is full\n",
1736                     __func__);
1737                 return;
1738         }
1739
1740         /* Notify firmware. */
1741         id |= RTWN_MACID_VALID;
1742         rtwn_cmd_sleepable(sc, &id, sizeof(id), rtwn_set_media_status);
1743 }
1744
1745 static void
1746 rtwn_node_free(struct ieee80211_node *ni)
1747 {
1748         struct rtwn_softc *sc = ni->ni_ic->ic_softc;
1749         struct rtwn_node *un = RTWN_NODE(ni);
1750
1751         RTWN_NT_LOCK(sc);
1752         if (un->id != RTWN_MACID_UNDEFINED) {
1753                 sc->node_list[un->id] = NULL;
1754                 rtwn_cmd_sleepable(sc, &un->id, sizeof(un->id),
1755                     rtwn_set_media_status);
1756         }
1757         RTWN_NT_UNLOCK(sc);
1758
1759         sc->sc_node_free(ni);
1760 }
1761
1762 static void
1763 rtwn_init_beacon_reg(struct rtwn_softc *sc)
1764 {
1765         rtwn_write_1(sc, R92C_BCN_CTRL(0), R92C_BCN_CTRL_DIS_TSF_UDT0);
1766         rtwn_write_1(sc, R92C_BCN_CTRL(1), R92C_BCN_CTRL_DIS_TSF_UDT0);
1767         rtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404);
1768         rtwn_write_1(sc, R92C_DRVERLYINT, 0x05);
1769         rtwn_write_1(sc, R92C_BCNDMATIM, 0x02);
1770         rtwn_write_2(sc, R92C_BCNTCFG, 0x660f);
1771 }
1772
1773 static int
1774 rtwn_init(struct rtwn_softc *sc)
1775 {
1776         struct ieee80211com *ic = &sc->sc_ic;
1777         int i, error;
1778
1779         RTWN_LOCK(sc);
1780         if (sc->sc_flags & RTWN_RUNNING) {
1781                 RTWN_UNLOCK(sc);
1782                 return (0);
1783         }
1784         sc->sc_flags |= RTWN_STARTED;
1785
1786         /* Power on adapter. */
1787         error = rtwn_power_on(sc);
1788         if (error != 0)
1789                 goto fail;
1790
1791 #ifndef RTWN_WITHOUT_UCODE
1792         /* Load 8051 microcode. */
1793         error = rtwn_load_firmware(sc);
1794         if (error == 0)
1795                 sc->sc_flags |= RTWN_FW_LOADED;
1796
1797         /* Init firmware commands ring. */
1798         sc->fwcur = 0;
1799 #endif
1800
1801         /* Initialize MAC block. */
1802         error = rtwn_mac_init(sc);
1803         if (error != 0) {
1804                 device_printf(sc->sc_dev,
1805                     "%s: error while initializing MAC block\n", __func__);
1806                 goto fail;
1807         }
1808
1809         /* Initialize DMA. */
1810         error = rtwn_dma_init(sc);
1811         if (error != 0)
1812                 goto fail;
1813
1814         /* Drop incorrect TX (USB). */
1815         rtwn_drop_incorrect_tx(sc);
1816
1817         /* Set info size in Rx descriptors (in 64-bit words). */
1818         rtwn_write_1(sc, R92C_RX_DRVINFO_SZ, R92C_RX_DRVINFO_SZ_DEF);
1819
1820         /* Init interrupts. */
1821         rtwn_init_intr(sc);
1822
1823         for (i = 0; i < nitems(sc->vaps); i++) {
1824                 struct rtwn_vap *uvp = sc->vaps[i];
1825
1826                 /* Set initial network type. */
1827                 rtwn_set_mode(sc, R92C_MSR_NOLINK, i);
1828
1829                 if (uvp == NULL)
1830                         continue;
1831
1832                 /* Set MAC address. */
1833                 error = rtwn_set_macaddr(sc, uvp->vap.iv_myaddr, uvp->id);
1834                 if (error != 0)
1835                         goto fail;
1836         }
1837
1838         /* Initialize Rx filter. */
1839         rtwn_rxfilter_init(sc);
1840
1841         /* Set short/long retry limits. */
1842         rtwn_write_2(sc, R92C_RL,
1843             SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30));
1844
1845         /* Initialize EDCA parameters. */
1846         rtwn_init_edca(sc);
1847
1848         rtwn_setbits_1(sc, R92C_FWHW_TXQ_CTRL, 0,
1849             R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW);
1850         /* Set ACK timeout. */
1851         rtwn_write_1(sc, R92C_ACKTO, sc->ackto);
1852
1853         /* Setup aggregation. */
1854         /* Tx aggregation. */
1855         rtwn_init_tx_agg(sc);
1856         rtwn_init_rx_agg(sc);
1857
1858         /* Initialize beacon parameters. */
1859         rtwn_init_beacon_reg(sc);
1860
1861         /* Init A-MPDU parameters. */
1862         rtwn_init_ampdu(sc);
1863
1864         /* Init MACTXEN / MACRXEN after setting RxFF boundary. */
1865         rtwn_setbits_1(sc, R92C_CR, 0, R92C_CR_MACTXEN | R92C_CR_MACRXEN);
1866
1867         /* Initialize BB/RF blocks. */
1868         rtwn_init_bb(sc);
1869         rtwn_init_rf(sc);
1870
1871         /* Initialize wireless band. */
1872         rtwn_set_chan(sc, ic->ic_curchan);
1873
1874         /* Clear per-station keys table. */
1875         rtwn_init_cam(sc);
1876
1877         /* Enable decryption / encryption. */
1878         rtwn_init_seccfg(sc);
1879
1880         /* Install static keys (if any). */
1881         for (i = 0; i < nitems(sc->vaps); i++) {
1882                 if (sc->vaps[i] != NULL) {
1883                         error = rtwn_init_static_keys(sc, sc->vaps[i]);
1884                         if (error != 0)
1885                                 goto fail;
1886                 }
1887         }
1888
1889         /* Initialize antenna selection. */
1890         rtwn_init_antsel(sc);
1891
1892         /* Enable hardware sequence numbering. */
1893         rtwn_write_1(sc, R92C_HWSEQ_CTRL, R92C_TX_QUEUE_ALL);
1894
1895         /* Disable BAR. */
1896         rtwn_write_4(sc, R92C_BAR_MODE_CTRL, 0x0201ffff);
1897
1898         /* NAV limit. */
1899         rtwn_write_1(sc, R92C_NAV_UPPER, 0);
1900
1901         /* Initialize GPIO setting. */
1902         rtwn_setbits_1(sc, R92C_GPIO_MUXCFG, R92C_GPIO_MUXCFG_ENBT, 0);
1903
1904         /* Initialize MRR. */
1905         rtwn_mrr_init(sc);
1906
1907         /* Device-specific post initialization. */
1908         rtwn_post_init(sc);
1909
1910         rtwn_start_xfers(sc);
1911
1912 #ifndef D4054
1913         callout_reset(&sc->sc_watchdog_to, hz, rtwn_watchdog, sc);
1914 #endif
1915
1916         sc->sc_flags |= RTWN_RUNNING;
1917 fail:
1918         RTWN_UNLOCK(sc);
1919
1920         return (error);
1921 }
1922
1923 static void
1924 rtwn_stop(struct rtwn_softc *sc)
1925 {
1926
1927         RTWN_LOCK(sc);
1928         if (!(sc->sc_flags & RTWN_STARTED)) {
1929                 RTWN_UNLOCK(sc);
1930                 return;
1931         }
1932
1933 #ifndef D4054
1934         callout_stop(&sc->sc_watchdog_to);
1935         sc->sc_tx_timer = 0;
1936 #endif
1937         sc->sc_flags &= ~(RTWN_STARTED | RTWN_RUNNING | RTWN_FW_LOADED);
1938         sc->sc_flags &= ~RTWN_TEMP_MEASURED;
1939         sc->fwver = 0;
1940         sc->thcal_temp = 0;
1941         sc->cur_bcnq_id = RTWN_VAP_ID_INVALID;
1942         bzero(&sc->last_physt, sizeof(sc->last_physt));
1943
1944 #ifdef D4054
1945         ieee80211_tx_watchdog_stop(&sc->sc_ic);
1946 #endif
1947
1948         rtwn_abort_xfers(sc);
1949         rtwn_drain_mbufq(sc);
1950         rtwn_power_off(sc);
1951         rtwn_reset_lists(sc, NULL);
1952         RTWN_UNLOCK(sc);
1953 }
1954
1955 MODULE_VERSION(rtwn, 2);
1956 MODULE_DEPEND(rtwn, wlan, 1, 1, 1);
1957 #ifndef RTWN_WITHOUT_UCODE
1958 MODULE_DEPEND(rtwn, firmware, 1, 1, 1);
1959 #endif