1 /* $OpenBSD: if_urtwn.c,v 1.16 2011/02/10 17:26:40 jakemsr Exp $ */
4 * Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr>
5 * Copyright (c) 2014 Kevin Lo <kevlo@FreeBSD.org>
6 * Copyright (c) 2015 Andriy Voskoboinyk <avos@FreeBSD.org>
8 * Permission to use, copy, modify, and distribute this software for any
9 * purpose with or without fee is hereby granted, provided that the above
10 * copyright notice and this permission notice appear in all copies.
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21 #include <sys/cdefs.h>
22 __FBSDID("$FreeBSD$");
25 * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188EU/RTL8188RU/RTL8192CU.
29 #include "opt_urtwn.h"
31 #include <sys/param.h>
32 #include <sys/sockio.h>
33 #include <sys/sysctl.h>
35 #include <sys/mutex.h>
36 #include <sys/condvar.h>
38 #include <sys/kernel.h>
39 #include <sys/socket.h>
40 #include <sys/systm.h>
41 #include <sys/malloc.h>
42 #include <sys/module.h>
44 #include <sys/endian.h>
45 #include <sys/linker.h>
46 #include <sys/firmware.h>
49 #include <machine/bus.h>
50 #include <machine/resource.h>
55 #include <net/if_var.h>
56 #include <net/if_arp.h>
57 #include <net/ethernet.h>
58 #include <net/if_dl.h>
59 #include <net/if_media.h>
60 #include <net/if_types.h>
62 #include <netinet/in.h>
63 #include <netinet/in_systm.h>
64 #include <netinet/in_var.h>
65 #include <netinet/if_ether.h>
66 #include <netinet/ip.h>
68 #include <net80211/ieee80211_var.h>
69 #include <net80211/ieee80211_regdomain.h>
70 #include <net80211/ieee80211_radiotap.h>
71 #include <net80211/ieee80211_ratectl.h>
72 #ifdef IEEE80211_SUPPORT_SUPERG
73 #include <net80211/ieee80211_superg.h>
76 #include <dev/usb/usb.h>
77 #include <dev/usb/usbdi.h>
78 #include <dev/usb/usb_device.h>
81 #include <dev/usb/usb_debug.h>
83 #include <dev/urtwn/if_urtwnreg.h>
84 #include <dev/urtwn/if_urtwnvar.h>
88 URTWN_DEBUG_XMIT = 0x00000001, /* basic xmit operation */
89 URTWN_DEBUG_RECV = 0x00000002, /* basic recv operation */
90 URTWN_DEBUG_STATE = 0x00000004, /* 802.11 state transitions */
91 URTWN_DEBUG_RA = 0x00000008, /* f/w rate adaptation setup */
92 URTWN_DEBUG_USB = 0x00000010, /* usb requests */
93 URTWN_DEBUG_FIRMWARE = 0x00000020, /* firmware(9) loading debug */
94 URTWN_DEBUG_BEACON = 0x00000040, /* beacon handling */
95 URTWN_DEBUG_INTR = 0x00000080, /* ISR */
96 URTWN_DEBUG_TEMP = 0x00000100, /* temperature calibration */
97 URTWN_DEBUG_ROM = 0x00000200, /* various ROM info */
98 URTWN_DEBUG_KEY = 0x00000400, /* crypto keys management */
99 URTWN_DEBUG_TXPWR = 0x00000800, /* dump Tx power values */
100 URTWN_DEBUG_RSSI = 0x00001000, /* dump RSSI lookups */
101 URTWN_DEBUG_ANY = 0xffffffff
104 #define URTWN_DPRINTF(_sc, _m, ...) do { \
105 if ((_sc)->sc_debug & (_m)) \
106 device_printf((_sc)->sc_dev, __VA_ARGS__); \
110 #define URTWN_DPRINTF(_sc, _m, ...) do { (void) sc; } while (0)
113 #define IEEE80211_HAS_ADDR4(wh) IEEE80211_IS_DSTODS(wh)
115 static int urtwn_enable_11n = 1;
116 TUNABLE_INT("hw.usb.urtwn.enable_11n", &urtwn_enable_11n);
118 /* various supported device vendors/products */
119 static const STRUCT_USB_HOST_ID urtwn_devs[] = {
120 #define URTWN_DEV(v,p) { USB_VP(USB_VENDOR_##v, USB_PRODUCT_##v##_##p) }
121 #define URTWN_RTL8188E_DEV(v,p) \
122 { USB_VPI(USB_VENDOR_##v, USB_PRODUCT_##v##_##p, URTWN_RTL8188E) }
123 #define URTWN_RTL8188E 1
124 URTWN_DEV(ABOCOM, RTL8188CU_1),
125 URTWN_DEV(ABOCOM, RTL8188CU_2),
126 URTWN_DEV(ABOCOM, RTL8192CU),
127 URTWN_DEV(ASUS, RTL8192CU),
128 URTWN_DEV(ASUS, USBN10NANO),
129 URTWN_DEV(AZUREWAVE, RTL8188CE_1),
130 URTWN_DEV(AZUREWAVE, RTL8188CE_2),
131 URTWN_DEV(AZUREWAVE, RTL8188CU),
132 URTWN_DEV(BELKIN, F7D2102),
133 URTWN_DEV(BELKIN, RTL8188CU),
134 URTWN_DEV(BELKIN, RTL8192CU),
135 URTWN_DEV(CHICONY, RTL8188CUS_1),
136 URTWN_DEV(CHICONY, RTL8188CUS_2),
137 URTWN_DEV(CHICONY, RTL8188CUS_3),
138 URTWN_DEV(CHICONY, RTL8188CUS_4),
139 URTWN_DEV(CHICONY, RTL8188CUS_5),
140 URTWN_DEV(COREGA, RTL8192CU),
141 URTWN_DEV(DLINK, RTL8188CU),
142 URTWN_DEV(DLINK, RTL8192CU_1),
143 URTWN_DEV(DLINK, RTL8192CU_2),
144 URTWN_DEV(DLINK, RTL8192CU_3),
145 URTWN_DEV(DLINK, DWA131B),
146 URTWN_DEV(EDIMAX, EW7811UN),
147 URTWN_DEV(EDIMAX, RTL8192CU),
148 URTWN_DEV(FEIXUN, RTL8188CU),
149 URTWN_DEV(FEIXUN, RTL8192CU),
150 URTWN_DEV(GUILLEMOT, HWNUP150),
151 URTWN_DEV(HAWKING, RTL8192CU),
152 URTWN_DEV(HP3, RTL8188CU),
153 URTWN_DEV(NETGEAR, WNA1000M),
154 URTWN_DEV(NETGEAR, RTL8192CU),
155 URTWN_DEV(NETGEAR4, RTL8188CU),
156 URTWN_DEV(NOVATECH, RTL8188CU),
157 URTWN_DEV(PLANEX2, RTL8188CU_1),
158 URTWN_DEV(PLANEX2, RTL8188CU_2),
159 URTWN_DEV(PLANEX2, RTL8188CU_3),
160 URTWN_DEV(PLANEX2, RTL8188CU_4),
161 URTWN_DEV(PLANEX2, RTL8188CUS),
162 URTWN_DEV(PLANEX2, RTL8192CU),
163 URTWN_DEV(REALTEK, RTL8188CE_0),
164 URTWN_DEV(REALTEK, RTL8188CE_1),
165 URTWN_DEV(REALTEK, RTL8188CTV),
166 URTWN_DEV(REALTEK, RTL8188CU_0),
167 URTWN_DEV(REALTEK, RTL8188CU_1),
168 URTWN_DEV(REALTEK, RTL8188CU_2),
169 URTWN_DEV(REALTEK, RTL8188CU_3),
170 URTWN_DEV(REALTEK, RTL8188CU_COMBO),
171 URTWN_DEV(REALTEK, RTL8188CUS),
172 URTWN_DEV(REALTEK, RTL8188RU_1),
173 URTWN_DEV(REALTEK, RTL8188RU_2),
174 URTWN_DEV(REALTEK, RTL8188RU_3),
175 URTWN_DEV(REALTEK, RTL8191CU),
176 URTWN_DEV(REALTEK, RTL8192CE),
177 URTWN_DEV(REALTEK, RTL8192CU),
178 URTWN_DEV(SITECOMEU, RTL8188CU_1),
179 URTWN_DEV(SITECOMEU, RTL8188CU_2),
180 URTWN_DEV(SITECOMEU, RTL8192CU),
181 URTWN_DEV(TRENDNET, RTL8188CU),
182 URTWN_DEV(TRENDNET, RTL8192CU),
183 URTWN_DEV(ZYXEL, RTL8192CU),
185 URTWN_RTL8188E_DEV(ABOCOM, RTL8188EU),
186 URTWN_RTL8188E_DEV(DLINK, DWA123D1),
187 URTWN_RTL8188E_DEV(DLINK, DWA125D1),
188 URTWN_RTL8188E_DEV(ELECOM, WDC150SU2M),
189 URTWN_RTL8188E_DEV(TPLINK, WN722NV2),
190 URTWN_RTL8188E_DEV(REALTEK, RTL8188ETV),
191 URTWN_RTL8188E_DEV(REALTEK, RTL8188EU),
192 #undef URTWN_RTL8188E_DEV
196 static device_probe_t urtwn_match;
197 static device_attach_t urtwn_attach;
198 static device_detach_t urtwn_detach;
200 static usb_callback_t urtwn_bulk_tx_callback;
201 static usb_callback_t urtwn_bulk_rx_callback;
203 static void urtwn_sysctlattach(struct urtwn_softc *);
204 static void urtwn_drain_mbufq(struct urtwn_softc *);
205 static usb_error_t urtwn_do_request(struct urtwn_softc *,
206 struct usb_device_request *, void *);
207 static struct ieee80211vap *urtwn_vap_create(struct ieee80211com *,
208 const char [IFNAMSIZ], int, enum ieee80211_opmode, int,
209 const uint8_t [IEEE80211_ADDR_LEN],
210 const uint8_t [IEEE80211_ADDR_LEN]);
211 static void urtwn_vap_delete(struct ieee80211vap *);
212 static void urtwn_vap_clear_tx(struct urtwn_softc *,
213 struct ieee80211vap *);
214 static void urtwn_vap_clear_tx_queue(struct urtwn_softc *,
215 urtwn_datahead *, struct ieee80211vap *);
216 static struct mbuf * urtwn_rx_copy_to_mbuf(struct urtwn_softc *,
217 struct r92c_rx_stat *, int);
218 static struct mbuf * urtwn_report_intr(struct usb_xfer *,
219 struct urtwn_data *);
220 static struct mbuf * urtwn_rxeof(struct urtwn_softc *, uint8_t *, int);
221 static void urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *,
223 static struct ieee80211_node *urtwn_rx_frame(struct urtwn_softc *,
224 struct mbuf *, int8_t *);
225 static void urtwn_txeof(struct urtwn_softc *, struct urtwn_data *,
227 static int urtwn_alloc_list(struct urtwn_softc *,
228 struct urtwn_data[], int, int);
229 static int urtwn_alloc_rx_list(struct urtwn_softc *);
230 static int urtwn_alloc_tx_list(struct urtwn_softc *);
231 static void urtwn_free_list(struct urtwn_softc *,
232 struct urtwn_data data[], int);
233 static void urtwn_free_rx_list(struct urtwn_softc *);
234 static void urtwn_free_tx_list(struct urtwn_softc *);
235 static struct urtwn_data * _urtwn_getbuf(struct urtwn_softc *);
236 static struct urtwn_data * urtwn_getbuf(struct urtwn_softc *);
237 static usb_error_t urtwn_write_region_1(struct urtwn_softc *, uint16_t,
239 static usb_error_t urtwn_write_1(struct urtwn_softc *, uint16_t, uint8_t);
240 static usb_error_t urtwn_write_2(struct urtwn_softc *, uint16_t, uint16_t);
241 static usb_error_t urtwn_write_4(struct urtwn_softc *, uint16_t, uint32_t);
242 static usb_error_t urtwn_read_region_1(struct urtwn_softc *, uint16_t,
244 static uint8_t urtwn_read_1(struct urtwn_softc *, uint16_t);
245 static uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t);
246 static uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t);
247 static int urtwn_fw_cmd(struct urtwn_softc *, uint8_t,
249 static void urtwn_cmdq_cb(void *, int);
250 static int urtwn_cmd_sleepable(struct urtwn_softc *, const void *,
251 size_t, CMD_FUNC_PROTO);
252 static void urtwn_r92c_rf_write(struct urtwn_softc *, int,
254 static void urtwn_r88e_rf_write(struct urtwn_softc *, int,
256 static uint32_t urtwn_rf_read(struct urtwn_softc *, int, uint8_t);
257 static int urtwn_llt_write(struct urtwn_softc *, uint32_t,
259 static int urtwn_efuse_read_next(struct urtwn_softc *, uint8_t *);
260 static int urtwn_efuse_read_data(struct urtwn_softc *, uint8_t *,
263 static void urtwn_dump_rom_contents(struct urtwn_softc *,
264 uint8_t *, uint16_t);
266 static int urtwn_efuse_read(struct urtwn_softc *, uint8_t *,
268 static int urtwn_efuse_switch_power(struct urtwn_softc *);
269 static int urtwn_read_chipid(struct urtwn_softc *);
270 static int urtwn_read_rom(struct urtwn_softc *);
271 static int urtwn_r88e_read_rom(struct urtwn_softc *);
272 static int urtwn_ra_init(struct urtwn_softc *);
273 static void urtwn_init_beacon(struct urtwn_softc *,
275 static int urtwn_setup_beacon(struct urtwn_softc *,
276 struct ieee80211_node *);
277 static void urtwn_update_beacon(struct ieee80211vap *, int);
278 static int urtwn_tx_beacon(struct urtwn_softc *sc,
280 static int urtwn_key_alloc(struct ieee80211vap *,
281 struct ieee80211_key *, ieee80211_keyix *,
283 static void urtwn_key_set_cb(struct urtwn_softc *,
285 static void urtwn_key_del_cb(struct urtwn_softc *,
287 static int urtwn_key_set(struct ieee80211vap *,
288 const struct ieee80211_key *);
289 static int urtwn_key_delete(struct ieee80211vap *,
290 const struct ieee80211_key *);
291 static void urtwn_tsf_task_adhoc(void *, int);
292 static void urtwn_tsf_sync_enable(struct urtwn_softc *,
293 struct ieee80211vap *);
294 static void urtwn_get_tsf(struct urtwn_softc *, uint64_t *);
295 static void urtwn_set_led(struct urtwn_softc *, int, int);
296 static void urtwn_set_mode(struct urtwn_softc *, uint8_t);
297 static void urtwn_ibss_recv_mgmt(struct ieee80211_node *,
299 const struct ieee80211_rx_stats *, int, int);
300 static int urtwn_newstate(struct ieee80211vap *,
301 enum ieee80211_state, int);
302 static void urtwn_calib_to(void *);
303 static void urtwn_calib_cb(struct urtwn_softc *,
305 static void urtwn_watchdog(void *);
306 static void urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t);
307 static int8_t urtwn_get_rssi(struct urtwn_softc *, int, void *);
308 static int8_t urtwn_r88e_get_rssi(struct urtwn_softc *, int, void *);
309 static int urtwn_tx_data(struct urtwn_softc *,
310 struct ieee80211_node *, struct mbuf *,
311 struct urtwn_data *);
312 static int urtwn_tx_raw(struct urtwn_softc *,
313 struct ieee80211_node *, struct mbuf *,
315 const struct ieee80211_bpf_params *);
316 static void urtwn_tx_start(struct urtwn_softc *, struct mbuf *,
317 uint8_t, struct urtwn_data *);
318 static int urtwn_transmit(struct ieee80211com *, struct mbuf *);
319 static void urtwn_start(struct urtwn_softc *);
320 static void urtwn_parent(struct ieee80211com *);
321 static int urtwn_r92c_power_on(struct urtwn_softc *);
322 static int urtwn_r88e_power_on(struct urtwn_softc *);
323 static void urtwn_r92c_power_off(struct urtwn_softc *);
324 static void urtwn_r88e_power_off(struct urtwn_softc *);
325 static int urtwn_llt_init(struct urtwn_softc *);
326 #ifndef URTWN_WITHOUT_UCODE
327 static void urtwn_fw_reset(struct urtwn_softc *);
328 static void urtwn_r88e_fw_reset(struct urtwn_softc *);
329 static int urtwn_fw_loadpage(struct urtwn_softc *, int,
330 const uint8_t *, int);
331 static int urtwn_load_firmware(struct urtwn_softc *);
333 static int urtwn_dma_init(struct urtwn_softc *);
334 static int urtwn_mac_init(struct urtwn_softc *);
335 static void urtwn_bb_init(struct urtwn_softc *);
336 static void urtwn_rf_init(struct urtwn_softc *);
337 static void urtwn_cam_init(struct urtwn_softc *);
338 static int urtwn_cam_write(struct urtwn_softc *, uint32_t,
340 static void urtwn_pa_bias_init(struct urtwn_softc *);
341 static void urtwn_rxfilter_init(struct urtwn_softc *);
342 static void urtwn_edca_init(struct urtwn_softc *);
343 static void urtwn_write_txpower(struct urtwn_softc *, int,
345 static void urtwn_get_txpower(struct urtwn_softc *, int,
346 struct ieee80211_channel *,
347 struct ieee80211_channel *, uint16_t[]);
348 static void urtwn_r88e_get_txpower(struct urtwn_softc *, int,
349 struct ieee80211_channel *,
350 struct ieee80211_channel *, uint16_t[]);
351 static void urtwn_set_txpower(struct urtwn_softc *,
352 struct ieee80211_channel *,
353 struct ieee80211_channel *);
354 static void urtwn_set_rx_bssid_all(struct urtwn_softc *, int);
355 static void urtwn_set_gain(struct urtwn_softc *, uint8_t);
356 static void urtwn_scan_start(struct ieee80211com *);
357 static void urtwn_scan_end(struct ieee80211com *);
358 static void urtwn_getradiocaps(struct ieee80211com *, int, int *,
359 struct ieee80211_channel[]);
360 static void urtwn_set_channel(struct ieee80211com *);
361 static int urtwn_wme_update(struct ieee80211com *);
362 static void urtwn_update_slot(struct ieee80211com *);
363 static void urtwn_update_slot_cb(struct urtwn_softc *,
365 static void urtwn_update_aifs(struct urtwn_softc *, uint8_t);
366 static uint8_t urtwn_get_multi_pos(const uint8_t[]);
367 static void urtwn_set_multi(struct urtwn_softc *);
368 static void urtwn_set_promisc(struct urtwn_softc *);
369 static void urtwn_update_promisc(struct ieee80211com *);
370 static void urtwn_update_mcast(struct ieee80211com *);
371 static struct ieee80211_node *urtwn_node_alloc(struct ieee80211vap *,
372 const uint8_t mac[IEEE80211_ADDR_LEN]);
373 static void urtwn_newassoc(struct ieee80211_node *, int);
374 static void urtwn_node_free(struct ieee80211_node *);
375 static void urtwn_set_chan(struct urtwn_softc *,
376 struct ieee80211_channel *,
377 struct ieee80211_channel *);
378 static void urtwn_iq_calib(struct urtwn_softc *);
379 static void urtwn_lc_calib(struct urtwn_softc *);
380 static void urtwn_temp_calib(struct urtwn_softc *);
381 static void urtwn_setup_static_keys(struct urtwn_softc *,
383 static int urtwn_init(struct urtwn_softc *);
384 static void urtwn_stop(struct urtwn_softc *);
385 static void urtwn_abort_xfers(struct urtwn_softc *);
386 static int urtwn_raw_xmit(struct ieee80211_node *, struct mbuf *,
387 const struct ieee80211_bpf_params *);
388 static void urtwn_ms_delay(struct urtwn_softc *);
391 #define urtwn_bb_write urtwn_write_4
392 #define urtwn_bb_read urtwn_read_4
394 static const struct usb_config urtwn_config[URTWN_N_TRANSFER] = {
397 .endpoint = UE_ADDR_ANY,
398 .direction = UE_DIR_IN,
399 .bufsize = URTWN_RXBUFSZ,
404 .callback = urtwn_bulk_rx_callback,
406 [URTWN_BULK_TX_BE] = {
409 .direction = UE_DIR_OUT,
410 .bufsize = URTWN_TXBUFSZ,
414 .force_short_xfer = 1
416 .callback = urtwn_bulk_tx_callback,
417 .timeout = URTWN_TX_TIMEOUT, /* ms */
419 [URTWN_BULK_TX_BK] = {
422 .direction = UE_DIR_OUT,
423 .bufsize = URTWN_TXBUFSZ,
427 .force_short_xfer = 1,
429 .callback = urtwn_bulk_tx_callback,
430 .timeout = URTWN_TX_TIMEOUT, /* ms */
432 [URTWN_BULK_TX_VI] = {
435 .direction = UE_DIR_OUT,
436 .bufsize = URTWN_TXBUFSZ,
440 .force_short_xfer = 1
442 .callback = urtwn_bulk_tx_callback,
443 .timeout = URTWN_TX_TIMEOUT, /* ms */
445 [URTWN_BULK_TX_VO] = {
448 .direction = UE_DIR_OUT,
449 .bufsize = URTWN_TXBUFSZ,
453 .force_short_xfer = 1
455 .callback = urtwn_bulk_tx_callback,
456 .timeout = URTWN_TX_TIMEOUT, /* ms */
460 static const struct wme_to_queue {
463 } wme2queue[WME_NUM_AC] = {
464 { R92C_EDCA_BE_PARAM, URTWN_BULK_TX_BE},
465 { R92C_EDCA_BK_PARAM, URTWN_BULK_TX_BK},
466 { R92C_EDCA_VI_PARAM, URTWN_BULK_TX_VI},
467 { R92C_EDCA_VO_PARAM, URTWN_BULK_TX_VO}
471 urtwn_match(device_t self)
473 struct usb_attach_arg *uaa = device_get_ivars(self);
475 if (uaa->usb_mode != USB_MODE_HOST)
477 if (uaa->info.bConfigIndex != URTWN_CONFIG_INDEX)
479 if (uaa->info.bIfaceIndex != URTWN_IFACE_INDEX)
482 return (usbd_lookup_id_by_uaa(urtwn_devs, sizeof(urtwn_devs), uaa));
486 urtwn_update_chw(struct ieee80211com *ic)
491 urtwn_ampdu_enable(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap)
494 /* We're driving this ourselves (eventually); don't involve net80211 */
499 urtwn_attach(device_t self)
501 struct usb_attach_arg *uaa = device_get_ivars(self);
502 struct urtwn_softc *sc = device_get_softc(self);
503 struct ieee80211com *ic = &sc->sc_ic;
506 device_set_usb_desc(self);
507 sc->sc_udev = uaa->device;
509 if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E)
510 sc->chip |= URTWN_CHIP_88E;
514 if (resource_int_value(device_get_name(sc->sc_dev),
515 device_get_unit(sc->sc_dev), "debug", &debug) == 0)
516 sc->sc_debug = debug;
519 mtx_init(&sc->sc_mtx, device_get_nameunit(self),
520 MTX_NETWORK_LOCK, MTX_DEF);
521 URTWN_CMDQ_LOCK_INIT(sc);
522 URTWN_NT_LOCK_INIT(sc);
523 callout_init(&sc->sc_calib_to, 0);
524 callout_init(&sc->sc_watchdog_ch, 0);
525 mbufq_init(&sc->sc_snd, ifqmaxlen);
527 sc->sc_iface_index = URTWN_IFACE_INDEX;
528 error = usbd_transfer_setup(uaa->device, &sc->sc_iface_index,
529 sc->sc_xfer, urtwn_config, URTWN_N_TRANSFER, sc, &sc->sc_mtx);
531 device_printf(self, "could not allocate USB transfers, "
532 "err=%s\n", usbd_errstr(error));
538 error = urtwn_read_chipid(sc);
540 device_printf(sc->sc_dev, "unsupported test chip\n");
545 /* Determine number of Tx/Rx chains. */
546 if (sc->chip & URTWN_CHIP_92C) {
547 sc->ntxchains = (sc->chip & URTWN_CHIP_92C_1T2R) ? 1 : 2;
554 if (sc->chip & URTWN_CHIP_88E)
555 error = urtwn_r88e_read_rom(sc);
557 error = urtwn_read_rom(sc);
559 device_printf(sc->sc_dev, "%s: cannot read rom, error %d\n",
565 device_printf(sc->sc_dev, "MAC/BB RTL%s, RF 6052 %dT%dR\n",
566 (sc->chip & URTWN_CHIP_92C) ? "8192CU" :
567 (sc->chip & URTWN_CHIP_88E) ? "8188EU" :
568 (sc->board_type == R92C_BOARD_TYPE_HIGHPA) ? "8188RU" :
569 (sc->board_type == R92C_BOARD_TYPE_MINICARD) ? "8188CE-VAU" :
570 "8188CUS", sc->ntxchains, sc->nrxchains);
575 ic->ic_name = device_get_nameunit(self);
576 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
577 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
579 /* set device capabilities */
581 IEEE80211_C_STA /* station mode */
582 | IEEE80211_C_MONITOR /* monitor mode */
583 | IEEE80211_C_IBSS /* adhoc mode */
584 | IEEE80211_C_HOSTAP /* hostap mode */
585 | IEEE80211_C_SHPREAMBLE /* short preamble supported */
586 | IEEE80211_C_SHSLOT /* short slot time supported */
588 | IEEE80211_C_BGSCAN /* capable of bg scanning */
590 | IEEE80211_C_WPA /* 802.11i */
591 | IEEE80211_C_WME /* 802.11e */
592 | IEEE80211_C_SWAMSDUTX /* Do software A-MSDU TX */
593 | IEEE80211_C_FF /* Atheros fast-frames */
597 IEEE80211_CRYPTO_WEP |
598 IEEE80211_CRYPTO_TKIP |
599 IEEE80211_CRYPTO_AES_CCM;
601 /* Assume they're all 11n capable for now */
602 if (urtwn_enable_11n) {
603 device_printf(self, "enabling 11n\n");
604 ic->ic_htcaps = IEEE80211_HTC_HT |
606 IEEE80211_HTC_AMPDU |
608 IEEE80211_HTC_AMSDU |
609 IEEE80211_HTCAP_MAXAMSDU_3839 |
610 IEEE80211_HTCAP_SMPS_OFF;
611 /* no HT40 just yet */
612 // ic->ic_htcaps |= IEEE80211_HTCAP_CHWIDTH40;
614 /* XXX TODO: verify chains versus streams for urtwn */
615 ic->ic_txstream = sc->ntxchains;
616 ic->ic_rxstream = sc->nrxchains;
619 /* XXX TODO: setup regdomain if R92C_CHANNEL_PLAN_BY_HW bit is set. */
621 urtwn_getradiocaps(ic, IEEE80211_CHAN_MAX, &ic->ic_nchans,
624 ieee80211_ifattach(ic);
625 ic->ic_raw_xmit = urtwn_raw_xmit;
626 ic->ic_scan_start = urtwn_scan_start;
627 ic->ic_scan_end = urtwn_scan_end;
628 ic->ic_getradiocaps = urtwn_getradiocaps;
629 ic->ic_set_channel = urtwn_set_channel;
630 ic->ic_transmit = urtwn_transmit;
631 ic->ic_parent = urtwn_parent;
632 ic->ic_vap_create = urtwn_vap_create;
633 ic->ic_vap_delete = urtwn_vap_delete;
634 ic->ic_wme.wme_update = urtwn_wme_update;
635 ic->ic_updateslot = urtwn_update_slot;
636 ic->ic_update_promisc = urtwn_update_promisc;
637 ic->ic_update_mcast = urtwn_update_mcast;
638 if (sc->chip & URTWN_CHIP_88E) {
639 ic->ic_node_alloc = urtwn_node_alloc;
640 ic->ic_newassoc = urtwn_newassoc;
641 sc->sc_node_free = ic->ic_node_free;
642 ic->ic_node_free = urtwn_node_free;
644 ic->ic_update_chw = urtwn_update_chw;
645 ic->ic_ampdu_enable = urtwn_ampdu_enable;
647 ieee80211_radiotap_attach(ic, &sc->sc_txtap.wt_ihdr,
648 sizeof(sc->sc_txtap), URTWN_TX_RADIOTAP_PRESENT,
649 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap),
650 URTWN_RX_RADIOTAP_PRESENT);
652 TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc);
654 urtwn_sysctlattach(sc);
657 ieee80211_announce(ic);
663 return (ENXIO); /* failure */
667 urtwn_sysctlattach(struct urtwn_softc *sc)
670 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev);
671 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev);
673 SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
674 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug,
675 "control debugging printfs");
680 urtwn_detach(device_t self)
682 struct urtwn_softc *sc = device_get_softc(self);
683 struct ieee80211com *ic = &sc->sc_ic;
685 /* Prevent further ioctls. */
687 sc->sc_flags |= URTWN_DETACHED;
692 callout_drain(&sc->sc_watchdog_ch);
693 callout_drain(&sc->sc_calib_to);
695 /* stop all USB transfers */
696 usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER);
698 if (ic->ic_softc == sc) {
699 ieee80211_draintask(ic, &sc->cmdq_task);
700 ieee80211_ifdetach(ic);
703 URTWN_NT_LOCK_DESTROY(sc);
704 URTWN_CMDQ_LOCK_DESTROY(sc);
705 mtx_destroy(&sc->sc_mtx);
711 urtwn_drain_mbufq(struct urtwn_softc *sc)
714 struct ieee80211_node *ni;
715 URTWN_ASSERT_LOCKED(sc);
716 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
717 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
718 m->m_pkthdr.rcvif = NULL;
719 ieee80211_free_node(ni);
725 urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req,
731 URTWN_ASSERT_LOCKED(sc);
734 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx,
735 req, data, 0, NULL, 250 /* ms */);
739 URTWN_DPRINTF(sc, URTWN_DEBUG_USB,
740 "%s: control request failed, %s (retries left: %d)\n",
741 __func__, usbd_errstr(err), ntries);
742 usb_pause_mtx(&sc->sc_mtx, hz / 100);
747 static struct ieee80211vap *
748 urtwn_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit,
749 enum ieee80211_opmode opmode, int flags,
750 const uint8_t bssid[IEEE80211_ADDR_LEN],
751 const uint8_t mac[IEEE80211_ADDR_LEN])
753 struct urtwn_softc *sc = ic->ic_softc;
754 struct urtwn_vap *uvp;
755 struct ieee80211vap *vap;
757 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */
760 uvp = malloc(sizeof(struct urtwn_vap), M_80211_VAP, M_WAITOK | M_ZERO);
762 /* enable s/w bmiss handling for sta mode */
764 if (ieee80211_vap_setup(ic, vap, name, unit, opmode,
765 flags | IEEE80211_CLONE_NOBEACONS, bssid) != 0) {
767 free(uvp, M_80211_VAP);
771 if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS)
772 urtwn_init_beacon(sc, uvp);
774 /* override state transition machine */
775 uvp->newstate = vap->iv_newstate;
776 vap->iv_newstate = urtwn_newstate;
777 vap->iv_update_beacon = urtwn_update_beacon;
778 vap->iv_key_alloc = urtwn_key_alloc;
779 vap->iv_key_set = urtwn_key_set;
780 vap->iv_key_delete = urtwn_key_delete;
782 /* 802.11n parameters */
783 vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_16;
784 vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K;
786 if (opmode == IEEE80211_M_IBSS) {
787 uvp->recv_mgmt = vap->iv_recv_mgmt;
788 vap->iv_recv_mgmt = urtwn_ibss_recv_mgmt;
789 TASK_INIT(&uvp->tsf_task_adhoc, 0, urtwn_tsf_task_adhoc, vap);
792 if (URTWN_CHIP_HAS_RATECTL(sc))
793 ieee80211_ratectl_init(vap);
795 ieee80211_vap_attach(vap, ieee80211_media_change,
796 ieee80211_media_status, mac);
797 ic->ic_opmode = opmode;
802 urtwn_vap_delete(struct ieee80211vap *vap)
804 struct ieee80211com *ic = vap->iv_ic;
805 struct urtwn_softc *sc = ic->ic_softc;
806 struct urtwn_vap *uvp = URTWN_VAP(vap);
808 /* Guarantee that nothing will go through this vap. */
809 ieee80211_new_state(vap, IEEE80211_S_INIT, -1);
810 ieee80211_draintask(ic, &vap->iv_nstate_task);
813 if (uvp->bcn_mbuf != NULL)
814 m_freem(uvp->bcn_mbuf);
815 /* Cancel any unfinished Tx. */
816 urtwn_vap_clear_tx(sc, vap);
818 if (vap->iv_opmode == IEEE80211_M_IBSS)
819 ieee80211_draintask(ic, &uvp->tsf_task_adhoc);
820 if (URTWN_CHIP_HAS_RATECTL(sc))
821 ieee80211_ratectl_deinit(vap);
822 ieee80211_vap_detach(vap);
823 free(uvp, M_80211_VAP);
827 urtwn_vap_clear_tx(struct urtwn_softc *sc, struct ieee80211vap *vap)
830 URTWN_ASSERT_LOCKED(sc);
832 urtwn_vap_clear_tx_queue(sc, &sc->sc_tx_active, vap);
833 urtwn_vap_clear_tx_queue(sc, &sc->sc_tx_pending, vap);
837 urtwn_vap_clear_tx_queue(struct urtwn_softc *sc, urtwn_datahead *head,
838 struct ieee80211vap *vap)
840 struct urtwn_data *dp, *tmp;
842 STAILQ_FOREACH_SAFE(dp, head, next, tmp) {
843 if (dp->ni != NULL) {
844 if (dp->ni->ni_vap == vap) {
845 ieee80211_free_node(dp->ni);
853 STAILQ_REMOVE(head, dp, urtwn_data, next);
854 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, dp,
862 urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat,
865 struct ieee80211com *ic = &sc->sc_ic;
871 * don't pass packets to the ieee80211 framework if the driver isn't
874 if (!(sc->sc_flags & URTWN_RUNNING))
877 rxdw0 = le32toh(stat->rxdw0);
878 if (rxdw0 & (R92C_RXDW0_CRCERR | R92C_RXDW0_ICVERR)) {
880 * This should not happen since we setup our Rx filter
881 * to not receive these frames.
883 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
884 "%s: RX flags error (%s)\n", __func__,
885 rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV");
889 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN);
890 if (pktlen < sizeof(struct ieee80211_frame_ack)) {
891 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
892 "%s: frame is too short: %d\n", __func__, pktlen);
896 m = m_get2(totlen, M_NOWAIT, MT_DATA, M_PKTHDR);
897 if (__predict_false(m == NULL)) {
898 device_printf(sc->sc_dev, "%s: could not allocate RX mbuf\n",
904 memcpy(mtod(m, uint8_t *), (uint8_t *)stat, totlen);
905 m->m_pkthdr.len = m->m_len = totlen;
909 counter_u64_add(ic->ic_ierrors, 1);
914 urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data)
916 struct urtwn_softc *sc = data->sc;
917 struct ieee80211com *ic = &sc->sc_ic;
918 struct r92c_rx_stat *stat;
922 usbd_xfer_status(xfer, &len, NULL, NULL, NULL);
924 if (len < sizeof(*stat)) {
925 counter_u64_add(ic->ic_ierrors, 1);
930 stat = (struct r92c_rx_stat *)buf;
933 * For 88E chips we can tie the FF flushing here;
934 * this is where we do know exactly how deep the
937 * But it won't work for R92 chips, so we can't
938 * take the easy way out.
941 if (sc->chip & URTWN_CHIP_88E) {
942 int report_sel = MS(le32toh(stat->rxdw3), R88E_RXDW3_RPT);
944 switch (report_sel) {
945 case R88E_RXDW3_RPT_RX:
946 return (urtwn_rxeof(sc, buf, len));
947 case R88E_RXDW3_RPT_TX1:
948 urtwn_r88e_ratectl_tx_complete(sc, &stat[1]);
951 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR,
952 "%s: case %d was not handled\n", __func__,
957 return (urtwn_rxeof(sc, buf, len));
963 urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len)
965 struct r92c_rx_stat *stat;
966 struct mbuf *m, *m0 = NULL, *prevm = NULL;
968 int totlen, pktlen, infosz, npkts;
970 /* Get the number of encapsulated frames. */
971 stat = (struct r92c_rx_stat *)buf;
972 npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT);
973 URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
974 "%s: Rx %d frames in one chunk\n", __func__, npkts);
976 /* Process all of them. */
977 while (npkts-- > 0) {
978 if (len < sizeof(*stat))
980 stat = (struct r92c_rx_stat *)buf;
981 rxdw0 = le32toh(stat->rxdw0);
983 pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN);
987 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8;
989 /* Make sure everything fits in xfer. */
990 totlen = sizeof(*stat) + infosz + pktlen;
994 m = urtwn_rx_copy_to_mbuf(sc, stat, totlen);
1004 /* Next chunk is 128-byte aligned. */
1005 totlen = (totlen + 127) & ~127;
1014 urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg)
1016 struct r88e_tx_rpt_ccx *rpt = arg;
1017 struct ieee80211vap *vap;
1018 struct ieee80211_node *ni;
1022 macid = MS(rpt->rptb1, R88E_RPTB1_MACID);
1023 ntries = MS(rpt->rptb2, R88E_RPTB2_RETRY_CNT);
1026 ni = sc->node_list[macid];
1029 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: frame for macid %d was"
1030 "%s sent (%d retries)\n", __func__, macid,
1031 (rpt->rptb1 & R88E_RPTB1_PKT_OK) ? "" : " not",
1034 if (rpt->rptb1 & R88E_RPTB1_PKT_OK) {
1035 ieee80211_ratectl_tx_complete(vap, ni,
1036 IEEE80211_RATECTL_TX_SUCCESS, &ntries, NULL);
1038 ieee80211_ratectl_tx_complete(vap, ni,
1039 IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL);
1042 URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: macid %d, ni is NULL\n",
1045 URTWN_NT_UNLOCK(sc);
1048 static struct ieee80211_node *
1049 urtwn_rx_frame(struct urtwn_softc *sc, struct mbuf *m, int8_t *rssi_p)
1051 struct ieee80211com *ic = &sc->sc_ic;
1052 struct ieee80211_frame_min *wh;
1053 struct r92c_rx_stat *stat;
1054 uint32_t rxdw0, rxdw3;
1055 uint8_t rate, cipher;
1059 stat = mtod(m, struct r92c_rx_stat *);
1060 rxdw0 = le32toh(stat->rxdw0);
1061 rxdw3 = le32toh(stat->rxdw3);
1063 rate = MS(rxdw3, R92C_RXDW3_RATE);
1064 cipher = MS(rxdw0, R92C_RXDW0_CIPHER);
1065 infosz = MS(rxdw0, R92C_RXDW0_INFOSZ) * 8;
1067 /* Get RSSI from PHY status descriptor if present. */
1068 if (infosz != 0 && (rxdw0 & R92C_RXDW0_PHYST)) {
1069 if (sc->chip & URTWN_CHIP_88E)
1070 rssi = urtwn_r88e_get_rssi(sc, rate, &stat[1]);
1072 rssi = urtwn_get_rssi(sc, rate, &stat[1]);
1073 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: rssi=%d\n", __func__, rssi);
1074 /* Update our average RSSI. */
1075 urtwn_update_avgrssi(sc, rate, rssi);
1078 if (ieee80211_radiotap_active(ic)) {
1079 struct urtwn_rx_radiotap_header *tap = &sc->sc_rxtap;
1083 urtwn_get_tsf(sc, &tap->wr_tsft);
1084 if (__predict_false(le32toh((uint32_t)tap->wr_tsft) <
1085 le32toh(stat->rxdw5))) {
1086 tap->wr_tsft = le32toh(tap->wr_tsft >> 32) - 1;
1087 tap->wr_tsft = (uint64_t)htole32(tap->wr_tsft) << 32;
1089 tap->wr_tsft &= 0xffffffff00000000;
1090 tap->wr_tsft += stat->rxdw5;
1095 /* Map HW rate index to 802.11 rate. */
1096 if (!(rxdw3 & R92C_RXDW3_HT)) {
1097 tap->wr_rate = ridx2rate[rate];
1098 } else if (rate >= 12) { /* MCS0~15. */
1099 /* Bit 7 set means HT MCS instead of rate. */
1100 tap->wr_rate = 0x80 | (rate - 12);
1103 /* XXX TODO: this isn't right; should use the last good RSSI */
1104 tap->wr_dbm_antsignal = rssi;
1105 tap->wr_dbm_antnoise = URTWN_NOISE_FLOOR;
1110 /* Drop descriptor. */
1111 m_adj(m, sizeof(*stat) + infosz);
1112 wh = mtod(m, struct ieee80211_frame_min *);
1114 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) &&
1115 cipher != R92C_CAM_ALGO_NONE) {
1116 m->m_flags |= M_WEP;
1119 if (m->m_len >= sizeof(*wh))
1120 return (ieee80211_find_rxnode(ic, wh));
1126 urtwn_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error)
1128 struct urtwn_softc *sc = usbd_xfer_softc(xfer);
1129 struct ieee80211com *ic = &sc->sc_ic;
1130 struct ieee80211_node *ni;
1131 struct mbuf *m = NULL, *next;
1132 struct urtwn_data *data;
1135 URTWN_ASSERT_LOCKED(sc);
1137 switch (USB_GET_STATE(xfer)) {
1138 case USB_ST_TRANSFERRED:
1139 data = STAILQ_FIRST(&sc->sc_rx_active);
1142 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next);
1143 m = urtwn_report_intr(xfer, data);
1144 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next);
1148 data = STAILQ_FIRST(&sc->sc_rx_inactive);
1150 KASSERT(m == NULL, ("mbuf isn't NULL"));
1153 STAILQ_REMOVE_HEAD(&sc->sc_rx_inactive, next);
1154 STAILQ_INSERT_TAIL(&sc->sc_rx_active, data, next);
1155 usbd_xfer_set_frame_data(xfer, 0, data->buf,
1156 usbd_xfer_max_len(xfer));
1157 usbd_transfer_submit(xfer);
1160 * To avoid LOR we should unlock our private mutex here to call
1161 * ieee80211_input() because here is at the end of a USB
1162 * callback and safe to unlock.
1168 ni = urtwn_rx_frame(sc, m, &rssi);
1170 /* Store a global last-good RSSI */
1172 sc->last_rssi = rssi;
1176 nf = URTWN_NOISE_FLOOR;
1179 URTWN_NODE(ni)->last_rssi = rssi;
1180 if (ni->ni_flags & IEEE80211_NODE_HT)
1181 m->m_flags |= M_AMPDU;
1182 (void)ieee80211_input(ni, m,
1183 URTWN_NODE(ni)->last_rssi - nf, nf);
1184 ieee80211_free_node(ni);
1186 /* Use last good global RSSI */
1187 (void)ieee80211_input_all(ic, m,
1188 sc->last_rssi - nf, nf);
1195 /* needs it to the inactive queue due to a error. */
1196 data = STAILQ_FIRST(&sc->sc_rx_active);
1198 STAILQ_REMOVE_HEAD(&sc->sc_rx_active, next);
1199 STAILQ_INSERT_TAIL(&sc->sc_rx_inactive, data, next);
1201 if (error != USB_ERR_CANCELLED) {
1202 usbd_xfer_set_stall(xfer);
1203 counter_u64_add(ic->ic_ierrors, 1);
1209 /* Finished receive; age anything left on the FF queue by a little bump */
1211 * XXX TODO: just make this a callout timer schedule so we can
1212 * flush the FF staging queue if we're approaching idle.
1214 #ifdef IEEE80211_SUPPORT_SUPERG
1216 ieee80211_ff_age_all(ic, 1);
1220 /* Kick-start more transmit in case we stalled */
1225 urtwn_txeof(struct urtwn_softc *sc, struct urtwn_data *data, int status)
1228 URTWN_ASSERT_LOCKED(sc);
1230 if (data->ni != NULL) /* not a beacon frame */
1231 ieee80211_tx_complete(data->ni, data->m, status);
1233 if (sc->sc_tx_n_active > 0)
1234 sc->sc_tx_n_active--;
1241 STAILQ_INSERT_TAIL(&sc->sc_tx_inactive, data, next);
1245 urtwn_alloc_list(struct urtwn_softc *sc, struct urtwn_data data[],
1246 int ndata, int maxsz)
1250 for (i = 0; i < ndata; i++) {
1251 struct urtwn_data *dp = &data[i];
1254 dp->buf = malloc(maxsz, M_USBDEV, M_NOWAIT);
1255 if (dp->buf == NULL) {
1256 device_printf(sc->sc_dev,
1257 "could not allocate buffer\n");
1266 urtwn_free_list(sc, data, ndata);
1271 urtwn_alloc_rx_list(struct urtwn_softc *sc)
1275 error = urtwn_alloc_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT,
1280 STAILQ_INIT(&sc->sc_rx_active);
1281 STAILQ_INIT(&sc->sc_rx_inactive);
1283 for (i = 0; i < URTWN_RX_LIST_COUNT; i++)
1284 STAILQ_INSERT_HEAD(&sc->sc_rx_inactive, &sc->sc_rx[i], next);
1290 urtwn_alloc_tx_list(struct urtwn_softc *sc)
1294 error = urtwn_alloc_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT,
1299 STAILQ_INIT(&sc->sc_tx_active);
1300 STAILQ_INIT(&sc->sc_tx_inactive);
1301 STAILQ_INIT(&sc->sc_tx_pending);
1303 for (i = 0; i < URTWN_TX_LIST_COUNT; i++)
1304 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, &sc->sc_tx[i], next);
1310 urtwn_free_list(struct urtwn_softc *sc, struct urtwn_data data[], int ndata)
1314 for (i = 0; i < ndata; i++) {
1315 struct urtwn_data *dp = &data[i];
1317 if (dp->buf != NULL) {
1318 free(dp->buf, M_USBDEV);
1321 if (dp->ni != NULL) {
1322 ieee80211_free_node(dp->ni);
1329 urtwn_free_rx_list(struct urtwn_softc *sc)
1331 urtwn_free_list(sc, sc->sc_rx, URTWN_RX_LIST_COUNT);
1333 STAILQ_INIT(&sc->sc_rx_active);
1334 STAILQ_INIT(&sc->sc_rx_inactive);
1338 urtwn_free_tx_list(struct urtwn_softc *sc)
1340 urtwn_free_list(sc, sc->sc_tx, URTWN_TX_LIST_COUNT);
1342 STAILQ_INIT(&sc->sc_tx_active);
1343 STAILQ_INIT(&sc->sc_tx_inactive);
1344 STAILQ_INIT(&sc->sc_tx_pending);
1348 urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error)
1350 struct urtwn_softc *sc = usbd_xfer_softc(xfer);
1351 #ifdef IEEE80211_SUPPORT_SUPERG
1352 struct ieee80211com *ic = &sc->sc_ic;
1354 struct urtwn_data *data;
1356 URTWN_ASSERT_LOCKED(sc);
1358 switch (USB_GET_STATE(xfer)){
1359 case USB_ST_TRANSFERRED:
1360 data = STAILQ_FIRST(&sc->sc_tx_active);
1363 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next);
1364 urtwn_txeof(sc, data, 0);
1368 data = STAILQ_FIRST(&sc->sc_tx_pending);
1370 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT,
1371 "%s: empty pending queue\n", __func__);
1372 sc->sc_tx_n_active = 0;
1375 STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next);
1376 STAILQ_INSERT_TAIL(&sc->sc_tx_active, data, next);
1377 usbd_xfer_set_frame_data(xfer, 0, data->buf, data->buflen);
1378 usbd_transfer_submit(xfer);
1379 sc->sc_tx_n_active++;
1382 data = STAILQ_FIRST(&sc->sc_tx_active);
1385 STAILQ_REMOVE_HEAD(&sc->sc_tx_active, next);
1386 urtwn_txeof(sc, data, 1);
1387 if (error != USB_ERR_CANCELLED) {
1388 usbd_xfer_set_stall(xfer);
1394 #ifdef IEEE80211_SUPPORT_SUPERG
1396 * If the TX active queue drops below a certain
1397 * threshold, ensure we age fast-frames out so they're
1400 if (sc->sc_tx_n_active <= 1) {
1401 /* XXX ew - net80211 should defer this for us! */
1404 * Note: this sc_tx_n_active currently tracks
1405 * the number of pending transmit submissions
1406 * and not the actual depth of the TX frames
1407 * pending to the hardware. That means that
1408 * we're going to end up with some sub-optimal
1409 * aggregation behaviour.
1412 * XXX TODO: just make this a callout timer schedule so we can
1413 * flush the FF staging queue if we're approaching idle.
1416 ieee80211_ff_flush(ic, WME_AC_VO);
1417 ieee80211_ff_flush(ic, WME_AC_VI);
1418 ieee80211_ff_flush(ic, WME_AC_BE);
1419 ieee80211_ff_flush(ic, WME_AC_BK);
1423 /* Kick-start more transmit */
1427 static struct urtwn_data *
1428 _urtwn_getbuf(struct urtwn_softc *sc)
1430 struct urtwn_data *bf;
1432 bf = STAILQ_FIRST(&sc->sc_tx_inactive);
1434 STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next);
1436 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT,
1437 "%s: out of xmit buffers\n", __func__);
1442 static struct urtwn_data *
1443 urtwn_getbuf(struct urtwn_softc *sc)
1445 struct urtwn_data *bf;
1447 URTWN_ASSERT_LOCKED(sc);
1449 bf = _urtwn_getbuf(sc);
1451 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: stop queue\n",
1458 urtwn_write_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf,
1461 usb_device_request_t req;
1463 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1464 req.bRequest = R92C_REQ_REGS;
1465 USETW(req.wValue, addr);
1466 USETW(req.wIndex, 0);
1467 USETW(req.wLength, len);
1468 return (urtwn_do_request(sc, &req, buf));
1472 urtwn_write_1(struct urtwn_softc *sc, uint16_t addr, uint8_t val)
1474 return (urtwn_write_region_1(sc, addr, &val, sizeof(val)));
1478 urtwn_write_2(struct urtwn_softc *sc, uint16_t addr, uint16_t val)
1481 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val)));
1485 urtwn_write_4(struct urtwn_softc *sc, uint16_t addr, uint32_t val)
1488 return (urtwn_write_region_1(sc, addr, (uint8_t *)&val, sizeof(val)));
1492 urtwn_read_region_1(struct urtwn_softc *sc, uint16_t addr, uint8_t *buf,
1495 usb_device_request_t req;
1497 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1498 req.bRequest = R92C_REQ_REGS;
1499 USETW(req.wValue, addr);
1500 USETW(req.wIndex, 0);
1501 USETW(req.wLength, len);
1502 return (urtwn_do_request(sc, &req, buf));
1506 urtwn_read_1(struct urtwn_softc *sc, uint16_t addr)
1510 if (urtwn_read_region_1(sc, addr, &val, 1) != 0)
1516 urtwn_read_2(struct urtwn_softc *sc, uint16_t addr)
1520 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 2) != 0)
1522 return (le16toh(val));
1526 urtwn_read_4(struct urtwn_softc *sc, uint16_t addr)
1530 if (urtwn_read_region_1(sc, addr, (uint8_t *)&val, 4) != 0)
1531 return (0xffffffff);
1532 return (le32toh(val));
1536 urtwn_fw_cmd(struct urtwn_softc *sc, uint8_t id, const void *buf, int len)
1538 struct r92c_fw_cmd cmd;
1542 if (!(sc->sc_flags & URTWN_FW_LOADED)) {
1543 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE, "%s: firmware "
1544 "was not loaded; command (id %d) will be discarded\n",
1549 /* Wait for current FW box to be empty. */
1550 for (ntries = 0; ntries < 100; ntries++) {
1551 if (!(urtwn_read_1(sc, R92C_HMETFR) & (1 << sc->fwcur)))
1555 if (ntries == 100) {
1556 device_printf(sc->sc_dev,
1557 "could not send firmware command\n");
1560 memset(&cmd, 0, sizeof(cmd));
1563 cmd.id |= R92C_CMD_FLAG_EXT;
1564 KASSERT(len <= sizeof(cmd.msg), ("urtwn_fw_cmd\n"));
1565 memcpy(cmd.msg, buf, len);
1567 /* Write the first word last since that will trigger the FW. */
1568 error = urtwn_write_region_1(sc, R92C_HMEBOX_EXT(sc->fwcur),
1569 (uint8_t *)&cmd + 4, 2);
1570 if (error != USB_ERR_NORMAL_COMPLETION)
1572 error = urtwn_write_region_1(sc, R92C_HMEBOX(sc->fwcur),
1573 (uint8_t *)&cmd + 0, 4);
1574 if (error != USB_ERR_NORMAL_COMPLETION)
1577 sc->fwcur = (sc->fwcur + 1) % R92C_H2C_NBOX;
1582 urtwn_cmdq_cb(void *arg, int pending)
1584 struct urtwn_softc *sc = arg;
1585 struct urtwn_cmdq *item;
1588 * Device must be powered on (via urtwn_power_on())
1589 * before any command may be sent.
1592 if (!(sc->sc_flags & URTWN_RUNNING)) {
1597 URTWN_CMDQ_LOCK(sc);
1598 while (sc->cmdq[sc->cmdq_first].func != NULL) {
1599 item = &sc->cmdq[sc->cmdq_first];
1600 sc->cmdq_first = (sc->cmdq_first + 1) % URTWN_CMDQ_SIZE;
1601 URTWN_CMDQ_UNLOCK(sc);
1603 item->func(sc, &item->data);
1605 URTWN_CMDQ_LOCK(sc);
1606 memset(item, 0, sizeof (*item));
1608 URTWN_CMDQ_UNLOCK(sc);
1613 urtwn_cmd_sleepable(struct urtwn_softc *sc, const void *ptr, size_t len,
1616 struct ieee80211com *ic = &sc->sc_ic;
1618 KASSERT(len <= sizeof(union sec_param), ("buffer overflow"));
1620 URTWN_CMDQ_LOCK(sc);
1621 if (sc->cmdq[sc->cmdq_last].func != NULL) {
1622 device_printf(sc->sc_dev, "%s: cmdq overflow\n", __func__);
1623 URTWN_CMDQ_UNLOCK(sc);
1629 memcpy(&sc->cmdq[sc->cmdq_last].data, ptr, len);
1630 sc->cmdq[sc->cmdq_last].func = func;
1631 sc->cmdq_last = (sc->cmdq_last + 1) % URTWN_CMDQ_SIZE;
1632 URTWN_CMDQ_UNLOCK(sc);
1634 ieee80211_runtask(ic, &sc->cmdq_task);
1639 static __inline void
1640 urtwn_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr, uint32_t val)
1643 sc->sc_rf_write(sc, chain, addr, val);
1647 urtwn_r92c_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr,
1650 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain),
1651 SM(R92C_LSSI_PARAM_ADDR, addr) |
1652 SM(R92C_LSSI_PARAM_DATA, val));
1656 urtwn_r88e_rf_write(struct urtwn_softc *sc, int chain, uint8_t addr,
1659 urtwn_bb_write(sc, R92C_LSSI_PARAM(chain),
1660 SM(R88E_LSSI_PARAM_ADDR, addr) |
1661 SM(R92C_LSSI_PARAM_DATA, val));
1665 urtwn_rf_read(struct urtwn_softc *sc, int chain, uint8_t addr)
1667 uint32_t reg[R92C_MAX_CHAINS], val;
1669 reg[0] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(0));
1671 reg[chain] = urtwn_bb_read(sc, R92C_HSSI_PARAM2(chain));
1673 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0),
1674 reg[0] & ~R92C_HSSI_PARAM2_READ_EDGE);
1677 urtwn_bb_write(sc, R92C_HSSI_PARAM2(chain),
1678 RW(reg[chain], R92C_HSSI_PARAM2_READ_ADDR, addr) |
1679 R92C_HSSI_PARAM2_READ_EDGE);
1682 urtwn_bb_write(sc, R92C_HSSI_PARAM2(0),
1683 reg[0] | R92C_HSSI_PARAM2_READ_EDGE);
1686 if (urtwn_bb_read(sc, R92C_HSSI_PARAM1(chain)) & R92C_HSSI_PARAM1_PI)
1687 val = urtwn_bb_read(sc, R92C_HSPI_READBACK(chain));
1689 val = urtwn_bb_read(sc, R92C_LSSI_READBACK(chain));
1690 return (MS(val, R92C_LSSI_READBACK_DATA));
1694 urtwn_llt_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data)
1699 error = urtwn_write_4(sc, R92C_LLT_INIT,
1700 SM(R92C_LLT_INIT_OP, R92C_LLT_INIT_OP_WRITE) |
1701 SM(R92C_LLT_INIT_ADDR, addr) |
1702 SM(R92C_LLT_INIT_DATA, data));
1703 if (error != USB_ERR_NORMAL_COMPLETION)
1705 /* Wait for write operation to complete. */
1706 for (ntries = 0; ntries < 20; ntries++) {
1707 if (MS(urtwn_read_4(sc, R92C_LLT_INIT), R92C_LLT_INIT_OP) ==
1708 R92C_LLT_INIT_OP_NO_ACTIVE)
1716 urtwn_efuse_read_next(struct urtwn_softc *sc, uint8_t *val)
1722 if (sc->last_rom_addr >= URTWN_EFUSE_MAX_LEN)
1725 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL);
1726 reg = RW(reg, R92C_EFUSE_CTRL_ADDR, sc->last_rom_addr);
1727 reg &= ~R92C_EFUSE_CTRL_VALID;
1729 error = urtwn_write_4(sc, R92C_EFUSE_CTRL, reg);
1730 if (error != USB_ERR_NORMAL_COMPLETION)
1732 /* Wait for read operation to complete. */
1733 for (ntries = 0; ntries < 100; ntries++) {
1734 reg = urtwn_read_4(sc, R92C_EFUSE_CTRL);
1735 if (reg & R92C_EFUSE_CTRL_VALID)
1739 if (ntries == 100) {
1740 device_printf(sc->sc_dev,
1741 "could not read efuse byte at address 0x%x\n",
1746 *val = MS(reg, R92C_EFUSE_CTRL_DATA);
1747 sc->last_rom_addr++;
1753 urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off,
1759 for (i = 0; i < 4; i++) {
1762 error = urtwn_efuse_read_next(sc, ®);
1765 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n",
1766 off * 8 + i * 2, reg);
1767 rom[off * 8 + i * 2 + 0] = reg;
1769 error = urtwn_efuse_read_next(sc, ®);
1772 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n",
1773 off * 8 + i * 2 + 1, reg);
1774 rom[off * 8 + i * 2 + 1] = reg;
1782 urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size)
1786 /* Dump ROM contents. */
1787 device_printf(sc->sc_dev, "%s:", __func__);
1788 for (i = 0; i < size; i++) {
1790 printf("\n%03X: ", i);
1791 else if (i % 4 == 0)
1794 printf("%02X", rom[i]);
1801 urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size)
1803 #define URTWN_CHK(res) do { \
1804 if ((error = res) != 0) \
1807 uint8_t msk, off, reg;
1810 URTWN_CHK(urtwn_efuse_switch_power(sc));
1812 /* Read full ROM image. */
1813 sc->last_rom_addr = 0;
1814 memset(rom, 0xff, size);
1816 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1817 while (reg != 0xff) {
1818 /* check for extended header */
1819 if ((sc->chip & URTWN_CHIP_88E) && (reg & 0x1f) == 0x0f) {
1821 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1823 if ((reg & 0x0f) != 0x0f)
1824 off = ((reg & 0xf0) >> 1) | off;
1831 URTWN_CHK(urtwn_efuse_read_data(sc, rom, off, msk));
1832 URTWN_CHK(urtwn_efuse_read_next(sc, ®));
1838 if (sc->sc_debug & URTWN_DEBUG_ROM)
1839 urtwn_dump_rom_contents(sc, rom, size);
1842 urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_OFF);
1845 device_printf(sc->sc_dev, "%s: error while reading ROM\n",
1854 urtwn_efuse_switch_power(struct urtwn_softc *sc)
1859 error = urtwn_write_1(sc, R92C_EFUSE_ACCESS, R92C_EFUSE_ACCESS_ON);
1860 if (error != USB_ERR_NORMAL_COMPLETION)
1863 reg = urtwn_read_2(sc, R92C_SYS_ISO_CTRL);
1864 if (!(reg & R92C_SYS_ISO_CTRL_PWC_EV12V)) {
1865 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL,
1866 reg | R92C_SYS_ISO_CTRL_PWC_EV12V);
1867 if (error != USB_ERR_NORMAL_COMPLETION)
1870 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
1871 if (!(reg & R92C_SYS_FUNC_EN_ELDR)) {
1872 error = urtwn_write_2(sc, R92C_SYS_FUNC_EN,
1873 reg | R92C_SYS_FUNC_EN_ELDR);
1874 if (error != USB_ERR_NORMAL_COMPLETION)
1877 reg = urtwn_read_2(sc, R92C_SYS_CLKR);
1878 if ((reg & (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) !=
1879 (R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M)) {
1880 error = urtwn_write_2(sc, R92C_SYS_CLKR,
1881 reg | R92C_SYS_CLKR_LOADER_EN | R92C_SYS_CLKR_ANA8M);
1882 if (error != USB_ERR_NORMAL_COMPLETION)
1890 urtwn_read_chipid(struct urtwn_softc *sc)
1894 if (sc->chip & URTWN_CHIP_88E)
1897 reg = urtwn_read_4(sc, R92C_SYS_CFG);
1898 if (reg & R92C_SYS_CFG_TRP_VAUX_EN)
1901 if (reg & R92C_SYS_CFG_TYPE_92C) {
1902 sc->chip |= URTWN_CHIP_92C;
1903 /* Check if it is a castrated 8192C. */
1904 if (MS(urtwn_read_4(sc, R92C_HPON_FSM),
1905 R92C_HPON_FSM_CHIP_BONDING_ID) ==
1906 R92C_HPON_FSM_CHIP_BONDING_ID_92C_1T2R)
1907 sc->chip |= URTWN_CHIP_92C_1T2R;
1909 if (reg & R92C_SYS_CFG_VENDOR_UMC) {
1910 sc->chip |= URTWN_CHIP_UMC;
1911 if (MS(reg, R92C_SYS_CFG_CHIP_VER_RTL) == 0)
1912 sc->chip |= URTWN_CHIP_UMC_A_CUT;
1918 urtwn_read_rom(struct urtwn_softc *sc)
1920 struct r92c_rom *rom = &sc->rom.r92c_rom;
1923 /* Read full ROM image. */
1924 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(*rom));
1928 /* XXX Weird but this is what the vendor driver does. */
1929 sc->last_rom_addr = 0x1fa;
1930 error = urtwn_efuse_read_next(sc, &sc->pa_setting);
1933 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: PA setting=0x%x\n", __func__,
1936 sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE);
1938 sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY);
1939 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type=%d\n",
1940 __func__, sc->regulatory);
1941 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr);
1943 sc->sc_rf_write = urtwn_r92c_rf_write;
1944 sc->sc_power_on = urtwn_r92c_power_on;
1945 sc->sc_power_off = urtwn_r92c_power_off;
1951 urtwn_r88e_read_rom(struct urtwn_softc *sc)
1953 struct r88e_rom *rom = &sc->rom.r88e_rom;
1956 error = urtwn_efuse_read(sc, (uint8_t *)rom, sizeof(sc->rom.r88e_rom));
1960 sc->bw20_tx_pwr_diff = (rom->tx_pwr_diff >> 4);
1961 if (sc->bw20_tx_pwr_diff & 0x08)
1962 sc->bw20_tx_pwr_diff |= 0xf0;
1963 sc->ofdm_tx_pwr_diff = (rom->tx_pwr_diff & 0xf);
1964 if (sc->ofdm_tx_pwr_diff & 0x08)
1965 sc->ofdm_tx_pwr_diff |= 0xf0;
1966 sc->regulatory = MS(rom->rf_board_opt, R92C_ROM_RF1_REGULATORY);
1967 URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type %d\n",
1968 __func__,sc->regulatory);
1969 IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr);
1971 sc->sc_rf_write = urtwn_r88e_rf_write;
1972 sc->sc_power_on = urtwn_r88e_power_on;
1973 sc->sc_power_off = urtwn_r88e_power_off;
1978 static __inline uint8_t
1979 rate2ridx(uint8_t rate)
1981 if (rate & IEEE80211_RATE_MCS) {
1982 /* 11n rates start at idx 12 */
1983 return ((rate & 0xf) + 12);
1994 case 108: return 11;
2000 default: return URTWN_RIDX_UNKNOWN;
2005 * Initialize rate adaptation in firmware.
2008 urtwn_ra_init(struct urtwn_softc *sc)
2010 struct ieee80211com *ic = &sc->sc_ic;
2011 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
2012 struct ieee80211_node *ni;
2013 struct ieee80211_rateset *rs, *rs_ht;
2014 struct r92c_fw_cmd_macid_cfg cmd;
2015 uint32_t rates, basicrates;
2017 int maxrate, maxbasicrate, error, i;
2019 ni = ieee80211_ref_node(vap->iv_bss);
2021 rs_ht = (struct ieee80211_rateset *) &ni->ni_htrates;
2023 /* Get normal and basic rates mask. */
2024 rates = basicrates = 0;
2025 maxrate = maxbasicrate = 0;
2027 /* This is for 11bg */
2028 for (i = 0; i < rs->rs_nrates; i++) {
2029 /* Convert 802.11 rate to HW rate index. */
2030 ridx = rate2ridx(IEEE80211_RV(rs->rs_rates[i]));
2031 if (ridx == URTWN_RIDX_UNKNOWN) /* Unknown rate, skip. */
2036 if (rs->rs_rates[i] & IEEE80211_RATE_BASIC) {
2037 basicrates |= 1 << ridx;
2038 if (ridx > maxbasicrate)
2039 maxbasicrate = ridx;
2043 /* If we're doing 11n, enable 11n rates */
2044 if (ni->ni_flags & IEEE80211_NODE_HT) {
2045 for (i = 0; i < rs_ht->rs_nrates; i++) {
2046 if ((rs_ht->rs_rates[i] & 0x7f) > 0xf)
2048 /* 11n rates start at index 12 */
2049 ridx = ((rs_ht->rs_rates[i]) & 0xf) + 12;
2050 rates |= (1 << ridx);
2052 /* Guard against the rate table being oddly ordered */
2059 if (ic->ic_curmode == IEEE80211_MODE_11NG)
2060 raid = R92C_RAID_11GN;
2062 /* NB: group addressed frames are done at 11bg rates for now */
2063 if (ic->ic_curmode == IEEE80211_MODE_11B)
2064 mode = R92C_RAID_11B;
2066 mode = R92C_RAID_11BG;
2067 /* XXX misleading 'mode' value here for unicast frames */
2068 URTWN_DPRINTF(sc, URTWN_DEBUG_RA,
2069 "%s: mode 0x%x, rates 0x%08x, basicrates 0x%08x\n", __func__,
2070 mode, rates, basicrates);
2072 /* Set rates mask for group addressed frames. */
2073 cmd.macid = URTWN_MACID_BC | URTWN_MACID_VALID;
2074 cmd.mask = htole32(mode << 28 | basicrates);
2075 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd));
2077 ieee80211_free_node(ni);
2078 device_printf(sc->sc_dev,
2079 "could not add broadcast station\n");
2083 /* Set initial MRR rate. */
2084 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxbasicrate %d\n", __func__,
2086 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC),
2089 /* Set rates mask for unicast frames. */
2090 if (ni->ni_flags & IEEE80211_NODE_HT)
2091 mode = R92C_RAID_11GN;
2092 else if (ic->ic_curmode == IEEE80211_MODE_11B)
2093 mode = R92C_RAID_11B;
2095 mode = R92C_RAID_11BG;
2096 cmd.macid = URTWN_MACID_BSS | URTWN_MACID_VALID;
2097 cmd.mask = htole32(mode << 28 | rates);
2098 error = urtwn_fw_cmd(sc, R92C_CMD_MACID_CONFIG, &cmd, sizeof(cmd));
2100 ieee80211_free_node(ni);
2101 device_printf(sc->sc_dev, "could not add BSS station\n");
2104 /* Set initial MRR rate. */
2105 URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxrate %d\n", __func__,
2107 urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS),
2110 /* Indicate highest supported rate. */
2111 if (ni->ni_flags & IEEE80211_NODE_HT)
2112 ni->ni_txrate = rs_ht->rs_rates[rs_ht->rs_nrates - 1]
2113 | IEEE80211_RATE_MCS;
2115 ni->ni_txrate = rs->rs_rates[rs->rs_nrates - 1];
2116 ieee80211_free_node(ni);
2122 urtwn_init_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp)
2124 struct r92c_tx_desc *txd = &uvp->bcn_desc;
2126 txd->txdw0 = htole32(
2127 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) | R92C_TXDW0_BMCAST |
2128 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
2129 txd->txdw1 = htole32(
2130 SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_BEACON) |
2131 SM(R92C_TXDW1_RAID, R92C_RAID_11B));
2133 if (sc->chip & URTWN_CHIP_88E) {
2134 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC));
2135 txd->txdseq |= htole16(R88E_TXDSEQ_HWSEQ_EN);
2137 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC));
2138 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
2141 txd->txdw4 = htole32(R92C_TXDW4_DRVRATE);
2142 txd->txdw5 = htole32(SM(R92C_TXDW5_DATARATE, URTWN_RIDX_CCK1));
2146 urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni)
2148 struct ieee80211vap *vap = ni->ni_vap;
2149 struct urtwn_vap *uvp = URTWN_VAP(vap);
2153 URTWN_ASSERT_LOCKED(sc);
2155 if (ni->ni_chan == IEEE80211_CHAN_ANYC)
2158 m = ieee80211_beacon_alloc(ni);
2160 device_printf(sc->sc_dev,
2161 "%s: could not allocate beacon frame\n", __func__);
2165 if (uvp->bcn_mbuf != NULL)
2166 m_freem(uvp->bcn_mbuf);
2170 if ((error = urtwn_tx_beacon(sc, uvp)) != 0)
2173 /* XXX bcnq stuck workaround */
2174 if ((error = urtwn_tx_beacon(sc, uvp)) != 0)
2177 URTWN_DPRINTF(sc, URTWN_DEBUG_BEACON, "%s: beacon was %srecognized\n",
2178 __func__, urtwn_read_1(sc, R92C_TDECTRL + 2) &
2179 (R92C_TDECTRL_BCN_VALID >> 16) ? "" : "not ");
2185 urtwn_update_beacon(struct ieee80211vap *vap, int item)
2187 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2188 struct urtwn_vap *uvp = URTWN_VAP(vap);
2189 struct ieee80211_beacon_offsets *bo = &vap->iv_bcn_off;
2190 struct ieee80211_node *ni = vap->iv_bss;
2194 if (uvp->bcn_mbuf == NULL) {
2195 uvp->bcn_mbuf = ieee80211_beacon_alloc(ni);
2196 if (uvp->bcn_mbuf == NULL) {
2197 device_printf(sc->sc_dev,
2198 "%s: could not allocate beacon frame\n", __func__);
2205 if (item == IEEE80211_BEACON_TIM)
2206 mcast = 1; /* XXX */
2208 setbit(bo->bo_flags, item);
2209 ieee80211_beacon_update(ni, uvp->bcn_mbuf, mcast);
2212 urtwn_tx_beacon(sc, uvp);
2217 * Push a beacon frame into the chip. Beacon will
2218 * be repeated by the chip every R92C_BCN_INTERVAL.
2221 urtwn_tx_beacon(struct urtwn_softc *sc, struct urtwn_vap *uvp)
2223 struct r92c_tx_desc *desc = &uvp->bcn_desc;
2224 struct urtwn_data *bf;
2226 URTWN_ASSERT_LOCKED(sc);
2228 bf = urtwn_getbuf(sc);
2232 memcpy(bf->buf, desc, sizeof(*desc));
2233 urtwn_tx_start(sc, uvp->bcn_mbuf, IEEE80211_FC0_TYPE_MGT, bf);
2236 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
2242 urtwn_key_alloc(struct ieee80211vap *vap, struct ieee80211_key *k,
2243 ieee80211_keyix *keyix, ieee80211_keyix *rxkeyix)
2245 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2248 if (!(&vap->iv_nw_keys[0] <= k &&
2249 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID])) {
2250 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
2253 * First 4 slots for group keys,
2254 * what is left - for pairwise.
2255 * XXX incompatible with IBSS RSN.
2257 for (i = IEEE80211_WEP_NKID;
2258 i < R92C_CAM_ENTRY_COUNT; i++) {
2259 if ((sc->keys_bmap & (1 << i)) == 0) {
2260 sc->keys_bmap |= 1 << i;
2266 if (i == R92C_CAM_ENTRY_COUNT) {
2267 device_printf(sc->sc_dev,
2268 "%s: no free space in the key table\n",
2275 *keyix = k - vap->iv_nw_keys;
2282 urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data)
2284 struct ieee80211_key *k = &data->key;
2285 uint8_t algo, keyid;
2288 if (k->wk_keyix < IEEE80211_WEP_NKID)
2289 keyid = k->wk_keyix;
2293 /* Map net80211 cipher to HW crypto algorithm. */
2294 switch (k->wk_cipher->ic_cipher) {
2295 case IEEE80211_CIPHER_WEP:
2296 if (k->wk_keylen < 8)
2297 algo = R92C_CAM_ALGO_WEP40;
2299 algo = R92C_CAM_ALGO_WEP104;
2301 case IEEE80211_CIPHER_TKIP:
2302 algo = R92C_CAM_ALGO_TKIP;
2304 case IEEE80211_CIPHER_AES_CCM:
2305 algo = R92C_CAM_ALGO_AES;
2308 device_printf(sc->sc_dev, "%s: undefined cipher %d\n",
2309 __func__, k->wk_cipher->ic_cipher);
2313 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY,
2314 "%s: keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, "
2315 "macaddr %s\n", __func__, k->wk_keyix, keyid,
2316 k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen,
2317 ether_sprintf(k->wk_macaddr));
2319 /* Clear high bits. */
2320 urtwn_cam_write(sc, R92C_CAM_CTL6(k->wk_keyix), 0);
2321 urtwn_cam_write(sc, R92C_CAM_CTL7(k->wk_keyix), 0);
2324 for (i = 0; i < 4; i++) {
2325 error = urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i),
2326 le32dec(&k->wk_key[i * 4]));
2331 /* Write CTL0 last since that will validate the CAM entry. */
2332 error = urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix),
2333 le32dec(&k->wk_macaddr[2]));
2336 error = urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix),
2337 SM(R92C_CAM_ALGO, algo) |
2338 SM(R92C_CAM_KEYID, keyid) |
2339 SM(R92C_CAM_MACLO, le16dec(&k->wk_macaddr[0])) |
2347 device_printf(sc->sc_dev, "%s fails, error %d\n", __func__, error);
2351 urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data)
2353 struct ieee80211_key *k = &data->key;
2356 URTWN_DPRINTF(sc, URTWN_DEBUG_KEY,
2357 "%s: keyix %d, flags %04X, macaddr %s\n", __func__,
2358 k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr));
2360 urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0);
2361 urtwn_cam_write(sc, R92C_CAM_CTL1(k->wk_keyix), 0);
2364 for (i = 0; i < 4; i++)
2365 urtwn_cam_write(sc, R92C_CAM_KEY(k->wk_keyix, i), 0);
2366 sc->keys_bmap &= ~(1 << k->wk_keyix);
2370 urtwn_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k)
2372 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2373 struct urtwn_vap *uvp = URTWN_VAP(vap);
2375 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
2380 if (&vap->iv_nw_keys[0] <= k &&
2381 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID]) {
2383 uvp->keys[k->wk_keyix] = k;
2384 if ((sc->sc_flags & URTWN_RUNNING) == 0) {
2386 * The device was not started;
2387 * the key will be installed later.
2395 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_set_cb));
2399 urtwn_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k)
2401 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2402 struct urtwn_vap *uvp = URTWN_VAP(vap);
2404 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) {
2409 if (&vap->iv_nw_keys[0] <= k &&
2410 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID]) {
2412 uvp->keys[k->wk_keyix] = NULL;
2413 if ((sc->sc_flags & URTWN_RUNNING) == 0) {
2414 /* All keys are removed on device reset. */
2421 return (!urtwn_cmd_sleepable(sc, k, sizeof(*k), urtwn_key_del_cb));
2425 urtwn_tsf_task_adhoc(void *arg, int pending)
2427 struct ieee80211vap *vap = arg;
2428 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2429 struct ieee80211_node *ni;
2433 ni = ieee80211_ref_node(vap->iv_bss);
2434 reg = urtwn_read_1(sc, R92C_BCN_CTRL);
2436 /* Accept beacons with the same BSSID. */
2437 urtwn_set_rx_bssid_all(sc, 0);
2439 /* Enable synchronization. */
2440 reg &= ~R92C_BCN_CTRL_DIS_TSF_UDT0;
2441 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2444 usb_pause_mtx(&sc->sc_mtx, hz * ni->ni_intval * 5 / 1000);
2446 /* Disable synchronization. */
2447 reg |= R92C_BCN_CTRL_DIS_TSF_UDT0;
2448 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2450 /* Remove beacon filter. */
2451 urtwn_set_rx_bssid_all(sc, 1);
2453 /* Enable beaconing. */
2454 urtwn_write_1(sc, R92C_MBID_NUM,
2455 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0);
2456 reg |= R92C_BCN_CTRL_EN_BCN;
2458 urtwn_write_1(sc, R92C_BCN_CTRL, reg);
2459 ieee80211_free_node(ni);
2464 urtwn_tsf_sync_enable(struct urtwn_softc *sc, struct ieee80211vap *vap)
2466 struct ieee80211com *ic = &sc->sc_ic;
2467 struct urtwn_vap *uvp = URTWN_VAP(vap);
2470 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0);
2472 switch (vap->iv_opmode) {
2473 case IEEE80211_M_STA:
2474 /* Enable TSF synchronization. */
2475 urtwn_write_1(sc, R92C_BCN_CTRL,
2476 urtwn_read_1(sc, R92C_BCN_CTRL) &
2477 ~R92C_BCN_CTRL_DIS_TSF_UDT0);
2479 case IEEE80211_M_IBSS:
2480 ieee80211_runtask(ic, &uvp->tsf_task_adhoc);
2482 case IEEE80211_M_HOSTAP:
2483 /* Enable beaconing. */
2484 urtwn_write_1(sc, R92C_MBID_NUM,
2485 urtwn_read_1(sc, R92C_MBID_NUM) | R92C_MBID_TXBCN_RPT0);
2486 urtwn_write_1(sc, R92C_BCN_CTRL,
2487 urtwn_read_1(sc, R92C_BCN_CTRL) | R92C_BCN_CTRL_EN_BCN);
2490 device_printf(sc->sc_dev, "undefined opmode %d\n",
2497 urtwn_get_tsf(struct urtwn_softc *sc, uint64_t *buf)
2499 urtwn_read_region_1(sc, R92C_TSFTR, (uint8_t *)buf, sizeof(*buf));
2503 urtwn_set_led(struct urtwn_softc *sc, int led, int on)
2507 if (led == URTWN_LED_LINK) {
2508 if (sc->chip & URTWN_CHIP_88E) {
2509 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0xf0;
2510 urtwn_write_1(sc, R92C_LEDCFG2, reg | 0x60);
2512 reg = urtwn_read_1(sc, R92C_LEDCFG2) & 0x90;
2513 urtwn_write_1(sc, R92C_LEDCFG2,
2514 reg | R92C_LEDCFG0_DIS);
2515 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG,
2516 urtwn_read_1(sc, R92C_MAC_PINMUX_CFG) &
2520 reg = urtwn_read_1(sc, R92C_LEDCFG0) & 0x70;
2522 reg |= R92C_LEDCFG0_DIS;
2523 urtwn_write_1(sc, R92C_LEDCFG0, reg);
2525 sc->ledlink = on; /* Save LED state. */
2530 urtwn_set_mode(struct urtwn_softc *sc, uint8_t mode)
2534 reg = urtwn_read_1(sc, R92C_MSR);
2535 reg = (reg & ~R92C_MSR_MASK) | mode;
2536 urtwn_write_1(sc, R92C_MSR, reg);
2540 urtwn_ibss_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m, int subtype,
2541 const struct ieee80211_rx_stats *rxs,
2544 struct ieee80211vap *vap = ni->ni_vap;
2545 struct urtwn_softc *sc = vap->iv_ic->ic_softc;
2546 struct urtwn_vap *uvp = URTWN_VAP(vap);
2547 uint64_t ni_tstamp, curr_tstamp;
2549 uvp->recv_mgmt(ni, m, subtype, rxs, rssi, nf);
2551 if (vap->iv_state == IEEE80211_S_RUN &&
2552 (subtype == IEEE80211_FC0_SUBTYPE_BEACON ||
2553 subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)) {
2554 ni_tstamp = le64toh(ni->ni_tstamp.tsf);
2556 urtwn_get_tsf(sc, &curr_tstamp);
2558 curr_tstamp = le64toh(curr_tstamp);
2560 if (ni_tstamp >= curr_tstamp)
2561 (void) ieee80211_ibss_merge(ni);
2566 urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
2568 struct urtwn_vap *uvp = URTWN_VAP(vap);
2569 struct ieee80211com *ic = vap->iv_ic;
2570 struct urtwn_softc *sc = ic->ic_softc;
2571 struct ieee80211_node *ni;
2572 enum ieee80211_state ostate;
2577 ostate = vap->iv_state;
2578 URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s -> %s\n",
2579 ieee80211_state_name[ostate], ieee80211_state_name[nstate]);
2581 IEEE80211_UNLOCK(ic);
2583 callout_stop(&sc->sc_watchdog_ch);
2585 if (ostate == IEEE80211_S_RUN) {
2586 /* Stop calibration. */
2587 callout_stop(&sc->sc_calib_to);
2589 /* Turn link LED off. */
2590 urtwn_set_led(sc, URTWN_LED_LINK, 0);
2592 /* Set media status to 'No Link'. */
2593 urtwn_set_mode(sc, R92C_MSR_NOLINK);
2595 /* Stop Rx of data frames. */
2596 urtwn_write_2(sc, R92C_RXFLTMAP2, 0);
2598 /* Disable TSF synchronization. */
2599 urtwn_write_1(sc, R92C_BCN_CTRL,
2600 (urtwn_read_1(sc, R92C_BCN_CTRL) & ~R92C_BCN_CTRL_EN_BCN) |
2601 R92C_BCN_CTRL_DIS_TSF_UDT0);
2603 /* Disable beaconing. */
2604 urtwn_write_1(sc, R92C_MBID_NUM,
2605 urtwn_read_1(sc, R92C_MBID_NUM) & ~R92C_MBID_TXBCN_RPT0);
2608 urtwn_write_1(sc, R92C_DUAL_TSF_RST, R92C_DUAL_TSF_RST0);
2610 /* Reset EDCA parameters. */
2611 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002f3217);
2612 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005e4317);
2613 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x00105320);
2614 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a444);
2618 case IEEE80211_S_INIT:
2619 /* Turn link LED off. */
2620 urtwn_set_led(sc, URTWN_LED_LINK, 0);
2622 case IEEE80211_S_SCAN:
2623 /* Pause AC Tx queues. */
2624 urtwn_write_1(sc, R92C_TXPAUSE,
2625 urtwn_read_1(sc, R92C_TXPAUSE) | R92C_TX_QUEUE_AC);
2627 case IEEE80211_S_AUTH:
2628 urtwn_set_chan(sc, ic->ic_curchan, NULL);
2630 case IEEE80211_S_RUN:
2631 if (vap->iv_opmode == IEEE80211_M_MONITOR) {
2632 /* Turn link LED on. */
2633 urtwn_set_led(sc, URTWN_LED_LINK, 1);
2637 ni = ieee80211_ref_node(vap->iv_bss);
2639 if (ic->ic_bsschan == IEEE80211_CHAN_ANYC ||
2640 ni->ni_chan == IEEE80211_CHAN_ANYC) {
2641 device_printf(sc->sc_dev,
2642 "%s: could not move to RUN state\n", __func__);
2647 switch (vap->iv_opmode) {
2648 case IEEE80211_M_STA:
2649 mode = R92C_MSR_INFRA;
2651 case IEEE80211_M_IBSS:
2652 mode = R92C_MSR_ADHOC;
2654 case IEEE80211_M_HOSTAP:
2658 device_printf(sc->sc_dev, "undefined opmode %d\n",
2664 /* Set media status to 'Associated'. */
2665 urtwn_set_mode(sc, mode);
2668 urtwn_write_4(sc, R92C_BSSID + 0, le32dec(&ni->ni_bssid[0]));
2669 urtwn_write_4(sc, R92C_BSSID + 4, le16dec(&ni->ni_bssid[4]));
2671 if (ic->ic_curmode == IEEE80211_MODE_11B)
2672 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 0);
2673 else /* 802.11b/g */
2674 urtwn_write_1(sc, R92C_INIRTS_RATE_SEL, 3);
2676 /* Enable Rx of data frames. */
2677 urtwn_write_2(sc, R92C_RXFLTMAP2, 0xffff);
2679 /* Flush all AC queues. */
2680 urtwn_write_1(sc, R92C_TXPAUSE, 0);
2682 /* Set beacon interval. */
2683 urtwn_write_2(sc, R92C_BCN_INTERVAL, ni->ni_intval);
2685 /* Allow Rx from our BSSID only. */
2686 if (ic->ic_promisc == 0) {
2687 reg = urtwn_read_4(sc, R92C_RCR);
2689 if (vap->iv_opmode != IEEE80211_M_HOSTAP) {
2690 reg |= R92C_RCR_CBSSID_DATA;
2691 if (vap->iv_opmode != IEEE80211_M_IBSS)
2692 reg |= R92C_RCR_CBSSID_BCN;
2695 urtwn_write_4(sc, R92C_RCR, reg);
2698 if (vap->iv_opmode == IEEE80211_M_HOSTAP ||
2699 vap->iv_opmode == IEEE80211_M_IBSS) {
2700 error = urtwn_setup_beacon(sc, ni);
2702 device_printf(sc->sc_dev,
2703 "unable to push beacon into the chip, "
2704 "error %d\n", error);
2709 /* Enable TSF synchronization. */
2710 urtwn_tsf_sync_enable(sc, vap);
2712 urtwn_write_1(sc, R92C_SIFS_CCK + 1, 10);
2713 urtwn_write_1(sc, R92C_SIFS_OFDM + 1, 10);
2714 urtwn_write_1(sc, R92C_SPEC_SIFS + 1, 10);
2715 urtwn_write_1(sc, R92C_MAC_SPEC_SIFS + 1, 10);
2716 urtwn_write_1(sc, R92C_R2T_SIFS + 1, 10);
2717 urtwn_write_1(sc, R92C_T2T_SIFS + 1, 10);
2719 /* Intialize rate adaptation. */
2720 if (!(sc->chip & URTWN_CHIP_88E))
2722 /* Turn link LED on. */
2723 urtwn_set_led(sc, URTWN_LED_LINK, 1);
2725 sc->avg_pwdb = -1; /* Reset average RSSI. */
2726 /* Reset temperature calibration state machine. */
2727 sc->sc_flags &= ~URTWN_TEMP_MEASURED;
2728 sc->thcal_lctemp = 0;
2729 /* Start periodic calibration. */
2730 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc);
2733 ieee80211_free_node(ni);
2741 return (error != 0 ? error : uvp->newstate(vap, nstate, arg));
2745 urtwn_calib_to(void *arg)
2747 struct urtwn_softc *sc = arg;
2749 /* Do it in a process context. */
2750 urtwn_cmd_sleepable(sc, NULL, 0, urtwn_calib_cb);
2754 urtwn_calib_cb(struct urtwn_softc *sc, union sec_param *data)
2756 /* Do temperature compensation. */
2757 urtwn_temp_calib(sc);
2759 if ((urtwn_read_1(sc, R92C_MSR) & R92C_MSR_MASK) != R92C_MSR_NOLINK)
2760 callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc);
2764 urtwn_watchdog(void *arg)
2766 struct urtwn_softc *sc = arg;
2768 if (sc->sc_txtimer > 0) {
2769 if (--sc->sc_txtimer == 0) {
2770 device_printf(sc->sc_dev, "device timeout\n");
2771 counter_u64_add(sc->sc_ic.ic_oerrors, 1);
2774 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
2779 urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi)
2783 /* Convert antenna signal to percentage. */
2784 if (rssi <= -100 || rssi >= 20)
2790 if (!(sc->chip & URTWN_CHIP_88E)) {
2791 if (rate <= URTWN_RIDX_CCK11) {
2792 /* CCK gain is smaller than OFDM/MCS gain. */
2798 else if (pwdb <= 26)
2800 else if (pwdb <= 34)
2802 else if (pwdb <= 42)
2806 if (sc->avg_pwdb == -1) /* Init. */
2807 sc->avg_pwdb = pwdb;
2808 else if (sc->avg_pwdb < pwdb)
2809 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1;
2811 sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20);
2812 URTWN_DPRINTF(sc, URTWN_DEBUG_RSSI, "%s: PWDB %d, EMA %d\n", __func__,
2813 pwdb, sc->avg_pwdb);
2817 urtwn_get_rssi(struct urtwn_softc *sc, int rate, void *physt)
2819 static const int8_t cckoff[] = { 16, -12, -26, -46 };
2820 struct r92c_rx_phystat *phy;
2821 struct r92c_rx_cck *cck;
2825 if (rate <= URTWN_RIDX_CCK11) {
2826 cck = (struct r92c_rx_cck *)physt;
2827 if (sc->sc_flags & URTWN_FLAG_CCK_HIPWR) {
2828 rpt = (cck->agc_rpt >> 5) & 0x3;
2829 rssi = (cck->agc_rpt & 0x1f) << 1;
2831 rpt = (cck->agc_rpt >> 6) & 0x3;
2832 rssi = cck->agc_rpt & 0x3e;
2834 rssi = cckoff[rpt] - rssi;
2835 } else { /* OFDM/HT. */
2836 phy = (struct r92c_rx_phystat *)physt;
2837 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110;
2843 urtwn_r88e_get_rssi(struct urtwn_softc *sc, int rate, void *physt)
2845 struct r92c_rx_phystat *phy;
2846 struct r88e_rx_cck *cck;
2847 uint8_t cck_agc_rpt, lna_idx, vga_idx;
2851 if (rate <= URTWN_RIDX_CCK11) {
2852 cck = (struct r88e_rx_cck *)physt;
2853 cck_agc_rpt = cck->agc_rpt;
2854 lna_idx = (cck_agc_rpt & 0xe0) >> 5;
2855 vga_idx = cck_agc_rpt & 0x1f;
2859 rssi = -100 + 2* (27 - vga_idx);
2864 rssi = -48 + 2 * (2 - vga_idx);
2867 rssi = -42 + 2 * (7 - vga_idx);
2870 rssi = -36 + 2 * (7 - vga_idx);
2873 rssi = -24 + 2 * (7 - vga_idx);
2876 rssi = -12 + 2 * (5 - vga_idx);
2879 rssi = 8 - (2 * vga_idx);
2882 rssi = 14 - (2 * vga_idx);
2886 } else { /* OFDM/HT. */
2887 phy = (struct r92c_rx_phystat *)physt;
2888 rssi = ((le32toh(phy->phydw1) >> 1) & 0x7f) - 110;
2894 urtwn_tx_data(struct urtwn_softc *sc, struct ieee80211_node *ni,
2895 struct mbuf *m, struct urtwn_data *data)
2897 const struct ieee80211_txparam *tp;
2898 struct ieee80211com *ic = &sc->sc_ic;
2899 struct ieee80211vap *vap = ni->ni_vap;
2900 struct ieee80211_key *k = NULL;
2901 struct ieee80211_channel *chan;
2902 struct ieee80211_frame *wh;
2903 struct r92c_tx_desc *txd;
2904 uint8_t macid, raid, rate, ridx, type, tid, qos, qsel;
2905 int hasqos, ismcast;
2907 URTWN_ASSERT_LOCKED(sc);
2909 wh = mtod(m, struct ieee80211_frame *);
2910 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
2911 hasqos = IEEE80211_QOS_HAS_SEQ(wh);
2912 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
2914 /* Select TX ring for this frame. */
2916 qos = ((const struct ieee80211_qosframe *)wh)->i_qos[0];
2917 tid = qos & IEEE80211_QOS_TID;
2923 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ?
2924 ni->ni_chan : ic->ic_curchan;
2925 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)];
2927 /* Choose a TX rate index. */
2928 if (type == IEEE80211_FC0_TYPE_MGT)
2929 rate = tp->mgmtrate;
2931 rate = tp->mcastrate;
2932 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE)
2933 rate = tp->ucastrate;
2934 else if (m->m_flags & M_EAPOL)
2935 rate = tp->mgmtrate;
2937 if (URTWN_CHIP_HAS_RATECTL(sc)) {
2938 /* XXX pass pktlen */
2939 (void) ieee80211_ratectl_rate(ni, NULL, 0);
2940 rate = ni->ni_txrate;
2942 /* XXX TODO: drop the default rate for 11b/11g? */
2943 if (ni->ni_flags & IEEE80211_NODE_HT)
2944 rate = IEEE80211_RATE_MCS | 0x4; /* MCS4 */
2945 else if (ic->ic_curmode != IEEE80211_MODE_11B)
2953 * XXX TODO: this should be per-node, for 11b versus 11bg
2954 * nodes in hostap mode
2956 ridx = rate2ridx(rate);
2957 if (ni->ni_flags & IEEE80211_NODE_HT)
2958 raid = R92C_RAID_11GN;
2959 else if (ic->ic_curmode != IEEE80211_MODE_11B)
2960 raid = R92C_RAID_11BG;
2962 raid = R92C_RAID_11B;
2964 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) {
2965 k = ieee80211_crypto_encap(ni, m);
2967 device_printf(sc->sc_dev,
2968 "ieee80211_crypto_encap returns NULL.\n");
2972 /* in case packet header moved, reset pointer */
2973 wh = mtod(m, struct ieee80211_frame *);
2976 /* Fill Tx descriptor. */
2977 txd = (struct r92c_tx_desc *)data->buf;
2978 memset(txd, 0, sizeof(*txd));
2980 txd->txdw0 |= htole32(
2981 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) |
2982 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
2984 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST);
2987 /* Unicast frame, check if an ACK is expected. */
2988 if (!qos || (qos & IEEE80211_QOS_ACKPOLICY) !=
2989 IEEE80211_QOS_ACKPOLICY_NOACK) {
2990 txd->txdw5 |= htole32(R92C_TXDW5_RTY_LMT_ENA);
2991 txd->txdw5 |= htole32(SM(R92C_TXDW5_RTY_LMT,
2995 if (sc->chip & URTWN_CHIP_88E) {
2996 struct urtwn_node *un = URTWN_NODE(ni);
2999 macid = URTWN_MACID_BSS;
3001 if (type == IEEE80211_FC0_TYPE_DATA) {
3002 qsel = tid % URTWN_MAX_TID;
3004 if (sc->chip & URTWN_CHIP_88E) {
3005 txd->txdw2 |= htole32(
3007 R88E_TXDW2_CCX_RPT);
3009 txd->txdw1 |= htole32(R92C_TXDW1_AGGBK);
3011 /* protmode, non-HT */
3012 /* XXX TODO: noack frames? */
3013 if ((rate & 0x80) == 0 &&
3014 (ic->ic_flags & IEEE80211_F_USEPROT)) {
3015 switch (ic->ic_protmode) {
3016 case IEEE80211_PROT_CTSONLY:
3017 txd->txdw4 |= htole32(
3018 R92C_TXDW4_CTS2SELF);
3020 case IEEE80211_PROT_RTSCTS:
3021 txd->txdw4 |= htole32(
3023 R92C_TXDW4_HWRTSEN);
3031 /* XXX TODO: noack frames? */
3032 if ((rate & 0x80) &&
3033 (ic->ic_htprotmode == IEEE80211_PROT_RTSCTS)) {
3034 txd->txdw4 |= htole32(
3036 R92C_TXDW4_HWRTSEN);
3039 if (!(sc->chip & URTWN_CHIP_88E)) {
3040 /* XXX other rates will not work without
3041 * urtwn_ra_init() */
3042 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE,
3045 /* XXX TODO: rtsrate is configurable? 24mbit
3046 * may be a bit high for RTS rate? */
3047 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE,
3048 URTWN_RIDX_OFDM24));
3051 txd->txdw5 |= htole32(0x0001ff00);
3052 } else /* IEEE80211_FC0_TYPE_MGT */
3053 qsel = R92C_TXDW1_QSEL_MGNT;
3055 macid = URTWN_MACID_BC;
3056 qsel = R92C_TXDW1_QSEL_MGNT;
3059 txd->txdw1 |= htole32(
3060 SM(R92C_TXDW1_QSEL, qsel) |
3061 SM(R92C_TXDW1_RAID, raid));
3063 /* XXX TODO: 40MHZ flag? */
3064 /* XXX TODO: AMPDU flag? (AGG_ENABLE or AGG_BREAK?) Density shift? */
3065 /* XXX Short preamble? */
3068 if (sc->chip & URTWN_CHIP_88E)
3069 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, macid));
3071 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, macid));
3073 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx));
3075 /* Force this rate if needed. */
3076 if (URTWN_CHIP_HAS_RATECTL(sc) || ismcast ||
3077 (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) ||
3078 (m->m_flags & M_EAPOL) || type != IEEE80211_FC0_TYPE_DATA)
3079 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE);
3082 /* Use HW sequence numbering for non-QoS frames. */
3083 if (sc->chip & URTWN_CHIP_88E)
3084 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN);
3086 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
3088 /* Set sequence number. */
3089 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE);
3092 if (k != NULL && !(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
3095 switch (k->wk_cipher->ic_cipher) {
3096 case IEEE80211_CIPHER_WEP:
3097 case IEEE80211_CIPHER_TKIP:
3098 cipher = R92C_TXDW1_CIPHER_RC4;
3100 case IEEE80211_CIPHER_AES_CCM:
3101 cipher = R92C_TXDW1_CIPHER_AES;
3104 device_printf(sc->sc_dev, "%s: unknown cipher %d\n",
3105 __func__, k->wk_cipher->ic_cipher);
3109 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher));
3112 if (ieee80211_radiotap_active_vap(vap)) {
3113 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap;
3117 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP;
3118 ieee80211_radiotap_tx(vap, m);
3123 urtwn_tx_start(sc, m, type, data);
3129 urtwn_tx_raw(struct urtwn_softc *sc, struct ieee80211_node *ni,
3130 struct mbuf *m, struct urtwn_data *data,
3131 const struct ieee80211_bpf_params *params)
3133 struct ieee80211vap *vap = ni->ni_vap;
3134 struct ieee80211_key *k = NULL;
3135 struct ieee80211_frame *wh;
3136 struct r92c_tx_desc *txd;
3137 uint8_t cipher, ridx, type;
3139 /* Encrypt the frame if need be. */
3140 cipher = R92C_TXDW1_CIPHER_NONE;
3141 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) {
3142 /* Retrieve key for TX. */
3143 k = ieee80211_crypto_encap(ni, m);
3147 if (!(k->wk_flags & IEEE80211_KEY_SWCRYPT)) {
3148 switch (k->wk_cipher->ic_cipher) {
3149 case IEEE80211_CIPHER_WEP:
3150 case IEEE80211_CIPHER_TKIP:
3151 cipher = R92C_TXDW1_CIPHER_RC4;
3153 case IEEE80211_CIPHER_AES_CCM:
3154 cipher = R92C_TXDW1_CIPHER_AES;
3157 device_printf(sc->sc_dev,
3158 "%s: unknown cipher %d\n",
3159 __func__, k->wk_cipher->ic_cipher);
3165 /* XXX TODO: 11n checks, matching urtwn_tx_data() */
3167 wh = mtod(m, struct ieee80211_frame *);
3168 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
3170 /* Fill Tx descriptor. */
3171 txd = (struct r92c_tx_desc *)data->buf;
3172 memset(txd, 0, sizeof(*txd));
3174 txd->txdw0 |= htole32(
3175 SM(R92C_TXDW0_OFFSET, sizeof(*txd)) |
3176 R92C_TXDW0_OWN | R92C_TXDW0_FSG | R92C_TXDW0_LSG);
3177 if (IEEE80211_IS_MULTICAST(wh->i_addr1))
3178 txd->txdw0 |= htole32(R92C_TXDW0_BMCAST);
3180 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) {
3181 txd->txdw5 |= htole32(R92C_TXDW5_RTY_LMT_ENA);
3182 txd->txdw5 |= htole32(SM(R92C_TXDW5_RTY_LMT,
3185 if (params->ibp_flags & IEEE80211_BPF_RTS)
3186 txd->txdw4 |= htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_HWRTSEN);
3187 if (params->ibp_flags & IEEE80211_BPF_CTS)
3188 txd->txdw4 |= htole32(R92C_TXDW4_CTS2SELF);
3189 if (txd->txdw4 & htole32(R92C_TXDW4_RTSEN | R92C_TXDW4_CTS2SELF)) {
3190 txd->txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE,
3191 URTWN_RIDX_OFDM24));
3194 if (sc->chip & URTWN_CHIP_88E)
3195 txd->txdw1 |= htole32(SM(R88E_TXDW1_MACID, URTWN_MACID_BC));
3197 txd->txdw1 |= htole32(SM(R92C_TXDW1_MACID, URTWN_MACID_BC));
3199 /* XXX TODO: rate index/config (RAID) for 11n? */
3200 txd->txdw1 |= htole32(SM(R92C_TXDW1_QSEL, R92C_TXDW1_QSEL_MGNT));
3201 txd->txdw1 |= htole32(SM(R92C_TXDW1_CIPHER, cipher));
3203 /* Choose a TX rate index. */
3204 ridx = rate2ridx(params->ibp_rate0);
3205 txd->txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, ridx));
3206 txd->txdw5 |= htole32(0x0001ff00);
3207 txd->txdw4 |= htole32(R92C_TXDW4_DRVRATE);
3209 if (!IEEE80211_QOS_HAS_SEQ(wh)) {
3210 /* Use HW sequence numbering for non-QoS frames. */
3211 if (sc->chip & URTWN_CHIP_88E)
3212 txd->txdseq = htole16(R88E_TXDSEQ_HWSEQ_EN);
3214 txd->txdw4 |= htole32(R92C_TXDW4_HWSEQ_EN);
3216 /* Set sequence number. */
3217 txd->txdseq = htole16(M_SEQNO_GET(m) % IEEE80211_SEQ_RANGE);
3220 if (ieee80211_radiotap_active_vap(vap)) {
3221 struct urtwn_tx_radiotap_header *tap = &sc->sc_txtap;
3225 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP;
3226 ieee80211_radiotap_tx(vap, m);
3231 urtwn_tx_start(sc, m, type, data);
3237 urtwn_tx_start(struct urtwn_softc *sc, struct mbuf *m, uint8_t type,
3238 struct urtwn_data *data)
3240 struct usb_xfer *xfer;
3241 struct r92c_tx_desc *txd;
3245 URTWN_ASSERT_LOCKED(sc);
3247 ac = M_WME_GETAC(m);
3250 case IEEE80211_FC0_TYPE_CTL:
3251 case IEEE80211_FC0_TYPE_MGT:
3252 xfer = sc->sc_xfer[URTWN_BULK_TX_VO];
3255 xfer = sc->sc_xfer[wme2queue[ac].qid];
3259 txd = (struct r92c_tx_desc *)data->buf;
3260 txd->txdw0 |= htole32(SM(R92C_TXDW0_PKTLEN, m->m_pkthdr.len));
3262 /* Compute Tx descriptor checksum. */
3264 for (i = 0; i < sizeof(*txd) / 2; i++)
3265 sum ^= ((uint16_t *)txd)[i];
3266 txd->txdsum = sum; /* NB: already little endian. */
3268 xferlen = sizeof(*txd) + m->m_pkthdr.len;
3269 m_copydata(m, 0, m->m_pkthdr.len, (caddr_t)&txd[1]);
3271 data->buflen = xferlen;
3274 STAILQ_INSERT_TAIL(&sc->sc_tx_pending, data, next);
3275 usbd_transfer_start(xfer);
3279 urtwn_transmit(struct ieee80211com *ic, struct mbuf *m)
3281 struct urtwn_softc *sc = ic->ic_softc;
3285 if ((sc->sc_flags & URTWN_RUNNING) == 0) {
3289 error = mbufq_enqueue(&sc->sc_snd, m);
3301 urtwn_start(struct urtwn_softc *sc)
3303 struct ieee80211_node *ni;
3305 struct urtwn_data *bf;
3307 URTWN_ASSERT_LOCKED(sc);
3308 while ((m = mbufq_dequeue(&sc->sc_snd)) != NULL) {
3309 bf = urtwn_getbuf(sc);
3311 mbufq_prepend(&sc->sc_snd, m);
3314 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
3315 m->m_pkthdr.rcvif = NULL;
3317 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n",
3321 if (urtwn_tx_data(sc, ni, m, bf) != 0) {
3322 if_inc_counter(ni->ni_vap->iv_ifp,
3323 IFCOUNTER_OERRORS, 1);
3324 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next);
3326 ieee80211_free_node(ni);
3330 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
3335 urtwn_parent(struct ieee80211com *ic)
3337 struct urtwn_softc *sc = ic->ic_softc;
3340 if (sc->sc_flags & URTWN_DETACHED) {
3346 if (ic->ic_nrunning > 0) {
3347 if (urtwn_init(sc) != 0) {
3348 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
3350 ieee80211_stop(vap);
3352 ieee80211_start_all(ic);
3358 urtwn_power_on(struct urtwn_softc *sc)
3361 return sc->sc_power_on(sc);
3365 urtwn_r92c_power_on(struct urtwn_softc *sc)
3371 /* Wait for autoload done bit. */
3372 for (ntries = 0; ntries < 1000; ntries++) {
3373 if (urtwn_read_1(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_PFM_ALDN)
3377 if (ntries == 1000) {
3378 device_printf(sc->sc_dev,
3379 "timeout waiting for chip autoload\n");
3383 /* Unlock ISO/CLK/Power control register. */
3384 error = urtwn_write_1(sc, R92C_RSV_CTRL, 0);
3385 if (error != USB_ERR_NORMAL_COMPLETION)
3387 /* Move SPS into PWM mode. */
3388 error = urtwn_write_1(sc, R92C_SPS0_CTRL, 0x2b);
3389 if (error != USB_ERR_NORMAL_COMPLETION)
3393 reg = urtwn_read_1(sc, R92C_LDOV12D_CTRL);
3394 if (!(reg & R92C_LDOV12D_CTRL_LDV12_EN)) {
3395 error = urtwn_write_1(sc, R92C_LDOV12D_CTRL,
3396 reg | R92C_LDOV12D_CTRL_LDV12_EN);
3397 if (error != USB_ERR_NORMAL_COMPLETION)
3400 error = urtwn_write_1(sc, R92C_SYS_ISO_CTRL,
3401 urtwn_read_1(sc, R92C_SYS_ISO_CTRL) &
3402 ~R92C_SYS_ISO_CTRL_MD2PP);
3403 if (error != USB_ERR_NORMAL_COMPLETION)
3407 /* Auto enable WLAN. */
3408 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3409 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC);
3410 if (error != USB_ERR_NORMAL_COMPLETION)
3412 for (ntries = 0; ntries < 1000; ntries++) {
3413 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) &
3414 R92C_APS_FSMCO_APFM_ONMAC))
3418 if (ntries == 1000) {
3419 device_printf(sc->sc_dev,
3420 "timeout waiting for MAC auto ON\n");
3424 /* Enable radio, GPIO and LED functions. */
3425 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3426 R92C_APS_FSMCO_AFSM_HSUS |
3427 R92C_APS_FSMCO_PDN_EN |
3428 R92C_APS_FSMCO_PFM_ALDN);
3429 if (error != USB_ERR_NORMAL_COMPLETION)
3431 /* Release RF digital isolation. */
3432 error = urtwn_write_2(sc, R92C_SYS_ISO_CTRL,
3433 urtwn_read_2(sc, R92C_SYS_ISO_CTRL) & ~R92C_SYS_ISO_CTRL_DIOR);
3434 if (error != USB_ERR_NORMAL_COMPLETION)
3437 /* Initialize MAC. */
3438 error = urtwn_write_1(sc, R92C_APSD_CTRL,
3439 urtwn_read_1(sc, R92C_APSD_CTRL) & ~R92C_APSD_CTRL_OFF);
3440 if (error != USB_ERR_NORMAL_COMPLETION)
3442 for (ntries = 0; ntries < 200; ntries++) {
3443 if (!(urtwn_read_1(sc, R92C_APSD_CTRL) &
3444 R92C_APSD_CTRL_OFF_STATUS))
3448 if (ntries == 200) {
3449 device_printf(sc->sc_dev,
3450 "timeout waiting for MAC initialization\n");
3454 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */
3455 reg = urtwn_read_2(sc, R92C_CR);
3456 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3457 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN |
3458 R92C_CR_SCHEDULE_EN | R92C_CR_MACTXEN | R92C_CR_MACRXEN |
3460 error = urtwn_write_2(sc, R92C_CR, reg);
3461 if (error != USB_ERR_NORMAL_COMPLETION)
3464 error = urtwn_write_1(sc, 0xfe10, 0x19);
3465 if (error != USB_ERR_NORMAL_COMPLETION)
3471 urtwn_r88e_power_on(struct urtwn_softc *sc)
3477 /* Wait for power ready bit. */
3478 for (ntries = 0; ntries < 5000; ntries++) {
3479 if (urtwn_read_4(sc, R92C_APS_FSMCO) & R92C_APS_FSMCO_SUS_HOST)
3483 if (ntries == 5000) {
3484 device_printf(sc->sc_dev,
3485 "timeout waiting for chip power up\n");
3490 error = urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3491 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~(R92C_SYS_FUNC_EN_BBRSTB |
3492 R92C_SYS_FUNC_EN_BB_GLB_RST));
3493 if (error != USB_ERR_NORMAL_COMPLETION)
3496 error = urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2,
3497 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80);
3498 if (error != USB_ERR_NORMAL_COMPLETION)
3501 /* Disable HWPDN. */
3502 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3503 urtwn_read_2(sc, R92C_APS_FSMCO) & ~R92C_APS_FSMCO_APDM_HPDN);
3504 if (error != USB_ERR_NORMAL_COMPLETION)
3507 /* Disable WL suspend. */
3508 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3509 urtwn_read_2(sc, R92C_APS_FSMCO) &
3510 ~(R92C_APS_FSMCO_AFSM_HSUS | R92C_APS_FSMCO_AFSM_PCIE));
3511 if (error != USB_ERR_NORMAL_COMPLETION)
3514 error = urtwn_write_2(sc, R92C_APS_FSMCO,
3515 urtwn_read_2(sc, R92C_APS_FSMCO) | R92C_APS_FSMCO_APFM_ONMAC);
3516 if (error != USB_ERR_NORMAL_COMPLETION)
3518 for (ntries = 0; ntries < 5000; ntries++) {
3519 if (!(urtwn_read_2(sc, R92C_APS_FSMCO) &
3520 R92C_APS_FSMCO_APFM_ONMAC))
3527 /* Enable LDO normal mode. */
3528 error = urtwn_write_1(sc, R92C_LPLDO_CTRL,
3529 urtwn_read_1(sc, R92C_LPLDO_CTRL) & ~R92C_LPLDO_CTRL_SLEEP);
3530 if (error != USB_ERR_NORMAL_COMPLETION)
3533 /* Enable MAC DMA/WMAC/SCHEDULE/SEC blocks. */
3534 error = urtwn_write_2(sc, R92C_CR, 0);
3535 if (error != USB_ERR_NORMAL_COMPLETION)
3537 reg = urtwn_read_2(sc, R92C_CR);
3538 reg |= R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3539 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN | R92C_CR_PROTOCOL_EN |
3540 R92C_CR_SCHEDULE_EN | R92C_CR_ENSEC | R92C_CR_CALTMR_EN;
3541 error = urtwn_write_2(sc, R92C_CR, reg);
3542 if (error != USB_ERR_NORMAL_COMPLETION)
3548 static __inline void
3549 urtwn_power_off(struct urtwn_softc *sc)
3552 return sc->sc_power_off(sc);
3556 urtwn_r92c_power_off(struct urtwn_softc *sc)
3560 /* Block all Tx queues. */
3561 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
3564 urtwn_rf_write(sc, 0, 0, 0);
3566 urtwn_write_1(sc, R92C_APSD_CTRL, R92C_APSD_CTRL_OFF);
3568 /* Reset BB state machine */
3569 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3570 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA |
3571 R92C_SYS_FUNC_EN_BB_GLB_RST);
3572 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3573 R92C_SYS_FUNC_EN_USBD | R92C_SYS_FUNC_EN_USBA);
3576 * Reset digital sequence
3578 #ifndef URTWN_WITHOUT_UCODE
3579 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY) {
3580 /* Reset MCU ready status */
3581 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3583 /* If firmware in ram code, do reset */
3588 /* Reset MAC and Enable 8051 */
3589 urtwn_write_1(sc, R92C_SYS_FUNC_EN + 1,
3590 (R92C_SYS_FUNC_EN_CPUEN |
3591 R92C_SYS_FUNC_EN_ELDR |
3592 R92C_SYS_FUNC_EN_HWPDN) >> 8);
3594 /* Reset MCU ready status */
3595 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3597 /* Disable MAC clock */
3598 urtwn_write_2(sc, R92C_SYS_CLKR,
3599 R92C_SYS_CLKR_ANAD16V_EN |
3600 R92C_SYS_CLKR_ANA8M |
3601 R92C_SYS_CLKR_LOADER_EN |
3602 R92C_SYS_CLKR_80M_SSC_DIS |
3603 R92C_SYS_CLKR_SYS_EN |
3604 R92C_SYS_CLKR_RING_EN |
3607 /* Disable AFE PLL */
3608 urtwn_write_1(sc, R92C_AFE_PLL_CTRL, 0x80);
3610 /* Gated AFE DIG_CLOCK */
3611 urtwn_write_2(sc, R92C_AFE_XTAL_CTRL, 0x880F);
3613 /* Isolated digital to PON */
3614 urtwn_write_1(sc, R92C_SYS_ISO_CTRL,
3615 R92C_SYS_ISO_CTRL_MD2PP |
3616 R92C_SYS_ISO_CTRL_PA2PCIE |
3617 R92C_SYS_ISO_CTRL_PD2CORE |
3618 R92C_SYS_ISO_CTRL_IP2MAC |
3619 R92C_SYS_ISO_CTRL_DIOP |
3620 R92C_SYS_ISO_CTRL_DIOE);
3623 * Pull GPIO PIN to balance level and LED control
3625 /* 1. Disable GPIO[7:0] */
3626 urtwn_write_2(sc, R92C_GPIO_IOSEL, 0x0000);
3628 reg = urtwn_read_4(sc, R92C_GPIO_PIN_CTRL) & ~0x0000ff00;
3629 reg |= ((reg << 8) & 0x0000ff00) | 0x00ff0000;
3630 urtwn_write_4(sc, R92C_GPIO_PIN_CTRL, reg);
3632 /* Disable GPIO[10:8] */
3633 urtwn_write_1(sc, R92C_MAC_PINMUX_CFG, 0x00);
3635 reg = urtwn_read_2(sc, R92C_GPIO_IO_SEL) & ~0x00f0;
3636 reg |= (((reg & 0x000f) << 4) | 0x0780);
3637 urtwn_write_2(sc, R92C_GPIO_IO_SEL, reg);
3639 /* Disable LED0 & 1 */
3640 urtwn_write_2(sc, R92C_LEDCFG0, 0x8080);
3643 * Reset digital sequence
3645 /* Disable ELDR clock */
3646 urtwn_write_2(sc, R92C_SYS_CLKR,
3647 R92C_SYS_CLKR_ANAD16V_EN |
3648 R92C_SYS_CLKR_ANA8M |
3649 R92C_SYS_CLKR_LOADER_EN |
3650 R92C_SYS_CLKR_80M_SSC_DIS |
3651 R92C_SYS_CLKR_SYS_EN |
3652 R92C_SYS_CLKR_RING_EN |
3655 /* Isolated ELDR to PON */
3656 urtwn_write_1(sc, R92C_SYS_ISO_CTRL + 1,
3657 (R92C_SYS_ISO_CTRL_DIOR |
3658 R92C_SYS_ISO_CTRL_PWC_EV12V) >> 8);
3661 * Disable analog sequence
3663 /* Disable A15 power */
3664 urtwn_write_1(sc, R92C_LDOA15_CTRL, R92C_LDOA15_CTRL_OBUF);
3665 /* Disable digital core power */
3666 urtwn_write_1(sc, R92C_LDOV12D_CTRL,
3667 urtwn_read_1(sc, R92C_LDOV12D_CTRL) &
3668 ~R92C_LDOV12D_CTRL_LDV12_EN);
3670 /* Enter PFM mode */
3671 urtwn_write_1(sc, R92C_SPS0_CTRL, 0x23);
3673 /* Set USB suspend */
3674 urtwn_write_2(sc, R92C_APS_FSMCO,
3675 R92C_APS_FSMCO_APDM_HOST |
3676 R92C_APS_FSMCO_AFSM_HSUS |
3677 R92C_APS_FSMCO_PFM_ALDN);
3679 /* Lock ISO/CLK/Power control register. */
3680 urtwn_write_1(sc, R92C_RSV_CTRL, 0x0E);
3684 urtwn_r88e_power_off(struct urtwn_softc *sc)
3689 /* Disable any kind of TX reports. */
3690 urtwn_write_1(sc, R88E_TX_RPT_CTRL,
3691 urtwn_read_1(sc, R88E_TX_RPT_CTRL) &
3692 ~(R88E_TX_RPT1_ENA | R88E_TX_RPT2_ENA));
3695 urtwn_write_1(sc, R92C_CR, 0);
3697 /* Move card to Low Power State. */
3698 /* Block all Tx queues. */
3699 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
3701 for (ntries = 0; ntries < 20; ntries++) {
3702 /* Should be zero if no packet is transmitting. */
3703 if (urtwn_read_4(sc, R88E_SCH_TXCMD) == 0)
3709 device_printf(sc->sc_dev, "%s: failed to block Tx queues\n",
3714 /* CCK and OFDM are disabled, and clock are gated. */
3715 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
3716 urtwn_read_1(sc, R92C_SYS_FUNC_EN) & ~R92C_SYS_FUNC_EN_BBRSTB);
3721 urtwn_write_1(sc, R92C_CR,
3722 R92C_CR_HCI_TXDMA_EN | R92C_CR_HCI_RXDMA_EN |
3723 R92C_CR_TXDMA_EN | R92C_CR_RXDMA_EN |
3724 R92C_CR_PROTOCOL_EN | R92C_CR_SCHEDULE_EN);
3726 /* check if removed later */
3727 urtwn_write_1(sc, R92C_CR + 1,
3728 urtwn_read_1(sc, R92C_CR + 1) & ~(R92C_CR_ENSEC >> 8));
3730 /* Respond TxOK to scheduler */
3731 urtwn_write_1(sc, R92C_DUAL_TSF_RST,
3732 urtwn_read_1(sc, R92C_DUAL_TSF_RST) | 0x20);
3734 /* If firmware in ram code, do reset. */
3735 #ifndef URTWN_WITHOUT_UCODE
3736 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RDY)
3737 urtwn_r88e_fw_reset(sc);
3740 /* Reset MCU ready status. */
3741 urtwn_write_1(sc, R92C_MCUFWDL, 0x00);
3744 urtwn_write_1(sc, R88E_32K_CTRL,
3745 urtwn_read_1(sc, R88E_32K_CTRL) & ~0x01);
3747 /* Move card to Disabled state. */
3749 urtwn_write_1(sc, R92C_RF_CTRL, 0);
3751 /* LDO Sleep mode. */
3752 urtwn_write_1(sc, R92C_LPLDO_CTRL,
3753 urtwn_read_1(sc, R92C_LPLDO_CTRL) | R92C_LPLDO_CTRL_SLEEP);
3755 /* Turn off MAC by HW state machine */
3756 urtwn_write_1(sc, R92C_APS_FSMCO + 1,
3757 urtwn_read_1(sc, R92C_APS_FSMCO + 1) |
3758 (R92C_APS_FSMCO_APFM_OFF >> 8));
3760 for (ntries = 0; ntries < 20; ntries++) {
3761 /* Wait until it will be disabled. */
3762 if ((urtwn_read_1(sc, R92C_APS_FSMCO + 1) &
3763 (R92C_APS_FSMCO_APFM_OFF >> 8)) == 0)
3769 device_printf(sc->sc_dev, "%s: could not turn off MAC\n",
3774 /* schmit trigger */
3775 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 2,
3776 urtwn_read_1(sc, R92C_AFE_XTAL_CTRL + 2) | 0x80);
3778 /* Enable WL suspend. */
3779 urtwn_write_1(sc, R92C_APS_FSMCO + 1,
3780 (urtwn_read_1(sc, R92C_APS_FSMCO + 1) & ~0x10) | 0x08);
3782 /* Enable bandgap mbias in suspend. */
3783 urtwn_write_1(sc, R92C_APS_FSMCO + 3, 0);
3785 /* Clear SIC_EN register. */
3786 urtwn_write_1(sc, R92C_GPIO_MUXCFG + 1,
3787 urtwn_read_1(sc, R92C_GPIO_MUXCFG + 1) & ~0x10);
3789 /* Set USB suspend enable local register */
3790 urtwn_write_1(sc, R92C_USB_SUSPEND,
3791 urtwn_read_1(sc, R92C_USB_SUSPEND) | 0x10);
3793 /* Reset MCU IO Wrapper. */
3794 reg = urtwn_read_1(sc, R92C_RSV_CTRL + 1);
3795 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg & ~0x08);
3796 urtwn_write_1(sc, R92C_RSV_CTRL + 1, reg | 0x08);
3798 /* marked as 'For Power Consumption' code. */
3799 urtwn_write_1(sc, R92C_GPIO_OUT, urtwn_read_1(sc, R92C_GPIO_IN));
3800 urtwn_write_1(sc, R92C_GPIO_IOSEL, 0xff);
3802 urtwn_write_1(sc, R92C_GPIO_IO_SEL,
3803 urtwn_read_1(sc, R92C_GPIO_IO_SEL) << 4);
3804 urtwn_write_1(sc, R92C_GPIO_MOD,
3805 urtwn_read_1(sc, R92C_GPIO_MOD) | 0x0f);
3807 /* Set LNA, TRSW, EX_PA Pin to output mode. */
3808 urtwn_write_4(sc, R88E_BB_PAD_CTRL, 0x00080808);
3812 urtwn_llt_init(struct urtwn_softc *sc)
3814 int i, error, page_count, pktbuf_count;
3816 page_count = (sc->chip & URTWN_CHIP_88E) ?
3817 R88E_TX_PAGE_COUNT : R92C_TX_PAGE_COUNT;
3818 pktbuf_count = (sc->chip & URTWN_CHIP_88E) ?
3819 R88E_TXPKTBUF_COUNT : R92C_TXPKTBUF_COUNT;
3821 /* Reserve pages [0; page_count]. */
3822 for (i = 0; i < page_count; i++) {
3823 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0)
3826 /* NB: 0xff indicates end-of-list. */
3827 if ((error = urtwn_llt_write(sc, i, 0xff)) != 0)
3830 * Use pages [page_count + 1; pktbuf_count - 1]
3833 for (++i; i < pktbuf_count - 1; i++) {
3834 if ((error = urtwn_llt_write(sc, i, i + 1)) != 0)
3837 /* Make the last page point to the beginning of the ring buffer. */
3838 error = urtwn_llt_write(sc, i, page_count + 1);
3842 #ifndef URTWN_WITHOUT_UCODE
3844 urtwn_fw_reset(struct urtwn_softc *sc)
3849 /* Tell 8051 to reset itself. */
3850 urtwn_write_1(sc, R92C_HMETFR + 3, 0x20);
3852 /* Wait until 8051 resets by itself. */
3853 for (ntries = 0; ntries < 100; ntries++) {
3854 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
3855 if (!(reg & R92C_SYS_FUNC_EN_CPUEN))
3859 /* Force 8051 reset. */
3860 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN);
3864 urtwn_r88e_fw_reset(struct urtwn_softc *sc)
3868 reg = urtwn_read_2(sc, R92C_SYS_FUNC_EN);
3869 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg & ~R92C_SYS_FUNC_EN_CPUEN);
3870 urtwn_write_2(sc, R92C_SYS_FUNC_EN, reg | R92C_SYS_FUNC_EN_CPUEN);
3874 urtwn_fw_loadpage(struct urtwn_softc *sc, int page, const uint8_t *buf, int len)
3877 usb_error_t error = USB_ERR_NORMAL_COMPLETION;
3880 reg = urtwn_read_4(sc, R92C_MCUFWDL);
3881 reg = RW(reg, R92C_MCUFWDL_PAGE, page);
3882 urtwn_write_4(sc, R92C_MCUFWDL, reg);
3884 off = R92C_FW_START_ADDR;
3892 /* XXX fix this deconst */
3893 error = urtwn_write_region_1(sc, off,
3894 __DECONST(uint8_t *, buf), mlen);
3895 if (error != USB_ERR_NORMAL_COMPLETION)
3905 urtwn_load_firmware(struct urtwn_softc *sc)
3907 const struct firmware *fw;
3908 const struct r92c_fw_hdr *hdr;
3909 const char *imagename;
3913 int mlen, ntries, page, error;
3916 /* Read firmware image from the filesystem. */
3917 if (sc->chip & URTWN_CHIP_88E)
3918 imagename = "urtwn-rtl8188eufw";
3919 else if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) ==
3920 URTWN_CHIP_UMC_A_CUT)
3921 imagename = "urtwn-rtl8192cfwU";
3923 imagename = "urtwn-rtl8192cfwT";
3925 fw = firmware_get(imagename);
3928 device_printf(sc->sc_dev,
3929 "failed loadfirmware of file %s\n", imagename);
3935 if (len < sizeof(*hdr)) {
3936 device_printf(sc->sc_dev, "firmware too short\n");
3941 hdr = (const struct r92c_fw_hdr *)ptr;
3942 /* Check if there is a valid FW header and skip it. */
3943 if ((le16toh(hdr->signature) >> 4) == 0x88c ||
3944 (le16toh(hdr->signature) >> 4) == 0x88e ||
3945 (le16toh(hdr->signature) >> 4) == 0x92c) {
3946 URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE,
3947 "FW V%d.%d %02d-%02d %02d:%02d\n",
3948 le16toh(hdr->version), le16toh(hdr->subversion),
3949 hdr->month, hdr->date, hdr->hour, hdr->minute);
3950 ptr += sizeof(*hdr);
3951 len -= sizeof(*hdr);
3954 if (urtwn_read_1(sc, R92C_MCUFWDL) & R92C_MCUFWDL_RAM_DL_SEL) {
3955 if (sc->chip & URTWN_CHIP_88E)
3956 urtwn_r88e_fw_reset(sc);
3959 urtwn_write_1(sc, R92C_MCUFWDL, 0);
3962 if (!(sc->chip & URTWN_CHIP_88E)) {
3963 urtwn_write_2(sc, R92C_SYS_FUNC_EN,
3964 urtwn_read_2(sc, R92C_SYS_FUNC_EN) |
3965 R92C_SYS_FUNC_EN_CPUEN);
3967 urtwn_write_1(sc, R92C_MCUFWDL,
3968 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_EN);
3969 urtwn_write_1(sc, R92C_MCUFWDL + 2,
3970 urtwn_read_1(sc, R92C_MCUFWDL + 2) & ~0x08);
3972 /* Reset the FWDL checksum. */
3973 urtwn_write_1(sc, R92C_MCUFWDL,
3974 urtwn_read_1(sc, R92C_MCUFWDL) | R92C_MCUFWDL_CHKSUM_RPT);
3976 for (page = 0; len > 0; page++) {
3977 mlen = min(len, R92C_FW_PAGE_SIZE);
3978 error = urtwn_fw_loadpage(sc, page, ptr, mlen);
3980 device_printf(sc->sc_dev,
3981 "could not load firmware page\n");
3987 urtwn_write_1(sc, R92C_MCUFWDL,
3988 urtwn_read_1(sc, R92C_MCUFWDL) & ~R92C_MCUFWDL_EN);
3989 urtwn_write_1(sc, R92C_MCUFWDL + 1, 0);
3991 /* Wait for checksum report. */
3992 for (ntries = 0; ntries < 1000; ntries++) {
3993 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_CHKSUM_RPT)
3997 if (ntries == 1000) {
3998 device_printf(sc->sc_dev,
3999 "timeout waiting for checksum report\n");
4004 reg = urtwn_read_4(sc, R92C_MCUFWDL);
4005 reg = (reg & ~R92C_MCUFWDL_WINTINI_RDY) | R92C_MCUFWDL_RDY;
4006 urtwn_write_4(sc, R92C_MCUFWDL, reg);
4007 if (sc->chip & URTWN_CHIP_88E)
4008 urtwn_r88e_fw_reset(sc);
4009 /* Wait for firmware readiness. */
4010 for (ntries = 0; ntries < 1000; ntries++) {
4011 if (urtwn_read_4(sc, R92C_MCUFWDL) & R92C_MCUFWDL_WINTINI_RDY)
4015 if (ntries == 1000) {
4016 device_printf(sc->sc_dev,
4017 "timeout waiting for firmware readiness\n");
4022 firmware_put(fw, FIRMWARE_UNLOAD);
4028 urtwn_dma_init(struct urtwn_softc *sc)
4030 struct usb_endpoint *ep, *ep_end;
4031 usb_error_t usb_err;
4033 int hashq, hasnq, haslq, nqueues, ntx;
4034 int error, pagecount, npubqpages, nqpages, nrempages, tx_boundary;
4036 /* Initialize LLT table. */
4037 error = urtwn_llt_init(sc);
4041 /* Determine the number of bulk-out pipes. */
4043 ep = sc->sc_udev->endpoints;
4044 ep_end = sc->sc_udev->endpoints + sc->sc_udev->endpoints_max;
4045 for (; ep != ep_end; ep++) {
4046 if ((ep->edesc == NULL) ||
4047 (ep->iface_index != sc->sc_iface_index))
4049 if (UE_GET_DIR(ep->edesc->bEndpointAddress) == UE_DIR_OUT)
4053 device_printf(sc->sc_dev,
4054 "%d: invalid number of Tx bulk pipes\n", ntx);
4058 /* Get Tx queues to USB endpoints mapping. */
4059 hashq = hasnq = haslq = nqueues = 0;
4061 case 1: hashq = 1; break;
4062 case 2: hashq = hasnq = 1; break;
4063 case 3: case 4: hashq = hasnq = haslq = 1; break;
4065 nqueues = hashq + hasnq + haslq;
4069 npubqpages = nqpages = nrempages = pagecount = 0;
4070 if (sc->chip & URTWN_CHIP_88E)
4071 tx_boundary = R88E_TX_PAGE_BOUNDARY;
4073 pagecount = R92C_TX_PAGE_COUNT;
4074 npubqpages = R92C_PUBQ_NPAGES;
4075 tx_boundary = R92C_TX_PAGE_BOUNDARY;
4078 /* Set number of pages for normal priority queue. */
4079 if (sc->chip & URTWN_CHIP_88E) {
4080 usb_err = urtwn_write_2(sc, R92C_RQPN_NPQ, 0xd);
4081 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4083 usb_err = urtwn_write_4(sc, R92C_RQPN, 0x808e000d);
4084 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4087 /* Get the number of pages for each queue. */
4088 nqpages = (pagecount - npubqpages) / nqueues;
4090 * The remaining pages are assigned to the high priority
4093 nrempages = (pagecount - npubqpages) % nqueues;
4094 usb_err = urtwn_write_1(sc, R92C_RQPN_NPQ, hasnq ? nqpages : 0);
4095 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4097 usb_err = urtwn_write_4(sc, R92C_RQPN,
4098 /* Set number of pages for public queue. */
4099 SM(R92C_RQPN_PUBQ, npubqpages) |
4100 /* Set number of pages for high priority queue. */
4101 SM(R92C_RQPN_HPQ, hashq ? nqpages + nrempages : 0) |
4102 /* Set number of pages for low priority queue. */
4103 SM(R92C_RQPN_LPQ, haslq ? nqpages : 0) |
4106 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4110 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_BCNQ_BDNY, tx_boundary);
4111 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4113 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_MGQ_BDNY, tx_boundary);
4114 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4116 usb_err = urtwn_write_1(sc, R92C_TXPKTBUF_WMAC_LBK_BF_HD, tx_boundary);
4117 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4119 usb_err = urtwn_write_1(sc, R92C_TRXFF_BNDY, tx_boundary);
4120 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4122 usb_err = urtwn_write_1(sc, R92C_TDECTRL + 1, tx_boundary);
4123 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4126 /* Set queue to USB pipe mapping. */
4127 reg = urtwn_read_2(sc, R92C_TRXDMA_CTRL);
4128 reg &= ~R92C_TRXDMA_CTRL_QMAP_M;
4131 reg |= R92C_TRXDMA_CTRL_QMAP_HQ;
4133 reg |= R92C_TRXDMA_CTRL_QMAP_NQ;
4135 reg |= R92C_TRXDMA_CTRL_QMAP_LQ;
4136 } else if (nqueues == 2) {
4138 * All 2-endpoints configs have high and normal
4141 reg |= R92C_TRXDMA_CTRL_QMAP_HQ_NQ;
4143 reg |= R92C_TRXDMA_CTRL_QMAP_3EP;
4144 usb_err = urtwn_write_2(sc, R92C_TRXDMA_CTRL, reg);
4145 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4148 /* Set Tx/Rx transfer page boundary. */
4149 usb_err = urtwn_write_2(sc, R92C_TRXFF_BNDY + 2,
4150 (sc->chip & URTWN_CHIP_88E) ? 0x23ff : 0x27ff);
4151 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4154 /* Set Tx/Rx transfer page size. */
4155 usb_err = urtwn_write_1(sc, R92C_PBP,
4156 SM(R92C_PBP_PSRX, R92C_PBP_128) |
4157 SM(R92C_PBP_PSTX, R92C_PBP_128));
4158 if (usb_err != USB_ERR_NORMAL_COMPLETION)
4165 urtwn_mac_init(struct urtwn_softc *sc)
4170 /* Write MAC initialization values. */
4171 if (sc->chip & URTWN_CHIP_88E) {
4172 for (i = 0; i < nitems(rtl8188eu_mac); i++) {
4173 error = urtwn_write_1(sc, rtl8188eu_mac[i].reg,
4174 rtl8188eu_mac[i].val);
4175 if (error != USB_ERR_NORMAL_COMPLETION)
4178 urtwn_write_1(sc, R92C_MAX_AGGR_NUM, 0x07);
4180 for (i = 0; i < nitems(rtl8192cu_mac); i++)
4181 error = urtwn_write_1(sc, rtl8192cu_mac[i].reg,
4182 rtl8192cu_mac[i].val);
4183 if (error != USB_ERR_NORMAL_COMPLETION)
4191 urtwn_bb_init(struct urtwn_softc *sc)
4193 const struct urtwn_bb_prog *prog;
4198 /* Enable BB and RF. */
4199 urtwn_write_2(sc, R92C_SYS_FUNC_EN,
4200 urtwn_read_2(sc, R92C_SYS_FUNC_EN) |
4201 R92C_SYS_FUNC_EN_BBRSTB | R92C_SYS_FUNC_EN_BB_GLB_RST |
4202 R92C_SYS_FUNC_EN_DIO_RF);
4204 if (!(sc->chip & URTWN_CHIP_88E))
4205 urtwn_write_2(sc, R92C_AFE_PLL_CTRL, 0xdb83);
4207 urtwn_write_1(sc, R92C_RF_CTRL,
4208 R92C_RF_CTRL_EN | R92C_RF_CTRL_RSTB | R92C_RF_CTRL_SDMRSTB);
4209 urtwn_write_1(sc, R92C_SYS_FUNC_EN,
4210 R92C_SYS_FUNC_EN_USBA | R92C_SYS_FUNC_EN_USBD |
4211 R92C_SYS_FUNC_EN_BB_GLB_RST | R92C_SYS_FUNC_EN_BBRSTB);
4213 if (!(sc->chip & URTWN_CHIP_88E)) {
4214 urtwn_write_1(sc, R92C_LDOHCI12_CTRL, 0x0f);
4215 urtwn_write_1(sc, 0x15, 0xe9);
4216 urtwn_write_1(sc, R92C_AFE_XTAL_CTRL + 1, 0x80);
4219 /* Select BB programming based on board type. */
4220 if (sc->chip & URTWN_CHIP_88E)
4221 prog = &rtl8188eu_bb_prog;
4222 else if (!(sc->chip & URTWN_CHIP_92C)) {
4223 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4224 prog = &rtl8188ce_bb_prog;
4225 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4226 prog = &rtl8188ru_bb_prog;
4228 prog = &rtl8188cu_bb_prog;
4230 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4231 prog = &rtl8192ce_bb_prog;
4233 prog = &rtl8192cu_bb_prog;
4235 /* Write BB initialization values. */
4236 for (i = 0; i < prog->count; i++) {
4237 urtwn_bb_write(sc, prog->regs[i], prog->vals[i]);
4241 if (sc->chip & URTWN_CHIP_92C_1T2R) {
4242 /* 8192C 1T only configuration. */
4243 reg = urtwn_bb_read(sc, R92C_FPGA0_TXINFO);
4244 reg = (reg & ~0x00000003) | 0x2;
4245 urtwn_bb_write(sc, R92C_FPGA0_TXINFO, reg);
4247 reg = urtwn_bb_read(sc, R92C_FPGA1_TXINFO);
4248 reg = (reg & ~0x00300033) | 0x00200022;
4249 urtwn_bb_write(sc, R92C_FPGA1_TXINFO, reg);
4251 reg = urtwn_bb_read(sc, R92C_CCK0_AFESETTING);
4252 reg = (reg & ~0xff000000) | 0x45 << 24;
4253 urtwn_bb_write(sc, R92C_CCK0_AFESETTING, reg);
4255 reg = urtwn_bb_read(sc, R92C_OFDM0_TRXPATHENA);
4256 reg = (reg & ~0x000000ff) | 0x23;
4257 urtwn_bb_write(sc, R92C_OFDM0_TRXPATHENA, reg);
4259 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCPARAM1);
4260 reg = (reg & ~0x00000030) | 1 << 4;
4261 urtwn_bb_write(sc, R92C_OFDM0_AGCPARAM1, reg);
4263 reg = urtwn_bb_read(sc, 0xe74);
4264 reg = (reg & ~0x0c000000) | 2 << 26;
4265 urtwn_bb_write(sc, 0xe74, reg);
4266 reg = urtwn_bb_read(sc, 0xe78);
4267 reg = (reg & ~0x0c000000) | 2 << 26;
4268 urtwn_bb_write(sc, 0xe78, reg);
4269 reg = urtwn_bb_read(sc, 0xe7c);
4270 reg = (reg & ~0x0c000000) | 2 << 26;
4271 urtwn_bb_write(sc, 0xe7c, reg);
4272 reg = urtwn_bb_read(sc, 0xe80);
4273 reg = (reg & ~0x0c000000) | 2 << 26;
4274 urtwn_bb_write(sc, 0xe80, reg);
4275 reg = urtwn_bb_read(sc, 0xe88);
4276 reg = (reg & ~0x0c000000) | 2 << 26;
4277 urtwn_bb_write(sc, 0xe88, reg);
4280 /* Write AGC values. */
4281 for (i = 0; i < prog->agccount; i++) {
4282 urtwn_bb_write(sc, R92C_OFDM0_AGCRSSITABLE,
4287 if (sc->chip & URTWN_CHIP_88E) {
4288 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553422);
4290 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), 0x69553420);
4293 crystalcap = sc->rom.r88e_rom.crystalcap;
4294 if (crystalcap == 0xff)
4297 reg = urtwn_bb_read(sc, R92C_AFE_XTAL_CTRL);
4298 urtwn_bb_write(sc, R92C_AFE_XTAL_CTRL,
4299 RW(reg, R92C_AFE_XTAL_CTRL_ADDR,
4300 crystalcap | crystalcap << 6));
4302 if (urtwn_bb_read(sc, R92C_HSSI_PARAM2(0)) &
4303 R92C_HSSI_PARAM2_CCK_HIPWR)
4304 sc->sc_flags |= URTWN_FLAG_CCK_HIPWR;
4309 urtwn_rf_init(struct urtwn_softc *sc)
4311 const struct urtwn_rf_prog *prog;
4315 /* Select RF programming based on board type. */
4316 if (sc->chip & URTWN_CHIP_88E)
4317 prog = rtl8188eu_rf_prog;
4318 else if (!(sc->chip & URTWN_CHIP_92C)) {
4319 if (sc->board_type == R92C_BOARD_TYPE_MINICARD)
4320 prog = rtl8188ce_rf_prog;
4321 else if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4322 prog = rtl8188ru_rf_prog;
4324 prog = rtl8188cu_rf_prog;
4326 prog = rtl8192ce_rf_prog;
4328 for (i = 0; i < sc->nrxchains; i++) {
4329 /* Save RF_ENV control type. */
4332 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx));
4333 type = (reg >> off) & 0x10;
4335 /* Set RF_ENV enable. */
4336 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i));
4338 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg);
4340 /* Set RF_ENV output high. */
4341 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACEOE(i));
4343 urtwn_bb_write(sc, R92C_FPGA0_RFIFACEOE(i), reg);
4345 /* Set address and data lengths of RF registers. */
4346 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i));
4347 reg &= ~R92C_HSSI_PARAM2_ADDR_LENGTH;
4348 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg);
4350 reg = urtwn_bb_read(sc, R92C_HSSI_PARAM2(i));
4351 reg &= ~R92C_HSSI_PARAM2_DATA_LENGTH;
4352 urtwn_bb_write(sc, R92C_HSSI_PARAM2(i), reg);
4355 /* Write RF initialization values for this chain. */
4356 for (j = 0; j < prog[i].count; j++) {
4357 if (prog[i].regs[j] >= 0xf9 &&
4358 prog[i].regs[j] <= 0xfe) {
4360 * These are fake RF registers offsets that
4361 * indicate a delay is required.
4363 usb_pause_mtx(&sc->sc_mtx, hz / 20); /* 50ms */
4366 urtwn_rf_write(sc, i, prog[i].regs[j],
4371 /* Restore RF_ENV control type. */
4372 reg = urtwn_bb_read(sc, R92C_FPGA0_RFIFACESW(idx));
4373 reg &= ~(0x10 << off) | (type << off);
4374 urtwn_bb_write(sc, R92C_FPGA0_RFIFACESW(idx), reg);
4376 /* Cache RF register CHNLBW. */
4377 sc->rf_chnlbw[i] = urtwn_rf_read(sc, i, R92C_RF_CHNLBW);
4380 if ((sc->chip & (URTWN_CHIP_UMC_A_CUT | URTWN_CHIP_92C)) ==
4381 URTWN_CHIP_UMC_A_CUT) {
4382 urtwn_rf_write(sc, 0, R92C_RF_RX_G1, 0x30255);
4383 urtwn_rf_write(sc, 0, R92C_RF_RX_G2, 0x50a00);
4388 urtwn_cam_init(struct urtwn_softc *sc)
4390 /* Invalidate all CAM entries. */
4391 urtwn_write_4(sc, R92C_CAMCMD,
4392 R92C_CAMCMD_POLLING | R92C_CAMCMD_CLR);
4396 urtwn_cam_write(struct urtwn_softc *sc, uint32_t addr, uint32_t data)
4400 error = urtwn_write_4(sc, R92C_CAMWRITE, data);
4401 if (error != USB_ERR_NORMAL_COMPLETION)
4403 error = urtwn_write_4(sc, R92C_CAMCMD,
4404 R92C_CAMCMD_POLLING | R92C_CAMCMD_WRITE |
4405 SM(R92C_CAMCMD_ADDR, addr));
4406 if (error != USB_ERR_NORMAL_COMPLETION)
4413 urtwn_pa_bias_init(struct urtwn_softc *sc)
4418 for (i = 0; i < sc->nrxchains; i++) {
4419 if (sc->pa_setting & (1 << i))
4421 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x0f406);
4422 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x4f406);
4423 urtwn_rf_write(sc, i, R92C_RF_IPA, 0x8f406);
4424 urtwn_rf_write(sc, i, R92C_RF_IPA, 0xcf406);
4426 if (!(sc->pa_setting & 0x10)) {
4427 reg = urtwn_read_1(sc, 0x16);
4428 reg = (reg & ~0xf0) | 0x90;
4429 urtwn_write_1(sc, 0x16, reg);
4434 urtwn_rxfilter_init(struct urtwn_softc *sc)
4436 struct ieee80211com *ic = &sc->sc_ic;
4437 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4441 URTWN_ASSERT_LOCKED(sc);
4443 /* Setup multicast filter. */
4444 urtwn_set_multi(sc);
4446 /* Filter for management frames. */
4448 switch (vap->iv_opmode) {
4449 case IEEE80211_M_STA:
4451 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_REQ) |
4452 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_REQ) |
4453 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_PROBE_REQ));
4455 case IEEE80211_M_HOSTAP:
4457 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_ASSOC_RESP) |
4458 R92C_RXFLTMAP_SUBTYPE(IEEE80211_FC0_SUBTYPE_REASSOC_RESP));
4460 case IEEE80211_M_MONITOR:
4461 case IEEE80211_M_IBSS:
4464 device_printf(sc->sc_dev, "%s: undefined opmode %d\n",
4465 __func__, vap->iv_opmode);
4468 urtwn_write_2(sc, R92C_RXFLTMAP0, filter);
4470 /* Reject all control frames. */
4471 urtwn_write_2(sc, R92C_RXFLTMAP1, 0x0000);
4473 /* Reject all data frames. */
4474 urtwn_write_2(sc, R92C_RXFLTMAP2, 0x0000);
4476 rcr = R92C_RCR_AM | R92C_RCR_AB | R92C_RCR_APM |
4477 R92C_RCR_HTC_LOC_CTRL | R92C_RCR_APP_PHYSTS |
4478 R92C_RCR_APP_ICV | R92C_RCR_APP_MIC;
4480 if (vap->iv_opmode == IEEE80211_M_MONITOR) {
4481 /* Accept all frames. */
4482 rcr |= R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF |
4486 /* Set Rx filter. */
4487 urtwn_write_4(sc, R92C_RCR, rcr);
4489 if (ic->ic_promisc != 0) {
4490 /* Update Rx filter. */
4491 urtwn_set_promisc(sc);
4496 urtwn_edca_init(struct urtwn_softc *sc)
4498 urtwn_write_2(sc, R92C_SPEC_SIFS, 0x100a);
4499 urtwn_write_2(sc, R92C_MAC_SPEC_SIFS, 0x100a);
4500 urtwn_write_2(sc, R92C_SIFS_CCK, 0x100a);
4501 urtwn_write_2(sc, R92C_SIFS_OFDM, 0x100a);
4502 urtwn_write_4(sc, R92C_EDCA_BE_PARAM, 0x005ea42b);
4503 urtwn_write_4(sc, R92C_EDCA_BK_PARAM, 0x0000a44f);
4504 urtwn_write_4(sc, R92C_EDCA_VI_PARAM, 0x005ea324);
4505 urtwn_write_4(sc, R92C_EDCA_VO_PARAM, 0x002fa226);
4509 urtwn_write_txpower(struct urtwn_softc *sc, int chain,
4510 uint16_t power[URTWN_RIDX_COUNT])
4514 /* Write per-CCK rate Tx power. */
4516 reg = urtwn_bb_read(sc, R92C_TXAGC_A_CCK1_MCS32);
4517 reg = RW(reg, R92C_TXAGC_A_CCK1, power[0]);
4518 urtwn_bb_write(sc, R92C_TXAGC_A_CCK1_MCS32, reg);
4519 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11);
4520 reg = RW(reg, R92C_TXAGC_A_CCK2, power[1]);
4521 reg = RW(reg, R92C_TXAGC_A_CCK55, power[2]);
4522 reg = RW(reg, R92C_TXAGC_A_CCK11, power[3]);
4523 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg);
4525 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK1_55_MCS32);
4526 reg = RW(reg, R92C_TXAGC_B_CCK1, power[0]);
4527 reg = RW(reg, R92C_TXAGC_B_CCK2, power[1]);
4528 reg = RW(reg, R92C_TXAGC_B_CCK55, power[2]);
4529 urtwn_bb_write(sc, R92C_TXAGC_B_CCK1_55_MCS32, reg);
4530 reg = urtwn_bb_read(sc, R92C_TXAGC_B_CCK11_A_CCK2_11);
4531 reg = RW(reg, R92C_TXAGC_B_CCK11, power[3]);
4532 urtwn_bb_write(sc, R92C_TXAGC_B_CCK11_A_CCK2_11, reg);
4534 /* Write per-OFDM rate Tx power. */
4535 urtwn_bb_write(sc, R92C_TXAGC_RATE18_06(chain),
4536 SM(R92C_TXAGC_RATE06, power[ 4]) |
4537 SM(R92C_TXAGC_RATE09, power[ 5]) |
4538 SM(R92C_TXAGC_RATE12, power[ 6]) |
4539 SM(R92C_TXAGC_RATE18, power[ 7]));
4540 urtwn_bb_write(sc, R92C_TXAGC_RATE54_24(chain),
4541 SM(R92C_TXAGC_RATE24, power[ 8]) |
4542 SM(R92C_TXAGC_RATE36, power[ 9]) |
4543 SM(R92C_TXAGC_RATE48, power[10]) |
4544 SM(R92C_TXAGC_RATE54, power[11]));
4545 /* Write per-MCS Tx power. */
4546 urtwn_bb_write(sc, R92C_TXAGC_MCS03_MCS00(chain),
4547 SM(R92C_TXAGC_MCS00, power[12]) |
4548 SM(R92C_TXAGC_MCS01, power[13]) |
4549 SM(R92C_TXAGC_MCS02, power[14]) |
4550 SM(R92C_TXAGC_MCS03, power[15]));
4551 urtwn_bb_write(sc, R92C_TXAGC_MCS07_MCS04(chain),
4552 SM(R92C_TXAGC_MCS04, power[16]) |
4553 SM(R92C_TXAGC_MCS05, power[17]) |
4554 SM(R92C_TXAGC_MCS06, power[18]) |
4555 SM(R92C_TXAGC_MCS07, power[19]));
4556 urtwn_bb_write(sc, R92C_TXAGC_MCS11_MCS08(chain),
4557 SM(R92C_TXAGC_MCS08, power[20]) |
4558 SM(R92C_TXAGC_MCS09, power[21]) |
4559 SM(R92C_TXAGC_MCS10, power[22]) |
4560 SM(R92C_TXAGC_MCS11, power[23]));
4561 urtwn_bb_write(sc, R92C_TXAGC_MCS15_MCS12(chain),
4562 SM(R92C_TXAGC_MCS12, power[24]) |
4563 SM(R92C_TXAGC_MCS13, power[25]) |
4564 SM(R92C_TXAGC_MCS14, power[26]) |
4565 SM(R92C_TXAGC_MCS15, power[27]));
4569 urtwn_get_txpower(struct urtwn_softc *sc, int chain,
4570 struct ieee80211_channel *c, struct ieee80211_channel *extc,
4571 uint16_t power[URTWN_RIDX_COUNT])
4573 struct ieee80211com *ic = &sc->sc_ic;
4574 struct r92c_rom *rom = &sc->rom.r92c_rom;
4575 uint16_t cckpow, ofdmpow, htpow, diff, max;
4576 const struct urtwn_txpwr *base;
4577 int ridx, chan, group;
4579 /* Determine channel group. */
4580 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
4588 /* Get original Tx power based on board type and RF chain. */
4589 if (!(sc->chip & URTWN_CHIP_92C)) {
4590 if (sc->board_type == R92C_BOARD_TYPE_HIGHPA)
4591 base = &rtl8188ru_txagc[chain];
4593 base = &rtl8192cu_txagc[chain];
4595 base = &rtl8192cu_txagc[chain];
4597 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0]));
4598 if (sc->regulatory == 0) {
4599 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++)
4600 power[ridx] = base->pwr[0][ridx];
4602 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) {
4603 if (sc->regulatory == 3) {
4604 power[ridx] = base->pwr[0][ridx];
4605 /* Apply vendor limits. */
4607 max = rom->ht40_max_pwr[group];
4609 max = rom->ht20_max_pwr[group];
4610 max = (max >> (chain * 4)) & 0xf;
4611 if (power[ridx] > max)
4613 } else if (sc->regulatory == 1) {
4615 power[ridx] = base->pwr[group][ridx];
4616 } else if (sc->regulatory != 2)
4617 power[ridx] = base->pwr[0][ridx];
4620 /* Compute per-CCK rate Tx power. */
4621 cckpow = rom->cck_tx_pwr[chain][group];
4622 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) {
4623 power[ridx] += cckpow;
4624 if (power[ridx] > R92C_MAX_TX_PWR)
4625 power[ridx] = R92C_MAX_TX_PWR;
4628 htpow = rom->ht40_1s_tx_pwr[chain][group];
4629 if (sc->ntxchains > 1) {
4630 /* Apply reduction for 2 spatial streams. */
4631 diff = rom->ht40_2s_tx_pwr_diff[group];
4632 diff = (diff >> (chain * 4)) & 0xf;
4633 htpow = (htpow > diff) ? htpow - diff : 0;
4636 /* Compute per-OFDM rate Tx power. */
4637 diff = rom->ofdm_tx_pwr_diff[group];
4638 diff = (diff >> (chain * 4)) & 0xf;
4639 ofdmpow = htpow + diff; /* HT->OFDM correction. */
4640 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) {
4641 power[ridx] += ofdmpow;
4642 if (power[ridx] > R92C_MAX_TX_PWR)
4643 power[ridx] = R92C_MAX_TX_PWR;
4646 /* Compute per-MCS Tx power. */
4648 diff = rom->ht20_tx_pwr_diff[group];
4649 diff = (diff >> (chain * 4)) & 0xf;
4650 htpow += diff; /* HT40->HT20 correction. */
4652 for (ridx = 12; ridx <= 27; ridx++) {
4653 power[ridx] += htpow;
4654 if (power[ridx] > R92C_MAX_TX_PWR)
4655 power[ridx] = R92C_MAX_TX_PWR;
4658 if (sc->sc_debug & URTWN_DEBUG_TXPWR) {
4659 /* Dump per-rate Tx power values. */
4660 printf("Tx power for chain %d:\n", chain);
4661 for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++)
4662 printf("Rate %d = %u\n", ridx, power[ridx]);
4668 urtwn_r88e_get_txpower(struct urtwn_softc *sc, int chain,
4669 struct ieee80211_channel *c, struct ieee80211_channel *extc,
4670 uint16_t power[URTWN_RIDX_COUNT])
4672 struct ieee80211com *ic = &sc->sc_ic;
4673 struct r88e_rom *rom = &sc->rom.r88e_rom;
4674 uint16_t cckpow, ofdmpow, bw20pow, htpow;
4675 const struct urtwn_r88e_txpwr *base;
4676 int ridx, chan, group;
4678 /* Determine channel group. */
4679 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
4686 else if (chan <= 11)
4688 else if (chan <= 13)
4693 /* Get original Tx power based on board type and RF chain. */
4694 base = &rtl8188eu_txagc[chain];
4696 memset(power, 0, URTWN_RIDX_COUNT * sizeof(power[0]));
4697 if (sc->regulatory == 0) {
4698 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++)
4699 power[ridx] = base->pwr[0][ridx];
4701 for (ridx = URTWN_RIDX_OFDM6; ridx < URTWN_RIDX_COUNT; ridx++) {
4702 if (sc->regulatory == 3)
4703 power[ridx] = base->pwr[0][ridx];
4704 else if (sc->regulatory == 1) {
4706 power[ridx] = base->pwr[group][ridx];
4707 } else if (sc->regulatory != 2)
4708 power[ridx] = base->pwr[0][ridx];
4711 /* Compute per-CCK rate Tx power. */
4712 cckpow = rom->cck_tx_pwr[group];
4713 for (ridx = URTWN_RIDX_CCK1; ridx <= URTWN_RIDX_CCK11; ridx++) {
4714 power[ridx] += cckpow;
4715 if (power[ridx] > R92C_MAX_TX_PWR)
4716 power[ridx] = R92C_MAX_TX_PWR;
4719 htpow = rom->ht40_tx_pwr[group];
4721 /* Compute per-OFDM rate Tx power. */
4722 ofdmpow = htpow + sc->ofdm_tx_pwr_diff;
4723 for (ridx = URTWN_RIDX_OFDM6; ridx <= URTWN_RIDX_OFDM54; ridx++) {
4724 power[ridx] += ofdmpow;
4725 if (power[ridx] > R92C_MAX_TX_PWR)
4726 power[ridx] = R92C_MAX_TX_PWR;
4729 bw20pow = htpow + sc->bw20_tx_pwr_diff;
4730 for (ridx = 12; ridx <= 27; ridx++) {
4731 power[ridx] += bw20pow;
4732 if (power[ridx] > R92C_MAX_TX_PWR)
4733 power[ridx] = R92C_MAX_TX_PWR;
4738 urtwn_set_txpower(struct urtwn_softc *sc, struct ieee80211_channel *c,
4739 struct ieee80211_channel *extc)
4741 uint16_t power[URTWN_RIDX_COUNT];
4744 for (i = 0; i < sc->ntxchains; i++) {
4745 /* Compute per-rate Tx power values. */
4746 if (sc->chip & URTWN_CHIP_88E)
4747 urtwn_r88e_get_txpower(sc, i, c, extc, power);
4749 urtwn_get_txpower(sc, i, c, extc, power);
4750 /* Write per-rate Tx power values to hardware. */
4751 urtwn_write_txpower(sc, i, power);
4756 urtwn_set_rx_bssid_all(struct urtwn_softc *sc, int enable)
4760 reg = urtwn_read_4(sc, R92C_RCR);
4762 reg &= ~R92C_RCR_CBSSID_BCN;
4764 reg |= R92C_RCR_CBSSID_BCN;
4765 urtwn_write_4(sc, R92C_RCR, reg);
4769 urtwn_set_gain(struct urtwn_softc *sc, uint8_t gain)
4773 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(0));
4774 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain);
4775 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(0), reg);
4777 if (!(sc->chip & URTWN_CHIP_88E)) {
4778 reg = urtwn_bb_read(sc, R92C_OFDM0_AGCCORE1(1));
4779 reg = RW(reg, R92C_OFDM0_AGCCORE1_GAIN, gain);
4780 urtwn_bb_write(sc, R92C_OFDM0_AGCCORE1(1), reg);
4785 urtwn_scan_start(struct ieee80211com *ic)
4787 struct urtwn_softc *sc = ic->ic_softc;
4790 /* Receive beacons / probe responses from any BSSID. */
4791 if (ic->ic_opmode != IEEE80211_M_IBSS &&
4792 ic->ic_opmode != IEEE80211_M_HOSTAP)
4793 urtwn_set_rx_bssid_all(sc, 1);
4795 /* Set gain for scanning. */
4796 urtwn_set_gain(sc, 0x20);
4801 urtwn_scan_end(struct ieee80211com *ic)
4803 struct urtwn_softc *sc = ic->ic_softc;
4806 /* Restore limitations. */
4807 if (ic->ic_promisc == 0 &&
4808 ic->ic_opmode != IEEE80211_M_IBSS &&
4809 ic->ic_opmode != IEEE80211_M_HOSTAP)
4810 urtwn_set_rx_bssid_all(sc, 0);
4812 /* Set gain under link. */
4813 urtwn_set_gain(sc, 0x32);
4818 urtwn_getradiocaps(struct ieee80211com *ic,
4819 int maxchans, int *nchans, struct ieee80211_channel chans[])
4821 uint8_t bands[IEEE80211_MODE_BYTES];
4823 memset(bands, 0, sizeof(bands));
4824 setbit(bands, IEEE80211_MODE_11B);
4825 setbit(bands, IEEE80211_MODE_11G);
4826 if (urtwn_enable_11n)
4827 setbit(bands, IEEE80211_MODE_11NG);
4828 ieee80211_add_channels_default_2ghz(chans, maxchans, nchans, bands, 0);
4832 urtwn_set_channel(struct ieee80211com *ic)
4834 struct urtwn_softc *sc = ic->ic_softc;
4835 struct ieee80211_channel *c = ic->ic_curchan;
4836 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4839 if (vap->iv_state == IEEE80211_S_SCAN) {
4840 /* Make link LED blink during scan. */
4841 urtwn_set_led(sc, URTWN_LED_LINK, !sc->ledlink);
4843 urtwn_set_chan(sc, c, NULL);
4848 urtwn_wme_update(struct ieee80211com *ic)
4850 const struct wmeParams *wmep =
4851 ic->ic_wme.wme_chanParams.cap_wmeParams;
4852 struct urtwn_softc *sc = ic->ic_softc;
4853 uint8_t aifs, acm, slottime;
4857 slottime = IEEE80211_GET_SLOTTIME(ic);
4860 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
4861 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
4862 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS;
4863 urtwn_write_4(sc, wme2queue[ac].reg,
4864 SM(R92C_EDCA_PARAM_TXOP, wmep[ac].wmep_txopLimit) |
4865 SM(R92C_EDCA_PARAM_ECWMIN, wmep[ac].wmep_logcwmin) |
4866 SM(R92C_EDCA_PARAM_ECWMAX, wmep[ac].wmep_logcwmax) |
4867 SM(R92C_EDCA_PARAM_AIFS, aifs));
4868 if (ac != WME_AC_BE)
4869 acm |= wmep[ac].wmep_acm << ac;
4873 acm |= R92C_ACMHWCTRL_EN;
4874 urtwn_write_1(sc, R92C_ACMHWCTRL,
4875 (urtwn_read_1(sc, R92C_ACMHWCTRL) & ~R92C_ACMHWCTRL_ACM_MASK) |
4884 urtwn_update_slot(struct ieee80211com *ic)
4886 urtwn_cmd_sleepable(ic->ic_softc, NULL, 0, urtwn_update_slot_cb);
4890 urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data)
4892 struct ieee80211com *ic = &sc->sc_ic;
4895 slottime = IEEE80211_GET_SLOTTIME(ic);
4897 URTWN_DPRINTF(sc, URTWN_DEBUG_ANY, "%s: setting slot time to %uus\n",
4898 __func__, slottime);
4900 urtwn_write_1(sc, R92C_SLOT, slottime);
4901 urtwn_update_aifs(sc, slottime);
4905 urtwn_update_aifs(struct urtwn_softc *sc, uint8_t slottime)
4907 const struct wmeParams *wmep =
4908 sc->sc_ic.ic_wme.wme_chanParams.cap_wmeParams;
4911 for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
4912 /* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
4913 aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS;
4914 urtwn_write_1(sc, wme2queue[ac].reg, aifs);
4919 urtwn_get_multi_pos(const uint8_t maddr[])
4921 uint64_t mask = 0x00004d101df481b4;
4922 uint8_t pos = 0x27; /* initial value */
4925 for (i = 0; i < IEEE80211_ADDR_LEN; i++)
4926 for (j = (i == 0) ? 1 : 0; j < 8; j++)
4927 if ((maddr[i] >> j) & 1)
4928 pos ^= (mask >> (i * 8 + j - 1));
4936 urtwn_set_multi(struct urtwn_softc *sc)
4938 struct ieee80211com *ic = &sc->sc_ic;
4941 URTWN_ASSERT_LOCKED(sc);
4943 /* general structure was copied from ath(4). */
4944 if (ic->ic_allmulti == 0) {
4945 struct ieee80211vap *vap;
4947 struct ifmultiaddr *ifma;
4950 * Merge multicast addresses to form the hardware filter.
4952 mfilt[0] = mfilt[1] = 0;
4953 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) {
4955 if_maddr_rlock(ifp);
4956 TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
4960 dl = LLADDR((struct sockaddr_dl *)
4962 pos = urtwn_get_multi_pos(dl);
4964 mfilt[pos / 32] |= (1 << (pos % 32));
4966 if_maddr_runlock(ifp);
4969 mfilt[0] = mfilt[1] = ~0;
4972 urtwn_write_4(sc, R92C_MAR + 0, mfilt[0]);
4973 urtwn_write_4(sc, R92C_MAR + 4, mfilt[1]);
4975 URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s: MC filter %08x:%08x\n",
4976 __func__, mfilt[0], mfilt[1]);
4980 urtwn_set_promisc(struct urtwn_softc *sc)
4982 struct ieee80211com *ic = &sc->sc_ic;
4983 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4984 uint32_t rcr, mask1, mask2;
4986 URTWN_ASSERT_LOCKED(sc);
4988 if (vap->iv_opmode == IEEE80211_M_MONITOR)
4991 mask1 = R92C_RCR_ACF | R92C_RCR_ADF | R92C_RCR_AMF | R92C_RCR_AAP;
4992 mask2 = R92C_RCR_APM;
4994 if (vap->iv_state == IEEE80211_S_RUN) {
4995 switch (vap->iv_opmode) {
4996 case IEEE80211_M_STA:
4997 mask2 |= R92C_RCR_CBSSID_BCN;
4999 case IEEE80211_M_IBSS:
5000 mask2 |= R92C_RCR_CBSSID_DATA;
5002 case IEEE80211_M_HOSTAP:
5005 device_printf(sc->sc_dev, "%s: undefined opmode %d\n",
5006 __func__, vap->iv_opmode);
5011 rcr = urtwn_read_4(sc, R92C_RCR);
5012 if (ic->ic_promisc == 0)
5013 rcr = (rcr & ~mask1) | mask2;
5015 rcr = (rcr & ~mask2) | mask1;
5016 urtwn_write_4(sc, R92C_RCR, rcr);
5020 urtwn_update_promisc(struct ieee80211com *ic)
5022 struct urtwn_softc *sc = ic->ic_softc;
5025 if (sc->sc_flags & URTWN_RUNNING)
5026 urtwn_set_promisc(sc);
5031 urtwn_update_mcast(struct ieee80211com *ic)
5033 struct urtwn_softc *sc = ic->ic_softc;
5036 if (sc->sc_flags & URTWN_RUNNING)
5037 urtwn_set_multi(sc);
5041 static struct ieee80211_node *
5042 urtwn_node_alloc(struct ieee80211vap *vap,
5043 const uint8_t mac[IEEE80211_ADDR_LEN])
5045 struct urtwn_node *un;
5047 un = malloc(sizeof (struct urtwn_node), M_80211_NODE,
5053 un->id = URTWN_MACID_UNDEFINED;
5059 urtwn_newassoc(struct ieee80211_node *ni, int isnew)
5061 struct urtwn_softc *sc = ni->ni_ic->ic_softc;
5062 struct urtwn_node *un = URTWN_NODE(ni);
5065 /* Only do this bit for R88E chips */
5066 if (! (sc->chip & URTWN_CHIP_88E))
5073 for (id = 0; id <= URTWN_MACID_MAX(sc); id++) {
5074 if (id != URTWN_MACID_BC && sc->node_list[id] == NULL) {
5076 sc->node_list[id] = ni;
5080 URTWN_NT_UNLOCK(sc);
5082 if (id > URTWN_MACID_MAX(sc)) {
5083 device_printf(sc->sc_dev, "%s: node table is full\n",
5089 urtwn_node_free(struct ieee80211_node *ni)
5091 struct urtwn_softc *sc = ni->ni_ic->ic_softc;
5092 struct urtwn_node *un = URTWN_NODE(ni);
5095 if (un->id != URTWN_MACID_UNDEFINED)
5096 sc->node_list[un->id] = NULL;
5097 URTWN_NT_UNLOCK(sc);
5099 sc->sc_node_free(ni);
5103 urtwn_set_chan(struct urtwn_softc *sc, struct ieee80211_channel *c,
5104 struct ieee80211_channel *extc)
5106 struct ieee80211com *ic = &sc->sc_ic;
5111 chan = ieee80211_chan2ieee(ic, c); /* XXX center freq! */
5112 if (chan == 0 || chan == IEEE80211_CHAN_ANY) {
5113 device_printf(sc->sc_dev,
5114 "%s: invalid channel %x\n", __func__, chan);
5118 /* Set Tx power for this new channel. */
5119 urtwn_set_txpower(sc, c, extc);
5121 for (i = 0; i < sc->nrxchains; i++) {
5122 urtwn_rf_write(sc, i, R92C_RF_CHNLBW,
5123 RW(sc->rf_chnlbw[i], R92C_RF_CHNLBW_CHNL, chan));
5125 #ifndef IEEE80211_NO_HT
5127 /* Is secondary channel below or above primary? */
5128 int prichlo = c->ic_freq < extc->ic_freq;
5130 urtwn_write_1(sc, R92C_BWOPMODE,
5131 urtwn_read_1(sc, R92C_BWOPMODE) & ~R92C_BWOPMODE_20MHZ);
5133 reg = urtwn_read_1(sc, R92C_RRSR + 2);
5134 reg = (reg & ~0x6f) | (prichlo ? 1 : 2) << 5;
5135 urtwn_write_1(sc, R92C_RRSR + 2, reg);
5137 urtwn_bb_write(sc, R92C_FPGA0_RFMOD,
5138 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) | R92C_RFMOD_40MHZ);
5139 urtwn_bb_write(sc, R92C_FPGA1_RFMOD,
5140 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) | R92C_RFMOD_40MHZ);
5142 /* Set CCK side band. */
5143 reg = urtwn_bb_read(sc, R92C_CCK0_SYSTEM);
5144 reg = (reg & ~0x00000010) | (prichlo ? 0 : 1) << 4;
5145 urtwn_bb_write(sc, R92C_CCK0_SYSTEM, reg);
5147 reg = urtwn_bb_read(sc, R92C_OFDM1_LSTF);
5148 reg = (reg & ~0x00000c00) | (prichlo ? 1 : 2) << 10;
5149 urtwn_bb_write(sc, R92C_OFDM1_LSTF, reg);
5151 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2,
5152 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) &
5153 ~R92C_FPGA0_ANAPARAM2_CBW20);
5155 reg = urtwn_bb_read(sc, 0x818);
5156 reg = (reg & ~0x0c000000) | (prichlo ? 2 : 1) << 26;
5157 urtwn_bb_write(sc, 0x818, reg);
5159 /* Select 40MHz bandwidth. */
5160 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5161 (sc->rf_chnlbw[0] & ~0xfff) | chan);
5165 urtwn_write_1(sc, R92C_BWOPMODE,
5166 urtwn_read_1(sc, R92C_BWOPMODE) | R92C_BWOPMODE_20MHZ);
5168 urtwn_bb_write(sc, R92C_FPGA0_RFMOD,
5169 urtwn_bb_read(sc, R92C_FPGA0_RFMOD) & ~R92C_RFMOD_40MHZ);
5170 urtwn_bb_write(sc, R92C_FPGA1_RFMOD,
5171 urtwn_bb_read(sc, R92C_FPGA1_RFMOD) & ~R92C_RFMOD_40MHZ);
5173 if (!(sc->chip & URTWN_CHIP_88E)) {
5174 urtwn_bb_write(sc, R92C_FPGA0_ANAPARAM2,
5175 urtwn_bb_read(sc, R92C_FPGA0_ANAPARAM2) |
5176 R92C_FPGA0_ANAPARAM2_CBW20);
5179 /* Select 20MHz bandwidth. */
5180 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5181 (sc->rf_chnlbw[0] & ~0xfff) | chan |
5182 ((sc->chip & URTWN_CHIP_88E) ? R88E_RF_CHNLBW_BW20 :
5183 R92C_RF_CHNLBW_BW20));
5188 urtwn_iq_calib(struct urtwn_softc *sc)
5194 urtwn_lc_calib(struct urtwn_softc *sc)
5200 txmode = urtwn_read_1(sc, R92C_OFDM1_LSTF + 3);
5201 if ((txmode & 0x70) != 0) {
5202 /* Disable all continuous Tx. */
5203 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode & ~0x70);
5205 /* Set RF mode to standby mode. */
5206 for (i = 0; i < sc->nrxchains; i++) {
5207 rf_ac[i] = urtwn_rf_read(sc, i, R92C_RF_AC);
5208 urtwn_rf_write(sc, i, R92C_RF_AC,
5209 RW(rf_ac[i], R92C_RF_AC_MODE,
5210 R92C_RF_AC_MODE_STANDBY));
5213 /* Block all Tx queues. */
5214 urtwn_write_1(sc, R92C_TXPAUSE, R92C_TX_QUEUE_ALL);
5216 /* Start calibration. */
5217 urtwn_rf_write(sc, 0, R92C_RF_CHNLBW,
5218 urtwn_rf_read(sc, 0, R92C_RF_CHNLBW) | R92C_RF_CHNLBW_LCSTART);
5220 /* Give calibration the time to complete. */
5221 usb_pause_mtx(&sc->sc_mtx, hz / 10); /* 100ms */
5223 /* Restore configuration. */
5224 if ((txmode & 0x70) != 0) {
5225 /* Restore Tx mode. */
5226 urtwn_write_1(sc, R92C_OFDM1_LSTF + 3, txmode);
5227 /* Restore RF mode. */
5228 for (i = 0; i < sc->nrxchains; i++)
5229 urtwn_rf_write(sc, i, R92C_RF_AC, rf_ac[i]);
5231 /* Unblock all Tx queues. */
5232 urtwn_write_1(sc, R92C_TXPAUSE, 0x00);
5237 urtwn_temp_calib(struct urtwn_softc *sc)
5241 URTWN_ASSERT_LOCKED(sc);
5243 if (!(sc->sc_flags & URTWN_TEMP_MEASURED)) {
5244 /* Start measuring temperature. */
5245 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5246 "%s: start measuring temperature\n", __func__);
5247 if (sc->chip & URTWN_CHIP_88E) {
5248 urtwn_rf_write(sc, 0, R88E_RF_T_METER,
5249 R88E_RF_T_METER_START);
5251 urtwn_rf_write(sc, 0, R92C_RF_T_METER,
5252 R92C_RF_T_METER_START);
5254 sc->sc_flags |= URTWN_TEMP_MEASURED;
5257 sc->sc_flags &= ~URTWN_TEMP_MEASURED;
5259 /* Read measured temperature. */
5260 if (sc->chip & URTWN_CHIP_88E) {
5261 temp = MS(urtwn_rf_read(sc, 0, R88E_RF_T_METER),
5262 R88E_RF_T_METER_VAL);
5264 temp = MS(urtwn_rf_read(sc, 0, R92C_RF_T_METER),
5265 R92C_RF_T_METER_VAL);
5267 if (temp == 0) { /* Read failed, skip. */
5268 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5269 "%s: temperature read failed, skipping\n", __func__);
5273 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5274 "%s: temperature: previous %u, current %u\n",
5275 __func__, sc->thcal_lctemp, temp);
5278 * Redo LC calibration if temperature changed significantly since
5281 if (sc->thcal_lctemp == 0) {
5282 /* First LC calibration is performed in urtwn_init(). */
5283 sc->thcal_lctemp = temp;
5284 } else if (abs(temp - sc->thcal_lctemp) > 1) {
5285 URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
5286 "%s: LC calib triggered by temp: %u -> %u\n",
5287 __func__, sc->thcal_lctemp, temp);
5289 /* Record temperature of last LC calibration. */
5290 sc->thcal_lctemp = temp;
5295 urtwn_setup_static_keys(struct urtwn_softc *sc, struct urtwn_vap *uvp)
5299 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
5300 const struct ieee80211_key *k = uvp->keys[i];
5302 urtwn_cmd_sleepable(sc, k, sizeof(*k),
5309 urtwn_init(struct urtwn_softc *sc)
5311 struct ieee80211com *ic = &sc->sc_ic;
5312 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
5313 uint8_t macaddr[IEEE80211_ADDR_LEN];
5315 usb_error_t usb_err = USB_ERR_NORMAL_COMPLETION;
5319 if (sc->sc_flags & URTWN_RUNNING) {
5324 /* Init firmware commands ring. */
5327 /* Allocate Tx/Rx buffers. */
5328 error = urtwn_alloc_rx_list(sc);
5332 error = urtwn_alloc_tx_list(sc);
5336 /* Power on adapter. */
5337 error = urtwn_power_on(sc);
5341 /* Initialize DMA. */
5342 error = urtwn_dma_init(sc);
5346 /* Set info size in Rx descriptors (in 64-bit words). */
5347 urtwn_write_1(sc, R92C_RX_DRVINFO_SZ, 4);
5349 /* Init interrupts. */
5350 if (sc->chip & URTWN_CHIP_88E) {
5351 usb_err = urtwn_write_4(sc, R88E_HISR, 0xffffffff);
5352 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5354 usb_err = urtwn_write_4(sc, R88E_HIMR, R88E_HIMR_CPWM | R88E_HIMR_CPWM2 |
5355 R88E_HIMR_TBDER | R88E_HIMR_PSTIMEOUT);
5356 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5358 usb_err = urtwn_write_4(sc, R88E_HIMRE, R88E_HIMRE_RXFOVW |
5359 R88E_HIMRE_TXFOVW | R88E_HIMRE_RXERR | R88E_HIMRE_TXERR);
5360 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5362 usb_err = urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION,
5363 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) |
5364 R92C_USB_SPECIAL_OPTION_INT_BULK_SEL);
5365 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5368 usb_err = urtwn_write_4(sc, R92C_HISR, 0xffffffff);
5369 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5371 usb_err = urtwn_write_4(sc, R92C_HIMR, 0xffffffff);
5372 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5376 /* Set MAC address. */
5377 IEEE80211_ADDR_COPY(macaddr, vap ? vap->iv_myaddr : ic->ic_macaddr);
5378 usb_err = urtwn_write_region_1(sc, R92C_MACID, macaddr, IEEE80211_ADDR_LEN);
5379 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5382 /* Set initial network type. */
5383 urtwn_set_mode(sc, R92C_MSR_INFRA);
5385 /* Initialize Rx filter. */
5386 urtwn_rxfilter_init(sc);
5388 /* Set response rate. */
5389 reg = urtwn_read_4(sc, R92C_RRSR);
5390 reg = RW(reg, R92C_RRSR_RATE_BITMAP, R92C_RRSR_RATE_CCK_ONLY_1M);
5391 urtwn_write_4(sc, R92C_RRSR, reg);
5393 /* Set short/long retry limits. */
5394 urtwn_write_2(sc, R92C_RL,
5395 SM(R92C_RL_SRL, 0x30) | SM(R92C_RL_LRL, 0x30));
5397 /* Initialize EDCA parameters. */
5398 urtwn_edca_init(sc);
5400 /* Setup rate fallback. */
5401 if (!(sc->chip & URTWN_CHIP_88E)) {
5402 urtwn_write_4(sc, R92C_DARFRC + 0, 0x00000000);
5403 urtwn_write_4(sc, R92C_DARFRC + 4, 0x10080404);
5404 urtwn_write_4(sc, R92C_RARFRC + 0, 0x04030201);
5405 urtwn_write_4(sc, R92C_RARFRC + 4, 0x08070605);
5408 urtwn_write_1(sc, R92C_FWHW_TXQ_CTRL,
5409 urtwn_read_1(sc, R92C_FWHW_TXQ_CTRL) |
5410 R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW);
5411 /* Set ACK timeout. */
5412 urtwn_write_1(sc, R92C_ACKTO, 0x40);
5414 /* Setup USB aggregation. */
5415 reg = urtwn_read_4(sc, R92C_TDECTRL);
5416 reg = RW(reg, R92C_TDECTRL_BLK_DESC_NUM, 6);
5417 urtwn_write_4(sc, R92C_TDECTRL, reg);
5418 urtwn_write_1(sc, R92C_TRXDMA_CTRL,
5419 urtwn_read_1(sc, R92C_TRXDMA_CTRL) |
5420 R92C_TRXDMA_CTRL_RXDMA_AGG_EN);
5421 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH, 48);
5422 if (sc->chip & URTWN_CHIP_88E)
5423 urtwn_write_1(sc, R92C_RXDMA_AGG_PG_TH + 1, 4);
5425 urtwn_write_1(sc, R92C_USB_DMA_AGG_TO, 4);
5426 urtwn_write_1(sc, R92C_USB_SPECIAL_OPTION,
5427 urtwn_read_1(sc, R92C_USB_SPECIAL_OPTION) |
5428 R92C_USB_SPECIAL_OPTION_AGG_EN);
5429 urtwn_write_1(sc, R92C_USB_AGG_TH, 8);
5430 urtwn_write_1(sc, R92C_USB_AGG_TO, 6);
5433 /* Initialize beacon parameters. */
5434 urtwn_write_2(sc, R92C_BCN_CTRL, 0x1010);
5435 urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404);
5436 urtwn_write_1(sc, R92C_DRVERLYINT, 0x05);
5437 urtwn_write_1(sc, R92C_BCNDMATIM, 0x02);
5438 urtwn_write_2(sc, R92C_BCNTCFG, 0x660f);
5440 if (!(sc->chip & URTWN_CHIP_88E)) {
5441 /* Setup AMPDU aggregation. */
5442 urtwn_write_4(sc, R92C_AGGLEN_LMT, 0x99997631); /* MCS7~0 */
5443 urtwn_write_1(sc, R92C_AGGR_BREAK_TIME, 0x16);
5444 urtwn_write_2(sc, R92C_MAX_AGGR_NUM, 0x0708);
5446 urtwn_write_1(sc, R92C_BCN_MAX_ERR, 0xff);
5449 #ifndef URTWN_WITHOUT_UCODE
5450 /* Load 8051 microcode. */
5451 error = urtwn_load_firmware(sc);
5453 sc->sc_flags |= URTWN_FW_LOADED;
5456 /* Initialize MAC/BB/RF blocks. */
5457 error = urtwn_mac_init(sc);
5459 device_printf(sc->sc_dev,
5460 "%s: error while initializing MAC block\n", __func__);
5466 /* Reinitialize Rx filter (D3845 is not committed yet). */
5467 urtwn_rxfilter_init(sc);
5469 if (sc->chip & URTWN_CHIP_88E) {
5470 urtwn_write_2(sc, R92C_CR,
5471 urtwn_read_2(sc, R92C_CR) | R92C_CR_MACTXEN |
5475 /* Turn CCK and OFDM blocks on. */
5476 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD);
5477 reg |= R92C_RFMOD_CCK_EN;
5478 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg);
5479 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5481 reg = urtwn_bb_read(sc, R92C_FPGA0_RFMOD);
5482 reg |= R92C_RFMOD_OFDM_EN;
5483 usb_err = urtwn_bb_write(sc, R92C_FPGA0_RFMOD, reg);
5484 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5487 /* Clear per-station keys table. */
5490 /* Enable decryption / encryption. */
5491 urtwn_write_2(sc, R92C_SECCFG,
5492 R92C_SECCFG_TXUCKEY_DEF | R92C_SECCFG_RXUCKEY_DEF |
5493 R92C_SECCFG_TXENC_ENA | R92C_SECCFG_RXDEC_ENA |
5494 R92C_SECCFG_TXBCKEY_DEF | R92C_SECCFG_RXBCKEY_DEF);
5496 /* Enable hardware sequence numbering. */
5497 urtwn_write_1(sc, R92C_HWSEQ_CTRL, R92C_TX_QUEUE_ALL);
5499 /* Enable per-packet TX report. */
5500 if (sc->chip & URTWN_CHIP_88E) {
5501 urtwn_write_1(sc, R88E_TX_RPT_CTRL,
5502 urtwn_read_1(sc, R88E_TX_RPT_CTRL) | R88E_TX_RPT1_ENA);
5505 if (!(sc->chip & URTWN_CHIP_88E))
5506 urtwn_write_4(sc, R92C_POWER_STATUS, 0x5);
5508 /* Perform LO and IQ calibrations. */
5510 /* Perform LC calibration. */
5513 /* Fix USB interference issue. */
5514 if (!(sc->chip & URTWN_CHIP_88E)) {
5515 urtwn_write_1(sc, 0xfe40, 0xe0);
5516 urtwn_write_1(sc, 0xfe41, 0x8d);
5517 urtwn_write_1(sc, 0xfe42, 0x80);
5519 urtwn_pa_bias_init(sc);
5522 /* Initialize GPIO setting. */
5523 urtwn_write_1(sc, R92C_GPIO_MUXCFG,
5524 urtwn_read_1(sc, R92C_GPIO_MUXCFG) & ~R92C_GPIO_MUXCFG_ENBT);
5526 /* Fix for lower temperature. */
5527 if (!(sc->chip & URTWN_CHIP_88E))
5528 urtwn_write_1(sc, 0x15, 0xe9);
5530 usbd_transfer_start(sc->sc_xfer[URTWN_BULK_RX]);
5532 sc->sc_flags |= URTWN_RUNNING;
5535 * Install static keys (if any).
5536 * Must be called after urtwn_cam_init().
5539 urtwn_setup_static_keys(sc, URTWN_VAP(vap));
5541 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
5543 if (usb_err != USB_ERR_NORMAL_COMPLETION)
5552 urtwn_stop(struct urtwn_softc *sc)
5556 if (!(sc->sc_flags & URTWN_RUNNING)) {
5561 sc->sc_flags &= ~(URTWN_RUNNING | URTWN_FW_LOADED |
5562 URTWN_TEMP_MEASURED);
5563 sc->thcal_lctemp = 0;
5564 callout_stop(&sc->sc_watchdog_ch);
5566 urtwn_abort_xfers(sc);
5567 urtwn_drain_mbufq(sc);
5568 urtwn_free_tx_list(sc);
5569 urtwn_free_rx_list(sc);
5570 urtwn_power_off(sc);
5575 urtwn_abort_xfers(struct urtwn_softc *sc)
5579 URTWN_ASSERT_LOCKED(sc);
5581 /* abort any pending transfers */
5582 for (i = 0; i < URTWN_N_TRANSFER; i++)
5583 usbd_transfer_stop(sc->sc_xfer[i]);
5587 urtwn_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
5588 const struct ieee80211_bpf_params *params)
5590 struct ieee80211com *ic = ni->ni_ic;
5591 struct urtwn_softc *sc = ic->ic_softc;
5592 struct urtwn_data *bf;
5595 URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: called; m=%p\n",
5599 /* prevent management frames from being sent if we're not ready */
5601 if (!(sc->sc_flags & URTWN_RUNNING)) {
5606 bf = urtwn_getbuf(sc);
5612 if (params == NULL) {
5614 * Legacy path; interpret frame contents to decide
5615 * precisely how to send the frame.
5617 error = urtwn_tx_data(sc, ni, m, bf);
5620 * Caller supplied explicit parameters to use in
5621 * sending the frame.
5623 error = urtwn_tx_raw(sc, ni, m, bf, params);
5626 STAILQ_INSERT_HEAD(&sc->sc_tx_inactive, bf, next);
5631 callout_reset(&sc->sc_watchdog_ch, hz, urtwn_watchdog, sc);
5643 urtwn_ms_delay(struct urtwn_softc *sc)
5645 usb_pause_mtx(&sc->sc_mtx, hz / 1000);
5648 static device_method_t urtwn_methods[] = {
5649 /* Device interface */
5650 DEVMETHOD(device_probe, urtwn_match),
5651 DEVMETHOD(device_attach, urtwn_attach),
5652 DEVMETHOD(device_detach, urtwn_detach),
5657 static driver_t urtwn_driver = {
5660 sizeof(struct urtwn_softc)
5663 static devclass_t urtwn_devclass;
5665 DRIVER_MODULE(urtwn, uhub, urtwn_driver, urtwn_devclass, NULL, NULL);
5666 MODULE_DEPEND(urtwn, usb, 1, 1, 1);
5667 MODULE_DEPEND(urtwn, wlan, 1, 1, 1);
5668 #ifndef URTWN_WITHOUT_UCODE
5669 MODULE_DEPEND(urtwn, firmware, 1, 1, 1);
5671 MODULE_VERSION(urtwn, 1);
5672 USB_PNP_HOST_INFO(urtwn_devs);
projects / FreeBSD / FreeBSD.git / blob