4 * Copyright (c) 2008,2009 Damien Bergamini <damien.bergamini@free.fr>
5 * ported to FreeBSD by Akinori Furukoshi <moonlightakkiy@yahoo.ca>
7 * Permission to use, copy, modify, and distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 /* release date Jan. 09, 2010 */
22 #include <sys/cdefs.h>
23 __FBSDID("$FreeBSD$");
26 * Ralink Technology RT2700U/RT2800U/RT3000U chipset driver.
27 * http://www.ralinktech.com/
30 #include <sys/param.h>
31 #include <sys/sockio.h>
32 #include <sys/sysctl.h>
34 #include <sys/mutex.h>
36 #include <sys/kernel.h>
37 #include <sys/socket.h>
38 #include <sys/systm.h>
39 #include <sys/malloc.h>
40 #include <sys/module.h>
42 #include <sys/endian.h>
43 #include <sys/systm.h>
44 #include <sys/linker.h>
45 #include <sys/firmware.h>
48 #include <machine/bus.h>
49 #include <machine/resource.h>
54 #include <net/if_arp.h>
55 #include <net/ethernet.h>
56 #include <net/if_dl.h>
57 #include <net/if_media.h>
58 #include <net/if_types.h>
60 #include <netinet/in.h>
61 #include <netinet/in_systm.h>
62 #include <netinet/in_var.h>
63 #include <netinet/if_ether.h>
64 #include <netinet/ip.h>
66 #include <net80211/ieee80211_var.h>
67 #include <net80211/ieee80211_regdomain.h>
68 #include <net80211/ieee80211_radiotap.h>
69 #include <net80211/ieee80211_amrr.h>
71 #include <dev/usb/usb.h>
72 #include <dev/usb/usbdi.h>
75 #define USB_DEBUG_VAR run_debug
76 #include <dev/usb/usb_debug.h>
78 #include "if_runreg.h" /* shared with ral(4) */
79 #include "if_runvar.h"
81 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
89 SYSCTL_NODE(_hw_usb, OID_AUTO, run, CTLFLAG_RW, 0, "USB run");
90 SYSCTL_INT(_hw_usb_run, OID_AUTO, debug, CTLFLAG_RW, &run_debug, 0,
94 #define IEEE80211_HAS_ADDR4(wh) \
95 (((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS)
97 static const struct usb_device_id run_devs[] = {
98 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT2770) },
99 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT2870) },
100 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT3070) },
101 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT3071) },
102 { USB_VP(USB_VENDOR_ABOCOM, USB_PRODUCT_ABOCOM_RT3072) },
103 { USB_VP(USB_VENDOR_ABOCOM2, USB_PRODUCT_ABOCOM2_RT2870_1) },
104 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2770) },
105 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_1) },
106 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_2) },
107 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_3) },
108 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_4) },
109 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT2870_5) },
110 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT3070_1) },
111 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT3070_2) },
112 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT3070_3) },
113 { USB_VP(USB_VENDOR_ACCTON, USB_PRODUCT_ACCTON_RT3070_4) },
114 { USB_VP(USB_VENDOR_AIRTIES, USB_PRODUCT_AIRTIES_RT3070) },
115 { USB_VP(USB_VENDOR_AMIGO, USB_PRODUCT_AMIGO_RT2870_1) },
116 { USB_VP(USB_VENDOR_AMIGO, USB_PRODUCT_AMIGO_RT2870_2) },
117 { USB_VP(USB_VENDOR_AMIT, USB_PRODUCT_AMIT_CGWLUSB2GNR) },
118 { USB_VP(USB_VENDOR_AMIT, USB_PRODUCT_AMIT_RT2870_1) },
119 { USB_VP(USB_VENDOR_AMIT2, USB_PRODUCT_AMIT2_RT2870) },
120 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_1) },
121 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_2) },
122 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_3) },
123 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_4) },
124 { USB_VP(USB_VENDOR_ASUS, USB_PRODUCT_ASUS_RT2870_5) },
125 { USB_VP(USB_VENDOR_ASUS2, USB_PRODUCT_ASUS2_USBN11) },
126 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT2870_1) },
127 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT2870_2) },
128 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT3070_1) },
129 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT3070_2) },
130 { USB_VP(USB_VENDOR_AZUREWAVE, USB_PRODUCT_AZUREWAVE_RT3070_3) },
131 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F5D8053V3) },
132 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F5D8055) },
133 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_F6D4050V1) },
134 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_RT2870_1) },
135 { USB_VP(USB_VENDOR_BELKIN, USB_PRODUCT_BELKIN_RT2870_2) },
136 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_1) },
137 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_2) },
138 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_3) },
139 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_4) },
140 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_5) },
141 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_6) },
142 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_7) },
143 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_RT2870_8) },
144 { USB_VP(USB_VENDOR_CONCEPTRONIC2, USB_PRODUCT_CONCEPTRONIC2_VIGORN61) },
145 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_CGWLUSB300GNM) },
146 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RT2870_1) },
147 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RT2870_2) },
148 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RT2870_3) },
149 { USB_VP(USB_VENDOR_COREGA, USB_PRODUCT_COREGA_RT3070) },
150 { USB_VP(USB_VENDOR_CYBERTAN, USB_PRODUCT_CYBERTAN_RT2870) },
151 { USB_VP(USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RT2870) },
152 { USB_VP(USB_VENDOR_DLINK, USB_PRODUCT_DLINK_RT3072) },
153 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_DWA130) },
154 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT2870_1) },
155 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT2870_2) },
156 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3070_1) },
157 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3070_2) },
158 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3070_3) },
159 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3070_4) },
160 { USB_VP(USB_VENDOR_DLINK2, USB_PRODUCT_DLINK2_RT3072) },
161 { USB_VP(USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_EW7717) },
162 { USB_VP(USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_EW7718) },
163 { USB_VP(USB_VENDOR_EDIMAX, USB_PRODUCT_EDIMAX_RT2870_1) },
164 { USB_VP(USB_VENDOR_ENCORE, USB_PRODUCT_ENCORE_RT3070_1) },
165 { USB_VP(USB_VENDOR_ENCORE, USB_PRODUCT_ENCORE_RT3070_2) },
166 { USB_VP(USB_VENDOR_ENCORE, USB_PRODUCT_ENCORE_RT3070_3) },
167 { USB_VP(USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_GNWB31N) },
168 { USB_VP(USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_GNWB32L) },
169 { USB_VP(USB_VENDOR_GIGABYTE, USB_PRODUCT_GIGABYTE_RT2870_1) },
170 { USB_VP(USB_VENDOR_GIGASET, USB_PRODUCT_GIGASET_RT3070_1) },
171 { USB_VP(USB_VENDOR_GIGASET, USB_PRODUCT_GIGASET_RT3070_2) },
172 { USB_VP(USB_VENDOR_GUILLEMOT, USB_PRODUCT_GUILLEMOT_HWNU300) },
173 { USB_VP(USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_HWUN2) },
174 { USB_VP(USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_RT2870_1) },
175 { USB_VP(USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_RT2870_2) },
176 { USB_VP(USB_VENDOR_HAWKING, USB_PRODUCT_HAWKING_RT3070) },
177 { USB_VP(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_RT3072_1) },
178 { USB_VP(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_RT3072_2) },
179 { USB_VP(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_RT3072_3) },
180 { USB_VP(USB_VENDOR_IODATA, USB_PRODUCT_IODATA_RT3072_4) },
181 { USB_VP(USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB100) },
182 { USB_VP(USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB54GCV3) },
183 { USB_VP(USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB600N) },
184 { USB_VP(USB_VENDOR_LINKSYS4, USB_PRODUCT_LINKSYS4_WUSB600NV2) },
185 { USB_VP(USB_VENDOR_LOGITEC, USB_PRODUCT_LOGITEC_RT2870_1) },
186 { USB_VP(USB_VENDOR_LOGITEC, USB_PRODUCT_LOGITEC_RT2870_2) },
187 { USB_VP(USB_VENDOR_LOGITEC, USB_PRODUCT_LOGITEC_RT2870_3) },
188 { USB_VP(USB_VENDOR_MELCO, USB_PRODUCT_MELCO_WLIUCAG300N) },
189 { USB_VP(USB_VENDOR_MELCO, USB_PRODUCT_MELCO_WLIUCG300N) },
190 { USB_VP(USB_VENDOR_MELCO, USB_PRODUCT_MELCO_WLIUCGN) },
191 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_1) },
192 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_2) },
193 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_3) },
194 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_4) },
195 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_5) },
196 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_6) },
197 { USB_VP(USB_VENDOR_MSI, USB_PRODUCT_MSI_RT3070_7) },
198 { USB_VP(USB_VENDOR_PARA, USB_PRODUCT_PARA_RT3070) },
199 { USB_VP(USB_VENDOR_PEGATRON, USB_PRODUCT_PEGATRON_RT2870) },
200 { USB_VP(USB_VENDOR_PEGATRON, USB_PRODUCT_PEGATRON_RT3070) },
201 { USB_VP(USB_VENDOR_PEGATRON, USB_PRODUCT_PEGATRON_RT3070_2) },
202 { USB_VP(USB_VENDOR_PHILIPS, USB_PRODUCT_PHILIPS_RT2870) },
203 { USB_VP(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GWUS300MINIS) },
204 { USB_VP(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_GWUSMICRON) },
205 { USB_VP(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RT2870) },
206 { USB_VP(USB_VENDOR_PLANEX2, USB_PRODUCT_PLANEX2_RT3070) },
207 { USB_VP(USB_VENDOR_QCOM, USB_PRODUCT_QCOM_RT2870) },
208 { USB_VP(USB_VENDOR_QUANTA, USB_PRODUCT_QUANTA_RT3070) },
209 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2070) },
210 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2770) },
211 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT2870) },
212 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT3070) },
213 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT3071) },
214 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT3072) },
215 { USB_VP(USB_VENDOR_RALINK, USB_PRODUCT_RALINK_RT3572) },
216 { USB_VP(USB_VENDOR_SAMSUNG2, USB_PRODUCT_SAMSUNG2_RT2870_1) },
217 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT2870_1) },
218 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT2870_2) },
219 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT2870_3) },
220 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT2870_4) },
221 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3070) },
222 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3071) },
223 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_1) },
224 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_2) },
225 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_3) },
226 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_4) },
227 { USB_VP(USB_VENDOR_SENAO, USB_PRODUCT_SENAO_RT3072_5) },
228 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2770) },
229 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2870_1) },
230 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2870_2) },
231 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2870_3) },
232 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT2870_4) },
233 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3070) },
234 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3070_2) },
235 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3070_3) },
236 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3070_4) },
237 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_1) },
238 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_2) },
239 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_3) },
240 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_4) },
241 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_5) },
242 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_RT3072_6) },
243 { USB_VP(USB_VENDOR_SITECOMEU, USB_PRODUCT_SITECOMEU_WL608) },
244 { USB_VP(USB_VENDOR_SPARKLAN, USB_PRODUCT_SPARKLAN_RT2870_1) },
245 { USB_VP(USB_VENDOR_SPARKLAN, USB_PRODUCT_SPARKLAN_RT3070) },
246 { USB_VP(USB_VENDOR_SWEEX2, USB_PRODUCT_SWEEX2_LW303) },
247 { USB_VP(USB_VENDOR_SWEEX2, USB_PRODUCT_SWEEX2_LW313) },
248 { USB_VP(USB_VENDOR_UMEDIA, USB_PRODUCT_UMEDIA_RT2870_1) },
249 { USB_VP(USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_RT2870_1) },
250 { USB_VP(USB_VENDOR_ZCOM, USB_PRODUCT_ZCOM_RT2870_2) },
251 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT2870_1) },
252 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT2870_2) },
253 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT3070) },
254 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT3072_1) },
255 { USB_VP(USB_VENDOR_ZINWELL, USB_PRODUCT_ZINWELL_RT3072_2) },
256 { USB_VP(USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_RT2870_1) },
259 MODULE_DEPEND(run, wlan, 1, 1, 1);
260 MODULE_DEPEND(run, wlan_amrr, 1, 1, 1);
261 MODULE_DEPEND(run, usb, 1, 1, 1);
262 MODULE_DEPEND(run, firmware, 1, 1, 1);
264 static device_probe_t run_match;
265 static device_attach_t run_attach;
266 static device_detach_t run_detach;
268 static usb_callback_t run_bulk_rx_callback;
269 static usb_callback_t run_bulk_tx_callback0;
270 static usb_callback_t run_bulk_tx_callback1;
271 static usb_callback_t run_bulk_tx_callback2;
272 static usb_callback_t run_bulk_tx_callback3;
273 static usb_callback_t run_bulk_tx_callback4;
274 static usb_callback_t run_bulk_tx_callback5;
276 static void run_bulk_tx_callbackN(struct usb_xfer *xfer,
277 usb_error_t error, unsigned int index);
278 static struct ieee80211vap *run_vap_create(struct ieee80211com *,
279 const char name[IFNAMSIZ], int unit, int opmode, int flags,
280 const uint8_t bssid[IEEE80211_ADDR_LEN], const uint8_t
281 mac[IEEE80211_ADDR_LEN]);
282 static void run_vap_delete(struct ieee80211vap *);
283 static void run_setup_tx_list(struct run_softc *,
284 struct run_endpoint_queue *);
285 static void run_unsetup_tx_list(struct run_softc *,
286 struct run_endpoint_queue *);
287 static int run_load_microcode(struct run_softc *);
288 static int run_reset(struct run_softc *);
289 static usb_error_t run_do_request(struct run_softc *,
290 struct usb_device_request *, void *);
291 static int run_read(struct run_softc *, uint16_t, uint32_t *);
292 static int run_read_region_1(struct run_softc *, uint16_t, uint8_t *, int);
293 static int run_write_2(struct run_softc *, uint16_t, uint16_t);
294 static int run_write(struct run_softc *, uint16_t, uint32_t);
295 static int run_write_region_1(struct run_softc *, uint16_t,
296 const uint8_t *, int);
297 static int run_set_region_4(struct run_softc *, uint16_t, uint32_t, int);
298 static int run_efuse_read_2(struct run_softc *, uint16_t, uint16_t *);
299 static int run_eeprom_read_2(struct run_softc *, uint16_t, uint16_t *);
300 static int run_rt2870_rf_write(struct run_softc *, uint8_t, uint32_t);
301 static int run_rt3070_rf_read(struct run_softc *, uint8_t, uint8_t *);
302 static int run_rt3070_rf_write(struct run_softc *, uint8_t, uint8_t);
303 static int run_bbp_read(struct run_softc *, uint8_t, uint8_t *);
304 static int run_bbp_write(struct run_softc *, uint8_t, uint8_t);
305 static int run_mcu_cmd(struct run_softc *, uint8_t, uint16_t);
306 static const char *run_get_rf(int);
307 static int run_read_eeprom(struct run_softc *);
308 static struct ieee80211_node *run_node_alloc(struct ieee80211vap *,
309 const uint8_t mac[IEEE80211_ADDR_LEN]);
310 static int run_media_change(struct ifnet *);
311 static int run_newstate(struct ieee80211vap *, enum ieee80211_state, int);
312 static int run_wme_update(struct ieee80211com *);
313 static void run_wme_update_cb(void *, int);
314 static void run_key_update_begin(struct ieee80211vap *);
315 static void run_key_update_end(struct ieee80211vap *);
316 static int run_key_set(struct ieee80211vap *, const struct ieee80211_key *,
317 const uint8_t mac[IEEE80211_ADDR_LEN]);
318 static int run_key_delete(struct ieee80211vap *,
319 const struct ieee80211_key *);
320 static void run_amrr_start(struct run_softc *, struct ieee80211_node *);
321 static void run_amrr_to(void *);
322 static void run_amrr_cb(void *, int);
323 static void run_iter_func(void *, struct ieee80211_node *);
324 static void run_newassoc(struct ieee80211_node *, int);
325 static void run_rx_frame(struct run_softc *, struct mbuf *, uint32_t);
326 static void run_tx_free(struct run_endpoint_queue *pq,
327 struct run_tx_data *, int);
328 static void run_set_tx_desc(struct run_softc *, struct run_tx_data *,
329 uint8_t, uint8_t, uint8_t, uint8_t, uint8_t, uint8_t);
330 static int run_tx(struct run_softc *, struct mbuf *,
331 struct ieee80211_node *);
332 static int run_tx_mgt(struct run_softc *, struct mbuf *,
333 struct ieee80211_node *);
334 static int run_sendprot(struct run_softc *, const struct mbuf *,
335 struct ieee80211_node *, int, int);
336 static int run_tx_param(struct run_softc *, struct mbuf *,
337 struct ieee80211_node *,
338 const struct ieee80211_bpf_params *);
339 static int run_raw_xmit(struct ieee80211_node *, struct mbuf *,
340 const struct ieee80211_bpf_params *);
341 static void run_start(struct ifnet *);
342 static int run_ioctl(struct ifnet *, u_long, caddr_t);
343 static void run_select_chan_group(struct run_softc *, int);
344 static void run_set_rx_antenna(struct run_softc *, int);
345 static void run_rt2870_set_chan(struct run_softc *, u_int);
346 static void run_rt3070_set_chan(struct run_softc *, u_int);
347 static int run_set_chan(struct run_softc *, struct ieee80211_channel *);
348 static void run_set_channel(struct ieee80211com *);
349 static void run_scan_start(struct ieee80211com *);
350 static void run_scan_end(struct ieee80211com *);
351 static uint8_t run_rate2mcs(uint8_t);
352 static void run_update_beacon(struct ieee80211vap *, int);
353 static void run_update_beacon_locked(struct ieee80211vap *, int);
354 static void run_updateprot(struct ieee80211com *);
355 static void run_usb_timeout_cb(void *, int);
356 static void run_reset_livelock(struct run_softc *);
357 static void run_enable_tsf_sync(struct run_softc *);
358 static void run_enable_mrr(struct run_softc *);
359 static void run_set_txpreamble(struct run_softc *);
360 static void run_set_basicrates(struct run_softc *);
361 static void run_set_leds(struct run_softc *, uint16_t);
362 static void run_set_bssid(struct run_softc *, const uint8_t *);
363 static void run_set_macaddr(struct run_softc *, const uint8_t *);
364 static void run_updateslot(struct ifnet *);
365 static int8_t run_rssi2dbm(struct run_softc *, uint8_t, uint8_t);
366 static void run_update_promisc_locked(struct ifnet *);
367 static void run_update_promisc(struct ifnet *);
368 static int run_bbp_init(struct run_softc *);
369 static int run_rt3070_rf_init(struct run_softc *);
370 static int run_rt3070_filter_calib(struct run_softc *, uint8_t, uint8_t,
372 static int run_txrx_enable(struct run_softc *);
373 static void run_init(void *);
374 static void run_init_locked(struct run_softc *);
375 static void run_stop(void *);
376 static void run_delay(struct run_softc *, unsigned int);
378 static const struct {
381 } rt2870_def_mac[] = {
385 static const struct {
388 } rt2860_def_bbp[] = {
392 static const struct rfprog {
394 uint32_t r1, r2, r3, r4;
395 } rt2860_rf2850[] = {
401 } run_rf3020_freqs[] = {
405 static const struct {
408 } rt3070_def_rf[] = {
412 static const struct usb_config run_config[RUN_N_XFER] = {
415 .endpoint = UE_ADDR_ANY,
417 .direction = UE_DIR_OUT,
418 .bufsize = RUN_MAX_TXSZ,
419 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
420 .callback = run_bulk_tx_callback0,
421 .timeout = 5000, /* ms */
425 .endpoint = UE_ADDR_ANY,
426 .direction = UE_DIR_OUT,
428 .bufsize = RUN_MAX_TXSZ,
429 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
430 .callback = run_bulk_tx_callback1,
431 .timeout = 5000, /* ms */
435 .endpoint = UE_ADDR_ANY,
436 .direction = UE_DIR_OUT,
438 .bufsize = RUN_MAX_TXSZ,
439 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
440 .callback = run_bulk_tx_callback2,
441 .timeout = 5000, /* ms */
445 .endpoint = UE_ADDR_ANY,
446 .direction = UE_DIR_OUT,
448 .bufsize = RUN_MAX_TXSZ,
449 .flags = {.pipe_bof = 1,.force_short_xfer = 1,},
450 .callback = run_bulk_tx_callback3,
451 .timeout = 5000, /* ms */
453 [RUN_BULK_TX_HCCA] = {
455 .endpoint = UE_ADDR_ANY,
456 .direction = UE_DIR_OUT,
458 .bufsize = RUN_MAX_TXSZ,
459 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,},
460 .callback = run_bulk_tx_callback4,
461 .timeout = 5000, /* ms */
463 [RUN_BULK_TX_PRIO] = {
465 .endpoint = UE_ADDR_ANY,
466 .direction = UE_DIR_OUT,
468 .bufsize = RUN_MAX_TXSZ,
469 .flags = {.pipe_bof = 1,.force_short_xfer = 1,.no_pipe_ok = 1,},
470 .callback = run_bulk_tx_callback5,
471 .timeout = 5000, /* ms */
475 .endpoint = UE_ADDR_ANY,
476 .direction = UE_DIR_IN,
477 .bufsize = RUN_MAX_RXSZ,
478 .flags = {.pipe_bof = 1,.short_xfer_ok = 1,},
479 .callback = run_bulk_rx_callback,
484 run_match(device_t self)
486 struct usb_attach_arg *uaa = device_get_ivars(self);
488 if (uaa->usb_mode != USB_MODE_HOST)
490 if (uaa->info.bConfigIndex != 0)
492 if (uaa->info.bIfaceIndex != RT2860_IFACE_INDEX)
495 return (usbd_lookup_id_by_uaa(run_devs, sizeof(run_devs), uaa));
499 run_attach(device_t self)
501 struct run_softc *sc = device_get_softc(self);
502 struct usb_attach_arg *uaa = device_get_ivars(self);
503 struct ieee80211com *ic;
505 int i, ntries, error;
506 uint8_t iface_index, bands;
508 device_set_usb_desc(self);
509 sc->sc_udev = uaa->device;
512 mtx_init(&sc->sc_mtx, device_get_nameunit(sc->sc_dev),
513 MTX_NETWORK_LOCK, MTX_DEF);
515 iface_index = RT2860_IFACE_INDEX;
516 /* Rx transfer has own lock */
517 error = usbd_transfer_setup(uaa->device, &iface_index,
518 sc->sc_xfer, run_config, RUN_N_XFER, sc, &sc->sc_mtx);
520 device_printf(self, "could not allocate USB Tx transfers, "
521 "err=%s\n", usbd_errstr(error));
527 /* wait for the chip to settle */
528 for (ntries = 0; ntries < 100; ntries++) {
529 if (run_read(sc, RT2860_ASIC_VER_ID, &sc->mac_rev) != 0){
533 if (sc->mac_rev != 0 && sc->mac_rev != 0xffffffff)
538 printf("%s: timeout waiting for NIC to initialize\n",
539 device_get_nameunit(sc->sc_dev));
544 /* retrieve RF rev. no and various other things from EEPROM */
547 printf("%s: MAC/BBP RT%04X (rev 0x%04X), RF %s (MIMO %dT%dR), "
548 "address %s\n", device_get_nameunit(sc->sc_dev), sc->mac_rev >> 16,
549 sc->mac_rev & 0xffff, run_get_rf(sc->rf_rev), sc->ntxchains,
550 sc->nrxchains, ether_sprintf(sc->sc_bssid));
552 if ((error = run_load_microcode(sc)) != 0) {
553 printf("%s: could not load 8051 microcode\n",
554 device_get_nameunit(sc->sc_dev));
561 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211);
563 printf("%s: can not if_alloc()\n",
564 device_get_nameunit(sc->sc_dev));
570 if_initname(ifp, "run", device_get_unit(sc->sc_dev));
571 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
572 ifp->if_init = run_init;
573 ifp->if_ioctl = run_ioctl;
574 ifp->if_start = run_start;
575 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN);
576 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN;
577 IFQ_SET_READY(&ifp->if_snd);
580 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
581 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */
583 ic->ic_state = IEEE80211_S_INIT;
585 /* set device capabilities */
587 IEEE80211_C_STA | /* station mode supported */
588 IEEE80211_C_MONITOR | /* monitor mode supported */
591 IEEE80211_C_SHPREAMBLE | /* short preamble supported */
592 IEEE80211_C_SHSLOT | /* short slot time supported */
593 IEEE80211_C_WME | /* WME */
594 IEEE80211_C_WPA; /* WPA1|WPA2(RSN) */
597 IEEE80211_CRYPTO_WEP |
598 IEEE80211_CRYPTO_AES_CCM |
599 IEEE80211_CRYPTO_TKIPMIC |
600 IEEE80211_CRYPTO_TKIP;
602 ic->ic_flags |= IEEE80211_F_DATAPAD;
603 ic->ic_flags_ext |= IEEE80211_FEXT_SWBMISS;
606 setbit(&bands, IEEE80211_MODE_11B);
607 setbit(&bands, IEEE80211_MODE_11G);
608 ieee80211_init_channels(ic, NULL, &bands);
611 * Do this by own because h/w supports
612 * more channels than ieee80211_init_channels()
614 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850) {
615 /* set supported .11a rates */
616 for (i = 14; i < nitems(rt2860_rf2850); i++) {
617 uint8_t chan = rt2860_rf2850[i].chan;
618 ic->ic_channels[ic->ic_nchans].ic_freq =
619 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_A);
620 ic->ic_channels[ic->ic_nchans].ic_ieee = chan;
621 ic->ic_channels[ic->ic_nchans].ic_flags = IEEE80211_CHAN_A;
622 ic->ic_channels[ic->ic_nchans].ic_extieee = 0;
627 ieee80211_ifattach(ic, sc->sc_bssid);
629 ic->ic_scan_start = run_scan_start;
630 ic->ic_scan_end = run_scan_end;
631 ic->ic_set_channel = run_set_channel;
632 ic->ic_node_alloc = run_node_alloc;
633 ic->ic_newassoc = run_newassoc;
634 //ic->ic_updateslot = run_updateslot;
635 ic->ic_wme.wme_update = run_wme_update;
636 ic->ic_raw_xmit = run_raw_xmit;
637 ic->ic_update_promisc = run_update_promisc;
639 ic->ic_vap_create = run_vap_create;
640 ic->ic_vap_delete = run_vap_delete;
642 ieee80211_radiotap_attach(ic,
643 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap),
644 RUN_TX_RADIOTAP_PRESENT,
645 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap),
646 RUN_RX_RADIOTAP_PRESENT);
649 ieee80211_announce(ic);
659 run_detach(device_t self)
661 struct run_softc *sc = device_get_softc(self);
662 struct ifnet *ifp = sc->sc_ifp;
663 struct ieee80211com *ic;
666 /* stop all USB transfers */
667 usbd_transfer_unsetup(sc->sc_xfer, RUN_N_XFER);
670 /* free TX list, if any */
671 for (i = 0; i != RUN_EP_QUEUES; i++)
672 run_unsetup_tx_list(sc, &sc->sc_epq[i]);
677 ieee80211_ifdetach(ic);
681 mtx_destroy(&sc->sc_mtx);
686 static struct ieee80211vap *
687 run_vap_create(struct ieee80211com *ic,
688 const char name[IFNAMSIZ], int unit, int opmode, int flags,
689 const uint8_t bssid[IEEE80211_ADDR_LEN],
690 const uint8_t mac[IEEE80211_ADDR_LEN])
692 struct run_softc *sc = ic->ic_ifp->if_softc;
694 struct ieee80211vap *vap;
696 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */
698 sc->sc_rvp = rvp = (struct run_vap *) malloc(sizeof(struct run_vap),
699 M_80211_VAP, M_NOWAIT | M_ZERO);
703 /* enable s/w bmiss handling for sta mode */
704 ieee80211_vap_setup(ic, vap, name, unit, opmode,
705 flags | IEEE80211_CLONE_NOBEACONS, bssid, mac);
707 vap->iv_key_update_begin = run_key_update_begin;
708 vap->iv_key_update_end = run_key_update_end;
709 vap->iv_key_delete = run_key_delete;
710 vap->iv_key_set = run_key_set;
711 vap->iv_update_beacon = run_update_beacon;
713 /* override state transition machine */
714 rvp->newstate = vap->iv_newstate;
715 vap->iv_newstate = run_newstate;
717 TASK_INIT(&rvp->amrr_task, 0, run_amrr_cb, rvp);
718 TASK_INIT(&sc->wme_task, 0, run_wme_update_cb, ic);
719 TASK_INIT(&sc->usb_timeout_task, 0, run_usb_timeout_cb, sc);
720 callout_init((struct callout *)&rvp->amrr_ch, 1);
721 ieee80211_amrr_init(&rvp->amrr, vap,
722 IEEE80211_AMRR_MIN_SUCCESS_THRESHOLD,
723 IEEE80211_AMRR_MAX_SUCCESS_THRESHOLD,
727 ieee80211_vap_attach(vap, run_media_change, ieee80211_media_status);
728 ic->ic_opmode = opmode;
733 run_vap_delete(struct ieee80211vap *vap)
735 struct run_vap *rvp = RUN_VAP(vap);
737 struct ieee80211com *ic;
738 struct run_softc *sc;
748 if (ifp && ifp->if_flags & IFF_UP){
754 ieee80211_amrr_cleanup(&rvp->amrr);
755 ieee80211_vap_detach(vap);
756 free(rvp, M_80211_VAP);
761 run_setup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq)
763 struct run_tx_data *data;
765 memset(pq, 0, sizeof(*pq));
767 STAILQ_INIT(&pq->tx_qh);
768 STAILQ_INIT(&pq->tx_fh);
770 for (data = &pq->tx_data[0];
771 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++) {
773 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next);
775 pq->tx_nfree = RUN_TX_RING_COUNT;
779 run_unsetup_tx_list(struct run_softc *sc, struct run_endpoint_queue *pq)
781 struct run_tx_data *data;
783 /* make sure any subsequent use of the queues will fail */
785 STAILQ_INIT(&pq->tx_fh);
786 STAILQ_INIT(&pq->tx_qh);
788 /* free up all node references and mbufs */
789 for (data = &pq->tx_data[0];
790 data < &pq->tx_data[RUN_TX_RING_COUNT]; data++){
791 if (data->m != NULL) {
795 if (data->ni != NULL) {
796 ieee80211_free_node(data->ni);
803 run_load_microcode(struct run_softc *sc)
805 usb_device_request_t req;
806 const struct firmware *fw;
810 const uint64_t *temp;
813 fw = firmware_get("runfw");
815 printf("%s: failed loadfirmware of file %s (error %d)\n",
816 device_get_nameunit(sc->sc_dev), "runfw", ENOENT);
820 if (fw->datasize != 8192) {
821 printf("%s: invalid firmware size (should be 8KB)\n",
822 device_get_nameunit(sc->sc_dev));
828 * RT3071/RT3072 use a different firmware
829 * run-rt2870 (8KB) contains both,
830 * first half (4KB) is for rt2870,
831 * last half is for rt3071.
834 if ((sc->mac_rev >> 16) != 0x2860 &&
835 (sc->mac_rev >> 16) != 0x2872 &&
836 (sc->mac_rev >> 16) != 0x3070 &&
837 (sc->mac_rev >> 16) != 0x3572){
839 printf("%s: You are using firmware RT3071.\n",
840 device_get_nameunit(sc->sc_dev));
842 printf("%s: You are using firmware RT2870.\n",
843 device_get_nameunit(sc->sc_dev));
845 /* cheap sanity check */
848 if(bytes != be64toh(0xffffff0210280210)) {
849 printf("%s: firmware checksum failed\n",
850 device_get_nameunit(sc->sc_dev));
855 run_read(sc, RT2860_ASIC_VER_ID, &tmp);
856 /* write microcode image */
857 run_write_region_1(sc, RT2870_FW_BASE, base, 4096);
858 run_write(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff);
859 run_write(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff);
861 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
862 req.bRequest = RT2870_RESET;
863 USETW(req.wValue, 8);
864 USETW(req.wIndex, 0);
865 USETW(req.wLength, 0);
866 if ((error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL)) != 0) {
867 printf("%s: firmware reset failed\n",
868 device_get_nameunit(sc->sc_dev));
874 run_write(sc, RT2860_H2M_MAILBOX, 0);
875 if ((error = run_mcu_cmd(sc, RT2860_MCU_CMD_BOOT, 0)) != 0)
878 /* wait until microcontroller is ready */
879 for (ntries = 0; ntries < 1000; ntries++) {
880 if ((error = run_read(sc, RT2860_SYS_CTRL, &tmp)) != 0) {
883 if (tmp & RT2860_MCU_READY)
887 if (ntries == 1000) {
888 printf("%s: timeout waiting for MCU to initialize\n",
889 device_get_nameunit(sc->sc_dev));
893 DPRINTF("microcode successfully loaded after %d tries\n", ntries);
896 firmware_put(fw, FIRMWARE_UNLOAD);
901 run_reset(struct run_softc *sc)
903 usb_device_request_t req;
905 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
906 req.bRequest = RT2870_RESET;
907 USETW(req.wValue, 1);
908 USETW(req.wIndex, 0);
909 USETW(req.wLength, 0);
910 return usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, NULL);
914 run_do_request(struct run_softc *sc,
915 struct usb_device_request *req, void *data)
920 RUN_LOCK_ASSERT(sc, MA_OWNED);
923 err = usbd_do_request_flags(sc->sc_udev, &sc->sc_mtx,
924 req, data, 0, NULL, 250 /* ms */);
927 DPRINTFN(1, "Control request failed, %s (retrying)\n",
935 run_read(struct run_softc *sc, uint16_t reg, uint32_t *val)
940 error = run_read_region_1(sc, reg, (uint8_t *)&tmp, sizeof tmp);
949 run_read_region_1(struct run_softc *sc, uint16_t reg, uint8_t *buf, int len)
951 usb_device_request_t req;
953 req.bmRequestType = UT_READ_VENDOR_DEVICE;
954 req.bRequest = RT2870_READ_REGION_1;
955 USETW(req.wValue, 0);
956 USETW(req.wIndex, reg);
957 USETW(req.wLength, len);
959 return run_do_request(sc, &req, buf);
963 run_write_2(struct run_softc *sc, uint16_t reg, uint16_t val)
965 usb_device_request_t req;
967 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
968 req.bRequest = RT2870_WRITE_2;
969 USETW(req.wValue, val);
970 USETW(req.wIndex, reg);
971 USETW(req.wLength, 0);
973 return run_do_request(sc, &req, NULL);
977 run_write(struct run_softc *sc, uint16_t reg, uint32_t val)
981 if ((error = run_write_2(sc, reg, val & 0xffff)) == 0)
982 error = run_write_2(sc, reg + 2, val >> 16);
987 run_write_region_1(struct run_softc *sc, uint16_t reg, const uint8_t *buf,
993 * NB: the WRITE_REGION_1 command is not stable on RT2860.
994 * We thus issue multiple WRITE_2 commands instead.
996 KASSERT((len & 1) == 0, ("run_write_region_1: Data too long.\n"));
997 for (i = 0; i < len && error == 0; i += 2)
998 error = run_write_2(sc, reg + i, buf[i] | buf[i + 1] << 8);
1001 usb_device_request_t req;
1003 req.bmRequestType = UT_WRITE_VENDOR_DEVICE;
1004 req.bRequest = RT2870_WRITE_REGION_1;
1005 USETW(req.wValue, 0);
1006 USETW(req.wIndex, reg);
1007 USETW(req.wLength, len);
1008 return run_do_request(sc, &req, buf);
1013 run_set_region_4(struct run_softc *sc, uint16_t reg, uint32_t val, int len)
1017 KASSERT((len & 3) == 0, ("run_set_region_4: Invalid data length.\n"));
1018 for (i = 0; i < len && error == 0; i += 4)
1019 error = run_write(sc, reg + i, val);
1023 /* Read 16-bit from eFUSE ROM (RT3070 only.) */
1025 run_efuse_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val)
1031 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1036 * Read one 16-byte block into registers EFUSE_DATA[0-3]:
1042 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK);
1043 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK;
1044 run_write(sc, RT3070_EFUSE_CTRL, tmp);
1045 for (ntries = 0; ntries < 100; ntries++) {
1046 if ((error = run_read(sc, RT3070_EFUSE_CTRL, &tmp)) != 0)
1048 if (!(tmp & RT3070_EFSROM_KICK))
1055 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK) {
1056 *val = 0xffff; /* address not found */
1059 /* determine to which 32-bit register our 16-bit word belongs */
1060 reg = RT3070_EFUSE_DATA3 - (addr & 0xc);
1061 if ((error = run_read(sc, reg, &tmp)) != 0)
1064 *val = (addr & 2) ? tmp >> 16 : tmp & 0xffff;
1069 run_eeprom_read_2(struct run_softc *sc, uint16_t addr, uint16_t *val)
1071 usb_device_request_t req;
1076 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1077 req.bRequest = RT2870_EEPROM_READ;
1078 USETW(req.wValue, 0);
1079 USETW(req.wIndex, addr);
1080 USETW(req.wLength, sizeof tmp);
1082 error = usbd_do_request(sc->sc_udev, &sc->sc_mtx, &req, &tmp);
1084 *val = le16toh(tmp);
1091 run_srom_read(struct run_softc *sc, uint16_t addr, uint16_t *val)
1093 /* either eFUSE ROM or EEPROM */
1094 return sc->sc_srom_read(sc, addr, val);
1098 run_rt2870_rf_write(struct run_softc *sc, uint8_t reg, uint32_t val)
1103 for (ntries = 0; ntries < 10; ntries++) {
1104 if ((error = run_read(sc, RT2860_RF_CSR_CFG0, &tmp)) != 0)
1106 if (!(tmp & RT2860_RF_REG_CTRL))
1112 /* RF registers are 24-bit on the RT2860 */
1113 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT |
1114 (val & 0x3fffff) << 2 | (reg & 3);
1115 return run_write(sc, RT2860_RF_CSR_CFG0, tmp);
1119 run_rt3070_rf_read(struct run_softc *sc, uint8_t reg, uint8_t *val)
1124 for (ntries = 0; ntries < 100; ntries++) {
1125 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1127 if (!(tmp & RT3070_RF_KICK))
1133 tmp = RT3070_RF_KICK | reg << 8;
1134 if ((error = run_write(sc, RT3070_RF_CSR_CFG, tmp)) != 0)
1137 for (ntries = 0; ntries < 100; ntries++) {
1138 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1140 if (!(tmp & RT3070_RF_KICK))
1151 run_rt3070_rf_write(struct run_softc *sc, uint8_t reg, uint8_t val)
1156 for (ntries = 0; ntries < 10; ntries++) {
1157 if ((error = run_read(sc, RT3070_RF_CSR_CFG, &tmp)) != 0)
1159 if (!(tmp & RT3070_RF_KICK))
1165 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val;
1166 return run_write(sc, RT3070_RF_CSR_CFG, tmp);
1170 run_bbp_read(struct run_softc *sc, uint8_t reg, uint8_t *val)
1175 for (ntries = 0; ntries < 10; ntries++) {
1176 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1178 if (!(tmp & RT2860_BBP_CSR_KICK))
1184 tmp = RT2860_BBP_CSR_READ | RT2860_BBP_CSR_KICK | reg << 8;
1185 if ((error = run_write(sc, RT2860_BBP_CSR_CFG, tmp)) != 0)
1188 for (ntries = 0; ntries < 10; ntries++) {
1189 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1191 if (!(tmp & RT2860_BBP_CSR_KICK))
1202 run_bbp_write(struct run_softc *sc, uint8_t reg, uint8_t val)
1207 for (ntries = 0; ntries < 10; ntries++) {
1208 if ((error = run_read(sc, RT2860_BBP_CSR_CFG, &tmp)) != 0)
1210 if (!(tmp & RT2860_BBP_CSR_KICK))
1216 tmp = RT2860_BBP_CSR_KICK | reg << 8 | val;
1217 return run_write(sc, RT2860_BBP_CSR_CFG, tmp);
1221 * Send a command to the 8051 microcontroller unit.
1224 run_mcu_cmd(struct run_softc *sc, uint8_t cmd, uint16_t arg)
1229 for (ntries = 0; ntries < 100; ntries++) {
1230 if ((error = run_read(sc, RT2860_H2M_MAILBOX, &tmp)) != 0)
1232 if (!(tmp & RT2860_H2M_BUSY))
1238 tmp = RT2860_H2M_BUSY | RT2860_TOKEN_NO_INTR << 16 | arg;
1239 if ((error = run_write(sc, RT2860_H2M_MAILBOX, tmp)) == 0)
1240 error = run_write(sc, RT2860_HOST_CMD, cmd);
1245 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word.
1246 * Used to adjust per-rate Tx power registers.
1248 static __inline uint32_t
1249 b4inc(uint32_t b32, int8_t delta)
1253 for (i = 0; i < 8; i++) {
1260 b32 = b32 >> 4 | b4 << 28;
1269 case RT2860_RF_2820: return "RT2820";
1270 case RT2860_RF_2850: return "RT2850";
1271 case RT2860_RF_2720: return "RT2720";
1272 case RT2860_RF_2750: return "RT2750";
1273 case RT3070_RF_3020: return "RT3020";
1274 case RT3070_RF_2020: return "RT2020";
1275 case RT3070_RF_3021: return "RT3021";
1276 case RT3070_RF_3022: return "RT3022";
1277 case RT3070_RF_3052: return "RT3052";
1283 run_read_eeprom(struct run_softc *sc)
1285 int8_t delta_2ghz, delta_5ghz;
1290 /* check whether the ROM is eFUSE ROM or EEPROM */
1291 sc->sc_srom_read = run_eeprom_read_2;
1292 if ((sc->mac_rev & 0xfff00000) >= 0x30700000) {
1293 run_read(sc, RT3070_EFUSE_CTRL, &tmp);
1294 DPRINTF("EFUSE_CTRL=0x%08x\n", tmp);
1295 if (tmp & RT3070_SEL_EFUSE)
1296 sc->sc_srom_read = run_efuse_read_2;
1299 /* read ROM version */
1300 run_srom_read(sc, RT2860_EEPROM_VERSION, &val);
1301 DPRINTF("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8);
1303 /* read MAC address */
1304 run_srom_read(sc, RT2860_EEPROM_MAC01, &val);
1305 sc->sc_bssid[0] = val & 0xff;
1306 sc->sc_bssid[1] = val >> 8;
1307 run_srom_read(sc, RT2860_EEPROM_MAC23, &val);
1308 sc->sc_bssid[2] = val & 0xff;
1309 sc->sc_bssid[3] = val >> 8;
1310 run_srom_read(sc, RT2860_EEPROM_MAC45, &val);
1311 sc->sc_bssid[4] = val & 0xff;
1312 sc->sc_bssid[5] = val >> 8;
1314 /* read default BBP settings */
1315 for (i = 0; i < 8; i++) {
1316 run_srom_read(sc, RT2860_EEPROM_BBP_BASE + i, &val);
1317 sc->bbp[i].val = val & 0xff;
1318 sc->bbp[i].reg = val >> 8;
1319 DPRINTF("BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val);
1322 /* read RF frequency offset from EEPROM */
1323 run_srom_read(sc, RT2860_EEPROM_FREQ_LEDS, &val);
1324 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0;
1325 DPRINTF("EEPROM freq offset %d\n", sc->freq & 0xff);
1327 if ((sc->leds = val >> 8) != 0xff) {
1328 /* read LEDs operating mode */
1329 run_srom_read(sc, RT2860_EEPROM_LED1, &sc->led[0]);
1330 run_srom_read(sc, RT2860_EEPROM_LED2, &sc->led[1]);
1331 run_srom_read(sc, RT2860_EEPROM_LED3, &sc->led[2]);
1333 /* broken EEPROM, use default settings */
1335 sc->led[0] = 0x5555;
1336 sc->led[1] = 0x2221;
1337 sc->led[2] = 0x5627; /* differs from RT2860 */
1339 DPRINTF("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n",
1340 sc->leds, sc->led[0], sc->led[1], sc->led[2]);
1342 /* read RF information */
1343 run_srom_read(sc, RT2860_EEPROM_ANTENNA, &val);
1344 if (val == 0xffff) {
1345 DPRINTF("invalid EEPROM antenna info, using default\n");
1346 if ((sc->mac_rev >> 16) >= 0x3070) {
1347 /* default to RF3020 1T1R */
1348 sc->rf_rev = RT3070_RF_3020;
1352 /* default to RF2820 1T2R */
1353 sc->rf_rev = RT2860_RF_2820;
1358 sc->rf_rev = (val >> 8) & 0xf;
1359 sc->ntxchains = (val >> 4) & 0xf;
1360 sc->nrxchains = val & 0xf;
1362 DPRINTF("EEPROM RF rev=0x%02x chains=%dT%dR\n",
1363 sc->rf_rev, sc->ntxchains, sc->nrxchains);
1365 /* check if RF supports automatic Tx access gain control */
1366 run_srom_read(sc, RT2860_EEPROM_CONFIG, &val);
1367 DPRINTF("EEPROM CFG 0x%04x\n", val);
1368 if ((val & 0xff) != 0xff) {
1369 sc->ext_5ghz_lna = (val >> 3) & 1;
1370 sc->ext_2ghz_lna = (val >> 2) & 1;
1371 sc->calib_2ghz = sc->calib_5ghz = (val >> 1) & 1;
1374 /* read power settings for 2GHz channels */
1375 for (i = 0; i < 14; i += 2) {
1376 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2, &val);
1377 sc->txpow1[i + 0] = (int8_t)(val & 0xff);
1378 sc->txpow1[i + 1] = (int8_t)(val >> 8);
1380 run_srom_read(sc, RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2, &val);
1381 sc->txpow2[i + 0] = (int8_t)(val & 0xff);
1382 sc->txpow2[i + 1] = (int8_t)(val >> 8);
1384 /* fix broken Tx power entries */
1385 for (i = 0; i < 14; i++) {
1386 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31)
1388 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31)
1390 DPRINTF("chan %d: power1=%d, power2=%d\n",
1391 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]);
1393 /* read power settings for 5GHz channels */
1394 for (i = 0; i < 36; i += 2) {
1395 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2, &val);
1396 sc->txpow1[i + 14] = (int8_t)(val & 0xff);
1397 sc->txpow1[i + 15] = (int8_t)(val >> 8);
1399 run_srom_read(sc, RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2, &val);
1400 sc->txpow2[i + 14] = (int8_t)(val & 0xff);
1401 sc->txpow2[i + 15] = (int8_t)(val >> 8);
1403 /* fix broken Tx power entries */
1404 for (i = 0; i < 36; i++) {
1405 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15)
1406 sc->txpow1[14 + i] = 5;
1407 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15)
1408 sc->txpow2[14 + i] = 5;
1409 DPRINTF("chan %d: power1=%d, power2=%d\n",
1410 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i],
1411 sc->txpow2[14 + i]);
1414 /* read Tx power compensation for each Tx rate */
1415 run_srom_read(sc, RT2860_EEPROM_DELTAPWR, &val);
1416 delta_2ghz = delta_5ghz = 0;
1417 if ((val & 0xff) != 0xff && (val & 0x80)) {
1418 delta_2ghz = val & 0xf;
1419 if (!(val & 0x40)) /* negative number */
1420 delta_2ghz = -delta_2ghz;
1423 if ((val & 0xff) != 0xff && (val & 0x80)) {
1424 delta_5ghz = val & 0xf;
1425 if (!(val & 0x40)) /* negative number */
1426 delta_5ghz = -delta_5ghz;
1428 DPRINTF("power compensation=%d (2GHz), %d (5GHz)\n",
1429 delta_2ghz, delta_5ghz);
1431 for (ridx = 0; ridx < 5; ridx++) {
1434 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx, &val);
1435 reg = (uint32_t)val << 16;
1436 run_srom_read(sc, RT2860_EEPROM_RPWR + ridx + 1, &val);
1439 sc->txpow20mhz[ridx] = reg;
1440 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz);
1441 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz);
1443 DPRINTF("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, "
1444 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx],
1445 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]);
1448 /* read RSSI offsets and LNA gains from EEPROM */
1449 run_srom_read(sc, RT2860_EEPROM_RSSI1_2GHZ, &val);
1450 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */
1451 sc->rssi_2ghz[1] = val >> 8; /* Ant B */
1452 run_srom_read(sc, RT2860_EEPROM_RSSI2_2GHZ, &val);
1453 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */
1454 sc->lna[2] = val >> 8; /* channel group 2 */
1456 run_srom_read(sc, RT2860_EEPROM_RSSI1_5GHZ, &val);
1457 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */
1458 sc->rssi_5ghz[1] = val >> 8; /* Ant B */
1459 run_srom_read(sc, RT2860_EEPROM_RSSI2_5GHZ, &val);
1460 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */
1461 sc->lna[3] = val >> 8; /* channel group 3 */
1463 run_srom_read(sc, RT2860_EEPROM_LNA, &val);
1464 sc->lna[0] = val & 0xff; /* channel group 0 */
1465 sc->lna[1] = val >> 8; /* channel group 1 */
1467 /* fix broken 5GHz LNA entries */
1468 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) {
1469 DPRINTF("invalid LNA for channel group %d\n", 2);
1470 sc->lna[2] = sc->lna[1];
1472 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) {
1473 DPRINTF("invalid LNA for channel group %d\n", 3);
1474 sc->lna[3] = sc->lna[1];
1477 /* fix broken RSSI offset entries */
1478 for (ant = 0; ant < 3; ant++) {
1479 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) {
1480 DPRINTF("invalid RSSI%d offset: %d (2GHz)\n",
1481 ant + 1, sc->rssi_2ghz[ant]);
1482 sc->rssi_2ghz[ant] = 0;
1484 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) {
1485 DPRINTF("invalid RSSI%d offset: %d (5GHz)\n",
1486 ant + 1, sc->rssi_5ghz[ant]);
1487 sc->rssi_5ghz[ant] = 0;
1493 struct ieee80211_node *
1494 run_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN])
1496 return malloc(sizeof (struct run_node), M_DEVBUF, M_NOWAIT | M_ZERO);
1500 run_media_change(struct ifnet *ifp)
1502 const struct ieee80211_txparam *tp;
1503 struct run_softc *sc = ifp->if_softc;
1504 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
1505 struct ieee80211vap *vap = &sc->sc_rvp->vap;
1511 error = ieee80211_media_change(ifp);
1512 if (error != ENETRESET)
1516 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)];
1517 if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) {
1518 rate = ic->ic_sup_rates[ic->ic_curmode].
1519 rs_rates[tp->ucastrate] & IEEE80211_RATE_VAL;
1520 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
1521 if (rt2860_rates[ridx].rate == rate)
1523 sc->fixed_ridx = ridx;
1526 if ((ifp->if_flags & IFF_UP) &&
1527 (ifp->if_drv_flags & IFF_DRV_RUNNING)){
1528 run_init_locked(sc);
1537 run_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
1539 const struct ieee80211_txparam *tp;
1540 struct ieee80211com *ic = vap->iv_ic;
1541 struct run_softc *sc = ic->ic_ifp->if_softc;
1542 struct run_vap *rvp = RUN_VAP(vap);
1543 enum ieee80211_state ostate;
1544 struct ieee80211_node *ni;
1548 ostate = vap->iv_state;
1549 DPRINTF("%s -> %s\n",
1550 ieee80211_state_name[ostate],
1551 ieee80211_state_name[nstate]);
1553 IEEE80211_UNLOCK(ic);
1556 sc->sc_rvp->amrr_run = RUN_AMRR_OFF;
1557 usb_callout_stop(&rvp->amrr_ch);
1559 if (ostate == IEEE80211_S_RUN) {
1560 /* turn link LED off */
1561 run_set_leds(sc, RT2860_LED_RADIO);
1565 case IEEE80211_S_INIT:
1566 if (ostate == IEEE80211_S_RUN) {
1567 /* abort TSF synchronization */
1568 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
1569 run_write(sc, RT2860_BCN_TIME_CFG,
1570 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
1571 RT2860_TBTT_TIMER_EN));
1575 case IEEE80211_S_RUN:
1578 if (vap->iv_opmode != IEEE80211_M_MONITOR) {
1579 run_updateslot(ic->ic_ifp);
1581 run_set_txpreamble(sc);
1582 run_set_basicrates(sc);
1583 IEEE80211_ADDR_COPY(sc->sc_bssid, ni->ni_bssid);
1584 run_set_bssid(sc, ni->ni_bssid);
1587 if (vap->iv_opmode == IEEE80211_M_STA) {
1588 /* add BSS entry to the WCID table */
1589 wcid = RUN_AID2WCID(ni->ni_associd);
1590 run_write_region_1(sc, RT2860_WCID_ENTRY(wcid),
1591 ni->ni_macaddr, IEEE80211_ADDR_LEN);
1594 if (vap->iv_opmode == IEEE80211_M_HOSTAP ||
1595 vap->iv_opmode == IEEE80211_M_IBSS)
1596 run_update_beacon_locked(vap, 0);
1598 if (vap->iv_opmode != IEEE80211_M_MONITOR) {
1599 run_enable_tsf_sync(sc);
1602 /* enable automatic rate adaptation */
1603 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)];
1604 if (tp->ucastrate == IEEE80211_FIXED_RATE_NONE)
1605 run_amrr_start(sc, ni);
1607 /* turn link LED on */
1608 run_set_leds(sc, RT2860_LED_RADIO |
1609 (IEEE80211_IS_CHAN_2GHZ(vap->iv_bss->ni_chan) ?
1610 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ));
1614 DPRINTFN(6, "undefined case\n");
1621 return(rvp->newstate(vap, nstate, arg));
1624 /* another taskqueue, so usbd_do_request() can go sleep */
1626 run_wme_update(struct ieee80211com *ic)
1628 struct run_softc *sc = ic->ic_ifp->if_softc;
1630 ieee80211_runtask(ic, &sc->wme_task);
1632 /* return whatever, upper layer desn't care anyway */
1638 run_wme_update_cb(void *arg, int pending)
1640 struct ieee80211com *ic = arg;
1641 struct run_softc *sc = ic->ic_ifp->if_softc;
1642 struct ieee80211_wme_state *wmesp = &ic->ic_wme;
1647 /* update MAC TX configuration registers */
1648 for (aci = 0; aci < WME_NUM_AC; aci++) {
1649 error = run_write(sc, RT2860_EDCA_AC_CFG(aci),
1650 wmesp->wme_params[aci].wmep_logcwmax << 16 |
1651 wmesp->wme_params[aci].wmep_logcwmin << 12 |
1652 wmesp->wme_params[aci].wmep_aifsn << 8 |
1653 wmesp->wme_params[aci].wmep_txopLimit);
1657 /* update SCH/DMA registers too */
1658 error = run_write(sc, RT2860_WMM_AIFSN_CFG,
1659 wmesp->wme_params[WME_AC_VO].wmep_aifsn << 12 |
1660 wmesp->wme_params[WME_AC_VI].wmep_aifsn << 8 |
1661 wmesp->wme_params[WME_AC_BK].wmep_aifsn << 4 |
1662 wmesp->wme_params[WME_AC_BE].wmep_aifsn);
1664 error = run_write(sc, RT2860_WMM_CWMIN_CFG,
1665 wmesp->wme_params[WME_AC_VO].wmep_logcwmin << 12 |
1666 wmesp->wme_params[WME_AC_VI].wmep_logcwmin << 8 |
1667 wmesp->wme_params[WME_AC_BK].wmep_logcwmin << 4 |
1668 wmesp->wme_params[WME_AC_BE].wmep_logcwmin);
1670 error = run_write(sc, RT2860_WMM_CWMAX_CFG,
1671 wmesp->wme_params[WME_AC_VO].wmep_logcwmax << 12 |
1672 wmesp->wme_params[WME_AC_VI].wmep_logcwmax << 8 |
1673 wmesp->wme_params[WME_AC_BK].wmep_logcwmax << 4 |
1674 wmesp->wme_params[WME_AC_BE].wmep_logcwmax);
1676 error = run_write(sc, RT2860_WMM_TXOP0_CFG,
1677 wmesp->wme_params[WME_AC_BK].wmep_txopLimit << 16 |
1678 wmesp->wme_params[WME_AC_BE].wmep_txopLimit);
1680 error = run_write(sc, RT2860_WMM_TXOP1_CFG,
1681 wmesp->wme_params[WME_AC_VO].wmep_txopLimit << 16 |
1682 wmesp->wme_params[WME_AC_VI].wmep_txopLimit);
1686 DPRINTF("WME update failed\n");
1693 run_key_update_begin(struct ieee80211vap *vap)
1696 * Because run_key_delete() needs special attention
1697 * on lock related operation, lock handling is being done
1698 * differently in run_key_set and _delete.
1700 * So, we don't use key_update_begin and _end.
1705 run_key_update_end(struct ieee80211vap *vap)
1714 run_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k,
1715 const uint8_t mac[IEEE80211_ADDR_LEN])
1717 struct ieee80211com *ic = vap->iv_ic;
1718 struct ifnet *ifp = ic->ic_ifp;
1719 struct run_softc *sc = ifp->if_softc;
1720 struct ieee80211_node *ni;
1722 uint16_t base, associd;
1723 uint8_t mode, wcid, txmic, rxmic, iv[8];
1728 if(vap->iv_opmode == IEEE80211_M_HOSTAP){
1729 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, mac);
1730 associd = (ni != NULL) ? ni->ni_associd : 0;
1732 ieee80211_free_node(ni);
1737 associd = (ni != NULL) ? ni->ni_associd : 0;
1742 /* map net80211 cipher to RT2860 security mode */
1743 switch (k->wk_cipher->ic_cipher) {
1744 case IEEE80211_CIPHER_WEP:
1745 if(k->wk_keylen < 8)
1746 mode = RT2860_MODE_WEP40;
1748 mode = RT2860_MODE_WEP104;
1750 case IEEE80211_CIPHER_TKIP:
1751 mode = RT2860_MODE_TKIP;
1753 case IEEE80211_CIPHER_AES_CCM:
1754 mode = RT2860_MODE_AES_CCMP;
1757 DPRINTF("undefined case\n");
1761 DPRINTFN(1, "associd=%x, keyix=%d, mode=%x, type=%s\n",
1762 associd, k->wk_keyix, mode,
1763 (k->wk_flags & IEEE80211_KEY_GROUP) ? "group" : "pairwise");
1765 if (k->wk_flags & IEEE80211_KEY_GROUP) {
1766 wcid = 0; /* NB: update WCID0 for group keys */
1767 base = RT2860_SKEY(0, k->wk_keyix);
1769 wcid = RUN_AID2WCID(associd);
1770 base = RT2860_PKEY(wcid);
1773 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) {
1774 if(run_write_region_1(sc, base, k->wk_key, 16))
1776 if(run_write_region_1(sc, base + 16, &k->wk_key[txmic], 8)) /* wk_txmic */
1778 if(run_write_region_1(sc, base + 24, &k->wk_key[rxmic], 8)) /* wk_rxmic */
1781 /* roundup len to 16-bit: XXX fix write_region_1() instead */
1782 if(run_write_region_1(sc, base, k->wk_key, (k->wk_keylen + 1) & ~1))
1786 if (!(k->wk_flags & IEEE80211_KEY_GROUP) ||
1787 (k->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))) {
1788 /* set initial packet number in IV+EIV */
1789 if (k->wk_cipher == IEEE80211_CIPHER_WEP){
1790 memset(iv, 0, sizeof iv);
1791 iv[3] = sc->sc_rvp->vap.iv_def_txkey << 6;
1793 if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) {
1794 iv[0] = k->wk_keytsc >> 8;
1795 iv[1] = (iv[0] | 0x20) & 0x7f;
1796 iv[2] = k->wk_keytsc;
1798 iv[0] = k->wk_keytsc;
1799 iv[1] = k->wk_keytsc >> 8;
1802 iv[3] = k->wk_keyix << 6 | IEEE80211_WEP_EXTIV;
1803 iv[4] = k->wk_keytsc >> 16;
1804 iv[5] = k->wk_keytsc >> 24;
1805 iv[6] = k->wk_keytsc >> 32;
1806 iv[7] = k->wk_keytsc >> 40;
1808 if(run_write_region_1(sc, RT2860_IVEIV(wcid), iv, 8))
1812 if (k->wk_flags & IEEE80211_KEY_GROUP) {
1813 /* install group key */
1814 if(run_read(sc, RT2860_SKEY_MODE_0_7, &attr))
1816 attr &= ~(0xf << (k->wk_keyix * 4));
1817 attr |= mode << (k->wk_keyix * 4);
1818 if(run_write(sc, RT2860_SKEY_MODE_0_7, attr))
1821 /* install pairwise key */
1822 if(run_read(sc, RT2860_WCID_ATTR(wcid), &attr))
1824 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN;
1825 if(run_write(sc, RT2860_WCID_ATTR(wcid), attr))
1829 /* TODO create a pass-thru key entry? */
1833 return (error? 0 : 1);
1840 run_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k)
1842 struct ieee80211com *ic = vap->iv_ic;
1843 struct run_softc *sc = ic->ic_ifp->if_softc;
1844 struct ieee80211_node *ni = vap->iv_bss;
1845 struct ieee80211_node_table *nt = &ic->ic_sta;
1849 uint8_t nislocked, cislocked;
1851 if((nislocked = IEEE80211_NODE_IS_LOCKED(nt)))
1852 IEEE80211_NODE_UNLOCK(nt);
1853 if((cislocked = mtx_owned(&ic->ic_comlock.mtx)))
1854 IEEE80211_UNLOCK(ic);
1857 if (k->wk_flags & IEEE80211_KEY_GROUP) {
1858 /* remove group key */
1859 if(run_read(sc, RT2860_SKEY_MODE_0_7, &attr))
1861 attr &= ~(0xf << (k->wk_keyix * 4));
1862 if(run_write(sc, RT2860_SKEY_MODE_0_7, attr))
1865 /* remove pairwise key */
1866 wcid = RUN_AID2WCID((ni != NULL) ? ni->ni_associd : 0);
1867 if(run_read(sc, RT2860_WCID_ATTR(wcid), &attr))
1870 if(run_write(sc, RT2860_WCID_ATTR(wcid), attr))
1879 IEEE80211_NODE_LOCK(nt);
1881 return (error? 0 : 1);
1885 run_amrr_start(struct run_softc *sc, struct ieee80211_node *ni)
1887 struct ieee80211vap *vap = ni->ni_vap;
1888 struct run_vap *rvp = RUN_VAP(vap);
1892 RUN_LOCK_ASSERT(sc, MA_OWNED);
1894 /* read statistic counters (clear on read) and update AMRR state */
1895 run_read_region_1(sc, RT2860_TX_STA_CNT0,
1896 (uint8_t *)sta, sizeof sta);
1898 wcid = RUN_AID2WCID(ni == NULL ? 0 : ni->ni_associd);
1899 ieee80211_amrr_node_init(&rvp->amrr, &rvp->amn[wcid], ni);
1901 /* start at lowest available bit-rate, AMRR will raise */
1904 /* start calibration timer */
1905 rvp->amrr_run = RUN_AMRR_ON;
1906 usb_callout_reset(&rvp->amrr_ch, hz, run_amrr_to, rvp);
1910 run_amrr_to(void *arg)
1912 struct run_vap *rvp = arg;
1914 /* do it in a process context, so it can go sleep */
1915 ieee80211_runtask(rvp->vap.iv_ic, &rvp->amrr_task);
1916 /* next timeout will be rescheduled in the callback task */
1921 run_amrr_cb(void *arg, int pending)
1923 struct run_vap *rvp = arg;
1924 struct ieee80211vap *vap = &rvp->vap;
1925 struct ieee80211com *ic = vap->iv_ic;
1926 struct run_softc *sc = ic->ic_ifp->if_softc;
1928 if (ic->ic_opmode == IEEE80211_M_STA)
1929 run_iter_func(rvp, vap->iv_bss);
1932 * run_reset_livelock() doesn't do anything with AMRR,
1933 * but Ralink wants us to call it every 1 sec. So, we
1934 * piggyback here rather than creating another callout.
1935 * Livelock may occur only in HOSTAP or IBSS mode
1936 * (when h/w is sending beacons).
1939 run_reset_livelock(sc);
1941 ieee80211_iterate_nodes(&ic->ic_sta, run_iter_func, rvp);
1944 if(rvp->amrr_run == RUN_AMRR_ON)
1945 usb_callout_reset(&rvp->amrr_ch, hz, run_amrr_to, rvp);
1950 run_iter_func(void *arg, struct ieee80211_node *ni)
1952 struct run_vap *rvp = arg;
1953 struct ieee80211com *ic = rvp->vap.iv_ic;
1954 struct ifnet *ifp = ic->ic_ifp;
1955 struct run_softc *sc = ifp->if_softc;
1956 struct ieee80211_node_table *nt = &ic->ic_sta;
1957 struct ieee80211_amrr_node *amn = &rvp->amn[0]; /* make compiler happy */
1958 uint32_t sta[3], stat;
1960 uint8_t wcid, mcs, pid;
1962 if(ic->ic_opmode != IEEE80211_M_STA)
1963 IEEE80211_NODE_ITERATE_UNLOCK(nt);
1967 if(ic->ic_opmode != IEEE80211_M_STA){
1968 /* drain Tx status FIFO (maxsize = 16) */
1969 run_read(sc, RT2860_TX_STAT_FIFO, &stat);
1970 while (stat & RT2860_TXQ_VLD) {
1971 DPRINTFN(4, "tx stat 0x%08x\n", stat);
1973 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff;
1975 /* if no ACK was requested, no feedback is available */
1976 if (!(stat & RT2860_TXQ_ACKREQ) || wcid == 0xff)
1979 /* update per-STA AMRR stats */
1980 amn = &rvp->amn[wcid];
1982 if (stat & RT2860_TXQ_OK) {
1985 * Check if there were retries, ie if the Tx
1986 * success rate is different from the requested
1987 * rate. Note that it works only because we do
1988 * not allow rate fallback from OFDM to CCK.
1990 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f;
1991 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf;
1993 amn->amn_retrycnt++;
1995 amn->amn_retrycnt++;
1998 run_read_region_1(sc, RT2860_TX_STAT_FIFO,
1999 (uint8_t *)&stat, sizeof stat);
2001 DPRINTFN(3, "retrycnt=%d txcnt=%d success=%d\n",
2002 amn->amn_retrycnt, amn->amn_txcnt, amn->amn_success);
2004 /* read statistic counters (clear on read) and update AMRR state */
2005 error = run_read_region_1(sc, RT2860_TX_STA_CNT0, (uint8_t *)sta,
2010 DPRINTFN(3, "retrycnt=%d txcnt=%d failcnt=%d\n",
2011 le32toh(sta[1]) >> 16, le32toh(sta[1]) & 0xffff,
2012 le32toh(sta[0]) & 0xffff);
2014 wcid = RUN_AID2WCID(ni == NULL ? 0 : ni->ni_associd);
2015 amn = &rvp->amn[wcid];
2017 /* count failed TX as errors */
2018 ifp->if_oerrors += le32toh(sta[0]) & 0xffff;
2021 (le32toh(sta[0]) & 0xffff) + /* failed TX count */
2022 (le32toh(sta[1]) >> 16); /* TX retransmission count */
2026 (le32toh(sta[1]) & 0xffff); /* successful TX count */
2029 (le32toh(sta[1]) >> 16) +
2030 (le32toh(sta[1]) & 0xffff);
2033 ieee80211_amrr_choose(ni, amn);
2038 if(ic->ic_opmode != IEEE80211_M_STA)
2039 IEEE80211_NODE_ITERATE_LOCK(nt);
2043 run_newassoc(struct ieee80211_node *ni, int isnew)
2045 struct run_node *rn = (void *)ni;
2046 struct ieee80211_rateset *rs = &ni->ni_rates;
2050 DPRINTF("new assoc isnew=%d addr=%s\n",
2051 isnew, ether_sprintf(ni->ni_macaddr));
2053 for (i = 0; i < rs->rs_nrates; i++) {
2054 rate = rs->rs_rates[i] & IEEE80211_RATE_VAL;
2055 /* convert 802.11 rate to hardware rate index */
2056 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2057 if (rt2860_rates[ridx].rate == rate)
2060 /* determine rate of control response frames */
2061 for (j = i; j >= 0; j--) {
2062 if ((rs->rs_rates[j] & IEEE80211_RATE_BASIC) &&
2063 rt2860_rates[rn->ridx[i]].phy ==
2064 rt2860_rates[rn->ridx[j]].phy)
2068 rn->ctl_ridx[i] = rn->ridx[j];
2070 /* no basic rate found, use mandatory one */
2071 rn->ctl_ridx[i] = rt2860_rates[ridx].ctl_ridx;
2073 DPRINTF("rate=0x%02x ridx=%d ctl_ridx=%d\n",
2074 rs->rs_rates[i], rn->ridx[i], rn->ctl_ridx[i]);
2079 * Return the Rx chain with the highest RSSI for a given frame.
2081 static __inline uint8_t
2082 run_maxrssi_chain(struct run_softc *sc, const struct rt2860_rxwi *rxwi)
2084 uint8_t rxchain = 0;
2086 if (sc->nrxchains > 1) {
2087 if (rxwi->rssi[1] > rxwi->rssi[rxchain])
2089 if (sc->nrxchains > 2)
2090 if (rxwi->rssi[2] > rxwi->rssi[rxchain])
2097 run_rx_frame(struct run_softc *sc, struct mbuf *m, uint32_t dmalen)
2099 struct ifnet *ifp = sc->sc_ifp;
2100 struct ieee80211vap *vap = &sc->sc_rvp->vap;
2101 struct ieee80211com *ic = ifp->if_l2com;
2102 struct ieee80211_frame *wh;
2103 struct ieee80211_node *ni;
2104 struct rt2870_rxd *rxd;
2105 struct rt2860_rxwi *rxwi;
2111 rxwi = mtod(m, struct rt2860_rxwi *);
2112 len = le16toh(rxwi->len) & 0xfff;
2113 if (__predict_false(len > dmalen)) {
2116 DPRINTF("bad RXWI length %u > %u\n", len, dmalen);
2119 /* Rx descriptor is located at the end */
2120 rxd = (struct rt2870_rxd *)(mtod(m, caddr_t) + dmalen);
2121 flags = le32toh(rxd->flags);
2123 if (__predict_false(flags & (RT2860_RX_CRCERR | RT2860_RX_ICVERR))) {
2126 DPRINTF("%s error.\n", (flags & RT2860_RX_CRCERR)?"CRC":"ICV");
2130 m->m_data += sizeof(struct rt2860_rxwi);
2131 m->m_pkthdr.len = m->m_len -= sizeof(struct rt2860_rxwi);
2133 wh = mtod(m, struct ieee80211_frame *);
2135 if (wh->i_fc[1] & IEEE80211_FC1_WEP){
2136 wh->i_fc[1] &= ~IEEE80211_FC1_WEP;
2137 m->m_flags |= M_WEP;
2140 if (flags & RT2860_RX_L2PAD){
2141 DPRINTFN(8, "received RT2860_RX_L2PAD frame\n");
2145 if (__predict_false(flags & RT2860_RX_MICERR)) {
2146 /* report MIC failures to net80211 for TKIP */
2147 ieee80211_notify_michael_failure(vap, wh, rxwi->keyidx);
2150 DPRINTF("MIC error. Someone is lying.\n");
2154 ant = run_maxrssi_chain(sc, rxwi);
2155 rssi = rxwi->rssi[ant];
2156 nf = run_rssi2dbm(sc, rssi, ant);
2158 m->m_pkthdr.rcvif = ifp;
2159 m->m_pkthdr.len = m->m_len = len;
2161 ni = ieee80211_find_rxnode(ic,
2162 mtod(m, struct ieee80211_frame_min *));
2164 (void)ieee80211_input(ni, m, rssi, nf);
2165 ieee80211_free_node(ni);
2167 (void)ieee80211_input_all(ic, m, rssi, nf);
2170 if(__predict_false(ieee80211_radiotap_active(ic))){
2171 struct run_rx_radiotap_header *tap = &sc->sc_rxtap;
2174 tap->wr_chan_freq = htole16(ic->ic_bsschan->ic_freq);
2175 tap->wr_chan_flags = htole16(ic->ic_bsschan->ic_flags);
2176 tap->wr_antsignal = rssi;
2177 tap->wr_antenna = ant;
2178 tap->wr_dbm_antsignal = run_rssi2dbm(sc, rssi, ant);
2179 tap->wr_rate = 2; /* in case it can't be found below */
2180 phy = le16toh(rxwi->phy);
2181 switch (phy & RT2860_PHY_MODE) {
2182 case RT2860_PHY_CCK:
2183 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) {
2184 case 0: tap->wr_rate = 2; break;
2185 case 1: tap->wr_rate = 4; break;
2186 case 2: tap->wr_rate = 11; break;
2187 case 3: tap->wr_rate = 22; break;
2189 if (phy & RT2860_PHY_SHPRE)
2190 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
2192 case RT2860_PHY_OFDM:
2193 switch (phy & RT2860_PHY_MCS) {
2194 case 0: tap->wr_rate = 12; break;
2195 case 1: tap->wr_rate = 18; break;
2196 case 2: tap->wr_rate = 24; break;
2197 case 3: tap->wr_rate = 36; break;
2198 case 4: tap->wr_rate = 48; break;
2199 case 5: tap->wr_rate = 72; break;
2200 case 6: tap->wr_rate = 96; break;
2201 case 7: tap->wr_rate = 108; break;
2209 run_bulk_rx_callback(struct usb_xfer *xfer, usb_error_t error)
2211 struct run_softc *sc = usbd_xfer_softc(xfer);
2212 struct ifnet *ifp = sc->sc_ifp;
2213 struct mbuf *m = NULL;
2218 usbd_xfer_status(xfer, &xferlen, NULL, NULL, NULL);
2220 switch (USB_GET_STATE(xfer)) {
2221 case USB_ST_TRANSFERRED:
2223 DPRINTFN(15, "rx done, actlen=%d\n", xferlen);
2225 if (xferlen < sizeof (uint32_t) +
2226 sizeof (struct rt2860_rxwi) + sizeof (struct rt2870_rxd)) {
2227 DPRINTF("xfer too short %d\n", xferlen);
2237 if (sc->rx_m == NULL) {
2238 sc->rx_m = m_getjcl(M_DONTWAIT, MT_DATA, M_PKTHDR,
2239 MJUMPAGESIZE /* xfer can be bigger than MCLBYTES */);
2241 if (sc->rx_m == NULL) {
2242 DPRINTF("could not allocate mbuf - idle with stall\n");
2244 usbd_xfer_set_stall(xfer);
2245 usbd_xfer_set_frames(xfer, 0);
2248 * Directly loading a mbuf cluster into DMA to
2249 * save some data copying. This works because
2250 * there is only one cluster.
2252 usbd_xfer_set_frame_data(xfer, 0,
2253 mtod(sc->rx_m, caddr_t), RUN_MAX_RXSZ);
2254 usbd_xfer_set_frames(xfer, 1);
2256 usbd_transfer_submit(xfer);
2259 default: /* Error */
2260 if (error != USB_ERR_CANCELLED) {
2261 /* try to clear stall first */
2262 usbd_xfer_set_stall(xfer);
2264 if (error == USB_ERR_TIMEOUT)
2265 device_printf(sc->sc_dev, "device timeout\n");
2271 if(sc->rx_m != NULL){
2281 /* inputting all the frames must be last */
2285 m->m_pkthdr.len = m->m_len = xferlen;
2287 /* HW can aggregate multiple 802.11 frames in a single USB xfer */
2289 dmalen = le32toh(*mtod(m, uint32_t *)) & 0xffff;
2291 if ((dmalen == 0) || ((dmalen & 3) != 0)) {
2292 DPRINTF("bad DMA length %u\n", dmalen);
2295 if ((dmalen + 8) > xferlen) {
2296 DPRINTF("bad DMA length %u > %d\n",
2297 dmalen + 8, xferlen);
2301 /* If it is the last one or a single frame, we won't copy. */
2302 if((xferlen -= dmalen + 8) <= 8){
2303 /* trim 32-bit DMA-len header */
2305 m->m_pkthdr.len = m->m_len -= 4;
2306 run_rx_frame(sc, m, dmalen);
2310 /* copy aggregated frames to another mbuf */
2311 m0 = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR);
2312 if (__predict_false(m0 == NULL)) {
2313 DPRINTF("could not allocate mbuf\n");
2317 m_copydata(m, 4 /* skip 32-bit DMA-len header */,
2318 dmalen + sizeof(struct rt2870_rxd), mtod(m0, caddr_t));
2319 m0->m_pkthdr.len = m0->m_len =
2320 dmalen + sizeof(struct rt2870_rxd);
2321 run_rx_frame(sc, m0, dmalen);
2323 /* update data ptr */
2324 m->m_data += dmalen + 8;
2325 m->m_pkthdr.len = m->m_len -= dmalen + 8;
2332 run_tx_free(struct run_endpoint_queue *pq,
2333 struct run_tx_data *data, int txerr)
2335 if (data->m != NULL) {
2336 if (data->m->m_flags & M_TXCB)
2337 ieee80211_process_callback(data->ni, data->m,
2338 txerr ? ETIMEDOUT : 0);
2342 if(data->ni == NULL) {
2343 DPRINTF("no node\n");
2345 ieee80211_free_node(data->ni);
2350 STAILQ_INSERT_TAIL(&pq->tx_fh, data, next);
2355 run_bulk_tx_callbackN(struct usb_xfer *xfer, usb_error_t error, unsigned int index)
2357 struct run_softc *sc = usbd_xfer_softc(xfer);
2358 struct ifnet *ifp = sc->sc_ifp;
2359 struct run_tx_data *data;
2360 struct ieee80211vap *vap = NULL;
2361 struct usb_page_cache *pc;
2362 struct run_endpoint_queue *pq = &sc->sc_epq[index];
2364 usb_frlength_t size;
2369 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
2371 switch (USB_GET_STATE(xfer)){
2372 case USB_ST_TRANSFERRED:
2373 DPRINTFN(11, "transfer complete: %d "
2374 "bytes @ index %d\n", actlen, index);
2376 data = usbd_xfer_get_priv(xfer);
2378 run_tx_free(pq, data, 0);
2379 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
2381 usbd_xfer_set_priv(xfer, NULL);
2388 data = STAILQ_FIRST(&pq->tx_qh);
2392 STAILQ_REMOVE_HEAD(&pq->tx_qh, next);
2395 if (m->m_pkthdr.len > RUN_MAX_TXSZ) {
2396 DPRINTF("data overflow, %u bytes\n",
2401 run_tx_free(pq, data, 1);
2406 pc = usbd_xfer_get_frame(xfer, 0);
2407 size = sizeof(data->desc);
2408 usbd_copy_in(pc, 0, &data->desc, size);
2409 usbd_m_copy_in(pc, size, m, 0, m->m_pkthdr.len);
2411 vap = data->ni->ni_vap;
2412 if (ieee80211_radiotap_active_vap(vap)) {
2413 struct run_tx_radiotap_header *tap = &sc->sc_txtap;
2416 tap->wt_rate = rt2860_rates[data->ridx].rate;
2417 tap->wt_chan_freq = htole16(vap->iv_bss->ni_chan->ic_freq);
2418 tap->wt_chan_flags = htole16(vap->iv_bss->ni_chan->ic_flags);
2419 tap->wt_hwqueue = index;
2420 if (data->mcs & RT2860_PHY_SHPRE)
2421 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
2423 ieee80211_radiotap_tx(vap, m);
2426 /* align end on a 4-bytes boundary */
2427 len = (size + m->m_pkthdr.len + 3) & ~3;
2429 DPRINTFN(11, "sending frame len=%u xferlen=%u @ index %d\n",
2430 m->m_pkthdr.len, len, index);
2432 usbd_xfer_set_frame_len(xfer, 0, len);
2433 usbd_xfer_set_priv(xfer, data);
2435 usbd_transfer_submit(xfer);
2444 DPRINTF("USB transfer error, %s\n",
2445 usbd_errstr(error));
2447 data = usbd_xfer_get_priv(xfer);
2452 run_tx_free(pq, data, error);
2453 usbd_xfer_set_priv(xfer, NULL);
2456 if (error != USB_ERR_CANCELLED) {
2457 if (error == USB_ERR_TIMEOUT) {
2458 device_printf(sc->sc_dev, "device timeout\n");
2459 ieee80211_runtask(ifp->if_l2com, &sc->usb_timeout_task);
2463 * Try to clear stall first, also if other
2464 * errors occur, hence clearing stall
2465 * introduces a 50 ms delay:
2467 usbd_xfer_set_stall(xfer);
2475 run_bulk_tx_callback0(struct usb_xfer *xfer, usb_error_t error)
2477 run_bulk_tx_callbackN(xfer, error, 0);
2481 run_bulk_tx_callback1(struct usb_xfer *xfer, usb_error_t error)
2483 run_bulk_tx_callbackN(xfer, error, 1);
2487 run_bulk_tx_callback2(struct usb_xfer *xfer, usb_error_t error)
2489 run_bulk_tx_callbackN(xfer, error, 2);
2493 run_bulk_tx_callback3(struct usb_xfer *xfer, usb_error_t error)
2495 run_bulk_tx_callbackN(xfer, error, 3);
2499 run_bulk_tx_callback4(struct usb_xfer *xfer, usb_error_t error)
2501 run_bulk_tx_callbackN(xfer, error, 4);
2505 run_bulk_tx_callback5(struct usb_xfer *xfer, usb_error_t error)
2507 run_bulk_tx_callbackN(xfer, error, 5);
2511 run_set_tx_desc(struct run_softc *sc, struct run_tx_data *data,
2512 uint8_t wflags, uint8_t xflags, uint8_t opflags, uint8_t dflags,
2513 uint8_t type, uint8_t pad)
2515 struct mbuf *m = data->m;
2516 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
2517 struct ieee80211vap *vap = &sc->sc_rvp->vap;
2518 struct ieee80211_frame *wh;
2519 struct rt2870_txd *txd;
2520 struct rt2860_txwi *txwi;
2523 uint8_t ridx = data->ridx;
2525 /* get MCS code from rate index */
2526 data->mcs = mcs = rt2860_rates[ridx].mcs;
2528 xferlen = sizeof(*txwi) + m->m_pkthdr.len;
2530 /* roundup to 32-bit alignment */
2531 xferlen = (xferlen + 3) & ~3;
2533 txd = (struct rt2870_txd *)&data->desc;
2534 txd->flags = dflags;
2535 txd->len = htole16(xferlen);
2537 /* setup TX Wireless Information */
2538 txwi = (struct rt2860_txwi *)(txd + 1);
2539 txwi->flags = wflags;
2540 txwi->xflags = xflags;
2541 txwi->wcid = (type == IEEE80211_FC0_TYPE_DATA) ?
2542 RUN_AID2WCID(data->ni->ni_associd) : 0xff;
2543 txwi->len = htole16(m->m_pkthdr.len - pad);
2544 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) {
2545 txwi->phy = htole16(RT2860_PHY_CCK);
2546 if (ridx != RT2860_RIDX_CCK1 &&
2547 (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
2548 mcs |= RT2860_PHY_SHPRE;
2550 txwi->phy = htole16(RT2860_PHY_OFDM);
2551 txwi->phy |= htole16(mcs);
2553 wh = mtod(m, struct ieee80211_frame *);
2555 /* check if RTS/CTS or CTS-to-self protection is required */
2556 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
2557 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold ||
2558 ((ic->ic_flags & IEEE80211_F_USEPROT) &&
2559 rt2860_rates[ridx].phy == IEEE80211_T_OFDM)))
2560 txwi->txop = RT2860_TX_TXOP_HT | opflags;
2562 txwi->txop = RT2860_TX_TXOP_BACKOFF | opflags;
2565 /* This function must be called locked */
2567 run_tx(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni)
2569 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
2570 struct ieee80211vap *vap = &sc->sc_rvp->vap;
2571 struct ieee80211_frame *wh;
2572 const struct ieee80211_txparam *tp;
2573 struct run_tx_data *data;
2586 RUN_LOCK_ASSERT(sc, MA_OWNED);
2588 wh = mtod(m, struct ieee80211_frame *);
2590 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
2593 * There are 7 bulk endpoints: 1 for RX
2594 * and 6 for TX (4 EDCAs + HCCA + Prio).
2595 * Update 03-14-2009: some devices like the Planex GW-US300MiniS
2596 * seem to have only 4 TX bulk endpoints (Fukaumi Naoki).
2598 if ((hasqos = IEEE80211_QOS_HAS_SEQ(wh))) {
2601 if(IEEE80211_HAS_ADDR4(wh))
2602 frm = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos;
2604 frm =((struct ieee80211_qosframe *)wh)->i_qos;
2606 qos = le16toh(*(const uint16_t *)frm);
2607 tid = qos & IEEE80211_QOS_TID;
2608 qid = TID_TO_WME_AC(tid);
2616 qflags = (qid < 4) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_HCCA;
2618 DPRINTFN(8, "qos %d\tqid %d\ttid %d\tqflags %x\n",
2619 qos, qid, tid, qflags);
2621 tp = &vap->iv_txparms[ieee80211_chan2mode(ni->ni_chan)];
2623 /* pickup a rate index */
2624 if (IEEE80211_IS_MULTICAST(wh->i_addr1) ||
2625 type != IEEE80211_FC0_TYPE_DATA) {
2626 ridx = (ic->ic_curmode == IEEE80211_MODE_11A) ?
2627 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1;
2628 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
2629 } else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) {
2630 ridx = sc->fixed_ridx;
2631 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
2633 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++){
2634 if (rt2860_rates[ridx].rate == ni->ni_txrate)
2637 ctl_ridx = rt2860_rates[ridx].ctl_ridx;
2640 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
2641 (!hasqos || (qos & IEEE80211_QOS_ACKPOLICY) !=
2642 IEEE80211_QOS_ACKPOLICY_NOACK)) {
2643 xflags |= RT2860_TX_ACK;
2644 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
2645 dur = rt2860_rates[ridx].sp_ack_dur;
2647 dur = rt2860_rates[ridx].lp_ack_dur;
2648 *(uint16_t *)wh->i_dur = htole16(dur + sc->sifs);
2651 /* reserve slots for mgmt packets, just in case */
2652 if (sc->sc_epq[qid].tx_nfree < 3) {
2653 DPRINTFN(10, "tx ring %d is full\n", qid);
2657 data = STAILQ_FIRST(&sc->sc_epq[qid].tx_fh);
2658 STAILQ_REMOVE_HEAD(&sc->sc_epq[qid].tx_fh, next);
2659 sc->sc_epq[qid].tx_nfree--;
2665 run_set_tx_desc(sc, data, 0, xflags, 0, qflags, type, pad);
2667 STAILQ_INSERT_TAIL(&sc->sc_epq[qid].tx_qh, data, next);
2669 usbd_transfer_start(sc->sc_xfer[qid]);
2671 DPRINTFN(8, "sending data frame len=%d rate=%d qid=%d\n", m->m_pkthdr.len +
2672 (int)(sizeof (struct rt2870_txd) + sizeof (struct rt2860_rxwi)),
2673 rt2860_rates[ridx].rate, qid);
2679 run_tx_mgt(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni)
2681 const struct ieee80211_txparam *tp;
2682 struct ifnet *ifp = sc->sc_ifp;
2683 struct ieee80211vap *vap = ni->ni_vap;
2684 struct ieee80211com *ic = ifp->if_l2com;
2685 struct run_tx_data *data;
2686 struct ieee80211_frame *wh;
2692 RUN_LOCK_ASSERT(sc, MA_OWNED);
2694 wh = mtod(m, struct ieee80211_frame *);
2696 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
2697 tp = &vap->iv_txparms[ieee80211_chan2mode(ic->ic_curchan)];
2699 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
2700 xflags |= RT2860_TX_ACK;
2702 dur = ieee80211_ack_duration(ic->ic_rt, tp->mgmtrate,
2703 ic->ic_flags & IEEE80211_F_SHPREAMBLE);
2704 *(uint16_t *)wh->i_dur = htole16(dur);
2706 /* tell hardware to add timestamp for probe responses */
2708 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
2709 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
2710 xflags |= RT2860_TX_TS;
2713 if (sc->sc_epq[0].tx_nfree == 0) {
2714 /* let caller free mbuf */
2715 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
2718 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
2719 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
2720 sc->sc_epq[0].tx_nfree--;
2724 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2725 if (rt2860_rates[ridx].rate == tp->mgmtrate)
2729 run_set_tx_desc(sc, data, 0, xflags, 0, RT2860_TX_QSEL_MGMT,
2730 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, 0);
2732 DPRINTFN(10, "sending mgt frame len=%d rate=%d\n", m->m_pkthdr.len +
2733 (int)(sizeof (struct rt2870_txd) + sizeof (struct rt2860_rxwi)),
2736 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
2738 usbd_transfer_start(sc->sc_xfer[0]);
2744 run_sendprot(struct run_softc *sc,
2745 const struct mbuf *m, struct ieee80211_node *ni, int prot, int rate)
2747 struct ieee80211com *ic = ni->ni_ic;
2748 struct ieee80211_frame *wh;
2749 struct run_tx_data *data;
2759 uint8_t txflags = 0;
2761 RUN_LOCK_ASSERT(sc, MA_OWNED);
2763 KASSERT(prot == IEEE80211_PROT_RTSCTS || prot == IEEE80211_PROT_CTSONLY,
2764 ("protection %d", prot));
2766 wh = mtod(m, struct ieee80211_frame *);
2767 pktlen = m->m_pkthdr.len + IEEE80211_CRC_LEN;
2768 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
2770 protrate = ieee80211_ctl_rate(ic->ic_rt, rate);
2771 ackrate = ieee80211_ack_rate(ic->ic_rt, rate);
2773 isshort = (ic->ic_flags & IEEE80211_F_SHPREAMBLE) != 0;
2774 dur = ieee80211_compute_duration(ic->ic_rt, pktlen, rate, isshort);
2775 + ieee80211_ack_duration(ic->ic_rt, rate, isshort);
2776 wflags = RT2860_TX_FRAG;
2778 /* check that there are free slots before allocating the mbuf */
2779 if (sc->sc_epq[0].tx_nfree == 0) {
2780 /* let caller free mbuf */
2781 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE;
2785 if (prot == IEEE80211_PROT_RTSCTS) {
2786 /* NB: CTS is the same size as an ACK */
2787 dur += ieee80211_ack_duration(ic->ic_rt, rate, isshort);
2788 txflags |= RT2860_TX_ACK;
2789 mprot = ieee80211_alloc_rts(ic, wh->i_addr1, wh->i_addr2, dur);
2791 mprot = ieee80211_alloc_cts(ic, ni->ni_vap->iv_myaddr, dur);
2793 if (mprot == NULL) {
2794 sc->sc_ifp->if_oerrors++;
2795 DPRINTF("could not allocate mbuf\n");
2799 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
2800 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
2801 sc->sc_epq[0].tx_nfree--;
2804 data->ni = ieee80211_ref_node(ni);
2806 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2807 if (rt2860_rates[ridx].rate == protrate)
2811 run_set_tx_desc(sc, data, wflags, txflags, 0,
2812 RT2860_TX_QSEL_EDCA, type, 0);
2814 DPRINTFN(1, "sending prot len=%u rate=%u\n",
2815 m->m_pkthdr.len, rate);
2817 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
2819 usbd_transfer_start(sc->sc_xfer[0]);
2825 run_tx_param(struct run_softc *sc, struct mbuf *m, struct ieee80211_node *ni,
2826 const struct ieee80211_bpf_params *params)
2828 struct ieee80211com *ic = ni->ni_ic;
2829 struct ieee80211_frame *wh;
2830 struct run_tx_data *data;
2838 RUN_LOCK_ASSERT(sc, MA_OWNED);
2840 KASSERT(params != NULL, ("no raw xmit params"));
2842 wh = mtod(m, struct ieee80211_frame *);
2843 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
2845 rate = params->ibp_rate0;
2846 if (!ieee80211_isratevalid(ic->ic_rt, rate)) {
2847 /* let caller free mbuf */
2853 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0)
2854 txflags |= RT2860_TX_ACK;
2855 if (params->ibp_flags & (IEEE80211_BPF_RTS|IEEE80211_BPF_CTS)) {
2856 error = run_sendprot(sc, m, ni,
2857 params->ibp_flags & IEEE80211_BPF_RTS ?
2858 IEEE80211_PROT_RTSCTS : IEEE80211_PROT_CTSONLY,
2861 /* let caller free mbuf */
2864 opflags |= /*XXX RT2573_TX_LONG_RETRY |*/ RT2860_TX_TXOP_SIFS;
2867 if (sc->sc_epq[0].tx_nfree == 0) {
2868 /* let caller free mbuf */
2869 sc->sc_ifp->if_drv_flags |= IFF_DRV_OACTIVE;
2870 DPRINTF("sending raw frame, but tx ring is full\n");
2873 data = STAILQ_FIRST(&sc->sc_epq[0].tx_fh);
2874 STAILQ_REMOVE_HEAD(&sc->sc_epq[0].tx_fh, next);
2875 sc->sc_epq[0].tx_nfree--;
2879 for (ridx = 0; ridx < RT2860_RIDX_MAX; ridx++)
2880 if (rt2860_rates[ridx].rate == rate)
2884 run_set_tx_desc(sc, data, 0, txflags, opflags,
2885 RT2860_TX_QSEL_EDCA, type, 0);
2887 DPRINTFN(10, "sending raw frame len=%u rate=%u\n",
2888 m->m_pkthdr.len, rate);
2890 STAILQ_INSERT_TAIL(&sc->sc_epq[0].tx_qh, data, next);
2892 usbd_transfer_start(sc->sc_xfer[0]);
2898 run_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
2899 const struct ieee80211_bpf_params *params)
2901 struct ifnet *ifp = ni->ni_ic->ic_ifp;
2902 struct run_softc *sc = ifp->if_softc;
2907 /* prevent management frames from being sent if we're not ready */
2908 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) {
2913 if (params == NULL) {
2915 if ((error = run_tx_mgt(sc, m, ni)) != 0){
2917 DPRINTF("mgt tx failed\n");
2921 /* tx raw packet with param */
2922 if ((error = run_tx_param(sc, m, ni, params)) != 0){
2924 DPRINTF("tx with param failed\n");
2939 ieee80211_free_node(ni);
2945 run_start(struct ifnet *ifp)
2947 struct run_softc *sc = ifp->if_softc;
2948 struct ieee80211_node *ni;
2953 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) {
2959 /* send data frames */
2960 IFQ_DRV_DEQUEUE(&ifp->if_snd, m);
2964 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
2965 if (run_tx(sc, m, ni) != 0) {
2966 IFQ_DRV_PREPEND(&ifp->if_snd, m);
2967 ifp->if_drv_flags |= IFF_DRV_OACTIVE;
2976 run_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
2978 struct run_softc *sc = ifp->if_softc;
2979 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
2980 struct ifreq *ifr = (struct ifreq *) data;
2981 int error = 0, startall = 0;
2986 if (ifp->if_flags & IFF_UP) {
2987 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)){
2988 run_init_locked(sc);
2991 run_update_promisc_locked(ifp);
2993 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
2998 ieee80211_start_all(ic);
3001 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd);
3004 error = ether_ioctl(ifp, cmd, data);
3015 run_select_chan_group(struct run_softc *sc, int group)
3019 run_bbp_write(sc, 62, 0x37 - sc->lna[group]);
3020 run_bbp_write(sc, 63, 0x37 - sc->lna[group]);
3021 run_bbp_write(sc, 64, 0x37 - sc->lna[group]);
3022 run_bbp_write(sc, 86, 0x00);
3025 if (sc->ext_2ghz_lna) {
3026 run_bbp_write(sc, 82, 0x62);
3027 run_bbp_write(sc, 75, 0x46);
3029 run_bbp_write(sc, 82, 0x84);
3030 run_bbp_write(sc, 75, 0x50);
3033 if (sc->ext_5ghz_lna) {
3034 run_bbp_write(sc, 82, 0xf2);
3035 run_bbp_write(sc, 75, 0x46);
3037 run_bbp_write(sc, 82, 0xf2);
3038 run_bbp_write(sc, 75, 0x50);
3042 run_read(sc, RT2860_TX_BAND_CFG, &tmp);
3043 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P);
3044 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P;
3045 run_write(sc, RT2860_TX_BAND_CFG, tmp);
3047 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */
3048 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN;
3049 if (group == 0) { /* 2GHz */
3050 tmp |= RT2860_PA_PE_G0_EN | RT2860_LNA_PE_G0_EN;
3051 if (sc->ntxchains > 1)
3052 tmp |= RT2860_PA_PE_G1_EN;
3053 if (sc->nrxchains > 1)
3054 tmp |= RT2860_LNA_PE_G1_EN;
3056 tmp |= RT2860_PA_PE_A0_EN | RT2860_LNA_PE_A0_EN;
3057 if (sc->ntxchains > 1)
3058 tmp |= RT2860_PA_PE_A1_EN;
3059 if (sc->nrxchains > 1)
3060 tmp |= RT2860_LNA_PE_A1_EN;
3062 run_write(sc, RT2860_TX_PIN_CFG, tmp);
3064 /* set initial AGC value */
3066 run_bbp_write(sc, 66, 0x2e + sc->lna[0]);
3068 run_bbp_write(sc, 66, 0x32 + (sc->lna[group] * 5) / 3);
3072 run_rt2870_set_chan(struct run_softc *sc, uint32_t chan)
3074 const struct rfprog *rfprog = rt2860_rf2850;
3075 uint32_t r2, r3, r4;
3076 int8_t txpow1, txpow2;
3079 /* find the settings for this channel (we know it exists) */
3080 for (i = 0; rfprog[i].chan != chan; i++);
3083 if (sc->ntxchains == 1)
3084 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */
3085 if (sc->nrxchains == 1)
3086 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
3087 else if (sc->nrxchains == 2)
3088 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */
3090 /* use Tx power values from EEPROM */
3091 txpow1 = sc->txpow1[i];
3092 txpow2 = sc->txpow2[i];
3095 txpow1 = txpow1 << 1;
3097 txpow1 = (7 + txpow1) << 1 | 1;
3099 txpow2 = txpow2 << 1;
3101 txpow2 = (7 + txpow2) << 1 | 1;
3103 r3 = rfprog[i].r3 | txpow1 << 7;
3104 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4;
3106 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1);
3107 run_rt2870_rf_write(sc, RT2860_RF2, r2);
3108 run_rt2870_rf_write(sc, RT2860_RF3, r3);
3109 run_rt2870_rf_write(sc, RT2860_RF4, r4);
3113 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1);
3114 run_rt2870_rf_write(sc, RT2860_RF2, r2);
3115 run_rt2870_rf_write(sc, RT2860_RF3, r3 | 1);
3116 run_rt2870_rf_write(sc, RT2860_RF4, r4);
3120 run_rt2870_rf_write(sc, RT2860_RF1, rfprog[i].r1);
3121 run_rt2870_rf_write(sc, RT2860_RF2, r2);
3122 run_rt2870_rf_write(sc, RT2860_RF3, r3);
3123 run_rt2870_rf_write(sc, RT2860_RF4, r4);
3127 run_rt3070_set_chan(struct run_softc *sc, uint32_t chan)
3129 int8_t txpow1, txpow2;
3132 /* RT3070 is 2GHz only */
3133 KASSERT(chan >= 1 && chan <= 14, ("wrong channel selected\n"));
3135 /* use Tx power values from EEPROM */
3136 txpow1 = sc->txpow1[chan - 1];
3137 txpow2 = sc->txpow2[chan - 1];
3139 run_rt3070_rf_write(sc, 2, run_rf3020_freqs[chan - 1].n);
3140 run_rt3070_rf_write(sc, 3, run_rf3020_freqs[chan - 1].k);
3141 run_rt3070_rf_read(sc, 6, &rf);
3142 rf = (rf & ~0x03) | run_rf3020_freqs[chan - 1].r;
3143 run_rt3070_rf_write(sc, 6, rf);
3146 run_rt3070_rf_read(sc, 12, &rf);
3147 rf = (rf & ~0x1f) | txpow1;
3148 run_rt3070_rf_write(sc, 12, rf);
3151 run_rt3070_rf_read(sc, 13, &rf);
3152 rf = (rf & ~0x1f) | txpow2;
3153 run_rt3070_rf_write(sc, 13, rf);
3155 run_rt3070_rf_read(sc, 1, &rf);
3157 if (sc->ntxchains == 1)
3158 rf |= 1 << 7 | 1 << 5; /* 1T: disable Tx chains 2 & 3 */
3159 else if (sc->ntxchains == 2)
3160 rf |= 1 << 7; /* 2T: disable Tx chain 3 */
3161 if (sc->nrxchains == 1)
3162 rf |= 1 << 6 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
3163 else if (sc->nrxchains == 2)
3164 rf |= 1 << 6; /* 2R: disable Rx chain 3 */
3165 run_rt3070_rf_write(sc, 1, rf);
3168 run_rt3070_rf_read(sc, 23, &rf);
3169 rf = (rf & ~0x7f) | sc->freq;
3170 run_rt3070_rf_write(sc, 23, rf);
3172 /* program RF filter */
3173 run_rt3070_rf_write(sc, 24, sc->rf24_20mhz);
3174 run_rt3070_rf_write(sc, 31, sc->rf24_20mhz);
3176 /* enable RF tuning */
3177 run_rt3070_rf_read(sc, 7, &rf);
3178 run_rt3070_rf_write(sc, 7, rf | 0x01);
3182 run_set_rx_antenna(struct run_softc *sc, int aux)
3187 run_read(sc, RT2860_PCI_EECTRL, &tmp);
3188 run_write(sc, RT2860_PCI_EECTRL, tmp & ~RT2860_C);
3189 run_read(sc, RT2860_GPIO_CTRL, &tmp);
3190 run_write(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08);
3192 run_read(sc, RT2860_PCI_EECTRL, &tmp);
3193 run_write(sc, RT2860_PCI_EECTRL, tmp | RT2860_C);
3194 run_read(sc, RT2860_GPIO_CTRL, &tmp);
3195 run_write(sc, RT2860_GPIO_CTRL, tmp & ~0x0808);
3200 run_set_chan(struct run_softc *sc, struct ieee80211_channel *c)
3202 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
3203 uint32_t chan, group;
3205 chan = ieee80211_chan2ieee(ic, c);
3206 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
3209 if ((sc->mac_rev >> 16) >= 0x3070)
3210 run_rt3070_set_chan(sc, chan);
3212 run_rt2870_set_chan(sc, chan);
3214 /* 802.11a uses a 16 microseconds short interframe space */
3215 sc->sifs = IEEE80211_IS_CHAN_5GHZ(c) ? 16 : 10;
3217 /* determine channel group */
3220 else if (chan <= 64)
3222 else if (chan <= 128)
3227 /* XXX necessary only when group has changed! */
3228 run_select_chan_group(sc, group);
3236 run_set_channel(struct ieee80211com *ic)
3238 struct run_softc *sc = ic->ic_ifp->if_softc;
3241 run_set_chan(sc, ic->ic_curchan);
3248 run_scan_start(struct ieee80211com *ic)
3250 struct run_softc *sc = ic->ic_ifp->if_softc;
3255 /* abort TSF synchronization */
3256 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
3257 run_write(sc, RT2860_BCN_TIME_CFG,
3258 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
3259 RT2860_TBTT_TIMER_EN));
3260 run_set_bssid(sc, sc->sc_ifp->if_broadcastaddr);
3268 run_scan_end(struct ieee80211com *ic)
3270 struct run_softc *sc = ic->ic_ifp->if_softc;
3274 run_enable_tsf_sync(sc);
3275 /* XXX keep local copy */
3276 run_set_bssid(sc, sc->sc_bssid);
3284 run_rate2mcs(uint8_t rate)
3302 return 0; /* shouldn't get here */
3306 run_update_beacon_locked(struct ieee80211vap *vap, int item)
3308 struct ieee80211com *ic = vap->iv_ic;
3309 struct run_softc *sc = ic->ic_ifp->if_softc;
3310 struct rt2860_txwi txwi;
3314 if ((m = ieee80211_beacon_alloc(vap->iv_bss, &RUN_VAP(vap)->bo)) == NULL)
3317 memset(&txwi, 0, sizeof txwi);
3319 txwi.len = htole16(m->m_pkthdr.len);
3320 /* send beacons at the lowest available rate */
3321 rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 12 : 2;
3322 txwi.phy = htole16(run_rate2mcs(rate));
3324 txwi.phy |= htole16(RT2860_PHY_OFDM);
3325 txwi.txop = RT2860_TX_TXOP_HT;
3326 txwi.flags = RT2860_TX_TS;
3328 run_write_region_1(sc, RT2860_BCN_BASE(0),
3329 (u_int8_t *)&txwi, sizeof txwi);
3330 run_write_region_1(sc, RT2860_BCN_BASE(0) + sizeof txwi,
3331 mtod(m, uint8_t *), (m->m_pkthdr.len + 1) & ~1); /* roundup len */
3339 run_update_beacon(struct ieee80211vap *vap, int item)
3341 struct ieee80211com *ic = vap->iv_ic;
3342 struct run_softc *sc = ic->ic_ifp->if_softc;
3344 IEEE80211_UNLOCK(ic);
3346 run_update_beacon_locked(vap, item);
3354 run_updateprot(struct ieee80211com *ic)
3356 struct run_softc *sc = ic->ic_ifp->if_softc;
3359 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL;
3360 /* setup protection frame rate (MCS code) */
3361 tmp |= (ic->ic_curmode == IEEE80211_MODE_11A) ?
3362 rt2860_rates[RT2860_RIDX_OFDM6].mcs :
3363 rt2860_rates[RT2860_RIDX_CCK11].mcs;
3365 /* CCK frames don't require protection */
3366 run_write(sc, RT2860_CCK_PROT_CFG, tmp);
3367 if (ic->ic_flags & IEEE80211_F_USEPROT) {
3368 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS)
3369 tmp |= RT2860_PROT_CTRL_RTS_CTS;
3370 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY)
3371 tmp |= RT2860_PROT_CTRL_CTS;
3373 run_write(sc, RT2860_OFDM_PROT_CFG, tmp);
3377 run_usb_timeout_cb(void *arg, int pending)
3379 struct run_softc *sc = arg;
3380 struct ieee80211vap *vap = &sc->sc_rvp->vap;
3382 RUN_LOCK_ASSERT(sc, MA_OWNED);
3384 if(vap->iv_state == IEEE80211_S_RUN &&
3385 vap->iv_opmode != IEEE80211_M_STA)
3386 run_reset_livelock(sc);
3387 else if(vap->iv_state == IEEE80211_S_SCAN){
3388 DPRINTF("timeout caused by scan\n");
3390 ieee80211_cancel_scan(vap);
3392 DPRINTF("timeout by unknown cause\n");
3396 run_reset_livelock(struct run_softc *sc)
3401 * In IBSS or HostAP modes (when the hardware sends beacons), the MAC
3402 * can run into a livelock and start sending CTS-to-self frames like
3403 * crazy if protection is enabled. Reset MAC/BBP for a while
3405 run_read(sc, RT2860_DEBUG, &tmp);
3406 if((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))){
3407 DPRINTF("CTS-to-self livelock detected\n");
3408 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST);
3410 run_write(sc, RT2860_MAC_SYS_CTRL,
3411 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
3416 run_update_promisc_locked(struct ifnet *ifp)
3418 struct run_softc *sc = ifp->if_softc;
3421 run_read(sc, RT2860_RX_FILTR_CFG, &tmp);
3423 tmp |= RT2860_DROP_UC_NOME;
3424 if (ifp->if_flags & IFF_PROMISC)
3425 tmp &= ~RT2860_DROP_UC_NOME;
3427 run_write(sc, RT2860_RX_FILTR_CFG, tmp);
3429 DPRINTF("%s promiscuous mode\n", (ifp->if_flags & IFF_PROMISC) ?
3430 "entering" : "leaving");
3434 run_update_promisc(struct ifnet *ifp)
3436 struct run_softc *sc = ifp->if_softc;
3438 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0)
3442 run_update_promisc_locked(ifp);
3447 run_enable_tsf_sync(struct run_softc *sc)
3449 struct ifnet *ifp = sc->sc_ifp;
3450 struct ieee80211com *ic = ifp->if_l2com;
3451 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
3454 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
3456 tmp |= vap->iv_bss->ni_intval * 16;
3457 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN;
3459 if (vap->iv_opmode == IEEE80211_M_STA) {
3461 * Local TSF is always updated with remote TSF on beacon
3464 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT;
3465 } else if (vap->iv_opmode == IEEE80211_M_IBSS) {
3466 tmp |= RT2860_BCN_TX_EN;
3468 * Local TSF is updated with remote TSF on beacon reception
3469 * only if the remote TSF is greater than local TSF.
3471 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT;
3472 } else if (vap->iv_opmode == IEEE80211_M_HOSTAP) {
3473 tmp |= RT2860_BCN_TX_EN;
3474 /* SYNC with nobody */
3475 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT;
3477 DPRINTF("Enabling TSF failed. undefined opmode\n");
3479 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
3483 run_enable_mrr(struct run_softc *sc)
3485 #define CCK(mcs) (mcs)
3486 #define OFDM(mcs) (1 << 3 | (mcs))
3487 run_write(sc, RT2860_LG_FBK_CFG0,
3488 OFDM(6) << 28 | /* 54->48 */
3489 OFDM(5) << 24 | /* 48->36 */
3490 OFDM(4) << 20 | /* 36->24 */
3491 OFDM(3) << 16 | /* 24->18 */
3492 OFDM(2) << 12 | /* 18->12 */
3493 OFDM(1) << 8 | /* 12-> 9 */
3494 OFDM(0) << 4 | /* 9-> 6 */
3495 OFDM(0)); /* 6-> 6 */
3497 run_write(sc, RT2860_LG_FBK_CFG1,
3498 CCK(2) << 12 | /* 11->5.5 */
3499 CCK(1) << 8 | /* 5.5-> 2 */
3500 CCK(0) << 4 | /* 2-> 1 */
3501 CCK(0)); /* 1-> 1 */
3507 run_set_txpreamble(struct run_softc *sc)
3509 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
3512 run_read(sc, RT2860_AUTO_RSP_CFG, &tmp);
3513 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
3514 tmp |= RT2860_CCK_SHORT_EN;
3516 tmp &= ~RT2860_CCK_SHORT_EN;
3517 run_write(sc, RT2860_AUTO_RSP_CFG, tmp);
3521 run_set_basicrates(struct run_softc *sc)
3523 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
3525 /* set basic rates mask */
3526 if (ic->ic_curmode == IEEE80211_MODE_11B)
3527 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x003);
3528 else if (ic->ic_curmode == IEEE80211_MODE_11A)
3529 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x150);
3531 run_write(sc, RT2860_LEGACY_BASIC_RATE, 0x15f);
3535 run_set_leds(struct run_softc *sc, uint16_t which)
3537 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LEDS,
3538 which | (sc->leds & 0x7f));
3542 run_set_bssid(struct run_softc *sc, const uint8_t *bssid)
3544 run_write(sc, RT2860_MAC_BSSID_DW0,
3545 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24);
3546 run_write(sc, RT2860_MAC_BSSID_DW1,
3547 bssid[4] | bssid[5] << 8);
3551 run_set_macaddr(struct run_softc *sc, const uint8_t *addr)
3553 run_write(sc, RT2860_MAC_ADDR_DW0,
3554 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24);
3555 run_write(sc, RT2860_MAC_ADDR_DW1,
3556 addr[4] | addr[5] << 8 | 0xff << 16);
3561 run_updateslot(struct ifnet *ifp)
3563 struct run_softc *sc = ifp->if_softc;
3564 struct ieee80211com *ic = ifp->if_l2com;
3567 run_read(sc, RT2860_BKOFF_SLOT_CFG, &tmp);
3569 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
3570 run_write(sc, RT2860_BKOFF_SLOT_CFG, tmp);
3574 run_rssi2dbm(struct run_softc *sc, uint8_t rssi, uint8_t rxchain)
3576 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
3577 struct ieee80211_channel *c = ic->ic_curchan;
3580 if (IEEE80211_IS_CHAN_5GHZ(c)) {
3581 uint32_t chan = ieee80211_chan2ieee(ic, c);
3582 delta = sc->rssi_5ghz[rxchain];
3584 /* determine channel group */
3586 delta -= sc->lna[1];
3587 else if (chan <= 128)
3588 delta -= sc->lna[2];
3590 delta -= sc->lna[3];
3592 delta = sc->rssi_2ghz[rxchain] - sc->lna[0];
3594 return -12 - delta - rssi;
3598 run_bbp_init(struct run_softc *sc)
3600 int i, error, ntries;
3603 /* wait for BBP to wake up */
3604 for (ntries = 0; ntries < 20; ntries++) {
3605 if ((error = run_bbp_read(sc, 0, &bbp0)) != 0)
3607 if (bbp0 != 0 && bbp0 != 0xff)
3613 /* initialize BBP registers to default values */
3614 for (i = 0; i < nitems(rt2860_def_bbp); i++) {
3615 run_bbp_write(sc, rt2860_def_bbp[i].reg,
3616 rt2860_def_bbp[i].val);
3619 /* fix BBP84 for RT2860E */
3620 if ((sc->mac_rev >> 16) == 0x2860 && (sc->mac_rev & 0xffff) != 0x0101)
3621 run_bbp_write(sc, 84, 0x19);
3623 if ((sc->mac_rev >> 16) >= 0x3070) {
3624 run_bbp_write(sc, 79, 0x13);
3625 run_bbp_write(sc, 80, 0x05);
3626 run_bbp_write(sc, 81, 0x33);
3627 /* XXX RT3090 needs more */
3628 } else if (sc->mac_rev == 0x28600100) {
3629 run_bbp_write(sc, 69, 0x16);
3630 run_bbp_write(sc, 73, 0x12);
3636 run_rt3070_rf_init(struct run_softc *sc)
3642 run_rt3070_rf_read(sc, 30, &rf);
3643 /* toggle RF R30 bit 7 */
3644 run_rt3070_rf_write(sc, 30, rf | 0x80);
3646 run_rt3070_rf_write(sc, 30, rf & ~0x80);
3648 /* initialize RF registers to default value */
3649 for (i = 0; i < nitems(rt3070_def_rf); i++) {
3650 run_rt3070_rf_write(sc, rt3070_def_rf[i].reg,
3651 rt3070_def_rf[i].val);
3653 if ((sc->mac_rev >> 16) == 0x3070) {
3654 /* change voltage from 1.2V to 1.35V for RT3070 */
3655 run_read(sc, RT3070_LDO_CFG0, &tmp);
3656 tmp = (tmp & ~0x0f000000) | 0x0d000000;
3657 run_write(sc, RT3070_LDO_CFG0, tmp);
3659 } else if ((sc->mac_rev >> 16) == 0x3071) {
3660 run_rt3070_rf_read(sc, 6, &rf);
3661 run_rt3070_rf_write(sc, 6, rf | 0x40);
3662 run_rt3070_rf_write(sc, 31, 0x14);
3664 run_read(sc, RT3070_LDO_CFG0, &tmp);
3666 if ((sc->mac_rev & 0xffff) < 0x0211)
3670 run_write(sc, RT3070_LDO_CFG0, tmp);
3672 /* patch LNA_PE_G1 */
3673 run_read(sc, RT3070_GPIO_SWITCH, &tmp);
3674 run_write(sc, RT3070_GPIO_SWITCH, tmp & ~0x20);
3675 } else if((sc->mac_rev >> 16) == 0x3572){
3676 if ((sc->mac_rev & 0xffff) < 0x0211){
3677 run_read(sc, RT3070_LDO_CFG0, &tmp);
3678 tmp = (tmp & ~0x0f000000) | 0x0d000000;
3679 run_write(sc, RT3070_LDO_CFG0, tmp);
3681 run_read(sc, RT3070_LDO_CFG0, &tmp);
3682 tmp = (tmp & ~0x1f000000) | 0x0d000000;
3683 run_write(sc, RT3070_LDO_CFG0, tmp);
3685 run_delay(sc, 1); /* wait for 1msec */
3687 tmp = (tmp & ~0x1f000000) | 0x01000000;
3688 run_write(sc, RT3070_LDO_CFG0, tmp);
3692 /* select 20MHz bandwidth */
3693 run_rt3070_rf_read(sc, 31, &rf);
3694 run_rt3070_rf_write(sc, 31, rf & ~0x20);
3696 /* calibrate filter for 20MHz bandwidth */
3697 sc->rf24_20mhz = 0x1f; /* default value */
3698 run_rt3070_filter_calib(sc, 0x07, 0x16, &sc->rf24_20mhz);
3700 /* select 40MHz bandwidth */
3701 run_bbp_read(sc, 4, &bbp4);
3702 run_bbp_write(sc, 4, (bbp4 & ~0x08) | 0x10);
3704 /* calibrate filter for 40MHz bandwidth */
3705 sc->rf24_40mhz = 0x2f; /* default value */
3706 run_rt3070_filter_calib(sc, 0x27, 0x19, &sc->rf24_40mhz);
3708 /* go back to 20MHz bandwidth */
3709 run_bbp_read(sc, 4, &bbp4);
3710 run_bbp_write(sc, 4, bbp4 & ~0x18);
3712 if ((sc->mac_rev & 0xffff) < 0x0211)
3713 run_rt3070_rf_write(sc, 27, 0x03);
3715 run_read(sc, RT3070_OPT_14, &tmp);
3716 run_write(sc, RT3070_OPT_14, tmp | 1);
3718 if ((sc->mac_rev >> 16) == 0x3071) {
3719 run_rt3070_rf_read(sc, 1, &rf);
3720 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD);
3721 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD;
3722 run_rt3070_rf_write(sc, 1, rf);
3724 run_rt3070_rf_read(sc, 15, &rf);
3725 run_rt3070_rf_write(sc, 15, rf & ~RT3070_TX_LO2);
3727 run_rt3070_rf_read(sc, 17, &rf);
3728 rf &= ~RT3070_TX_LO1;
3729 if ((sc->mac_rev & 0xffff) >= 0x0211 && !sc->ext_2ghz_lna)
3730 rf |= 0x20; /* fix for long range Rx issue */
3731 run_rt3070_rf_write(sc, 17, rf);
3733 run_rt3070_rf_read(sc, 20, &rf);
3734 run_rt3070_rf_write(sc, 20, rf & ~RT3070_RX_LO1);
3736 run_rt3070_rf_read(sc, 21, &rf);
3737 run_rt3070_rf_write(sc, 21, rf & ~RT3070_RX_LO2);
3739 run_rt3070_rf_read(sc, 27, &rf);
3741 if ((sc->mac_rev & 0xffff) < 0x0211)
3743 run_rt3070_rf_write(sc, 27, rf);
3749 run_rt3070_filter_calib(struct run_softc *sc, uint8_t init, uint8_t target,
3753 uint8_t bbp55_pb, bbp55_sb, delta;
3756 /* program filter */
3757 rf24 = init; /* initial filter value */
3758 run_rt3070_rf_write(sc, 24, rf24);
3760 /* enable baseband loopback mode */
3761 run_rt3070_rf_read(sc, 22, &rf22);
3762 run_rt3070_rf_write(sc, 22, rf22 | 0x01);
3764 /* set power and frequency of passband test tone */
3765 run_bbp_write(sc, 24, 0x00);
3766 for (ntries = 0; ntries < 100; ntries++) {
3767 /* transmit test tone */
3768 run_bbp_write(sc, 25, 0x90);
3770 /* read received power */
3771 run_bbp_read(sc, 55, &bbp55_pb);
3778 /* set power and frequency of stopband test tone */
3779 run_bbp_write(sc, 24, 0x06);
3780 for (ntries = 0; ntries < 100; ntries++) {
3781 /* transmit test tone */
3782 run_bbp_write(sc, 25, 0x90);
3784 /* read received power */
3785 run_bbp_read(sc, 55, &bbp55_sb);
3787 delta = bbp55_pb - bbp55_sb;
3791 /* reprogram filter */
3793 run_rt3070_rf_write(sc, 24, rf24);
3797 rf24--; /* backtrack */
3799 run_rt3070_rf_write(sc, 24, rf24);
3802 /* restore initial state */
3803 run_bbp_write(sc, 24, 0x00);
3805 /* disable baseband loopback mode */
3806 run_rt3070_rf_read(sc, 22, &rf22);
3807 run_rt3070_rf_write(sc, 22, rf22 & ~0x01);
3813 run_txrx_enable(struct run_softc *sc)
3815 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
3819 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN);
3820 for (ntries = 0; ntries < 200; ntries++) {
3821 if ((error = run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp)) != 0)
3823 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
3832 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN | RT2860_TX_WB_DDONE;
3833 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
3835 /* enable Rx bulk aggregation (set timeout and limit) */
3836 tmp = RT2860_USB_TX_EN | RT2860_USB_RX_EN | RT2860_USB_RX_AGG_EN |
3837 RT2860_USB_RX_AGG_TO(128) | RT2860_USB_RX_AGG_LMT(2);
3838 run_write(sc, RT2860_USB_DMA_CFG, tmp);
3841 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR;
3842 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
3843 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL |
3844 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK |
3845 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV |
3846 RT2860_DROP_CFACK | RT2860_DROP_CFEND;
3847 if (ic->ic_opmode == IEEE80211_M_STA)
3848 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL;
3850 run_write(sc, RT2860_RX_FILTR_CFG, tmp);
3852 run_write(sc, RT2860_MAC_SYS_CTRL,
3853 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
3859 run_init_locked(struct run_softc *sc)
3861 struct ifnet *ifp = sc->sc_ifp;
3862 struct ieee80211com *ic = ifp->if_l2com;
3863 struct ieee80211vap *vap = &sc->sc_rvp->vap;
3872 for (ntries = 0; ntries < 100; ntries++) {
3873 if (run_read(sc, RT2860_ASIC_VER_ID, &tmp) != 0)
3875 if (tmp != 0 && tmp != 0xffffffff)
3882 for (i = 0; i != RUN_EP_QUEUES; i++)
3883 run_setup_tx_list(sc, &sc->sc_epq[i]);
3885 run_set_macaddr(sc, IF_LLADDR(ifp));
3887 for (ntries = 0; ntries < 100; ntries++) {
3888 if (run_read(sc, RT2860_WPDMA_GLO_CFG, &tmp) != 0)
3890 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
3894 if (ntries == 100) {
3895 printf("%s: timeout waiting for DMA engine\n",
3896 device_get_nameunit(sc->sc_dev));
3900 tmp |= RT2860_TX_WB_DDONE;
3901 run_write(sc, RT2860_WPDMA_GLO_CFG, tmp);
3903 /* turn off PME_OEN to solve high-current issue */
3904 run_read(sc, RT2860_SYS_CTRL, &tmp);
3905 run_write(sc, RT2860_SYS_CTRL, tmp & ~RT2860_PME_OEN);
3907 run_write(sc, RT2860_MAC_SYS_CTRL,
3908 RT2860_BBP_HRST | RT2860_MAC_SRST);
3909 run_write(sc, RT2860_USB_DMA_CFG, 0);
3911 if (run_reset(sc) != 0) {
3912 printf("%s: could not reset chipset\n",
3913 device_get_nameunit(sc->sc_dev));
3917 run_write(sc, RT2860_MAC_SYS_CTRL, 0);
3919 /* init Tx power for all Tx rates (from EEPROM) */
3920 for (ridx = 0; ridx < 5; ridx++) {
3921 if (sc->txpow20mhz[ridx] == 0xffffffff)
3923 run_write(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]);
3926 for (i = 0; i < nitems(rt2870_def_mac); i++)
3927 run_write(sc, rt2870_def_mac[i].reg, rt2870_def_mac[i].val);
3928 run_write(sc, RT2860_WMM_AIFSN_CFG, 0x00002273);
3929 run_write(sc, RT2860_WMM_CWMIN_CFG, 0x00002344);
3930 run_write(sc, RT2860_WMM_CWMAX_CFG, 0x000034aa);
3932 if ((sc->mac_rev >> 16) >= 0x3070) {
3933 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */
3934 run_write(sc, RT2860_TX_SW_CFG0,
3935 4 << RT2860_DLY_PAPE_EN_SHIFT);
3936 run_write(sc, RT2860_TX_SW_CFG1, 0);
3937 run_write(sc, RT2860_TX_SW_CFG2, 0x1f);
3940 /* wait while MAC is busy */
3941 for (ntries = 0; ntries < 100; ntries++) {
3942 if (run_read(sc, RT2860_MAC_STATUS_REG, &tmp) != 0)
3944 if (!(tmp & (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY)))
3951 /* clear Host to MCU mailbox */
3952 run_write(sc, RT2860_H2M_BBPAGENT, 0);
3953 run_write(sc, RT2860_H2M_MAILBOX, 0);
3956 if (run_bbp_init(sc) != 0) {
3957 printf("%s: could not initialize BBP\n",
3958 device_get_nameunit(sc->sc_dev));
3962 /* abort TSF synchronization */
3963 run_read(sc, RT2860_BCN_TIME_CFG, &tmp);
3964 tmp &= ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
3965 RT2860_TBTT_TIMER_EN);
3966 run_write(sc, RT2860_BCN_TIME_CFG, tmp);
3968 /* clear RX WCID search table */
3969 run_set_region_4(sc, RT2860_WCID_ENTRY(0), 0, 512);
3970 /* clear WCID attribute table */
3971 run_set_region_4(sc, RT2860_WCID_ATTR(0), 0, 8 * 32);
3972 /* clear shared key table */
3973 run_set_region_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32);
3974 /* clear shared key mode */
3975 run_set_region_4(sc, RT2860_SKEY_MODE_0_7, 0, 4);
3977 run_read(sc, RT2860_US_CYC_CNT, &tmp);
3978 tmp = (tmp & ~0xff) | 0x1e;
3979 run_write(sc, RT2860_US_CYC_CNT, tmp);
3981 if ((sc->mac_rev >> 16) == 0x2860 && (sc->mac_rev & 0xffff) != 0x0101)
3982 run_write(sc, RT2860_TXOP_CTRL_CFG, 0x0000583f);
3984 run_write(sc, RT2860_WMM_TXOP0_CFG, 0);
3985 run_write(sc, RT2860_WMM_TXOP1_CFG, 48 << 16 | 96);
3987 /* write vendor-specific BBP values (from EEPROM) */
3988 for (i = 0; i < 8; i++) {
3989 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff)
3991 run_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val);
3994 /* select Main antenna for 1T1R devices */
3995 if (sc->rf_rev == RT3070_RF_3020)
3996 run_set_rx_antenna(sc, 0);
3998 /* send LEDs operating mode to microcontroller */
3999 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0]);
4000 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1]);
4001 (void)run_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2]);
4003 /* disable non-existing Rx chains */
4004 run_bbp_read(sc, 3, &bbp3);
4005 bbp3 &= ~(1 << 3 | 1 << 4);
4006 if (sc->nrxchains == 2)
4008 else if (sc->nrxchains == 3)
4010 run_bbp_write(sc, 3, bbp3);
4012 /* disable non-existing Tx chains */
4013 run_bbp_read(sc, 1, &bbp1);
4014 if (sc->ntxchains == 1)
4015 bbp1 &= ~(1 << 3 | 1 << 4);
4016 run_bbp_write(sc, 1, bbp1);
4018 if ((sc->mac_rev >> 16) >= 0x3070)
4019 run_rt3070_rf_init(sc);
4021 /* select default channel */
4022 vap->iv_bss->ni_chan = ic->ic_curchan; /* ic_bsschan?? */
4023 run_set_chan(sc, ic->ic_curchan);
4025 /* setup initial protection mode */
4028 /* turn radio LED on */
4029 run_set_leds(sc, RT2860_LED_RADIO);
4031 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
4032 ifp->if_drv_flags |= IFF_DRV_RUNNING;
4034 for(i = 0; i != RUN_N_XFER; i++)
4035 usbd_xfer_set_stall(sc->sc_xfer[i]);
4037 usbd_transfer_start(sc->sc_xfer[RUN_BULK_RX]);
4039 if (run_txrx_enable(sc) != 0)
4051 struct run_softc *sc = arg;
4052 struct ifnet *ifp = sc->sc_ifp;
4053 struct ieee80211com *ic = ifp->if_l2com;
4056 run_init_locked(sc);
4059 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
4060 ieee80211_start_all(ic);
4066 struct run_softc *sc = (struct run_softc *)arg;
4067 struct ifnet *ifp = sc->sc_ifp;
4068 struct ieee80211com *ic = ifp->if_l2com;
4073 RUN_LOCK_ASSERT(sc, MA_OWNED);
4075 if (ic->ic_flags & IEEE80211_F_SCAN)
4076 ieee80211_cancel_scan(&sc->sc_rvp->vap);
4078 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
4079 run_set_leds(sc, 0); /* turn all LEDs off */
4081 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE);
4083 sc->sc_rvp->amrr_run = RUN_AMRR_OFF;
4087 /* drain them all */
4088 usb_callout_drain(&sc->sc_rvp->amrr_ch);
4089 ieee80211_draintask(ic, &sc->sc_rvp->amrr_task);
4090 ieee80211_draintask(ic, &sc->wme_task);
4091 for(i = 0; i < RUN_N_XFER; i++)
4092 usbd_transfer_drain(sc->sc_xfer[i]);
4093 ieee80211_draintask(ic, &sc->usb_timeout_task);
4097 if(sc->rx_m != NULL){
4103 run_read(sc, RT2860_MAC_SYS_CTRL, &tmp);
4104 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
4105 run_write(sc, RT2860_MAC_SYS_CTRL, tmp);
4107 /* wait for pending Tx to complete */
4108 for (ntries = 0; ntries < 100; ntries++) {
4109 if (run_read(sc, RT2860_TXRXQ_PCNT, &tmp) != 0){
4110 DPRINTF("Cannot read Tx queue count\n");
4113 if ((tmp & RT2860_TX2Q_PCNT_MASK) == 0){
4114 DPRINTF("All Tx cleared\n");
4120 DPRINTF("There are still pending Tx\n");
4122 run_write(sc, RT2860_USB_DMA_CFG, 0);
4124 run_write(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST);
4125 run_write(sc, RT2860_MAC_SYS_CTRL, 0);
4127 for (i = 0; i != RUN_EP_QUEUES; i++)
4128 run_unsetup_tx_list(sc, &sc->sc_epq[i]);
4134 run_delay(struct run_softc *sc, unsigned int ms)
4136 usb_pause_mtx(mtx_owned(&sc->sc_mtx) ?
4137 &sc->sc_mtx : NULL, USB_MS_TO_TICKS(ms));
4140 static device_method_t run_methods[] = {
4141 /* Device interface */
4142 DEVMETHOD(device_probe, run_match),
4143 DEVMETHOD(device_attach, run_attach),
4144 DEVMETHOD(device_detach, run_detach),
4149 static driver_t run_driver = {
4152 sizeof(struct run_softc)
4155 static devclass_t run_devclass;
4157 DRIVER_MODULE(run, uhub, run_driver, run_devclass, NULL, 0);
projects / FreeBSD / stable / 8.git / blob