2 * Copyright (c) 2007-2010 Damien Bergamini <damien.bergamini@free.fr>
3 * Copyright (c) 2012 Bernhard Schmidt <bschmidt@FreeBSD.org>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 * $OpenBSD: rt2860.c,v 1.65 2010/10/23 14:24:54 damien Exp $
18 * $FreeBSD: src/sys/dev/ral/rt2860.c,v 1.3 2012/12/04 11:18:52 svnexp Exp $
22 * Ralink Technology RT2860/RT3090/RT3390/RT3562 chipset driver
23 * http://www.ralinktech.com/
26 #include <sys/param.h>
27 #include <sys/sysctl.h>
28 #include <sys/sockio.h>
30 #include <sys/kernel.h>
31 #include <sys/socket.h>
32 #include <sys/systm.h>
33 #include <sys/malloc.h>
34 #include <sys/module.h>
36 #include <sys/endian.h>
37 #include <sys/firmware.h>
43 #include <net/if_arp.h>
44 #include <net/ethernet.h>
45 #include <net/if_dl.h>
46 #include <net/if_media.h>
47 #include <net/if_types.h>
48 #include <net/ifq_var.h>
50 #include <netproto/802_11/ieee80211_var.h>
51 #include <netproto/802_11/ieee80211_radiotap.h>
52 #include <netproto/802_11/ieee80211_regdomain.h>
53 #include <netproto/802_11/ieee80211_ratectl.h>
55 #include <netinet/in.h>
56 #include <netinet/in_systm.h>
57 #include <netinet/in_var.h>
58 #include <netinet/ip.h>
59 #include <netinet/if_ether.h>
61 #include <dev/netif/ral/rt2860reg.h>
62 #include <dev/netif/ral/rt2860var.h>
66 #define DPRINTF(x) do { if (sc->sc_debug > 0) kprintf x; } while (0)
67 #define DPRINTFN(n, x) do { if (sc->sc_debug >= (n)) kprintf x; } while (0)
70 #define DPRINTFN(n, x)
73 static struct ieee80211vap *rt2860_vap_create(struct ieee80211com *,
74 const char [IFNAMSIZ], int,
75 enum ieee80211_opmode,
76 int, const uint8_t [IEEE80211_ADDR_LEN],
77 const uint8_t [IEEE80211_ADDR_LEN]);
78 static void rt2860_vap_delete(struct ieee80211vap *);
79 static void rt2860_dma_map_addr(void *, bus_dma_segment_t *, int, int);
80 static int rt2860_alloc_tx_ring(struct rt2860_softc *,
81 struct rt2860_tx_ring *);
82 static void rt2860_reset_tx_ring(struct rt2860_softc *,
83 struct rt2860_tx_ring *);
84 static void rt2860_free_tx_ring(struct rt2860_softc *,
85 struct rt2860_tx_ring *);
86 static int rt2860_alloc_tx_pool(struct rt2860_softc *);
87 static void rt2860_free_tx_pool(struct rt2860_softc *);
88 static int rt2860_alloc_rx_ring(struct rt2860_softc *,
89 struct rt2860_rx_ring *);
90 static void rt2860_reset_rx_ring(struct rt2860_softc *,
91 struct rt2860_rx_ring *);
92 static void rt2860_free_rx_ring(struct rt2860_softc *,
93 struct rt2860_rx_ring *);
94 static void rt2860_updatestats(struct rt2860_softc *);
95 static void rt2860_newassoc(struct ieee80211_node *, int);
96 static void rt2860_node_free(struct ieee80211_node *);
98 static int rt2860_ampdu_rx_start(struct ieee80211com *,
99 struct ieee80211_node *, uint8_t);
100 static void rt2860_ampdu_rx_stop(struct ieee80211com *,
101 struct ieee80211_node *, uint8_t);
103 static int rt2860_newstate(struct ieee80211vap *, enum ieee80211_state,
105 static uint16_t rt3090_efuse_read_2(struct rt2860_softc *, uint16_t);
106 static uint16_t rt2860_eeprom_read_2(struct rt2860_softc *, uint16_t);
107 static void rt2860_intr_coherent(struct rt2860_softc *);
108 static void rt2860_drain_stats_fifo(struct rt2860_softc *);
109 static void rt2860_tx_intr(struct rt2860_softc *, int);
110 static void rt2860_rx_intr(struct rt2860_softc *);
111 static void rt2860_tbtt_intr(struct rt2860_softc *);
112 static void rt2860_gp_intr(struct rt2860_softc *);
113 static int rt2860_tx(struct rt2860_softc *, struct mbuf *,
114 struct ieee80211_node *);
115 static int rt2860_raw_xmit(struct ieee80211_node *, struct mbuf *,
116 const struct ieee80211_bpf_params *);
118 static int rt2860_tx_raw(struct rt2860_softc *, struct mbuf *,
119 struct ieee80211_node *,
120 const struct ieee80211_bpf_params *params);
122 static void rt2860_start(struct ifnet *, struct ifaltq_subque *);
123 static void rt2860_start_locked(struct ifnet *);
124 static void rt2860_watchdog(void *);
125 static int rt2860_ioctl(struct ifnet *, u_long, caddr_t, struct ucred *);
126 static void rt2860_mcu_bbp_write(struct rt2860_softc *, uint8_t, uint8_t);
127 static uint8_t rt2860_mcu_bbp_read(struct rt2860_softc *, uint8_t);
128 static void rt2860_rf_write(struct rt2860_softc *, uint8_t, uint32_t);
129 static uint8_t rt3090_rf_read(struct rt2860_softc *, uint8_t);
130 static void rt3090_rf_write(struct rt2860_softc *, uint8_t, uint8_t);
131 static int rt2860_mcu_cmd(struct rt2860_softc *, uint8_t, uint16_t, int);
132 static void rt2860_enable_mrr(struct rt2860_softc *);
133 static void rt2860_set_txpreamble(struct rt2860_softc *);
134 static void rt2860_set_basicrates(struct rt2860_softc *,
135 const struct ieee80211_rateset *);
136 static void rt2860_scan_start(struct ieee80211com *);
137 static void rt2860_scan_end(struct ieee80211com *);
138 static void rt2860_set_channel(struct ieee80211com *);
139 static void rt2860_select_chan_group(struct rt2860_softc *, int);
140 static void rt2860_set_chan(struct rt2860_softc *, u_int);
141 static void rt3090_set_chan(struct rt2860_softc *, u_int);
142 static int rt3090_rf_init(struct rt2860_softc *);
143 static void rt3090_rf_wakeup(struct rt2860_softc *);
144 static int rt3090_filter_calib(struct rt2860_softc *, uint8_t, uint8_t,
146 static void rt3090_rf_setup(struct rt2860_softc *);
147 static void rt2860_set_leds(struct rt2860_softc *, uint16_t);
148 static void rt2860_set_gp_timer(struct rt2860_softc *, int);
149 static void rt2860_set_bssid(struct rt2860_softc *, const uint8_t *);
150 static void rt2860_set_macaddr(struct rt2860_softc *, const uint8_t *);
151 static void rt2860_update_promisc(struct ifnet *);
152 static void rt2860_updateslot(struct ifnet *);
153 static void rt2860_updateprot(struct ifnet *);
154 static int rt2860_updateedca(struct ieee80211com *);
156 static int rt2860_set_key(struct ieee80211com *, struct ieee80211_node *,
157 struct ieee80211_key *);
158 static void rt2860_delete_key(struct ieee80211com *,
159 struct ieee80211_node *, struct ieee80211_key *);
161 static int8_t rt2860_rssi2dbm(struct rt2860_softc *, uint8_t, uint8_t);
162 static const char *rt2860_get_rf(uint8_t);
163 static int rt2860_read_eeprom(struct rt2860_softc *,
164 uint8_t macaddr[IEEE80211_ADDR_LEN]);
165 static int rt2860_bbp_init(struct rt2860_softc *);
166 static int rt2860_txrx_enable(struct rt2860_softc *);
167 static void rt2860_init(void *);
168 static void rt2860_init_locked(struct rt2860_softc *);
169 static void rt2860_stop(void *);
170 static void rt2860_stop_locked(struct rt2860_softc *);
171 static int rt2860_load_microcode(struct rt2860_softc *);
173 static void rt2860_calib(struct rt2860_softc *);
175 static void rt3090_set_rx_antenna(struct rt2860_softc *, int);
176 static void rt2860_switch_chan(struct rt2860_softc *,
177 struct ieee80211_channel *);
178 static int rt2860_setup_beacon(struct rt2860_softc *,
179 struct ieee80211vap *);
180 static void rt2860_enable_tsf_sync(struct rt2860_softc *);
182 static const struct {
185 } rt2860_def_mac[] = {
189 static const struct {
192 } rt2860_def_bbp[] = {
196 static const struct rfprog {
198 uint32_t r1, r2, r3, r4;
199 } rt2860_rf2850[] = {
209 static const struct {
212 } rt3090_def_rf[] = {
217 rt2860_attach(device_t dev, int id)
219 struct rt2860_softc *sc = device_get_softc(dev);
220 struct ieee80211com *ic;
223 int error, ntries, qid;
225 uint8_t macaddr[IEEE80211_ADDR_LEN];
226 struct sysctl_ctx_list *ctx;
227 struct sysctl_oid *tree;
232 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211);
234 device_printf(sc->sc_dev, "can not if_alloc()\n");
239 callout_init(&sc->watchdog_ch);
241 /* wait for NIC to initialize */
242 for (ntries = 0; ntries < 100; ntries++) {
243 tmp = RAL_READ(sc, RT2860_ASIC_VER_ID);
244 if (tmp != 0 && tmp != 0xffffffff)
249 device_printf(sc->sc_dev,
250 "timeout waiting for NIC to initialize\n");
254 sc->mac_ver = tmp >> 16;
255 sc->mac_rev = tmp & 0xffff;
257 if (sc->mac_ver != 0x2860 &&
258 (id == 0x0681 || id == 0x0781 || id == 0x1059))
259 sc->sc_flags |= RT2860_ADVANCED_PS;
261 /* retrieve RF rev. no and various other things from EEPROM */
262 rt2860_read_eeprom(sc, macaddr);
264 char ethstr[ETHER_ADDRSTRLEN + 1];
266 device_printf(sc->sc_dev, "MAC/BBP RT%X (rev 0x%04X), "
267 "RF %s (MIMO %dT%dR), address %s\n",
268 sc->mac_ver, sc->mac_rev, rt2860_get_rf(sc->rf_rev),
269 sc->ntxchains, sc->nrxchains,
270 kether_ntoa(macaddr, ethstr));
274 * Allocate Tx (4 EDCAs + HCCA + Mgt) and Rx rings.
276 for (qid = 0; qid < 6; qid++) {
277 if ((error = rt2860_alloc_tx_ring(sc, &sc->txq[qid])) != 0) {
278 device_printf(sc->sc_dev,
279 "could not allocate Tx ring %d\n", qid);
284 if ((error = rt2860_alloc_rx_ring(sc, &sc->rxq)) != 0) {
285 device_printf(sc->sc_dev, "could not allocate Rx ring\n");
289 if ((error = rt2860_alloc_tx_pool(sc)) != 0) {
290 device_printf(sc->sc_dev, "could not allocate Tx pool\n");
294 /* mgmt ring is broken on RT2860C, use EDCA AC VO ring instead */
295 sc->mgtqid = (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) ?
299 if_initname(ifp, device_get_name(dev), device_get_unit(dev));
300 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
301 ifp->if_init = rt2860_init;
302 ifp->if_ioctl = rt2860_ioctl;
303 ifp->if_start = rt2860_start;
304 ifq_set_maxlen(&ifp->if_snd, ifqmaxlen);
306 ifq_set_ready(&ifp->if_snd);
310 ic->ic_opmode = IEEE80211_M_STA;
311 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */
313 /* set device capabilities */
315 IEEE80211_C_STA /* station mode */
316 | IEEE80211_C_IBSS /* ibss, nee adhoc, mode */
317 | IEEE80211_C_HOSTAP /* hostap mode */
318 | IEEE80211_C_MONITOR /* monitor mode */
319 | IEEE80211_C_AHDEMO /* adhoc demo mode */
320 | IEEE80211_C_WDS /* 4-address traffic works */
321 | IEEE80211_C_MBSS /* mesh point link mode */
322 | IEEE80211_C_SHPREAMBLE /* short preamble supported */
323 | IEEE80211_C_SHSLOT /* short slot time supported */
324 | IEEE80211_C_WPA /* capable of WPA1+WPA2 */
326 | IEEE80211_C_BGSCAN /* capable of bg scanning */
328 | IEEE80211_C_WME /* 802.11e */
332 setbit(&bands, IEEE80211_MODE_11B);
333 setbit(&bands, IEEE80211_MODE_11G);
334 if (sc->rf_rev == RT2860_RF_2750 || sc->rf_rev == RT2860_RF_2850)
335 setbit(&bands, IEEE80211_MODE_11A);
336 ieee80211_init_channels(ic, NULL, &bands);
338 ieee80211_ifattach(ic, macaddr);
340 ic->ic_wme.wme_update = rt2860_updateedca;
341 ic->ic_scan_start = rt2860_scan_start;
342 ic->ic_scan_end = rt2860_scan_end;
343 ic->ic_set_channel = rt2860_set_channel;
344 ic->ic_updateslot = rt2860_updateslot;
345 ic->ic_update_promisc = rt2860_update_promisc;
346 ic->ic_raw_xmit = rt2860_raw_xmit;
347 sc->sc_node_free = ic->ic_node_free;
348 ic->ic_node_free = rt2860_node_free;
349 ic->ic_newassoc = rt2860_newassoc;
351 ic->ic_vap_create = rt2860_vap_create;
352 ic->ic_vap_delete = rt2860_vap_delete;
354 ieee80211_radiotap_attach(ic,
355 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap),
356 RT2860_TX_RADIOTAP_PRESENT,
357 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap),
358 RT2860_RX_RADIOTAP_PRESENT);
360 ctx = &sc->sc_sysctl_ctx;
361 sysctl_ctx_init(ctx);
362 tree = SYSCTL_ADD_NODE(ctx, SYSCTL_STATIC_CHILDREN(_hw),
364 device_get_nameunit(sc->sc_dev),
367 device_printf(sc->sc_dev, "can't add sysctl node\n");
371 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
372 "debug", CTLFLAG_RW, &sc->sc_debug, 0, "debug msgs");
375 ieee80211_announce(ic);
379 fail3: rt2860_free_rx_ring(sc, &sc->rxq);
380 fail2: while (--qid >= 0)
381 rt2860_free_tx_ring(sc, &sc->txq[qid]);
388 rt2860_detach(void *xsc)
390 struct rt2860_softc *sc = xsc;
391 struct ifnet *ifp = sc->sc_ifp;
392 struct ieee80211com *ic = ifp->if_l2com;
395 rt2860_stop_locked(sc);
397 ieee80211_ifdetach(ic);
399 for (qid = 0; qid < 6; qid++)
400 rt2860_free_tx_ring(sc, &sc->txq[qid]);
401 rt2860_free_rx_ring(sc, &sc->rxq);
402 rt2860_free_tx_pool(sc);
410 rt2860_shutdown(void *xsc)
412 struct rt2860_softc *sc = xsc;
418 rt2860_suspend(void *xsc)
420 struct rt2860_softc *sc = xsc;
426 rt2860_resume(void *xsc)
428 struct rt2860_softc *sc = xsc;
429 struct ifnet *ifp = sc->sc_ifp;
431 if (ifp->if_flags & IFF_UP)
435 static struct ieee80211vap *
436 rt2860_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit,
437 enum ieee80211_opmode opmode, int flags,
438 const uint8_t bssid[IEEE80211_ADDR_LEN],
439 const uint8_t mac[IEEE80211_ADDR_LEN])
441 struct ifnet *ifp = ic->ic_ifp;
442 struct rt2860_vap *rvp;
443 struct ieee80211vap *vap;
446 case IEEE80211_M_STA:
447 case IEEE80211_M_IBSS:
448 case IEEE80211_M_AHDEMO:
449 case IEEE80211_M_MONITOR:
450 case IEEE80211_M_HOSTAP:
451 case IEEE80211_M_MBSS:
453 if (!TAILQ_EMPTY(&ic->ic_vaps)) {
454 if_printf(ifp, "only 1 vap supported\n");
457 if (opmode == IEEE80211_M_STA)
458 flags |= IEEE80211_CLONE_NOBEACONS;
460 case IEEE80211_M_WDS:
461 if (TAILQ_EMPTY(&ic->ic_vaps) ||
462 ic->ic_opmode != IEEE80211_M_HOSTAP) {
463 if_printf(ifp, "wds only supported in ap mode\n");
467 * Silently remove any request for a unique
468 * bssid; WDS vap's always share the local
471 flags &= ~IEEE80211_CLONE_BSSID;
474 if_printf(ifp, "unknown opmode %d\n", opmode);
477 rvp = kmalloc(sizeof(struct rt2860_vap), M_80211_VAP, M_NOWAIT | M_ZERO);
481 ieee80211_vap_setup(ic, vap, name, unit, opmode, flags, bssid, mac);
483 /* override state transition machine */
484 rvp->ral_newstate = vap->iv_newstate;
485 vap->iv_newstate = rt2860_newstate;
487 vap->iv_update_beacon = rt2860_beacon_update;
490 /* HW supports up to 255 STAs (0-254) in HostAP and IBSS modes */
491 vap->iv_max_aid = min(IEEE80211_AID_MAX, RT2860_WCID_MAX);
493 ieee80211_ratectl_init(vap);
495 ieee80211_vap_attach(vap, ieee80211_media_change, ieee80211_media_status);
496 if (TAILQ_FIRST(&ic->ic_vaps) == vap)
497 ic->ic_opmode = opmode;
502 rt2860_vap_delete(struct ieee80211vap *vap)
504 struct rt2860_vap *rvp = RT2860_VAP(vap);
506 ieee80211_ratectl_deinit(vap);
507 ieee80211_vap_detach(vap);
508 kfree(rvp, M_80211_VAP);
512 rt2860_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error)
517 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg));
519 *(bus_addr_t *)arg = segs[0].ds_addr;
524 rt2860_alloc_tx_ring(struct rt2860_softc *sc, struct rt2860_tx_ring *ring)
528 size = RT2860_TX_RING_COUNT * sizeof (struct rt2860_txd);
530 error = bus_dma_tag_create(ring->desc_dmat, 16, 0,
531 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL,
532 size, 1, size, 0, &ring->desc_dmat);
534 device_printf(sc->sc_dev, "could not create desc DMA map\n");
538 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->txd,
539 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map);
541 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
545 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->txd,
546 size, rt2860_dma_map_addr, &ring->paddr, 0);
548 device_printf(sc->sc_dev, "could not load desc DMA map\n");
552 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
556 fail: rt2860_free_tx_ring(sc, ring);
561 rt2860_reset_tx_ring(struct rt2860_softc *sc, struct rt2860_tx_ring *ring)
563 struct rt2860_tx_data *data;
566 for (i = 0; i < RT2860_TX_RING_COUNT; i++) {
567 if ((data = ring->data[i]) == NULL)
568 continue; /* nothing mapped in this slot */
570 if (data->m != NULL) {
571 bus_dmamap_sync(sc->txwi_dmat, data->map,
572 BUS_DMASYNC_POSTWRITE);
573 bus_dmamap_unload(sc->txwi_dmat, data->map);
577 if (data->ni != NULL) {
578 ieee80211_free_node(data->ni);
582 SLIST_INSERT_HEAD(&sc->data_pool, data, next);
583 ring->data[i] = NULL;
587 ring->cur = ring->next = 0;
591 rt2860_free_tx_ring(struct rt2860_softc *sc, struct rt2860_tx_ring *ring)
593 struct rt2860_tx_data *data;
596 if (ring->txd != NULL) {
597 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
598 BUS_DMASYNC_POSTWRITE);
599 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
600 bus_dmamem_free(ring->desc_dmat, ring->txd, ring->desc_map);
602 if (ring->desc_dmat != NULL)
603 bus_dma_tag_destroy(ring->desc_dmat);
605 for (i = 0; i < RT2860_TX_RING_COUNT; i++) {
606 if ((data = ring->data[i]) == NULL)
607 continue; /* nothing mapped in this slot */
609 if (data->m != NULL) {
610 bus_dmamap_sync(sc->txwi_dmat, data->map,
611 BUS_DMASYNC_POSTWRITE);
612 bus_dmamap_unload(sc->txwi_dmat, data->map);
615 if (data->ni != NULL)
616 ieee80211_free_node(data->ni);
618 SLIST_INSERT_HEAD(&sc->data_pool, data, next);
623 * Allocate a pool of TX Wireless Information blocks.
626 rt2860_alloc_tx_pool(struct rt2860_softc *sc)
632 size = RT2860_TX_POOL_COUNT * RT2860_TXWI_DMASZ;
634 /* init data_pool early in case of failure.. */
635 SLIST_INIT(&sc->data_pool);
637 error = bus_dma_tag_create(sc->txwi_dmat, 1, 0,
638 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL,
639 size, 1, size, 0, &sc->txwi_dmat);
641 device_printf(sc->sc_dev, "could not create txwi DMA tag\n");
645 error = bus_dmamem_alloc(sc->txwi_dmat, (void **)&sc->txwi_vaddr,
646 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &sc->txwi_map);
648 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
652 error = bus_dmamap_load(sc->txwi_dmat, sc->txwi_map,
653 sc->txwi_vaddr, size, rt2860_dma_map_addr, &paddr, 0);
655 device_printf(sc->sc_dev, "could not load txwi DMA map\n");
659 bus_dmamap_sync(sc->txwi_dmat, sc->txwi_map, BUS_DMASYNC_PREWRITE);
661 vaddr = sc->txwi_vaddr;
662 for (i = 0; i < RT2860_TX_POOL_COUNT; i++) {
663 struct rt2860_tx_data *data = &sc->data[i];
665 error = bus_dmamap_create(sc->txwi_dmat, 0, &data->map);
667 device_printf(sc->sc_dev, "could not create DMA map\n");
670 data->txwi = (struct rt2860_txwi *)vaddr;
672 vaddr += RT2860_TXWI_DMASZ;
673 paddr += RT2860_TXWI_DMASZ;
675 SLIST_INSERT_HEAD(&sc->data_pool, data, next);
680 fail: rt2860_free_tx_pool(sc);
685 rt2860_free_tx_pool(struct rt2860_softc *sc)
687 if (sc->txwi_vaddr != NULL) {
688 bus_dmamap_sync(sc->txwi_dmat, sc->txwi_map,
689 BUS_DMASYNC_POSTWRITE);
690 bus_dmamap_unload(sc->txwi_dmat, sc->txwi_map);
691 bus_dmamem_free(sc->txwi_dmat, sc->txwi_vaddr, sc->txwi_map);
693 if (sc->txwi_dmat != NULL)
694 bus_dma_tag_destroy(sc->txwi_dmat);
696 while (!SLIST_EMPTY(&sc->data_pool)) {
697 struct rt2860_tx_data *data;
698 data = SLIST_FIRST(&sc->data_pool);
699 bus_dmamap_destroy(sc->txwi_dmat, data->map);
700 SLIST_REMOVE_HEAD(&sc->data_pool, next);
705 rt2860_alloc_rx_ring(struct rt2860_softc *sc, struct rt2860_rx_ring *ring)
710 size = RT2860_RX_RING_COUNT * sizeof (struct rt2860_rxd);
712 error = bus_dma_tag_create(ring->desc_dmat, 16, 0,
713 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL,
714 size, 1, size, 0, &ring->desc_dmat);
716 device_printf(sc->sc_dev, "could not create desc DMA tag\n");
720 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->rxd,
721 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map);
723 device_printf(sc->sc_dev, "could not allocate DMA memory\n");
727 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->rxd,
728 size, rt2860_dma_map_addr, &ring->paddr, 0);
730 device_printf(sc->sc_dev, "could not load desc DMA map\n");
734 error = bus_dma_tag_create(ring->data_dmat, 1, 0,
735 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES,
736 1, MCLBYTES, 0, &ring->data_dmat);
738 device_printf(sc->sc_dev, "could not create data DMA tag\n");
742 for (i = 0; i < RT2860_RX_RING_COUNT; i++) {
743 struct rt2860_rx_data *data = &ring->data[i];
744 struct rt2860_rxd *rxd = &ring->rxd[i];
746 error = bus_dmamap_create(ring->data_dmat, 0, &data->map);
748 device_printf(sc->sc_dev, "could not create DMA map\n");
752 data->m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
753 if (data->m == NULL) {
754 device_printf(sc->sc_dev,
755 "could not allocate rx mbuf\n");
760 error = bus_dmamap_load(ring->data_dmat, data->map,
761 mtod(data->m, void *), MCLBYTES, rt2860_dma_map_addr,
764 device_printf(sc->sc_dev,
765 "could not load rx buf DMA map");
769 rxd->sdp0 = htole32(physaddr);
770 rxd->sdl0 = htole16(MCLBYTES);
773 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
777 fail: rt2860_free_rx_ring(sc, ring);
782 rt2860_reset_rx_ring(struct rt2860_softc *sc, struct rt2860_rx_ring *ring)
786 for (i = 0; i < RT2860_RX_RING_COUNT; i++)
787 ring->rxd[i].sdl0 &= ~htole16(RT2860_RX_DDONE);
789 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
795 rt2860_free_rx_ring(struct rt2860_softc *sc, struct rt2860_rx_ring *ring)
799 if (ring->rxd != NULL) {
800 bus_dmamap_sync(ring->desc_dmat, ring->desc_map,
801 BUS_DMASYNC_POSTWRITE);
802 bus_dmamap_unload(ring->desc_dmat, ring->desc_map);
803 bus_dmamem_free(ring->desc_dmat, ring->rxd, ring->desc_map);
805 if (ring->desc_dmat != NULL)
806 bus_dma_tag_destroy(ring->desc_dmat);
808 for (i = 0; i < RT2860_RX_RING_COUNT; i++) {
809 struct rt2860_rx_data *data = &ring->data[i];
811 if (data->m != NULL) {
812 bus_dmamap_sync(ring->data_dmat, data->map,
813 BUS_DMASYNC_POSTREAD);
814 bus_dmamap_unload(ring->data_dmat, data->map);
817 if (data->map != NULL)
818 bus_dmamap_destroy(ring->data_dmat, data->map);
820 if (ring->data_dmat != NULL)
821 bus_dma_tag_destroy(ring->data_dmat);
825 rt2860_updatestats(struct rt2860_softc *sc)
827 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
830 * In IBSS or HostAP modes (when the hardware sends beacons), the
831 * MAC can run into a livelock and start sending CTS-to-self frames
832 * like crazy if protection is enabled. Fortunately, we can detect
833 * when such a situation occurs and reset the MAC.
835 if (ic->ic_curmode != IEEE80211_M_STA) {
836 /* check if we're in a livelock situation.. */
837 uint32_t tmp = RAL_READ(sc, RT2860_DEBUG);
838 if ((tmp & (1 << 29)) && (tmp & (1 << 7 | 1 << 5))) {
839 /* ..and reset MAC/BBP for a while.. */
840 DPRINTF(("CTS-to-self livelock detected\n"));
841 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_SRST);
842 RAL_BARRIER_WRITE(sc);
844 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL,
845 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
851 rt2860_newassoc(struct ieee80211_node *ni, int isnew)
853 struct ieee80211com *ic = ni->ni_ic;
854 struct rt2860_softc *sc = ic->ic_ifp->if_softc;
856 char ethstr[ETHER_ADDRSTRLEN + 1];
858 wcid = IEEE80211_AID(ni->ni_associd);
859 if (isnew && ni->ni_associd != 0) {
860 sc->wcid2ni[wcid] = ni;
862 /* init WCID table entry */
863 RAL_WRITE_REGION_1(sc, RT2860_WCID_ENTRY(wcid),
864 ni->ni_macaddr, IEEE80211_ADDR_LEN);
866 DPRINTF(("new assoc isnew=%d addr=%s WCID=%d\n",
867 isnew, kether_ntoa(ni->ni_macaddr, ethstr), wcid));
871 rt2860_node_free(struct ieee80211_node *ni)
873 struct ieee80211com *ic = ni->ni_ic;
874 struct rt2860_softc *sc = ic->ic_ifp->if_softc;
877 if (ni->ni_associd != 0) {
878 wcid = IEEE80211_AID(ni->ni_associd);
880 /* clear Rx WCID search table entry */
881 RAL_SET_REGION_4(sc, RT2860_WCID_ENTRY(wcid), 0, 2);
883 sc->sc_node_free(ni);
888 rt2860_ampdu_rx_start(struct ieee80211com *ic, struct ieee80211_node *ni,
891 struct rt2860_softc *sc = ic->ic_softc;
892 uint8_t wcid = ((struct rt2860_node *)ni)->wcid;
895 /* update BA session mask */
896 tmp = RAL_READ(sc, RT2860_WCID_ENTRY(wcid) + 4);
897 tmp |= (1 << tid) << 16;
898 RAL_WRITE(sc, RT2860_WCID_ENTRY(wcid) + 4, tmp);
903 rt2860_ampdu_rx_stop(struct ieee80211com *ic, struct ieee80211_node *ni,
906 struct rt2860_softc *sc = ic->ic_softc;
907 uint8_t wcid = ((struct rt2860_node *)ni)->wcid;
910 /* update BA session mask */
911 tmp = RAL_READ(sc, RT2860_WCID_ENTRY(wcid) + 4);
912 tmp &= ~((1 << tid) << 16);
913 RAL_WRITE(sc, RT2860_WCID_ENTRY(wcid) + 4, tmp);
918 rt2860_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
920 struct rt2860_vap *rvp = RT2860_VAP(vap);
921 struct ieee80211com *ic = vap->iv_ic;
922 struct rt2860_softc *sc = ic->ic_ifp->if_softc;
926 if (vap->iv_state == IEEE80211_S_RUN) {
927 /* turn link LED off */
928 rt2860_set_leds(sc, RT2860_LED_RADIO);
931 if (nstate == IEEE80211_S_INIT && vap->iv_state == IEEE80211_S_RUN) {
932 /* abort TSF synchronization */
933 tmp = RAL_READ(sc, RT2860_BCN_TIME_CFG);
934 RAL_WRITE(sc, RT2860_BCN_TIME_CFG,
935 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
936 RT2860_TBTT_TIMER_EN));
939 rt2860_set_gp_timer(sc, 0);
941 error = rvp->ral_newstate(vap, nstate, arg);
945 if (nstate == IEEE80211_S_RUN) {
946 struct ieee80211_node *ni = vap->iv_bss;
948 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
949 rt2860_enable_mrr(sc);
950 rt2860_set_txpreamble(sc);
951 rt2860_set_basicrates(sc, &ni->ni_rates);
952 rt2860_set_bssid(sc, ni->ni_bssid);
955 if (vap->iv_opmode == IEEE80211_M_HOSTAP ||
956 vap->iv_opmode == IEEE80211_M_IBSS ||
957 vap->iv_opmode == IEEE80211_M_MBSS) {
958 error = rt2860_setup_beacon(sc, vap);
963 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
964 rt2860_enable_tsf_sync(sc);
965 rt2860_set_gp_timer(sc, 500);
968 /* turn link LED on */
969 rt2860_set_leds(sc, RT2860_LED_RADIO |
970 (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan) ?
971 RT2860_LED_LINK_2GHZ : RT2860_LED_LINK_5GHZ));
976 /* Read 16-bit from eFUSE ROM (>=RT3071 only.) */
978 rt3090_efuse_read_2(struct rt2860_softc *sc, uint16_t addr)
986 * Read one 16-byte block into registers EFUSE_DATA[0-3]:
992 tmp = RAL_READ(sc, RT3070_EFUSE_CTRL);
993 tmp &= ~(RT3070_EFSROM_MODE_MASK | RT3070_EFSROM_AIN_MASK);
994 tmp |= (addr & ~0xf) << RT3070_EFSROM_AIN_SHIFT | RT3070_EFSROM_KICK;
995 RAL_WRITE(sc, RT3070_EFUSE_CTRL, tmp);
996 for (ntries = 0; ntries < 500; ntries++) {
997 tmp = RAL_READ(sc, RT3070_EFUSE_CTRL);
998 if (!(tmp & RT3070_EFSROM_KICK))
1005 if ((tmp & RT3070_EFUSE_AOUT_MASK) == RT3070_EFUSE_AOUT_MASK)
1006 return 0xffff; /* address not found */
1008 /* determine to which 32-bit register our 16-bit word belongs */
1009 reg = RT3070_EFUSE_DATA3 - (addr & 0xc);
1010 tmp = RAL_READ(sc, reg);
1012 return (addr & 2) ? tmp >> 16 : tmp & 0xffff;
1016 * Read 16 bits at address 'addr' from the serial EEPROM (either 93C46,
1020 rt2860_eeprom_read_2(struct rt2860_softc *sc, uint16_t addr)
1026 /* clock C once before the first command */
1027 RT2860_EEPROM_CTL(sc, 0);
1029 RT2860_EEPROM_CTL(sc, RT2860_S);
1030 RT2860_EEPROM_CTL(sc, RT2860_S | RT2860_C);
1031 RT2860_EEPROM_CTL(sc, RT2860_S);
1033 /* write start bit (1) */
1034 RT2860_EEPROM_CTL(sc, RT2860_S | RT2860_D);
1035 RT2860_EEPROM_CTL(sc, RT2860_S | RT2860_D | RT2860_C);
1037 /* write READ opcode (10) */
1038 RT2860_EEPROM_CTL(sc, RT2860_S | RT2860_D);
1039 RT2860_EEPROM_CTL(sc, RT2860_S | RT2860_D | RT2860_C);
1040 RT2860_EEPROM_CTL(sc, RT2860_S);
1041 RT2860_EEPROM_CTL(sc, RT2860_S | RT2860_C);
1043 /* write address (A5-A0 or A7-A0) */
1044 n = ((RAL_READ(sc, RT2860_PCI_EECTRL) & 0x30) == 0) ? 5 : 7;
1045 for (; n >= 0; n--) {
1046 RT2860_EEPROM_CTL(sc, RT2860_S |
1047 (((addr >> n) & 1) << RT2860_SHIFT_D));
1048 RT2860_EEPROM_CTL(sc, RT2860_S |
1049 (((addr >> n) & 1) << RT2860_SHIFT_D) | RT2860_C);
1052 RT2860_EEPROM_CTL(sc, RT2860_S);
1054 /* read data Q15-Q0 */
1056 for (n = 15; n >= 0; n--) {
1057 RT2860_EEPROM_CTL(sc, RT2860_S | RT2860_C);
1058 tmp = RAL_READ(sc, RT2860_PCI_EECTRL);
1059 val |= ((tmp & RT2860_Q) >> RT2860_SHIFT_Q) << n;
1060 RT2860_EEPROM_CTL(sc, RT2860_S);
1063 RT2860_EEPROM_CTL(sc, 0);
1065 /* clear Chip Select and clock C */
1066 RT2860_EEPROM_CTL(sc, RT2860_S);
1067 RT2860_EEPROM_CTL(sc, 0);
1068 RT2860_EEPROM_CTL(sc, RT2860_C);
1073 static __inline uint16_t
1074 rt2860_srom_read(struct rt2860_softc *sc, uint8_t addr)
1076 /* either eFUSE ROM or EEPROM */
1077 return sc->sc_srom_read(sc, addr);
1081 rt2860_intr_coherent(struct rt2860_softc *sc)
1085 /* DMA finds data coherent event when checking the DDONE bit */
1087 DPRINTF(("Tx/Rx Coherent interrupt\n"));
1089 /* restart DMA engine */
1090 tmp = RAL_READ(sc, RT2860_WPDMA_GLO_CFG);
1091 tmp &= ~(RT2860_TX_WB_DDONE | RT2860_RX_DMA_EN | RT2860_TX_DMA_EN);
1092 RAL_WRITE(sc, RT2860_WPDMA_GLO_CFG, tmp);
1094 (void)rt2860_txrx_enable(sc);
1098 rt2860_drain_stats_fifo(struct rt2860_softc *sc)
1100 struct ifnet *ifp = sc->sc_ifp;
1101 struct ieee80211_node *ni;
1104 uint8_t wcid, mcs, pid;
1106 /* drain Tx status FIFO (maxsize = 16) */
1107 while ((stat = RAL_READ(sc, RT2860_TX_STAT_FIFO)) & RT2860_TXQ_VLD) {
1108 DPRINTFN(4, ("tx stat 0x%08x\n", stat));
1110 wcid = (stat >> RT2860_TXQ_WCID_SHIFT) & 0xff;
1111 ni = sc->wcid2ni[wcid];
1113 /* if no ACK was requested, no feedback is available */
1114 if (!(stat & RT2860_TXQ_ACKREQ) || wcid == 0xff || ni == NULL)
1117 /* update per-STA AMRR stats */
1118 if (stat & RT2860_TXQ_OK) {
1120 * Check if there were retries, ie if the Tx success
1121 * rate is different from the requested rate. Note
1122 * that it works only because we do not allow rate
1123 * fallback from OFDM to CCK.
1125 mcs = (stat >> RT2860_TXQ_MCS_SHIFT) & 0x7f;
1126 pid = (stat >> RT2860_TXQ_PID_SHIFT) & 0xf;
1131 ieee80211_ratectl_tx_complete(ni->ni_vap, ni,
1132 IEEE80211_RATECTL_TX_SUCCESS, &retrycnt, NULL);
1134 ieee80211_ratectl_tx_complete(ni->ni_vap, ni,
1135 IEEE80211_RATECTL_TX_FAILURE, &retrycnt, NULL);
1136 IFNET_STAT_INC(ifp, oerrors, 1);
1142 rt2860_tx_intr(struct rt2860_softc *sc, int qid)
1144 struct ifnet *ifp = sc->sc_ifp;
1145 struct rt2860_tx_ring *ring = &sc->txq[qid];
1148 rt2860_drain_stats_fifo(sc);
1150 hw = RAL_READ(sc, RT2860_TX_DTX_IDX(qid));
1151 while (ring->next != hw) {
1152 struct rt2860_tx_data *data = ring->data[ring->next];
1155 bus_dmamap_sync(sc->txwi_dmat, data->map,
1156 BUS_DMASYNC_POSTWRITE);
1157 bus_dmamap_unload(sc->txwi_dmat, data->map);
1158 if (data->m->m_flags & M_TXCB) {
1159 ieee80211_process_callback(data->ni, data->m,
1163 ieee80211_free_node(data->ni);
1167 SLIST_INSERT_HEAD(&sc->data_pool, data, next);
1168 ring->data[ring->next] = NULL;
1170 IFNET_STAT_INC(ifp, opackets, 1);
1173 ring->next = (ring->next + 1) % RT2860_TX_RING_COUNT;
1176 sc->sc_tx_timer = 0;
1177 if (ring->queued < RT2860_TX_RING_COUNT)
1178 sc->qfullmsk &= ~(1 << qid);
1179 ifq_clr_oactive(&ifp->if_snd);
1180 rt2860_start_locked(ifp);
1184 * Return the Rx chain with the highest RSSI for a given frame.
1186 static __inline uint8_t
1187 rt2860_maxrssi_chain(struct rt2860_softc *sc, const struct rt2860_rxwi *rxwi)
1189 uint8_t rxchain = 0;
1191 if (sc->nrxchains > 1) {
1192 if (rxwi->rssi[1] > rxwi->rssi[rxchain])
1194 if (sc->nrxchains > 2)
1195 if (rxwi->rssi[2] > rxwi->rssi[rxchain])
1202 rt2860_rx_intr(struct rt2860_softc *sc)
1204 struct rt2860_rx_radiotap_header *tap;
1205 struct ifnet *ifp = sc->sc_ifp;
1206 struct ieee80211com *ic = ifp->if_l2com;
1207 struct ieee80211_frame *wh;
1208 struct ieee80211_node *ni;
1209 struct mbuf *m, *m1;
1210 bus_addr_t physaddr;
1217 hw = RAL_READ(sc, RT2860_FS_DRX_IDX) & 0xfff;
1218 while (sc->rxq.cur != hw) {
1219 struct rt2860_rx_data *data = &sc->rxq.data[sc->rxq.cur];
1220 struct rt2860_rxd *rxd = &sc->rxq.rxd[sc->rxq.cur];
1221 struct rt2860_rxwi *rxwi;
1223 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1224 BUS_DMASYNC_POSTREAD);
1226 if (__predict_false(!(rxd->sdl0 & htole16(RT2860_RX_DDONE)))) {
1227 DPRINTF(("RXD DDONE bit not set!\n"));
1228 break; /* should not happen */
1231 if (__predict_false(rxd->flags &
1232 htole32(RT2860_RX_CRCERR | RT2860_RX_ICVERR))) {
1233 IFNET_STAT_INC(ifp, ierrors, 1);
1238 if (__predict_false(rxd->flags & htole32(RT2860_RX_MICERR))) {
1239 /* report MIC failures to net80211 for TKIP */
1240 ic->ic_stats.is_rx_locmicfail++;
1241 ieee80211_michael_mic_failure(ic, 0/* XXX */);
1242 IFNET_STAT_INC(ifp, ierrors, 1);
1247 m1 = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
1248 if (__predict_false(m1 == NULL)) {
1249 IFNET_STAT_INC(ifp, ierrors, 1);
1253 bus_dmamap_sync(sc->rxq.data_dmat, data->map,
1254 BUS_DMASYNC_POSTREAD);
1255 bus_dmamap_unload(sc->rxq.data_dmat, data->map);
1257 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1258 mtod(m1, void *), MCLBYTES, rt2860_dma_map_addr,
1260 if (__predict_false(error != 0)) {
1263 /* try to reload the old mbuf */
1264 error = bus_dmamap_load(sc->rxq.data_dmat, data->map,
1265 mtod(data->m, void *), MCLBYTES,
1266 rt2860_dma_map_addr, &physaddr, 0);
1267 if (__predict_false(error != 0)) {
1268 panic("%s: could not load old rx mbuf",
1269 device_get_name(sc->sc_dev));
1271 /* physical address may have changed */
1272 rxd->sdp0 = htole32(physaddr);
1273 IFNET_STAT_INC(ifp, ierrors, 1);
1278 * New mbuf successfully loaded, update Rx ring and continue
1283 rxd->sdp0 = htole32(physaddr);
1285 rxwi = mtod(m, struct rt2860_rxwi *);
1288 m->m_pkthdr.rcvif = ifp;
1289 m->m_data = (caddr_t)(rxwi + 1);
1290 m->m_pkthdr.len = m->m_len = le16toh(rxwi->len) & 0xfff;
1292 wh = mtod(m, struct ieee80211_frame *);
1294 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1295 /* frame is decrypted by hardware */
1296 wh->i_fc[1] &= ~IEEE80211_FC1_WEP;
1300 /* HW may insert 2 padding bytes after 802.11 header */
1301 if (rxd->flags & htole32(RT2860_RX_L2PAD)) {
1302 u_int hdrlen = ieee80211_hdrsize(wh);
1303 ovbcopy(wh, (caddr_t)wh + 2, hdrlen);
1305 wh = mtod(m, struct ieee80211_frame *);
1308 ant = rt2860_maxrssi_chain(sc, rxwi);
1309 rssi = rt2860_rssi2dbm(sc, rxwi->rssi[ant], ant);
1310 nf = RT2860_NOISE_FLOOR;
1312 if (ieee80211_radiotap_active(ic)) {
1313 tap = &sc->sc_rxtap;
1315 tap->wr_antenna = ant;
1316 tap->wr_antsignal = nf + rssi;
1317 tap->wr_antnoise = nf;
1318 /* in case it can't be found below */
1320 phy = le16toh(rxwi->phy);
1321 switch (phy & RT2860_PHY_MODE) {
1322 case RT2860_PHY_CCK:
1323 switch ((phy & RT2860_PHY_MCS) & ~RT2860_PHY_SHPRE) {
1324 case 0: tap->wr_rate = 2; break;
1325 case 1: tap->wr_rate = 4; break;
1326 case 2: tap->wr_rate = 11; break;
1327 case 3: tap->wr_rate = 22; break;
1329 if (phy & RT2860_PHY_SHPRE)
1330 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
1332 case RT2860_PHY_OFDM:
1333 switch (phy & RT2860_PHY_MCS) {
1334 case 0: tap->wr_rate = 12; break;
1335 case 1: tap->wr_rate = 18; break;
1336 case 2: tap->wr_rate = 24; break;
1337 case 3: tap->wr_rate = 36; break;
1338 case 4: tap->wr_rate = 48; break;
1339 case 5: tap->wr_rate = 72; break;
1340 case 6: tap->wr_rate = 96; break;
1341 case 7: tap->wr_rate = 108; break;
1347 wh = mtod(m, struct ieee80211_frame *);
1349 /* send the frame to the 802.11 layer */
1350 ni = ieee80211_find_rxnode(ic,
1351 (struct ieee80211_frame_min *)wh);
1353 (void)ieee80211_input(ni, m, rssi - nf, nf);
1354 ieee80211_free_node(ni);
1356 (void)ieee80211_input_all(ic, m, rssi - nf, nf);
1358 skip: rxd->sdl0 &= ~htole16(RT2860_RX_DDONE);
1360 bus_dmamap_sync(sc->rxq.desc_dmat, sc->rxq.desc_map,
1361 BUS_DMASYNC_PREWRITE);
1363 sc->rxq.cur = (sc->rxq.cur + 1) % RT2860_RX_RING_COUNT;
1366 /* tell HW what we have processed */
1367 RAL_WRITE(sc, RT2860_RX_CALC_IDX,
1368 (sc->rxq.cur - 1) % RT2860_RX_RING_COUNT);
1372 rt2860_tbtt_intr(struct rt2860_softc *sc)
1375 struct ieee80211com *ic = &sc->sc_ic;
1377 #ifndef IEEE80211_STA_ONLY
1378 if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
1379 /* one less beacon until next DTIM */
1380 if (ic->ic_dtim_count == 0)
1381 ic->ic_dtim_count = ic->ic_dtim_period - 1;
1383 ic->ic_dtim_count--;
1385 /* update dynamic parts of beacon */
1386 rt2860_setup_beacon(sc);
1388 /* flush buffered multicast frames */
1389 if (ic->ic_dtim_count == 0)
1390 ieee80211_notify_dtim(ic);
1393 /* check if protection mode has changed */
1394 if ((sc->sc_ic_flags ^ ic->ic_flags) & IEEE80211_F_USEPROT) {
1395 rt2860_updateprot(ic);
1396 sc->sc_ic_flags = ic->ic_flags;
1402 rt2860_gp_intr(struct rt2860_softc *sc)
1404 struct ieee80211com *ic = sc->sc_ifp->if_l2com;
1405 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
1407 DPRINTFN(2, ("GP timeout state=%d\n", vap->iv_state));
1409 if (vap->iv_state == IEEE80211_S_RUN)
1410 rt2860_updatestats(sc);
1414 rt2860_intr(void *arg)
1416 struct rt2860_softc *sc = arg;
1419 r = RAL_READ(sc, RT2860_INT_STATUS);
1420 if (__predict_false(r == 0xffffffff)) {
1421 return; /* device likely went away */
1424 return; /* not for us */
1427 /* acknowledge interrupts */
1428 RAL_WRITE(sc, RT2860_INT_STATUS, r);
1430 if (r & RT2860_TX_RX_COHERENT)
1431 rt2860_intr_coherent(sc);
1433 if (r & RT2860_MAC_INT_2) /* TX status */
1434 rt2860_drain_stats_fifo(sc);
1436 if (r & RT2860_TX_DONE_INT5)
1437 rt2860_tx_intr(sc, 5);
1439 if (r & RT2860_RX_DONE_INT)
1442 if (r & RT2860_TX_DONE_INT4)
1443 rt2860_tx_intr(sc, 4);
1445 if (r & RT2860_TX_DONE_INT3)
1446 rt2860_tx_intr(sc, 3);
1448 if (r & RT2860_TX_DONE_INT2)
1449 rt2860_tx_intr(sc, 2);
1451 if (r & RT2860_TX_DONE_INT1)
1452 rt2860_tx_intr(sc, 1);
1454 if (r & RT2860_TX_DONE_INT0)
1455 rt2860_tx_intr(sc, 0);
1457 if (r & RT2860_MAC_INT_0) /* TBTT */
1458 rt2860_tbtt_intr(sc);
1460 if (r & RT2860_MAC_INT_3) /* Auto wakeup */
1463 if (r & RT2860_MAC_INT_4) /* GP timer */
1468 rt2860_tx(struct rt2860_softc *sc, struct mbuf *m, struct ieee80211_node *ni)
1470 struct ifnet *ifp = sc->sc_ifp;
1471 struct ieee80211com *ic = ifp->if_l2com;
1472 struct ieee80211vap *vap = ni->ni_vap;
1473 struct rt2860_tx_ring *ring;
1474 struct rt2860_tx_data *data;
1475 struct rt2860_txd *txd;
1476 struct rt2860_txwi *txwi;
1477 struct ieee80211_frame *wh;
1478 const struct ieee80211_txparam *tp;
1479 struct ieee80211_key *k;
1481 bus_dma_segment_t segs[RT2860_MAX_SCATTER];
1482 bus_dma_segment_t *seg;
1485 uint8_t type, qsel, mcs, pid, tid, qid;
1486 int i, nsegs, ntxds = 0, pad, rate, ridx, error;
1488 /* the data pool contains at least one element, pick the first */
1489 data = SLIST_FIRST(&sc->data_pool);
1491 wh = mtod(m, struct ieee80211_frame *);
1493 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1494 k = ieee80211_crypto_encap(ni, m);
1500 /* packet header may have moved, reset our local pointer */
1501 wh = mtod(m, struct ieee80211_frame *);
1504 hdrlen = ieee80211_anyhdrsize(wh);
1505 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
1507 tp = &vap->iv_txparms[ieee80211_chan2mode(ni->ni_chan)];
1508 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1509 rate = tp->mcastrate;
1510 } else if (m->m_flags & M_EAPOL) {
1511 rate = tp->mgmtrate;
1512 } else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) {
1513 rate = tp->ucastrate;
1515 (void) ieee80211_ratectl_rate(ni, NULL, 0);
1516 rate = ni->ni_txrate;
1518 rate &= IEEE80211_RATE_VAL;
1520 qid = M_WME_GETAC(m);
1521 if (IEEE80211_QOS_HAS_SEQ(wh)) {
1522 qos = ((const struct ieee80211_qosframe *)wh)->i_qos[0];
1523 tid = qos & IEEE80211_QOS_TID;
1528 ring = &sc->txq[qid];
1529 ridx = ic->ic_rt->rateCodeToIndex[rate];
1531 /* get MCS code from rate index */
1532 mcs = rt2860_rates[ridx].mcs;
1534 /* setup TX Wireless Information */
1537 /* let HW generate seq numbers for non-QoS frames */
1538 txwi->xflags = qos ? 0 : RT2860_TX_NSEQ;
1539 if (type == IEEE80211_FC0_TYPE_DATA)
1540 txwi->wcid = IEEE80211_AID(ni->ni_associd);
1543 txwi->len = htole16(m->m_pkthdr.len);
1544 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) {
1545 txwi->phy = htole16(RT2860_PHY_CCK);
1546 if (ridx != RT2860_RIDX_CCK1 &&
1547 (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
1548 mcs |= RT2860_PHY_SHPRE;
1550 txwi->phy = htole16(RT2860_PHY_OFDM);
1551 txwi->phy |= htole16(mcs);
1554 * We store the MCS code into the driver-private PacketID field.
1555 * The PacketID is latched into TX_STAT_FIFO when Tx completes so
1556 * that we know at which initial rate the frame was transmitted.
1557 * We add 1 to the MCS code because setting the PacketID field to
1558 * 0 means that we don't want feedback in TX_STAT_FIFO.
1560 pid = (mcs + 1) & 0xf;
1561 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT);
1563 /* check if RTS/CTS or CTS-to-self protection is required */
1564 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
1565 (m->m_pkthdr.len + IEEE80211_CRC_LEN > vap->iv_rtsthreshold ||
1566 ((ic->ic_flags & IEEE80211_F_USEPROT) &&
1567 rt2860_rates[ridx].phy == IEEE80211_T_OFDM)))
1568 txwi->txop = RT2860_TX_TXOP_HT;
1570 txwi->txop = RT2860_TX_TXOP_BACKOFF;
1572 if (!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
1573 (!qos || (qos & IEEE80211_QOS_ACKPOLICY) !=
1574 IEEE80211_QOS_ACKPOLICY_NOACK)) {
1575 txwi->xflags |= RT2860_TX_ACK;
1577 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
1578 dur = rt2860_rates[ridx].sp_ack_dur;
1580 dur = rt2860_rates[ridx].lp_ack_dur;
1581 *(uint16_t *)wh->i_dur = htole16(dur);
1583 /* ask MAC to insert timestamp into probe responses */
1585 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
1586 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
1587 /* NOTE: beacons do not pass through tx_data() */
1588 txwi->flags |= RT2860_TX_TS;
1590 if (ieee80211_radiotap_active_vap(vap)) {
1591 struct rt2860_tx_radiotap_header *tap = &sc->sc_txtap;
1594 tap->wt_rate = rate;
1595 if (mcs & RT2860_PHY_SHPRE)
1596 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
1598 ieee80211_radiotap_tx(vap, m);
1601 pad = (hdrlen + 3) & ~3;
1603 /* copy and trim 802.11 header */
1604 memcpy(txwi + 1, wh, hdrlen);
1607 error = bus_dmamap_load_mbuf_segment(sc->txwi_dmat, data->map, m, segs,
1608 1, &nsegs, BUS_DMA_NOWAIT);
1609 if (__predict_false(error != 0 && error != EFBIG)) {
1610 device_printf(sc->sc_dev, "can't map mbuf (error %d)\n",
1615 if (__predict_true(error == 0)) {
1616 /* determine how many TXDs are required */
1617 ntxds = 1 + (nsegs / 2);
1619 if (ring->queued + ntxds >= RT2860_TX_RING_COUNT) {
1620 /* not enough free TXDs, force mbuf defrag */
1621 bus_dmamap_unload(sc->txwi_dmat, data->map);
1625 if (__predict_false(error != 0)) {
1626 m1 = m_defrag(m, M_NOWAIT);
1628 device_printf(sc->sc_dev,
1629 "could not defragment mbuf\n");
1635 error = bus_dmamap_load_mbuf_segment(sc->txwi_dmat, data->map, m,
1636 segs, 1, &nsegs, BUS_DMA_NOWAIT);
1637 if (__predict_false(error != 0)) {
1638 device_printf(sc->sc_dev, "can't map mbuf (error %d)\n",
1644 /* determine how many TXDs are now required */
1645 ntxds = 1 + (nsegs / 2);
1647 if (ring->queued + ntxds >= RT2860_TX_RING_COUNT) {
1648 /* this is a hopeless case, drop the mbuf! */
1649 bus_dmamap_unload(sc->txwi_dmat, data->map);
1655 qsel = (qid < WME_NUM_AC) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_MGMT;
1657 /* first segment is TXWI + 802.11 header */
1658 txd = &ring->txd[ring->cur];
1659 txd->sdp0 = htole32(data->paddr);
1660 txd->sdl0 = htole16(sizeof (struct rt2860_txwi) + pad);
1663 /* setup payload segments */
1665 for (i = nsegs; i >= 2; i -= 2) {
1666 txd->sdp1 = htole32(seg->ds_addr);
1667 txd->sdl1 = htole16(seg->ds_len);
1669 ring->cur = (ring->cur + 1) % RT2860_TX_RING_COUNT;
1670 /* grab a new Tx descriptor */
1671 txd = &ring->txd[ring->cur];
1672 txd->sdp0 = htole32(seg->ds_addr);
1673 txd->sdl0 = htole16(seg->ds_len);
1677 /* finalize last segment */
1679 txd->sdp1 = htole32(seg->ds_addr);
1680 txd->sdl1 = htole16(seg->ds_len | RT2860_TX_LS1);
1682 txd->sdl0 |= htole16(RT2860_TX_LS0);
1686 /* remove from the free pool and link it into the SW Tx slot */
1687 SLIST_REMOVE_HEAD(&sc->data_pool, next);
1690 ring->data[ring->cur] = data;
1692 bus_dmamap_sync(sc->txwi_dmat, sc->txwi_map, BUS_DMASYNC_PREWRITE);
1693 bus_dmamap_sync(sc->txwi_dmat, data->map, BUS_DMASYNC_PREWRITE);
1694 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
1696 DPRINTFN(4, ("sending frame qid=%d wcid=%d nsegs=%d ridx=%d\n",
1697 qid, txwi->wcid, nsegs, ridx));
1699 ring->cur = (ring->cur + 1) % RT2860_TX_RING_COUNT;
1700 ring->queued += ntxds;
1701 if (ring->queued >= RT2860_TX_RING_COUNT)
1702 sc->qfullmsk |= 1 << qid;
1705 RAL_WRITE(sc, RT2860_TX_CTX_IDX(qid), ring->cur);
1711 rt2860_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
1712 const struct ieee80211_bpf_params *params)
1714 struct ieee80211com *ic = ni->ni_ic;
1715 struct ifnet *ifp = ic->ic_ifp;
1716 struct rt2860_softc *sc = ifp->if_softc;
1719 /* prevent management frames from being sent if we're not ready */
1720 if (!(ifp->if_flags & IFF_RUNNING)) {
1722 ieee80211_free_node(ni);
1726 if (params == NULL) {
1728 * Legacy path; interpret frame contents to decide
1729 * precisely how to send the frame.
1732 error = rt2860_tx(sc, m, ni);
1736 * Caller supplied explicit parameters to use in
1737 * sending the frame.
1739 error = rt2860_tx_raw(sc, m, ni, params);
1743 /* NB: m is reclaimed on tx failure */
1744 ieee80211_free_node(ni);
1745 IFNET_STAT_INC(ifp, oerrors, 1);
1747 sc->sc_tx_timer = 5;
1753 rt2860_tx_raw(struct rt2860_softc *sc, struct mbuf *m,
1754 struct ieee80211_node *ni, const struct ieee80211_bpf_params *params)
1756 struct ifnet *ifp = sc->sc_ifp;
1757 struct ieee80211com *ic = ifp->if_l2com;
1758 struct ieee80211vap *vap = ni->ni_vap;
1759 struct rt2860_tx_ring *ring;
1760 struct rt2860_tx_data *data;
1761 struct rt2860_txd *txd;
1762 struct rt2860_txwi *txwi;
1763 struct ieee80211_frame *wh;
1765 bus_dma_segment_t segs[RT2860_MAX_SCATTER];
1766 bus_dma_segment_t *seg;
1769 uint8_t type, qsel, mcs, pid, tid, qid;
1770 int i, nsegs, ntxds, pad, rate, ridx, error;
1772 /* the data pool contains at least one element, pick the first */
1773 data = SLIST_FIRST(&sc->data_pool);
1775 wh = mtod(m, struct ieee80211_frame *);
1776 hdrlen = ieee80211_hdrsize(wh);
1777 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
1779 /* Choose a TX rate index. */
1780 rate = params->ibp_rate0;
1781 ridx = ic->ic_rt->rateCodeToIndex[rate];
1782 if (ridx == (uint8_t)-1) {
1783 /* XXX fall back to mcast/mgmt rate? */
1788 qid = params->ibp_pri & 3;
1790 ring = &sc->txq[qid];
1792 /* get MCS code from rate index */
1793 mcs = rt2860_rates[ridx].mcs;
1795 /* setup TX Wireless Information */
1798 /* let HW generate seq numbers for non-QoS frames */
1799 txwi->xflags = params->ibp_pri & 3 ? 0 : RT2860_TX_NSEQ;
1801 txwi->len = htole16(m->m_pkthdr.len);
1802 if (rt2860_rates[ridx].phy == IEEE80211_T_DS) {
1803 txwi->phy = htole16(RT2860_PHY_CCK);
1804 if (ridx != RT2860_RIDX_CCK1 &&
1805 (ic->ic_flags & IEEE80211_F_SHPREAMBLE))
1806 mcs |= RT2860_PHY_SHPRE;
1808 txwi->phy = htole16(RT2860_PHY_OFDM);
1809 txwi->phy |= htole16(mcs);
1812 * We store the MCS code into the driver-private PacketID field.
1813 * The PacketID is latched into TX_STAT_FIFO when Tx completes so
1814 * that we know at which initial rate the frame was transmitted.
1815 * We add 1 to the MCS code because setting the PacketID field to
1816 * 0 means that we don't want feedback in TX_STAT_FIFO.
1818 pid = (mcs + 1) & 0xf;
1819 txwi->len |= htole16(pid << RT2860_TX_PID_SHIFT);
1821 /* check if RTS/CTS or CTS-to-self protection is required */
1822 if (params->ibp_flags & IEEE80211_BPF_RTS ||
1823 params->ibp_flags & IEEE80211_BPF_CTS)
1824 txwi->txop = RT2860_TX_TXOP_HT;
1826 txwi->txop = RT2860_TX_TXOP_BACKOFF;
1827 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) {
1828 txwi->xflags |= RT2860_TX_ACK;
1830 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
1831 dur = rt2860_rates[ridx].sp_ack_dur;
1833 dur = rt2860_rates[ridx].lp_ack_dur;
1834 *(uint16_t *)wh->i_dur = htole16(dur);
1836 /* ask MAC to insert timestamp into probe responses */
1838 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) ==
1839 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP))
1840 /* NOTE: beacons do not pass through tx_data() */
1841 txwi->flags |= RT2860_TX_TS;
1843 if (ieee80211_radiotap_active_vap(vap)) {
1844 struct rt2860_tx_radiotap_header *tap = &sc->sc_txtap;
1847 tap->wt_rate = rate;
1848 if (mcs & RT2860_PHY_SHPRE)
1849 tap->wt_flags |= IEEE80211_RADIOTAP_F_SHORTPRE;
1851 ieee80211_radiotap_tx(vap, m);
1854 pad = (hdrlen + 3) & ~3;
1856 /* copy and trim 802.11 header */
1857 memcpy(txwi + 1, wh, hdrlen);
1860 error = bus_dmamap_load_mbuf_segment(sc->txwi_dmat, data->map, m, segs,
1861 1, &nsegs, BUS_DMA_NOWAIT);
1862 if (__predict_false(error != 0 && error != EFBIG)) {
1863 device_printf(sc->sc_dev, "can't map mbuf (error %d)\n",
1868 if (__predict_true(error == 0)) {
1869 /* determine how many TXDs are required */
1870 ntxds = 1 + (nsegs / 2);
1872 if (ring->queued + ntxds >= RT2860_TX_RING_COUNT) {
1873 /* not enough free TXDs, force mbuf defrag */
1874 bus_dmamap_unload(sc->txwi_dmat, data->map);
1878 if (__predict_false(error != 0)) {
1879 m1 = m_defrag(m, M_NOWAIT);
1881 device_printf(sc->sc_dev,
1882 "could not defragment mbuf\n");
1888 error = bus_dmamap_load_mbuf_segment(sc->txwi_dmat, data->map, m,
1889 segs, 1, &nsegs, BUS_DMA_NOWAIT);
1890 if (__predict_false(error != 0)) {
1891 device_printf(sc->sc_dev, "can't map mbuf (error %d)\n",
1897 /* determine how many TXDs are now required */
1898 ntxds = 1 + (nsegs / 2);
1900 if (ring->queued + ntxds >= RT2860_TX_RING_COUNT) {
1901 /* this is a hopeless case, drop the mbuf! */
1902 bus_dmamap_unload(sc->txwi_dmat, data->map);
1908 qsel = (qid < WME_NUM_AC) ? RT2860_TX_QSEL_EDCA : RT2860_TX_QSEL_MGMT;
1910 /* first segment is TXWI + 802.11 header */
1911 txd = &ring->txd[ring->cur];
1912 txd->sdp0 = htole32(data->paddr);
1913 txd->sdl0 = htole16(sizeof (struct rt2860_txwi) + pad);
1916 /* setup payload segments */
1918 for (i = nsegs; i >= 2; i -= 2) {
1919 txd->sdp1 = htole32(seg->ds_addr);
1920 txd->sdl1 = htole16(seg->ds_len);
1922 ring->cur = (ring->cur + 1) % RT2860_TX_RING_COUNT;
1923 /* grab a new Tx descriptor */
1924 txd = &ring->txd[ring->cur];
1925 txd->sdp0 = htole32(seg->ds_addr);
1926 txd->sdl0 = htole16(seg->ds_len);
1930 /* finalize last segment */
1932 txd->sdp1 = htole32(seg->ds_addr);
1933 txd->sdl1 = htole16(seg->ds_len | RT2860_TX_LS1);
1935 txd->sdl0 |= htole16(RT2860_TX_LS0);
1939 /* remove from the free pool and link it into the SW Tx slot */
1940 SLIST_REMOVE_HEAD(&sc->data_pool, next);
1943 ring->data[ring->cur] = data;
1945 bus_dmamap_sync(sc->txwi_dmat, sc->txwi_map, BUS_DMASYNC_PREWRITE);
1946 bus_dmamap_sync(sc->txwi_dmat, data->map, BUS_DMASYNC_PREWRITE);
1947 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, BUS_DMASYNC_PREWRITE);
1949 DPRINTFN(4, ("sending frame qid=%d wcid=%d nsegs=%d ridx=%d\n",
1950 qid, txwi->wcid, nsegs, ridx));
1952 ring->cur = (ring->cur + 1) % RT2860_TX_RING_COUNT;
1953 ring->queued += ntxds;
1954 if (ring->queued >= RT2860_TX_RING_COUNT)
1955 sc->qfullmsk |= 1 << qid;
1958 RAL_WRITE(sc, RT2860_TX_CTX_IDX(qid), ring->cur);
1965 rt2860_start(struct ifnet *ifp, struct ifaltq_subque *ifsq)
1967 ASSERT_ALTQ_SQ_DEFAULT(ifp, ifsq);
1968 rt2860_start_locked(ifp);
1972 rt2860_start_locked(struct ifnet *ifp)
1974 struct rt2860_softc *sc = ifp->if_softc;
1975 struct ieee80211_node *ni;
1978 if ((ifp->if_flags & IFF_RUNNING) == 0)
1982 if (SLIST_EMPTY(&sc->data_pool) || sc->qfullmsk != 0) {
1983 ifq_set_oactive(&ifp->if_snd);
1986 m = ifq_dequeue(&ifp->if_snd);
1989 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif;
1990 if (rt2860_tx(sc, m, ni) != 0) {
1991 ieee80211_free_node(ni);
1992 IFNET_STAT_INC(ifp, oerrors, 1);
1995 sc->sc_tx_timer = 5;
2000 rt2860_watchdog(void *arg)
2002 struct rt2860_softc *sc = arg;
2003 struct ifnet *ifp = sc->sc_ifp;
2005 KASSERT(ifp->if_flags & IFF_RUNNING, ("not running"));
2007 if (sc->sc_invalid) /* card ejected */
2010 if (sc->sc_tx_timer > 0 && --sc->sc_tx_timer == 0) {
2011 if_printf(ifp, "device timeout\n");
2012 rt2860_stop_locked(sc);
2013 rt2860_init_locked(sc);
2014 IFNET_STAT_INC(ifp, oerrors, 1);
2017 callout_reset(&sc->watchdog_ch, hz, rt2860_watchdog, sc);
2021 rt2860_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data, struct ucred *ucred)
2023 struct rt2860_softc *sc = ifp->if_softc;
2024 struct ieee80211com *ic = ifp->if_l2com;
2025 struct ifreq *ifr = (struct ifreq *)data;
2026 int error = 0, startall = 0;
2030 if (ifp->if_flags & IFF_UP) {
2031 if (!(ifp->if_flags & IFF_RUNNING)) {
2032 rt2860_init_locked(sc);
2035 rt2860_update_promisc(ifp);
2037 if (ifp->if_flags & IFF_RUNNING)
2038 rt2860_stop_locked(sc);
2041 ieee80211_start_all(ic);
2044 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd);
2047 error = ether_ioctl(ifp, cmd, data);
2057 * Reading and writing from/to the BBP is different from RT2560 and RT2661.
2058 * We access the BBP through the 8051 microcontroller unit which means that
2059 * the microcode must be loaded first.
2062 rt2860_mcu_bbp_write(struct rt2860_softc *sc, uint8_t reg, uint8_t val)
2066 for (ntries = 0; ntries < 100; ntries++) {
2067 if (!(RAL_READ(sc, RT2860_H2M_BBPAGENT) & RT2860_BBP_CSR_KICK))
2071 if (ntries == 100) {
2072 device_printf(sc->sc_dev,
2073 "could not write to BBP through MCU\n");
2077 RAL_WRITE(sc, RT2860_H2M_BBPAGENT, RT2860_BBP_RW_PARALLEL |
2078 RT2860_BBP_CSR_KICK | reg << 8 | val);
2079 RAL_BARRIER_WRITE(sc);
2081 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_BBP, 0, 0);
2086 rt2860_mcu_bbp_read(struct rt2860_softc *sc, uint8_t reg)
2091 for (ntries = 0; ntries < 100; ntries++) {
2092 if (!(RAL_READ(sc, RT2860_H2M_BBPAGENT) & RT2860_BBP_CSR_KICK))
2096 if (ntries == 100) {
2097 device_printf(sc->sc_dev,
2098 "could not read from BBP through MCU\n");
2102 RAL_WRITE(sc, RT2860_H2M_BBPAGENT, RT2860_BBP_RW_PARALLEL |
2103 RT2860_BBP_CSR_KICK | RT2860_BBP_CSR_READ | reg << 8);
2104 RAL_BARRIER_WRITE(sc);
2106 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_BBP, 0, 0);
2109 for (ntries = 0; ntries < 100; ntries++) {
2110 val = RAL_READ(sc, RT2860_H2M_BBPAGENT);
2111 if (!(val & RT2860_BBP_CSR_KICK))
2115 device_printf(sc->sc_dev, "could not read from BBP through MCU\n");
2121 * Write to one of the 4 programmable 24-bit RF registers.
2124 rt2860_rf_write(struct rt2860_softc *sc, uint8_t reg, uint32_t val)
2129 for (ntries = 0; ntries < 100; ntries++) {
2130 if (!(RAL_READ(sc, RT2860_RF_CSR_CFG0) & RT2860_RF_REG_CTRL))
2134 if (ntries == 100) {
2135 device_printf(sc->sc_dev, "could not write to RF\n");
2139 /* RF registers are 24-bit on the RT2860 */
2140 tmp = RT2860_RF_REG_CTRL | 24 << RT2860_RF_REG_WIDTH_SHIFT |
2141 (val & 0x3fffff) << 2 | (reg & 3);
2142 RAL_WRITE(sc, RT2860_RF_CSR_CFG0, tmp);
2146 rt3090_rf_read(struct rt2860_softc *sc, uint8_t reg)
2151 for (ntries = 0; ntries < 100; ntries++) {
2152 if (!(RAL_READ(sc, RT3070_RF_CSR_CFG) & RT3070_RF_KICK))
2156 if (ntries == 100) {
2157 device_printf(sc->sc_dev, "could not read RF register\n");
2160 tmp = RT3070_RF_KICK | reg << 8;
2161 RAL_WRITE(sc, RT3070_RF_CSR_CFG, tmp);
2163 for (ntries = 0; ntries < 100; ntries++) {
2164 tmp = RAL_READ(sc, RT3070_RF_CSR_CFG);
2165 if (!(tmp & RT3070_RF_KICK))
2169 if (ntries == 100) {
2170 device_printf(sc->sc_dev, "could not read RF register\n");
2177 rt3090_rf_write(struct rt2860_softc *sc, uint8_t reg, uint8_t val)
2182 for (ntries = 0; ntries < 10; ntries++) {
2183 if (!(RAL_READ(sc, RT3070_RF_CSR_CFG) & RT3070_RF_KICK))
2188 device_printf(sc->sc_dev, "could not write to RF\n");
2192 tmp = RT3070_RF_WRITE | RT3070_RF_KICK | reg << 8 | val;
2193 RAL_WRITE(sc, RT3070_RF_CSR_CFG, tmp);
2197 * Send a command to the 8051 microcontroller unit.
2200 rt2860_mcu_cmd(struct rt2860_softc *sc, uint8_t cmd, uint16_t arg, int wait)
2206 for (ntries = 0; ntries < 100; ntries++) {
2207 if (!(RAL_READ(sc, RT2860_H2M_MAILBOX) & RT2860_H2M_BUSY))
2214 cid = wait ? cmd : RT2860_TOKEN_NO_INTR;
2215 RAL_WRITE(sc, RT2860_H2M_MAILBOX, RT2860_H2M_BUSY | cid << 16 | arg);
2216 RAL_BARRIER_WRITE(sc);
2217 RAL_WRITE(sc, RT2860_HOST_CMD, cmd);
2221 /* wait for the command to complete */
2222 for (ntries = 0; ntries < 200; ntries++) {
2223 tmp = RAL_READ(sc, RT2860_H2M_MAILBOX_CID);
2224 /* find the command slot */
2225 for (slot = 0; slot < 4; slot++, tmp >>= 8)
2226 if ((tmp & 0xff) == cid)
2232 if (ntries == 200) {
2233 /* clear command and status */
2234 RAL_WRITE(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff);
2235 RAL_WRITE(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff);
2238 /* get command status (1 means success) */
2239 tmp = RAL_READ(sc, RT2860_H2M_MAILBOX_STATUS);
2240 tmp = (tmp >> (slot * 8)) & 0xff;
2241 DPRINTF(("MCU command=0x%02x slot=%d status=0x%02x\n",
2243 /* clear command and status */
2244 RAL_WRITE(sc, RT2860_H2M_MAILBOX_STATUS, 0xffffffff);
2245 RAL_WRITE(sc, RT2860_H2M_MAILBOX_CID, 0xffffffff);
2246 return (tmp == 1) ? 0 : EIO;
2250 rt2860_enable_mrr(struct rt2860_softc *sc)
2252 #define CCK(mcs) (mcs)
2253 #define OFDM(mcs) (1 << 3 | (mcs))
2254 RAL_WRITE(sc, RT2860_LG_FBK_CFG0,
2255 OFDM(6) << 28 | /* 54->48 */
2256 OFDM(5) << 24 | /* 48->36 */
2257 OFDM(4) << 20 | /* 36->24 */
2258 OFDM(3) << 16 | /* 24->18 */
2259 OFDM(2) << 12 | /* 18->12 */
2260 OFDM(1) << 8 | /* 12-> 9 */
2261 OFDM(0) << 4 | /* 9-> 6 */
2262 OFDM(0)); /* 6-> 6 */
2264 RAL_WRITE(sc, RT2860_LG_FBK_CFG1,
2265 CCK(2) << 12 | /* 11->5.5 */
2266 CCK(1) << 8 | /* 5.5-> 2 */
2267 CCK(0) << 4 | /* 2-> 1 */
2268 CCK(0)); /* 1-> 1 */
2274 rt2860_set_txpreamble(struct rt2860_softc *sc)
2276 struct ifnet *ifp = sc->sc_ifp;
2277 struct ieee80211com *ic = ifp->if_l2com;
2280 tmp = RAL_READ(sc, RT2860_AUTO_RSP_CFG);
2281 tmp &= ~RT2860_CCK_SHORT_EN;
2282 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE)
2283 tmp |= RT2860_CCK_SHORT_EN;
2284 RAL_WRITE(sc, RT2860_AUTO_RSP_CFG, tmp);
2288 rt2860_set_basicrates(struct rt2860_softc *sc,
2289 const struct ieee80211_rateset *rs)
2291 #define RV(r) ((r) & IEEE80211_RATE_VAL)
2292 struct ifnet *ifp = sc->sc_ifp;
2293 struct ieee80211com *ic = ifp->if_l2com;
2298 for (i = 0; i < rs->rs_nrates; i++) {
2299 rate = rs->rs_rates[i];
2301 if (!(rate & IEEE80211_RATE_BASIC))
2304 mask |= 1 << ic->ic_rt->rateCodeToIndex[RV(rate)];
2307 RAL_WRITE(sc, RT2860_LEGACY_BASIC_RATE, mask);
2312 rt2860_scan_start(struct ieee80211com *ic)
2314 struct ifnet *ifp = ic->ic_ifp;
2315 struct rt2860_softc *sc = ifp->if_softc;
2318 tmp = RAL_READ(sc, RT2860_BCN_TIME_CFG);
2319 RAL_WRITE(sc, RT2860_BCN_TIME_CFG,
2320 tmp & ~(RT2860_BCN_TX_EN | RT2860_TSF_TIMER_EN |
2321 RT2860_TBTT_TIMER_EN));
2322 rt2860_set_gp_timer(sc, 0);
2326 rt2860_scan_end(struct ieee80211com *ic)
2328 struct ifnet *ifp = ic->ic_ifp;
2329 struct rt2860_softc *sc = ifp->if_softc;
2330 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
2332 if (vap->iv_state == IEEE80211_S_RUN) {
2333 rt2860_enable_tsf_sync(sc);
2334 rt2860_set_gp_timer(sc, 500);
2339 rt2860_set_channel(struct ieee80211com *ic)
2341 struct ifnet *ifp = ic->ic_ifp;
2342 struct rt2860_softc *sc = ifp->if_softc;
2344 rt2860_switch_chan(sc, ic->ic_curchan);
2348 rt2860_select_chan_group(struct rt2860_softc *sc, int group)
2353 rt2860_mcu_bbp_write(sc, 62, 0x37 - sc->lna[group]);
2354 rt2860_mcu_bbp_write(sc, 63, 0x37 - sc->lna[group]);
2355 rt2860_mcu_bbp_write(sc, 64, 0x37 - sc->lna[group]);
2356 rt2860_mcu_bbp_write(sc, 86, 0x00);
2359 if (sc->ext_2ghz_lna) {
2360 rt2860_mcu_bbp_write(sc, 82, 0x62);
2361 rt2860_mcu_bbp_write(sc, 75, 0x46);
2363 rt2860_mcu_bbp_write(sc, 82, 0x84);
2364 rt2860_mcu_bbp_write(sc, 75, 0x50);
2367 if (sc->ext_5ghz_lna) {
2368 rt2860_mcu_bbp_write(sc, 82, 0xf2);
2369 rt2860_mcu_bbp_write(sc, 75, 0x46);
2371 rt2860_mcu_bbp_write(sc, 82, 0xf2);
2372 rt2860_mcu_bbp_write(sc, 75, 0x50);
2376 tmp = RAL_READ(sc, RT2860_TX_BAND_CFG);
2377 tmp &= ~(RT2860_5G_BAND_SEL_N | RT2860_5G_BAND_SEL_P);
2378 tmp |= (group == 0) ? RT2860_5G_BAND_SEL_N : RT2860_5G_BAND_SEL_P;
2379 RAL_WRITE(sc, RT2860_TX_BAND_CFG, tmp);
2381 /* enable appropriate Power Amplifiers and Low Noise Amplifiers */
2382 tmp = RT2860_RFTR_EN | RT2860_TRSW_EN | RT2860_LNA_PE0_EN;
2383 if (sc->nrxchains > 1)
2384 tmp |= RT2860_LNA_PE1_EN;
2385 if (sc->mac_ver == 0x3593 && sc->nrxchains > 2)
2386 tmp |= RT3593_LNA_PE2_EN;
2387 if (group == 0) { /* 2GHz */
2388 tmp |= RT2860_PA_PE_G0_EN;
2389 if (sc->ntxchains > 1)
2390 tmp |= RT2860_PA_PE_G1_EN;
2391 if (sc->mac_ver == 0x3593 && sc->ntxchains > 2)
2392 tmp |= RT3593_PA_PE_G2_EN;
2394 tmp |= RT2860_PA_PE_A0_EN;
2395 if (sc->ntxchains > 1)
2396 tmp |= RT2860_PA_PE_A1_EN;
2397 if (sc->mac_ver == 0x3593 && sc->ntxchains > 2)
2398 tmp |= RT3593_PA_PE_A2_EN;
2400 RAL_WRITE(sc, RT2860_TX_PIN_CFG, tmp);
2402 if (sc->mac_ver == 0x3593) {
2403 tmp = RAL_READ(sc, RT2860_GPIO_CTRL);
2404 if (sc->sc_flags & RT2860_PCIE) {
2413 tmp = (tmp & ~0x00001000) | 0x00000010;
2414 RAL_WRITE(sc, RT2860_GPIO_CTRL, tmp);
2417 /* set initial AGC value */
2418 if (group == 0) { /* 2GHz band */
2419 if (sc->mac_ver >= 0x3071)
2420 agc = 0x1c + sc->lna[0] * 2;
2422 agc = 0x2e + sc->lna[0];
2423 } else { /* 5GHz band */
2424 agc = 0x32 + (sc->lna[group] * 5) / 3;
2426 rt2860_mcu_bbp_write(sc, 66, agc);
2432 rt2860_set_chan(struct rt2860_softc *sc, u_int chan)
2434 const struct rfprog *rfprog = rt2860_rf2850;
2435 uint32_t r2, r3, r4;
2436 int8_t txpow1, txpow2;
2439 /* find the settings for this channel (we know it exists) */
2440 for (i = 0; rfprog[i].chan != chan; i++);
2443 if (sc->ntxchains == 1)
2444 r2 |= 1 << 12; /* 1T: disable Tx chain 2 */
2445 if (sc->nrxchains == 1)
2446 r2 |= 1 << 15 | 1 << 4; /* 1R: disable Rx chains 2 & 3 */
2447 else if (sc->nrxchains == 2)
2448 r2 |= 1 << 4; /* 2R: disable Rx chain 3 */
2450 /* use Tx power values from EEPROM */
2451 txpow1 = sc->txpow1[i];
2452 txpow2 = sc->txpow2[i];
2455 txpow1 = txpow1 << 1 | 1;
2457 txpow1 = (7 + txpow1) << 1;
2459 txpow2 = txpow2 << 1 | 1;
2461 txpow2 = (7 + txpow2) << 1;
2463 r3 = rfprog[i].r3 | txpow1 << 7;
2464 r4 = rfprog[i].r4 | sc->freq << 13 | txpow2 << 4;
2466 rt2860_rf_write(sc, RT2860_RF1, rfprog[i].r1);
2467 rt2860_rf_write(sc, RT2860_RF2, r2);
2468 rt2860_rf_write(sc, RT2860_RF3, r3);
2469 rt2860_rf_write(sc, RT2860_RF4, r4);
2473 rt2860_rf_write(sc, RT2860_RF1, rfprog[i].r1);
2474 rt2860_rf_write(sc, RT2860_RF2, r2);
2475 rt2860_rf_write(sc, RT2860_RF3, r3 | 1);
2476 rt2860_rf_write(sc, RT2860_RF4, r4);
2480 rt2860_rf_write(sc, RT2860_RF1, rfprog[i].r1);
2481 rt2860_rf_write(sc, RT2860_RF2, r2);
2482 rt2860_rf_write(sc, RT2860_RF3, r3);
2483 rt2860_rf_write(sc, RT2860_RF4, r4);
2487 rt3090_set_chan(struct rt2860_softc *sc, u_int chan)
2489 int8_t txpow1, txpow2;
2493 /* RT3090 is 2GHz only */
2494 KASSERT(chan >= 1 && chan <= 14, ("chan %d not support", chan));
2496 /* find the settings for this channel (we know it exists) */
2497 for (i = 0; rt2860_rf2850[i].chan != chan; i++);
2499 /* use Tx power values from EEPROM */
2500 txpow1 = sc->txpow1[i];
2501 txpow2 = sc->txpow2[i];
2503 rt3090_rf_write(sc, 2, rt3090_freqs[i].n);
2504 rf = rt3090_rf_read(sc, 3);
2505 rf = (rf & ~0x0f) | rt3090_freqs[i].k;
2506 rt3090_rf_write(sc, 3, rf);
2507 rf = rt3090_rf_read(sc, 6);
2508 rf = (rf & ~0x03) | rt3090_freqs[i].r;
2509 rt3090_rf_write(sc, 6, rf);
2512 rf = rt3090_rf_read(sc, 12);
2513 rf = (rf & ~0x1f) | txpow1;
2514 rt3090_rf_write(sc, 12, rf);
2517 rf = rt3090_rf_read(sc, 13);
2518 rf = (rf & ~0x1f) | txpow2;
2519 rt3090_rf_write(sc, 13, rf);
2521 rf = rt3090_rf_read(sc, 1);
2523 if (sc->ntxchains == 1)
2524 rf |= RT3070_TX1_PD | RT3070_TX2_PD;
2525 else if (sc->ntxchains == 2)
2526 rf |= RT3070_TX2_PD;
2527 if (sc->nrxchains == 1)
2528 rf |= RT3070_RX1_PD | RT3070_RX2_PD;
2529 else if (sc->nrxchains == 2)
2530 rf |= RT3070_RX2_PD;
2531 rt3090_rf_write(sc, 1, rf);
2534 rf = rt3090_rf_read(sc, 23);
2535 rf = (rf & ~0x7f) | sc->freq;
2536 rt3090_rf_write(sc, 23, rf);
2538 /* program RF filter */
2539 rf = rt3090_rf_read(sc, 24); /* Tx */
2540 rf = (rf & ~0x3f) | sc->rf24_20mhz;
2541 rt3090_rf_write(sc, 24, rf);
2542 rf = rt3090_rf_read(sc, 31); /* Rx */
2543 rf = (rf & ~0x3f) | sc->rf24_20mhz;
2544 rt3090_rf_write(sc, 31, rf);
2546 /* enable RF tuning */
2547 rf = rt3090_rf_read(sc, 7);
2548 rt3090_rf_write(sc, 7, rf | RT3070_TUNE);
2552 rt3090_rf_init(struct rt2860_softc *sc)
2554 #define N(a) (sizeof (a) / sizeof ((a)[0]))
2559 rf = rt3090_rf_read(sc, 30);
2560 /* toggle RF R30 bit 7 */
2561 rt3090_rf_write(sc, 30, rf | 0x80);
2563 rt3090_rf_write(sc, 30, rf & ~0x80);
2565 tmp = RAL_READ(sc, RT3070_LDO_CFG0);
2567 if (sc->patch_dac && sc->mac_rev < 0x0211)
2568 tmp |= 0x0d000000; /* 1.35V */
2570 tmp |= 0x01000000; /* 1.2V */
2571 RAL_WRITE(sc, RT3070_LDO_CFG0, tmp);
2573 /* patch LNA_PE_G1 */
2574 tmp = RAL_READ(sc, RT3070_GPIO_SWITCH);
2575 RAL_WRITE(sc, RT3070_GPIO_SWITCH, tmp & ~0x20);
2577 /* initialize RF registers to default value */
2578 for (i = 0; i < N(rt3090_def_rf); i++) {
2579 rt3090_rf_write(sc, rt3090_def_rf[i].reg,
2580 rt3090_def_rf[i].val);
2583 /* select 20MHz bandwidth */
2584 rt3090_rf_write(sc, 31, 0x14);
2586 rf = rt3090_rf_read(sc, 6);
2587 rt3090_rf_write(sc, 6, rf | 0x40);
2589 if (sc->mac_ver != 0x3593) {
2590 /* calibrate filter for 20MHz bandwidth */
2591 sc->rf24_20mhz = 0x1f; /* default value */
2592 rt3090_filter_calib(sc, 0x07, 0x16, &sc->rf24_20mhz);
2594 /* select 40MHz bandwidth */
2595 bbp = rt2860_mcu_bbp_read(sc, 4);
2596 rt2860_mcu_bbp_write(sc, 4, (bbp & ~0x08) | 0x10);
2597 rf = rt3090_rf_read(sc, 31);
2598 rt3090_rf_write(sc, 31, rf | 0x20);
2600 /* calibrate filter for 40MHz bandwidth */
2601 sc->rf24_40mhz = 0x2f; /* default value */
2602 rt3090_filter_calib(sc, 0x27, 0x19, &sc->rf24_40mhz);
2604 /* go back to 20MHz bandwidth */
2605 bbp = rt2860_mcu_bbp_read(sc, 4);
2606 rt2860_mcu_bbp_write(sc, 4, bbp & ~0x18);
2608 if (sc->mac_rev < 0x0211)
2609 rt3090_rf_write(sc, 27, 0x03);
2611 tmp = RAL_READ(sc, RT3070_OPT_14);
2612 RAL_WRITE(sc, RT3070_OPT_14, tmp | 1);
2614 if (sc->rf_rev == RT3070_RF_3020)
2615 rt3090_set_rx_antenna(sc, 0);
2617 bbp = rt2860_mcu_bbp_read(sc, 138);
2618 if (sc->mac_ver == 0x3593) {
2619 if (sc->ntxchains == 1)
2620 bbp |= 0x60; /* turn off DAC1 and DAC2 */
2621 else if (sc->ntxchains == 2)
2622 bbp |= 0x40; /* turn off DAC2 */
2623 if (sc->nrxchains == 1)
2624 bbp &= ~0x06; /* turn off ADC1 and ADC2 */
2625 else if (sc->nrxchains == 2)
2626 bbp &= ~0x04; /* turn off ADC2 */
2628 if (sc->ntxchains == 1)
2629 bbp |= 0x20; /* turn off DAC1 */
2630 if (sc->nrxchains == 1)
2631 bbp &= ~0x02; /* turn off ADC1 */
2633 rt2860_mcu_bbp_write(sc, 138, bbp);
2635 rf = rt3090_rf_read(sc, 1);
2636 rf &= ~(RT3070_RX0_PD | RT3070_TX0_PD);
2637 rf |= RT3070_RF_BLOCK | RT3070_RX1_PD | RT3070_TX1_PD;
2638 rt3090_rf_write(sc, 1, rf);
2640 rf = rt3090_rf_read(sc, 15);
2641 rt3090_rf_write(sc, 15, rf & ~RT3070_TX_LO2);
2643 rf = rt3090_rf_read(sc, 17);
2644 rf &= ~RT3070_TX_LO1;
2645 if (sc->mac_rev >= 0x0211 && !sc->ext_2ghz_lna)
2646 rf |= 0x20; /* fix for long range Rx issue */
2647 if (sc->txmixgain_2ghz >= 2)
2648 rf = (rf & ~0x7) | sc->txmixgain_2ghz;
2649 rt3090_rf_write(sc, 17, rf);
2651 rf = rt3090_rf_read(sc, 20);
2652 rt3090_rf_write(sc, 20, rf & ~RT3070_RX_LO1);
2654 rf = rt3090_rf_read(sc, 21);
2655 rt3090_rf_write(sc, 21, rf & ~RT3070_RX_LO2);
2662 rt3090_rf_wakeup(struct rt2860_softc *sc)
2667 if (sc->mac_ver == 0x3593) {
2669 rf = rt3090_rf_read(sc, 1);
2670 rt3090_rf_write(sc, 1, rf | RT3593_VCO);
2672 /* initiate VCO calibration */
2673 rf = rt3090_rf_read(sc, 3);
2674 rt3090_rf_write(sc, 3, rf | RT3593_VCOCAL);
2676 /* enable VCO bias current control */
2677 rf = rt3090_rf_read(sc, 6);
2678 rt3090_rf_write(sc, 6, rf | RT3593_VCO_IC);
2680 /* initiate res calibration */
2681 rf = rt3090_rf_read(sc, 2);
2682 rt3090_rf_write(sc, 2, rf | RT3593_RESCAL);
2684 /* set reference current control to 0.33 mA */
2685 rf = rt3090_rf_read(sc, 22);
2686 rf &= ~RT3593_CP_IC_MASK;
2687 rf |= 1 << RT3593_CP_IC_SHIFT;
2688 rt3090_rf_write(sc, 22, rf);
2691 rf = rt3090_rf_read(sc, 46);
2692 rt3090_rf_write(sc, 46, rf | RT3593_RX_CTB);
2694 rf = rt3090_rf_read(sc, 20);
2695 rf &= ~(RT3593_LDO_RF_VC_MASK | RT3593_LDO_PLL_VC_MASK);
2696 rt3090_rf_write(sc, 20, rf);
2698 /* enable RF block */
2699 rf = rt3090_rf_read(sc, 1);
2700 rt3090_rf_write(sc, 1, rf | RT3070_RF_BLOCK);
2702 /* enable VCO bias current control */
2703 rf = rt3090_rf_read(sc, 7);
2704 rt3090_rf_write(sc, 7, rf | 0x30);
2706 rf = rt3090_rf_read(sc, 9);
2707 rt3090_rf_write(sc, 9, rf | 0x0e);
2710 rf = rt3090_rf_read(sc, 21);
2711 rt3090_rf_write(sc, 21, rf | RT3070_RX_CTB);
2713 /* fix Tx to Rx IQ glitch by raising RF voltage */
2714 rf = rt3090_rf_read(sc, 27);
2716 if (sc->mac_rev < 0x0211)
2718 rt3090_rf_write(sc, 27, rf);
2720 if (sc->patch_dac && sc->mac_rev < 0x0211) {
2721 tmp = RAL_READ(sc, RT3070_LDO_CFG0);
2722 tmp = (tmp & ~0x1f000000) | 0x0d000000;
2723 RAL_WRITE(sc, RT3070_LDO_CFG0, tmp);
2728 rt3090_filter_calib(struct rt2860_softc *sc, uint8_t init, uint8_t target,
2732 uint8_t bbp55_pb, bbp55_sb, delta;
2735 /* program filter */
2736 rf24 = rt3090_rf_read(sc, 24);
2737 rf24 = (rf24 & 0xc0) | init; /* initial filter value */
2738 rt3090_rf_write(sc, 24, rf24);
2740 /* enable baseband loopback mode */
2741 rf22 = rt3090_rf_read(sc, 22);
2742 rt3090_rf_write(sc, 22, rf22 | RT3070_BB_LOOPBACK);
2744 /* set power and frequency of passband test tone */
2745 rt2860_mcu_bbp_write(sc, 24, 0x00);
2746 for (ntries = 0; ntries < 100; ntries++) {
2747 /* transmit test tone */
2748 rt2860_mcu_bbp_write(sc, 25, 0x90);
2750 /* read received power */
2751 bbp55_pb = rt2860_mcu_bbp_read(sc, 55);
2758 /* set power and frequency of stopband test tone */
2759 rt2860_mcu_bbp_write(sc, 24, 0x06);
2760 for (ntries = 0; ntries < 100; ntries++) {
2761 /* transmit test tone */
2762 rt2860_mcu_bbp_write(sc, 25, 0x90);
2764 /* read received power */
2765 bbp55_sb = rt2860_mcu_bbp_read(sc, 55);
2767 delta = bbp55_pb - bbp55_sb;
2771 /* reprogram filter */
2773 rt3090_rf_write(sc, 24, rf24);
2777 rf24--; /* backtrack */
2779 rt3090_rf_write(sc, 24, rf24);
2782 /* restore initial state */
2783 rt2860_mcu_bbp_write(sc, 24, 0x00);
2785 /* disable baseband loopback mode */
2786 rf22 = rt3090_rf_read(sc, 22);
2787 rt3090_rf_write(sc, 22, rf22 & ~RT3070_BB_LOOPBACK);
2793 rt3090_rf_setup(struct rt2860_softc *sc)
2798 if (sc->mac_rev >= 0x0211) {
2799 /* enable DC filter */
2800 rt2860_mcu_bbp_write(sc, 103, 0xc0);
2802 /* improve power consumption */
2803 bbp = rt2860_mcu_bbp_read(sc, 31);
2804 rt2860_mcu_bbp_write(sc, 31, bbp & ~0x03);
2807 RAL_WRITE(sc, RT2860_TX_SW_CFG1, 0);
2808 if (sc->mac_rev < 0x0211) {
2809 RAL_WRITE(sc, RT2860_TX_SW_CFG2,
2810 sc->patch_dac ? 0x2c : 0x0f);
2812 RAL_WRITE(sc, RT2860_TX_SW_CFG2, 0);
2814 /* initialize RF registers from ROM */
2815 for (i = 0; i < 10; i++) {
2816 if (sc->rf[i].reg == 0 || sc->rf[i].reg == 0xff)
2818 rt3090_rf_write(sc, sc->rf[i].reg, sc->rf[i].val);
2823 rt2860_set_leds(struct rt2860_softc *sc, uint16_t which)
2825 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_LEDS,
2826 which | (sc->leds & 0x7f), 0);
2830 * Hardware has a general-purpose programmable timer interrupt that can
2831 * periodically raise MAC_INT_4.
2834 rt2860_set_gp_timer(struct rt2860_softc *sc, int ms)
2838 /* disable GP timer before reprogramming it */
2839 tmp = RAL_READ(sc, RT2860_INT_TIMER_EN);
2840 RAL_WRITE(sc, RT2860_INT_TIMER_EN, tmp & ~RT2860_GP_TIMER_EN);
2845 tmp = RAL_READ(sc, RT2860_INT_TIMER_CFG);
2846 ms *= 16; /* Unit: 64us */
2847 tmp = (tmp & 0xffff) | ms << RT2860_GP_TIMER_SHIFT;
2848 RAL_WRITE(sc, RT2860_INT_TIMER_CFG, tmp);
2850 /* enable GP timer */
2851 tmp = RAL_READ(sc, RT2860_INT_TIMER_EN);
2852 RAL_WRITE(sc, RT2860_INT_TIMER_EN, tmp | RT2860_GP_TIMER_EN);
2856 rt2860_set_bssid(struct rt2860_softc *sc, const uint8_t *bssid)
2858 RAL_WRITE(sc, RT2860_MAC_BSSID_DW0,
2859 bssid[0] | bssid[1] << 8 | bssid[2] << 16 | bssid[3] << 24);
2860 RAL_WRITE(sc, RT2860_MAC_BSSID_DW1,
2861 bssid[4] | bssid[5] << 8);
2865 rt2860_set_macaddr(struct rt2860_softc *sc, const uint8_t *addr)
2867 RAL_WRITE(sc, RT2860_MAC_ADDR_DW0,
2868 addr[0] | addr[1] << 8 | addr[2] << 16 | addr[3] << 24);
2869 RAL_WRITE(sc, RT2860_MAC_ADDR_DW1,
2870 addr[4] | addr[5] << 8 | 0xff << 16);
2874 rt2860_updateslot(struct ifnet *ifp)
2876 struct rt2860_softc *sc = ifp->if_softc;
2877 struct ieee80211com *ic = ifp->if_l2com;
2880 tmp = RAL_READ(sc, RT2860_BKOFF_SLOT_CFG);
2882 tmp |= (ic->ic_flags & IEEE80211_F_SHSLOT) ? 9 : 20;
2883 RAL_WRITE(sc, RT2860_BKOFF_SLOT_CFG, tmp);
2887 rt2860_updateprot(struct ifnet *ifp)
2889 struct rt2860_softc *sc = ifp->if_softc;
2890 struct ieee80211com *ic = ifp->if_l2com;
2893 tmp = RT2860_RTSTH_EN | RT2860_PROT_NAV_SHORT | RT2860_TXOP_ALLOW_ALL;
2894 /* setup protection frame rate (MCS code) */
2895 tmp |= IEEE80211_IS_CHAN_5GHZ(ic->ic_curchan) ?
2896 rt2860_rates[RT2860_RIDX_OFDM6].mcs :
2897 rt2860_rates[RT2860_RIDX_CCK11].mcs;
2899 /* CCK frames don't require protection */
2900 RAL_WRITE(sc, RT2860_CCK_PROT_CFG, tmp);
2902 if (ic->ic_flags & IEEE80211_F_USEPROT) {
2903 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS)
2904 tmp |= RT2860_PROT_CTRL_RTS_CTS;
2905 else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY)
2906 tmp |= RT2860_PROT_CTRL_CTS;
2908 RAL_WRITE(sc, RT2860_OFDM_PROT_CFG, tmp);
2912 rt2860_update_promisc(struct ifnet *ifp)
2914 struct rt2860_softc *sc = ifp->if_softc;
2917 tmp = RAL_READ(sc, RT2860_RX_FILTR_CFG);
2918 tmp &= ~RT2860_DROP_NOT_MYBSS;
2919 if (!(ifp->if_flags & IFF_PROMISC))
2920 tmp |= RT2860_DROP_NOT_MYBSS;
2921 RAL_WRITE(sc, RT2860_RX_FILTR_CFG, tmp);
2925 rt2860_updateedca(struct ieee80211com *ic)
2927 struct rt2860_softc *sc = ic->ic_ifp->if_softc;
2928 const struct wmeParams *wmep;
2931 wmep = ic->ic_wme.wme_chanParams.cap_wmeParams;
2933 /* update MAC TX configuration registers */
2934 for (aci = 0; aci < WME_NUM_AC; aci++) {
2935 RAL_WRITE(sc, RT2860_EDCA_AC_CFG(aci),
2936 wmep[aci].wmep_logcwmax << 16 |
2937 wmep[aci].wmep_logcwmin << 12 |
2938 wmep[aci].wmep_aifsn << 8 |
2939 wmep[aci].wmep_txopLimit);
2942 /* update SCH/DMA registers too */
2943 RAL_WRITE(sc, RT2860_WMM_AIFSN_CFG,
2944 wmep[WME_AC_VO].wmep_aifsn << 12 |
2945 wmep[WME_AC_VI].wmep_aifsn << 8 |
2946 wmep[WME_AC_BK].wmep_aifsn << 4 |
2947 wmep[WME_AC_BE].wmep_aifsn);
2948 RAL_WRITE(sc, RT2860_WMM_CWMIN_CFG,
2949 wmep[WME_AC_VO].wmep_logcwmin << 12 |
2950 wmep[WME_AC_VI].wmep_logcwmin << 8 |
2951 wmep[WME_AC_BK].wmep_logcwmin << 4 |
2952 wmep[WME_AC_BE].wmep_logcwmin);
2953 RAL_WRITE(sc, RT2860_WMM_CWMAX_CFG,
2954 wmep[WME_AC_VO].wmep_logcwmax << 12 |
2955 wmep[WME_AC_VI].wmep_logcwmax << 8 |
2956 wmep[WME_AC_BK].wmep_logcwmax << 4 |
2957 wmep[WME_AC_BE].wmep_logcwmax);
2958 RAL_WRITE(sc, RT2860_WMM_TXOP0_CFG,
2959 wmep[WME_AC_BK].wmep_txopLimit << 16 |
2960 wmep[WME_AC_BE].wmep_txopLimit);
2961 RAL_WRITE(sc, RT2860_WMM_TXOP1_CFG,
2962 wmep[WME_AC_VO].wmep_txopLimit << 16 |
2963 wmep[WME_AC_VI].wmep_txopLimit);
2970 rt2860_set_key(struct ieee80211com *ic, struct ieee80211_node *ni,
2971 struct ieee80211_key *k)
2973 struct rt2860_softc *sc = ic->ic_softc;
2976 uint8_t mode, wcid, iv[8];
2978 /* defer setting of WEP keys until interface is brought up */
2979 if ((ic->ic_if.if_flags & (IFF_UP | IFF_RUNNING)) !=
2980 (IFF_UP | IFF_RUNNING))
2983 /* map net80211 cipher to RT2860 security mode */
2984 switch (k->k_cipher) {
2985 case IEEE80211_CIPHER_WEP40:
2986 mode = RT2860_MODE_WEP40;
2988 case IEEE80211_CIPHER_WEP104:
2989 mode = RT2860_MODE_WEP104;
2991 case IEEE80211_CIPHER_TKIP:
2992 mode = RT2860_MODE_TKIP;
2994 case IEEE80211_CIPHER_CCMP:
2995 mode = RT2860_MODE_AES_CCMP;
3001 if (k->k_flags & IEEE80211_KEY_GROUP) {
3002 wcid = 0; /* NB: update WCID0 for group keys */
3003 base = RT2860_SKEY(0, k->k_id);
3005 wcid = ((struct rt2860_node *)ni)->wcid;
3006 base = RT2860_PKEY(wcid);
3009 if (k->k_cipher == IEEE80211_CIPHER_TKIP) {
3010 RAL_WRITE_REGION_1(sc, base, k->k_key, 16);
3011 #ifndef IEEE80211_STA_ONLY
3012 if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
3013 RAL_WRITE_REGION_1(sc, base + 16, &k->k_key[16], 8);
3014 RAL_WRITE_REGION_1(sc, base + 24, &k->k_key[24], 8);
3018 RAL_WRITE_REGION_1(sc, base + 16, &k->k_key[24], 8);
3019 RAL_WRITE_REGION_1(sc, base + 24, &k->k_key[16], 8);
3022 RAL_WRITE_REGION_1(sc, base, k->k_key, k->k_len);
3024 if (!(k->k_flags & IEEE80211_KEY_GROUP) ||
3025 (k->k_flags & IEEE80211_KEY_TX)) {
3026 /* set initial packet number in IV+EIV */
3027 if (k->k_cipher == IEEE80211_CIPHER_WEP40 ||
3028 k->k_cipher == IEEE80211_CIPHER_WEP104) {
3029 uint32_t val = arc4random();
3030 /* skip weak IVs from Fluhrer/Mantin/Shamir */
3031 if (val >= 0x03ff00 && (val & 0xf8ff00) == 0x00ff00)
3036 iv[3] = k->k_id << 6;
3037 iv[4] = iv[5] = iv[6] = iv[7] = 0;
3039 if (k->k_cipher == IEEE80211_CIPHER_TKIP) {
3040 iv[0] = k->k_tsc >> 8;
3041 iv[1] = (iv[0] | 0x20) & 0x7f;
3045 iv[1] = k->k_tsc >> 8;
3048 iv[3] = k->k_id << 6 | IEEE80211_WEP_EXTIV;
3049 iv[4] = k->k_tsc >> 16;
3050 iv[5] = k->k_tsc >> 24;
3051 iv[6] = k->k_tsc >> 32;
3052 iv[7] = k->k_tsc >> 40;
3054 RAL_WRITE_REGION_1(sc, RT2860_IVEIV(wcid), iv, 8);
3057 if (k->k_flags & IEEE80211_KEY_GROUP) {
3058 /* install group key */
3059 attr = RAL_READ(sc, RT2860_SKEY_MODE_0_7);
3060 attr &= ~(0xf << (k->k_id * 4));
3061 attr |= mode << (k->k_id * 4);
3062 RAL_WRITE(sc, RT2860_SKEY_MODE_0_7, attr);
3064 /* install pairwise key */
3065 attr = RAL_READ(sc, RT2860_WCID_ATTR(wcid));
3066 attr = (attr & ~0xf) | (mode << 1) | RT2860_RX_PKEY_EN;
3067 RAL_WRITE(sc, RT2860_WCID_ATTR(wcid), attr);
3073 rt2860_delete_key(struct ieee80211com *ic, struct ieee80211_node *ni,
3074 struct ieee80211_key *k)
3076 struct rt2860_softc *sc = ic->ic_softc;
3080 if (k->k_flags & IEEE80211_KEY_GROUP) {
3081 /* remove group key */
3082 attr = RAL_READ(sc, RT2860_SKEY_MODE_0_7);
3083 attr &= ~(0xf << (k->k_id * 4));
3084 RAL_WRITE(sc, RT2860_SKEY_MODE_0_7, attr);
3087 /* remove pairwise key */
3088 wcid = ((struct rt2860_node *)ni)->wcid;
3089 attr = RAL_READ(sc, RT2860_WCID_ATTR(wcid));
3091 RAL_WRITE(sc, RT2860_WCID_ATTR(wcid), attr);
3097 rt2860_rssi2dbm(struct rt2860_softc *sc, uint8_t rssi, uint8_t rxchain)
3099 struct ifnet *ifp = sc->sc_ifp;
3100 struct ieee80211com *ic = ifp->if_l2com;
3101 struct ieee80211_channel *c = ic->ic_curchan;
3104 if (IEEE80211_IS_CHAN_5GHZ(c)) {
3105 u_int chan = ieee80211_chan2ieee(ic, c);
3106 delta = sc->rssi_5ghz[rxchain];
3108 /* determine channel group */
3110 delta -= sc->lna[1];
3111 else if (chan <= 128)
3112 delta -= sc->lna[2];
3114 delta -= sc->lna[3];
3116 delta = sc->rssi_2ghz[rxchain] - sc->lna[0];
3118 return -12 - delta - rssi;
3122 * Add `delta' (signed) to each 4-bit sub-word of a 32-bit word.
3123 * Used to adjust per-rate Tx power registers.
3125 static __inline uint32_t
3126 b4inc(uint32_t b32, int8_t delta)
3130 for (i = 0; i < 8; i++) {
3137 b32 = b32 >> 4 | b4 << 28;
3143 rt2860_get_rf(uint8_t rev)
3146 case RT2860_RF_2820: return "RT2820";
3147 case RT2860_RF_2850: return "RT2850";
3148 case RT2860_RF_2720: return "RT2720";
3149 case RT2860_RF_2750: return "RT2750";
3150 case RT3070_RF_3020: return "RT3020";
3151 case RT3070_RF_2020: return "RT2020";
3152 case RT3070_RF_3021: return "RT3021";
3153 case RT3070_RF_3022: return "RT3022";
3154 case RT3070_RF_3052: return "RT3052";
3155 case RT3070_RF_3320: return "RT3320";
3156 case RT3070_RF_3053: return "RT3053";
3157 default: return "unknown";
3162 rt2860_read_eeprom(struct rt2860_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN])
3164 int8_t delta_2ghz, delta_5ghz;
3169 /* check whether the ROM is eFUSE ROM or EEPROM */
3170 sc->sc_srom_read = rt2860_eeprom_read_2;
3171 if (sc->mac_ver >= 0x3071) {
3172 tmp = RAL_READ(sc, RT3070_EFUSE_CTRL);
3173 DPRINTF(("EFUSE_CTRL=0x%08x\n", tmp));
3174 if (tmp & RT3070_SEL_EFUSE)
3175 sc->sc_srom_read = rt3090_efuse_read_2;
3178 /* read EEPROM version */
3179 val = rt2860_srom_read(sc, RT2860_EEPROM_VERSION);
3180 DPRINTF(("EEPROM rev=%d, FAE=%d\n", val & 0xff, val >> 8));
3182 /* read MAC address */
3183 val = rt2860_srom_read(sc, RT2860_EEPROM_MAC01);
3184 macaddr[0] = val & 0xff;
3185 macaddr[1] = val >> 8;
3186 val = rt2860_srom_read(sc, RT2860_EEPROM_MAC23);
3187 macaddr[2] = val & 0xff;
3188 macaddr[3] = val >> 8;
3189 val = rt2860_srom_read(sc, RT2860_EEPROM_MAC45);
3190 macaddr[4] = val & 0xff;
3191 macaddr[5] = val >> 8;
3193 /* read country code */
3194 val = rt2860_srom_read(sc, RT2860_EEPROM_COUNTRY);
3195 DPRINTF(("EEPROM region code=0x%04x\n", val));
3197 /* read vendor BBP settings */
3198 for (i = 0; i < 8; i++) {
3199 val = rt2860_srom_read(sc, RT2860_EEPROM_BBP_BASE + i);
3200 sc->bbp[i].val = val & 0xff;
3201 sc->bbp[i].reg = val >> 8;
3202 DPRINTF(("BBP%d=0x%02x\n", sc->bbp[i].reg, sc->bbp[i].val));
3204 if (sc->mac_ver >= 0x3071) {
3205 /* read vendor RF settings */
3206 for (i = 0; i < 10; i++) {
3207 val = rt2860_srom_read(sc, RT3071_EEPROM_RF_BASE + i);
3208 sc->rf[i].val = val & 0xff;
3209 sc->rf[i].reg = val >> 8;
3210 DPRINTF(("RF%d=0x%02x\n", sc->rf[i].reg,
3215 /* read RF frequency offset from EEPROM */
3216 val = rt2860_srom_read(sc, RT2860_EEPROM_FREQ_LEDS);
3217 sc->freq = ((val & 0xff) != 0xff) ? val & 0xff : 0;
3218 DPRINTF(("EEPROM freq offset %d\n", sc->freq & 0xff));
3219 if ((val >> 8) != 0xff) {
3220 /* read LEDs operating mode */
3221 sc->leds = val >> 8;
3222 sc->led[0] = rt2860_srom_read(sc, RT2860_EEPROM_LED1);
3223 sc->led[1] = rt2860_srom_read(sc, RT2860_EEPROM_LED2);
3224 sc->led[2] = rt2860_srom_read(sc, RT2860_EEPROM_LED3);
3226 /* broken EEPROM, use default settings */
3228 sc->led[0] = 0x5555;
3229 sc->led[1] = 0x2221;
3230 sc->led[2] = 0xa9f8;
3232 DPRINTF(("EEPROM LED mode=0x%02x, LEDs=0x%04x/0x%04x/0x%04x\n",
3233 sc->leds, sc->led[0], sc->led[1], sc->led[2]));
3235 /* read RF information */
3236 val = rt2860_srom_read(sc, RT2860_EEPROM_ANTENNA);
3237 if (val == 0xffff) {
3238 DPRINTF(("invalid EEPROM antenna info, using default\n"));
3239 if (sc->mac_ver == 0x3593) {
3240 /* default to RF3053 3T3R */
3241 sc->rf_rev = RT3070_RF_3053;
3244 } else if (sc->mac_ver >= 0x3071) {
3245 /* default to RF3020 1T1R */
3246 sc->rf_rev = RT3070_RF_3020;
3250 /* default to RF2820 1T2R */
3251 sc->rf_rev = RT2860_RF_2820;
3256 sc->rf_rev = (val >> 8) & 0xf;
3257 sc->ntxchains = (val >> 4) & 0xf;
3258 sc->nrxchains = val & 0xf;
3260 DPRINTF(("EEPROM RF rev=0x%02x chains=%dT%dR\n",
3261 sc->rf_rev, sc->ntxchains, sc->nrxchains));
3263 /* check if RF supports automatic Tx access gain control */
3264 val = rt2860_srom_read(sc, RT2860_EEPROM_CONFIG);
3265 DPRINTF(("EEPROM CFG 0x%04x\n", val));
3266 /* check if driver should patch the DAC issue */
3267 if ((val >> 8) != 0xff)
3268 sc->patch_dac = (val >> 15) & 1;
3269 if ((val & 0xff) != 0xff) {
3270 sc->ext_5ghz_lna = (val >> 3) & 1;
3271 sc->ext_2ghz_lna = (val >> 2) & 1;
3272 /* check if RF supports automatic Tx access gain control */
3273 sc->calib_2ghz = sc->calib_5ghz = 0; /* XXX (val >> 1) & 1 */;
3274 /* check if we have a hardware radio switch */
3275 sc->rfswitch = val & 1;
3277 if (sc->sc_flags & RT2860_ADVANCED_PS) {
3278 /* read PCIe power save level */
3279 val = rt2860_srom_read(sc, RT2860_EEPROM_PCIE_PSLEVEL);
3280 if ((val & 0xff) != 0xff) {
3281 sc->pslevel = val & 0x3;
3282 val = rt2860_srom_read(sc, RT2860_EEPROM_REV);
3283 if ((val & 0xff80) != 0x9280)
3284 sc->pslevel = MIN(sc->pslevel, 1);
3285 DPRINTF(("EEPROM PCIe PS Level=%d\n", sc->pslevel));
3289 /* read power settings for 2GHz channels */
3290 for (i = 0; i < 14; i += 2) {
3291 val = rt2860_srom_read(sc,
3292 RT2860_EEPROM_PWR2GHZ_BASE1 + i / 2);
3293 sc->txpow1[i + 0] = (int8_t)(val & 0xff);
3294 sc->txpow1[i + 1] = (int8_t)(val >> 8);
3296 val = rt2860_srom_read(sc,
3297 RT2860_EEPROM_PWR2GHZ_BASE2 + i / 2);
3298 sc->txpow2[i + 0] = (int8_t)(val & 0xff);
3299 sc->txpow2[i + 1] = (int8_t)(val >> 8);
3301 /* fix broken Tx power entries */
3302 for (i = 0; i < 14; i++) {
3303 if (sc->txpow1[i] < 0 || sc->txpow1[i] > 31)
3305 if (sc->txpow2[i] < 0 || sc->txpow2[i] > 31)
3307 DPRINTF(("chan %d: power1=%d, power2=%d\n",
3308 rt2860_rf2850[i].chan, sc->txpow1[i], sc->txpow2[i]));
3310 /* read power settings for 5GHz channels */
3311 for (i = 0; i < 40; i += 2) {
3312 val = rt2860_srom_read(sc,
3313 RT2860_EEPROM_PWR5GHZ_BASE1 + i / 2);
3314 sc->txpow1[i + 14] = (int8_t)(val & 0xff);
3315 sc->txpow1[i + 15] = (int8_t)(val >> 8);
3317 val = rt2860_srom_read(sc,
3318 RT2860_EEPROM_PWR5GHZ_BASE2 + i / 2);
3319 sc->txpow2[i + 14] = (int8_t)(val & 0xff);
3320 sc->txpow2[i + 15] = (int8_t)(val >> 8);
3322 /* fix broken Tx power entries */
3323 for (i = 0; i < 40; i++) {
3324 if (sc->txpow1[14 + i] < -7 || sc->txpow1[14 + i] > 15)
3325 sc->txpow1[14 + i] = 5;
3326 if (sc->txpow2[14 + i] < -7 || sc->txpow2[14 + i] > 15)
3327 sc->txpow2[14 + i] = 5;
3328 DPRINTF(("chan %d: power1=%d, power2=%d\n",
3329 rt2860_rf2850[14 + i].chan, sc->txpow1[14 + i],
3330 sc->txpow2[14 + i]));
3333 /* read Tx power compensation for each Tx rate */
3334 val = rt2860_srom_read(sc, RT2860_EEPROM_DELTAPWR);
3335 delta_2ghz = delta_5ghz = 0;
3336 if ((val & 0xff) != 0xff && (val & 0x80)) {
3337 delta_2ghz = val & 0xf;
3338 if (!(val & 0x40)) /* negative number */
3339 delta_2ghz = -delta_2ghz;
3342 if ((val & 0xff) != 0xff && (val & 0x80)) {
3343 delta_5ghz = val & 0xf;
3344 if (!(val & 0x40)) /* negative number */
3345 delta_5ghz = -delta_5ghz;
3347 DPRINTF(("power compensation=%d (2GHz), %d (5GHz)\n",
3348 delta_2ghz, delta_5ghz));
3350 for (ridx = 0; ridx < 5; ridx++) {
3353 val = rt2860_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2);
3355 val = rt2860_srom_read(sc, RT2860_EEPROM_RPWR + ridx * 2 + 1);
3356 reg |= (uint32_t)val << 16;
3358 sc->txpow20mhz[ridx] = reg;
3359 sc->txpow40mhz_2ghz[ridx] = b4inc(reg, delta_2ghz);
3360 sc->txpow40mhz_5ghz[ridx] = b4inc(reg, delta_5ghz);
3362 DPRINTF(("ridx %d: power 20MHz=0x%08x, 40MHz/2GHz=0x%08x, "
3363 "40MHz/5GHz=0x%08x\n", ridx, sc->txpow20mhz[ridx],
3364 sc->txpow40mhz_2ghz[ridx], sc->txpow40mhz_5ghz[ridx]));
3367 /* read factory-calibrated samples for temperature compensation */
3368 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI1_2GHZ);
3369 sc->tssi_2ghz[0] = val & 0xff; /* [-4] */
3370 sc->tssi_2ghz[1] = val >> 8; /* [-3] */
3371 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI2_2GHZ);
3372 sc->tssi_2ghz[2] = val & 0xff; /* [-2] */
3373 sc->tssi_2ghz[3] = val >> 8; /* [-1] */
3374 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI3_2GHZ);
3375 sc->tssi_2ghz[4] = val & 0xff; /* [+0] */
3376 sc->tssi_2ghz[5] = val >> 8; /* [+1] */
3377 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI4_2GHZ);
3378 sc->tssi_2ghz[6] = val & 0xff; /* [+2] */
3379 sc->tssi_2ghz[7] = val >> 8; /* [+3] */
3380 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI5_2GHZ);
3381 sc->tssi_2ghz[8] = val & 0xff; /* [+4] */
3382 sc->step_2ghz = val >> 8;
3383 DPRINTF(("TSSI 2GHz: 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x "
3384 "0x%02x 0x%02x step=%d\n", sc->tssi_2ghz[0], sc->tssi_2ghz[1],
3385 sc->tssi_2ghz[2], sc->tssi_2ghz[3], sc->tssi_2ghz[4],
3386 sc->tssi_2ghz[5], sc->tssi_2ghz[6], sc->tssi_2ghz[7],
3387 sc->tssi_2ghz[8], sc->step_2ghz));
3388 /* check that ref value is correct, otherwise disable calibration */
3389 if (sc->tssi_2ghz[4] == 0xff)
3392 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI1_5GHZ);
3393 sc->tssi_5ghz[0] = val & 0xff; /* [-4] */
3394 sc->tssi_5ghz[1] = val >> 8; /* [-3] */
3395 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI2_5GHZ);
3396 sc->tssi_5ghz[2] = val & 0xff; /* [-2] */
3397 sc->tssi_5ghz[3] = val >> 8; /* [-1] */
3398 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI3_5GHZ);
3399 sc->tssi_5ghz[4] = val & 0xff; /* [+0] */
3400 sc->tssi_5ghz[5] = val >> 8; /* [+1] */
3401 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI4_5GHZ);
3402 sc->tssi_5ghz[6] = val & 0xff; /* [+2] */
3403 sc->tssi_5ghz[7] = val >> 8; /* [+3] */
3404 val = rt2860_srom_read(sc, RT2860_EEPROM_TSSI5_5GHZ);
3405 sc->tssi_5ghz[8] = val & 0xff; /* [+4] */
3406 sc->step_5ghz = val >> 8;
3407 DPRINTF(("TSSI 5GHz: 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x "
3408 "0x%02x 0x%02x step=%d\n", sc->tssi_5ghz[0], sc->tssi_5ghz[1],
3409 sc->tssi_5ghz[2], sc->tssi_5ghz[3], sc->tssi_5ghz[4],
3410 sc->tssi_5ghz[5], sc->tssi_5ghz[6], sc->tssi_5ghz[7],
3411 sc->tssi_5ghz[8], sc->step_5ghz));
3412 /* check that ref value is correct, otherwise disable calibration */
3413 if (sc->tssi_5ghz[4] == 0xff)
3416 /* read RSSI offsets and LNA gains from EEPROM */
3417 val = rt2860_srom_read(sc, RT2860_EEPROM_RSSI1_2GHZ);
3418 sc->rssi_2ghz[0] = val & 0xff; /* Ant A */
3419 sc->rssi_2ghz[1] = val >> 8; /* Ant B */
3420 val = rt2860_srom_read(sc, RT2860_EEPROM_RSSI2_2GHZ);
3421 if (sc->mac_ver >= 0x3071) {
3423 * On RT3090 chips (limited to 2 Rx chains), this ROM
3424 * field contains the Tx mixer gain for the 2GHz band.
3426 if ((val & 0xff) != 0xff)
3427 sc->txmixgain_2ghz = val & 0x7;
3428 DPRINTF(("tx mixer gain=%u (2GHz)\n", sc->txmixgain_2ghz));
3430 sc->rssi_2ghz[2] = val & 0xff; /* Ant C */
3431 sc->lna[2] = val >> 8; /* channel group 2 */
3433 val = rt2860_srom_read(sc, RT2860_EEPROM_RSSI1_5GHZ);
3434 sc->rssi_5ghz[0] = val & 0xff; /* Ant A */
3435 sc->rssi_5ghz[1] = val >> 8; /* Ant B */
3436 val = rt2860_srom_read(sc, RT2860_EEPROM_RSSI2_5GHZ);
3437 sc->rssi_5ghz[2] = val & 0xff; /* Ant C */
3438 sc->lna[3] = val >> 8; /* channel group 3 */
3440 val = rt2860_srom_read(sc, RT2860_EEPROM_LNA);
3441 if (sc->mac_ver >= 0x3071)
3442 sc->lna[0] = RT3090_DEF_LNA;
3443 else /* channel group 0 */
3444 sc->lna[0] = val & 0xff;
3445 sc->lna[1] = val >> 8; /* channel group 1 */
3447 /* fix broken 5GHz LNA entries */
3448 if (sc->lna[2] == 0 || sc->lna[2] == 0xff) {
3449 DPRINTF(("invalid LNA for channel group %d\n", 2));
3450 sc->lna[2] = sc->lna[1];
3452 if (sc->lna[3] == 0 || sc->lna[3] == 0xff) {
3453 DPRINTF(("invalid LNA for channel group %d\n", 3));
3454 sc->lna[3] = sc->lna[1];
3457 /* fix broken RSSI offset entries */
3458 for (ant = 0; ant < 3; ant++) {
3459 if (sc->rssi_2ghz[ant] < -10 || sc->rssi_2ghz[ant] > 10) {
3460 DPRINTF(("invalid RSSI%d offset: %d (2GHz)\n",
3461 ant + 1, sc->rssi_2ghz[ant]));
3462 sc->rssi_2ghz[ant] = 0;
3464 if (sc->rssi_5ghz[ant] < -10 || sc->rssi_5ghz[ant] > 10) {
3465 DPRINTF(("invalid RSSI%d offset: %d (5GHz)\n",
3466 ant + 1, sc->rssi_5ghz[ant]));
3467 sc->rssi_5ghz[ant] = 0;
3475 rt2860_bbp_init(struct rt2860_softc *sc)
3477 #define N(a) (sizeof (a) / sizeof ((a)[0]))
3480 /* wait for BBP to wake up */
3481 for (ntries = 0; ntries < 20; ntries++) {
3482 uint8_t bbp0 = rt2860_mcu_bbp_read(sc, 0);
3483 if (bbp0 != 0 && bbp0 != 0xff)
3487 device_printf(sc->sc_dev,
3488 "timeout waiting for BBP to wake up\n");
3492 /* initialize BBP registers to default values */
3493 for (i = 0; i < N(rt2860_def_bbp); i++) {
3494 rt2860_mcu_bbp_write(sc, rt2860_def_bbp[i].reg,
3495 rt2860_def_bbp[i].val);
3498 /* fix BBP84 for RT2860E */
3499 if (sc->mac_ver == 0x2860 && sc->mac_rev != 0x0101)
3500 rt2860_mcu_bbp_write(sc, 84, 0x19);
3502 if (sc->mac_ver >= 0x3071) {
3503 rt2860_mcu_bbp_write(sc, 79, 0x13);
3504 rt2860_mcu_bbp_write(sc, 80, 0x05);
3505 rt2860_mcu_bbp_write(sc, 81, 0x33);
3506 } else if (sc->mac_ver == 0x2860 && sc->mac_rev == 0x0100) {
3507 rt2860_mcu_bbp_write(sc, 69, 0x16);
3508 rt2860_mcu_bbp_write(sc, 73, 0x12);
3516 rt2860_txrx_enable(struct rt2860_softc *sc)
3518 struct ifnet *ifp = sc->sc_ifp;
3519 struct ieee80211com *ic = ifp->if_l2com;
3523 /* enable Tx/Rx DMA engine */
3524 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL, RT2860_MAC_TX_EN);
3525 RAL_BARRIER_READ_WRITE(sc);
3526 for (ntries = 0; ntries < 200; ntries++) {
3527 tmp = RAL_READ(sc, RT2860_WPDMA_GLO_CFG);
3528 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
3532 if (ntries == 200) {
3533 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n");
3539 tmp |= RT2860_RX_DMA_EN | RT2860_TX_DMA_EN |
3540 RT2860_WPDMA_BT_SIZE64 << RT2860_WPDMA_BT_SIZE_SHIFT;
3541 RAL_WRITE(sc, RT2860_WPDMA_GLO_CFG, tmp);
3544 tmp = RT2860_DROP_CRC_ERR | RT2860_DROP_PHY_ERR;
3545 if (ic->ic_opmode != IEEE80211_M_MONITOR) {
3546 tmp |= RT2860_DROP_UC_NOME | RT2860_DROP_DUPL |
3547 RT2860_DROP_CTS | RT2860_DROP_BA | RT2860_DROP_ACK |
3548 RT2860_DROP_VER_ERR | RT2860_DROP_CTRL_RSV |
3549 RT2860_DROP_CFACK | RT2860_DROP_CFEND;
3550 if (ic->ic_opmode == IEEE80211_M_STA)
3551 tmp |= RT2860_DROP_RTS | RT2860_DROP_PSPOLL;
3553 RAL_WRITE(sc, RT2860_RX_FILTR_CFG, tmp);
3555 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL,
3556 RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
3562 rt2860_init(void *arg)
3564 struct rt2860_softc *sc = arg;
3565 struct ifnet *ifp = sc->sc_ifp;
3566 struct ieee80211com *ic = ifp->if_l2com;
3568 rt2860_init_locked(sc);
3570 if (ifp->if_flags & IFF_RUNNING)
3571 ieee80211_start_all(ic);
3575 rt2860_init_locked(struct rt2860_softc *sc)
3577 #define N(a) (sizeof (a) / sizeof ((a)[0]))
3578 struct ifnet *ifp = sc->sc_ifp;
3579 struct ieee80211com *ic = ifp->if_l2com;
3582 int i, qid, ridx, ntries, error;
3585 /* hardware has a radio switch on GPIO pin 2 */
3586 if (!(RAL_READ(sc, RT2860_GPIO_CTRL) & (1 << 2))) {
3587 device_printf(sc->sc_dev,
3588 "radio is disabled by hardware switch\n");
3590 rt2860_stop_locked(sc);
3595 RAL_WRITE(sc, RT2860_PWR_PIN_CFG, RT2860_IO_RA_PE);
3598 tmp = RAL_READ(sc, RT2860_WPDMA_GLO_CFG);
3600 RAL_WRITE(sc, RT2860_WPDMA_GLO_CFG, tmp);
3602 /* PBF hardware reset */
3603 RAL_WRITE(sc, RT2860_SYS_CTRL, 0xe1f);
3604 RAL_BARRIER_WRITE(sc);
3605 RAL_WRITE(sc, RT2860_SYS_CTRL, 0xe00);
3607 if ((error = rt2860_load_microcode(sc)) != 0) {
3608 device_printf(sc->sc_dev, "could not load 8051 microcode\n");
3609 rt2860_stop_locked(sc);
3613 rt2860_set_macaddr(sc, IF_LLADDR(ifp));
3615 /* init Tx power for all Tx rates (from EEPROM) */
3616 for (ridx = 0; ridx < 5; ridx++) {
3617 if (sc->txpow20mhz[ridx] == 0xffffffff)
3619 RAL_WRITE(sc, RT2860_TX_PWR_CFG(ridx), sc->txpow20mhz[ridx]);
3622 for (ntries = 0; ntries < 100; ntries++) {
3623 tmp = RAL_READ(sc, RT2860_WPDMA_GLO_CFG);
3624 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
3628 if (ntries == 100) {
3629 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n");
3630 rt2860_stop_locked(sc);
3634 RAL_WRITE(sc, RT2860_WPDMA_GLO_CFG, tmp);
3636 /* reset Rx ring and all 6 Tx rings */
3637 RAL_WRITE(sc, RT2860_WPDMA_RST_IDX, 0x1003f);
3639 /* PBF hardware reset */
3640 RAL_WRITE(sc, RT2860_SYS_CTRL, 0xe1f);
3641 RAL_BARRIER_WRITE(sc);
3642 RAL_WRITE(sc, RT2860_SYS_CTRL, 0xe00);
3644 RAL_WRITE(sc, RT2860_PWR_PIN_CFG, RT2860_IO_RA_PE | RT2860_IO_RF_PE);
3646 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST);
3647 RAL_BARRIER_WRITE(sc);
3648 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL, 0);
3650 for (i = 0; i < N(rt2860_def_mac); i++)
3651 RAL_WRITE(sc, rt2860_def_mac[i].reg, rt2860_def_mac[i].val);
3652 if (sc->mac_ver >= 0x3071) {
3653 /* set delay of PA_PE assertion to 1us (unit of 0.25us) */
3654 RAL_WRITE(sc, RT2860_TX_SW_CFG0,
3655 4 << RT2860_DLY_PAPE_EN_SHIFT);
3658 if (!(RAL_READ(sc, RT2860_PCI_CFG) & RT2860_PCI_CFG_PCI)) {
3659 sc->sc_flags |= RT2860_PCIE;
3660 /* PCIe has different clock cycle count than PCI */
3661 tmp = RAL_READ(sc, RT2860_US_CYC_CNT);
3662 tmp = (tmp & ~0xff) | 0x7d;
3663 RAL_WRITE(sc, RT2860_US_CYC_CNT, tmp);
3666 /* wait while MAC is busy */
3667 for (ntries = 0; ntries < 100; ntries++) {
3668 if (!(RAL_READ(sc, RT2860_MAC_STATUS_REG) &
3669 (RT2860_RX_STATUS_BUSY | RT2860_TX_STATUS_BUSY)))
3673 if (ntries == 100) {
3674 device_printf(sc->sc_dev, "timeout waiting for MAC\n");
3675 rt2860_stop_locked(sc);
3679 /* clear Host to MCU mailbox */
3680 RAL_WRITE(sc, RT2860_H2M_BBPAGENT, 0);
3681 RAL_WRITE(sc, RT2860_H2M_MAILBOX, 0);
3683 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0, 0);
3686 if ((error = rt2860_bbp_init(sc)) != 0) {
3687 rt2860_stop_locked(sc);
3691 /* clear RX WCID search table */
3692 RAL_SET_REGION_4(sc, RT2860_WCID_ENTRY(0), 0, 512);
3693 /* clear pairwise key table */
3694 RAL_SET_REGION_4(sc, RT2860_PKEY(0), 0, 2048);
3695 /* clear IV/EIV table */
3696 RAL_SET_REGION_4(sc, RT2860_IVEIV(0), 0, 512);
3697 /* clear WCID attribute table */
3698 RAL_SET_REGION_4(sc, RT2860_WCID_ATTR(0), 0, 256);
3699 /* clear shared key table */
3700 RAL_SET_REGION_4(sc, RT2860_SKEY(0, 0), 0, 8 * 32);
3701 /* clear shared key mode */
3702 RAL_SET_REGION_4(sc, RT2860_SKEY_MODE_0_7, 0, 4);
3704 /* init Tx rings (4 EDCAs + HCCA + Mgt) */
3705 for (qid = 0; qid < 6; qid++) {
3706 RAL_WRITE(sc, RT2860_TX_BASE_PTR(qid), sc->txq[qid].paddr);
3707 RAL_WRITE(sc, RT2860_TX_MAX_CNT(qid), RT2860_TX_RING_COUNT);
3708 RAL_WRITE(sc, RT2860_TX_CTX_IDX(qid), 0);
3712 RAL_WRITE(sc, RT2860_RX_BASE_PTR, sc->rxq.paddr);
3713 RAL_WRITE(sc, RT2860_RX_MAX_CNT, RT2860_RX_RING_COUNT);
3714 RAL_WRITE(sc, RT2860_RX_CALC_IDX, RT2860_RX_RING_COUNT - 1);
3716 /* setup maximum buffer sizes */
3717 RAL_WRITE(sc, RT2860_MAX_LEN_CFG, 1 << 12 |
3718 (MCLBYTES - sizeof (struct rt2860_rxwi) - 2));
3720 for (ntries = 0; ntries < 100; ntries++) {
3721 tmp = RAL_READ(sc, RT2860_WPDMA_GLO_CFG);
3722 if ((tmp & (RT2860_TX_DMA_BUSY | RT2860_RX_DMA_BUSY)) == 0)
3726 if (ntries == 100) {
3727 device_printf(sc->sc_dev, "timeout waiting for DMA engine\n");
3728 rt2860_stop_locked(sc);
3732 RAL_WRITE(sc, RT2860_WPDMA_GLO_CFG, tmp);
3734 /* disable interrupts mitigation */
3735 RAL_WRITE(sc, RT2860_DELAY_INT_CFG, 0);
3737 /* write vendor-specific BBP values (from EEPROM) */
3738 for (i = 0; i < 8; i++) {
3739 if (sc->bbp[i].reg == 0 || sc->bbp[i].reg == 0xff)
3741 rt2860_mcu_bbp_write(sc, sc->bbp[i].reg, sc->bbp[i].val);
3744 /* select Main antenna for 1T1R devices */
3745 if (sc->rf_rev == RT3070_RF_2020 ||
3746 sc->rf_rev == RT3070_RF_3020 ||
3747 sc->rf_rev == RT3070_RF_3320)
3748 rt3090_set_rx_antenna(sc, 0);
3750 /* send LEDs operating mode to microcontroller */
3751 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_LED1, sc->led[0], 0);
3752 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_LED2, sc->led[1], 0);
3753 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_LED3, sc->led[2], 0);
3755 if (sc->mac_ver >= 0x3071)
3758 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_SLEEP, 0x02ff, 1);
3759 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_WAKEUP, 0, 1);
3761 if (sc->mac_ver >= 0x3071)
3762 rt3090_rf_wakeup(sc);
3764 /* disable non-existing Rx chains */
3765 bbp3 = rt2860_mcu_bbp_read(sc, 3);
3766 bbp3 &= ~(1 << 3 | 1 << 4);
3767 if (sc->nrxchains == 2)
3769 else if (sc->nrxchains == 3)
3771 rt2860_mcu_bbp_write(sc, 3, bbp3);
3773 /* disable non-existing Tx chains */
3774 bbp1 = rt2860_mcu_bbp_read(sc, 1);
3775 if (sc->ntxchains == 1)
3776 bbp1 = (bbp1 & ~(1 << 3 | 1 << 4));
3777 else if (sc->mac_ver == 0x3593 && sc->ntxchains == 2)
3778 bbp1 = (bbp1 & ~(1 << 4)) | 1 << 3;
3779 else if (sc->mac_ver == 0x3593 && sc->ntxchains == 3)
3780 bbp1 = (bbp1 & ~(1 << 3)) | 1 << 4;
3781 rt2860_mcu_bbp_write(sc, 1, bbp1);
3783 if (sc->mac_ver >= 0x3071)
3784 rt3090_rf_setup(sc);
3786 /* select default channel */
3787 rt2860_switch_chan(sc, ic->ic_curchan);
3789 /* reset RF from MCU */
3790 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_RFRESET, 0, 0);
3792 /* set RTS threshold */
3793 tmp = RAL_READ(sc, RT2860_TX_RTS_CFG);
3795 tmp |= IEEE80211_RTS_DEFAULT << 8;
3796 RAL_WRITE(sc, RT2860_TX_RTS_CFG, tmp);
3798 /* setup initial protection mode */
3799 rt2860_updateprot(ifp);
3801 /* turn radio LED on */
3802 rt2860_set_leds(sc, RT2860_LED_RADIO);
3804 /* enable Tx/Rx DMA engine */
3805 if ((error = rt2860_txrx_enable(sc)) != 0) {
3806 rt2860_stop_locked(sc);
3810 /* clear pending interrupts */
3811 RAL_WRITE(sc, RT2860_INT_STATUS, 0xffffffff);
3812 /* enable interrupts */
3813 RAL_WRITE(sc, RT2860_INT_MASK, 0x3fffc);
3815 if (sc->sc_flags & RT2860_ADVANCED_PS)
3816 rt2860_mcu_cmd(sc, RT2860_MCU_CMD_PSLEVEL, sc->pslevel, 0);
3818 ifq_clr_oactive(&ifp->if_snd);
3819 ifp->if_flags |= IFF_RUNNING;
3821 callout_reset(&sc->watchdog_ch, hz, rt2860_watchdog, sc);
3826 rt2860_stop(void *arg)
3828 struct rt2860_softc *sc = arg;
3830 rt2860_stop_locked(sc);
3834 rt2860_stop_locked(struct rt2860_softc *sc)
3836 struct ifnet *ifp = sc->sc_ifp;
3840 if (ifp->if_flags & IFF_RUNNING)
3841 rt2860_set_leds(sc, 0); /* turn all LEDs off */
3843 callout_stop(&sc->watchdog_ch);
3844 sc->sc_tx_timer = 0;
3845 ifp->if_flags &= ~IFF_RUNNING;
3846 ifq_clr_oactive(&ifp->if_snd);
3848 /* disable interrupts */
3849 RAL_WRITE(sc, RT2860_INT_MASK, 0);
3851 /* disable GP timer */
3852 rt2860_set_gp_timer(sc, 0);
3855 tmp = RAL_READ(sc, RT2860_MAC_SYS_CTRL);
3856 tmp &= ~(RT2860_MAC_RX_EN | RT2860_MAC_TX_EN);
3857 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL, tmp);
3860 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL, RT2860_BBP_HRST | RT2860_MAC_SRST);
3861 RAL_BARRIER_WRITE(sc);
3862 RAL_WRITE(sc, RT2860_MAC_SYS_CTRL, 0);
3864 /* reset Tx and Rx rings (and reclaim TXWIs) */
3866 for (qid = 0; qid < 6; qid++)
3867 rt2860_reset_tx_ring(sc, &sc->txq[qid]);
3868 rt2860_reset_rx_ring(sc, &sc->rxq);
3872 rt2860_load_microcode(struct rt2860_softc *sc)
3874 const struct firmware *fp;
3877 wlan_assert_serialized();
3878 wlan_serialize_exit();
3879 fp = firmware_get("rt2860fw");
3880 wlan_serialize_enter();
3883 device_printf(sc->sc_dev,
3884 "unable to receive rt2860fw firmware image\n");
3888 /* set "host program ram write selection" bit */
3889 RAL_WRITE(sc, RT2860_SYS_CTRL, RT2860_HST_PM_SEL);
3890 /* write microcode image */
3891 RAL_WRITE_REGION_1(sc, RT2860_FW_BASE, fp->data, fp->datasize);
3892 /* kick microcontroller unit */
3893 RAL_WRITE(sc, RT2860_SYS_CTRL, 0);
3894 RAL_BARRIER_WRITE(sc);
3895 RAL_WRITE(sc, RT2860_SYS_CTRL, RT2860_MCU_RESET);
3897 RAL_WRITE(sc, RT2860_H2M_BBPAGENT, 0);
3898 RAL_WRITE(sc, RT2860_H2M_MAILBOX, 0);
3900 /* wait until microcontroller is ready */
3901 RAL_BARRIER_READ_WRITE(sc);
3902 for (ntries = 0; ntries < 1000; ntries++) {
3903 if (RAL_READ(sc, RT2860_SYS_CTRL) & RT2860_MCU_READY)
3907 if (ntries == 1000) {
3908 device_printf(sc->sc_dev,
3909 "timeout waiting for MCU to initialize\n");
3914 firmware_put(fp, FIRMWARE_UNLOAD);
3919 * This function is called periodically to adjust Tx power based on
3920 * temperature variation.
3924 rt2860_calib(struct rt2860_softc *sc)
3926 struct ieee80211com *ic = &sc->sc_ic;
3927 const uint8_t *tssi;
3928 uint8_t step, bbp49;
3931 /* read current temperature */
3932 bbp49 = rt2860_mcu_bbp_read(sc, 49);
3934 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_bss->ni_chan)) {
3935 tssi = &sc->tssi_2ghz[4];
3936 step = sc->step_2ghz;
3938 tssi = &sc->tssi_5ghz[4];
3939 step = sc->step_5ghz;
3942 if (bbp49 < tssi[0]) { /* lower than reference */
3943 /* use higher Tx power than default */
3944 for (d = 0; d > -4 && bbp49 <= tssi[d - 1]; d--);
3945 } else if (bbp49 > tssi[0]) { /* greater than reference */
3946 /* use lower Tx power than default */
3947 for (d = 0; d < +4 && bbp49 >= tssi[d + 1]; d++);
3949 /* use default Tx power */
3954 DPRINTF(("BBP49=0x%02x, adjusting Tx power by %d\n", bbp49, d));
3956 /* write adjusted Tx power values for each Tx rate */
3957 for (ridx = 0; ridx < 5; ridx++) {
3958 if (sc->txpow20mhz[ridx] == 0xffffffff)
3960 RAL_WRITE(sc, RT2860_TX_PWR_CFG(ridx),
3961 b4inc(sc->txpow20mhz[ridx], d));
3967 rt3090_set_rx_antenna(struct rt2860_softc *sc, int aux)
3972 tmp = RAL_READ(sc, RT2860_PCI_EECTRL);
3973 RAL_WRITE(sc, RT2860_PCI_EECTRL, tmp & ~RT2860_C);
3974 tmp = RAL_READ(sc, RT2860_GPIO_CTRL);
3975 RAL_WRITE(sc, RT2860_GPIO_CTRL, (tmp & ~0x0808) | 0x08);
3977 tmp = RAL_READ(sc, RT2860_PCI_EECTRL);
3978 RAL_WRITE(sc, RT2860_PCI_EECTRL, tmp | RT2860_C);
3979 tmp = RAL_READ(sc, RT2860_GPIO_CTRL);
3980 RAL_WRITE(sc, RT2860_GPIO_CTRL, tmp & ~0x0808);
3985 rt2860_switch_chan(struct rt2860_softc *sc, struct ieee80211_channel *c)
3987 struct ifnet *ifp = sc->sc_ifp;
3988 struct ieee80211com *ic = ifp->if_l2com;
3991 chan = ieee80211_chan2ieee(ic, c);
3992 if (chan == 0 || chan == IEEE80211_CHAN_ANY)
3995 if (sc->mac_ver >= 0x3071)
3996 rt3090_set_chan(sc, chan);
3998 rt2860_set_chan(sc, chan);
4000 /* determine channel group */
4003 else if (chan <= 64)
4005 else if (chan <= 128)
4010 /* XXX necessary only when group has changed! */
4011 rt2860_select_chan_group(sc, group);
4017 rt2860_setup_beacon(struct rt2860_softc *sc, struct ieee80211vap *vap)
4019 struct ieee80211com *ic = vap->iv_ic;
4020 struct ieee80211_beacon_offsets bo;
4021 struct rt2860_txwi txwi;
4025 if ((m = ieee80211_beacon_alloc(vap->iv_bss, &bo)) == NULL)
4028 memset(&txwi, 0, sizeof txwi);
4030 txwi.len = htole16(m->m_pkthdr.len);
4031 /* send beacons at the lowest available rate */
4032 ridx = IEEE80211_IS_CHAN_5GHZ(ic->ic_bsschan) ?
4033 RT2860_RIDX_OFDM6 : RT2860_RIDX_CCK1;
4034 txwi.phy = htole16(rt2860_rates[ridx].mcs);
4035 if (rt2860_rates[ridx].phy == IEEE80211_T_OFDM)
4036 txwi.phy |= htole16(RT2860_PHY_OFDM);
4037 txwi.txop = RT2860_TX_TXOP_HT;
4038 txwi.flags = RT2860_TX_TS;
4039 txwi.xflags = RT2860_TX_NSEQ;
4041 RAL_WRITE_REGION_1(sc, RT2860_BCN_BASE(0),
4042 (uint8_t *)&txwi, sizeof txwi);
4043 RAL_WRITE_REGION_1(sc, RT2860_BCN_BASE(0) + sizeof txwi,
4044 mtod(m, uint8_t *), m->m_pkthdr.len);
4052 rt2860_enable_tsf_sync(struct rt2860_softc *sc)
4054 struct ifnet *ifp = sc->sc_ifp;
4055 struct ieee80211com *ic = ifp->if_l2com;
4056 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
4059 tmp = RAL_READ(sc, RT2860_BCN_TIME_CFG);
4062 tmp |= vap->iv_bss->ni_intval * 16;
4063 tmp |= RT2860_TSF_TIMER_EN | RT2860_TBTT_TIMER_EN;
4064 if (vap->iv_opmode == IEEE80211_M_STA) {
4066 * Local TSF is always updated with remote TSF on beacon
4069 tmp |= 1 << RT2860_TSF_SYNC_MODE_SHIFT;
4071 else if (vap->iv_opmode == IEEE80211_M_IBSS ||
4072 vap->iv_opmode == IEEE80211_M_MBSS) {
4073 tmp |= RT2860_BCN_TX_EN;
4075 * Local TSF is updated with remote TSF on beacon reception
4076 * only if the remote TSF is greater than local TSF.
4078 tmp |= 2 << RT2860_TSF_SYNC_MODE_SHIFT;
4079 } else if (vap->iv_opmode == IEEE80211_M_HOSTAP) {
4080 tmp |= RT2860_BCN_TX_EN;
4081 /* SYNC with nobody */
4082 tmp |= 3 << RT2860_TSF_SYNC_MODE_SHIFT;
4085 RAL_WRITE(sc, RT2860_BCN_TIME_CFG, tmp);
projects / dragonfly.git / blob