1 /* $OpenBSD: if_uath.c,v 1.42 2010/06/29 07:12:31 matthew Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * http://www.atheros.com/pt/bulletins/AR5005UGBulletin.pdf 23 * http://www.atheros.com/pt/bulletins/AR5005UXBulletin.pdf 24 * 25 * IMPORTANT NOTICE: 26 * This driver was written without any documentation or support from Atheros 27 * Communications. It is based on a black-box analysis of the Windows binary 28 * driver. It handles both pre and post-firmware devices. 29 */ 30 31 #include "bpfilter.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/mbuf.h> 36 #include <sys/kernel.h> 37 #include <sys/socket.h> 38 #include <sys/systm.h> 39 #include <sys/timeout.h> 40 #include <sys/conf.h> 41 #include <sys/device.h> 42 43 #include <machine/bus.h> 44 #include <machine/endian.h> 45 #include <machine/intr.h> 46 47 #if NBPFILTER > 0 48 #include <net/bpf.h> 49 #endif 50 #include <net/if.h> 51 #include <net/if_arp.h> 52 #include <net/if_dl.h> 53 #include <net/if_media.h> 54 #include <net/if_types.h> 55 56 #include <netinet/in.h> 57 #include <netinet/in_systm.h> 58 #include <netinet/in_var.h> 59 #include <netinet/if_ether.h> 60 #include <netinet/ip.h> 61 62 #include <net80211/ieee80211_var.h> 63 #include <net80211/ieee80211_radiotap.h> 64 65 #include <dev/rndvar.h> 66 #include <crypto/arc4.h> 67 68 #include <dev/usb/usb.h> 69 #include <dev/usb/usbdi.h> 70 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 71 #include <dev/usb/usbdi_util.h> 72 #include <dev/usb/usbdevs.h> 73 74 #include <dev/usb/if_uathreg.h> 75 #include <dev/usb/if_uathvar.h> 76 77 #ifdef USB_DEBUG 78 #define UATH_DEBUG 79 #endif 80 81 #ifdef UATH_DEBUG 82 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 83 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 84 int uath_debug = 1; 85 #else 86 #define DPRINTF(x) 87 #define DPRINTFN(n, x) 88 #endif 89 90 /*- 91 * Various supported device vendors/products. 92 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 93 */ 94 #define UATH_DEV(v, p, f) \ 95 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 96 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 97 (f) | UATH_FLAG_PRE_FIRMWARE } 98 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 99 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 100 static const struct uath_type { 101 struct usb_devno dev; 102 unsigned int flags; 103 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 104 #define UATH_FLAG_ABG (1 << 1) 105 } uath_devs[] = { 106 UATH_DEV_UG(ACCTON, SMCWUSBTG2), 107 UATH_DEV_UG(ATHEROS, AR5523), 108 UATH_DEV_UG(ATHEROS2, AR5523_1), 109 UATH_DEV_UG(ATHEROS2, AR5523_2), 110 UATH_DEV_UX(ATHEROS2, AR5523_3), 111 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 112 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 113 UATH_DEV_UX(DLINK, DWLAG122), 114 UATH_DEV_UX(DLINK, DWLAG132), 115 UATH_DEV_UG(DLINK, DWLG132), 116 UATH_DEV_UG(GIGASET, AR5523), 117 UATH_DEV_UG(GIGASET, SMCWUSBTG), 118 UATH_DEV_UG(GLOBALSUN, AR5523_1), 119 UATH_DEV_UX(GLOBALSUN, AR5523_2), 120 UATH_DEV_UG(IODATA, USBWNG54US), 121 UATH_DEV_UG(MELCO, WLIU2KAMG54), 122 UATH_DEV_UX(NETGEAR, WG111U), 123 UATH_DEV_UG(NETGEAR3, WG111T), 124 UATH_DEV_UG(NETGEAR3, WPN111), 125 UATH_DEV_UG(PHILIPS, SNU6500), 126 UATH_DEV_UX(UMEDIA, AR5523_2), 127 UATH_DEV_UG(UMEDIA, TEW444UBEU), 128 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 129 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 130 UATH_DEV_UG(ZCOM, AR5523) 131 }; 132 #define uath_lookup(v, p) \ 133 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 134 135 void uath_attachhook(void *); 136 int uath_open_pipes(struct uath_softc *); 137 void uath_close_pipes(struct uath_softc *); 138 int uath_alloc_tx_data_list(struct uath_softc *); 139 void uath_free_tx_data_list(struct uath_softc *); 140 int uath_alloc_rx_data_list(struct uath_softc *); 141 void uath_free_rx_data_list(struct uath_softc *); 142 int uath_alloc_tx_cmd_list(struct uath_softc *); 143 void uath_free_tx_cmd_list(struct uath_softc *); 144 int uath_alloc_rx_cmd_list(struct uath_softc *); 145 void uath_free_rx_cmd_list(struct uath_softc *); 146 int uath_media_change(struct ifnet *); 147 void uath_stat(void *); 148 void uath_next_scan(void *); 149 void uath_task(void *); 150 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 151 #ifdef UATH_DEBUG 152 void uath_dump_cmd(const uint8_t *, int, char); 153 #endif 154 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 155 int); 156 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 157 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 158 int); 159 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 160 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 161 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 162 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 163 void uath_cmd_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 164 void uath_data_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 165 void uath_data_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 166 int uath_tx_null(struct uath_softc *); 167 int uath_tx_data(struct uath_softc *, struct mbuf *, 168 struct ieee80211_node *); 169 void uath_start(struct ifnet *); 170 void uath_watchdog(struct ifnet *); 171 int uath_ioctl(struct ifnet *, u_long, caddr_t); 172 int uath_query_eeprom(struct uath_softc *); 173 int uath_reset(struct uath_softc *); 174 int uath_reset_tx_queues(struct uath_softc *); 175 int uath_wme_init(struct uath_softc *); 176 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 177 int uath_set_key(struct uath_softc *, const struct ieee80211_key *, int); 178 int uath_set_keys(struct uath_softc *); 179 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 180 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 181 int uath_set_led(struct uath_softc *, int, int); 182 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 183 int uath_init(struct ifnet *); 184 void uath_stop(struct ifnet *, int); 185 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 186 int uath_activate(struct device *, int); 187 188 int uath_match(struct device *, void *, void *); 189 void uath_attach(struct device *, struct device *, void *); 190 int uath_detach(struct device *, int); 191 int uath_activate(struct device *, int); 192 193 struct cfdriver uath_cd = { 194 NULL, "uath", DV_IFNET 195 }; 196 197 const struct cfattach uath_ca = { 198 sizeof(struct uath_softc), 199 uath_match, 200 uath_attach, 201 uath_detach, 202 uath_activate, 203 }; 204 205 int 206 uath_match(struct device *parent, void *match, void *aux) 207 { 208 struct usb_attach_arg *uaa = aux; 209 210 if (uaa->iface != NULL) 211 return UMATCH_NONE; 212 213 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 214 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 215 } 216 217 void 218 uath_attachhook(void *xsc) 219 { 220 struct uath_softc *sc = xsc; 221 u_char *fw; 222 size_t size; 223 int error; 224 225 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 226 printf("%s: error %d, could not read firmware %s\n", 227 sc->sc_dev.dv_xname, error, "uath-ar5523"); 228 return; 229 } 230 231 error = uath_loadfirmware(sc, fw, size); 232 free(fw, M_DEVBUF); 233 234 if (error == 0) { 235 usb_port_status_t status; 236 237 /* 238 * Hack alert: the device doesn't always gracefully detach 239 * from the bus after a firmware upload. We need to force 240 * a port reset and a re-exploration on the parent hub. 241 */ 242 usbd_reset_port(sc->sc_uhub, sc->sc_port, &status); 243 usb_needs_reattach(sc->sc_udev); 244 } else { 245 printf("%s: could not load firmware (error=%s)\n", 246 sc->sc_dev.dv_xname, usbd_errstr(error)); 247 } 248 } 249 250 void 251 uath_attach(struct device *parent, struct device *self, void *aux) 252 { 253 struct uath_softc *sc = (struct uath_softc *)self; 254 struct usb_attach_arg *uaa = aux; 255 struct ieee80211com *ic = &sc->sc_ic; 256 struct ifnet *ifp = &ic->ic_if; 257 usbd_status error; 258 int i; 259 260 sc->sc_udev = uaa->device; 261 sc->sc_uhub = uaa->device->myhub; 262 sc->sc_port = uaa->port; 263 264 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 265 266 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 267 printf("%s: could not set configuration no\n", 268 sc->sc_dev.dv_xname); 269 return; 270 } 271 272 /* get the first interface handle */ 273 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 274 &sc->sc_iface); 275 if (error != 0) { 276 printf("%s: could not get interface handle\n", 277 sc->sc_dev.dv_xname); 278 return; 279 } 280 281 /* 282 * We must open the pipes early because they're used to upload the 283 * firmware (pre-firmware devices) or to send firmware commands. 284 */ 285 if (uath_open_pipes(sc) != 0) { 286 printf("%s: could not open pipes\n", sc->sc_dev.dv_xname); 287 return; 288 } 289 290 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 291 if (rootvp == NULL) 292 mountroothook_establish(uath_attachhook, sc); 293 else 294 uath_attachhook(sc); 295 return; 296 } 297 298 /* 299 * Only post-firmware devices here. 300 */ 301 usb_init_task(&sc->sc_task, uath_task, sc); 302 timeout_set(&sc->scan_to, uath_next_scan, sc); 303 timeout_set(&sc->stat_to, uath_stat, sc); 304 305 /* 306 * Allocate xfers for firmware commands. 307 */ 308 if (uath_alloc_tx_cmd_list(sc) != 0) { 309 printf("%s: could not allocate Tx command list\n", 310 sc->sc_dev.dv_xname); 311 goto fail1; 312 } 313 if (uath_alloc_rx_cmd_list(sc) != 0) { 314 printf("%s: could not allocate Rx command list\n", 315 sc->sc_dev.dv_xname); 316 goto fail2; 317 } 318 319 /* 320 * Queue Rx command xfers. 321 */ 322 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 323 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 324 325 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 326 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 327 USBD_NO_TIMEOUT, uath_cmd_rxeof); 328 error = usbd_transfer(cmd->xfer); 329 if (error != USBD_IN_PROGRESS && error != 0) { 330 printf("%s: could not queue Rx command xfer\n", 331 sc->sc_dev.dv_xname); 332 goto fail3; 333 } 334 } 335 336 /* 337 * We're now ready to send/receive firmware commands. 338 */ 339 if (uath_reset(sc) != 0) { 340 printf("%s: could not initialize adapter\n", 341 sc->sc_dev.dv_xname); 342 goto fail3; 343 } 344 if (uath_query_eeprom(sc) != 0) { 345 printf("%s: could not read EEPROM\n", sc->sc_dev.dv_xname); 346 goto fail3; 347 } 348 349 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 350 sc->sc_dev.dv_xname, (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 351 ether_sprintf(ic->ic_myaddr)); 352 353 /* 354 * Allocate xfers for Tx/Rx data pipes. 355 */ 356 if (uath_alloc_tx_data_list(sc) != 0) { 357 printf("%s: could not allocate Tx data list\n", 358 sc->sc_dev.dv_xname); 359 goto fail3; 360 } 361 if (uath_alloc_rx_data_list(sc) != 0) { 362 printf("%s: could not allocate Rx data list\n", 363 sc->sc_dev.dv_xname); 364 goto fail4; 365 } 366 367 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 368 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 369 ic->ic_state = IEEE80211_S_INIT; 370 371 /* set device capabilities */ 372 ic->ic_caps = 373 IEEE80211_C_MONITOR | /* monitor mode supported */ 374 IEEE80211_C_TXPMGT | /* tx power management */ 375 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 376 IEEE80211_C_SHSLOT | /* short slot time supported */ 377 IEEE80211_C_WEP; /* h/w WEP */ 378 379 /* set supported .11b and .11g rates */ 380 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 381 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 382 383 /* set supported .11b and .11g channels (1 through 14) */ 384 for (i = 1; i <= 14; i++) { 385 ic->ic_channels[i].ic_freq = 386 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 387 ic->ic_channels[i].ic_flags = 388 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 389 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 390 } 391 392 ifp->if_softc = sc; 393 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 394 ifp->if_init = uath_init; 395 ifp->if_ioctl = uath_ioctl; 396 ifp->if_start = uath_start; 397 ifp->if_watchdog = uath_watchdog; 398 IFQ_SET_READY(&ifp->if_snd); 399 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 400 401 if_attach(ifp); 402 ieee80211_ifattach(ifp); 403 404 /* override state transition machine */ 405 sc->sc_newstate = ic->ic_newstate; 406 ic->ic_newstate = uath_newstate; 407 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 408 409 #if NBPFILTER > 0 410 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 411 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 412 413 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 414 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 415 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 416 417 sc->sc_txtap_len = sizeof sc->sc_txtapu; 418 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 419 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 420 #endif 421 422 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, 423 &sc->sc_dev); 424 425 return; 426 427 fail4: uath_free_tx_data_list(sc); 428 fail3: uath_free_rx_cmd_list(sc); 429 fail2: uath_free_tx_cmd_list(sc); 430 fail1: uath_close_pipes(sc); 431 } 432 433 int 434 uath_detach(struct device *self, int flags) 435 { 436 struct uath_softc *sc = (struct uath_softc *)self; 437 struct ifnet *ifp = &sc->sc_ic.ic_if; 438 int s; 439 440 s = splnet(); 441 442 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 443 uath_close_pipes(sc); 444 splx(s); 445 return 0; 446 } 447 448 /* post-firmware device */ 449 450 usb_rem_task(sc->sc_udev, &sc->sc_task); 451 timeout_del(&sc->scan_to); 452 timeout_del(&sc->stat_to); 453 454 /* abort and free xfers */ 455 uath_free_tx_data_list(sc); 456 uath_free_rx_data_list(sc); 457 uath_free_tx_cmd_list(sc); 458 uath_free_rx_cmd_list(sc); 459 460 /* close Tx/Rx pipes */ 461 uath_close_pipes(sc); 462 463 ieee80211_ifdetach(ifp); /* free all nodes */ 464 if_detach(ifp); 465 466 splx(s); 467 468 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, 469 &sc->sc_dev); 470 471 return 0; 472 } 473 474 int 475 uath_open_pipes(struct uath_softc *sc) 476 { 477 int error; 478 479 /* 480 * XXX pipes numbers are hardcoded because we don't have any way 481 * to distinguish the data pipes from the firmware command pipes 482 * (both are bulk pipes) using the endpoints descriptors. 483 */ 484 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 485 &sc->cmd_tx_pipe); 486 if (error != 0) { 487 printf("%s: could not open Tx command pipe: %s\n", 488 sc->sc_dev.dv_xname, usbd_errstr(error)); 489 goto fail; 490 } 491 492 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 493 &sc->data_tx_pipe); 494 if (error != 0) { 495 printf("%s: could not open Tx data pipe: %s\n", 496 sc->sc_dev.dv_xname, usbd_errstr(error)); 497 goto fail; 498 } 499 500 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 501 &sc->cmd_rx_pipe); 502 if (error != 0) { 503 printf("%s: could not open Rx command pipe: %s\n", 504 sc->sc_dev.dv_xname, usbd_errstr(error)); 505 goto fail; 506 } 507 508 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 509 &sc->data_rx_pipe); 510 if (error != 0) { 511 printf("%s: could not open Rx data pipe: %s\n", 512 sc->sc_dev.dv_xname, usbd_errstr(error)); 513 goto fail; 514 } 515 516 return 0; 517 518 fail: uath_close_pipes(sc); 519 return error; 520 } 521 522 void 523 uath_close_pipes(struct uath_softc *sc) 524 { 525 /* assumes no transfers are pending on the pipes */ 526 527 if (sc->data_tx_pipe != NULL) 528 usbd_close_pipe(sc->data_tx_pipe); 529 530 if (sc->data_rx_pipe != NULL) 531 usbd_close_pipe(sc->data_rx_pipe); 532 533 if (sc->cmd_tx_pipe != NULL) 534 usbd_close_pipe(sc->cmd_tx_pipe); 535 536 if (sc->cmd_rx_pipe != NULL) 537 usbd_close_pipe(sc->cmd_rx_pipe); 538 } 539 540 int 541 uath_alloc_tx_data_list(struct uath_softc *sc) 542 { 543 int i, error; 544 545 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 546 struct uath_tx_data *data = &sc->tx_data[i]; 547 548 data->sc = sc; /* backpointer for callbacks */ 549 550 data->xfer = usbd_alloc_xfer(sc->sc_udev); 551 if (data->xfer == NULL) { 552 printf("%s: could not allocate xfer\n", 553 sc->sc_dev.dv_xname); 554 error = ENOMEM; 555 goto fail; 556 } 557 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 558 if (data->buf == NULL) { 559 printf("%s: could not allocate xfer buffer\n", 560 sc->sc_dev.dv_xname); 561 error = ENOMEM; 562 goto fail; 563 } 564 } 565 return 0; 566 567 fail: uath_free_tx_data_list(sc); 568 return error; 569 } 570 571 void 572 uath_free_tx_data_list(struct uath_softc *sc) 573 { 574 int i; 575 576 /* make sure no transfers are pending */ 577 usbd_abort_pipe(sc->data_tx_pipe); 578 579 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 580 if (sc->tx_data[i].xfer != NULL) 581 usbd_free_xfer(sc->tx_data[i].xfer); 582 } 583 584 int 585 uath_alloc_rx_data_list(struct uath_softc *sc) 586 { 587 int i, error; 588 589 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 590 struct uath_rx_data *data = &sc->rx_data[i]; 591 592 data->sc = sc; /* backpointer for callbacks */ 593 594 data->xfer = usbd_alloc_xfer(sc->sc_udev); 595 if (data->xfer == NULL) { 596 printf("%s: could not allocate xfer\n", 597 sc->sc_dev.dv_xname); 598 error = ENOMEM; 599 goto fail; 600 } 601 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 602 printf("%s: could not allocate xfer buffer\n", 603 sc->sc_dev.dv_xname); 604 error = ENOMEM; 605 goto fail; 606 } 607 608 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 609 if (data->m == NULL) { 610 printf("%s: could not allocate rx mbuf\n", 611 sc->sc_dev.dv_xname); 612 error = ENOMEM; 613 goto fail; 614 } 615 MCLGET(data->m, M_DONTWAIT); 616 if (!(data->m->m_flags & M_EXT)) { 617 printf("%s: could not allocate rx mbuf cluster\n", 618 sc->sc_dev.dv_xname); 619 error = ENOMEM; 620 goto fail; 621 } 622 623 data->buf = mtod(data->m, uint8_t *); 624 } 625 return 0; 626 627 fail: uath_free_rx_data_list(sc); 628 return error; 629 } 630 631 void 632 uath_free_rx_data_list(struct uath_softc *sc) 633 { 634 int i; 635 636 /* make sure no transfers are pending */ 637 usbd_abort_pipe(sc->data_rx_pipe); 638 639 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 640 struct uath_rx_data *data = &sc->rx_data[i]; 641 642 if (data->xfer != NULL) 643 usbd_free_xfer(data->xfer); 644 645 if (data->m != NULL) 646 m_freem(data->m); 647 } 648 } 649 650 int 651 uath_alloc_tx_cmd_list(struct uath_softc *sc) 652 { 653 int i, error; 654 655 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 656 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 657 658 cmd->sc = sc; /* backpointer for callbacks */ 659 660 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 661 if (cmd->xfer == NULL) { 662 printf("%s: could not allocate xfer\n", 663 sc->sc_dev.dv_xname); 664 error = ENOMEM; 665 goto fail; 666 } 667 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 668 if (cmd->buf == NULL) { 669 printf("%s: could not allocate xfer buffer\n", 670 sc->sc_dev.dv_xname); 671 error = ENOMEM; 672 goto fail; 673 } 674 } 675 return 0; 676 677 fail: uath_free_tx_cmd_list(sc); 678 return error; 679 } 680 681 void 682 uath_free_tx_cmd_list(struct uath_softc *sc) 683 { 684 int i; 685 686 /* make sure no transfers are pending */ 687 usbd_abort_pipe(sc->cmd_tx_pipe); 688 689 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 690 if (sc->tx_cmd[i].xfer != NULL) 691 usbd_free_xfer(sc->tx_cmd[i].xfer); 692 } 693 694 int 695 uath_alloc_rx_cmd_list(struct uath_softc *sc) 696 { 697 int i, error; 698 699 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 700 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 701 702 cmd->sc = sc; /* backpointer for callbacks */ 703 704 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 705 if (cmd->xfer == NULL) { 706 printf("%s: could not allocate xfer\n", 707 sc->sc_dev.dv_xname); 708 error = ENOMEM; 709 goto fail; 710 } 711 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 712 if (cmd->buf == NULL) { 713 printf("%s: could not allocate xfer buffer\n", 714 sc->sc_dev.dv_xname); 715 error = ENOMEM; 716 goto fail; 717 } 718 } 719 return 0; 720 721 fail: uath_free_rx_cmd_list(sc); 722 return error; 723 } 724 725 void 726 uath_free_rx_cmd_list(struct uath_softc *sc) 727 { 728 int i; 729 730 /* make sure no transfers are pending */ 731 usbd_abort_pipe(sc->cmd_rx_pipe); 732 733 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 734 if (sc->rx_cmd[i].xfer != NULL) 735 usbd_free_xfer(sc->rx_cmd[i].xfer); 736 } 737 738 int 739 uath_media_change(struct ifnet *ifp) 740 { 741 int error; 742 743 error = ieee80211_media_change(ifp); 744 if (error != ENETRESET) 745 return error; 746 747 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 748 uath_init(ifp); 749 750 return 0; 751 } 752 753 /* 754 * This function is called periodically (every second) when associated to 755 * query device statistics. 756 */ 757 void 758 uath_stat(void *arg) 759 { 760 struct uath_softc *sc = arg; 761 int error; 762 763 /* 764 * Send request for statistics asynchronously. The timer will be 765 * restarted when we'll get the stats notification. 766 */ 767 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 768 UATH_CMD_FLAG_ASYNC); 769 if (error != 0) { 770 printf("%s: could not query statistics (error=%d)\n", 771 sc->sc_dev.dv_xname, error); 772 } 773 } 774 775 /* 776 * This function is called periodically (every 250ms) during scanning to 777 * switch from one channel to another. 778 */ 779 void 780 uath_next_scan(void *arg) 781 { 782 struct uath_softc *sc = arg; 783 struct ieee80211com *ic = &sc->sc_ic; 784 struct ifnet *ifp = &ic->ic_if; 785 786 if (ic->ic_state == IEEE80211_S_SCAN) 787 ieee80211_next_scan(ifp); 788 } 789 790 void 791 uath_task(void *arg) 792 { 793 struct uath_softc *sc = arg; 794 struct ieee80211com *ic = &sc->sc_ic; 795 enum ieee80211_state ostate; 796 797 ostate = ic->ic_state; 798 799 switch (sc->sc_state) { 800 case IEEE80211_S_INIT: 801 if (ostate == IEEE80211_S_RUN) { 802 /* turn link and activity LEDs off */ 803 (void)uath_set_led(sc, UATH_LED_LINK, 0); 804 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 805 } 806 break; 807 808 case IEEE80211_S_SCAN: 809 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 810 printf("%s: could not switch channel\n", 811 sc->sc_dev.dv_xname); 812 break; 813 } 814 timeout_add_msec(&sc->scan_to, 250); 815 break; 816 817 case IEEE80211_S_AUTH: 818 { 819 struct ieee80211_node *ni = ic->ic_bss; 820 struct uath_cmd_bssid bssid; 821 struct uath_cmd_0b cmd0b; 822 struct uath_cmd_0c cmd0c; 823 824 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 825 printf("%s: could not switch channel\n", 826 sc->sc_dev.dv_xname); 827 break; 828 } 829 830 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 831 832 bzero(&bssid, sizeof bssid); 833 bssid.len = htobe32(IEEE80211_ADDR_LEN); 834 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 835 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 836 sizeof bssid, 0); 837 838 bzero(&cmd0b, sizeof cmd0b); 839 cmd0b.code = htobe32(2); 840 cmd0b.size = htobe32(sizeof (cmd0b.data)); 841 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 842 843 bzero(&cmd0c, sizeof cmd0c); 844 cmd0c.magic1 = htobe32(2); 845 cmd0c.magic2 = htobe32(7); 846 cmd0c.magic3 = htobe32(1); 847 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 848 849 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 850 printf("%s: could not set negotiated rate set\n", 851 sc->sc_dev.dv_xname); 852 break; 853 } 854 break; 855 } 856 857 case IEEE80211_S_ASSOC: 858 break; 859 860 case IEEE80211_S_RUN: 861 { 862 struct ieee80211_node *ni = ic->ic_bss; 863 struct uath_cmd_bssid bssid; 864 struct uath_cmd_xled xled; 865 uint32_t val; 866 867 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 868 /* make both LEDs blink while monitoring */ 869 bzero(&xled, sizeof xled); 870 xled.which = htobe32(0); 871 xled.rate = htobe32(1); 872 xled.mode = htobe32(2); 873 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 874 sizeof xled, 0); 875 break; 876 } 877 878 /* 879 * Tx rate is controlled by firmware, report the maximum 880 * negotiated rate in ifconfig output. 881 */ 882 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 883 884 val = htobe32(1); 885 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 886 887 bzero(&bssid, sizeof bssid); 888 bssid.flags1 = htobe32(0xc004); 889 bssid.flags2 = htobe32(0x003b); 890 bssid.len = htobe32(IEEE80211_ADDR_LEN); 891 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 892 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 893 sizeof bssid, 0); 894 895 /* turn link LED on */ 896 (void)uath_set_led(sc, UATH_LED_LINK, 1); 897 898 /* make activity LED blink */ 899 bzero(&xled, sizeof xled); 900 xled.which = htobe32(1); 901 xled.rate = htobe32(1); 902 xled.mode = htobe32(2); 903 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 904 0); 905 906 /* set state to associated */ 907 val = htobe32(1); 908 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 909 0); 910 911 /* start statistics timer */ 912 timeout_add_sec(&sc->stat_to, 1); 913 break; 914 } 915 } 916 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 917 } 918 919 int 920 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 921 { 922 struct uath_softc *sc = ic->ic_softc; 923 924 usb_rem_task(sc->sc_udev, &sc->sc_task); 925 timeout_del(&sc->scan_to); 926 timeout_del(&sc->stat_to); 927 928 /* do it in a process context */ 929 sc->sc_state = nstate; 930 sc->sc_arg = arg; 931 usb_add_task(sc->sc_udev, &sc->sc_task); 932 return 0; 933 } 934 935 #ifdef UATH_DEBUG 936 void 937 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 938 { 939 int i; 940 941 for (i = 0; i < len; i++) { 942 if ((i % 16) == 0) 943 printf("\n%c ", prefix); 944 else if ((i % 4) == 0) 945 printf(" "); 946 printf("%02x", buf[i]); 947 } 948 printf("\n"); 949 } 950 #endif 951 952 /* 953 * Low-level function to send read or write commands to the firmware. 954 */ 955 int 956 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 957 void *odata, int flags) 958 { 959 struct uath_cmd_hdr *hdr; 960 struct uath_tx_cmd *cmd; 961 uint16_t xferflags; 962 int s, xferlen, error; 963 964 /* grab a xfer */ 965 cmd = &sc->tx_cmd[sc->cmd_idx]; 966 967 /* always bulk-out a multiple of 4 bytes */ 968 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 969 970 hdr = (struct uath_cmd_hdr *)cmd->buf; 971 bzero(hdr, sizeof (struct uath_cmd_hdr)); 972 hdr->len = htobe32(xferlen); 973 hdr->code = htobe32(code); 974 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 975 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 976 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 977 978 #ifdef UATH_DEBUG 979 if (uath_debug >= 5) { 980 printf("sending command code=0x%02x flags=0x%x index=%u", 981 code, flags, sc->cmd_idx); 982 uath_dump_cmd(cmd->buf, xferlen, '+'); 983 } 984 #endif 985 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 986 if (!(flags & UATH_CMD_FLAG_READ)) { 987 if (!(flags & UATH_CMD_FLAG_ASYNC)) 988 xferflags |= USBD_SYNCHRONOUS; 989 } else 990 s = splusb(); 991 992 cmd->odata = odata; 993 994 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 995 xferflags, UATH_CMD_TIMEOUT, NULL); 996 error = usbd_transfer(cmd->xfer); 997 if (error != USBD_IN_PROGRESS && error != 0) { 998 if (flags & UATH_CMD_FLAG_READ) 999 splx(s); 1000 printf("%s: could not send command 0x%x (error=%s)\n", 1001 sc->sc_dev.dv_xname, code, usbd_errstr(error)); 1002 return error; 1003 } 1004 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 1005 1006 if (!(flags & UATH_CMD_FLAG_READ)) 1007 return 0; /* write: don't wait for reply */ 1008 1009 /* wait at most two seconds for command reply */ 1010 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 1011 cmd->odata = NULL; /* in case answer is received too late */ 1012 splx(s); 1013 if (error != 0) { 1014 printf("%s: timeout waiting for command reply\n", 1015 sc->sc_dev.dv_xname); 1016 } 1017 return error; 1018 } 1019 1020 int 1021 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1022 int flags) 1023 { 1024 flags &= ~UATH_CMD_FLAG_READ; 1025 return uath_cmd(sc, code, data, len, NULL, flags); 1026 } 1027 1028 int 1029 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1030 int ilen, void *odata, int flags) 1031 { 1032 flags |= UATH_CMD_FLAG_READ; 1033 return uath_cmd(sc, code, idata, ilen, odata, flags); 1034 } 1035 1036 int 1037 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1038 { 1039 struct uath_write_mac write; 1040 int error; 1041 1042 write.reg = htobe32(reg); 1043 write.len = htobe32(0); /* 0 = single write */ 1044 *(uint32_t *)write.data = htobe32(val); 1045 1046 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1047 3 * sizeof (uint32_t), 0); 1048 if (error != 0) { 1049 printf("%s: could not write register 0x%02x\n", 1050 sc->sc_dev.dv_xname, reg); 1051 } 1052 return error; 1053 } 1054 1055 int 1056 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1057 int len) 1058 { 1059 struct uath_write_mac write; 1060 int error; 1061 1062 write.reg = htobe32(reg); 1063 write.len = htobe32(len); 1064 bcopy(data, write.data, len); 1065 1066 /* properly handle the case where len is zero (reset) */ 1067 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1068 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1069 if (error != 0) { 1070 printf("%s: could not write %d bytes to register 0x%02x\n", 1071 sc->sc_dev.dv_xname, len, reg); 1072 } 1073 return error; 1074 } 1075 1076 int 1077 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1078 { 1079 struct uath_read_mac read; 1080 int error; 1081 1082 reg = htobe32(reg); 1083 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1084 0); 1085 if (error != 0) { 1086 printf("%s: could not read register 0x%02x\n", 1087 sc->sc_dev.dv_xname, betoh32(reg)); 1088 return error; 1089 } 1090 *val = betoh32(*(uint32_t *)read.data); 1091 return error; 1092 } 1093 1094 int 1095 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1096 { 1097 struct uath_read_mac read; 1098 int len, error; 1099 1100 reg = htobe32(reg); 1101 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1102 &read, 0); 1103 if (error != 0) { 1104 printf("%s: could not read EEPROM offset 0x%02x\n", 1105 sc->sc_dev.dv_xname, betoh32(reg)); 1106 return error; 1107 } 1108 len = betoh32(read.len); 1109 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1110 return error; 1111 } 1112 1113 void 1114 uath_cmd_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1115 usbd_status status) 1116 { 1117 struct uath_rx_cmd *cmd = priv; 1118 struct uath_softc *sc = cmd->sc; 1119 struct uath_cmd_hdr *hdr; 1120 1121 if (status != USBD_NORMAL_COMPLETION) { 1122 if (status == USBD_STALLED) 1123 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1124 return; 1125 } 1126 1127 hdr = (struct uath_cmd_hdr *)cmd->buf; 1128 1129 #ifdef UATH_DEBUG 1130 if (uath_debug >= 5) { 1131 printf("received command code=0x%x index=%u len=%u", 1132 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1133 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1134 } 1135 #endif 1136 1137 switch (betoh32(hdr->code) & 0xff) { 1138 /* reply to a read command */ 1139 default: 1140 { 1141 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1142 1143 if (txcmd->odata != NULL) { 1144 /* copy answer into caller's supplied buffer */ 1145 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1146 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1147 } 1148 wakeup(txcmd); /* wake up caller */ 1149 break; 1150 } 1151 /* spontaneous firmware notifications */ 1152 case UATH_NOTIF_READY: 1153 DPRINTF(("received device ready notification\n")); 1154 wakeup(UATH_COND_INIT(sc)); 1155 break; 1156 1157 case UATH_NOTIF_TX: 1158 /* this notification is sent when UATH_TX_NOTIFY is set */ 1159 DPRINTF(("received Tx notification\n")); 1160 break; 1161 1162 case UATH_NOTIF_STATS: 1163 DPRINTFN(2, ("received device statistics\n")); 1164 timeout_add_sec(&sc->stat_to, 1); 1165 break; 1166 } 1167 1168 /* setup a new transfer */ 1169 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1170 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1171 uath_cmd_rxeof); 1172 (void)usbd_transfer(xfer); 1173 } 1174 1175 void 1176 uath_data_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1177 usbd_status status) 1178 { 1179 struct uath_rx_data *data = priv; 1180 struct uath_softc *sc = data->sc; 1181 struct ieee80211com *ic = &sc->sc_ic; 1182 struct ifnet *ifp = &ic->ic_if; 1183 struct ieee80211_frame *wh; 1184 struct ieee80211_rxinfo rxi; 1185 struct ieee80211_node *ni; 1186 struct uath_rx_desc *desc; 1187 struct mbuf *mnew, *m; 1188 uint32_t hdr; 1189 int s, len; 1190 1191 if (status != USBD_NORMAL_COMPLETION) { 1192 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1193 return; 1194 1195 if (status == USBD_STALLED) 1196 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1197 1198 ifp->if_ierrors++; 1199 return; 1200 } 1201 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1202 1203 if (len < UATH_MIN_RXBUFSZ) { 1204 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1205 ifp->if_ierrors++; 1206 goto skip; 1207 } 1208 1209 hdr = betoh32(*(uint32_t *)data->buf); 1210 1211 /* Rx descriptor is located at the end, 32-bit aligned */ 1212 desc = (struct uath_rx_desc *) 1213 (data->buf + len - sizeof (struct uath_rx_desc)); 1214 1215 if (betoh32(desc->len) > sc->rxbufsz) { 1216 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1217 ifp->if_ierrors++; 1218 goto skip; 1219 } 1220 1221 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1222 1223 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1224 if (mnew == NULL) { 1225 printf("%s: could not allocate rx mbuf\n", 1226 sc->sc_dev.dv_xname); 1227 ifp->if_ierrors++; 1228 goto skip; 1229 } 1230 MCLGET(mnew, M_DONTWAIT); 1231 if (!(mnew->m_flags & M_EXT)) { 1232 printf("%s: could not allocate rx mbuf cluster\n", 1233 sc->sc_dev.dv_xname); 1234 m_freem(mnew); 1235 ifp->if_ierrors++; 1236 goto skip; 1237 } 1238 1239 m = data->m; 1240 data->m = mnew; 1241 1242 /* finalize mbuf */ 1243 m->m_pkthdr.rcvif = ifp; 1244 m->m_data = data->buf + sizeof (uint32_t); 1245 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1246 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1247 1248 data->buf = mtod(data->m, uint8_t *); 1249 1250 wh = mtod(m, struct ieee80211_frame *); 1251 rxi.rxi_flags = 0; 1252 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1253 ic->ic_opmode != IEEE80211_M_MONITOR) { 1254 /* 1255 * Hardware decrypts the frame itself but leaves the WEP bit 1256 * set in the 802.11 header and doesn't remove the IV and CRC 1257 * fields. 1258 */ 1259 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1260 ovbcopy(wh, (caddr_t)wh + IEEE80211_WEP_IVLEN + 1261 IEEE80211_WEP_KIDLEN, sizeof (struct ieee80211_frame)); 1262 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1263 m_adj(m, -IEEE80211_WEP_CRCLEN); 1264 wh = mtod(m, struct ieee80211_frame *); 1265 1266 rxi.rxi_flags |= IEEE80211_RXI_HWDEC; 1267 } 1268 1269 #if NBPFILTER > 0 1270 /* there are a lot more fields in the Rx descriptor */ 1271 if (sc->sc_drvbpf != NULL) { 1272 struct mbuf mb; 1273 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1274 1275 tap->wr_flags = 0; 1276 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1277 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1278 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1279 1280 mb.m_data = (caddr_t)tap; 1281 mb.m_len = sc->sc_rxtap_len; 1282 mb.m_next = m; 1283 mb.m_nextpkt = NULL; 1284 mb.m_type = 0; 1285 mb.m_flags = 0; 1286 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1287 } 1288 #endif 1289 1290 s = splnet(); 1291 ni = ieee80211_find_rxnode(ic, wh); 1292 rxi.rxi_rssi = (int)betoh32(desc->rssi); 1293 rxi.rxi_tstamp = 0; /* unused */ 1294 ieee80211_input(ifp, m, ni, &rxi); 1295 1296 /* node is no longer needed */ 1297 ieee80211_release_node(ic, ni); 1298 splx(s); 1299 1300 skip: /* setup a new transfer */ 1301 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1302 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1303 (void)usbd_transfer(data->xfer); 1304 } 1305 1306 int 1307 uath_tx_null(struct uath_softc *sc) 1308 { 1309 struct uath_tx_data *data; 1310 struct uath_tx_desc *desc; 1311 1312 data = &sc->tx_data[sc->data_idx]; 1313 1314 data->ni = NULL; 1315 1316 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1317 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1318 1319 bzero(desc, sizeof (struct uath_tx_desc)); 1320 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1321 desc->type = htobe32(UATH_TX_NULL); 1322 1323 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1324 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1325 USBD_FORCE_SHORT_XFER, UATH_DATA_TIMEOUT, NULL); 1326 if (usbd_sync_transfer(data->xfer) != 0) 1327 return EIO; 1328 1329 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1330 1331 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1332 } 1333 1334 void 1335 uath_data_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1336 usbd_status status) 1337 { 1338 struct uath_tx_data *data = priv; 1339 struct uath_softc *sc = data->sc; 1340 struct ieee80211com *ic = &sc->sc_ic; 1341 struct ifnet *ifp = &ic->ic_if; 1342 int s; 1343 1344 if (status != USBD_NORMAL_COMPLETION) { 1345 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1346 return; 1347 1348 printf("%s: could not transmit buffer: %s\n", 1349 sc->sc_dev.dv_xname, usbd_errstr(status)); 1350 1351 if (status == USBD_STALLED) 1352 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1353 1354 ifp->if_oerrors++; 1355 return; 1356 } 1357 1358 s = splnet(); 1359 1360 ieee80211_release_node(ic, data->ni); 1361 data->ni = NULL; 1362 1363 sc->tx_queued--; 1364 ifp->if_opackets++; 1365 1366 sc->sc_tx_timer = 0; 1367 ifp->if_flags &= ~IFF_OACTIVE; 1368 uath_start(ifp); 1369 1370 splx(s); 1371 } 1372 1373 int 1374 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1375 { 1376 struct ieee80211com *ic = &sc->sc_ic; 1377 struct uath_tx_data *data; 1378 struct uath_tx_desc *desc; 1379 const struct ieee80211_frame *wh; 1380 int paylen, totlen, xferlen, error; 1381 1382 data = &sc->tx_data[sc->data_idx]; 1383 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1384 1385 data->ni = ni; 1386 1387 #if NBPFILTER > 0 1388 if (sc->sc_drvbpf != NULL) { 1389 struct mbuf mb; 1390 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1391 1392 tap->wt_flags = 0; 1393 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1394 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1395 1396 mb.m_data = (caddr_t)tap; 1397 mb.m_len = sc->sc_txtap_len; 1398 mb.m_next = m0; 1399 mb.m_nextpkt = NULL; 1400 mb.m_type = 0; 1401 mb.m_flags = 0; 1402 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1403 } 1404 #endif 1405 1406 paylen = m0->m_pkthdr.len; 1407 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1408 1409 wh = mtod(m0, struct ieee80211_frame *); 1410 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1411 uint8_t *frm = (uint8_t *)(desc + 1); 1412 uint32_t iv; 1413 1414 /* h/w WEP: it's up to the host to fill the IV field */ 1415 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1416 frm += sizeof (struct ieee80211_frame); 1417 1418 /* insert IV: code copied from net80211 */ 1419 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1420 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1421 iv += 0x000100; 1422 ic->ic_iv = iv + 1; 1423 1424 *frm++ = iv & 0xff; 1425 *frm++ = (iv >> 8) & 0xff; 1426 *frm++ = (iv >> 16) & 0xff; 1427 *frm++ = ic->ic_wep_txkey << 6; 1428 1429 m_copydata(m0, sizeof (struct ieee80211_frame), 1430 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1431 1432 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1433 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1434 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1435 } else { 1436 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1437 totlen = xferlen; 1438 } 1439 1440 /* fill Tx descriptor */ 1441 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1442 1443 desc->len = htobe32(totlen); 1444 desc->priv = sc->data_idx; /* don't care about endianness */ 1445 desc->paylen = htobe32(paylen); 1446 desc->type = htobe32(UATH_TX_DATA); 1447 desc->flags = htobe32(0); 1448 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1449 desc->dest = htobe32(UATH_ID_BROADCAST); 1450 desc->magic = htobe32(3); 1451 } else { 1452 desc->dest = htobe32(UATH_ID_BSS); 1453 desc->magic = htobe32(1); 1454 } 1455 1456 m_freem(m0); /* mbuf is no longer needed */ 1457 1458 #ifdef UATH_DEBUG 1459 if (uath_debug >= 6) { 1460 printf("sending frame index=%u len=%d xferlen=%d", 1461 sc->data_idx, paylen, xferlen); 1462 uath_dump_cmd(data->buf, xferlen, '+'); 1463 } 1464 #endif 1465 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1466 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1467 uath_data_txeof); 1468 error = usbd_transfer(data->xfer); 1469 if (error != USBD_IN_PROGRESS && error != 0) { 1470 ic->ic_if.if_oerrors++; 1471 return error; 1472 } 1473 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1474 sc->tx_queued++; 1475 1476 return 0; 1477 } 1478 1479 void 1480 uath_start(struct ifnet *ifp) 1481 { 1482 struct uath_softc *sc = ifp->if_softc; 1483 struct ieee80211com *ic = &sc->sc_ic; 1484 struct ieee80211_node *ni; 1485 struct mbuf *m0; 1486 1487 /* 1488 * net80211 may still try to send management frames even if the 1489 * IFF_RUNNING flag is not set... 1490 */ 1491 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1492 return; 1493 1494 for (;;) { 1495 IF_POLL(&ic->ic_mgtq, m0); 1496 if (m0 != NULL) { 1497 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1498 ifp->if_flags |= IFF_OACTIVE; 1499 break; 1500 } 1501 IF_DEQUEUE(&ic->ic_mgtq, m0); 1502 1503 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1504 m0->m_pkthdr.rcvif = NULL; 1505 #if NBPFILTER > 0 1506 if (ic->ic_rawbpf != NULL) 1507 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1508 #endif 1509 if (uath_tx_data(sc, m0, ni) != 0) 1510 break; 1511 } else { 1512 if (ic->ic_state != IEEE80211_S_RUN) 1513 break; 1514 IFQ_POLL(&ifp->if_snd, m0); 1515 if (m0 == NULL) 1516 break; 1517 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1518 ifp->if_flags |= IFF_OACTIVE; 1519 break; 1520 } 1521 IFQ_DEQUEUE(&ifp->if_snd, m0); 1522 #if NBPFILTER > 0 1523 if (ifp->if_bpf != NULL) 1524 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1525 #endif 1526 m0 = ieee80211_encap(ifp, m0, &ni); 1527 if (m0 == NULL) 1528 continue; 1529 #if NBPFILTER > 0 1530 if (ic->ic_rawbpf != NULL) 1531 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1532 #endif 1533 if (uath_tx_data(sc, m0, ni) != 0) { 1534 if (ni != NULL) 1535 ieee80211_release_node(ic, ni); 1536 ifp->if_oerrors++; 1537 break; 1538 } 1539 } 1540 1541 sc->sc_tx_timer = 5; 1542 ifp->if_timer = 1; 1543 } 1544 } 1545 1546 void 1547 uath_watchdog(struct ifnet *ifp) 1548 { 1549 struct uath_softc *sc = ifp->if_softc; 1550 1551 ifp->if_timer = 0; 1552 1553 if (sc->sc_tx_timer > 0) { 1554 if (--sc->sc_tx_timer == 0) { 1555 printf("%s: device timeout\n", sc->sc_dev.dv_xname); 1556 /*uath_init(ifp); XXX needs a process context! */ 1557 ifp->if_oerrors++; 1558 return; 1559 } 1560 ifp->if_timer = 1; 1561 } 1562 1563 ieee80211_watchdog(ifp); 1564 } 1565 1566 int 1567 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1568 { 1569 struct uath_softc *sc = ifp->if_softc; 1570 struct ieee80211com *ic = &sc->sc_ic; 1571 struct ifaddr *ifa; 1572 struct ifreq *ifr; 1573 int s, error = 0; 1574 1575 s = splnet(); 1576 1577 switch (cmd) { 1578 case SIOCSIFADDR: 1579 ifa = (struct ifaddr *)data; 1580 ifp->if_flags |= IFF_UP; 1581 #ifdef INET 1582 if (ifa->ifa_addr->sa_family == AF_INET) 1583 arp_ifinit(&ic->ic_ac, ifa); 1584 #endif 1585 /* FALLTHROUGH */ 1586 case SIOCSIFFLAGS: 1587 if (ifp->if_flags & IFF_UP) { 1588 if (!(ifp->if_flags & IFF_RUNNING)) 1589 uath_init(ifp); 1590 } else { 1591 if (ifp->if_flags & IFF_RUNNING) 1592 uath_stop(ifp, 1); 1593 } 1594 break; 1595 1596 case SIOCADDMULTI: 1597 case SIOCDELMULTI: 1598 ifr = (struct ifreq *)data; 1599 error = (cmd == SIOCADDMULTI) ? 1600 ether_addmulti(ifr, &ic->ic_ac) : 1601 ether_delmulti(ifr, &ic->ic_ac); 1602 if (error == ENETRESET) 1603 error = 0; 1604 break; 1605 1606 default: 1607 error = ieee80211_ioctl(ifp, cmd, data); 1608 } 1609 1610 if (error == ENETRESET) { 1611 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1612 (IFF_UP | IFF_RUNNING)) 1613 uath_init(ifp); 1614 error = 0; 1615 } 1616 1617 splx(s); 1618 1619 return error; 1620 } 1621 1622 int 1623 uath_query_eeprom(struct uath_softc *sc) 1624 { 1625 uint32_t tmp; 1626 int error; 1627 1628 /* retrieve MAC address */ 1629 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1630 if (error != 0) { 1631 printf("%s: could not read MAC address\n", 1632 sc->sc_dev.dv_xname); 1633 return error; 1634 } 1635 1636 /* retrieve the maximum frame size that the hardware can receive */ 1637 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1638 if (error != 0) { 1639 printf("%s: could not read maximum Rx buffer size\n", 1640 sc->sc_dev.dv_xname); 1641 return error; 1642 } 1643 sc->rxbufsz = betoh32(tmp) & 0xfff; 1644 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1645 return 0; 1646 } 1647 1648 int 1649 uath_reset(struct uath_softc *sc) 1650 { 1651 struct uath_cmd_setup setup; 1652 uint32_t reg, val; 1653 int s, error; 1654 1655 /* init device with some voodoo incantations.. */ 1656 setup.magic1 = htobe32(1); 1657 setup.magic2 = htobe32(5); 1658 setup.magic3 = htobe32(200); 1659 setup.magic4 = htobe32(27); 1660 s = splusb(); 1661 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1662 UATH_CMD_FLAG_ASYNC); 1663 /* ..and wait until firmware notifies us that it is ready */ 1664 if (error == 0) 1665 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1666 splx(s); 1667 if (error != 0) 1668 return error; 1669 1670 /* read PHY registers */ 1671 for (reg = 0x09; reg <= 0x24; reg++) { 1672 if (reg == 0x0b || reg == 0x0c) 1673 continue; 1674 DELAY(100); 1675 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1676 return error; 1677 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1678 } 1679 return error; 1680 } 1681 1682 int 1683 uath_reset_tx_queues(struct uath_softc *sc) 1684 { 1685 int ac, error; 1686 1687 for (ac = 0; ac < 4; ac++) { 1688 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1689 1690 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1691 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1692 sizeof qid, 0); 1693 if (error != 0) 1694 break; 1695 } 1696 return error; 1697 } 1698 1699 int 1700 uath_wme_init(struct uath_softc *sc) 1701 { 1702 struct uath_qinfo qinfo; 1703 int ac, error; 1704 static const struct uath_wme_settings uath_wme_11g[4] = { 1705 { 7, 4, 10, 0, 0 }, /* Background */ 1706 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1707 { 3, 3, 4, 26, 0 }, /* Video */ 1708 { 2, 2, 3, 47, 0 } /* Voice */ 1709 }; 1710 1711 bzero(&qinfo, sizeof qinfo); 1712 qinfo.size = htobe32(32); 1713 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1714 qinfo.magic2 = htobe32(1); 1715 for (ac = 0; ac < 4; ac++) { 1716 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1717 qinfo.ac = htobe32(ac); 1718 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1719 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1720 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1721 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1722 uath_wme_11g[ac].txop)); 1723 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1724 1725 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1726 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1727 sizeof qinfo, 0); 1728 if (error != 0) 1729 break; 1730 } 1731 return error; 1732 } 1733 1734 int 1735 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1736 { 1737 struct uath_set_chan chan; 1738 1739 bzero(&chan, sizeof chan); 1740 chan.flags = htobe32(0x1400); 1741 chan.freq = htobe32(c->ic_freq); 1742 chan.magic1 = htobe32(20); 1743 chan.magic2 = htobe32(50); 1744 chan.magic3 = htobe32(1); 1745 1746 DPRINTF(("switching to channel %d\n", 1747 ieee80211_chan2ieee(&sc->sc_ic, c))); 1748 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1749 } 1750 1751 int 1752 uath_set_key(struct uath_softc *sc, const struct ieee80211_key *k, int index) 1753 { 1754 struct uath_cmd_crypto crypto; 1755 int i; 1756 1757 bzero(&crypto, sizeof crypto); 1758 crypto.keyidx = htobe32(index); 1759 crypto.magic1 = htobe32(1); 1760 crypto.size = htobe32(368); 1761 crypto.mask = htobe32(0xffff); 1762 crypto.flags = htobe32(0x80000068); 1763 if (index != UATH_DEFAULT_KEY) 1764 crypto.flags |= htobe32(index << 16); 1765 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1766 1767 /* 1768 * Each byte of the key must be XOR'ed with 10101010 before being 1769 * transmitted to the firmware. 1770 */ 1771 for (i = 0; i < k->k_len; i++) 1772 crypto.key[i] = k->k_key[i] ^ 0xaa; 1773 1774 DPRINTF(("setting crypto key index=%d len=%d\n", index, k->k_len)); 1775 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1776 } 1777 1778 int 1779 uath_set_keys(struct uath_softc *sc) 1780 { 1781 const struct ieee80211com *ic = &sc->sc_ic; 1782 int i, error; 1783 1784 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1785 const struct ieee80211_key *k = &ic->ic_nw_keys[i]; 1786 1787 if (k->k_len > 0 && (error = uath_set_key(sc, k, i)) != 0) 1788 return error; 1789 } 1790 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1791 UATH_DEFAULT_KEY); 1792 } 1793 1794 int 1795 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1796 { 1797 struct uath_cmd_rates rates; 1798 1799 bzero(&rates, sizeof rates); 1800 rates.magic1 = htobe32(0x02); 1801 rates.size = htobe32(1 + sizeof rates.rates); 1802 rates.nrates = rs->rs_nrates; 1803 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1804 1805 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1806 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1807 } 1808 1809 int 1810 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1811 { 1812 struct uath_cmd_filter rxfilter; 1813 1814 rxfilter.filter = htobe32(filter); 1815 rxfilter.flags = htobe32(flags); 1816 1817 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1818 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1819 sizeof rxfilter, 0); 1820 } 1821 1822 int 1823 uath_set_led(struct uath_softc *sc, int which, int on) 1824 { 1825 struct uath_cmd_led led; 1826 1827 led.which = htobe32(which); 1828 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1829 1830 DPRINTFN(2, ("switching %s led %s\n", 1831 (which == UATH_LED_LINK) ? "link" : "activity", 1832 on ? "on" : "off")); 1833 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1834 } 1835 1836 int 1837 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1838 { 1839 uint32_t val; 1840 int error; 1841 1842 /* set radio frequency */ 1843 if ((error = uath_set_chan(sc, c)) != 0) { 1844 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1845 return error; 1846 } 1847 1848 /* reset Tx rings */ 1849 if ((error = uath_reset_tx_queues(sc)) != 0) { 1850 printf("%s: could not reset Tx queues\n", 1851 sc->sc_dev.dv_xname); 1852 return error; 1853 } 1854 1855 /* set Tx rings WME properties */ 1856 if ((error = uath_wme_init(sc)) != 0) { 1857 printf("%s: could not init Tx queues\n", 1858 sc->sc_dev.dv_xname); 1859 return error; 1860 } 1861 1862 val = htobe32(0); 1863 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1864 if (error != 0) { 1865 printf("%s: could not set state\n", sc->sc_dev.dv_xname); 1866 return error; 1867 } 1868 1869 return uath_tx_null(sc); 1870 } 1871 1872 int 1873 uath_init(struct ifnet *ifp) 1874 { 1875 struct uath_softc *sc = ifp->if_softc; 1876 struct ieee80211com *ic = &sc->sc_ic; 1877 struct uath_cmd_31 cmd31; 1878 uint32_t val; 1879 int i, error; 1880 1881 /* reset data and command rings */ 1882 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1883 1884 val = htobe32(0); 1885 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1886 1887 /* set MAC address */ 1888 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1889 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1890 1891 (void)uath_write_reg(sc, 0x02, 0x00000001); 1892 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1893 (void)uath_write_reg(sc, 0x10, 0x00000001); 1894 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1895 1896 /* 1897 * Queue Rx data xfers. 1898 */ 1899 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1900 struct uath_rx_data *data = &sc->rx_data[i]; 1901 1902 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1903 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1904 uath_data_rxeof); 1905 error = usbd_transfer(data->xfer); 1906 if (error != USBD_IN_PROGRESS && error != 0) { 1907 printf("%s: could not queue Rx transfer\n", 1908 sc->sc_dev.dv_xname); 1909 goto fail; 1910 } 1911 } 1912 1913 error = uath_cmd_read(sc, UATH_CMD_07, 0, NULL, &val, 1914 UATH_CMD_FLAG_MAGIC); 1915 if (error != 0) { 1916 printf("%s: could not send read command 07h\n", 1917 sc->sc_dev.dv_xname); 1918 goto fail; 1919 } 1920 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1921 1922 /* set default channel */ 1923 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1924 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1925 printf("%s: could not set channel\n", sc->sc_dev.dv_xname); 1926 goto fail; 1927 } 1928 1929 if ((error = uath_wme_init(sc)) != 0) { 1930 printf("%s: could not setup WME parameters\n", 1931 sc->sc_dev.dv_xname); 1932 goto fail; 1933 } 1934 1935 /* init MAC registers */ 1936 (void)uath_write_reg(sc, 0x19, 0x00000000); 1937 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1938 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1939 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1940 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1941 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1942 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1943 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1944 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1945 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1946 1947 val = htobe32(4); 1948 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1949 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1950 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1951 1952 if ((error = uath_set_keys(sc)) != 0) { 1953 printf("%s: could not set crypto keys\n", 1954 sc->sc_dev.dv_xname); 1955 goto fail; 1956 } 1957 1958 /* enable Rx */ 1959 (void)uath_set_rxfilter(sc, 0x0000, 4); 1960 (void)uath_set_rxfilter(sc, 0x0817, 1); 1961 1962 cmd31.magic1 = htobe32(0xffffffff); 1963 cmd31.magic2 = htobe32(0xffffffff); 1964 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1965 1966 ifp->if_flags &= ~IFF_OACTIVE; 1967 ifp->if_flags |= IFF_RUNNING; 1968 1969 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1970 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1971 else 1972 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1973 1974 return 0; 1975 1976 fail: uath_stop(ifp, 1); 1977 return error; 1978 } 1979 1980 void 1981 uath_stop(struct ifnet *ifp, int disable) 1982 { 1983 struct uath_softc *sc = ifp->if_softc; 1984 struct ieee80211com *ic = &sc->sc_ic; 1985 uint32_t val; 1986 int s; 1987 1988 s = splusb(); 1989 1990 sc->sc_tx_timer = 0; 1991 ifp->if_timer = 0; 1992 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1993 1994 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1995 1996 val = htobe32(0); 1997 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1998 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1999 2000 val = htobe32(0); 2001 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 2002 2003 #if 0 2004 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 2005 UATH_CMD_FLAG_MAGIC); 2006 #endif 2007 2008 /* abort any pending transfers */ 2009 usbd_abort_pipe(sc->data_tx_pipe); 2010 usbd_abort_pipe(sc->data_rx_pipe); 2011 usbd_abort_pipe(sc->cmd_tx_pipe); 2012 2013 splx(s); 2014 } 2015 2016 /* 2017 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 2018 * the device will detach itself from the bus and reattach later with a new 2019 * product Id (a la ezusb). XXX this could also be implemented in userland 2020 * through /dev/ugen. 2021 */ 2022 int 2023 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2024 { 2025 usbd_xfer_handle ctlxfer, txxfer, rxxfer; 2026 struct uath_fwblock *txblock, *rxblock; 2027 uint8_t *txdata; 2028 int error = 0; 2029 2030 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2031 printf("%s: could not allocate Tx control xfer\n", 2032 sc->sc_dev.dv_xname); 2033 error = USBD_NOMEM; 2034 goto fail1; 2035 } 2036 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2037 if (txblock == NULL) { 2038 printf("%s: could not allocate Tx control block\n", 2039 sc->sc_dev.dv_xname); 2040 error = USBD_NOMEM; 2041 goto fail2; 2042 } 2043 2044 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2045 printf("%s: could not allocate Tx xfer\n", 2046 sc->sc_dev.dv_xname); 2047 error = USBD_NOMEM; 2048 goto fail2; 2049 } 2050 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2051 if (txdata == NULL) { 2052 printf("%s: could not allocate Tx buffer\n", 2053 sc->sc_dev.dv_xname); 2054 error = USBD_NOMEM; 2055 goto fail3; 2056 } 2057 2058 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2059 printf("%s: could not allocate Rx control xfer\n", 2060 sc->sc_dev.dv_xname); 2061 error = USBD_NOMEM; 2062 goto fail3; 2063 } 2064 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2065 if (rxblock == NULL) { 2066 printf("%s: could not allocate Rx control block\n", 2067 sc->sc_dev.dv_xname); 2068 error = USBD_NOMEM; 2069 goto fail4; 2070 } 2071 2072 bzero(txblock, sizeof (struct uath_fwblock)); 2073 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2074 txblock->total = htobe32(len); 2075 2076 while (len > 0) { 2077 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2078 2079 txblock->remain = htobe32(len - mlen); 2080 txblock->len = htobe32(mlen); 2081 2082 DPRINTF(("sending firmware block: %d bytes remaining\n", 2083 len - mlen)); 2084 2085 /* send firmware block meta-data */ 2086 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2087 sizeof (struct uath_fwblock), USBD_NO_COPY, 2088 UATH_CMD_TIMEOUT, NULL); 2089 if ((error = usbd_sync_transfer(ctlxfer)) != 0) { 2090 printf("%s: could not send firmware block info\n", 2091 sc->sc_dev.dv_xname); 2092 break; 2093 } 2094 2095 /* send firmware block data */ 2096 bcopy(fw, txdata, mlen); 2097 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2098 USBD_NO_COPY, UATH_DATA_TIMEOUT, NULL); 2099 if ((error = usbd_sync_transfer(txxfer)) != 0) { 2100 printf("%s: could not send firmware block data\n", 2101 sc->sc_dev.dv_xname); 2102 break; 2103 } 2104 2105 /* wait for ack from firmware */ 2106 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2107 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2108 USBD_NO_COPY, UATH_CMD_TIMEOUT, NULL); 2109 if ((error = usbd_sync_transfer(rxxfer)) != 0) { 2110 printf("%s: could not read firmware answer\n", 2111 sc->sc_dev.dv_xname); 2112 break; 2113 } 2114 2115 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2116 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2117 fw += mlen; 2118 len -= mlen; 2119 } 2120 2121 fail4: usbd_free_xfer(rxxfer); 2122 fail3: usbd_free_xfer(txxfer); 2123 fail2: usbd_free_xfer(ctlxfer); 2124 fail1: return error; 2125 } 2126 2127 int 2128 uath_activate(struct device *self, int act) 2129 { 2130 switch (act) { 2131 case DVACT_ACTIVATE: 2132 break; 2133 2134 case DVACT_DEACTIVATE: 2135 break; 2136 } 2137 return 0; 2138 } 2139