1 /* $OpenBSD: if_uath.c,v 1.21 2007/06/09 08:52:10 damien Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * http://www.atheros.com/pt/bulletins/AR5005UGBulletin.pdf 23 * http://www.atheros.com/pt/bulletins/AR5005UXBulletin.pdf 24 * 25 * IMPORTANT NOTICE: 26 * This driver was written without any documentation or support from Atheros 27 * Communications. It is based on a black-box analysis of the Windows binary 28 * driver. It handles both pre and post-firmware devices. 29 */ 30 31 #include "bpfilter.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/timeout.h> 42 #include <sys/conf.h> 43 #include <sys/device.h> 44 45 #include <machine/bus.h> 46 #include <machine/endian.h> 47 #include <machine/intr.h> 48 49 #if NBPFILTER > 0 50 #include <net/bpf.h> 51 #endif 52 #include <net/if.h> 53 #include <net/if_arp.h> 54 #include <net/if_dl.h> 55 #include <net/if_media.h> 56 #include <net/if_types.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #include <netinet/ip.h> 63 64 #include <net80211/ieee80211_var.h> 65 #include <net80211/ieee80211_radiotap.h> 66 67 #include <dev/rndvar.h> 68 #include <crypto/arc4.h> 69 70 #include <dev/usb/usb.h> 71 #include <dev/usb/usbdi.h> 72 #include <dev/usb/usbdivar.h> /* needs_reattach() */ 73 #include <dev/usb/usbdi_util.h> 74 #include <dev/usb/usbdevs.h> 75 76 #include <dev/usb/if_uathreg.h> 77 #include <dev/usb/if_uathvar.h> 78 79 #ifdef USB_DEBUG 80 #define UATH_DEBUG 81 #endif 82 83 #ifdef UATH_DEBUG 84 #define DPRINTF(x) do { if (uath_debug) printf x; } while (0) 85 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) printf x; } while (0) 86 int uath_debug = 1; 87 #else 88 #define DPRINTF(x) 89 #define DPRINTFN(n, x) 90 #endif 91 92 /*- 93 * Various supported device vendors/products. 94 * UB51: AR5005UG 802.11b/g, UB52: AR5005UX 802.11a/b/g 95 */ 96 #define UATH_DEV(v, p, f) \ 97 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p }, (f) }, \ 98 { { USB_VENDOR_##v, USB_PRODUCT_##v##_##p##_NF }, \ 99 (f) | UATH_FLAG_PRE_FIRMWARE } 100 #define UATH_DEV_UG(v, p) UATH_DEV(v, p, 0) 101 #define UATH_DEV_UX(v, p) UATH_DEV(v, p, UATH_FLAG_ABG) 102 static const struct uath_type { 103 struct usb_devno dev; 104 unsigned int flags; 105 #define UATH_FLAG_PRE_FIRMWARE (1 << 0) 106 #define UATH_FLAG_ABG (1 << 1) 107 } uath_devs[] = { 108 UATH_DEV_UG(ATHEROS, AR5523), 109 UATH_DEV_UG(ATHEROS2, AR5523_1), 110 UATH_DEV_UG(ATHEROS2, AR5523_2), 111 UATH_DEV_UX(ATHEROS2, AR5523_3), 112 UATH_DEV_UG(CONCEPTRONIC, AR5523_1), 113 UATH_DEV_UX(CONCEPTRONIC, AR5523_2), 114 UATH_DEV_UX(DLINK, DWLAG122), 115 UATH_DEV_UX(DLINK, DWLAG132), 116 UATH_DEV_UG(DLINK, DWLG132), 117 UATH_DEV_UG(GIGASET, AR5523), 118 UATH_DEV_UG(GIGASET, SMCWUSBTG), 119 UATH_DEV_UG(GLOBALSUN, AR5523_1), 120 UATH_DEV_UX(GLOBALSUN, AR5523_2), 121 UATH_DEV_UX(NETGEAR, WG111U), 122 UATH_DEV_UG(NETGEAR3, WG111T), 123 UATH_DEV_UG(NETGEAR3, WPN111), 124 UATH_DEV_UG(UMEDIA, AR5523_1), 125 UATH_DEV_UX(UMEDIA, AR5523_2), 126 UATH_DEV_UG(UMEDIA, TEW444UBEU), 127 UATH_DEV_UG(WISTRONNEWEB, AR5523_1), 128 UATH_DEV_UX(WISTRONNEWEB, AR5523_2), 129 UATH_DEV_UG(ZCOM, AR5523) 130 }; 131 #define uath_lookup(v, p) \ 132 ((const struct uath_type *)usb_lookup(uath_devs, v, p)) 133 134 void uath_attachhook(void *); 135 int uath_open_pipes(struct uath_softc *); 136 void uath_close_pipes(struct uath_softc *); 137 int uath_alloc_tx_data_list(struct uath_softc *); 138 void uath_free_tx_data_list(struct uath_softc *); 139 int uath_alloc_rx_data_list(struct uath_softc *); 140 void uath_free_rx_data_list(struct uath_softc *); 141 void uath_free_rx_data(caddr_t, u_int, void *); 142 int uath_alloc_tx_cmd_list(struct uath_softc *); 143 void uath_free_tx_cmd_list(struct uath_softc *); 144 int uath_alloc_rx_cmd_list(struct uath_softc *); 145 void uath_free_rx_cmd_list(struct uath_softc *); 146 int uath_media_change(struct ifnet *); 147 void uath_stat(void *); 148 void uath_next_scan(void *); 149 void uath_task(void *); 150 int uath_newstate(struct ieee80211com *, enum ieee80211_state, int); 151 #ifdef UATH_DEBUG 152 void uath_dump_cmd(const uint8_t *, int, char); 153 #endif 154 int uath_cmd(struct uath_softc *, uint32_t, const void *, int, void *, 155 int); 156 int uath_cmd_write(struct uath_softc *, uint32_t, const void *, int, int); 157 int uath_cmd_read(struct uath_softc *, uint32_t, const void *, int, void *, 158 int); 159 int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 160 int uath_write_multi(struct uath_softc *, uint32_t, const void *, int); 161 int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 162 int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 163 void uath_cmd_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 164 void uath_data_rxeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 165 void uath_data_txeof(usbd_xfer_handle, usbd_private_handle, usbd_status); 166 int uath_tx_null(struct uath_softc *); 167 int uath_tx_data(struct uath_softc *, struct mbuf *, 168 struct ieee80211_node *); 169 void uath_start(struct ifnet *); 170 void uath_watchdog(struct ifnet *); 171 int uath_ioctl(struct ifnet *, u_long, caddr_t); 172 int uath_query_eeprom(struct uath_softc *); 173 int uath_reset(struct uath_softc *); 174 int uath_reset_tx_queues(struct uath_softc *); 175 int uath_wme_init(struct uath_softc *); 176 int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 177 int uath_set_key(struct uath_softc *, const struct ieee80211_wepkey *, 178 int); 179 int uath_set_keys(struct uath_softc *); 180 int uath_set_rates(struct uath_softc *, const struct ieee80211_rateset *); 181 int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 182 int uath_set_led(struct uath_softc *, int, int); 183 int uath_switch_channel(struct uath_softc *, struct ieee80211_channel *); 184 int uath_init(struct ifnet *); 185 void uath_stop(struct ifnet *, int); 186 int uath_loadfirmware(struct uath_softc *, const u_char *, int); 187 int uath_activate(device_ptr_t, enum devact); 188 189 USB_DECLARE_DRIVER(uath); 190 191 int 192 uath_match(struct device *parent, void *match, void *aux) 193 { 194 struct usb_attach_arg *uaa = aux; 195 196 if (uaa->iface != NULL) 197 return UMATCH_NONE; 198 199 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 200 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 201 } 202 203 void 204 uath_attachhook(void *xsc) 205 { 206 struct uath_softc *sc = xsc; 207 u_char *fw; 208 size_t size; 209 int error; 210 211 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 212 printf("%s: could not read firmware (error=%d)\n", 213 USBDEVNAME(sc->sc_dev), error); 214 return; 215 } 216 217 error = uath_loadfirmware(sc, fw, size); 218 free(fw, M_DEVBUF); 219 220 if (error == 0) { 221 usb_port_status_t status; 222 223 /* 224 * Hack alert: the device doesn't always gracefully detach 225 * from the bus after a firmware upload. We need to force 226 * a port reset and a re-exploration on the parent hub. 227 */ 228 usbd_reset_port(sc->sc_uhub, sc->sc_port, &status); 229 usb_needs_reattach(sc->sc_udev); 230 } else { 231 printf("%s: could not load firmware (error=%s)\n", 232 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 233 } 234 } 235 236 void 237 uath_attach(struct device *parent, struct device *self, void *aux) 238 { 239 struct uath_softc *sc = (struct uath_softc *)self; 240 struct usb_attach_arg *uaa = aux; 241 struct ieee80211com *ic = &sc->sc_ic; 242 struct ifnet *ifp = &ic->ic_if; 243 usbd_status error; 244 char *devinfop; 245 int i; 246 247 sc->sc_udev = uaa->device; 248 sc->sc_uhub = uaa->device->myhub; 249 sc->sc_port = uaa->port; 250 251 devinfop = usbd_devinfo_alloc(uaa->device, 0); 252 printf("\n%s: %s\n", USBDEVNAME(sc->sc_dev), devinfop); 253 usbd_devinfo_free(devinfop); 254 255 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 256 257 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 258 printf("%s: could not set configuration no\n", 259 USBDEVNAME(sc->sc_dev)); 260 return; 261 } 262 263 /* get the first interface handle */ 264 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 265 &sc->sc_iface); 266 if (error != 0) { 267 printf("%s: could not get interface handle\n", 268 USBDEVNAME(sc->sc_dev)); 269 return; 270 } 271 272 /* 273 * We must open the pipes early because they're used to upload the 274 * firmware (pre-firmware devices) or to send firmware commands. 275 */ 276 if (uath_open_pipes(sc) != 0) { 277 printf("%s: could not open pipes\n", USBDEVNAME(sc->sc_dev)); 278 return; 279 } 280 281 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 282 if (rootvp == NULL) 283 mountroothook_establish(uath_attachhook, sc); 284 else 285 uath_attachhook(sc); 286 return; 287 } 288 289 /* 290 * Only post-firmware devices here. 291 */ 292 usb_init_task(&sc->sc_task, uath_task, sc); 293 timeout_set(&sc->scan_to, uath_next_scan, sc); 294 timeout_set(&sc->stat_to, uath_stat, sc); 295 296 /* 297 * Allocate xfers for firmware commands. 298 */ 299 if (uath_alloc_tx_cmd_list(sc) != 0) { 300 printf("%s: could not allocate Tx command list\n", 301 USBDEVNAME(sc->sc_dev)); 302 goto fail1; 303 } 304 if (uath_alloc_rx_cmd_list(sc) != 0) { 305 printf("%s: could not allocate Rx command list\n", 306 USBDEVNAME(sc->sc_dev)); 307 goto fail2; 308 } 309 310 /* 311 * Queue Rx command xfers. 312 */ 313 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 314 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 315 316 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 317 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 318 USBD_NO_TIMEOUT, uath_cmd_rxeof); 319 error = usbd_transfer(cmd->xfer); 320 if (error != USBD_IN_PROGRESS && error != 0) { 321 printf("%s: could not queue Rx command xfer\n", 322 USBDEVNAME(sc->sc_dev)); 323 goto fail3; 324 } 325 } 326 327 /* 328 * We're now ready to send/receive firmware commands. 329 */ 330 if (uath_reset(sc) != 0) { 331 printf("%s: could not initialize adapter\n", 332 USBDEVNAME(sc->sc_dev)); 333 goto fail3; 334 } 335 if (uath_query_eeprom(sc) != 0) { 336 printf("%s: could not read EEPROM\n", USBDEVNAME(sc->sc_dev)); 337 goto fail3; 338 } 339 340 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 341 USBDEVNAME(sc->sc_dev), (sc->sc_flags & UATH_FLAG_ABG) ? '5': '2', 342 ether_sprintf(ic->ic_myaddr)); 343 344 /* 345 * Allocate xfers for Tx/Rx data pipes. 346 */ 347 if (uath_alloc_tx_data_list(sc) != 0) { 348 printf("%s: could not allocate Tx data list\n", 349 USBDEVNAME(sc->sc_dev)); 350 goto fail3; 351 } 352 if (uath_alloc_rx_data_list(sc) != 0) { 353 printf("%s: could not allocate Rx data list\n", 354 USBDEVNAME(sc->sc_dev)); 355 goto fail4; 356 } 357 358 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 359 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 360 ic->ic_state = IEEE80211_S_INIT; 361 362 /* set device capabilities */ 363 ic->ic_caps = 364 IEEE80211_C_TXPMGT | /* tx power management */ 365 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 366 IEEE80211_C_SHSLOT | /* short slot time supported */ 367 IEEE80211_C_WEP; /* h/w WEP */ 368 369 /* set supported .11b and .11g rates */ 370 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 371 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 372 373 /* set supported .11b and .11g channels (1 through 14) */ 374 for (i = 1; i <= 14; i++) { 375 ic->ic_channels[i].ic_freq = 376 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 377 ic->ic_channels[i].ic_flags = 378 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 379 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 380 } 381 382 ifp->if_softc = sc; 383 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 384 ifp->if_init = uath_init; 385 ifp->if_ioctl = uath_ioctl; 386 ifp->if_start = uath_start; 387 ifp->if_watchdog = uath_watchdog; 388 IFQ_SET_READY(&ifp->if_snd); 389 memcpy(ifp->if_xname, USBDEVNAME(sc->sc_dev), IFNAMSIZ); 390 391 if_attach(ifp); 392 ieee80211_ifattach(ifp); 393 394 /* override state transition machine */ 395 sc->sc_newstate = ic->ic_newstate; 396 ic->ic_newstate = uath_newstate; 397 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 398 399 #if NBPFILTER > 0 400 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 401 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 402 403 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 404 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 405 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 406 407 sc->sc_txtap_len = sizeof sc->sc_txtapu; 408 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 409 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 410 #endif 411 412 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, 413 USBDEV(sc->sc_dev)); 414 415 return; 416 417 fail4: uath_free_tx_data_list(sc); 418 fail3: uath_free_rx_cmd_list(sc); 419 fail2: uath_free_tx_cmd_list(sc); 420 fail1: uath_close_pipes(sc); 421 } 422 423 int 424 uath_detach(struct device *self, int flags) 425 { 426 struct uath_softc *sc = (struct uath_softc *)self; 427 struct ifnet *ifp = &sc->sc_ic.ic_if; 428 int s; 429 430 s = splnet(); 431 432 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 433 uath_close_pipes(sc); 434 splx(s); 435 return 0; 436 } 437 438 /* post-firmware device */ 439 440 usb_rem_task(sc->sc_udev, &sc->sc_task); 441 timeout_del(&sc->scan_to); 442 timeout_del(&sc->stat_to); 443 444 ieee80211_ifdetach(ifp); /* free all nodes */ 445 if_detach(ifp); 446 447 sc->sc_dying = 1; 448 DPRINTF(("reclaiming %d references\n", sc->sc_refcnt)); 449 while (sc->sc_refcnt > 0) 450 (void)tsleep(UATH_COND_NOREF(sc), 0, "uathdet", 0); 451 DPRINTF(("all references reclaimed\n")); 452 453 /* abort and free xfers */ 454 uath_free_tx_data_list(sc); 455 uath_free_rx_data_list(sc); 456 uath_free_tx_cmd_list(sc); 457 uath_free_rx_cmd_list(sc); 458 459 /* close Tx/Rx pipes */ 460 uath_close_pipes(sc); 461 462 splx(s); 463 464 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, 465 USBDEV(sc->sc_dev)); 466 467 return 0; 468 } 469 470 int 471 uath_open_pipes(struct uath_softc *sc) 472 { 473 int error; 474 475 /* 476 * XXX pipes numbers are hardcoded because we don't have any way 477 * to distinguish the data pipes from the firmware command pipes 478 * (both are bulk pipes) using the endpoints descriptors. 479 */ 480 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 481 &sc->cmd_tx_pipe); 482 if (error != 0) { 483 printf("%s: could not open Tx command pipe: %s\n", 484 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 485 goto fail; 486 } 487 488 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 489 &sc->data_tx_pipe); 490 if (error != 0) { 491 printf("%s: could not open Tx data pipe: %s\n", 492 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 493 goto fail; 494 } 495 496 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 497 &sc->cmd_rx_pipe); 498 if (error != 0) { 499 printf("%s: could not open Rx command pipe: %s\n", 500 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 501 goto fail; 502 } 503 504 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 505 &sc->data_rx_pipe); 506 if (error != 0) { 507 printf("%s: could not open Rx data pipe: %s\n", 508 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 509 goto fail; 510 } 511 512 return 0; 513 514 fail: uath_close_pipes(sc); 515 return error; 516 } 517 518 void 519 uath_close_pipes(struct uath_softc *sc) 520 { 521 /* assumes no transfers are pending on the pipes */ 522 523 if (sc->data_tx_pipe != NULL) 524 usbd_close_pipe(sc->data_tx_pipe); 525 526 if (sc->data_rx_pipe != NULL) 527 usbd_close_pipe(sc->data_rx_pipe); 528 529 if (sc->cmd_tx_pipe != NULL) 530 usbd_close_pipe(sc->cmd_tx_pipe); 531 532 if (sc->cmd_rx_pipe != NULL) 533 usbd_close_pipe(sc->cmd_rx_pipe); 534 } 535 536 int 537 uath_alloc_tx_data_list(struct uath_softc *sc) 538 { 539 int i, error; 540 541 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 542 struct uath_tx_data *data = &sc->tx_data[i]; 543 544 data->sc = sc; /* backpointer for callbacks */ 545 546 data->xfer = usbd_alloc_xfer(sc->sc_udev); 547 if (data->xfer == NULL) { 548 printf("%s: could not allocate xfer\n", 549 USBDEVNAME(sc->sc_dev)); 550 error = ENOMEM; 551 goto fail; 552 } 553 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 554 if (data->buf == NULL) { 555 printf("%s: could not allocate xfer buffer\n", 556 USBDEVNAME(sc->sc_dev)); 557 error = ENOMEM; 558 goto fail; 559 } 560 } 561 return 0; 562 563 fail: uath_free_tx_data_list(sc); 564 return error; 565 } 566 567 void 568 uath_free_tx_data_list(struct uath_softc *sc) 569 { 570 int i; 571 572 /* make sure no transfers are pending */ 573 usbd_abort_pipe(sc->data_tx_pipe); 574 575 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 576 if (sc->tx_data[i].xfer != NULL) 577 usbd_free_xfer(sc->tx_data[i].xfer); 578 } 579 580 int 581 uath_alloc_rx_data_list(struct uath_softc *sc) 582 { 583 int i, error; 584 585 SLIST_INIT(&sc->rx_freelist); 586 for (i = 0; i < UATH_RX_DATA_POOL_COUNT; i++) { 587 struct uath_rx_data *data = &sc->rx_data[i]; 588 589 data->sc = sc; /* backpointer for callbacks */ 590 591 data->xfer = usbd_alloc_xfer(sc->sc_udev); 592 if (data->xfer == NULL) { 593 printf("%s: could not allocate xfer\n", 594 USBDEVNAME(sc->sc_dev)); 595 error = ENOMEM; 596 goto fail; 597 } 598 data->buf = usbd_alloc_buffer(data->xfer, sc->rxbufsz); 599 if (data->buf == NULL) { 600 printf("%s: could not allocate xfer buffer\n", 601 USBDEVNAME(sc->sc_dev)); 602 error = ENOMEM; 603 goto fail; 604 } 605 SLIST_INSERT_HEAD(&sc->rx_freelist, data, next); 606 } 607 return 0; 608 609 fail: uath_free_rx_data_list(sc); 610 return error; 611 } 612 613 void 614 uath_free_rx_data_list(struct uath_softc *sc) 615 { 616 int i; 617 618 /* make sure no transfers are pending */ 619 usbd_abort_pipe(sc->data_rx_pipe); 620 621 for (i = 0; i < UATH_RX_DATA_POOL_COUNT; i++) 622 if (sc->rx_data[i].xfer != NULL) 623 usbd_free_xfer(sc->rx_data[i].xfer); 624 } 625 626 void 627 uath_free_rx_data(caddr_t buf, u_int size, void *arg) 628 { 629 struct uath_rx_data *data = arg; 630 struct uath_softc *sc = data->sc; 631 632 /* put the buffer back in the free list */ 633 SLIST_INSERT_HEAD(&sc->rx_freelist, data, next); 634 635 /* release reference to softc */ 636 if (--sc->sc_refcnt == 0 && sc->sc_dying) 637 wakeup(UATH_COND_NOREF(sc)); 638 } 639 640 int 641 uath_alloc_tx_cmd_list(struct uath_softc *sc) 642 { 643 int i, error; 644 645 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 646 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 647 648 cmd->sc = sc; /* backpointer for callbacks */ 649 650 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 651 if (cmd->xfer == NULL) { 652 printf("%s: could not allocate xfer\n", 653 USBDEVNAME(sc->sc_dev)); 654 error = ENOMEM; 655 goto fail; 656 } 657 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 658 if (cmd->buf == NULL) { 659 printf("%s: could not allocate xfer buffer\n", 660 USBDEVNAME(sc->sc_dev)); 661 error = ENOMEM; 662 goto fail; 663 } 664 } 665 return 0; 666 667 fail: uath_free_tx_cmd_list(sc); 668 return error; 669 } 670 671 void 672 uath_free_tx_cmd_list(struct uath_softc *sc) 673 { 674 int i; 675 676 /* make sure no transfers are pending */ 677 usbd_abort_pipe(sc->cmd_tx_pipe); 678 679 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 680 if (sc->tx_cmd[i].xfer != NULL) 681 usbd_free_xfer(sc->tx_cmd[i].xfer); 682 } 683 684 int 685 uath_alloc_rx_cmd_list(struct uath_softc *sc) 686 { 687 int i, error; 688 689 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 690 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 691 692 cmd->sc = sc; /* backpointer for callbacks */ 693 694 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 695 if (cmd->xfer == NULL) { 696 printf("%s: could not allocate xfer\n", 697 USBDEVNAME(sc->sc_dev)); 698 error = ENOMEM; 699 goto fail; 700 } 701 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 702 if (cmd->buf == NULL) { 703 printf("%s: could not allocate xfer buffer\n", 704 USBDEVNAME(sc->sc_dev)); 705 error = ENOMEM; 706 goto fail; 707 } 708 } 709 return 0; 710 711 fail: uath_free_rx_cmd_list(sc); 712 return error; 713 } 714 715 void 716 uath_free_rx_cmd_list(struct uath_softc *sc) 717 { 718 int i; 719 720 /* make sure no transfers are pending */ 721 usbd_abort_pipe(sc->cmd_rx_pipe); 722 723 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 724 if (sc->rx_cmd[i].xfer != NULL) 725 usbd_free_xfer(sc->rx_cmd[i].xfer); 726 } 727 728 int 729 uath_media_change(struct ifnet *ifp) 730 { 731 int error; 732 733 error = ieee80211_media_change(ifp); 734 if (error != ENETRESET) 735 return error; 736 737 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 738 uath_init(ifp); 739 740 return 0; 741 } 742 743 /* 744 * This function is called periodically (every second) when associated to 745 * query device statistics. 746 */ 747 void 748 uath_stat(void *arg) 749 { 750 struct uath_softc *sc = arg; 751 int error; 752 753 /* 754 * Send request for statistics asynchronously. The timer will be 755 * restarted when we'll get the stats notification. 756 */ 757 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 758 UATH_CMD_FLAG_ASYNC); 759 if (error != 0) { 760 printf("%s: could not query statistics (error=%d)\n", 761 USBDEVNAME(sc->sc_dev), error); 762 } 763 } 764 765 /* 766 * This function is called periodically (every 250ms) during scanning to 767 * switch from one channel to another. 768 */ 769 void 770 uath_next_scan(void *arg) 771 { 772 struct uath_softc *sc = arg; 773 struct ieee80211com *ic = &sc->sc_ic; 774 struct ifnet *ifp = &ic->ic_if; 775 776 if (ic->ic_state == IEEE80211_S_SCAN) 777 ieee80211_next_scan(ifp); 778 } 779 780 void 781 uath_task(void *arg) 782 { 783 struct uath_softc *sc = arg; 784 struct ieee80211com *ic = &sc->sc_ic; 785 enum ieee80211_state ostate; 786 787 ostate = ic->ic_state; 788 789 switch (sc->sc_state) { 790 case IEEE80211_S_INIT: 791 if (ostate == IEEE80211_S_RUN) { 792 /* turn link and activity LEDs off */ 793 (void)uath_set_led(sc, UATH_LED_LINK, 0); 794 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 795 } 796 break; 797 798 case IEEE80211_S_SCAN: 799 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 800 printf("%s: could not switch channel\n", 801 USBDEVNAME(sc->sc_dev)); 802 break; 803 } 804 timeout_add(&sc->scan_to, hz / 4); 805 break; 806 807 case IEEE80211_S_AUTH: 808 { 809 struct ieee80211_node *ni = ic->ic_bss; 810 struct uath_cmd_bssid bssid; 811 struct uath_cmd_0b cmd0b; 812 struct uath_cmd_0c cmd0c; 813 814 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 815 printf("%s: could not switch channel\n", 816 USBDEVNAME(sc->sc_dev)); 817 break; 818 } 819 820 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 821 822 bzero(&bssid, sizeof bssid); 823 bssid.len = htobe32(IEEE80211_ADDR_LEN); 824 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 825 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 826 sizeof bssid, 0); 827 828 bzero(&cmd0b, sizeof cmd0b); 829 cmd0b.code = htobe32(2); 830 cmd0b.size = htobe32(sizeof (cmd0b.data)); 831 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 832 833 bzero(&cmd0c, sizeof cmd0c); 834 cmd0c.magic1 = htobe32(2); 835 cmd0c.magic2 = htobe32(7); 836 cmd0c.magic3 = htobe32(1); 837 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 838 839 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 840 printf("%s: could not set negotiated rate set\n", 841 USBDEVNAME(sc->sc_dev)); 842 break; 843 } 844 break; 845 } 846 847 case IEEE80211_S_ASSOC: 848 break; 849 850 case IEEE80211_S_RUN: 851 { 852 struct ieee80211_node *ni = ic->ic_bss; 853 struct uath_cmd_bssid bssid; 854 struct uath_cmd_xled xled; 855 uint32_t val; 856 857 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 858 /* make both LEDs blink while monitoring */ 859 bzero(&xled, sizeof xled); 860 xled.which = htobe32(0); 861 xled.rate = htobe32(1); 862 xled.mode = htobe32(2); 863 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 864 sizeof xled, 0); 865 break; 866 } 867 868 /* 869 * Tx rate is controlled by firmware, report the maximum 870 * negotiated rate in ifconfig output. 871 */ 872 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 873 874 val = htobe32(1); 875 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 876 877 bzero(&bssid, sizeof bssid); 878 bssid.flags1 = htobe32(0xc004); 879 bssid.flags2 = htobe32(0x003b); 880 bssid.len = htobe32(IEEE80211_ADDR_LEN); 881 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 882 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 883 sizeof bssid, 0); 884 885 /* turn link LED on */ 886 (void)uath_set_led(sc, UATH_LED_LINK, 1); 887 888 /* make activity LED blink */ 889 bzero(&xled, sizeof xled); 890 xled.which = htobe32(1); 891 xled.rate = htobe32(1); 892 xled.mode = htobe32(2); 893 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 894 0); 895 896 /* set state to associated */ 897 val = htobe32(1); 898 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 899 0); 900 901 /* start statistics timer */ 902 timeout_add(&sc->stat_to, hz); 903 break; 904 } 905 } 906 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 907 } 908 909 int 910 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 911 { 912 struct uath_softc *sc = ic->ic_softc; 913 914 usb_rem_task(sc->sc_udev, &sc->sc_task); 915 timeout_del(&sc->scan_to); 916 timeout_del(&sc->stat_to); 917 918 /* do it in a process context */ 919 sc->sc_state = nstate; 920 sc->sc_arg = arg; 921 usb_add_task(sc->sc_udev, &sc->sc_task); 922 return 0; 923 } 924 925 #ifdef UATH_DEBUG 926 void 927 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 928 { 929 int i; 930 931 for (i = 0; i < len; i++) { 932 if ((i % 16) == 0) 933 printf("\n%c ", prefix); 934 else if ((i % 4) == 0) 935 printf(" "); 936 printf("%02x", buf[i]); 937 } 938 printf("\n"); 939 } 940 #endif 941 942 /* 943 * Low-level function to send read or write commands to the firmware. 944 */ 945 int 946 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 947 void *odata, int flags) 948 { 949 struct uath_cmd_hdr *hdr; 950 struct uath_tx_cmd *cmd; 951 uint16_t xferflags; 952 int s, xferlen, error; 953 954 /* grab a xfer */ 955 cmd = &sc->tx_cmd[sc->cmd_idx]; 956 957 /* always bulk-out a multiple of 4 bytes */ 958 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 959 960 hdr = (struct uath_cmd_hdr *)cmd->buf; 961 bzero(hdr, sizeof (struct uath_cmd_hdr)); 962 hdr->len = htobe32(xferlen); 963 hdr->code = htobe32(code); 964 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 965 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 966 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 967 968 #ifdef UATH_DEBUG 969 if (uath_debug >= 5) { 970 printf("sending command code=0x%02x flags=0x%x index=%u", 971 code, flags, sc->cmd_idx); 972 uath_dump_cmd(cmd->buf, xferlen, '+'); 973 } 974 #endif 975 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 976 if (!(flags & UATH_CMD_FLAG_READ)) { 977 if (!(flags & UATH_CMD_FLAG_ASYNC)) 978 xferflags |= USBD_SYNCHRONOUS; 979 } else 980 s = splusb(); 981 982 cmd->odata = odata; 983 984 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 985 xferflags, UATH_CMD_TIMEOUT, NULL); 986 error = usbd_transfer(cmd->xfer); 987 if (error != USBD_IN_PROGRESS && error != 0) { 988 if (flags & UATH_CMD_FLAG_READ) 989 splx(s); 990 printf("%s: could not send command 0x%x (error=%s)\n", 991 USBDEVNAME(sc->sc_dev), code, usbd_errstr(error)); 992 return error; 993 } 994 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 995 996 if (!(flags & UATH_CMD_FLAG_READ)) 997 return 0; /* write: don't wait for reply */ 998 999 /* wait at most two seconds for command reply */ 1000 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 1001 cmd->odata = NULL; /* in case answer is received too late */ 1002 splx(s); 1003 if (error != 0) { 1004 printf("%s: timeout waiting for command reply\n", 1005 USBDEVNAME(sc->sc_dev)); 1006 } 1007 return error; 1008 } 1009 1010 int 1011 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1012 int flags) 1013 { 1014 flags &= ~UATH_CMD_FLAG_READ; 1015 return uath_cmd(sc, code, data, len, NULL, flags); 1016 } 1017 1018 int 1019 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1020 int ilen, void *odata, int flags) 1021 { 1022 flags |= UATH_CMD_FLAG_READ; 1023 return uath_cmd(sc, code, idata, ilen, odata, flags); 1024 } 1025 1026 int 1027 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1028 { 1029 struct uath_write_mac write; 1030 int error; 1031 1032 write.reg = htobe32(reg); 1033 write.len = htobe32(0); /* 0 = single write */ 1034 *(uint32_t *)write.data = htobe32(val); 1035 1036 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1037 3 * sizeof (uint32_t), 0); 1038 if (error != 0) { 1039 printf("%s: could not write register 0x%02x\n", 1040 USBDEVNAME(sc->sc_dev), reg); 1041 } 1042 return error; 1043 } 1044 1045 int 1046 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1047 int len) 1048 { 1049 struct uath_write_mac write; 1050 int error; 1051 1052 write.reg = htobe32(reg); 1053 write.len = htobe32(len); 1054 bcopy(data, write.data, len); 1055 1056 /* properly handle the case where len is zero (reset) */ 1057 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1058 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1059 if (error != 0) { 1060 printf("%s: could not write %d bytes to register 0x%02x\n", 1061 USBDEVNAME(sc->sc_dev), len, reg); 1062 } 1063 return error; 1064 } 1065 1066 int 1067 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1068 { 1069 struct uath_read_mac read; 1070 int error; 1071 1072 reg = htobe32(reg); 1073 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1074 0); 1075 if (error != 0) { 1076 printf("%s: could not read register 0x%02x\n", 1077 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1078 return error; 1079 } 1080 *val = betoh32(*(uint32_t *)read.data); 1081 return error; 1082 } 1083 1084 int 1085 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1086 { 1087 struct uath_read_mac read; 1088 int len, error; 1089 1090 reg = htobe32(reg); 1091 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1092 &read, 0); 1093 if (error != 0) { 1094 printf("%s: could not read EEPROM offset 0x%02x\n", 1095 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1096 return error; 1097 } 1098 len = betoh32(read.len); 1099 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1100 return error; 1101 } 1102 1103 void 1104 uath_cmd_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1105 usbd_status status) 1106 { 1107 struct uath_rx_cmd *cmd = priv; 1108 struct uath_softc *sc = cmd->sc; 1109 struct uath_cmd_hdr *hdr; 1110 1111 if (status != USBD_NORMAL_COMPLETION) { 1112 if (status == USBD_STALLED) 1113 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1114 return; 1115 } 1116 1117 hdr = (struct uath_cmd_hdr *)cmd->buf; 1118 1119 #ifdef UATH_DEBUG 1120 if (uath_debug >= 5) { 1121 printf("received command code=0x%x index=%u len=%u", 1122 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1123 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1124 } 1125 #endif 1126 1127 switch (betoh32(hdr->code) & 0xff) { 1128 /* reply to a read command */ 1129 default: 1130 { 1131 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1132 1133 if (txcmd->odata != NULL) { 1134 /* copy answer into caller's supplied buffer */ 1135 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1136 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1137 } 1138 wakeup(txcmd); /* wake up caller */ 1139 break; 1140 } 1141 /* spontaneous firmware notifications */ 1142 case UATH_NOTIF_READY: 1143 DPRINTF(("received device ready notification\n")); 1144 wakeup(UATH_COND_INIT(sc)); 1145 break; 1146 1147 case UATH_NOTIF_TX: 1148 /* this notification is sent when UATH_TX_NOTIFY is set */ 1149 DPRINTF(("received Tx notification\n")); 1150 break; 1151 1152 case UATH_NOTIF_STATS: 1153 DPRINTFN(2, ("received device statistics\n")); 1154 timeout_add(&sc->stat_to, hz); 1155 break; 1156 } 1157 1158 /* setup a new transfer */ 1159 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1160 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1161 uath_cmd_rxeof); 1162 (void)usbd_transfer(xfer); 1163 } 1164 1165 void 1166 uath_data_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1167 usbd_status status) 1168 { 1169 struct uath_rx_data *data = priv; 1170 struct uath_softc *sc = data->sc; 1171 struct ieee80211com *ic = &sc->sc_ic; 1172 struct ifnet *ifp = &ic->ic_if; 1173 struct ieee80211_frame *wh; 1174 struct ieee80211_node *ni; 1175 struct uath_rx_data *ndata; 1176 struct uath_rx_desc *desc; 1177 struct mbuf *m; 1178 uint32_t hdr; 1179 int s, len; 1180 1181 if (status != USBD_NORMAL_COMPLETION) { 1182 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1183 return; 1184 1185 if (status == USBD_STALLED) 1186 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1187 1188 ifp->if_ierrors++; 1189 return; 1190 } 1191 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1192 1193 if (len < UATH_MIN_RXBUFSZ) { 1194 DPRINTF(("wrong xfer size (len=%d)\n", len)); 1195 ifp->if_ierrors++; 1196 goto skip; 1197 } 1198 1199 hdr = betoh32(*(uint32_t *)data->buf); 1200 1201 /* Rx descriptor is located at the end, 32-bit aligned */ 1202 desc = (struct uath_rx_desc *) 1203 (data->buf + len - sizeof (struct uath_rx_desc)); 1204 1205 if (betoh32(desc->len) > sc->rxbufsz) { 1206 DPRINTF(("bad descriptor (len=%d)\n", betoh32(desc->len))); 1207 ifp->if_ierrors++; 1208 goto skip; 1209 } 1210 1211 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1212 1213 MGETHDR(m, M_DONTWAIT, MT_DATA); 1214 if (m == NULL) { 1215 ifp->if_ierrors++; 1216 goto skip; 1217 } 1218 1219 /* grab a new Rx buffer */ 1220 ndata = SLIST_FIRST(&sc->rx_freelist); 1221 if (ndata == NULL) { 1222 printf("%s: could not allocate Rx buffer\n", 1223 USBDEVNAME(sc->sc_dev)); 1224 m_freem(m); 1225 ifp->if_ierrors++; 1226 goto skip; 1227 } 1228 SLIST_REMOVE_HEAD(&sc->rx_freelist, next); 1229 1230 MEXTADD(m, data->buf, sc->rxbufsz, 0, uath_free_rx_data, data); 1231 1232 /* finalize mbuf */ 1233 m->m_pkthdr.rcvif = ifp; 1234 m->m_data = data->buf + sizeof (uint32_t); 1235 m->m_pkthdr.len = m->m_len = betoh32(desc->len) - 1236 sizeof (struct uath_rx_desc) - IEEE80211_CRC_LEN; 1237 1238 data = ndata; 1239 1240 wh = mtod(m, struct ieee80211_frame *); 1241 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1242 ic->ic_opmode != IEEE80211_M_MONITOR) { 1243 /* 1244 * Hardware decrypts the frame itself but leaves the WEP bit 1245 * set in the 802.11 header and doesn't remove the IV and CRC 1246 * fields. 1247 */ 1248 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1249 ovbcopy(wh, (caddr_t)wh + IEEE80211_WEP_IVLEN + 1250 IEEE80211_WEP_KIDLEN, sizeof (struct ieee80211_frame)); 1251 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1252 m_adj(m, -IEEE80211_WEP_CRCLEN); 1253 wh = mtod(m, struct ieee80211_frame *); 1254 } 1255 1256 #if NBPFILTER > 0 1257 /* there are a lot more fields in the Rx descriptor */ 1258 if (sc->sc_drvbpf != NULL) { 1259 struct mbuf mb; 1260 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1261 1262 tap->wr_flags = 0; 1263 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1264 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1265 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1266 1267 mb.m_data = (caddr_t)tap; 1268 mb.m_len = sc->sc_rxtap_len; 1269 mb.m_next = m; 1270 mb.m_nextpkt = NULL; 1271 mb.m_type = 0; 1272 mb.m_flags = 0; 1273 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1274 } 1275 #endif 1276 1277 s = splnet(); 1278 sc->sc_refcnt++; 1279 ni = ieee80211_find_rxnode(ic, wh); 1280 ieee80211_input(ifp, m, ni, (int)betoh32(desc->rssi), 0); 1281 1282 /* node is no longer needed */ 1283 ieee80211_release_node(ic, ni); 1284 splx(s); 1285 1286 skip: /* setup a new transfer */ 1287 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1288 sc->rxbufsz, USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1289 uath_data_rxeof); 1290 (void)usbd_transfer(data->xfer); 1291 } 1292 1293 int 1294 uath_tx_null(struct uath_softc *sc) 1295 { 1296 struct uath_tx_data *data; 1297 struct uath_tx_desc *desc; 1298 1299 data = &sc->tx_data[sc->data_idx]; 1300 1301 data->ni = NULL; 1302 1303 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1304 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1305 1306 bzero(desc, sizeof (struct uath_tx_desc)); 1307 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1308 desc->type = htobe32(UATH_TX_NULL); 1309 1310 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1311 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1312 USBD_FORCE_SHORT_XFER, UATH_DATA_TIMEOUT, NULL); 1313 if (usbd_sync_transfer(data->xfer) != 0) 1314 return EIO; 1315 1316 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1317 1318 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1319 } 1320 1321 void 1322 uath_data_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1323 usbd_status status) 1324 { 1325 struct uath_tx_data *data = priv; 1326 struct uath_softc *sc = data->sc; 1327 struct ieee80211com *ic = &sc->sc_ic; 1328 struct ifnet *ifp = &ic->ic_if; 1329 int s; 1330 1331 if (status != USBD_NORMAL_COMPLETION) { 1332 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1333 return; 1334 1335 printf("%s: could not transmit buffer: %s\n", 1336 USBDEVNAME(sc->sc_dev), usbd_errstr(status)); 1337 1338 if (status == USBD_STALLED) 1339 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1340 1341 ifp->if_oerrors++; 1342 return; 1343 } 1344 1345 s = splnet(); 1346 1347 ieee80211_release_node(ic, data->ni); 1348 data->ni = NULL; 1349 1350 sc->tx_queued--; 1351 ifp->if_opackets++; 1352 1353 sc->sc_tx_timer = 0; 1354 ifp->if_flags &= ~IFF_OACTIVE; 1355 uath_start(ifp); 1356 1357 splx(s); 1358 } 1359 1360 int 1361 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1362 { 1363 struct ieee80211com *ic = &sc->sc_ic; 1364 struct uath_tx_data *data; 1365 struct uath_tx_desc *desc; 1366 const struct ieee80211_frame *wh; 1367 int paylen, totlen, xferlen, error; 1368 1369 data = &sc->tx_data[sc->data_idx]; 1370 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1371 1372 data->ni = ni; 1373 1374 #if NBPFILTER > 0 1375 if (sc->sc_drvbpf != NULL) { 1376 struct mbuf mb; 1377 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1378 1379 tap->wt_flags = 0; 1380 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1381 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1382 1383 mb.m_data = (caddr_t)tap; 1384 mb.m_len = sc->sc_txtap_len; 1385 mb.m_next = m0; 1386 mb.m_nextpkt = NULL; 1387 mb.m_type = 0; 1388 mb.m_flags = 0; 1389 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1390 } 1391 #endif 1392 1393 paylen = m0->m_pkthdr.len; 1394 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1395 1396 wh = mtod(m0, struct ieee80211_frame *); 1397 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1398 uint8_t *frm = (uint8_t *)(desc + 1); 1399 uint32_t iv; 1400 1401 /* h/w WEP: it's up to the host to fill the IV field */ 1402 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1403 frm += sizeof (struct ieee80211_frame); 1404 1405 /* insert IV: code copied from net80211 */ 1406 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1407 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1408 iv += 0x000100; 1409 ic->ic_iv = iv + 1; 1410 1411 *frm++ = iv & 0xff; 1412 *frm++ = (iv >> 8) & 0xff; 1413 *frm++ = (iv >> 16) & 0xff; 1414 *frm++ = ic->ic_wep_txkey << 6; 1415 1416 m_copydata(m0, sizeof (struct ieee80211_frame), 1417 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1418 1419 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1420 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1421 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1422 } else { 1423 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1424 totlen = xferlen; 1425 } 1426 1427 /* fill Tx descriptor */ 1428 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1429 1430 desc->len = htobe32(totlen); 1431 desc->priv = sc->data_idx; /* don't care about endianness */ 1432 desc->paylen = htobe32(paylen); 1433 desc->type = htobe32(UATH_TX_DATA); 1434 desc->flags = htobe32(0); 1435 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1436 desc->dest = htobe32(UATH_ID_BROADCAST); 1437 desc->magic = htobe32(3); 1438 } else { 1439 desc->dest = htobe32(UATH_ID_BSS); 1440 desc->magic = htobe32(1); 1441 } 1442 1443 m_freem(m0); /* mbuf is no longer needed */ 1444 1445 #ifdef UATH_DEBUG 1446 if (uath_debug >= 6) { 1447 printf("sending frame index=%u len=%d xferlen=%d", 1448 sc->data_idx, paylen, xferlen); 1449 uath_dump_cmd(data->buf, xferlen, '+'); 1450 } 1451 #endif 1452 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1453 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1454 uath_data_txeof); 1455 error = usbd_transfer(data->xfer); 1456 if (error != USBD_IN_PROGRESS && error != 0) { 1457 ic->ic_if.if_oerrors++; 1458 return error; 1459 } 1460 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1461 sc->tx_queued++; 1462 1463 return 0; 1464 } 1465 1466 void 1467 uath_start(struct ifnet *ifp) 1468 { 1469 struct uath_softc *sc = ifp->if_softc; 1470 struct ieee80211com *ic = &sc->sc_ic; 1471 struct ieee80211_node *ni; 1472 struct mbuf *m0; 1473 1474 /* 1475 * net80211 may still try to send management frames even if the 1476 * IFF_RUNNING flag is not set... 1477 */ 1478 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1479 return; 1480 1481 for (;;) { 1482 IF_POLL(&ic->ic_mgtq, m0); 1483 if (m0 != NULL) { 1484 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1485 ifp->if_flags |= IFF_OACTIVE; 1486 break; 1487 } 1488 IF_DEQUEUE(&ic->ic_mgtq, m0); 1489 1490 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1491 m0->m_pkthdr.rcvif = NULL; 1492 #if NBPFILTER > 0 1493 if (ic->ic_rawbpf != NULL) 1494 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1495 #endif 1496 if (uath_tx_data(sc, m0, ni) != 0) 1497 break; 1498 } else { 1499 if (ic->ic_state != IEEE80211_S_RUN) 1500 break; 1501 IFQ_POLL(&ifp->if_snd, m0); 1502 if (m0 == NULL) 1503 break; 1504 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1505 ifp->if_flags |= IFF_OACTIVE; 1506 break; 1507 } 1508 IFQ_DEQUEUE(&ifp->if_snd, m0); 1509 #if NBPFILTER > 0 1510 if (ifp->if_bpf != NULL) 1511 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1512 #endif 1513 m0 = ieee80211_encap(ifp, m0, &ni); 1514 if (m0 == NULL) 1515 continue; 1516 #if NBPFILTER > 0 1517 if (ic->ic_rawbpf != NULL) 1518 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1519 #endif 1520 if (uath_tx_data(sc, m0, ni) != 0) { 1521 if (ni != NULL) 1522 ieee80211_release_node(ic, ni); 1523 ifp->if_oerrors++; 1524 break; 1525 } 1526 } 1527 1528 sc->sc_tx_timer = 5; 1529 ifp->if_timer = 1; 1530 } 1531 } 1532 1533 void 1534 uath_watchdog(struct ifnet *ifp) 1535 { 1536 struct uath_softc *sc = ifp->if_softc; 1537 1538 ifp->if_timer = 0; 1539 1540 if (sc->sc_tx_timer > 0) { 1541 if (--sc->sc_tx_timer == 0) { 1542 printf("%s: device timeout\n", USBDEVNAME(sc->sc_dev)); 1543 /*uath_init(ifp); XXX needs a process context! */ 1544 ifp->if_oerrors++; 1545 return; 1546 } 1547 ifp->if_timer = 1; 1548 } 1549 1550 ieee80211_watchdog(ifp); 1551 } 1552 1553 int 1554 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1555 { 1556 struct uath_softc *sc = ifp->if_softc; 1557 struct ieee80211com *ic = &sc->sc_ic; 1558 struct ifaddr *ifa; 1559 struct ifreq *ifr; 1560 int s, error = 0; 1561 1562 s = splnet(); 1563 1564 switch (cmd) { 1565 case SIOCSIFADDR: 1566 ifa = (struct ifaddr *)data; 1567 ifp->if_flags |= IFF_UP; 1568 #ifdef INET 1569 if (ifa->ifa_addr->sa_family == AF_INET) 1570 arp_ifinit(&ic->ic_ac, ifa); 1571 #endif 1572 /* FALLTHROUGH */ 1573 case SIOCSIFFLAGS: 1574 if (ifp->if_flags & IFF_UP) { 1575 if (!(ifp->if_flags & IFF_RUNNING)) 1576 uath_init(ifp); 1577 } else { 1578 if (ifp->if_flags & IFF_RUNNING) 1579 uath_stop(ifp, 1); 1580 } 1581 break; 1582 1583 case SIOCADDMULTI: 1584 case SIOCDELMULTI: 1585 ifr = (struct ifreq *)data; 1586 error = (cmd == SIOCADDMULTI) ? 1587 ether_addmulti(ifr, &ic->ic_ac) : 1588 ether_delmulti(ifr, &ic->ic_ac); 1589 if (error == ENETRESET) 1590 error = 0; 1591 break; 1592 1593 default: 1594 error = ieee80211_ioctl(ifp, cmd, data); 1595 } 1596 1597 if (error == ENETRESET) { 1598 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1599 (IFF_UP | IFF_RUNNING)) 1600 uath_init(ifp); 1601 error = 0; 1602 } 1603 1604 splx(s); 1605 1606 return error; 1607 } 1608 1609 int 1610 uath_query_eeprom(struct uath_softc *sc) 1611 { 1612 uint32_t tmp; 1613 int error; 1614 1615 /* retrieve MAC address */ 1616 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1617 if (error != 0) { 1618 printf("%s: could not read MAC address\n", 1619 USBDEVNAME(sc->sc_dev)); 1620 return error; 1621 } 1622 1623 /* retrieve the maximum frame size that the hardware can receive */ 1624 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1625 if (error != 0) { 1626 printf("%s: could not read maximum Rx buffer size\n", 1627 USBDEVNAME(sc->sc_dev)); 1628 return error; 1629 } 1630 sc->rxbufsz = betoh32(tmp) & 0xfff; 1631 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1632 return 0; 1633 } 1634 1635 int 1636 uath_reset(struct uath_softc *sc) 1637 { 1638 struct uath_cmd_setup setup; 1639 uint32_t reg, val; 1640 int s, error; 1641 1642 /* init device with some voodoo incantations.. */ 1643 setup.magic1 = htobe32(1); 1644 setup.magic2 = htobe32(5); 1645 setup.magic3 = htobe32(200); 1646 setup.magic4 = htobe32(27); 1647 s = splusb(); 1648 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1649 UATH_CMD_FLAG_ASYNC); 1650 /* ..and wait until firmware notifies us that it is ready */ 1651 if (error == 0) 1652 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1653 splx(s); 1654 if (error != 0) 1655 return error; 1656 1657 /* read PHY registers */ 1658 for (reg = 0x09; reg <= 0x24; reg++) { 1659 if (reg == 0x0b || reg == 0x0c) 1660 continue; 1661 DELAY(100); 1662 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1663 return error; 1664 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1665 } 1666 return error; 1667 } 1668 1669 int 1670 uath_reset_tx_queues(struct uath_softc *sc) 1671 { 1672 int ac, error; 1673 1674 for (ac = 0; ac < 4; ac++) { 1675 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1676 1677 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1678 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1679 sizeof qid, 0); 1680 if (error != 0) 1681 break; 1682 } 1683 return error; 1684 } 1685 1686 int 1687 uath_wme_init(struct uath_softc *sc) 1688 { 1689 struct uath_qinfo qinfo; 1690 int ac, error; 1691 static const struct uath_wme_settings uath_wme_11g[4] = { 1692 { 7, 4, 10, 0, 0 }, /* Background */ 1693 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1694 { 3, 3, 4, 26, 0 }, /* Video */ 1695 { 2, 2, 3, 47, 0 } /* Voice */ 1696 }; 1697 1698 bzero(&qinfo, sizeof qinfo); 1699 qinfo.size = htobe32(32); 1700 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1701 qinfo.magic2 = htobe32(1); 1702 for (ac = 0; ac < 4; ac++) { 1703 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1704 qinfo.ac = htobe32(ac); 1705 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1706 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1707 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1708 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1709 uath_wme_11g[ac].txop)); 1710 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1711 1712 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1713 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1714 sizeof qinfo, 0); 1715 if (error != 0) 1716 break; 1717 } 1718 return error; 1719 } 1720 1721 int 1722 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1723 { 1724 struct uath_set_chan chan; 1725 1726 bzero(&chan, sizeof chan); 1727 chan.flags = htobe32(0x1400); 1728 chan.freq = htobe32(c->ic_freq); 1729 chan.magic1 = htobe32(20); 1730 chan.magic2 = htobe32(50); 1731 chan.magic3 = htobe32(1); 1732 1733 DPRINTF(("switching to channel %d\n", 1734 ieee80211_chan2ieee(&sc->sc_ic, c))); 1735 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1736 } 1737 1738 int 1739 uath_set_key(struct uath_softc *sc, const struct ieee80211_wepkey *wk, 1740 int index) 1741 { 1742 struct uath_cmd_crypto crypto; 1743 int i; 1744 1745 bzero(&crypto, sizeof crypto); 1746 crypto.keyidx = htobe32(index); 1747 crypto.magic1 = htobe32(1); 1748 crypto.size = htobe32(368); 1749 crypto.mask = htobe32(0xffff); 1750 crypto.flags = htobe32(0x80000068); 1751 if (index != UATH_DEFAULT_KEY) 1752 crypto.flags |= htobe32(index << 16); 1753 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1754 1755 /* 1756 * Each byte of the key must be XOR'ed with 10101010 before being 1757 * transmitted to the firmware. 1758 */ 1759 for (i = 0; i < wk->wk_len; i++) 1760 crypto.key[i] = wk->wk_key[i] ^ 0xaa; 1761 1762 DPRINTF(("setting crypto key index=%d len=%d\n", index, wk->wk_len)); 1763 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1764 } 1765 1766 int 1767 uath_set_keys(struct uath_softc *sc) 1768 { 1769 const struct ieee80211com *ic = &sc->sc_ic; 1770 int i, error; 1771 1772 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1773 const struct ieee80211_wepkey *wk = &ic->ic_nw_keys[i]; 1774 1775 if (wk->wk_len > 0 && 1776 (error = uath_set_key(sc, wk, i)) != 0) 1777 return error; 1778 } 1779 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1780 UATH_DEFAULT_KEY); 1781 } 1782 1783 int 1784 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1785 { 1786 struct uath_cmd_rates rates; 1787 1788 bzero(&rates, sizeof rates); 1789 rates.magic1 = htobe32(0x02); 1790 rates.size = htobe32(1 + sizeof rates.rates); 1791 rates.nrates = rs->rs_nrates; 1792 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1793 1794 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1795 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, sizeof rates, 0); 1796 } 1797 1798 int 1799 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1800 { 1801 struct uath_cmd_filter rxfilter; 1802 1803 rxfilter.filter = htobe32(filter); 1804 rxfilter.flags = htobe32(flags); 1805 1806 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1807 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1808 sizeof rxfilter, 0); 1809 } 1810 1811 int 1812 uath_set_led(struct uath_softc *sc, int which, int on) 1813 { 1814 struct uath_cmd_led led; 1815 1816 led.which = htobe32(which); 1817 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1818 1819 DPRINTFN(2, ("switching %s led %s\n", 1820 (which == UATH_LED_LINK) ? "link" : "activity", 1821 on ? "on" : "off")); 1822 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1823 } 1824 1825 int 1826 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1827 { 1828 uint32_t val; 1829 int error; 1830 1831 /* set radio frequency */ 1832 if ((error = uath_set_chan(sc, c)) != 0) { 1833 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1834 return error; 1835 } 1836 1837 /* reset Tx rings */ 1838 if ((error = uath_reset_tx_queues(sc)) != 0) { 1839 printf("%s: could not reset Tx queues\n", 1840 USBDEVNAME(sc->sc_dev)); 1841 return error; 1842 } 1843 1844 /* set Tx rings WME properties */ 1845 if ((error = uath_wme_init(sc)) != 0) { 1846 printf("%s: could not init Tx queues\n", 1847 USBDEVNAME(sc->sc_dev)); 1848 return error; 1849 } 1850 1851 val = htobe32(0); 1852 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1853 if (error != 0) { 1854 printf("%s: could not set state\n", USBDEVNAME(sc->sc_dev)); 1855 return error; 1856 } 1857 1858 return uath_tx_null(sc); 1859 } 1860 1861 int 1862 uath_init(struct ifnet *ifp) 1863 { 1864 struct uath_softc *sc = ifp->if_softc; 1865 struct ieee80211com *ic = &sc->sc_ic; 1866 struct uath_cmd_31 cmd31; 1867 uint32_t val; 1868 int i, error; 1869 1870 /* reset data and command rings */ 1871 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1872 1873 val = htobe32(0); 1874 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1875 1876 /* set MAC address */ 1877 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1878 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1879 1880 (void)uath_write_reg(sc, 0x02, 0x00000001); 1881 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1882 (void)uath_write_reg(sc, 0x10, 0x00000001); 1883 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1884 1885 /* 1886 * Queue Rx data xfers. 1887 */ 1888 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1889 struct uath_rx_data *data = SLIST_FIRST(&sc->rx_freelist); 1890 1891 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1892 sc->rxbufsz, USBD_SHORT_XFER_OK | USBD_NO_COPY, 1893 USBD_NO_TIMEOUT, uath_data_rxeof); 1894 error = usbd_transfer(data->xfer); 1895 if (error != USBD_IN_PROGRESS && error != 0) { 1896 printf("%s: could not queue Rx transfer\n", 1897 USBDEVNAME(sc->sc_dev)); 1898 goto fail; 1899 } 1900 SLIST_REMOVE_HEAD(&sc->rx_freelist, next); 1901 } 1902 1903 error = uath_cmd_read(sc, UATH_CMD_07, 0, NULL, &val, 1904 UATH_CMD_FLAG_MAGIC); 1905 if (error != 0) { 1906 printf("%s: could not send read command 07h\n", 1907 USBDEVNAME(sc->sc_dev)); 1908 goto fail; 1909 } 1910 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1911 1912 /* set default channel */ 1913 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1914 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1915 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1916 goto fail; 1917 } 1918 1919 if ((error = uath_wme_init(sc)) != 0) { 1920 printf("%s: could not setup WME parameters\n", 1921 USBDEVNAME(sc->sc_dev)); 1922 goto fail; 1923 } 1924 1925 /* init MAC registers */ 1926 (void)uath_write_reg(sc, 0x19, 0x00000000); 1927 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1928 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1929 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1930 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1931 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1932 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1933 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1934 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1935 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1936 1937 val = htobe32(4); 1938 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1939 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1940 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1941 1942 if ((error = uath_set_keys(sc)) != 0) { 1943 printf("%s: could not set crypto keys\n", 1944 USBDEVNAME(sc->sc_dev)); 1945 goto fail; 1946 } 1947 1948 /* enable Rx */ 1949 (void)uath_set_rxfilter(sc, 0x0000, 4); 1950 (void)uath_set_rxfilter(sc, 0x0817, 1); 1951 1952 cmd31.magic1 = htobe32(0xffffffff); 1953 cmd31.magic2 = htobe32(0xffffffff); 1954 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1955 1956 ifp->if_flags &= ~IFF_OACTIVE; 1957 ifp->if_flags |= IFF_RUNNING; 1958 1959 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1960 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1961 else 1962 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1963 1964 return 0; 1965 1966 fail: uath_stop(ifp, 1); 1967 return error; 1968 } 1969 1970 void 1971 uath_stop(struct ifnet *ifp, int disable) 1972 { 1973 struct uath_softc *sc = ifp->if_softc; 1974 struct ieee80211com *ic = &sc->sc_ic; 1975 uint32_t val; 1976 int s; 1977 1978 s = splusb(); 1979 1980 sc->sc_tx_timer = 0; 1981 ifp->if_timer = 0; 1982 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1983 1984 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1985 1986 val = htobe32(0); 1987 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1988 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1989 1990 val = htobe32(0); 1991 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1992 1993 #if 0 1994 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1995 UATH_CMD_FLAG_MAGIC); 1996 #endif 1997 1998 /* abort any pending transfers */ 1999 usbd_abort_pipe(sc->data_tx_pipe); 2000 usbd_abort_pipe(sc->data_rx_pipe); 2001 usbd_abort_pipe(sc->cmd_tx_pipe); 2002 2003 splx(s); 2004 } 2005 2006 /* 2007 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 2008 * the device will detach itself from the bus and reattach later with a new 2009 * product Id (a la ezusb). XXX this could also be implemented in userland 2010 * through /dev/ugen. 2011 */ 2012 int 2013 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2014 { 2015 usbd_xfer_handle ctlxfer, txxfer, rxxfer; 2016 struct uath_fwblock *txblock, *rxblock; 2017 uint8_t *txdata; 2018 int error = 0; 2019 2020 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2021 printf("%s: could not allocate Tx control xfer\n", 2022 USBDEVNAME(sc->sc_dev)); 2023 error = USBD_NOMEM; 2024 goto fail1; 2025 } 2026 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2027 if (txblock == NULL) { 2028 printf("%s: could not allocate Tx control block\n", 2029 USBDEVNAME(sc->sc_dev)); 2030 error = USBD_NOMEM; 2031 goto fail2; 2032 } 2033 2034 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2035 printf("%s: could not allocate Tx xfer\n", 2036 USBDEVNAME(sc->sc_dev)); 2037 error = USBD_NOMEM; 2038 goto fail2; 2039 } 2040 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2041 if (txdata == NULL) { 2042 printf("%s: could not allocate Tx buffer\n", 2043 USBDEVNAME(sc->sc_dev)); 2044 error = USBD_NOMEM; 2045 goto fail3; 2046 } 2047 2048 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2049 printf("%s: could not allocate Rx control xfer\n", 2050 USBDEVNAME(sc->sc_dev)); 2051 error = USBD_NOMEM; 2052 goto fail3; 2053 } 2054 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2055 if (rxblock == NULL) { 2056 printf("%s: could not allocate Rx control block\n", 2057 USBDEVNAME(sc->sc_dev)); 2058 error = USBD_NOMEM; 2059 goto fail4; 2060 } 2061 2062 bzero(txblock, sizeof (struct uath_fwblock)); 2063 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2064 txblock->total = htobe32(len); 2065 2066 while (len > 0) { 2067 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2068 2069 txblock->remain = htobe32(len - mlen); 2070 txblock->len = htobe32(mlen); 2071 2072 DPRINTF(("sending firmware block: %d bytes remaining\n", 2073 len - mlen)); 2074 2075 /* send firmware block meta-data */ 2076 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2077 sizeof (struct uath_fwblock), USBD_NO_COPY, 2078 UATH_CMD_TIMEOUT, NULL); 2079 if ((error = usbd_sync_transfer(ctlxfer)) != 0) { 2080 printf("%s: could not send firmware block info\n", 2081 USBDEVNAME(sc->sc_dev)); 2082 break; 2083 } 2084 2085 /* send firmware block data */ 2086 bcopy(fw, txdata, mlen); 2087 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2088 USBD_NO_COPY, UATH_DATA_TIMEOUT, NULL); 2089 if ((error = usbd_sync_transfer(txxfer)) != 0) { 2090 printf("%s: could not send firmware block data\n", 2091 USBDEVNAME(sc->sc_dev)); 2092 break; 2093 } 2094 2095 /* wait for ack from firmware */ 2096 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2097 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2098 USBD_NO_COPY, UATH_CMD_TIMEOUT, NULL); 2099 if ((error = usbd_sync_transfer(rxxfer)) != 0) { 2100 printf("%s: could not read firmware answer\n", 2101 USBDEVNAME(sc->sc_dev)); 2102 break; 2103 } 2104 2105 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2106 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2107 fw += mlen; 2108 len -= mlen; 2109 } 2110 2111 fail4: usbd_free_xfer(rxxfer); 2112 fail3: usbd_free_xfer(txxfer); 2113 fail2: usbd_free_xfer(ctlxfer); 2114 fail1: return error; 2115 } 2116 2117 int 2118 uath_activate(device_ptr_t self, enum devact act) 2119 { 2120 switch (act) { 2121 case DVACT_ACTIVATE: 2122 break; 2123 2124 case DVACT_DEACTIVATE: 2125 /*if_deactivate(&sc->sc_ic.ic_if);*/ 2126 break; 2127 } 2128 return 0; 2129 } 2130