1 /* $OpenBSD: if_uath.c,v 1.2 2006/09/16 13:37:41 damien Exp $ */ 2 3 /*- 4 * Copyright (c) 2006 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /*- 21 * Driver for Atheros AR5005UG/AR5005UX chipsets. 22 * http://www.atheros.com/pt/bulletins/AR5005UGBulletin.pdf 23 * http://www.atheros.com/pt/bulletins/AR5005UXBulletin.pdf 24 * 25 * IMPORTANT NOTICE: 26 * This driver was written without any documentation or support from Atheros 27 * Communications. It is based on a black-box analysis of the Windows binary 28 * driver. It handles both pre and post-firmware devices. 29 */ 30 31 #include "bpfilter.h" 32 33 #include <sys/param.h> 34 #include <sys/sockio.h> 35 #include <sys/sysctl.h> 36 #include <sys/mbuf.h> 37 #include <sys/kernel.h> 38 #include <sys/socket.h> 39 #include <sys/systm.h> 40 #include <sys/malloc.h> 41 #include <sys/timeout.h> 42 #include <sys/conf.h> 43 #include <sys/device.h> 44 45 #include <machine/bus.h> 46 #include <machine/endian.h> 47 #include <machine/intr.h> 48 49 #if NBPFILTER > 0 50 #include <net/bpf.h> 51 #endif 52 #include <net/if.h> 53 #include <net/if_arp.h> 54 #include <net/if_dl.h> 55 #include <net/if_media.h> 56 #include <net/if_types.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/in_var.h> 61 #include <netinet/if_ether.h> 62 #include <netinet/ip.h> 63 64 #include <net80211/ieee80211_var.h> 65 #include <net80211/ieee80211_amrr.h> 66 #include <net80211/ieee80211_radiotap.h> 67 68 #include <dev/rndvar.h> 69 #include <crypto/arc4.h> 70 71 #include <dev/usb/usb.h> 72 #include <dev/usb/usbdi.h> 73 #include <dev/usb/usbdi_util.h> 74 #include <dev/usb/usbdevs.h> 75 76 #include <dev/usb/if_uathreg.h> 77 #include <dev/usb/if_uathvar.h> 78 79 #ifdef USB_DEBUG 80 #define UATH_DEBUG 81 #endif 82 83 #ifdef UATH_DEBUG 84 #define DPRINTF(x) do { if (uath_debug) logprintf x; } while (0) 85 #define DPRINTFN(n, x) do { if (uath_debug >= (n)) logprintf x; } while (0) 86 int uath_debug = 1; 87 #else 88 #define DPRINTF(x) 89 #define DPRINTFN(n, x) 90 #endif 91 92 /* various supported device vendors/products */ 93 static const struct uath_type { 94 struct usb_devno dev; 95 unsigned int flags; 96 } uath_devs[] = { 97 /* D-Link */ 98 { { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_DWLAG122 }, 99 UATH_FLAG_DUAL_BAND_RF }, 100 { { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_DWLAG122_NF }, 101 UATH_FLAG_PRE_FIRMWARE }, 102 { { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_DWLAG132 }, 103 UATH_FLAG_DUAL_BAND_RF }, 104 { { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_DWLAG132_NF }, 105 UATH_FLAG_PRE_FIRMWARE }, 106 { { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_DWLG132 }, 107 0 }, 108 { { USB_VENDOR_DLINK, USB_PRODUCT_DLINK_DWLG132_NF }, 109 UATH_FLAG_PRE_FIRMWARE }, 110 111 /* Netgear */ 112 { { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WG111U }, 113 UATH_FLAG_DUAL_BAND_RF }, 114 { { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WG111U_NF }, 115 UATH_FLAG_PRE_FIRMWARE }, 116 { { USB_VENDOR_NETGEAR3, USB_PRODUCT_NETGEAR3_WG111T }, 117 0 }, 118 { { USB_VENDOR_NETGEAR3, USB_PRODUCT_NETGEAR3_WG111T_NF }, 119 UATH_FLAG_PRE_FIRMWARE }, 120 { { USB_VENDOR_NETGEAR3, USB_PRODUCT_NETGEAR3_WPN111 }, 121 0 }, 122 { { USB_VENDOR_NETGEAR3, USB_PRODUCT_NETGEAR3_WPN111_NF }, 123 UATH_FLAG_PRE_FIRMWARE } 124 }; 125 #define uath_lookup(v, p) \ 126 ((struct uath_type *)usb_lookup(uath_devs, v, p)) 127 128 Static void uath_attachhook(void *); 129 Static int uath_open_pipes(struct uath_softc *); 130 Static void uath_close_pipes(struct uath_softc *); 131 Static int uath_alloc_tx_data_list(struct uath_softc *); 132 Static void uath_free_tx_data_list(struct uath_softc *); 133 Static int uath_alloc_rx_data_list(struct uath_softc *); 134 Static void uath_free_rx_data_list(struct uath_softc *); 135 Static int uath_alloc_tx_cmd_list(struct uath_softc *); 136 Static void uath_free_tx_cmd_list(struct uath_softc *); 137 Static int uath_alloc_rx_cmd_list(struct uath_softc *); 138 Static void uath_free_rx_cmd_list(struct uath_softc *); 139 Static int uath_media_change(struct ifnet *); 140 Static void uath_stat(void *); 141 Static void uath_next_scan(void *); 142 Static void uath_task(void *); 143 Static int uath_newstate(struct ieee80211com *, enum ieee80211_state, 144 int); 145 #ifdef UATH_DEBUG 146 Static void uath_dump_cmd(const uint8_t *, int, char); 147 #endif 148 Static int uath_cmd(struct uath_softc *, uint32_t, const void *, int, 149 void *, int); 150 Static int uath_cmd_write(struct uath_softc *, uint32_t, const void *, 151 int, int); 152 Static int uath_cmd_read(struct uath_softc *, uint32_t, const void *, 153 int, void *, int); 154 Static int uath_write_reg(struct uath_softc *, uint32_t, uint32_t); 155 Static int uath_write_multi(struct uath_softc *, uint32_t, const void *, 156 int); 157 Static int uath_read_reg(struct uath_softc *, uint32_t, uint32_t *); 158 Static int uath_read_eeprom(struct uath_softc *, uint32_t, void *); 159 Static void uath_cmd_rxeof(usbd_xfer_handle, usbd_private_handle, 160 usbd_status); 161 Static void uath_data_rxeof(usbd_xfer_handle, usbd_private_handle, 162 usbd_status); 163 Static void uath_data_txeof(usbd_xfer_handle, usbd_private_handle, 164 usbd_status); 165 Static int uath_tx_null(struct uath_softc *); 166 Static int uath_tx_data(struct uath_softc *, struct mbuf *, 167 struct ieee80211_node *); 168 Static void uath_start(struct ifnet *); 169 Static void uath_watchdog(struct ifnet *); 170 Static int uath_ioctl(struct ifnet *, u_long, caddr_t); 171 Static int uath_query_eeprom(struct uath_softc *); 172 Static int uath_reset(struct uath_softc *); 173 Static int uath_reset_tx_queues(struct uath_softc *); 174 Static int uath_wme_init(struct uath_softc *); 175 Static int uath_set_chan(struct uath_softc *, struct ieee80211_channel *); 176 Static int uath_set_key(struct uath_softc *, 177 const struct ieee80211_wepkey *, int); 178 Static int uath_set_keys(struct uath_softc *); 179 Static int uath_set_rates(struct uath_softc *, 180 const struct ieee80211_rateset *); 181 Static int uath_set_rxfilter(struct uath_softc *, uint32_t, uint32_t); 182 Static int uath_set_led(struct uath_softc *, int, int); 183 Static int uath_switch_channel(struct uath_softc *, 184 struct ieee80211_channel *); 185 Static int uath_init(struct ifnet *); 186 Static void uath_stop(struct ifnet *, int); 187 Static int uath_loadfirmware(struct uath_softc *, const u_char *, int); 188 Static int uath_activate(device_ptr_t, enum devact); 189 190 /* 191 * Supported rates for 802.11b/g modes (in 500Kbps unit). 192 */ 193 static const struct ieee80211_rateset uath_rateset_11b = 194 { 4, { 2, 4, 11, 22 } }; 195 196 static const struct ieee80211_rateset uath_rateset_11g = 197 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 198 199 USB_DECLARE_DRIVER(uath); 200 201 USB_MATCH(uath) 202 { 203 USB_MATCH_START(uath, uaa); 204 205 if (uaa->iface != NULL) 206 return UMATCH_NONE; 207 208 return (uath_lookup(uaa->vendor, uaa->product) != NULL) ? 209 UMATCH_VENDOR_PRODUCT : UMATCH_NONE; 210 } 211 212 Static void 213 uath_attachhook(void *xsc) 214 { 215 struct uath_softc *sc = xsc; 216 u_char *fw; 217 size_t size; 218 int error; 219 220 if ((error = loadfirmware("uath-ar5523", &fw, &size)) != 0) { 221 printf("%s: could not read firmware (error=%d)\n", 222 USBDEVNAME(sc->sc_dev), error); 223 return; 224 } 225 226 if ((error = uath_loadfirmware(sc, fw, size)) != 0) { 227 printf("%s: could not load firmware (error=%s)\n", 228 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 229 } 230 231 free(fw, M_DEVBUF); 232 } 233 234 USB_ATTACH(uath) 235 { 236 USB_ATTACH_START(uath, sc, uaa); 237 struct ieee80211com *ic = &sc->sc_ic; 238 struct ifnet *ifp = &ic->ic_if; 239 usbd_status error; 240 char *devinfop; 241 int i; 242 243 sc->sc_udev = uaa->device; 244 245 devinfop = usbd_devinfo_alloc(uaa->device, 0); 246 USB_ATTACH_SETUP; 247 printf("%s: %s\n", USBDEVNAME(sc->sc_dev), devinfop); 248 usbd_devinfo_free(devinfop); 249 250 sc->sc_flags = uath_lookup(uaa->vendor, uaa->product)->flags; 251 252 if (usbd_set_config_no(sc->sc_udev, UATH_CONFIG_NO, 0) != 0) { 253 printf("%s: could not set configuration no\n", 254 USBDEVNAME(sc->sc_dev)); 255 USB_ATTACH_ERROR_RETURN; 256 } 257 258 /* get the first interface handle */ 259 error = usbd_device2interface_handle(sc->sc_udev, UATH_IFACE_INDEX, 260 &sc->sc_iface); 261 if (error != 0) { 262 printf("%s: could not get interface handle\n", 263 USBDEVNAME(sc->sc_dev)); 264 USB_ATTACH_ERROR_RETURN; 265 } 266 267 /* 268 * We must open the pipes early because they're used to upload the 269 * firmware (pre-firmware devices) or to send firmware commands. 270 */ 271 if (uath_open_pipes(sc) != 0) { 272 printf("%s: could not open pipes\n", USBDEVNAME(sc->sc_dev)); 273 USB_ATTACH_ERROR_RETURN; 274 } 275 276 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 277 if (rootvp == NULL) 278 mountroothook_establish(uath_attachhook, sc); 279 else 280 uath_attachhook(sc); 281 USB_ATTACH_SUCCESS_RETURN; 282 } 283 284 /* 285 * Only post-firmware devices here. 286 */ 287 usb_init_task(&sc->sc_task, uath_task, sc); 288 timeout_set(&sc->scan_to, uath_next_scan, sc); 289 timeout_set(&sc->stat_to, uath_stat, sc); 290 291 /* 292 * Allocate xfers for firmware commands. 293 */ 294 if (uath_alloc_tx_cmd_list(sc) != 0) { 295 printf("%s: could not allocate Tx command list\n", 296 USBDEVNAME(sc->sc_dev)); 297 goto fail1; 298 } 299 if (uath_alloc_rx_cmd_list(sc) != 0) { 300 printf("%s: could not allocate Rx command list\n", 301 USBDEVNAME(sc->sc_dev)); 302 goto fail2; 303 } 304 305 /* 306 * Queue Rx command xfers. 307 */ 308 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 309 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 310 311 usbd_setup_xfer(cmd->xfer, sc->cmd_rx_pipe, cmd, cmd->buf, 312 UATH_MAX_RXCMDSZ, USBD_SHORT_XFER_OK | USBD_NO_COPY, 313 USBD_NO_TIMEOUT, uath_cmd_rxeof); 314 error = usbd_transfer(cmd->xfer); 315 if (error != USBD_IN_PROGRESS && error != 0) { 316 printf("%s: could not queue Rx command xfer\n", 317 USBDEVNAME(sc->sc_dev)); 318 goto fail3; 319 } 320 } 321 322 /* 323 * We're now ready to send/receive firmware commands. 324 */ 325 if (uath_reset(sc) != 0) { 326 printf("%s: could not initialize adapter\n", 327 USBDEVNAME(sc->sc_dev)); 328 goto fail3; 329 } 330 if (uath_query_eeprom(sc) != 0) { 331 printf("%s: could not read EEPROM\n", USBDEVNAME(sc->sc_dev)); 332 goto fail3; 333 } 334 335 printf("%s: MAC/BBP AR5523, RF AR%c112, address %s\n", 336 USBDEVNAME(sc->sc_dev), 337 (sc->sc_flags & UATH_FLAG_DUAL_BAND_RF) ? '5': '2', 338 ether_sprintf(ic->ic_myaddr)); 339 340 /* 341 * Allocate xfers for Tx/Rx data pipes. 342 */ 343 if (uath_alloc_tx_data_list(sc) != 0) { 344 printf("%s: could not allocate Tx data list\n", 345 USBDEVNAME(sc->sc_dev)); 346 goto fail3; 347 } 348 if (uath_alloc_rx_data_list(sc) != 0) { 349 printf("%s: could not allocate Rx data list\n", 350 USBDEVNAME(sc->sc_dev)); 351 goto fail4; 352 } 353 354 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 355 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 356 ic->ic_state = IEEE80211_S_INIT; 357 358 /* set device capabilities */ 359 ic->ic_caps = 360 IEEE80211_C_TXPMGT | /* tx power management */ 361 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 362 IEEE80211_C_SHSLOT | /* short slot time supported */ 363 IEEE80211_C_WEP; /* h/w WEP */ 364 365 /* set supported .11b and .11g rates */ 366 ic->ic_sup_rates[IEEE80211_MODE_11B] = uath_rateset_11b; 367 ic->ic_sup_rates[IEEE80211_MODE_11G] = uath_rateset_11g; 368 369 /* set supported .11b and .11g channels (1 through 14) */ 370 for (i = 1; i <= 14; i++) { 371 ic->ic_channels[i].ic_freq = 372 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 373 ic->ic_channels[i].ic_flags = 374 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 375 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 376 } 377 378 ifp->if_softc = sc; 379 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 380 ifp->if_init = uath_init; 381 ifp->if_ioctl = uath_ioctl; 382 ifp->if_start = uath_start; 383 ifp->if_watchdog = uath_watchdog; 384 IFQ_SET_READY(&ifp->if_snd); 385 memcpy(ifp->if_xname, USBDEVNAME(sc->sc_dev), IFNAMSIZ); 386 387 if_attach(ifp); 388 ieee80211_ifattach(ifp); 389 390 /* override state transition machine */ 391 sc->sc_newstate = ic->ic_newstate; 392 ic->ic_newstate = uath_newstate; 393 ieee80211_media_init(ifp, uath_media_change, ieee80211_media_status); 394 395 #if NBPFILTER > 0 396 bpfattach(&sc->sc_drvbpf, ifp, DLT_IEEE802_11_RADIO, 397 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN); 398 399 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 400 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 401 sc->sc_rxtap.wr_ihdr.it_present = htole32(UATH_RX_RADIOTAP_PRESENT); 402 403 sc->sc_txtap_len = sizeof sc->sc_txtapu; 404 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 405 sc->sc_txtap.wt_ihdr.it_present = htole32(UATH_TX_RADIOTAP_PRESENT); 406 #endif 407 408 usbd_add_drv_event(USB_EVENT_DRIVER_ATTACH, sc->sc_udev, 409 USBDEV(sc->sc_dev)); 410 411 USB_ATTACH_SUCCESS_RETURN; 412 413 fail4: uath_free_tx_data_list(sc); 414 fail3: uath_free_rx_cmd_list(sc); 415 fail2: uath_free_tx_cmd_list(sc); 416 fail1: uath_close_pipes(sc); 417 418 USB_ATTACH_ERROR_RETURN; 419 } 420 421 USB_DETACH(uath) 422 { 423 USB_DETACH_START(uath, sc); 424 struct ifnet *ifp = &sc->sc_ic.ic_if; 425 int s; 426 427 s = splusb(); 428 429 if (sc->sc_flags & UATH_FLAG_PRE_FIRMWARE) { 430 uath_close_pipes(sc); 431 splx(s); 432 return 0; 433 } 434 435 /* post-firmware device */ 436 437 usb_rem_task(sc->sc_udev, &sc->sc_task); 438 timeout_del(&sc->scan_to); 439 timeout_del(&sc->stat_to); 440 441 /* abort and free xfers */ 442 uath_free_tx_data_list(sc); 443 uath_free_rx_data_list(sc); 444 uath_free_tx_cmd_list(sc); 445 uath_free_rx_cmd_list(sc); 446 447 /* close Tx/Rx pipes */ 448 uath_close_pipes(sc); 449 450 ieee80211_ifdetach(ifp); /* free all nodes */ 451 if_detach(ifp); 452 453 splx(s); 454 455 usbd_add_drv_event(USB_EVENT_DRIVER_DETACH, sc->sc_udev, 456 USBDEV(sc->sc_dev)); 457 458 return 0; 459 } 460 461 Static int 462 uath_open_pipes(struct uath_softc *sc) 463 { 464 int error; 465 466 /* 467 * XXX pipes numbers are hardcoded because we don't have any way 468 * to distinguish the data pipes from the firmware command pipes 469 * (both are bulk pipes) using the endpoints descriptors. 470 */ 471 error = usbd_open_pipe(sc->sc_iface, 0x01, USBD_EXCLUSIVE_USE, 472 &sc->cmd_tx_pipe); 473 if (error != 0) { 474 printf("%s: could not open Tx command pipe: %s\n", 475 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 476 goto fail; 477 } 478 479 error = usbd_open_pipe(sc->sc_iface, 0x02, USBD_EXCLUSIVE_USE, 480 &sc->data_tx_pipe); 481 if (error != 0) { 482 printf("%s: could not open Tx data pipe: %s\n", 483 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 484 goto fail; 485 } 486 487 error = usbd_open_pipe(sc->sc_iface, 0x81, USBD_EXCLUSIVE_USE, 488 &sc->cmd_rx_pipe); 489 if (error != 0) { 490 printf("%s: could not open Rx command pipe: %s\n", 491 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 492 goto fail; 493 } 494 495 error = usbd_open_pipe(sc->sc_iface, 0x82, USBD_EXCLUSIVE_USE, 496 &sc->data_rx_pipe); 497 if (error != 0) { 498 printf("%s: could not open Rx data pipe: %s\n", 499 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 500 goto fail; 501 } 502 503 return 0; 504 505 fail: uath_close_pipes(sc); 506 return error; 507 } 508 509 Static void 510 uath_close_pipes(struct uath_softc *sc) 511 { 512 /* assumes no transfers are pending on the pipes */ 513 514 if (sc->data_tx_pipe != NULL) 515 usbd_close_pipe(sc->data_tx_pipe); 516 517 if (sc->data_rx_pipe != NULL) 518 usbd_close_pipe(sc->data_rx_pipe); 519 520 if (sc->cmd_tx_pipe != NULL) 521 usbd_close_pipe(sc->cmd_tx_pipe); 522 523 if (sc->cmd_rx_pipe != NULL) 524 usbd_close_pipe(sc->cmd_rx_pipe); 525 } 526 527 Static int 528 uath_alloc_tx_data_list(struct uath_softc *sc) 529 { 530 int i, error; 531 532 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) { 533 struct uath_tx_data *data = &sc->tx_data[i]; 534 535 data->sc = sc; /* backpointer for callbacks */ 536 537 data->xfer = usbd_alloc_xfer(sc->sc_udev); 538 if (data->xfer == NULL) { 539 printf("%s: could not allocate xfer\n", 540 USBDEVNAME(sc->sc_dev)); 541 error = ENOMEM; 542 goto fail; 543 } 544 data->buf = usbd_alloc_buffer(data->xfer, UATH_MAX_TXBUFSZ); 545 if (data->buf == NULL) { 546 printf("%s: could not allocate xfer buffer\n", 547 USBDEVNAME(sc->sc_dev)); 548 error = ENOMEM; 549 goto fail; 550 } 551 } 552 return 0; 553 554 fail: uath_free_tx_data_list(sc); 555 return error; 556 } 557 558 Static void 559 uath_free_tx_data_list(struct uath_softc *sc) 560 { 561 int i; 562 563 /* make sure no transfers are pending */ 564 usbd_abort_pipe(sc->data_tx_pipe); 565 566 for (i = 0; i < UATH_TX_DATA_LIST_COUNT; i++) 567 if (sc->tx_data[i].xfer != NULL) 568 usbd_free_xfer(sc->tx_data[i].xfer); 569 } 570 571 Static int 572 uath_alloc_rx_data_list(struct uath_softc *sc) 573 { 574 int i, error; 575 576 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 577 struct uath_rx_data *data = &sc->rx_data[i]; 578 579 data->sc = sc; /* backpointer for callbacks */ 580 581 data->xfer = usbd_alloc_xfer(sc->sc_udev); 582 if (data->xfer == NULL) { 583 printf("%s: could not allocate xfer\n", 584 USBDEVNAME(sc->sc_dev)); 585 error = ENOMEM; 586 goto fail; 587 } 588 if (usbd_alloc_buffer(data->xfer, sc->rxbufsz) == NULL) { 589 printf("%s: could not allocate xfer buffer\n", 590 USBDEVNAME(sc->sc_dev)); 591 error = ENOMEM; 592 goto fail; 593 } 594 595 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 596 if (data->m == NULL) { 597 printf("%s: could not allocate rx mbuf\n", 598 USBDEVNAME(sc->sc_dev)); 599 error = ENOMEM; 600 goto fail; 601 } 602 MCLGET(data->m, M_DONTWAIT); 603 if (!(data->m->m_flags & M_EXT)) { 604 printf("%s: could not allocate rx mbuf cluster\n", 605 USBDEVNAME(sc->sc_dev)); 606 error = ENOMEM; 607 goto fail; 608 } 609 610 data->buf = mtod(data->m, uint8_t *); 611 } 612 return 0; 613 614 fail: uath_free_rx_data_list(sc); 615 return error; 616 } 617 618 Static void 619 uath_free_rx_data_list(struct uath_softc *sc) 620 { 621 int i; 622 623 /* make sure no transfers are pending */ 624 usbd_abort_pipe(sc->data_rx_pipe); 625 626 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 627 struct uath_rx_data *data = &sc->rx_data[i]; 628 629 if (data->xfer != NULL) 630 usbd_free_xfer(data->xfer); 631 632 if (data->m != NULL) 633 m_freem(data->m); 634 } 635 } 636 637 Static int 638 uath_alloc_tx_cmd_list(struct uath_softc *sc) 639 { 640 int i, error; 641 642 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) { 643 struct uath_tx_cmd *cmd = &sc->tx_cmd[i]; 644 645 cmd->sc = sc; /* backpointer for callbacks */ 646 647 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 648 if (cmd->xfer == NULL) { 649 printf("%s: could not allocate xfer\n", 650 USBDEVNAME(sc->sc_dev)); 651 error = ENOMEM; 652 goto fail; 653 } 654 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_TXCMDSZ); 655 if (cmd->buf == NULL) { 656 printf("%s: could not allocate xfer buffer\n", 657 USBDEVNAME(sc->sc_dev)); 658 error = ENOMEM; 659 goto fail; 660 } 661 } 662 return 0; 663 664 fail: uath_free_tx_cmd_list(sc); 665 return error; 666 } 667 668 Static void 669 uath_free_tx_cmd_list(struct uath_softc *sc) 670 { 671 int i; 672 673 /* make sure no transfers are pending */ 674 usbd_abort_pipe(sc->cmd_tx_pipe); 675 676 for (i = 0; i < UATH_TX_CMD_LIST_COUNT; i++) 677 if (sc->tx_cmd[i].xfer != NULL) 678 usbd_free_xfer(sc->tx_cmd[i].xfer); 679 } 680 681 Static int 682 uath_alloc_rx_cmd_list(struct uath_softc *sc) 683 { 684 int i, error; 685 686 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) { 687 struct uath_rx_cmd *cmd = &sc->rx_cmd[i]; 688 689 cmd->sc = sc; /* backpointer for callbacks */ 690 691 cmd->xfer = usbd_alloc_xfer(sc->sc_udev); 692 if (cmd->xfer == NULL) { 693 printf("%s: could not allocate xfer\n", 694 USBDEVNAME(sc->sc_dev)); 695 error = ENOMEM; 696 goto fail; 697 } 698 cmd->buf = usbd_alloc_buffer(cmd->xfer, UATH_MAX_RXCMDSZ); 699 if (cmd->buf == NULL) { 700 printf("%s: could not allocate xfer buffer\n", 701 USBDEVNAME(sc->sc_dev)); 702 error = ENOMEM; 703 goto fail; 704 } 705 } 706 return 0; 707 708 fail: uath_free_rx_cmd_list(sc); 709 return error; 710 } 711 712 Static void 713 uath_free_rx_cmd_list(struct uath_softc *sc) 714 { 715 int i; 716 717 /* make sure no transfers are pending */ 718 usbd_abort_pipe(sc->cmd_rx_pipe); 719 720 for (i = 0; i < UATH_RX_CMD_LIST_COUNT; i++) 721 if (sc->rx_cmd[i].xfer != NULL) 722 usbd_free_xfer(sc->rx_cmd[i].xfer); 723 } 724 725 Static int 726 uath_media_change(struct ifnet *ifp) 727 { 728 int error; 729 730 error = ieee80211_media_change(ifp); 731 if (error != ENETRESET) 732 return error; 733 734 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 735 uath_init(ifp); 736 737 return 0; 738 } 739 740 /* 741 * This function is called periodically (every second) when associated to 742 * query device statistics. 743 */ 744 Static void 745 uath_stat(void *arg) 746 { 747 struct uath_softc *sc = arg; 748 int error; 749 750 /* 751 * Send request for statistics asynchronously. The timer will be 752 * restarted when we'll get the stats notification. 753 */ 754 error = uath_cmd_write(sc, UATH_CMD_STATS, NULL, 0, 755 UATH_CMD_FLAG_ASYNC); 756 if (error != 0) { 757 printf("%s: could not query statistics (error=%d)\n", 758 USBDEVNAME(sc->sc_dev), error); 759 } 760 } 761 762 /* 763 * This function is called periodically (every 250ms) during scanning to 764 * switch from one channel to another. 765 */ 766 Static void 767 uath_next_scan(void *arg) 768 { 769 struct uath_softc *sc = arg; 770 struct ieee80211com *ic = &sc->sc_ic; 771 struct ifnet *ifp = &ic->ic_if; 772 773 if (ic->ic_state == IEEE80211_S_SCAN) 774 ieee80211_next_scan(ifp); 775 } 776 777 Static void 778 uath_task(void *arg) 779 { 780 struct uath_softc *sc = arg; 781 struct ieee80211com *ic = &sc->sc_ic; 782 enum ieee80211_state ostate; 783 784 ostate = ic->ic_state; 785 786 switch (sc->sc_state) { 787 case IEEE80211_S_INIT: 788 if (ostate == IEEE80211_S_RUN) { 789 /* turn link and activity LEDs off */ 790 (void)uath_set_led(sc, UATH_LED_LINK, 0); 791 (void)uath_set_led(sc, UATH_LED_ACTIVITY, 0); 792 } 793 break; 794 795 case IEEE80211_S_SCAN: 796 if (uath_switch_channel(sc, ic->ic_bss->ni_chan) != 0) { 797 printf("%s: could not switch channel\n", 798 USBDEVNAME(sc->sc_dev)); 799 break; 800 } 801 timeout_add(&sc->scan_to, hz / 4); 802 break; 803 804 case IEEE80211_S_AUTH: 805 { 806 struct ieee80211_node *ni = ic->ic_bss; 807 struct uath_cmd_bssid bssid; 808 struct uath_cmd_0b cmd0b; 809 struct uath_cmd_0c cmd0c; 810 811 if (uath_switch_channel(sc, ni->ni_chan) != 0) { 812 printf("%s: could not switch channel\n", 813 USBDEVNAME(sc->sc_dev)); 814 break; 815 } 816 817 (void)uath_cmd_write(sc, UATH_CMD_24, NULL, 0, 0); 818 819 bzero(&bssid, sizeof bssid); 820 bssid.len = htobe32(IEEE80211_ADDR_LEN); 821 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 822 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 823 sizeof bssid, 0); 824 825 bzero(&cmd0b, sizeof cmd0b); 826 cmd0b.code = htobe32(2); 827 cmd0b.size = htobe32(sizeof (cmd0b.data)); 828 (void)uath_cmd_write(sc, UATH_CMD_0B, &cmd0b, sizeof cmd0b, 0); 829 830 bzero(&cmd0c, sizeof cmd0c); 831 cmd0c.magic1 = htobe32(2); 832 cmd0c.magic2 = htobe32(7); 833 cmd0c.magic3 = htobe32(1); 834 (void)uath_cmd_write(sc, UATH_CMD_0C, &cmd0c, sizeof cmd0c, 0); 835 836 if (uath_set_rates(sc, &ni->ni_rates) != 0) { 837 printf("%s: could not set negotiated rate set\n", 838 USBDEVNAME(sc->sc_dev)); 839 break; 840 } 841 break; 842 } 843 844 case IEEE80211_S_ASSOC: 845 break; 846 847 case IEEE80211_S_RUN: 848 { 849 struct ieee80211_node *ni = ic->ic_bss; 850 struct uath_cmd_bssid bssid; 851 struct uath_cmd_xled xled; 852 uint32_t val; 853 854 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 855 /* make both LEDs blink while monitoring */ 856 bzero(&xled, sizeof xled); 857 xled.which = htobe32(0); 858 xled.rate = htobe32(1); 859 xled.mode = htobe32(2); 860 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, 861 sizeof xled, 0); 862 break; 863 } 864 865 /* 866 * Tx rate is controlled by firmware, report the maximum 867 * negotiated rate in ifconfig output. 868 */ 869 ni->ni_txrate = ni->ni_rates.rs_nrates - 1; 870 871 val = htobe32(1); 872 (void)uath_cmd_write(sc, UATH_CMD_2E, &val, sizeof val, 0); 873 874 bzero(&bssid, sizeof bssid); 875 bssid.flags1 = htobe32(0xc004); 876 bssid.flags2 = htobe32(0x003b); 877 bssid.len = htobe32(IEEE80211_ADDR_LEN); 878 IEEE80211_ADDR_COPY(bssid.bssid, ni->ni_bssid); 879 (void)uath_cmd_write(sc, UATH_CMD_SET_BSSID, &bssid, 880 sizeof bssid, 0); 881 882 /* turn link LED on */ 883 (void)uath_set_led(sc, UATH_LED_LINK, 1); 884 885 /* make activity LED blink */ 886 bzero(&xled, sizeof xled); 887 xled.which = htobe32(1); 888 xled.rate = htobe32(1); 889 xled.mode = htobe32(2); 890 (void)uath_cmd_write(sc, UATH_CMD_SET_XLED, &xled, sizeof xled, 891 0); 892 893 /* set state to associated */ 894 val = htobe32(1); 895 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 896 0); 897 898 /* start statistics timer */ 899 timeout_add(&sc->stat_to, hz); 900 break; 901 } 902 } 903 sc->sc_newstate(ic, sc->sc_state, sc->sc_arg); 904 } 905 906 Static int 907 uath_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 908 { 909 struct uath_softc *sc = ic->ic_softc; 910 911 usb_rem_task(sc->sc_udev, &sc->sc_task); 912 timeout_del(&sc->scan_to); 913 timeout_del(&sc->stat_to); 914 915 /* do it in a process context */ 916 sc->sc_state = nstate; 917 sc->sc_arg = arg; 918 usb_add_task(sc->sc_udev, &sc->sc_task); 919 920 return 0; 921 } 922 923 #ifdef UATH_DEBUG 924 Static void 925 uath_dump_cmd(const uint8_t *buf, int len, char prefix) 926 { 927 int i; 928 929 for (i = 0; i < len; i++) { 930 if ((i % 16) == 0) 931 printf("\n%c ", prefix); 932 else if ((i % 4) == 0) 933 printf(" "); 934 printf("%02x", buf[i]); 935 } 936 printf("\n"); 937 } 938 #endif 939 940 /* 941 * Low-level function to send read or write commands to the firmware. 942 */ 943 Static int 944 uath_cmd(struct uath_softc *sc, uint32_t code, const void *idata, int ilen, 945 void *odata, int flags) 946 { 947 struct uath_cmd_hdr *hdr; 948 struct uath_tx_cmd *cmd; 949 uint16_t xferflags; 950 int s, xferlen, error; 951 952 /* grab a xfer */ 953 cmd = &sc->tx_cmd[sc->cmd_idx]; 954 955 /* always bulk-out a multiple of 4 bytes */ 956 xferlen = (sizeof (struct uath_cmd_hdr) + ilen + 3) & ~3; 957 958 hdr = (struct uath_cmd_hdr *)cmd->buf; 959 bzero(hdr, sizeof (struct uath_cmd_hdr)); 960 hdr->len = htobe32(xferlen); 961 hdr->code = htobe32(code); 962 hdr->priv = sc->cmd_idx; /* don't care about endianness */ 963 hdr->magic = htobe32((flags & UATH_CMD_FLAG_MAGIC) ? 1 << 24 : 0); 964 bcopy(idata, (uint8_t *)(hdr + 1), ilen); 965 966 #ifdef UATH_DEBUG 967 if (uath_debug >= 5) { 968 printf("sending command code=0x%02x flags=0x%x index=%u", 969 code, flags, sc->cmd_idx); 970 uath_dump_cmd(cmd->buf, xferlen, '+'); 971 } 972 #endif 973 xferflags = USBD_FORCE_SHORT_XFER | USBD_NO_COPY; 974 if (!(flags & UATH_CMD_FLAG_READ)) { 975 if (!(flags & UATH_CMD_FLAG_ASYNC)) 976 xferflags |= USBD_SYNCHRONOUS; 977 } else 978 s = splusb(); 979 980 cmd->odata = odata; 981 982 usbd_setup_xfer(cmd->xfer, sc->cmd_tx_pipe, cmd, cmd->buf, xferlen, 983 xferflags, UATH_CMD_TIMEOUT, NULL); 984 error = usbd_transfer(cmd->xfer); 985 if (error != USBD_IN_PROGRESS && error != 0) { 986 if (flags & UATH_CMD_FLAG_READ) 987 splx(s); 988 printf("%s: could not send command (error=%s)\n", 989 USBDEVNAME(sc->sc_dev), usbd_errstr(error)); 990 return error; 991 } 992 sc->cmd_idx = (sc->cmd_idx + 1) % UATH_TX_CMD_LIST_COUNT; 993 994 if (!(flags & UATH_CMD_FLAG_READ)) 995 return 0; /* write: don't wait for reply */ 996 997 /* wait at most two seconds for command reply */ 998 error = tsleep(cmd, PCATCH, "uathcmd", 2 * hz); 999 splx(s); 1000 if (error != 0) { 1001 printf("%s: timeout waiting for command reply\n", 1002 USBDEVNAME(sc->sc_dev)); 1003 } 1004 return error; 1005 } 1006 1007 Static int 1008 uath_cmd_write(struct uath_softc *sc, uint32_t code, const void *data, int len, 1009 int flags) 1010 { 1011 flags &= ~UATH_CMD_FLAG_READ; 1012 return uath_cmd(sc, code, data, len, NULL, flags); 1013 } 1014 1015 Static int 1016 uath_cmd_read(struct uath_softc *sc, uint32_t code, const void *idata, 1017 int ilen, void *odata, int flags) 1018 { 1019 flags |= UATH_CMD_FLAG_READ; 1020 return uath_cmd(sc, code, idata, ilen, odata, flags); 1021 } 1022 1023 Static int 1024 uath_write_reg(struct uath_softc *sc, uint32_t reg, uint32_t val) 1025 { 1026 struct uath_write_mac write; 1027 int error; 1028 1029 write.reg = htobe32(reg); 1030 write.len = htobe32(0); /* 0 = single write */ 1031 *(uint32_t *)write.data = htobe32(val); 1032 1033 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1034 3 * sizeof (uint32_t), 0); 1035 if (error != 0) { 1036 printf("%s: could not write register 0x%02x\n", 1037 USBDEVNAME(sc->sc_dev), reg); 1038 } 1039 return error; 1040 } 1041 1042 Static int 1043 uath_write_multi(struct uath_softc *sc, uint32_t reg, const void *data, 1044 int len) 1045 { 1046 struct uath_write_mac write; 1047 int error; 1048 1049 write.reg = htobe32(reg); 1050 write.len = htobe32(len); 1051 bcopy(data, write.data, len); 1052 1053 /* properly handle the case where len is zero (reset) */ 1054 error = uath_cmd_write(sc, UATH_CMD_WRITE_MAC, &write, 1055 (len == 0) ? sizeof (uint32_t) : 2 * sizeof (uint32_t) + len, 0); 1056 if (error != 0) { 1057 printf("%s: could not write %d bytes to register 0x%02x\n", 1058 USBDEVNAME(sc->sc_dev), len, reg); 1059 } 1060 return error; 1061 } 1062 1063 Static int 1064 uath_read_reg(struct uath_softc *sc, uint32_t reg, uint32_t *val) 1065 { 1066 struct uath_read_mac read; 1067 int error; 1068 1069 reg = htobe32(reg); 1070 error = uath_cmd_read(sc, UATH_CMD_READ_MAC, ®, sizeof reg, &read, 1071 0); 1072 if (error != 0) { 1073 printf("%s: could not read register 0x%02x\n", 1074 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1075 return error; 1076 } 1077 *val = betoh32(*(uint32_t *)read.data); 1078 return error; 1079 } 1080 1081 Static int 1082 uath_read_eeprom(struct uath_softc *sc, uint32_t reg, void *odata) 1083 { 1084 struct uath_read_mac read; 1085 int len, error; 1086 1087 reg = htobe32(reg); 1088 error = uath_cmd_read(sc, UATH_CMD_READ_EEPROM, ®, sizeof reg, 1089 &read, 0); 1090 if (error != 0) { 1091 printf("%s: could not read EEPROM offset 0x%02x\n", 1092 USBDEVNAME(sc->sc_dev), betoh32(reg)); 1093 return error; 1094 } 1095 len = betoh32(read.len); 1096 bcopy(read.data, odata, (len == 0) ? sizeof (uint32_t) : len); 1097 return error; 1098 } 1099 1100 Static void 1101 uath_cmd_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1102 usbd_status status) 1103 { 1104 struct uath_rx_cmd *cmd = priv; 1105 struct uath_softc *sc = cmd->sc; 1106 struct uath_cmd_hdr *hdr; 1107 1108 if (status != USBD_NORMAL_COMPLETION) { 1109 if (status == USBD_STALLED) 1110 usbd_clear_endpoint_stall_async(sc->cmd_rx_pipe); 1111 return; 1112 } 1113 1114 hdr = (struct uath_cmd_hdr *)cmd->buf; 1115 1116 #ifdef UATH_DEBUG 1117 if (uath_debug >= 5) { 1118 printf("received command code=0x%x index=%u len=%u", 1119 betoh32(hdr->code), hdr->priv, betoh32(hdr->len)); 1120 uath_dump_cmd(cmd->buf, betoh32(hdr->len), '-'); 1121 } 1122 #endif 1123 1124 switch (betoh32(hdr->code) & 0xff) { 1125 /* reply to a read command */ 1126 default: 1127 { 1128 struct uath_tx_cmd *txcmd = &sc->tx_cmd[hdr->priv]; 1129 1130 if (txcmd->odata != NULL) { 1131 /* copy answer into caller's supplied buffer */ 1132 bcopy((uint8_t *)(hdr + 1), txcmd->odata, 1133 betoh32(hdr->len) - sizeof (struct uath_cmd_hdr)); 1134 } 1135 wakeup(txcmd); /* wake up caller */ 1136 break; 1137 } 1138 /* spontaneous firmware notifications */ 1139 case UATH_NOTIF_READY: 1140 DPRINTF(("received device ready notification\n")); 1141 wakeup(UATH_COND_INIT(sc)); 1142 break; 1143 1144 case UATH_NOTIF_TX: 1145 /* this notification is sent when UATH_TX_NOTIFY is set */ 1146 DPRINTF(("received Tx notification\n")); 1147 break; 1148 1149 case UATH_NOTIF_STATS: 1150 DPRINTFN(2, ("received device statistics\n")); 1151 timeout_add(&sc->stat_to, hz); 1152 break; 1153 } 1154 1155 /* setup a new transfer */ 1156 usbd_setup_xfer(xfer, sc->cmd_rx_pipe, cmd, cmd->buf, UATH_MAX_RXCMDSZ, 1157 USBD_SHORT_XFER_OK | USBD_NO_COPY, USBD_NO_TIMEOUT, 1158 uath_cmd_rxeof); 1159 (void)usbd_transfer(xfer); 1160 } 1161 1162 Static void 1163 uath_data_rxeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1164 usbd_status status) 1165 { 1166 struct uath_rx_data *data = priv; 1167 struct uath_softc *sc = data->sc; 1168 struct ieee80211com *ic = &sc->sc_ic; 1169 struct ifnet *ifp = &ic->ic_if; 1170 struct ieee80211_frame *wh; 1171 struct ieee80211_node *ni; 1172 struct uath_rx_desc *desc; 1173 struct mbuf *mnew, *m; 1174 uint32_t hdr; 1175 int s, len; 1176 1177 if (status != USBD_NORMAL_COMPLETION) { 1178 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1179 return; 1180 1181 if (status == USBD_STALLED) 1182 usbd_clear_endpoint_stall_async(sc->data_rx_pipe); 1183 1184 ifp->if_ierrors++; 1185 return; 1186 } 1187 usbd_get_xfer_status(xfer, NULL, NULL, &len, NULL); 1188 1189 if (len < UATH_MIN_RXBUFSZ || len > sc->rxbufsz) { 1190 DPRINTF(("wrong xfer size: !(%d <= %d <= %d)\n", 1191 UATH_MIN_RXBUFSZ, len, sc->rxbufsz)); 1192 ifp->if_ierrors++; 1193 goto skip; 1194 } 1195 1196 hdr = betoh32(*(uint32_t *)data->buf); 1197 1198 /* Rx descriptor is located at the end, 32-bit aligned */ 1199 desc = (struct uath_rx_desc *) 1200 (data->buf + len - sizeof (struct uath_rx_desc)); 1201 1202 /* there's probably a "bad CRC" flag somewhere in the descriptor.. */ 1203 1204 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1205 if (mnew == NULL) { 1206 printf("%s: could not allocate rx mbuf\n", 1207 USBDEVNAME(sc->sc_dev)); 1208 ifp->if_ierrors++; 1209 goto skip; 1210 } 1211 MCLGET(mnew, M_DONTWAIT); 1212 if (!(mnew->m_flags & M_EXT)) { 1213 printf("%s: could not allocate rx mbuf cluster\n", 1214 USBDEVNAME(sc->sc_dev)); 1215 m_freem(mnew); 1216 ifp->if_ierrors++; 1217 goto skip; 1218 } 1219 1220 m = data->m; 1221 data->m = mnew; 1222 1223 /* finalize mbuf */ 1224 m->m_pkthdr.rcvif = ifp; 1225 m->m_data = data->buf + sizeof (uint32_t); 1226 m->m_pkthdr.len = m->m_len = 1227 betoh32(desc->len) - sizeof (struct uath_rx_desc); 1228 1229 data->buf = mtod(data->m, uint8_t *); 1230 1231 wh = mtod(m, struct ieee80211_frame *); 1232 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) && 1233 ic->ic_opmode != IEEE80211_M_MONITOR) { 1234 /* 1235 * Hardware decrypts the frame itself but leaves the WEP bit 1236 * set in the 802.11 header and doesn't remove the IV and CRC 1237 * fields. 1238 */ 1239 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 1240 ovbcopy(wh, (caddr_t)wh + IEEE80211_WEP_IVLEN + 1241 IEEE80211_WEP_KIDLEN, sizeof (struct ieee80211_frame)); 1242 m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN); 1243 m_adj(m, -IEEE80211_WEP_CRCLEN); 1244 wh = mtod(m, struct ieee80211_frame *); 1245 } 1246 1247 #if NBPFILTER > 0 1248 /* there are a lot more fields in the Rx descriptor */ 1249 if (sc->sc_drvbpf != NULL) { 1250 struct mbuf mb; 1251 struct uath_rx_radiotap_header *tap = &sc->sc_rxtap; 1252 1253 tap->wr_flags = 0; 1254 tap->wr_chan_freq = htole16(betoh32(desc->freq)); 1255 tap->wr_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1256 tap->wr_dbm_antsignal = (int8_t)betoh32(desc->rssi); 1257 1258 M_DUP_PKTHDR(&mb, m); 1259 mb.m_data = (caddr_t)tap; 1260 mb.m_len = sc->sc_rxtap_len; 1261 mb.m_next = m; 1262 mb.m_pkthdr.len += mb.m_len; 1263 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_IN); 1264 } 1265 #endif 1266 1267 s = splnet(); 1268 ni = ieee80211_find_rxnode(ic, wh); 1269 ieee80211_input(ifp, m, ni, (int)betoh32(desc->rssi), 0); 1270 1271 /* node is no longer needed */ 1272 ieee80211_release_node(ic, ni); 1273 splx(s); 1274 1275 skip: /* setup a new transfer */ 1276 usbd_setup_xfer(xfer, sc->data_rx_pipe, data, data->buf, sc->rxbufsz, 1277 USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, uath_data_rxeof); 1278 (void)usbd_transfer(xfer); 1279 } 1280 1281 Static int 1282 uath_tx_null(struct uath_softc *sc) 1283 { 1284 struct uath_tx_data *data; 1285 struct uath_tx_desc *desc; 1286 1287 data = &sc->tx_data[sc->data_idx]; 1288 1289 data->ni = NULL; 1290 1291 *(uint32_t *)data->buf = UATH_MAKECTL(1, sizeof (struct uath_tx_desc)); 1292 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1293 1294 bzero(desc, sizeof (struct uath_tx_desc)); 1295 desc->len = htobe32(sizeof (struct uath_tx_desc)); 1296 desc->type = htobe32(UATH_TX_NULL); 1297 1298 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, 1299 sizeof (uint32_t) + sizeof (struct uath_tx_desc), USBD_NO_COPY | 1300 USBD_FORCE_SHORT_XFER, UATH_DATA_TIMEOUT, NULL); 1301 if (usbd_sync_transfer(data->xfer) != 0) 1302 return EIO; 1303 1304 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1305 1306 return uath_cmd_write(sc, UATH_CMD_0F, NULL, 0, UATH_CMD_FLAG_ASYNC); 1307 } 1308 1309 Static void 1310 uath_data_txeof(usbd_xfer_handle xfer, usbd_private_handle priv, 1311 usbd_status status) 1312 { 1313 struct uath_tx_data *data = priv; 1314 struct uath_softc *sc = data->sc; 1315 struct ieee80211com *ic = &sc->sc_ic; 1316 struct ifnet *ifp = &ic->ic_if; 1317 int s; 1318 1319 if (status != USBD_NORMAL_COMPLETION) { 1320 if (status == USBD_NOT_STARTED || status == USBD_CANCELLED) 1321 return; 1322 1323 printf("%s: could not transmit buffer: %s\n", 1324 USBDEVNAME(sc->sc_dev), usbd_errstr(status)); 1325 1326 if (status == USBD_STALLED) 1327 usbd_clear_endpoint_stall_async(sc->data_tx_pipe); 1328 1329 ifp->if_oerrors++; 1330 return; 1331 } 1332 1333 s = splnet(); 1334 1335 ieee80211_release_node(ic, data->ni); 1336 data->ni = NULL; 1337 1338 sc->tx_queued--; 1339 ifp->if_opackets++; 1340 1341 sc->sc_tx_timer = 0; 1342 ifp->if_flags &= ~IFF_OACTIVE; 1343 uath_start(ifp); 1344 1345 splx(s); 1346 } 1347 1348 Static int 1349 uath_tx_data(struct uath_softc *sc, struct mbuf *m0, struct ieee80211_node *ni) 1350 { 1351 struct ieee80211com *ic = &sc->sc_ic; 1352 struct uath_tx_data *data; 1353 struct uath_tx_desc *desc; 1354 const struct ieee80211_frame *wh; 1355 int paylen, totlen, xferlen, error; 1356 1357 data = &sc->tx_data[sc->data_idx]; 1358 desc = (struct uath_tx_desc *)(data->buf + sizeof (uint32_t)); 1359 1360 data->ni = ni; 1361 1362 #if NBPFILTER > 0 1363 if (sc->sc_drvbpf != NULL) { 1364 struct mbuf mb; 1365 struct uath_tx_radiotap_header *tap = &sc->sc_txtap; 1366 1367 tap->wt_flags = 0; 1368 tap->wt_chan_freq = htole16(ic->ic_bss->ni_chan->ic_freq); 1369 tap->wt_chan_flags = htole16(ic->ic_bss->ni_chan->ic_flags); 1370 1371 M_DUP_PKTHDR(&mb, m0); 1372 mb.m_data = (caddr_t)tap; 1373 mb.m_len = sc->sc_txtap_len; 1374 mb.m_next = m0; 1375 mb.m_pkthdr.len += mb.m_len; 1376 bpf_mtap(sc->sc_drvbpf, &mb, BPF_DIRECTION_OUT); 1377 } 1378 #endif 1379 1380 paylen = m0->m_pkthdr.len; 1381 xferlen = sizeof (uint32_t) + sizeof (struct uath_tx_desc) + paylen; 1382 1383 wh = mtod(m0, struct ieee80211_frame *); 1384 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1385 uint8_t *frm = (uint8_t *)(desc + 1); 1386 uint32_t iv; 1387 1388 /* h/w WEP: it's up to the host to fill the IV field */ 1389 bcopy(wh, frm, sizeof (struct ieee80211_frame)); 1390 frm += sizeof (struct ieee80211_frame); 1391 1392 /* insert IV: code copied from net80211 */ 1393 iv = (ic->ic_iv != 0) ? ic->ic_iv : arc4random(); 1394 if (iv >= 0x03ff00 && (iv & 0xf8ff00) == 0x00ff00) 1395 iv += 0x000100; 1396 ic->ic_iv = iv + 1; 1397 1398 *frm++ = iv & 0xff; 1399 *frm++ = (iv >> 8) & 0xff; 1400 *frm++ = (iv >> 16) & 0xff; 1401 *frm++ = ic->ic_wep_txkey << 6; 1402 1403 m_copydata(m0, sizeof (struct ieee80211_frame), 1404 m0->m_pkthdr.len - sizeof (struct ieee80211_frame), frm); 1405 1406 paylen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1407 xferlen += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN; 1408 totlen = xferlen + IEEE80211_WEP_CRCLEN; 1409 } else { 1410 m_copydata(m0, 0, m0->m_pkthdr.len, (uint8_t *)(desc + 1)); 1411 totlen = xferlen; 1412 } 1413 1414 /* fill Tx descriptor */ 1415 *(uint32_t *)data->buf = UATH_MAKECTL(1, xferlen - sizeof (uint32_t)); 1416 1417 desc->len = htobe32(totlen); 1418 desc->priv = sc->data_idx; /* don't care about endianness */ 1419 desc->paylen = htobe32(paylen); 1420 desc->type = htobe32(UATH_TX_DATA); 1421 desc->flags = htobe32(0); 1422 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1423 desc->dest = htobe32(UATH_ID_BROADCAST); 1424 desc->magic = htobe32(3); 1425 } else { 1426 desc->dest = htobe32(UATH_ID_BSS); 1427 desc->magic = htobe32(1); 1428 } 1429 1430 m_freem(m0); /* mbuf is no longer needed */ 1431 1432 #ifdef UATH_DEBUG 1433 if (uath_debug >= 6) { 1434 printf("sending frame index=%u len=%d xferlen=%d", 1435 sc->data_idx, paylen, xferlen); 1436 uath_dump_cmd(data->buf, xferlen, '+'); 1437 } 1438 #endif 1439 usbd_setup_xfer(data->xfer, sc->data_tx_pipe, data, data->buf, xferlen, 1440 USBD_FORCE_SHORT_XFER | USBD_NO_COPY, UATH_DATA_TIMEOUT, 1441 uath_data_txeof); 1442 error = usbd_transfer(data->xfer); 1443 if (error != USBD_IN_PROGRESS && error != 0) { 1444 ic->ic_if.if_oerrors++; 1445 return error; 1446 } 1447 sc->data_idx = (sc->data_idx + 1) % UATH_TX_DATA_LIST_COUNT; 1448 sc->tx_queued++; 1449 1450 return 0; 1451 } 1452 1453 Static void 1454 uath_start(struct ifnet *ifp) 1455 { 1456 struct uath_softc *sc = ifp->if_softc; 1457 struct ieee80211com *ic = &sc->sc_ic; 1458 struct ieee80211_node *ni; 1459 struct mbuf *m0; 1460 1461 /* 1462 * net80211 may still try to send management frames even if the 1463 * IFF_RUNNING flag is not set... 1464 */ 1465 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1466 return; 1467 1468 for (;;) { 1469 IF_POLL(&ic->ic_mgtq, m0); 1470 if (m0 != NULL) { 1471 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1472 ifp->if_flags |= IFF_OACTIVE; 1473 break; 1474 } 1475 IF_DEQUEUE(&ic->ic_mgtq, m0); 1476 1477 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1478 m0->m_pkthdr.rcvif = NULL; 1479 #if NBPFILTER > 0 1480 if (ic->ic_rawbpf != NULL) 1481 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1482 #endif 1483 if (uath_tx_data(sc, m0, ni) != 0) 1484 break; 1485 } else { 1486 if (ic->ic_state != IEEE80211_S_RUN) 1487 break; 1488 IFQ_DEQUEUE(&ifp->if_snd, m0); 1489 if (m0 == NULL) 1490 break; 1491 if (sc->tx_queued >= UATH_TX_DATA_LIST_COUNT) { 1492 IF_PREPEND(&ifp->if_snd, m0); 1493 ifp->if_flags |= IFF_OACTIVE; 1494 break; 1495 } 1496 #if NBPFILTER > 0 1497 if (ifp->if_bpf != NULL) 1498 bpf_mtap(ifp->if_bpf, m0, BPF_DIRECTION_OUT); 1499 #endif 1500 m0 = ieee80211_encap(ifp, m0, &ni); 1501 if (m0 == NULL) 1502 continue; 1503 #if NBPFILTER > 0 1504 if (ic->ic_rawbpf != NULL) 1505 bpf_mtap(ic->ic_rawbpf, m0, BPF_DIRECTION_OUT); 1506 #endif 1507 if (uath_tx_data(sc, m0, ni) != 0) { 1508 if (ni != NULL) 1509 ieee80211_release_node(ic, ni); 1510 ifp->if_oerrors++; 1511 break; 1512 } 1513 } 1514 1515 sc->sc_tx_timer = 5; 1516 ifp->if_timer = 1; 1517 } 1518 } 1519 1520 Static void 1521 uath_watchdog(struct ifnet *ifp) 1522 { 1523 struct uath_softc *sc = ifp->if_softc; 1524 1525 ifp->if_timer = 0; 1526 1527 if (sc->sc_tx_timer > 0) { 1528 if (--sc->sc_tx_timer == 0) { 1529 printf("%s: device timeout\n", USBDEVNAME(sc->sc_dev)); 1530 /*uath_init(ifp); XXX needs a process context! */ 1531 ifp->if_oerrors++; 1532 return; 1533 } 1534 ifp->if_timer = 1; 1535 } 1536 1537 ieee80211_watchdog(ifp); 1538 } 1539 1540 Static int 1541 uath_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1542 { 1543 struct uath_softc *sc = ifp->if_softc; 1544 struct ieee80211com *ic = &sc->sc_ic; 1545 struct ifaddr *ifa; 1546 struct ifreq *ifr; 1547 int s, error = 0; 1548 1549 s = splnet(); 1550 1551 switch (cmd) { 1552 case SIOCSIFADDR: 1553 ifa = (struct ifaddr *)data; 1554 ifp->if_flags |= IFF_UP; 1555 #ifdef INET 1556 if (ifa->ifa_addr->sa_family == AF_INET) 1557 arp_ifinit(&ic->ic_ac, ifa); 1558 #endif 1559 /* FALLTHROUGH */ 1560 case SIOCSIFFLAGS: 1561 if (ifp->if_flags & IFF_UP) { 1562 if (!(ifp->if_flags & IFF_RUNNING)) 1563 uath_init(ifp); 1564 } else { 1565 if (ifp->if_flags & IFF_RUNNING) 1566 uath_stop(ifp, 1); 1567 } 1568 break; 1569 1570 case SIOCADDMULTI: 1571 case SIOCDELMULTI: 1572 ifr = (struct ifreq *)data; 1573 error = (cmd == SIOCADDMULTI) ? 1574 ether_addmulti(ifr, &ic->ic_ac) : 1575 ether_delmulti(ifr, &ic->ic_ac); 1576 if (error == ENETRESET) 1577 error = 0; 1578 break; 1579 1580 default: 1581 error = ieee80211_ioctl(ifp, cmd, data); 1582 } 1583 1584 if (error == ENETRESET) { 1585 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 1586 (IFF_UP | IFF_RUNNING)) 1587 uath_init(ifp); 1588 error = 0; 1589 } 1590 1591 splx(s); 1592 1593 return error; 1594 } 1595 1596 Static int 1597 uath_query_eeprom(struct uath_softc *sc) 1598 { 1599 uint32_t tmp; 1600 int error; 1601 1602 /* retrieve MAC address */ 1603 error = uath_read_eeprom(sc, UATH_EEPROM_MACADDR, sc->sc_ic.ic_myaddr); 1604 if (error != 0) { 1605 printf("%s: could not read MAC address\n", 1606 USBDEVNAME(sc->sc_dev)); 1607 return error; 1608 } 1609 1610 /* retrieve the maximum frame size that the hardware can receive */ 1611 error = uath_read_eeprom(sc, UATH_EEPROM_RXBUFSZ, &tmp); 1612 if (error != 0) { 1613 printf("%s: could not read maximum Rx buffer size\n", 1614 USBDEVNAME(sc->sc_dev)); 1615 return error; 1616 } 1617 sc->rxbufsz = betoh32(tmp) & 0xfff; 1618 DPRINTF(("maximum Rx buffer size %d\n", sc->rxbufsz)); 1619 return 0; 1620 } 1621 1622 Static int 1623 uath_reset(struct uath_softc *sc) 1624 { 1625 struct uath_cmd_setup setup; 1626 uint32_t reg, val; 1627 int s, error; 1628 1629 /* init device with some voodoo incantations.. */ 1630 setup.magic1 = htobe32(1); 1631 setup.magic2 = htobe32(5); 1632 setup.magic3 = htobe32(200); 1633 setup.magic4 = htobe32(27); 1634 s = splusb(); 1635 error = uath_cmd_write(sc, UATH_CMD_SETUP, &setup, sizeof setup, 1636 UATH_CMD_FLAG_ASYNC); 1637 /* ..and wait until firmware notifies us that it is ready */ 1638 if (error == 0) 1639 error = tsleep(UATH_COND_INIT(sc), PCATCH, "uathinit", 5 * hz); 1640 splx(s); 1641 1642 /* read PHY registers */ 1643 for (reg = 0x09; reg <= 0x24; reg++) { 1644 if (reg == 0x0b || reg == 0x0c) 1645 continue; 1646 if ((error = uath_read_reg(sc, reg, &val)) != 0) 1647 return error; 1648 DPRINTFN(2, ("reg 0x%02x=0x%08x\n", reg, val)); 1649 } 1650 return error; 1651 } 1652 1653 Static int 1654 uath_reset_tx_queues(struct uath_softc *sc) 1655 { 1656 int ac, error; 1657 1658 for (ac = 0; ac < 4; ac++) { 1659 const uint32_t qid = htobe32(UATH_AC_TO_QID(ac)); 1660 1661 DPRINTF(("resetting Tx queue %d\n", UATH_AC_TO_QID(ac))); 1662 error = uath_cmd_write(sc, UATH_CMD_RESET_QUEUE, &qid, 1663 sizeof qid, 0); 1664 if (error != 0) 1665 break; 1666 } 1667 return error; 1668 } 1669 1670 Static int 1671 uath_wme_init(struct uath_softc *sc) 1672 { 1673 struct uath_qinfo qinfo; 1674 int ac, error; 1675 static const struct uath_wme_settings uath_wme_11g[4] = { 1676 { 7, 4, 10, 0, 0 }, /* Background */ 1677 { 3, 4, 10, 0, 0 }, /* Best-Effort */ 1678 { 3, 3, 4, 26, 0 }, /* Video */ 1679 { 2, 2, 3, 47, 0 } /* Voice */ 1680 }; 1681 1682 bzero(&qinfo, sizeof qinfo); 1683 qinfo.size = htobe32(32); 1684 qinfo.magic1 = htobe32(1); /* XXX ack policy? */ 1685 qinfo.magic2 = htobe32(1); 1686 for (ac = 0; ac < 4; ac++) { 1687 qinfo.qid = htobe32(UATH_AC_TO_QID(ac)); 1688 qinfo.ac = htobe32(ac); 1689 qinfo.aifsn = htobe32(uath_wme_11g[ac].aifsn); 1690 qinfo.logcwmin = htobe32(uath_wme_11g[ac].logcwmin); 1691 qinfo.logcwmax = htobe32(uath_wme_11g[ac].logcwmax); 1692 qinfo.txop = htobe32(UATH_TXOP_TO_US( 1693 uath_wme_11g[ac].txop)); 1694 qinfo.acm = htobe32(uath_wme_11g[ac].acm); 1695 1696 DPRINTF(("setting up Tx queue %d\n", UATH_AC_TO_QID(ac))); 1697 error = uath_cmd_write(sc, UATH_CMD_SET_QUEUE, &qinfo, 1698 sizeof qinfo, 0); 1699 if (error != 0) 1700 break; 1701 } 1702 return error; 1703 } 1704 1705 Static int 1706 uath_set_chan(struct uath_softc *sc, struct ieee80211_channel *c) 1707 { 1708 #ifdef UATH_DEBUG 1709 struct ieee80211com *ic = &sc->sc_ic; 1710 #endif 1711 struct uath_set_chan chan; 1712 1713 bzero(&chan, sizeof chan); 1714 chan.flags = htobe32(0x1400); 1715 chan.freq = htobe32(c->ic_freq); 1716 chan.magic1 = htobe32(20); 1717 chan.magic2 = htobe32(50); 1718 chan.magic3 = htobe32(1); 1719 1720 DPRINTF(("switching to channel %d\n", ieee80211_chan2ieee(ic, c))); 1721 return uath_cmd_write(sc, UATH_CMD_SET_CHAN, &chan, sizeof chan, 0); 1722 } 1723 1724 Static int 1725 uath_set_key(struct uath_softc *sc, const struct ieee80211_wepkey *wk, 1726 int index) 1727 { 1728 struct uath_cmd_crypto crypto; 1729 int i; 1730 1731 bzero(&crypto, sizeof crypto); 1732 crypto.keyidx = htobe32(index); 1733 crypto.magic1 = htobe32(1); 1734 crypto.size = htobe32(368); 1735 crypto.mask = htobe32(0xffff); 1736 crypto.flags = htobe32(0x80000068); 1737 if (index != UATH_DEFAULT_KEY) 1738 crypto.flags |= htobe32(index << 16); 1739 memset(crypto.magic2, 0xff, sizeof crypto.magic2); 1740 1741 /* 1742 * Each byte of the key must be XOR'ed with 10101010 before being 1743 * transmitted to the firmware. 1744 */ 1745 for (i = 0; i < wk->wk_len; i++) 1746 crypto.key[i] = wk->wk_key[i] ^ 0xaa; 1747 1748 DPRINTF(("setting crypto key index=%d len=%d\n", index, wk->wk_len)); 1749 return uath_cmd_write(sc, UATH_CMD_CRYPTO, &crypto, sizeof crypto, 0); 1750 } 1751 1752 Static int 1753 uath_set_keys(struct uath_softc *sc) 1754 { 1755 const struct ieee80211com *ic = &sc->sc_ic; 1756 int i, error; 1757 1758 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 1759 const struct ieee80211_wepkey *wk = &ic->ic_nw_keys[i]; 1760 1761 if (wk->wk_len > 0 && 1762 (error = uath_set_key(sc, wk, i)) != 0) 1763 return error; 1764 } 1765 return uath_set_key(sc, &ic->ic_nw_keys[ic->ic_wep_txkey], 1766 UATH_DEFAULT_KEY); 1767 } 1768 1769 Static int 1770 uath_set_rates(struct uath_softc *sc, const struct ieee80211_rateset *rs) 1771 { 1772 struct uath_cmd_rates rates; 1773 1774 bzero(&rates, sizeof rates); 1775 rates.magic1 = htobe32(0x02); 1776 rates.magic2 = htobe32(0x21); 1777 rates.nrates = rs->rs_nrates; 1778 bcopy(rs->rs_rates, rates.rates, rs->rs_nrates); 1779 1780 DPRINTF(("setting supported rates nrates=%d\n", rs->rs_nrates)); 1781 return uath_cmd_write(sc, UATH_CMD_SET_RATES, &rates, 1782 3 * 4 + 1 + rs->rs_nrates, 0); 1783 } 1784 1785 Static int 1786 uath_set_rxfilter(struct uath_softc *sc, uint32_t filter, uint32_t flags) 1787 { 1788 struct uath_cmd_filter rxfilter; 1789 1790 rxfilter.filter = htobe32(filter); 1791 rxfilter.flags = htobe32(flags); 1792 1793 DPRINTF(("setting Rx filter=0x%x flags=0x%x\n", filter, flags)); 1794 return uath_cmd_write(sc, UATH_CMD_SET_FILTER, &rxfilter, 1795 sizeof rxfilter, 0); 1796 } 1797 1798 Static int 1799 uath_set_led(struct uath_softc *sc, int which, int on) 1800 { 1801 struct uath_cmd_led led; 1802 1803 led.which = htobe32(which); 1804 led.state = htobe32(on ? UATH_LED_ON : UATH_LED_OFF); 1805 1806 DPRINTFN(2, ("switching %s led %s\n", 1807 (which == UATH_LED_LINK) ? "link" : "activity", 1808 on ? "on" : "off")); 1809 return uath_cmd_write(sc, UATH_CMD_SET_LED, &led, sizeof led, 0); 1810 } 1811 1812 Static int 1813 uath_switch_channel(struct uath_softc *sc, struct ieee80211_channel *c) 1814 { 1815 uint32_t val; 1816 int error; 1817 1818 /* set radio frequency */ 1819 if ((error = uath_set_chan(sc, c)) != 0) { 1820 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1821 return error; 1822 } 1823 1824 /* reset Tx rings */ 1825 if ((error = uath_reset_tx_queues(sc)) != 0) { 1826 printf("%s: could not reset Tx queues\n", 1827 USBDEVNAME(sc->sc_dev)); 1828 return error; 1829 } 1830 1831 /* set Tx rings WME properties */ 1832 if ((error = uath_wme_init(sc)) != 0) { 1833 printf("%s: could not init Tx queues\n", 1834 USBDEVNAME(sc->sc_dev)); 1835 return error; 1836 } 1837 1838 val = htobe32(0); 1839 error = uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1840 if (error != 0) { 1841 printf("%s: could not set state\n", USBDEVNAME(sc->sc_dev)); 1842 return error; 1843 } 1844 1845 return uath_tx_null(sc); 1846 } 1847 1848 Static int 1849 uath_init(struct ifnet *ifp) 1850 { 1851 struct uath_softc *sc = ifp->if_softc; 1852 struct ieee80211com *ic = &sc->sc_ic; 1853 struct uath_cmd_31 cmd31; 1854 uint32_t /*reg,*/ val; 1855 int i, error; 1856 1857 /* reset data and command rings */ 1858 sc->tx_queued = sc->data_idx = sc->cmd_idx = 0; 1859 1860 val = htobe32(0); 1861 (void)uath_cmd_write(sc, UATH_CMD_02, &val, sizeof val, 0); 1862 1863 /* set MAC address */ 1864 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 1865 (void)uath_write_multi(sc, 0x13, ic->ic_myaddr, IEEE80211_ADDR_LEN); 1866 1867 (void)uath_write_reg(sc, 0x02, 0x00000001); 1868 (void)uath_write_reg(sc, 0x0e, 0x0000003f); 1869 (void)uath_write_reg(sc, 0x10, 0x00000001); 1870 (void)uath_write_reg(sc, 0x06, 0x0000001e); 1871 1872 /* 1873 * Queue Rx data xfers. 1874 */ 1875 for (i = 0; i < UATH_RX_DATA_LIST_COUNT; i++) { 1876 struct uath_rx_data *data = &sc->rx_data[i]; 1877 1878 usbd_setup_xfer(data->xfer, sc->data_rx_pipe, data, data->buf, 1879 sc->rxbufsz, USBD_SHORT_XFER_OK, USBD_NO_TIMEOUT, 1880 uath_data_rxeof); 1881 error = usbd_transfer(data->xfer); 1882 if (error != USBD_IN_PROGRESS && error != 0) { 1883 printf("%s: could not queue Rx transfer\n", 1884 USBDEVNAME(sc->sc_dev)); 1885 goto fail; 1886 } 1887 } 1888 1889 error = uath_cmd_read(sc, UATH_CMD_07, 0, NULL, &val, 1890 UATH_CMD_FLAG_MAGIC); 1891 if (error != 0) { 1892 printf("%s: could not send read command 07h\n", 1893 USBDEVNAME(sc->sc_dev)); 1894 goto fail; 1895 } 1896 DPRINTF(("command 07h return code: %x\n", betoh32(val))); 1897 1898 /* set default channel */ 1899 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1900 if ((error = uath_set_chan(sc, ic->ic_bss->ni_chan)) != 0) { 1901 printf("%s: could not set channel\n", USBDEVNAME(sc->sc_dev)); 1902 goto fail; 1903 } 1904 1905 if ((error = uath_wme_init(sc)) != 0) { 1906 printf("%s: could not setup WME parameters\n", 1907 USBDEVNAME(sc->sc_dev)); 1908 goto fail; 1909 } 1910 1911 /* init MAC registers */ 1912 (void)uath_write_reg(sc, 0x19, 0x00000000); 1913 (void)uath_write_reg(sc, 0x1a, 0x0000003c); 1914 (void)uath_write_reg(sc, 0x1b, 0x0000003c); 1915 (void)uath_write_reg(sc, 0x1c, 0x00000000); 1916 (void)uath_write_reg(sc, 0x1e, 0x00000000); 1917 (void)uath_write_reg(sc, 0x1f, 0x00000003); 1918 (void)uath_write_reg(sc, 0x0c, 0x00000000); 1919 (void)uath_write_reg(sc, 0x0f, 0x00000002); 1920 (void)uath_write_reg(sc, 0x0a, 0x00000007); /* XXX retry? */ 1921 (void)uath_write_reg(sc, 0x09, ic->ic_rtsthreshold); 1922 1923 val = htobe32(4); 1924 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1925 (void)uath_cmd_write(sc, UATH_CMD_27, &val, sizeof val, 0); 1926 (void)uath_cmd_write(sc, UATH_CMD_1B, NULL, 0, 0); 1927 1928 if ((error = uath_set_keys(sc)) != 0) { 1929 printf("%s: could not set crypto keys\n", 1930 USBDEVNAME(sc->sc_dev)); 1931 goto fail; 1932 } 1933 1934 /* enable Rx */ 1935 (void)uath_set_rxfilter(sc, 0x0000, 4); 1936 (void)uath_set_rxfilter(sc, 0x0817, 1); 1937 1938 cmd31.magic1 = htobe32(0xffffffff); 1939 cmd31.magic2 = htobe32(0xffffffff); 1940 (void)uath_cmd_write(sc, UATH_CMD_31, &cmd31, sizeof cmd31, 0); 1941 1942 ifp->if_flags &= ~IFF_OACTIVE; 1943 ifp->if_flags |= IFF_RUNNING; 1944 1945 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1946 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1947 else 1948 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1949 1950 return 0; 1951 1952 fail: uath_stop(ifp, 1); 1953 return error; 1954 } 1955 1956 Static void 1957 uath_stop(struct ifnet *ifp, int disable) 1958 { 1959 struct uath_softc *sc = ifp->if_softc; 1960 struct ieee80211com *ic = &sc->sc_ic; 1961 uint32_t val; 1962 int s; 1963 1964 s = splusb(); 1965 1966 sc->sc_tx_timer = 0; 1967 ifp->if_timer = 0; 1968 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1969 1970 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); /* free all nodes */ 1971 1972 val = htobe32(0); 1973 (void)uath_cmd_write(sc, UATH_CMD_SET_STATE, &val, sizeof val, 0); 1974 (void)uath_cmd_write(sc, UATH_CMD_RESET, NULL, 0, 0); 1975 1976 val = htobe32(0); 1977 (void)uath_cmd_write(sc, UATH_CMD_15, &val, sizeof val, 0); 1978 1979 #if 0 1980 (void)uath_cmd_read(sc, UATH_CMD_SHUTDOWN, NULL, 0, NULL, 1981 UATH_CMD_FLAG_MAGIC); 1982 #endif 1983 1984 /* abort any pending transfers */ 1985 usbd_abort_pipe(sc->data_tx_pipe); 1986 usbd_abort_pipe(sc->data_rx_pipe); 1987 usbd_abort_pipe(sc->cmd_tx_pipe); 1988 usbd_abort_pipe(sc->cmd_rx_pipe); 1989 1990 splx(s); 1991 } 1992 1993 /* 1994 * Load the MIPS R4000 microcode into the device. Once the image is loaded, 1995 * the device will detach itself from the bus and reattach later with a new 1996 * product Id (a la ezusb). XXX this could also be implemented in userland 1997 * through /dev/ugen. 1998 */ 1999 Static int 2000 uath_loadfirmware(struct uath_softc *sc, const u_char *fw, int len) 2001 { 2002 usbd_xfer_handle ctlxfer, txxfer, rxxfer; 2003 struct uath_fwblock *txblock, *rxblock; 2004 uint8_t *txdata; 2005 int error = 0; 2006 2007 if ((ctlxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2008 printf("%s: could not allocate Tx control xfer\n", 2009 USBDEVNAME(sc->sc_dev)); 2010 error = USBD_NOMEM; 2011 goto fail1; 2012 } 2013 txblock = usbd_alloc_buffer(ctlxfer, sizeof (struct uath_fwblock)); 2014 if (txblock == NULL) { 2015 printf("%s: could not allocate Tx control block\n", 2016 USBDEVNAME(sc->sc_dev)); 2017 error = USBD_NOMEM; 2018 goto fail2; 2019 } 2020 2021 if ((txxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2022 printf("%s: could not allocate Tx xfer\n", 2023 USBDEVNAME(sc->sc_dev)); 2024 error = USBD_NOMEM; 2025 goto fail2; 2026 } 2027 txdata = usbd_alloc_buffer(txxfer, UATH_MAX_FWBLOCK_SIZE); 2028 if (txdata == NULL) { 2029 printf("%s: could not allocate Tx buffer\n", 2030 USBDEVNAME(sc->sc_dev)); 2031 error = USBD_NOMEM; 2032 goto fail3; 2033 } 2034 2035 if ((rxxfer = usbd_alloc_xfer(sc->sc_udev)) == NULL) { 2036 printf("%s: could not allocate Rx control xfer\n", 2037 USBDEVNAME(sc->sc_dev)); 2038 error = USBD_NOMEM; 2039 goto fail3; 2040 } 2041 rxblock = usbd_alloc_buffer(rxxfer, sizeof (struct uath_fwblock)); 2042 if (rxblock == NULL) { 2043 printf("%s: could not allocate Rx control block\n", 2044 USBDEVNAME(sc->sc_dev)); 2045 error = USBD_NOMEM; 2046 goto fail4; 2047 } 2048 2049 bzero(txblock, sizeof (struct uath_fwblock)); 2050 txblock->flags = htobe32(UATH_WRITE_BLOCK); 2051 txblock->total = htobe32(len); 2052 2053 while (len > 0) { 2054 int mlen = min(len, UATH_MAX_FWBLOCK_SIZE); 2055 2056 txblock->remain = htobe32(len - mlen); 2057 txblock->len = htobe32(mlen); 2058 2059 DPRINTF(("sending firmware block: %d bytes remaining\n", 2060 len - mlen)); 2061 2062 /* send firmware block meta-data */ 2063 usbd_setup_xfer(ctlxfer, sc->cmd_tx_pipe, sc, txblock, 2064 sizeof (struct uath_fwblock), USBD_NO_COPY, 2065 UATH_CMD_TIMEOUT, NULL); 2066 if ((error = usbd_sync_transfer(ctlxfer)) != 0) { 2067 printf("%s: could not send firmware block info\n", 2068 USBDEVNAME(sc->sc_dev)); 2069 break; 2070 } 2071 2072 /* send firmware block data */ 2073 bcopy(fw, txdata, mlen); 2074 usbd_setup_xfer(txxfer, sc->data_tx_pipe, sc, txdata, mlen, 2075 USBD_NO_COPY, UATH_DATA_TIMEOUT, NULL); 2076 if ((error = usbd_sync_transfer(txxfer)) != 0) { 2077 printf("%s: could not send firmware block data\n", 2078 USBDEVNAME(sc->sc_dev)); 2079 break; 2080 } 2081 2082 /* wait for ack from firmware */ 2083 usbd_setup_xfer(rxxfer, sc->cmd_rx_pipe, sc, rxblock, 2084 sizeof (struct uath_fwblock), USBD_SHORT_XFER_OK | 2085 USBD_NO_COPY, UATH_CMD_TIMEOUT, NULL); 2086 if ((error = usbd_sync_transfer(rxxfer)) != 0) { 2087 printf("%s: could not read firmware answer\n", 2088 USBDEVNAME(sc->sc_dev)); 2089 break; 2090 } 2091 2092 DPRINTFN(2, ("rxblock flags=0x%x total=%d\n", 2093 betoh32(rxblock->flags), betoh32(rxblock->rxtotal))); 2094 fw += mlen; 2095 len -= mlen; 2096 } 2097 2098 fail4: usbd_free_xfer(rxxfer); 2099 fail3: usbd_free_xfer(txxfer); 2100 fail2: usbd_free_xfer(ctlxfer); 2101 fail1: return error; 2102 } 2103 2104 Static int 2105 uath_activate(device_ptr_t self, enum devact act) 2106 { 2107 switch (act) { 2108 case DVACT_ACTIVATE: 2109 break; 2110 2111 case DVACT_DEACTIVATE: 2112 /*if_deactivate(&sc->sc_ic.ic_if);*/ 2113 break; 2114 } 2115 return 0; 2116 } 2117